aws-sdk 1.0.4 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. data/lib/aws.rb +10 -9
  2. data/lib/aws/api_config/IAM-2010-07-15.yml +632 -0
  3. data/lib/aws/base_client.rb +1 -1
  4. data/lib/aws/cacheable.rb +34 -46
  5. data/lib/aws/client_logging.rb +19 -14
  6. data/lib/aws/collections.rb +230 -0
  7. data/lib/aws/common.rb +4 -0
  8. data/lib/aws/configuration.rb +7 -0
  9. data/lib/aws/ec2.rb +2 -2
  10. data/lib/aws/ec2/attachment.rb +64 -71
  11. data/lib/aws/ec2/attachment_collection.rb +11 -9
  12. data/lib/aws/ec2/availability_zone.rb +40 -31
  13. data/lib/aws/ec2/availability_zone_collection.rb +2 -3
  14. data/lib/aws/ec2/elastic_ip.rb +25 -22
  15. data/lib/aws/ec2/elastic_ip_collection.rb +5 -2
  16. data/lib/aws/ec2/image.rb +113 -129
  17. data/lib/aws/ec2/image_collection.rb +5 -6
  18. data/lib/aws/ec2/instance.rb +290 -233
  19. data/lib/aws/ec2/instance_collection.rb +72 -67
  20. data/lib/aws/ec2/key_pair.rb +16 -18
  21. data/lib/aws/ec2/region.rb +25 -17
  22. data/lib/aws/ec2/reserved_instances.rb +7 -1
  23. data/lib/aws/ec2/reserved_instances_collection.rb +3 -3
  24. data/lib/aws/ec2/reserved_instances_offering.rb +7 -1
  25. data/lib/aws/ec2/reserved_instances_offering_collection.rb +3 -3
  26. data/lib/aws/ec2/resource.rb +41 -222
  27. data/lib/aws/ec2/security_group.rb +22 -18
  28. data/lib/aws/ec2/security_group_collection.rb +2 -5
  29. data/lib/aws/ec2/snapshot.rb +44 -35
  30. data/lib/aws/ec2/snapshot_collection.rb +43 -1
  31. data/lib/aws/ec2/tag.rb +14 -18
  32. data/lib/aws/ec2/volume.rb +59 -72
  33. data/lib/aws/ec2/volume_collection.rb +16 -12
  34. data/lib/aws/errors.rb +14 -5
  35. data/lib/aws/http/httparty_handler.rb +2 -2
  36. data/lib/aws/iam.rb +306 -0
  37. data/lib/aws/iam/access_key.rb +183 -0
  38. data/lib/aws/iam/access_key_collection.rb +131 -0
  39. data/lib/aws/iam/account_alias_collection.rb +81 -0
  40. data/lib/aws/iam/client.rb +44 -0
  41. data/lib/aws/iam/client/xml.rb +38 -0
  42. data/lib/aws/iam/collection.rb +87 -0
  43. data/lib/aws/iam/errors.rb +29 -0
  44. data/lib/aws/iam/group.rb +117 -0
  45. data/lib/aws/iam/group_collection.rb +135 -0
  46. data/lib/aws/iam/group_policy_collection.rb +49 -0
  47. data/lib/aws/iam/group_user_collection.rb +94 -0
  48. data/lib/aws/iam/login_profile.rb +97 -0
  49. data/lib/aws/iam/mfa_device.rb +52 -0
  50. data/lib/aws/iam/mfa_device_collection.rb +119 -0
  51. data/lib/aws/iam/policy.rb +48 -0
  52. data/lib/aws/iam/policy_collection.rb +191 -0
  53. data/lib/aws/iam/request.rb +27 -0
  54. data/lib/aws/iam/resource.rb +74 -0
  55. data/lib/aws/iam/server_certificate.rb +143 -0
  56. data/lib/aws/iam/server_certificate_collection.rb +174 -0
  57. data/lib/aws/iam/signing_certificate.rb +171 -0
  58. data/lib/aws/iam/signing_certificate_collection.rb +134 -0
  59. data/lib/aws/iam/user.rb +196 -0
  60. data/lib/aws/iam/user_collection.rb +136 -0
  61. data/lib/aws/iam/user_group_collection.rb +101 -0
