AWS SDK for C++  1.9.124
AWS SDK for C++
Public Member Functions | Protected Member Functions | List of all members
Aws::IAM::Model::SimulatePrincipalPolicyRequest Class Reference

#include <SimulatePrincipalPolicyRequest.h>

+ Inheritance diagram for Aws::IAM::Model::SimulatePrincipalPolicyRequest:

Public Member Functions

 SimulatePrincipalPolicyRequest ()
 
virtual const char * GetServiceRequestName () const override
 
Aws::String SerializePayload () const override
 
const Aws::StringGetPolicySourceArn () const
 
bool PolicySourceArnHasBeenSet () const
 
void SetPolicySourceArn (const Aws::String &value)
 
void SetPolicySourceArn (Aws::String &&value)
 
void SetPolicySourceArn (const char *value)
 
SimulatePrincipalPolicyRequestWithPolicySourceArn (const Aws::String &value)
 
SimulatePrincipalPolicyRequestWithPolicySourceArn (Aws::String &&value)
 
SimulatePrincipalPolicyRequestWithPolicySourceArn (const char *value)
 
const Aws::Vector< Aws::String > & GetPolicyInputList () const
 
bool PolicyInputListHasBeenSet () const
 
void SetPolicyInputList (const Aws::Vector< Aws::String > &value)
 
void SetPolicyInputList (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestWithPolicyInputList (const Aws::Vector< Aws::String > &value)
 
SimulatePrincipalPolicyRequestWithPolicyInputList (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestAddPolicyInputList (const Aws::String &value)
 
SimulatePrincipalPolicyRequestAddPolicyInputList (Aws::String &&value)
 
SimulatePrincipalPolicyRequestAddPolicyInputList (const char *value)
 
const Aws::Vector< Aws::String > & GetPermissionsBoundaryPolicyInputList () const
 
bool PermissionsBoundaryPolicyInputListHasBeenSet () const
 
void SetPermissionsBoundaryPolicyInputList (const Aws::Vector< Aws::String > &value)
 
void SetPermissionsBoundaryPolicyInputList (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestWithPermissionsBoundaryPolicyInputList (const Aws::Vector< Aws::String > &value)
 
SimulatePrincipalPolicyRequestWithPermissionsBoundaryPolicyInputList (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestAddPermissionsBoundaryPolicyInputList (const Aws::String &value)
 
SimulatePrincipalPolicyRequestAddPermissionsBoundaryPolicyInputList (Aws::String &&value)
 
SimulatePrincipalPolicyRequestAddPermissionsBoundaryPolicyInputList (const char *value)
 
const Aws::Vector< Aws::String > & GetActionNames () const
 
bool ActionNamesHasBeenSet () const
 
void SetActionNames (const Aws::Vector< Aws::String > &value)
 
void SetActionNames (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestWithActionNames (const Aws::Vector< Aws::String > &value)
 
SimulatePrincipalPolicyRequestWithActionNames (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestAddActionNames (const Aws::String &value)
 
SimulatePrincipalPolicyRequestAddActionNames (Aws::String &&value)
 
SimulatePrincipalPolicyRequestAddActionNames (const char *value)
 
const Aws::Vector< Aws::String > & GetResourceArns () const
 
bool ResourceArnsHasBeenSet () const
 
void SetResourceArns (const Aws::Vector< Aws::String > &value)
 
void SetResourceArns (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestWithResourceArns (const Aws::Vector< Aws::String > &value)
 
SimulatePrincipalPolicyRequestWithResourceArns (Aws::Vector< Aws::String > &&value)
 
SimulatePrincipalPolicyRequestAddResourceArns (const Aws::String &value)
 
SimulatePrincipalPolicyRequestAddResourceArns (Aws::String &&value)
 
SimulatePrincipalPolicyRequestAddResourceArns (const char *value)
 
const Aws::StringGetResourcePolicy () const
 
bool ResourcePolicyHasBeenSet () const
 
void SetResourcePolicy (const Aws::String &value)
 
void SetResourcePolicy (Aws::String &&value)
 
void SetResourcePolicy (const char *value)
 
