aws-sdk-iam 1.0.0.rc1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/lib/aws-sdk-iam.rb +69 -0
- data/lib/aws-sdk-iam/access_key.rb +179 -0
- data/lib/aws-sdk-iam/access_key_pair.rb +190 -0
- data/lib/aws-sdk-iam/account_password_policy.rb +216 -0
- data/lib/aws-sdk-iam/account_summary.rb +76 -0
- data/lib/aws-sdk-iam/assume_role_policy.rb +122 -0
- data/lib/aws-sdk-iam/client.rb +6894 -0
- data/lib/aws-sdk-iam/client_api.rb +2868 -0
- data/lib/aws-sdk-iam/current_user.rb +269 -0
- data/lib/aws-sdk-iam/customizations.rb +2 -0
- data/lib/aws-sdk-iam/customizations/resource.rb +19 -0
- data/lib/aws-sdk-iam/errors.rb +23 -0
- data/lib/aws-sdk-iam/group.rb +459 -0
- data/lib/aws-sdk-iam/group_policy.rb +178 -0
- data/lib/aws-sdk-iam/instance_profile.rb +264 -0
- data/lib/aws-sdk-iam/login_profile.rb +196 -0
- data/lib/aws-sdk-iam/mfa_device.rb +191 -0
- data/lib/aws-sdk-iam/policy.rb +554 -0
- data/lib/aws-sdk-iam/policy_version.rb +176 -0
- data/lib/aws-sdk-iam/resource.rb +1037 -0
- data/lib/aws-sdk-iam/role.rb +310 -0
- data/lib/aws-sdk-iam/role_policy.rb +178 -0
- data/lib/aws-sdk-iam/saml_provider.rb +144 -0
- data/lib/aws-sdk-iam/server_certificate.rb +167 -0
- data/lib/aws-sdk-iam/signing_certificate.rb +185 -0
- data/lib/aws-sdk-iam/types.rb +7486 -0
- data/lib/aws-sdk-iam/user.rb +744 -0
- data/lib/aws-sdk-iam/user_policy.rb +178 -0
- data/lib/aws-sdk-iam/virtual_mfa_device.rb +142 -0
- data/lib/aws-sdk-iam/waiters.rb +98 -0
- metadata +103 -0
@@ -0,0 +1,269 @@
|
|
1
|
+
# WARNING ABOUT GENERATED CODE
|
2
|
+
#
|
3
|
+
# This file is generated. See the contributing for info on making contributions:
|
4
|
+
# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
|
5
|
+
#
|
6
|
+
# WARNING ABOUT GENERATED CODE
|
7
|
+
|
8
|
+
module Aws
|
9
|
+
module IAM
|
10
|
+
class CurrentUser
|
11
|
+
|
12
|
+
extend Aws::Deprecations
|
13
|
+
|
14
|
+
# @overload def initialize(options = {})
|
15
|
+
# @option options [Client] :client
|
16
|
+
def initialize(*args)
|
17
|
+
options = Hash === args.last ? args.pop.dup : {}
|
18
|
+
@data = options.delete(:data)
|
19
|
+
@client = options.delete(:client) || Client.new(options)
