Class: Aws::IAM::User

Inherits:

Object

• Object
• Aws::IAM::User

Extended by:

Deprecations

Defined in:

lib/aws-sdk-iam/user.rb

Defined Under Namespace

Classes: Collection

Read-Only Attributes

• #arn ⇒ String

  The Amazon Resource Name (ARN) that identifies the user.

• #create_date ⇒ Time

  The date and time, in [ISO 8601 date-time format], when the user was created.

• #name ⇒ String (also: #user_name)
• #password_last_used ⇒ Time

  The date and time, in [ISO 8601 date-time format], when the user’s password was last used to sign in to an Amazon Web Services website.

• #path ⇒ String

  The path to the user.

• #permissions_boundary ⇒ Types::AttachedPermissionsBoundary

  For more information about permissions boundaries, see [Permissions boundaries for IAM identities ][1] in the *IAM User Guide*.

• #tags ⇒ Array<Types::Tag>

  A list of tags that are associated with the user.

• #user_id ⇒ String

  The stable and unique string identifying the user.

Actions

• #add_group(options = {}) ⇒ EmptyStructure
• #attach_policy(options = {}) ⇒ EmptyStructure
• #create(options = {}) ⇒ User
• #create_access_key_pair(options = {}) ⇒ AccessKeyPair
• #create_login_profile(options = {}) ⇒ LoginProfile
• #create_policy(options = {}) ⇒ UserPolicy
• #delete(options = {}) ⇒ EmptyStructure
• #detach_policy(options = {}) ⇒ EmptyStructure
• #enable_mfa(options = {}) ⇒ MfaDevice
• #remove_group(options = {}) ⇒ EmptyStructure
• #update(options = {}) ⇒ User

Associations

• #access_key(id) ⇒ AccessKey
• #access_keys(options = {}) ⇒ AccessKey::Collection
• #attached_policies(options = {}) ⇒ Policy::Collection
• #groups(options = {}) ⇒ Group::Collection
• #identifiers ⇒ Object deprecated private Deprecated.
• #login_profile ⇒ LoginProfile
• #mfa_device(serial_number) ⇒ MfaDevice
• #mfa_devices(options = {}) ⇒ MfaDevice::Collection
• #policies(options = {}) ⇒ UserPolicy::Collection
• #policy(name) ⇒ UserPolicy
• #signing_certificate(id) ⇒ SigningCertificate
• #signing_certificates(options = {}) ⇒ SigningCertificate::Collection

Instance Method Summary

• #client ⇒ Client
• #data ⇒ Types::User

  Returns the data for this User.

• #data_loaded? ⇒ Boolean

  Returns ‘true` if this resource is loaded.

• #exists?(options = {}) ⇒ Boolean

  Returns ‘true` if the User exists.

• #initialize(*args) ⇒ User constructor

  A new instance of User.

• #load ⇒ self (also: #reload)

  Loads, or reloads #data for the current User.

• #wait_until(options = {}) {|resource| ... } ⇒ Resource deprecated Deprecated.

  Use [Aws::IAM::Client] #wait_until instead

• #wait_until_exists(options = {}, &block) ⇒ User

Constructor Details

#initialize(name, options = {}) ⇒ User #initialize(options = {}) ⇒ User

Returns a new instance of User.

Overloads:

• #initialize(name, options = {}) ⇒ User

  Parameters:

  • name (String)

  Options Hash (options):

  • :client (Client)
• #initialize(options = {}) ⇒ User

  Options Hash (options):

  • :name (required, String)
  • :client (Client)

# File 'lib/aws-sdk-iam/user.rb', line 22

def initialize(*args)
  options = Hash === args.last ? args.pop.dup : {}
  @name = extract_name(args, options)
  @data = options.delete(:data)
  @client = options.delete(:client) || Client.new(options)
  @waiter_block_warned = false
end

Instance Method Details

#access_key(id) ⇒ AccessKey

Parameters:

• id (String)

Returns:

• (AccessKey)