  62. data/lib/aws/iam/user_policy.rb +90 -0
  63. data/lib/aws/iam/user_policy_collection.rb +48 -0
  64. data/lib/aws/resource.rb +381 -0
  65. data/lib/aws/resource_cache.rb +1 -2
  66. data/lib/aws/response.rb +5 -1
  67. data/lib/aws/response_cache.rb +1 -1
  68. data/lib/aws/s3/client.rb +3 -1
  69. data/lib/aws/s3/presigned_post.rb +1 -1
  70. data/lib/aws/simple_db.rb +1 -1
  71. metadata +113 -50
@@ -30,7 +30,7 @@ module AWS
30
30
  # volume.exists?
31
31
  #
32
32
  # @example Get a map of volume IDs to volume status
33
- # ec2.volumes.inject({}) { |m, v| m[i.id] = v.status; m }
33
+ # ec2.volumes.inject({}) { |m, v| m[v.id] = v.status; m }
34
34
  # # => { "vol-12345678" => :available, "vol-87654321" => :in_use }
35
35
  class VolumeCollection < Collection
36
36
 
@@ -41,8 +41,12 @@ module AWS
41
41
  def each(&block)
42
42
  resp = filtered_request(:describe_volumes)
43
43
  resp.volume_set.each do |v|
44
- volume = Volume.new(v.volume_id, :config => config)
44
+
45
+ volume = Volume.new_from(:describe_volumes, v,
46
+ v.volume_id, :config => config)
47
+
45
48
  yield(volume)
49
+
46
50
  end
47
51
  nil
48
52
  end
@@ -55,32 +59,32 @@ module AWS
55
59
  #
56
60
  # @return [Volume] An object representing the new volume.
57
61
  #
58
- # @param [Hash] opts Options for creating the volume.
62
+ # @param [Hash] options Options for creating the volume.
59
63
  # +:availability_zone+ and one of +:size+, +:snapshot+, or
60
64
  # +:snapshot_id+ is required.
61
65
  #
62
- # @option opts [Integer] :size The size of the volume, in
66
+ # @option options [Integer] :size The size of the volume, in
63
67
  # GiBs. Valid values: 1 - 1024. If +:snapshot+ or
64
68
  # +:snapshot_id+ is specified, this defaults to the size of
65
69
  # the specified snapshot.
66
70
  #
67
- # @option opts [Snapshot] :snapshot The snapshot from which to
71
+ # @option options [Snapshot] :snapshot The snapshot from which to
68
72
  # create the new volume.
69
73
  #
70
- # @option opts [String] :snapshot_id The ID of the snapshot
74
+ # @option options [String] :snapshot_id The ID of the snapshot
71
75
  # from which to create the new volume.
72
76
  #
73
- # @option opts [String, AvailabilityZone] :availability_zone
77
+ # @option options [String, AvailabilityZone] :availability_zone
74
78
  # The Availability Zone in which to create the new volume.
75
79
  # To get a list of the availability zones you can use, see
76
80
  # {EC2#availability_zones}.
77
81
  # @return [Volume]
78
- def create(opts = {})
79
- if snapshot = opts.delete(:snapshot)
80
- opts[:snapshot_id] = snapshot.id
82
+ def create options = {}
83
+ if snapshot = options.delete(:snapshot)
84
+ options[:snapshot_id] = snapshot.id
81
85
  end
82
- resp = client.create_volume(opts)
83
- Volume.new(resp.volume_id, :config => config)
86
+ resp = client.create_volume(options)
87
+ Volume.new_from(:create_volume, resp, resp.volume_id, :config => config)
84
88
  end
85
89
 
