AWS SDK

tmp-codegen-diff/aws-sdk/sdk/sts/src/operation/assume_root.rs

@@ -335,335 +374,374 @@

     fn retryable_error_kind(&self) -> ::std::option::Option<::aws_smithy_types::retry::ErrorKind> {
         ::std::option::Option::None
-337
+    }
-338
+}
 impl ::aws_smithy_types::error::metadata::ProvideErrorMetadata for AssumeRootError {
     fn meta(&self) -> &::aws_smithy_types::error::ErrorMetadata {
         match self {
             Self::ExpiredTokenException(_inner) => ::aws_smithy_types::error::metadata::ProvideErrorMetadata::meta(_inner),
             Self::RegionDisabledException(_inner) => ::aws_smithy_types::error::metadata::ProvideErrorMetadata::meta(_inner),
             Self::Unhandled(_inner) => &_inner.meta,
-345
+        }
-346
+    }
-347
+}
 impl ::aws_smithy_runtime_api::client::result::CreateUnhandledError for AssumeRootError {
     fn create_unhandled_error(
         source: ::std::boxed::Box<dyn ::std::error::Error + ::std::marker::Send + ::std::marker::Sync + 'static>,
         meta: ::std::option::Option<::aws_smithy_types::error::ErrorMetadata>,
     ) -> Self {
         Self::Unhandled(crate::error::sealed_unhandled::Unhandled {
             source,

             meta: meta.unwrap_or_default(),
         })
-357
+    }
-358
+}
 impl ::aws_types::request_id::RequestId for crate::operation::assume_root::AssumeRootError {
     fn request_id(&self) -> Option<&str> {
         self.meta().request_id()
-362
+    }
-363
+}
-364
 pub use crate::operation::assume_root::_assume_root_output::AssumeRootOutput;
--
 pub use crate::operation::assume_root::_assume_root_input::AssumeRootInput;
-366
 pub use crate::operation::assume_root::_assume_root_output::AssumeRootOutput;
-+
 mod _assume_root_input;
-370
 mod _assume_root_output;
-372
 /// Builders
 pub mod builders;

tmp-codegen-diff/aws-sdk/sdk/sts/src/operation/assume_root/builders.rs

@@ -1,1 +35,35 @@

 // Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
 pub use crate::operation::assume_root::_assume_root_output::AssumeRootOutputBuilder;
--
 pub use crate::operation::assume_root::_assume_root_input::AssumeRootInputBuilder;
-3
 pub use crate::operation::assume_root::_assume_root_output::AssumeRootOutputBuilder;
-+
 impl crate::operation::assume_root::builders::AssumeRootInputBuilder {
     /// Sends a request with this input using the given client.
     pub async fn send_with(
         self,
         client: &crate::Client,
     ) -> ::std::result::Result<
         crate::operation::assume_root::AssumeRootOutput,
         ::aws_smithy_runtime_api::client::result::SdkError<
             crate::operation::assume_root::AssumeRootError,
             ::aws_smithy_runtime_api::client::orchestrator::HttpResponse,

↧ Expand context

         >,
     > {
         let mut fluent_builder = client.assume_root();
         fluent_builder.inner = self;
         fluent_builder.send().await
-21
+    }
-22
+}
 /// Fluent builder constructing a request to `AssumeRoot`.
 ///
 /// <p>Returns a set of short term credentials you can use to perform privileged tasks on a member account in your organization.</p>
 /// <p>Before you can launch a privileged session, you must have centralized root access in your organization. For steps to enable this feature, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-enable-root-access.html">Centralize root access for member accounts</a> in the <i>IAM User Guide</i>.</p><note>
 /// <p>The STS global endpoint is not supported for AssumeRoot. You must send this request to a Regional STS endpoint. For more information, see <a href="https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html#sts-endpoints">Endpoints</a>.</p>
 /// </note>
 /// <p>You can track AssumeRoot in CloudTrail logs to determine what actions were performed in a session. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-track-privileged-tasks.html">Track privileged tasks in CloudTrail</a> in the <i>IAM User Guide</i>.</p>
 #[derive(::std::clone::Clone, ::std::fmt::Debug)]
 pub struct AssumeRootFluentBuilder {
     handle: ::std::sync::Arc<crate::client::Handle>,
     inner: crate::operation::assume_root::builders::AssumeRootInputBuilder,
     config_override: ::std::option::Option<crate::config::Builder>,
-35
+}

