aws_sdk 3.1.5

data/lib/aws/elb/load_balancer_policy_collection.rb

@@ -0,0 +1,208 @@
+# Copyright 2011-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+module AWS
+  class ELB
+
+    class LoadBalancerPolicyCollection
+      
+      include Core::Collection::Simple
+
+      def initialize load_balancer, options = {}
+        @load_balancer = load_balancer
+        super
+      end
+
+      attr_reader :load_balancer
+
+      # Creates a new load balancer policy that contains the necessary 
+      # attributes depending on the policy type. Policies are settings 
+      # that are saved for your load balancer and that can be applied to 
+      # the front-end listener, or the back-end application server, 
+      # depending on your policy type.
+      #
+      # == Applying Policies
+      #
+      # To apply a policy to a front-end listener:
+      #
+      #   # each listener may only have a single policy
+      #   load_balancer.listener[80].policy = listener_policy
+      #
+      # To apply a policy to backend instance port
+      #
+      #   # back end servers can have multiple policies per instance port
+      #   load_balancer.backend_server_policies.add(80, back_end_policy)
+      #
+      # @param [String] name The name of the policy being created.  The name
+      #   must be unique within the set of policies for this load balancer.
+      #
+      # @param [String] type The policy type name.  Valid values inlucde:
+      #
+      #   * 'PublicKeyPolicyType'
+      #   * 'AppCookieStickinessPolicyType'
+      #   * 'LBCookieStickinessPolicyType'
+      #   * 'SSLNegotiationPolicyType'
+      #   * 'BackendServerAuthenticationPolicyType'
+      #
+      # @param [Hash] attributes A hash of policy attributes.  Each policy
+      #   type accepts a different list of hash options.  Below each
+      #   policy type name is listed with its list of accepted options.
+      #   Attributes that accept more than one value should be provided
+      #   as an array of values.
+      #
+      #   Hash keys should be attribute names, values may be single
+      #   values or arrays of values.
+      #
+      #   PublicKeyPolicyType
+      #
+      #     Policy containing a list of public keys to accept when authenticating the back-end server(s). This policy cannot be applied directly to back-end servers or listeners but must be part of a BackendServerAuthenticationPolicyType.
+      #
+      #     * 'PublicKey', String, one
+      #
+      #   AppCookieStickinessPolicyType
+      #
+      #     Stickiness policy with session lifetimes controlled by the lifetime of the application-generated cookie. This policy can be associated only with HTTP/HTTPS listeners.
+      #
+      #     * 'CookieName', String, one
+      #
+      #   LBCookieStickinessPolicyType
+      #
+      #     Stickiness policy with session lifetimes controlled by the browser (user-agent) or a specified expiration period. This policy can be associated only with HTTP/HTTPS listeners.
+      #
+      #     * 'CookieExpirationPeriod', Long, zero or one
+      #
+      #   SSLNegotiationPolicyType
+      #
+      #     Listener policy that defines the ciphers and protocols that will be accepted by the load balancer. This policy can be associated only with HTTPS/SSL listeners.
