
IAM
***


boto.iam
========

class class boto.iam.IAMRegionInfo(connection=None, name=None, endpoint=None, connection_cls=None)

   connect(**kw_params)

      Connect to this Region's endpoint. Returns an connection object
      pointing to the endpoint associated with this region. You may
      pass any of the arguments accepted by the connection class's
      constructor as keyword arguments and they will be passed along
      to the connection object.

      Return type:
         Connection object

      Returns:
         The connection to this regions endpoint

boto.iam.connect_to_region(region_name, **kw_params)

   Given a valid region name, return a
   "boto.iam.connection.IAMConnection".

   Type:
      str

   Parameters:
      **region_name** -- The name of the region to connect to.

   Return type:
      "boto.iam.connection.IAMConnection" or "None"

   Returns:
      A connection to the given region, or None if an invalid region
      name is given

boto.iam.regions()

   Get all available regions for the IAM service.

   Return type:
      list

   Returns:
      A list of "boto.regioninfo.RegionInfo" instances


boto.iam.connection
===================

class class boto.iam.connection.IAMConnection(aws_access_key_id=None, aws_secret_access_key=None, is_secure=True, port=None, proxy=None, proxy_port=None, proxy_user=None, proxy_pass=None, host='iam.amazonaws.com', debug=0, https_connection_factory=None, path='/', security_token=None, validate_certs=True, profile_name=None)

   APIVersion = '2010-05-08'

   add_role_to_instance_profile(instance_profile_name, role_name)

      Adds the specified role to the specified instance profile.

      Parameters:
         * **instance_profile_name** (*string*) -- Name of the
           instance profile to update.

         * **role_name** (*string*) -- Name of the role to add.

   add_user_to_group(group_name, user_name)

      Add a user to a group

      Parameters:
         * **group_name** (*string*) -- The name of the group

         * **user_name** (*string*) -- The to be added to the group.

   create_access_key(user_name=None)

      Create a new AWS Secret Access Key and corresponding AWS Access
      Key ID for the specified user.  The default status for new keys
      is Active

      If the user_name is not specified, the user_name is determined
      implicitly based on the AWS Access Key ID used to sign the
      request.

      Parameters:
         **user_name** (*string*) -- The username of the user

   create_account_alias(alias)

      Creates a new alias for the AWS account.

      For more information on account id aliases, please see
      http://goo.gl/ToB7G

      Parameters:
         **alias** (*string*) -- The alias to attach to the account.

   create_group(group_name, path='/')

      Create a group.

      Parameters:
         * **group_name** (*string*) -- The name of the new group

         * **path** (*string*) -- The path to the group (Optional).
           Defaults to /.

   create_instance_profile(instance_profile_name, path=None)

      Creates a new instance profile.

      Parameters:
         * **instance_profile_name** (*string*) -- Name of the
           instance profile to create.

         * **path** (*string*) -- The path to the instance profile.

   create_login_profile(user_name, password)

      Creates a login profile for the specified user, give the user
      the ability to access AWS services and the AWS Management
      Console.

      Parameters:
         * **user_name** (*string*) -- The name of the user

         * **password** (*string*) -- The new password for the user

   create_role(role_name, assume_role_policy_document=None, path=None)

      Creates a new role for your AWS account.

      The policy grants permission to an EC2 instance to assume the
      role. The policy is URL-encoded according to RFC 3986.
      Currently, only EC2 instances can assume roles.

      Parameters:
         * **role_name** (*string*) -- Name of the role to create.

         * **assume_role_policy_document** ("string" or "dict") --
           The policy that grants an entity permission to assume the
           role.

         * **path** (*string*) -- The path to the instance profile.

   create_saml_provider(saml_metadata_document, name)

      Creates an IAM entity to describe an identity provider (IdP)
      that supports SAML 2.0.