tmp-codegen-diff/aws-sdk/sdk/sts/src/operation/decode_authorization_message.rs

@@ -330,330 +369,369 @@

↥ Expand context

-330
+    }
     fn retryable_error_kind(&self) -> ::std::option::Option<::aws_smithy_types::retry::ErrorKind> {
         ::std::option::Option::None
-333
+    }
-334
+}
 impl ::aws_smithy_types::error::metadata::ProvideErrorMetadata for DecodeAuthorizationMessageError {
     fn meta(&self) -> &::aws_smithy_types::error::ErrorMetadata {
         match self {
             Self::InvalidAuthorizationMessageException(_inner) => ::aws_smithy_types::error::metadata::ProvideErrorMetadata::meta(_inner),
             Self::Unhandled(_inner) => &_inner.meta,
-340
+        }
-341
+    }
-342
+}
 impl ::aws_smithy_runtime_api::client::result::CreateUnhandledError for DecodeAuthorizationMessageError {
     fn create_unhandled_error(
         source: ::std::boxed::Box<dyn ::std::error::Error + ::std::marker::Send + ::std::marker::Sync + 'static>,
         meta: ::std::option::Option<::aws_smithy_types::error::ErrorMetadata>,
     ) -> Self {
         Self::Unhandled(crate::error::sealed_unhandled::Unhandled {
             source,

             meta: meta.unwrap_or_default(),
         })
-352
+    }
-353
+}
 impl ::aws_types::request_id::RequestId for crate::operation::decode_authorization_message::DecodeAuthorizationMessageError {
     fn request_id(&self) -> Option<&str> {
         self.meta().request_id()
-357
+    }
-358
+}
-359
 pub use crate::operation::decode_authorization_message::_decode_authorization_message_output::DecodeAuthorizationMessageOutput;
--
 pub use crate::operation::decode_authorization_message::_decode_authorization_message_input::DecodeAuthorizationMessageInput;
-361
 pub use crate::operation::decode_authorization_message::_decode_authorization_message_output::DecodeAuthorizationMessageOutput;
-+
 mod _decode_authorization_message_input;
-365
 mod _decode_authorization_message_output;
-367
 /// Builders
 pub mod builders;

tmp-codegen-diff/aws-sdk/sdk/sts/src/operation/decode_authorization_message/builders.rs

@@ -1,1 +35,35 @@

 // Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
 pub use crate::operation::decode_authorization_message::_decode_authorization_message_output::DecodeAuthorizationMessageOutputBuilder;
--
 pub use crate::operation::decode_authorization_message::_decode_authorization_message_input::DecodeAuthorizationMessageInputBuilder;
-3
 pub use crate::operation::decode_authorization_message::_decode_authorization_message_output::DecodeAuthorizationMessageOutputBuilder;
-+
 impl crate::operation::decode_authorization_message::builders::DecodeAuthorizationMessageInputBuilder {
     /// Sends a request with this input using the given client.
     pub async fn send_with(
         self,
         client: &crate::Client,
     ) -> ::std::result::Result<
         crate::operation::decode_authorization_message::DecodeAuthorizationMessageOutput,
         ::aws_smithy_runtime_api::client::result::SdkError<
             crate::operation::decode_authorization_message::DecodeAuthorizationMessageError,
             ::aws_smithy_runtime_api::client::orchestrator::HttpResponse,