86
90
  # @private
@@ -51,7 +51,8 @@ module AWS
51
51
  # that wrapped the service error.
52
52
  attr_reader :http_response
53
53
 
54
- def initialize http_request, http_response, message = http_response.body
54
+ def initialize http_request = nil, http_response = nil, message = nil
55
+ message ||= http_response.body if http_response
55
56
  @http_request = http_request
56
57
  @http_response = http_response
57
58
  super(message)
@@ -97,10 +98,18 @@ module AWS
97
98
  # @return [Integer] The HTTP status code returned by the AWS service.
98
99
  attr_reader :code
99
100
 
100
- def initialize(req, resp)
101
- super(req, resp, message)
102
- include_error_type
103
- parse_body(resp.body)
101
+ def initialize(req = nil, resp = nil)
102
+ if req.kind_of?(String)
103
+ # makes it easier to test handling of modeled exceptions
104
+ super(nil, nil, req)
105
+ @message = req
106
+ elsif req and resp
107
+ super(req, resp, message)
108
+ include_error_type
109
+ parse_body(resp.body)
110
+ else
111
+ super()
112
+ end
104
113
  end
105
114
 
106
115
  def include_error_type
@@ -62,7 +62,7 @@ module AWS
62
62
  })
63
63
 
64
64
  if request.proxy_uri
65
- opts[:http_proxyaddr] = request.proxy_uri.to_s
65
+ opts[:http_proxyaddr] = request.proxy_uri.host
66
66
  opts[:http_proxyport] = request.proxy_uri.port
67
67
  end
68
68
 
@@ -90,7 +90,7 @@ module AWS
90
90
 
91
91
  begin
92
92
  http_response = self.class.send(method, url, opts)
93
- rescue Timeout::Error => e
93
+ rescue Timeout::Error, Errno::ETIMEDOUT => e
94
94
  response.timeout = true
95
95
  else
96
96
  response.body = http_response.body
@@ -0,0 +1,306 @@
1
+ # Copyright 2011 Amazon.com, Inc. or its affiliates. All Rights Reserved.
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License"). You
4
+ # may not use this file except in compliance with the License. A copy of
5
+ # the License is located at
6
+ #
7
+ # http://aws.amazon.com/apache2.0/
8
+ #
9
+ # or in the "license" file accompanying this file. This file is
10
+ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
11
+ # ANY KIND, either express or implied. See the License for the specific
12
+ # language governing permissions and limitations under the License.
13
+
14
+ require 'aws/common'
15
+ require 'aws/inflection'
16
+ require 'aws/service_interface'
17
+ require 'aws/iam/client'
18
+ require 'aws/iam/user_collection'
19
+ require 'aws/iam/group_collection'
20
+ require 'aws/iam/signing_certificate_collection'
21
+ require 'aws/iam/server_certificate_collection'
22
+ require 'aws/iam/account_alias_collection'
23
+ require 'aws/iam/access_key_collection'
24
+
25
+ module AWS
26
+
27
+ # This class is the starting point for working with
28
+ # AWS Identity and Access Management (IAM).
29
+ #
30
+ # For more information about IAM:
31
+ #
32
+ # * {AWS Identity and Access Management}[http://aws.amazon.com/iam/]
33
+ # * {AWS Identity and Access Management Documentation}[http://aws.amazon.com/documentation/iam/]
34
+ #
35
+ # = Credentials
36
+ #
37
+ # You can setup default credentials for all AWS services via
38
+ # AWS.config:
39
+ #
40
+ # AWS.config(
41
+ # :access_key_id => 'YOUR_ACCESS_KEY_ID',
42
+ # :secret_access_key => 'YOUR_SECRET_ACCESS_KEY')
43
+ #
44
+ # Or you can set them directly on the IAM interface:
45
+ #
46
+ # iam = AWS::IAM.new(
47
+ # :access_key_id => 'YOUR_ACCESS_KEY_ID',
48
+ # :secret_access_key => 'YOUR_SECRET_ACCESS_KEY')
49
+ #
50
+ # = Account Summary
51
+ #
52
+ # You can get account level information about entity usage and IAM quotas
53
+ # directly from an IAM interface object.