+      #
+      #     * 'Protocol-SSLv2', Boolean, zero or one
+      #     * 'Protocol-TLSv1', Boolean, zero or one
+      #     * 'Protocol-SSLv3', Boolean, zero or one
+      #     * 'DHE-RSA-AES256-SHA', Boolean, zero or one
+      #     * 'DHE-DSS-AES256-SHA', Boolean, zero or one
+      #     * 'DHE-RSA-CAMELLIA256-SHA', Boolean, zero or one
+      #     * 'DHE-DSS-CAMELLIA256-SHA', Boolean, zero or one
+      #     * 'ADH-AES256-SHA', Boolean, zero or one
+      #     * 'ADH-CAMELLIA256-SHA', Boolean, zero or one
+      #     * 'AES256-SHA', Boolean, zero or one
+      #     * 'CAMELLIA256-SHA', Boolean, zero or one
+      #     * 'PSK-AES256-CBC-SHA', Boolean, zero or one
+      #     * 'EDH-RSA-DES-CBC3-SHA', Boolean, zero or one
+      #     * 'EDH-DSS-DES-CBC3-SHA', Boolean, zero or one
+      #     * 'ADH-DES-CBC3-SHA', Boolean, zero or one
+      #     * 'DES-CBC3-SHA', Boolean, zero or one
+      #     * 'DES-CBC3-MD5', Boolean, zero or one
+      #     * 'PSK-3DES-EDE-CBC-SHA', Boolean, zero or one
+      #     * 'KRB5-DES-CBC3-SHA', Boolean, zero or one
+      #     * 'KRB5-DES-CBC3-MD5', Boolean, zero or one
+      #     * 'DHE-RSA-AES128-SHA', Boolean, zero or one
+      #     * 'DHE-DSS-AES128-SHA', Boolean, zero or one
+      #     * 'DHE-RSA-SEED-SHA', Boolean, zero or one
+      #     * 'DHE-DSS-SEED-SHA', Boolean, zero or one
+      #     * 'DHE-RSA-CAMELLIA128-SHA', Boolean, zero or one
+      #     * 'DHE-DSS-CAMELLIA128-SHA', Boolean, zero or one
+      #     * 'ADH-AES128-SHA', Boolean, zero or one
+      #     * 'ADH-SEED-SHA', Boolean, zero or one
+      #     * 'ADH-CAMELLIA128-SHA', Boolean, zero or one
+      #     * 'AES128-SHA', Boolean, zero or one
+      #     * 'SEED-SHA', Boolean, zero or one
+      #     * 'CAMELLIA128-SHA', Boolean, zero or one
+      #     * 'RC2-CBC-MD5', Boolean, zero or one
+      #     * 'PSK-AES128-CBC-SHA', Boolean, zero or one
+      #     * 'ADH-RC4-MD5', Boolean, zero or one
+      #     * 'IDEA-CBC-SHA', Boolean, zero or one
+      #     * 'RC4-SHA', Boolean, zero or one
+      #     * 'RC4-MD5', Boolean, zero or one
+      #     * 'PSK-RC4-SHA', Boolean, zero or one
+      #     * 'KRB5-RC4-SHA', Boolean, zero or one
+      #     * 'KRB5-RC4-MD5', Boolean, zero or one
+      #     * 'EDH-RSA-DES-CBC-SHA', Boolean, zero or one
+      #     * 'EDH-DSS-DES-CBC-SHA', Boolean, zero or one
+      #     * 'ADH-DES-CBC-SHA', Boolean, zero or one
+      #     * 'DES-CBC-SHA', Boolean, zero or one
+      #     * 'DES-CBC-MD5', Boolean, zero or one
+      #     * 'KRB5-DES-CBC-SHA', Boolean, zero or one
+      #     * 'KRB5-DES-CBC-MD5', Boolean, zero or one
+      #     * 'EXP-EDH-RSA-DES-CBC-SHA', Boolean, zero or one
+      #     * 'EXP-EDH-DSS-DES-CBC-SHA', Boolean, zero or one
+      #     * 'EXP-ADH-DES-CBC-SHA', Boolean, zero or one
+      #     * 'EXP-DES-CBC-SHA', Boolean, zero or one
+      #     * 'EXP-RC2-CBC-MD5', Boolean, zero or one
+      #     * 'EXP-KRB5-RC2-CBC-SHA', Boolean, zero or one
+      #     * 'EXP-KRB5-DES-CBC-SHA', Boolean, zero or one
+      #     * 'EXP-KRB5-RC2-CBC-MD5', Boolean, zero or one
+      #     * 'EXP-KRB5-DES-CBC-MD5', Boolean, zero or one
+      #     * 'EXP-ADH-RC4-MD5', Boolean, zero or one
+      #     * 'EXP-RC4-MD5', Boolean, zero or one
+      #     * 'EXP-KRB5-RC4-SHA', Boolean, zero or one
+      #     * 'EXP-KRB5-RC4-MD5', Boolean, zero or one
+      #
+      #   BackendServerAuthenticationPolicyType
+      #
+      #     Policy that controls authentication to back-end server(s) and contains one or more policies, such as an instance of a PublicKeyPolicyType. This policy can be associated only with back-end servers that are using HTTPS/SSL.
