From 7347bac4ab7e136157fc94777e6cf87ef9e08599 Mon Sep 17 00:00:00 2001 From: Zhineng Li Date: Fri, 13 Feb 2026 10:54:11 +0800 Subject: first commit --- data/en_us/ims/2019-08-15/api-docs.php | 19731 +++++++++++++++++++++++++++++++ 1 file changed, 19731 insertions(+) create mode 100644 data/en_us/ims/2019-08-15/api-docs.php (limited to 'data/en_us/ims/2019-08-15/api-docs.php') diff --git a/data/en_us/ims/2019-08-15/api-docs.php b/data/en_us/ims/2019-08-15/api-docs.php new file mode 100644 index 0000000..43ed24e --- /dev/null +++ b/data/en_us/ims/2019-08-15/api-docs.php @@ -0,0 +1,19731 @@ + '1.0', + 'info' => [ + 'style' => 'RPC', + 'product' => 'Ims', + 'version' => '2019-08-15', + ], + 'directories' => [ + [ + 'children' => [ + [ + 'children' => [ + 'GetAccountSummary', + ], + 'type' => 'directory', + 'title' => 'RAM user', + ], + ], + 'type' => 'directory', + 'title' => 'User management', + ], + [ + 'children' => [ + 'SetUserSsoSettings', + 'GetUserSsoSettings', + 'CreateSAMLProvider', + 'UpdateSAMLProvider', + 'GetSAMLProvider', + 'CreateOIDCProvider', + ], + 'type' => 'directory', + 'title' => 'SSO management', + ], + [ + 'children' => [ + 'CreateApplication', + 'GetApplication', + 'UpdateApplication', + 'ListApplications', + ], + 'type' => 'directory', + 'title' => 'OAuth management', + ], + [ + 'children' => [ + 'AddClientIdToOIDCProvider', + 'AddFingerprintToOIDCProvider', + 'AddUserToGroup', + 'BindMFADevice', + 'ChangePassword', + 'CreateAccessKey', + 'CreateAppSecret', + 'CreateGroup', + 'CreateLoginProfile', + 'CreateUser', + 'CreateVirtualMFADevice', + 'DeleteAccessKey', + 'DeleteAccessKeyInRecycleBin', + 'DeleteAppSecret', + 'DeleteApplication', + 'DeleteGroup', + 'DeleteLoginProfile', + 'DeleteOIDCProvider', + 'DeletePasskey', + 'DeleteSAMLProvider', + 'DeleteUser', + 'DeleteUserInRecycleBin', + 'DeleteVirtualMFADevice', + 'DeprovisionApplication', + 'DeprovisionExternalApplication', + 'DisableVirtualMFA', + 'GenerateCredentialReport', + 'GenerateGovernanceReport', + 'GetAccessKeyInfoInRecycleBin', + 'GetAccessKeyLastUsed', + 'GetAccountMFAInfo', + 'GetAccountSecurityPracticeReport', + 'GetAppSecret', + 'GetApplicationProvisionInfo', + 'GetCredentialReport', + 'GetDefaultDomain', + 'GetExternalApplication', + 'GetGovernanceItemReport', + 'GetGovernanceReportStatus', + 'GetGroup', + 'GetLoginProfile', + 'GetOIDCProvider', + 'GetPasswordPolicy', + 'GetSecurityPreference', + 'GetUser', + 'GetUserInRecycleBin', + 'GetUserMFAInfo', + 'GetVerificationInfo', + 'ListAccessKeys', + 'ListAccessKeysInRecycleBin', + 'ListAppSecretIds', + 'ListApplicationProvisionInfos', + 'ListExternalApplications', + 'ListGroups', + 'ListGroupsForUser', + 'ListOIDCProviders', + 'ListPasskeys', + 'ListPredefinedScopes', + 'ListRecentGovernanceMetrics', + 'ListSAMLProviders', + 'ListTagResources', + 'ListUserBasicInfos', + 'ListUsers', + 'ListUsersForGroup', + 'ListUsersInRecycleBin', + 'ListVirtualMFADevices', + 'ProvisionApplication', + 'ProvisionExternalApplication', + 'RemoveClientIdFromOIDCProvider', + 'RemoveFingerprintFromOIDCProvider', + 'RemoveUserFromGroup', + 'RestoreAccessKeyFromRecycleBin', + 'RestoreUserFromRecycleBin', + 'SetDefaultDomain', + 'SetPasswordPolicy', + 'SetSecurityPreference', + 'SetVerificationInfo', + 'TagResources', + 'UnbindMFADevice', + 'UnbindVerification', + 'UntagResources', + 'UpdateAccessKey', + 'UpdateGroup', + 'UpdateLoginProfile', + 'UpdateOIDCProvider', + 'UpdatePasskey', + 'UpdateUser', + ], + 'title' => 'Others', + 'type' => 'directory', + ], + ], + 'components' => [ + 'schemas' => [], + ], + 'apis' => [ + 'AddClientIdToOIDCProvider' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'OIDCProviderName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + ], + [ + 'name' => 'ClientId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The client ID that you want to add.'."\n" + ."\n" + .'The client ID can contain letters, digits, and special characters and cannot start with the special characters. The special characters are `periods, (.), hyphens (-), underscores (_), colons (:), and forward slashes (/)`.``'."\n" + ."\n" + .'The client ID can be up to 128 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => '598469743454717****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'B49B8FA7-87FC-5308-AE75-5EC9E36C360A', + 'title' => '', + ], + 'OIDCProvider' => [ + 'description' => 'The information about the OIDC IdP.'."\n", + 'type' => 'object', + 'properties' => [ + 'UpdateDate' => [ + 'description' => 'The time when the OIDC IdP was modified. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-12T08:38:29Z', + 'title' => '', + ], + 'Description' => [ + 'description' => 'The description of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'This is a new OIDC Provider.', + 'title' => '', + ], + 'OIDCProviderName' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the OIDC IdP was created. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-11T06:56:03Z', + 'title' => '', + ], + 'Arn' => [ + 'description' => 'The Alibaba Cloud Resource Name (ARN) of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'acs:ram::177242285274****:oidc-provider/TestOIDCProvider', + 'title' => '', + ], + 'IssuerUrl' => [ + 'description' => 'The URL of the issuer.'."\n", + 'type' => 'string', + 'example' => 'https://dev-xxxxxx.okta.com', + 'title' => '', + ], + 'Fingerprints' => [ + 'description' => 'The fingerprint of the HTTPS certificate. If multiple fingerprints are returned, the fingerprints are separated by commas (,).'."\n", + 'type' => 'string', + 'example' => '902ef2deeb3c5b13ea4c3d5193629309e231****', + 'title' => '', + ], + 'ClientIds' => [ + 'description' => 'The ID of the client. If multiple client IDs are returned, the client IDs are separated by commas (,).'."\n", + 'type' => 'string', + 'example' => '498469743454717****,598469743454717****', + 'title' => '', + ], + 'GmtCreate' => [ + 'description' => 'The timestamp when the OIDC IdP was created.'."\n", + 'type' => 'string', + 'example' => '1636613763000', + 'title' => '', + ], + 'GmtModified' => [ + 'description' => 'The timestamp when the OIDC IdP was modified.'."\n", + 'type' => 'string', + 'example' => '1636706309000', + 'title' => '', + ], + 'IssuanceLimitTime' => [ + 'description' => 'The earliest time when an external IdP can issue an ID token. If the value of the iat field in the ID token is later than the current time, the request is rejected. Unit: hours. Valid values: 1 to 168.'."\n", + 'type' => 'integer', + 'format' => 'int64', + 'example' => '12', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"B49B8FA7-87FC-5308-AE75-5EC9E36C360A\\",\\n \\"OIDCProvider\\": {\\n \\"UpdateDate\\": \\"2021-11-12T08:38:29Z\\",\\n \\"Description\\": \\"This is a new OIDC Provider.\\",\\n \\"OIDCProviderName\\": \\"TestOIDCProvider\\",\\n \\"CreateDate\\": \\"2021-11-11T06:56:03Z\\",\\n \\"Arn\\": \\"acs:ram::177242285274****:oidc-provider/TestOIDCProvider\\",\\n \\"IssuerUrl\\": \\"https://dev-xxxxxx.okta.com\\",\\n \\"Fingerprints\\": \\"902ef2deeb3c5b13ea4c3d5193629309e231****\\",\\n \\"ClientIds\\": \\"498469743454717****,598469743454717****\\",\\n \\"GmtCreate\\": \\"1636613763000\\",\\n \\"GmtModified\\": \\"1636706309000\\",\\n \\"IssuanceLimitTime\\": 12\\n }\\n}","errorExample":""},{"type":"xml","example":"\\n B49B8FA7-87FC-5308-AE75-5EC9E36C360A\\n \\n 2021-11-12T08:38:29Z\\n This is a new OIDC Provider.\\n TestOIDCProvider\\n 2021-11-11T06:56:03Z\\n acs:ram::177242285274****:oidc-provider/TestOIDCProvider\\n https://dev-xxxxxx.okta.com\\n 902ef2deeb3c5b13ea4c3d5193629309e231****\\n 498469743454717****,598469743454717****\\n 1636613763000\\n 1636706309000\\n \\n","errorExample":""}]', + 'title' => 'AddClientIdToOIDCProvider', + 'summary' => 'Adds a client ID to an OpenID Connect (OIDC) identity provider (IdP).', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:AddClientIdToOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + ], + ], + ], + ], + ], + 'AddFingerprintToOIDCProvider' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'OIDCProviderName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + ], + [ + 'name' => 'Fingerprint', + 'in' => 'query', + 'schema' => [ + 'description' => 'The fingerprint of the HTTPS CA certificate.'."\n" + ."\n" + .'The fingerprint can contain letters and digits.'."\n" + ."\n" + .'The fingerprint can be up to 128 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => '902ef2deeb3c5b13ea4c3d5193629309e231****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '4B809BBC-0E78-544A-A91A-648926412E3E', + 'title' => '', + ], + 'OIDCProvider' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'object', + 'properties' => [ + 'UpdateDate' => [ + 'description' => 'The time when the OIDC IdP was modified. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-12T08:38:29Z', + 'title' => '', + ], + 'Description' => [ + 'description' => 'The description of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'This is a new OIDC Provider.', + 'title' => '', + ], + 'OIDCProviderName' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the OIDC IdP was created. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-11T06:56:03Z', + 'title' => '', + ], + 'Arn' => [ + 'description' => 'The Alibaba Cloud Resource Name (ARN) of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'acs:ram::177242285274****:oidc-provider/OIDCProvider', + 'title' => '', + ], + 'IssuerUrl' => [ + 'description' => 'The URL of the issuer.'."\n", + 'type' => 'string', + 'example' => 'https://dev-xxxxxx.okta.com', + 'title' => '', + ], + 'Fingerprints' => [ + 'description' => 'The fingerprint of the HTTPS certificate. If multiple fingerprints are returned, the fingerprints are separated by commas (,).'."\n", + 'type' => 'string', + 'example' => '502ef2deeb3c5b13ea4c3d5193629309e231****,902ef2deeb3c5b13ea4c3d5193629309e231****', + 'title' => '', + ], + 'ClientIds' => [ + 'description' => 'The ID of the client. If multiple client IDs are returned, the client IDs are separated by commas (,).'."\n", + 'type' => 'string', + 'example' => '498469743454717****', + 'title' => '', + ], + 'GmtCreate' => [ + 'description' => 'The timestamp when the OIDC IdP was created.'."\n", + 'type' => 'string', + 'example' => '1636613763000', + 'title' => '', + ], + 'GmtModified' => [ + 'description' => 'The timestamp when the OIDC IdP was modified.'."\n", + 'type' => 'string', + 'example' => '1636706309000', + 'title' => '', + ], + 'IssuanceLimitTime' => [ + 'description' => 'The earliest time when an external IdP can issue an ID token. If the value of the iat field in the ID token is later than the current time, the request is rejected. Unit: hours. Valid values: 1 to 168.'."\n", + 'type' => 'integer', + 'format' => 'int64', + 'example' => '12', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"4B809BBC-0E78-544A-A91A-648926412E3E\\",\\n \\"OIDCProvider\\": {\\n \\"UpdateDate\\": \\"2021-11-12T08:38:29Z\\",\\n \\"Description\\": \\"This is a new OIDC Provider.\\",\\n \\"OIDCProviderName\\": \\"TestOIDCProvider\\",\\n \\"CreateDate\\": \\"2021-11-11T06:56:03Z\\",\\n \\"Arn\\": \\"acs:ram::177242285274****:oidc-provider/OIDCProvider\\",\\n \\"IssuerUrl\\": \\"https://dev-xxxxxx.okta.com\\",\\n \\"Fingerprints\\": \\"502ef2deeb3c5b13ea4c3d5193629309e231****,902ef2deeb3c5b13ea4c3d5193629309e231****\\",\\n \\"ClientIds\\": \\"498469743454717****\\",\\n \\"GmtCreate\\": \\"1636613763000\\",\\n \\"GmtModified\\": \\"1636706309000\\",\\n \\"IssuanceLimitTime\\": 12\\n }\\n}","errorExample":""},{"type":"xml","example":"\\n 4B809BBC-0E78-544A-A91A-648926412E3E\\n \\n 2021-11-12T08:38:29Z\\n This is a new OIDC Provider.\\n TestOIDCProvider\\n 2021-11-11T06:56:03Z\\n acs:ram::177242285274****:oidc-provider/OIDCProvider\\n https://dev-xxxxxx.okta.com\\n 502ef2deeb3c5b13ea4c3d5193629309e231****,902ef2deeb3c5b13ea4c3d5193629309e231****\\n 498469743454717****\\n 1636613763000\\n 1636706309000\\n \\n","errorExample":""}]', + 'title' => 'AddFingerprintToOIDCProvider', + 'summary' => 'Adds a fingerprint to an OpenID Connect (OIDC) identity provider (IdP).', + 'description' => '###'."\n" + ."\n" + .'This topic provides an example on how to add the fingerprint `902ef2deeb3c5b13ea4c3d5193629309e231****` to the OIDC IdP named `TestOIDCProvider`.'."\n", + 'requestParamsDescription' => 'For more information about common request parameters, see [API Reference](~~187377~~).'."\n", + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:AddFingerprintToOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + ], + ], + ], + ], + ], + 'AddUserToGroup' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram3V29VK', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'GroupName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the RAM user group.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'Test-Team', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '85836703-8D4F-485F-9726-4D1C730F957E', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"85836703-8D4F-485F-9726-4D1C730F957E\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n 85836703-8D4F-485F-9726-4D1C730F957E\\r\\n","errorExample":""}]', + 'title' => 'AddUserToGroup', + 'summary' => 'Adds a Resource Access Management (RAM) user to a RAM user group.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:AddUserToGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/{#GroupName}', + ], + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'BindMFADevice' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '7428', + 'abilityTreeNodes' => [ + 'FEATUREramCFN0GB', + ], + 'autoTest' => false, + 'notSupportAutoTestReason' => '无法通过测试平台自动生成MFA Code', + ], + 'parameters' => [ + [ + 'name' => 'SerialNumber', + 'in' => 'query', + 'schema' => [ + 'description' => 'The serial number of the MFA device.'."\n" + ."\n" + .'> You can call the [CreateVirtualMFADevice](~~186179~~) operation to obtain the serial number of the MFA device.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'acs:ram::177242285274****:mfa/device001', + 'title' => '', + ], + ], + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'AuthenticationCode1', + 'in' => 'query', + 'schema' => [ + 'description' => 'The first verification code.'."\n" + ."\n" + .'> You can call the [CreateVirtualMFADevice](~~186179~~) operation to create an MFA device and generate a key (value of `Base32StringSeed`). Then, use the key on the Alibaba Cloud app to manually add an MFA device, and obtain the two consecutive verification codes.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => '123456', + 'title' => '', + ], + ], + [ + 'name' => 'AuthenticationCode2', + 'in' => 'query', + 'schema' => [ + 'description' => 'The second verification code.'."\n" + ."\n" + .'> You can call the [CreateVirtualMFADevice](~~186179~~) operation to create an MFA device and generate a key (value of `Base32StringSeed`). Then, use the key on the Alibaba Cloud app to manually add an MFA device, and obtain the two consecutive verification codes.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => false, + 'example' => '654321', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC\\r\\n","errorExample":""}]', + 'title' => 'BindMFADevice', + 'summary' => 'Binds a multi-factor authentication (MFA) device to a Resource Access Management (RAM) user.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:BindMFADevice', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'ChangePassword' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '7429', + 'abilityTreeNodes' => [ + 'FEATUREramFSAEMQ', + ], + 'autoTest' => false, + 'notSupportAutoTestReason' => '该API只支持子用户调用,企业级能力验证时无法通过测试平台使用子用户的凭证调用API', + ], + 'parameters' => [ + [ + 'name' => 'OldPassword', + 'in' => 'query', + 'schema' => [ + 'description' => 'The old password that is used to log on to the console.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'mypassword', + 'title' => '', + ], + ], + [ + 'name' => 'NewPassword', + 'in' => 'query', + 'schema' => [ + 'description' => 'The new password that is used to log on to the console.'."\n" + ."\n" + .'The password must meet the complexity requirements. For more information, see [GetPasswordPolicy](~~186691~~).'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'newpassword', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '04F0F334-1335-436C-A1D7-6C044FE73368', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"04F0F334-1335-436C-A1D7-6C044FE73368\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\t04F0F334-1335-436C-A1D7-6C044FE73368\\r\\n","errorExample":""}]', + 'title' => 'ChangePassword', + 'summary' => 'Changes the password that is used to log on to the console for a Resource Access Management (RAM) user.', + 'description' => '> This operation is available only for RAM users. Before you call this operation, make sure that `AllowUserToChangePassword` in [SetSecurityPreference](~~43765~~) is set to `True`. The value True indicates that RAM users can manage their passwords.'."\n", + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:ChangePassword', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'CreateAccessKey' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram6Y0S22', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n" + ."\n" + .'If this parameter is empty, an AccessKey pair is created for the current user.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '19DDD9F7-AFCC-4D72-8CBA-CCE5A142E7AB', + 'title' => '', + ], + 'AccessKey' => [ + 'description' => 'The information about the AccessKey pair.'."\n", + 'type' => 'object', + 'properties' => [ + 'Status' => [ + 'description' => 'The status of the AccessKey pair. Valid values:'."\n" + ."\n" + .'* Active'."\n" + .'* Inactive'."\n", + 'type' => 'string', + 'example' => 'Active', + 'title' => '', + ], + 'AccessKeySecret' => [ + 'description' => 'The AccessKey secret.'."\n", + 'type' => 'string', + 'example' => 'yourAccessKeySecret', + 'title' => '', + ], + 'AccessKeyId' => [ + 'description' => 'The AccessKey ID.'."\n", + 'type' => 'string', + 'example' => 'yourAccessKeyID', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the AccessKey pair was created.'."\n", + 'type' => 'string', + 'example' => '2020-10-15T08:08:54Z', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"19DDD9F7-AFCC-4D72-8CBA-CCE5A142E7AB\\",\\n \\"AccessKey\\": {\\n \\"Status\\": \\"Active\\",\\n \\"AccessKeySecret\\": \\"yourAccessKeySecret\\",\\n \\"AccessKeyId\\": \\"yourAccessKeyID\\",\\n \\"CreateDate\\": \\"2020-10-15T08:08:54Z\\"\\n }\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\t19DDD9F7-AFCC-4D72-8CBA-CCE5A142E7AB\\r\\n\\t\\r\\n\\t\\tActive\\r\\n\\t\\tLTAI4G3HaMmeHpay2gcq****\\r\\n\\t\\tY3MSLE6OgizS4qrz5LVFDoyZEL****\\r\\n\\t\\t2020-10-15T08:08:54Z\\r\\n\\t\\r\\n\\r\\n\\t\\r\\n","errorExample":""}]', + 'title' => 'CreateAccessKey', + 'summary' => 'Creates an AccessKey pair for an Alibaba Cloud account or a Resource Access Management (RAM) user.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateAccessKey', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'CreateAppSecret' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramQ794FD', + ], + ], + 'parameters' => [ + [ + 'name' => 'AppId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => '472457090344041****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'EE46FC3C-3BDE-4771-B531-27B7B6EB533D', + 'title' => '', + ], + 'AppSecret' => [ + 'description' => 'The details of the application secret.'."\n", + 'type' => 'object', + 'properties' => [ + 'AppSecretValue' => [ + 'description' => 'The content of the application secret. This value can be used as the client secret for open authorization (OAuth).'."\n", + 'type' => 'string', + 'example' => 'ai78ZmmxnlUG1jXlBZRDFKos9DIjY4m17Q7dCpMwn1rqXsTGb1X1XmrmveMp****', + 'title' => '', + ], + 'AppId' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'example' => '472457090344041****', + 'title' => '', + ], + 'AppSecretId' => [ + 'description' => 'The ID of the application secret.'."\n", + 'type' => 'string', + 'example' => '2efd5004-005c-4f05-83c6-5b1dd176****', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The creation time.'."\n", + 'type' => 'string', + 'example' => '2020-10-26T02:52:31Z', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"EE46FC3C-3BDE-4771-B531-27B7B6EB533D\\",\\n \\"AppSecret\\": {\\n \\"AppSecretValue\\": \\"ai78ZmmxnlUG1jXlBZRDFKos9DIjY4m17Q7dCpMwn1rqXsTGb1X1XmrmveMp****\\",\\n \\"AppId\\": \\"472457090344041****\\",\\n \\"AppSecretId\\": \\"2efd5004-005c-4f05-83c6-5b1dd176****\\",\\n \\"CreateDate\\": \\"2020-10-26T02:52:31Z\\"\\n }\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\tEE46FC3C-3BDE-4771-B531-27B7B6EB533D\\r\\n\\t\\r\\n\\t\\t472457090344041****\\r\\n\\t\\tai78ZmmxnlUG1jXlBZRDFKos9DIjY4m17Q7dCpMwn1rqXsTGb1X1XmrmveMp****\\r\\n\\t\\t2efd5004-005c-4f05-83c6-5b1dd176****\\r\\n\\t\\t2020-10-26T02:52:31Z\\r\\n\\t\\r\\n\\t\\r\\n","errorExample":""}]', + 'title' => 'CreateAppSecret', + 'summary' => 'Creates an application secret for an application.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateAppSecret', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + ], + ], + 'CreateApplication' => [ + 'summary' => 'Creates an application.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramV0FSPT', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'DisplayName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The display name of the application.'."\n" + ."\n" + .'The name can be up to 24 characters in length.', + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'title' => '', + 'example' => 'myapp', + ], + ], + [ + 'name' => 'AppType', + 'in' => 'query', + 'schema' => [ + 'description' => 'The type of the application. Valid values:'."\n" + ."\n" + .'- WebApp: a web application that is based on browser interaction.'."\n" + ."\n" + .'- NativeApp: a native application that runs on an operating system, such as a desktop or mobile operating system.'."\n" + ."\n" + .'- ServerApp: an application that directly accesses Alibaba Cloud services without user logon. Currently, only applications that use the System for Cross-domain Identity Management (SCIM) protocol for user synchronization are supported.', + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'title' => '', + 'example' => 'WebApp', + ], + ], + [ + 'name' => 'RedirectUris', + 'in' => 'query', + 'schema' => [ + 'description' => 'The webhook address.'."\n" + ."\n" + .'To enter multiple webhook addresses, separate them with semicolons (;).', + 'type' => 'string', + 'required' => false, + 'title' => '', + 'example' => 'https://www.example.com', + ], + ], + [ + 'name' => 'SecretRequired', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether an application key is required. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false'."\n" + ."\n" + .'> * For WebApp and ServerApp applications, this parameter is forcibly set to \\`true\\` and cannot be changed.'."\n" + ."\n" + .'- For NativeApp applications, you can set this parameter to \\`true\\` or \\`false\\`. If you do not set this parameter, the default value is \\`false\\`. Because these applications often run in untrusted environments where application keys cannot be effectively protected, do not set this parameter to \\`true\\` unless necessary. For more information, see [Log on to Alibaba Cloud from a native application](~~93697~~).', + 'type' => 'boolean', + 'required' => false, + 'title' => '', + 'example' => 'true', + ], + ], + [ + 'name' => 'AccessTokenValidity', + 'in' => 'query', + 'schema' => [ + 'description' => 'The validity period of the access token.'."\n" + ."\n" + .'Valid values: 900 to 10800. Unit: seconds.'."\n" + ."\n" + .'Default value: 3600.', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'title' => '', + 'example' => '3600', + ], + ], + [ + 'name' => 'RefreshTokenValidity', + 'in' => 'query', + 'schema' => [ + 'description' => 'The validity period of the refresh token.'."\n" + ."\n" + .'Valid values: 7200 to 31536000. Unit: seconds.'."\n" + ."\n" + .'Default value:'."\n" + ."\n" + .'- For NativeApp and ServerApp applications, the default value is 2,592,000 seconds (30 days) if you leave this parameter empty.'."\n" + ."\n" + .'- For WebApp applications, the default value is 7,776,000 seconds (90 days) if you leave this parameter empty.', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'title' => '', + 'example' => '2592000', + ], + ], + [ + 'name' => 'PredefinedScopes', + 'in' => 'query', + 'schema' => [ + 'description' => 'The scopes of the application.'."\n" + ."\n" + .'For information about the valid values and descriptions of scopes, see [OAuth scopes](~~93693~~). You can also call the [ListPredefinedScopes](~~187206~~) operation to obtain the scopes that are supported by different application types.'."\n" + ."\n" + .'To enter multiple scopes, separate them with semicolons (;).', + 'type' => 'string', + 'required' => false, + 'title' => '', + 'example' => 'aliuid;profile', + ], + ], + [ + 'name' => 'RequiredScopes', + 'in' => 'query', + 'schema' => [ + 'description' => 'The required scopes.'."\n" + ."\n" + .'You can specify one or more scopes in `RequiredScopes` as required. When a user grants permissions to the application, the required scopes are selected by default and cannot be deselected.'."\n" + ."\n" + .'To enter multiple scopes, separate them with semicolons (;).'."\n" + ."\n" + .'> If a scope that you specify in `RequiredScopes` is not within the range of `PredefinedScopes`, the required setting for that scope does not take effect.', + 'type' => 'string', + 'required' => false, + 'title' => '', + 'example' => 'aliuid', + ], + ], + [ + 'name' => 'IsMultiTenant', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether the application can be installed by other Alibaba Cloud accounts. Valid values:'."\n" + ."\n" + .'- true: For NativeApp and ServerApp applications, the default value is \\`true\\` if you leave this parameter empty.'."\n" + ."\n" + .'- false: For WebApp applications, the default value is \\`false\\` if you leave this parameter empty.', + 'type' => 'boolean', + 'required' => false, + 'title' => '', + 'example' => 'false', + ], + ], + [ + 'name' => 'AppName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The application name.'."\n" + ."\n" + .'The name can be up to 64 characters in length and can contain letters, digits, periods (.), underscores (\\_), and hyphens (-).', + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'title' => '', + 'example' => 'myapp', + ], + ], + [ + 'name' => 'ProtocolVersion', + 'in' => 'query', + 'schema' => [ + 'type' => 'string', + 'description' => 'The OAuth protocol version of the application. Valid values:'."\n" + ."\n" + .'- `2.0`: OAuth 2.0.'."\n" + ."\n" + .'- `2.1`: OAuth 2.1.'."\n" + ."\n" + .'Default value: `2.0`.', + 'required' => false, + 'title' => '', + 'example' => '2.0', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'title' => '', + 'example' => '6616F09B-2768-4C11-8866-A8EE4C4A583E', + ], + 'Application' => [ + 'description' => 'The application information.', + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the application.', + 'type' => 'string', + 'title' => '', + 'example' => 'myapp', + ], + 'AccessTokenValidity' => [ + 'description' => 'The validity period of the access token. Unit: seconds.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '3600', + ], + 'SecretRequired' => [ + 'description' => 'Indicates whether an application key is required.', + 'type' => 'boolean', + 'title' => '', + 'example' => 'true', + ], + 'AccountId' => [ + 'description' => 'The ID of the Alibaba Cloud account to which the application belongs.', + 'type' => 'string', + 'title' => '', + 'example' => '177242285274****', + ], + 'CreateDate' => [ + 'description' => 'The time when the application was created.', + 'type' => 'string', + 'title' => '', + 'example' => '2020-10-23T08:06:57Z', + ], + 'AppName' => [ + 'description' => 'The application name.', + 'type' => 'string', + 'title' => '', + 'example' => 'myapp', + ], + 'RedirectUris' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'RedirectUri' => [ + 'description' => 'The webhook address.', + 'type' => 'array', + 'items' => [ + 'description' => 'The webhook address.', + 'type' => 'string', + 'title' => '', + 'example' => 'https://www.example.com', + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The time when the application was last updated.', + 'type' => 'string', + 'title' => '', + 'example' => '2020-10-23T08:06:57Z', + ], + 'DelegatedScope' => [ + 'description' => 'The information about the application scopes.', + 'type' => 'object', + 'properties' => [ + 'PredefinedScopes' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'PredefinedScope' => [ + 'description' => 'The information about the application scopes.', + 'type' => 'array', + 'items' => [ + 'description' => 'The information about the application scopes.', + 'type' => 'object', + 'properties' => [ + 'Description' => [ + 'description' => 'The description of the scope.', + 'type' => 'string', + 'title' => '', + 'example' => 'Obtain the OpenID of the user. This is the default permission that you cannot remove.', + ], + 'Required' => [ + 'description' => 'Indicates whether the scope is required by default when the application is installed. Valid values:'."\n" + ."\n" + .'- true: The scope is required.'."\n" + ."\n" + .'- false: The scope is not required.'."\n" + ."\n" + .'The `openid` scope is required by default.', + 'type' => 'boolean', + 'title' => '', + 'example' => 'true', + ], + 'Name' => [ + 'description' => 'The name of the scope.', + 'type' => 'string', + 'title' => '', + 'example' => 'openid', + ], + ], + 'title' => '', + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + 'title' => '', + ], + 'AppId' => [ + 'description' => 'The application ID.', + 'type' => 'string', + 'title' => '', + 'example' => '472457090344041****', + ], + 'RefreshTokenValidity' => [ + 'description' => 'The validity period of the refresh token. Unit: seconds.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '7776000', + ], + 'IsMultiTenant' => [ + 'description' => 'Indicates whether the application can be installed by other Alibaba Cloud accounts.', + 'type' => 'boolean', + 'title' => '', + 'example' => 'true', + ], + 'AppType' => [ + 'description' => 'The application type.', + 'type' => 'string', + 'title' => '', + 'example' => 'WebApp', + ], + 'ProtocolVersion' => [ + 'type' => 'string', + 'description' => 'The OAuth protocol version of the application. Valid values:'."\n" + ."\n" + .'- `2.0`: OAuth 2.0.'."\n" + ."\n" + .'- `2.1`: OAuth 2.1.', + 'title' => '', + 'example' => '2.0', + ], + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"6616F09B-2768-4C11-8866-A8EE4C4A583E\\",\\n \\"Application\\": {\\n \\"DisplayName\\": \\"myapp\\",\\n \\"AccessTokenValidity\\": 3600,\\n \\"SecretRequired\\": true,\\n \\"AccountId\\": \\"177242285274****\\",\\n \\"CreateDate\\": \\"2020-10-23T08:06:57Z\\",\\n \\"AppName\\": \\"myapp\\",\\n \\"RedirectUris\\": {\\n \\"RedirectUri\\": [\\n \\"https://www.example.com\\"\\n ]\\n },\\n \\"UpdateDate\\": \\"2020-10-23T08:06:57Z\\",\\n \\"DelegatedScope\\": {\\n \\"PredefinedScopes\\": {\\n \\"PredefinedScope\\": [\\n {\\n \\"Description\\": \\"Obtain the OpenID of the user. This is the default permission that you cannot remove.\\",\\n \\"Required\\": true,\\n \\"Name\\": \\"openid\\"\\n }\\n ]\\n }\\n },\\n \\"AppId\\": \\"472457090344041****\\",\\n \\"RefreshTokenValidity\\": 7776000,\\n \\"IsMultiTenant\\": true,\\n \\"AppType\\": \\"WebApp\\",\\n \\"ProtocolVersion\\": \\"2.0\\"\\n }\\n}","type":"json"}]', + 'title' => 'CreateApplication', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateApplication', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'CreateGroup' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramY5X059', + ], + ], + 'parameters' => [ + [ + 'name' => 'DisplayName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The display name of the RAM user group.'."\n" + ."\n" + .'The name can be up to 24 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'Dev-Team', + 'title' => '', + ], + ], + [ + 'name' => 'Comments', + 'in' => 'query', + 'schema' => [ + 'description' => 'The description.'."\n" + ."\n" + .'The description can be up to 128 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'Dev-Team', + 'title' => '', + ], + ], + [ + 'name' => 'GroupName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the RAM user group. You must specify this parameter.'."\n" + ."\n" + .'The name can be up to 64 characters in length and can contain letters, digits, periods (.), underscores (\\_), and hyphens (-).'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'Dev-Team', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'Group' => [ + 'description' => 'The information about the RAM user group.'."\n", + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the RAM user group.'."\n", + 'type' => 'string', + 'example' => 'Dev-Team', + 'title' => '', + ], + 'GroupId' => [ + 'description' => 'The ID of the RAM user group.'."\n", + 'type' => 'string', + 'example' => '740317625433843****', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The update time.'."\n", + 'type' => 'string', + 'example' => '2020-10-19T16:15:17Z', + 'title' => '', + ], + 'GroupName' => [ + 'description' => 'The name of the RAM user group.'."\n", + 'type' => 'string', + 'example' => 'Dev-Team', + 'title' => '', + ], + 'Comments' => [ + 'description' => 'The description.'."\n", + 'type' => 'string', + 'example' => 'Dev-Team', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The creation time.'."\n", + 'type' => 'string', + 'example' => '2020-10-19T16:15:17Z', + 'title' => '', + ], + ], + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '3C38192B-7BF8-45DA-8F0A-E670EA51426C', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"Group\\": {\\n \\"DisplayName\\": \\"Dev-Team\\",\\n \\"GroupId\\": \\"740317625433843****\\",\\n \\"UpdateDate\\": \\"2020-10-19T16:15:17Z\\",\\n \\"GroupName\\": \\"Dev-Team\\",\\n \\"Comments\\": \\"Dev-Team\\",\\n \\"CreateDate\\": \\"2020-10-19T16:15:17Z\\"\\n },\\n \\"RequestId\\": \\"3C38192B-7BF8-45DA-8F0A-E670EA51426C\\"\\n}","errorExample":""},{"type":"xml","example":"","errorExample":""}]', + 'title' => 'CreateGroup', + 'summary' => 'Creates a Resource Access Management (RAM) user group.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/*', + ], + ], + ], + ], + ], + ], + 'CreateLoginProfile' => [ + 'summary' => 'Creates a logon configuration for a Resource Access Management (RAM) user.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramFSAEMQ', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.', + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'Password', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon password for the RAM user.'."\n" + ."\n" + .'The password must meet the password strength requirements.', + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'mypassword', + 'title' => '', + ], + ], + [ + 'name' => 'PasswordResetRequired', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether the RAM user must reset the password at the next logon. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false (default)', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + 'title' => '', + ], + ], + [ + 'name' => 'MFABindRequired', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether the RAM user must enable multi-factor authentication (MFA). Valid values:'."\n" + ."\n" + .'- true: MFA is required. The RAM user must bind an MFA device at the next logon.'."\n" + ."\n" + .'- false (default): MFA is not required.', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + 'title' => '', + ], + ], + [ + 'name' => 'Status', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether to enable password-based logon for the console. Valid values:'."\n" + ."\n" + .'- Active (default): Enables logon.'."\n" + ."\n" + .'- Inactive: Disables logon.', + 'type' => 'string', + 'required' => false, + 'example' => 'Active', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => '29CB303C-1F05-43A6-A6BC-EBC5A797F8DB', + 'title' => '', + ], + 'LoginProfile' => [ + 'description' => 'The logon information for the console.', + 'type' => 'object', + 'properties' => [ + 'UserPrincipalName' => [ + 'description' => 'The logon name of the RAM user.', + 'type' => 'string', + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'Status' => [ + 'description' => 'Indicates whether password-based logon for the console is enabled or disabled.', + 'type' => 'string', + 'example' => 'Active', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The time when the logon configuration was last updated.', + 'type' => 'string', + 'example' => '2020-10-14T03:47:51Z', + 'title' => '', + ], + 'PasswordResetRequired' => [ + 'description' => 'Indicates whether the RAM user must reset the password at the next logon.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'MFABindRequired' => [ + 'description' => 'Indicates whether the RAM user is required to enable MFA.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'PasswordStatus' => [ + 'description' => 'The status of the initial password. This password is set when a logon configuration is created or when console logon is re-enabled.'."\n" + ."\n" + .'Valid values'."\n" + ."\n" + .'- "NotInitial": The password is not an initial password.'."\n" + ."\n" + .'- "InitialValid": The initial password is valid.'."\n" + ."\n" + .'- "InitialExpired": The initial password has expired.', + 'type' => 'string', + 'example' => 'NotInitial', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"29CB303C-1F05-43A6-A6BC-EBC5A797F8DB\\",\\n \\"LoginProfile\\": {\\n \\"UserPrincipalName\\": \\"test@example.onaliyun.com\\",\\n \\"Status\\": \\"Active\\",\\n \\"UpdateDate\\": \\"2020-10-14T03:47:51Z\\",\\n \\"PasswordResetRequired\\": false,\\n \\"MFABindRequired\\": false,\\n \\"PasswordStatus\\": \\"NotInitial\\"\\n }\\n}","type":"json"}]', + 'title' => 'CreateLoginProfile', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateLoginProfile', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateLoginProfile', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'CreateOIDCProvider' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'OIDCProviderName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the OIDC IdP.'."\n" + ."\n" + .'The name can contain letters, digits, and special characters and cannot start or end with the special characters. The special characters are `periods, (.), hyphens (-), and underscores (_)`.``'."\n" + ."\n" + .'The name can be up to 128 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + ], + [ + 'name' => 'IssuerUrl', + 'in' => 'query', + 'schema' => [ + 'description' => 'The URL of the issuer, which is provided by the external IdP. The URL of the issuer must be unique within an Alibaba Cloud account.'."\n" + ."\n" + .'The URL of the issuer must start with `https` and be in the valid URL format. The URL cannot contain query parameters that follow a question mark (`?`) or logon information that is identified by at signs (`@`). The URL cannot be a fragment URL that contains number signs (`#`).'."\n" + ."\n" + .'The URL can be up to 255 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'https://dev-xxxxxx.okta.com', + 'title' => '', + ], + ], + [ + 'name' => 'Description', + 'in' => 'query', + 'schema' => [ + 'description' => 'The description of the OIDC IdP.'."\n" + ."\n" + .'The description can be up to 256 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'This is an OIDC Provider.', + 'title' => '', + ], + ], + [ + 'name' => 'ClientIds', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the client, which is provided by the external IdP. If you want to specify multiple client IDs, separate the client IDs with commas (,).'."\n" + ."\n" + .'The client ID can contain letters, digits, and special characters and cannot start with the special characters. The special characters are `periods (.), hyphens (-), underscores (_), colons (:), and forward slashes (/)`.``'."\n" + ."\n" + .'The client ID can be up to 128 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '498469743454717****', + 'title' => '', + ], + ], + [ + 'name' => 'Fingerprints', + 'in' => 'query', + 'schema' => [ + 'description' => 'The fingerprint of the HTTPS CA certificate, which is provided by the external IdP. If you want to specify multiple fingerprints, separate the fingerprints with commas (,).'."\n" + ."\n" + .'The fingerprint can contain letters and digits.'."\n" + ."\n" + .'The fingerprint can be up to 128 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '902ef2deeb3c5b13ea4c3d5193629309e231****', + 'title' => '', + ], + ], + [ + 'name' => 'IssuanceLimitTime', + 'in' => 'query', + 'schema' => [ + 'description' => 'The earliest time when an external IdP can issue an ID token. If the value of the iat field in the ID token is later than the current time, the request is rejected. Unit: hours. Valid values: 1 to 168.'."\n", + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '6', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '64B11B41-636D-51E3-A39B-C8703CD2218C', + 'title' => '', + ], + 'OIDCProvider' => [ + 'description' => 'The information about the OIDC IdP.'."\n", + 'type' => 'object', + 'properties' => [ + 'UpdateDate' => [ + 'description' => 'The time when the OIDC IdP was modified. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-11T06:56:03Z', + 'title' => '', + ], + 'Description' => [ + 'description' => 'The description of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'This is an OIDC Provider.', + 'title' => '', + ], + 'OIDCProviderName' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the OIDC IdP was created. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-11T06:56:03Z', + 'title' => '', + ], + 'Arn' => [ + 'description' => 'The Alibaba Cloud Resource Name (ARN) of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'acs:ram::177242285274****:oidc-provider/TestOIDCProvider', + 'title' => '', + ], + 'IssuerUrl' => [ + 'description' => 'The URL of the issuer.'."\n", + 'type' => 'string', + 'example' => 'https://dev-xxxxxx.okta.com', + 'title' => '', + ], + 'Fingerprints' => [ + 'description' => 'The fingerprint of the HTTPS certificate.'."\n", + 'type' => 'string', + 'example' => '902ef2deeb3c5b13ea4c3d5193629309e231****', + 'title' => '', + ], + 'ClientIds' => [ + 'description' => 'The ID of the client.'."\n", + 'type' => 'string', + 'example' => '498469743454717****', + 'title' => '', + ], + 'GmtCreate' => [ + 'description' => 'The timestamp when the OIDC IdP was created.'."\n", + 'type' => 'string', + 'example' => '1636613763000', + 'title' => '', + ], + 'GmtModified' => [ + 'description' => 'The timestamp when the OIDC IdP was modified.'."\n", + 'type' => 'string', + 'example' => '1636613763000', + 'title' => '', + ], + 'IssuanceLimitTime' => [ + 'description' => 'The earliest time when an external IdP can issue an ID token. If the value of the iat field in the ID token is later than the current time, the request is rejected. Unit: hours. Valid values: 1 to 168.'."\n", + 'type' => 'integer', + 'format' => 'int64', + 'example' => '6', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"64B11B41-636D-51E3-A39B-C8703CD2218C\\",\\n \\"OIDCProvider\\": {\\n \\"UpdateDate\\": \\"2021-11-11T06:56:03Z\\",\\n \\"Description\\": \\"This is an OIDC Provider.\\",\\n \\"OIDCProviderName\\": \\"TestOIDCProvider\\",\\n \\"CreateDate\\": \\"2021-11-11T06:56:03Z\\",\\n \\"Arn\\": \\"acs:ram::177242285274****:oidc-provider/TestOIDCProvider\\",\\n \\"IssuerUrl\\": \\"https://dev-xxxxxx.okta.com\\",\\n \\"Fingerprints\\": \\"902ef2deeb3c5b13ea4c3d5193629309e231****\\",\\n \\"ClientIds\\": \\"498469743454717****\\",\\n \\"GmtCreate\\": \\"1636613763000\\",\\n \\"GmtModified\\": \\"1636613763000\\",\\n \\"IssuanceLimitTime\\": 6\\n }\\n}","errorExample":""},{"type":"xml","example":"\\n 64B11B41-636D-51E3-A39B-C8703CD2218C\\n \\n 2021-11-11T06:56:03Z\\n This is an OIDC Provider.\\n TestOIDCProvider\\n 2021-11-11T06:56:03Z\\n acs:ram::177242285274****:oidc-provider/TestOIDCProvider\\n https://dev-xxxxxx.okta.com\\n 902ef2deeb3c5b13ea4c3d5193629309e231****\\n 498469743454717****\\n 1636613763000\\n 1636613763000\\n \\n","errorExample":""}]', + 'title' => 'CreateOIDCProvider', + 'summary' => 'Creates an OpenID Connect (OIDC) identity provider (IdP) to configure a trust relationship between Alibaba Cloud and an external IdP. This topic provides an example on how to create an IdP named TestOIDCProvider to configure a trust relationship between the external IdP Okta and Alibaba Cloud.', + 'description' => '### [](#)Prerequisites'."\n" + ."\n" + .'Before you call this operation, make sure that the information such as the URL of the issuer, the fingerprints of HTTPS certificate authority (CA) certificates, and the client IDs are obtained from an external IdP, such as Google Workspace or Okta.'."\n" + ."\n" + .'### [](#)Limits'."\n" + ."\n" + .'* You can create a maximum of 100 OIDC IdPs in an Alibaba Cloud account.'."\n" + .'* You can add a maximum of 50 client IDs to an OIDC IdP.'."\n" + .'* You can add a maximum of five fingerprints to an OIDC IdP.'."\n" + ."\n" + .'### [](#)Operation description'."\n" + ."\n" + .'This topic provides an example on how to create an IdP named `TestOIDCProvider` to configure a trust relationship between the external IdP and Alibaba Cloud.'."\n", + 'requestParamsDescription' => 'For more information about common request parameters, see [API Reference](~~187377~~).'."\n", + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'CreateSAMLProvider' => [ + 'summary' => 'Creates an identity provider (IdP) for role-based single sign-on (SSO).', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram7YYMOK', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'SAMLProviderName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The IdP name.'."\n" + ."