AWS SDK for C++  1.8.96
AWS SDK for C++
Public Member Functions | Protected Member Functions | List of all members
Aws::IAM::Model::SimulatePrincipalPolicyRequest Class Reference

#include <SimulatePrincipalPolicyRequest.h>

+ Inheritance diagram for Aws::IAM::Model::SimulatePrincipalPolicyRequest:

Public Member Functions

 SimulatePrincipalPolicyRequest ()
 
virtual const char * GetServiceRequestName () const override
 
Aws::String SerializePayload () const override
 
const Aws::StringGetPolicySourceArn () const
 
bool PolicySourceArnHasBeenSet () const
 
void SetPolicySourceArn (const Aws::String &value)
 
void SetPolicySourceArn (Aws::String &&value)
 
void SetPolicySourceArn (const char *value)
 
SimulatePrincipalPolicyRequestWithPolicySourceArn (const Aws::String &value)
 
SimulatePrincipalPolicyRequestWithPolicySourceArn (Aws::String &&value)
 
SimulatePrincipalPolicyRequestWithPolicySourceArn (const char *value)
 
const Aws::Vector< Aws::String > & GetPolicyInputList () const
 
bool PolicyInputListHasBeenSet () const
 
void SetPolicyInputList (const Aws::Vector< Aws::String > &value)
 
void SetPolicyInputList (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestWithPolicyInputList (const Aws::Vector< Aws::String > &value)
 
SimulatePrincipalPolicyRequestWithPolicyInputList (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestAddPolicyInputList (const Aws::String &value)
 
SimulatePrincipalPolicyRequestAddPolicyInputList (Aws::String &&value)
 
SimulatePrincipalPolicyRequestAddPolicyInputList (const char *value)
 
const Aws::Vector< Aws::String > & GetPermissionsBoundaryPolicyInputList () const
 
bool PermissionsBoundaryPolicyInputListHasBeenSet () const
 
void SetPermissionsBoundaryPolicyInputList (const Aws::Vector< Aws::String > &value)
 
void SetPermissionsBoundaryPolicyInputList (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestWithPermissionsBoundaryPolicyInputList (const Aws::Vector< Aws::String > &value)
 
SimulatePrincipalPolicyRequestWithPermissionsBoundaryPolicyInputList (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestAddPermissionsBoundaryPolicyInputList (const Aws::String &value)
 
SimulatePrincipalPolicyRequestAddPermissionsBoundaryPolicyInputList (Aws::String &&value)
 
SimulatePrincipalPolicyRequestAddPermissionsBoundaryPolicyInputList (const char *value)
 
const Aws::Vector< Aws::String > & GetActionNames () const
 
bool ActionNamesHasBeenSet () const
 
void SetActionNames (const Aws::Vector< Aws::String > &value)
 
void SetActionNames (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestWithActionNames (const Aws::Vector< Aws::String > &value)
 
SimulatePrincipalPolicyRequestWithActionNames (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestAddActionNames (const Aws::String &value)
 
SimulatePrincipalPolicyRequestAddActionNames (Aws::String &&value)
 
SimulatePrincipalPolicyRequestAddActionNames (const char *value)
 
const Aws::Vector< Aws::String > & GetResourceArns () const
 
bool ResourceArnsHasBeenSet () const
 
void SetResourceArns (const Aws::Vector< Aws::String > &value)
 
void SetResourceArns (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestWithResourceArns (const Aws::Vector< Aws::String > &value)
 
SimulatePrincipalPolicyRequestWithResourceArns (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestAddResourceArns (const Aws::String &value)
 
SimulatePrincipalPolicyRequestAddResourceArns (Aws::String &&value)
 
SimulatePrincipalPolicyRequestAddResourceArns (const char *value)
 
const Aws::StringGetResourcePolicy () const
 
bool ResourcePolicyHasBeenSet () const
 
void SetResourcePolicy (const Aws::String &value)
 
void SetResourcePolicy (Aws::String &&value)
 
void SetResourcePolicy (const char *value)
 
