Class: Aws::IAM::Group

Inherits:

Object

• Object
• Aws::IAM::Group

Extended by:

Deprecations

Defined in:

lib/aws-sdk-iam/group.rb

Defined Under Namespace

Classes: Collection

Read-Only Attributes

• #arn ⇒ String

  The Amazon Resource Name (ARN) specifying the group.

• #create_date ⇒ Time

  The date and time, in [ISO 8601 date-time format], when the group was created.

• #group_id ⇒ String

  The stable and unique string identifying the group.

• #name ⇒ String (also: #group_name)
• #path ⇒ String

  The path to the group.

Actions

• #add_user(options = {}) ⇒ EmptyStructure
• #attach_policy(options = {}) ⇒ EmptyStructure
• #create(options = {}) ⇒ Group
• #create_policy(options = {}) ⇒ GroupPolicy
• #delete(options = {}) ⇒ EmptyStructure
• #detach_policy(options = {}) ⇒ EmptyStructure
• #remove_user(options = {}) ⇒ EmptyStructure
• #update(options = {}) ⇒ Group

Associations

• #attached_policies(options = {}) ⇒ Policy::Collection
• #identifiers ⇒ Object deprecated private Deprecated.
• #policies(options = {}) ⇒ GroupPolicy::Collection
• #policy(name) ⇒ GroupPolicy
• #users(options = {}) ⇒ User::Collection

Instance Method Summary

• #client ⇒ Client
• #data ⇒ Types::Group

  Returns the data for this Group.

• #data_loaded? ⇒ Boolean

  Returns ‘true` if this resource is loaded.

• #initialize(*args) ⇒ Group constructor

  A new instance of Group.

• #load ⇒ self (also: #reload)

  Loads, or reloads #data for the current Group.

• #wait_until(options = {}, &block) ⇒ Resource deprecated Deprecated.

  Use [Aws::IAM::Client] #wait_until instead

Constructor Details

#initialize(name, options = {}) ⇒ Group #initialize(options = {}) ⇒ Group

Returns a new instance of Group.

Overloads:

• #initialize(name, options = {}) ⇒ Group

  Parameters:

  • name (String)

  Options Hash (options):

  • :client (Client)
• #initialize(options = {}) ⇒ Group

  Options Hash (options):

  • :name (required, String)
  • :client (Client)

# File 'lib/aws-sdk-iam/group.rb', line 19

def initialize(*args)
  options = Hash === args.last ? args.pop.dup : {}
  @name = extract_name(args, options)
  @data = options.delete(:data)
  @client = options.delete(:client) || Client.new(options)
end

Instance Method Details

#add_user(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values

group.add_user({
  user_name: "existingUserNameType", # required
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :user_name (required, String) —

  The name of the user to add.

  This parameter allows (per its [regex pattern]) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

  [1]: wikipedia.org/wiki/regex

Returns:

• (EmptyStructure)

# File 'lib/aws-sdk-iam/group.rb', line 230

def add_user(options = {})
  options = options.merge(group_name: @name)
  resp = @client.add_user_to_group(options)
  resp.data
end

#arn ⇒ String

The Amazon Resource Name (ARN) specifying the group. For more information about ARNs and how to use them in policies, see [IAM Identifiers] in the *Using IAM* guide.

[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html

Returns:

• (String)

# File 'lib/aws-sdk-iam/group.rb', line 65

def arn
  data[:arn]
end

#attach_policy(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values

group.attach_policy({
  policy_arn: "arnType", # required
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :policy_arn (required, String) —

  The Amazon Resource Name (ARN) of the IAM policy you want to attach.

  For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces] in the *AWS General Reference*.

  [1]: docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html

Returns:

• (EmptyStructure)

# File 'lib/aws-sdk-iam/group.rb', line 252

def attach_policy(options = {})
  options = options.merge(group_name: @name)
  resp = @client.attach_group_policy(options)
  resp.data
end

#attached_policies(options = {}) ⇒ Policy::Collection

Examples:

Request syntax with placeholder values

attached_policies = group.attached_policies({
  path_prefix: "policyPathType",
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :path_prefix (String) —

  The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all policies.

  This parameter allows (per its [regex pattern]) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercased letters.

  [1]: wikipedia.org/wiki/regex

Returns:

• (Policy::Collection)

# File 'lib/aws-sdk-iam/group.rb', line 464

def attached_policies(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(group_name: @name)
    resp = @client.list_attached_group_policies(options)
    resp.each_page do |page|
      batch = []
      page.data.attached_policies.each do |a|
        batch << Policy.new(
          arn: a.policy_arn,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  Policy::Collection.new(batches)
end

#client ⇒ Client

Returns:

• (Client)

# File 'lib/aws-sdk-iam/group.rb', line 83

def client
  @client
end

#create(options = {}) ⇒ Group

Examples:

Request syntax with placeholder values

group = group.create({
  path: "pathType",
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :path (String) —

  The path to the group. For more information about paths, see [IAM Identifiers] in the *IAM User Guide*.