# File 'lib/aws-sdk-iam/user.rb', line 718

def access_key(id)
  AccessKey.new(
    user_name: @name,
    id: id,
    client: @client
  )
end

#access_keys(options = {}) ⇒ AccessKey::Collection

Examples:

Request syntax with placeholder values

user.access_keys()

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (AccessKey::Collection)

# File 'lib/aws-sdk-iam/user.rb', line 731

def access_keys(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(user_name: @name)
    resp = Aws::Plugins::UserAgent.feature('resource') do
      @client.list_access_keys(options)
    end
    resp.each_page do |page|
      batch = []
      page.data.access_key_metadata.each do |a|
        batch << AccessKey.new(
          user_name: @name,
          id: a.access_key_id,
          data: a,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  AccessKey::Collection.new(batches)
end

#add_group(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values

user.add_group({
  group_name: "groupNameType", # required
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :group_name (required, String) —

  The name of the group to update.

  This parameter allows (through its [regex pattern]) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

  [1]: wikipedia.org/wiki/regex

Returns:

• (EmptyStructure)

# File 'lib/aws-sdk-iam/user.rb', line 328

def add_group(options = {})
  options = options.merge(user_name: @name)
  resp = Aws::Plugins::UserAgent.feature('resource') do
    @client.add_user_to_group(options)
  end
  resp.data
end

#arn ⇒ String

The Amazon Resource Name (ARN) that identifies the user. For more information about ARNs and how to use ARNs in policies, see [IAM Identifiers] in the *IAM User Guide*.

[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html

Returns:

• (String)

# File 'lib/aws-sdk-iam/user.rb', line 72

def arn
  data[:arn]
end

#attach_policy(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values

user.attach_policy({
  policy_arn: "arnType", # required
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :policy_arn (required, String) —

  The Amazon Resource Name (ARN) of the IAM policy you want to attach.

  For more information about ARNs, see [Amazon Resource Names (ARNs)] in the *Amazon Web Services General Reference*.

  [1]: docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html

Returns:

• (EmptyStructure)

# File 'lib/aws-sdk-iam/user.rb', line 352

def attach_policy(options = {})
  options = options.merge(user_name: @name)
  resp = Aws::Plugins::UserAgent.feature('resource') do
    @client.attach_user_policy(options)
  end
  resp.data
end

#attached_policies(options = {}) ⇒ Policy::Collection

Examples:

Request syntax with placeholder values

attached_policies = user.attached_policies({
  path_prefix: "policyPathType",
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :path_prefix (String) —

  The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all policies.

  This parameter allows (through its [regex pattern]) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (‘u0021`) through the DEL character (`u007F`), including most punctuation characters, digits, and upper and lowercased letters.

  [1]: wikipedia.org/wiki/regex

Returns:

• (Policy::Collection)

# File 'lib/aws-sdk-iam/user.rb', line 775

def attached_policies(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(user_name: @name)
    resp = Aws::Plugins::UserAgent.feature('resource') do
      @client.list_attached_user_policies(options)
    end
    resp.each_page do |page|
      batch = []
      page.data.attached_policies.each do |a|
        batch << Policy.new(
          arn: a.policy_arn,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  Policy::Collection.new(batches)
end

#client ⇒ Client

Returns:

• (Client)

# File 'lib/aws-sdk-iam/user.rb', line 142

def client
  @client
end

#create(options = {}) ⇒ User

Examples:

Request syntax with placeholder values

user = user.create({
  path: "pathType",
  permissions_boundary: "arnType",
  tags: [
    {
      key: "tagKeyType", # required
      value: "tagValueType", # required
    },
  ],
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :path (String) —

  The path for the user name. For more information about paths, see [IAM identifiers] in the *IAM User Guide*.

  This parameter is optional. If it is not included, it defaults to a slash (/).

  This parameter allows (through its [regex pattern]) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (‘u0021`) through the DEL character (`u007F`), including most punctuation characters, digits, and upper and lowercased letters.

