Class: AWS::IAM::User

Inherits:
Resource show all
Defined in:
lib/aws/iam/user.rb

Overview

Represents an IAM User. Each AWS account can have many users. Users can be organized (optionally) into groups. Users (and groups) can be given policies that affect that they can do.

Creating A User

iam = AWS::IAM.new

user = iam.users.create('johndoe')

Renaming a User

You can only edit a user’s name and path (both of which will modify the user’s ARN).

user = iam.users['johndoe']
user.name = 'newname'

User Path

When you create a user you can assign a path. Paths must begin and end with a forward slash (/).

user = iam.users.create('newuser', :path => '/developers/ruby/')

Paths are a useful tool for organizing/tagging users. You can later enumerate users by their path prefixes:

iam.users.each(:path_prefix => '/developers').each do |developer|
  puts developer.name
end

Login Profile

A login profile is required for an IAM user to use the AWS Management console (web interface). See LoginProfile for more information.

Deleting Users

In order to delete a user you must first remove it from all of its groups and delete all of its signing certificates. Once this is done:

Instance Attribute Summary collapse

Attributes included from Core::Model

#config

Instance Method Summary collapse

Methods inherited from Resource

#exists?, prefix_update_attributes, update_prefix

Methods inherited from Core::Resource

attribute_providers, attribute_providers_for, attributes, #attributes_from_response, define_attribute_type, #eql?, #inspect, new_from

Methods included from Core::Cacheable

included, #retrieve_attribute

Methods included from Core::Model

#client, #config_prefix, #inspect

Constructor Details

#initialize(name, options = {}) ⇒ User

Returns a new instance of User.

Parameters:

  • name (String)

    The IAM user name for this user.

  • options (Hash) (defaults to: {})


77
78
79
80
# File 'lib/aws/iam/user.rb', line 77

def initialize name, options = {}
  options[:name] = name
  super(options)
end

Instance Attribute Details

#arnString (readonly)

Returns the current value of arn.

Returns:

  • (String)

    the current value of arn



71
72
73
# File 'lib/aws/iam/user.rb', line 71

def arn
  @arn
end

#create_dateDateTime (readonly)

Returns the current value of create_date.

Returns:

  • (DateTime)

    the current value of create_date



71
72
73
# File 'lib/aws/iam/user.rb', line 71

def create_date
  @create_date
end

#idString (readonly)

Returns the current value of id.

Returns:

  • (String)

    the current value of id



71
72
73
# File 'lib/aws/iam/user.rb', line 71

def id
  @id
end

#pathString

Returns the current value of path.

Returns:

  • (String)

    the current value of path



71
72
73
# File 'lib/aws/iam/user.rb', line 71

def path
  @path
end

#user_nameString

Returns the current value of user_name.

Returns:

  • (String)

    the current value of user_name



71
72
73
# File 'lib/aws/iam/user.rb', line 71

def user_name
  @user_name
end

Instance Method Details

#access_keysAccessKeyCollection

Returns a collection that represents the access keys for this user.

user.access_keys.each do |access_key|
  puts access_key.id
end

Returns:

  • (AccessKeyCollection)

    Returns a collection that represents all access keys for this user.



185
186
187
# File 'lib/aws/iam/user.rb', line 185

def access_keys
  AccessKeyCollection.new(:user => self)
end

#deletenil

Deletes this user.

Returns:

  • (nil)


109
110
111
112
# File 'lib/aws/iam/user.rb', line 109

def delete
  client.delete_user(resource_options)
  nil
end

#delete!Object

Deletes the current user, after:

  • deleting its login profile

  • removing it from all groups

  • deleting all of its access keys

  • deleting its mfa devices

  • deleting its signing certificates



120
121
122
123
124
125
126
127
128
# File 'lib/aws/iam/user.rb', line 120

def delete!
  groups.clear
  access_keys.clear
  policies.clear
  mfa_devices.clear
  signing_certificates.clear
  .delete if .exists?
  delete
end

#groupsUserGroupCollection

Returns a collection that includes all of the groups the user is in.

Returns:



193
194
195
# File 'lib/aws/iam/user.rb', line 193

def groups
  UserGroupCollection.new(self)
end

#login_profileLoginProfile

A login profile is a user name and password that enables a user to log in to the AWS Management Console. The object returned by this method allows you to set or delete the password. For example:

user..password = "TheNewPassword"

Returns:

  • (LoginProfile)

    Returns the login profile for this user.



173
174
175
# File 'lib/aws/iam/user.rb', line 173

def 
  LoginProfile.new(self)
end

#mfa_devicesMFADeviceCollection

Returns a collection that represents all MFA devices assigned to this user.

Returns:

  • (MFADeviceCollection)

    Returns a collection that represents all MFA devices assigned to this user.



160
161
162
# File 'lib/aws/iam/user.rb', line 160

def mfa_devices
  MFADeviceCollection.new(self)
end

#policiesPolicyCollection

Returns a collection that represents all policies for this user.

user.policies.each do |policy|
  puts policy.name
end

Returns:

  • (PolicyCollection)

    Returns a collection that represents all policies for this user.



138
139
140
# File 'lib/aws/iam/user.rb', line 138

def policies
  UserPolicyCollection.new(self)  
end

#signing_certificatesSigningCertificateCollection

Returns a collection that represents the signing certificates belonging to this user.

user.signing_certificates.each do |cert|
  # ...
end

If you need to access the signing certificates of this AWS account, see AWS::IAM#signing_certificates.

Returns:



154
155
156
# File 'lib/aws/iam/user.rb', line 154

def signing_certificates
  SigningCertificateCollection.new(:user => self, :config => config)
end