feat(client-iam): This release includes support for five new APIs and changes to existing APIs that give AWS Organizations customers the ability to use temporary root credentials, targeted to member accounts in the organization.

Author: awstools

clients/client-iam/README.md

@@ -591,6 +591,22 @@ DetachUserPolicy
 
 [Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/iam/command/DetachUserPolicyCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/DetachUserPolicyCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/DetachUserPolicyCommandOutput/)
 
+</details>
+<details>
+<summary>
+DisableOrganizationsRootCredentialsManagement
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/iam/command/DisableOrganizationsRootCredentialsManagementCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/DisableOrganizationsRootCredentialsManagementCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/DisableOrganizationsRootCredentialsManagementCommandOutput/)
+
+</details>
+<details>
+<summary>
+DisableOrganizationsRootSessions
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/iam/command/DisableOrganizationsRootSessionsCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/DisableOrganizationsRootSessionsCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/DisableOrganizationsRootSessionsCommandOutput/)
+
 </details>
 <details>
 <summary>
@@ -599,6 +615,22 @@ EnableMFADevice
 
 [Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/iam/command/EnableMFADeviceCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/EnableMFADeviceCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/EnableMFADeviceCommandOutput/)
 
+</details>
+<details>
+<summary>
+EnableOrganizationsRootCredentialsManagement
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/iam/command/EnableOrganizationsRootCredentialsManagementCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/EnableOrganizationsRootCredentialsManagementCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/EnableOrganizationsRootCredentialsManagementCommandOutput/)
+
+</details>
+<details>
+<summary>
+EnableOrganizationsRootSessions
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/iam/command/EnableOrganizationsRootSessionsCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/EnableOrganizationsRootSessionsCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/EnableOrganizationsRootSessionsCommandOutput/)
+
 </details>
 <details>
 <summary>
@@ -959,6 +991,14 @@ ListOpenIDConnectProviderTags
 
 [Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/iam/command/ListOpenIDConnectProviderTagsCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/ListOpenIDConnectProviderTagsCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/ListOpenIDConnectProviderTagsCommandOutput/)
 
+</details>
+<details>
+<summary>
+ListOrganizationsFeatures
+</summary>
+
+[Command API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/iam/command/ListOrganizationsFeaturesCommand/) / [Input](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/ListOrganizationsFeaturesCommandInput/) / [Output](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-iam/Interface/ListOrganizationsFeaturesCommandOutput/)
+
 </details>
 <details>
 <summary>

clients/client-iam/src/IAM.ts

@@ -218,11 +218,31 @@ import {
   DetachUserPolicyCommandInput,
   DetachUserPolicyCommandOutput,
 } from "./commands/DetachUserPolicyCommand";
+import {
+  DisableOrganizationsRootCredentialsManagementCommand,
+  DisableOrganizationsRootCredentialsManagementCommandInput,
+  DisableOrganizationsRootCredentialsManagementCommandOutput,
+} from "./commands/DisableOrganizationsRootCredentialsManagementCommand";
+import {
+  DisableOrganizationsRootSessionsCommand,
+  DisableOrganizationsRootSessionsCommandInput,
+  DisableOrganizationsRootSessionsCommandOutput,
+} from "./commands/DisableOrganizationsRootSessionsCommand";
 import {
   EnableMFADeviceCommand,
   EnableMFADeviceCommandInput,
   EnableMFADeviceCommandOutput,
 } from "./commands/EnableMFADeviceCommand";
+import {
+  EnableOrganizationsRootCredentialsManagementCommand,
+  EnableOrganizationsRootCredentialsManagementCommandInput,
+  EnableOrganizationsRootCredentialsManagementCommandOutput,
+} from "./commands/EnableOrganizationsRootCredentialsManagementCommand";
+import {
+  EnableOrganizationsRootSessionsCommand,
+  EnableOrganizationsRootSessionsCommandInput,
+  EnableOrganizationsRootSessionsCommandOutput,
+} from "./commands/EnableOrganizationsRootSessionsCommand";
 import {
   GenerateCredentialReportCommand,
   GenerateCredentialReportCommandInput,
@@ -428,6 +448,11 @@ import {
   ListOpenIDConnectProviderTagsCommandInput,
   ListOpenIDConnectProviderTagsCommandOutput,
 } from "./commands/ListOpenIDConnectProviderTagsCommand";
+import {
+  ListOrganizationsFeaturesCommand,
+  ListOrganizationsFeaturesCommandInput,
+  ListOrganizationsFeaturesCommandOutput,
+} from "./commands/ListOrganizationsFeaturesCommand";
 import {
   ListPoliciesCommand,
   ListPoliciesCommandInput,
@@ -760,7 +785,11 @@ const commands = {
   DetachGroupPolicyCommand,
   DetachRolePolicyCommand,
   DetachUserPolicyCommand,
+  DisableOrganizationsRootCredentialsManagementCommand,
+  DisableOrganizationsRootSessionsCommand,
   EnableMFADeviceCommand,
+  EnableOrganizationsRootCredentialsManagementCommand,
+  EnableOrganizationsRootSessionsCommand,
   GenerateCredentialReportCommand,
   GenerateOrganizationsAccessReportCommand,
   GenerateServiceLastAccessedDetailsCommand,
@@ -806,6 +835,7 @@ const commands = {
   ListMFADeviceTagsCommand,
   ListOpenIDConnectProvidersCommand,
   ListOpenIDConnectProviderTagsCommand,
+  ListOrganizationsFeaturesCommand,
   ListPoliciesCommand,
   ListPoliciesGrantingServiceAccessCommand,
   ListPolicyTagsCommand,
@@ -1050,6 +1080,7 @@ export interface IAM {
   /**
    * @see {@link CreateLoginProfileCommand}
    */
+  createLoginProfile(): Promise<CreateLoginProfileCommandOutput>;
   createLoginProfile(
     args: CreateLoginProfileCommandInput,
     options?: __HttpHandlerOptions
@@ -1313,6 +1344,7 @@ export interface IAM {
   /**
    * @see {@link DeleteLoginProfileCommand}
    */
+  deleteLoginProfile(): Promise<DeleteLoginProfileCommandOutput>;
   deleteLoginProfile(
     args: DeleteLoginProfileCommandInput,
     options?: __HttpHandlerOptions
@@ -1632,6 +1664,42 @@ export interface IAM {
     cb: (err: any, data?: DetachUserPolicyCommandOutput) => void
   ): void;
 
+  /**
+   * @see {@link DisableOrganizationsRootCredentialsManagementCommand}
+   */
+  disableOrganizationsRootCredentialsManagement(): Promise<DisableOrganizationsRootCredentialsManagementCommandOutput>;
+  disableOrganizationsRootCredentialsManagement(
+    args: DisableOrganizationsRootCredentialsManagementCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<DisableOrganizationsRootCredentialsManagementCommandOutput>;
+  disableOrganizationsRootCredentialsManagement(
+    args: DisableOrganizationsRootCredentialsManagementCommandInput,
+    cb: (err: any, data?: DisableOrganizationsRootCredentialsManagementCommandOutput) => void
+  ): void;
+  disableOrganizationsRootCredentialsManagement(
+    args: DisableOrganizationsRootCredentialsManagementCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: DisableOrganizationsRootCredentialsManagementCommandOutput) => void
+  ): void;
+
+  /**
+   * @see {@link DisableOrganizationsRootSessionsCommand}
+   */
+  disableOrganizationsRootSessions(): Promise<DisableOrganizationsRootSessionsCommandOutput>;
+  disableOrganizationsRootSessions(
+    args: DisableOrganizationsRootSessionsCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<DisableOrganizationsRootSessionsCommandOutput>;
+  disableOrganizationsRootSessions(
+    args: DisableOrganizationsRootSessionsCommandInput,
+    cb: (err: any, data?: DisableOrganizationsRootSessionsCommandOutput) => void
+  ): void;
+  disableOrganizationsRootSessions(
+    args: DisableOrganizationsRootSessionsCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: DisableOrganizationsRootSessionsCommandOutput) => void
+  ): void;
+
   /**
    * @see {@link EnableMFADeviceCommand}
    */
@@ -1646,6 +1714,42 @@ export interface IAM {
     cb: (err: any, data?: EnableMFADeviceCommandOutput) => void
   ): void;
 
+  /**
+   * @see {@link EnableOrganizationsRootCredentialsManagementCommand}
+   */
+  enableOrganizationsRootCredentialsManagement(): Promise<EnableOrganizationsRootCredentialsManagementCommandOutput>;
+  enableOrganizationsRootCredentialsManagement(
+    args: EnableOrganizationsRootCredentialsManagementCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<EnableOrganizationsRootCredentialsManagementCommandOutput>;
+  enableOrganizationsRootCredentialsManagement(
+    args: EnableOrganizationsRootCredentialsManagementCommandInput,
+    cb: (err: any, data?: EnableOrganizationsRootCredentialsManagementCommandOutput) => void
+  ): void;
+  enableOrganizationsRootCredentialsManagement(
+    args: EnableOrganizationsRootCredentialsManagementCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: EnableOrganizationsRootCredentialsManagementCommandOutput) => void
+  ): void;
+
+  /**
+   * @see {@link EnableOrganizationsRootSessionsCommand}
+   */
+  enableOrganizationsRootSessions(): Promise<EnableOrganizationsRootSessionsCommandOutput>;
+  enableOrganizationsRootSessions(
+    args: EnableOrganizationsRootSessionsCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<EnableOrganizationsRootSessionsCommandOutput>;
+  enableOrganizationsRootSessions(
+    args: EnableOrganizationsRootSessionsCommandInput,
+    cb: (err: any, data?: EnableOrganizationsRootSessionsCommandOutput) => void
+  ): void;
+  enableOrganizationsRootSessions(
+    args: EnableOrganizationsRootSessionsCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: EnableOrganizationsRootSessionsCommandOutput) => void
+  ): void;
+
   /**
    * @see {@link GenerateCredentialReportCommand}
    */
@@ -1866,6 +1970,7 @@ export interface IAM {
   /**
    * @see {@link GetLoginProfileCommand}
    */
+  getLoginProfile(): Promise<GetLoginProfileCommandOutput>;
   getLoginProfile(
     args: GetLoginProfileCommandInput,
     options?: __HttpHandlerOptions
@@ -2357,6 +2462,24 @@ export interface IAM {
     cb: (err: any, data?: ListOpenIDConnectProviderTagsCommandOutput) => void
   ): void;
 
+  /**
+   * @see {@link ListOrganizationsFeaturesCommand}
+   */
+  listOrganizationsFeatures(): Promise<ListOrganizationsFeaturesCommandOutput>;
+  listOrganizationsFeatures(
+    args: ListOrganizationsFeaturesCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<ListOrganizationsFeaturesCommandOutput>;
+  listOrganizationsFeatures(
+    args: ListOrganizationsFeaturesCommandInput,
+    cb: (err: any, data?: ListOrganizationsFeaturesCommandOutput) => void
+  ): void;
+  listOrganizationsFeatures(
+    args: ListOrganizationsFeaturesCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: ListOrganizationsFeaturesCommandOutput) => void
+  ): void;
+
   /**
    * @see {@link ListPoliciesCommand}
    */

clients/client-iam/src/IAMClient.ts

@@ -161,7 +161,23 @@ import {
 import { DetachGroupPolicyCommandInput, DetachGroupPolicyCommandOutput } from "./commands/DetachGroupPolicyCommand";
 import { DetachRolePolicyCommandInput, DetachRolePolicyCommandOutput } from "./commands/DetachRolePolicyCommand";
 import { DetachUserPolicyCommandInput, DetachUserPolicyCommandOutput } from "./commands/DetachUserPolicyCommand";
+import {
+  DisableOrganizationsRootCredentialsManagementCommandInput,
+  DisableOrganizationsRootCredentialsManagementCommandOutput,
+} from "./commands/DisableOrganizationsRootCredentialsManagementCommand";
+import {
+  DisableOrganizationsRootSessionsCommandInput,
+  DisableOrganizationsRootSessionsCommandOutput,
+} from "./commands/DisableOrganizationsRootSessionsCommand";
 import { EnableMFADeviceCommandInput, EnableMFADeviceCommandOutput } from "./commands/EnableMFADeviceCommand";
+import {
+  EnableOrganizationsRootCredentialsManagementCommandInput,
+  EnableOrganizationsRootCredentialsManagementCommandOutput,
+} from "./commands/EnableOrganizationsRootCredentialsManagementCommand";
+import {
+  EnableOrganizationsRootSessionsCommandInput,
+  EnableOrganizationsRootSessionsCommandOutput,
+} from "./commands/EnableOrganizationsRootSessionsCommand";
 import {
   GenerateCredentialReportCommandInput,
   GenerateCredentialReportCommandOutput,
@@ -279,6 +295,10 @@ import {
   ListOpenIDConnectProviderTagsCommandInput,
   ListOpenIDConnectProviderTagsCommandOutput,
 } from "./commands/ListOpenIDConnectProviderTagsCommand";
+import {
+  ListOrganizationsFeaturesCommandInput,
+  ListOrganizationsFeaturesCommandOutput,
+} from "./commands/ListOrganizationsFeaturesCommand";
 import { ListPoliciesCommandInput, ListPoliciesCommandOutput } from "./commands/ListPoliciesCommand";
 import {
   ListPoliciesGrantingServiceAccessCommandInput,
@@ -500,7 +520,11 @@ export type ServiceInputTypes =
   | DetachGroupPolicyCommandInput
   | DetachRolePolicyCommandInput
   | DetachUserPolicyCommandInput
+  | DisableOrganizationsRootCredentialsManagementCommandInput
+  | DisableOrganizationsRootSessionsCommandInput
   | EnableMFADeviceCommandInput
+  | EnableOrganizationsRootCredentialsManagementCommandInput
+  | EnableOrganizationsRootSessionsCommandInput
   | GenerateCredentialReportCommandInput
   | GenerateOrganizationsAccessReportCommandInput
   | GenerateServiceLastAccessedDetailsCommandInput
@@ -546,6 +570,7 @@ export type ServiceInputTypes =
   | ListMFADevicesCommandInput
   | ListOpenIDConnectProviderTagsCommandInput
   | ListOpenIDConnectProvidersCommandInput
+  | ListOrganizationsFeaturesCommandInput
   | ListPoliciesCommandInput
   | ListPoliciesGrantingServiceAccessCommandInput
   | ListPolicyTagsCommandInput
@@ -664,7 +689,11 @@ export type ServiceOutputTypes =
   | DetachGroupPolicyCommandOutput
   | DetachRolePolicyCommandOutput
   | DetachUserPolicyCommandOutput
+  | DisableOrganizationsRootCredentialsManagementCommandOutput
+  | DisableOrganizationsRootSessionsCommandOutput
   | EnableMFADeviceCommandOutput
+  | EnableOrganizationsRootCredentialsManagementCommandOutput
+  | EnableOrganizationsRootSessionsCommandOutput
   | GenerateCredentialReportCommandOutput
   | GenerateOrganizationsAccessReportCommandOutput
   | GenerateServiceLastAccessedDetailsCommandOutput
@@ -710,6 +739,7 @@ export type ServiceOutputTypes =
   | ListMFADevicesCommandOutput
   | ListOpenIDConnectProviderTagsCommandOutput
   | ListOpenIDConnectProvidersCommandOutput
+  | ListOrganizationsFeaturesCommandOutput
   | ListPoliciesCommandOutput
   | ListPoliciesGrantingServiceAccessCommandOutput
   | ListPolicyTagsCommandOutput

clients/client-iam/src/commands/CreateLoginProfileCommand.ts

@@ -45,8 +45,8 @@ export interface CreateLoginProfileCommandOutput extends CreateLoginProfileRespo
  * // const { IAMClient, CreateLoginProfileCommand } = require("@aws-sdk/client-iam"); // CommonJS import
  * const client = new IAMClient(config);
  * const input = { // CreateLoginProfileRequest
- *   UserName: "STRING_VALUE", // required
- *   Password: "STRING_VALUE", // required
+ *   UserName: "STRING_VALUE",
+ *   Password: "STRING_VALUE",
  *   PasswordResetRequired: true || false,
  * };
  * const command = new CreateLoginProfileCommand(input);

clients/client-iam/src/commands/DeactivateMFADeviceCommand.ts

@@ -40,7 +40,7 @@ export interface DeactivateMFADeviceCommandOutput extends __MetadataBearer {}
  * // const { IAMClient, DeactivateMFADeviceCommand } = require("@aws-sdk/client-iam"); // CommonJS import
  * const client = new IAMClient(config);
  * const input = { // DeactivateMFADeviceRequest
- *   UserName: "STRING_VALUE", // required
+ *   UserName: "STRING_VALUE",
  *   SerialNumber: "STRING_VALUE", // required
  * };
  * const command = new DeactivateMFADeviceCommand(input);

clients/client-iam/src/commands/DeleteLoginProfileCommand.ts

@@ -48,7 +48,7 @@ export interface DeleteLoginProfileCommandOutput extends __MetadataBearer {}
  * // const { IAMClient, DeleteLoginProfileCommand } = require("@aws-sdk/client-iam"); // CommonJS import
  * const client = new IAMClient(config);
  * const input = { // DeleteLoginProfileRequest
- *   UserName: "STRING_VALUE", // required
+ *   UserName: "STRING_VALUE",
  * };
  * const command = new DeleteLoginProfileCommand(input);
  * const response = await client.send(command);