↧ Expand context

         >,
     > {
         let mut fluent_builder = client.decode_authorization_message();
         fluent_builder.inner = self;
         fluent_builder.send().await
-21
+    }
-22
+}
 /// Fluent builder constructing a request to `DecodeAuthorizationMessage`.
 ///
 /// <p>Decodes additional information about the authorization status of a request from an encoded message returned in response to an Amazon Web Services request.</p>
 /// <p>For example, if a user is not authorized to perform an operation that he or she has requested, the request returns a <code>Client.UnauthorizedOperation</code> response (an HTTP 403 response). Some Amazon Web Services operations additionally return an encoded message that can provide details about this authorization failure.</p><note>
 /// <p>Only certain Amazon Web Services operations return an encoded authorization message. The documentation for an individual operation indicates whether that operation returns an encoded message in addition to returning an HTTP code.</p>
 /// </note>
 /// <p>The message is encoded because the details of the authorization status can contain privileged information that the user who requested the operation should not see. To decode an authorization status message, a user must be granted permissions through an IAM <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html">policy</a> to request the <code>DecodeAuthorizationMessage</code> (<code>sts:DecodeAuthorizationMessage</code>) action.</p>
 /// <p>The decoded message includes the following type of information:</p>
 /// <ul>
 /// <li>
 /// <p>Whether the request was denied due to an explicit deny or due to the absence of an explicit allow. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow">Determining Whether a Request is Allowed or Denied</a> in the <i>IAM User Guide</i>.</p></li>
 /// <li>
 /// <p>The principal who made the request.</p></li>

tmp-codegen-diff/aws-sdk/sdk/sts/src/operation/get_access_key_info.rs

@@ -317,317 +356,356 @@

↥ Expand context

         ::aws_smithy_types::error::metadata::ProvideErrorMetadata::code(self)
-318
+    }
     fn retryable_error_kind(&self) -> ::std::option::Option<::aws_smithy_types::retry::ErrorKind> {
         ::std::option::Option::None
-321
+    }
-322
+}
 impl ::aws_smithy_types::error::metadata::ProvideErrorMetadata for GetAccessKeyInfoError {
     fn meta(&self) -> &::aws_smithy_types::error::ErrorMetadata {
         match self {
             Self::Unhandled(_inner) => &_inner.meta,
-327
+        }
-328
+    }
-329
+}
 impl ::aws_smithy_runtime_api::client::result::CreateUnhandledError for GetAccessKeyInfoError {
     fn create_unhandled_error(
         source: ::std::boxed::Box<dyn ::std::error::Error + ::std::marker::Send + ::std::marker::Sync + 'static>,
         meta: ::std::option::Option<::aws_smithy_types::error::ErrorMetadata>,
     ) -> Self {
         Self::Unhandled(crate::error::sealed_unhandled::Unhandled {
             source,

             meta: meta.unwrap_or_default(),
         })
-339
+    }
-340
+}
 impl ::aws_types::request_id::RequestId for crate::operation::get_access_key_info::GetAccessKeyInfoError {
     fn request_id(&self) -> Option<&str> {
         self.meta().request_id()
-344
+    }
-345
+}
-346
 pub use crate::operation::get_access_key_info::_get_access_key_info_output::GetAccessKeyInfoOutput;
--
 pub use crate::operation::get_access_key_info::_get_access_key_info_input::GetAccessKeyInfoInput;
-348
 pub use crate::operation::get_access_key_info::_get_access_key_info_output::GetAccessKeyInfoOutput;
-+
 mod _get_access_key_info_input;
-352
 mod _get_access_key_info_output;
-354
 /// Builders
 pub mod builders;

tmp-codegen-diff/aws-sdk/sdk/sts/src/operation/get_access_key_info/builders.rs

@@ -1,1 +35,35 @@

 // Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
 pub use crate::operation::get_access_key_info::_get_access_key_info_output::GetAccessKeyInfoOutputBuilder;
--
 pub use crate::operation::get_access_key_info::_get_access_key_info_input::GetAccessKeyInfoInputBuilder;
-3
 pub use crate::operation::get_access_key_info::_get_access_key_info_output::GetAccessKeyInfoOutputBuilder;
-+
 impl crate::operation::get_access_key_info::builders::GetAccessKeyInfoInputBuilder {
     /// Sends a request with this input using the given client.
     pub async fn send_with(
         self,
         client: &crate::Client,
     ) -> ::std::result::Result<
         crate::operation::get_access_key_info::GetAccessKeyInfoOutput,
         ::aws_smithy_runtime_api::client::result::SdkError<
             crate::operation::get_access_key_info::GetAccessKeyInfoError,
             ::aws_smithy_runtime_api::client::orchestrator::HttpResponse,