  [1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html [2]: wikipedia.org/wiki/regex

• :permissions_boundary (String) —

  The ARN of the managed policy that is used to set the permissions boundary for the user.

  A permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see [Permissions boundaries for IAM entities] in the *IAM User Guide*.

  For more information about policy types, see [Policy types ][2] in the *IAM User Guide*.

  [1]: docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html [2]: docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types

• :tags (Array<Types::Tag>) —

  A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources] in the *IAM User Guide*.

  <note markdown=“1”> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.

  </note>
  

  [1]: docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html

Returns:

• (User)

# File 'lib/aws-sdk-iam/user.rb', line 424

def create(options = {})
  options = options.merge(user_name: @name)
  resp = Aws::Plugins::UserAgent.feature('resource') do
    @client.create_user(options)
  end
  User.new(
    name: options[:user_name],
    data: resp.data.user,
    client: @client
  )
end

#create_access_key_pair(options = {}) ⇒ AccessKeyPair

Examples:

Request syntax with placeholder values

user.create_access_key_pair()

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (AccessKeyPair)

# File 'lib/aws-sdk-iam/user.rb', line 441

def create_access_key_pair(options = {})
  options = options.merge(user_name: @name)
  resp = Aws::Plugins::UserAgent.feature('resource') do
    @client.create_access_key(options)
  end
  AccessKeyPair.new(
    user_name: @name,
    id: resp.data.access_key.access_key_id,
    secret: resp.data.access_key.secret_access_key,
    data: resp.data.access_key,
    client: @client
  )
end

#create_date ⇒ Time

The date and time, in [ISO 8601 date-time format], when the user was created.

[1]: www.iso.org/iso/iso8601

Returns:

• (Time)

# File 'lib/aws-sdk-iam/user.rb', line 83

def create_date
  data[:create_date]
end

#create_login_profile(options = {}) ⇒ LoginProfile

Examples:

Request syntax with placeholder values

loginprofile = user.create_login_profile({
  password: "passwordType", # required
  password_reset_required: false,
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :password (required, String) —

  The new password for the user.

  The [regex pattern] that is used to validate this parameter is a string of characters. That string can include almost any printable ASCII character from the space (‘u0020`) through the end of the ASCII character range (`u00FF`). You can also include the tab (`u0009`), line feed (`u000A`), and carriage return (`u000D`) characters. Any of these characters are valid in a password. However, many tools, such as the Amazon Web Services Management Console, might restrict the ability to type certain characters because they have special meaning within that tool.

  [1]: wikipedia.org/wiki/regex

• :password_reset_required (Boolean) —

  Specifies whether the user is required to set a new password on next sign-in.

Returns:

• (LoginProfile)

# File 'lib/aws-sdk-iam/user.rb', line 482

def create_login_profile(options = {})
  options = options.merge(user_name: @name)
  resp = Aws::Plugins::UserAgent.feature('resource') do
    @client.create_login_profile(options)
  end
  LoginProfile.new(
    user_name: resp.data.login_profile.user_name,
    data: resp.data.login_profile,
    client: @client
  )
end

#create_policy(options = {}) ⇒ UserPolicy

Examples:

Request syntax with placeholder values

userpolicy = user.create_policy({
  policy_name: "policyNameType", # required
  policy_document: "policyDocumentType", # required
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :policy_name (required, String) —

  The name of the policy document.

  This parameter allows (through its [regex pattern]) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

  [1]: wikipedia.org/wiki/regex

• :policy_document (required, String) —

  The policy document.

  You must provide policies in JSON format in IAM. However, for CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.

  The [regex pattern] used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (‘u0020`) through the end of the ASCII character range

  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through ‘u00FF`)

  • The special characters tab (‘u0009`), line feed (`u000A`), and carriage return (`u000D`)

  [1]: wikipedia.org/wiki/regex

Returns:

• (UserPolicy)

# File 'lib/aws-sdk-iam/user.rb', line 536

def create_policy(options = {})
  options = options.merge(user_name: @name)
  Aws::Plugins::UserAgent.feature('resource') do
    @client.put_user_policy(options)
  end
  UserPolicy.new(
    user_name: @name,
    name: options[:policy_name],
    client: @client
  )
end

#data ⇒ Types::User

Returns the data for this Aws::IAM::User. Calls Client#get_user if #data_loaded? is ‘false`.

