Class: Aws::IAM::AccountPasswordPolicy

Inherits:
Object
  • Object
show all
Extended by:
Deprecations
Defined in:
lib/aws-sdk-iam/account_password_policy.rb

Defined Under Namespace

Classes: Collection

Read-Only Attributes collapse

Actions collapse

Instance Method Summary collapse

Constructor Details

#initialize(options = {}) ⇒ AccountPasswordPolicy

Returns a new instance of AccountPasswordPolicy.

Options Hash (options):


18
19
20
21
22
23
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 18

def initialize(*args)
  options = Hash === args.last ? args.pop.dup : {}
  @data = options.delete(:data)
  @client = options.delete(:client) || Client.new(options)
  @waiter_block_warned = false
end

Instance Method Details

#allow_users_to_change_passwordBoolean

Specifies whether IAM users are allowed to change their own password.

Returns:

  • (Boolean)

65
66
67
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 65

def allow_users_to_change_password
  data[:allow_users_to_change_password]
end

#clientClient

Returns:


100
101
102
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 100

def client
  @client
end

#dataTypes::PasswordPolicy

Returns the data for this Aws::IAM::AccountPasswordPolicy. Calls Client#get_account_password_policy if #data_loaded? is `false`.

Returns:


120
121
122
123
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 120

def data
  load unless @data
  @data
end

#data_loaded?Boolean

Returns `true` if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

Returns:

  • (Boolean)

    Returns `true` if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.


128
129
130
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 128

def data_loaded?
  !!@data
end

#delete(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values


.delete()

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Returns:

  • (EmptyStructure)

236
237
238
239
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 236

def delete(options = {})
  resp = @client.(options)
  resp.data
end

#expire_passwordsBoolean

Indicates whether passwords in the account expire. Returns true if `MaxPasswordAge` contains a value greater than 0. Returns false if MaxPasswordAge is 0 or not present.

Returns:

  • (Boolean)

73
74
75
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 73

def expire_passwords
  data[:expire_passwords]
end

#hard_expiryBoolean

Specifies whether IAM users are prevented from setting a new password after their password has expired.

Returns:

  • (Boolean)

93
94
95
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 93

def hard_expiry
  data[:hard_expiry]
end

#identifiersObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Deprecated.

333
334
335
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 333

def identifiers
  {}
end

#loadself Also known as: reload

Loads, or reloads #data for the current Aws::IAM::AccountPasswordPolicy. Returns `self` making it possible to chain methods.

.reload.data

Returns:

  • (self)

110
111
112
113
114
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 110

def load
  resp = @client.
  @data = resp.password_policy
  self
end

#max_password_ageInteger

The number of days that an IAM user password is valid.

Returns:

  • (Integer)

79
80
81
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 79

def max_password_age
  data[:max_password_age]
end

#minimum_password_lengthInteger

Minimum length to require for IAM user passwords.

Returns:

  • (Integer)

29
30
31
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 29

def minimum_password_length
  data[:minimum_password_length]
end

#password_reuse_preventionInteger

Specifies the number of previous passwords that IAM users are prevented from reusing.

Returns:

  • (Integer)

86
87
88
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 86

def password_reuse_prevention
  data[:password_reuse_prevention]
end

#require_lowercase_charactersBoolean

Specifies whether IAM user passwords must contain at least one lowercase character (a to z).

Returns:

  • (Boolean)

59
60
61
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 59

def require_lowercase_characters
  data[:require_lowercase_characters]
end

#require_numbersBoolean

Specifies whether IAM user passwords must contain at least one numeric character (0 to 9).

Returns:

  • (Boolean)

45
46
47
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 45

def require_numbers
  data[:require_numbers]
end

#require_symbolsBoolean

Specifies whether IAM user passwords must contain at least one of the following symbols:

! @ # $ % ^ & * ( ) _ + - = [ ] \{ \} | '

Returns:

  • (Boolean)

38
39
40
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 38

def require_symbols
  data[:require_symbols]
end

#require_uppercase_charactersBoolean

Specifies whether IAM user passwords must contain at least one uppercase character (A to Z).

Returns:

  • (Boolean)

52
53
54
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 52

def require_uppercase_characters
  data[:require_uppercase_characters]
end

#update(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values


.update({
  minimum_password_length: 1,
  require_symbols: false,
  require_numbers: false,
  require_uppercase_characters: false,
  require_lowercase_characters: false,
  allow_users_to_change_password: false,
  max_password_age: 1,
  password_reuse_prevention: 1,
  hard_expiry: false,
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :minimum_password_length (Integer)

    The minimum number of characters allowed in an IAM user password.

    If you do not specify a value for this parameter, then the operation uses the default value of `6`.

  • :require_symbols (Boolean)

    Specifies whether IAM user passwords must contain at least one of the following non-alphanumeric characters:

    ! @ # $ % ^ & * ( ) _ + - = [ ] \{ \} | '

    If you do not specify a value for this parameter, then the operation uses the default value of `false`. The result is that passwords do not require at least one symbol character.

