Class: Aws::IAM::User
- Inherits:
-
Object
- Object
- Aws::IAM::User
- Extended by:
- Deprecations
- Defined in:
- lib/aws-sdk-iam/user.rb
Defined Under Namespace
Classes: Collection
Read-Only Attributes collapse
-
#arn ⇒ String
The Amazon Resource Name (ARN) that identifies the user.
-
#create_date ⇒ Time
The date and time, in [ISO 8601 date-time format], when the user was created.
- #name ⇒ String (also: #user_name)
-
#password_last_used ⇒ Time
The date and time, in [ISO 8601 date-time format], when the user’s password was last used to sign in to an AWS website.
-
#path ⇒ String
The path to the user.
-
#permissions_boundary ⇒ Types::AttachedPermissionsBoundary
The ARN of the policy used to set the permissions boundary for the user.
-
#tags ⇒ Array<Types::Tag>
A list of tags that are associated with the specified user.
-
#user_id ⇒ String
The stable and unique string identifying the user.
Actions collapse
- #add_group(options = {}) ⇒ EmptyStructure
- #attach_policy(options = {}) ⇒ EmptyStructure
- #create(options = {}) ⇒ User
- #create_access_key_pair(options = {}) ⇒ AccessKeyPair
- #create_login_profile(options = {}) ⇒ LoginProfile
- #create_policy(options = {}) ⇒ UserPolicy
- #delete(options = {}) ⇒ EmptyStructure
- #detach_policy(options = {}) ⇒ EmptyStructure
- #enable_mfa(options = {}) ⇒ MfaDevice
- #remove_group(options = {}) ⇒ EmptyStructure
- #update(options = {}) ⇒ User
Associations collapse
- #access_key(id) ⇒ AccessKey
- #access_keys(options = {}) ⇒ AccessKey::Collection
- #attached_policies(options = {}) ⇒ Policy::Collection
- #groups(options = {}) ⇒ Group::Collection
- #identifiers ⇒ Object deprecated private Deprecated.
- #login_profile ⇒ LoginProfile
- #mfa_device(serial_number) ⇒ MfaDevice
- #mfa_devices(options = {}) ⇒ MfaDevice::Collection
- #policies(options = {}) ⇒ UserPolicy::Collection
- #policy(name) ⇒ UserPolicy
- #signing_certificate(id) ⇒ SigningCertificate
- #signing_certificates(options = {}) ⇒ SigningCertificate::Collection
Instance Method Summary collapse
- #client ⇒ Client
-
#data ⇒ Types::User
Returns the data for this User.
-
#data_loaded? ⇒ Boolean
Returns ‘true` if this resource is loaded.
-
#exists?(options = {}) ⇒ Boolean
Returns ‘true` if the User exists.
-
#initialize(*args) ⇒ User
constructor
A new instance of User.
- #load ⇒ self (also: #reload)
-
#wait_until(options = {}) {|resource| ... } ⇒ Resource
deprecated
Deprecated.
Use [Aws::IAM::Client] #wait_until instead
- #wait_until_exists(options = {}, &block) ⇒ User
Constructor Details
#initialize(name, options = {}) ⇒ User #initialize(options = {}) ⇒ User
Returns a new instance of User.
22 23 24 25 26 27 28 |
# File 'lib/aws-sdk-iam/user.rb', line 22 def initialize(*args) = Hash === args.last ? args.pop.dup : {} @name = extract_name(args, ) @data = .delete(:data) @client = .delete(:client) || Client.new() @waiter_block_warned = false end |
Instance Method Details
#access_key(id) ⇒ AccessKey
675 676 677 678 679 680 681 |
# File 'lib/aws-sdk-iam/user.rb', line 675 def access_key(id) AccessKey.new( user_name: @name, id: id, client: @client ) end |
#access_keys(options = {}) ⇒ AccessKey::Collection
688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 |
# File 'lib/aws-sdk-iam/user.rb', line 688 def access_keys( = {}) batches = Enumerator.new do |y| = .merge(user_name: @name) resp = @client.list_access_keys() resp.each_page do |page| batch = [] page.data..each do |a| batch << AccessKey.new( user_name: @name, id: a.access_key_id, data: a, client: @client ) end y.yield(batch) end end AccessKey::Collection.new(batches) end |
#add_group(options = {}) ⇒ EmptyStructure
322 323 324 325 326 |
# File 'lib/aws-sdk-iam/user.rb', line 322 def add_group( = {}) = .merge(user_name: @name) resp = @client.add_user_to_group() resp.data end |
#arn ⇒ String
The Amazon Resource Name (ARN) that identifies the user. For more information about ARNs and how to use ARNs in policies, see [IAM Identifiers] in the *IAM User Guide*.