Returns:

• (Types::User) —

  Returns the data for this Aws::IAM::User. Calls Client#get_user if #data_loaded? is ‘false`.

# File 'lib/aws-sdk-iam/user.rb', line 164

def data
  load unless @data
  @data
end

#data_loaded? ⇒ Boolean

Returns ‘true` if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

Returns:

• (Boolean) —

  Returns ‘true` if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

# File 'lib/aws-sdk-iam/user.rb', line 172

def data_loaded?
  !!@data
end

#delete(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values

user.delete()

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (EmptyStructure)

# File 'lib/aws-sdk-iam/user.rb', line 553

def delete(options = {})
  options = options.merge(user_name: @name)
  resp = Aws::Plugins::UserAgent.feature('resource') do
    @client.delete_user(options)
  end
  resp.data
end

#detach_policy(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values

user.detach_policy({
  policy_arn: "arnType", # required
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :policy_arn (required, String) —

  The Amazon Resource Name (ARN) of the IAM policy you want to detach.

  For more information about ARNs, see [Amazon Resource Names (ARNs)] in the *Amazon Web Services General Reference*.

  [1]: docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html

Returns:

• (EmptyStructure)

# File 'lib/aws-sdk-iam/user.rb', line 577

def detach_policy(options = {})
  options = options.merge(user_name: @name)
  resp = Aws::Plugins::UserAgent.feature('resource') do
    @client.detach_user_policy(options)
  end
  resp.data
end

#enable_mfa(options = {}) ⇒ MfaDevice

Examples:

Request syntax with placeholder values

mfadevice = user.enable_mfa({
  serial_number: "serialNumberType", # required
  authentication_code_1: "authenticationCodeType", # required
  authentication_code_2: "authenticationCodeType", # required
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :serial_number (required, String) —

  The serial number that uniquely identifies the MFA device. For virtual MFA devices, the serial number is the device ARN.

  This parameter allows (through its [regex pattern]) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters:

  ,.@:/-

  [1]: wikipedia.org/wiki/regex

• :authentication_code_1 (required, String) —

  An authentication code emitted by the device.

  The format for this parameter is a string of six digits.

  Submit your request immediately after generating the authentication codes. If you generate the codes and then wait too long to submit the request, the MFA device successfully associates with the user but the MFA device becomes out of sync. This happens because time-based one-time passwords (TOTP) expire after a short period of time. If this happens, you can [resync the device].

  [1]: docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html

• :authentication_code_2 (required, String) —

  A subsequent authentication code emitted by the device.

  The format for this parameter is a string of six digits.

  Submit your request immediately after generating the authentication codes. If you generate the codes and then wait too long to submit the request, the MFA device successfully associates with the user but the MFA device becomes out of sync. This happens because time-based one-time passwords (TOTP) expire after a short period of time. If this happens, you can [resync the device].

  [1]: docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html

Returns:

• (MfaDevice)

# File 'lib/aws-sdk-iam/user.rb', line 636

def enable_mfa(options = {})
  options = options.merge(user_name: @name)
  Aws::Plugins::UserAgent.feature('resource') do
    @client.enable_mfa_device(options)
  end
  MfaDevice.new(
    user_name: @name,
    serial_number: options[:serial_number],
    client: @client
  )
end

#exists?(options = {}) ⇒ Boolean

Returns ‘true` if the User exists.

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (Boolean) —

  Returns ‘true` if the User exists.