SimulatePrincipalPolicyRequestWithResourcePolicy (const Aws::String &value)
 
SimulatePrincipalPolicyRequestWithResourcePolicy (Aws::String &&value)
 
SimulatePrincipalPolicyRequestWithResourcePolicy (const char *value)
 
const Aws::StringGetResourceOwner () const
 
bool ResourceOwnerHasBeenSet () const
 
void SetResourceOwner (const Aws::String &value)
 
void SetResourceOwner (Aws::String &&value)
 
void SetResourceOwner (const char *value)
 
SimulatePrincipalPolicyRequestWithResourceOwner (const Aws::String &value)
 
SimulatePrincipalPolicyRequestWithResourceOwner (Aws::String &&value)
 
SimulatePrincipalPolicyRequestWithResourceOwner (const char *value)
 
const Aws::StringGetCallerArn () const
 
bool CallerArnHasBeenSet () const
 
void SetCallerArn (const Aws::String &value)
 
void SetCallerArn (Aws::String &&value)
 
void SetCallerArn (const char *value)
 
SimulatePrincipalPolicyRequestWithCallerArn (const Aws::String &value)
 
SimulatePrincipalPolicyRequestWithCallerArn (Aws::String &&value)
 
SimulatePrincipalPolicyRequestWithCallerArn (const char *value)
 
const Aws::Vector< ContextEntry > & GetContextEntries () const
 
bool ContextEntriesHasBeenSet () const
 
void SetContextEntries (const Aws::Vector< ContextEntry > &value)
 
void SetContextEntries (Aws::Vector< ContextEntry > &&value)
 
SimulatePrincipalPolicyRequestWithContextEntries (const Aws::Vector< ContextEntry > &value)
 
SimulatePrincipalPolicyRequestWithContextEntries (Aws::Vector< ContextEntry > &&value)
 
SimulatePrincipalPolicyRequestAddContextEntries (const ContextEntry &value)
 
SimulatePrincipalPolicyRequestAddContextEntries (ContextEntry &&value)
 
const Aws::StringGetResourceHandlingOption () const
 
bool ResourceHandlingOptionHasBeenSet () const
 
void SetResourceHandlingOption (const Aws::String &value)
 
void SetResourceHandlingOption (Aws::String &&value)
 
void SetResourceHandlingOption (const char *value)
 
SimulatePrincipalPolicyRequestWithResourceHandlingOption (const Aws::String &value)
 
SimulatePrincipalPolicyRequestWithResourceHandlingOption (Aws::String &&value)
 
SimulatePrincipalPolicyRequestWithResourceHandlingOption (const char *value)
 
int GetMaxItems () const
 
bool MaxItemsHasBeenSet () const
 
void SetMaxItems (int value)
 
SimulatePrincipalPolicyRequestWithMaxItems (int value)
 
const Aws::StringGetMarker () const
 
bool MarkerHasBeenSet () const
 
void SetMarker (const Aws::String &value)
 
void SetMarker (Aws::String &&value)
 
void SetMarker (const char *value)
 
SimulatePrincipalPolicyRequestWithMarker (const Aws::String &value)
 
SimulatePrincipalPolicyRequestWithMarker (Aws::String &&value)
 
SimulatePrincipalPolicyRequestWithMarker (const char *value)
 
- Public Member Functions inherited from Aws::IAM::IAMRequest
virtual ~IAMRequest ()
 
void AddParametersToRequest (Aws::Http::HttpRequest &httpRequest) const
 
Aws::Http::HeaderValueCollection GetHeaders () const override
 
- Public Member Functions inherited from Aws::AmazonSerializableWebServiceRequest
 AmazonSerializableWebServiceRequest ()
 
virtual ~AmazonSerializableWebServiceRequest ()
 
std::shared_ptr< Aws::IOStreamGetBody () const override
 
- Public Member Functions inherited from Aws::AmazonWebServiceRequest
 AmazonWebServiceRequest ()
 