[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
69 70 71 |
# File 'lib/aws-sdk-iam/user.rb', line 69 def arn data[:arn] end |
#attach_policy(options = {}) ⇒ EmptyStructure
344 345 346 347 348 |
# File 'lib/aws-sdk-iam/user.rb', line 344 def attach_policy( = {}) = .merge(user_name: @name) resp = @client.attach_user_policy() resp.data end |
#attached_policies(options = {}) ⇒ Policy::Collection
730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 |
# File 'lib/aws-sdk-iam/user.rb', line 730 def attached_policies( = {}) batches = Enumerator.new do |y| = .merge(user_name: @name) resp = @client.list_attached_user_policies() resp.each_page do |page| batch = [] page.data.attached_policies.each do |a| batch << Policy.new( arn: a.policy_arn, client: @client ) end y.yield(batch) end end Policy::Collection.new(batches) end |
#create(options = {}) ⇒ User
400 401 402 403 404 405 406 407 408 |
# File 'lib/aws-sdk-iam/user.rb', line 400 def create( = {}) = .merge(user_name: @name) resp = @client.create_user() User.new( name: [:user_name], data: resp.data.user, client: @client ) end |
#create_access_key_pair(options = {}) ⇒ AccessKeyPair
415 416 417 418 419 420 421 422 423 424 425 |
# File 'lib/aws-sdk-iam/user.rb', line 415 def create_access_key_pair( = {}) = .merge(user_name: @name) resp = @client.create_access_key() AccessKeyPair.new( user_name: @name, id: resp.data.access_key.access_key_id, secret: resp.data.access_key.secret_access_key, data: resp.data.access_key, client: @client ) end |
#create_date ⇒ Time
The date and time, in [ISO 8601 date-time format], when the user was created.
80 81 82 |
# File 'lib/aws-sdk-iam/user.rb', line 80 def create_date data[:create_date] end |
#create_login_profile(options = {}) ⇒ LoginProfile
453 454 455 456 457 458 459 460 461 |
# File 'lib/aws-sdk-iam/user.rb', line 453 def create_login_profile( = {}) = .merge(user_name: @name) resp = @client.create_login_profile() LoginProfile.new( user_name: resp.data.login_profile.user_name, data: resp.data.login_profile, client: @client ) end |
#create_policy(options = {}) ⇒ UserPolicy
505 506 507 508 509 510 511 512 513 |
# File 'lib/aws-sdk-iam/user.rb', line 505 def create_policy( = {}) = .merge(user_name: @name) @client.put_user_policy() UserPolicy.new( user_name: @name, name: [:policy_name], client: @client ) end |
#data ⇒ Types::User
Returns the data for this Aws::IAM::User. Calls Client#get_user if #data_loaded? is ‘false`.
162 163 164 165 |
# File 'lib/aws-sdk-iam/user.rb', line 162 def data load unless @data @data end |
#data_loaded? ⇒ Boolean
170 171 172 |
# File 'lib/aws-sdk-iam/user.rb', line 170 def data_loaded? !!@data end |
#delete(options = {}) ⇒ EmptyStructure
520 521 522 523 524 |
# File 'lib/aws-sdk-iam/user.rb', line 520 def delete( = {}) = .merge(user_name: @name) resp = @client.delete_user() resp.data end |
#detach_policy(options = {}) ⇒ EmptyStructure
542 543 544 545 546 |
# File 'lib/aws-sdk-iam/user.rb', line 542 def detach_policy( = {}) = .merge(user_name: @name) resp = @client.detach_user_policy() resp.data end |
#enable_mfa(options = {}) ⇒ MfaDevice
599 600 601 602 603 604 605 606 607 |
# File 'lib/aws-sdk-iam/user.rb', line 599 def enable_mfa( = {}) = .merge(user_name: @name) @client.enable_mfa_device() MfaDevice.new( user_name: @name, serial_number: [:serial_number], client: @client ) end |
#exists?(options = {}) ⇒ Boolean
Returns ‘true` if the User exists.