+      #
+      #     * 'PublicKeyPolicyName', PolicyName, one or more
+      #
+      # @return [nil]
+      #
+      def create name, type, attributes = {}
+
+        attribute_list = []
+
+        attributes.each do |attr_name,values|
+          [values].flatten.each do |value|
+            attribute_list << { 
+              :attribute_name => attr_name, 
+              :attribute_value => value.to_s 
+            }
+          end
+        end
+
+        client.create_load_balancer_policy(
+          :load_balancer_name => load_balancer.name,
+          :policy_name => name.to_s,
+          :policy_type_name => type.to_s,
+          :policy_attributes => attribute_list)
+
+        LoadBalancerPolicy.new(load_balancer, name, :type => type.to_s)
+
+      end
+
+      # @param [String] policy_name The name of the policy to return.
+      # @return [LoadBalancerPolicy] Returns a reference to the load balancer
+      #   policy with the given name.
+      def [] policy_name
+        LoadBalancerPolicy.new(load_balancer, policy_name)
+      end
+
+      protected
+      def _each_item options = {}, &block
+
+        options[:load_balancer_name] = load_balancer.name
+
+        response = client.describe_load_balancer_policies(options)
+        response.policy_descriptions.each do |desc|
+
+          load_balancer_policy = LoadBalancerPolicy.new_from(
+            :describe_load_balancer_policies, 
+            desc, load_balancer, desc.policy_name)
+
+          yield(load_balancer_policy)
+
+        end
+
+      end
+
+    end
+  end
+end

data/lib/aws/elb/request.rb

@@ -0,0 +1,23 @@
+# Copyright 2011-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+module AWS
+  class ELB
+
+    # @private
+    class Request < Core::Http::Request
+      include Core::Signature::Version2
+    end
+
+  end
+end

data/lib/aws/errors.rb

@@ -0,0 +1,122 @@
+# Copyright 2011-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+module AWS
+
+  # = Errors
+  #
+  # There are two basic types of errors:
+  #
+  # * {ClientError}
+  # * {ServerError}
+  #
+  # == Client Errors
+  #
+  # Errors in the three and four hundreds are client errors ({ClientError}).
+  # A client error should not be resent without changes.  The body of the
+  # http response (the error #message) should give more information about
+  # the nature of the problem.
+  #
+  # == Server Errors
+  #
+  # A 500 level error typically indicates the service is having an issue.
+  #
+  # Requests that generate service errors are automatically retried with
+  # an exponential backoff.  If the service still fails to respond with 
+  # a 200 after 3 retries the error is raised.
+  #
+  module Errors
+
+    # Base class for all errors returned by the service.  
+    class Base < StandardError
+
+      # @overload new(error_message)
+      #   @param [String] error_message The body of the error message
+      #
+      # @overload new(http_request, http_response, code = nil, message = nil)
+      #   @param [Http::Request] http_request
+      #   @param [Http::Response] http_response
+      #   @param [String] code (nil)
+      #   @param [String] message (nil)
+      #
+      def initialize req = nil, resp = nil, code = nil, message = nil
+        if req.is_a?(String) or req.nil?
+          super(req)
+        else
+          @http_request = req
+          @http_response = resp
+          @code = code
+          include_error_type
+          super(message || http_response.body)
+        end
+      end
+
+      # @return [String] The response code given by the service.