↧ Expand context

         >,
     > {
         let mut fluent_builder = client.get_access_key_info();
         fluent_builder.inner = self;
         fluent_builder.send().await
-21
+    }
-22
+}
 /// Fluent builder constructing a request to `GetAccessKeyInfo`.
 ///
 /// <p>Returns the account identifier for the specified access key ID.</p>
 /// <p>Access keys consist of two parts: an access key ID (for example, <code>AKIAIOSFODNN7EXAMPLE</code>) and a secret access key (for example, <code>wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY</code>). For more information about access keys, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html">Managing Access Keys for IAM Users</a> in the <i>IAM User Guide</i>.</p>
 /// <p>When you pass an access key ID to this operation, it returns the ID of the Amazon Web Services account to which the keys belong. Access key IDs beginning with <code>AKIA</code> are long-term credentials for an IAM user or the Amazon Web Services account root user. Access key IDs beginning with <code>ASIA</code> are temporary credentials that are created using STS operations. If the account in the response belongs to you, you can sign in as the root user and review your root user access keys. Then, you can pull a <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html">credentials report</a> to learn which IAM user owns the keys. To learn who requested the temporary credentials for an <code>ASIA</code> access key, view the STS events in your <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html">CloudTrail logs</a> in the <i>IAM User Guide</i>.</p>
 /// <p>This operation does not indicate the state of the access key. The key might be active, inactive, or deleted. Active keys might not have permissions to perform an operation. Providing a deleted access key might return an error that the key doesn't exist.</p>
 #[derive(::std::clone::Clone, ::std::fmt::Debug)]
 pub struct GetAccessKeyInfoFluentBuilder {
     handle: ::std::sync::Arc<crate::client::Handle>,
     inner: crate::operation::get_access_key_info::builders::GetAccessKeyInfoInputBuilder,
     config_override: ::std::option::Option<crate::config::Builder>,
-34
+}
 impl

tmp-codegen-diff/aws-sdk/sdk/sts/src/operation/get_caller_identity.rs

@@ -314,314 +353,353 @@

↥ Expand context

         ::aws_smithy_types::error::metadata::ProvideErrorMetadata::code(self)
-315
+    }
     fn retryable_error_kind(&self) -> ::std::option::Option<::aws_smithy_types::retry::ErrorKind> {
         ::std::option::Option::None
-318
+    }
-319
+}
 impl ::aws_smithy_types::error::metadata::ProvideErrorMetadata for GetCallerIdentityError {
     fn meta(&self) -> &::aws_smithy_types::error::ErrorMetadata {
         match self {
             Self::Unhandled(_inner) => &_inner.meta,
-324
+        }
-325
+    }
-326
+}
 impl ::aws_smithy_runtime_api::client::result::CreateUnhandledError for GetCallerIdentityError {
     fn create_unhandled_error(
         source: ::std::boxed::Box<dyn ::std::error::Error + ::std::marker::Send + ::std::marker::Sync + 'static>,
         meta: ::std::option::Option<::aws_smithy_types::error::ErrorMetadata>,
     ) -> Self {
         Self::Unhandled(crate::error::sealed_unhandled::Unhandled {
             source,

             meta: meta.unwrap_or_default(),
         })
-336
+    }
-337
+}
 impl ::aws_types::request_id::RequestId for crate::operation::get_caller_identity::GetCallerIdentityError {
     fn request_id(&self) -> Option<&str> {
         self.meta().request_id()
-341
+    }
-342
+}
-343
 pub use crate::operation::get_caller_identity::_get_caller_identity_output::GetCallerIdentityOutput;
--
 pub use crate::operation::get_caller_identity::_get_caller_identity_input::GetCallerIdentityInput;
-345
 pub use crate::operation::get_caller_identity::_get_caller_identity_output::GetCallerIdentityOutput;
-+
 mod _get_caller_identity_input;
-349
 mod _get_caller_identity_output;
-351
 /// Builders
 pub mod builders;