\n" + .'It can be up to 128 characters in length, and can contain letters, digits, `periods (.), hyphens (-), and underscores (_)`. The name cannot start or end with `periods (.), hyphens (-), or underscores (_)`.', + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'test-provider', + 'title' => '', + ], + ], + [ + 'name' => 'Description', + 'in' => 'query', + 'schema' => [ + 'description' => 'The IdP escription.', + 'type' => 'string', + 'required' => false, + 'example' => 'This is a provider.', + 'title' => '', + ], + ], + [ + 'name' => 'EncodedSAMLMetadataDocument', + 'in' => 'query', + 'schema' => [ + 'description' => 'The metadata file, which is Base64-encoded.'."\n" + ."\n" + .'The file is provided by an IdP that supports Security Assertion Markup Language (SAML) 2.0.', + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'PD94bWwgdmVy****', + 'title' => '', + ], + ], + [ + 'name' => 'AuthnSignAlgo', + 'in' => 'query', + 'schema' => [ + 'description' => 'The supported signature algorithm. Valid values:'."\n" + ."\n" + .'- rsa-sha256'."\n" + ."\n" + .'- rsa-sha1 (default)', + 'type' => 'string', + 'required' => false, + 'example' => 'rsa-sha1', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => 'E5EDDFD2-3654-4F9F-9780-4AE7D81823EF', + 'title' => '', + ], + 'SAMLProvider' => [ + 'description' => 'The information about the IdP.', + 'type' => 'object', + 'properties' => [ + 'UpdateDate' => [ + 'description' => 'The time when the information was last updated. It is displayed in UTC.', + 'type' => 'string', + 'example' => '2020-10-22T02:51:20Z', + 'title' => '', + ], + 'Description' => [ + 'description' => 'The IdP description.', + 'type' => 'string', + 'example' => 'This is a provider.', + 'title' => '', + ], + 'SAMLProviderName' => [ + 'description' => 'The IdP name.', + 'type' => 'string', + 'example' => 'test-provider', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the information was created. It is displayed in UTC.', + 'type' => 'string', + 'example' => '2020-10-22T02:37:05Z', + 'title' => '', + ], + 'Arn' => [ + 'description' => 'The Alibaba Cloud Resource Name (ARN) of the IdP.', + 'type' => 'string', + 'example' => 'acs:ram::177242285274****:saml-provider/test-provider', + 'title' => '', + ], + 'AuthnSignAlgo' => [ + 'description' => 'The supported signature algorithm. Valid values:'."\n" + ."\n" + .'- rsa-sha256'."\n" + ."\n" + .'- rsa-sha1 (default)', + 'type' => 'string', + 'example' => 'rsa-sha1', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"E5EDDFD2-3654-4F9F-9780-4AE7D81823EF\\",\\n \\"SAMLProvider\\": {\\n \\"UpdateDate\\": \\"2020-10-22T02:51:20Z\\",\\n \\"Description\\": \\"This is a provider.\\",\\n \\"SAMLProviderName\\": \\"test-provider\\",\\n \\"CreateDate\\": \\"2020-10-22T02:37:05Z\\",\\n \\"Arn\\": \\"acs:ram::177242285274****:saml-provider/test-provider\\",\\n \\"AuthnSignAlgo\\": \\"rsa-sha1\\"\\n }\\n}","type":"json"}]', + 'title' => 'CreateSAMLProvider', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateSAMLProvider', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateSAMLProvider', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'CreateUser' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramJI77QT', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the Resource Access Management (RAM) user.'."\n" + ."\n" + .'The name is in the format of `@.onaliyun.com`. `` indicates the name of the RAM user. `.onaliyun.com` indicates the default domain name. For more information about how to query the default domain name, see [GetDefaultDomain](~~186720~~).'."\n" + ."\n" + .'The value of `UserPrincipalName` must be `1 to 128` characters in length and can contain letters, digits, periods (.), hyphens (-), and underscores (\\_). The value of `` must be `1 to 64` characters in length.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'enumValueTitles' => [], + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'DisplayName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The display name of the RAM user.'."\n" + ."\n" + .'The name must be 1 to 24 characters in length.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'test', + 'title' => '', + ], + ], + [ + 'name' => 'MobilePhone', + 'in' => 'query', + 'schema' => [ + 'description' => 'The mobile number of the RAM user.'."\n" + ."\n" + .'Format: Country code-Mobile phone number.'."\n" + ."\n" + .'> This parameter is valid only on the China site (aliyun.com).'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '86-1868888****', + 'title' => '', + ], + ], + [ + 'name' => 'Email', + 'in' => 'query', + 'schema' => [ + 'description' => 'The email address of the RAM user.'."\n" + ."\n" + .'> This parameter is valid only on the China site (aliyun.com).'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'alice@example.com', + 'title' => '', + ], + ], + [ + 'name' => 'Comments', + 'in' => 'query', + 'schema' => [ + 'description' => 'The description.'."\n" + ."\n" + .'The description must be 1 to 128 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'This is a cloud computing engineer.', + 'title' => '', + ], + ], + [ + 'name' => 'Tag', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'title' => '', + 'description' => 'The tags. You can specify up to 20 tags.'."\n", + 'type' => 'array', + 'items' => [ + 'description' => 'The tag.'."\n", + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'title' => '', + 'description' => 'The key of the tag.'."\n" + ."\n" + .'The tag key cannot be an empty string. The tag key can be up to 128 characters in length and cannot start with `acs:` or `aliyun`. The tag key cannot contain `http://` or `https://`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'operator', + ], + 'Value' => [ + 'title' => '', + 'description' => 'The value of the tag.'."\n" + ."\n" + .'The tag value can be an empty string. The tag value can be up to 128 characters in length. The tag value cannot start with `acs:` or contain `http://` or `https://`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'alice', + ], + ], + 'required' => false, + 'title' => '', + ], + 'required' => false, + 'maxItems' => 21, + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'User' => [ + 'description' => 'The information about the RAM user.'."\n", + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the RAM user.'."\n", + 'type' => 'string', + 'example' => 'test', + 'title' => '', + ], + 'UserPrincipalName' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'Email' => [ + 'description' => 'The email address of the RAM user.'."\n" + ."\n" + .'> This parameter is valid only on the China site (aliyun.com).'."\n", + 'type' => 'string', + 'example' => 'alice@example.com', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The time when the information about the RAM user was updated.'."\n", + 'type' => 'string', + 'example' => '2020-10-12T09:12:00Z', + 'title' => '', + ], + 'MobilePhone' => [ + 'description' => 'The mobile phone number of the RAM user.'."\n" + ."\n" + .'> This parameter is valid only on the China site (aliyun.com).'."\n", + 'type' => 'string', + 'example' => '86-1868888****', + 'title' => '', + ], + 'UserId' => [ + 'description' => 'The ID of the RAM user.'."\n", + 'type' => 'string', + 'example' => '20732900249392****', + 'title' => '', + ], + 'Comments' => [ + 'description' => 'The description.'."\n", + 'type' => 'string', + 'example' => 'This is a cloud computing engineer.', + 'title' => '', + ], + 'LastLoginDate' => [ + 'description' => 'The last time when the RAM user logged on to the Alibaba Cloud Management Console.'."\n", + 'type' => 'string', + 'example' => '2020-10-12T09:12:00Z', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the RAM user was created.'."\n", + 'type' => 'string', + 'example' => '2020-10-12T09:12:00Z', + 'title' => '', + ], + 'ProvisionType' => [ + 'description' => 'The source of the RAM user. Valid values:'."\n" + ."\n" + .'* Manual: The RAM user is manually created in the RAM console.'."\n" + .'* SCIM: The RAM user is mapped by using System for Cross-domain Identity Management (SCIM).'."\n" + .'* CloudSSO: The RAM user is mapped from a CloudSSO user.'."\n", + 'type' => 'string', + 'example' => 'Manual', + 'title' => '', + ], + 'Tags' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'Tag' => [ + 'description' => 'The tag value.'."\n", + 'title' => '', + 'type' => 'array', + 'items' => [ + 'description' => '', + 'type' => 'object', + 'properties' => [ + 'TagKey' => [ + 'description' => 'The tag key.'."\n", + 'type' => 'string', + 'example' => 'operator', + 'title' => '', + ], + 'TagValue' => [ + 'description' => 'The tag value.'."\n", + 'type' => 'string', + 'example' => 'alice', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + ], + ], + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '2BB8C44A-2862-4922-AD43-03924749173B', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"User\\": {\\n \\"DisplayName\\": \\"test\\",\\n \\"UserPrincipalName\\": \\"test@example.onaliyun.com\\",\\n \\"Email\\": \\"alice@example.com\\",\\n \\"UpdateDate\\": \\"2020-10-12T09:12:00Z\\",\\n \\"MobilePhone\\": \\"86-1868888****\\",\\n \\"UserId\\": \\"20732900249392****\\",\\n \\"Comments\\": \\"This is a cloud computing engineer.\\",\\n \\"LastLoginDate\\": \\"2020-10-12T09:12:00Z\\",\\n \\"CreateDate\\": \\"2020-10-12T09:12:00Z\\",\\n \\"ProvisionType\\": \\"Manual\\",\\n \\"Tags\\": {\\n \\"Tag\\": [\\n {\\n \\"TagKey\\": \\"operator\\",\\n \\"TagValue\\": \\"alice\\"\\n }\\n ]\\n }\\n },\\n \\"RequestId\\": \\"2BB8C44A-2862-4922-AD43-03924749173B\\"\\n}","errorExample":""},{"type":"xml","example":"\\n \\n test\\n test@example.onaliyun.com\\n alice@example.com\\n 2020-10-12T09:12:00Z\\n 86-1868888****\\n 20732900249392****\\n This is a cloud computing engineer.\\n 2020-10-12T09:12:00Z\\n 2020-10-12T09:12:00Z\\n Manual\\n \\n operator\\n alice\\n \\n \\n 2BB8C44A-2862-4922-AD43-03924749173B\\n","errorExample":""}]', + 'title' => 'CreateUser', + 'summary' => 'Creates a RAM user.', + 'description' => 'This topic provides an example on how to create a RAM user named `test`.'."\n", + 'requestParamsDescription' => 'For more information about common request parameters, see [API Reference](~~187377~~).'."\n", + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateUser', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/*', + ], + ], + ], + ], + ], + ], + 'CreateVirtualMFADevice' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramCFN0GB', + ], + ], + 'parameters' => [ + [ + 'name' => 'VirtualMFADeviceName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the MFA device.'."\n" + ."\n" + .'The name must be 1 to 64 characters in length and can contain letters, digits, and hyphens (-).'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'device001', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'VirtualMFADevice' => [ + 'description' => 'The information about the MFA device.'."\n", + 'type' => 'object', + 'properties' => [ + 'SerialNumber' => [ + 'description' => 'The serial number of the MFA device.'."\n", + 'type' => 'string', + 'example' => 'acs:ram::177242285274****:mfa/device001', + 'title' => '', + ], + 'QRCodePNG' => [ + 'description' => 'The Base64-encoded QR code of the key.'."\n", + 'type' => 'string', + 'example' => 'YXNkZmFzZDlmeW5hc2Q5OGZoODd4bXJmcThhaGU5aSBmYXNkZiBzYWRmIGFGIDRxd2VjIGEgdHEz****', + 'title' => '', + ], + 'Base32StringSeed' => [ + 'description' => 'The key of the MFA device.'."\n", + 'type' => 'string', + 'example' => 'LD3CJ23Z2VGEX6R7ZTQCOA4XL2KODS5PKH7442NLKYX2PVHSHYB7UT3TS5HA****', + 'title' => '', + ], + ], + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'C609CC97-10FE-43EB-BE32-BDC219D8F1E4', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"VirtualMFADevice\\": {\\n \\"SerialNumber\\": \\"acs:ram::177242285274****:mfa/device001\\",\\n \\"QRCodePNG\\": \\"YXNkZmFzZDlmeW5hc2Q5OGZoODd4bXJmcThhaGU5aSBmYXNkZiBzYWRmIGFGIDRxd2VjIGEgdHEz****\\",\\n \\"Base32StringSeed\\": \\"LD3CJ23Z2VGEX6R7ZTQCOA4XL2KODS5PKH7442NLKYX2PVHSHYB7UT3TS5HA****\\"\\n },\\n \\"RequestId\\": \\"C609CC97-10FE-43EB-BE32-BDC219D8F1E4\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\t\\r\\n\\t\\tacs:ram::177242285274****:mfa/device001\\r\\n\\t\\tYXNkZmFzZDlmeW5hc2Q5OGZoODd4bXJmcThhaGU5aSBmYXNkZiBzYWRmIGFGIDRxd2VjIGEgdHEz****\\r\\n\\t\\tLD3CJ23Z2VGEX6R7ZTQCOA4XL2KODS5PKH7442NLKYX2PVHSHYB7UT3TS5HA****\\r\\n\\t\\r\\n\\tC609CC97-10FE-43EB-BE32-BDC219D8F1E4\\r\\n","errorExample":""}]', + 'title' => 'CreateVirtualMFADevice', + 'summary' => 'Creates a virtual multi-factor authentication (MFA) device.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateVirtualMFADevice', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'MFADevice', + 'arn' => 'acs:ram::{#accountId}:mfa/*', + ], + ], + ], + ], + ], + ], + 'DeleteAccessKey' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramI3FYOF', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserAccessKeyId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the AccessKey pair that you want to delete.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'LTAI*******************', + 'title' => '', + ], + ], + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n" + ."\n" + .'If this parameter is empty, the AccessKey pair of the current user is deleted.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC\\r\\n","errorExample":""}]', + 'title' => 'DeleteAccessKey', + 'summary' => 'Deletes an AccessKey pair for an Alibaba Cloud account or a Resource Access Management (RAM) user.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteAccessKey', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'DeleteAccessKeyInRecycleBin' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramI3FYOF', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the RAM user.'."\n" + ."\n" + .'> - If you use an Alibaba Cloud account to call the operation, you must specify the parameter.'."\n" + .'> - If you use a RAM user to call the operation, you can leave the parameter empty. In this case, the ID of the RAM user is used by default.', + 'type' => 'string', + 'required' => false, + 'example' => '20732900249392****', + 'title' => '', + ], + ], + [ + 'name' => 'UserAccessKeyId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The AccessKey ID of the RAM user.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'LTAI*******************', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\"\\n}","errorExample":""},{"type":"xml","example":"\\n 4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\n","errorExample":""}]', + 'title' => 'DeleteAccessKeyInRecycleBin', + 'summary' => 'Deletes a specific AccessKey pair that belongs to a Resource Access Management (RAM) user from the recycle bin.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteAccessKeyInRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'DeleteAppSecret' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramQ794FD', + ], + ], + 'parameters' => [ + [ + 'name' => 'AppId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => '472457090344041****', + 'title' => '', + ], + ], + [ + 'name' => 'AppSecretId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the application secret.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => '2efd5004-005c-4f05-83c6-5b1dd176****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '85836703-8D4F-485F-9726-4D1C730F957E', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"85836703-8D4F-485F-9726-4D1C730F957E\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n 85836703-8D4F-485F-9726-4D1C730F957E\\r\\n","errorExample":""}]', + 'title' => 'DeleteAppSecret', + 'summary' => 'Deletes the application secret of an application.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteAppSecret', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + ], + ], + 'DeleteApplication' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram3BGJ0P', + ], + ], + 'parameters' => [ + [ + 'name' => 'AppId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => '472457090344041****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '85836703-8D4F-485F-9726-4D1C730F957E', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"85836703-8D4F-485F-9726-4D1C730F957E\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n 85836703-8D4F-485F-9726-4D1C730F957E\\r\\n","errorExample":""}]', + 'title' => 'DeleteApplication', + 'summary' => 'Deletes an application.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + ], + ], + 'DeleteGroup' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramM3CIN3', + ], + ], + 'parameters' => [ + [ + 'name' => 'GroupName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the RAM user group.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'Dev-Team', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '85836703-8D4F-485F-9726-4D1C730F957E', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"85836703-8D4F-485F-9726-4D1C730F957E\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n 85836703-8D4F-485F-9726-4D1C730F957E\\r\\n","errorExample":""}]', + 'title' => 'DeleteGroup', + 'summary' => 'Deletes a Resource Access Management (RAM) user group.', + 'description' => 'Before you delete a RAM user group, make sure that no policies are attached to the group and no RAM users are included in the group.'."\n", + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/{#GroupName}', + ], + ], + ], + ], + ], + ], + 'DeleteLoginProfile' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramFSAEMQ', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC\\r\\n","errorExample":""}]', + 'title' => 'DeleteLoginProfile', + 'summary' => 'Disables logon to the console for a Resource Access Management (RAM) user.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteLoginProfile', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'DeleteOIDCProvider' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'OIDCProviderName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '85836703-8D4F-485F-9726-4D1C730F957E', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"85836703-8D4F-485F-9726-4D1C730F957E\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\t85836703-8D4F-485F-9726-4D1C730F957E\\r\\n\\t","errorExample":""}]', + 'title' => 'DeleteOIDCProvider', + 'summary' => 'Deletes an OpenID Connect (OIDC) identity provider (IdP).', + 'description' => '###'."\n" + ."\n" + .'This topic provides an example on how to remove the OIDC IdP named `TestOIDCProvider`.'."\n", + 'requestParamsDescription' => 'For more information about common request parameters, see [API Reference](~~187377~~).'."\n", + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + ], + ], + ], + ], + ], + 'DeletePasskey' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'none', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeCode' => '254326', + 'abilityTreeNodes' => [ + 'FEATUREramCFN0GB', + ], + 'autoTest' => false, + 'notSupportAutoTestReason' => '因为创建passkey需要通过控制台页面,没有openAPI,因此无法创建用来删除的passkey', + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'PasskeyId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the passkey.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'PASSKEY-CuZjEHhWcr7GIQOMGvkS', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'Schema of Response', + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'title' => 'Id of the request', + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '8A1673AA-5DB3-5AFB-8758-AF9EC2889259', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"8A1673AA-5DB3-5AFB-8758-AF9EC2889259\\"\\n}","type":"json"}]', + 'title' => 'DeletePasskey', + 'summary' => 'Deletes a passkey for a Resource Access Management (RAM) user.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'ram:DeletePasskey', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'DeleteSAMLProvider' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram7YYMOK', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'SAMLProviderName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the IdP that you want to delete.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'test-provider', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '85836703-8D4F-485F-9726-4D1C730F957E', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"85836703-8D4F-485F-9726-4D1C730F957E\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n 85836703-8D4F-485F-9726-4D1C730F957E\\r\\n","errorExample":""}]', + 'title' => 'DeleteSAMLProvider', + 'summary' => 'Deletes an identity provider (IdP) for role-based single sign-on (SSO).', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteSAMLProvider', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'SAMLProvider', + 'arn' => 'acs:ram::{#accountId}:saml-provider/{#SAMLProviderName}', + ], + ], + ], + ], + ], + ], + 'DeleteUser' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: `UserPrincipalName` and `UserId`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'UserId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: `UserPrincipalName` and `UserId`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '20732900249392****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '85836703-8D4F-485F-9726-4D1C730F957E', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"85836703-8D4F-485F-9726-4D1C730F957E\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n 85836703-8D4F-485F-9726-4D1C730F957E\\r\\n","errorExample":""}]', + 'title' => 'DeleteUser', + 'summary' => 'Deletes a Resource Access Management (RAM) user.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteUser', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'DeleteUserInRecycleBin' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'UserId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the RAM user.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '20732900249392****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\"\\n}","errorExample":""},{"type":"xml","example":"\\n 4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\n","errorExample":""}]', + 'title' => 'DeleteUserInRecycleBin', + 'summary' => 'Deletes a specific Resource Access Management (RAM) user from the recycle bin.', + 'requestParamsDescription' => 'For more information about common request parameters, see [Common parameters](~~187377~~).'."\n", + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteUserInRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'DeleteVirtualMFADevice' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramCFN0GB', + ], + ], + 'parameters' => [ + [ + 'name' => 'SerialNumber', + 'in' => 'query', + 'schema' => [ + 'description' => 'The serial number of the MFA device.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'acs:ram::123456789012****:mfa/device002', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '04F0F334-1335-436C-A1D7-6C044FE73368', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"04F0F334-1335-436C-A1D7-6C044FE73368\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n 04F0F334-1335-436C-A1D7-6C044FE73368\\r\\n","errorExample":""}]', + 'title' => 'DeleteVirtualMFADevice', + 'summary' => 'Deletes a multi-factor authentication (MFA) device.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteVirtualMFADevice', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'MFADevice', + 'arn' => 'acs:ram::{#accountId}:mfa/{#SerialNumber}', + ], + ], + ], + ], + ], + ], + 'DeprovisionApplication' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram3BGJ0P', + ], + ], + 'parameters' => [ + [ + 'name' => 'AppId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => '452392483381546****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '85836703-8D4F-485F-9726-4D1C730F957E', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"85836703-8D4F-485F-9726-4D1C730F957E\\"\\n}","type":"json"}]', + 'title' => 'DeprovisionApplication', + 'summary' => 'Uninstalls an external application or an internal application of the ServerApp type.', + 'description' => 'If you want to call this operation to uninstall an internal application, the type of the internal application must be **ServerApp**. Otherwise, an error occurs when you call this operation.'."\n" + ."\n" + .'> For **internal applications**, only internal applications of the ServerApp type need to be **installed or provisioned**. Therefore, only internal applications of the ServerApp type **can be uninstalled**. Internal applications of the WebApp and NativeApp types **do not need to and cannot be uninstalled**.'."\n", + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:DeprovisionApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + ], + ], + 'DeprovisionExternalApplication' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '7447', + 'abilityTreeNodes' => [ + 'FEATUREramCEEHYN', + ], + ], + 'parameters' => [ + [ + 'name' => 'AppId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => '417273362044613****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '4507D1CD-526A-4E2B-A1C2-3AB045D1AE0B', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"4507D1CD-526A-4E2B-A1C2-3AB045D1AE0B\\"\\n}","type":"json"}]', + 'title' => 'DeprovisionExternalApplication', + 'summary' => 'Deletes an installed external application.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:DeprovisionExternalApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'DisableVirtualMFA' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '7448', + 'abilityTreeNodes' => [ + 'FEATUREramCFN0GB', + ], + 'autoTest' => false, + 'notSupportAutoTestReason' => '无法通过测试平台自动生成MFA Code,所以无法构建绑定了MFA的用户用于测试', + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC\\r\\n","errorExample":""}]', + 'title' => 'DisableVirtualMFA', + 'summary' => 'Unbinds and deletes a multi-factor authentication (MFA) device from a Resource Access Management (RAM) user.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:DisableVirtualMFA', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'GenerateCredentialReport' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramYDDQL2', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'BBCCA90A-A1F0-4B16-B355-692247197805', + 'title' => '', + ], + 'State' => [ + 'description' => 'The generation status of the user credential report. Valid values:'."\n" + ."\n" + .'* STARTED: The system starts to generate the user credential report.'."\n" + .'* INPROGRESS: The user credential report is being generated.'."\n" + .'* COMPLETED: The user credential report is generated.'."\n", + 'type' => 'string', + 'example' => 'STARTED', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'asynchronous', + 'callback' => 'Ims::2019-08-15::GetCredentialReport', + 'callbackInterval' => 10000, + 'maxCallbackTimes' => 5, + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"BBCCA90A-A1F0-4B16-B355-692247197805\\",\\n \\"State\\": \\"STARTED\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\tBBCCA90A-A1F0-4B16-B355-692247197805\\r\\n\\tSTARTED\\r\\n\\r\\n\\t\\r\\n","errorExample":""}]', + 'title' => 'GenerateCredentialReport', + 'summary' => 'Generates the user credential report of an Alibaba Cloud account.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:GenerateCredentialReport', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'GenerateGovernanceReport' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramOHWKAN', + ], + ], + 'parameters' => [], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '492E130C-76D3-55D5-BE5C-C023E431369A', + 'title' => '', + ], + 'State' => [ + 'description' => 'The report generation status. Valid values:'."\n" + ."\n" + .'* Started: The system starts to generate a governance report.'."\n" + .'* Progressing: The system is generating a governance report.'."\n" + .'* Completed: A governance report is generated.', + 'type' => 'string', + 'example' => 'Started', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'asynchronous', + 'callback' => 'Ims::2019-08-15::GetGovernanceReportStatus', + 'callbackInterval' => 10000, + 'maxCallbackTimes' => 5, + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"492E130C-76D3-55D5-BE5C-C023E431369A\\",\\n \\"State\\": \\"Started\\"\\n}","type":"json"}]', + 'title' => 'GenerateGovernanceReport', + 'summary' => 'Generates a check report for Cloud Governance.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:GenerateGovernanceReport', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'GetAccessKeyInfoInRecycleBin' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'UserAccessKeyId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The AccessKey ID of the Resource Access Management (RAM) user.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'LTAI*******************', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B', + 'title' => '', + ], + 'AccessKey' => [ + 'description' => 'The information about the AccessKey pair.'."\n", + 'type' => 'object', + 'properties' => [ + 'UserId' => [ + 'description' => 'The ID of the RAM user.'."\n", + 'type' => 'string', + 'example' => '20732900249392****', + 'title' => '', + ], + 'UserPrincipalName' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'UserRecycled' => [ + 'description' => 'Indicates whether the RAM user to which the AccessKey pair belongs is in the recycle bin. Valid values:'."\n" + ."\n" + .'* true'."\n" + .'* false'."\n", + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + 'AccessKeyId' => [ + 'description' => 'The AccessKey ID.'."\n", + 'type' => 'string', + 'example' => 'LTAI*******************', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the AccessKey pair was created.'."\n", + 'type' => 'string', + 'example' => '2020-10-12T09:12:00Z', + 'title' => '', + ], + 'RecycleDate' => [ + 'description' => 'The time when the AccessKey pair was deleted and moved to the recycle bin.'."\n", + 'type' => 'string', + 'example' => '2020-10-12T10:12:00Z', + 'title' => '', + ], + 'DeleteDate' => [ + 'description' => 'The time when the AccessKey pair will be permanently deleted from the recycle bin.'."\n", + 'type' => 'string', + 'example' => '2020-11-12T10:12:00Z', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\",\\n \\"AccessKey\\": {\\n \\"UserId\\": \\"20732900249392****\\",\\n \\"UserPrincipalName\\": \\"test@example.onaliyun.com\\",\\n \\"UserRecycled\\": true,\\n \\"AccessKeyId\\": \\"LTAI*******************\\",\\n \\"CreateDate\\": \\"2020-10-12T09:12:00Z\\",\\n \\"RecycleDate\\": \\"2020-10-12T10:12:00Z\\",\\n \\"DeleteDate\\": \\"2020-11-12T10:12:00Z\\"\\n }\\n}","errorExample":""},{"type":"xml","example":"\\n 4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\n \\n 20732900249392****\\n test@example.onaliyun.com\\n true\\n LTAI4GFTgcR8m8cZQDTH****\\n 2020-10-12T09:12:00Z\\n 2020-10-12T10:12:00Z\\n 2020-11-12T10:12:00Z\\n \\n","errorExample":""}]', + 'title' => 'GetAccessKeyInfoInRecycleBin', + 'summary' => 'Queries information about a specific AccessKey pair of a Resource Access Management (RAM) user in the recycle bin.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetAccessKeyInfoInRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'GetAccessKeyLastUsed' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n" + ."\n" + .'If you do not specify this parameter, the AccessKey pair of the current user is queried.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'UserAccessKeyId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the AccessKey pair that you want to query.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'LTAI*******************', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'headers' => [], + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'AccessKeyLastUsed' => [ + 'description' => 'The details of the time when the AccessKey pair was used for the last time.'."\n", + 'type' => 'object', + 'properties' => [ + 'LastUsedDate' => [ + 'description' => 'The time when the AccessKey pair was used for the last time.'."\n", + 'type' => 'string', + 'example' => '2020-10-16T01:37:37Z', + 'title' => '', + ], + 'ServiceName' => [ + 'description' => 'The Alibaba Cloud service that was last accessed by using the AccessKey pair.'."\n", + 'type' => 'string', + 'example' => 'Ram', + 'title' => '', + ], + ], + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'B29C79F6-354B-4297-A994-1338CC22A2EC', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"AccessKeyLastUsed\\": {\\n \\"LastUsedDate\\": \\"2020-10-16T01:37:37Z\\",\\n \\"ServiceName\\": \\"Ram\\"\\n },\\n \\"RequestId\\": \\"B29C79F6-354B-4297-A994-1338CC22A2EC\\"\\n}","errorExample":""},{"type":"xml","example":"\\n \\n 2020-10-16T01:37:37Z\\n Ram\\n \\n B29C79F6-354B-4297-A994-1338CC22A2EC\\n","errorExample":""}]', + 'title' => 'GetAccessKeyLastUsed', + 'summary' => 'Queries the time when an AccessKey pair was used for the last time.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetAccessKeyLastUsed', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'GetAccountMFAInfo' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '4BE83135-0B08-467C-B3A2-27B312FD0F57', + 'title' => '', + ], + 'IsMFAEnable' => [ + 'description' => 'Indicates whether MFA devices are enabled. Valid values:'."\n" + ."\n" + .'* true'."\n" + .'* false'."\n", + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"4BE83135-0B08-467C-B3A2-27B312FD0F57\\",\\n \\"IsMFAEnable\\": false\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\t4BE83135-0B08-467C-B3A2-27B312FD0F57\\r\\n\\tfalse\\r\\n\\t\\r\\n","errorExample":""}]', + 'title' => 'GetAccountMFAInfo', + 'summary' => 'Queries information about the multi-factor authentication (MFA) devices of an Alibaba Cloud account.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetAccountMFAInfo', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'GetAccountSecurityPracticeReport' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'ABA822EE-85C2-4418-9577-A1831FC8466D', + 'title' => '', + ], + 'AccountSecurityPracticeInfo' => [ + 'description' => 'The information about the security report for the Alibaba Cloud account.'."\n", + 'type' => 'object', + 'properties' => [ + 'AccountSecurityPracticeUserInfo' => [ + 'description' => 'The information about the security report for the Alibaba Cloud account.'."\n", + 'type' => 'object', + 'properties' => [ + 'UnusedAkNum' => [ + 'description' => 'The number of AccessKey pairs that are not used for the Alibaba Cloud account.'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + 'title' => '', + ], + 'SubUserWithUnusedAccessKey' => [ + 'description' => 'The number of Resource Access Management (RAM) users that have unused AccessKey pairs.'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + 'title' => '', + ], + 'RootWithAccessKey' => [ + 'description' => 'The number of AccessKey pairs for the Alibaba Cloud account.'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + 'title' => '', + ], + 'SubUser' => [ + 'description' => 'The number of RAM users within the Alibaba Cloud account.'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'example' => '9', + 'title' => '', + ], + 'BindMfa' => [ + 'description' => 'Indicates whether multi-factor authentication (MFA) is enabled. Valid values:'."\n" + ."\n" + .'* true'."\n" + .'* false'."\n", + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'OldAkNum' => [ + 'description' => 'The number of old AccessKey pairs for the Alibaba Cloud account.'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + 'title' => '', + ], + 'SubUserPwdLevel' => [ + 'description' => 'The complexity level of the password for the RAM user. Valid values:'."\n" + ."\n" + .'* low'."\n" + .'* mid'."\n" + .'* high'."\n", + 'type' => 'string', + 'example' => 'low', + 'title' => '', + ], + 'SubUserWithOldAccessKey' => [ + 'description' => 'The number of RAM users that use the old AccessKey pairs.'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + 'title' => '', + ], + 'SubUserBindMfa' => [ + 'description' => 'The number of RAM users that have MFA devices bound.'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + 'title' => '', + ], + ], + 'title' => '', + ], + 'Score' => [ + 'description' => 'The security score of the Alibaba Cloud account.'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'example' => '63', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"ABA822EE-85C2-4418-9577-A1831FC8466D\\",\\n \\"AccountSecurityPracticeInfo\\": {\\n \\"AccountSecurityPracticeUserInfo\\": {\\n \\"UnusedAkNum\\": 0,\\n \\"SubUserWithUnusedAccessKey\\": 0,\\n \\"RootWithAccessKey\\": 1,\\n \\"SubUser\\": 9,\\n \\"BindMfa\\": false,\\n \\"OldAkNum\\": 0,\\n \\"SubUserPwdLevel\\": \\"low\\",\\n \\"SubUserWithOldAccessKey\\": 0,\\n \\"SubUserBindMfa\\": 0\\n },\\n \\"Score\\": 63\\n }\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\tABA822EE-85C2-4418-9577-A1831FC8466D\\r\\n\\t\\r\\n\\t\\t63\\r\\n\\t\\t\\r\\n\\t\\t\\t9\\r\\n\\t\\t\\t0\\r\\n\\t\\t\\t0\\r\\n\\t\\t\\t1\\r\\n\\t\\t\\t0\\r\\n\\t\\t\\tlow\\r\\n\\t\\t\\t0\\r\\n\\t\\t\\t0\\r\\n\\t\\t\\tfalse\\r\\n\\t\\t\\r\\n\\t\\r\\n\\r\\n\\t\\r\\n","errorExample":""}]', + 'title' => 'GetAccountSecurityPracticeReport', + 'summary' => 'Queries the security report of an Alibaba Cloud account.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetAccountSecurityPracticeReport', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'GetAccountSummary' => [ + 'summary' => 'Retrieves a summary of an Alibaba Cloud account.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramPNEJCS', + ], + ], + 'parameters' => [], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'title' => '', + 'example' => '81313F5E-3C85-478F-BCC9-E1B70E4556DB', + ], + 'SummaryMap' => [ + 'description' => 'The summary information of the Alibaba Cloud account.', + 'type' => 'object', + 'properties' => [ + 'MFADevices' => [ + 'description' => 'The number of virtual multi-factor authentication (MFA) devices.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '13', + ], + 'AccessKeysPerUserQuota' => [ + 'description' => 'The maximum number of AccessKey pairs that a RAM user can have.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '2', + ], + 'AttachedPoliciesPerGroupQuota' => [ + 'description' => 'The maximum number of custom policies that can be attached to a user group.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '5', + ], + 'AttachedSystemPoliciesPerRoleQuota' => [ + 'description' => 'The maximum number of system policies that can be attached to a RAM role.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '20', + ], + 'AttachedPoliciesPerRoleQuota' => [ + 'description' => 'The maximum number of custom policies that can be attached to a RAM role.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '5', + ], + 'GroupsPerUserQuota' => [ + 'description' => 'The maximum number of user groups that a RAM user can join.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '5', + ], + 'Roles' => [ + 'description' => 'The number of RAM roles.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '19', + ], + 'PolicySizeQuota' => [ + 'description' => 'The maximum length of a policy document.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '2048', + ], + 'AttachedSystemPoliciesPerGroupQuota' => [ + 'description' => 'The maximum number of system policies that can be attached to a user group.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '20', + ], + 'AttachedSystemPoliciesPerUserQuota' => [ + 'description' => 'The maximum number of system policies that can be attached to a RAM user.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '20', + ], + 'AttachedPoliciesPerUserQuota' => [ + 'description' => 'The maximum number of custom policies that can be attached to a RAM user.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '10', + ], + 'GroupsQuota' => [ + 'description' => 'The maximum number of user groups that can be created.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '50', + ], + 'Groups' => [ + 'description' => 'The number of user groups.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '7', + ], + 'PoliciesQuota' => [ + 'description' => 'The maximum number of custom policies that can be created.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '1500', + ], + 'VirtualMFADevicesQuota' => [ + 'description' => 'The maximum number of virtual MFA devices that can be created.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '1000', + ], + 'VersionsPerPolicyQuota' => [ + 'description' => 'The maximum number of policy versions.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '5', + ], + 'RolesQuota' => [ + 'description' => 'The maximum number of RAM roles that can be created.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '1000', + ], + 'UsersQuota' => [ + 'description' => 'The maximum number of RAM users that can be created.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '1000', + ], + 'Policies' => [ + 'description' => 'The number of custom policies.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '13', + ], + 'Users' => [ + 'description' => 'The number of RAM users.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '9', + ], + 'MFADevicesInUse' => [ + 'description' => 'The number of virtual MFA devices that are in use.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '2', + ], + 'IPItemsPerAKPolicyQuota' => [ + 'description' => 'The maximum number of IP addresses that can be set in an account-level or AccessKey-level network access control policy.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '50', + ], + 'ConditionsPerAKPolicyQuota' => [ + 'description' => 'The maximum number of conditions that can be set in an account-level or AccessKey-level network access control policy.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '8', + ], + 'AccountAccessKeysPerAccountQuota' => [ + 'type' => 'integer', + 'format' => 'int32', + 'description' => 'The maximum number of AccessKeys for an Alibaba Cloud account.', + 'title' => '', + 'example' => '2', + ], + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"81313F5E-3C85-478F-BCC9-E1B70E4556DB\\",\\n \\"SummaryMap\\": {\\n \\"MFADevices\\": 13,\\n \\"AccessKeysPerUserQuota\\": 2,\\n \\"AttachedPoliciesPerGroupQuota\\": 5,\\n \\"AttachedSystemPoliciesPerRoleQuota\\": 20,\\n \\"AttachedPoliciesPerRoleQuota\\": 5,\\n \\"GroupsPerUserQuota\\": 5,\\n \\"Roles\\": 19,\\n \\"PolicySizeQuota\\": 2048,\\n \\"AttachedSystemPoliciesPerGroupQuota\\": 20,\\n \\"AttachedSystemPoliciesPerUserQuota\\": 20,\\n \\"AttachedPoliciesPerUserQuota\\": 10,\\n \\"GroupsQuota\\": 50,\\n \\"Groups\\": 7,\\n \\"PoliciesQuota\\": 1500,\\n \\"VirtualMFADevicesQuota\\": 1000,\\n \\"VersionsPerPolicyQuota\\": 5,\\n \\"RolesQuota\\": 1000,\\n \\"UsersQuota\\": 1000,\\n \\"Policies\\": 13,\\n \\"Users\\": 9,\\n \\"MFADevicesInUse\\": 2,\\n \\"IPItemsPerAKPolicyQuota\\": 50,\\n \\"ConditionsPerAKPolicyQuota\\": 8,\\n \\"AccountAccessKeysPerAccountQuota\\": 2\\n }\\n}","type":"json"}]', + 'title' => 'GetAccountSummary', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetAccountSummary', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetAccountSummary', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'GetAppSecret' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'high', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramQ794FD', + ], + ], + 'parameters' => [ + [ + 'name' => 'AppId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => '472457090344041****', + 'title' => '', + ], + ], + [ + 'name' => 'AppSecretId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the application secret.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => '2efd5004-005c-4f05-83c6-5b1dd176****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'EE46FC3C-3BDE-4771-B531-27B7B6EB533D', + 'title' => '', + ], + 'AppSecret' => [ + 'description' => 'The details of the application secret.'."\n", + 'type' => 'object', + 'properties' => [ + 'AppSecretValue' => [ + 'description' => 'The content of the application secret.'."\n", + 'type' => 'string', + 'example' => 'ai78ZmmxnlUG1jXlBZRDFKos9DIjY4m17Q7dCpMwn1rqXsTGb1X1XmrmveMp****', + 'title' => '', + ], + 'AppId' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'example' => '472457090344041****', + 'title' => '', + ], + 'AppSecretId' => [ + 'description' => 'The ID of the application secret.'."\n", + 'type' => 'string', + 'example' => '2efd5004-005c-4f05-83c6-5b1dd176****', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The creation time.'."\n", + 'type' => 'string', + 'example' => '2020-10-26T02:52:31Z', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"EE46FC3C-3BDE-4771-B531-27B7B6EB533D\\",\\n \\"AppSecret\\": {\\n \\"AppSecretValue\\": \\"ai78ZmmxnlUG1jXlBZRDFKos9DIjY4m17Q7dCpMwn1rqXsTGb1X1XmrmveMp****\\",\\n \\"AppId\\": \\"472457090344041****\\",\\n \\"AppSecretId\\": \\"2efd5004-005c-4f05-83c6-5b1dd176****\\",\\n \\"CreateDate\\": \\"2020-10-26T02:52:31Z\\"\\n }\\n}","errorExample":""},{"type":"xml","example":"\\r\\n EE46FC3C-3BDE-4771-B531-27B7B6EB533D\\r\\n \\r\\n 472457090344041****\\r\\n ai78ZmmxnlUG1jXlBZRDFKos9DIjY4m17Q7dCpMwn1rqXsTGb1X1XmrmveMp****\\r\\n 2efd5004-005c-4f05-83c6-5b1dd176****\\r\\n 2020-10-26T02:52:31Z\\r\\n \\r\\n","errorExample":""}]', + 'title' => 'GetAppSecret', + 'summary' => 'Queries the details of an application secret.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetAppSecret', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + ], + ], + 'GetApplication' => [ + 'summary' => 'Queries the configuration information of a specified application.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram2SMFX0', + ], + ], + 'parameters' => [ + [ + 'name' => 'AppId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The application ID.', + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'title' => '', + 'example' => '472457090344041****', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The returned data.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'title' => '', + 'example' => '6616F09B-2768-4C11-8866-A8EE4C4A583E', + ], + 'Application' => [ + 'description' => 'The information about the application.', + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the application.', + 'type' => 'string', + 'title' => '', + 'example' => 'myapp', + ], + 'AccessTokenValidity' => [ + 'description' => 'The validity period of the access token. Unit: seconds.