+      attr_reader :code
+
+      # @return [Http::Request] The low level http request that caused the
+      #   error to be raised.
+      attr_reader :http_request
+
+      # @return [Http::Response] The low level http response from the service
+      #   that wrapped the service error.
+      attr_reader :http_response
+
+      protected
+
+      # Extends the error object with {ServerError} or {ClientError}.
+      # This indicates if the request should be retried (server errors)
+      # or not (client errors).
+      def include_error_type
+        if http_response.status >= 500
+          extend ServerError
+        else
+          extend ClientError
+        end
+      end
+
+    end
+
+    # Provides the ability to instantiate instances of {ServerError} and
+    # {ClientError}.
+    # @private
+    module ExceptionMixinClassMethods
+      def new(*args)
+        e = Base.new(*args)
+        e.extend(self)
+        e
+      end
+    end
+
+    # Raised when an error occurs as a result of bad client
+    # behavior, most commonly when the parameters passed to a method
+    # are somehow invalid.  Other common cases:
+    #
+    # * Throttling errors
+    # * Bad credentials
+    # * No permission to do the requested operation
+    # * Limits exceeded (e.g. too many buckets)
+    #
+    module ClientError
+      extend ExceptionMixinClassMethods
+    end
+
+    # Raised when an AWS service is unable to handle the request.  These
+    # are automatically retired.  If after 3 retries the request is still
+    # failing, then the error is raised.
+    module ServerError
+      extend ExceptionMixinClassMethods
+    end
+
+  end
+end

data/lib/aws/iam.rb

@@ -0,0 +1,418 @@
+# Copyright 2011-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+require 'aws/core'
+require 'aws/iam/config'
+
+module AWS
+
+  # This class is the starting point for working with 
+  # AWS Identity and Access Management (IAM).
+  #
+  # For more information about IAM:
+  #
+  # * {AWS Identity and Access Management}[http://aws.amazon.com/iam/]
+  # * {AWS Identity and Access Management Documentation}[http://aws.amazon.com/documentation/iam/]
+  #
+  # = Credentials
+  #
+  # You can setup default credentials for all AWS services via 
+  # AWS.config:
+  #
+  #   AWS.config(
+  #     :access_key_id => 'YOUR_ACCESS_KEY_ID',
+  #     :secret_access_key => 'YOUR_SECRET_ACCESS_KEY')
+  # 
+  # Or you can set them directly on the IAM interface:
+  #
+  #   iam = AWS::IAM.new(
+  #     :access_key_id => 'YOUR_ACCESS_KEY_ID',
+  #     :secret_access_key => 'YOUR_SECRET_ACCESS_KEY')
+  #
+  # = Account Summary
+  #
+  # You can get account level information about entity usage and IAM quotas
+  # directly from an IAM interface object.
+  #
+  #   summary = iam.account_summary
+  #
+  #   puts "Num users: #{summary[:users]}"
+  #   puts "Num user quota: #{summary[:users_quota]}"
+  #
+  # For a complete list of summary attributes see the {#account_summary} method.
+  #
+  # = Account Aliases
+  #
+  # Currently IAM only supports a single account alias for each AWS account.
+  # You can set the account alias on the IAM interface.
+  #
+  #   iam.account_alias = 'myaccountalias'
+  #   iam.account_alias
+  #   #=> 'myaccountalias'
+  #
+  # You can also remove your account alias:
+  #
+  #   iam.remove_account_alias
+  #   iam.account_alias
+  #   #=> nil
+  #
+  # = Access Keys
+  #
+  # You can create up to 2 access for your account and 2 for each user.
+  # This makes it easy to rotate keys if you need to.  You can also
+  # deactivate/activate access keys.
+  #
+  #   # get your current access key
+  #   old_access_key = iam.access_keys.first
+  #
+  #   # create a new access key
+  #   new_access_key = iam.access_keys.create
+  #   new_access_key.credentials
+  #   #=> { :access_key_id => 'ID', :secret_access_key => 'SECRET' }
+  #
+  #   # go rotate your keys/credentials ...