177 178 179 180 181 182 183 184 185 186 |
# File 'lib/aws-sdk-iam/user.rb', line 177 def exists?( = {}) begin wait_until_exists(.merge(max_attempts: 1)) true rescue Aws::Waiters::Errors::UnexpectedError => e raise e.error rescue Aws::Waiters::Errors::WaiterFailed false end end |
#groups(options = {}) ⇒ Group::Collection
753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 |
# File 'lib/aws-sdk-iam/user.rb', line 753 def groups( = {}) batches = Enumerator.new do |y| = .merge(user_name: @name) resp = @client.list_groups_for_user() resp.each_page do |page| batch = [] page.data.groups.each do |g| batch << Group.new( name: g.group_name, data: g, client: @client ) end y.yield(batch) end end Group::Collection.new(batches) end |
#identifiers ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
886 887 888 |
# File 'lib/aws-sdk-iam/user.rb', line 886 def identifiers { name: @name } end |
#load ⇒ self Also known as: reload
Loads, or reloads #data for the current Aws::IAM::User. Returns ‘self` making it possible to chain methods.
user.reload.data
152 153 154 155 156 |
# File 'lib/aws-sdk-iam/user.rb', line 152 def load resp = @client.get_user(user_name: @name) @data = resp.user self end |
#login_profile ⇒ LoginProfile
773 774 775 776 777 778 |
# File 'lib/aws-sdk-iam/user.rb', line 773 def login_profile LoginProfile.new( user_name: @name, client: @client ) end |
#mfa_device(serial_number) ⇒ MfaDevice
782 783 784 785 786 787 788 |
# File 'lib/aws-sdk-iam/user.rb', line 782 def mfa_device(serial_number) MfaDevice.new( user_name: @name, serial_number: serial_number, client: @client ) end |
#mfa_devices(options = {}) ⇒ MfaDevice::Collection
795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 |
# File 'lib/aws-sdk-iam/user.rb', line 795 def mfa_devices( = {}) batches = Enumerator.new do |y| = .merge(user_name: @name) resp = @client.list_mfa_devices() resp.each_page do |page| batch = [] page.data.mfa_devices.each do |m| batch << MfaDevice.new( user_name: @name, serial_number: m.serial_number, data: m, client: @client ) end y.yield(batch) end end MfaDevice::Collection.new(batches) end |
#name ⇒ String Also known as: user_name
33 34 35 |
# File 'lib/aws-sdk-iam/user.rb', line 33 def name @name end |
#password_last_used ⇒ Time
The date and time, in [ISO 8601 date-time format], when the user’s password was last used to sign in to an AWS website. For a list of AWS websites that capture a user’s last sign-in time, see the [Credential Reports] topic in the *IAM User Guide*. If a password is used more than once in a five-minute span, only the first use is returned in this field. If the field is null (no value), then it indicates that they never signed in with a password. This can be because:
-
The user never had a password.
-
A password exists but has not been used since IAM started tracking this information on October 20, 2014.
A null value does not mean that the user never had a password. Also, if the user does not currently have a password but had one in the past, then this field contains the date and time the most recent password was used.
This value is returned only in the GetUser and ListUsers operations.
[1]: www.iso.org/iso/iso8601 [2]: docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html
109 110 111 |
# File 'lib/aws-sdk-iam/user.rb', line 109 def password_last_used data[:password_last_used] end |
#path ⇒ String
The path to the user. For more information about paths, see [IAM Identifiers] in the *IAM User Guide*.
[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
45 46 47 |
# File 'lib/aws-sdk-iam/user.rb', line 45 def path data[:path] end |
#permissions_boundary ⇒ Types::AttachedPermissionsBoundary
The ARN of the policy used to set the permissions boundary for the user.
For more information about permissions boundaries, see [Permissions Boundaries for IAM Identities ][1] in the *IAM User Guide*.