# File 'lib/aws-sdk-iam/user.rb', line 179

def exists?(options = {})
  begin
    wait_until_exists(options.merge(max_attempts: 1))
    true
  rescue Aws::Waiters::Errors::UnexpectedError => e
    raise e.error
  rescue Aws::Waiters::Errors::WaiterFailed
    false
  end
end

#groups(options = {}) ⇒ Group::Collection

Examples:

Request syntax with placeholder values

user.groups()

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (Group::Collection)

# File 'lib/aws-sdk-iam/user.rb', line 800

def groups(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(user_name: @name)
    resp = Aws::Plugins::UserAgent.feature('resource') do
      @client.list_groups_for_user(options)
    end
    resp.each_page do |page|
      batch = []
      page.data.groups.each do |g|
        batch << Group.new(
          name: g.group_name,
          data: g,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  Group::Collection.new(batches)
end

#identifiers ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Deprecated.

# File 'lib/aws-sdk-iam/user.rb', line 941

def identifiers
  { name: @name }
end

#load ⇒ self Also known as: reload

Loads, or reloads #data for the current Aws::IAM::User. Returns ‘self` making it possible to chain methods.

user.reload.data

Returns:

• (self)

# File 'lib/aws-sdk-iam/user.rb', line 152

def load
  resp = Aws::Plugins::UserAgent.feature('resource') do
    @client.get_user(user_name: @name)
  end
  @data = resp.user
  self
end

#login_profile ⇒ LoginProfile

Returns:

• (LoginProfile)

# File 'lib/aws-sdk-iam/user.rb', line 822

def login_profile
  LoginProfile.new(
    user_name: @name,
    client: @client
  )
end

#mfa_device(serial_number) ⇒ MfaDevice

Parameters:

• serial_number (String)

Returns:

• (MfaDevice)

# File 'lib/aws-sdk-iam/user.rb', line 831

def mfa_device(serial_number)
  MfaDevice.new(
    user_name: @name,
    serial_number: serial_number,
    client: @client
  )
end

#mfa_devices(options = {}) ⇒ MfaDevice::Collection

Examples:

Request syntax with placeholder values

user.mfa_devices()

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (MfaDevice::Collection)

# File 'lib/aws-sdk-iam/user.rb', line 844

def mfa_devices(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(user_name: @name)
    resp = Aws::Plugins::UserAgent.feature('resource') do
      @client.list_mfa_devices(options)
    end
    resp.each_page do |page|
      batch = []
      page.data.mfa_devices.each do |m|
        batch << MfaDevice.new(
          user_name: @name,
          serial_number: m.serial_number,
          data: m,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  MfaDevice::Collection.new(batches)
end

#name ⇒ String Also known as: user_name

Returns:

• (String)

# File 'lib/aws-sdk-iam/user.rb', line 33

def name
  @name
end

#password_last_used ⇒ Time

The date and time, in [ISO 8601 date-time format], when the user’s password was last used to sign in to an Amazon Web Services website. For a list of Amazon Web Services websites that capture a user’s last sign-in time, see the [Credential reports] topic in the *IAM User Guide*. If a password is used more than once in a five-minute span, only the first use is returned in this field. If the field is null (no value), then it indicates that they never signed in with a password. This can be because:

• The user never had a password.

• A password exists but has not been used since IAM started tracking this information on October 20, 2014.

A null value does not mean that the user never had a password. Also, if the user does not currently have a password but had one in the past, then this field contains the date and time the most recent password was used.

This value is returned only in the GetUser and ListUsers operations.

[1]: www.iso.org/iso/iso8601 [2]: docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html

Returns:

• (Time)

# File 'lib/aws-sdk-iam/user.rb', line 113

def password_last_used
  data[:password_last_used]
end

#path ⇒ String

The path to the user. For more information about paths, see [IAM identifiers] in the *IAM User Guide*.

The ARN of the policy used to set the permissions boundary for the user.

[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html

Returns:

• (String)

# File 'lib/aws-sdk-iam/user.rb', line 48

def path
  data[:path]
end

#permissions_boundary ⇒ Types::AttachedPermissionsBoundary

For more information about permissions boundaries, see [Permissions boundaries for IAM identities ][1] in the *IAM User Guide*.