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '3600', + ], + 'SecretRequired' => [ + 'description' => 'Indicates whether an application key is required.', + 'type' => 'boolean', + 'title' => '', + 'example' => 'true', + ], + 'AccountId' => [ + 'description' => 'The ID of the Alibaba Cloud account to which the application belongs.', + 'type' => 'string', + 'title' => '', + 'example' => '177242285274****', + ], + 'CreateDate' => [ + 'description' => 'The time when the application was created.', + 'type' => 'string', + 'title' => '', + 'example' => '2020-10-23T08:06:57Z', + ], + 'AppName' => [ + 'description' => 'The application name.', + 'type' => 'string', + 'title' => '', + 'example' => 'myapp', + ], + 'RedirectUris' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'RedirectUri' => [ + 'description' => 'The webhook address.', + 'type' => 'array', + 'items' => [ + 'description' => 'The webhook address.', + 'type' => 'string', + 'title' => '', + 'example' => 'https://www.example.com', + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The time when the application was last updated.', + 'type' => 'string', + 'title' => '', + 'example' => '2020-10-23T08:06:57Z', + ], + 'DelegatedScope' => [ + 'description' => 'The permission scopes of the application.', + 'type' => 'object', + 'properties' => [ + 'PredefinedScopes' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'PredefinedScope' => [ + 'description' => 'The permission scopes of the application.', + 'type' => 'array', + 'items' => [ + 'description' => 'The permission scopes of the application.', + 'type' => 'object', + 'properties' => [ + 'Description' => [ + 'description' => 'The description of the scope.', + 'type' => 'string', + 'title' => '', + 'example' => 'Obtain the OpenID of the user. This is the default permission that you cannot remove.', + ], + 'Name' => [ + 'description' => 'The name of the scope.', + 'type' => 'string', + 'title' => '', + 'example' => 'openid', + ], + 'Required' => [ + 'description' => 'Indicates whether this permission scope is required by default when the application is installed. Valid values:'."\n" + ."\n" + .'- true: The permission scope is required.'."\n" + ."\n" + .'- false: The permission scope is not required.'."\n" + ."\n" + .'The `openid` scope is required by default.', + 'type' => 'boolean', + 'title' => '', + 'example' => 'true', + ], + ], + 'title' => '', + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + 'title' => '', + ], + 'AppId' => [ + 'description' => 'The application ID.', + 'type' => 'string', + 'title' => '', + 'example' => '472457090344041****', + ], + 'RefreshTokenValidity' => [ + 'description' => 'The validity period of the refresh token. Unit: seconds.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '7776000', + ], + 'IsMultiTenant' => [ + 'description' => 'Indicates whether the application can be installed by other Alibaba Cloud accounts.', + 'type' => 'boolean', + 'title' => '', + 'example' => 'true', + ], + 'AppType' => [ + 'description' => 'The application type. Valid values:'."\n" + ."\n" + .'- WebApp: a web application that is based on browser interaction.'."\n" + ."\n" + .'- NativeApp: a native application that runs on an operating system, such as a desktop or mobile operating system.'."\n" + ."\n" + .'- ServerApp: an application that can directly access Alibaba Cloud services without user logon. Currently, only applications that use the System for Cross-domain Identity Management (SCIM) for user synchronization are supported.', + 'type' => 'string', + 'title' => '', + 'example' => 'WebApp', + ], + 'ProtocolVersion' => [ + 'type' => 'string', + 'description' => 'The OAuth protocol version of the application. Valid values:'."\n" + ."\n" + .'- `2.0`: OAuth 2.0.'."\n" + ."\n" + .'- `2.1`: OAuth 2.1.', + 'title' => '', + 'example' => '2.0', + ], + ], + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"6616F09B-2768-4C11-8866-A8EE4C4A583E\\",\\n \\"Application\\": {\\n \\"DisplayName\\": \\"myapp\\",\\n \\"AccessTokenValidity\\": 3600,\\n \\"SecretRequired\\": true,\\n \\"AccountId\\": \\"177242285274****\\",\\n \\"CreateDate\\": \\"2020-10-23T08:06:57Z\\",\\n \\"AppName\\": \\"myapp\\",\\n \\"RedirectUris\\": {\\n \\"RedirectUri\\": [\\n \\"https://www.example.com\\"\\n ]\\n },\\n \\"UpdateDate\\": \\"2020-10-23T08:06:57Z\\",\\n \\"DelegatedScope\\": {\\n \\"PredefinedScopes\\": {\\n \\"PredefinedScope\\": [\\n {\\n \\"Description\\": \\"Obtain the OpenID of the user. This is the default permission that you cannot remove.\\",\\n \\"Name\\": \\"openid\\",\\n \\"Required\\": true\\n }\\n ]\\n }\\n },\\n \\"AppId\\": \\"472457090344041****\\",\\n \\"RefreshTokenValidity\\": 7776000,\\n \\"IsMultiTenant\\": true,\\n \\"AppType\\": \\"WebApp\\",\\n \\"ProtocolVersion\\": \\"2.0\\"\\n }\\n}","type":"json"}]', + 'title' => 'GetApplication', + 'description' => 'This topic provides an example of how to query the configuration information of the application `472457090344041****`.', + 'requestParamsDescription' => 'For more information about common request parameters, see [Common parameters](~~187377~~).', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetApplication', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + ], + ], + 'GetApplicationProvisionInfo' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramCEEHYN', + ], + ], + 'parameters' => [ + [ + 'name' => 'AppId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the application.', + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => '452392483381546****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '936E1D9C-157D-45BD-8A3B-81C0716EB078', + 'title' => '', + ], + 'ApplicationProvisionInfo' => [ + 'description' => 'The installation information about the application.'."\n", + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the application.'."\n", + 'type' => 'string', + 'example' => 'GiteeAliyun', + 'title' => '', + ], + 'AppName' => [ + 'description' => 'The name of the application.'."\n", + 'type' => 'string', + 'example' => 'GiteePrd', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The update time. The value is a timestamp.'."\n", + 'type' => 'string', + 'example' => '1603693518000', + 'title' => '', + ], + 'AppId' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'example' => '452392483381546****', + 'title' => '', + ], + 'DelegatedScope' => [ + 'description' => 'The information about the scopes of permissions that are granted to the application.'."\n", + 'type' => 'object', + 'properties' => [ + 'PredefinedScopes' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'PredefinedScope' => [ + 'description' => 'The information about the scopes of permissions that are granted to the application.'."\n", + 'title' => '', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Description' => [ + 'description' => 'The description of the permission scope.'."\n", + 'type' => 'string', + 'example' => 'Obtains the OpenID of the user. This is the default scope and cannot be deleted.', + 'title' => '', + ], + 'Name' => [ + 'description' => 'The name of the permission scope.'."\n", + 'type' => 'string', + 'example' => 'openid', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + ], + ], + 'title' => '', + ], + 'AccountId' => [ + 'description' => 'The ID of the Alibaba Cloud account.'."\n", + 'type' => 'string', + 'example' => '177242285274****', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the application was installed. The value is a timestamp.'."\n", + 'type' => 'string', + 'example' => '1603693518000', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"936E1D9C-157D-45BD-8A3B-81C0716EB078\\",\\n \\"ApplicationProvisionInfo\\": {\\n \\"DisplayName\\": \\"GiteeAliyun\\",\\n \\"AppName\\": \\"GiteePrd\\",\\n \\"UpdateDate\\": \\"1603693518000\\",\\n \\"AppId\\": \\"452392483381546****\\",\\n \\"DelegatedScope\\": {\\n \\"PredefinedScopes\\": {\\n \\"PredefinedScope\\": [\\n {\\n \\"Description\\": \\"Obtains the OpenID of the user. This is the default scope and cannot be deleted.\\",\\n \\"Name\\": \\"openid\\"\\n }\\n ]\\n }\\n },\\n \\"AccountId\\": \\"177242285274****\\",\\n \\"CreateDate\\": \\"1603693518000\\"\\n }\\n}","errorExample":""},{"type":"xml","example":"","errorExample":""}]', + 'title' => 'GetApplicationProvisionInfo', + 'summary' => 'Queries installation information about a specified installed application.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetApplicationProvisionInfo', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'GetCredentialReport' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramYDDQL2', + ], + ], + 'parameters' => [ + [ + 'name' => 'NextToken', + 'in' => 'query', + 'schema' => [ + 'description' => 'The token that is used to initiate the next request if the response of the current request is truncated. You can use the token to initiate another request and obtain the remaining records.``'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + [ + 'name' => 'MaxItems', + 'in' => 'query', + 'schema' => [ + 'description' => 'The number of entries per page. If a response is truncated because it reaches the value of `MaxItems`, the value of `IsTruncated` will be true.'."\n" + ."\n" + .'Valid values: 1 to 3501. Default value: 3501.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '1000', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'GeneratedTime' => [ + 'description' => 'The time when the user credential report was generated.'."\n", + 'type' => 'string', + 'example' => '2020-10-19T15:06:52Z', + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '7A01826E-7601-44B0-B4DF-2B0C509836DE', + 'title' => '', + ], + 'Content' => [ + 'description' => 'The content of the user credential report.'."\n" + ."\n" + .'The report is Base64-encoded. After you decode the report, the credential report is in the CSV format.'."\n", + 'type' => 'string', + 'example' => 'OVZWK4RMOVZW****', + 'title' => '', + ], + 'IsTruncated' => [ + 'description' => 'Indicates whether the response is truncated. Valid values:'."\n" + ."\n" + .'* true'."\n" + .'* false'."\n", + 'type' => 'string', + 'example' => 'true', + 'title' => '', + ], + 'NextToken' => [ + 'description' => 'The parameter that is used to obtain the truncated part. This parameter takes effect only when `IsTruncated` is set to true.'."\n", + 'type' => 'string', + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"GeneratedTime\\": \\"2020-10-19T15:06:52Z\\",\\n \\"RequestId\\": \\"7A01826E-7601-44B0-B4DF-2B0C509836DE\\",\\n \\"Content\\": \\"OVZWK4RMOVZW****\\",\\n \\"IsTruncated\\": \\"true\\",\\n \\"NextToken\\": \\"EXAMPLE\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\t2020-10-19T15:06:52Z\\r\\n\\t7A01826E-7601-44B0-B4DF-2B0C509836DE\\r\\n\\tOVZWK4RMOVZW****\\r\\n\\r\\n\\t\\r\\n","errorExample":""}]', + 'title' => 'GetCredentialReport', + 'summary' => 'Queries the user credential reports of an Alibaba Cloud account.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetCredentialReport', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'GetDefaultDomain' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramM70W9U', + ], + ], + 'parameters' => [], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'DefaultDomainName' => [ + 'description' => 'The default domain name.'."\n", + 'type' => 'string', + 'example' => 'examplecompany.onaliyun.com', + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '66815255-7CCE-4759-AC37-9755794C3626', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"DefaultDomainName\\": \\"examplecompany.onaliyun.com\\",\\n \\"RequestId\\": \\"66815255-7CCE-4759-AC37-9755794C3626\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n examplecompany.onaliyun.com\\r\\n 66815255-7CCE-4759-AC37-9755794C3626\\r\\n","errorExample":""}]', + 'title' => 'GetDefaultDomain', + 'summary' => 'Queries the default domain name of an Alibaba Cloud account.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetDefaultDomain', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'GetExternalApplication' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram2SMFX0', + ], + ], + 'parameters' => [ + [ + 'name' => 'AppId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => '472457090344041****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'E4C4D1BD-2558-5BD1-8C36-A5D7FB174A55', + 'title' => '', + ], + 'ExternalApplication' => [ + 'description' => 'The information about the external application.'."\n", + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the application.'."\n", + 'type' => 'string', + 'example' => 'GiteeAliyun', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The update time of the application. The value is a timestamp.'."\n", + 'type' => 'string', + 'example' => '1737534146000', + 'title' => '', + ], + 'DelegatedScope' => [ + 'description' => 'The information about the permissions that are granted on the application.'."\n", + 'type' => 'object', + 'properties' => [ + 'PredefinedScopes' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'PredefinedScope' => [ + 'description' => 'The information about the permissions that are granted on the application.'."\n", + 'title' => '', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Description' => [ + 'description' => 'The description of the permission.'."\n", + 'type' => 'string', + 'example' => 'Obtains the OpenID of the user. This is the default scope and cannot be deleted.', + 'title' => '', + ], + 'Name' => [ + 'description' => 'The name of the permission.'."\n", + 'type' => 'string', + 'example' => 'openid', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + ], + ], + 'title' => '', + ], + 'AppPrincipalName' => [ + 'description' => 'The name of the application principal. The value is in the `@app..onaliyun.com` format.'."\n", + 'type' => 'string', + 'example' => 'GiteePrd@app.153082740420****.onaliyun.com', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the application was installed. The value is a timestamp.'."\n", + 'type' => 'string', + 'example' => '1737534146000', + 'title' => '', + ], + 'TenantId' => [ + 'description' => 'The ID of the Alibaba Cloud account for which the application is installed.'."\n", + 'type' => 'string', + 'example' => '173082740420****', + 'title' => '', + ], + 'ForeignAppId' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'example' => '407426893752729****', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"E4C4D1BD-2558-5BD1-8C36-A5D7FB174A55\\",\\n \\"ExternalApplication\\": {\\n \\"DisplayName\\": \\"GiteeAliyun\\",\\n \\"UpdateDate\\": \\"1737534146000\\",\\n \\"DelegatedScope\\": {\\n \\"PredefinedScopes\\": {\\n \\"PredefinedScope\\": [\\n {\\n \\"Description\\": \\"Obtains the OpenID of the user. This is the default scope and cannot be deleted.\\",\\n \\"Name\\": \\"openid\\"\\n }\\n ]\\n }\\n },\\n \\"AppPrincipalName\\": \\"GiteePrd@app.153082740420****.onaliyun.com\\",\\n \\"CreateDate\\": \\"1737534146000\\",\\n \\"TenantId\\": \\"173082740420****\\",\\n \\"ForeignAppId\\": \\"407426893752729****\\"\\n }\\n}","type":"json"}]', + 'title' => 'GetExternalApplication', + 'summary' => 'Queries information about an installed external application.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetExternalApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'GetGovernanceItemReport' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'GovernanceItemType', + 'in' => 'query', + 'schema' => [ + 'description' => 'The check item. For more information, see [Identity and access governance check items](https://help.aliyun.com/zh/ram/user-guide/overview-of-cloud-governance-for-ram?spm=a2c4g.11174283.0.0.88b3de53tfL5XG#section-q06-p9p-8vl).', + 'type' => 'string', + 'required' => false, + 'example' => 'SSOLoginEnabled', + 'title' => '', + ], + ], + [ + 'name' => 'Marker', + 'in' => 'query', + 'schema' => [ + 'description' => 'If the response is truncated, use the `Marker` to retrieve the subsequent content.', + 'type' => 'string', + 'required' => false, + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + [ + 'name' => 'MaxItems', + 'in' => 'query', + 'schema' => [ + 'description' => 'The number of entries to return. If the response is truncated because the number of entries exceeds the value of `MaxItems`, the value of the `IsTruncated` parameter is true.'."\n" + ."\n" + .'Valid values: 1 to 1000. Default value: 1000.', + 'type' => 'string', + 'required' => false, + 'example' => '1000', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => 'F2CE9688-AA85-5F23-8C22-0EC23473405F', + 'title' => '', + ], + 'GenerateTime' => [ + 'description' => 'The time when the report for the check item was generated.', + 'type' => 'string', + 'example' => '2020-10-19T15:06:52Z', + 'title' => '', + ], + 'MetricType' => [ + 'description' => 'The data type of the metric value. Valid values:'."\n" + ."\n" + .'- Number: the numeric type.'."\n" + ."\n" + .'- String: the string type.'."\n" + ."\n" + .'- Boolean: the Boolean type.', + 'type' => 'string', + 'example' => 'Number', + 'title' => '', + ], + 'MetricValue' => [ + 'description' => 'The metric value.', + 'type' => 'any', + 'example' => '100', + 'title' => '', + ], + 'ColumnsSchema' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'ColumnSchema' => [ + 'type' => 'array', + 'items' => [ + 'description' => 'The schema of a single detail column.', + 'type' => 'object', + 'properties' => [ + 'ColumnName' => [ + 'description' => 'The column name.', + 'type' => 'string', + 'example' => 'UserPrincipalName', + 'title' => '', + ], + 'ColumnType' => [ + 'description' => 'The column type. Valid values:'."\n" + ."\n" + .'- Number: the numeric type.'."\n" + ."\n" + .'- String: the string type.'."\n" + ."\n" + .'- Boolean: the Boolean type.', + 'type' => 'string', + 'example' => 'String', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'description' => 'The schema of the detail columns. This is an array, and its length is the number of columns.', + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'ColumnsValue' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'ColumnRow' => [ + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'ColumnValue' => [ + 'description' => 'A row of detailed values.', + 'type' => 'array', + 'items' => [ + 'description' => 'The data object in this row.', + 'type' => 'any', + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'description' => 'The detailed values, which are a two-dimensional array. Each row has a fixed length. The data type, value, length, and order of values in each row are consistent with the schema described in ColumnsSchema.', + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'IsTruncated' => [ + 'description' => 'Indicates whether the response is truncated. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + 'Marker' => [ + 'description' => 'This parameter is returned only when `IsTruncated` is set to true. Use this parameter to retrieve the truncated content.', + 'type' => 'string', + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => 'Query the detection report of a specified identity permission administration check item ', + 'summary' => 'Queries the details of a specific check item in an identity and access governance report.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetGovernanceItemReport', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetGovernanceItemReport', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F2CE9688-AA85-5F23-8C22-0EC23473405F\\",\\n \\"GenerateTime\\": \\"2020-10-19T15:06:52Z\\",\\n \\"MetricType\\": \\"Number\\",\\n \\"MetricValue\\": \\"100\\",\\n \\"ColumnsSchema\\": {\\n \\"ColumnSchema\\": [\\n {\\n \\"ColumnName\\": \\"UserPrincipalName\\",\\n \\"ColumnType\\": \\"String\\"\\n }\\n ]\\n },\\n \\"ColumnsValue\\": {\\n \\"ColumnRow\\": [\\n {\\n \\"ColumnValue\\": [\\n \\"test@example.onaliyun.com\\"\\n ]\\n }\\n ]\\n },\\n \\"IsTruncated\\": true,\\n \\"Marker\\": \\"EXAMPLE\\"\\n}","type":"json"}]', + ], + 'GetGovernanceReportStatus' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramOHWKAN', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => 'F2CE9688-AA85-5F23-8C22-0EC23473405A', + 'title' => '', + ], + 'WholeReportStatus' => [ + 'description' => 'The generation status of the report. Valid values:'."\n" + ."\n" + .'- Started: The report generation has started.'."\n" + ."\n" + .'- Progressing: The report is being generated.'."\n" + ."\n" + .'- Completed: The report has been generated.', + 'type' => 'string', + 'example' => 'Progressing', + 'title' => '', + ], + 'GovernanceItemsStatus' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'GovernanceItemStatus' => [ + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'GovernanceItem' => [ + 'description' => 'The name of the governance item.', + 'type' => 'string', + 'example' => 'AccountRecentUsingAccessKey', + 'title' => '', + ], + 'Status' => [ + 'description' => 'The generation status of the governance item report. Valid values:'."\n" + ."\n" + .'- Started: The report generation has started.'."\n" + ."\n" + .'- Progressing: The report is being generated.'."\n" + ."\n" + .'- Completed: The report has been generated.', + 'type' => 'string', + 'example' => 'Progressing', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'description' => 'An array that contains the generation status of each governance item in the report.', + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => 'Query the generation status of the identity permission governance detection report', + 'summary' => 'Queries the status of an identity and access governance report.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetGovernanceReportStatus', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetGovernanceReportStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F2CE9688-AA85-5F23-8C22-0EC23473405A\\",\\n \\"WholeReportStatus\\": \\"Progressing\\",\\n \\"GovernanceItemsStatus\\": {\\n \\"GovernanceItemStatus\\": [\\n {\\n \\"GovernanceItem\\": \\"AccountRecentUsingAccessKey\\",\\n \\"Status\\": \\"Progressing\\"\\n }\\n ]\\n }\\n}","type":"json"}]', + ], + 'GetGroup' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram3V29VK', + ], + ], + 'parameters' => [ + [ + 'name' => 'GroupName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the RAM user group.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'Dev-Team', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'Group' => [ + 'description' => 'The information about the RAM user group.'."\n", + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the RAM user group.'."\n", + 'type' => 'string', + 'example' => 'Dev-Team', + 'title' => '', + ], + 'GroupId' => [ + 'description' => 'The ID of the RAM user group.'."\n", + 'type' => 'string', + 'example' => '740317625433843****', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The update time.'."\n", + 'type' => 'string', + 'example' => '2020-10-19T16:15:17Z', + 'title' => '', + ], + 'GroupName' => [ + 'description' => 'The name of the RAM user group.'."\n", + 'type' => 'string', + 'example' => 'Dev-Team', + 'title' => '', + ], + 'Comments' => [ + 'description' => 'The description.'."\n", + 'type' => 'string', + 'example' => 'Dev-Team', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The creation time.'."\n", + 'type' => 'string', + 'example' => '2020-10-19T16:15:17Z', + 'title' => '', + ], + ], + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '86ECEC3C-7262-4C3C-94B4-A98F7CC1F060', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"Group\\": {\\n \\"DisplayName\\": \\"Dev-Team\\",\\n \\"GroupId\\": \\"740317625433843****\\",\\n \\"UpdateDate\\": \\"2020-10-19T16:15:17Z\\",\\n \\"GroupName\\": \\"Dev-Team\\",\\n \\"Comments\\": \\"Dev-Team\\",\\n \\"CreateDate\\": \\"2020-10-19T16:15:17Z\\"\\n },\\n \\"RequestId\\": \\"86ECEC3C-7262-4C3C-94B4-A98F7CC1F060\\"\\n}","errorExample":""},{"type":"xml","example":"","errorExample":""}]', + 'title' => 'GetGroup', + 'summary' => 'Queries the information about a Resource Access Management (RAM) user group.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/{#GroupName}', + ], + ], + ], + ], + ], + ], + 'GetLoginProfile' => [ + 'summary' => 'Retrieves the logon information for a specified Resource Access Management (RAM) user.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '7462', + 'abilityTreeNodes' => [ + 'FEATUREramFSAEMQ', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.', + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response that is returned.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The ID of the request.', + 'type' => 'string', + 'example' => 'E517F18B-632C-48FC-93F1-CDCBCC6F8444', + 'title' => '', + ], + 'LoginProfile' => [ + 'description' => 'The logon information for the console.', + 'type' => 'object', + 'properties' => [ + 'Status' => [ + 'description' => 'The status of console logon. Valid values:'."\n" + ."\n" + .'- Active: Console logon is enabled.'."\n" + ."\n" + .'- Inactive: Console logon is disabled.', + 'type' => 'string', + 'example' => 'Active', + 'title' => '', + ], + 'UserPrincipalName' => [ + 'description' => 'The logon name of the RAM user.', + 'type' => 'string', + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The time when the logon profile was last updated. The time is in Coordinated Universal Time (UTC).', + 'type' => 'string', + 'example' => '2020-10-14T06:56:45Z', + 'title' => '', + ], + 'LastLoginTime' => [ + 'description' => 'The time when the RAM user last logged on to the console. The time is in UTC.', + 'type' => 'string', + 'example' => '2020-10-14T07:25:25Z', + 'title' => '', + ], + 'PasswordResetRequired' => [ + 'description' => 'Indicates whether the RAM user must reset the password at the next logon. Valid values:'."\n" + ."\n" + .'- false: The RAM user is not required to reset the password.'."\n" + ."\n" + .'- true: The RAM user is required to reset the password.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'MFABindRequired' => [ + 'description' => 'Indicates whether multi-factor authentication (MFA) is required for the user. Valid values:'."\n" + ."\n" + .'- false: MFA is not required.'."\n" + ."\n" + .'- true: MFA is required.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'AutoDisableLoginStatus' => [ + 'description' => 'Indicates whether console logon is automatically disabled if the user is inactive. This feature is enabled by default and cannot be disabled.', + 'type' => 'string', + 'example' => 'true', + 'title' => '', + ], + 'PasswordStatus' => [ + 'description' => 'The status of the initial password. An initial password is the password that is configured when you create a logon profile or re-enable console logon.'."\n" + ."\n" + .'Valid values'."\n" + ."\n" + .'- "NotInitial": The password is not an initial password.'."\n" + ."\n" + .'- "InitialValid": The initial password is valid.'."\n" + ."\n" + .'- "InitialExpired": The initial password has expired.', + 'type' => 'string', + 'example' => 'NotInitial', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"E517F18B-632C-48FC-93F1-CDCBCC6F8444\\",\\n \\"LoginProfile\\": {\\n \\"Status\\": \\"Active\\",\\n \\"UserPrincipalName\\": \\"test@example.onaliyun.com\\",\\n \\"UpdateDate\\": \\"2020-10-14T06:56:45Z\\",\\n \\"LastLoginTime\\": \\"2020-10-14T07:25:25Z\\",\\n \\"PasswordResetRequired\\": false,\\n \\"MFABindRequired\\": false,\\n \\"AutoDisableLoginStatus\\": \\"true\\",\\n \\"PasswordStatus\\": \\"NotInitial\\"\\n }\\n}","type":"json"}]', + 'title' => 'GetLoginProfile', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetLoginProfile', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetLoginProfile', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'GetOIDCProvider' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'OIDCProviderName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'E5E1A300-279D-5FBD-A8CF-F4EDC20C4896', + 'title' => '', + ], + 'OIDCProvider' => [ + 'description' => 'The information about the OIDC IdP.'."\n", + 'type' => 'object', + 'properties' => [ + 'UpdateDate' => [ + 'description' => 'The time when the OIDC IdP was modified. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-12T08:38:29Z', + 'title' => '', + ], + 'Description' => [ + 'description' => 'The description of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'This is a new OIDC Provider.', + 'title' => '', + ], + 'OIDCProviderName' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the OIDC IdP was created. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-11T06:56:03Z', + 'title' => '', + ], + 'Arn' => [ + 'description' => 'The Alibaba Cloud Resource Name (ARN) of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'acs:ram::177242285274****:oidc-provider/TestOIDCProvider', + 'title' => '', + ], + 'IssuerUrl' => [ + 'description' => 'The URL of the issuer.'."\n", + 'type' => 'string', + 'example' => 'https://dev-xxxxxx.okta.com', + 'title' => '', + ], + 'Fingerprints' => [ + 'description' => 'The fingerprint of the HTTPS certificate. If multiple fingerprints are returned, the fingerprints are separated by commas (,).'."\n", + 'type' => 'string', + 'example' => '902ef2deeb3c5b13ea4c3d5193629309e231****', + 'title' => '', + ], + 'ClientIds' => [ + 'description' => 'The ID of the client. If multiple client IDs are returned, the client IDs are separated by commas (,).'."\n", + 'type' => 'string', + 'example' => '498469743454717****', + 'title' => '', + ], + 'GmtCreate' => [ + 'description' => 'The timestamp when the OIDC IdP was created.'."\n", + 'type' => 'string', + 'example' => '1636613763000', + 'title' => '', + ], + 'GmtModified' => [ + 'description' => 'The timestamp when the OIDC IdP was modified.'."\n", + 'type' => 'string', + 'example' => '1636706309000', + 'title' => '', + ], + 'IssuanceLimitTime' => [ + 'description' => 'The earliest time when an external IdP can issue an ID token. If the value of the iat field in the ID token is later than the current time, the request is rejected. Unit: hours. Valid values: 1 to 168.'."\n", + 'type' => 'integer', + 'format' => 'int64', + 'example' => '12', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"E5E1A300-279D-5FBD-A8CF-F4EDC20C4896\\",\\n \\"OIDCProvider\\": {\\n \\"UpdateDate\\": \\"2021-11-12T08:38:29Z\\",\\n \\"Description\\": \\"This is a new OIDC Provider.\\",\\n \\"OIDCProviderName\\": \\"TestOIDCProvider\\",\\n \\"CreateDate\\": \\"2021-11-11T06:56:03Z\\",\\n \\"Arn\\": \\"acs:ram::177242285274****:oidc-provider/TestOIDCProvider\\",\\n \\"IssuerUrl\\": \\"https://dev-xxxxxx.okta.com\\",\\n \\"Fingerprints\\": \\"902ef2deeb3c5b13ea4c3d5193629309e231****\\",\\n \\"ClientIds\\": \\"498469743454717****\\",\\n \\"GmtCreate\\": \\"1636613763000\\",\\n \\"GmtModified\\": \\"1636706309000\\",\\n \\"IssuanceLimitTime\\": 12\\n }\\n}","errorExample":""},{"type":"xml","example":"\\n E5E1A300-279D-5FBD-A8CF-F4EDC20C4896\\n \\n 2021-11-12T08:38:29Z\\n This is a new OIDC Provider.\\n TestOIDCProvider\\n 2021-11-11T06:56:03Z\\n acs:ram::177242285274****:oidc-provider/TestOIDCProvider\\n https://dev-xxxxxx.okta.com\\n 902ef2deeb3c5b13ea4c3d5193629309e231****\\n 498469743454717****\\n 1636613763000\\n 1636706309000\\n \\n","errorExample":""}]', + 'title' => 'GetOIDCProvider', + 'summary' => 'Queries the information about an OIDC IdP.', + 'description' => '###'."\n" + ."\n" + .'This topic provides an example on how to query the information about an OpenID Connect (OIDC) identity provider (IdP) named `TestOIDCProvider`.'."\n", + 'requestParamsDescription' => 'For more information about common request parameters, see [API Reference](~~187377~~).'."\n", + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + ], + ], + ], + ], + ], + 'GetPasswordPolicy' => [ + 'summary' => 'Retrieves the password strength policy for Resource Access Management (RAM) users.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramFSAEMQ', + ], + ], + 'parameters' => [], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => 'BDAA8408-E67C-428B-BFF0-1B2AC05C9610', + 'title' => '', + ], + 'PasswordPolicy' => [ + 'description' => 'The password strength policy.', + 'type' => 'object', + 'properties' => [ + 'RequireNumbers' => [ + 'description' => 'Specifies whether the password must contain numbers.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'RequireLowercaseCharacters' => [ + 'description' => 'Specifies whether the password must contain lowercase letters.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'PasswordReusePrevention' => [ + 'description' => 'The number of previous passwords that cannot be reused.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + 'title' => '', + ], + 'RequireSymbols' => [ + 'description' => 'Specifies whether the password must contain symbols.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'PasswordNotContainUserName' => [ + 'description' => 'Specifies whether the password is prohibited from containing the username.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'MinimumPasswordDifferentCharacter' => [ + 'description' => 'The minimum number of different characters in the password.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + 'title' => '', + ], + 'MaxPasswordAge' => [ + 'description' => 'The password validity period.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + 'title' => '', + ], + 'HardExpire' => [ + 'description' => 'Specifies whether users are prohibited from logging on after their passwords expire.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'MinimumPasswordLength' => [ + 'description' => 'The minimum password length.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '8', + 'title' => '', + ], + 'RequireUppercaseCharacters' => [ + 'description' => 'Specifies whether the password must contain uppercase letters.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'MaxLoginAttemps' => [ + 'description' => 'The maximum number of failed logon attempts before a user is locked out.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + 'title' => '', + ], + 'InitialPasswordAge' => [ + 'description' => 'The validity period of the initial password.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '14', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BDAA8408-E67C-428B-BFF0-1B2AC05C9610\\",\\n \\"PasswordPolicy\\": {\\n \\"RequireNumbers\\": false,\\n \\"RequireLowercaseCharacters\\": false,\\n \\"PasswordReusePrevention\\": 0,\\n \\"RequireSymbols\\": false,\\n \\"PasswordNotContainUserName\\": false,\\n \\"MinimumPasswordDifferentCharacter\\": 0,\\n \\"MaxPasswordAge\\": 0,\\n \\"HardExpire\\": false,\\n \\"MinimumPasswordLength\\": 8,\\n \\"RequireUppercaseCharacters\\": false,\\n \\"MaxLoginAttemps\\": 0,\\n \\"InitialPasswordAge\\": 14\\n }\\n}","type":"json"}]', + 'title' => 'GetPasswordPolicy', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetPasswordPolicy', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetPasswordPolicy', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'GetSAMLProvider' => [ + 'summary' => 'Retrieves information about a specified SAML provider for role-based SSO.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram7YYMOK', + ], + ], + 'parameters' => [ + [ + 'name' => 'SAMLProviderName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the SAML provider.', + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'title' => '', + 'example' => 'test-provider', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'title' => '', + 'example' => 'BAADB995-0C7A-476D-B293-7E94568EEDFB', + ], + 'SAMLProvider' => [ + 'description' => 'The information about the SAML provider.', + 'type' => 'object', + 'properties' => [ + 'Description' => [ + 'description' => 'The description.', + 'type' => 'string', + 'title' => '', + 'example' => 'This is a provider.', + ], + 'UpdateDate' => [ + 'description' => 'The time when the SAML provider was last updated.', + 'type' => 'string', + 'title' => '', + 'example' => '2020-10-22T02:51:20Z', + ], + 'SAMLProviderName' => [ + 'description' => 'The name of the SAML provider.', + 'type' => 'string', + 'title' => '', + 'example' => 'test-provider', + ], + 'CreateDate' => [ + 'description' => 'The time when the SAML provider was created.', + 'type' => 'string', + 'title' => '', + 'example' => '2020-10-22T02:37:05Z', + ], + 'EncodedSAMLMetadataDocument' => [ + 'description' => 'The Base64-encoded metadata file.', + 'type' => 'string', + 'title' => '', + 'example' => 'PD94bWwgdmVy****', + ], + 'Arn' => [ + 'description' => 'The Alibaba Cloud Resource Name (ARN) of the SAML provider.', + 'type' => 'string', + 'title' => '', + 'example' => 'acs:ram::177242285274****:saml-provider/test-provider', + ], + 'AuthnSignAlgo' => [ + 'type' => 'string', + 'description' => 'The signature algorithm supported by the Alibaba Cloud service provider (SP). Valid values:'."\n" + ."\n" + .'- rsa-sha256'."\n" + ."\n" + .'- rsa-sha1', + 'title' => '', + 'example' => 'rsa-sha1', + ], + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BAADB995-0C7A-476D-B293-7E94568EEDFB\\",\\n \\"SAMLProvider\\": {\\n \\"Description\\": \\"This is a provider.\\",\\n \\"UpdateDate\\": \\"2020-10-22T02:51:20Z\\",\\n \\"SAMLProviderName\\": \\"test-provider\\",\\n \\"CreateDate\\": \\"2020-10-22T02:37:05Z\\",\\n \\"EncodedSAMLMetadataDocument\\": \\"PD94bWwgdmVy****\\",\\n \\"Arn\\": \\"acs:ram::177242285274****:saml-provider/test-provider\\",\\n \\"AuthnSignAlgo\\": \\"rsa-sha1\\"\\n }\\n}","type":"json"}]', + 'title' => 'GetSAMLProvider', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetSAMLProvider', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetSAMLProvider', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'SAMLProvider', + 'arn' => 'acs:ram::{#accountId}:saml-provider/{#SAMLProviderName}', + ], + ], + ], + ], + ], + ], + 'GetSecurityPreference' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '7466', + 'abilityTreeNodes' => [ + 'FEATUREramPNEJCS', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.', + 'type' => 'object', + 'properties' => [ + 'SecurityPreference' => [ + 'description' => 'The information about security preferences.', + 'type' => 'object', + 'properties' => [ + 'AccessKeyPreference' => [ + 'description' => 'The AccessKey preference.', + 'type' => 'object', + 'properties' => [ + 'AllowUserToManageAccessKeys' => [ + 'description' => 'Indicates whether RAM users can manage their own AccessKey pairs. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'LoginProfilePreference' => [ + 'description' => 'The logon preferences.', + 'type' => 'object', + 'properties' => [ + 'EnableSaveMFATicket' => [ + 'description' => 'Indicates whether to save the multi-factor authentication (MFA) status for seven days after a RAM user logs on using MFA. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'LoginSessionDuration' => [ + 'description' => 'The duration of a logon session for a RAM user. Unit: hours.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '6', + 'title' => '', + ], + 'LoginNetworkMasks' => [ + 'description' => 'The the IP addresses or CIDR blocks from which RAM users are allowed to sign in to the Alibaba Cloud console.', + 'type' => 'string', + 'example' => '10.0.0.0/8', + 'title' => '', + ], + 'AllowUserToChangePassword' => [ + 'description' => 'Indicates whether RAM users can manage their own passwords. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + 'OperationForRiskLogin' => [ + 'description' => 'Indicates whether to use MFA for secondary authentication during an abnormal logon. Valid values:'."\n" + ."\n" + .'- autonomous (default): The secondary authentication can be skipped. The attachment of an MFA device is not required.'."\n" + ."\n" + .'- enforceVerify: The secondary authentication is required.', + 'type' => 'string', + 'deprecated' => true, + 'example' => 'autonomous', + 'title' => '', + ], + 'MFAOperationForLogin' => [ + 'description' => 'Indicates whether MFA is required for logon. This parameter replaces `EnforceMFAForLogin`. The `EnforceMFAForLogin` parameter is still valid, but using this new parameter is recommended. Valid values:'."\n" + ."\n" + .'- mandatory: MFA is required for all RAM users. This value corresponds to `true` for the `EnforceMFAForLogin` parameter.'."\n" + ."\n" + .'- independent (default): The MFA configuration of each RAM user is used. This value corresponds to `false` for the `EnforceMFAForLogin` parameter.'."\n" + ."\n" + .'- adaptive: MFA is required only for abnormal logons.', + 'type' => 'string', + 'example' => 'adaptive', + 'title' => '', + ], + 'AllowUserToLoginWithPasskey' => [ + 'description' => 'Indicates whether RAM users can log on using passkeys. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'MFAPreference' => [ + 'description' => 'The MFA preferences.', + 'type' => 'object', + 'properties' => [ + 'AllowUserToManageMFADevices' => [ + 'description' => 'Indicates whether RAM users can manage their own MFA devices. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'VerificationPreference' => [ + 'description' => 'The preferences for MFA methods.', + 'type' => 'object', + 'properties' => [ + 'VerificationTypes' => [ + 'description' => 'The MFA methods.', + 'type' => 'array', + 'items' => [ + 'description' => 'The MFA method. Valid values:'."\n" + ."\n" + .'- sms: SMS verification'."\n" + ."\n" + .'- email: Email verification', + 'type' => 'string', + 'example' => '["sms","email"]', + 'title' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'PersonalInfoPreference' => [ + 'description' => 'The personal information preferences.', + 'type' => 'object', + 'properties' => [ + 'AllowUserToManagePersonalDingTalk' => [ + 'description' => 'Indicates whether RAM users can attach or detach their personal DingTalk accounts. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'MaxIdleDays' => [ + 'description' => 'The configuration of the maximum idle period.', + 'type' => 'object', + 'properties' => [ + 'MaxIdleDaysForUsers' => [ + 'description' => 'The maximum idle period for RAM users. If a RAM user with console logon enabled remains inactive for this period, their console logon is automatically disabled the next day. This does not apply to single sign-on (SSO) logons.'."\n" + ."\n" + .'Default value: 730.'."\n" + ."\n" + .'Unit: days.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '730', + 'title' => '', + ], + 'MaxIdleDaysForAccessKeys' => [ + 'description' => 'The maximum idle period for the AccessKey pair of a RAM user. If an AccessKey pair remains unused for this period, it is automatically disabled the next day.'."\n" + ."\n" + .'Default value: 730.'."\n" + ."\n" + .'Unit: days.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '730', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => '30C9068D-FBAA-4998-9986-8A562FED0BC3', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => 'GetSecurityPreference', + 'summary' => 'Queries the global security preferences for Resource Access Management (RAM) users.', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetSecurityPreference', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetSecurityPreference', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"SecurityPreference\\": {\\n \\"AccessKeyPreference\\": {\\n \\"AllowUserToManageAccessKeys\\": false\\n },\\n \\"LoginProfilePreference\\": {\\n \\"EnableSaveMFATicket\\": false,\\n \\"LoginSessionDuration\\": 6,\\n \\"LoginNetworkMasks\\": \\"10.0.0.0/8\\",\\n \\"AllowUserToChangePassword\\": true,\\n \\"OperationForRiskLogin\\": \\"autonomous\\",\\n \\"MFAOperationForLogin\\": \\"adaptive\\",\\n \\"AllowUserToLoginWithPasskey\\": true\\n },\\n \\"MFAPreference\\": {\\n \\"AllowUserToManageMFADevices\\": false\\n },\\n \\"VerificationPreference\\": {\\n \\"VerificationTypes\\": [\\n \\"[\\\\\\"sms\\\\\\",\\\\\\"email\\\\\\"]\\"\\n ]\\n },\\n \\"PersonalInfoPreference\\": {\\n \\"AllowUserToManagePersonalDingTalk\\": true\\n },\\n \\"MaxIdleDays\\": {\\n \\"MaxIdleDaysForUsers\\": 730,\\n \\"MaxIdleDaysForAccessKeys\\": 730\\n }\\n },\\n \\"RequestId\\": \\"30C9068D-FBAA-4998-9986-8A562FED0BC3\\"\\n}","type":"json"}]', + ], + 'GetUser' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n" + ."\n" + .'The name is in the format of `@.onaliyun.com`. `` indicates the name of the RAM user. `.onaliyun.com` indicates the default domain name.'."\n" + ."\n" + .'The value of `UserPrincipalName` must be `1 to 128` characters in length and can contain letters, digits, periods (.), hyphens (-), and underscores (\\_). The value of `` must be `1 to 64` characters in length.'."\n" + ."\n" + .'> You must specify only one of the following parameters: `UserPrincipalName`, `UserId`, and `UserAccessKeyId`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'UserId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: `UserPrincipalName`, `UserId`, and `UserAccessKeyId`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '20732900249392****', + 'title' => '', + ], + ], + [ + 'name' => 'UserAccessKeyId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The AccessKey ID of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: `UserPrincipalName`, `UserId`, and `UserAccessKeyId`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'LTAI*******************', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => '', + 'type' => 'object', + 'properties' => [ + 'User' => [ + 'description' => 'The information about the RAM user.'."\n", + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the RAM user.'."\n", + 'type' => 'string', + 'example' => 'test', + 'title' => '', + ], + 'UserPrincipalName' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'Email' => [ + 'description' => 'The email address of the RAM user.'."\n" + ."\n" + .'> This parameter is valid only on the China site (aliyun.com).'."\n", + 'type' => 'string', + 'example' => 'alice@example.com', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The time when the information about the RAM user was updated.'."\n", + 'type' => 'string', + 'example' => '2020-10-13T07:39:22Z', + 'title' => '', + ], + 'MobilePhone' => [ + 'description' => 'The mobile phone number of the RAM user.'."\n" + ."\n" + .'> This parameter is valid only on the China site (aliyun.com).'."\n", + 'type' => 'string', + 'example' => '86-1868888****', + 'title' => '', + ], + 'UserId' => [ + 'description' => 'The ID of the RAM user.'."