54
+ #
55
+ # summary = iam.account_summary
56
+ #
57
+ # puts "Num users: #{summary[:users]}"
58
+ # puts "Num user quota: #{summary[:users_quota]}"
59
+ #
60
+ # For a complete list of summary attributes see the {#account_summary} method.
61
+ #
62
+ # = Account Aliases
63
+ #
64
+ # Currently IAM only supports a single account alias for each AWS account.
65
+ # You can set the account alias on the IAM interface.
66
+ #
67
+ # iam.account_alias = 'myaccountalias'
68
+ # iam.account_alias
69
+ # #=> 'myaccountalias'
70
+ #
71
+ # You can also remove your account alias:
72
+ #
73
+ # iam.remove_account_alias
74
+ # iam.account_alias
75
+ # #=> nil
76
+ #
77
+ # = Access Keys
78
+ #
79
+ # You can create up to 2 access for your account and 2 for each user.
80
+ # This makes it easy to rotate keys if you need to. You can also
81
+ # deactivate/activate access keys.
82
+ #
83
+ # # get your current access key
84
+ # old_access_key = iam.access_keys.first
85
+ #
86
+ # # create a new access key
87
+ # new_access_key = iam.access_keys.create
88
+ # new_access_key.credentials
89
+ # #=> { :access_key_id => 'ID', :secret_access_key => 'SECRET' }
90
+ #
91
+ # # go rotate your keys/credentials ...
92
+ #
93
+ # # now disable the old access key
94
+ # old_access_key.deactivate!
95
+ #
96
+ # # go make sure everything still works ...
97
+ #
98
+ # # all done, lets clean up
99
+ # old_access_key.delete
100
+ #
101
+ # Users can also have access keys:
102
+ #
103
+ # u = iam.users['someuser']
104
+ # access_key = u.access_keys.create
105
+ # access_key.credentials
106
+ # #=> { :access_key_id => 'ID', :secret_access_key => 'SECRET' }
107
+ #
108
+ # See {AccessKeyCollection} and {AccessKey} for more information about
109
+ # working with access keys.
110
+ #
111
+ # = Users & Gropus
112
+ #
113
+ # Each AWS account can have multiple users. Users can be used to easily
114
+ # manage permissions. Users can also be organized into groups.
115
+ #
116
+ # user = iam.users.create('JohnDoe')
117
+ # group = iam.groups.create('Developers')
118
+ #
119
+ # # add a user to a group
120
+ # user.groups.add(group)
121
+ #
122
+ # # remove a user from a group
123
+ # user.groups.remove(group)
124
+ #
125
+ # # add a user to a group
126
+ # group.users.add(user)
127
+ #
128
+ # # remove a user from a group
129
+ # group.users.remove(user)
130
+ #
131
+ # See {User}, {UserCollection}, {Group} and {GroupCollection} for more
132
+ # information on how to work with users and groups.
133
+ #
134
+ # = Other Interfaces
135
+ #
136
+ # Other useful IAM interfaces:
137
+ # * User Login Profiles ({LoginProfile})
138
+ # * Policies ({Policy})
139
+ # * Server Certificates ({ServerCertificateCollection}, {ServerCertificate})
140
+ # * Signing Certificates ({SigningCertificateCollection}, {SigningCertificate})
141
+ # * Multifactor Authentication Devices ({MFADeviceCollection}, {MFADevice})
142
+ #
143
+ class IAM
144
+
145
+ include ServiceInterface
146
+
147
+ # Returns a collection that represents all AWS users for this account:
148
+ #
149
+ # @example Getting a user by name
150
+ #
151
+ # user = iam.users['username']
152
+ #
153
+ # @example Enumerating users
154
+ #
155
+ # iam.users.each do |user|
156
+ # puts user.name
157
+ # end
158
+ #
159
+ # @return [UserCollection] Returns a collection that represents all of
160
+ # the IAM users for this AWS account.
