Class: AwsIamUsers
Overview
author: Alex Bedley author: Steffanie Freeman author: Simon Varlow author: Chris Redekop
Defined Under Namespace
Classes: Backend
Instance Attribute Summary
#table
Class Method Summary
collapse
Instance Method Summary
collapse
included
#catch_aws_errors, #check_resource_param_names, #initialize, #inspec_runner
Class Method Details
.lazy_get_login_profile(row, _criterion, table) ⇒ Object
26
27
28
29
30
31
32
33
34
35
|
# File 'lib/resources/aws/aws_iam_users.rb', line 26
def self.lazy_get_login_profile(row, _criterion, table)
backend = BackendFactory.create(table.resource.inspec_runner)
begin
_login_profile = backend.get_login_profile(user_name: row[:user_name])
row[:has_console_password] = true
rescue Aws::IAM::Errors::NoSuchEntity
row[:has_console_password] = false
end
row[:has_console_password?] = row[:has_console_password]
end
|
.lazy_list_attached_policies(row, _criterion, table) ⇒ Object
55
56
57
58
59
60
61
62
|
# File 'lib/resources/aws/aws_iam_users.rb', line 55
def self.lazy_list_attached_policies(row, _criterion, table)
backend = BackendFactory.create(table.resource.inspec_runner)
attached_policies = backend.list_attached_user_policies(user_name: row[:user_name]).attached_policies
row[:has_attached_policies] = !attached_policies.empty?
row[:has_attached_policies?] = row[:has_attached_policies]
row[:attached_policy_names] = attached_policies.map { |p| p[:policy_name] }
row[:attached_policy_arns] = attached_policies.map { |p| p[:policy_arn] }
end
|
.lazy_list_mfa_devices(row, _criterion, table) ⇒ Object
37
38
39
40
41
42
43
44
45
46
|
# File 'lib/resources/aws/aws_iam_users.rb', line 37
def self.lazy_list_mfa_devices(row, _criterion, table)
backend = BackendFactory.create(table.resource.inspec_runner)
begin
aws_mfa_devices = backend.list_mfa_devices(user_name: row[:user_name])
row[:has_mfa_enabled] = !aws_mfa_devices.mfa_devices.empty?
rescue Aws::IAM::Errors::NoSuchEntity
row[:has_mfa_enabled] = false
end
row[:has_mfa_enabled?] = row[:has_mfa_enabled]
end
|
.lazy_list_user_policies(row, _criterion, table) ⇒ Object
48
49
50
51
52
53
|
# File 'lib/resources/aws/aws_iam_users.rb', line 48
def self.lazy_list_user_policies(row, _criterion, table)
backend = BackendFactory.create(table.resource.inspec_runner)
row[:inline_policy_names] = backend.list_user_policies(user_name: row[:user_name]).policy_names
row[:has_inline_policies] = !row[:inline_policy_names].empty?
row[:has_inline_policies?] = row[:has_inline_policies]
end
|
Instance Method Details
#fetch_from_api ⇒ Object
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
# File 'lib/resources/aws/aws_iam_users.rb', line 110
def fetch_from_api
backend = BackendFactory.create(inspec_runner)
@table = fetch_from_api_paginated(backend)
@table.each do |user|
password_last_used = user[:password_last_used]
user[:password_ever_used?] = !password_last_used.nil?
user[:password_never_used?] = password_last_used.nil?
if user[:password_ever_used?]
user[:password_last_used_days_ago] = ((Time.now - password_last_used) / (24*60*60)).to_i
end
end
@table
end
|
#fetch_from_api_paginated(backend) ⇒ Object
98
99
100
101
102
103
104
105
106
107
108
|
# File 'lib/resources/aws/aws_iam_users.rb', line 98
def fetch_from_api_paginated(backend)
table = []
page_marker = nil
loop do
api_result = backend.list_users(marker: page_marker)
table += api_result.users.map(&:to_h)
page_marker = api_result.marker
break unless api_result.is_truncated
end
table
end
|
#to_s ⇒ Object
125
126
127
|
# File 'lib/resources/aws/aws_iam_users.rb', line 125
def to_s
'IAM Users'
end
|
#validate_params(raw_params) ⇒ Object
90
91
92
93
94
95
96
|
# File 'lib/resources/aws/aws_iam_users.rb', line 90
def validate_params(raw_params)
unless raw_params.empty?
raise ArgumentError, 'aws_iam_users does not accept resource parameters'
end
raw_params
end
|