|
20
|
+
end
|
21
|
+
|
22
|
+
# @!group Read-Only Attributes
|
23
|
+
|
24
|
+
# The path to the user. For more information about paths, see [IAM
|
25
|
+
# Identifiers][1] in the *Using IAM* guide.
|
26
|
+
#
|
27
|
+
#
|
28
|
+
#
|
29
|
+
# [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
|
30
|
+
# @return [String]
|
31
|
+
def path
|
32
|
+
data.path
|
33
|
+
end
|
34
|
+
|
35
|
+
# The friendly name identifying the user.
|
36
|
+
# @return [String]
|
37
|
+
def user_name
|
38
|
+
data.user_name
|
39
|
+
end
|
40
|
+
|
41
|
+
# The stable and unique string identifying the user. For more
|
42
|
+
# information about IDs, see [IAM Identifiers][1] in the *Using IAM*
|
43
|
+
# guide.
|
44
|
+
#
|
45
|
+
#
|
46
|
+
#
|
47
|
+
# [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
|
48
|
+
# @return [String]
|
49
|
+
def user_id
|
50
|
+
data.user_id
|
51
|
+
end
|
52
|
+
|
53
|
+
# The Amazon Resource Name (ARN) that identifies the user. For more
|
54
|
+
# information about ARNs and how to use ARNs in policies, see [IAM
|
55
|
+
# Identifiers][1] in the *Using IAM* guide.
|
56
|
+
#
|
57
|
+
#
|
58
|
+
#
|
59
|
+
# [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
|
60
|
+
# @return [String]
|
61
|
+
def arn
|
62
|
+
data.arn
|
63
|
+
end
|
64
|
+
|
65
|
+
# The date and time, in [ISO 8601 date-time format][1], when the user
|
66
|
+
# was created.
|
67
|
+
#
|
68
|
+
#
|
69
|
+
#
|
70
|
+
# [1]: http://www.iso.org/iso/iso8601
|
71
|
+
# @return [Time]
|
72
|
+
def create_date
|
73
|
+
data.create_date
|
74
|
+
end
|
75
|
+
|
76
|
+
# The date and time, in [ISO 8601 date-time format][1], when the user's
|
77
|
+
# password was last used to sign in to an AWS website. For a list of AWS
|
78
|
+
# websites that capture a user's last sign-in time, see the [Credential
|
79
|
+
# Reports][2] topic in the *Using IAM* guide. If a password is used more
|
80
|
+
# than once in a five-minute span, only the first use is returned in
|
81
|
+
# this field. This field is null (not present) when:
|
82
|
+
#
|
83
|
+
# * The user does not have a password
|
84
|
+
#
|
85
|
+
# * The password exists but has never been used (at least not since IAM
|
86
|
+
# started tracking this information on October 20th, 2014
|
87
|
+
#
|
88
|
+
# * there is no sign-in data associated with the user
|
89
|
+
#
|
90
|
+
# This value is returned only in the GetUser and ListUsers actions.
|
91
|
+
#
|
92
|
+
#
|
93
|
+
#
|
94
|
+
# [1]: http://www.iso.org/iso/iso8601
|
95
|
+
# [2]: http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html
|
96
|
+
# @return [Time]
|
97
|
+
def password_last_used
|
98
|
+
data.password_last_used
|
99
|
+
end
|
100
|
+
|
101
|
+
# @!endgroup
|
102
|
+
|
103
|
+
# @return [Client]
|
104
|
+
def client
|
105
|
+
@client
|
106
|
+
end
|
107
|
+
|
108
|
+
# Loads, or reloads {#data} for the current {CurrentUser}.
|
109
|
+
# Returns `self` making it possible to chain methods.
|
110
|
+
#
|
111
|
+
# current_user.reload.data
|
112
|
+
#
|
113
|
+
# @return [self]
|
114
|
+
def load
|
115
|
+
resp = @client.get_user
|
116
|
+
@data = resp.user
|
117
|
+
self
|
118
|
+
end
|
119
|
+
alias :reload :load
|
120
|
+
|
121
|
+
# @return [Types::User]
|
122
|
+
# Returns the data for this {CurrentUser}. Calls
|
123
|
+
# {Client#get_user} if {#data_loaded?} is `false`.
|
124
|
+
def data
|
125
|
+
load unless @data
|
126
|
+
@data
|
127
|
+
end
|
128
|
+
|
129
|
+
# @return [Boolean]
|
130
|
+
# Returns `true` if this resource is loaded. Accessing attributes or
|
131
|
+
# {#data} on an unloaded resource will trigger a call to {#load}.
|
132
|
+
def data_loaded?