SimulatePrincipalPolicyRequestWithResourcePolicy (const Aws::String &value)
 
SimulatePrincipalPolicyRequestWithResourcePolicy (Aws::String &&value)
 
SimulatePrincipalPolicyRequestWithResourcePolicy (const char *value)
 
const Aws::StringGetResourceOwner () const
 
bool ResourceOwnerHasBeenSet () const
 
void SetResourceOwner (const Aws::String &value)
 
void SetResourceOwner (Aws::String &&value)
 
void SetResourceOwner (const char *value)
 
SimulatePrincipalPolicyRequestWithResourceOwner (const Aws::String &value)
 
SimulatePrincipalPolicyRequestWithResourceOwner (Aws::String &&value)
 
SimulatePrincipalPolicyRequestWithResourceOwner (const char *value)
 
const Aws::StringGetCallerArn () const
 
bool CallerArnHasBeenSet () const
 
void SetCallerArn (const Aws::String &value)
 
void SetCallerArn (Aws::String &&value)
 
void SetCallerArn (const char *value)
 
SimulatePrincipalPolicyRequestWithCallerArn (const Aws::String &value)
 
SimulatePrincipalPolicyRequestWithCallerArn (Aws::String &&value)
 
SimulatePrincipalPolicyRequestWithCallerArn (const char *value)
 
const Aws::Vector< ContextEntry > & GetContextEntries () const
 
bool ContextEntriesHasBeenSet () const
 
void SetContextEntries (const Aws::Vector< ContextEntry > &value)
 
void SetContextEntries (Aws::Vector< ContextEntry > &&value)
 
SimulatePrincipalPolicyRequestWithContextEntries (const Aws::Vector< ContextEntry > &value)
 
SimulatePrincipalPolicyRequestWithContextEntries (Aws::Vector< ContextEntry > &&value)
 
SimulatePrincipalPolicyRequestAddContextEntries (const ContextEntry &value)
 
SimulatePrincipalPolicyRequestAddContextEntries (ContextEntry &&value)
 
const Aws::StringGetResourceHandlingOption () const
 
bool ResourceHandlingOptionHasBeenSet () const
 
void SetResourceHandlingOption (const Aws::String &value)
 
void SetResourceHandlingOption (Aws::String &&value)
 
void SetResourceHandlingOption (const char *value)
 
SimulatePrincipalPolicyRequestWithResourceHandlingOption (const Aws::String &value)
 
SimulatePrincipalPolicyRequestWithResourceHandlingOption (Aws::String &&value)
 
SimulatePrincipalPolicyRequestWithResourceHandlingOption (const char *value)
 
int GetMaxItems () const
 
bool MaxItemsHasBeenSet () const
 
void SetMaxItems (int value)
 
SimulatePrincipalPolicyRequestWithMaxItems (int value)
 
const Aws::StringGetMarker () const
 
bool MarkerHasBeenSet () const
 
void SetMarker (const Aws::String &value)
 
void SetMarker (Aws::String &&value)
 
void SetMarker (const char *value)
 
SimulatePrincipalPolicyRequestWithMarker (const Aws::String &value)
 
SimulatePrincipalPolicyRequestWithMarker (Aws::String &&value)
 
SimulatePrincipalPolicyRequestWithMarker (const char *value)
 
- Public Member Functions inherited from Aws::IAM::IAMRequest
virtual ~IAMRequest ()
 
void AddParametersToRequest (Aws::Http::HttpRequest &httpRequest) const
 
Aws::Http::HeaderValueCollection GetHeaders () const override
 
- Public Member Functions inherited from Aws::AmazonSerializableWebServiceRequest
 AmazonSerializableWebServiceRequest ()
 
virtual ~AmazonSerializableWebServiceRequest ()
 
std::shared_ptr< Aws::IOStreamGetBody () const override
 
- Public Member Functions inherited from Aws::AmazonWebServiceRequest
 AmazonWebServiceRequest ()
 