161
+ def users
162
+ UserCollection.new(:config => config)
163
+ end
164
+
165
+ # Returns a collection that represents all AWS groups for this account:
166
+ #
167
+ # @example Getting a group by name
168
+ #
169
+ # group = iam.groups['groupname']
170
+ #
171
+ # @example Enumerating groups
172
+ #
173
+ # iam.groups.each do |group|
174
+ # puts group.name
175
+ # end
176
+ #
177
+ # @return [GroupCollection] Returns a collection that represents all of
178
+ # the IAM groups for this AWS account.
179
+ def groups
180
+ GroupCollection.new(:config => config)
181
+ end
182
+
183
+ # Returns a collection that represents the access keys for this
184
+ # AWS account.
185
+ #
186
+ # iam = AWS::IAM.new
187
+ # iam.access_keys.each do |access_key|
188
+ # puts access_key.id
189
+ # end
190
+ #
191
+ # @return [AccessKeyCollection] Returns a collection that represents all
192
+ # access keys for this AWS account.
193
+ def access_keys
194
+ AccessKeyCollection.new(:config => config)
195
+ end
196
+
197
+ # Returns a collection that represents the signing certificates
198
+ # for this AWS account.
199
+ #
200
+ # iam = AWS::IAM.new
201
+ # iam.signing_certificates.each do |cert|
202
+ # # ...
203
+ # end
204
+ #
205
+ # If you need to access the signing certificates of a specific user,
206
+ # see {User#signing_certificates}.
207
+ #
208
+ # @return [SigningCertificateCollection] Returns a collection that
209
+ # represents signing certificates for this AWS account.
210
+ def signing_certificates
211
+ SigningCertificateCollection.new(:config => config)
212
+ end
213
+
214
+ # @note Currently, Amazon Elastic Load Balancing is the only
215
+ # service to support the use of server certificates with
216
+ # IAM. Using server certificates with Amazon Elastic Load
217
+ # Balancing is described in the
218
+ # {http://docs.amazonwebservices.com/ElasticLoadBalancing/latest/DeveloperGuide/US_SettingUpLoadBalancerHTTPSIntegrated.html
219
+ # Amazon Elastic Load Balancing} Developer Guide.
220
+ #
221
+ # Returns a collection that represents the server certificates
222
+ # for this AWS account.
223
+ #
224
+ # iam = AWS::IAM.new
225
+ # iam.server_certificates.each do |cert|
226
+ # # ...
227
+ # end
228
+ #
229
+ # @return [ServerCertificateCollection] Returns a collection that
230
+ # represents server certificates for this AWS account.
231
+ def server_certificates
232
+ ServerCertificateCollection.new(:config => config)
233
+ end
234
+
235
+ # Sets the account alias for this AWS account.
236
+ # @param [String] account_alias
237
+ # @return [String] Returns the account alias passed.
238
+ def account_alias= account_alias
239
+ account_alias.nil? ?
240
+ remove_account_alias :
241
+ account_aliases.create(account_alias)
242
+ end
243
+
244
+ # @return [String,nil] Returns the account alias. If this account has
245
+ # no alias, then +nil+ is returned.
246
+ def account_alias
247
+ account_aliases.first
248
+ end
249
+
250
+ # Deletes the account alias (if one exists).