|
133
|
+
!!@data
|
134
|
+
end
|
135
|
+
|
136
|
+
# @!group Associations
|
137
|
+
|
138
|
+
# @example Request syntax with placeholder values
|
139
|
+
#
|
140
|
+
# accesskeys = current_user.access_keys({
|
141
|
+
# user_name: "existingUserNameType",
|
142
|
+
# })
|
143
|
+
# @param [Hash] options ({})
|
144
|
+
# @option options [String] :user_name
|
145
|
+
# The name of the user.
|
146
|
+
#
|
147
|
+
# The [regex pattern][1] for this parameter is a string of characters
|
148
|
+
# consisting of upper and lowercase alphanumeric characters with no
|
149
|
+
# spaces. You can also include any of the following characters: =,.@-
|
150
|
+
#
|
151
|
+
#
|
152
|
+
#
|
153
|
+
# [1]: http://wikipedia.org/wiki/regex
|
154
|
+
# @return [AccessKey::Collection]
|
155
|
+
def access_keys(options = {})
|
156
|
+
batches = Enumerator.new do |y|
|
157
|
+
resp = @client.list_access_keys(options)
|
158
|
+
resp.each_page do |page|
|
159
|
+
batch = []
|
160
|
+
page.data.access_key_metadata.each do |a|
|
161
|
+
batch << AccessKey.new(
|
162
|
+
user_name: a.user_name,
|
163
|
+
id: a.access_key_id,
|
164
|
+
data: a,
|
165
|
+
client: @client
|
166
|
+
)
|
167
|
+
end
|
168
|
+
y.yield(batch)
|
169
|
+
end
|
170
|
+
end
|
171
|
+
AccessKey::Collection.new(batches)
|
172
|
+
end
|
173
|
+
|
174
|
+
# @example Request syntax with placeholder values
|
175
|
+
#
|
176
|
+
# mfadevices = current_user.mfa_devices({
|
177
|
+
# user_name: "existingUserNameType",
|
178
|
+
# })
|
179
|
+
# @param [Hash] options ({})
|
180
|
+
# @option options [String] :user_name
|
181
|
+
# The name of the user whose MFA devices you want to list.
|
182
|
+
#
|
183
|
+
# The [regex pattern][1] for this parameter is a string of characters
|
184
|
+
# consisting of upper and lowercase alphanumeric characters with no
|
185
|
+
# spaces. You can also include any of the following characters: =,.@-
|
186
|
+
#
|
187
|
+
#
|
188
|
+
#
|
189
|
+
# [1]: http://wikipedia.org/wiki/regex
|
190
|
+
# @return [MfaDevice::Collection]
|
191
|
+
def mfa_devices(options = {})
|
192
|
+
batches = Enumerator.new do |y|
|
193
|
+
resp = @client.list_mfa_devices(options)
|
194
|
+
resp.each_page do |page|
|
195
|
+
batch = []
|
196
|
+
page.data.mfa_devices.each do |m|
|
197
|
+
batch << MfaDevice.new(
|
198
|
+
user_name: m.user_name,
|
199
|
+
serial_number: m.serial_number,
|
200
|
+
data: m,
|
201
|
+
client: @client
|
202
|
+
)
|
203
|
+
end
|
204
|
+
y.yield(batch)
|
205
|
+
end
|
206
|
+
end
|
207
|
+
MfaDevice::Collection.new(batches)
|
208
|
+
end
|
209
|
+
|
210
|
+
# @example Request syntax with placeholder values
|
211
|
+
#
|
212
|
+
# signingcertificates = current_user.signing_certificates({
|
213
|
+
# user_name: "existingUserNameType",
|
214
|
+
# })
|
215
|
+
# @param [Hash] options ({})
|
216
|
+
# @option options [String] :user_name
|
217
|
+
# The name of the IAM user whose signing certificates you want to
|
218
|
+
# examine.
|
219
|
+
#
|
220
|
+
# The [regex pattern][1] for this parameter is a string of characters
|
221
|
+
# consisting of upper and lowercase alphanumeric characters with no
|
222
|
+
# spaces. You can also include any of the following characters: =,.@-
|
223
|
+
#
|
224
|
+
#
|
225
|
+
#
|
226
|
+
# [1]: http://wikipedia.org/wiki/regex
|
227
|
+
# @return [SigningCertificate::Collection]
|
228
|
+
def signing_certificates(options = {})
|
229
|
+
batches = Enumerator.new do |y|
|
230
|
+
resp = @client.list_signing_certificates(options)
|
231
|
+
resp.each_page do |page|
|
232
|
+
batch = []
|
233
|
+
page.data.certificates.each do |c|
|
234
|
+
batch << SigningCertificate.new(
|
235
|
+
user_name: c.user_name,
|
236
|
+
id: c.certificate_id,
|
237
|
+
data: c,
|
238
|
+
client: @client
|
239
|
+
)
|
240
|
+
end
|
241
|
+
y.yield(batch)
|
242
|
+
end
|
243
|
+
end
|
244
|
+
SigningCertificate::Collection.new(batches)
|
245
|
+
end
|
246
|
+
|
247
|
+
# @return [User, nil]
|
248
|
+
def user
|
249
|
+
if data.user_name
|
250
|
+
User.new(
|
251
|
+
name: data.user_name,
|
252
|
+
client: @client
|
253
|
+
)
|
254
|
+
else
|
255
|
+
nil
|
256
|
+
end
|
257
|
+
end
|
258
|
+
|
259
|
+
# @deprecated
|
260
|
+
# @api private
|
261
|
+
def identifiers
|
262
|
+
{}
|
263
|
+
end
|
264
|
+
deprecated(:identifiers)