+  #
+  #   # now disable the old access key
+  #   old_access_key.deactivate!
+  #
+  #   # go make sure everything still works ...
+  #
+  #   # all done, lets clean up
+  #   old_access_key.delete
+  #
+  # Users can also have access keys:
+  #
+  #   u = iam.users['someuser']
+  #   access_key = u.access_keys.create
+  #   access_key.credentials
+  #   #=> { :access_key_id => 'ID', :secret_access_key => 'SECRET' }
+  #
+  # See {AccessKeyCollection} and {AccessKey} for more information about
+  # working with access keys.
+  #
+  # = Users & Groups
+  #
+  # Each AWS account can have multiple users.  Users can be used to easily
+  # manage permissions.  Users can also be organized into groups.  
+  #
+  #   user = iam.users.create('JohnDoe')
+  #   group = iam.groups.create('Developers')
+  #
+  #   # add a user to a group
+  #   user.groups.add(group)
+  #
+  #   # remove a user from a group
+  #   user.groups.remove(group)
+  #
+  #   # add a user to a group
+  #   group.users.add(user)
+  #
+  #   # remove a user from a group
+  #   group.users.remove(user)
+  #
+  # See {User}, {UserCollection}, {Group} and {GroupCollection} for more
+  # information on how to work with users and groups.
+  #
+  # = Other Interfaces
+  #
+  # Other useful IAM interfaces:
+  # * User Login Profiles ({LoginProfile})
+  # * Policies ({Policy})
+  # * Server Certificates ({ServerCertificateCollection}, {ServerCertificate})
+  # * Signing Certificates ({SigningCertificateCollection}, {SigningCertificate})
+  # * Multifactor Authentication Devices ({MFADeviceCollection}, {MFADevice})
+  #
+  class IAM
+
+    AWS.register_autoloads(self) do
+      autoload :AccessKey,                    'access_key'
+      autoload :AccessKeyCollection,          'access_key_collection'
+      autoload :AccountAliasCollection,       'account_alias_collection'
+      autoload :Client,                       'client'
+      autoload :Collection,                   'collection'
+      autoload :Errors,                       'errors'
+      autoload :Group,                        'group'
+      autoload :GroupCollection,              'group_collection'
+      autoload :GroupPolicyCollection,        'group_policy_collection'
+      autoload :GroupUserCollection,          'group_user_collection'
+      autoload :LoginProfile,                 'login_profile'
+      autoload :MFADevice,                    'mfa_device'
+      autoload :MFADeviceCollection,          'mfa_device_collection'
+      autoload :Policy,                       'policy'
+      autoload :PolicyCollection,             'policy_collection'
+      autoload :Request,                      'request'
+      autoload :Resource,                     'resource'
+      autoload :ServerCertificate,            'server_certificate'
+      autoload :ServerCertificateCollection,  'server_certificate_collection'
+      autoload :SigningCertificate,           'signing_certificate'
+      autoload :SigningCertificateCollection, 'signing_certificate_collection'
+      autoload :User,                         'user'
+      autoload :UserCollection,               'user_collection'
+      autoload :UserGroupCollection,          'user_group_collection'
+      autoload :UserPolicy,                   'user_policy'
+      autoload :UserPolicyCollection,         'user_policy_collection'
+      autoload :VirtualMfaDeviceCollection,   'virtual_mfa_device_collection'
+      autoload :VirtualMfaDevice,             'virtual_mfa_device'
+    end
+
+    include Core::ServiceInterface
+
+    # Returns a collection that represents all AWS users for this account:
+    #
+    # @example Getting a user by name
+    #
+    #   user = iam.users['username']
+    #
+    # @example Enumerating users
+    #
+    #   iam.users.each do |user|
+    #     puts user.name
+    #   end
+    # 
+    # @return [UserCollection] Returns a collection that represents all of
+    #   the IAM users for this AWS account.