  This parameter is optional. If it is not included, it defaults to a slash (/).

  This parameter allows (per its [regex pattern]) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercased letters.

  [1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html [2]: wikipedia.org/wiki/regex

Returns:

• (Group)

# File 'lib/aws-sdk-iam/group.rb', line 283

def create(options = {})
  options = options.merge(group_name: @name)
  resp = @client.create_group(options)
  Group.new(
    name: options[:group_name],
    data: resp.data.group,
    client: @client
  )
end

#create_date ⇒ Time

The date and time, in [ISO 8601 date-time format], when the group was created.

[1]: www.iso.org/iso/iso8601

Returns:

• (Time)

# File 'lib/aws-sdk-iam/group.rb', line 76

def create_date
  data[:create_date]
end

#create_policy(options = {}) ⇒ GroupPolicy

Examples:

Request syntax with placeholder values

grouppolicy = group.create_policy({
  policy_name: "policyNameType", # required
  policy_document: "policyDocumentType", # required
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :policy_name (required, String) —

  The name of the policy document.

  This parameter allows (per its [regex pattern]) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

  [1]: wikipedia.org/wiki/regex

• :policy_document (required, String) —

  The policy document.

  The [regex pattern] used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)

  • The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)

  [1]: wikipedia.org/wiki/regex

Returns:

• (GroupPolicy)

# File 'lib/aws-sdk-iam/group.rb', line 330

def create_policy(options = {})
  options = options.merge(group_name: @name)
  resp = @client.put_group_policy(options)
  GroupPolicy.new(
    group_name: @name,
    name: options[:policy_name],
    client: @client
  )
end

#data ⇒ Types::Group

Returns the data for this Aws::IAM::Group. Calls Client#get_group if #data_loaded? is ‘false`.

Returns:

• (Types::Group) —

  Returns the data for this Aws::IAM::Group. Calls Client#get_group if #data_loaded? is ‘false`.

# File 'lib/aws-sdk-iam/group.rb', line 103

def data
  load unless @data
  @data
end

#data_loaded? ⇒ Boolean

Returns ‘true` if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

Returns:

• (Boolean) —

  Returns ‘true` if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

# File 'lib/aws-sdk-iam/group.rb', line 111

def data_loaded?
  !!@data
end

#delete(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values

group.delete()

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (EmptyStructure)

# File 'lib/aws-sdk-iam/group.rb', line 345

def delete(options = {})
  options = options.merge(group_name: @name)
  resp = @client.delete_group(options)
  resp.data
end

#detach_policy(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values

group.detach_policy({
  policy_arn: "arnType", # required
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :policy_arn (required, String) —

  The Amazon Resource Name (ARN) of the IAM policy you want to detach.

  For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces] in the *AWS General Reference*.

  [1]: docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html

Returns:

• (EmptyStructure)

# File 'lib/aws-sdk-iam/group.rb', line 367

def detach_policy(options = {})
  options = options.merge(group_name: @name)
  resp = @client.detach_group_policy(options)
  resp.data
end

#group_id ⇒ String

The stable and unique string identifying the group. For more information about IDs, see [IAM Identifiers] in the *Using IAM* guide.

[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html

Returns:

• (String)

# File 'lib/aws-sdk-iam/group.rb', line 53

def group_id
  data[:group_id]
end

#identifiers ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Deprecated.

# File 'lib/aws-sdk-iam/group.rb', line 542

def identifiers
  { name: @name }
end

#load ⇒ self Also known as: reload

Loads, or reloads #data for the current Aws::IAM::Group. Returns ‘self` making it possible to chain methods.

group.reload.data

Returns:

• (self)

# File 'lib/aws-sdk-iam/group.rb', line 93

def load
  resp = @client.get_group(group_name: @name)
  @data = resp.group
  self
end

#name ⇒ String Also known as: group_name

Returns:

• (String)

# File 'lib/aws-sdk-iam/group.rb', line 29

def name
  @name
end

#path ⇒ String

The path to the group. For more information about paths, see [IAM Identifiers] in the *Using IAM* guide.

[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html

Returns:

• (String)

# File 'lib/aws-sdk-iam/group.rb', line 41

def path
  data[:path]
end

#policies(options = {}) ⇒ GroupPolicy::Collection

Examples:

Request syntax with placeholder values

group.policies()

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (GroupPolicy::Collection)

# File 'lib/aws-sdk-iam/group.rb', line 487

def policies(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(group_name: @name)
    resp = @client.list_group_policies(options)
    resp.each_page do |page|
      batch = []
      page.data.policy_names.each do |p|
        batch << GroupPolicy.new(
          group_name: @name,
          name: p,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  GroupPolicy::Collection.new(batches)
end

#policy(name) ⇒ GroupPolicy

Parameters:

• name (String)

Returns:

• (GroupPolicy)

# File 'lib/aws-sdk-iam/group.rb', line 508

def policy(name)
  GroupPolicy.new(
    group_name: @name,
    name: name,
    client: @client
  )
end

#remove_user(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values

group.remove_user({
  user_name: "existingUserNameType", # required
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :user_name (required, String) —

  The name of the user to remove.

