Initialize connection to IAM
options parameter must include values for :aws_access_key_id and :aws_secret_access_key in order to create a connection
iam = IAM.new( :aws_access_key_id => your_aws_access_key_id, :aws_secret_access_key => your_aws_secret_access_key )
options<~Hash> - config arguments for connection. Defaults to {}.
# File lib/fog/aws/iam.rb, line 262 def initialize(options={}) @use_iam_profile = options[:use_iam_profile] @connection_options = options[:connection_options] || {} @instrumentor = options[:instrumentor] @instrumentor_name = options[:instrumentor_name] || 'fog.aws.iam' @host = options[:host] || 'iam.amazonaws.com' @path = options[:path] || '/' @persistent = options[:persistent] || false @port = options[:port] || 443 @scheme = options[:scheme] || 'https' @region = options[:region] || "us-east-1" @connection = Fog::XML::Connection.new("#{@scheme}://#{@host}:#{@port}#{@path}", @persistent, @connection_options) setup_credentials(options) end
Add a role to an instance profile
instance_profile_name<~String>: Name of the instance profile to update.
role_name<~String>:Name of the role to add.
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_AddRoleToInstanceProfile.html
# File lib/fog/aws/requests/iam/add_role_to_instance_profile.rb, line 21 def add_role_to_instance_profile(role_name, instance_profile_name) request( 'Action' => 'AddRoleToInstanceProfile', 'InstanceProfileName' => instance_profile_name, 'RoleName' => role_name, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Add a user to a group
group_name<~String>: name of the group
user_name<~String>: name of user to add
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_AddUserToGroup.html
# File lib/fog/aws/requests/iam/add_user_to_group.rb, line 21 def add_user_to_group(group_name, user_name) request( 'Action' => 'AddUserToGroup', 'GroupName' => group_name, 'UserName' => user_name, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Attaches a managed policy to a group
group_name<~String>: name of the group
policy_arn<~String>: arn of the managed policy
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.aws.amazon.com/IAM/latest/APIReference/API_AttachGroupPolicy.html
# File lib/fog/aws/requests/iam/attach_group_policy.rb, line 21 def attach_group_policy(group_name, policy_arn) request( 'Action' => 'AttachGroupPolicy', 'GroupName' => group_name, 'PolicyArn' => policy_arn, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Attaches a managed policy to a role
role_name<~String>: name of the role
policy_arn<~String>: arn of the managed policy
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.aws.amazon.com/IAM/latest/APIReference/API_AttachRolePolicy.html
# File lib/fog/aws/requests/iam/attach_role_policy.rb, line 21 def attach_role_policy(role_name, policy_arn) request( 'Action' => 'AttachRolePolicy', 'RoleName' => role_name, 'PolicyArn' => policy_arn, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Attaches a managed policy to a user
user_name<~String>: name of the user
policy_arn<~String>: arn of the managed policy
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.aws.amazon.com/IAM/latest/APIReference/API_AttachUserPolicy.html
# File lib/fog/aws/requests/iam/attach_user_policy.rb, line 21 def attach_user_policy(user_name, policy_arn) request( 'Action' => 'AttachUserPolicy', 'UserName' => user_name, 'PolicyArn' => policy_arn, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Create a access keys for user (by default detects user from access credentials)
options<~Hash>:
'UserName'<~String> - name of the user to create (do not include path)
response<~Excon::Response>:
body<~Hash>:
'AccessKey'<~Hash>:
'AccessKeyId'<~String> -
'UserName'<~String> -
'SecretAccessKey'<~String> -
'Status'<~String> -
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_CreateAccessKey.html
# File lib/fog/aws/requests/iam/create_access_key.rb, line 26 def create_access_key(options = {}) request({ 'Action' => 'CreateAccessKey', :parser => Fog::Parsers::AWS::IAM::CreateAccessKey.new }.merge!(options)) end
# File lib/fog/aws/requests/iam/create_account_alias.rb, line 7 def create_account_alias(account_alias) request( 'Action' => 'CreateAccountAlias', 'AccountAlias' => account_alias, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Create a new group
group_name<~String>: name of the group to create (do not include path)
path<~String>: optional path to group, defaults to '/'
response<~Excon::Response>:
body<~Hash>:
'Group'<~Hash>:
Arn<~String> -
GroupId<~String> -
GroupName<~String> -
Path<~String> -
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_CreateGroup.html
# File lib/fog/aws/requests/iam/create_group.rb, line 26 def create_group(group_name, path = '/') request( 'Action' => 'CreateGroup', 'GroupName' => group_name, 'Path' => path, :parser => Fog::Parsers::AWS::IAM::CreateGroup.new ) end
Create a new instance_profile
instance_profile_name<~String>: name of the instance profile to create (do not include path)
path<~String>: optional path to group, defaults to '/'
response<~Excon::Response>:
body<~Hash>:
'InstanceProfile'<~Hash>:
Arn<~String> -
CreateDate<~Date>
InstanceProfileId<~String> -
InstanceProfileName<~String> -
Path<~String> -
Roles<~Array> - role<~Hash>:
* 'Arn'<~String> - * 'AssumeRolePolicyDocument'<~String< * 'Path'<~String> - * 'RoleId'<~String> - * 'RoleName'<~String> -
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_CreateInstanceProfile.html
# File lib/fog/aws/requests/iam/create_instance_profile.rb, line 34 def create_instance_profile(instance_profile_name, path='/', options={}) request({ 'Action' => 'CreateInstanceProfile', 'InstanceProfileName' => instance_profile_name, 'Path' => path, :parser => Fog::Parsers::AWS::IAM::InstanceProfile.new }.merge!(options)) end
Creates a login profile for a user
docs.amazonwebservices.com/IAM/latest/APIReference/API_CreateLoginProfile.html
user_name<~String> - Name of user to create a login profile for
password<~String> - The new password for this user
response<~Excon::Response>:
body<~Hash>:
'LoginProfile'<~Hash>
* UserName<~String> * CreateDate
'RequestId'<~String> - Id of the request
# File lib/fog/aws/requests/iam/create_login_profile.rb, line 23 def create_login_profile(user_name, password) request({ 'Action' => 'CreateLoginProfile', 'UserName' => user_name, 'Password' => password, :parser => Fog::Parsers::AWS::IAM::LoginProfile.new }) end
Creates a managed policy
policy_name<~String>: name of policy document
policy_document<~Hash>: policy document, see: docs.amazonwebservices.com/IAM/latest/UserGuide/PoliciesOverview.html
path <~String>: path of the policy
description <~String>: description for the policy
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
'Policy'<~Hash>:
Arn
AttachmentCount
CreateDate
DefaultVersionId
Description
IsAttachable
Path
PolicyId
PolicyName
UpdateDate
docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html
# File lib/fog/aws/requests/iam/create_policy.rb, line 32 def create_policy(policy_name, policy_document, path=nil, description=nil) request({ 'Action' => 'CreatePolicy', 'PolicyName' => policy_name, 'PolicyDocument' => Fog::JSON.encode(policy_document), 'Path' => path, 'Description' => description, :parser => Fog::Parsers::AWS::IAM::SinglePolicy.new }.reject {|_, value| value.nil?}) end
Creates a managed policy
policy_arn<~String>: arn of the policy
policy_document<~Hash>: policy document, see: docs.amazonwebservices.com/IAM/latest/UserGuide/PoliciesOverview.html
set_as_default<~Boolean>: sets policy to default version
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
'PolicyVersion'<~Array>:
CreateDate<~DateTime> The date and time, in ISO 8601 date-time format, when the policy version was created.
Document<~String> The policy document. Pattern: [u0009u000Au000Du0020-u00FF]+
IsDefaultVersion<~String> Specifies whether the policy version is set as the policy's default version.
VersionId<~String> The identifier for the policy version.
docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicyVersion.html
# File lib/fog/aws/requests/iam/create_policy_version.rb, line 26 def create_policy_version(policy_arn, policy_document, set_as_default=true) request({ 'Action' => 'CreatePolicyVersion', 'PolicyArn' => policy_arn, 'PolicyDocument' => Fog::JSON.encode(policy_document), 'SetAsDefault' => set_as_default, :parser => Fog::Parsers::AWS::IAM::PolicyVersion.new }.reject {|_, value| value.nil?}) end
Creates a new role for your AWS account
RoleName<~String>: name of the role to create
AssumeRolePolicyDocument<~String>: The policy that grants an entity permission to assume the role.
Path<~String>: This parameter is optional. If it is not included, it defaults to a slash (/).
response<~Excon::Response>:
body<~Hash>:
'Role'<~Hash>:
'Arn'<~String> -
'AssumeRolePolicyDocument'<~String<
'Path'<~String> -
'RoleId'<~String> -
'RoleName'<~String> -
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_CreateRole.html
# File lib/fog/aws/requests/iam/create_role.rb, line 43 def create_role(role_name, assume_role_policy_document, path = '/') request( 'Action' => 'CreateRole', 'RoleName' => role_name, 'AssumeRolePolicyDocument' => assume_role_policy_document, 'Path' => path, :parser => Fog::Parsers::AWS::IAM::SingleRole.new ) end
Create a new user
user_name<~String>: name of the user to create (do not include path)
path<~String>: optional path to group, defaults to '/'
response<~Excon::Response>:
body<~Hash>:
'User'<~Hash>:
'Arn'<~String> -
'Path'<~String> -
'UserId'<~String> -
'UserName'<~String> -
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_CreateUser.html
# File lib/fog/aws/requests/iam/create_user.rb, line 26 def create_user(user_name, path = '/') request( 'Action' => 'CreateUser', 'UserName' => user_name, 'Path' => path, :parser => Fog::Parsers::AWS::IAM::CreateUser.new ) end
Delete an access key
access_key_id<~String> - Access key id to delete
options<~Hash>:
'UserName'<~String> - name of the user to create (do not include path)
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_DeleteAccessKey.html
# File lib/fog/aws/requests/iam/delete_access_key.rb, line 22 def delete_access_key(access_key_id, options = {}) request({ 'AccessKeyId' => access_key_id, 'Action' => 'DeleteAccessKey', :parser => Fog::Parsers::AWS::IAM::Basic.new }.merge!(options)) end
# File lib/fog/aws/requests/iam/delete_account_alias.rb, line 7 def delete_account_alias(account_alias) request( 'Action' => 'DeleteAccountAlias', 'AccountAlias' => account_alias, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Add or update the account password policy
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAccountPasswordPolicy.html
# File lib/fog/aws/requests/iam/delete_account_password_policy.rb, line 18 def delete_account_password_policy request({ 'Action' => 'DeleteAccountPasswordPolicy', :parser => Fog::Parsers::AWS::IAM::Basic.new }) end
Delete a group
group_name<~String>: name of the group to delete
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_DeleteGroup.html
# File lib/fog/aws/requests/iam/delete_group.rb, line 20 def delete_group(group_name) request( 'Action' => 'DeleteGroup', 'GroupName' => group_name, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Remove a policy from a group
group_name<~String>: name of the group
policy_name<~String>: name of policy document
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_DeleteGroupPolicy.html
# File lib/fog/aws/requests/iam/delete_group_policy.rb, line 21 def delete_group_policy(group_name, policy_name) request( 'Action' => 'DeleteGroupPolicy', 'GroupName' => group_name, 'PolicyName' => policy_name, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Delete a instance_profile
instance_profile_name<~String>: name of the instance_profile to delete
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_DeleteInstanceProfile.html
# File lib/fog/aws/requests/iam/delete_instance_profile.rb, line 20 def delete_instance_profile(instance_profile_name) request( 'Action' => 'DeleteInstanceProfile', 'InstanceProfileName' => instance_profile_name, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Deletes a user's login profile
docs.amazonwebservices.com/IAM/latest/APIReference/API_DeleteLoginProfile.html
user_name<~String> - Name of user whose login profile you want to delete
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
# File lib/fog/aws/requests/iam/delete_login_profile.rb, line 19 def delete_login_profile(user_name) request({ 'Action' => 'DeleteLoginProfile', 'UserName' => user_name, :parser => Fog::Parsers::AWS::IAM::Basic.new }) end
Deletes a manged policy
policy_arn<~String>: arn of the policy
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.aws.amazon.com/IAM/latest/APIReference/API_DeletePolicy.html
# File lib/fog/aws/requests/iam/delete_policy.rb, line 20 def delete_policy(policy_arn) request( 'Action' => 'DeletePolicy', 'PolicyArn' => policy_arn, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Deletes a manged policy
policy_arn<~String>: arn of the policy
version_id<~String>: version of policy to delete
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.aws.amazon.com/IAM/latest/APIReference/API_DeletePolicyVersion.html
# File lib/fog/aws/requests/iam/delete_policy_version.rb, line 21 def delete_policy_version(policy_arn, version_id) request( 'Action' => 'DeletePolicyVersion', 'PolicyArn' => policy_arn, 'VersionId' => version_id, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Delete a role
role_name<~String>: name of the role to delete
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_DeleteRole.html
# File lib/fog/aws/requests/iam/delete_role.rb, line 20 def delete_role(role_name) request( 'Action' => 'DeleteRole', 'RoleName' => role_name, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Remove a policy from a role
role_name<~String>: name of the role
policy_name<~String>: name of policy document
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_DeleteRolePolicy.html
# File lib/fog/aws/requests/iam/delete_role_policy.rb, line 21 def delete_role_policy(role_name, policy_name) request( 'Action' => 'DeleteRolePolicy', 'PolicyName' => policy_name, 'RoleName' => role_name, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Deletes the specified server certificate.
server_certificate_name<~String>: The name of the server certificate you want to delete.
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_DeleteServerCertificate.html
# File lib/fog/aws/requests/iam/delete_server_certificate.rb, line 20 def delete_server_certificate(server_certificate_name) request({ 'Action' => 'DeleteServerCertificate', 'ServerCertificateName' => server_certificate_name, :parser => Fog::Parsers::AWS::IAM::Basic.new }) end
Upload signing certificate for user (by default detects user from access credentials)
options<~Hash>:
'UserName'<~String> - name of the user to upload certificate for (do not include path)
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/index.html?API_DeleteSigningCertificate.html
# File lib/fog/aws/requests/iam/delete_signing_certificate.rb, line 21 def delete_signing_certificate(certificate_id, options = {}) request({ 'Action' => 'DeleteSigningCertificate', 'CertificateId' => certificate_id, :parser => Fog::Parsers::AWS::IAM::Basic.new }.merge!(options)) end
Delete a user
user_name<~String>: name of the user to delete
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_DeleteUser.html
# File lib/fog/aws/requests/iam/delete_user.rb, line 20 def delete_user(user_name) request( 'Action' => 'DeleteUser', 'UserName' => user_name, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Remove a policy from a user
user_name<~String>: name of the user
policy_name<~String>: name of policy document
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_DeleteUserPolicy.html
# File lib/fog/aws/requests/iam/delete_user_policy.rb, line 21 def delete_user_policy(user_name, policy_name) request( 'Action' => 'DeleteUserPolicy', 'PolicyName' => policy_name, 'UserName' => user_name, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Detaches a managed policy from a group
group_name<~String>: name of the group
policy_arn<~String>: arn of the managed policy
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.aws.amazon.com/IAM/latest/APIReference/API_DetachGroupPolicy.html
# File lib/fog/aws/requests/iam/detach_group_policy.rb, line 21 def detach_group_policy(group_name, policy_arn) request( 'Action' => 'DetachGroupPolicy', 'GroupName' => group_name, 'PolicyArn' => policy_arn, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Detaches a managed policy from a role
role_name<~String>: name of the role
policy_arn<~String>: arn of the managed policy
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.aws.amazon.com/IAM/latest/APIReference/API_DetachRolePolicy.html
# File lib/fog/aws/requests/iam/detach_role_policy.rb, line 21 def detach_role_policy(role_name, policy_arn) request( 'Action' => 'DetachRolePolicy', 'RoleName' => role_name, 'PolicyArn' => policy_arn, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Detaches a managed policy to a user
user_name<~String>: name of the user
policy_arn<~String>: arn of the managed policy
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.aws.amazon.com/IAM/latest/APIReference/API_DetachUserPolicy.html
# File lib/fog/aws/requests/iam/detach_user_policy.rb, line 21 def detach_user_policy(user_name, policy_arn) request( 'Action' => 'DetachUserPolicy', 'UserName' => user_name, 'PolicyArn' => policy_arn, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Add or update the account password policy
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAccountPasswordPolicy.html
# File lib/fog/aws/requests/iam/get_account_password_policy.rb, line 18 def get_account_password_policy() request({ 'Action' => 'DeleteAccountPasswordPolicy', :parser => Fog::Parsers::AWS::IAM::Basic.new }) end
Retrieve account level information about account entity usage and IAM quotas
response<~Excon::Response>:
body<~Hash>:
'Summary'<~Hash>:
'AccessKeysPerUserQuota'<~Integer> - Maximum number of access keys that can be created per user
'AccountMFAEnabled'<~Integer> - 1 if the root account has an MFA device assigned to it, 0 otherwise
'AssumeRolePolicySizeQuota'<~Integer> - Maximum allowed size for assume role policy documents (in kilobytes)
'GroupPolicySizeQuota'<~Integer> - Maximum allowed size for Group policy documents (in kilobytes)
'GroupsPerUserQuota'<~Integer> - Maximum number of groups a user can belong to
'GroupsQuota'<~Integer> - Maximum groups allowed for the AWS account
'InstanceProfiles'<~Integer> - Number of instance profiles for the AWS account
'InstanceProfilesQuota'<~Integer> - Maximum instance profiles allowed for the AWS account
'MFADevices'<~Integer> - Number of MFA devices, either assigned or unassigned
'MFADevicesInUse'<~Integer> - Number of MFA devices that have been assigned to an IAM user or to the root account
'Providers'<~Integer> -
'RolePolicySizeQuota'<~Integer> - Maximum allowed size for role policy documents (in kilobytes)
'Roles'<~Integer> - Number of roles for the AWS account
'RolesQuota'<~Integer> - Maximum roles allowed for the AWS account
'ServerCertificates'<~Integer> - Number of server certificates for the AWS account
'ServerCertificatesQuota'<~Integer> - Maximum server certificates allowed for the AWS account
'SigningCertificatesPerUserQuota'<~Integer> - Maximum number of X509 certificates allowed for a user
'UserPolicySizeQuota'<~Integer> - Maximum allowed size for user policy documents (in kilobytes)
'Users'<~Integer> - Number of users for the AWS account
'UsersQuota'<~Integer> - Maximum users allowed for the AWS account
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_CreateAccessKey.html
# File lib/fog/aws/requests/iam/get_account_summary.rb, line 39 def get_account_summary request( 'Action' => 'GetAccountSummary', :parser => Fog::Parsers::AWS::IAM::GetAccountSummary.new ) end
Get Group
'GroupName'<~String>: Name of the Group
options<~Hash>:
'Marker'<~String>: Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
'MaxItems'<~String>: Use this only when paginating results to indicate the maximum number of User names you want in the response. If there are additional User names beyond the maximum you specify, the IsTruncated response element is true.
response<~Excon::Response>:
docs.amazonwebservices.com/IAM/latest/APIReference/index.html?API_GetGroup.html
# File lib/fog/aws/requests/iam/get_group.rb, line 32 def get_group(group_name, options = {}) request({ 'Action' => 'GetGroup', 'GroupName' => group_name, :parser => Fog::Parsers::AWS::IAM::GetGroup.new }.merge!(options)) end
'PolicyName'<~String>: Name of the policy to get
'GroupName'<~String>: Name of the Group who the policy is associated with.
response<~Excon::Response>:
body<~Hash>:
* PolicyDocument<~String> The policy document. * PolicyName<~String> The name of the policy. * GroupName<~String> The Group the policy is associated with.
docs.amazonwebservices.com/IAM/latest/APIReference/API_GetGroupPolicy.html
# File lib/fog/aws/requests/iam/get_group_policy.rb, line 23 def get_group_policy(policy_name, group_name) request({ 'Action' => 'GetGroupPolicy', 'PolicyName' => policy_name, 'GroupName' => group_name, :parser => Fog::Parsers::AWS::IAM::GetGroupPolicy.new }) end
Retrieves information about an instance profile
docs.amazonwebservices.com/IAM/latest/APIReference/API_GetInstanceProfile.html
instance_profile_name<~String> - Name of instance_profile to retrieve the information for
response<~Excon::Response>:
body<~Hash>:
'InstanceProfile'<~Hash>:
Arn<~String> -
CreateDate<~Date>
InstanceProfileId<~String> -
InstanceProfileName<~String> -
Path<~String> -
Roles<~Array> - role<~Hash>:
* 'Arn'<~String> - * 'AssumeRolePolicyDocument'<~String< * 'Path'<~String> - * 'RoleId'<~String> - * 'RoleName'<~String> -
'RequestId'<~String> - Id of the request
# File lib/fog/aws/requests/iam/get_instance_profile.rb, line 30 def get_instance_profile(instance_profile_name) request({ 'Action' => 'GetInstanceProfile', 'InstanceProfileName' => instance_profile_name, :parser => Fog::Parsers::AWS::IAM::InstanceProfile.new }) end
Retrieves the login profile for a user
docs.amazonwebservices.com/IAM/latest/APIReference/API_CreateLoginProfile.html
user_name<~String> - Name of user to retrieve the login profile for
password<~String> - The new password for this user
response<~Excon::Response>:
body<~Hash>:
'LoginProfile'<~Hash>
* UserName<~String> * CreateDate
'RequestId'<~String> - Id of the request
# File lib/fog/aws/requests/iam/get_login_profile.rb, line 23 def get_login_profile(user_name) request({ 'Action' => 'GetLoginProfile', 'UserName' => user_name, :parser => Fog::Parsers::AWS::IAM::LoginProfile.new }) end
Get Policy
'PolicyArn'<~String>: The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
response<~Excon::Response>:
body<~Hash>:
Arn<~String> The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
AttachmentCount<~Integer> The number of entities (users, groups, and roles) that the policy is attached to.
CreateDate<~DateTime> The date and time, in ISO 8601 date-time format, when the policy was created.
DefaultVersionId<~String> The identifier for the version of the policy that is set as the default version.
Description<~String> A friendly description of the policy.
IsAttachable<~Boolean> Specifies whether the policy can be attached to an IAM user, group, or role.
Path<~String> The path to the policy.
PolicyId<~String> The stable and unique string identifying the policy.
PolicyName<~String> The friendly name (not ARN) identifying the policy.
UpdateDate<~DateTime> The date and time, in ISO 8601 date-time format, when the policy was last updated.
docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicy.html
# File lib/fog/aws/requests/iam/get_policy.rb, line 29 def get_policy(policy_arn) request({ 'Action' => 'GetPolicy', 'PolicyArn' => policy_arn, :parser => Fog::Parsers::AWS::IAM::SinglePolicy.new }) end
Contains information about a version of a managed policy.
PolicyArn<~String>: The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
VersionId<~String>: Identifies the policy version to retrieve.
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
'PolicyVersion'<~Array>:
CreateDate<~DateTime> The date and time, in ISO 8601 date-time format, when the policy version was created.
Document<~String> The policy document. Pattern: [u0009u000Au000Du0020-u00FF]+
IsDefaultVersion<~String> Specifies whether the policy version is set as the policy's default version.
VersionId<~String> The identifier for the policy version.
docs.aws.amazon.com/IAM/latest/APIReference/API_PolicyVersion.html
# File lib/fog/aws/requests/iam/get_policy_version.rb, line 24 def get_policy_version(policy_arn, version_id) request({ 'Action' => 'GetPolicyVersion', 'PolicyArn' => policy_arn, 'VersionId' => version_id, :parser => Fog::Parsers::AWS::IAM::PolicyVersion.new }) end
response<~Excon::Response>:
body<~Hash>:
Role<~Hash>:
'Arn'<~String> -
'AssumeRolePolicyDocument'<~String<
'Path'<~String> -
'RoleId'<~String> -
'RoleName'<~String> -
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_GetRole.html
# File lib/fog/aws/requests/iam/get_role.rb, line 26 def get_role(role_name) request( 'Action' => 'GetRole', 'RoleName' => role_name, :parser => Fog::Parsers::AWS::IAM::SingleRole.new ) end
'PolicyName'<~String>: Name of the policy to get
'RoleName'<~String>: Name of the Role who the policy is associated with.
response<~Excon::Response>:
body<~Hash>:
* PolicyDocument<~String> The policy document. * PolicyName<~String> The name of the policy. * RoleName<~String> The Role the policy is associated with.
docs.amazonwebservices.com/IAM/latest/APIReference/API_GetRolePolicy.html
# File lib/fog/aws/requests/iam/get_role_policy.rb, line 23 def get_role_policy(role_name, policy_name) request({ 'Action' => 'GetRolePolicy', 'PolicyName' => policy_name, 'RoleName' => role_name, :parser => Fog::Parsers::AWS::IAM::GetRolePolicy.new }) end
Gets the specified server certificate.
server_certificate_name<~String>: The name of the server certificate you want to get.
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_GetServerCertificate.html
# File lib/fog/aws/requests/iam/get_server_certificate.rb, line 20 def get_server_certificate(name) request({ 'Action' => 'GetServerCertificate', 'ServerCertificateName' => name, :parser => Fog::Parsers::AWS::IAM::UploadServerCertificate.new }) end
Get User
username<String>
options<~Hash>:
'UserName'<~String>: Name of the User. Defaults to current user
response<~Excon::Response>:
body<~Hash>:
'User'<~Hash> - User
Arn<~String> -
UserId<~String> -
UserName<~String> -
Path<~String> -
docs.amazonwebservices.com/IAM/latest/APIReference/API_Getuser.html
# File lib/fog/aws/requests/iam/get_user.rb, line 26 def get_user(username = nil, options = {}) params = { 'Action' => 'GetUser', :parser => Fog::Parsers::AWS::IAM::GetUser.new } if username params.merge!('UserName' => username) end request(params.merge(options)) end
'PolicyName'<~String>: Name of the policy to get
'UserName'<~String>: Name of the User who the policy is associated with.
response<~Excon::Response>:
body<~Hash>:
* PolicyDocument<~String> The policy document. * PolicyName<~String> The name of the policy. * UserName<~String> The User the policy is associated with.
docs.amazonwebservices.com/IAM/latest/APIReference/API_GetUserPolicy.html
# File lib/fog/aws/requests/iam/get_user_policy.rb, line 23 def get_user_policy(policy_name, user_name) request({ 'Action' => 'GetUserPolicy', 'PolicyName' => policy_name, 'UserName' => user_name, :parser => Fog::Parsers::AWS::IAM::GetUserPolicy.new }) end
List access_keys
options<~Hash>:
'Marker'<~String> - used to paginate subsequent requests
'MaxItems'<~Integer> - limit results to this number per page
'UserName'<~String> - optional: username to lookup access keys for, defaults to current user
response<~Excon::Response>:
body<~Hash>:
'AccessKeys'<~Array> - Matching access keys
access_key<~Hash>:
AccessKeyId<~String> -
Status<~String> -
'IsTruncated<~Boolean> - Whether or not results were truncated
'Marker'<~String> - appears when IsTruncated is true as the next marker to use
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_ListAccessKeys.html
# File lib/fog/aws/requests/iam/list_access_keys.rb, line 29 def list_access_keys(options = {}) request({ 'Action' => 'ListAccessKeys', :parser => Fog::Parsers::AWS::IAM::ListAccessKeys.new }.merge!(options)) end
# File lib/fog/aws/requests/iam/list_account_aliases.rb, line 7 def list_account_aliases(options = {}) request({ 'Action' => 'ListAccountAliases', :parser => Fog::Parsers::AWS::IAM::ListAccountAliases.new }.merge!(options)) end
Attaches a managed policy to a group
group_name<~String>: name of the group
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
AttachedPolicies
'PolicyArn'<~String> - The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
'PolicName'<~String> - The friendly name of the attached policy.
docs.aws.amazon.com/IAM/latest/APIReference/API_AttachGroupPolicy.html
# File lib/fog/aws/requests/iam/list_attached_group_policies.rb, line 23 def list_attached_group_policies(group_name, options={}) request({ 'Action' => 'ListAttachedGroupPolicies', 'GroupName' => group_name, :parser => Fog::Parsers::AWS::IAM::ListManagedPolicies.new }.merge(options)) end
Lists managed role policies
role_name<~String>: name of the role
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
AttachedPolicies
'PolicyArn'<~String> - The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
'PolicName'<~String> - The friendly name of the attached policy.
docs.aws.amazon.com/IAM/latest/APIReference/API_ListAttachedRolePolicies.html
# File lib/fog/aws/requests/iam/list_attached_role_policies.rb, line 23 def list_attached_role_policies(role_name, options={}) request({ 'Action' => 'ListAttachedRolePolicies', 'RoleName' => role_name, :parser => Fog::Parsers::AWS::IAM::ListManagedPolicies.new }.merge(options)) end
Attaches a managed policy to a user
user_name<~String>: name of the user
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
AttachedPolicies
'PolicyArn'<~String> - The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
'PolicName'<~String> - The friendly name of the attached policy.
docs.aws.amazon.com/IAM/latest/APIReference/API_AttachUserPolicy.html
# File lib/fog/aws/requests/iam/list_attached_user_policies.rb, line 23 def list_attached_user_policies(user_name, options={}) request({ 'Action' => 'ListAttachedUserPolicies', 'UserName' => user_name, :parser => Fog::Parsers::AWS::IAM::ListManagedPolicies.new }.merge(options)) end
List policies for a group
group_name<~String> - Name of group to list policies for
options<~Hash>: Optional
'Marker'<~String>: used to paginate subsequent requests
'MaxItems'<~Integer>: limit results to this number per page
'PathPrefix'<~String>: prefix for filtering results
response<~Excon::Response>:
body<~Hash>:
'PolicyNames'<~Array> - Matching policy names
'IsTruncated<~Boolean> - Whether or not results were truncated
'Marker'<~String> - appears when IsTruncated is true as the next marker to use
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_ListGroupPolicies.html
# File lib/fog/aws/requests/iam/list_group_policies.rb, line 27 def list_group_policies(group_name, options = {}) request({ 'Action' => 'ListGroupPolicies', 'GroupName' => group_name, :parser => Fog::Parsers::AWS::IAM::ListPolicies.new }.merge!(options)) end
List groups
options<~Hash>:
'Marker'<~String>: used to paginate subsequent requests
'MaxItems'<~Integer>: limit results to this number per page
'PathPrefix'<~String>: prefix for filtering results
response<~Excon::Response>:
body<~Hash>:
'Groups'<~Array> - Matching groups
group<~Hash>:
Arn<~String> -
GroupId<~String> -
GroupName<~String> -
Path<~String> -
'IsTruncated<~Boolean> - Whether or not results were truncated
'Marker'<~String> - appears when IsTruncated is true as the next marker to use
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_ListGroups.html
# File lib/fog/aws/requests/iam/list_groups.rb, line 31 def list_groups(options = {}) request({ 'Action' => 'ListGroups', :parser => Fog::Parsers::AWS::IAM::ListGroups.new }.merge!(options)) end
List groups_for_user
user_name<~String> - the username you want to look up group membership for
options<~Hash>:
'Marker'<~String> - used to paginate subsequent requests
'MaxItems'<~Integer> - limit results to this number per page
response<~Excon::Response>:
body<~Hash>:
'GroupsForUser'<~Array> - Groups for a user
group_for_user<~Hash>:
'Arn' -
'GroupId' -
'GroupName' -
'Path' -
'IsTruncated'<~Boolean> - Whether or not results were truncated
'Marker'<~String> - appears when IsTruncated is true as the next marker to use
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_ListGroupsForUser.html
# File lib/fog/aws/requests/iam/list_groups_for_user.rb, line 31 def list_groups_for_user(user_name, options = {}) request({ 'Action' => 'ListGroupsForUser', 'UserName' => user_name, :parser => Fog::Parsers::AWS::IAM::ListGroupsForUser.new }.merge!(options)) end
Lists instance profiles
options<~Hash>:
'Marker'<~String>: used to paginate subsequent requests
'MaxItems'<~Integer>: limit results to this number per page
'PathPrefix'<~String>: prefix for filtering results
response<~Excon::Response>:
body<~Hash>:
'InstanceProfiles'<~Array>:
instance_profile <~Hash>:
Arn<~String> -
CreateDate<~Date>
InstanceProfileId<~String> -
InstanceProfileName<~String> -
Path<~String> -
Roles<~Array> - role<~Hash>:
* 'Arn'<~String> - * 'AssumeRolePolicyDocument'<~String< * 'Path'<~String> - * 'RoleId'<~String> - * 'RoleName'<~String> -
'IsTruncated<~Boolean> - Whether or not results were truncated
'Marker'<~String> - appears when IsTruncated is true as the next marker to use
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_ListInstanceProfiles.html
# File lib/fog/aws/requests/iam/list_instance_profiles.rb, line 39 def list_instance_profiles(options={}) request({ 'Action' => 'ListInstanceProfiles', :parser => Fog::Parsers::AWS::IAM::ListInstanceProfiles.new }.merge!(options)) end
Lists the instance profiles that have the specified associated role
options<~Hash>:
'Marker'<~String>: used to paginate subsequent requests
'MaxItems'<~Integer>: limit results to this number per page
'RoleName'<~String>: The name of the role to list instance profiles for.
response<~Excon::Response>:
body<~Hash>:
'InstanceProfiles'<~Array>:
instance_profile <~Hash>:
Arn<~String> -
CreateDate<~Date>
InstanceProfileId<~String> -
InstanceProfileName<~String> -
Path<~String> -
Roles<~Array> - role<~Hash>:
* 'Arn'<~String> - * 'AssumeRolePolicyDocument'<~String< * 'Path'<~String> - * 'RoleId'<~String> - * 'RoleName'<~String> -
'IsTruncated<~Boolean> - Whether or not results were truncated
'Marker'<~String> - appears when IsTruncated is true as the next marker to use
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_ListInstanceProfilesForRole.html
# File lib/fog/aws/requests/iam/list_instance_profiles_for_role.rb, line 39 def list_instance_profiles_for_role(role_name,options={}) request({ 'Action' => 'ListInstanceProfilesForRole', 'RoleName' => role_name, :parser => Fog::Parsers::AWS::IAM::ListInstanceProfiles.new }.merge!(options)) end
List MFA Devices
options<~Hash>:
'Marker'<~String> - used to paginate subsequent requests
'MaxItems'<~Integer> - limit results to this number per page
'UserName'<~String> - optional: username to lookup mfa devices for, defaults to current user
response<~Excon::Response>:
body<~Hash>:
'MFADevices'<~Array> - Matching MFA devices
mfa_device<~Hash>:
EnableDate - The date when the MFA device was enabled for the user
SerialNumber<~String> - The serial number that uniquely identifies the MFA device
UserName<~String> - The user with whom the MFA device is associated
'IsTruncated<~Boolean> - Whether or not results were truncated
'Marker'<~String> - appears when IsTruncated is true as the next marker to use
'RequestId'<~String> - Id of the request
docs.aws.amazon.com/IAM/latest/APIReference/API_ListMFADevices.html
# File lib/fog/aws/requests/iam/list_mfa_devices.rb, line 30 def list_mfa_devices(options = {}) request({ 'Action' => 'ListMFADevices', :parser => Fog::Parsers::AWS::IAM::ListMFADevices.new }.merge!(options)) end
Lists managed policies
options <~Hash>: options that filter the result set
Marker <~String>
MaxItems <~Integer>
OnlyAttached <~Boolean>
PathPrefix <~String>
Scope <~String>
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
'IsTruncated'<~Boolean>
'Marker'<~String>
'Policies'<~Array>:
Arn
AttachmentCount
CreateDate
DefaultVersionId
Description
IsAttachable
Path
PolicyId
PolicyName
UpdateDate
docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicies.html
# File lib/fog/aws/requests/iam/list_policies.rb, line 36 def list_policies(options={}) request({ 'Action' => 'ListPolicies', :parser => Fog::Parsers::AWS::IAM::ListManagedPolicies.new }.merge(options)) end
Lists policy versions
options <~Hash>: options that filter the result set
Marker <~String>
MaxItems <~Integer>
PolicyArn <~String>
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
'IsTruncated'<~Boolean>
'Marker'<~String>
'Versions'<~Array>:
CreateDate
IsDefaultVersion
VersionId
docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicyVersions.html
# File lib/fog/aws/requests/iam/list_policy_versions.rb, line 27 def list_policy_versions(policy_arn, options={}) request({ 'Action' => 'ListPolicyVersions', 'PolicyArn' => policy_arn, :parser => Fog::Parsers::AWS::IAM::ListPolicyVersions.new }.merge(options)) end
Lists the names of policies associated with a role
role_name<~String>: the role to list policies for
options<~Hash>:
'Marker'<~String>: used to paginate subsequent requests
'MaxItems'<~Integer>: limit results to this number per page
response<~Excon::Response>:
body<~Hash>:
'PolicyNames'<~Array>:
policy_name <~String>
'IsTruncated<~Boolean> - Whether or not results were truncated
'Marker'<~String> - appears when IsTruncated is true as the next marker to use
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_ListRoleProfiles.html
# File lib/fog/aws/requests/iam/list_role_policies.rb, line 27 def list_role_policies(role_name,options={}) request({ 'Action' => 'ListRolePolicies', 'RoleName' => role_name, :parser => Fog::Parsers::AWS::IAM::ListPolicies.new }.merge!(options)) end
Lists roles
options<~Hash>:
'Marker'<~String>: used to paginate subsequent requests
'MaxItems'<~Integer>: limit results to this number per page
'PathPrefix'<~String>: prefix for filtering results
response<~Excon::Response>:
body<~Hash>:
Roles<~Array> - role<~Hash>:
* 'Arn'<~String> - * 'AssumeRolePolicyDocument'<~String< * 'Path'<~String> - * 'RoleId'<~String> - * 'RoleName'<~String> -
'IsTruncated<~Boolean> - Whether or not results were truncated
'Marker'<~String> - appears when IsTruncated is true as the next marker to use
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_ListRoles.html
# File lib/fog/aws/requests/iam/list_roles.rb, line 32 def list_roles(options={}) request({ 'Action' => 'ListRoles', :parser => Fog::Parsers::AWS::IAM::ListRoles.new }.merge!(options)) end
List server certificates
options<~Hash>:
'Marker'<~String> - The marker from the previous result (for pagination)
'MaxItems'<~String> - The maximum number of server certificates you want in the response
'PathPrefix'<~String> - The path prefix for filtering the results
response<~Excon::Response>:
body<~Hash>:
'Certificates'<~Array> - Matching server certificates
server_certificate<~Hash>:
Arn<~String> -
Path<~String> -
ServerCertificateId<~String> -
ServerCertificateName<~String> -
UploadDate<~Time> -
'IsTruncated'<~Boolean> - Whether or not the results were truncated
'Marker'<~String> - appears when IsTruncated is true as the next marker to use
docs.amazonwebservices.com/IAM/latest/APIReference/index.html?API_ListServerCertificates.html
# File lib/fog/aws/requests/iam/list_server_certificates.rb, line 31 def list_server_certificates(options = {}) request({ 'Action' => 'ListServerCertificates', :parser => Fog::Parsers::AWS::IAM::ListServerCertificates.new }.merge!(options)) end
List signing certificates for user (by default detects user from access credentials)
options<~Hash>:
'UserName'<~String> - name of the user to list certificates for (do not include path)
response<~Excon::Response>:
body<~Hash>:
'SigningCertificates'<~Array> - Matching signing certificates
signing_certificate<~Hash>:
CertificateId<~String> -
Status<~String> -
'IsTruncated'<~Boolean> - Whether or not the results were truncated
'Marker'<~String> - appears when IsTruncated is true as the next marker to use
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/index.html?API_ListSigningCertificates.html
# File lib/fog/aws/requests/iam/list_signing_certificates.rb, line 27 def list_signing_certificates(options = {}) request({ 'Action' => 'ListSigningCertificates', :parser => Fog::Parsers::AWS::IAM::ListSigningCertificates.new }.merge!(options)) end
List policies for a user
user_name<~String> - Name of user to list policies for
options<~Hash>: Optional
'Marker'<~String>: used to paginate subsequent requests
'MaxItems'<~Integer>: limit results to this number per page
'PathPrefix'<~String>: prefix for filtering results
response<~Excon::Response>:
body<~Hash>:
'PolicyNames'<~Array> - Matching policy names
'IsTruncated<~Boolean> - Whether or not results were truncated
'Marker'<~String> - appears when IsTruncated is true as the next marker to use
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_ListUserPolicies.html
# File lib/fog/aws/requests/iam/list_user_policies.rb, line 27 def list_user_policies(user_name, options = {}) request({ 'Action' => 'ListUserPolicies', 'UserName' => user_name, :parser => Fog::Parsers::AWS::IAM::ListPolicies.new }.merge!(options)) end
List users
options<~Hash>:
'Marker'<~String>: used to paginate subsequent requests
'MaxItems'<~Integer>: limit results to this number per page
'PathPrefix'<~String>: prefix for filtering results
response<~Excon::Response>:
body<~Hash>:
'Users'<~Array> - Matching groups
user<~Hash>:
Arn<~String> -
Path<~String> -
UserId<~String> -
UserName<~String> -
'IsTruncated<~Boolean> - Whether or not results were truncated
'Marker'<~String> - appears when IsTruncated is true as the next marker to use
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_ListUsers.html
# File lib/fog/aws/requests/iam/list_users.rb, line 31 def list_users(options = {}) request({ 'Action' => 'ListUsers', :parser => Fog::Parsers::AWS::IAM::ListUsers.new }.merge!(options)) end
Add or update a policy for a group
group_name<~String>: name of the group
policy_name<~String>: name of policy document
policy_document<~Hash>: policy document, see: docs.amazonwebservices.com/IAM/latest/UserGuide/PoliciesOverview.html
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_PutGroupPolicy.html
# File lib/fog/aws/requests/iam/put_group_policy.rb, line 22 def put_group_policy(group_name, policy_name, policy_document) request( 'Action' => 'PutGroupPolicy', 'GroupName' => group_name, 'PolicyName' => policy_name, 'PolicyDocument' => Fog::JSON.encode(policy_document), :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Add or update a policy for a role
role_name<~String>: name of the role
policy_name<~String>: name of policy document
policy_document<~Hash>: policy document, see: docs.amazonwebservices.com/IAM/latest/UserGuide/PoliciesOverview.html
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_PutRolePolicy.html
# File lib/fog/aws/requests/iam/put_role_policy.rb, line 22 def put_role_policy(role_name, policy_name, policy_document) request( 'Action' => 'PutRolePolicy', 'RoleName' => role_name, 'PolicyName' => policy_name, 'PolicyDocument' => Fog::JSON.encode(policy_document), :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Add or update a policy for a user
user_name<~String>: name of the user
policy_name<~String>: name of policy document
policy_document<~Hash>: policy document, see: docs.amazonwebservices.com/IAM/latest/UserGuide/PoliciesOverview.html
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_PutUserPolicy.html
# File lib/fog/aws/requests/iam/put_user_policy.rb, line 22 def put_user_policy(user_name, policy_name, policy_document) request( 'Action' => 'PutUserPolicy', 'PolicyName' => policy_name, 'PolicyDocument' => Fog::JSON.encode(policy_document), 'UserName' => user_name, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
# File lib/fog/aws/iam.rb, line 279 def reload @connection.reset end
removes a role from an instance profile
Make sure you do not have any Amazon EC2 instances running with the role you are about to remove from the instance profile.
instance_profile_name<~String>: Name of the instance profile to update.
role_name<~String>:Name of the role to remove.
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_RemoveRoleFromInstanceProfile.html
# File lib/fog/aws/requests/iam/remove_role_from_instance_profile.rb, line 22 def remove_role_from_instance_profile(role_name, instance_profile_name) request( 'Action' => 'RemoveRoleFromInstanceProfile', 'InstanceProfileName' => instance_profile_name, 'RoleName' => role_name, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Remove a user from a group
group_name<~String>: name of the group
user_name<~String>: name of user to remove
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_RemoveUserFromGroup.html
# File lib/fog/aws/requests/iam/remove_user_from_group.rb, line 21 def remove_user_from_group(group_name, user_name) request( 'Action' => 'RemoveUserFromGroup', 'GroupName' => group_name, 'UserName' => user_name, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Remove a user from a group
policy_arn<~String>: arn of the policy
version_id<~String>: version of policy to delete
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_SetDefaultPolicyVersion.html
# File lib/fog/aws/requests/iam/set_default_policy_version.rb, line 21 def set_default_policy_version(policy_arn, version_id) request( 'Action' => 'SetDefaultPolicyVersion', 'PolicyArn' => policy_arn, 'VersionId' => version_id, :parser => Fog::Parsers::AWS::IAM::Basic.new ) end
Update an access key for a user
access_key_id<~String> - Access key id to delete
status<~String> - status of keys in ['Active', 'Inactive']
options<~Hash>:
'UserName'<~String> - name of the user to create (do not include path)
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/API_UpdateAccessKey.html
# File lib/fog/aws/requests/iam/update_access_key.rb, line 23 def update_access_key(access_key_id, status, options = {}) request({ 'AccessKeyId' => access_key_id, 'Action' => 'UpdateAccessKey', 'Status' => status, :parser => Fog::Parsers::AWS::IAM::Basic.new }.merge!(options)) end
Add or update the account password policy
* MinimumPasswordLength<~integer> Minimum length to require for IAM user passwords. * MaxPasswordAge<~integer> The number of days that an IAM user password is valid. * PasswordReusePrevention<~integer> Specifies the number of previous passwords that IAM users are prevented from reusing. * RequireSymbols<~boolean> Specifies whether to require symbols for IAM user passwords. * RequireNumbers<~boolean> Specifies whether to require numbers for IAM user passwords. * RequireUppercaseCharacters<~boolean> Specifies whether to require uppercase characters for IAM user passwords. * RequireLowercaseCharacters<~boolean> Specifies whether to require lowercase characters for IAM user passwords. * AllowUsersToChangePassword<~boolean> Specifies whether IAM users are allowed to change their own password. * HardExpiry<~boolean> Specifies whether IAM users are prevented from setting a new password after their password has expired. * ExpirePasswords<~boolean> Specifies whether IAM users are required to change their password after a specified number of days.
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAccountPasswordPolicy.html
# File lib/fog/aws/requests/iam/update_account_password_policy.rb, line 28 def update_account_password_policy(minimum_password_length, max_password_age, password_reuse_prevention,require_symbols,require_numbers,require_uppercase_characters, require_lowercase_characters,allow_users_to_change_password, hard_expiry, expire_passwords) request({ 'Action' => 'UpdateAccountPasswordPolicy', 'MinimumPasswordLength' => minimum_password_length, 'MaxPasswordAge' => max_password_age, 'PasswordReusePrevention' => password_reuse_prevention, 'RequireSymbols' => require_symbols, 'RequireNumbers' => require_numbers, 'RequireUppercaseCharacters' => require_uppercase_characters, 'RequireLowercaseCharacters' => require_lowercase_characters, 'AllowUsersToChangePassword' => allow_users_to_change_password, 'HardExpiry' => hard_expiry, 'ExpirePasswords' => expire_passwords, :parser => Fog::Parsers::AWS::IAM::Basic.new }) end
Creates a managed policy
policy_document<~Hash>: policy document, see: docs.amazonwebservices.com/IAM/latest/UserGuide/PoliciesOverview.html
role_name<~String>: name of role to update
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAssumeRolePolicy.html
# File lib/fog/aws/requests/iam/update_assume_role_policy.rb, line 21 def update_assume_role_policy(policy_document, role_name) request({ 'Action' => 'UpdateAssumeRolePolicy', 'PolicyDocument' => Fog::JSON.encode(policy_document), 'RoleName' => role_name, :parser => Fog::Parsers::AWS::IAM::Basic.new }.reject {|_, value| value.nil?}) end
Update a Group
group_name<~String> - Required. Name of the Group to update. If you're changing the name of the Group, this is the original Group name.
options<~Hash>:
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
'Group'<~Hash> - Changed Group info
'Arn'<~String> -
'Path'<~String> -
'GroupId'<~String> -
'GroupName'<~String> -
docs.amazonwebservices.com/IAM/latest/APIReference/index.html?API_UpdateGroup.html
# File lib/fog/aws/requests/iam/update_group.rb, line 27 def update_group(group_name, options = {}) request({ 'Action' => 'UpdateGroup', 'GroupName' => group_name, :parser => Fog::Parsers::AWS::IAM::UpdateGroup.new }.merge!(options)) end
Updates a login profile for a user
docs.amazonwebservices.com/IAM/latest/APIReference/API_UpdateLoginProfile.html
user_name<~String> - Name of user to change the login profile for
password<~String> - The new password for this user
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
# File lib/fog/aws/requests/iam/update_login_profile.rb, line 20 def update_login_profile(user_name, password) request({ 'Action' => 'UpdateLoginProfile', 'UserName' => user_name, 'Password' => password, :parser => Fog::Parsers::AWS::IAM::Basic.new }) end
Updates the name and/or the path of the specified server certificate.
server_certificate_name<~String> - The name of the server certificate that you want to update.
options<~Hash>:
'NewPath'<~String> - The new path for the server certificate. Include this only if you are updating the server certificate's path.
'NewServerCertificateName'<~String> - The new name for the server certificate. Include this only if you are updating the server certificate's name.
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/index.html?API_UpdateServerCertificate.html
# File lib/fog/aws/requests/iam/update_server_certificate.rb, line 26 def update_server_certificate(server_certificate_name, options = {}) request({ 'Action' => 'UpdateServerCertificate', 'ServerCertificateName' => server_certificate_name, :parser => Fog::Parsers::AWS::IAM::Basic.new }.merge!(options)) end
Update a Signing Certificate
certificate_id<~String> - Required. ID of the Certificate to update.
status<~String> - Required. Active/Inactive
options<~Hash>:
user_name<~String> - Name of the user the signing certificate belongs to.
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/index.html?API_UpdateSigningCertificate.html
# File lib/fog/aws/requests/iam/update_signing_certificate.rb, line 20 def update_signing_certificate(certificate_id, status, options = {}) request({ 'Action' => 'UpdateSigningCertificate', 'CertificateId' => certificate_id, 'Status' => status, :parser => Fog::Parsers::AWS::IAM::Basic.new }.merge!(options)) end
Update a user
user_name<~String> - Required. Name of the User to update. If you're changing the name of the User, this is the original User name.
options<~Hash>:
response<~Excon::Response>:
body<~Hash>:
'RequestId'<~String> - Id of the request
'User'<~Hash> - Changed user info
'Arn'<~String> -
'Path'<~String> -
'UserId'<~String> -
'UserName'<~String> -
docs.amazonwebservices.com/IAM/latest/APIReference/index.html?API_UpdateUser.html
# File lib/fog/aws/requests/iam/update_user.rb, line 27 def update_user(user_name, options = {}) request({ 'Action' => 'UpdateUser', 'UserName' => user_name, :parser => Fog::Parsers::AWS::IAM::UpdateUser.new }.merge!(options)) end
Uploads a server certificate entity for the AWS Account. Includes a public key certificate, a private key, and an optional certificate chain, which should all be PEM-encoded.
certificate<~Hash>: The contents of the public key certificate in PEM-encoded format.
private_key<~Hash>: The contents of the private key in PEM-encoded format.
name<~Hash>: The name for the server certificate. Do not include the path in this value.
options<~Hash>:
'CertificateChain'<~String> - The contents of the certificate chain. Typically a concatenation of the PEM-encoded public key certificates of the chain.
'Path'<~String> - The path for the server certificate.
response<~Excon::Response>:
body<~Hash>:
'Certificate'<~Hash>:
'Arn'<~String> -
'Path'<~String> -
'ServerCertificateId'<~String> -
'ServerCertificateName'<~String> -
'UploadDate'<~Time>
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/index.html?API_UploadServerCertificate.html
# File lib/fog/aws/requests/iam/upload_server_certificate.rb, line 32 def upload_server_certificate(certificate, private_key, name, options = {}) request({ 'Action' => 'UploadServerCertificate', 'CertificateBody' => certificate, 'PrivateKey' => private_key, 'ServerCertificateName' => name, :parser => Fog::Parsers::AWS::IAM::UploadServerCertificate.new }.merge!(options)) end
Upload signing certificate for user (by default detects user from access credentials)
options<~Hash>:
'UserName'<~String> - name of the user to upload certificate for (do not include path)
response<~Excon::Response>:
body<~Hash>:
'Certificate'<~Hash>:
'CertificateId'<~String> -
'UserName'<~String> -
'CertificateBody'<~String> -
'Status'<~String> -
'RequestId'<~String> - Id of the request
docs.amazonwebservices.com/IAM/latest/APIReference/index.html?API_UploadSigningCertificate.html
# File lib/fog/aws/requests/iam/upload_signing_certificate.rb, line 26 def upload_signing_certificate(certificate, options = {}) request({ 'Action' => 'UploadSigningCertificate', 'CertificateBody' => certificate, :parser => Fog::Parsers::AWS::IAM::UploadSigningCertificate.new }.merge!(options)) end
# File lib/fog/aws/iam.rb, line 324 def _request(body, headers, idempotent, parser) @connection.request({ :body => body, :expects => 200, :idempotent => idempotent, :headers => headers, :method => 'POST', :parser => parser }) rescue Excon::Errors::HTTPStatusError => error match = Fog::AWS::Errors.match_error(error) raise if match.empty? raise case match[:code] when 'CertificateNotFound', 'NoSuchEntity' Fog::AWS::IAM::NotFound.slurp(error, match[:message]) when 'EntityAlreadyExists', 'KeyPairMismatch', 'LimitExceeded', 'MalformedCertificate', 'ValidationError' Fog::AWS::IAM.const_get(match[:code]).slurp(error, match[:message]) else Fog::AWS::IAM::Error.slurp(error, "#{match[:code]} => #{match[:message]}") end end
# File lib/fog/aws/iam.rb, line 296 def request(params) refresh_credentials_if_expired idempotent = params.delete(:idempotent) parser = params.delete(:parser) body, headers = Fog::AWS.signed_params_v4( params, { 'Content-Type' => 'application/x-www-form-urlencoded' }, { :signer => @signer, :aws_session_token => @aws_session_token, :host => @host, :path => @path, :port => @port, :version => '2010-05-08', :method => 'POST' } ) if @instrumentor @instrumentor.instrument("#{@instrumentor_name}.request", params) do _request(body, headers, idempotent, parser) end else _request(body, headers, idempotent, parser) end end
# File lib/fog/aws/iam.rb, line 285 def setup_credentials(options) @aws_access_key_id = options[:aws_access_key_id] @aws_secret_access_key = options[:aws_secret_access_key] @aws_session_token = options[:aws_session_token] @aws_credentials_expire_at = options[:aws_credentials_expire_at] #global services that have no region are signed with the us-east-1 region #the only exception is GovCloud, which requires the region to be explicitly specified as us-gov-west-1 @signer = Fog::AWS::SignatureV4.new(@aws_access_key_id, @aws_secret_access_key, @region, 'iam') end