Class: Aws::IAM::User
- Inherits:
-
Object
- Object
- Aws::IAM::User
- Extended by:
- Deprecations
- Defined in:
- lib/aws-sdk-iam/user.rb
Defined Under Namespace
Classes: Collection
Read-Only Attributes collapse
-
#arn ⇒ String
The Amazon Resource Name (ARN) that identifies the user.
-
#create_date ⇒ Time
The date and time, in [ISO 8601 date-time format], when the user was created.
- #name ⇒ String (also: #user_name)
-
#password_last_used ⇒ Time
The date and time, in [ISO 8601 date-time format], when the user’s password was last used to sign in to an Amazon Web Services website.
-
#path ⇒ String
The path to the user.
-
#permissions_boundary ⇒ Types::AttachedPermissionsBoundary
For more information about permissions boundaries, see [Permissions boundaries for IAM identities ][1] in the *IAM User Guide*.
-
#tags ⇒ Array<Types::Tag>
A list of tags that are associated with the user.
-
#user_id ⇒ String
The stable and unique string identifying the user.
Actions collapse
- #add_group(options = {}) ⇒ EmptyStructure
- #attach_policy(options = {}) ⇒ EmptyStructure
- #create(options = {}) ⇒ User
- #create_access_key_pair(options = {}) ⇒ AccessKeyPair
- #create_login_profile(options = {}) ⇒ LoginProfile
- #create_policy(options = {}) ⇒ UserPolicy
- #delete(options = {}) ⇒ EmptyStructure
- #detach_policy(options = {}) ⇒ EmptyStructure
- #enable_mfa(options = {}) ⇒ MfaDevice
- #remove_group(options = {}) ⇒ EmptyStructure
- #update(options = {}) ⇒ User
Associations collapse
- #access_key(id) ⇒ AccessKey
- #access_keys(options = {}) ⇒ AccessKey::Collection
- #attached_policies(options = {}) ⇒ Policy::Collection
- #groups(options = {}) ⇒ Group::Collection
- #identifiers ⇒ Object deprecated private Deprecated.
- #login_profile ⇒ LoginProfile
- #mfa_device(serial_number) ⇒ MfaDevice
- #mfa_devices(options = {}) ⇒ MfaDevice::Collection
- #policies(options = {}) ⇒ UserPolicy::Collection
- #policy(name) ⇒ UserPolicy
- #signing_certificate(id) ⇒ SigningCertificate
- #signing_certificates(options = {}) ⇒ SigningCertificate::Collection
Instance Method Summary collapse
- #client ⇒ Client
-
#data ⇒ Types::User
Returns the data for this User.
-
#data_loaded? ⇒ Boolean
Returns ‘true` if this resource is loaded.
-
#exists?(options = {}) ⇒ Boolean
Returns ‘true` if the User exists.
-
#initialize(*args) ⇒ User
constructor
A new instance of User.
- #load ⇒ self (also: #reload)
-
#wait_until(options = {}) {|resource| ... } ⇒ Resource
deprecated
Deprecated.
Use [Aws::IAM::Client] #wait_until instead
- #wait_until_exists(options = {}, &block) ⇒ User
Constructor Details
#initialize(name, options = {}) ⇒ User #initialize(options = {}) ⇒ User
Returns a new instance of User.
22 23 24 25 26 27 28 |
# File 'lib/aws-sdk-iam/user.rb', line 22 def initialize(*args) = Hash === args.last ? args.pop.dup : {} @name = extract_name(args, ) @data = .delete(:data) @client = .delete(:client) || Client.new() @waiter_block_warned = false end |
Instance Method Details
#access_key(id) ⇒ AccessKey
722 723 724 725 726 727 728 |
# File 'lib/aws-sdk-iam/user.rb', line 722 def access_key(id) AccessKey.new( user_name: @name, id: id, client: @client ) end |
#access_keys(options = {}) ⇒ AccessKey::Collection
735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 |
# File 'lib/aws-sdk-iam/user.rb', line 735 def access_keys( = {}) batches = Enumerator.new do |y| = .merge(user_name: @name) resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.list_access_keys() end resp.each_page do |page| batch = [] page.data..each do |a| batch << AccessKey.new( user_name: @name, id: a.access_key_id, data: a, client: @client ) end y.yield(batch) end end AccessKey::Collection.new(batches) end |
#add_group(options = {}) ⇒ EmptyStructure
328 329 330 331 332 333 334 |
# File 'lib/aws-sdk-iam/user.rb', line 328 def add_group( = {}) = .merge(user_name: @name) resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.add_user_to_group() end resp.data end |
#arn ⇒ String
The Amazon Resource Name (ARN) that identifies the user. For more information about ARNs and how to use ARNs in policies, see [IAM Identifiers] in the *IAM User Guide*.
[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
72 73 74 |
# File 'lib/aws-sdk-iam/user.rb', line 72 def arn data[:arn] end |
#attach_policy(options = {}) ⇒ EmptyStructure
352 353 354 355 356 357 358 |
# File 'lib/aws-sdk-iam/user.rb', line 352 def attach_policy( = {}) = .merge(user_name: @name) resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.attach_user_policy() end resp.data end |
#attached_policies(options = {}) ⇒ Policy::Collection
779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 |
# File 'lib/aws-sdk-iam/user.rb', line 779 def attached_policies( = {}) batches = Enumerator.new do |y| = .merge(user_name: @name) resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.list_attached_user_policies() end resp.each_page do |page| batch = [] page.data.attached_policies.each do |a| batch << Policy.new( arn: a.policy_arn, client: @client ) end y.yield(batch) end end Policy::Collection.new(batches) end |
#create(options = {}) ⇒ User
424 425 426 427 428 429 430 431 432 433 434 |
# File 'lib/aws-sdk-iam/user.rb', line 424 def create( = {}) = .merge(user_name: @name) resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.create_user() end User.new( name: [:user_name], data: resp.data.user, client: @client ) end |
#create_access_key_pair(options = {}) ⇒ AccessKeyPair
441 442 443 444 445 446 447 448 449 450 451 452 453 |
# File 'lib/aws-sdk-iam/user.rb', line 441 def create_access_key_pair( = {}) = .merge(user_name: @name) resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.create_access_key() end AccessKeyPair.new( user_name: @name, id: resp.data.access_key.access_key_id, secret: resp.data.access_key.secret_access_key, data: resp.data.access_key, client: @client ) end |
#create_date ⇒ Time
The date and time, in [ISO 8601 date-time format], when the user was created.
83 84 85 |
# File 'lib/aws-sdk-iam/user.rb', line 83 def create_date data[:create_date] end |
#create_login_profile(options = {}) ⇒ LoginProfile
486 487 488 489 490 491 492 493 494 495 496 |
# File 'lib/aws-sdk-iam/user.rb', line 486 def create_login_profile( = {}) = .merge(user_name: @name) resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.create_login_profile() end LoginProfile.new( user_name: resp.data.login_profile.user_name, data: resp.data.login_profile, client: @client ) end |
#create_policy(options = {}) ⇒ UserPolicy
540 541 542 543 544 545 546 547 548 549 550 |
# File 'lib/aws-sdk-iam/user.rb', line 540 def create_policy( = {}) = .merge(user_name: @name) Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.put_user_policy() end UserPolicy.new( user_name: @name, name: [:policy_name], client: @client ) end |
#data ⇒ Types::User
Returns the data for this Aws::IAM::User. Calls Client#get_user if #data_loaded? is ‘false`.
164 165 166 167 |
# File 'lib/aws-sdk-iam/user.rb', line 164 def data load unless @data @data end |
#data_loaded? ⇒ Boolean
172 173 174 |
# File 'lib/aws-sdk-iam/user.rb', line 172 def data_loaded? !!@data end |
#delete(options = {}) ⇒ EmptyStructure
557 558 559 560 561 562 563 |
# File 'lib/aws-sdk-iam/user.rb', line 557 def delete( = {}) = .merge(user_name: @name) resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.delete_user() end resp.data end |
#detach_policy(options = {}) ⇒ EmptyStructure
581 582 583 584 585 586 587 |
# File 'lib/aws-sdk-iam/user.rb', line 581 def detach_policy( = {}) = .merge(user_name: @name) resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.detach_user_policy() end resp.data end |
#enable_mfa(options = {}) ⇒ MfaDevice
640 641 642 643 644 645 646 647 648 649 650 |
# File 'lib/aws-sdk-iam/user.rb', line 640 def enable_mfa( = {}) = .merge(user_name: @name) Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.enable_mfa_device() end MfaDevice.new( user_name: @name, serial_number: [:serial_number], client: @client ) end |
#exists?(options = {}) ⇒ Boolean
Returns ‘true` if the User exists.
179 180 181 182 183 184 185 186 187 188 |
# File 'lib/aws-sdk-iam/user.rb', line 179 def exists?( = {}) begin wait_until_exists(.merge(max_attempts: 1)) true rescue Aws::Waiters::Errors::UnexpectedError => e raise e.error rescue Aws::Waiters::Errors::WaiterFailed false end end |
#groups(options = {}) ⇒ Group::Collection
804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 |
# File 'lib/aws-sdk-iam/user.rb', line 804 def groups( = {}) batches = Enumerator.new do |y| = .merge(user_name: @name) resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.list_groups_for_user() end resp.each_page do |page| batch = [] page.data.groups.each do |g| batch << Group.new( name: g.group_name, data: g, client: @client ) end y.yield(batch) end end Group::Collection.new(batches) end |
#identifiers ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
945 946 947 |
# File 'lib/aws-sdk-iam/user.rb', line 945 def identifiers { name: @name } end |
#load ⇒ self Also known as: reload
Loads, or reloads #data for the current Aws::IAM::User. Returns ‘self` making it possible to chain methods.
user.reload.data
152 153 154 155 156 157 158 |
# File 'lib/aws-sdk-iam/user.rb', line 152 def load resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.get_user(user_name: @name) end @data = resp.user self end |
#login_profile ⇒ LoginProfile
826 827 828 829 830 831 |
# File 'lib/aws-sdk-iam/user.rb', line 826 def login_profile LoginProfile.new( user_name: @name, client: @client ) end |
#mfa_device(serial_number) ⇒ MfaDevice
835 836 837 838 839 840 841 |
# File 'lib/aws-sdk-iam/user.rb', line 835 def mfa_device(serial_number) MfaDevice.new( user_name: @name, serial_number: serial_number, client: @client ) end |
#mfa_devices(options = {}) ⇒ MfaDevice::Collection
848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 |
# File 'lib/aws-sdk-iam/user.rb', line 848 def mfa_devices( = {}) batches = Enumerator.new do |y| = .merge(user_name: @name) resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.list_mfa_devices() end resp.each_page do |page| batch = [] page.data.mfa_devices.each do |m| batch << MfaDevice.new( user_name: @name, serial_number: m.serial_number, data: m, client: @client ) end y.yield(batch) end end MfaDevice::Collection.new(batches) end |
#name ⇒ String Also known as: user_name
33 34 35 |
# File 'lib/aws-sdk-iam/user.rb', line 33 def name @name end |
#password_last_used ⇒ Time
The date and time, in [ISO 8601 date-time format], when the user’s password was last used to sign in to an Amazon Web Services website. For a list of Amazon Web Services websites that capture a user’s last sign-in time, see the [Credential reports] topic in the *IAM User Guide*. If a password is used more than once in a five-minute span, only the first use is returned in this field. If the field is null (no value), then it indicates that they never signed in with a password. This can be because:
-
The user never had a password.
-
A password exists but has not been used since IAM started tracking this information on October 20, 2014.
A null value does not mean that the user never had a password. Also, if the user does not currently have a password but had one in the past, then this field contains the date and time the most recent password was used.
This value is returned only in the GetUser and ListUsers operations.
[1]: www.iso.org/iso/iso8601 [2]: docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html
113 114 115 |
# File 'lib/aws-sdk-iam/user.rb', line 113 def password_last_used data[:password_last_used] end |
#path ⇒ String
The path to the user. For more information about paths, see [IAM identifiers] in the *IAM User Guide*.
The ARN of the policy used to set the permissions boundary for the user.
[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
48 49 50 |
# File 'lib/aws-sdk-iam/user.rb', line 48 def path data[:path] end |
#permissions_boundary ⇒ Types::AttachedPermissionsBoundary
For more information about permissions boundaries, see [Permissions boundaries for IAM identities ][1] in the *IAM User Guide*.
[1]: docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
124 125 126 |
# File 'lib/aws-sdk-iam/user.rb', line 124 def data[:permissions_boundary] end |
#policies(options = {}) ⇒ UserPolicy::Collection
875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 |
# File 'lib/aws-sdk-iam/user.rb', line 875 def policies( = {}) batches = Enumerator.new do |y| = .merge(user_name: @name) resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.list_user_policies() end resp.each_page do |page| batch = [] page.data.policy_names.each do |p| batch << UserPolicy.new( user_name: @name, name: p, client: @client ) end y.yield(batch) end end UserPolicy::Collection.new(batches) end |
#policy(name) ⇒ UserPolicy
898 899 900 901 902 903 904 |
# File 'lib/aws-sdk-iam/user.rb', line 898 def policy(name) UserPolicy.new( user_name: @name, name: name, client: @client ) end |
#remove_group(options = {}) ⇒ EmptyStructure
670 671 672 673 674 675 676 |
# File 'lib/aws-sdk-iam/user.rb', line 670 def remove_group( = {}) = .merge(user_name: @name) resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.remove_user_from_group() end resp.data end |
#signing_certificate(id) ⇒ SigningCertificate
908 909 910 911 912 913 914 |
# File 'lib/aws-sdk-iam/user.rb', line 908 def signing_certificate(id) SigningCertificate.new( user_name: @name, id: id, client: @client ) end |
#signing_certificates(options = {}) ⇒ SigningCertificate::Collection
921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 |
# File 'lib/aws-sdk-iam/user.rb', line 921 def signing_certificates( = {}) batches = Enumerator.new do |y| = .merge(user_name: @name) resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.list_signing_certificates() end resp.each_page do |page| batch = [] page.data.certificates.each do |c| batch << SigningCertificate.new( user_name: @name, id: c.certificate_id, data: c, client: @client ) end y.yield(batch) end end SigningCertificate::Collection.new(batches) end |
#tags ⇒ Array<Types::Tag>
A list of tags that are associated with the user. For more information about tagging, see [Tagging IAM resources] in the *IAM User Guide*.
135 136 137 |
# File 'lib/aws-sdk-iam/user.rb', line 135 def data[:tags] end |
#update(options = {}) ⇒ User
707 708 709 710 711 712 713 714 715 716 |
# File 'lib/aws-sdk-iam/user.rb', line 707 def update( = {}) = .merge(user_name: @name) Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do @client.update_user() end User.new( name: [:new_user_name], client: @client ) end |
#user_id ⇒ String
The stable and unique string identifying the user. For more information about IDs, see [IAM identifiers] in the *IAM User Guide*.
[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
60 61 62 |
# File 'lib/aws-sdk-iam/user.rb', line 60 def user_id data[:user_id] end |
#wait_until(options = {}) {|resource| ... } ⇒ Resource
Use [Aws::IAM::Client] #wait_until instead
The waiting operation is performed on a copy. The original resource remains unchanged.
Waiter polls an API operation until a resource enters a desired state.
## Basic Usage
Waiter will polls until it is successful, it fails by entering a terminal state, or until a maximum number of attempts are made.
# polls in a loop until condition is true
resource.wait_until() {|resource| condition}
## Example
instance.wait_until(max_attempts:10, delay:5) do |instance|
instance.state.name == 'running'
end
## Configuration
You can configure the maximum number of polling attempts, and the delay (in seconds) between each polling attempt. The waiting condition is set by passing a block to #wait_until:
# poll for ~25 seconds
resource.wait_until(max_attempts:5,delay:5) {|resource|...}
## Callbacks
You can be notified before each polling attempt and before each delay. If you throw ‘:success` or `:failure` from these callbacks, it will terminate the waiter.
started_at = Time.now
# poll for 1 hour, instead of a number of attempts
proc = Proc.new do |attempts, response|
throw :failure if Time.now - started_at > 3600
end
# disable max attempts
instance.wait_until(before_wait:proc, max_attempts:nil) {...}
## Handling Errors
When a waiter is successful, it returns the Resource. When a waiter fails, it raises an error.
begin
resource.wait_until(...)
rescue Aws::Waiters::Errors::WaiterFailed
# resource did not enter the desired state in time
end
attempts attempt in seconds invoked before each attempt invoked before each wait
289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 |
# File 'lib/aws-sdk-iam/user.rb', line 289 def wait_until( = {}, &block) self_copy = self.dup attempts = 0 [:max_attempts] = 10 unless .key?(:max_attempts) [:delay] ||= 10 [:poller] = Proc.new do attempts += 1 if block.call(self_copy) [:success, self_copy] else self_copy.reload unless attempts == [:max_attempts] :retry end end Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do Aws::Waiters::Waiter.new().wait({}) end end |
#wait_until_exists(options = {}, &block) ⇒ User
196 197 198 199 200 201 202 203 204 205 206 207 |
# File 'lib/aws-sdk-iam/user.rb', line 196 def wait_until_exists( = {}, &block) , params = () waiter = Waiters::UserExists.new() yield_waiter_and_warn(waiter, &block) if block_given? Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do waiter.wait(params.merge(user_name: @name)) end User.new({ name: @name, client: @client }) end |