Class: AWS::IAM::VirtualMfaDevice

Inherits:

Resource

• Object
• Core::Resource
• Resource
• AWS::IAM::VirtualMfaDevice

Defined in:

lib/aws/iam/virtual_mfa_device.rb

Instance Attribute Summary

• #base_32_string_seed ⇒ String readonly

  The Base32 seed defined as specified in RFC3548.

• #enable_date ⇒ DateTime readonly

  When this device was enabled.

• #qr_code_png ⇒ Blob readonly

  A QR code PNG image that encodes otpauth://totp/$virtualMFADeviceName@$AccountName? secret=$Base32String where $virtualMFADeviceName is one of the create call arguments, AccountName is the user name if set (accountId otherwise), and Base32String is the seed in Base32 format.

• #serial_number ⇒ String (also: #arn) readonly

  Returns the virtual MFA device serial number (ARN).

Instance Method Summary

• #deactivate ⇒ nil (also: #disable)

  Deactivates the MFA device and removes it from association with the user for which it was originally enabled.

• #delete ⇒ nil

  Deletes this virtual MFA device.

• #enable(user, code1, code2) ⇒ Object

  Enables the MFA device and associates it with the specified user.

• #enabled? ⇒ Boolean

  Returns true if this device has been enabled for a user.

• #user ⇒ User^?

  Returns the user this device was enabled for, or nil if this device has not been enabled.

Methods inherited from Resource

#exists?

Instance Attribute Details

#base_32_string_seed ⇒ String (readonly)

The Base32 seed defined as specified in RFC3548. Only accessible on newly created devices. This value is Base64-encoded.

# File 'lib/aws/iam/virtual_mfa_device.rb', line 33

def base_32_string_seed
  @base_32_string_seed
end

#enable_date ⇒ DateTime (readonly)

When this device was enabled. Returns nil if this device has not been enabled.

# File 'lib/aws/iam/virtual_mfa_device.rb', line 33

def enable_date
  @enable_date
end

#qr_code_png ⇒ Blob (readonly)

A QR code PNG image that encodes otpauth://totp/$virtualMFADeviceName@$AccountName? secret=$Base32String where $virtualMFADeviceName is one of the create call arguments, AccountName is the user name if set (accountId otherwise), and Base32String is the seed in Base32 format. Only accessible on newly created devices. This value is Base64-encoded.

# File 'lib/aws/iam/virtual_mfa_device.rb', line 33

def qr_code_png
  @qr_code_png
end

#serial_number ⇒ String (readonly) Also known as: arn

# File 'lib/aws/iam/virtual_mfa_device.rb', line 42

def serial_number
  @serial_number
end

Instance Method Details

#deactivate ⇒ nil Also known as: disable

Deactivates the MFA device and removes it from association with the user for which it was originally enabled.

# File 'lib/aws/iam/virtual_mfa_device.rb', line 95

def deactivate
  client_opts = {}
  client_opts[:user_name] = user.name
  client_opts[:serial_number] = serial_number
  client.deactivate_mfa_device(client_opts)
  nil
end

#delete ⇒ nil

Deletes this virtual MFA device.

# File 'lib/aws/iam/virtual_mfa_device.rb', line 106

def delete
  client.delete_virtual_mfa_device(resource_options)
  nil
end

#enable(user, code1, code2) ⇒ Object

Enables the MFA device and associates it with the specified user. When enabled, the MFA device is required for every subsequent login by the user name associated with the device.

# File 'lib/aws/iam/virtual_mfa_device.rb', line 72

def enable user, code1, code2

  user_name = user.is_a?(User) ? user.name : user

  client.enable_mfa_device(
    :user_name => user_name,
    :serial_number => serial_number,
    :authentication_code_1 => format_auth_code(code1),
    :authentication_code_2 => format_auth_code(code2))

  nil

end

#enabled? ⇒ Boolean

# File 'lib/aws/iam/virtual_mfa_device.rb', line 88

def enabled?
  !!enable_date
end

#user ⇒ User^?

# File 'lib/aws/iam/virtual_mfa_device.rb', line 58

def user
  if details = user_details
    User.new(details.user_name, :config => config)
  end
end