IAmazonIAMRolesAnywhere Interface

Interface for accessing IAMRolesAnywhere

Identity and Access Management Roles Anywhere provides a secure way for your workloads such as servers, containers, and applications that run outside of Amazon Web Services to obtain temporary Amazon Web Services credentials. Your workloads can use the same IAM policies and roles you have for native Amazon Web Services applications to access Amazon Web Services resources. Using IAM Roles Anywhere eliminates the need to manage long-term credentials for workloads running outside of Amazon Web Services.

To use IAM Roles Anywhere, your workloads must use X.509 certificates issued by their certificate authority (CA). You register the CA with IAM Roles Anywhere as a trust anchor to establish trust between your public key infrastructure (PKI) and IAM Roles Anywhere. If you don't manage your own PKI system, you can use Private Certificate Authority to create a CA and then use that to establish trust with IAM Roles Anywhere.

This guide describes the IAM Roles Anywhere operations that you can call programmatically. For more information about IAM Roles Anywhere, see the IAM Roles Anywhere User Guide.

Inheritance Hierarchy

Amazon.IAMRolesAnywhere.IAmazonIAMRolesAnywhere

Namespace: Amazon.IAMRolesAnywhere
Assembly: AWSSDK.IAMRolesAnywhere.dll
Version: 3.x.y.z

Syntax

public interface IAmazonIAMRolesAnywhere
         IAmazonService, IDisposable

The IAmazonIAMRolesAnywhere type exposes the following members

Properties

	Name	Type	Description
	Paginators	Amazon.IAMRolesAnywhere.Model.IIAMRolesAnywherePaginatorFactory	Paginators for the service

Methods

Note:

Asynchronous operations (methods ending with Async) in the table below are for .NET 4.5 or higher. For .NET 3.5 the SDK follows the standard naming convention of BeginMethodName and EndMethodName to indicate asynchronous operations - these method pairs are not shown in the table below.