      The SAML provider that you create with this operation can be
      used as a principal in a role's trust policy to establish a
      trust relationship between AWS and a SAML identity provider. You
      can create an IAM role that supports Web-based single sign-on
      (SSO) to the AWS Management Console or one that supports API
      access to AWS.

      When you create the SAML provider, you upload an a SAML metadata
      document that you get from your IdP and that includes the
      issuer's name, expiration information, and keys that can be used
      to validate the SAML authentication response (assertions) that
      are received from the IdP. You must generate the metadata
      document using the identity management software that is used as
      your organization's IdP. This operation requires >>`Signature
      Version 4`_<<. For more information, see >>`Giving Console
      Access Using SAML`_<< and >>`Creating Temporary Security
      Credentials for SAML Federation`_<< in the Using Temporary
      Credentials guide.

      Parameters:
         **saml_metadata_document** (*string*) -- An XML document
         generated by an identity provider (IdP) that supports SAML
         2.0. The document includes the issuer's name, expiration
         information, and keys that can be used to validate the SAML
         authentication response (assertions) that are received from
         the IdP. You must generate the metadata document using the
         identity management software that is used as your
         organization's IdP.

      For more information, see >>`<<Creating Temporary Security
      Credentials for
         SAML Federation`_ in the Using Temporary Security Credentials
         guide.

      Parameters:
         **name** (*string*) -- The name of the provider to create.

   create_user(user_name, path='/')

      Create a user.

      Parameters:
         * **user_name** (*string*) -- The name of the new user

         * **path** (*string*) -- The path in which the user will be
           created. Defaults to /.

   deactivate_mfa_device(user_name, serial_number)

      Deactivates the specified MFA device and removes it from
      association with the user.

      Parameters:
         * **user_name** (*string*) -- The username of the user

         * **serial_number** (*string*) -- The serial number which
           uniquely identifies the MFA device.

   delete_access_key(access_key_id, user_name=None)

      Delete an access key associated with a user.

      If the user_name is not specified, it is determined implicitly
      based on the AWS Access Key ID used to sign the request.

      Parameters:
         * **access_key_id** (*string*) -- The ID of the access key
           to be deleted.

         * **user_name** (*string*) -- The username of the user

   delete_account_alias(alias)

      Deletes an alias for the AWS account.

      For more information on account id aliases, please see
      http://goo.gl/ToB7G

      Parameters:
         **alias** (*string*) -- The alias to remove from the account.

   delete_group(group_name)

      Delete a group. The group must not contain any Users or have any
      attached policies

      Parameters:
         **group_name** (*string*) -- The name of the group to delete.

   delete_group_policy(group_name, policy_name)

      Deletes the specified policy document for the specified group.

      Parameters:
         * **group_name** (*string*) -- The name of the group the
           policy is associated with.

         * **policy_name** (*string*) -- The policy document to
           delete.

   delete_instance_profile(instance_profile_name)

      Deletes the specified instance profile. The instance profile
      must not have an associated role.

      Parameters:
         **instance_profile_name** (*string*) -- Name of the instance
         profile to delete.

   delete_login_profile(user_name)

      Deletes the login profile associated with the specified user.

      Parameters:
         **user_name** (*string*) -- The name of the user to delete.

   delete_role(role_name)

      Deletes the specified role. The role must not have any policies
      attached.

      Parameters:
         **role_name** (*string*) -- Name of the role to delete.

   delete_role_policy(role_name, policy_name)

      Deletes the specified policy associated with the specified role.

      Parameters:
         * **role_name** (*string*) -- Name of the role associated
           with the policy.

         * **policy_name** (*string*) -- Name of the policy to
           delete.

   delete_saml_provider(saml_provider_arn)

      Deletes a SAML provider.

      Deleting the provider does not update any roles that reference
      the SAML provider as a principal in their trust policies. Any
      attempt to assume a role that references a SAML provider that
      has been deleted will fail. This operation requires >>`Signature
      Version 4`_<<.