tmp-codegen-diff/aws-sdk/sdk/sts/src/operation/get_caller_identity/builders.rs

@@ -1,1 +35,35 @@

 // Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
 pub use crate::operation::get_caller_identity::_get_caller_identity_output::GetCallerIdentityOutputBuilder;
--
 pub use crate::operation::get_caller_identity::_get_caller_identity_input::GetCallerIdentityInputBuilder;
-3
 pub use crate::operation::get_caller_identity::_get_caller_identity_output::GetCallerIdentityOutputBuilder;
-+
 impl crate::operation::get_caller_identity::builders::GetCallerIdentityInputBuilder {
     /// Sends a request with this input using the given client.
     pub async fn send_with(
         self,
         client: &crate::Client,
     ) -> ::std::result::Result<
         crate::operation::get_caller_identity::GetCallerIdentityOutput,
         ::aws_smithy_runtime_api::client::result::SdkError<
             crate::operation::get_caller_identity::GetCallerIdentityError,
             ::aws_smithy_runtime_api::client::orchestrator::HttpResponse,

↧ Expand context

         >,
     > {
         let mut fluent_builder = client.get_caller_identity();
         fluent_builder.inner = self;
         fluent_builder.send().await
-21
+    }
-22
+}
 /// Fluent builder constructing a request to `GetCallerIdentity`.
 ///
 /// <p>Returns details about the IAM user or role whose credentials are used to call the operation.</p><note>
 /// <p>No permissions are required to perform this operation. If an administrator attaches a policy to your identity that explicitly denies access to the <code>sts:GetCallerIdentity</code> action, you can still perform this operation. Permissions are not required because the same information is returned when access is denied. To view an example response, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa">I Am Not Authorized to Perform: iam:DeleteVirtualMFADevice</a> in the <i>IAM User Guide</i>.</p>
 /// </note>
 #[derive(::std::clone::Clone, ::std::fmt::Debug)]
 pub struct GetCallerIdentityFluentBuilder {
     handle: ::std::sync::Arc<crate::client::Handle>,
     inner: crate::operation::get_caller_identity::builders::GetCallerIdentityInputBuilder,
     config_override: ::std::option::Option<crate::config::Builder>,
-33
+}
 impl
     crate::client::customize::internal::CustomizableSend<

tmp-codegen-diff/aws-sdk/sdk/sts/src/operation/get_federation_token.rs

@@ -349,349 +388,388 @@

↥ Expand context

         ::std::option::Option::None
-350
+    }
-351
+}
 impl ::aws_smithy_types::error::metadata::ProvideErrorMetadata for GetFederationTokenError {
     fn meta(&self) -> &::aws_smithy_types::error::ErrorMetadata {
         match self {
             Self::MalformedPolicyDocumentException(_inner) => ::aws_smithy_types::error::metadata::ProvideErrorMetadata::meta(_inner),
             Self::PackedPolicyTooLargeException(_inner) => ::aws_smithy_types::error::metadata::ProvideErrorMetadata::meta(_inner),
             Self::RegionDisabledException(_inner) => ::aws_smithy_types::error::metadata::ProvideErrorMetadata::meta(_inner),
             Self::Unhandled(_inner) => &_inner.meta,
-359
+        }
-360
+    }
-361
+}
 impl ::aws_smithy_runtime_api::client::result::CreateUnhandledError for GetFederationTokenError {
     fn create_unhandled_error(
         source: ::std::boxed::Box<dyn ::std::error::Error + ::std::marker::Send + ::std::marker::Sync + 'static>,
         meta: ::std::option::Option<::aws_smithy_types::error::ErrorMetadata>,
     ) -> Self {
         Self::Unhandled(crate::error::sealed_unhandled::Unhandled {
             source,

             meta: meta.unwrap_or_default(),
         })
-371
+    }
-372
+}
 impl ::aws_types::request_id::RequestId for crate::operation::get_federation_token::GetFederationTokenError {
     fn request_id(&self) -> Option<&str> {
         self.meta().request_id()
-376
+    }
-377
+}
-378
 pub use crate::operation::get_federation_token::_get_federation_token_output::GetFederationTokenOutput;
--
 pub use crate::operation::get_federation_token::_get_federation_token_input::GetFederationTokenInput;
-380
 pub use crate::operation::get_federation_token::_get_federation_token_output::GetFederationTokenOutput;
-+
 mod _get_federation_token_input;
-384
 mod _get_federation_token_output;
-386
 /// Builders
 pub mod builders;