virtual ~AmazonWebServiceRequest ()=default
 
virtual void AddQueryStringParameters (Aws::Http::URI &uri) const
 
virtual void PutToPresignedUrl (Aws::Http::URI &uri) const
 
virtual bool IsStreaming () const
 
virtual bool IsEventStreamRequest () const
 
virtual bool SignBody () const
 
virtual bool IsChunked () const
 
virtual void SetRequestSignedHandler (const RequestSignedHandler &handler)
 
virtual const RequestSignedHandlerGetRequestSignedHandler () const
 
const Aws::IOStreamFactoryGetResponseStreamFactory () const
 
void SetResponseStreamFactory (const Aws::IOStreamFactory &factory)
 
virtual void SetDataReceivedEventHandler (const Aws::Http::DataReceivedEventHandler &dataReceivedEventHandler)
 
virtual void SetDataSentEventHandler (const Aws::Http::DataSentEventHandler &dataSentEventHandler)
 
virtual void SetContinueRequestHandler (const Aws::Http::ContinueRequestHandler &continueRequestHandler)
 
virtual void SetDataReceivedEventHandler (Aws::Http::DataReceivedEventHandler &&dataReceivedEventHandler)
 
virtual void SetDataSentEventHandler (Aws::Http::DataSentEventHandler &&dataSentEventHandler)
 
virtual void SetContinueRequestHandler (Aws::Http::ContinueRequestHandler &&continueRequestHandler)
 
virtual void SetRequestRetryHandler (const RequestRetryHandler &handler)
 
virtual void SetRequestRetryHandler (RequestRetryHandler &&handler)
 
virtual const Aws::Http::DataReceivedEventHandlerGetDataReceivedEventHandler () const
 
virtual const Aws::Http::DataSentEventHandlerGetDataSentEventHandler () const
 
virtual const Aws::Http::ContinueRequestHandlerGetContinueRequestHandler () const
 
virtual const RequestRetryHandlerGetRequestRetryHandler () const
 
virtual bool ShouldComputeContentMd5 () const
 

Protected Member Functions

void DumpBodyToUrl (Aws::Http::URI &uri) const override
 
- Protected Member Functions inherited from Aws::IAM::IAMRequest
virtual Aws::Http::HeaderValueCollection GetRequestSpecificHeaders () const
 

Detailed Description

Definition at line 23 of file SimulatePrincipalPolicyRequest.h.

Constructor & Destructor Documentation

◆ SimulatePrincipalPolicyRequest()

Aws::IAM::Model::SimulatePrincipalPolicyRequest::SimulatePrincipalPolicyRequest ( )

Member Function Documentation

◆ ActionNamesHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::ActionNamesHasBeenSet ( ) const
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 494 of file SimulatePrincipalPolicyRequest.h.

◆ AddActionNames() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddActionNames ( const Aws::String value)
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 529 of file SimulatePrincipalPolicyRequest.h.

◆ AddActionNames() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddActionNames ( Aws::String &&  value)
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 536 of file SimulatePrincipalPolicyRequest.h.

◆ AddActionNames() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddActionNames ( const char *  value)
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 543 of file SimulatePrincipalPolicyRequest.h.

◆ AddContextEntries() [1/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddContextEntries ( const ContextEntry value)
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1149 of file SimulatePrincipalPolicyRequest.h.

◆ AddContextEntries() [2/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddContextEntries ( ContextEntry &&  value)
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1156 of file SimulatePrincipalPolicyRequest.h.

◆ AddPermissionsBoundaryPolicyInputList() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddPermissionsBoundaryPolicyInputList ( const Aws::String value)
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions Boundaries for IAM Entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 431 of file SimulatePrincipalPolicyRequest.h.

◆ AddPermissionsBoundaryPolicyInputList() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddPermissionsBoundaryPolicyInputList ( Aws::String &&  value)
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions Boundaries for IAM Entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 455 of file SimulatePrincipalPolicyRequest.h.