      Parameters:
         **saml_provider_arn** (*string*) -- The Amazon Resource Name
         (ARN) of the SAML provider to delete.

   delete_server_cert(cert_name)

      Delete the specified server certificate.

      Parameters:
         **cert_name** (*string*) -- The name of the server
         certificate you want to delete.

   delete_signing_cert(cert_id, user_name=None)

      Delete a signing certificate associated with a user.

      If the user_name is not specified, it is determined implicitly
      based on the AWS Access Key ID used to sign the request.

      Parameters:
         * **user_name** (*string*) -- The username of the user

         * **cert_id** (*string*) -- The ID of the certificate.

   delete_user(user_name)

      Delete a user including the user's path, GUID and ARN.

      If the user_name is not specified, the user_name is determined
      implicitly based on the AWS Access Key ID used to sign the
      request.

      Parameters:
         **user_name** (*string*) -- The name of the user to delete.

   delete_user_policy(user_name, policy_name)

      Deletes the specified policy document for the specified user.

      Parameters:
         * **user_name** (*string*) -- The name of the user the
           policy is associated with.

         * **policy_name** (*string*) -- The policy document to
           delete.

   enable_mfa_device(user_name, serial_number, auth_code_1, auth_code_2)

      Enables the specified MFA device and associates it with the
      specified user.

      Parameters:
         * **user_name** (*string*) -- The username of the user

         * **serial_number** (*string*) -- The serial number which
           uniquely identifies the MFA device.

         * **auth_code_1** (*string*) -- An authentication code
           emitted by the device.

         * **auth_code_2** (*string*) -- A subsequent authentication
           code emitted by the device.

   get_account_alias()

      Get the alias for the current account.

      This is referred to in the docs as list_account_aliases, but it
      seems you can only have one account alias currently.

      For more information on account id aliases, please see
      http://goo.gl/ToB7G

   get_account_summary()

      Get the alias for the current account.

      This is referred to in the docs as list_account_aliases, but it
      seems you can only have one account alias currently.

      For more information on account id aliases, please see
      http://goo.gl/ToB7G

   get_all_access_keys(user_name, marker=None, max_items=None)

      Get all access keys associated with an account.

      Parameters:
         * **user_name** (*string*) -- The username of the user

         * **marker** (*string*) -- Use this only when paginating
           results and only in follow-up request after you've received
           a response where the results are truncated.  Set this to
           the value of the Marker element in the response you just
           received.

         * **max_items** (*int*) -- Use this only when paginating
           results to indicate the maximum number of groups you want
           in the response.

   get_all_group_policies(group_name, marker=None, max_items=None)

      List the names of the policies associated with the specified
      group.

      Parameters:
         * **group_name** (*string*) -- The name of the group the
           policy is associated with.

         * **marker** (*string*) -- Use this only when paginating
           results and only in follow-up request after you've received
           a response where the results are truncated.  Set this to
           the value of the Marker element in the response you just
           received.

         * **max_items** (*int*) -- Use this only when paginating
           results to indicate the maximum number of groups you want
           in the response.

   get_all_groups(path_prefix='/', marker=None, max_items=None)

      List the groups that have the specified path prefix.

      Parameters:
         * **path_prefix** (*string*) -- If provided, only groups
           whose paths match the provided prefix will be returned.

         * **marker** (*string*) -- Use this only when paginating
           results and only in follow-up request after you've received
           a response where the results are truncated.  Set this to
           the value of the Marker element in the response you just
           received.

         * **max_items** (*int*) -- Use this only when paginating
           results to indicate the maximum number of groups you want
           in the response.

   get_all_mfa_devices(user_name, marker=None, max_items=None)

      Get all MFA devices associated with an account.

      Parameters:
         * **user_name** (*string*) -- The username of the user

         * **marker** (*string*) -- Use this only when paginating
           results and only in follow-up request after you've received
           a response where the results are truncated.  Set this to
           the value of the Marker element in the response you just
           received.