[1]: docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html

Returns:

• (Types::AttachedPermissionsBoundary)

# File 'lib/aws-sdk-iam/user.rb', line 124

def permissions_boundary
  data[:permissions_boundary]
end

#policies(options = {}) ⇒ UserPolicy::Collection

Examples:

Request syntax with placeholder values

user.policies()

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (UserPolicy::Collection)

# File 'lib/aws-sdk-iam/user.rb', line 871

def policies(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(user_name: @name)
    resp = Aws::Plugins::UserAgent.feature('resource') do
      @client.list_user_policies(options)
    end
    resp.each_page do |page|
      batch = []
      page.data.policy_names.each do |p|
        batch << UserPolicy.new(
          user_name: @name,
          name: p,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  UserPolicy::Collection.new(batches)
end

#policy(name) ⇒ UserPolicy

Parameters:

• name (String)

Returns:

• (UserPolicy)

# File 'lib/aws-sdk-iam/user.rb', line 894

def policy(name)
  UserPolicy.new(
    user_name: @name,
    name: name,
    client: @client
  )
end

#remove_group(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values

user.remove_group({
  group_name: "groupNameType", # required
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :group_name (required, String) —

  The name of the group to update.

  This parameter allows (through its [regex pattern]) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

  [1]: wikipedia.org/wiki/regex

Returns:

• (EmptyStructure)

# File 'lib/aws-sdk-iam/user.rb', line 666

def remove_group(options = {})
  options = options.merge(user_name: @name)
  resp = Aws::Plugins::UserAgent.feature('resource') do
    @client.remove_user_from_group(options)
  end
  resp.data
end

#signing_certificate(id) ⇒ SigningCertificate

Parameters:

• id (String)

Returns:

• (SigningCertificate)

# File 'lib/aws-sdk-iam/user.rb', line 904

def signing_certificate(id)
  SigningCertificate.new(
    user_name: @name,
    id: id,
    client: @client
  )
end

#signing_certificates(options = {}) ⇒ SigningCertificate::Collection

Examples:

Request syntax with placeholder values

user.signing_certificates()

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (SigningCertificate::Collection)

# File 'lib/aws-sdk-iam/user.rb', line 917

def signing_certificates(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(user_name: @name)
    resp = Aws::Plugins::UserAgent.feature('resource') do
      @client.list_signing_certificates(options)
    end
    resp.each_page do |page|
      batch = []
      page.data.certificates.each do |c|
        batch << SigningCertificate.new(
          user_name: @name,
          id: c.certificate_id,
          data: c,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  SigningCertificate::Collection.new(batches)
end

#tags ⇒ Array<Types::Tag>

A list of tags that are associated with the user. For more information about tagging, see [Tagging IAM resources] in the *IAM User Guide*.

[1]: docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html

Returns:

• (Array<Types::Tag>)

# File 'lib/aws-sdk-iam/user.rb', line 135

def tags
  data[:tags]
end

#update(options = {}) ⇒ User

Examples:

Request syntax with placeholder values

user = user.update({
  new_path: "pathType",
  new_user_name: "userNameType",
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :new_path (String) —

  New path for the IAM user. Include this parameter only if you’re changing the user’s path.

  This parameter allows (through its [regex pattern]) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (‘u0021`) through the DEL character (`u007F`), including most punctuation characters, digits, and upper and lowercased letters.

  [1]: wikipedia.org/wiki/regex

• :new_user_name (String) —

  New name for the user. Include this parameter only if you’re changing the user’s name.

  IAM user, group, role, and policy names must be unique within the account. Names are not distinguished by case. For example, you cannot create resources named both “MyResource” and “myresource”.

Returns:

• (User)

# File 'lib/aws-sdk-iam/user.rb', line 703

def update(options = {})
  options = options.merge(user_name: @name)
  Aws::Plugins::UserAgent.feature('resource') do
    @client.update_user(options)
  end
  User.new(
    name: options[:new_user_name],
    client: @client
  )
end

#user_id ⇒ String

The stable and unique string identifying the user. For more information about IDs, see [IAM identifiers] in the *IAM User Guide*.