tmp-codegen-diff/aws-sdk/sdk/sts/src/operation/get_federation_token/builders.rs

@@ -1,1 +35,35 @@

 // Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
 pub use crate::operation::get_federation_token::_get_federation_token_output::GetFederationTokenOutputBuilder;
--
 pub use crate::operation::get_federation_token::_get_federation_token_input::GetFederationTokenInputBuilder;
-3
 pub use crate::operation::get_federation_token::_get_federation_token_output::GetFederationTokenOutputBuilder;
-+
 impl crate::operation::get_federation_token::builders::GetFederationTokenInputBuilder {
     /// Sends a request with this input using the given client.
     pub async fn send_with(
         self,
         client: &crate::Client,
     ) -> ::std::result::Result<
         crate::operation::get_federation_token::GetFederationTokenOutput,
         ::aws_smithy_runtime_api::client::result::SdkError<
             crate::operation::get_federation_token::GetFederationTokenError,
             ::aws_smithy_runtime_api::client::orchestrator::HttpResponse,

↧ Expand context

         >,
     > {
         let mut fluent_builder = client.get_federation_token();
         fluent_builder.inner = self;
         fluent_builder.send().await
-21
+    }
-22
+}
 /// Fluent builder constructing a request to `GetFederationToken`.
 ///
 /// <p>Returns a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a user. A typical use is in a proxy application that gets temporary security credentials on behalf of distributed applications inside a corporate network.</p>
 /// <p>You must call the <code>GetFederationToken</code> operation using the long-term security credentials of an IAM user. As a result, this call is appropriate in contexts where those credentials can be safeguarded, usually in a server-based application. For a comparison of <code>GetFederationToken</code> with the other API operations that produce temporary credentials, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html">Requesting Temporary Security Credentials</a> and <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_sts-comparison.html">Compare STS credentials</a> in the <i>IAM User Guide</i>.</p>
 /// <p>Although it is possible to call <code>GetFederationToken</code> using the security credentials of an Amazon Web Services account root user rather than an IAM user that you create for the purpose of a proxy application, we do not recommend it. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials">Safeguard your root user credentials and don't use them for everyday tasks</a> in the <i>IAM User Guide</i>.</p><note>
 /// <p>You can create a mobile-based or browser-based app that can authenticate users using a web identity provider like Login with Amazon, Facebook, Google, or an OpenID Connect-compatible identity provider. In this case, we recommend that you use <a href="http://aws.amazon.com/cognito/">Amazon Cognito</a> or <code>AssumeRoleWithWebIdentity</code>. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity">Federation Through a Web-based Identity Provider</a> in the <i>IAM User Guide</i>.</p>
 /// </note>
 /// <p><b>Session duration</b></p>
 /// <p>The temporary credentials are valid for the specified duration, from 900 seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours). The default session duration is 43,200 seconds (12 hours). Temporary credentials obtained by using the root user credentials have a maximum duration of 3,600 seconds (1 hour).</p>
 /// <p><b>Permissions</b></p>
 /// <p>You can use the temporary credentials created by <code>GetFederationToken</code> in any Amazon Web Services service with the following exceptions:</p>
 /// <ul>
 /// <li>

tmp-codegen-diff/aws-sdk/sdk/sts/src/operation/get_session_token.rs

@@ -328,328 +367,367 @@

↥ Expand context

-328
+    }
     fn retryable_error_kind(&self) -> ::std::option::Option<::aws_smithy_types::retry::ErrorKind> {
         ::std::option::Option::None
-331
+    }
-332
+}
 impl ::aws_smithy_types::error::metadata::ProvideErrorMetadata for GetSessionTokenError {
     fn meta(&self) -> &::aws_smithy_types::error::ErrorMetadata {
         match self {
             Self::RegionDisabledException(_inner) => ::aws_smithy_types::error::metadata::ProvideErrorMetadata::meta(_inner),
             Self::Unhandled(_inner) => &_inner.meta,
-338
+        }
-339
+    }
-340
+}
 impl ::aws_smithy_runtime_api::client::result::CreateUnhandledError for GetSessionTokenError {
     fn create_unhandled_error(
         source: ::std::boxed::Box<dyn ::std::error::Error + ::std::marker::Send + ::std::marker::Sync + 'static>,
         meta: ::std::option::Option<::aws_smithy_types::error::ErrorMetadata>,
     ) -> Self {
         Self::Unhandled(crate::error::sealed_unhandled::Unhandled {
             source,