\n", + 'type' => 'string', + 'example' => '20732900249392****', + 'title' => '', + ], + 'Comments' => [ + 'description' => 'The description.'."\n", + 'type' => 'string', + 'example' => 'This is a cloud computing engineer.', + 'title' => '', + ], + 'LastLoginDate' => [ + 'description' => 'The last time when the RAM user logged on to the Alibaba Cloud Management Console.'."\n", + 'type' => 'string', + 'example' => '2020-10-12T09:12:00Z', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the RAM user was created.'."\n", + 'type' => 'string', + 'example' => '2020-10-12T09:12:00Z', + 'title' => '', + ], + 'ProvisionType' => [ + 'description' => 'The source of the RAM user. Valid value:'."\n" + ."\n" + .'* Manual: The RAM user is manually created in the RAM console.'."\n" + .'* SCIM: The RAM user is mapped by using System for Cross-domain Identity Management (SCIM).'."\n" + .'* CloudSSO: The RAM user is mapped from a CloudSSO user.'."\n", + 'type' => 'string', + 'example' => 'CloudSSO', + 'title' => '', + ], + 'Tags' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'Tag' => [ + 'description' => 'The tags.'."\n", + 'title' => '', + 'type' => 'array', + 'items' => [ + 'description' => '', + 'type' => 'object', + 'properties' => [ + 'TagKey' => [ + 'description' => 'The tag key.'."\n", + 'type' => 'string', + 'example' => 'operator', + 'title' => '', + ], + 'TagValue' => [ + 'description' => 'The tag value.'."\n", + 'type' => 'string', + 'example' => 'alice', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + ], + 'UserName' => [ + 'description' => 'The username of the RAM user, which is the prefix of the logon name of the RAM user.', + 'type' => 'string', + 'example' => 'test', + 'title' => '', + ], + ], + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"User\\": {\\n \\"DisplayName\\": \\"test\\",\\n \\"UserPrincipalName\\": \\"test@example.onaliyun.com\\",\\n \\"Email\\": \\"alice@example.com\\",\\n \\"UpdateDate\\": \\"2020-10-13T07:39:22Z\\",\\n \\"MobilePhone\\": \\"86-1868888****\\",\\n \\"UserId\\": \\"20732900249392****\\",\\n \\"Comments\\": \\"This is a cloud computing engineer.\\",\\n \\"LastLoginDate\\": \\"2020-10-12T09:12:00Z\\",\\n \\"CreateDate\\": \\"2020-10-12T09:12:00Z\\",\\n \\"ProvisionType\\": \\"CloudSSO\\",\\n \\"Tags\\": {\\n \\"Tag\\": [\\n {\\n \\"TagKey\\": \\"operator\\",\\n \\"TagValue\\": \\"alice\\"\\n }\\n ]\\n },\\n \\"UserName\\": \\"test\\"\\n },\\n \\"RequestId\\": \\"4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\"\\n}","errorExample":""},{"type":"xml","example":"\\n \\n test\\n test@example.onaliyun.com\\n alice@example.com\\n 2020-10-13T07:39:22Z\\n 86-1868888****\\n 20732900249392****\\n This is a cloud computing engineer.\\n 2020-10-12T09:12:00Z\\n 2020-10-12T09:12:00Z\\n CloudSSO\\n \\n operator\\n alice\\n \\n \\n 4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\n","errorExample":""}]', + 'title' => 'GetUser', + 'summary' => 'Queries the information about a RAM user.', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetUser', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'GetUserInRecycleBin' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'UserId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: `UserId` and `UserAccessKeyId`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '20732900249392****', + 'title' => '', + ], + ], + [ + 'name' => 'UserAccessKeyId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The AccessKey ID of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: `UserId` and `UserAccessKeyId`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'LTAI*******************', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'User' => [ + 'description' => 'The information about the RAM user.'."\n", + 'type' => 'object', + 'properties' => [ + 'UserId' => [ + 'description' => 'The ID of the RAM user.'."\n", + 'type' => 'string', + 'example' => '20732900249392****', + 'title' => '', + ], + 'UserPrincipalName' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'DisplayName' => [ + 'description' => 'The display name of the RAM user.'."\n", + 'type' => 'string', + 'example' => 'test', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the RAM user was created.'."\n", + 'type' => 'string', + 'example' => '2020-10-11T09:12:00Z', + 'title' => '', + ], + 'RecycleDate' => [ + 'description' => 'The time when the RAM user was deleted and moved to the recycle bin.'."\n", + 'type' => 'string', + 'example' => '2020-10-12T09:12:00Z', + 'title' => '', + ], + 'DeleteDate' => [ + 'description' => 'The time when the RAM user will be permanently deleted from the recycle bin.'."\n", + 'type' => 'string', + 'example' => '2020-11-12T09:12:00Z', + 'title' => '', + ], + ], + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"User\\": {\\n \\"UserId\\": \\"20732900249392****\\",\\n \\"UserPrincipalName\\": \\"test@example.onaliyun.com\\",\\n \\"DisplayName\\": \\"test\\",\\n \\"CreateDate\\": \\"2020-10-11T09:12:00Z\\",\\n \\"RecycleDate\\": \\"2020-10-12T09:12:00Z\\",\\n \\"DeleteDate\\": \\"2020-11-12T09:12:00Z\\"\\n },\\n \\"RequestId\\": \\"4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\"\\n}","errorExample":""},{"type":"xml","example":"\\n \\n 20732900249392****\\n test@example.onaliyun.com\\n test\\n 2020-10-11T09:12:00Z\\n 2020-10-12T09:12:00Z\\n 2020-11-12T09:12:00Z\\n \\n 4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\n","errorExample":""}]', + 'title' => 'GetUserInRecycleBin', + 'summary' => 'Queries information about a specific Resource Access Management (RAM) user in the recycle bin.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetUserInRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'GetUserMFAInfo' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramCFN0GB', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user. This parameter is differently set in the following scenarios:'."\n" + ."\n" + .'* If you use a RAM user to call this operation, this parameter can be left empty. If you do not specify this parameter, information about the MFA device that is bound to the RAM user is queried.'."\n" + .'* If you use an Alibaba Cloud account to call this operation, you must set this parameter to the logon name of the RAM user that you want to query.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'MFADevice' => [ + 'description' => 'The information about the MFA device.'."\n", + 'type' => 'object', + 'properties' => [ + 'SerialNumber' => [ + 'description' => 'The serial number of the MFA device.'."\n", + 'type' => 'string', + 'example' => 'acs:ram::177242285274****:mfa/device001', + 'title' => '', + ], + 'Type' => [ + 'description' => 'The type of the MFA device. Valid values:'."\n" + ."\n" + .'* VMFA: virtual MFA device.'."\n" + .'* U2F: Universal 2nd Factor (U2F) security key.'."\n", + 'type' => 'string', + 'example' => 'VMFA', + 'title' => '', + ], + ], + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'FCF7322A-20A9-4F68-8B7F-F86958839BC0', + 'title' => '', + ], + 'IsMFAEnable' => [ + 'description' => 'Indicates whether the MFA device is enabled. Valid values:'."\n" + ."\n" + .'* true'."\n" + .'* false'."\n", + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"MFADevice\\": {\\n \\"SerialNumber\\": \\"acs:ram::177242285274****:mfa/device001\\",\\n \\"Type\\": \\"VMFA\\"\\n },\\n \\"RequestId\\": \\"FCF7322A-20A9-4F68-8B7F-F86958839BC0\\",\\n \\"IsMFAEnable\\": true\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\t\\r\\n\\t\\tacs:ram::177242285274****:mfa/device001\\r\\n VMFA\\r\\n\\t\\r\\n\\tFCF7322A-20A9-4F68-8B7F-F86958839BC0\\r\\n\\ttrue\\r\\n","errorExample":""}]', + 'title' => 'GetUserMFAInfo', + 'summary' => 'Queries information about the multi-factor authentication (MFA) device that is bound to a Resource Access Management (RAM) user.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetUserMFAInfo', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'GetUserSsoSettings' => [ + 'summary' => 'Queries the identity provider settings for user-based SSO.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramY87YVY', + ], + ], + 'parameters' => [], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'UserSsoSettings' => [ + 'description' => 'The user-based SSO settings.', + 'type' => 'object', + 'properties' => [ + 'AuxiliaryDomain' => [ + 'description' => 'The auxiliary domain name.', + 'type' => 'string', + 'title' => '', + 'example' => 'example.com', + ], + 'MetadataDocument' => [ + 'description' => 'The metadata file. The value is Base64-encoded.', + 'type' => 'string', + 'title' => '', + 'example' => 'PD94bWwgdmVy****', + ], + 'SsoEnabled' => [ + 'description' => 'Indicates whether user-based SSO is enabled.', + 'type' => 'boolean', + 'title' => '', + 'example' => 'false', + ], + 'SsoLoginWithDomain' => [ + 'description' => 'Specifies whether the `` element in a SAML response must contain a domain name when a user logs on using SAML SSO. The username for SSO logon matching is specified on the identity provider (IdP) side.'."\n" + ."\n" + .'- If this parameter is set to `true`, the value of the `` element **must** be in the `username@domain` format. The `domain` can be the default domain name or a domain alias, if a domain alias is configured.'."\n" + ."\n" + .'- If this parameter is set to `false`, the value of the `` element \\*\\*must\\*\\* contain only the \\`username\\` and \\*\\*must not\\*\\* contain the \\`domain\\` part.'."\n" + ."\n" + .'The default value is `true`.', + 'type' => 'boolean', + 'title' => '', + 'example' => 'true', + ], + 'AuthnSignAlgo' => [ + 'type' => 'string', + 'description' => 'The signature algorithm supported by the Alibaba Cloud service provider (SP). Valid values:'."\n" + ."\n" + .'- rsa-sha256'."\n" + ."\n" + .'- rsa-sha1', + 'title' => '', + 'example' => 'rsa-sha1', + ], + ], + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'title' => '', + 'example' => '69FC3E5E-D3D9-434B-90CA-BBA8E0551A47', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"UserSsoSettings\\": {\\n \\"AuxiliaryDomain\\": \\"example.com\\",\\n \\"MetadataDocument\\": \\"PD94bWwgdmVy****\\",\\n \\"SsoEnabled\\": false,\\n \\"SsoLoginWithDomain\\": true,\\n \\"AuthnSignAlgo\\": \\"rsa-sha1\\"\\n },\\n \\"RequestId\\": \\"69FC3E5E-D3D9-434B-90CA-BBA8E0551A47\\"\\n}","type":"json"}]', + 'title' => 'GetUserSsoSettings', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetUserSsoSettings', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetUserSsoSettings', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'GetVerificationInfo' => [ + 'methods' => [ + 'get', + 'post', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramFSAEMQ', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'Schema of Response', + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'title' => 'Id of the request', + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'B182C041-8C64-5F2F-A07B-FC67FAF89CF9', + ], + 'SecurityPhoneDevice' => [ + 'description' => 'The information about the mobile phone.'."\n", + 'type' => 'object', + 'properties' => [ + 'AreaCode' => [ + 'description' => 'The international dialing code.'."\n", + 'type' => 'string', + 'example' => '86', + 'title' => '', + ], + 'PhoneNumber' => [ + 'description' => 'The mobile phone number.'."\n", + 'type' => 'string', + 'example' => '13900001234', + 'title' => '', + ], + 'Status' => [ + 'description' => 'The status of the mobile phone. Valid values:'."\n" + ."\n" + .'* active: The mobile phone is activated.'."\n" + .'* pending: The mobile phone is pending for activation.'."\n", + 'type' => 'string', + 'example' => 'active', + 'title' => '', + ], + ], + 'title' => '', + ], + 'SecurityEmailDevice' => [ + 'description' => 'The information about the email.'."\n", + 'type' => 'object', + 'properties' => [ + 'Email' => [ + 'description' => 'The email address.'."\n", + 'type' => 'string', + 'example' => 'username@example.com', + 'title' => '', + ], + 'Status' => [ + 'description' => 'The status of the email. Valid values:'."\n" + ."\n" + .'* active: The email is activated.'."\n" + .'* pending: The email is pending for activation.'."\n", + 'type' => 'string', + 'example' => 'active', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"B182C041-8C64-5F2F-A07B-FC67FAF89CF9\\",\\n \\"SecurityPhoneDevice\\": {\\n \\"AreaCode\\": \\"86\\",\\n \\"PhoneNumber\\": \\"13900001234\\",\\n \\"Status\\": \\"active\\"\\n },\\n \\"SecurityEmailDevice\\": {\\n \\"Email\\": \\"username@example.com\\",\\n \\"Status\\": \\"active\\"\\n }\\n}","errorExample":""},{"type":"xml","example":"\\n B182C041-8C64-5F2F-A07B-FC67FAF89CF9\\n \\n 86\\n 13900001234\\n active\\n \\n \\n username@example.com\\n active\\n \\n","errorExample":""}]', + 'title' => 'GetVerificationInfo', + 'summary' => 'Queries the status of the mobile phone or email that is bound to a Resource Access Management (RAM) user.', + 'translator' => 'machine', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetVerificationInfo', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'ListAccessKeys' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n" + ."\n" + .'If this parameter is empty, the AccessKey pairs of the current user are queried.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'AccessKeys' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'AccessKey' => [ + 'description' => 'The AccessKey pairs.'."\n", + 'title' => '', + 'type' => 'array', + 'items' => [ + 'description' => 'The AccessKey pair.'."\n", + 'type' => 'object', + 'properties' => [ + 'Status' => [ + 'description' => 'The status of the AccessKey pair. Valid values:'."\n" + ."\n" + .'* Active'."\n" + .'* Inactive'."\n", + 'type' => 'string', + 'example' => 'Active', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The time when the AccessKey pair was updated.'."\n", + 'type' => 'string', + 'example' => '2020-10-13T12:33:18Z', + 'title' => '', + ], + 'AccessKeyId' => [ + 'description' => 'The AccessKey ID.'."\n", + 'type' => 'string', + 'example' => 'LTAI*******************', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the AccessKey pair was created.'."\n", + 'type' => 'string', + 'example' => '2020-10-13T12:33:18Z', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '4B450CA1-36E8-4AA2-8461-86B42BF4CC4E', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"AccessKeys\\": {\\n \\"AccessKey\\": [\\n {\\n \\"Status\\": \\"Active\\",\\n \\"UpdateDate\\": \\"2020-10-13T12:33:18Z\\",\\n \\"AccessKeyId\\": \\"LTAI*******************\\",\\n \\"CreateDate\\": \\"2020-10-13T12:33:18Z\\"\\n }\\n ]\\n },\\n \\"RequestId\\": \\"4B450CA1-36E8-4AA2-8461-86B42BF4CC4E\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\t4B450CA1-36E8-4AA2-8461-86B42BF4CC4E\\r\\n\\t\\r\\n\\t\\t\\r\\n\\t\\t\\t0wNEpMMlzy7s****\\r\\n\\t\\t\\tActive\\r\\n\\t\\t\\t2020-10-13T12:33:18Z\\r\\n\\t\\t\\t2020-10-13T12:33:18Z\\r\\n\\t\\t\\r\\n\\t\\t\\r\\n\\t\\t\\tWnIWUruvfaDT****\\r\\n\\t\\t\\tInactive\\r\\n\\t\\t\\t2020-10-14T12:33:18Z\\r\\n\\t\\t\\t2020-10-14T21:12:21Z\\r\\n\\t\\t\\r\\n\\t\\r\\n\\r\\n\\t\\r\\n","errorExample":""}]', + 'title' => 'ListAccessKeys', + 'summary' => 'Queries the AccessKey pairs of an Alibaba Cloud account or a Resource Access Management (RAM) user.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListAccessKeys', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'ListAccessKeysInRecycleBin' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'UserId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the Resource Access Management (RAM) user.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '20732900249392****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'AccessKeys' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'AccessKey' => [ + 'description' => 'The information about the AccessKey pairs.'."\n", + 'title' => '', + 'type' => 'array', + 'items' => [ + 'description' => 'The information about the AccessKey pair.'."\n", + 'type' => 'object', + 'properties' => [ + 'AccessKeyId' => [ + 'description' => 'The AccessKey ID.'."\n", + 'type' => 'string', + 'example' => 'LTAI*******************', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the AccessKey pair was created.'."\n", + 'type' => 'string', + 'example' => '2020-10-11T09:12:00Z', + 'title' => '', + ], + 'RecycleDate' => [ + 'description' => 'The time when the AccessKey pair was deleted and moved to the recycle bin.'."\n", + 'type' => 'string', + 'example' => '2020-10-12T09:12:00Z', + 'title' => '', + ], + 'DeleteDate' => [ + 'description' => 'The time when the AccessKey pair will be permanently deleted from the recycle bin.'."\n", + 'type' => 'string', + 'example' => '2020-11-12T09:12:00Z', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"AccessKeys\\": {\\n \\"AccessKey\\": [\\n {\\n \\"AccessKeyId\\": \\"LTAI*******************\\",\\n \\"CreateDate\\": \\"2020-10-11T09:12:00Z\\",\\n \\"RecycleDate\\": \\"2020-10-12T09:12:00Z\\",\\n \\"DeleteDate\\": \\"2020-11-12T09:12:00Z\\"\\n }\\n ]\\n },\\n \\"RequestId\\": \\"4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\"\\n}","errorExample":""},{"type":"xml","example":"\\n \\n LTAI4GFTgcR8m8cZQDTH****\\n 2020-10-11T09:12:00Z\\n 2020-10-12T09:12:00Z\\n 2020-11-12T09:12:00Z\\n \\n 4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\n","errorExample":""}]', + 'title' => 'ListAccessKeysInRecycleBin', + 'summary' => 'Queries the AccessKey pairs of a specific Resource Access Management (RAM) user in the recycle bin.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListAccessKeysInRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'ListAppSecretIds' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramQ794FD', + ], + ], + 'parameters' => [ + [ + 'name' => 'AppId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => '472457090344041****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'AppSecrets' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'AppSecret' => [ + 'description' => 'The details of the application secret.'."\n", + 'title' => '', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'AppId' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'example' => '472457090344041****', + 'title' => '', + ], + 'AppSecretId' => [ + 'description' => 'The ID of the application secret.'."\n", + 'type' => 'string', + 'example' => '2efd5004-005c-4f05-83c6-5b1dd176****', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The creation time.'."\n", + 'type' => 'string', + 'example' => '2020-10-26T03:18:39Z', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '5F2FD500-7173-47D6-BD2F-EB60879B4F16', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"AppSecrets\\": {\\n \\"AppSecret\\": [\\n {\\n \\"AppId\\": \\"472457090344041****\\",\\n \\"AppSecretId\\": \\"2efd5004-005c-4f05-83c6-5b1dd176****\\",\\n \\"CreateDate\\": \\"2020-10-26T03:18:39Z\\"\\n }\\n ]\\n },\\n \\"RequestId\\": \\"5F2FD500-7173-47D6-BD2F-EB60879B4F16\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\t\\r\\n\\t\\t\\r\\n\\t\\t\\t472457090344041****\\r\\n\\t\\t\\t2efd5004-005c-4f05-83c6-5b1dd176****\\r\\n\\t\\t\\t2020-10-26T02:52:31Z\\r\\n\\t\\t\\r\\n\\t\\t\\r\\n\\t\\t\\t472457090344041****\\r\\n\\t\\t\\t7be32a14-d4c5-4f19-84e7-c37c1515****\\r\\n\\t\\t\\t2020-10-26T03:18:39Z\\r\\n\\t\\t\\r\\n\\t\\r\\n\\t5F2FD500-7173-47D6-BD2F-EB60879B4F16\\r\\n\\t\\r\\n","errorExample":""}]', + 'title' => 'ListAppSecretIds', + 'summary' => 'Queries the secret IDs of an application.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListAppSecretIds', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + ], + ], + 'ListApplicationProvisionInfos' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramCEEHYN', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'SourceType', + 'in' => 'query', + 'schema' => [ + 'description' => 'The source of the applications. Valid values:'."\n" + ."\n" + .'- inner: The applications are from the current account.'."\n" + ."\n" + .'- external: The applications are from other accounts.', + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'external', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'ApplicationProvisionInfos' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'ApplicationProvisionInfo' => [ + 'description' => 'The information about the installed applications.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the application.', + 'type' => 'string', + 'example' => 'GiteeAliyun', + 'title' => '', + ], + 'AppName' => [ + 'description' => 'The name of the application.', + 'type' => 'string', + 'example' => 'GiteePrd', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The update time. The value is a timestamp.', + 'type' => 'string', + 'example' => '1603693518000', + 'title' => '', + ], + 'AppId' => [ + 'description' => 'The ID of the application.', + 'type' => 'string', + 'example' => '452392483381546****', + 'title' => '', + ], + 'DelegatedScope' => [ + 'description' => 'The information about the permissions that are granted to the application.', + 'type' => 'object', + 'properties' => [ + 'PredefinedScopes' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'PredefinedScope' => [ + 'description' => 'The information about the permissions that are granted to the application.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Description' => [ + 'description' => 'The description of the permission.', + 'type' => 'string', + 'example' => '用于获取用户的OpenID(默认权限范围,不可移除)', + 'title' => '', + ], + 'Name' => [ + 'description' => 'The name of the permission.', + 'type' => 'string', + 'example' => 'openid', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'AccountId' => [ + 'description' => 'The ID of the Alibaba Cloud account.', + 'type' => 'string', + 'example' => '177242285274****', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the application was installed. The value is a timestamp.', + 'type' => 'string', + 'example' => '1603693518000', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => 'E403EBFD-C997-489D-BFC7-37C05E66D67C', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => 'ListApplicationProvisionInfos', + 'summary' => 'Queries installation information about all installed applications.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListApplicationProvisionInfos', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListApplicationProvisionInfos', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"ApplicationProvisionInfos\\": {\\n \\"ApplicationProvisionInfo\\": [\\n {\\n \\"DisplayName\\": \\"GiteeAliyun\\",\\n \\"AppName\\": \\"GiteePrd\\",\\n \\"UpdateDate\\": \\"1603693518000\\",\\n \\"AppId\\": \\"452392483381546****\\",\\n \\"DelegatedScope\\": {\\n \\"PredefinedScopes\\": {\\n \\"PredefinedScope\\": [\\n {\\n \\"Description\\": \\"用于获取用户的OpenID(默认权限范围,不可移除)\\",\\n \\"Name\\": \\"openid\\"\\n }\\n ]\\n }\\n },\\n \\"AccountId\\": \\"177242285274****\\",\\n \\"CreateDate\\": \\"1603693518000\\"\\n }\\n ]\\n },\\n \\"RequestId\\": \\"E403EBFD-C997-489D-BFC7-37C05E66D67C\\"\\n}","type":"json"}]', + ], + 'ListApplications' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram2SMFX0', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response that is returned.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => 'CE458B58-8C40-46F7-A9D4-CB85136B0C06', + 'title' => '', + ], + 'Applications' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'Application' => [ + 'description' => 'The application information.', + 'type' => 'array', + 'items' => [ + 'description' => 'The application information.', + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the application.', + 'type' => 'string', + 'example' => 'myapp', + 'title' => '', + ], + 'AccessTokenValidity' => [ + 'description' => 'The validity period of the access token. Unit: seconds.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '3600', + 'title' => '', + ], + 'SecretRequired' => [ + 'description' => 'Indicates whether an application secret is required.', + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + 'AccountId' => [ + 'description' => 'The ID of the Alibaba Cloud account to which the application belongs.', + 'type' => 'string', + 'example' => '177242285274****', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the application was created.', + 'type' => 'string', + 'example' => '2020-10-23T09:33:22Z', + 'title' => '', + ], + 'AppName' => [ + 'description' => 'The name of the application.', + 'type' => 'string', + 'example' => 'myapp', + 'title' => '', + ], + 'RedirectUris' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'RedirectUri' => [ + 'description' => 'The redirect URI.', + 'type' => 'array', + 'items' => [ + 'description' => 'The redirect URI.', + 'type' => 'string', + 'example' => 'https://www.example.com', + 'title' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'UpdateDate' => [ + 'description' => 'The time when the application was last updated.', + 'type' => 'string', + 'example' => '2020-10-23T09:33:22Z', + 'title' => '', + ], + 'DelegatedScope' => [ + 'description' => 'The permission scopes of the application.', + 'type' => 'object', + 'properties' => [ + 'PredefinedScopes' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'PredefinedScope' => [ + 'description' => 'The permission scopes of the application.', + 'type' => 'array', + 'items' => [ + 'description' => 'The permission scopes of the application.', + 'type' => 'object', + 'properties' => [ + 'Description' => [ + 'description' => 'The description of the scope.', + 'type' => 'string', + 'example' => 'Obtain the OpenID of the user. This is the default permission that you cannot remove.', + 'title' => '', + ], + 'Name' => [ + 'description' => 'The name of the scope.', + 'type' => 'string', + 'example' => 'openid', + 'title' => '', + ], + 'Required' => [ + 'description' => 'Indicates whether this permission scope is required by default when the application is installed. Valid values:'."\n" + ."\n" + .'- true: The permission scope is required.'."\n" + ."\n" + .'- false: The permission scope is not required.'."\n" + ."\n" + .'The `openid` scope is required by default.', + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'AppId' => [ + 'description' => 'The application ID.', + 'type' => 'string', + 'example' => '441442900344560****', + 'title' => '', + ], + 'RefreshTokenValidity' => [ + 'description' => 'The validity period of the refresh token. Unit: seconds.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '7776000', + 'title' => '', + ], + 'IsMultiTenant' => [ + 'description' => 'Indicates whether the application can be installed by other accounts.', + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + 'AppType' => [ + 'description' => 'The application type. Valid values:'."\n" + ."\n" + .'- WebApp: a web application that runs in a browser.'."\n" + ."\n" + .'- NativeApp: a native application that runs on a desktop or mobile operating system.'."\n" + ."\n" + .'- ServerApp: an application that can directly access Alibaba Cloud services without logon credentials. This type of application is available only for user synchronization based on the System for Cross-domain Identity Management (SCIM) protocol.', + 'type' => 'string', + 'example' => 'WebApp', + 'title' => '', + ], + 'ProtocolVersion' => [ + 'description' => 'The OAuth protocol version of the application. Valid values:'."\n" + ."\n" + .'- `2.0`: OAuth 2.0'."\n" + ."\n" + .'- `2.1`: OAuth 2.1', + 'type' => 'string', + 'example' => '2.0', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => 'ListApplications', + 'summary' => 'Lists the applications that you have created.', + 'description' => 'This topic provides an example of how to query the applications in your Alibaba Cloud account. The response shows that only one application, named `myapp`, exists in the account.', + 'requestParamsDescription' => 'For more information about common parameters, see [Common parameters](~~187377~~).', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListApplications', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:ListApplications', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"CE458B58-8C40-46F7-A9D4-CB85136B0C06\\",\\n \\"Applications\\": {\\n \\"Application\\": [\\n {\\n \\"DisplayName\\": \\"myapp\\",\\n \\"AccessTokenValidity\\": 3600,\\n \\"SecretRequired\\": true,\\n \\"AccountId\\": \\"177242285274****\\",\\n \\"CreateDate\\": \\"2020-10-23T09:33:22Z\\",\\n \\"AppName\\": \\"myapp\\",\\n \\"RedirectUris\\": {\\n \\"RedirectUri\\": [\\n \\"https://www.example.com\\"\\n ]\\n },\\n \\"UpdateDate\\": \\"2020-10-23T09:33:22Z\\",\\n \\"DelegatedScope\\": {\\n \\"PredefinedScopes\\": {\\n \\"PredefinedScope\\": [\\n {\\n \\"Description\\": \\"Obtain the OpenID of the user. This is the default permission that you cannot remove.\\",\\n \\"Name\\": \\"openid\\",\\n \\"Required\\": true\\n }\\n ]\\n }\\n },\\n \\"AppId\\": \\"441442900344560****\\",\\n \\"RefreshTokenValidity\\": 7776000,\\n \\"IsMultiTenant\\": true,\\n \\"AppType\\": \\"WebApp\\",\\n \\"ProtocolVersion\\": \\"2.0\\"\\n }\\n ]\\n }\\n}","type":"json"}]', + ], + 'ListExternalApplications' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram2SMFX0', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => '936E1D9C-157D-45BD-8A3B-81C0716EB077', + 'title' => '', + ], + 'IsTruncated' => [ + 'description' => 'Indicates whether the response is truncated. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + 'Marker' => [ + 'description' => 'A pagination token. It can be used in the next request to retrieve a new page of results.'."\n" + ."\n" + .'> This parameter is returned only when `IsTruncated` is `true`.', + 'type' => 'string', + 'example' => 'EXAMPLE', + 'title' => '', + ], + 'ExternalApplications' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'ExternalApplication' => [ + 'description' => 'The information about the external applications.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the external application.', + 'type' => 'string', + 'example' => 'GiteeAliyun', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The update time of the external application. The value is a timestamp.', + 'type' => 'string', + 'example' => '1603693518000', + 'title' => '', + ], + 'DelegatedScope' => [ + 'description' => 'The information about the permissions that are granted to the external application.', + 'type' => 'object', + 'properties' => [ + 'PredefinedScopes' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'PredefinedScope' => [ + 'description' => 'The information about the permissions that are granted to the external application.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Description' => [ + 'description' => 'The description of the permission.', + 'type' => 'string', + 'example' => '用于获取用户的OpenID(默认权限范围,不可移除)', + 'title' => '', + ], + 'Name' => [ + 'description' => 'The name of the permission.', + 'type' => 'string', + 'example' => 'openid', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'AppPrincipalName' => [ + 'description' => 'The name of the external application principal. The value is in the `@app..onaliyun.com` format.', + 'type' => 'string', + 'example' => 'GiteePrd@app.153082740420****.onaliyun.com', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the external application was installed. The value is a timestamp.', + 'type' => 'string', + 'example' => '1603693318000', + 'title' => '', + ], + 'TenantId' => [ + 'description' => 'The ID of the Alibaba Cloud account for which the external application was installed.', + 'type' => 'string', + 'example' => '173082740420****', + 'title' => '', + ], + 'ForeignAppId' => [ + 'description' => 'The ID of the external application.', + 'type' => 'string', + 'example' => '407426893752729****', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => 'ListExternalApplications', + 'summary' => 'Queries information about all installed external applications.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListExternalApplications', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListExternalApplications', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"936E1D9C-157D-45BD-8A3B-81C0716EB077\\",\\n \\"IsTruncated\\": true,\\n \\"Marker\\": \\"EXAMPLE\\",\\n \\"ExternalApplications\\": {\\n \\"ExternalApplication\\": [\\n {\\n \\"DisplayName\\": \\"GiteeAliyun\\",\\n \\"UpdateDate\\": \\"1603693518000\\",\\n \\"DelegatedScope\\": {\\n \\"PredefinedScopes\\": {\\n \\"PredefinedScope\\": [\\n {\\n \\"Description\\": \\"用于获取用户的OpenID(默认权限范围,不可移除)\\",\\n \\"Name\\": \\"openid\\"\\n }\\n ]\\n }\\n },\\n \\"AppPrincipalName\\": \\"GiteePrd@app.153082740420****.onaliyun.com\\",\\n \\"CreateDate\\": \\"1603693318000\\",\\n \\"TenantId\\": \\"173082740420****\\",\\n \\"ForeignAppId\\": \\"407426893752729****\\"\\n }\\n ]\\n }\\n}","type":"json"}]', + ], + 'ListGroups' => [ + 'summary' => 'Queries Resource Access Management (RAM) user groups.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram3V29VK', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'Marker', + 'in' => 'query', + 'schema' => [ + 'description' => 'The `marker`. If part of a previous response is truncated, you can use this parameter to obtain the truncated part.', + 'type' => 'string', + 'required' => false, + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + [ + 'name' => 'MaxItems', + 'in' => 'query', + 'schema' => [ + 'description' => 'The number of entries to return. If a response is truncated because it reaches the value of `MaxItems`, the value of `IsTruncated` will be `true`.'."\n" + ."\n" + .'Valid values: 1 to 100. Default value: 100.', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '100', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => '065527AA-2F2E-AD7C-7484-F2626CFE4934', + 'title' => '', + ], + 'Groups' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'Group' => [ + 'description' => 'The information about the RAM user groups.', + 'type' => 'array', + 'items' => [ + 'description' => 'The information about the RAM user group.', + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the RAM user group.', + 'type' => 'string', + 'example' => 'Dev-Team', + 'title' => '', + ], + 'GroupId' => [ + 'description' => 'The ID of the RAM user group.', + 'type' => 'string', + 'example' => '740317625433843****', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The update time.', + 'type' => 'string', + 'example' => '2020-10-19T12:33:18Z', + 'title' => '', + ], + 'GroupName' => [ + 'description' => 'The name of the RAM user group.', + 'type' => 'string', + 'example' => 'dev-team', + 'title' => '', + ], + 'Comments' => [ + 'description' => 'The description.', + 'type' => 'string', + 'example' => '开发团队', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The creation time.', + 'type' => 'string', + 'example' => '2020-10-19T12:33:18Z', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'IsTruncated' => [ + 'description' => 'Indicates whether the response is truncated. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + 'Marker' => [ + 'description' => 'The `marker`. This parameter is returned only if the value of `IsTruncated` is `true`. If the parameter is returned, you can call this operation again and set this parameter to obtain the truncated part.', + 'type' => 'string', + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => 'ListGroups', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListGroups', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListGroups', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"065527AA-2F2E-AD7C-7484-F2626CFE4934\\",\\n \\"Groups\\": {\\n \\"Group\\": [\\n {\\n \\"DisplayName\\": \\"Dev-Team\\",\\n \\"GroupId\\": \\"740317625433843****\\",\\n \\"UpdateDate\\": \\"2020-10-19T12:33:18Z\\",\\n \\"GroupName\\": \\"dev-team\\",\\n \\"Comments\\": \\"开发团队\\",\\n \\"CreateDate\\": \\"2020-10-19T12:33:18Z\\"\\n }\\n ]\\n },\\n \\"IsTruncated\\": true,\\n \\"Marker\\": \\"EXAMPLE\\"\\n}","type":"json"}]', + ], + 'ListGroupsForUser' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram3V29VK', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '7158A935-FB5E-49A7-8E52-FDA5B2B67247', + 'title' => '', + ], + 'Groups' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'Group' => [ + 'description' => 'The information about the RAM user groups.'."\n", + 'title' => '', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the RAM user group.'."\n", + 'type' => 'string', + 'example' => 'Test-Team', + 'title' => '', + ], + 'GroupName' => [ + 'description' => 'The name of the RAM user group.'."\n", + 'type' => 'string', + 'example' => 'Test-Team', + 'title' => '', + ], + 'GroupId' => [ + 'description' => 'The ID of the RAM user group.'."\n", + 'type' => 'string', + 'example' => '740317625433843****', + 'title' => '', + ], + 'Comments' => [ + 'description' => 'The description.'."\n", + 'type' => 'string', + 'example' => 'Test-Team', + 'title' => '', + ], + 'JoinDate' => [ + 'description' => 'The time when the RAM user was added.'."\n", + 'type' => 'string', + 'example' => '2020-10-20T06:57:00Z', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"7158A935-FB5E-49A7-8E52-FDA5B2B67247\\",\\n \\"Groups\\": {\\n \\"Group\\": [\\n {\\n \\"DisplayName\\": \\"Test-Team\\",\\n \\"GroupName\\": \\"Test-Team\\",\\n \\"GroupId\\": \\"740317625433843****\\",\\n \\"Comments\\": \\"Test-Team\\",\\n \\"JoinDate\\": \\"2020-10-20T06:57:00Z\\"\\n }\\n ]\\n }\\n}","errorExample":""},{"type":"xml","example":"","errorExample":""}]', + 'title' => 'ListGroupsForUser', + 'summary' => 'Queries the Resource Access Management (RAM) user groups to which a RAM user belongs.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListGroupsForUser', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'ListOIDCProviders' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'Marker', + 'in' => 'query', + 'schema' => [ + 'description' => 'The `marker`. If part of a previous response is truncated, you can use this parameter to obtain the truncated part.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + [ + 'name' => 'MaxItems', + 'in' => 'query', + 'schema' => [ + 'description' => 'The number of entries per page. If a response is truncated because it reaches the value of `MaxItems`, the value of `IsTruncated` will be `true`.'."\n" + ."\n" + .'Valid values: 1 to 100. Default value: 100.'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '100', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'D2148337-B86A-57F0-8B31-EB7BE0125226', + 'title' => '', + ], + 'OIDCProviders' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'OIDCProvider' => [ + 'description' => 'The information about the OIDC IdP.'."\n", + 'title' => '', + 'type' => 'array', + 'items' => [ + 'description' => '', + 'type' => 'object', + 'properties' => [ + 'UpdateDate' => [ + 'description' => 'The time when the OIDC IdP was modified. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-12T08:38:29Z', + 'title' => '', + ], + 'Description' => [ + 'description' => 'The description of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'This is a new OIDC Provider.', + 'title' => '', + ], + 'OIDCProviderName' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the OIDC IdP was created. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-11T06:56:03Z', + 'title' => '', + ], + 'Arn' => [ + 'description' => 'The Alibaba Cloud Resource Name (ARN) of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'acs:ram::177242285274****:oidc-provider/TestOIDCProvider', + 'title' => '', + ], + 'IssuerUrl' => [ + 'description' => 'The URL of the issuer.'."\n", + 'type' => 'string', + 'example' => 'https://dev-xxxxxx.okta.com', + 'title' => '', + ], + 'Fingerprints' => [ + 'description' => 'The fingerprint of the HTTPS certificate. If multiple fingerprints are returned, the fingerprints are separated by commas (,).'."\n", + 'type' => 'string', + 'example' => '902ef2deeb3c5b13ea4c3d5193629309e231****', + 'title' => '', + ], + 'ClientIds' => [ + 'description' => 'The ID of the client, If you want to specify multiple client IDs, separate the client IDs with commas (,).'."\n", + 'type' => 'string', + 'example' => '498469743454717****', + 'title' => '', + ], + 'GmtCreate' => [ + 'description' => 'The timestamp when the OIDC IdP was created.'."\n", + 'type' => 'string', + 'example' => '1636613763000', + 'title' => '', + ], + 'GmtModified' => [ + 'description' => 'The timestamp when the OIDC IdP was modified.'."\n", + 'type' => 'string', + 'example' => '1636706309000', + 'title' => '', + ], + 'IssuanceLimitTime' => [ + 'description' => 'The earliest time when an external IdP can issue an ID token. If the value of the iat field in the ID token is later than the current time, the request is rejected. Unit: hours. Valid values: 1 to 168.'."\n", + 'type' => 'integer', + 'format' => 'int64', + 'example' => '12', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + ], + 'IsTruncated' => [ + 'description' => 'Indicates whether the response is truncated. Valid values:'."\n" + ."\n" + .'* true'."\n" + .'* false'."\n", + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'Marker' => [ + 'description' => 'The `marker`. This parameter is returned only if the value of `IsTruncated` is `true`. If the parameter is returned, you can call this operation again and set this parameter to obtain the truncated part.``'."\n", + 'type' => 'string', + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D2148337-B86A-57F0-8B31-EB7BE0125226\\",\\n \\"OIDCProviders\\": {\\n \\"OIDCProvider\\": [\\n {\\n \\"UpdateDate\\": \\"2021-11-12T08:38:29Z\\",\\n \\"Description\\": \\"This is a new OIDC Provider.\\",\\n \\"OIDCProviderName\\": \\"TestOIDCProvider\\",\\n \\"CreateDate\\": \\"2021-11-11T06:56:03Z\\",\\n \\"Arn\\": \\"acs:ram::177242285274****:oidc-provider/TestOIDCProvider\\",\\n \\"IssuerUrl\\": \\"https://dev-xxxxxx.okta.com\\",\\n \\"Fingerprints\\": \\"902ef2deeb3c5b13ea4c3d5193629309e231****\\",\\n \\"ClientIds\\": \\"498469743454717****\\",\\n \\"GmtCreate\\": \\"1636613763000\\",\\n \\"GmtModified\\": \\"1636706309000\\",\\n \\"IssuanceLimitTime\\": 12\\n }\\n ]\\n },\\n \\"IsTruncated\\": false,\\n \\"Marker\\": \\"EXAMPLE\\"\\n}","errorExample":""},{"type":"xml","example":"\\n D2148337-B86A-57F0-8B31-EB7BE0125226\\n \\n \\n 1636613763000\\n This is a new OIDC Provider.\\n TestOIDCProvider\\n https://dev-xxxxxx.okta.com\\n 902ef2deeb3c5b13ea4c3d5193629309e231****\\n 1636706309000\\n acs:ram::177242285274****:oidc-provider/TestOIDCProvider\\n 498469743454717****\\n 2021-11-12T08:38:29Z\\n 2021-11-11T06:56:03Z\\n \\n \\n false\\n","errorExample":""}]', + 'title' => 'ListOIDCProviders', + 'summary' => 'Queries OIDC IdPs.', + 'description' => '###'."\n" + ."\n" + .'This topic provides an example on how to query all OpenID Connect (OIDC) identity providers (IdPs) within your Alibaba Cloud account. The response shows that your Alibaba Cloud account has only one OIDC IdP named `TestOIDCProvider`.'."\n", + 'requestParamsDescription' => 'For more information about common request parameters, see [API Reference](~~187377~~).'."\n", + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListOIDCProviders', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'ListPasskeys' => [ + 'methods' => [ + 'get', + 'post', + ], + 'schemes' => [ + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'none', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '254320', + 'abilityTreeNodes' => [ + 'FEATUREramCFN0GB', + ], + 'autoTest' => false, + 'notSupportAutoTestReason' => '因为创建passkey需要通过控制台页面,没有openAPI,因此无法创建用来更新的passkey', + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'Schema of Response', + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'title' => 'Id of the request', + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '04F0F334-1335-436C-A1D7-6C044FE73368', + ], + 'Passkeys' => [ + 'description' => 'The information about the passkeys.'."\n", + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'PasskeyName' => [ + 'description' => 'The name of the passkey.'."\n", + 'type' => 'string', + 'example' => 'device1', + 'title' => '', + ], + 'PasskeyId' => [ + 'description' => 'The ID of the passkey.'."\n", + 'type' => 'string', + 'example' => 'PASSKEY-CuZjEHhWcr7GIQOMGvkS', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the passkey was created. The value is a timestamp.'."\n", + 'type' => 'string', + 'example' => '1737450279', + 'title' => '', + ], + 'LastUseDate' => [ + 'description' => 'The time when the passkey was last used. The value is a timestamp.'."\n", + 'type' => 'string', + 'example' => '1737450390', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + 'title' => '', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"04F0F334-1335-436C-A1D7-6C044FE73368\\",\\n \\"Passkeys\\": [\\n {\\n \\"PasskeyName\\": \\"device1\\",\\n \\"PasskeyId\\": \\"PASSKEY-CuZjEHhWcr7GIQOMGvkS\\",\\n \\"CreateDate\\": \\"1737450279\\",\\n \\"LastUseDate\\": \\"1737450390\\"\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'ListPasskeys', + 'summary' => 'Queries the information about the passkeys that are bound to a Resource Access Management (RAM) user.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'ram:ListPasskeys', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'ListPredefinedScopes' => [ + 'summary' => 'Queries predefined application permissions.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'AppType', + 'in' => 'query', + 'schema' => [ + 'description' => 'The type of the application. Valid values:'."\n" + ."\n" + .'- WebApp'."\n" + ."\n" + .'- NativeApp'."\n" + ."\n" + .'- ServerApp'."\n" + ."\n" + .'If this parameter is empty, the permissions on all types of applications are queried.', + 'type' => 'string', + 'required' => false, + 'example' => 'WebApp', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'PredefinedScopes' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'PredefinedScope' => [ + 'description' => 'The information about application permissions.