|
265
|
+
|
266
|
+
class Collection < Aws::Resources::Collection; end
|
267
|
+
end
|
268
|
+
end
|
269
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
module Aws
|
2
|
+
module IAM
|
3
|
+
class Resource
|
4
|
+
|
5
|
+
# @return [Seahorse::Client::Response, false] Returns the response
|
6
|
+
# from {Client#delete_account_alias} if an alias was deleted.
|
7
|
+
# Returns `false` if this account had no alias to remove.
|
8
|
+
# @see Client#delete_account_alias
|
9
|
+
def delete_account_alias
|
10
|
+
if name = @client.list_account_aliases.account_aliases.first
|
11
|
+
@client.delete_account_alias(account_alias: name)
|
12
|
+
else
|
13
|
+
false
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# WARNING ABOUT GENERATED CODE
|
2
|
+
#
|
3
|
+
# This file is generated. See the contributing for info on making contributions:
|
4
|
+
# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
|
5
|
+
#
|
6
|
+
# WARNING ABOUT GENERATED CODE
|
7
|
+
|
8
|
+
module Aws
|
9
|
+
module IAM
|
10
|
+
module Errors
|
11
|
+
|
12
|
+
extend Aws::Errors::DynamicErrors
|
13
|
+
|
14
|
+
# Raised when calling #load or #data on a resource class that can not be
|
15
|
+
# loaded. This can happen when:
|
16
|
+
#
|
17
|
+
# * A resource class has identifiers, but no data attributes.
|
18
|
+
# * Resource data is only available when making an API call that
|
19
|
+
# enumerates all resources of that type.
|
20
|
+
class ResourceNotLoadable < RuntimeError; end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,459 @@
|
|
1
|
+
# WARNING ABOUT GENERATED CODE
|
2
|
+
#
|
3
|
+
# This file is generated. See the contributing for info on making contributions:
|
4
|
+
# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
|
5
|
+
#
|
6
|
+
# WARNING ABOUT GENERATED CODE
|
7
|
+
|
8
|
+
module Aws
|
9
|
+
module IAM
|
10
|
+
class Group
|
11
|
+
|
12
|
+
extend Aws::Deprecations
|
13
|
+
|
14
|
+
# @overload def initialize(name, options = {})
|
15
|
+
# @param [String] name
|
16
|
+
# @option options [Client] :client
|
17
|
+
# @overload def initialize(options = {})
|
18
|
+
# @option options [required, String] :name
|
19
|
+
# @option options [Client] :client
|
20
|
+
def initialize(*args)
|
21
|
+
options = Hash === args.last ? args.pop.dup : {}
|
22
|
+
@name = extract_name(args, options)
|
23
|
+
@data = options.delete(:data)
|
24
|
+
@client = options.delete(:client) || Client.new(options)
