Class: AWS::IAM::User

Inherits:
Resource
  • Object
show all
Defined in:
lib/aws/iam/user.rb

Overview

Represents an IAM User. Each AWS account can have many users. Users can be organized (optionally) into groups. Users (and groups) can be given policies that affect that they can do.

Creating A User

iam = AWS::IAM.new
user = iam.users.create('johndoe')

Renaming a User

You can only edit a user's name and path (both of which will modify the user's ARN).

user = iam.users['johndoe']
user.name = 'newname'

User Path

When you create a user you can assign a path. Paths must begin and end with a forward slash (/).

user = iam.users.create('newuser', :path => '/developers/ruby/')

Paths are a useful tool for organizing/tagging users. You can later enumerate users by their path prefixes:

iam.users.each(:path_prefix => '/developers').each do |developer|
  puts developer.name
end

Login Profile

A login profile is required for an IAM user to use the AWS Management console (web interface). See LoginProfile for more information.

Deleting Users

In order to delete a user you must first remove it from all of its groups and delete all of its signing certificates. Once this is done:

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods inherited from Resource

#exists?

Constructor Details

#initialize(name, options = {}) ⇒ User

Returns a new instance of User.

Parameters:

  • name (String)

    The IAM user name for this user.

  • options (Hash) (defaults to: {})


75
76
77
78
# File 'lib/aws/iam/user.rb', line 75

def initialize name, options = {}
  options[:name] = name
  super(options)
end

Instance Attribute Details

#arnString (readonly)

Returns the current value of arn.

Returns:

  • (String)

    the current value of arn



69
70
71
# File 'lib/aws/iam/user.rb', line 69

def arn
  @arn
end

#create_dateDateTime (readonly)

Returns the current value of create_date.

Returns:

  • (DateTime)

    the current value of create_date



69
70
71
# File 'lib/aws/iam/user.rb', line 69

def create_date
  @create_date
end

#idString (readonly)

Returns the current value of id.

Returns:

  • (String)

    the current value of id



69
70
71
# File 'lib/aws/iam/user.rb', line 69

def id
  @id
end

#pathString

Returns the current value of path.

Returns:

  • (String)

    the current value of path



69
70
71
# File 'lib/aws/iam/user.rb', line 69

def path
  @path
end

#user_nameString

Returns the current value of user_name.

Returns:

  • (String)

    the current value of user_name



69
70
71
# File 'lib/aws/iam/user.rb', line 69

def user_name
  @user_name
end

Instance Method Details

#access_keysAccessKeyCollection

Returns a collection that represents the access keys for this user.

user.access_keys.each do |access_key|
  puts access_key.id
end

Returns:

  • (AccessKeyCollection)

    Returns a collection that represents all access keys for this user.



182
183
184
# File 'lib/aws/iam/user.rb', line 182

def access_keys
  AccessKeyCollection.new(:user => self)
end

#deletenil

Deletes this user.

Returns:

  • (nil)


107
108
109
110
# File 'lib/aws/iam/user.rb', line 107

def delete
  client.delete_user(resource_options)
  nil
end

#delete!Object

Deletes the current user, after:

  • deleting its login profile
  • removing it from all groups
  • deleting all of its access keys
  • deleting its mfa devices
  • deleting its signing certificates


118
119
120
121
122
123
124
125
126
# File 'lib/aws/iam/user.rb', line 118

def delete!
  groups.clear
  access_keys.clear
  policies.clear
  mfa_devices.clear
  signing_certificates.clear
  .delete if .exists?
  delete
end

#groupsUserGroupCollection

Returns a collection that includes all of the groups the user is in.

Returns:



188
189
190
# File 'lib/aws/iam/user.rb', line 188

def groups
  UserGroupCollection.new(self)
end

#login_profileLoginProfile

A login profile is a user name and password that enables a user to log in to the href="http://aws.amazon.com/console">http://aws.amazon.com/console AWS Management Console. The object returned by this method allows you to set or delete the password. For example:

user..password = "TheNewPassword"

Returns:

  • (LoginProfile)

    Returns the login profile for this user.



170
171
172
# File 'lib/aws/iam/user.rb', line 170

def 
  LoginProfile.new(self)
end

#mfa_devicesMFADeviceCollection

Returns a collection that represents all MFA devices assigned to this user.

Returns:

  • (MFADeviceCollection)

    Returns a collection that represents all MFA devices assigned to this user.



158
159
160
# File 'lib/aws/iam/user.rb', line 158

def mfa_devices
  MFADeviceCollection.new(self)
end

#policiesPolicyCollection

Returns a collection that represents all policies for this user.

user.policies.each do |policy|
  puts policy.name
end

Returns:

  • (PolicyCollection)

    Returns a collection that represents all policies for this user.



136
137
138
# File 'lib/aws/iam/user.rb', line 136

def policies
  UserPolicyCollection.new(self)
end

#signing_certificatesSigningCertificateCollection

Returns a collection that represents the signing certificates belonging to this user.

user.signing_certificates.each do |cert|
  # ...
end

If you need to access the signing certificates of this AWS account, see AWS::IAM#signing_certificates.

Returns:



152
153
154
# File 'lib/aws/iam/user.rb', line 152

def signing_certificates
  SigningCertificateCollection.new(:user => self, :config => config)
end