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Description' => [ + 'description' => 'The description of the permission scope.', + 'type' => 'string', + 'example' => '用于获取用户的OpenID(默认权限范围,不可移除)', + 'title' => '', + ], + 'Name' => [ + 'description' => 'The name of the permission scope.', + 'type' => 'string', + 'example' => 'openid', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => '955C096D-EC99-480B-AF37-3921109107D0', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => 'ListPredefinedScopes', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListPredefinedScopes', + ], + ], + ], + 'ramActions' => [], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"PredefinedScopes\\": {\\n \\"PredefinedScope\\": [\\n {\\n \\"Description\\": \\"用于获取用户的OpenID(默认权限范围,不可移除)\\",\\n \\"Name\\": \\"openid\\"\\n }\\n ]\\n },\\n \\"RequestId\\": \\"955C096D-EC99-480B-AF37-3921109107D0\\"\\n}","type":"json"}]', + ], + 'ListRecentGovernanceMetrics' => [ + 'summary' => 'Queries all metric values in the most recent governance check.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramOHWKAN', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => '49846A91-C1C5-5C2B-BC64-8B0B7BADB4C0', + 'title' => '', + ], + 'GenerateTime' => [ + 'description' => 'The time when the report was generated.', + 'type' => 'string', + 'example' => '2025-02-10T02:11:23Z', + 'title' => '', + ], + 'GovernanceMetrics' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'GovernanceMetric' => [ + 'description' => 'The metric values of all governance items. The value of the parameter is an array, and each row in the array contains the metric value of a governance item.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'GovernanceItem' => [ + 'description' => 'The name of the governance item.', + 'type' => 'string', + 'example' => 'RecentAccountLoginTimes', + 'title' => '', + ], + 'MetricType' => [ + 'description' => 'The type of the metric value. Valid values:'."\n" + ."\n" + .'- Number'."\n" + ."\n" + .'- String'."\n" + ."\n" + .'- Boolean', + 'type' => 'string', + 'example' => 'Number', + 'title' => '', + ], + 'MetricValue' => [ + 'description' => 'The metric value. The type of the metric value is determined by `MetricType`.', + 'type' => 'any', + 'example' => '5', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => 'ListRecentGovernanceMetrics', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListRecentGovernanceMetrics', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListRecentGovernanceMetrics', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"49846A91-C1C5-5C2B-BC64-8B0B7BADB4C0\\",\\n \\"GenerateTime\\": \\"2025-02-10T02:11:23Z\\",\\n \\"GovernanceMetrics\\": {\\n \\"GovernanceMetric\\": [\\n {\\n \\"GovernanceItem\\": \\"RecentAccountLoginTimes\\",\\n \\"MetricType\\": \\"Number\\",\\n \\"MetricValue\\": \\"5\\"\\n }\\n ]\\n }\\n}","type":"json"}]', + ], + 'ListSAMLProviders' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram7YYMOK', + ], + ], + 'parameters' => [ + [ + 'name' => 'Marker', + 'in' => 'query', + 'schema' => [ + 'description' => 'The `marker`. If part of a previous response is truncated, you can use this parameter to obtain the truncated part.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + [ + 'name' => 'MaxItems', + 'in' => 'query', + 'schema' => [ + 'description' => 'The number of entries to return. If a response is truncated because it reaches the value of `MaxItems`, the value of `IsTruncated` will be `true`.'."\n" + ."\n" + .'Valid values: 1 to 100. Default value: 100.'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '100', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '2D8B70D3-E194-41C9-93C5-F6A10D716D24', + 'title' => '', + ], + 'SAMLProviders' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'SAMLProvider' => [ + 'description' => 'The information about IdPs.'."\n", + 'title' => '', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'UpdateDate' => [ + 'description' => 'The update time.'."\n", + 'type' => 'string', + 'example' => '2020-10-22T06:26:15Z', + 'title' => '', + ], + 'Description' => [ + 'description' => 'The description.'."\n", + 'type' => 'string', + 'example' => 'This is a provider.', + 'title' => '', + ], + 'SAMLProviderName' => [ + 'description' => 'The name of the IdP.'."\n", + 'type' => 'string', + 'example' => 'test-provider', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The creation time.'."\n", + 'type' => 'string', + 'example' => '2020-10-22T06:26:15Z', + 'title' => '', + ], + 'Arn' => [ + 'description' => 'The Alibaba Cloud Resource Name (ARN) of the IdP.'."\n", + 'type' => 'string', + 'example' => 'acs:ram::177242285274****:saml-provider/test-provider', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + ], + 'IsTruncated' => [ + 'description' => 'Indicates whether the response is truncated. Valid values:'."\n" + ."\n" + .'* true'."\n" + .'* false'."\n", + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + 'Marker' => [ + 'description' => 'The `marker`. This parameter is returned only if the value of `IsTruncated` is `true`. If the parameter is returned, you can call this operation again and set this parameter to obtain the truncated part.``'."\n", + 'type' => 'string', + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"2D8B70D3-E194-41C9-93C5-F6A10D716D24\\",\\n \\"SAMLProviders\\": {\\n \\"SAMLProvider\\": [\\n {\\n \\"UpdateDate\\": \\"2020-10-22T06:26:15Z\\",\\n \\"Description\\": \\"This is a provider.\\",\\n \\"SAMLProviderName\\": \\"test-provider\\",\\n \\"CreateDate\\": \\"2020-10-22T06:26:15Z\\",\\n \\"Arn\\": \\"acs:ram::177242285274****:saml-provider/test-provider\\"\\n }\\n ]\\n },\\n \\"IsTruncated\\": true,\\n \\"Marker\\": \\"EXAMPLE\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\t2D8B70D3-E194-41C9-93C5-F6A10D716D24\\r\\n\\t\\r\\n\\t\\t\\r\\n\\t\\t\\t2020-10-22T06:26:15Z\\r\\n\\t\\t\\ttest-provider\\r\\n\\t\\t\\tThis is a provider.\\r\\n\\t\\t\\tacs:ram::177242285274****:saml-provider/test-provider\\r\\n\\t\\t\\t2020-10-22T06:26:15Z\\r\\n\\t\\t\\r\\n\\t\\r\\n\\ttrue\\r\\n\\tEXAMPLE\\r\\n\\t\\r\\n","errorExample":""}]', + 'title' => 'ListSAMLProviders', + 'summary' => 'Queries information about identity providers (IdPs) for role-based single sign-on (SSO).', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListSAMLProviders', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'ListTagResources' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramVRK65Q', + ], + ], + 'parameters' => [ + [ + 'name' => 'ResourcePrincipalName', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'title' => '', + 'description' => 'The name of resource N.'."\n" + ."\n" + .'Valid values of N: 1 to 50. If ResourceType is set to user, the resource name is the name of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: ResourceId and ResourcePrincipalName.'."\n", + 'type' => 'array', + 'items' => [ + 'description' => 'The name of resource N.'."\n" + ."\n" + .'Valid values of N: 1 to 50. If ResourceType is set to user, the resource name is the name of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: ResourceId and ResourcePrincipalName.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'required' => false, + 'maxItems' => 51, + ], + ], + [ + 'name' => 'NextToken', + 'in' => 'query', + 'schema' => [ + 'title' => '', + 'description' => 'The token that is used to initiate the next request if the response of the current request is truncated. You can use the token to initiate another request and obtain the remaining records.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'caeba0bbb2be03f84eb48b699f0a4883', + ], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => [ + 'description' => 'The number of entries per page. If a response is truncated because it reaches the value of PageSize, the value of IsTruncated will be true. Valid values: 1 to 100. Default value: 100.'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '2', + 'title' => '', + ], + ], + [ + 'name' => 'ResourceType', + 'in' => 'query', + 'schema' => [ + 'title' => '', + 'description' => 'The type of the resource. Valid value:'."\n" + ."\n" + .'* user: a RAM user'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'user', + ], + ], + [ + 'name' => 'ResourceId', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'title' => '', + 'description' => 'The ID of resource N.'."\n" + ."\n" + .'Valid values of N: 1 to 50. If ResourceType is set to user, the resource ID is the ID of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: ResourceId and ResourcePrincipalName.'."\n", + 'type' => 'array', + 'items' => [ + 'description' => 'The ID of resource N.'."\n" + ."\n" + .'Valid values of N: 1 to 50. If ResourceType is set to user, the resource ID is the ID of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: ResourceId and ResourcePrincipalName.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '20732900249392****', + 'title' => '', + ], + 'required' => false, + 'maxItems' => 51, + ], + ], + [ + 'name' => 'Tag', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'title' => '', + 'description' => 'The tag value.'."\n" + ."\n" + .'Valid values of N: 1 to 20. N must be consecutive.'."\n", + 'type' => 'array', + 'items' => [ + 'description' => '', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'title' => '', + 'description' => 'The key of tag N.'."\n" + ."\n" + .'Valid values of N: 1 to 20. N must be consecutive.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'operator', + ], + 'Value' => [ + 'title' => '', + 'description' => 'The value of tag N.'."\n" + ."\n" + .'Valid values of N: 1 to 20. N must be consecutive.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'alice', + ], + ], + 'required' => false, + 'title' => '', + ], + 'required' => false, + 'maxItems' => 21, + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'NextToken' => [ + 'title' => '', + 'description' => 'The marker. This parameter is returned only if the value of IsTruncated is true. If the parameter is returned, you can call this operation again and set this parameter to obtain the truncated part.'."\n", + 'type' => 'string', + 'example' => 'caeba0bbb2be03f84eb48b699f0a****', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '4BE83135-0B08-467C-B3A2-27B312FD0F57', + 'title' => '', + ], + 'TagResources' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'TagResource' => [ + 'title' => '', + 'description' => 'The tag key.'."\n", + 'type' => 'array', + 'items' => [ + 'description' => '', + 'type' => 'object', + 'properties' => [ + 'ResourceType' => [ + 'title' => '', + 'description' => 'The type of the resource. Valid values:'."\n" + ."\n" + .'* user: a RAM user'."\n", + 'type' => 'string', + 'example' => 'user', + ], + 'TagValue' => [ + 'title' => '', + 'description' => 'The tag value.'."\n", + 'type' => 'string', + 'example' => 'alice', + ], + 'ResourceId' => [ + 'title' => '', + 'description' => 'The ID of the resource.'."\n", + 'type' => 'string', + 'example' => '20732900249392****', + ], + 'TagKey' => [ + 'title' => '', + 'description' => 'The tag key.'."\n", + 'type' => 'string', + 'example' => 'operator', + ], + ], + 'title' => '', + ], + ], + ], + ], + 'IsTruncated' => [ + 'title' => '', + 'description' => 'Indicates whether the response is truncated. Valid values:'."\n" + ."\n" + .'* true'."\n" + .'* false'."\n", + 'type' => 'boolean', + 'example' => 'true', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0a****\\",\\n \\"RequestId\\": \\"4BE83135-0B08-467C-B3A2-27B312FD0F57\\",\\n \\"TagResources\\": {\\n \\"TagResource\\": [\\n {\\n \\"ResourceType\\": \\"user\\",\\n \\"TagValue\\": \\"alice\\",\\n \\"ResourceId\\": \\"20732900249392****\\",\\n \\"TagKey\\": \\"operator\\"\\n }\\n ]\\n },\\n \\"IsTruncated\\": true\\n}","errorExample":""},{"type":"xml","example":"\\n caeba0bbb2be03f84eb48b699f0a4883\\n 4BE83135-0B08-467C-B3A2-27B312FD0F57\\n \\n user\\n 20732900249392****\\n operator\\n alice\\n \\n \\n user\\n 20732900249392****\\n owner\\n bob\\n \\n true\\n","errorExample":""}]', + 'title' => 'ListTagResources', + 'summary' => 'Queries the tags that are added resources.', + 'description' => '###'."\n" + ."\n" + .'You must specify at least one of the following parameters or parameter pairs in a request to determine a query object:'."\n" + ."\n" + .'* `ResourceId.N`'."\n" + .'* `Tag.N.Key`'."\n" + .'* `Tag.N.Key` and `Tag.N.Value`'."\n", + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListTagResources', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'ListUserBasicInfos' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'Marker', + 'in' => 'query', + 'schema' => [ + 'description' => 'The `marker`. If part of a previous response is truncated, you can use this parameter to obtain the truncated part.', + 'type' => 'string', + 'required' => false, + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + [ + 'name' => 'MaxItems', + 'in' => 'query', + 'schema' => [ + 'description' => 'The number of entries to return. If a response is truncated because it reaches the value of `MaxItems`, the value of `IsTruncated` will be `true`.'."\n" + ."\n" + .'Valid values: 1 to 1000. Default value: 100.', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '100', + 'title' => '', + ], + ], + [ + 'name' => 'Tag', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'title' => '', + 'description' => 'The tags.', + 'type' => 'array', + 'items' => [ + 'description' => 'The tag.', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'description' => 'The key of tag N.'."\n" + ."\n" + .'Valid values of N: 1 to 20. N must be consecutive.', + 'type' => 'string', + 'title' => '', + 'required' => false, + 'example' => 'operator', + ], + 'Value' => [ + 'description' => 'The value of tag N.'."\n" + ."\n" + .'Valid values of N: 1 to 20. N must be consecutive.', + 'type' => 'string', + 'title' => '', + 'required' => false, + 'example' => 'alice', + ], + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'required' => false, + 'maxItems' => 21, + 'example' => '', + ], + ], + [ + 'name' => 'Status', + 'in' => 'query', + 'schema' => [ + 'description' => 'The status of the RAM users that you want to query. Valid values: active, freeze, and active,freeze. If you set the value to active,freeze, RAM users in both active and freeze states are queried. If you leave the parameter empty, the value active is used by default. If the Tag parameter is specified, you cannot specify the Status parameter. In this case, RAM users in both states are queried.', + 'type' => 'string', + 'required' => false, + 'example' => 'active', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => 'EF2B25FD-CADE-445B-BE4D-E082E0FF1A0F', + 'title' => '', + ], + 'IsTruncated' => [ + 'description' => 'Indicates whether the response is truncated. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + 'UserBasicInfos' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'UserBasicInfo' => [ + 'description' => 'The basic information about the RAM users.', + 'type' => 'array', + 'items' => [ + 'description' => 'The basic information about the RAM user.', + 'type' => 'object', + 'properties' => [ + 'UserPrincipalName' => [ + 'description' => 'The logon name of the RAM user.', + 'type' => 'string', + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'DisplayName' => [ + 'description' => 'The display name of the RAM user.', + 'type' => 'string', + 'example' => 'test', + 'title' => '', + ], + 'UserId' => [ + 'description' => 'The ID of the RAM user.', + 'type' => 'string', + 'example' => '20732900249392****', + 'title' => '', + ], + 'Status' => [ + 'description' => 'The status of the RAM user.', + 'type' => 'string', + 'example' => 'active', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'Marker' => [ + 'description' => 'The `marker`. This parameter is returned only if the value of `IsTruncated` is `true`. If the parameter is returned, you can call this operation again and set this parameter to obtain the truncated part.\\`\\`', + 'type' => 'string', + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => 'ListUserBasicInfos', + 'summary' => 'Queries the basic information about all Resource Access Management (RAM) users.', + 'description' => 'You can call the following API operations to query information about all RAM users:'."\n" + ."\n" + .'- ListUsers: queries the details of all RAM users.'."\n" + ."\n" + .'- ListUserBasicInfos: queries the basic information about all RAM users. The basic information includes only the logon names (`UserPrincipalName`), display names (`DisplayName`), and user IDs (`UserId`).', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListUserBasicInfos', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListUserBasicInfos', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"EF2B25FD-CADE-445B-BE4D-E082E0FF1A0F\\",\\n \\"IsTruncated\\": true,\\n \\"UserBasicInfos\\": {\\n \\"UserBasicInfo\\": [\\n {\\n \\"UserPrincipalName\\": \\"test@example.onaliyun.com\\",\\n \\"DisplayName\\": \\"test\\",\\n \\"UserId\\": \\"20732900249392****\\",\\n \\"Status\\": \\"active\\"\\n }\\n ]\\n },\\n \\"Marker\\": \\"EXAMPLE\\"\\n}","type":"json"}]', + ], + 'ListUsers' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'Marker', + 'in' => 'query', + 'schema' => [ + 'description' => 'The `marker`. If part of a previous response is truncated, you can use this parameter to obtain the truncated part.', + 'type' => 'string', + 'required' => false, + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + [ + 'name' => 'MaxItems', + 'in' => 'query', + 'schema' => [ + 'description' => 'The number of entries per page. If a response is truncated because it reaches the value of `MaxItems`, the value of `IsTruncated` will be true.'."\n" + ."\n" + .'Valid values: 1 to 1000. Default value: 1000.', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1000', + 'title' => '', + ], + ], + [ + 'name' => 'Tag', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'title' => '', + 'description' => 'The tags. A maximum number of 20 tags are supported.', + 'type' => 'array', + 'items' => [ + 'description' => 'The tag value.'."\n" + ."\n" + .'Valid values of N: 1 to 20. The tag value can be an empty string. The tag value can be a up to128 characters in length and cannot contain `http://` or `https://`. The tag value cannot start with `acs:`.', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'description' => 'The key of tag N.'."\n" + ."\n" + .'Valid values of N: 1 to 20. N must be consecutive.', + 'type' => 'string', + 'title' => '', + 'required' => false, + 'example' => 'operator', + ], + 'Value' => [ + 'description' => 'The value of tag N.'."\n" + ."\n" + .'Valid values of N: 1 to 20. N must be consecutive.', + 'type' => 'string', + 'title' => '', + 'required' => false, + 'example' => 'alice', + ], + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'required' => false, + 'maxItems' => 21, + 'example' => '', + ], + ], + [ + 'name' => 'Status', + 'in' => 'query', + 'schema' => [ + 'description' => 'The status of the RAM users that you want to query. Valid values: active, freeze, and active,freeze. If you leave the parameter empty, the value active is used by default. If you specify a value for the Tag parameter, users in both states are queried.', + 'type' => 'string', + 'required' => false, + 'example' => 'active', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => '4B450CA1-36E8-4AA2-8461-86B42BF4CC4E', + 'title' => '', + ], + 'IsTruncated' => [ + 'description' => 'Indicates whether the response is truncated. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + 'Marker' => [ + 'description' => 'The parameter that is used to obtain the truncated part. It takes effect only when `IsTruncated` is set to `true`.', + 'type' => 'string', + 'example' => 'EXAMPLE', + 'title' => '', + ], + 'Users' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'User' => [ + 'description' => 'The information about the RAM users.', + 'type' => 'array', + 'items' => [ + 'description' => 'The information about the RAM user.', + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the RAM user.', + 'type' => 'string', + 'example' => 'test', + 'title' => '', + ], + 'UserPrincipalName' => [ + 'description' => 'The logon name of the RAM user.', + 'type' => 'string', + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'Email' => [ + 'description' => 'The email address of the RAM user.'."\n" + ."\n" + .'> This parameter applies only to the Alibaba Cloud China site (aliyun.com).', + 'type' => 'string', + 'example' => 'alice@example.com', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The point in time when the information about the RAM user was last modified. The time is displayed in UTC.', + 'type' => 'string', + 'example' => '2023-08-21T06:12:47Z', + 'title' => '', + ], + 'MobilePhone' => [ + 'description' => 'The mobile phone number of the RAM user.'."\n" + ."\n" + .'> This parameter applies only to the Alibaba Cloud China site (aliyun.com).', + 'type' => 'string', + 'example' => '86-1868888****', + 'title' => '', + ], + 'UserId' => [ + 'description' => 'The ID of the RAM user.', + 'type' => 'string', + 'example' => '20732900249392****', + 'title' => '', + ], + 'Comments' => [ + 'description' => 'The description.', + 'type' => 'string', + 'example' => 'This is a cloud computing engineer.', + 'title' => '', + ], + 'LastLoginDate' => [ + 'description' => 'The timestamp when the RAM user last logged on to the console.', + 'type' => 'string', + 'example' => '1692598367586', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The point in time when the RAM user was created. The time is displayed in UTC.', + 'type' => 'string', + 'example' => '2020-08-25T09:23:57Z', + 'title' => '', + ], + 'ProvisionType' => [ + 'description' => 'The source of the RAM user. Valid values:'."\n" + ."\n" + .'- Manual: The RAM user is manually created in the RAM console.'."\n" + ."\n" + .'- SCIM: The RAM user is mapped by using System for Cross-domain Identity Management (SCIM).'."\n" + ."\n" + .'- CloudSSO: The RAM user is mapped from a CloudSSO user.', + 'type' => 'string', + 'example' => 'Manual', + 'title' => '', + ], + 'Status' => [ + 'description' => 'The status of the RAM user.', + 'type' => 'string', + 'example' => 'active', + 'title' => '', + ], + 'Tags' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'Tag' => [ + 'description' => 'The tags.', + 'type' => 'array', + 'items' => [ + 'description' => '', + 'type' => 'object', + 'properties' => [ + 'TagKey' => [ + 'description' => 'The key of the tag.', + 'type' => 'string', + 'example' => 'oparator', + 'title' => '', + ], + 'TagValue' => [ + 'description' => 'The value of the tag', + 'type' => 'string', + 'example' => 'alice', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => 'ListUsers', + 'summary' => 'Queries information about all Resource Access Management (RAM) users.', + 'description' => '### [](#)'."\n" + ."\n" + .'You can call the following API operations to query the details of all RAM users:'."\n" + ."\n" + .'- ListUsers: queries the details of all RAM users.'."\n" + ."\n" + .'- ListUserBasicInfos: queries the basic information about all RAM users. The basic information includes only the logon names (`UserPrincipalName`), display names (`DisplayName`), and user IDs (`UserId`).', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListUsers', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListUsers', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"4B450CA1-36E8-4AA2-8461-86B42BF4CC4E\\",\\n \\"IsTruncated\\": true,\\n \\"Marker\\": \\"EXAMPLE\\",\\n \\"Users\\": {\\n \\"User\\": [\\n {\\n \\"DisplayName\\": \\"test\\",\\n \\"UserPrincipalName\\": \\"test@example.onaliyun.com\\",\\n \\"Email\\": \\"alice@example.com\\",\\n \\"UpdateDate\\": \\"2023-08-21T06:12:47Z\\",\\n \\"MobilePhone\\": \\"86-1868888****\\",\\n \\"UserId\\": \\"20732900249392****\\",\\n \\"Comments\\": \\"This is a cloud computing engineer.\\",\\n \\"LastLoginDate\\": \\"1692598367586\\",\\n \\"CreateDate\\": \\"2020-08-25T09:23:57Z\\",\\n \\"ProvisionType\\": \\"Manual\\",\\n \\"Status\\": \\"active\\",\\n \\"Tags\\": {\\n \\"Tag\\": [\\n {\\n \\"TagKey\\": \\"oparator\\",\\n \\"TagValue\\": \\"alice\\"\\n }\\n ]\\n }\\n }\\n ]\\n }\\n}","type":"json"}]', + ], + 'ListUsersForGroup' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram3V29VK', + ], + ], + 'parameters' => [ + [ + 'name' => 'GroupName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the RAM user group.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'Test-Team', + 'title' => '', + ], + ], + [ + 'name' => 'Marker', + 'in' => 'query', + 'schema' => [ + 'description' => 'The pagination token that is used in the next request to retrieve a new page of results. You do not need to specify this parameter for the first request.``'."\n" + ."\n" + .'When you call the operation for the first time, if the total number of returned entries exceeds the value of `MaxItems`, the entries are truncated. The system returns entries based on the value of `MaxItems` and does not return the excess entries. In this case, the value of the response parameter `IsTruncated` is `true`, and `Marker` is returned. In the next call, you can use the value of `Marker` and maintain the settings of the other request parameters to query the excess entries. You can repeat the call until the value of `IsTruncated` becomes `false`. This way, all entries are returned.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + [ + 'name' => 'MaxItems', + 'in' => 'query', + 'schema' => [ + 'description' => 'The number of entries per page.'."\n" + ."\n" + .'Valid values: 1 to 100.'."\n" + ."\n" + .'Default value: 100.'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '100', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '789FF581-B3C8-43A8-9115-54304B46D05C', + 'title' => '', + ], + 'IsTruncated' => [ + 'description' => 'Indicates whether the response is truncated. Valid values:'."\n" + ."\n" + .'* true'."\n" + .'* false'."\n", + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + 'Marker' => [ + 'description' => 'The pagination token that is used in the next request to retrieve a new page of results.'."\n" + ."\n" + .'> This parameter is returned only when `IsTruncated` is `true`.'."\n", + 'type' => 'string', + 'example' => 'EXAMPLE', + 'title' => '', + ], + 'Users' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'User' => [ + 'description' => 'The information about the RAM users.'."\n", + 'title' => '', + 'type' => 'array', + 'items' => [ + 'description' => '', + 'type' => 'object', + 'properties' => [ + 'UserPrincipalName' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'DisplayName' => [ + 'description' => 'The display name of the RAM user.'."\n", + 'type' => 'string', + 'example' => 'test', + 'title' => '', + ], + 'UserId' => [ + 'description' => 'The ID of the RAM user.'."\n", + 'type' => 'string', + 'example' => '20732900249392****', + 'title' => '', + ], + 'JoinDate' => [ + 'description' => 'The time when the RAM user was added to the RAM user group. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2020-10-20T06:57:00Z', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"789FF581-B3C8-43A8-9115-54304B46D05C\\",\\n \\"IsTruncated\\": true,\\n \\"Marker\\": \\"EXAMPLE\\",\\n \\"Users\\": {\\n \\"User\\": [\\n {\\n \\"UserPrincipalName\\": \\"test@example.onaliyun.com\\",\\n \\"DisplayName\\": \\"test\\",\\n \\"UserId\\": \\"20732900249392****\\",\\n \\"JoinDate\\": \\"2020-10-20T06:57:00Z\\"\\n }\\n ]\\n }\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\t789FF581-B3C8-43A8-9115-54304B46D05C\\r\\n true\\r\\n EXAMPLE\\r\\n\\t\\r\\n\\t\\t\\r\\n\\t\\t\\t20732900249392****\\r\\n\\t\\t\\ttest\\r\\n\\t\\t\\ttest@example.onaliyun.com\\r\\n\\t\\t\\t2020-10-20T06:57:00Z\\r\\n\\t\\t\\r\\n\\t\\t\\r\\n\\t\\t\\t21096280076542****\\r\\n\\t\\t\\talice\\r\\n\\t\\t\\talice@example.onaliyun.com\\r\\n\\t\\t\\t2020-10-20T07:12:42Z\\r\\n\\t\\t\\r\\n\\t\\r\\n\\r\\n\\t\\r\\n","errorExample":""}]', + 'title' => 'ListUsersForGroup', + 'summary' => 'Queries Resource Access Management (RAM) users in a RAM user group.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListUsersForGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/{#GroupName}', + ], + ], + ], + ], + ], + ], + 'ListUsersInRecycleBin' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'Marker', + 'in' => 'query', + 'schema' => [ + 'description' => 'The `marker`. If part of a previous response is truncated, you can use this parameter to obtain the truncated part.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + [ + 'name' => 'MaxItems', + 'in' => 'query', + 'schema' => [ + 'description' => 'The number of entries to return. If a response is truncated because it reaches the value of `MaxItems`, the value of `IsTruncated` will be true.'."\n" + ."\n" + .'Valid values: 1 to 100. Default value: 100.'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '100', + 'title' => '', + ], + ], + [ + 'name' => 'Filter', + 'in' => 'query', + 'schema' => [ + 'description' => 'The filter condition that is used to query information about a specified RAM user in the recycle bin.'."\n" + ."\n" + .'You must specify this parameter in the `UserPrincipalName eq @.onaliyun.com` format.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'UserPrincipalName eq test@example.onaliyun.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '3687BD52-49FD-585B-AB14-CD05B7C76963', + 'title' => '', + ], + 'IsTruncated' => [ + 'description' => 'Indicates whether the response is truncated. Valid values:'."\n" + ."\n" + .'* true'."\n" + .'* false'."\n", + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + 'Marker' => [ + 'description' => 'The parameter that is used to obtain the truncated part. It takes effect only when `IsTruncated` is set to `true`.'."\n", + 'type' => 'string', + 'example' => 'EXAMPLE', + 'title' => '', + ], + 'Users' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'User' => [ + 'description' => 'The information about the RAM users.'."\n", + 'title' => '', + 'type' => 'array', + 'items' => [ + 'description' => 'The information about the RAM user.'."\n", + 'type' => 'object', + 'properties' => [ + 'UserId' => [ + 'description' => 'The ID of the RAM user.'."\n", + 'type' => 'string', + 'example' => '20732900249392****', + 'title' => '', + ], + 'UserPrincipalName' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'DisplayName' => [ + 'description' => 'The display name of the RAM user.'."\n", + 'type' => 'string', + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the RAM user was created.'."\n", + 'type' => 'string', + 'example' => '2020-10-12T09:12:00Z', + 'title' => '', + ], + 'RecycleDate' => [ + 'description' => 'The time when the RAM user was deleted and moved to the recycle bin.'."\n", + 'type' => 'string', + 'example' => '2020-10-15T09:12:00Z', + 'title' => '', + ], + 'DeleteDate' => [ + 'description' => 'The time when the RAM user will be permanently deleted from the recycle bin.'."\n", + 'type' => 'string', + 'example' => '2020-11-15T09:12:00Z', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"3687BD52-49FD-585B-AB14-CD05B7C76963\\",\\n \\"IsTruncated\\": true,\\n \\"Marker\\": \\"EXAMPLE\\",\\n \\"Users\\": {\\n \\"User\\": [\\n {\\n \\"UserId\\": \\"20732900249392****\\",\\n \\"UserPrincipalName\\": \\"test@example.onaliyun.com\\",\\n \\"DisplayName\\": \\"test@example.onaliyun.com\\",\\n \\"CreateDate\\": \\"2020-10-12T09:12:00Z\\",\\n \\"RecycleDate\\": \\"2020-10-15T09:12:00Z\\",\\n \\"DeleteDate\\": \\"2020-11-15T09:12:00Z\\"\\n }\\n ]\\n }\\n}","errorExample":""},{"type":"xml","example":"\\n 3687BD52-49FD-585B-AB14-CD05B7C76963\\n true\\n EXAMPLE\\n \\n 20732900249392****\\n test@example.onaliyun.com\\n test@example.onaliyun.com\\n 2020-10-12T09:12:00Z\\n 2020-10-15T09:12:00Z\\n 2020-11-15T09:12:00Z\\n \\n","errorExample":""}]', + 'title' => 'ListUsersInRecycleBin', + 'summary' => 'Queries the basic information about all Resource Access Management (RAM) users in the recycle bin.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListUsersInRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'ListVirtualMFADevices' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramCFN0GB', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'Marker', + 'in' => 'query', + 'schema' => [ + 'description' => 'The pagination token that is used in the next request to retrieve a new page of results. You do not need to specify this parameter for the first request.\\`\\`'."\n" + ."\n" + .'When you call the operation for the first time, if the total number of returned entries exceeds the value of `MaxItems`, the entries are truncated. The system returns entries based on the value of `MaxItems` and does not return the excess entries. In this case, the value of the response parameter `IsTruncated` is `true`, and `Marker` is returned. In the next call, you can use the value of `Marker` and maintain the settings of the other request parameters to query the excess entries. You can repeat the call until the value of the `IsTruncated` parameter becomes `false`. This way, all entries are returned.', + 'type' => 'string', + 'required' => false, + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + [ + 'name' => 'MaxItems', + 'in' => 'query', + 'schema' => [ + 'description' => 'The number of entries per page.'."\n" + ."\n" + .'Valid values: 1 to 100.'."\n" + ."\n" + .'Default value: 100.', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '100', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.', + 'type' => 'object', + 'properties' => [ + 'VirtualMFADevices' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'VirtualMFADevice' => [ + 'description' => 'The information about the MFA device.', + 'type' => 'array', + 'items' => [ + 'description' => '', + 'type' => 'object', + 'properties' => [ + 'SerialNumber' => [ + 'description' => 'The serial number of the MFA device.', + 'type' => 'string', + 'example' => 'acs:ram::177242285274****:mfa/test', + 'title' => '', + ], + 'User' => [ + 'description' => 'The information of the RAM user that has an MFA device bound.', + 'type' => 'object', + 'properties' => [ + 'UserPrincipalName' => [ + 'description' => 'The logon name of the RAM user.', + 'type' => 'string', + 'example' => 'test@177242285274****.onaliyun.com', + 'title' => '', + ], + 'DisplayName' => [ + 'description' => 'The display name of the RAM user.', + 'type' => 'string', + 'example' => 'test', + 'title' => '', + ], + 'UserId' => [ + 'description' => 'The ID of the RAM user.', + 'type' => 'string', + 'example' => '20732900249392****', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'ActivateDate' => [ + 'description' => 'The time when the MFA device was activated.', + 'type' => 'string', + 'example' => '2020-10-16T06:02:09Z', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => '32272612-DF82-485E-8BA9-AFA4E0C3D0BA', + 'title' => '', + ], + 'IsTruncated' => [ + 'description' => 'Indicates whether the response is truncated. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + 'Marker' => [ + 'description' => 'The pagination token that is used in the next request to retrieve a new page of results.'."\n" + ."\n" + .'> This parameter is returned only when `IsTruncated` is `true`.', + 'type' => 'string', + 'example' => 'EXAMPLE', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => 'ListVirtualMFADevices', + 'summary' => 'Queries multi-factor authentication (MFA) devices.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListVirtualMFADevices', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListVirtualMFADevices', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'MFADevice', + 'arn' => 'acs:ram::{#accountId}:mfa/*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"VirtualMFADevices\\": {\\n \\"VirtualMFADevice\\": [\\n {\\n \\"SerialNumber\\": \\"acs:ram::177242285274****:mfa/test\\",\\n \\"User\\": {\\n \\"UserPrincipalName\\": \\"test@177242285274****.onaliyun.com\\",\\n \\"DisplayName\\": \\"test\\",\\n \\"UserId\\": \\"20732900249392****\\"\\n },\\n \\"ActivateDate\\": \\"2020-10-16T06:02:09Z\\"\\n }\\n ]\\n },\\n \\"RequestId\\": \\"32272612-DF82-485E-8BA9-AFA4E0C3D0BA\\",\\n \\"IsTruncated\\": true,\\n \\"Marker\\": \\"EXAMPLE\\"\\n}","type":"json"}]', + ], + 'ProvisionApplication' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramCEEHYN', + ], + ], + 'parameters' => [ + [ + 'name' => 'AppId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => '407426893752729****', + 'title' => '', + ], + ], + [ + 'name' => 'Scopes', + 'in' => 'query', + 'schema' => [ + 'description' => 'The permissions that are granted to the application. Separate multiple permissions with a semicolon (;).'."\n" + ."\n" + .'> For more information about the supported permissions, see [Overview](~~93693~~).'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'openid;aliuid', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'C8AE06ED-9593-5BF9-8D4A-68D5DDCC90AB', + 'title' => '', + ], + 'ApplicationProvisionInfo' => [ + 'description' => 'The installation information of the application.'."\n", + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the application.'."\n", + 'type' => 'string', + 'example' => 'GiteeAliyun', + 'title' => '', + ], + 'AppName' => [ + 'description' => 'The name of the application.'."\n", + 'type' => 'string', + 'example' => 'GiteePrd', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The update time. The value is a timestamp.'."\n", + 'type' => 'string', + 'example' => '1603693518000', + 'title' => '', + ], + 'AppId' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'example' => '452392483381546****', + 'title' => '', + ], + 'DelegatedScope' => [ + 'description' => 'The information about the permissions that are granted to the application.'."\n", + 'type' => 'object', + 'properties' => [ + 'PredefinedScopes' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'PredefinedScope' => [ + 'description' => 'The information about the permissions that are granted to the application.'."\n", + 'title' => '', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Description' => [ + 'description' => 'The description of the permission.'."\n", + 'type' => 'string', + 'example' => 'Obtains the OpenID of the user. This is the default scope and cannot be deleted.', + 'title' => '', + ], + 'Name' => [ + 'description' => 'The name of the permission.'."\n", + 'type' => 'string', + 'example' => 'openid', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + ], + ], + 'title' => '', + ], + 'AccountId' => [ + 'description' => 'The ID of the Alibaba Cloud account.'."\n", + 'type' => 'string', + 'example' => '177242285274****', + 'title' => '', + ], + 'AppPrincipalName' => [ + 'description' => 'The name of the application principal. The value is in the `@app..onaliyun.com` format.'."\n", + 'type' => 'string', + 'example' => 'GiteePrd@app.177242285274****.onaliyun.com', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the application was installed. The value is a timestamp.'."\n", + 'type' => 'string', + 'example' => '1603693518000', + 'title' => '', + ], + 'TenantId' => [ + 'description' => 'The ID of the Alibaba Cloud account for which the application was installed.'."\n", + 'type' => 'string', + 'example' => '177242285274****', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C8AE06ED-9593-5BF9-8D4A-68D5DDCC90AB\\",\\n \\"ApplicationProvisionInfo\\": {\\n \\"DisplayName\\": \\"GiteeAliyun\\",\\n \\"AppName\\": \\"GiteePrd\\",\\n \\"UpdateDate\\": \\"1603693518000\\",\\n \\"AppId\\": \\"452392483381546****\\",\\n \\"DelegatedScope\\": {\\n \\"PredefinedScopes\\": {\\n \\"PredefinedScope\\": [\\n {\\n \\"Description\\": \\"Obtains the OpenID of the user. This is the default scope and cannot be deleted.\\",\\n \\"Name\\": \\"openid\\"\\n }\\n ]\\n }\\n },\\n \\"AccountId\\": \\"177242285274****\\",\\n \\"AppPrincipalName\\": \\"GiteePrd@app.177242285274****.onaliyun.com\\",\\n \\"CreateDate\\": \\"1603693518000\\",\\n \\"TenantId\\": \\"177242285274****\\"\\n }\\n}","type":"json"}]', + 'title' => 'ProvisionApplication', + 'summary' => 'Installs an application.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:ProvisionApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'ProvisionExternalApplication' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '7484', + 'abilityTreeNodes' => [ + 'FEATUREramCEEHYN', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'AppId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => '403550611646604****', + 'title' => '', + ], + ], + [ + 'name' => 'Scopes', + 'in' => 'query', + 'schema' => [ + 'description' => 'The permissions that are granted to the application. Separate multiple permissions with a semicolon (;).'."\n" + ."\n" + .'> For more information about the supported permissions, see [Overview](~~93693~~).'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'openid;aliuid', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '55535873-9A6B-5C87-853F-C7CD258826F2', + 'title' => '', + ], + 'ExternalApplication' => [ + 'description' => 'The information about the external application.'."\n", + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the application.'."\n", + 'type' => 'string', + 'example' => 'GiteeAliyun'."\n", + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The update time. The value is a timestamp.'."\n", + 'type' => 'string', + 'example' => '1603693518000', + 'title' => '', + ], + 'DelegatedScope' => [ + 'description' => 'The information about the scopes of permissions that are granted to the application.'."\n", + 'type' => 'object', + 'properties' => [ + 'PredefinedScopes' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'PredefinedScope' => [ + 'description' => 'The information about the scopes of permissions that are granted to the application.'."\n", + 'title' => '', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Description' => [ + 'description' => 'The description of the permission scope.'."\n", + 'type' => 'string', + 'example' => 'Obtains the OpenID of the user. This is the default scope and cannot be deleted.', + 'title' => '', + ], + 'Name' => [ + 'description' => 'The name of the permission scope.'."\n", + 'type' => 'string', + 'example' => 'openid', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + ], + ], + 'title' => '', + ], + 'AppPrincipalName' => [ + 'description' => 'The name of the application principal. The value is in the `@app..onaliyun.com` format.'."\n", + 'type' => 'string', + 'example' => 'GiteePrd@app.177242285274****.onaliyun.com'."\n", + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the application was installed. The value is a timestamp.'."\n", + 'type' => 'string', + 'example' => '1603693518000', + 'title' => '', + ], + 'TenantId' => [ + 'description' => 'The ID of the Alibaba Cloud account to which the external application belongs.'."\n", + 'type' => 'string', + 'example' => '157242285274****', + 'title' => '', + ], + 'ForeignAppId' => [ + 'description' => 'The ID of the application.'."\n", + 'type' => 'string', + 'example' => '403550611646604****', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"55535873-9A6B-5C87-853F-C7CD258826F2\\",\\n \\"ExternalApplication\\": {\\n \\"DisplayName\\": \\"GiteeAliyun\\\\n\\",\\n \\"UpdateDate\\": \\"1603693518000\\",\\n \\"DelegatedScope\\": {\\n \\"PredefinedScopes\\": {\\n \\"PredefinedScope\\": [\\n {\\n \\"Description\\": \\"Obtains the OpenID of the user. This is the default scope and cannot be deleted.\\",\\n \\"Name\\": \\"openid\\"\\n }\\n ]\\n }\\n },\\n \\"AppPrincipalName\\": \\"GiteePrd@app.177242285274****.onaliyun.com\\\\n\\",\\n \\"CreateDate\\": \\"1603693518000\\",\\n \\"TenantId\\": \\"157242285274****\\",\\n \\"ForeignAppId\\": \\"403550611646604****\\"\\n }\\n}","type":"json"}]', + 'title' => 'ProvisionExternalApplication', + 'summary' => 'Installs an external application.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:ProvisionExternalApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'RemoveClientIdFromOIDCProvider' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'OIDCProviderName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + ], + [ + 'name' => 'ClientId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The client ID that you want to remove.'."\n" + ."\n" + .'The client ID can contain letters, digits, and special characters and cannot start with the special characters. The special characters are `periods, (.), hyphens (-), underscores (_), colons (:), and forward slashes (/)`.``'."\n" + ."\n" + .'The client ID can be up to 128 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => '498469743454717****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'EC9A8F3B-AFA5-5C8F-999D-F97BC7CF1FC5', + 'title' => '', + ], + 'OIDCProvider' => [ + 'description' => 'The information about the OIDC IdP.'."\n", + 'type' => 'object', + 'properties' => [ + 'UpdateDate' => [ + 'description' => 'The time when the OIDC IdP was modified. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-12T08:38:29Z', + 'title' => '', + ], + 'Description' => [ + 'description' => 'The description of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'This is a new OIDC Provider.', + 'title' => '', + ], + 'OIDCProviderName' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the OIDC IdP was created. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-11T06:56:03Z', + 'title' => '', + ], + 'Arn' => [ + 'description' => 'The Alibaba Cloud Resource Name (ARN) of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'acs:ram::177242285274****:oidc-provider/TestOIDCProvider', + 'title' => '', + ], + 'IssuerUrl' => [ + 'description' => 'The URL of the issuer.'."\n", + 'type' => 'string', + 'example' => 'https://dev-xxxxxx.okta.com', + 'title' => '', + ], + 'Fingerprints' => [ + 'description' => 'The fingerprint of the HTTPS certificate. If multiple fingerprints are returned, the fingerprints are separated by commas (,).'."\n", + 'type' => 'string', + 'example' => '902ef2deeb3c5b13ea4c3d5193629309e231****', + 'title' => '', + ], + 'ClientIds' => [ + 'description' => 'The ID of the client. If multiple client IDs are returned, the client IDs are separated by commas (,).'."\n", + 'type' => 'string', + 'example' => '598469743454717****', + 'title' => '', + ], + 'GmtCreate' => [ + 'description' => 'The timestamp when the OIDC IdP was created.'."\n", + 'type' => 'string', + 'example' => '1636613763000', + 'title' => '', + ], + 'GmtModified' => [ + 'description' => 'The timestamp when the OIDC IdP was modified.'