|
25
|
+
end
|
26
|
+
|
27
|
+
# @!group Read-Only Attributes
|
28
|
+
|
29
|
+
# @return [String]
|
30
|
+
def name
|
31
|
+
@name
|
32
|
+
end
|
33
|
+
alias :group_name :name
|
34
|
+
|
35
|
+
# The path to the group. For more information about paths, see [IAM
|
36
|
+
# Identifiers][1] in the *Using IAM* guide.
|
37
|
+
#
|
38
|
+
#
|
39
|
+
#
|
40
|
+
# [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
|
41
|
+
# @return [String]
|
42
|
+
def path
|
43
|
+
data.path
|
44
|
+
end
|
45
|
+
|
46
|
+
# The stable and unique string identifying the group. For more
|
47
|
+
# information about IDs, see [IAM Identifiers][1] in the *Using IAM*
|
48
|
+
# guide.
|
49
|
+
#
|
50
|
+
#
|
51
|
+
#
|
52
|
+
# [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
|
53
|
+
# @return [String]
|
54
|
+
def group_id
|
55
|
+
data.group_id
|
56
|
+
end
|
57
|
+
|
58
|
+
# The Amazon Resource Name (ARN) specifying the group. For more
|
59
|
+
# information about ARNs and how to use them in policies, see [IAM
|
60
|
+
# Identifiers][1] in the *Using IAM* guide.
|
61
|
+
#
|
62
|
+
#
|
63
|
+
#
|
64
|
+
# [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
|
65
|
+
# @return [String]
|
66
|
+
def arn
|
67
|
+
data.arn
|
68
|
+
end
|
69
|
+
|
70
|
+
# The date and time, in [ISO 8601 date-time format][1], when the group
|
71
|
+
# was created.
|
72
|
+
#
|
73
|
+
#
|
74
|
+
#
|
75
|
+
# [1]: http://www.iso.org/iso/iso8601
|
76
|
+
# @return [Time]
|
77
|
+
def create_date
|
78
|
+
data.create_date
|
79
|
+
end
|
80
|
+
|
81
|
+
# @!endgroup
|
82
|
+
|
83
|
+
# @return [Client]
|
84
|
+
def client
|
85
|
+
@client
|
86
|
+
end
|
87
|
+
|
88
|
+
# Loads, or reloads {#data} for the current {Group}.
|
89
|
+
# Returns `self` making it possible to chain methods.
|
90
|
+
#
|
91
|
+
# group.reload.data
|
92
|
+
#
|
93
|
+
# @return [self]
|
94
|
+
def load
|
95
|
+
resp = @client.get_group(group_name: @name)
|
96
|
+
@data = resp.group
|
97
|
+
self
|
98
|
+
end
|
99
|
+
alias :reload :load
|
100
|
+
|
101
|
+
# @return [Types::Group]
|
102
|
+
# Returns the data for this {Group}. Calls
|
103
|
+
# {Client#get_group} if {#data_loaded?} is `false`.
|
104
|
+
def data
|
105
|
+
load unless @data
|
106
|
+
@data
|
107
|
+
end
|
108
|
+
|
109
|
+
# @return [Boolean]
|
110
|
+
# Returns `true` if this resource is loaded. Accessing attributes or
|
111
|
+
# {#data} on an unloaded resource will trigger a call to {#load}.
|
112
|
+
def data_loaded?
|
113
|
+
!!@data
|
114
|
+
end
|
115
|
+
|
116
|
+
# @!group Actions
|
117
|
+
|
118
|
+
# @example Request syntax with placeholder values
|
119
|
+
#
|
120
|
+
# group.add_user({
|
121
|
+
# user_name: "existingUserNameType", # required
|
122
|
+
# })
|
123
|
+
# @param [Hash] options ({})
|
124
|
+
# @option options [required, String] :user_name
|
125
|
+
# The name of the user to add.
|
126
|
+
#
|
127
|
+
# The [regex pattern][1] for this parameter is a string of characters
|
128
|
+
# consisting of upper and lowercase alphanumeric characters with no
|
129
|
+
# spaces. You can also include any of the following characters: =,.@-
|
130
|
+
#
|
131
|
+
#
|
132
|
+
#
|
133
|
+
# [1]: http://wikipedia.org/wiki/regex
|
134
|
+
# @return [EmptyStructure]
|
135
|
+
def add_user(options = {})
|
136
|
+
options = options.merge(group_name: @name)
|
137
|
+
resp = @client.add_user_to_group(options)
|
138
|
+
resp.data
|
139
|
+
end
|
140
|
+
|
141
|
+
# @example Request syntax with placeholder values
|
142
|
+
#
|
143
|
+
# group.attach_policy({
|
144
|
+
# policy_arn: "arnType", # required
|
145
|
+
# })
|
146
|
+
# @param [Hash] options ({})
|
147
|
+
# @option options [required, String] :policy_arn
|
148
|
+
# The Amazon Resource Name (ARN) of the IAM policy you want to attach.
|
149
|
+
#
|
150
|
+
# For more information about ARNs, see [Amazon Resource Names (ARNs) and
|
151
|
+
# AWS Service Namespaces][1] in the *AWS General Reference*.
|
152
|
+
#
|
153
|
+
#
|
154
|
+
#
|
155
|
+
# [1]: http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
156
|
+
# @return [EmptyStructure]
|
157
|
+
def attach_policy(options = {})
|
158
|
+
options = options.merge(group_name: @name)
|
159
|
+
resp = @client.attach_group_policy(options)