  • :require_numbers (Boolean)

    Specifies whether IAM user passwords must contain at least one numeric character (0 to 9).

    If you do not specify a value for this parameter, then the operation uses the default value of `false`. The result is that passwords do not require at least one numeric character.

  • :require_uppercase_characters (Boolean)

    Specifies whether IAM user passwords must contain at least one uppercase character from the ISO basic Latin alphabet (A to Z).

    If you do not specify a value for this parameter, then the operation uses the default value of `false`. The result is that passwords do not require at least one uppercase character.

  • :require_lowercase_characters (Boolean)

    Specifies whether IAM user passwords must contain at least one lowercase character from the ISO basic Latin alphabet (a to z).

    If you do not specify a value for this parameter, then the operation uses the default value of `false`. The result is that passwords do not require at least one lowercase character.

  • :allow_users_to_change_password (Boolean)

    Allows all IAM users in your account to use the Management Console to change their own passwords. For more information, see [Letting IAM users change their own passwords] in the *IAM User Guide*.

    If you do not specify a value for this parameter, then the operation uses the default value of `false`. The result is that IAM users in the account do not automatically have permissions to change their own password.

    [1]: docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html

  • :max_password_age (Integer)

    The number of days that an IAM user password is valid.

    If you do not specify a value for this parameter, then the operation uses the default value of `0`. The result is that IAM user passwords never expire.

  • :password_reuse_prevention (Integer)

    Specifies the number of previous passwords that IAM users are prevented from reusing.

    If you do not specify a value for this parameter, then the operation uses the default value of `0`. The result is that IAM users are not prevented from reusing previous passwords.

  • :hard_expiry (Boolean)

    Prevents IAM users from setting a new password after their password has expired. The IAM user cannot be accessed until an administrator resets the password.

    If you do not specify a value for this parameter, then the operation uses the default value of `false`. The result is that IAM users can change their passwords after they expire and continue to sign in as the user.

Returns:

  • (EmptyStructure)

326
327
328
329
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 326

def update(options = {})
  resp = @client.(options)
  resp.data
end

#wait_until(options = {}) {|resource| ... } ⇒ Resource

Deprecated.

Use [Aws::IAM::Client] #wait_until instead

Note:

The waiting operation is performed on a copy. The original resource remains unchanged.

Waiter polls an API operation until a resource enters a desired state.

## Basic Usage

Waiter will polls until it is successful, it fails by entering a terminal state, or until a maximum number of attempts are made.

# polls in a loop until condition is true
resource.wait_until(options) {|resource| condition}

## Example

instance.wait_until(max_attempts:10, delay:5) do |instance|
  instance.state.name == 'running'
end

## Configuration

You can configure the maximum number of polling attempts, and the delay (in seconds) between each polling attempt. The waiting condition is set by passing a block to #wait_until:

# poll for ~25 seconds
resource.wait_until(max_attempts:5,delay:5) {|resource|...}

## Callbacks

You can be notified before each polling attempt and before each delay. If you throw `:success` or `:failure` from these callbacks, it will terminate the waiter.

started_at = Time.now
# poll for 1 hour, instead of a number of attempts
proc = Proc.new do |attempts, response|
  throw :failure if Time.now - started_at > 3600
end

  # disable max attempts
instance.wait_until(before_wait:proc, max_attempts:nil) {...}

## Handling Errors

When a waiter is successful, it returns the Resource. When a waiter fails, it raises an error.

begin
  resource.wait_until(...)
rescue Aws::Waiters::Errors::WaiterFailed
  # resource did not enter the desired state in time
end

attempts attempt in seconds invoked before each attempt invoked before each wait

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :max_attempts (Integer) — default: 10

    Maximum number of

  • :delay (Integer) — default: 10

    Delay between each

  • :before_attempt (Proc) — default: nil

    Callback

  • :before_wait (Proc) — default: nil

    Callback

Yield Parameters:

  • resource (Resource)

    to be used in the waiting condition.

Returns:

  • (Resource)

    if the waiter was successful

Raises:

  • (Aws::Waiters::Errors::FailureStateError)

    Raised when the waiter terminates because the waiter has entered a state that it will not transition out of, preventing success.

    yet successful.

  • (Aws::Waiters::Errors::UnexpectedError)

    Raised when an error is encountered while polling for a resource that is not expected.

  • (NotImplementedError)

    Raised when the resource does not


212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
# File 'lib/aws-sdk-iam/account_password_policy.rb', line 212

def wait_until(options = {}, &block)
  self_copy = self.dup
  attempts = 0
  options[:max_attempts] = 10 unless options.key?(:max_attempts)
  options[:delay] ||= 10
  options[:poller] = Proc.new do
    attempts += 1
    if block.call(self_copy)
      [:success, self_copy]
    else
      self_copy.reload unless attempts == options[:max_attempts]
      :retry
    end
  end
  Aws::Waiters::Waiter.new(options).wait({})
end