."\n", + 'type' => 'string', + 'example' => '1636706309000', + 'title' => '', + ], + 'IssuanceLimitTime' => [ + 'description' => 'The earliest time when an external IdP can issue an ID token. If the value of the iat field in the ID token is later than the current time, the request is rejected. Unit: hours. Valid values: 1 to 168.'."\n", + 'type' => 'integer', + 'format' => 'int64', + 'example' => '12', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"EC9A8F3B-AFA5-5C8F-999D-F97BC7CF1FC5\\",\\n \\"OIDCProvider\\": {\\n \\"UpdateDate\\": \\"2021-11-12T08:38:29Z\\",\\n \\"Description\\": \\"This is a new OIDC Provider.\\",\\n \\"OIDCProviderName\\": \\"TestOIDCProvider\\",\\n \\"CreateDate\\": \\"2021-11-11T06:56:03Z\\",\\n \\"Arn\\": \\"acs:ram::177242285274****:oidc-provider/TestOIDCProvider\\",\\n \\"IssuerUrl\\": \\"https://dev-xxxxxx.okta.com\\",\\n \\"Fingerprints\\": \\"902ef2deeb3c5b13ea4c3d5193629309e231****\\",\\n \\"ClientIds\\": \\"598469743454717****\\",\\n \\"GmtCreate\\": \\"1636613763000\\",\\n \\"GmtModified\\": \\"1636706309000\\",\\n \\"IssuanceLimitTime\\": 12\\n }\\n}","errorExample":""},{"type":"xml","example":"\\n EC9A8F3B-AFA5-5C8F-999D-F97BC7CF1FC5\\n \\n 2021-11-12T08:38:29Z\\n This is a new OIDC Provider.\\n TestOIDCProvider\\n 2021-11-11T06:56:03Z\\n acs:ram::177242285274****:oidc-provider/TestOIDCProvider\\n https://dev-xxxxxx.okta.com\\n 902ef2deeb3c5b13ea4c3d5193629309e231****\\n 598469743454717****\\n 1636613763000\\n 1636706309000\\n \\n","errorExample":""}]', + 'title' => 'RemoveClientIdFromOIDCProvider', + 'summary' => 'Removes a client ID from an OpenID Connect (OIDC) identity provider (IdP).', + 'description' => '###'."\n" + ."\n" + .'This topic provides an example on how to remove the client ID `498469743454717****` from the OIDC IdP named `TestOIDCProvider`.'."\n", + 'requestParamsDescription' => 'For more information about common request parameters, see [API Reference](~~187377~~).'."\n", + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:RemoveClientIdFromOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + ], + ], + ], + ], + ], + 'RemoveFingerprintFromOIDCProvider' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'OIDCProviderName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + ], + [ + 'name' => 'Fingerprint', + 'in' => 'query', + 'schema' => [ + 'description' => 'The fingerprint that you want to remove.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => '6938fd4d98bab03faadb97b34396831e3780****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'C90CE971-4C7F-5D93-BD3E-2D0E79D03C01', + 'title' => '', + ], + 'OIDCProvider' => [ + 'description' => 'The information about the OIDC IdP.'."\n", + 'type' => 'object', + 'properties' => [ + 'UpdateDate' => [ + 'description' => 'The time when the OIDC IdP was modified. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-12T08:38:29Z', + 'title' => '', + ], + 'Description' => [ + 'description' => 'The description of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'This is a new OIDC Provider.', + 'title' => '', + ], + 'OIDCProviderName' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the OIDC IdP was created. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-11T06:56:03Z', + 'title' => '', + ], + 'Arn' => [ + 'description' => 'The Alibaba Cloud Resource Name (ARN) of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'acs:ram::177242285274****:oidc-provider/TestOIDCProvider', + 'title' => '', + ], + 'IssuerUrl' => [ + 'description' => 'The URL of the issuer.'."\n", + 'type' => 'string', + 'example' => 'https://dev-xxxxxx.okta.com', + 'title' => '', + ], + 'Fingerprints' => [ + 'description' => 'The fingerprint of the HTTPS certificate. If multiple fingerprints are returned, the fingerprints are separated by commas (,).'."\n", + 'type' => 'string', + 'example' => '5938fd4d98bab03faadb97b34396831e3780****', + 'title' => '', + ], + 'ClientIds' => [ + 'description' => 'The ID of the client. If multiple client IDs are returned, the client IDs are separated by commas (,).'."\n", + 'type' => 'string', + 'example' => '0oa4u6l8x5WoaVbd****', + 'title' => '', + ], + 'GmtCreate' => [ + 'description' => 'The timestamp when the OIDC IdP was created.'."\n", + 'type' => 'string', + 'example' => '1636613763000', + 'title' => '', + ], + 'GmtModified' => [ + 'description' => 'The timestamp when the OIDC IdP was modified.'."\n", + 'type' => 'string', + 'example' => '1636706309000', + 'title' => '', + ], + 'IssuanceLimitTime' => [ + 'description' => 'The earliest time when an external IdP can issue an ID token. If the value of the iat field in the ID token is later than the current time, the request is rejected. Unit: hours. Valid values: 1 to 168.'."\n", + 'type' => 'integer', + 'format' => 'int64', + 'example' => '12', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"C90CE971-4C7F-5D93-BD3E-2D0E79D03C01\\",\\n \\"OIDCProvider\\": {\\n \\"UpdateDate\\": \\"2021-11-12T08:38:29Z\\",\\n \\"Description\\": \\"This is a new OIDC Provider.\\",\\n \\"OIDCProviderName\\": \\"TestOIDCProvider\\",\\n \\"CreateDate\\": \\"2021-11-11T06:56:03Z\\",\\n \\"Arn\\": \\"acs:ram::177242285274****:oidc-provider/TestOIDCProvider\\",\\n \\"IssuerUrl\\": \\"https://dev-xxxxxx.okta.com\\",\\n \\"Fingerprints\\": \\"5938fd4d98bab03faadb97b34396831e3780****\\",\\n \\"ClientIds\\": \\"0oa4u6l8x5WoaVbd****\\",\\n \\"GmtCreate\\": \\"1636613763000\\",\\n \\"GmtModified\\": \\"1636706309000\\",\\n \\"IssuanceLimitTime\\": 12\\n }\\n}","errorExample":""},{"type":"xml","example":"\\n C90CE971-4C7F-5D93-BD3E-2D0E79D03C01\\n \\n 2021-11-12T08:38:29Z\\n This is a new OIDC Provider.\\n TestOIDCProvider\\n 2021-11-11T06:56:03Z\\n acs:ram::177242285274****:oidc-provider/TestOIDCProvider\\n https://dev-xxxxxx.okta.com\\n 5938fd4d98bab03faadb97b34396831e3780****\\n 0oa4u6l8x5WoaVbd****\\n 1636613763000\\n 1636706309000\\n \\n","errorExample":""}]', + 'title' => 'RemoveFingerprintFromOIDCProvider', + 'summary' => 'Removes a fingerprint from an OpenID Connect (OIDC) identity provider (IdP).', + 'description' => '###'."\n" + ."\n" + .'This topic provides an example on how to remove the fingerprint `6938fd4d98bab03faadb97b34396831e3780****` from the OIDC IdP named `TestOIDCProvider`.'."\n", + 'requestParamsDescription' => 'For more information about common request parameters, see [API Reference](~~187377~~).'."\n", + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:RemoveFingerprintFromOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + ], + ], + ], + ], + ], + 'RemoveUserFromGroup' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram3V29VK', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'alice@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'GroupName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the RAM user group.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'Test-Team', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '85836703-8D4F-485F-9726-4D1C730F957E', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"85836703-8D4F-485F-9726-4D1C730F957E\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n 85836703-8D4F-485F-9726-4D1C730F957E\\r\\n","errorExample":""}]', + 'title' => 'RemoveUserFromGroup', + 'summary' => 'Removes a Resource Access Management (RAM) user from a RAM user group.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:RemoveUserFromGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/{#GroupName}', + ], + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'RestoreAccessKeyFromRecycleBin' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'UserId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the Resource Access Management (RAM) user.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '20732900249392****', + 'title' => '', + ], + ], + [ + 'name' => 'UserAccessKeyId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The AccessKey ID of the RAM user.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => "\n" + .'LTAI*******************', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\"\\n}","errorExample":""},{"type":"xml","example":"\\n 4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\n","errorExample":""}]', + 'title' => 'RestoreAccessKeyFromRecycleBin', + 'summary' => 'Restores a specific AccessKey pair that belongs to a Resource Access Management (RAM) user from the recycle bin.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:RestoreAccessKeyFromRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'RestoreUserFromRecycleBin' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'UserId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the RAM user.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '20732900249392****', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\"\\n}","errorExample":""},{"type":"xml","example":"\\n 4507D1CD-526A-4E2B-A1E2-3AB045D1EE0B\\n","errorExample":""}]', + 'title' => 'RestoreUserFromRecycleBin', + 'summary' => 'Restores a specific Resource Access Management (RAM) user from the recycle bin.', + 'requestParamsDescription' => 'For more information about common request parameters, see [Common parameters](~~187377~~).'."\n", + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:RestoreUserFromRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'SetDefaultDomain' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramM70W9U', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'DefaultDomainName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The default domain name.'."\n" + ."\n" + .'The default domain name is in the format of `.onaliyun.com`. `` indicates the account alias. By default, the value of AccountAlias is the ID of the Alibaba Cloud account. The default domain name must end with `.onaliyun.com`.'."\n" + ."\n" + .'The default domain name can contain up to 64 characters in length. The default domain name can contain letters, digits, periods (.), underscores (\\_), and hyphens (-).'."\n" + ."\n" + .'> The default domain name cannot start or end with a hyphen (-) and cannot contain two consecutive hyphens (-).'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'examplecompany.onaliyun.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'DefaultDomainName' => [ + 'description' => 'The default domain name.'."\n", + 'type' => 'string', + 'example' => 'examplecompany.onaliyun.com', + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '66815255-7CCE-4759-AC37-9755794C3626', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"DefaultDomainName\\": \\"examplecompany.onaliyun.com\\",\\n \\"RequestId\\": \\"66815255-7CCE-4759-AC37-9755794C3626\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\texamplecompany.onaliyun.com\\r\\n\\t66815255-7CCE-4759-AC37-9755794C3626\\r\\n\\t\\r\\n","errorExample":""}]', + 'title' => 'SetDefaultDomain', + 'summary' => 'Configures the default domain name for an Alibaba Cloud account.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SetDefaultDomain', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'SetPasswordPolicy' => [ + 'summary' => 'Sets the password strength policy for Resource Access Management (RAM) users.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram47VF3L', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'MinimumPasswordLength', + 'in' => 'query', + 'schema' => [ + 'description' => 'The minimum number of characters in a password.'."\n" + ."\n" + .'Valid values: 8 to 32. Default value: 8.', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '8', + 'title' => '', + ], + ], + [ + 'name' => 'RequireLowercaseCharacters', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether a password must contain lowercase letters. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false (default)', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + 'title' => '', + ], + ], + [ + 'name' => 'RequireUppercaseCharacters', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether a password must contain uppercase letters. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false (default)', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + 'title' => '', + ], + ], + [ + 'name' => 'RequireNumbers', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether a password must contain digits. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false (default)', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + 'title' => '', + ], + ], + [ + 'name' => 'RequireSymbols', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether a password must contain special characters. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false (default)', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + 'title' => '', + ], + ], + [ + 'name' => 'HardExpire', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether to disable logon for a RAM user after their password expires. Valid values:'."\n" + ."\n" + .'- true: A RAM user cannot log on to the console after their password expires. The RAM user can log on to the console only after an Alibaba Cloud account or a RAM user that has administrative permissions resets the password for the RAM user.'."\n" + ."\n" + .'- false (default): A RAM user can change their password after it expires and then log on to the console.', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + 'title' => '', + ], + ], + [ + 'name' => 'MaxLoginAttemps', + 'in' => 'query', + 'schema' => [ + 'description' => 'The maximum number of password retries. If a RAM user enters an incorrect password the specified number of times, the RAM user is locked for one hour.'."\n" + ."\n" + .'Valid values: 0 to 32.'."\n" + ."\n" + .'The default value 0 indicates that the password retry limit is disabled.', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '0', + 'title' => '', + ], + ], + [ + 'name' => 'PasswordReusePrevention', + 'in' => 'query', + 'schema' => [ + 'description' => 'The policy for password history check.'."\n" + ."\n" + .'A new password cannot be the same as the last N passwords. N can be a value from 0 to 24.'."\n" + ."\n" + .'The default value 0 indicates that the password history check is disabled.', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '0', + 'title' => '', + ], + ], + [ + 'name' => 'MaxPasswordAge', + 'in' => 'query', + 'schema' => [ + 'description' => 'The validity period of a password.'."\n" + ."\n" + .'Valid values: 0 to 1095. Unit: days.'."\n" + ."\n" + .'The default value 0 indicates that the password never expires.', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '0', + 'title' => '', + ], + ], + [ + 'name' => 'MinimumPasswordDifferentCharacter', + 'in' => 'query', + 'schema' => [ + 'description' => 'The minimum number of unique characters in a password.'."\n" + ."\n" + .'Valid values: 0 to 8.'."\n" + ."\n" + .'The default value 0 indicates that the number of unique characters in a password is not limited.', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '0', + 'title' => '', + ], + ], + [ + 'name' => 'PasswordNotContainUserName', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether a password can contain the username. Valid values:'."\n" + ."\n" + .'- true: A password cannot contain the username.'."\n" + ."\n" + .'- false (default): A password can contain the username.', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + 'title' => '', + ], + ], + [ + 'name' => 'InitialPasswordAge', + 'in' => 'query', + 'schema' => [ + 'description' => 'The validity period of an initial password. An initial password is the password that is set when you create a RAM user or reset the console logon password for a RAM user.'."\n" + ."\n" + .'Valid values: 0 to 90. Unit: days.'."\n" + ."\n" + .'Default value: 14.'."\n" + ."\n" + .'A value of 0 indicates that the validity period of the initial password is not limited.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'required' => false, + 'example' => '14', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The ID of the request.', + 'type' => 'string', + 'example' => '3FB5551F-B2ED-40D4-8392-1E4AC2384EFD', + 'title' => '', + ], + 'PasswordPolicy' => [ + 'description' => 'The information of the password strength policy.', + 'type' => 'object', + 'properties' => [ + 'RequireNumbers' => [ + 'description' => 'Specifies whether a password must contain digits.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'RequireLowercaseCharacters' => [ + 'description' => 'Specifies whether a password must contain lowercase letters.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'PasswordReusePrevention' => [ + 'description' => 'The policy for password history check.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + 'title' => '', + ], + 'RequireSymbols' => [ + 'description' => 'Specifies whether a password must contain special characters.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'PasswordNotContainUserName' => [ + 'description' => 'Specifies whether a password can contain the username.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'MinimumPasswordDifferentCharacter' => [ + 'description' => 'The minimum number of unique characters in a password.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + 'title' => '', + ], + 'MaxPasswordAge' => [ + 'description' => 'The validity period of a password.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + 'title' => '', + ], + 'HardExpire' => [ + 'description' => 'Specifies whether to disable logon for a RAM user after their password expires.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'MinimumPasswordLength' => [ + 'description' => 'The minimum number of characters in a password.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '8', + 'title' => '', + ], + 'RequireUppercaseCharacters' => [ + 'description' => 'Specifies whether a password must contain uppercase letters.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'MaxLoginAttemps' => [ + 'description' => 'The maximum number of password retries.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + 'title' => '', + ], + 'InitialPasswordAge' => [ + 'description' => 'The validity period of an initial password.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '14', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"3FB5551F-B2ED-40D4-8392-1E4AC2384EFD\\",\\n \\"PasswordPolicy\\": {\\n \\"RequireNumbers\\": false,\\n \\"RequireLowercaseCharacters\\": false,\\n \\"PasswordReusePrevention\\": 0,\\n \\"RequireSymbols\\": false,\\n \\"PasswordNotContainUserName\\": false,\\n \\"MinimumPasswordDifferentCharacter\\": 0,\\n \\"MaxPasswordAge\\": 0,\\n \\"HardExpire\\": false,\\n \\"MinimumPasswordLength\\": 8,\\n \\"RequireUppercaseCharacters\\": false,\\n \\"MaxLoginAttemps\\": 0,\\n \\"InitialPasswordAge\\": 14\\n }\\n}","type":"json"}]', + 'title' => 'SetPasswordPolicy', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'SetPasswordPolicy', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SetPasswordPolicy', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'SetSecurityPreference' => [ + 'summary' => 'Configures the global security preferences for a Resource Access Management (RAM) user.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '7490', + 'abilityTreeNodes' => [ + 'FEATUREramPNEJCS', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'EnableSaveMFATicket', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether to save the multi-factor authentication (MFA) status for seven days after a RAM user logs on using MFA. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false (default)', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + 'title' => '', + ], + ], + [ + 'name' => 'AllowUserToChangePassword', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether RAM users can manage their own passwords. Valid values:'."\n" + ."\n" + .'- true (default)'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'required' => false, + 'example' => 'true', + 'title' => '', + ], + ], + [ + 'name' => 'AllowUserToManageAccessKeys', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether RAM users can manage their own AccessKey pairs. Valid values:'."\n" + ."\n" + .'- true:'."\n" + ."\n" + .'- false (default)', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + 'title' => '', + ], + ], + [ + 'name' => 'AllowUserToManageMFADevices', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether RAM users can manage their own MFA devices. Valid values:'."\n" + ."\n" + .'- true (default)'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'required' => false, + 'example' => 'true', + 'title' => '', + ], + ], + [ + 'name' => 'LoginSessionDuration', + 'in' => 'query', + 'schema' => [ + 'description' => 'The duration of a logon session for a RAM user.'."\n" + ."\n" + .'Valid values: 1 to 24. Unit: hours.'."\n" + ."\n" + .'Default value: 6.', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '6', + 'title' => '', + ], + ], + [ + 'name' => 'LoginNetworkMasks', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies the IP addresses or CIDR blocks from which RAM users are allowed to sign in to the Alibaba Cloud console.'."\n" + ."\n" + .'- This restriction applies to both password-based and single sign-on (SSO) logons.'."\n" + ."\n" + .'- It does not affect API calls made with an AccessKey pair.'."\n" + ."\n" + .'- If a mask is not configured, logons are allowed from any IP address.'."\n" + ."\n" + .'Separate multiple entries with a semicolon (`;`). For example: 192.168.0.0/16;10.0.0.0/8.'."\n" + ."\n" + .'The mask is limited to a maximum of 40 entries and a total length of 512 characters.', + 'type' => 'string', + 'required' => false, + 'example' => '10.0.0.0/8', + 'title' => '', + ], + ], + [ + 'name' => 'VerificationTypes', + 'in' => 'query', + 'style' => 'json', + 'schema' => [ + 'description' => 'The MFA methods.', + 'type' => 'array', + 'items' => [ + 'description' => 'The MFA method. Valid values:'."\n" + ."\n" + .'- sms: SMS verification.'."\n" + ."\n" + .'- email: Email verification.', + 'type' => 'string', + 'required' => false, + 'example' => '["sms", "email"]', + 'title' => '', + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + ], + [ + 'name' => 'AllowUserToManagePersonalDingTalk', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether RAM users can attach or detach their personal DingTalk accounts. Valid values:'."\n" + ."\n" + .'- true (default)'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'required' => false, + 'example' => 'true', + 'title' => '', + ], + ], + [ + 'name' => 'OperationForRiskLogin', + 'in' => 'query', + 'schema' => [ + 'description' => 'This parameter is deprecated.', + 'type' => 'string', + 'deprecated' => true, + 'required' => false, + 'example' => 'autonomous', + 'title' => '', + ], + ], + [ + 'name' => 'MFAOperationForLogin', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether MFA is required for logon. This parameter replaces `EnforceMFAForLogin`. The `EnforceMFAForLogin` parameter is still valid, but using this new parameter is recommended. Valid values:'."\n" + ."\n" + .'- mandatory: Enforces MFA for all RAM users. This value corresponds to `true` for the `EnforceMFAForLogin` parameter.'."\n" + ."\n" + .'- independent (default): The MFA requirement depends on the configuration of each RAM user. This value corresponds to `false` for the `EnforceMFAForLogin` parameter.'."\n" + ."\n" + .'- adaptive: Enforces MFA only for abnormal logons.', + 'type' => 'string', + 'required' => false, + 'example' => 'adaptive', + 'title' => '', + ], + ], + [ + 'name' => 'MaxIdleDaysForAccessKeys', + 'in' => 'query', + 'schema' => [ + 'description' => 'The maximum number of days that a RAM user\'s AccessKey pair can be idle. If an AccessKey pair is not used within the specified period, it is automatically disabled the next day. Valid values:'."\n" + ."\n" + .'- 90'."\n" + ."\n" + .'- 180'."\n" + ."\n" + .'- 365'."\n" + ."\n" + .'- 730 (default)', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '365', + 'title' => '', + ], + ], + [ + 'name' => 'MaxIdleDaysForUsers', + 'in' => 'query', + 'schema' => [ + 'description' => 'The maximum number of days that a RAM user can be idle. If a RAM user with console logon enabled does not log on within this period, their console logon is automatically disabled the next day. This setting does not apply to single sign-on (SSO) logons. Valid values:'."\n" + ."\n" + .'- 90'."\n" + ."\n" + .'- 180'."\n" + ."\n" + .'- 365'."\n" + ."\n" + .'- 730 (default)', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '365', + 'title' => '', + ], + ], + [ + 'name' => 'AllowUserToLoginWithPasskey', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether RAM users can log on using passkeys. Valid values:'."\n" + ."\n" + .'- true (default)'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'required' => false, + 'example' => 'true', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.', + 'type' => 'object', + 'properties' => [ + 'SecurityPreference' => [ + 'description' => 'The security preferences.', + 'type' => 'object', + 'properties' => [ + 'AccessKeyPreference' => [ + 'description' => 'The AccessKey pair preferences.', + 'type' => 'object', + 'properties' => [ + 'AllowUserToManageAccessKeys' => [ + 'description' => 'Indicates whether RAM users can manage their own AccessKey pairs. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'LoginProfilePreference' => [ + 'description' => 'The logon preferences.', + 'type' => 'object', + 'properties' => [ + 'EnableSaveMFATicket' => [ + 'description' => 'Indicates whether the MFA status is saved for seven days after a RAM user logs on using MFA.'."\n" + ."\n" + .'Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'LoginSessionDuration' => [ + 'description' => 'The duration of a logon session for a RAM user.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '6', + 'title' => '', + ], + 'LoginNetworkMasks' => [ + 'description' => 'The IP addresses or CIDR blocks from which RAM users are allowed to sign in to the Alibaba Cloud console.', + 'type' => 'string', + 'example' => '10.0.0.0/8', + 'title' => '', + ], + 'AllowUserToChangePassword' => [ + 'description' => 'Indicates whether RAM users can manage their own passwords.'."\n" + ."\n" + .'Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + 'OperationForRiskLogin' => [ + 'description' => 'This parameter is deprecated.', + 'type' => 'string', + 'deprecated' => true, + 'example' => 'autonomous', + 'title' => '', + ], + 'MFAOperationForLogin' => [ + 'description' => 'Indicates whether MFA is required for logon. This parameter replaces `EnforceMFAForLogin`. The `EnforceMFAForLogin` parameter is still valid, but using this new parameter is recommended.', + 'type' => 'string', + 'example' => 'adaptive', + 'title' => '', + ], + 'AllowUserToLoginWithPasskey' => [ + 'description' => 'Indicates whether RAM users can log on directly using passkeys.'."\n" + ."\n" + .'Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'MFAPreference' => [ + 'description' => 'The MFA preferences.', + 'type' => 'object', + 'properties' => [ + 'AllowUserToManageMFADevices' => [ + 'description' => 'Indicates whether RAM users can manage their own MFA devices.'."\n" + ."\n" + .'Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'VerificationPreference' => [ + 'description' => 'The preferences for MFA methods.', + 'type' => 'object', + 'properties' => [ + 'VerificationTypes' => [ + 'description' => 'The MFA methods.', + 'type' => 'array', + 'items' => [ + 'description' => 'The MFA method.', + 'type' => 'string', + 'example' => '["sms", "email"]', + 'title' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'PersonalInfoPreference' => [ + 'description' => 'The personal information preferences.', + 'type' => 'object', + 'properties' => [ + 'AllowUserToManagePersonalDingTalk' => [ + 'description' => 'Indicates whether RAM users can attach or detach their personal DingTalk accounts.'."\n" + ."\n" + .'Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'example' => 'true', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'MaxIdleDays' => [ + 'description' => 'The configuration of the maximum idle period in days.', + 'type' => 'object', + 'properties' => [ + 'MaxIdleDaysForUsers' => [ + 'description' => 'The maximum idle period for RAM users. If a RAM user with console logon enabled remains inactive for this period, their console logon is automatically disabled the next day. This does not apply to single sign-on (SSO) logons.'."\n" + ."\n" + .'Default value: 730.'."\n" + ."\n" + .'Unit: days.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '730', + 'title' => '', + ], + 'MaxIdleDaysForAccessKeys' => [ + 'description' => 'The maximum idle period for the AccessKey pair of a RAM user. If an AccessKey pair remains unused for this period, it is automatically disabled the next day.'."\n" + ."\n" + .'Default value: 730.'."\n" + ."\n" + .'Unit: days.', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '730', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => '17494710-B4BA-4185-BBBB-C1A6ABDE1639', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"SecurityPreference\\": {\\n \\"AccessKeyPreference\\": {\\n \\"AllowUserToManageAccessKeys\\": false\\n },\\n \\"LoginProfilePreference\\": {\\n \\"EnableSaveMFATicket\\": false,\\n \\"LoginSessionDuration\\": 6,\\n \\"LoginNetworkMasks\\": \\"10.0.0.0/8\\",\\n \\"AllowUserToChangePassword\\": true,\\n \\"OperationForRiskLogin\\": \\"autonomous\\",\\n \\"MFAOperationForLogin\\": \\"adaptive\\",\\n \\"AllowUserToLoginWithPasskey\\": false\\n },\\n \\"MFAPreference\\": {\\n \\"AllowUserToManageMFADevices\\": false\\n },\\n \\"VerificationPreference\\": {\\n \\"VerificationTypes\\": [\\n \\"[\\\\\\"sms\\\\\\", \\\\\\"email\\\\\\"]\\"\\n ]\\n },\\n \\"PersonalInfoPreference\\": {\\n \\"AllowUserToManagePersonalDingTalk\\": true\\n },\\n \\"MaxIdleDays\\": {\\n \\"MaxIdleDaysForUsers\\": 730,\\n \\"MaxIdleDaysForAccessKeys\\": 730\\n }\\n },\\n \\"RequestId\\": \\"17494710-B4BA-4185-BBBB-C1A6ABDE1639\\"\\n}","type":"json"}]', + 'title' => 'SetSecurityPreference', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'SetSecurityPreference', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SetSecurityPreference', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:MFAOperationForLogin', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'SetUserSsoSettings' => [ + 'summary' => 'Sets the identity provider (IdP) settings for user-based single sign-on (SSO).', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'readAndWrite', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '7491', + 'abilityTreeNodes' => [ + 'FEATUREramY87YVY', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'MetadataDocument', + 'in' => 'query', + 'schema' => [ + 'description' => 'The metadata file. The file must be Base64-encoded.'."\n" + ."\n" + .'The file is provided by an identity provider (IdP) that supports the Security Assertion Markup Language (SAML) 2.0 protocol.', + 'type' => 'string', + 'required' => false, + 'title' => '', + 'example' => 'PD94bWwgdmVy****', + ], + ], + [ + 'name' => 'SsoEnabled', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether to enable user-based SSO for Resource Access Management (RAM) users. Valid values:'."\n" + ."\n" + .'- true: Enables user-based SSO.'."\n" + ."\n" + .'- false (default): Disables user-based SSO.', + 'type' => 'boolean', + 'required' => false, + 'title' => '', + 'example' => 'true', + ], + ], + [ + 'name' => 'AuxiliaryDomain', + 'in' => 'query', + 'schema' => [ + 'description' => 'The auxiliary domain name.', + 'type' => 'string', + 'required' => false, + 'title' => '', + 'example' => 'example.com', + ], + ], + [ + 'name' => 'SsoLoginWithDomain', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether the `` element in a SAML response must contain a domain name when a user logs on using SAML-based SSO. This applies if the username that is specified on the IdP for logon matching contains a domain name suffix.'."\n" + ."\n" + .'- If this parameter is set to `true`, the value of the `` element **must** be in the `username@domain` format, which includes a domain name suffix. The `domain` can be the default domain name or a domain alias if one is configured.'."\n" + ."\n" + .'- If this parameter is set to `false`, the value of the `` element **must** be the `username` only. The value **must not** contain the `domain` part.'."\n" + ."\n" + .'The default value is `true`.', + 'type' => 'boolean', + 'required' => false, + 'title' => '', + 'example' => 'true', + ], + ], + [ + 'name' => 'AuthnSignAlgo', + 'in' => 'query', + 'schema' => [ + 'type' => 'string', + 'description' => 'The signature algorithm that is supported by the Alibaba Cloud service provider (SP). Valid values:'."\n" + ."\n" + .'- rsa-sha256'."\n" + ."\n" + .'- rsa-sha1 (default)', + 'required' => false, + 'title' => '', + 'example' => 'rsa-sha1', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'UserSsoSettings' => [ + 'description' => 'The user-based SSO settings.', + 'type' => 'object', + 'properties' => [ + 'AuxiliaryDomain' => [ + 'description' => 'The auxiliary domain name.', + 'type' => 'string', + 'title' => '', + 'example' => 'example.com', + ], + 'MetadataDocument' => [ + 'description' => 'The metadata file. The file is Base64-encoded.', + 'type' => 'string', + 'title' => '', + 'example' => 'PD94bWwgdmVy****', + ], + 'SsoEnabled' => [ + 'description' => 'Indicates whether user-based SSO is enabled.', + 'type' => 'boolean', + 'title' => '', + 'example' => 'true', + ], + 'SsoLoginWithDomain' => [ + 'description' => 'Indicates whether the `` element in a SAML response must contain a domain name when a user logs on using SAML-based SSO. This applies if the username that is specified on the IdP for logon matching contains a domain name suffix.'."\n" + ."\n" + .'- If this parameter is set to `true`, the value of the `` element **must** be in the `username@domain` format, which includes a domain name suffix. The `domain` can be the default domain name or a domain alias if one is configured.'."\n" + ."\n" + .'- If this parameter is set to `false`, the value of the `` element **must** be the `username` only. The value **must not** contain the `domain` part.'."\n" + ."\n" + .'The default value is `true`.', + 'type' => 'boolean', + 'title' => '', + 'example' => 'true', + ], + 'AuthnSignAlgo' => [ + 'type' => 'string', + 'description' => 'The signature algorithm that is supported by the Alibaba Cloud SP. Valid values:'."\n" + ."\n" + .'- rsa-sha256'."\n" + ."\n" + .'- rsa-sha1 (default)', + 'title' => '', + 'example' => 'rsa-sha1', + ], + ], + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'title' => '', + 'example' => '87F2E3F6-28A0-43F3-A77F-F7760E62F61E', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"UserSsoSettings\\": {\\n \\"AuxiliaryDomain\\": \\"example.com\\",\\n \\"MetadataDocument\\": \\"PD94bWwgdmVy****\\",\\n \\"SsoEnabled\\": true,\\n \\"SsoLoginWithDomain\\": true,\\n \\"AuthnSignAlgo\\": \\"rsa-sha1\\"\\n },\\n \\"RequestId\\": \\"87F2E3F6-28A0-43F3-A77F-F7760E62F61E\\"\\n}","type":"json"}]', + 'title' => 'SetUserSsoSettings', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'SetUserSsoSettings', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SetUserSsoSettings', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'SetVerificationInfo' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram8R8C7X', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'VerifyType', + 'in' => 'query', + 'schema' => [ + 'description' => 'The multi-factor authentication (MFA) method. Valid values:'."\n" + ."\n" + .'* sms: mobile phone.'."\n" + .'* email: email.', + 'type' => 'string', + 'required' => false, + 'example' => 'sms', + 'title' => '', + ], + ], + [ + 'name' => 'MobilePhone', + 'in' => 'query', + 'schema' => [ + 'description' => 'The mobile phone number.'."\n" + ."\n" + .'> If you set `VerifyType` to `sms`, you must specify this parameter.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '86-13900001234', + 'title' => '', + ], + ], + [ + 'name' => 'Email', + 'in' => 'query', + 'schema' => [ + 'description' => 'The email address.'."\n" + ."\n" + .'> If you set `VerifyType` to `email`, you must specify this parameter.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'username@example.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'Schema of Response', + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'title' => 'Id of the request', + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'B182C041-8C64-5F2F-A07B-FC67FAF89CF9', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"B182C041-8C64-5F2F-A07B-FC67FAF89CF9\\"\\n}","errorExample":""},{"type":"xml","example":"\\n B182C041-8C64-5F2F-A07B-FC67FAF89CF9\\n","errorExample":""}]', + 'title' => 'SetVerificationInfo', + 'summary' => 'Binds a mobile phone or email to a Resource Access Management (RAM) user.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SetVerificationInfo', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'TagResources' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramVRK65Q', + ], + ], + 'parameters' => [ + [ + 'name' => 'ResourceType', + 'in' => 'query', + 'schema' => [ + 'title' => '', + 'description' => 'The type of the resource. Valid value:'."\n" + ."\n" + .'* user: a Resource Access Management (RAM) user.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'user', + ], + ], + [ + 'name' => 'ResourceId', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'title' => '', + 'description' => 'The ID of resource N.'."\n" + ."\n" + .'Valid values of N: 1 to 50. If the ResourceType parameter is set to user, the resource ID is the ID of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: `ResourceId` and `ResourcePrincipalName`.'."\n", + 'type' => 'array', + 'items' => [ + 'description' => 'The ID of resource N.'."\n" + ."\n" + .'Valid values of N: 1 to 50. If the ResourceType parameter is set to user, the resource ID is the ID of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: `ResourceId` and `ResourcePrincipalName`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '20732900249392****', + 'title' => '', + ], + 'required' => false, + 'maxItems' => 51, + ], + ], + [ + 'name' => 'ResourcePrincipalName', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'title' => '', + 'description' => 'The name of resource N.'."\n" + ."\n" + .'Valid values of N: 1 to 50. If the ResourceType parameter is set to user, the resource name is the name of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: `ResourceId` and `ResourcePrincipalName`.'."\n", + 'type' => 'array', + 'items' => [ + 'description' => 'The name of resource N.'."\n" + ."\n" + .'Valid values of N: 1 to 50. If the ResourceType parameter is set to user, the resource name is the name of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: `ResourceId` and `ResourcePrincipalName`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'required' => false, + 'example' => 'TagResources', + 'maxItems' => 51, + ], + ], + [ + 'name' => 'Tag', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'title' => '', + 'description' => 'The key of tag N.'."\n" + ."\n" + .'Valid values of N: 1 to 20. You cannot specify empty strings as tag keys. The tag key can be up to 128 characters in length. The tag key cannot start with aliyun or acs: and cannot contain `http://` or `https://`.'."\n", + 'type' => 'array', + 'items' => [ + 'description' => 'The key of tag N.'."\n" + ."\n" + .'Valid values of N: 1 to 20. You cannot specify empty strings as tag keys. The tag key can be up to 128 characters in length. The tag key cannot start with aliyun or acs: and cannot contain `http://` or `https://`.'."\n", + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'title' => '', + 'description' => 'The key of tag N.'."\n" + ."\n" + .'Valid values of N: 1 to 20. You cannot specify empty strings as tag keys. The tag key can be up to 128 characters in length. The tag key cannot start with `aliyun` or `acs:` and cannot contain `http://` or `https://`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'operator', + ], + 'Value' => [ + 'title' => '', + 'description' => 'The value of tag N.'."\n" + ."\n" + .'Valid values of N: 1 to 20. The tag value can be an empty string. The tag value can be up to 128 characters in length and cannot contain `http://` or `https://`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'alice', + ], + ], + 'required' => false, + 'title' => '', + ], + 'required' => false, + 'docRequired' => true, + 'maxItems' => 21, + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '3687BD52-49FD-585B-AB14-CD05B7C76963', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"3687BD52-49FD-585B-AB14-CD05B7C76963\\"\\n}","errorExample":""},{"type":"xml","example":"\\n 3687BD52-49FD-585B-AB14-CD05B7C76963\\n","errorExample":""}]', + 'title' => 'TagResources', + 'summary' => 'Adds tags to resources.', + 'requestParamsDescription' => 'For more information about common request parameters, see [Common parameters](~~187377~~).'."\n", + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:TagResources', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'UnbindMFADevice' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '7492', + 'abilityTreeNodes' => [ + 'FEATUREramCFN0GB', + ], + 'autoTest' => false, + 'notSupportAutoTestReason' => '无法通过测试平台自动生成MFA Code,所以无法构建绑定了MFA的用户用于测试', + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'MFADevice' => [ + 'description' => 'The information about the MFA device.'."\n", + 'type' => 'object', + 'properties' => [ + 'SerialNumber' => [ + 'description' => 'The serial number of the MFA device.'."\n", + 'type' => 'string', + 'example' => 'acs:ram::151298381312****:mfa/device001', + 'title' => '', + ], + ], + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'A26CB3E9-1021-452A-AC57-3134B3BA0E4C', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"MFADevice\\": {\\n \\"SerialNumber\\": \\"acs:ram::151298381312****:mfa/device001\\"\\n },\\n \\"RequestId\\": \\"A26CB3E9-1021-452A-AC57-3134B3BA0E4C\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\t\\r\\n\\t\\tacs:ram::151298381312****:mfa/device001\\r\\n\\t\\r\\n\\tA26CB3E9-1021-452A-AC57-3134B3BA0E4C\\r\\n\\r\\n","errorExample":""}]', + 'title' => 'UnbindMFADevice', + 'summary' => 'Unbinds a multi-factor authentication (MFA) device from a Resource Access Management (RAM) user.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UnbindMFADevice', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'UnbindVerification' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram8R8C7X', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'VerifyType', + 'in' => 'query', + 'schema' => [ + 'description' => 'The multi-factor authentication (MFA) method. Valid values:'."\n" + ."\n" + .'* sms: mobile phone.'."\n" + .'* email: email.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'sms', + 'title' => '', + ], + ], + [ + 'name' => 'MobilePhone', + 'in' => 'query', + 'schema' => [ + 'description' => 'The mobile phone number.'."\n" + ."\n" + .'> If you set `VerifyType` to `sms`, you must specify this parameter.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '86-13900001234', + 'title' => '', + ], + ], + [ + 'name' => 'Email', + 'in' => 'query', + 'schema' => [ + 'description' => 'The email address.'."\n" + ."\n" + .'> If you set `VerifyType` to `email`, you must specify this parameter.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'username@example.com', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'Schema of Response', + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'title' => 'Id of the request', + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'B182C041-8C64-5F2F-A07B-FC67FAF89CF9', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"B182C041-8C64-5F2F-A07B-FC67FAF89CF9\\"\\n}","errorExample":""},{"type":"xml","example":"\\n B182C041-8C64-5F2F-A07B-FC67FAF89CF9\\n","errorExample":""}]', + 'title' => 'UnbindVerification', + 'summary' => 'Unbinds a mobile phone or email from a Resource Access Management (RAM) user.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UnbindVerification', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'UntagResources' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramVRK65Q', + ], + ], + 'parameters' => [ + [ + 'name' => 'ResourceType', + 'in' => 'query', + 'schema' => [ + 'title' => '', + 'description' => 'The type of the resource. Valid value:'."\n" + ."\n" + .'* user: a RAM user'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'user', + ], + ], + [ + 'name' => 'All', + 'in' => 'query', + 'schema' => [ + 'title' => '', + 'description' => 'Specifies whether to remove all tags from the resource. Valid values:'."\n" + ."\n" + .'* true: remove all tags from the resources.'."\n" + .'* false (default): does not remove all tags from the resources.'."\n" + ."\n" + .'> This parameter takes effect only when TagKey.N is not set in the request.'."\n", + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + ], + ], + [ + 'name' => 'ResourcePrincipalName', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'title' => '', + 'description' => 'The names of resources.'."\n" + ."\n" + .'Valid values of N: 1 to 50. If the ResourceType parameter is set to user, the resource name is the name of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: ResourceId and ResourcePrincipalName.'."\n", + 'type' => 'array', + 'items' => [ + 'description' => 'The name of resource N.'."\n" + ."\n" + .'Valid values of N: 1 to 50. If the ResourceType parameter is set to user, the resource name is the name of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: ResourceId and ResourcePrincipalName.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + 'required' => false, + 'docRequired' => true, + 'maxItems' => 51, + ], + ], + [ + 'name' => 'ResourceId', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'title' => '', + 'description' => 'The IDs of resources.'."\n" + ."\n" + .'Valid values of N: 1 to 50. If the ResourceType parameter is set to user, the resource ID is the ID of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: ResourceId and ResourcePrincipalName.'