|
160
|
+
resp.data
|
161
|
+
end
|
162
|
+
|
163
|
+
# @example Request syntax with placeholder values
|
164
|
+
#
|
165
|
+
# group = group.create({
|
166
|
+
# path: "pathType",
|
167
|
+
# })
|
168
|
+
# @param [Hash] options ({})
|
169
|
+
# @option options [String] :path
|
170
|
+
# The path to the group. For more information about paths, see [IAM
|
171
|
+
# Identifiers][1] in the *IAM User Guide*.
|
172
|
+
#
|
173
|
+
# This parameter is optional. If it is not included, it defaults to a
|
174
|
+
# slash (/).
|
175
|
+
#
|
176
|
+
# The [regex pattern][2] for this parameter is a string of characters
|
177
|
+
# consisting of either a forward slash (/) by itself or a string that
|
178
|
+
# must begin and end with forward slashes, containing any ASCII
|
179
|
+
# character from the ! (\\u0021) thru the DEL character (\\u007F),
|
180
|
+
# including most punctuation characters, digits, and upper and
|
181
|
+
# lowercased letters.
|
182
|
+
#
|
183
|
+
#
|
184
|
+
#
|
185
|
+
# [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
|
186
|
+
# [2]: http://wikipedia.org/wiki/regex
|
187
|
+
# @return [Group]
|
188
|
+
def create(options = {})
|
189
|
+
options = options.merge(group_name: @name)
|
190
|
+
resp = @client.create_group(options)
|
191
|
+
Group.new(
|
192
|
+
name: options[:group_name],
|
193
|
+
data: resp.data.group,
|
194
|
+
client: @client
|
195
|
+
)
|
196
|
+
end
|
197
|
+
|
198
|
+
# @example Request syntax with placeholder values
|
199
|
+
#
|
200
|
+
# grouppolicy = group.create_policy({
|
201
|
+
# policy_name: "policyNameType", # required
|
202
|
+
# policy_document: "policyDocumentType", # required
|
203
|
+
# })
|
204
|
+
# @param [Hash] options ({})
|
205
|
+
# @option options [required, String] :policy_name
|
206
|
+
# The name of the policy document.
|
207
|
+
#
|
208
|
+
# The [regex pattern][1] for this parameter is a string of characters
|
209
|
+
# consisting of upper and lowercase alphanumeric characters with no
|
210
|
+
# spaces. You can also include any of the following characters: =,.@-
|
211
|
+
#
|
212
|
+
#
|
213
|
+
#
|
214
|
+
# [1]: http://wikipedia.org/wiki/regex
|
215
|
+
# @option options [required, String] :policy_document
|
216
|
+
# The policy document.
|
217
|
+
#
|
218
|
+
# The [regex pattern][1] for this parameter is a string of characters
|
219
|
+
# consisting of any printable ASCII character ranging from the space
|
220
|
+
# character (\\u0020) through end of the ASCII character range
|
221
|
+
# (\\u00FF). It also includes the special characters tab (\\u0009), line
|
222
|
+
# feed (\\u000A), and carriage return (\\u000D).
|
223
|
+
#
|
224
|
+
#
|
225
|
+
#
|
226
|
+
# [1]: http://wikipedia.org/wiki/regex
|
227
|
+
# @return [GroupPolicy]
|
228
|
+
def create_policy(options = {})
|
229
|
+
options = options.merge(group_name: @name)
|
230
|
+
resp = @client.put_group_policy(options)
|
231
|
+
GroupPolicy.new(
|
232
|
+
group_name: @name,
|
233
|
+
name: options[:policy_name],
|
234
|
+
client: @client
|
235
|
+
)
|
236
|
+
end
|
237
|
+
|
238
|
+
# @example Request syntax with placeholder values
|
239
|
+
#
|
240
|
+
# group.delete()
|
241
|
+
# @param [Hash] options ({})
|
242
|
+
# @return [EmptyStructure]
|
243
|
+
def delete(options = {})
|
244
|
+
options = options.merge(group_name: @name)
|
245
|
+
resp = @client.delete_group(options)