             meta: meta.unwrap_or_default(),
         })
-350
+    }
-351
+}
 impl ::aws_types::request_id::RequestId for crate::operation::get_session_token::GetSessionTokenError {
     fn request_id(&self) -> Option<&str> {
         self.meta().request_id()
-355
+    }
-356
+}
-357
 pub use crate::operation::get_session_token::_get_session_token_output::GetSessionTokenOutput;
--
 pub use crate::operation::get_session_token::_get_session_token_input::GetSessionTokenInput;
-359
 pub use crate::operation::get_session_token::_get_session_token_output::GetSessionTokenOutput;
-+
 mod _get_session_token_input;
-363
 mod _get_session_token_output;
-365
 /// Builders
 pub mod builders;

tmp-codegen-diff/aws-sdk/sdk/sts/src/operation/get_session_token/builders.rs

@@ -1,1 +35,35 @@

 // Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
 pub use crate::operation::get_session_token::_get_session_token_output::GetSessionTokenOutputBuilder;
--
 pub use crate::operation::get_session_token::_get_session_token_input::GetSessionTokenInputBuilder;
-3
 pub use crate::operation::get_session_token::_get_session_token_output::GetSessionTokenOutputBuilder;
-+
 impl crate::operation::get_session_token::builders::GetSessionTokenInputBuilder {
     /// Sends a request with this input using the given client.
     pub async fn send_with(
         self,
         client: &crate::Client,
     ) -> ::std::result::Result<
         crate::operation::get_session_token::GetSessionTokenOutput,
         ::aws_smithy_runtime_api::client::result::SdkError<
             crate::operation::get_session_token::GetSessionTokenError,
             ::aws_smithy_runtime_api::client::orchestrator::HttpResponse,

↧ Expand context

         >,
     > {
         let mut fluent_builder = client.get_session_token();
         fluent_builder.inner = self;
         fluent_builder.send().await
-21
+    }
-22
+}
 /// Fluent builder constructing a request to `GetSessionToken`.
 ///
 /// <p>Returns a set of temporary credentials for an Amazon Web Services account or IAM user. The credentials consist of an access key ID, a secret access key, and a security token. Typically, you use <code>GetSessionToken</code> if you want to use MFA to protect programmatic calls to specific Amazon Web Services API operations like Amazon EC2 <code>StopInstances</code>.</p>
 /// <p>MFA-enabled IAM users must call <code>GetSessionToken</code> and submit an MFA code that is associated with their MFA device. Using the temporary security credentials that the call returns, IAM users can then make programmatic calls to API operations that require MFA authentication. An incorrect MFA code causes the API to return an access denied error. For a comparison of <code>GetSessionToken</code> with the other API operations that produce temporary credentials, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html">Requesting Temporary Security Credentials</a> and <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_sts-comparison.html">Compare STS credentials</a> in the <i>IAM User Guide</i>.</p><note>
 /// <p>No permissions are required for users to perform this operation. The purpose of the <code>sts:GetSessionToken</code> operation is to authenticate the user using MFA. You cannot use policies to control authentication operations. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_getsessiontoken.html">Permissions for GetSessionToken</a> in the <i>IAM User Guide</i>.</p>
 /// </note>
 /// <p><b>Session Duration</b></p>
 /// <p>The <code>GetSessionToken</code> operation must be called by using the long-term Amazon Web Services security credentials of an IAM user. Credentials that are created by IAM users are valid for the duration that you specify. This duration can range from 900 seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours), with a default of 43,200 seconds (12 hours). Credentials based on account credentials can range from 900 seconds (15 minutes) up to 3,600 seconds (1 hour), with a default of 1 hour.</p>
 /// <p><b>Permissions</b></p>
 /// <p>The temporary security credentials created by <code>GetSessionToken</code> can be used to make API calls to any Amazon Web Services service with the following exceptions:</p>
 /// <ul>
 /// <li>
 /// <p>You cannot call any IAM API operations unless MFA authentication information is included in the request.</p></li>