         * **max_items** (*int*) -- Use this only when paginating
           results to indicate the maximum number of groups you want
           in the response.

   get_all_server_certs(path_prefix='/', marker=None, max_items=None)

      Lists the server certificates that have the specified path
      prefix. If none exist, the action returns an empty list.

      Parameters:
         * **path_prefix** (*string*) -- If provided, only
           certificates whose paths match the provided prefix will be
           returned.

         * **marker** (*string*) -- Use this only when paginating
           results and only in follow-up request after you've received
           a response where the results are truncated.  Set this to
           the value of the Marker element in the response you just
           received.

         * **max_items** (*int*) -- Use this only when paginating
           results to indicate the maximum number of groups you want
           in the response.

   get_all_signing_certs(marker=None, max_items=None, user_name=None)

      Get all signing certificates associated with an account.

      If the user_name is not specified, it is determined implicitly
      based on the AWS Access Key ID used to sign the request.

      Parameters:
         * **marker** (*string*) -- Use this only when paginating
           results and only in follow-up request after you've received
           a response where the results are truncated.  Set this to
           the value of the Marker element in the response you just
           received.

         * **max_items** (*int*) -- Use this only when paginating
           results to indicate the maximum number of groups you want
           in the response.

         * **user_name** (*string*) -- The username of the user

   get_all_user_policies(user_name, marker=None, max_items=None)

      List the names of the policies associated with the specified
      user.

      Parameters:
         * **user_name** (*string*) -- The name of the user the
           policy is associated with.

         * **marker** (*string*) -- Use this only when paginating
           results and only in follow-up request after you've received
           a response where the results are truncated.  Set this to
           the value of the Marker element in the response you just
           received.

         * **max_items** (*int*) -- Use this only when paginating
           results to indicate the maximum number of groups you want
           in the response.

   get_all_users(path_prefix='/', marker=None, max_items=None)

      List the users that have the specified path prefix.

      Parameters:
         * **path_prefix** (*string*) -- If provided, only users
           whose paths match the provided prefix will be returned.

         * **marker** (*string*) -- Use this only when paginating
           results and only in follow-up request after you've received
           a response where the results are truncated.  Set this to
           the value of the Marker element in the response you just
           received.

         * **max_items** (*int*) -- Use this only when paginating
           results to indicate the maximum number of groups you want
           in the response.

   get_group(group_name, marker=None, max_items=None)

      Return a list of users that are in the specified group.

      Parameters:
         * **group_name** (*string*) -- The name of the group whose
           information should be returned.

         * **marker** (*string*) -- Use this only when paginating
           results and only in follow-up request after you've received
           a response where the results are truncated.  Set this to
           the value of the Marker element in the response you just
           received.

         * **max_items** (*int*) -- Use this only when paginating
           results to indicate the maximum number of groups you want
           in the response.

   get_group_policy(group_name, policy_name)

      Retrieves the specified policy document for the specified group.

      Parameters:
         * **group_name** (*string*) -- The name of the group the
           policy is associated with.

         * **policy_name** (*string*) -- The policy document to get.

   get_groups_for_user(user_name, marker=None, max_items=None)

      List the groups that a specified user belongs to.

      Parameters:
         * **user_name** (*string*) -- The name of the user to list
           groups for.

         * **marker** (*string*) -- Use this only when paginating
           results and only in follow-up request after you've received
           a response where the results are truncated.  Set this to
           the value of the Marker element in the response you just
           received.

         * **max_items** (*int*) -- Use this only when paginating
           results to indicate the maximum number of groups you want
           in the response.

   get_instance_profile(instance_profile_name)

      Retrieves information about the specified instance profile,
      including the instance profile's path, GUID, ARN, and role.

      Parameters:
         **instance_profile_name** (*string*) -- Name of the instance
         profile to get information about.

   get_login_profiles(user_name)

      Retrieves the login profile for the specified user.