251
+ # @return [nil]
252
+ def remove_account_alias
253
+ account_aliases.each do |account_alias|
254
+ account_aliases.delete(account_alias)
255
+ end
256
+ nil
257
+ end
258
+
259
+ # @private
260
+ def account_aliases
261
+ AccountAliasCollection.new(:config => config)
262
+ end
263
+
264
+ # Retrieves account level information about account entity usage
265
+ # and IAM quotas. The returned hash contains the following keys:
266
+ #
267
+ # [+:users+] Number of users for the AWS account
268
+ #
269
+ # [+:users_quota+] Maximum users allowed for the AWS account
270
+ #
271
+ # [+:groups+] Number of Groups for the AWS account
272
+ #
273
+ # [+:groups_quota+] Maximum Groups allowed for the AWS account
274
+ #
275
+ # [+:server_certificates+] Number of Server Certificates for the
276
+ # AWS account
277
+ #
278
+ # [+:server_certificates_quota+] Maximum Server Certificates
279
+ # allowed for the AWS account
280
+ #
281
+ # [+:user_policy_size_quota+] Maximum allowed size for user policy
282
+ # documents (in kilobytes)
283
+ #
284
+ # [+:group_policy_size_quota+] Maximum allowed size for Group
285
+ # policy documents (in kilobyes)
286
+ #
287
+ # [+:groups_per_user_quota+] Maximum number of groups a user can
288
+ # belong to
289
+ #
290
+ # [+:signing_certificates_per_user_quota+] Maximum number of X509
291
+ # certificates allowed
292
+ # for a user
293
+ #
294
+ # [+:access_keys_per_user_quota+] Maximum number of access keys
295
+ # that can be created per user
296
+ #
297
+ # @return [Hash]
298
+ def account_summary
299
+ client.get_account_summary.summary_map.inject({}) do |h, (k,v)|
300
+ h[Inflection.ruby_name(k).to_sym] = v
301
+ h
302
+ end
303
+ end
304
+
305
+ end
306
+ end
@@ -0,0 +1,183 @@
1
+ # Copyright 2011 Amazon.com, Inc. or its affiliates. All Rights Reserved.
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License"). You
4
+ # may not use this file except in compliance with the License. A copy of
5
+ # the License is located at
6
+ #
7
+ # http://aws.amazon.com/apache2.0/
8
+ #
9
+ # or in the "license" file accompanying this file. This file is
10
+ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
11
+ # ANY KIND, either express or implied. See the License for the specific
12
+ # language governing permissions and limitations under the License.
13
+
14
+ require 'aws/iam/resource'
15
+ require 'aws/iam/user'
16
+
17
+ module AWS
18
+ class IAM
19
+
20
+ # @attr_reader [Symbol] status The status of this access key.
21
+ # Status may be +:active+ or +:inactive+.
22
+ #
23
+ class AccessKey < Resource
24
+
25
+ # @param [String] access_key_id The id of this access key.
26
+ # @param [Hash] options
27
+ # @option [String] :user The IAM user this access key belongs to.
28
+ # If +:user+ is omitted then this access key belongs to the
29
+ # AWS account.
30
+ def initialize access_key_id, options = {}
31
+ @id = access_key_id
32
+ options[:secret_value] = nil unless options.has_key?(:secret_value)
33
+ @user = options[:user]
34
+ @user ? super(@user, options) : super(options)
35
+ end
36
+
37
+ # @return [User,nil] Returns the user this access key belongs to.
38
+ # Returns +nil+ if this access key belongs to the AWS account and not
39
+ # a specific user.
40
+ attr_reader :user
41
+
42
+ # @return [String] Returns the access key id.
43
+ attr_reader :id
44
+
45
+ alias_method :access_key_id, :id
46
+
47
+ attribute :secret_value, :as => :secret_access_key, :static => true
48
+
49
+ protected :secret_value
50
+
51
+ mutable_attribute :status, :to_sym => true
52
+
53
+ protected :status=
54
+
55
+ populates_from(:create_access_key) do |resp|
56
+ resp.access_key if matches_response_object?(resp.access_key)
57
+ end
58
+
59
+ populates_from(:list_access_keys) do |resp|
60
+ resp.access_key_metadata.find {|k| matches_response_object?(k) }
61
+ end
62
+
63
+ # Returns the secret access key.