+    def users
+      UserCollection.new(:config => config)
+    end
+
+    # Returns a collection that represents all AWS groups for this account:
+    #
+    # @example Getting a group by name
+    #
+    #   group = iam.groups['groupname']
+    #
+    # @example Enumerating groups
+    #
+    #   iam.groups.each do |group|
+    #     puts group.name
+    #   end
+    #
+    # @return [GroupCollection] Returns a collection that represents all of
+    #   the IAM groups for this AWS account.
+    def groups
+      GroupCollection.new(:config => config)
+    end
+
+    # Returns a collection that represents the access keys for this 
+    # AWS account.
+    #
+    #   iam = AWS::IAM.new
+    #   iam.access_keys.each do |access_key|
+    #     puts access_key.id
+    #   end
+    #
+    # @return [AccessKeyCollection] Returns a collection that represents all
+    #   access keys for this AWS account.
+    def access_keys
+      AccessKeyCollection.new(:config => config)
+    end
+
+    # Returns a collection that represents the signing certificates
+    # for this AWS account.  
+    #
+    #   iam = AWS::IAM.new
+    #   iam.signing_certificates.each do |cert|
+    #     # ...
+    #   end
+    #
+    # If you need to access the signing certificates of a specific user,
+    # see {User#signing_certificates}.
+    # 
+    # @return [SigningCertificateCollection] Returns a collection that
+    #   represents signing certificates for this AWS account.
+    def signing_certificates
+      SigningCertificateCollection.new(:config => config)
+    end
+
+    # @note Currently, Amazon Elastic Load Balancing is the only
+    #   service to support the use of server certificates with
+    #   IAM. Using server certificates with Amazon Elastic Load
+    #   Balancing is described in the
+    #   {http://docs.amazonwebservices.com/ElasticLoadBalancing/latest/DeveloperGuide/US_SettingUpLoadBalancerHTTPSIntegrated.html
+    #   Amazon Elastic Load Balancing} Developer Guide.
+    #
+    # Returns a collection that represents the server certificates
+    # for this AWS account.
+    #
+    #   iam = AWS::IAM.new
+    #   iam.server_certificates.each do |cert|
+    #     # ...
+    #   end
+    #
+    # @return [ServerCertificateCollection] Returns a collection that
+    #   represents server certificates for this AWS account.
+    def server_certificates
+      ServerCertificateCollection.new(:config => config)
+    end
+
+    # Returns a collection that represents the virtual MFA devices
+    # that are not assigned to an IAM user.
+    #
+    #   iam = AWS::IAM.new
+    #   iam.virtual_mfa_devices.each do |cert|
+    #     # ...
+    #   end
+    #
+    # @return [VirtualMfaDeviceCollection] Returns a collection that
+    #   represents the virtual MFA devices that are not assigned to an
+    #   IAM user.
+    def virtual_mfa_devices
+      VirtualMfaDeviceCollection.new(:config => config)
+    end
+
+    # Sets the account alias for this AWS account.
+    # @param [String] account_alias
+    # @return [String] Returns the account alias passed.
+    def account_alias= account_alias
+      account_alias.nil? ?
+        remove_account_alias :
+        account_aliases.create(account_alias)
+    end
+
+    # @return [String,nil] Returns the account alias.  If this account has
+    #   no alias, then +nil+ is returned.
+    def account_alias
+      account_aliases.first
+    end
+
+    # Deletes the account alias (if one exists).