      Parameters:
         **user_name** (*string*) -- The username of the user

   get_response(action, params, path='/', parent=None, verb='POST', list_marker='Set')

      Utility method to handle calls to IAM and parsing of responses.

   get_role(role_name)

      Retrieves information about the specified role, including the
      role's path, GUID, ARN, and the policy granting permission to
      EC2 to assume the role.

      Parameters:
         **role_name** (*string*) -- Name of the role associated with
         the policy.

   get_role_policy(role_name, policy_name)

      Retrieves the specified policy document for the specified role.

      Parameters:
         * **role_name** (*string*) -- Name of the role associated
           with the policy.

         * **policy_name** (*string*) -- Name of the policy to get.

   get_saml_provider(saml_provider_arn)

      Returns the SAML provider metadocument that was uploaded when
      the provider was created or updated. This operation requires
      >>`Signature Version 4`_<<.

      Parameters:
         **saml_provider_arn** (*string*) -- The Amazon Resource Name
         (ARN) of the SAML provider to get information about.

   get_server_certificate(cert_name)

      Retrieves information about the specified server certificate.

      Parameters:
         **cert_name** (*string*) -- The name of the server
         certificate you want to retrieve information about.

   get_signin_url(service='ec2')

      Get the URL where IAM users can use their login profile to sign
      in to this account's console.

      Parameters:
         **service** (*string*) -- Default service to go to in the
         console.

   get_user(user_name=None)

      Retrieve information about the specified user.

      If the user_name is not specified, the user_name is determined
      implicitly based on the AWS Access Key ID used to sign the
      request.

      Parameters:
         **user_name** (*string*) -- The name of the user to retrieve.
         If not specified, defaults to user making request.

   get_user_policy(user_name, policy_name)

      Retrieves the specified policy document for the specified user.

      Parameters:
         * **user_name** (*string*) -- The name of the user the
           policy is associated with.

         * **policy_name** (*string*) -- The policy document to get.

   list_instance_profiles(path_prefix=None, marker=None, max_items=None)

      Lists the instance profiles that have the specified path prefix.
      If there are none, the action returns an empty list.

      Parameters:
         * **path_prefix** (*string*) -- The path prefix for
           filtering the results. For example:
           /application_abc/component_xyz/, which would get all
           instance profiles whose path starts with
           /application_abc/component_xyz/.

         * **marker** (*string*) -- Use this parameter only when
           paginating results, and only in a subsequent request after
           you've received a response where the results are truncated.
           Set it to the value of the Marker element in the response
           you just received.

         * **max_items** (*int*) -- Use this parameter only when
           paginating results to indicate the maximum number of user
           names you want in the response.

   list_instance_profiles_for_role(role_name, marker=None, max_items=None)

      Lists the instance profiles that have the specified associated
      role. If there are none, the action returns an empty list.

      Parameters:
         * **role_name** (*string*) -- The name of the role to list
           instance profiles for.

         * **marker** (*string*) -- Use this parameter only when
           paginating results, and only in a subsequent request after
           you've received a response where the results are truncated.
           Set it to the value of the Marker element in the response
           you just received.

         * **max_items** (*int*) -- Use this parameter only when
           paginating results to indicate the maximum number of user
           names you want in the response.

   list_role_policies(role_name, marker=None, max_items=None)

      Lists the names of the policies associated with the specified
      role. If there are none, the action returns an empty list.

      Parameters:
         * **role_name** (*string*) -- The name of the role to list
           policies for.

         * **marker** (*string*) -- Use this parameter only when
           paginating results, and only in a subsequent request after
           you've received a response where the results are truncated.
           Set it to the value of the marker element in the response
           you just received.

         * **max_items** (*int*) -- Use this parameter only when
           paginating results to indicate the maximum number of user
           names you want in the response.

   list_roles(path_prefix=None, marker=None, max_items=None)

      Lists the roles that have the specified path prefix. If there
      are none, the action returns an empty list.