[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html

Returns:

• (String)

# File 'lib/aws-sdk-iam/user.rb', line 60

def user_id
  data[:user_id]
end

#wait_until(options = {}) {|resource| ... } ⇒ Resource

Deprecated.

Use [Aws::IAM::Client] #wait_until instead

Note:

The waiting operation is performed on a copy. The original resource remains unchanged.

Waiter polls an API operation until a resource enters a desired state.

## Basic Usage

Waiter will polls until it is successful, it fails by entering a terminal state, or until a maximum number of attempts are made.

# polls in a loop until condition is true
resource.wait_until(options) {|resource| condition}

## Example

instance.wait_until(max_attempts:10, delay:5) do |instance|
  instance.state.name == 'running'
end

## Configuration

You can configure the maximum number of polling attempts, and the delay (in seconds) between each polling attempt. The waiting condition is set by passing a block to #wait_until:

# poll for ~25 seconds
resource.wait_until(max_attempts:5,delay:5) {|resource|...}

## Callbacks

You can be notified before each polling attempt and before each delay. If you throw ‘:success` or `:failure` from these callbacks, it will terminate the waiter.

started_at = Time.now
# poll for 1 hour, instead of a number of attempts
proc = Proc.new do |attempts, response|
  throw :failure if Time.now - started_at > 3600
end

  # disable max attempts
instance.wait_until(before_wait:proc, max_attempts:nil) {...}

## Handling Errors

When a waiter is successful, it returns the Resource. When a waiter fails, it raises an error.

begin
  resource.wait_until(...)
rescue Aws::Waiters::Errors::WaiterFailed
  # resource did not enter the desired state in time
end

attempts attempt in seconds invoked before each attempt invoked before each wait

Parameters:

• options (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (options):

• :max_attempts (Integer) — default: 10 —

  Maximum number of

• :delay (Integer) — default: 10 —

  Delay between each

• :before_attempt (Proc) — default: nil —

  Callback

• :before_wait (Proc) — default: nil —

  Callback

Yield Parameters:

• resource (Resource) —

  to be used in the waiting condition.

Returns:

• (Resource) —

  if the waiter was successful

Raises:

• (Aws::Waiters::Errors::FailureStateError) —

  Raised when the waiter terminates because the waiter has entered a state that it will not transition out of, preventing success.

  yet successful.

• (Aws::Waiters::Errors::UnexpectedError) —

  Raised when an error is encountered while polling for a resource that is not expected.

• (NotImplementedError) —

  Raised when the resource does not

# File 'lib/aws-sdk-iam/user.rb', line 289

def wait_until(options = {}, &block)
  self_copy = self.dup
  attempts = 0
  options[:max_attempts] = 10 unless options.key?(:max_attempts)
  options[:delay] ||= 10
  options[:poller] = Proc.new do
    attempts += 1
    if block.call(self_copy)
      [:success, self_copy]
    else
      self_copy.reload unless attempts == options[:max_attempts]
      :retry
    end
  end
  Aws::Plugins::UserAgent.feature('resource') do
    Aws::Waiters::Waiter.new(options).wait({})
  end
end

#wait_until_exists(options = {}, &block) ⇒ User

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :max_attempts (Integer) — default: 20
• :delay (Float) — default: 1
• :before_attempt (Proc)
• :before_wait (Proc)

Returns:

• (User)

# File 'lib/aws-sdk-iam/user.rb', line 196

def wait_until_exists(options = {}, &block)
  options, params = separate_params_and_options(options)
  waiter = Waiters::UserExists.new(options)
  yield_waiter_and_warn(waiter, &block) if block_given?
  Aws::Plugins::UserAgent.feature('resource') do
    waiter.wait(params.merge(user_name: @name))
  end
  User.new({
    name: @name,
    client: @client
  })
end