64
+ #
65
+ # You can only access the secret for newly created access
66
+ # keys. Calling +secret+ on existing access keys raises an error.
67
+ #
68
+ # @example Getting the secret from a newly created access key
69
+ #
70
+ # access_key = iam.access_keys.create
71
+ # access_key.secret
72
+ # #=> 'SECRET_ACCESS_KEY'
73
+ #
74
+ # @example Failing to get the secret from an existing access key.
75
+ #
76
+ # access_key = iam.access_keys.first
77
+ # access_key.secret
78
+ # #=> raises a runtime error
79
+ #
80
+ # @return [String] Returns the secret access key.
81
+ def secret
82
+ secret_value or raise 'secret is only available for new access keys'
83
+ end
84
+
85
+ alias_method :secret_access_key, :secret
86
+
87
+ # @return [String,nil] Returns the name of the user this access key
88
+ # belogns to. If the access key belongs to the account, +nil+ is
89
+ # returned.
90
+ def user_name
91
+ @user ? @user.name : nil
92
+ end
93
+
94
+ # @return [Boolean] Returns true if this access key is active.
95
+ def active?
96
+ status == :active
97
+ end
98
+
99
+ # @return [Boolean] Returns true if this access key is inactive.
100
+ def inactive?
101
+ status == :inactive
102
+ end
103
+
104
+ # Activates this access key.
105
+ #
106
+ # @example
107
+ # access_key.activate!
108
+ # access_key.status
109
+ # # => :active
110
+ #
111
+ # @return [nil]
112
+ def activate!
113
+ self.status = 'Active'
114
+ nil
115
+ end
116
+
117
+ # Deactivates this access key.
118
+ #
119
+ # @example
120
+ # access_key.deactivate!
121
+ # access_key.status
122
+ # # => :inactive
123
+ #
124
+ # @return [nil]
125
+ # @return [nil]
126
+ def deactivate!
127
+ self.status = 'Inactive'
128
+ nil
129
+ end
130
+
131
+ # Deletes the access key.
132
+ def delete
133
+ client.delete_access_key(resource_options)
134
+ nil
135
+ end
136
+
137
+ # Returns a hash that should be saved somewhere safe.
138
+ #
139
+ # access_keys = iam.access_keys.create
140
+ # access_keys.credentials
141
+ # #=> { :access_key_id => '...', :secret_access_key => '...' }
142
+ #
143
+ # You can also use these credentials to make requests:
144
+ #
145
+ # s3 = AWS::S3.new(access_keys.credentials)
146
+ # s3.buckets.create('newbucket')
147
+ #
148
+ # @return [Hash] Returns a hash with the access key id and
149
+ # secret access key.
150
+ def credentials
151
+ { :access_key_id => id, :secret_access_key => secret }
152
+ end
153
+
154
+ # @private
155
+ protected
156
+ def resource_identifiers
157
+ identifiers = []
158
+ identifiers << [:access_key_id, id]
159
+ identifiers << [:user_name, user.name] if user
160
+ identifiers
161
+ end
162
+
163
+ # IAM does not provide a request for "get access keys".
164
+ # Also note, we do not page the response. This is because
165
+ # restrictions on how many access keys an account / user may
166
+ # have is fewer than one page of results.
167
+ # @private
168
+ protected
169
+ def get_resource attribute
170
+ options = user ? { :user_name => user.name } : {}
171
+ client.list_access_keys(options)
172
+ end
173
+
174
+ # @private
175
+ protected
176
+ def matches_response_object? obj
177
+ user_name = obj.respond_to?(:user_name) ? obj.user_name : nil
178
+ obj.access_key_id == self.id and user_name == self.user_name
179
+ end
180
+
181
+ end
182
+ end
183
+ end