      Parameters:
         * **path_prefix** (*string*) -- The path prefix for
           filtering the results.

         * **marker** (*string*) -- Use this parameter only when
           paginating results, and only in a subsequent request after
           you've received a response where the results are truncated.
           Set it to the value of the marker element in the response
           you just received.

         * **max_items** (*int*) -- Use this parameter only when
           paginating results to indicate the maximum number of user
           names you want in the response.

   list_saml_providers()

      Lists the SAML providers in the account. This operation requires
      >>`Signature Version 4`_<<.

   list_server_certs(path_prefix='/', marker=None, max_items=None)

      Lists the server certificates that have the specified path
      prefix. If none exist, the action returns an empty list.

      Parameters:
         * **path_prefix** (*string*) -- If provided, only
           certificates whose paths match the provided prefix will be
           returned.

         * **marker** (*string*) -- Use this only when paginating
           results and only in follow-up request after you've received
           a response where the results are truncated.  Set this to
           the value of the Marker element in the response you just
           received.

         * **max_items** (*int*) -- Use this only when paginating
           results to indicate the maximum number of groups you want
           in the response.

   put_group_policy(group_name, policy_name, policy_json)

      Adds or updates the specified policy document for the specified
      group.

      Parameters:
         * **group_name** (*string*) -- The name of the group the
           policy is associated with.

         * **policy_name** (*string*) -- The policy document to get.

         * **policy_json** (*string*) -- The policy document.

   put_role_policy(role_name, policy_name, policy_document)

      Adds (or updates) a policy document associated with the
      specified role.

      Parameters:
         * **role_name** (*string*) -- Name of the role to associate
           the policy with.

         * **policy_name** (*string*) -- Name of the policy
           document.

         * **policy_document** (*string*) -- The policy document.

   put_user_policy(user_name, policy_name, policy_json)

      Adds or updates the specified policy document for the specified
      user.

      Parameters:
         * **user_name** (*string*) -- The name of the user the
           policy is associated with.

         * **policy_name** (*string*) -- The policy document to get.

         * **policy_json** (*string*) -- The policy document.

   remove_role_from_instance_profile(instance_profile_name, role_name)

      Removes the specified role from the specified instance profile.

      Parameters:
         * **instance_profile_name** (*string*) -- Name of the
           instance profile to update.

         * **role_name** (*string*) -- Name of the role to remove.

   remove_user_from_group(group_name, user_name)

      Remove a user from a group.

      Parameters:
         * **group_name** (*string*) -- The name of the group

         * **user_name** (*string*) -- The user to remove from the
           group.

   resync_mfa_device(user_name, serial_number, auth_code_1, auth_code_2)

      Syncronizes the specified MFA device with the AWS servers.

      Parameters:
         * **user_name** (*string*) -- The username of the user

         * **serial_number** (*string*) -- The serial number which
           uniquely identifies the MFA device.

         * **auth_code_1** (*string*) -- An authentication code
           emitted by the device.

         * **auth_code_2** (*string*) -- A subsequent authentication
           code emitted by the device.

   update_access_key(access_key_id, status, user_name=None)

      Changes the status of the specified access key from Active to
      Inactive or vice versa.  This action can be used to disable a
      user's key as part of a key rotation workflow.

      If the user_name is not specified, the user_name is determined
      implicitly based on the AWS Access Key ID used to sign the
      request.

      Parameters:
         * **access_key_id** (*string*) -- The ID of the access key.

         * **status** (*string*) -- Either Active or Inactive.

         * **user_name** (*string*) -- The username of user
           (optional).

   update_assume_role_policy(role_name, policy_document)

      Updates the policy that grants an entity permission to assume a
      role. Currently, only an Amazon EC2 instance can assume a role.