◆ AddPermissionsBoundaryPolicyInputList() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddPermissionsBoundaryPolicyInputList ( const char *  value)
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions Boundaries for IAM Entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 479 of file SimulatePrincipalPolicyRequest.h.

◆ AddPolicyInputList() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddPolicyInputList ( const Aws::String value)
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 234 of file SimulatePrincipalPolicyRequest.h.

◆ AddPolicyInputList() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddPolicyInputList ( Aws::String &&  value)
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 248 of file SimulatePrincipalPolicyRequest.h.

◆ AddPolicyInputList() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddPolicyInputList ( const char *  value)
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 262 of file SimulatePrincipalPolicyRequest.h.

◆ AddResourceArns() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddResourceArns ( const Aws::String value)
inline

A list of ARNs of AWS resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 656 of file SimulatePrincipalPolicyRequest.h.

◆ AddResourceArns() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddResourceArns ( Aws::String &&  value)
inline

A list of ARNs of AWS resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 672 of file SimulatePrincipalPolicyRequest.h.

◆ AddResourceArns() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddResourceArns ( const char *  value)
inline

A list of ARNs of AWS resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 688 of file SimulatePrincipalPolicyRequest.h.

◆ CallerArnHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::CallerArnHasBeenSet ( ) const
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 967 of file SimulatePrincipalPolicyRequest.h.

◆ ContextEntriesHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::ContextEntriesHasBeenSet ( ) const
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1114 of file SimulatePrincipalPolicyRequest.h.

◆ DumpBodyToUrl()

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::DumpBodyToUrl ( Aws::Http::URI uri) const
overrideprotectedvirtual

Default does nothing. Override this to convert what would otherwise be the payload of the request to a query string format.

Reimplemented from Aws::AmazonWebServiceRequest.

◆ GetActionNames()

const Aws::Vector<Aws::String>& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetActionNames ( ) const
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 487 of file SimulatePrincipalPolicyRequest.h.

◆ GetCallerArn()

const Aws::String& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetCallerArn ( ) const
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 945 of file SimulatePrincipalPolicyRequest.h.

◆ GetContextEntries()

const Aws::Vector<ContextEntry>& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetContextEntries ( ) const
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1107 of file SimulatePrincipalPolicyRequest.h.

◆ GetMarker()

const Aws::String& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetMarker ( ) const
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1439 of file SimulatePrincipalPolicyRequest.h.

◆ GetMaxItems()

int Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetMaxItems ( ) const
inline

Use this only when paginating results to indicate the maximum number of items you want in the response. If additional items exist beyond the maximum you specify, the IsTruncated response element is true.

If you do not include this parameter, the number of items defaults to 100. Note that IAM might return fewer results, even when there are more results available. In that case, the IsTruncated response element returns true, and Marker contains a value to include in the subsequent call that tells the service where to continue from.

Definition at line 1394 of file SimulatePrincipalPolicyRequest.h.

◆ GetPermissionsBoundaryPolicyInputList()

const Aws::Vector<Aws::String>& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetPermissionsBoundaryPolicyInputList ( ) const
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions Boundaries for IAM Entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 287 of file SimulatePrincipalPolicyRequest.h.

◆ GetPolicyInputList()

const Aws::Vector<Aws::String>& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetPolicyInputList ( ) const
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 150 of file SimulatePrincipalPolicyRequest.h.

◆ GetPolicySourceArn()

const Aws::String& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetPolicySourceArn ( ) const
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 51 of file SimulatePrincipalPolicyRequest.h.

◆ GetResourceArns()

const Aws::Vector<Aws::String>& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetResourceArns ( ) const
inline

A list of ARNs of AWS resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 560 of file SimulatePrincipalPolicyRequest.h.

◆ GetResourceHandlingOption()

const Aws::String& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetResourceHandlingOption ( ) const
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported Platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1185 of file SimulatePrincipalPolicyRequest.h.

