class AWS::IAM::User
Represents an IAM
User
. Each AWS
account can have many users. Users can be organized (optionally) into groups. Users (and groups) can be given policies that affect that they can do.
## Creating A User
iam = AWS::IAM.new user = iam.users.create('johndoe')
## Renaming a User
You can only edit a user’s name and path (both of which will modify the user’s ARN).
user = iam.users['johndoe'] user.name = 'newname'
## User
Path
When you create a user you can assign a path. Paths must begin and end with a forward slash (/).
user = iam.users.create('newuser', :path => '/developers/ruby/')
Paths are a useful tool for organizing/tagging users. You can later enumerate users by their path prefixes:
iam.users.each(:path_prefix => '/developers').each do |developer| puts developer.name end
## Login Profile
A login profile is required for an IAM
user to use the AWS
Management console (web interface). See {LoginProfile} for more information.
## Deleting Users
In order to delete a user you must first remove it from all of its groups and delete all of its signing certificates. Once this is done:
@attr [String] user_name
@attr [String] path
@attr_reader [String] id
@attr_reader [DateTime] create_date
@attr_reader [String] arn
Public Class Methods
@param [String] name The IAM
user name for this user. @param [Hash] options
AWS::Core::Resource::new
# File lib/aws/iam/user.rb, line 75 def initialize name, options = {} options[:name] = name super(options) end
Public Instance Methods
Returns a collection that represents the access keys for this user.
user.access_keys.each do |access_key| puts access_key.id end
@return [AccessKeyCollection] Returns a collection that represents all
access keys for this user.
# File lib/aws/iam/user.rb, line 182 def access_keys AccessKeyCollection.new(:user => self) end
Deletes this user. @return [nil]
# File lib/aws/iam/user.rb, line 107 def delete client.delete_user(resource_options) nil end
Deletes the current user, after:
-
deleting its login profile
-
removing it from all groups
-
deleting all of its access keys
-
deleting its mfa devices
-
deleting its signing certificates
# File lib/aws/iam/user.rb, line 118 def delete! groups.clear access_keys.clear policies.clear mfa_devices.clear signing_certificates.clear login_profile.delete if login_profile.exists? delete end
Returns a collection that includes all of the groups the user is in. @return [UserGroupCollection]
# File lib/aws/iam/user.rb, line 188 def groups UserGroupCollection.new(self) end
A login profile is a user name and password that enables a user to log in to the {aws.amazon.com/console AWS
Management Console}. The object returned by this method allows you to set or delete the password. For example:
user.login_profile.password = "TheNewPassword"
@return [LoginProfile] Returns the login profile for this user.
# File lib/aws/iam/user.rb, line 170 def login_profile LoginProfile.new(self) end
@return [MFADeviceCollection] Returns a collection that represents
all MFA devices assigned to this user.
# File lib/aws/iam/user.rb, line 158 def mfa_devices MFADeviceCollection.new(self) end
Returns a collection that represents all policies for this user.
user.policies.each do |policy| puts policy.name end
@return [PolicyCollection] Returns a collection that represents
all policies for this user.
# File lib/aws/iam/user.rb, line 136 def policies UserPolicyCollection.new(self) end
Returns a collection that represents the signing certificates belonging to this user.
user.signing_certificates.each do |cert| # ... end
If you need to access the signing certificates of this AWS
account, see {IAM#signing_certificates}.
@return [SigningCertificateCollection] Returns a collection that
represents signing certificates for this user.
# File lib/aws/iam/user.rb, line 152 def signing_certificates SigningCertificateCollection.new(:user => self, :config => config) end
Protected Instance Methods
@api private
# File lib/aws/iam/user.rb, line 194 def resource_identifiers [[:user_name, name]] end