      Parameters:
         * **role_name** (*string*) -- Name of the role to update.

         * **policy_document** (*string*) -- The policy that grants
           an entity permission to assume the role.

   update_group(group_name, new_group_name=None, new_path=None)

      Updates name and/or path of the specified group.

      Parameters:
         * **group_name** (*string*) -- The name of the new group

         * **new_group_name** (*string*) -- If provided, the name of
           the group will be changed to this name.

         * **new_path** (*string*) -- If provided, the path of the
           group will be changed to this path.

   update_login_profile(user_name, password)

      Resets the password associated with the user's login profile.

      Parameters:
         * **user_name** (*string*) -- The name of the user

         * **password** (*string*) -- The new password for the user

   update_saml_provider(saml_provider_arn, saml_metadata_document)

      Updates the metadata document for an existing SAML provider.
      This operation requires >>`Signature Version 4`_<<.

      Parameters:
         * **saml_provider_arn** (*string*) -- The Amazon Resource
           Name (ARN) of the SAML provider to update.

         * **saml_metadata_document** (*string*) -- An XML document
           generated by an identity provider (IdP) that supports SAML
           2.0. The document includes the issuer's name, expiration
           information, and keys that can be used to validate the SAML
           authentication response (assertions) that are received from
           the IdP. You must generate the metadata document using the
           identity management software that is used as your
           organization's IdP.

   update_server_cert(cert_name, new_cert_name=None, new_path=None)

      Updates the name and/or the path of the specified server
      certificate.

      Parameters:
         * **cert_name** (*string*) -- The name of the server
           certificate that you want to update.

         * **new_cert_name** (*string*) -- The new name for the
           server certificate. Include this only if you are updating
           the server certificate's name.

         * **new_path** (*string*) -- If provided, the path of the
           certificate will be changed to this path.

   update_signing_cert(cert_id, status, user_name=None)

      Change the status of the specified signing certificate from
      Active to Inactive or vice versa.

      If the user_name is not specified, it is determined implicitly
      based on the AWS Access Key ID used to sign the request.

      Parameters:
         * **cert_id** (*string*) -- The ID of the signing
           certificate

         * **status** (*string*) -- Either Active or Inactive.

         * **user_name** (*string*) -- The username of the user

   update_user(user_name, new_user_name=None, new_path=None)

      Updates name and/or path of the specified user.

      Parameters:
         * **user_name** (*string*) -- The name of the user

         * **new_user_name** (*string*) -- If provided, the username
           of the user will be changed to this username.

         * **new_path** (*string*) -- If provided, the path of the
           user will be changed to this path.

   upload_server_cert(cert_name, cert_body, private_key, cert_chain=None, path=None)

      Uploads a server certificate entity for the AWS Account. The
      server certificate entity includes a public key certificate, a
      private key, and an optional certificate chain, which should all
      be PEM-encoded.

      Parameters:
         * **cert_name** (*string*) -- The name for the server
           certificate. Do not include the path in this value.

         * **cert_body** (*string*) -- The contents of the public
           key certificate in PEM-encoded format.

         * **private_key** (*string*) -- The contents of the private
           key in PEM-encoded format.

         * **cert_chain** (*string*) -- The contents of the
           certificate chain. This is typically a concatenation of the
           PEM-encoded public key certificates of the chain.

         * **path** (*string*) -- The path for the server
           certificate.

   upload_signing_cert(cert_body, user_name=None)

      Uploads an X.509 signing certificate and associates it with the
      specified user.

      If the user_name is not specified, it is determined implicitly
      based on the AWS Access Key ID used to sign the request.

      Parameters:
         * **cert_body** (*string*) -- The body of the signing
           certificate.

         * **user_name** (*string*) -- The username of the user


boto.iam.summarymap
===================

class class boto.iam.summarymap.SummaryMap(parent=None)

   endElement(name, value, connection)

   startElement(name, attrs, connection)