◆ GetResourceOwner()

const Aws::String& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetResourceOwner ( ) const
inline

An AWS account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 824 of file SimulatePrincipalPolicyRequest.h.

◆ GetResourcePolicy()

const Aws::String& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetResourcePolicy ( ) const
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 704 of file SimulatePrincipalPolicyRequest.h.

◆ GetServiceRequestName()

virtual const char* Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetServiceRequestName ( ) const
inlineoverridevirtual

Implements Aws::AmazonWebServiceRequest.

Definition at line 32 of file SimulatePrincipalPolicyRequest.h.

◆ MarkerHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::MarkerHasBeenSet ( ) const
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1447 of file SimulatePrincipalPolicyRequest.h.

◆ MaxItemsHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::MaxItemsHasBeenSet ( ) const
inline

Use this only when paginating results to indicate the maximum number of items you want in the response. If additional items exist beyond the maximum you specify, the IsTruncated response element is true.

If you do not include this parameter, the number of items defaults to 100. Note that IAM might return fewer results, even when there are more results available. In that case, the IsTruncated response element returns true, and Marker contains a value to include in the subsequent call that tells the service where to continue from.

Definition at line 1406 of file SimulatePrincipalPolicyRequest.h.

◆ PermissionsBoundaryPolicyInputListHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::PermissionsBoundaryPolicyInputListHasBeenSet ( ) const
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions Boundaries for IAM Entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 311 of file SimulatePrincipalPolicyRequest.h.

◆ PolicyInputListHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::PolicyInputListHasBeenSet ( ) const
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 164 of file SimulatePrincipalPolicyRequest.h.

◆ PolicySourceArnHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::PolicySourceArnHasBeenSet ( ) const
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 63 of file SimulatePrincipalPolicyRequest.h.

◆ ResourceArnsHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::ResourceArnsHasBeenSet ( ) const
inline

A list of ARNs of AWS resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 576 of file SimulatePrincipalPolicyRequest.h.

◆ ResourceHandlingOptionHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::ResourceHandlingOptionHasBeenSet ( ) const
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported Platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1213 of file SimulatePrincipalPolicyRequest.h.

◆ ResourceOwnerHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::ResourceOwnerHasBeenSet ( ) const
inline

An AWS account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 838 of file SimulatePrincipalPolicyRequest.h.

◆ ResourcePolicyHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::ResourcePolicyHasBeenSet ( ) const
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 719 of file SimulatePrincipalPolicyRequest.h.

◆ SerializePayload()

Aws::String Aws::IAM::Model::SimulatePrincipalPolicyRequest::SerializePayload ( ) const
overridevirtual

Convert payload into String.

Implements Aws::AmazonSerializableWebServiceRequest.

◆ SetActionNames() [1/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetActionNames ( const Aws::Vector< Aws::String > &  value)
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 501 of file SimulatePrincipalPolicyRequest.h.

◆ SetActionNames() [2/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetActionNames ( Aws::Vector< Aws::String > &&  value)
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 508 of file SimulatePrincipalPolicyRequest.h.

◆ SetCallerArn() [1/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetCallerArn ( const Aws::String value)
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 989 of file SimulatePrincipalPolicyRequest.h.

◆ SetCallerArn() [2/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetCallerArn ( Aws::String &&  value)
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 1011 of file SimulatePrincipalPolicyRequest.h.

◆ SetCallerArn() [3/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetCallerArn ( const char *  value)
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 1033 of file SimulatePrincipalPolicyRequest.h.

◆ SetContextEntries() [1/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetContextEntries ( const Aws::Vector< ContextEntry > &  value)
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1121 of file SimulatePrincipalPolicyRequest.h.

◆ SetContextEntries() [2/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetContextEntries ( Aws::Vector< ContextEntry > &&  value)
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1128 of file SimulatePrincipalPolicyRequest.h.

◆ SetMarker() [1/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetMarker ( const Aws::String value)
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1455 of file SimulatePrincipalPolicyRequest.h.