|
246
|
+
resp.data
|
247
|
+
end
|
248
|
+
|
249
|
+
# @example Request syntax with placeholder values
|
250
|
+
#
|
251
|
+
# group.detach_policy({
|
252
|
+
# policy_arn: "arnType", # required
|
253
|
+
# })
|
254
|
+
# @param [Hash] options ({})
|
255
|
+
# @option options [required, String] :policy_arn
|
256
|
+
# The Amazon Resource Name (ARN) of the IAM policy you want to detach.
|
257
|
+
#
|
258
|
+
# For more information about ARNs, see [Amazon Resource Names (ARNs) and
|
259
|
+
# AWS Service Namespaces][1] in the *AWS General Reference*.
|
260
|
+
#
|
261
|
+
#
|
262
|
+
#
|
263
|
+
# [1]: http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
264
|
+
# @return [EmptyStructure]
|
265
|
+
def detach_policy(options = {})
|
266
|
+
options = options.merge(group_name: @name)
|
267
|
+
resp = @client.detach_group_policy(options)
|
268
|
+
resp.data
|
269
|
+
end
|
270
|
+
|
271
|
+
# @example Request syntax with placeholder values
|
272
|
+
#
|
273
|
+
# group.remove_user({
|
274
|
+
# user_name: "existingUserNameType", # required
|
275
|
+
# })
|
276
|
+
# @param [Hash] options ({})
|
277
|
+
# @option options [required, String] :user_name
|
278
|
+
# The name of the user to remove.
|
279
|
+
#
|
280
|
+
# The [regex pattern][1] for this parameter is a string of characters
|
281
|
+
# consisting of upper and lowercase alphanumeric characters with no
|
282
|
+
# spaces. You can also include any of the following characters: =,.@-
|
283
|
+
#
|
284
|
+
#
|
285
|
+
#
|
286
|
+
# [1]: http://wikipedia.org/wiki/regex
|
287
|
+
# @return [EmptyStructure]
|
288
|
+
def remove_user(options = {})
|
289
|
+
options = options.merge(group_name: @name)
|
290
|
+
resp = @client.remove_user_from_group(options)
|
291
|
+
resp.data
|
292
|
+
end
|
293
|
+
|
294
|
+
# @example Request syntax with placeholder values
|
295
|
+
#
|
296
|
+
# group = group.update({
|
297
|
+
# new_path: "pathType",
|
298
|
+
# new_group_name: "groupNameType",
|
299
|
+
# })
|
300
|
+
# @param [Hash] options ({})
|
301
|
+
# @option options [String] :new_path
|
302
|
+
# New path for the IAM group. Only include this if changing the group's
|
303
|
+
# path.
|
304
|
+
#
|
305
|
+
# The [regex pattern][1] for this parameter is a string of characters
|
306
|
+
# consisting of either a forward slash (/) by itself or a string that
|
307
|
+
# must begin and end with forward slashes, containing any ASCII
|
308
|
+
# character from the ! (\\u0021) thru the DEL character (\\u007F),
|
309
|
+
# including most punctuation characters, digits, and upper and
|
310
|
+
# lowercased letters.
|
311
|
+
#
|
312
|
+
#
|
313
|
+
#
|
314
|
+
# [1]: http://wikipedia.org/wiki/regex
|
315
|
+
# @option options [String] :new_group_name
|
316
|
+
# New name for the IAM group. Only include this if changing the group's
|
317
|
+
# name.
|
318
|
+
#
|
319
|
+
# The [regex pattern][1] for this parameter is a string of characters
|
320
|
+
# consisting of upper and lowercase alphanumeric characters with no
|
321
|
+
# spaces. You can also include any of the following characters: =,.@-
|
322
|
+
#
|
323
|
+
#
|
324
|
+
#
|
325
|
+
# [1]: http://wikipedia.org/wiki/regex
|
326
|
+
# @return [Group]
|
327
|
+
def update(options = {})
|
328
|
+
options = options.merge(group_name: @name)
|
329
|
+
resp = @client.update_group(options)
|
330
|
+
Group.new(
|
331
|
+
name: options[:new_group_name],
|
332
|
+
client: @client
|
333
|
+
)