virtual ~AmazonWebServiceRequest ()=default
 
virtual void AddQueryStringParameters (Aws::Http::URI &uri) const
 
virtual void PutToPresignedUrl (Aws::Http::URI &uri) const
 
virtual bool IsStreaming () const
 
virtual bool IsEventStreamRequest () const
 
virtual bool SignBody () const
 
virtual bool IsChunked () const
 
virtual void SetRequestSignedHandler (const RequestSignedHandler &handler)
 
virtual const RequestSignedHandlerGetRequestSignedHandler () const
 
const Aws::IOStreamFactoryGetResponseStreamFactory () const
 
void SetResponseStreamFactory (const Aws::IOStreamFactory &factory)
 
virtual void SetDataReceivedEventHandler (const Aws::Http::DataReceivedEventHandler &dataReceivedEventHandler)
 
virtual void SetDataSentEventHandler (const Aws::Http::DataSentEventHandler &dataSentEventHandler)
 
virtual void SetContinueRequestHandler (const Aws::Http::ContinueRequestHandler &continueRequestHandler)
 
virtual void SetDataReceivedEventHandler (Aws::Http::DataReceivedEventHandler &&dataReceivedEventHandler)
 
virtual void SetDataSentEventHandler (Aws::Http::DataSentEventHandler &&dataSentEventHandler)
 
virtual void SetContinueRequestHandler (Aws::Http::ContinueRequestHandler &&continueRequestHandler)
 
virtual void SetRequestRetryHandler (const RequestRetryHandler &handler)
 
virtual void SetRequestRetryHandler (RequestRetryHandler &&handler)
 
virtual const Aws::Http::DataReceivedEventHandlerGetDataReceivedEventHandler () const
 
virtual const Aws::Http::DataSentEventHandlerGetDataSentEventHandler () const
 
virtual const Aws::Http::ContinueRequestHandlerGetContinueRequestHandler () const
 
virtual const RequestRetryHandlerGetRequestRetryHandler () const
 
virtual bool ShouldComputeContentMd5 () const
 

Protected Member Functions

void DumpBodyToUrl (Aws::Http::URI &uri) const override
 
- Protected Member Functions inherited from Aws::IAM::IAMRequest
virtual Aws::Http::HeaderValueCollection GetRequestSpecificHeaders () const
 

Detailed Description

Definition at line 23 of file SimulatePrincipalPolicyRequest.h.

Constructor & Destructor Documentation

◆ SimulatePrincipalPolicyRequest()

Aws::IAM::Model::SimulatePrincipalPolicyRequest::SimulatePrincipalPolicyRequest ( )

Member Function Documentation

◆ ActionNamesHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::ActionNamesHasBeenSet ( ) const
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 579 of file SimulatePrincipalPolicyRequest.h.

◆ AddActionNames() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddActionNames ( Aws::String &&  value)
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 621 of file SimulatePrincipalPolicyRequest.h.

◆ AddActionNames() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddActionNames ( const Aws::String value)
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 614 of file SimulatePrincipalPolicyRequest.h.

◆ AddActionNames() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddActionNames ( const char *  value)
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 628 of file SimulatePrincipalPolicyRequest.h.

◆ AddContextEntries() [1/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddContextEntries ( const ContextEntry value)
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1291 of file SimulatePrincipalPolicyRequest.h.

◆ AddContextEntries() [2/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddContextEntries ( ContextEntry &&  value)
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1298 of file SimulatePrincipalPolicyRequest.h.

◆ AddPermissionsBoundaryPolicyInputList() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddPermissionsBoundaryPolicyInputList ( Aws::String &&  value)
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions boundaries for IAM entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 535 of file SimulatePrincipalPolicyRequest.h.

◆ AddPermissionsBoundaryPolicyInputList() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddPermissionsBoundaryPolicyInputList ( const Aws::String value)
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions boundaries for IAM entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 506 of file SimulatePrincipalPolicyRequest.h.

◆ AddPermissionsBoundaryPolicyInputList() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddPermissionsBoundaryPolicyInputList ( const char *  value)
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions boundaries for IAM entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 564 of file SimulatePrincipalPolicyRequest.h.