."\n", + 'type' => 'array', + 'items' => [ + 'description' => 'The ID of resource N.'."\n" + ."\n" + .'Valid values of N: 1 to 50. If the ResourceType parameter is set to user, the resource ID is the ID of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: ResourceId and ResourcePrincipalName.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '20732900249392****', + 'title' => '', + ], + 'required' => false, + 'docRequired' => true, + 'example' => 'UntagResources', + 'maxItems' => 51, + ], + ], + [ + 'name' => 'TagKey', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'title' => '', + 'description' => 'The tag keys of resources.'."\n" + ."\n" + .'Valid values of N: 1 to 20. N must be consecutive.'."\n", + 'type' => 'array', + 'items' => [ + 'description' => 'The tag key of resource N.'."\n" + ."\n" + .'Valid values of N: 1 to 20. N must be consecutive.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'operator', + 'title' => '', + ], + 'required' => false, + 'maxItems' => 21, + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '6AC79B74-9A78-58E2-818B-1D38EDC64D67', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"6AC79B74-9A78-58E2-818B-1D38EDC64D67\\"\\n}","errorExample":""},{"type":"xml","example":"\\n 6AC79B74-9A78-58E2-818B-1D38EDC64D67\\n","errorExample":""}]', + 'title' => 'UntagResources', + 'summary' => 'Removes tags from a resource.', + 'requestParamsDescription' => 'For more information about common request parameters, see [API Reference](~~187377~~).'."\n", + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UntagResources', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'UpdateAccessKey' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREramXHGI9T', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n" + ."\n" + .'If this parameter is empty, the status of the AccessKey pair for the current user is modified.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'UserAccessKeyId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The AccessKey ID of the AccessKey pair for which you want to modify the status.'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'LTAI*******************', + 'title' => '', + ], + ], + [ + 'name' => 'Status', + 'in' => 'query', + 'schema' => [ + 'description' => 'The status of the AccessKey pair. Valid values:'."\n" + ."\n" + .'* Active'."\n" + .'* Inactive'."\n", + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'Active', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n B9AF80E4-1565-42D9-9256-0B8B0D9FD3EC\\r\\n","errorExample":""}]', + 'title' => 'UpdateAccessKey', + 'summary' => 'Modifies the status of an AccessKey pair for an Alibaba Cloud account or a Resource Access Management (RAM) user.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateAccessKey', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'UpdateApplication' => [ + 'summary' => 'Updates the configuration of a specified application.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + ], + 'parameters' => [ + [ + 'name' => 'AppId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The application ID.', + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'title' => '', + 'example' => '472457090344041****', + ], + ], + [ + 'name' => 'NewDisplayName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The new display name.', + 'type' => 'string', + 'required' => false, + 'title' => '', + 'example' => 'NewApp', + ], + ], + [ + 'name' => 'NewRedirectUris', + 'in' => 'query', + 'schema' => [ + 'description' => 'The webhook address.'."\n" + ."\n" + .'If you enter multiple webhook addresses, separate them with semicolons (;).', + 'type' => 'string', + 'required' => false, + 'title' => '', + 'example' => 'https://www.example.com', + ], + ], + [ + 'name' => 'NewPredefinedScopes', + 'in' => 'query', + 'schema' => [ + 'description' => 'The permission scopes of the application.'."\n" + ."\n" + .'For more information about the valid values and descriptions of permission scopes, see [OAuth scopes](~~93693~~). You can also call the [ListPredefinedScopes](~~187206~~) operation to obtain the permission scopes that are supported by different types of applications.'."\n" + ."\n" + .'If you enter multiple permission scopes, separate them with semicolons (;).'."\n" + ."\n" + .'The new permission scopes overwrite the original ones. For example, if the original permission scope is `/acs/ccc` and you set the new permission scope to `/acs/alidns`, the permission scope that takes effect is `/acs/alidns`. If you want to add `/acs/alidns` to the original scope, set the new permission scope to `/acs/ccc;/acs/alidns`.', + 'type' => 'string', + 'required' => false, + 'title' => '', + 'example' => 'openid', + ], + ], + [ + 'name' => 'NewRequiredScopes', + 'in' => 'query', + 'schema' => [ + 'description' => 'The required permission scopes of the application.'."\n" + ."\n" + .'You can set one or more scopes specified in `RequiredScopes` as required. After a scope is set as required, it is selected by default and cannot be deselected when a user grants permissions to the application.'."\n" + ."\n" + .'If you also specify `NewPredefinedScopes`, the list of application scopes is reset by `NewPredefinedScopes` first. Then, this parameter is used to configure whether the scopes are required.'."\n" + ."\n" + .'If you enter multiple permission scopes, separate them with semicolons (;).'."\n" + ."\n" + .'The new required scopes overwrite the original ones.'."\n" + ."\n" + .'> If a scope that you specify for `RequiredScopes` is not within the range of `PredefinedScopes`, the required setting for that scope does not take effect.', + 'type' => 'string', + 'required' => false, + 'title' => '', + 'example' => 'profile;aliuid', + ], + ], + [ + 'name' => 'NewSecretRequired', + 'in' => 'query', + 'schema' => [ + 'description' => 'Indicates whether an application key is required. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false'."\n" + ."\n" + .'> * For applications of the WebApp and ServerApp types, this parameter is forcibly set to true and cannot be modified.'."\n" + ."\n" + .'- For applications of the NativeApp type, you can set this parameter to true or false. The default value is false. These applications often run in untrusted environments and cannot effectively protect application keys. Do not set this parameter to true unless necessary. For more information, see [Log on to Alibaba Cloud using a native application](~~93697~~).', + 'type' => 'boolean', + 'required' => false, + 'title' => '', + 'example' => 'true', + ], + ], + [ + 'name' => 'NewAccessTokenValidity', + 'in' => 'query', + 'schema' => [ + 'description' => 'The validity period of the access token.'."\n" + ."\n" + .'Valid values: 900 to 10800. Unit: seconds.', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'title' => '', + 'example' => '3600', + ], + ], + [ + 'name' => 'NewRefreshTokenValidity', + 'in' => 'query', + 'schema' => [ + 'description' => 'The validity period of the refresh token.'."\n" + ."\n" + .'Valid values: 7200 to 31536000. Unit: seconds.', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'title' => '', + 'example' => '7776000', + ], + ], + [ + 'name' => 'NewIsMultiTenant', + 'in' => 'query', + 'schema' => [ + 'description' => 'Indicates whether the application can be installed by other Alibaba Cloud accounts. Valid values:'."\n" + ."\n" + .'- true: The application can be installed.'."\n" + ."\n" + .'- false: The application cannot be installed.', + 'type' => 'boolean', + 'required' => false, + 'title' => '', + 'example' => 'true', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The returned results.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'title' => '', + 'example' => '6616F09B-2768-4C11-8866-A8EE4C4A583E', + ], + 'Application' => [ + 'description' => 'The application information.', + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the application.', + 'type' => 'string', + 'title' => '', + 'example' => 'NewApp', + ], + 'AccessTokenValidity' => [ + 'description' => 'The validity period of the access token. Unit: seconds.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '3600', + ], + 'SecretRequired' => [ + 'description' => 'Indicates whether an application key is required.', + 'type' => 'boolean', + 'title' => '', + 'example' => 'true', + ], + 'AccountId' => [ + 'description' => 'The ID of the Alibaba Cloud account to which the application belongs.', + 'type' => 'string', + 'title' => '', + 'example' => '177242285274****', + ], + 'CreateDate' => [ + 'description' => 'The time when the application was created.', + 'type' => 'string', + 'title' => '', + 'example' => '2020-10-23T08:06:57Z', + ], + 'AppName' => [ + 'description' => 'The application name.', + 'type' => 'string', + 'title' => '', + 'example' => 'myapp', + ], + 'RedirectUris' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'RedirectUri' => [ + 'description' => 'The webhook address.', + 'type' => 'array', + 'items' => [ + 'description' => 'The webhook address.', + 'type' => 'string', + 'title' => '', + 'example' => 'https://www.example.com', + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The time when the application was updated.', + 'type' => 'string', + 'title' => '', + 'example' => '2020-10-23T08:06:57Z', + ], + 'DelegatedScope' => [ + 'description' => 'The information about the permission scopes of the application.', + 'type' => 'object', + 'properties' => [ + 'PredefinedScopes' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'PredefinedScope' => [ + 'description' => 'The information about the permission scopes of the application.', + 'type' => 'array', + 'items' => [ + 'description' => 'The information about the permission scopes of the application.', + 'type' => 'object', + 'properties' => [ + 'Description' => [ + 'description' => 'The description of the scope.', + 'type' => 'string', + 'title' => '', + 'example' => 'Obtain the OpenID of the user. This is the default permission that you cannot remove.', + ], + 'Name' => [ + 'description' => 'The name of the scope.', + 'type' => 'string', + 'title' => '', + 'example' => 'openid', + ], + 'Required' => [ + 'description' => 'Indicates whether this permission scope is required by default when the application is installed. Valid values:'."\n" + ."\n" + .'- true: required.'."\n" + ."\n" + .'- false: not required.'."\n" + ."\n" + .'The `openid` scope is required by default.', + 'type' => 'boolean', + 'title' => '', + 'example' => 'true', + ], + ], + 'title' => '', + ], + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + 'title' => '', + ], + 'AppId' => [ + 'description' => 'The application ID.', + 'type' => 'string', + 'title' => '', + 'example' => '472457090344041****', + ], + 'RefreshTokenValidity' => [ + 'description' => 'The validity period of the refresh token. Unit: seconds.', + 'type' => 'integer', + 'format' => 'int32', + 'title' => '', + 'example' => '7776000', + ], + 'IsMultiTenant' => [ + 'description' => 'Indicates whether the application can be installed by other Alibaba Cloud accounts.', + 'type' => 'boolean', + 'title' => '', + 'example' => 'true', + ], + 'AppType' => [ + 'description' => 'The application type.', + 'type' => 'string', + 'title' => '', + 'example' => 'WebApp', + ], + 'ProtocolVersion' => [ + 'type' => 'string', + 'description' => 'The OAuth protocol version of the application. Valid values:'."\n" + ."\n" + .'- `2.0`: OAuth 2.0.'."\n" + ."\n" + .'- `2.1`: OAuth 2.1.', + 'title' => '', + 'example' => '2.0', + ], + ], + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"6616F09B-2768-4C11-8866-A8EE4C4A583E\\",\\n \\"Application\\": {\\n \\"DisplayName\\": \\"NewApp\\",\\n \\"AccessTokenValidity\\": 3600,\\n \\"SecretRequired\\": true,\\n \\"AccountId\\": \\"177242285274****\\",\\n \\"CreateDate\\": \\"2020-10-23T08:06:57Z\\",\\n \\"AppName\\": \\"myapp\\",\\n \\"RedirectUris\\": {\\n \\"RedirectUri\\": [\\n \\"https://www.example.com\\"\\n ]\\n },\\n \\"UpdateDate\\": \\"2020-10-23T08:06:57Z\\",\\n \\"DelegatedScope\\": {\\n \\"PredefinedScopes\\": {\\n \\"PredefinedScope\\": [\\n {\\n \\"Description\\": \\"Obtain the OpenID of the user. This is the default permission that you cannot remove.\\",\\n \\"Name\\": \\"openid\\",\\n \\"Required\\": true\\n }\\n ]\\n }\\n },\\n \\"AppId\\": \\"472457090344041****\\",\\n \\"RefreshTokenValidity\\": 7776000,\\n \\"IsMultiTenant\\": true,\\n \\"AppType\\": \\"WebApp\\",\\n \\"ProtocolVersion\\": \\"2.0\\"\\n }\\n}","type":"json"}]', + 'title' => 'UpdateApplication', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UpdateApplication', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + ], + ], + 'UpdateGroup' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram3V29VK', + ], + ], + 'parameters' => [ + [ + 'name' => 'NewComments', + 'in' => 'query', + 'schema' => [ + 'description' => 'The new description.'."\n" + ."\n" + .'The description can be up to 128 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'Test-Team', + 'title' => '', + ], + ], + [ + 'name' => 'NewDisplayName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The new display name of the RAM user group.'."\n" + ."\n" + .'The name can be up to 24 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'Test-Team', + 'title' => '', + ], + ], + [ + 'name' => 'NewGroupName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The new name of the RAM user group.'."\n" + ."\n" + .'The name can be up to 64 characters in length and can contain letters, digits, periods (.), underscores (\\_), and hyphens (-).'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'Test-Team', + 'title' => '', + ], + ], + [ + 'name' => 'GroupName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the RAM user group.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'Dev-Team', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'Group' => [ + 'description' => 'The information about the RAM user group.'."\n", + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the RAM user group.'."\n", + 'type' => 'string', + 'example' => 'Test-Team', + 'title' => '', + ], + 'GroupId' => [ + 'description' => 'The ID of the RAM user group.'."\n", + 'type' => 'string', + 'example' => '740317625433843****', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The update time.'."\n", + 'type' => 'string', + 'example' => '2020-10-20T03:44:27Z', + 'title' => '', + ], + 'GroupName' => [ + 'description' => 'The name of the RAM user group.'."\n", + 'type' => 'string', + 'example' => 'Test-Team', + 'title' => '', + ], + 'Comments' => [ + 'description' => 'The description.'."\n", + 'type' => 'string', + 'example' => 'Test-Team', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The creation time.'."\n", + 'type' => 'string', + 'example' => '2020-10-19T16:15:17Z', + 'title' => '', + ], + ], + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'CDA656E3-3CE9-4A03-A8A3-B42A0C3C3287', + 'title' => '', + ], + ], + 'description' => '', + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"Group\\": {\\n \\"DisplayName\\": \\"Test-Team\\",\\n \\"GroupId\\": \\"740317625433843****\\",\\n \\"UpdateDate\\": \\"2020-10-20T03:44:27Z\\",\\n \\"GroupName\\": \\"Test-Team\\",\\n \\"Comments\\": \\"Test-Team\\",\\n \\"CreateDate\\": \\"2020-10-19T16:15:17Z\\"\\n },\\n \\"RequestId\\": \\"CDA656E3-3CE9-4A03-A8A3-B42A0C3C3287\\"\\n}","errorExample":""},{"type":"xml","example":"","errorExample":""}]', + 'title' => 'UpdateGroup', + 'summary' => 'Modifies information about a Resource Access Management (RAM) user group.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/{#GroupName}', + ], + ], + ], + ], + ], + ], + 'UpdateLoginProfile' => [ + 'summary' => 'Modifies the console logon information for a specified Resource Access Management (RAM) user.', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '7497', + 'abilityTreeNodes' => [ + 'FEATUREramFSAEMQ', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.', + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'Password', + 'in' => 'query', + 'schema' => [ + 'description' => 'The new console logon password for the RAM user.'."\n" + ."\n" + .'The password must meet the password strength requirements.', + 'type' => 'string', + 'required' => false, + 'example' => 'mypassword', + 'title' => '', + ], + ], + [ + 'name' => 'PasswordResetRequired', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether the RAM user must reset the password at the next logon. Valid values:'."\n" + ."\n" + .'- true'."\n" + ."\n" + .'- false', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + 'title' => '', + ], + ], + [ + 'name' => 'MFABindRequired', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether to enforce multi-factor authentication (MFA) for the RAM user. Valid values:'."\n" + ."\n" + .'- true: Enforce MFA. The RAM user must attach an MFA device at the next logon.'."\n" + ."\n" + .'- false: Do not enforce MFA.', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + 'title' => '', + ], + ], + [ + 'name' => 'Status', + 'in' => 'query', + 'schema' => [ + 'description' => 'Specifies whether to enable or disable password-based logon to the console. Valid values:'."\n" + ."\n" + .'- Active: Enabled.'."\n" + ."\n" + .'- Inactive: Disabled.', + 'type' => 'string', + 'required' => false, + 'example' => 'Active', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'example' => 'BCDB6A7F-2199-41D9-B577-4FA536A5ADE1', + 'title' => '', + ], + 'LoginProfile' => [ + 'description' => 'The console logon information.', + 'type' => 'object', + 'properties' => [ + 'UserPrincipalName' => [ + 'description' => 'The logon name of the RAM user.', + 'type' => 'string', + 'example' => 'test@example11.onaliyun.com', + 'title' => '', + ], + 'Status' => [ + 'description' => 'Specifies whether password logon to the console is enabled or disabled.', + 'type' => 'string', + 'example' => 'Active', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The time when the logon profile was updated.', + 'type' => 'string', + 'example' => '2020-10-14T07:48:41Z', + 'title' => '', + ], + 'PasswordResetRequired' => [ + 'description' => 'Indicates whether the RAM user must reset the password at the next logon.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'MFABindRequired' => [ + 'description' => 'Indicates whether MFA is enforced for the user.', + 'type' => 'boolean', + 'example' => 'false', + 'title' => '', + ], + 'AutoDisableLoginStatus' => [ + 'description' => 'Indicates whether to automatically disable console logon for an inactive account. This feature is enabled by default and cannot be disabled.', + 'type' => 'string', + 'example' => 'true', + 'title' => '', + ], + 'PasswordStatus' => [ + 'description' => 'The status of the initial password. An initial password is the one set when a logon profile is created or console logon is re-enabled.'."\n" + ."\n" + .'Valid values:'."\n" + ."\n" + .'- "NotInitial": Not an initial password.'."\n" + ."\n" + .'- "InitialValid": The initial password is valid.'."\n" + ."\n" + .'- "InitialExpired": The initial password has expired.', + 'type' => 'string', + 'example' => 'NotInitial', + 'title' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BCDB6A7F-2199-41D9-B577-4FA536A5ADE1\\",\\n \\"LoginProfile\\": {\\n \\"UserPrincipalName\\": \\"test@example11.onaliyun.com\\",\\n \\"Status\\": \\"Active\\",\\n \\"UpdateDate\\": \\"2020-10-14T07:48:41Z\\",\\n \\"PasswordResetRequired\\": false,\\n \\"MFABindRequired\\": false,\\n \\"AutoDisableLoginStatus\\": \\"true\\",\\n \\"PasswordStatus\\": \\"NotInitial\\"\\n }\\n}","type":"json"}]', + 'title' => 'UpdateLoginProfile', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UpdateLoginProfile', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateLoginProfile', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + 'UpdateOIDCProvider' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'OIDCProviderName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'required' => false, + 'docRequired' => true, + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + ], + [ + 'name' => 'ClientIds', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the client. If you want to specify multiple client IDs, separate the client IDs with commas (,).'."\n" + ."\n" + .'A client ID can contain letters, digits, and special characters and cannot start with the special characters. The special characters are `periods (.), hyphens (-), underscores (_), colons (:), and forward slashes (/)`.``'."\n" + ."\n" + .'A client ID can be up to 128 characters in length.'."\n" + ."\n" + .'> If you specify this parameter, all the client IDs of the OIDC IdP are replaced. If you need to only add or remove a client ID, call the AddClientIdToOIDCProvider or RemoveClientIdFromOIDCProvider operation. For more information, see [AddClientIdToOIDCProvider](~~332057~~) or [RemoveClientIdFromOIDCProvider](~~332058~~).'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '498469743454717****', + 'title' => '', + ], + ], + [ + 'name' => 'NewDescription', + 'in' => 'query', + 'schema' => [ + 'description' => 'The description of the OIDC IdP.'."\n" + ."\n" + .'The description can be up to 256 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'This is a new OIDC Provider.', + 'title' => '', + ], + ], + [ + 'name' => 'IssuanceLimitTime', + 'in' => 'query', + 'schema' => [ + 'description' => 'The earliest time when an external IdP can issue an ID token. If the value of the iat field in the ID token is later than the current time, the request is rejected. Unit: hours. Valid values: 1 to 168.'."\n", + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '6', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => 'E4C4D1BD-2558-5BD1-8C26-A5D7FB174A55', + 'title' => '', + ], + 'OIDCProvider' => [ + 'description' => 'The information about the OIDC IdP.'."\n", + 'type' => 'object', + 'properties' => [ + 'UpdateDate' => [ + 'description' => 'The time when the OIDC IdP was modified. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-12T08:38:29Z', + 'title' => '', + ], + 'Description' => [ + 'description' => 'The description of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'This is a new OIDC Provider.', + 'title' => '', + ], + 'OIDCProviderName' => [ + 'description' => 'The name of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'TestOIDCProvider', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the OIDC IdP was created. The time is displayed in UTC.'."\n", + 'type' => 'string', + 'example' => '2021-11-11T06:56:03Z', + 'title' => '', + ], + 'Arn' => [ + 'description' => 'The Alibaba Cloud Resource Name (ARN) of the OIDC IdP.'."\n", + 'type' => 'string', + 'example' => 'acs:ram::177242285274****:oidc-provider/TestOIDCProvider', + 'title' => '', + ], + 'IssuerUrl' => [ + 'description' => 'The URL of the issuer.'."\n", + 'type' => 'string', + 'example' => 'https://dev-xxxxxx.okta.com', + 'title' => '', + ], + 'Fingerprints' => [ + 'description' => 'The fingerprint of the HTTPS certificate. If multiple fingerprints are returned, the fingerprints are separated by commas (,).'."\n", + 'type' => 'string', + 'example' => '902ef2deeb3c5b13ea4c3d5193629309e231****', + 'title' => '', + ], + 'ClientIds' => [ + 'description' => 'The ID of the client. If multiple client IDs are returned, the client IDs are separated by commas (,).'."\n", + 'type' => 'string', + 'example' => '498469743454717****', + 'title' => '', + ], + 'GmtCreate' => [ + 'description' => 'The timestamp when the OIDC IdP was created.'."\n", + 'type' => 'string', + 'example' => '1636613763000', + 'title' => '', + ], + 'GmtModified' => [ + 'description' => 'The timestamp when the OIDC IdP was modified.'."\n", + 'type' => 'string', + 'example' => '1636706309000', + 'title' => '', + ], + 'IssuanceLimitTime' => [ + 'description' => 'The earliest time when an external IdP can issue an ID token. If the value of the iat field in the ID token is later than the current time, the request is rejected. Unit: hours. Valid values: 1 to 168.'."\n", + 'type' => 'integer', + 'format' => 'int64', + 'example' => '6', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"E4C4D1BD-2558-5BD1-8C26-A5D7FB174A55\\",\\n \\"OIDCProvider\\": {\\n \\"UpdateDate\\": \\"2021-11-12T08:38:29Z\\",\\n \\"Description\\": \\"This is a new OIDC Provider.\\",\\n \\"OIDCProviderName\\": \\"TestOIDCProvider\\",\\n \\"CreateDate\\": \\"2021-11-11T06:56:03Z\\",\\n \\"Arn\\": \\"acs:ram::177242285274****:oidc-provider/TestOIDCProvider\\",\\n \\"IssuerUrl\\": \\"https://dev-xxxxxx.okta.com\\",\\n \\"Fingerprints\\": \\"902ef2deeb3c5b13ea4c3d5193629309e231****\\",\\n \\"ClientIds\\": \\"498469743454717****\\",\\n \\"GmtCreate\\": \\"1636613763000\\",\\n \\"GmtModified\\": \\"1636706309000\\",\\n \\"IssuanceLimitTime\\": 6\\n }\\n}","errorExample":""},{"type":"xml","example":"\\n E4C4D1BD-2558-5BD1-8C26-A5D7FB174A55\\n \\n 2021-11-12T08:38:29Z\\n This is a new OIDC Provider.\\n TestOIDCProvider\\n 2021-11-11T06:56:03Z\\n acs:ram::177242285274****:oidc-provider/TestOIDCProvider\\n https://dev-xxxxxx.okta.com\\n 902ef2deeb3c5b13ea4c3d5193629309e231****\\n 498469743454717****\\n 1636613763000\\n 1636706309000\\n \\n","errorExample":""}]', + 'title' => 'UpdateOIDCProvider', + 'summary' => 'Modifies the description and client IDs of an OpenID Connect (OIDC) identity provider (IdP).', + 'description' => '###'."\n" + ."\n" + .'This topic provides an example on how to change the description of the OIDC IdP named `TestOIDCProvider` to `This is a new OIDC Provider.`'."\n", + 'requestParamsDescription' => 'For more information about common request parameters, see [API Reference](~~187377~~).'."\n", + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + ], + ], + ], + ], + ], + 'UpdatePasskey' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'none', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '254333', + 'abilityTreeNodes' => [ + 'FEATUREramCFN0GB', + ], + 'autoTest' => false, + 'notSupportAutoTestReason' => '因为创建passkey需要通过控制台页面,没有openAPI,因此无法创建用来更新的passkey', + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the Resource Access Management (RAM) user.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'PasskeyId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the passkey.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'PASSKEY-CuZjEHhWcr7GIQOMGvkS', + 'title' => '', + ], + ], + [ + 'name' => 'PasskeyName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the passkey.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'device1', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'Schema of Response', + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'title' => 'Id of the request', + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '85836703-8D4F-485F-9726-4D1C730F957E', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"85836703-8D4F-485F-9726-4D1C730F957E\\"\\n}","type":"json"}]', + 'title' => 'UpdatePasskey', + 'summary' => 'Updates the name of a passkey.', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'ram:UpdatePasskey', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'UpdateSAMLProvider' => [ + 'summary' => 'Updates the information about a specified identity provider for role-based single sign-on (SSO).', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram7YYMOK', + ], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'SAMLProviderName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The name of the identity provider to modify.', + 'type' => 'string', + 'required' => true, + 'docRequired' => true, + 'title' => '', + 'example' => 'test-provider', + ], + ], + [ + 'name' => 'NewDescription', + 'in' => 'query', + 'schema' => [ + 'description' => 'The new description.'."\n" + ."\n" + .'> Specify at least one of the `NewDescription` and `NewEncodedSAMLMetadataDocument` parameters.', + 'type' => 'string', + 'required' => false, + 'title' => '', + 'example' => 'This is a new provider.', + ], + ], + [ + 'name' => 'NewEncodedSAMLMetadataDocument', + 'in' => 'query', + 'schema' => [ + 'description' => 'The new metadata file.'."\n" + ."\n" + .'> Specify at least one of the `NewDescription` and `NewEncodedSAMLMetadataDocument` parameters.', + 'type' => 'string', + 'required' => false, + 'title' => '', + 'example' => 'PD94bWwgdmVy****', + ], + ], + [ + 'name' => 'AuthnSignAlgo', + 'in' => 'query', + 'schema' => [ + 'type' => 'string', + 'description' => 'The signature algorithm supported by the Alibaba Cloud service provider (SP). Valid values:'."\n" + ."\n" + .'- rsa-sha256'."\n" + ."\n" + .'- rsa-sha1', + 'required' => false, + 'title' => '', + 'example' => 'rsa-sha1', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The returned result.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => 'The request ID.', + 'type' => 'string', + 'title' => '', + 'example' => 'E5EDDFD2-3654-4F9F-9780-4AE7D81823EF', + ], + 'SAMLProvider' => [ + 'description' => 'The information about the identity provider.', + 'type' => 'object', + 'properties' => [ + 'UpdateDate' => [ + 'description' => 'The time when the identity provider was last updated. The time is in Coordinated Universal Time (UTC).', + 'type' => 'string', + 'title' => '', + 'example' => '2020-10-22T02:51:20Z', + ], + 'Description' => [ + 'description' => 'The description.', + 'type' => 'string', + 'title' => '', + 'example' => 'This is a new provider.', + ], + 'SAMLProviderName' => [ + 'description' => 'The name of the identity provider.', + 'type' => 'string', + 'title' => '', + 'example' => 'test-provider', + ], + 'CreateDate' => [ + 'description' => 'The time when the identity provider was created. The time is in UTC.', + 'type' => 'string', + 'title' => '', + 'example' => '2020-10-22T02:37:05Z', + ], + 'Arn' => [ + 'description' => 'The Alibaba Cloud Resource Name (ARN) of the identity provider.', + 'type' => 'string', + 'title' => '', + 'example' => 'acs:ram::177242285274****:saml-provider/test-provider', + ], + 'AuthnSignAlgo' => [ + 'type' => 'string', + 'description' => 'The signature algorithm supported by the Alibaba Cloud SP. Valid values:'."\n" + ."\n" + .'- rsa-sha256'."\n" + ."\n" + .'- rsa-sha1', + 'title' => '', + 'example' => 'rsa-sha1', + ], + ], + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"E5EDDFD2-3654-4F9F-9780-4AE7D81823EF\\",\\n \\"SAMLProvider\\": {\\n \\"UpdateDate\\": \\"2020-10-22T02:51:20Z\\",\\n \\"Description\\": \\"This is a new provider.\\",\\n \\"SAMLProviderName\\": \\"test-provider\\",\\n \\"CreateDate\\": \\"2020-10-22T02:37:05Z\\",\\n \\"Arn\\": \\"acs:ram::177242285274****:saml-provider/test-provider\\",\\n \\"AuthnSignAlgo\\": \\"rsa-sha1\\"\\n }\\n}","type":"json"}]', + 'title' => 'UpdateSAMLProvider', + 'description' => 'This example shows how to change the description of the identity provider `test-provider` to `This is a new provider.`.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UpdateSAMLProvider', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateSAMLProvider', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'SAMLProvider', + 'arn' => 'acs:ram::{#accountId}:saml-provider/{#SAMLProviderName}', + ], + ], + ], + ], + ], + ], + 'UpdateUser' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREram8R8C7X', + ], + ], + 'parameters' => [ + [ + 'name' => 'UserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The logon name of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: `UserPrincipalName` and `UserId`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'test@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'UserId', + 'in' => 'query', + 'schema' => [ + 'description' => 'The ID of the RAM user.'."\n" + ."\n" + .'> You must specify only one of the following parameters: `UserPrincipalName` and `UserId`.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '20732900249392****', + 'title' => '', + ], + ], + [ + 'name' => 'NewUserPrincipalName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The new logon name of the RAM user.'."\n" + ."\n" + .'The name is in the format of `@.onaliyun.com`. `` indicates the name of the RAM user. `.onaliyun.com` indicates the default domain name.'."\n" + ."\n" + .'The value of `NewUserPrincipalName` must be `1 to 128` characters in length and can contain letters, digits, periods (.), hyphens (-), and underscores (\\_). The value of `` must be `1 to 64` characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'new@example.onaliyun.com', + 'title' => '', + ], + ], + [ + 'name' => 'NewDisplayName', + 'in' => 'query', + 'schema' => [ + 'description' => 'The new display name of the RAM user.'."\n" + ."\n" + .'The name must be 1 to 24 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'new', + 'title' => '', + ], + ], + [ + 'name' => 'NewMobilePhone', + 'in' => 'query', + 'schema' => [ + 'description' => 'The new mobile phone number of the RAM user.'."\n" + ."\n" + .'Format: \\-\\.'."\n" + ."\n" + .'> This parameter is valid only on the China site (aliyun.com).'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '86-1868888****', + 'title' => '', + ], + ], + [ + 'name' => 'NewEmail', + 'in' => 'query', + 'schema' => [ + 'description' => 'The new email address of the RAM user.'."\n" + ."\n" + .'> This parameter is valid only on the China site (aliyun.com).'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'alice@example.com', + 'title' => '', + ], + ], + [ + 'name' => 'NewComments', + 'in' => 'query', + 'schema' => [ + 'description' => 'The new description of the RAM user.'."\n" + ."\n" + .'The description must be 1 to 128 characters in length.'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'This is a cloud computing engineer.', + 'title' => '', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response parameters.'."\n", + 'type' => 'object', + 'properties' => [ + 'User' => [ + 'description' => 'The information about the RAM user.'."\n", + 'type' => 'object', + 'properties' => [ + 'DisplayName' => [ + 'description' => 'The display name of the RAM user.'."\n", + 'type' => 'string', + 'example' => 'new', + 'title' => '', + ], + 'UserPrincipalName' => [ + 'description' => 'The logon name of the RAM user.'."\n", + 'type' => 'string', + 'example' => 'new@example.onaliyun.com', + 'title' => '', + ], + 'Email' => [ + 'description' => 'The email address of the RAM user.'."\n" + ."\n" + .'> This parameter is valid only on the China site (aliyun.com).'."\n", + 'type' => 'string', + 'example' => 'alice@example.com', + 'title' => '', + ], + 'UpdateDate' => [ + 'description' => 'The time when the information about the RAM user was updated.'."\n", + 'type' => 'string', + 'example' => '2020-10-13T09:19:49Z', + 'title' => '', + ], + 'MobilePhone' => [ + 'description' => 'The mobile phone number of the RAM user.'."\n" + ."\n" + .'> This parameter is valid only on the China site (aliyun.com).'."\n", + 'type' => 'string', + 'example' => '86-1868888****', + 'title' => '', + ], + 'UserId' => [ + 'description' => 'The ID of the RAM user.'."\n", + 'type' => 'string', + 'example' => '20732900249392****', + 'title' => '', + ], + 'Comments' => [ + 'description' => 'The description.'."\n", + 'type' => 'string', + 'example' => 'This is a cloud computing engineer.', + 'title' => '', + ], + 'LastLoginDate' => [ + 'description' => 'The last time when the RAM user logged on to the Alibaba Cloud Management Console.'."\n", + 'type' => 'string', + 'example' => '2020-10-12T09:12:00Z', + 'title' => '', + ], + 'CreateDate' => [ + 'description' => 'The time when the RAM user was created.'."\n", + 'type' => 'string', + 'example' => '2020-10-12T09:12:00Z', + 'title' => '', + ], + 'ProvisionType' => [ + 'description' => 'The source of the RAM user. Valid values:'."\n" + ."\n" + .'* Manual: The RAM user is manually created in the RAM console.'."\n" + .'* SCIM: The RAM user is mapped by using System for Cross-domain Identity Management (SCIM).'."\n" + .'* CloudSSO: The RAM user is mapped from a CloudSSO user.'."\n", + 'type' => 'string', + 'example' => 'Manual', + 'title' => '', + ], + ], + 'title' => '', + ], + 'RequestId' => [ + 'description' => 'The request ID.'."\n", + 'type' => 'string', + 'example' => '1B56DD42-6962-4F89-A19C-079EED1F0FE3', + 'title' => '', + ], + ], + 'title' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"User\\": {\\n \\"DisplayName\\": \\"new\\",\\n \\"UserPrincipalName\\": \\"new@example.onaliyun.com\\",\\n \\"Email\\": \\"alice@example.com\\",\\n \\"UpdateDate\\": \\"2020-10-13T09:19:49Z\\",\\n \\"MobilePhone\\": \\"86-1868888****\\",\\n \\"UserId\\": \\"20732900249392****\\",\\n \\"Comments\\": \\"This is a cloud computing engineer.\\",\\n \\"LastLoginDate\\": \\"2020-10-12T09:12:00Z\\",\\n \\"CreateDate\\": \\"2020-10-12T09:12:00Z\\",\\n \\"ProvisionType\\": \\"Manual\\"\\n },\\n \\"RequestId\\": \\"1B56DD42-6962-4F89-A19C-079EED1F0FE3\\"\\n}","errorExample":""},{"type":"xml","example":"\\r\\n\\r\\n\\t\\r\\n\\t\\t2020-10-13T09:19:49Z\\r\\n\\t\\talice@example.com\\r\\n\\t\\tThis is a cloud computing engineer.\\r\\n\\t\\t20732900249392****\\r\\n\\t\\t2020-10-12T09:12:00Z\\r\\n\\t\\tnew\\r\\n\\t\\tnew@example.onaliyun.com\\r\\n\\t\\t2020-10-12T09:12:00Z\\r\\n\\t\\t86-1868888****\\r\\n\\t\\r\\n\\t1B56DD42-6962-4F89-A19C-079EED1F0FE3\\r\\n\\t\\r\\n","errorExample":""}]', + 'title' => 'UpdateUser', + 'summary' => 'Modifies the information about a RAM user.', + 'description' => 'This topic provides an example to show how to modify the name of a RAM user from `test@example.onaliyun.com` to `new@example.onaliyun.com`.'."\n", + 'requestParamsDescription' => 'For more information about common request parameters, see [API Reference](~~187377~~).'."\n", + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateUser', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + ], + ], + ], + 'endpoints' => [ + [ + 'regionId' => 'cn-hangzhou', + 'regionName' => 'China (Hangzhou)', + 'areaId' => 'asiaPacific', + 'areaName' => 'Asia Pacific', + 'public' => 'ims.aliyuncs.com', + 'endpoint' => 'ims.aliyuncs.com', + 'vpc' => 'ims.vpc-proxy.aliyuncs.com', + ], + ], + 'errorCodes' => [ + [ + 'code' => 'AuthorizationFail.AkProxy', + 'message' => 'AkProxy is not allowed to invoke this Action.', + 'http_code' => 401, + 'description' => 'This method is not allowed to be called with this AkProxy.', + ], + [ + 'code' => 'CheckAuthenticationCodeFail', + 'message' => 'The authentication code is incorrect.', + 'http_code' => 403, + 'description' => '', + ], + [ + 'code' => 'DeleteConflict.Group.User', + 'message' => 'The group CAN NOT contain any member before deleting.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'DeleteConflict.User.AccessKey', + 'message' => 'The user SHOULD NOT have any Access Key before deleting.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'DeleteConflict.User.Group', + 'message' => 'The user SHOULD NOT be in any group before deleting.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'DeleteConflict.User.LoginProfile', + 'message' => 'The user SHOULD NOT have any Login Profile before deleting.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'DeleteConflict.User.MFADevice', + 'message' => 'The user SHOULD NOT have any MFA device before deleting.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'DeleteConflict.User.Policy', + 'message' => 'The user SHOULD NOT have any attached policy before deleting.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'DeleteConflict.VirtualMFADevice.User', + 'message' => 'The virtual mfa device CAN NOT be bound to any user while being deleted.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'EntityAlreadyExists.Application', + 'message' => 'The application name does already EXIST.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'EntityAlreadyExists.Domain', + 'message' => 'The domain does already EXIST.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'EntityAlreadyExists.Group', + 'message' => 'The group does already EXIST.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'EntityAlreadyExists.SAMLProvider', + 'message' => 'The SAMLProvider does already EXIST.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'EntityAlreadyExists.User', + 'message' => 'The user does already EXIST.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'EntityAlreadyExists.User.Group', + 'message' => 'The user has already joined the group.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'EntityAlreadyExists.User.LoginProfile', + 'message' => 'The user login profile does already EXIST.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'EntityAlreadyExists.User.MFADevice', + 'message' => 'The user has already bound a MFA device.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'EntityAlreadyExists.VirtualMFADevice', + 'message' => 'The virtual MFA device does already EXIST.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'EntityAlreadyExists.VirtualMFADevice.User', + 'message' => 'The virtual MFA device does already been bound to a user.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'EntityNotExist.Application', + 'message' => 'The application does not EXIST.', + 'http_code' => 404, + 'description' => '', + ], + [ + 'code' => 'EntityNotExist.ApplicationProvisionInfo', + 'message' => 'The application is not provisioned.', + 'http_code' => 404, + 'description' => '', + ], + [ + 'code' => 'EntityNotExist.AppSecret', + 'message' => 'The AppSecret does not EXIST.', + 'http_code' => 404, + 'description' => '', + ], + [ + 'code' => 'EntityNotExist.CredentialReport', + 'message' => 'The credential report has not been generated.', + 'http_code' => 404, + 'description' => '', + ], + [ + 'code' => 'EntityNotExist.Group', + 'message' => 'The group does not EXIST.', + 'http_code' => 404, + 'description' => '', + ], + [ + 'code' => 'EntityNotExist.PredefinedScope', + 'message' => 'The specified PredefinedScope does not EXIST.', + 'http_code' => 404, + 'description' => '', + ], + [ + 'code' => 'EntityNotExist.Report', + 'message' => 'The security report does not exist. This happens only to new accounts that created within 24 hours.', + 'http_code' => 404, + 'description' => '', + ], + [ + 'code' => 'EntityNotExist.SAMLProvider', + 'message' => 'The SAML provider does not EXIST.', + 'http_code' => 404, + 'description' => '', + ], + [ + 'code' => 'EntityNotExist.User', + 'message' => 'The user does not EXIST.', + 'http_code' => 404, + 'description' => '', + ], + [ + 'code' => 'EntityNotExist.User.AccessKey', + 'message' => 'The users Access Key does not EXIST.', + 'http_code' => 404, + 'description' => '', + ], + [ + 'code' => 'EntityNotExist.User.LoginProfile', + 'message' => 'The users login profile does not EXIST.', + 'http_code' => 404, + 'description' => '', + ], + [ + 'code' => 'EntityNotExist.User.MFADevice', + 'message' => 'The user has not bound any MFA device.', + 'http_code' => 404, + 'description' => '', + ], + [ + 'code' => 'EntityNotExist.VirtualMFADevice', + 'message' => 'The virtual MFA device does not EXIST.', + 'http_code' => 404, + 'description' => '', + ], + [ + 'code' => 'Expired.CredentialReport', + 'message' => 'The credential report has been expired.', + 'http_code' => 410, + 'description' => '', + ], + [ + 'code' => 'Ims:InvalidParameter.HttpsUrl', + 'message' => 'Invalid oidc issuer endpoint.', + 'http_code' => 400, + 'description' => 'Invalid IssuerUrl.', + ], + [ + 'code' => 'Inactive', + 'message' => 'Account is inactive to IMS Service.', + 'http_code' => 400, + 'description' => 'The account has not activated the IMS service.', + ], + [ + 'code' => 'InternalServerException', + 'message' => 'Internal service error.', + 'http_code' => 500, + 'description' => 'Internal server error.', + ], + [ + 'code' => 'InvalidParameter', + 'message' => 'invalid parameter.', + 'http_code' => 400, + 'description' => 'The parameter is invalid.', + ], + [ + 'code' => 'InvalidParameter.AccessKeyPolicy.Format', + 'message' => 'The format of the parameter - AccessKeyPolicy is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.Account', + 'message' => 'This API can be only invoked by RAM user.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.AppId.Format', + 'message' => 'The format of the parameter - AppId is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.AppName.Format', + 'message' => 'The format of the parameter - AppName is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.AppName.Length', + 'message' => 'The parameter - AppName beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.AppType', + 'message' => 'The parameter - AppType is invalid.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.AuthenticationCode.Format', + 'message' => 'The parameter - AuthenticationCode MUST be 6 digit number.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.AuxiliaryDomain', + 'message' => 'The parameter - AuxiliaryDomain is reserved or banned.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.AuxiliaryDomain.Format', + 'message' => 'The format of the parameter - AuxiliaryDomain is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.AuxiliaryDomain.Length', + 'message' => 'The parameter - AuxiliaryDomain beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.ClientIds', + 'message' => 'The parameter - ClientIds is invalid.', + 'http_code' => 400, + 'description' => 'The ClientIds parameter is invalid.', + ], + [ + 'code' => 'InvalidParameter.Comments.InvalidChars', + 'message' => 'The parameter - Comments contains invalid chars.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.Comments.Length', + 'message' => 'The parameter - Comments beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.DefaultDomainName', + 'message' => 'The parameter - DefaultDomainName is invalid.', + 'http_code' => 400, + 'description' => 'The DefaultDomainName parameter is invalid.', + ], + [ + 'code' => 'InvalidParameter.DefaultDomainName.Format', + 'message' => 'The format of the parameter - DefaultDomainName is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.DefaultDomainName.InvalidChars', + 'message' => 'The parameter - DefaultDomainName contains invalid chars.