+    # @return [nil] 
+    def remove_account_alias
+      account_aliases.each do |account_alias|
+        account_aliases.delete(account_alias)
+      end
+      nil
+    end
+
+    # @private
+    def account_aliases
+      AccountAliasCollection.new(:config => config)
+    end
+
+    # Retrieves account level information about account entity usage
+    # and IAM quotas.  The returned hash contains the following keys:
+    #
+    # [+:users+] Number of users for the AWS account
+    #
+    # [+:users_quota+] Maximum users allowed for the AWS account
+    #
+    # [+:groups+] Number of Groups for the AWS account
+    #
+    # [+:groups_quota+] Maximum Groups allowed for the AWS account
+    #
+    # [+:server_certificates+] Number of Server Certificates for the
+    #                          AWS account
+    #
+    # [+:server_certificates_quota+] Maximum Server Certificates
+    #                                allowed for the AWS account
+    #
+    # [+:user_policy_size_quota+] Maximum allowed size for user policy
+    #                             documents (in kilobytes)
+    #
+    # [+:group_policy_size_quota+] Maximum allowed size for Group
+    #                              policy documents (in kilobyes)
+    #
+    # [+:groups_per_user_quota+] Maximum number of groups a user can
+    #                            belong to
+    #
+    # [+:signing_certificates_per_user_quota+] Maximum number of X509
+    #                                          certificates allowed
+    #                                          for a user
+    #
+    # [+:access_keys_per_user_quota+] Maximum number of access keys
+    #                                 that can be created per user
+    #
+    # @return [Hash]
+    def account_summary
+      client.get_account_summary.data[:summary_map].inject({}) do |h,(k,v)|
+        h.merge(Core::Inflection.ruby_name(k).to_sym => v)
+      end
+    end
+
+    # Changes the web password associated with the current IAM user.
+    # In order to change your password you must configure the sdk
+    # to use your IAM user credentials.
+    #
+    #
+    # To change a user password, you must be using credentials from the
+    # user you want to change:
+    #
+    #   # pass in a key pair generated for the user you want to change 
+    #   # the password for
+    #   iam = AWS::IAM.new(:access_key_id => '...', :secret_access_key => '...)
+    #   iam.change_password('old-password', 'new-password')
+    #
+    # @param [String] old_password
+    #
+    # @param [String] new_password
+    #
+    # @return [nil]
+    #
+    def change_password old_password, new_password
+      client_opts = {}
+      client_opts[:old_password] = old_password
+      client_opts[:new_password] = new_password
+      client.change_password(client_opts)
+      nil
+    end
+
+    # Updates the account password policy for all IAM accounts.
+    # @param [Hash] options
+    # @option options [Integer] :minimum_password_length 
+    # @option options [Boolean] :require_symbols
+    # @option options [Boolean] :require_numbers
+    # @option options [Boolean] :require_uppercase_characters
+    # @option options [Boolean] :require_lowercase_characters
+    # @return [nil]
+    def update_account_password_policy options = {}
+      client.update_account_password_policy(options)
+      nil
+    end
+
+    # Removes the account password policy.
+    # @return [nil]
+    def delete_account_password_policy
+      client.delete_account_password_policy
+      nil
+    end
+
+    # Returns the account password policy details as a hash.  This method
+    # returns nil if no password policy has been set for this account.
+    #
+    #   # set the policy
+    #   iam.update_account_password_policy :minimum_password_length => 8
+    #
+    #   iam.account_password_policy
+    #   #=> {:require_symbols=>false, :require_numbers=>false, :require_uppercase_characters=>false, :require_lowercase_characters=>false, :minimum_password_length=>8}
+    #
+    # @return [Hash,nil]
+    def account_password_policy
+      begin
+        policy = client.get_account_password_policy.password_policy
+        [
+          :minimum_password_length,
+          :require_symbols?,
+          :require_numbers?,
+          :require_uppercase_characters?,
+          :require_lowercase_characters?,
+        ].inject({}) do |hash,method|
+          key = method.to_s.sub(/\?/, '').to_sym
+          hash.merge(key => policy.send(method))
+        end
+      rescue Errors::NoSuchEntity
+        nil
+      end
+    end
+
+  end
+end