◆ AddPolicyInputList() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddPolicyInputList ( Aws::String &&  value)
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 288 of file SimulatePrincipalPolicyRequest.h.

◆ AddPolicyInputList() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddPolicyInputList ( const Aws::String value)
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 274 of file SimulatePrincipalPolicyRequest.h.

◆ AddPolicyInputList() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddPolicyInputList ( const char *  value)
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 302 of file SimulatePrincipalPolicyRequest.h.

◆ AddResourceArns() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddResourceArns ( Aws::String &&  value)
inline

A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response. You can simulate resources that don't exist in your account.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 765 of file SimulatePrincipalPolicyRequest.h.

◆ AddResourceArns() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddResourceArns ( const Aws::String value)
inline

A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response. You can simulate resources that don't exist in your account.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 748 of file SimulatePrincipalPolicyRequest.h.

◆ AddResourceArns() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::AddResourceArns ( const char *  value)
inline

A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response. You can simulate resources that don't exist in your account.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 782 of file SimulatePrincipalPolicyRequest.h.

◆ CallerArnHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::CallerArnHasBeenSet ( ) const
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 1109 of file SimulatePrincipalPolicyRequest.h.

◆ ContextEntriesHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::ContextEntriesHasBeenSet ( ) const
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1256 of file SimulatePrincipalPolicyRequest.h.

◆ DumpBodyToUrl()

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::DumpBodyToUrl ( Aws::Http::URI uri) const
overrideprotectedvirtual

Default does nothing. Override this to convert what would otherwise be the payload of the request to a query string format.

Reimplemented from Aws::AmazonWebServiceRequest.

◆ GetActionNames()

const Aws::Vector<Aws::String>& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetActionNames ( ) const
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 572 of file SimulatePrincipalPolicyRequest.h.

◆ GetCallerArn()

const Aws::String& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetCallerArn ( ) const
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 1087 of file SimulatePrincipalPolicyRequest.h.

◆ GetContextEntries()

const Aws::Vector<ContextEntry>& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetContextEntries ( ) const
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1249 of file SimulatePrincipalPolicyRequest.h.

◆ GetMarker()

const Aws::String& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetMarker ( ) const
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1581 of file SimulatePrincipalPolicyRequest.h.

◆ GetMaxItems()

int Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetMaxItems ( ) const
inline

Use this only when paginating results to indicate the maximum number of items you want in the response. If additional items exist beyond the maximum you specify, the IsTruncated response element is true.

If you do not include this parameter, the number of items defaults to 100. Note that IAM might return fewer results, even when there are more results available. In that case, the IsTruncated response element returns true, and Marker contains a value to include in the subsequent call that tells the service where to continue from.

Definition at line 1536 of file SimulatePrincipalPolicyRequest.h.

◆ GetPermissionsBoundaryPolicyInputList()

const Aws::Vector<Aws::String>& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetPermissionsBoundaryPolicyInputList ( ) const
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions boundaries for IAM entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 332 of file SimulatePrincipalPolicyRequest.h.

◆ GetPolicyInputList()

const Aws::Vector<Aws::String>& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetPolicyInputList ( ) const
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 190 of file SimulatePrincipalPolicyRequest.h.

◆ GetPolicySourceArn()

const Aws::String& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetPolicySourceArn ( ) const
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 56 of file SimulatePrincipalPolicyRequest.h.

◆ GetResourceArns()

const Aws::Vector<Aws::String>& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetResourceArns ( ) const
inline

A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response. You can simulate resources that don't exist in your account.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 646 of file SimulatePrincipalPolicyRequest.h.

◆ GetResourceHandlingOption()

const Aws::String& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetResourceHandlingOption ( ) const
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1327 of file SimulatePrincipalPolicyRequest.h.

◆ GetResourceOwner()

const Aws::String& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetResourceOwner ( ) const
inline

An Amazon Web Services account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 959 of file SimulatePrincipalPolicyRequest.h.

◆ GetResourcePolicy()

const Aws::String& Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetResourcePolicy ( ) const
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 803 of file SimulatePrincipalPolicyRequest.h.