◆ SetMarker() [2/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetMarker ( Aws::String &&  value)
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1463 of file SimulatePrincipalPolicyRequest.h.

◆ SetMarker() [3/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetMarker ( const char *  value)
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1471 of file SimulatePrincipalPolicyRequest.h.

◆ SetMaxItems()

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetMaxItems ( int  value)
inline

Use this only when paginating results to indicate the maximum number of items you want in the response. If additional items exist beyond the maximum you specify, the IsTruncated response element is true.

If you do not include this parameter, the number of items defaults to 100. Note that IAM might return fewer results, even when there are more results available. In that case, the IsTruncated response element returns true, and Marker contains a value to include in the subsequent call that tells the service where to continue from.

Definition at line 1418 of file SimulatePrincipalPolicyRequest.h.

◆ SetPermissionsBoundaryPolicyInputList() [1/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetPermissionsBoundaryPolicyInputList ( const Aws::Vector< Aws::String > &  value)
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions Boundaries for IAM Entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 335 of file SimulatePrincipalPolicyRequest.h.

◆ SetPermissionsBoundaryPolicyInputList() [2/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetPermissionsBoundaryPolicyInputList ( Aws::Vector< Aws::String > &&  value)
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions Boundaries for IAM Entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 359 of file SimulatePrincipalPolicyRequest.h.

◆ SetPolicyInputList() [1/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetPolicyInputList ( const Aws::Vector< Aws::String > &  value)
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 178 of file SimulatePrincipalPolicyRequest.h.

◆ SetPolicyInputList() [2/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetPolicyInputList ( Aws::Vector< Aws::String > &&  value)
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 192 of file SimulatePrincipalPolicyRequest.h.

◆ SetPolicySourceArn() [1/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetPolicySourceArn ( const Aws::String value)
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 75 of file SimulatePrincipalPolicyRequest.h.

◆ SetPolicySourceArn() [2/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetPolicySourceArn ( Aws::String &&  value)
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 87 of file SimulatePrincipalPolicyRequest.h.

◆ SetPolicySourceArn() [3/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetPolicySourceArn ( const char *  value)
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 99 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceArns() [1/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceArns ( const Aws::Vector< Aws::String > &  value)
inline

A list of ARNs of AWS resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 592 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceArns() [2/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceArns ( Aws::Vector< Aws::String > &&  value)
inline

A list of ARNs of AWS resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 608 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceHandlingOption() [1/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceHandlingOption ( const Aws::String value)
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported Platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1241 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceHandlingOption() [2/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceHandlingOption ( Aws::String &&  value)
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported Platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1269 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceHandlingOption() [3/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceHandlingOption ( const char *  value)
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported Platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1297 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceOwner() [1/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceOwner ( const Aws::String value)
inline

An AWS account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 852 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceOwner() [2/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceOwner ( Aws::String &&  value)
inline

An AWS account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 866 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceOwner() [3/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceOwner ( const char *  value)
inline

An AWS account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 880 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourcePolicy() [1/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourcePolicy ( const Aws::String value)
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 734 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourcePolicy() [2/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourcePolicy ( Aws::String &&  value)
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 749 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourcePolicy() [3/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourcePolicy ( const char *  value)
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 764 of file SimulatePrincipalPolicyRequest.h.

◆ WithActionNames() [1/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithActionNames ( const Aws::Vector< Aws::String > &  value)
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 515 of file SimulatePrincipalPolicyRequest.h.

◆ WithActionNames() [2/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithActionNames ( Aws::Vector< Aws::String > &&  value)
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 522 of file SimulatePrincipalPolicyRequest.h.

◆ WithCallerArn() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithCallerArn ( const Aws::String value)
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 1055 of file SimulatePrincipalPolicyRequest.h.

◆ WithCallerArn() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithCallerArn ( Aws::String &&  value)
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 1077 of file SimulatePrincipalPolicyRequest.h.