  This parameter allows (per its [regex pattern]) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

  [1]: wikipedia.org/wiki/regex

Returns:

• (EmptyStructure)

# File 'lib/aws-sdk-iam/group.rb', line 391

def remove_user(options = {})
  options = options.merge(group_name: @name)
  resp = @client.remove_user_from_group(options)
  resp.data
end

#update(options = {}) ⇒ Group

Examples:

Request syntax with placeholder values

group = group.update({
  new_path: "pathType",
  new_group_name: "groupNameType",
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :new_path (String) —

  New path for the IAM group. Only include this if changing the group’s path.

  This parameter allows (per its [regex pattern]) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercased letters.

  [1]: wikipedia.org/wiki/regex

• :new_group_name (String) —

  New name for the IAM group. Only include this if changing the group’s name.

  This parameter allows (per its [regex pattern]) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

  [1]: wikipedia.org/wiki/regex

Returns:

• (Group)

# File 'lib/aws-sdk-iam/group.rb', line 431

def update(options = {})
  options = options.merge(group_name: @name)
  resp = @client.update_group(options)
  Group.new(
    name: options[:new_group_name],
    client: @client
  )
end

#users(options = {}) ⇒ User::Collection

Examples:

Request syntax with placeholder values

group.users()

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (User::Collection)

# File 'lib/aws-sdk-iam/group.rb', line 521

def users(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(group_name: @name)
    resp = @client.get_group(options)
    resp.each_page do |page|
      batch = []
      page.data.users.each do |u|
        batch << User.new(
          name: u.user_name,
          data: u,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  User::Collection.new(batches)
end

#wait_until(options = {}, &block) ⇒ Resource

Deprecated.

Use [Aws::IAM::Client] #wait_until instead

Note:

The waiting operation is performed on a copy. The original resource remains unchanged

Waiter polls an API operation until a resource enters a desired state.

## Basic Usage

Waiter will polls until it is successful, it fails by entering a terminal state, or until a maximum number of attempts are made.

# polls in a loop until condition is true
resource.wait_until(options) {|resource| condition}

## Example

instance.wait_until(max_attempts:10, delay:5) {|instance| instance.state.name == 'running' }

## Configuration

You can configure the maximum number of polling attempts, and the delay (in seconds) between each polling attempt. The waiting condition is set by passing a block to #wait_until:

# poll for ~25 seconds
resource.wait_until(max_attempts:5,delay:5) {|resource|...}

## Callbacks

You can be notified before each polling attempt and before each delay. If you throw ‘:success` or `:failure` from these callbacks, it will terminate the waiter.

started_at = Time.now
# poll for 1 hour, instead of a number of attempts
proc = Proc.new do |attempts, response|
  throw :failure if Time.now - started_at > 3600
end

  # disable max attempts
instance.wait_until(before_wait:proc, max_attempts:nil) {...}

## Handling Errors

When a waiter is successful, it returns the Resource. When a waiter fails, it raises an error.

begin
  resource.wait_until(...)
rescue Aws::Waiters::Errors::WaiterFailed
  # resource did not enter the desired state in time
end

attempts attempt in seconds invoked before each attempt invoked before each wait

Parameters:

• options (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (options):

• :max_attempts (Integer) — default: 10 —

  Maximum number of

• :delay (Integer) — default: 10 —

  Delay between each

• :before_attempt (Proc) — default: nil —

  Callback

• :before_wait (Proc) — default: nil —

  Callback

Returns:

• (Resource) —

  if the waiter was successful

Raises:

• (Aws::Waiters::Errors::FailureStateError) —

  Raised when the waiter terminates because the waiter has entered a state that it will not transition out of, preventing success.

  yet successful.

• (Aws::Waiters::Errors::UnexpectedError) —

  Raised when an error is encountered while polling for a resource that is not expected.

• (NotImplementedError) —

  Raised when the resource does not

# File 'lib/aws-sdk-iam/group.rb', line 193

def wait_until(options = {}, &block)
  self_copy = self.dup
  attempts = 0
  options[:max_attempts] = 10 unless options.key?(:max_attempts)
  options[:delay] ||= 10
  options[:poller] = Proc.new do
    attempts += 1
    if block.call(self_copy)
      [:success, self_copy]
    else
      self_copy.reload unless attempts == options[:max_attempts]
      :retry
    end
  end
  Aws::Waiters::Waiter.new(options).wait({})
end