◆ GetServiceRequestName()

virtual const char* Aws::IAM::Model::SimulatePrincipalPolicyRequest::GetServiceRequestName ( ) const
inlineoverridevirtual

Implements Aws::AmazonWebServiceRequest.

Definition at line 32 of file SimulatePrincipalPolicyRequest.h.

◆ MarkerHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::MarkerHasBeenSet ( ) const
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1589 of file SimulatePrincipalPolicyRequest.h.

◆ MaxItemsHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::MaxItemsHasBeenSet ( ) const
inline

Use this only when paginating results to indicate the maximum number of items you want in the response. If additional items exist beyond the maximum you specify, the IsTruncated response element is true.

If you do not include this parameter, the number of items defaults to 100. Note that IAM might return fewer results, even when there are more results available. In that case, the IsTruncated response element returns true, and Marker contains a value to include in the subsequent call that tells the service where to continue from.

Definition at line 1548 of file SimulatePrincipalPolicyRequest.h.

◆ PermissionsBoundaryPolicyInputListHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::PermissionsBoundaryPolicyInputListHasBeenSet ( ) const
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions boundaries for IAM entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 361 of file SimulatePrincipalPolicyRequest.h.

◆ PolicyInputListHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::PolicyInputListHasBeenSet ( ) const
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 204 of file SimulatePrincipalPolicyRequest.h.

◆ PolicySourceArnHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::PolicySourceArnHasBeenSet ( ) const
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 73 of file SimulatePrincipalPolicyRequest.h.

◆ ResourceArnsHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::ResourceArnsHasBeenSet ( ) const
inline

A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response. You can simulate resources that don't exist in your account.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 663 of file SimulatePrincipalPolicyRequest.h.

◆ ResourceHandlingOptionHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::ResourceHandlingOptionHasBeenSet ( ) const
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1355 of file SimulatePrincipalPolicyRequest.h.

◆ ResourceOwnerHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::ResourceOwnerHasBeenSet ( ) const
inline

An Amazon Web Services account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 974 of file SimulatePrincipalPolicyRequest.h.

◆ ResourcePolicyHasBeenSet()

bool Aws::IAM::Model::SimulatePrincipalPolicyRequest::ResourcePolicyHasBeenSet ( ) const
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 823 of file SimulatePrincipalPolicyRequest.h.

◆ SerializePayload()

Aws::String Aws::IAM::Model::SimulatePrincipalPolicyRequest::SerializePayload ( ) const
overridevirtual

Convert payload into String.

Implements Aws::AmazonSerializableWebServiceRequest.

◆ SetActionNames() [1/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetActionNames ( Aws::Vector< Aws::String > &&  value)
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 593 of file SimulatePrincipalPolicyRequest.h.

◆ SetActionNames() [2/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetActionNames ( const Aws::Vector< Aws::String > &  value)
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 586 of file SimulatePrincipalPolicyRequest.h.

◆ SetCallerArn() [1/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetCallerArn ( Aws::String &&  value)
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 1153 of file SimulatePrincipalPolicyRequest.h.

◆ SetCallerArn() [2/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetCallerArn ( const Aws::String value)
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 1131 of file SimulatePrincipalPolicyRequest.h.

◆ SetCallerArn() [3/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetCallerArn ( const char *  value)
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 1175 of file SimulatePrincipalPolicyRequest.h.

◆ SetContextEntries() [1/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetContextEntries ( Aws::Vector< ContextEntry > &&  value)
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1270 of file SimulatePrincipalPolicyRequest.h.

◆ SetContextEntries() [2/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetContextEntries ( const Aws::Vector< ContextEntry > &  value)
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1263 of file SimulatePrincipalPolicyRequest.h.

◆ SetMarker() [1/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetMarker ( Aws::String &&  value)
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1605 of file SimulatePrincipalPolicyRequest.h.

◆ SetMarker() [2/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetMarker ( const Aws::String value)
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1597 of file SimulatePrincipalPolicyRequest.h.

◆ SetMarker() [3/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetMarker ( const char *  value)
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1613 of file SimulatePrincipalPolicyRequest.h.