◆ WithCallerArn() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithCallerArn ( const char *  value)
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 1099 of file SimulatePrincipalPolicyRequest.h.

◆ WithContextEntries() [1/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithContextEntries ( const Aws::Vector< ContextEntry > &  value)
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1135 of file SimulatePrincipalPolicyRequest.h.

◆ WithContextEntries() [2/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithContextEntries ( Aws::Vector< ContextEntry > &&  value)
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1142 of file SimulatePrincipalPolicyRequest.h.

◆ WithMarker() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithMarker ( const Aws::String value)
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1479 of file SimulatePrincipalPolicyRequest.h.

◆ WithMarker() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithMarker ( Aws::String &&  value)
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1487 of file SimulatePrincipalPolicyRequest.h.

◆ WithMarker() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithMarker ( const char *  value)
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1495 of file SimulatePrincipalPolicyRequest.h.

◆ WithMaxItems()

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithMaxItems ( int  value)
inline

Use this only when paginating results to indicate the maximum number of items you want in the response. If additional items exist beyond the maximum you specify, the IsTruncated response element is true.

If you do not include this parameter, the number of items defaults to 100. Note that IAM might return fewer results, even when there are more results available. In that case, the IsTruncated response element returns true, and Marker contains a value to include in the subsequent call that tells the service where to continue from.

Definition at line 1430 of file SimulatePrincipalPolicyRequest.h.

◆ WithPermissionsBoundaryPolicyInputList() [1/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithPermissionsBoundaryPolicyInputList ( const Aws::Vector< Aws::String > &  value)
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions Boundaries for IAM Entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 383 of file SimulatePrincipalPolicyRequest.h.

◆ WithPermissionsBoundaryPolicyInputList() [2/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithPermissionsBoundaryPolicyInputList ( Aws::Vector< Aws::String > &&  value)
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions Boundaries for IAM Entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 407 of file SimulatePrincipalPolicyRequest.h.

◆ WithPolicyInputList() [1/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithPolicyInputList ( const Aws::Vector< Aws::String > &  value)
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 206 of file SimulatePrincipalPolicyRequest.h.

◆ WithPolicyInputList() [2/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithPolicyInputList ( Aws::Vector< Aws::String > &&  value)
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 220 of file SimulatePrincipalPolicyRequest.h.

◆ WithPolicySourceArn() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithPolicySourceArn ( const Aws::String value)
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 111 of file SimulatePrincipalPolicyRequest.h.

◆ WithPolicySourceArn() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithPolicySourceArn ( Aws::String &&  value)
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 123 of file SimulatePrincipalPolicyRequest.h.

◆ WithPolicySourceArn() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithPolicySourceArn ( const char *  value)
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 135 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceArns() [1/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceArns ( const Aws::Vector< Aws::String > &  value)
inline

A list of ARNs of AWS resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 624 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceArns() [2/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceArns ( Aws::Vector< Aws::String > &&  value)
inline

A list of ARNs of AWS resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.

Definition at line 640 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceHandlingOption() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceHandlingOption ( const Aws::String value)
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported Platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1325 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceHandlingOption() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceHandlingOption ( Aws::String &&  value)
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported Platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1353 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceHandlingOption() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceHandlingOption ( const char *  value)
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported Platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1381 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceOwner() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceOwner ( const Aws::String value)
inline

An AWS account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 894 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceOwner() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceOwner ( Aws::String &&  value)
inline

An AWS account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 908 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceOwner() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceOwner ( const char *  value)
inline

An AWS account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 922 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourcePolicy() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourcePolicy ( const Aws::String value)
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 779 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourcePolicy() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourcePolicy ( Aws::String &&  value)
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 794 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourcePolicy() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourcePolicy ( const char *  value)
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character () through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through )

  • The special characters tab (), line feed (), and carriage return ()

Definition at line 809 of file SimulatePrincipalPolicyRequest.h.


The documentation for this class was generated from the following file: