Represents an IAM User. Each AWS account can have many users. Users can be organized (optionally) into groups. Users (and groups) can be given policies that affect that they can do.
iam = AWS::IAM.new
user = iam.users.create('johndoe')
You can only edit a user’s name and path (both of which will modify the user’s ARN).
user = iam.users['johndoe'] user.name = 'newname'
When you create a user you can assign a path. Paths must begin and end with a forward slash (/).
user = iam.users.create('newuser', :path => '/developers/ruby/')
Paths are a useful tool for organizing/tagging users. You can later enumerate users by their path prefixes:
iam.users.each(:path_prefix => '/developers').each do |developer| puts developer.name end
A login profile is required for an IAM user to use the AWS Management console (web interface). See {LoginProfile} for more information.
In order to delete a user you must first remove it from all of its groups and delete all of its signing certificates. Once this is done:
@attr [String] user_name
@attr [String] path
@attr_reader [String] id
@attr_reader [DateTime] create_date
@attr_reader [String] arn
@param [String] name The IAM user name for this user. @param [Hash] options
# File lib/aws/iam/user.rb, line 77 def initialize name, options = {} options[:name] = name super(options) end
Returns a collection that represents the access keys for this user.
user.access_keys.each do |access_key| puts access_key.id end
@return [AccessKeyCollection] Returns a collection that represents all
access keys for this user.
# File lib/aws/iam/user.rb, line 179 def access_keys AccessKeyCollection.new(:user => self) end
Deletes this user. @return [nil]
# File lib/aws/iam/user.rb, line 109 def delete client.delete_user(resource_options) nil end
# File lib/aws/iam/user.rb, line 114 def delete! groups.clear access_keys.clear policies.clear mfa_devices.clear signing_certificates.clear login_profile.delete if login_profile.exists? delete end
Returns a collection that includes all of the groups the user is in.
@return [UserGroupCollection]
# File lib/aws/iam/user.rb, line 187 def groups UserGroupCollection.new(self) end
A login profile is a user name and password that enables a user to log in to the {aws.amazon.com/console AWS Management Console}. The object returned by this method allows you to set or delete the password. For example:
user.login_profile.password = "TheNewPassword"
@return [LoginProfile] Returns the login profile for this
user.
# File lib/aws/iam/user.rb, line 167 def login_profile LoginProfile.new(self) end
@return [MFADeviceCollection] Returns a collection that represents
all MFA devices assigned to this user.
# File lib/aws/iam/user.rb, line 154 def mfa_devices MFADeviceCollection.new(self) end
Returns a collection that represents all policies for this user.
user.policies.each do |policy| puts policy.name end
@return [PolicyCollection] Returns a collection that represents
all policies for this user.
# File lib/aws/iam/user.rb, line 132 def policies UserPolicyCollection.new(self) end
Returns a collection that represents the signing certificates belonging to this user.
user.signing_certificates.each do |cert| # ... end
If you need to access the signing certificates of this AWS account, see {AWS::IAM#signing_certificates}.
@return [SigningCertificateCollection] Returns a collection that
represents signing certificates for this user.
# File lib/aws/iam/user.rb, line 148 def signing_certificates SigningCertificateCollection.new(:user => self, :config => config) end
@private
# File lib/aws/iam/user.rb, line 193 def resource_identifiers [[:user_name, name]] end