◆ SetMaxItems()

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetMaxItems ( int  value)
inline

Use this only when paginating results to indicate the maximum number of items you want in the response. If additional items exist beyond the maximum you specify, the IsTruncated response element is true.

If you do not include this parameter, the number of items defaults to 100. Note that IAM might return fewer results, even when there are more results available. In that case, the IsTruncated response element returns true, and Marker contains a value to include in the subsequent call that tells the service where to continue from.

Definition at line 1560 of file SimulatePrincipalPolicyRequest.h.

◆ SetPermissionsBoundaryPolicyInputList() [1/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetPermissionsBoundaryPolicyInputList ( Aws::Vector< Aws::String > &&  value)
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions boundaries for IAM entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 419 of file SimulatePrincipalPolicyRequest.h.

◆ SetPermissionsBoundaryPolicyInputList() [2/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetPermissionsBoundaryPolicyInputList ( const Aws::Vector< Aws::String > &  value)
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions boundaries for IAM entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 390 of file SimulatePrincipalPolicyRequest.h.

◆ SetPolicyInputList() [1/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetPolicyInputList ( Aws::Vector< Aws::String > &&  value)
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 232 of file SimulatePrincipalPolicyRequest.h.

◆ SetPolicyInputList() [2/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetPolicyInputList ( const Aws::Vector< Aws::String > &  value)
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 218 of file SimulatePrincipalPolicyRequest.h.

◆ SetPolicySourceArn() [1/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetPolicySourceArn ( Aws::String &&  value)
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 107 of file SimulatePrincipalPolicyRequest.h.

◆ SetPolicySourceArn() [2/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetPolicySourceArn ( const Aws::String value)
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 90 of file SimulatePrincipalPolicyRequest.h.

◆ SetPolicySourceArn() [3/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetPolicySourceArn ( const char *  value)
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 124 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceArns() [1/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceArns ( Aws::Vector< Aws::String > &&  value)
inline

A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response. You can simulate resources that don't exist in your account.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 697 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceArns() [2/2]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceArns ( const Aws::Vector< Aws::String > &  value)
inline

A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response. You can simulate resources that don't exist in your account.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 680 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceHandlingOption() [1/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceHandlingOption ( Aws::String &&  value)
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1411 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceHandlingOption() [2/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceHandlingOption ( const Aws::String value)
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1383 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceHandlingOption() [3/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceHandlingOption ( const char *  value)
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1439 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceOwner() [1/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceOwner ( Aws::String &&  value)
inline

An Amazon Web Services account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 1004 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceOwner() [2/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceOwner ( const Aws::String value)
inline

An Amazon Web Services account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 989 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourceOwner() [3/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourceOwner ( const char *  value)
inline

An Amazon Web Services account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 1019 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourcePolicy() [1/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourcePolicy ( Aws::String &&  value)
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 863 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourcePolicy() [2/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourcePolicy ( const Aws::String value)
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 843 of file SimulatePrincipalPolicyRequest.h.

◆ SetResourcePolicy() [3/3]

void Aws::IAM::Model::SimulatePrincipalPolicyRequest::SetResourcePolicy ( const char *  value)
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 883 of file SimulatePrincipalPolicyRequest.h.

◆ WithActionNames() [1/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithActionNames ( Aws::Vector< Aws::String > &&  value)
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 607 of file SimulatePrincipalPolicyRequest.h.

◆ WithActionNames() [2/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithActionNames ( const Aws::Vector< Aws::String > &  value)
inline

A list of names of API operations to evaluate in the simulation. Each operation is evaluated for each resource. Each operation must include the service identifier, such as iam:CreateUser.

Definition at line 600 of file SimulatePrincipalPolicyRequest.h.

◆ WithCallerArn() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithCallerArn ( Aws::String &&  value)
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 1219 of file SimulatePrincipalPolicyRequest.h.

◆ WithCallerArn() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithCallerArn ( const Aws::String value)
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 1197 of file SimulatePrincipalPolicyRequest.h.

◆ WithCallerArn() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithCallerArn ( const char *  value)
inline

The ARN of the IAM user that you want to specify as the simulated caller of the API operations. If you do not specify a CallerArn, it defaults to the ARN of the user that you specify in PolicySourceArn, if you specified a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result is that you simulate calling the API operations as Bob, as if Bob had David's policies.

You can specify only the ARN of an IAM user. You cannot specify the ARN of an assumed role, federated user, or a service principal.

CallerArn is required if you include a ResourcePolicy and the PolicySourceArn is not the ARN for an IAM user. This is required so that the resource-based policy's Principal element has a value to use in evaluating the policy.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 1241 of file SimulatePrincipalPolicyRequest.h.

◆ WithContextEntries() [1/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithContextEntries ( Aws::Vector< ContextEntry > &&  value)
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1284 of file SimulatePrincipalPolicyRequest.h.

◆ WithContextEntries() [2/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithContextEntries ( const Aws::Vector< ContextEntry > &  value)
inline

A list of context keys and corresponding values for the simulation to use. Whenever a context key is evaluated in one of the simulated IAM permissions policies, the corresponding value is supplied.

Definition at line 1277 of file SimulatePrincipalPolicyRequest.h.

◆ WithMarker() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithMarker ( Aws::String &&  value)
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1629 of file SimulatePrincipalPolicyRequest.h.

◆ WithMarker() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithMarker ( const Aws::String value)
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1621 of file SimulatePrincipalPolicyRequest.h.

◆ WithMarker() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithMarker ( const char *  value)
inline

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

Definition at line 1637 of file SimulatePrincipalPolicyRequest.h.

◆ WithMaxItems()

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithMaxItems ( int  value)
inline

Use this only when paginating results to indicate the maximum number of items you want in the response. If additional items exist beyond the maximum you specify, the IsTruncated response element is true.

If you do not include this parameter, the number of items defaults to 100. Note that IAM might return fewer results, even when there are more results available. In that case, the IsTruncated response element returns true, and Marker contains a value to include in the subsequent call that tells the service where to continue from.

Definition at line 1572 of file SimulatePrincipalPolicyRequest.h.

◆ WithPermissionsBoundaryPolicyInputList() [1/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithPermissionsBoundaryPolicyInputList ( Aws::Vector< Aws::String > &&  value)
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions boundaries for IAM entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 477 of file SimulatePrincipalPolicyRequest.h.

◆ WithPermissionsBoundaryPolicyInputList() [2/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithPermissionsBoundaryPolicyInputList ( const Aws::Vector< Aws::String > &  value)
inline

The IAM permissions boundary policy to simulate. The permissions boundary sets the maximum permissions that the entity can have. You can input only one permissions boundary when you pass a policy to this operation. An IAM entity can only have one permissions boundary in effect at a time. For example, if a permissions boundary is attached to an entity and you pass in a different permissions boundary policy using this parameter, then the new permissions boundary policy is used for the simulation. For more information about permissions boundaries, see Permissions boundaries for IAM entities in the IAM User Guide. The policy input is specified as a string containing the complete, valid JSON text of a permissions boundary policy.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 448 of file SimulatePrincipalPolicyRequest.h.

◆ WithPolicyInputList() [1/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithPolicyInputList ( Aws::Vector< Aws::String > &&  value)
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 260 of file SimulatePrincipalPolicyRequest.h.

◆ WithPolicyInputList() [2/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithPolicyInputList ( const Aws::Vector< Aws::String > &  value)
inline

An optional list of additional policy documents to include in the simulation. Each document is specified as a string containing the complete, valid JSON text of an IAM policy.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 246 of file SimulatePrincipalPolicyRequest.h.

◆ WithPolicySourceArn() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithPolicySourceArn ( Aws::String &&  value)
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 158 of file SimulatePrincipalPolicyRequest.h.

◆ WithPolicySourceArn() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithPolicySourceArn ( const Aws::String value)
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 141 of file SimulatePrincipalPolicyRequest.h.