tmp-codegen-diff/aws-sdk/sdk/sts/src/primitives.rs

@@ -1,1 +6,7 @@

 // Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
 pub use ::aws_smithy_types::date_time::Format as DateTimeFormat;
 pub use ::aws_smithy_types::Blob;
 pub use ::aws_smithy_types::DateTime;
-5
 /// Event stream related primitives such as `Message` or `Header`.
 pub mod event_stream;

tmp-codegen-diff/aws-sdk/sdk/sts/src/types.rs

@@ -1,1 +30,30 @@

 // Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
 pub use crate::types::_credentials::Credentials;
-3
 pub use crate::types::_federated_user::FederatedUser;
--
 pub use crate::types::_tag::Tag;
 pub use crate::types::_assumed_role_user::AssumedRoleUser;
-5
 pub use crate::types::_policy_descriptor_type::PolicyDescriptorType;
-7
 pub use crate::types::_assumed_role_user::AssumedRoleUser;
 pub use crate::types::_federated_user::FederatedUser;
-+
 pub use crate::types::_tag::Tag;
-11
 pub use crate::types::_provided_context::ProvidedContext;
-13
 mod _assumed_role_user;
-15
 mod _credentials;
-17
 mod _federated_user;
-19
 mod _policy_descriptor_type;

↧ Expand context

-21
 mod _provided_context;
-23
 mod _tag;
-25
 /// Builders
 pub mod builders;
-28
 /// Error types that AWS Security Token Service can respond with.
 pub mod error;

tmp-codegen-diff/aws-sdk/sdk/sts/src/types/builders.rs

@@ -1,1 +12,12 @@

 // Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
 pub use crate::types::_credentials::CredentialsBuilder;
-3
 pub use crate::types::_federated_user::FederatedUserBuilder;
--
 pub use crate::types::_tag::TagBuilder;
 pub use crate::types::_assumed_role_user::AssumedRoleUserBuilder;
-5
 pub use crate::types::_policy_descriptor_type::PolicyDescriptorTypeBuilder;
-7
 pub use crate::types::_assumed_role_user::AssumedRoleUserBuilder;
 pub use crate::types::_federated_user::FederatedUserBuilder;
-+
 pub use crate::types::_tag::TagBuilder;
-11
 pub use crate::types::_provided_context::ProvidedContextBuilder;

tmp-codegen-diff/aws-sdk/sdk/sts/src/types/error.rs

@@ -1,1 +35,35 @@

 // Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
 pub use crate::types::error::_region_disabled_exception::RegionDisabledException;
--
 pub use crate::types::error::_packed_policy_too_large_exception::PackedPolicyTooLargeException;
 pub use crate::types::error::_expired_token_exception::ExpiredTokenException;
-3
 pub use crate::types::error::_malformed_policy_document_exception::MalformedPolicyDocumentException;
-5
 pub use crate::types::error::_invalid_authorization_message_exception::InvalidAuthorizationMessageException;
--
 pub use crate::types::error::_expired_token_exception::ExpiredTokenException;
 pub use crate::types::error::_packed_policy_too_large_exception::PackedPolicyTooLargeException;
-7
 pub use crate::types::error::_invalid_identity_token_exception::InvalidIdentityTokenException;
 pub use crate::types::error::_region_disabled_exception::RegionDisabledException;
-9
 pub use crate::types::error::_idp_rejected_claim_exception::IdpRejectedClaimException;
-11
 pub use crate::types::error::_invalid_identity_token_exception::InvalidIdentityTokenException;
-+
 pub use crate::types::error::_idp_communication_error_exception::IdpCommunicationErrorException;
-15
 pub use crate::types::error::_invalid_authorization_message_exception::InvalidAuthorizationMessageException;
-+
 mod _expired_token_exception;
-19
 mod _idp_communication_error_exception;
-21
 mod _idp_rejected_claim_exception;
-23
 mod _invalid_authorization_message_exception;
-25
 mod _invalid_identity_token_exception;
-27

↧ Expand context

 mod _malformed_policy_document_exception;
-29
 mod _packed_policy_too_large_exception;
-31
 mod _region_disabled_exception;
-33
 /// Builders
 pub mod builders;

AWS SDK

Files changed: