Class: AWS::IAM::User
- Defined in:
- lib/aws/iam/user.rb
Overview
Represents an IAM User. Each AWS account can have many users. Users can be organized (optionally) into groups. Users (and groups) can be given policies that affect that they can do.
Creating A User
iam = AWS::IAM.new
user = iam.users.create('johndoe')
Renaming a User
You can only edit a user's name and path (both of which will modify the user's ARN).
user = iam.users['johndoe']
user.name = 'newname'
User Path
When you create a user you can assign a path. Paths must begin and end with a forward slash (/).
user = iam.users.create('newuser', :path => '/developers/ruby/')
Paths are a useful tool for organizing/tagging users. You can later enumerate users by their path prefixes:
iam.users.each(:path_prefix => '/developers').each do |developer|
puts developer.name
end
Login Profile
A login profile is required for an IAM user to use the AWS Management console (web interface). See LoginProfile for more information.
Deleting Users
In order to delete a user you must first remove it from all of its groups and delete all of its signing certificates. Once this is done:
Instance Attribute Summary collapse
-
#arn ⇒ String
readonly
The current value of arn.
-
#create_date ⇒ DateTime
readonly
The current value of create_date.
-
#id ⇒ String
readonly
The current value of id.
-
#path ⇒ String
The current value of path.
-
#user_name ⇒ String
The current value of user_name.
Instance Method Summary collapse
-
#access_keys ⇒ AccessKeyCollection
Returns a collection that represents the access keys for this user.
-
#delete ⇒ nil
Deletes this user.
-
#delete! ⇒ Object
Deletes the current user, after: * deleting its login profile * removing it from all groups * deleting all of its access keys * deleting its mfa devices * deleting its signing certificates.
-
#groups ⇒ UserGroupCollection
Returns a collection that includes all of the groups the user is in.
-
#initialize(name, options = {}) ⇒ User
constructor
A new instance of User.
-
#login_profile ⇒ LoginProfile
A login profile is a user name and password that enables a user to log in to the AWS Management Console.
-
#mfa_devices ⇒ MFADeviceCollection
Returns a collection that represents all MFA devices assigned to this user.
-
#policies ⇒ PolicyCollection
Returns a collection that represents all policies for this user.
-
#signing_certificates ⇒ SigningCertificateCollection
Returns a collection that represents the signing certificates belonging to this user.
Methods inherited from Resource
Constructor Details
#initialize(name, options = {}) ⇒ User
Returns a new instance of User.
75 76 77 78 |
# File 'lib/aws/iam/user.rb', line 75 def initialize name, = {} [:name] = name super() end |
Instance Attribute Details
#arn ⇒ String (readonly)
Returns the current value of arn.
69 70 71 |
# File 'lib/aws/iam/user.rb', line 69 def arn @arn end |
#create_date ⇒ DateTime (readonly)
Returns the current value of create_date.
69 70 71 |
# File 'lib/aws/iam/user.rb', line 69 def create_date @create_date end |
#id ⇒ String (readonly)
Returns the current value of id.
69 70 71 |
# File 'lib/aws/iam/user.rb', line 69 def id @id end |
#path ⇒ String
Returns the current value of path.
69 70 71 |
# File 'lib/aws/iam/user.rb', line 69 def path @path end |
#user_name ⇒ String
Returns the current value of user_name.
69 70 71 |
# File 'lib/aws/iam/user.rb', line 69 def user_name @user_name end |
Instance Method Details
#access_keys ⇒ AccessKeyCollection
Returns a collection that represents the access keys for this user.
user.access_keys.each do |access_key|
puts access_key.id
end
182 183 184 |
# File 'lib/aws/iam/user.rb', line 182 def access_keys AccessKeyCollection.new(:user => self) end |
#delete ⇒ nil
Deletes this user.
107 108 109 110 |
# File 'lib/aws/iam/user.rb', line 107 def delete client.delete_user() nil end |
#delete! ⇒ Object
Deletes the current user, after:
- deleting its login profile
- removing it from all groups
- deleting all of its access keys
- deleting its mfa devices
- deleting its signing certificates
118 119 120 121 122 123 124 125 126 |
# File 'lib/aws/iam/user.rb', line 118 def delete! groups.clear access_keys.clear policies.clear mfa_devices.clear signing_certificates.clear login_profile.delete if login_profile.exists? delete end |
#groups ⇒ UserGroupCollection
Returns a collection that includes all of the groups the user is in.
188 189 190 |
# File 'lib/aws/iam/user.rb', line 188 def groups UserGroupCollection.new(self) end |
#login_profile ⇒ LoginProfile
A login profile is a user name and password that enables a user to log in to the href="http://aws.amazon.com/console">http://aws.amazon.com/console AWS Management Console. The object returned by this method allows you to set or delete the password. For example:
user.login_profile.password = "TheNewPassword"
170 171 172 |
# File 'lib/aws/iam/user.rb', line 170 def login_profile LoginProfile.new(self) end |
#mfa_devices ⇒ MFADeviceCollection
Returns a collection that represents all MFA devices assigned to this user.
158 159 160 |
# File 'lib/aws/iam/user.rb', line 158 def mfa_devices MFADeviceCollection.new(self) end |
#policies ⇒ PolicyCollection
Returns a collection that represents all policies for this user.
user.policies.each do |policy|
puts policy.name
end
136 137 138 |
# File 'lib/aws/iam/user.rb', line 136 def policies UserPolicyCollection.new(self) end |
#signing_certificates ⇒ SigningCertificateCollection
Returns a collection that represents the signing certificates belonging to this user.
user.signing_certificates.each do |cert|
# ...
end
If you need to access the signing certificates of this AWS account, see AWS::IAM#signing_certificates.
152 153 154 |
# File 'lib/aws/iam/user.rb', line 152 def signing_certificates SigningCertificateCollection.new(:user => self, :config => config) end |