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.DefaultDomainName.Length', + 'message' => 'The parameter - DefaultDomainName beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.Description.Length', + 'message' => 'The parameter - Description beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.DisplayName.Format', + 'message' => 'The format of the parameter - DisplayName is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.DisplayName.InvalidChars', + 'message' => 'The parameter - DisplayName contains invalid chars.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.DisplayName.Length', + 'message' => 'The parameter - DisplayName beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.Email.Format', + 'message' => 'The format of the parameter - Email is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.EncodedSAMLMetadataDocument.Format', + 'message' => 'The format of the parameter - EncodedSAMLMetadataDocument is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.EncodedSAMLMetadataDocument.Length', + 'message' => 'The parameter - EncodedSAMLMetadataDocument beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.Group.Conflict', + 'message' => 'One of GroupName GroupPrincipalName must be null', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.GroupName.Format', + 'message' => 'The format of the parameter - GroupName is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.GroupName.Length', + 'message' => 'The parameter - GroupName beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.HttpsUrl', + 'message' => 'Url is not valid https url.', + 'http_code' => 400, + 'description' => 'IssuerUrl is an invalid HTTPS URL.', + ], + [ + 'code' => 'InvalidParameter.LoginNetworkMasks.Format', + 'message' => 'The format of the parameter - LoginNetworkMasks is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.LoginNetworkMasks.Length', + 'message' => 'The parameter - LoginNetworkMasks beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.LoginNetworkMasks.Size', + 'message' => 'The parameter - LoginNetworkMasks beyond the size limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.LoginSessionDuration', + 'message' => 'The parameter - LoginSessionDuration beyond the value limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.Marker', + 'message' => 'The parameter - Marker is invalid.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.MaxItems', + 'message' => 'MaxItems must greater than 0 and less than 100.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.MaxLoginAttemps', + 'message' => 'The parameter - MaxLoginAttemps is invalid.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.MaxPasswordAge', + 'message' => 'The parameter - MaxPasswordAge is invalid.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.MetadataDocument.Format', + 'message' => 'The format of the parameter - MetadataDocument is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.MetadataDocument.Length', + 'message' => 'The parameter - MetadataDocument beyond the length limit.', + 'http_code' => 400, + 'description' => 'The length of the argument MetadataDocument exceeds the limit.', + ], + [ + 'code' => 'InvalidParameter.MinimumPasswordDifferentCharacter.Range', + 'message' => 'The parameter - MinimumPasswordDifferentCharacter MUST be in the range of 0 and 8.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.MinimumPasswordLength.Range', + 'message' => 'The parameter - MinimumPasswordLength MUST be in the range of 8 and 32.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.MobilePhone.Format', + 'message' => 'The format of the parameter - MobilePhone is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewComments.Length', + 'message' => 'The parameter - NewComments beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewDescription.Length', + 'message' => 'The parameter - NewDescription beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewDisplayName.Format', + 'message' => 'The format of the parameter - NewDisplayName is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewDisplayName.InvalidChars', + 'message' => 'The parameter - NewDisplayName contains invalid chars.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewDisplayName.Length', + 'message' => 'The parameter - NewDisplayName beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewEmail.Format', + 'message' => 'The format of the parameter - NewEmail is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewEncodedSAMLMetadataDocument.Format', + 'message' => 'The format of the parameter - NewEncodedSAMLMetadataDocument is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewEncodedSAMLMetadataDocument.Length', + 'message' => 'The parameter - NewEncodedSAMLMetadataDocument beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewGroupName.Format', + 'message' => 'The format of the parameter - NewGroupName is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewGroupName.Length', + 'message' => 'The parameter - NewGroupName beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewMobilePhone.Format', + 'message' => 'The format of the parameter - NewMobilePhone is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewPredefinedScopes', + 'message' => 'The parameter - NewPredefinedScopes should only choose one style./ The parameter - NewPredefinedScopes is invalid.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewRedirectUris', + 'message' => 'Invalid parameter NewRedirectUris: URL must have authority (host name).', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewRedirectUris', + 'message' => 'Invalid parameter NewRedirectUris: Unknown URL protocol.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewRedirectUris', + 'message' => 'Invalid parameter NewRedirectUris: URI must not contain fragment.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewRedirectUris', + 'message' => 'Invalid parameter NewRedirectUris: URI must not contain user info.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewRedirectUris', + 'message' => 'Invalid parameter NewRedirectUris: URI must be non-opaque.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewRedirectUris', + 'message' => 'Invalid parameter NewRedirectUris: URI must be absolute.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewRedirectUris', + 'message' => 'Invalid parameter NewRedirectUris: Malformed URI.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewSAMLMetadataDocument.Format', + 'message' => 'The format of the parameter - NewSAMLMetadataDocument is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewSAMLMetadataDocument.Length', + 'message' => 'The parameter - NewSAMLMetadataDocument beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewUserPrincipalName.Format', + 'message' => 'The format of the parameter - NewUserPrincipalName is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NewUserPrincipalName.Length', + 'message' => 'The parameter - NewUserPrincipalName beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.NextToken', + 'message' => 'The parameter - NextToken is invalid.', + 'http_code' => 400, + 'description' => 'The parameter NextToken is invalid.', + ], + [ + 'code' => 'InvalidParameter.OIDCDiscovery.Unreachable', + 'message' => 'Unreachable OIDC discovery.', + 'http_code' => 400, + 'description' => 'The issuer URL is unreachable.', + ], + [ + 'code' => 'InvalidParameter.OIDCProviderName', + 'message' => 'The parameter - OIDCProviderName is invalid.', + 'http_code' => 400, + 'description' => 'The parameter OIDCProviderName is invalid.', + ], + [ + 'code' => 'InvalidParameter.Password.ReUse', + 'message' => 'Password reuse prevention exceeded.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.Password.TooWeak', + 'message' => 'The specified password is not compliant with the password policy.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.PasswordReusePrevention', + 'message' => 'The parameter - PasswordReusePrevention is invalid.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.PredefinedScopes', + 'message' => 'The parameter - PredefinedScopes is invalid.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.RedirectUris', + 'message' => 'Invalid parameter RedirectUris: URL must have authority (host name).', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.RedirectUris', + 'message' => 'Invalid parameter RedirectUris: Unknown URL protocol.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.RedirectUris', + 'message' => 'Invalid parameter RedirectUris: URI must not contain fragment.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.RedirectUris', + 'message' => 'Invalid parameter RedirectUris: URI must not contain user info.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.RedirectUris', + 'message' => 'Invalid parameter RedirectUris: URI must be non-opaque.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.RedirectUris', + 'message' => 'Invalid parameter RedirectUris: URI must be absolute.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.RedirectUris', + 'message' => 'Invalid parameter RedirectUris: Malformed URI.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.ResourceType', + 'message' => 'The parameter - ResourceType is invalid.', + 'http_code' => 400, + 'description' => 'The parameter ResourceType is invalid.', + ], + [ + 'code' => 'InvalidParameter.RiskPassword.Weak', + 'message' => 'The specified password was detected as a weak password, please set a stronger password.', + 'http_code' => 400, + 'description' => 'The specified password was detected as a weak password, please set a stronger password.', + ], + [ + 'code' => 'InvalidParameter.SAMLMetadataDocument.Format', + 'message' => 'The format of the parameter - SAMLMetadataDocument is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.SAMLMetadataDocument.Length', + 'message' => 'The parameter - SAMLMetadataDocument beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.SAMLProviderName.InvalidChars', + 'message' => 'The parameter - SAMLProviderName contains invalid chars.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.SAMLProviderName.Length', + 'message' => 'The parameter - SAMLProviderName beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.Scopes', + 'message' => 'The parameter - Scopes is invalid.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.SerialNumber.InvalidChars', + 'message' => 'The parameter - SerialNumber contains invalid chars.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.Status', + 'message' => 'The parameter - Status is invalid.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.TagKey.Duplicate', + 'message' => 'The tag is Duplicated.', + 'http_code' => 400, + 'description' => 'Duplicate tag key', + ], + [ + 'code' => 'InvalidParameter.User.Conflict', + 'message' => 'Two of UserId, UserPrincipalName and UserAccessKeyId must be null.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.User.Conflict', + 'message' => 'One of UserId and UserPrincipalName must be null.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.UserAccessKeyId.Format', + 'message' => 'The format of the parameter - UserAccessKeyId is incorrect.', + 'http_code' => 400, + 'description' => 'The parameter UserAccessKeyId is in an illegal format.', + ], + [ + 'code' => 'InvalidParameter.UserPrincipalName.Format', + 'message' => 'The format of the parameter - UserPrincipalName is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.UserPrincipalName.InvalidChars', + 'message' => 'The parameter - UserPrincipalName contains invalid chars.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.UserPrincipalName.Length', + 'message' => 'The parameter - UserPrincipalName beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.VirtualMFADeviceName.InvalidChars', + 'message' => 'The parameter - VirtualMFADeviceName contains invalid chars.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'InvalidParameter.VirtualMFADeviceName.Length', + 'message' => 'The parameter - VirtualMFADeviceName beyond the length limit.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'LimitExceeded.AppSecret', + 'message' => 'The count of AppSecret beyond the current limits.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'LimitExceeded.ExternalApplication', + 'message' => 'The count of external application beyond the current limits.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'LimitExceeded.Group', + 'message' => 'The count of groups beyond the current limits.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'LimitExceeded.SAMLProvider', + 'message' => 'The count of SAMLProvider beyond the current limits.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'LimitExceeded.SAMLProviderIdp', + 'message' => 'The count of SAMLProviderIdp beyond the current limits.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'LimitExceeded.SAMLProviderIdpKey', + 'message' => 'The count of SAMLProviderIdpKey beyond the current limits.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'LimitExceeded.SecurityVerification', + 'message' => 'The count of SecurityVerification beyond the current limits.', + 'http_code' => 409, + 'description' => 'The number of security verification methods (including mobile phone and email) exceeds the limit.', + ], + [ + 'code' => 'LimitExceeded.User', + 'message' => 'The count of users beyond the current limits.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'LimitExceeded.User.AccessKey', + 'message' => 'The count of the user access keys beyond the current limits.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'LimitExceeded.User.Group', + 'message' => 'The count of groups the target user joined beyond the current limits.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'LimitExceeded.VerificationPerDay', + 'message' => 'The count of active verification per day beyond the current limits.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'LimitExceeded.VerificationPerMinute', + 'message' => 'The count of active verification per minute beyond the current limits.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'LimitExceeded.VerificationPerMoment', + 'message' => 'The count of active verification per moment beyond the current limits.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'LimitExceeded.VirtualMFADevice', + 'message' => 'The count of virtual MFA devices beyond the current limits.', + 'http_code' => 409, + 'description' => '', + ], + [ + 'code' => 'MissingAccessKeyPolicy', + 'message' => 'The input parameter AccessKeyPolicy that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingAppId', + 'message' => 'The input parameter AppId that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingAppName', + 'message' => 'The input parameter AppName that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingAppSecretId', + 'message' => 'The input parameter AppSecretId that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingAuthenticationCode1', + 'message' => 'The input parameter AuthenticationCode1 that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingAuthenticationCode2', + 'message' => 'The input parameter AuthenticationCode2 that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingDisplayName', + 'message' => 'The input parameter DisplayName that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingEncodedSAMLMetadataDocument', + 'message' => 'The input parameter EncodedSAMLMetadataDocument that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingGroupName', + 'message' => 'The input parameter GroupName that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingIssuerUrl', + 'message' => 'The input parameter IssuerUrl that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => 'Missing required parameter IssuerUrl.', + ], + [ + 'code' => 'MissingNewPassword', + 'message' => 'The input parameter NewPassword that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingPassword', + 'message' => 'The input parameter Password that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingSAMLProviderName', + 'message' => 'The input parameter SAMLProviderName that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingSerialNumber', + 'message' => 'The input parameter SerialNumber that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingStatus', + 'message' => 'The input parameter Status that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingTagOrResourceId', + 'message' => 'The specified tags and resourcesIds are not allow to be both empty.', + 'http_code' => 400, + 'description' => 'Tag and ResourceId parameters cannot be both empty.', + ], + [ + 'code' => 'MissingUserAccessKeyId', + 'message' => 'The input parameter UserAccessKeyId that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingUserPrincipalName', + 'message' => 'The input parameter UserPrincipalName that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'MissingVirtualMFADeviceName', + 'message' => 'The input parameter VirtualMFADeviceName that is mandatory for processing this request is not supplied.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'NotReady.CredentialReport', + 'message' => 'The credential report is being generated and not ready yet.', + 'http_code' => 404, + 'description' => '', + ], + [ + 'code' => 'NotSupport.AliyunReservedSAMLProvider', + 'message' => 'The SAMLProvider is reserved for Alibaba Cloud services.', + 'http_code' => 400, + 'description' => 'This SAML identity provider name is a reserved name for Alibaba Cloud.', + ], + [ + 'code' => 'OldPassword.Incorrect', + 'message' => 'The parameter OldPassword is incorrect.', + 'http_code' => 400, + 'description' => '', + ], + [ + 'code' => 'OperationConflict.Application.ProvisionApplicationType', + 'message' => 'The application type is not allowd to be provisioned in your account.', + 'http_code' => 409, + 'description' => '', + ], + ], + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'RestoreUserFromRecycleBin', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListUsers', + ], + [ + 'threshold' => '700', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetUserMFAInfo', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UnbindMFADevice', + ], + [ + 'threshold' => '20', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UntagResources', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetOIDCProvider', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'AddUserToGroup', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateApplication', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListPredefinedScopes', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeleteAppSecret', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeprovisionExternalApplication', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListUsersForGroup', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'SetVerificationInfo', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateOIDCProvider', + ], + [ + 'threshold' => '100', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GenerateGovernanceReport', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetGovernanceItemReport', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UpdateAccessKey', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetUserInRecycleBin', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'AddFingerprintToOIDCProvider', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'SetUserSsoSettings', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListRecentGovernanceMetrics', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeleteAccessKeyInRecycleBin', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ChangePassword', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeleteGroup', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetExternalApplication', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetApplicationProvisionInfo', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListAppSecretIds', + ], + [ + 'threshold' => '-1', + 'countWindow' => 1, + 'regionId' => '*', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateSAMLProvider', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetAppSecret', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'SetDefaultDomain', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateGroup', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateUser', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetVerificationInfo', + ], + [ + 'threshold' => '900', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListAccessKeys', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListExternalApplications', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeleteUserInRecycleBin', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetSecurityPreference', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListUsersInRecycleBin', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeleteLoginProfile', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetGovernanceReportStatus', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListUserBasicInfos', + ], + [ + 'threshold' => '20', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'TagResources', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetUserSsoSettings', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UpdateUser', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListVirtualMFADevices', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetSAMLProvider', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetDefaultDomain', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListTagResources', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'BindMFADevice', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetLoginProfile', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'SetSecurityPreference', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UpdateLoginProfile', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ProvisionExternalApplication', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetUser', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeleteVirtualMFADevice', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'RemoveUserFromGroup', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListApplicationProvisionInfos', + ], + [ + 'threshold' => '350', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetAccessKeyLastUsed', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DisableVirtualMFA', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetGroup', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'RestoreAccessKeyFromRecycleBin', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateAccessKey', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeleteOIDCProvider', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeleteApplication', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UnbindVerification', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateAppSecret', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListGroupsForUser', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListAccessKeysInRecycleBin', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetAccountMFAInfo', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UpdateSAMLProvider', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateVirtualMFADevice', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeleteUser', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListGroups', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetAccessKeyInfoInRecycleBin', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UpdateOIDCProvider', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'RemoveClientIdFromOIDCProvider', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ProvisionApplication', + ], + [ + 'threshold' => '100', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GenerateCredentialReport', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UpdateApplication', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetAccountSummary', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeleteSAMLProvider', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetPasswordPolicy', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'RemoveFingerprintFromOIDCProvider', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'SetPasswordPolicy', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetCredentialReport', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeleteAccessKey', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetAccountSecurityPracticeReport', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'AddClientIdToOIDCProvider', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeprovisionApplication', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListApplications', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListSAMLProviders', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetApplication', + ], + [ + 'threshold' => '450', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListOIDCProviders', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateLoginProfile', + ], + [ + 'threshold' => '150', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UpdateGroup', + ], + ], + ], + 'ram' => [ + 'productCode' => 'IMS', + 'productName' => 'Resource Access Management', + 'ramCodes' => [ + 'ram', + 'ims', + ], + 'ramLevel' => 'RESOURCE', + 'ramConditions' => [ + [ + 'name' => 'ram:OidcIssuerUrl', + 'schema' => [ + 'type' => 'String', + 'description' => 'The URL of the issuer, which is provided by the external IdP.', + ], + ], + [ + 'name' => 'ram:MFAOperationForLogin', + 'schema' => [ + 'type' => 'String', + 'description' => 'Whether MFA authentication is required for login.', + 'enums' => [ + 'mandatory', + 'independent', + 'adaptive', + ], + ], + ], + ], + 'ramActions' => [ + [ + 'apiName' => 'SetSecurityPreference', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SetSecurityPreference', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:MFAOperationForLogin', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'UnbindMFADevice', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UnbindMFADevice', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'AddClientIdToOIDCProvider', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:AddClientIdToOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + ], + ], + ], + [ + 'apiName' => 'AddFingerprintToOIDCProvider', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:AddFingerprintToOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + ], + ], + ], + [ + 'apiName' => 'UpdateUserProvisionType', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateUserProvisionType', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#AccountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'ListRecentGovernanceMetrics', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListRecentGovernanceMetrics', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetSecurityPreference', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetSecurityPreference', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GenerateCredentialReport', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:GenerateCredentialReport', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListAccessKeys', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListAccessKeys', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteAccessKey', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteAccessKey', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'AddUserToGroup', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:AddUserToGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/{#GroupName}', + ], + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteUserInRecycleBin', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteUserInRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListUsersForGroup', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListUsersForGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/{#GroupName}', + ], + ], + ], + ], + [ + 'apiName' => 'GetVerificationInfo', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetVerificationInfo', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ProvisionExternalApplication', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:ProvisionExternalApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteVirtualMFADevice', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteVirtualMFADevice', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'MFADevice', + 'arn' => 'acs:ram::{#accountId}:mfa/{#SerialNumber}', + ], + ], + ], + ], + [ + 'apiName' => 'CreateVirtualMFADevice', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateVirtualMFADevice', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'MFADevice', + 'arn' => 'acs:ram::{#accountId}:mfa/*', + ], + ], + ], + ], + [ + 'apiName' => 'UpdateOIDCProvider', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + ], + ], + ], + [ + 'apiName' => 'GetApplicationAssignmentType', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetApplicationAssignmentType', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ProvisionApplication', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:ProvisionApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetUserSsoSettings', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetUserSsoSettings', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'TagResources', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:TagResources', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DeprovisionApplication', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:DeprovisionApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + [ + 'apiName' => 'ListGroupsForUser', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListGroupsForUser', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'SetApplicationAssignmentType', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SetApplicationAssignmentType', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteOIDCProvider', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + ], + ], + ], + [ + 'apiName' => 'UpdateLoginProfile', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateLoginProfile', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'RemoveFingerprintFromOIDCProvider', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:RemoveFingerprintFromOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteAppSecret', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteAppSecret', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + [ + 'apiName' => 'GetUser', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetUser', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'UnbindVerification', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UnbindVerification', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'RestoreAccessKeyFromRecycleBin', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:RestoreAccessKeyFromRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetAccessKeyLastUsed', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetAccessKeyLastUsed', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'SetAccessKeyPolicy', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SetAccessKeyPolicy', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#AccountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'UpdateSAMLProvider', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateSAMLProvider', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'SAMLProvider', + 'arn' => 'acs:ram::{#accountId}:saml-provider/{#SAMLProviderName}', + ], + ], + ], + ], + [ + 'apiName' => 'ListApplicationAssignments', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListApplicationAssignments', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteApplicationAssignment', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteApplicationAssignment', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'SetAccessKeyPolicyForAccount', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SetAccessKeyPolicyForAccount', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListUserBasicInfos', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListUserBasicInfos', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/*', + ], + ], + ], + ], + [ + 'apiName' => 'GetGroup', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/{#GroupName}', + ], + ], + ], + ], + [ + 'apiName' => 'CreateAccessKey', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateAccessKey', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'UpdateApplication', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + [ + 'apiName' => 'CreateUser', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateUser', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/*', + ], + ], + ], + ], + [ + 'apiName' => 'UpdateGroup', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/{#GroupName}', + ], + ], + ], + ], + [ + 'apiName' => 'CreateApplication', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'CreateApplicationAssignment', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateApplicationAssignment', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'RemoveClientIdFromOIDCProvider', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:RemoveClientIdFromOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + ], + ], + ], + [ + 'apiName' => 'GetAccessKeyPolicy', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetAccessKeyPolicy', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'GetSamlSsoSettings', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetSamlSsoSettings', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'CreateOIDCProvider', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetOIDCProvider', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetOIDCProvider', + 'authLevel' => 'resource', + 'actionConditions' => [ + [ + 'conditionKey' => 'ram:OidcIssuerUrl', + 'validationType' => 'always', + ], + ], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + ], + ], + ], + [ + 'apiName' => 'DeprovisionExternalApplication', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:DeprovisionExternalApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'CreateSAMLProvider', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateSAMLProvider', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'BindVerification', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:BindVerification', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'SetSamlSsoSettings', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SetSamlSsoSettings', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListApplications', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:ListApplications', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'SetPasswordPolicy', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SetPasswordPolicy', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListExternalApplications', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListExternalApplications', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListAuthorizedDynamicClients', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListAuthorizedDynamicClients', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetDefaultDomain', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetDefaultDomain', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'SetVerificationInfo', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SetVerificationInfo', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetGovernanceItemReport', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetGovernanceItemReport', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetUserMFAInfo', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetUserMFAInfo', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'UpdatePasskey', + 'description' => '', + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'ram:UpdatePasskey', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'RestoreUserFromRecycleBin', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:RestoreUserFromRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetAccountSummary', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetAccountSummary', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetUserInRecycleBin', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetUserInRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetApplication', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + [ + 'apiName' => 'SendVerificationLink', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SendVerificationLink', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetSAMLProvider', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetSAMLProvider', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'SAMLProvider', + 'arn' => 'acs:ram::{#accountId}:saml-provider/{#SAMLProviderName}', + ], + ], + ], + ], + [ + 'apiName' => 'GetExternalApplication', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetExternalApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'BindPasskey', + 'description' => '', + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'ram:BindPasskey', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteUser', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteUser', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'GetCredentialReport', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetCredentialReport', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteSAMLProvider', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteSAMLProvider', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'SAMLProvider', + 'arn' => 'acs:ram::{#accountId}:saml-provider/{#SAMLProviderName}', + ], + ], + ], + ], + [ + 'apiName' => 'GetLoginProfile', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetLoginProfile', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'ListOIDCProviders', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListOIDCProviders', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DeletePasskey', + 'description' => '', + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'ram:DeletePasskey', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteApplication', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteApplication', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + [ + 'apiName' => 'GetApplicationProvisionInfo', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetApplicationProvisionInfo', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListPasskeys', + 'description' => '', + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'ram:ListPasskeys', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'SetDefaultDomain', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SetDefaultDomain', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetGovernanceReportStatus', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetGovernanceReportStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'UpdateAccessKey', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateAccessKey', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'UntagResources', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UntagResources', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListApplicationProvisionInfos', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListApplicationProvisionInfos', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'SetUserSsoSettings', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:SetUserSsoSettings', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListAuthorizedClients', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListAuthorizedClients', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'CreateAppSecret', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateAppSecret', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + [ + 'apiName' => 'ListSAMLProviders', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListSAMLProviders', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteAccessKeyInRecycleBin', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteAccessKeyInRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListTagResources', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListTagResources', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'RemoveUserFromGroup', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:RemoveUserFromGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/{#GroupName}', + ], + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteGroup', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/{#GroupName}', + ], + ], + ], + ], + [ + 'apiName' => 'ListAccessKeysInRecycleBin', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListAccessKeysInRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetAccessKeyInfoInRecycleBin', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetAccessKeyInfoInRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetAccessKeyPolicyForAccount', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetAccessKeyPolicyForAccount', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GenerateGovernanceReport', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:GenerateGovernanceReport', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetAccountSecurityPracticeReport', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetAccountSecurityPracticeReport', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListUsers', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListUsers', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/*', + ], + ], + ], + ], + [ + 'apiName' => 'ListGroups', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListGroups', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/*', + ], + ], + ], + ], + [ + 'apiName' => 'ListApplicationAssignmentsForPrincipal', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListApplicationAssignmentsForPrincipal', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListUsersInRecycleBin', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListUsersInRecycleBin', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListVirtualMFADevices', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListVirtualMFADevices', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'MFADevice', + 'arn' => 'acs:ram::{#accountId}:mfa/*', + ], + ], + ], + ], + [ + 'apiName' => 'DisableVirtualMFA', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:DisableVirtualMFA', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteAuthorizedDynamicClient', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteAuthorizedDynamicClient', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + [ + 'apiName' => 'UpdateUser', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateUser', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'GetAccountMFAInfo', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetAccountMFAInfo', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteLoginProfile', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteLoginProfile', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'UpdateDefaultDomain', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:UpdateDefaultDomain', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'CreateLoginProfile', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateLoginProfile', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'ChangePassword', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:ChangePassword', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'BindMFADevice', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'ram:BindMFADevice', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + ], + ], + ], + [ + 'apiName' => 'GetPasswordPolicy', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetPasswordPolicy', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'All Resource', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteAuthorizedClient', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'ram:DeleteAuthorizedClient', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + [ + 'apiName' => 'CreateGroup', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'ram:CreateGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/*', + ], + ], + ], + ], + [ + 'apiName' => 'ListAppSecretIds', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'ram:ListAppSecretIds', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + [ + 'apiName' => 'GetAppSecret', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'ram:GetAppSecret', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'IMS', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + ], + ], + ], + ], + 'resourceTypes' => [ + [ + 'validationType' => 'always', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#accountId}:user/{#UserName}', + ], + [ + 'validationType' => 'always', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/{#OIDCProviderName}', + ], + [ + 'validationType' => 'always', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/{#GroupName}', + ], + [ + 'validationType' => 'conditional', + 'resourceType' => 'User', + 'arn' => 'acs:ram::{#AccountId}:user/*', + ], + [ + 'validationType' => 'always', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/*', + ], + [ + 'validationType' => 'always', + 'resourceType' => 'MFADevice', + 'arn' => 'acs:ram::{#accountId}:mfa/{#SerialNumber}', + ], + [ + 'validationType' => 'always', + 'resourceType' => 'MFADevice', + 'arn' => 'acs:ram::{#accountId}:mfa/*', + ], + [ + 'validationType' => 'always', + 'resourceType' => 'Application', + 'arn' => 'acs:ram::{#accountId}:application/{#AppName}', + ], + [ + 'validationType' => 'always', + 'resourceType' => 'SAMLProvider', + 'arn' => 'acs:ram::{#accountId}:saml-provider/{#SAMLProviderName}', + ], + [ + 'validationType' => 'always', + 'resourceType' => 'Role', + 'arn' => 'acs:ram::{#accountId}:role/{#RoleName}', + ], + [ + 'validationType' => 'always', + 'resourceType' => 'AccountInfo', + 'arn' => 'acs:ram::{#accountId}:*', + ], + [ + 'validationType' => 'always', + 'resourceType' => 'OIDCProvider', + 'arn' => 'acs:ram::{#accountId}:oidc-provider/*', + ], + [ + 'validationType' => 'always', + 'resourceType' => 'SAMLProvider', + 'arn' => 'acs:ram::{#accountId}:saml-provider/*', + ], + [ + 'validationType' => 'always', + 'resourceType' => 'Group', + 'arn' => 'acs:ram::{#accountId}:group/*', + ], + ], + ], +]; -- cgit v1.2.3