	Name	Description
	CreateProfile(CreateProfileRequest)	Creates a profile, a list of the roles that Roles Anywhere service is trusted to assume. You use profiles to intersect permissions with IAM managed policies. Required permissions: `rolesanywhere:CreateProfile`.
	CreateProfileAsync(CreateProfileRequest, CancellationToken)	Creates a profile, a list of the roles that Roles Anywhere service is trusted to assume. You use profiles to intersect permissions with IAM managed policies. Required permissions: `rolesanywhere:CreateProfile`.
	CreateTrustAnchor(CreateTrustAnchorRequest)	Creates a trust anchor to establish trust between IAM Roles Anywhere and your certificate authority (CA). You can define a trust anchor as a reference to an Private Certificate Authority (Private CA) or by uploading a CA certificate. Your Amazon Web Services workloads can authenticate with the trust anchor using certificates issued by the CA in exchange for temporary Amazon Web Services credentials. Required permissions: `rolesanywhere:CreateTrustAnchor`.
	CreateTrustAnchorAsync(CreateTrustAnchorRequest, CancellationToken)	Creates a trust anchor to establish trust between IAM Roles Anywhere and your certificate authority (CA). You can define a trust anchor as a reference to an Private Certificate Authority (Private CA) or by uploading a CA certificate. Your Amazon Web Services workloads can authenticate with the trust anchor using certificates issued by the CA in exchange for temporary Amazon Web Services credentials. Required permissions: `rolesanywhere:CreateTrustAnchor`.
	DeleteAttributeMapping(DeleteAttributeMappingRequest)	Delete an entry from the attribute mapping rules enforced by a given profile.
	DeleteAttributeMappingAsync(DeleteAttributeMappingRequest, CancellationToken)	Delete an entry from the attribute mapping rules enforced by a given profile.
	DeleteCrl(DeleteCrlRequest)	Deletes a certificate revocation list (CRL). Required permissions: `rolesanywhere:DeleteCrl`.
	DeleteCrlAsync(DeleteCrlRequest, CancellationToken)	Deletes a certificate revocation list (CRL). Required permissions: `rolesanywhere:DeleteCrl`.
	DeleteProfile(DeleteProfileRequest)	Deletes a profile. Required permissions: `rolesanywhere:DeleteProfile`.
	DeleteProfileAsync(DeleteProfileRequest, CancellationToken)	Deletes a profile. Required permissions: `rolesanywhere:DeleteProfile`.
	DeleteTrustAnchor(DeleteTrustAnchorRequest)	Deletes a trust anchor. Required permissions: `rolesanywhere:DeleteTrustAnchor`.
	DeleteTrustAnchorAsync(DeleteTrustAnchorRequest, CancellationToken)	Deletes a trust anchor. Required permissions: `rolesanywhere:DeleteTrustAnchor`.
	DetermineServiceOperationEndpoint(AmazonWebServiceRequest)	Returns the endpoint that will be used for a particular request.
	DisableCrl(DisableCrlRequest)	Disables a certificate revocation list (CRL). Required permissions: `rolesanywhere:DisableCrl`.
	DisableCrlAsync(DisableCrlRequest, CancellationToken)	Disables a certificate revocation list (CRL). Required permissions: `rolesanywhere:DisableCrl`.
	DisableProfile(DisableProfileRequest)	Disables a profile. When disabled, temporary credential requests with this profile fail. Required permissions: `rolesanywhere:DisableProfile`.
	DisableProfileAsync(DisableProfileRequest, CancellationToken)	Disables a profile. When disabled, temporary credential requests with this profile fail. Required permissions: `rolesanywhere:DisableProfile`.
	DisableTrustAnchor(DisableTrustAnchorRequest)	Disables a trust anchor. When disabled, temporary credential requests specifying this trust anchor are unauthorized. Required permissions: `rolesanywhere:DisableTrustAnchor`.
	DisableTrustAnchorAsync(DisableTrustAnchorRequest, CancellationToken)	Disables a trust anchor. When disabled, temporary credential requests specifying this trust anchor are unauthorized. Required permissions: `rolesanywhere:DisableTrustAnchor`.
	EnableCrl(EnableCrlRequest)	Enables a certificate revocation list (CRL). When enabled, certificates stored in the CRL are unauthorized to receive session credentials. Required permissions: `rolesanywhere:EnableCrl`.
	EnableCrlAsync(EnableCrlRequest, CancellationToken)	Enables a certificate revocation list (CRL). When enabled, certificates stored in the CRL are unauthorized to receive session credentials. Required permissions: `rolesanywhere:EnableCrl`.
	EnableProfile(EnableProfileRequest)	Enables temporary credential requests for a profile. Required permissions: `rolesanywhere:EnableProfile`.
	EnableProfileAsync(EnableProfileRequest, CancellationToken)	Enables temporary credential requests for a profile. Required permissions: `rolesanywhere:EnableProfile`.
	EnableTrustAnchor(EnableTrustAnchorRequest)	Enables a trust anchor. When enabled, certificates in the trust anchor chain are authorized for trust validation. Required permissions: `rolesanywhere:EnableTrustAnchor`.
	EnableTrustAnchorAsync(EnableTrustAnchorRequest, CancellationToken)	Enables a trust anchor. When enabled, certificates in the trust anchor chain are authorized for trust validation. Required permissions: `rolesanywhere:EnableTrustAnchor`.
	GetCrl(GetCrlRequest)	Gets a certificate revocation list (CRL). Required permissions: `rolesanywhere:GetCrl`.
	GetCrlAsync(GetCrlRequest, CancellationToken)	Gets a certificate revocation list (CRL). Required permissions: `rolesanywhere:GetCrl`.
	GetProfile(GetProfileRequest)	Gets a profile. Required permissions: `rolesanywhere:GetProfile`.
	GetProfileAsync(GetProfileRequest, CancellationToken)	Gets a profile. Required permissions: `rolesanywhere:GetProfile`.
	GetSubject(GetSubjectRequest)	Gets a subject, which associates a certificate identity with authentication attempts. The subject stores auditing information such as the status of the last authentication attempt, the certificate data used in the attempt, and the last time the associated identity attempted authentication. Required permissions: `rolesanywhere:GetSubject`.
	GetSubjectAsync(GetSubjectRequest, CancellationToken)	Gets a subject, which associates a certificate identity with authentication attempts. The subject stores auditing information such as the status of the last authentication attempt, the certificate data used in the attempt, and the last time the associated identity attempted authentication. Required permissions: `rolesanywhere:GetSubject`.
	GetTrustAnchor(GetTrustAnchorRequest)	Gets a trust anchor. Required permissions: `rolesanywhere:GetTrustAnchor`.
	GetTrustAnchorAsync(GetTrustAnchorRequest, CancellationToken)	Gets a trust anchor. Required permissions: `rolesanywhere:GetTrustAnchor`.
	ImportCrl(ImportCrlRequest)	Imports the certificate revocation list (CRL). A CRL is a list of certificates that have been revoked by the issuing certificate Authority (CA).In order to be properly imported, a CRL must be in PEM format. IAM Roles Anywhere validates against the CRL before issuing credentials. Required permissions: `rolesanywhere:ImportCrl`.
	ImportCrlAsync(ImportCrlRequest, CancellationToken)	Imports the certificate revocation list (CRL). A CRL is a list of certificates that have been revoked by the issuing certificate Authority (CA).In order to be properly imported, a CRL must be in PEM format. IAM Roles Anywhere validates against the CRL before issuing credentials. Required permissions: `rolesanywhere:ImportCrl`.
	ListCrls(ListCrlsRequest)	Lists all certificate revocation lists (CRL) in the authenticated account and Amazon Web Services Region. Required permissions: `rolesanywhere:ListCrls`.
	ListCrlsAsync(ListCrlsRequest, CancellationToken)	Lists all certificate revocation lists (CRL) in the authenticated account and Amazon Web Services Region. Required permissions: `rolesanywhere:ListCrls`.
	ListProfiles(ListProfilesRequest)	Lists all profiles in the authenticated account and Amazon Web Services Region. Required permissions: `rolesanywhere:ListProfiles`.
	ListProfilesAsync(ListProfilesRequest, CancellationToken)	Lists all profiles in the authenticated account and Amazon Web Services Region. Required permissions: `rolesanywhere:ListProfiles`.
	ListSubjects(ListSubjectsRequest)	Lists the subjects in the authenticated account and Amazon Web Services Region. Required permissions: `rolesanywhere:ListSubjects`.
	ListSubjectsAsync(ListSubjectsRequest, CancellationToken)	Lists the subjects in the authenticated account and Amazon Web Services Region. Required permissions: `rolesanywhere:ListSubjects`.
	ListTagsForResource(ListTagsForResourceRequest)	Lists the tags attached to the resource. Required permissions: `rolesanywhere:ListTagsForResource`.
	ListTagsForResourceAsync(ListTagsForResourceRequest, CancellationToken)	Lists the tags attached to the resource. Required permissions: `rolesanywhere:ListTagsForResource`.
	ListTrustAnchors(ListTrustAnchorsRequest)	Lists the trust anchors in the authenticated account and Amazon Web Services Region. Required permissions: `rolesanywhere:ListTrustAnchors`.
	ListTrustAnchorsAsync(ListTrustAnchorsRequest, CancellationToken)	Lists the trust anchors in the authenticated account and Amazon Web Services Region. Required permissions: `rolesanywhere:ListTrustAnchors`.
	PutAttributeMapping(PutAttributeMappingRequest)	Put an entry in the attribute mapping rules that will be enforced by a given profile. A mapping specifies a certificate field and one or more specifiers that have contextual meanings.
	PutAttributeMappingAsync(PutAttributeMappingRequest, CancellationToken)	Put an entry in the attribute mapping rules that will be enforced by a given profile. A mapping specifies a certificate field and one or more specifiers that have contextual meanings.
	PutNotificationSettings(PutNotificationSettingsRequest)	Attaches a list of notification settings to a trust anchor. A notification setting includes information such as event name, threshold, status of the notification setting, and the channel to notify. Required permissions: `rolesanywhere:PutNotificationSettings`.
	PutNotificationSettingsAsync(PutNotificationSettingsRequest, CancellationToken)	Attaches a list of notification settings to a trust anchor. A notification setting includes information such as event name, threshold, status of the notification setting, and the channel to notify. Required permissions: `rolesanywhere:PutNotificationSettings`.
	ResetNotificationSettings(ResetNotificationSettingsRequest)	Resets the custom notification setting to IAM Roles Anywhere default setting. Required permissions: `rolesanywhere:ResetNotificationSettings`.
	ResetNotificationSettingsAsync(ResetNotificationSettingsRequest, CancellationToken)	Resets the custom notification setting to IAM Roles Anywhere default setting. Required permissions: `rolesanywhere:ResetNotificationSettings`.
	TagResource(TagResourceRequest)	Attaches tags to a resource. Required permissions: `rolesanywhere:TagResource`.
	TagResourceAsync(TagResourceRequest, CancellationToken)	Attaches tags to a resource. Required permissions: `rolesanywhere:TagResource`.
	UntagResource(UntagResourceRequest)	Removes tags from the resource. Required permissions: `rolesanywhere:UntagResource`.
	UntagResourceAsync(UntagResourceRequest, CancellationToken)	Removes tags from the resource. Required permissions: `rolesanywhere:UntagResource`.
	UpdateCrl(UpdateCrlRequest)	Updates the certificate revocation list (CRL). A CRL is a list of certificates that have been revoked by the issuing certificate authority (CA). IAM Roles Anywhere validates against the CRL before issuing credentials. Required permissions: `rolesanywhere:UpdateCrl`.
	UpdateCrlAsync(UpdateCrlRequest, CancellationToken)	Updates the certificate revocation list (CRL). A CRL is a list of certificates that have been revoked by the issuing certificate authority (CA). IAM Roles Anywhere validates against the CRL before issuing credentials. Required permissions: `rolesanywhere:UpdateCrl`.
	UpdateProfile(UpdateProfileRequest)	Updates a profile, a list of the roles that IAM Roles Anywhere service is trusted to assume. You use profiles to intersect permissions with IAM managed policies. Required permissions: `rolesanywhere:UpdateProfile`.
	UpdateProfileAsync(UpdateProfileRequest, CancellationToken)	Updates a profile, a list of the roles that IAM Roles Anywhere service is trusted to assume. You use profiles to intersect permissions with IAM managed policies. Required permissions: `rolesanywhere:UpdateProfile`.
	UpdateTrustAnchor(UpdateTrustAnchorRequest)	Updates a trust anchor. You establish trust between IAM Roles Anywhere and your certificate authority (CA) by configuring a trust anchor. You can define a trust anchor as a reference to an Private Certificate Authority (Private CA) or by uploading a CA certificate. Your Amazon Web Services workloads can authenticate with the trust anchor using certificates issued by the CA in exchange for temporary Amazon Web Services credentials. Required permissions: `rolesanywhere:UpdateTrustAnchor`.
	UpdateTrustAnchorAsync(UpdateTrustAnchorRequest, CancellationToken)	Updates a trust anchor. You establish trust between IAM Roles Anywhere and your certificate authority (CA) by configuring a trust anchor. You can define a trust anchor as a reference to an Private Certificate Authority (Private CA) or by uploading a CA certificate. Your Amazon Web Services workloads can authenticate with the trust anchor using certificates issued by the CA in exchange for temporary Amazon Web Services credentials. Required permissions: `rolesanywhere:UpdateTrustAnchor`.

Version Information

.NET:
Supported in: 8.0 and newer, Core 3.1

.NET Standard:
Supported in: 2.0

.NET Framework:
Supported in: 4.5 and newer, 3.5