[1]: docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
123 124 125 |
# File 'lib/aws-sdk-iam/user.rb', line 123 def data[:permissions_boundary] end |
#policies(options = {}) ⇒ UserPolicy::Collection
820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 |
# File 'lib/aws-sdk-iam/user.rb', line 820 def policies( = {}) batches = Enumerator.new do |y| = .merge(user_name: @name) resp = @client.list_user_policies() resp.each_page do |page| batch = [] page.data.policy_names.each do |p| batch << UserPolicy.new( user_name: @name, name: p, client: @client ) end y.yield(batch) end end UserPolicy::Collection.new(batches) end |
#policy(name) ⇒ UserPolicy
841 842 843 844 845 846 847 |
# File 'lib/aws-sdk-iam/user.rb', line 841 def policy(name) UserPolicy.new( user_name: @name, name: name, client: @client ) end |
#remove_group(options = {}) ⇒ EmptyStructure
627 628 629 630 631 |
# File 'lib/aws-sdk-iam/user.rb', line 627 def remove_group( = {}) = .merge(user_name: @name) resp = @client.remove_user_from_group() resp.data end |
#signing_certificate(id) ⇒ SigningCertificate
851 852 853 854 855 856 857 |
# File 'lib/aws-sdk-iam/user.rb', line 851 def signing_certificate(id) SigningCertificate.new( user_name: @name, id: id, client: @client ) end |
#signing_certificates(options = {}) ⇒ SigningCertificate::Collection
864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 |
# File 'lib/aws-sdk-iam/user.rb', line 864 def signing_certificates( = {}) batches = Enumerator.new do |y| = .merge(user_name: @name) resp = @client.list_signing_certificates() resp.each_page do |page| batch = [] page.data.certificates.each do |c| batch << SigningCertificate.new( user_name: @name, id: c.certificate_id, data: c, client: @client ) end y.yield(batch) end end SigningCertificate::Collection.new(batches) end |
#tags ⇒ Array<Types::Tag>
A list of tags that are associated with the specified user. For more information about tagging, see [Tagging IAM Identities] in the *IAM User Guide*.
135 136 137 |
# File 'lib/aws-sdk-iam/user.rb', line 135 def data[:tags] end |
#update(options = {}) ⇒ User
662 663 664 665 666 667 668 669 |
# File 'lib/aws-sdk-iam/user.rb', line 662 def update( = {}) = .merge(user_name: @name) @client.update_user() User.new( name: [:new_user_name], client: @client ) end |
#user_id ⇒ String
The stable and unique string identifying the user. For more information about IDs, see [IAM Identifiers] in the *IAM User Guide*.
[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
57 58 59 |
# File 'lib/aws-sdk-iam/user.rb', line 57 def user_id data[:user_id] end |
#wait_until(options = {}) {|resource| ... } ⇒ Resource
Use [Aws::IAM::Client] #wait_until instead
The waiting operation is performed on a copy. The original resource remains unchanged.
Waiter polls an API operation until a resource enters a desired state.
## Basic Usage
Waiter will polls until it is successful, it fails by entering a terminal state, or until a maximum number of attempts are made.
# polls in a loop until condition is true
resource.wait_until() {|resource| condition}
## Example
instance.wait_until(max_attempts:10, delay:5) do |instance|
instance.state.name == 'running'
end
## Configuration
You can configure the maximum number of polling attempts, and the delay (in seconds) between each polling attempt. The waiting condition is set by passing a block to #wait_until:
# poll for ~25 seconds
resource.wait_until(max_attempts:5,delay:5) {|resource|...}
## Callbacks
You can be notified before each polling attempt and before each delay. If you throw ‘:success` or `:failure` from these callbacks, it will terminate the waiter.
started_at = Time.now
# poll for 1 hour, instead of a number of attempts
proc = Proc.new do |attempts, response|
throw :failure if Time.now - started_at > 3600
end
# disable max attempts
instance.wait_until(before_wait:proc, max_attempts:nil) {...}
## Handling Errors
When a waiter is successful, it returns the Resource. When a waiter fails, it raises an error.
begin
resource.wait_until(...)
rescue Aws::Waiters::Errors::WaiterFailed
# resource did not enter the desired state in time
end
attempts attempt in seconds invoked before each attempt invoked before each wait
285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 |
# File 'lib/aws-sdk-iam/user.rb', line 285 def wait_until( = {}, &block) self_copy = self.dup attempts = 0 [:max_attempts] = 10 unless .key?(:max_attempts) [:delay] ||= 10 [:poller] = Proc.new do attempts += 1 if block.call(self_copy) [:success, self_copy] else self_copy.reload unless attempts == [:max_attempts] :retry end end Aws::Waiters::Waiter.new().wait({}) end |
#wait_until_exists(options = {}, &block) ⇒ User
194 195 196 197 198 199 200 201 202 203 |
# File 'lib/aws-sdk-iam/user.rb', line 194 def wait_until_exists( = {}, &block) , params = () waiter = Waiters::UserExists.new() yield_waiter_and_warn(waiter, &block) if block_given? waiter.wait(params.merge(user_name: @name)) User.new({ name: @name, client: @client }) end |