|
334
|
+
end
|
335
|
+
|
336
|
+
# @!group Associations
|
337
|
+
|
338
|
+
# @example Request syntax with placeholder values
|
339
|
+
#
|
340
|
+
# attachedpolicies = group.attached_policies({
|
341
|
+
# path_prefix: "policyPathType",
|
342
|
+
# })
|
343
|
+
# @param [Hash] options ({})
|
344
|
+
# @option options [String] :path_prefix
|
345
|
+
# The path prefix for filtering the results. This parameter is optional.
|
346
|
+
# If it is not included, it defaults to a slash (/), listing all
|
347
|
+
# policies.
|
348
|
+
#
|
349
|
+
# The [regex pattern][1] for this parameter is a string of characters
|
350
|
+
# consisting of either a forward slash (/) by itself or a string that
|
351
|
+
# must begin and end with forward slashes, containing any ASCII
|
352
|
+
# character from the ! (\\u0021) thru the DEL character (\\u007F),
|
353
|
+
# including most punctuation characters, digits, and upper and
|
354
|
+
# lowercased letters.
|
355
|
+
#
|
356
|
+
#
|
357
|
+
#
|
358
|
+
# [1]: http://wikipedia.org/wiki/regex
|
359
|
+
# @return [Policy::Collection]
|
360
|
+
def attached_policies(options = {})
|
361
|
+
batches = Enumerator.new do |y|
|
362
|
+
options = options.merge(group_name: @name)
|
363
|
+
resp = @client.list_attached_group_policies(options)
|
364
|
+
resp.each_page do |page|
|
365
|
+
batch = []
|
366
|
+
page.data.attached_policies.each do |a|
|
367
|
+
batch << Policy.new(
|
368
|
+
arn: a.policy_arn,
|
369
|
+
client: @client
|
370
|
+
)
|
371
|
+
end
|
372
|
+
y.yield(batch)
|
373
|
+
end
|
374
|
+
end
|
375
|
+
Policy::Collection.new(batches)
|
376
|
+
end
|
377
|
+
|
378
|
+
# @example Request syntax with placeholder values
|
379
|
+
#
|
380
|
+
# policies = group.policies()
|
381
|
+
# @param [Hash] options ({})
|
382
|
+
# @return [GroupPolicy::Collection]
|
383
|
+
def policies(options = {})
|
384
|
+
batches = Enumerator.new do |y|
|
385
|
+
options = options.merge(group_name: @name)
|
386
|
+
resp = @client.list_group_policies(options)
|
387
|
+
resp.each_page do |page|
|
388
|
+
batch = []
|
389
|
+
page.data.policy_names.each do |p|
|
390
|
+
batch << GroupPolicy.new(
|
391
|
+
group_name: @name,
|
392
|
+
name: p,
|
393
|
+
client: @client
|
394
|
+
)
|
395
|
+
end
|
396
|
+
y.yield(batch)
|
397
|
+
end
|
398
|
+
end
|
399
|
+
GroupPolicy::Collection.new(batches)
|
400
|
+
end
|
401
|
+
|
402
|
+
# @param [String] name
|
403
|
+
# @return [GroupPolicy]
|
404
|
+
def policy(name)
|
405
|
+
GroupPolicy.new(
|
406
|
+
group_name: @name,
|
407
|
+
name: name,
|
408
|
+
client: @client
|
409
|
+
)
|
410
|
+
end
|
411
|
+
|
412
|
+
# @example Request syntax with placeholder values
|
413
|
+
#
|
414
|
+
# users = group.users()
|
415
|
+
# @param [Hash] options ({})
|
416
|
+
# @return [User::Collection]
|
417
|
+
def users(options = {})
|
418
|
+
batches = Enumerator.new do |y|
|
419
|
+
options = options.merge(group_name: @name)
|
420
|
+
resp = @client.get_group(options)
|
421
|
+
resp.each_page do |page|
|
422
|
+
batch = []
|
423
|
+
page.data.users.each do |u|
|
424
|
+
batch << User.new(
|
425
|
+
name: u.user_name,
|
426
|
+
data: u,
|
427
|
+
client: @client
|
428
|
+
)
|
429
|
+
end
|
430
|
+
y.yield(batch)
|
431
|
+
end
|
432
|
+
end
|
433
|
+
User::Collection.new(batches)
|
434
|
+
end
|
435
|
+
|
436
|
+
# @deprecated
|
437
|
+
# @api private
|
438
|
+
def identifiers
|
439
|
+
{ name: @name }
|
440
|
+
end
|
441
|
+
deprecated(:identifiers)
|
442
|
+
|
443
|
+
private
|
444
|
+
|
445
|
+
def extract_name(args, options)
|
446
|
+
value = args[0] || options.delete(:name)
|
447
|
+
case value
|
448
|
+
when String then value
|
449
|
+
when nil then raise ArgumentError, "missing required option :name"
|
450
|
+
else
|
451
|
+
msg = "expected :name to be a String, got #{value.class}"
|
452
|
+
raise ArgumentError, msg
|
453
|
+
end
|
454
|
+
end
|
455
|
+
|
456
|
+
class Collection < Aws::Resources::Collection; end
|
457
|
+
end
|
458
|
+
end
|
459
|
+
end
|