◆ WithPolicySourceArn() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithPolicySourceArn ( const char *  value)
inline

The Amazon Resource Name (ARN) of a user, group, or role whose policies you want to include in the simulation. If you specify a user, group, or role, the simulation includes all policies that are associated with that entity. If you specify a user, the simulation also includes all policies that are attached to any groups the user belongs to.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 175 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceArns() [1/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceArns ( Aws::Vector< Aws::String > &&  value)
inline

A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response. You can simulate resources that don't exist in your account.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 731 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceArns() [2/2]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceArns ( const Aws::Vector< Aws::String > &  value)
inline

A list of ARNs of Amazon Web Services resources to include in the simulation. If this parameter is not provided, then the value defaults to * (all resources). Each API in the ActionNames parameter is evaluated for each resource in this list. The simulation determines the access result (allowed or denied) of each combination and reports it in the response. You can simulate resources that don't exist in your account.

The simulation does not automatically retrieve policies for the specified resources. If you want to include a resource policy in the simulation, then you must include the policy as a string in the ResourcePolicy parameter.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

Definition at line 714 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceHandlingOption() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceHandlingOption ( Aws::String &&  value)
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1495 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceHandlingOption() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceHandlingOption ( const Aws::String value)
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1467 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceHandlingOption() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceHandlingOption ( const char *  value)
inline

Specifies the type of simulation to run. Different API operations that support resource-based policies require different combinations of resources. By specifying the type of simulation to run, you enable the policy simulator to enforce the presence of the required resources to ensure reliable simulation results. If your simulation does not match one of the following scenarios, then you can omit this parameter. The following list shows each of the supported scenario values and the resources that you must define to run the simulation.

Each of the EC2 scenarios requires that you specify instance, image, and security group resources. If your scenario includes an EBS volume, then you must specify that volume as a resource. If the EC2 scenario includes VPC, then you must supply the network interface resource. If it includes an IP subnet, then you must specify the subnet resource. For more information on the EC2 scenario options, see Supported platforms in the Amazon EC2 User Guide.

  • EC2-Classic-InstanceStore

    instance, image, security group

  • EC2-Classic-EBS

    instance, image, security group, volume

  • EC2-VPC-InstanceStore

    instance, image, security group, network interface

  • EC2-VPC-InstanceStore-Subnet

    instance, image, security group, network interface, subnet

  • EC2-VPC-EBS

    instance, image, security group, network interface, volume

  • EC2-VPC-EBS-Subnet

    instance, image, security group, network interface, subnet, volume

Definition at line 1523 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceOwner() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceOwner ( Aws::String &&  value)
inline

An Amazon Web Services account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 1049 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceOwner() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceOwner ( const Aws::String value)
inline

An Amazon Web Services account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 1034 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourceOwner() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourceOwner ( const char *  value)
inline

An Amazon Web Services account ID that specifies the owner of any simulated resource that does not identify its owner in the resource ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner is specified, it is also used as the account owner of any ResourcePolicy included in the simulation. If the ResourceOwner parameter is not specified, then the owner of the resources and the resource policy defaults to the account of the identity provided in CallerArn. This parameter is required only if you specify a resource-based policy and account that owns the resource is different from the account that owns the simulated calling user CallerArn.

Definition at line 1064 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourcePolicy() [1/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourcePolicy ( Aws::String &&  value)
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 923 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourcePolicy() [2/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourcePolicy ( const Aws::String value)
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 903 of file SimulatePrincipalPolicyRequest.h.

◆ WithResourcePolicy() [3/3]

SimulatePrincipalPolicyRequest& Aws::IAM::Model::SimulatePrincipalPolicyRequest::WithResourcePolicy ( const char *  value)
inline

A resource-based policy to include in the simulation provided as a string. Each resource in the simulation is treated as if it had this policy attached. You can include only one resource-based policy in a simulation.

The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see IAM and STS character quotas.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

Definition at line 943 of file SimulatePrincipalPolicyRequest.h.


The documentation for this class was generated from the following file: