You are viewing documentation for version 3 of the AWS SDK for Ruby. Version 2 documentation can be found here.

Class: Aws::IAM::User

Inherits:
Object
  • Object
show all
Defined in:
gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb

Defined Under Namespace

Classes: Collection

Actions collapse

Associations collapse

Read-Only Attributes collapse

Instance Method Summary collapse

Constructor Details

#initialize(name, options = {}) ⇒ User #initialize(options = {}) ⇒ User

Returns a new instance of User

Overloads:

  • #initialize(name, options = {}) ⇒ User

    Parameters:

    • name (String)

    Options Hash (options):

  • #initialize(options = {}) ⇒ User

    Options Hash (options):

    • :name (required, String)
    • :client (Client)


19
20
21
22
23
24
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 19

def initialize(*args)
  options = Hash === args.last ? args.pop.dup : {}
  @name = extract_name(args, options)
  @data = options.delete(:data)
  @client = options.delete(:client) || Client.new(options)
end

Instance Method Details

#access_key(id) ⇒ AccessKey

Parameters:

  • id (String)

Returns:



515
516
517
518
519
520
521
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 515

def access_key(id)
  AccessKey.new(
    user_name: @name,
    id: id,
    client: @client
  )
end

#access_keys(options = {}) ⇒ AccessKey::Collection

Examples:

Request syntax with placeholder values


user.access_keys()

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Returns:



528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 528

def access_keys(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(user_name: @name)
    resp = @client.list_access_keys(options)
    resp.each_page do |page|
      batch = []
      page.data..each do |a|
        batch << AccessKey.new(
          user_name: @name,
          id: a.access_key_id,
          data: a,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  AccessKey::Collection.new(batches)
end

#add_group(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values


user.add_group({
  group_name: "groupNameType", # required
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :group_name (required, String)

    The name of the group to update.

    This parameter allows (per its regex pattern) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-

Returns:

  • (EmptyStructure)


191
192
193
194
195
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 191

def add_group(options = {})
  options = options.merge(user_name: @name)
  resp = @client.add_user_to_group(options)
  resp.data
end

#arnString

The Amazon Resource Name (ARN) that identifies the user. For more information about ARNs and how to use ARNs in policies, see IAM Identifiers in the Using IAM guide.

Returns:

  • (String)


65
66
67
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 65

def arn
  data.arn
end

#attach_policy(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values


user.attach_policy({
  policy_arn: "arnType", # required
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

Returns:

  • (EmptyStructure)


213
214
215
216
217
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 213

def attach_policy(options = {})
  options = options.merge(user_name: @name)
  resp = @client.attach_user_policy(options)
  resp.data
end

#attached_policies(options = {}) ⇒ Policy::Collection

Examples:

Request syntax with placeholder values


attached_policies = user.attached_policies({
  path_prefix: "policyPathType",
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :path_prefix (String)

    The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all policies.

    This paramater allows (per its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes, containing any ASCII character from the ! (\u0021) thru the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercased letters.

Returns:



570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 570

def attached_policies(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(user_name: @name)
    resp = @client.list_attached_user_policies(options)
    resp.each_page do |page|
      batch = []
      page.data.attached_policies.each do |a|
        batch << Policy.new(
          arn: a.policy_arn,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  Policy::Collection.new(batches)
end

#clientClient

Returns:



108
109
110
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 108

def client
  @client
end

#create(options = {}) ⇒ User

Examples:

Request syntax with placeholder values


user = user.create({
  path: "pathType",
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :path (String)

    The path for the user name. For more information about paths, see IAM Identifiers in the IAM User Guide.

    This parameter is optional. If it is not included, it defaults to a slash (/).

    This paramater allows (per its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes, containing any ASCII character from the ! (\u0021) thru the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercased letters.

Returns:



244
245
246
247
248
249
250
251
252
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 244

def create(options = {})
  options = options.merge(user_name: @name)
  resp = @client.create_user(options)
  User.new(
    name: options[:user_name],
    data: resp.data.user,
    client: @client
  )
end

#create_access_key_pair(options = {}) ⇒ AccessKeyPair

Examples:

Request syntax with placeholder values


user.create_access_key_pair()

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Returns:



259
260
261
262
263
264
265
266
267
268
269
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 259

def create_access_key_pair(options = {})
  options = options.merge(user_name: @name)
  resp = @client.create_access_key(options)
  AccessKeyPair.new(
    user_name: @name,
    id: resp.data.access_key.access_key_id,
    secret: resp.data.access_key.secret_access_key,
    data: resp.data.access_key,
    client: @client
  )
end

#create_dateTime

The date and time, in ISO 8601 date-time format, when the user was created.

Returns:

  • (Time)


76
77
78
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 76

def create_date
  data.create_date
end

#create_login_profile(options = {}) ⇒ LoginProfile

Examples:

Request syntax with placeholder values


loginprofile = user.({
  password: "passwordType", # required
  password_reset_required: false,
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :password (required, String)

    The new password for the user.

    The regex pattern used to validate this parameter is a string of characters consisting of almost any printable ASCII character from the space (\u0020) through the end of the ASCII character range (\u00FF). You can also include the tab (\u0009), line feed (\u000A), and carriage return (\u000D) characters. Although any of these characters are valid in a password, note that many tools, such as the AWS Management Console, might restrict the ability to enter certain characters because they have special meaning within that tool.

  • :password_reset_required (Boolean)

    Specifies whether the user is required to set a new password on next sign-in.

Returns:



297
298
299
300
301
302
303
304
305
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 297

def (options = {})
  options = options.merge(user_name: @name)
  resp = @client.(options)
  LoginProfile.new(
    user_name: resp.data..user_name,
    data: resp.data.,
    client: @client
  )
end

#create_policy(options = {}) ⇒ UserPolicy

Examples:

Request syntax with placeholder values


userpolicy = user.create_policy({
  policy_name: "policyNameType", # required
  policy_document: "policyDocumentType", # required
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :policy_name (required, String)

    The name of the policy document.

    This parameter allows (per its regex pattern) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-

  • :policy_document (required, String)

    The policy document.

    The regex pattern used to validate this parameter is a string of characters consisting of any printable ASCII character ranging from the space character (\u0020) through end of the ASCII character range as well as the printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF). It also includes the special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D).

Returns:



340
341
342
343
344
345
346
347
348
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 340

def create_policy(options = {})
  options = options.merge(user_name: @name)
  resp = @client.put_user_policy(options)
  UserPolicy.new(
    user_name: @name,
    name: options[:policy_name],
    client: @client
  )
end

#dataTypes::User

Returns the data for this Aws::IAM::User. Calls Client#get_user if #data_loaded? is false.

Returns:



128
129
130
131
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 128

def data
  load unless @data
  @data
end

#data_loaded?Boolean

Returns true if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

Returns:

  • (Boolean)

    Returns true if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.



136
137
138
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 136

def data_loaded?
  !!@data
end

#delete(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values


user.delete()

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Returns:

  • (EmptyStructure)


355
356
357
358
359
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 355

def delete(options = {})
  options = options.merge(user_name: @name)
  resp = @client.delete_user(options)
  resp.data
end

#detach_policy(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values


user.detach_policy({
  policy_arn: "arnType", # required
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

Returns:

  • (EmptyStructure)


377
378
379
380
381
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 377

def detach_policy(options = {})
  options = options.merge(user_name: @name)
  resp = @client.detach_user_policy(options)
  resp.data
end

#enable_mfa(options = {}) ⇒ MfaDevice

Examples:

Request syntax with placeholder values


mfadevice = user.enable_mfa({
  serial_number: "serialNumberType", # required
  authentication_code_1: "authenticationCodeType", # required
  authentication_code_2: "authenticationCodeType", # required
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :serial_number (required, String)

    The serial number that uniquely identifies the MFA device. For virtual MFA devices, the serial number is the device ARN.

    This parameter allows (per its regex pattern) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@:/-

  • :authentication_code_1 (required, String)

    An authentication code emitted by the device.

    The format for this parameter is a string of 6 digits.

    Submit your request immediately after generating the authentication codes. If you generate the codes and then wait too long to submit the request, the MFA device successfully associates with the user but the MFA device becomes out of sync. This happens because time-based one-time passwords (TOTP) expire after a short period of time. If this happens, you can resync the device.

  • :authentication_code_2 (required, String)

    A subsequent authentication code emitted by the device.

    The format for this parameter is a string of 6 digits.

    Submit your request immediately after generating the authentication codes. If you generate the codes and then wait too long to submit the request, the MFA device successfully associates with the user but the MFA device becomes out of sync. This happens because time-based one-time passwords (TOTP) expire after a short period of time. If this happens, you can resync the device.

Returns:



434
435
436
437
438
439
440
441
442
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 434

def enable_mfa(options = {})
  options = options.merge(user_name: @name)
  resp = @client.enable_mfa_device(options)
  MfaDevice.new(
    user_name: @name,
    serial_number: options[:serial_number],
    client: @client
  )
end

#exists?(options = {}) ⇒ Boolean

Returns true if the User exists.

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Returns:

  • (Boolean)

    Returns true if the User exists.



143
144
145
146
147
148
149
150
151
152
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 143

def exists?(options = {})
  begin
    wait_until_exists(options.merge(max_attempts: 1))
    true
  rescue Aws::Waiters::Errors::UnexpectedError => e
    raise e.error
  rescue Aws::Waiters::Errors::WaiterFailed
    false
  end
end

#groups(options = {}) ⇒ Group::Collection

Examples:

Request syntax with placeholder values


user.groups()

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Returns:



593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 593

def groups(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(user_name: @name)
    resp = @client.list_groups_for_user(options)
    resp.each_page do |page|
      batch = []
      page.data.groups.each do |g|
        batch << Group.new(
          name: g.group_name,
          data: g,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  Group::Collection.new(batches)
end

#loadself Also known as: reload

Loads, or reloads #data for the current Aws::IAM::User. Returns self making it possible to chain methods.

user.reload.data

Returns:

  • (self)


118
119
120
121
122
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 118

def load
  resp = @client.get_user(user_name: @name)
  @data = resp.user
  self
end

#login_profileLoginProfile

Returns:



613
614
615
616
617
618
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 613

def 
  LoginProfile.new(
    user_name: @name,
    client: @client
  )
end

#mfa_device(serial_number) ⇒ MfaDevice

Parameters:

  • serial_number (String)

Returns:



622
623
624
625
626
627
628
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 622

def mfa_device(serial_number)
  MfaDevice.new(
    user_name: @name,
    serial_number: serial_number,
    client: @client
  )
end

#mfa_devices(options = {}) ⇒ MfaDevice::Collection

Examples:

Request syntax with placeholder values


user.mfa_devices()

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Returns:



635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 635

def mfa_devices(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(user_name: @name)
    resp = @client.list_mfa_devices(options)
    resp.each_page do |page|
      batch = []
      page.data.mfa_devices.each do |m|
        batch << MfaDevice.new(
          user_name: @name,
          serial_number: m.serial_number,
          data: m,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  MfaDevice::Collection.new(batches)
end

#nameString Also known as: user_name

Returns:

  • (String)


29
30
31
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 29

def name
  @name
end

#password_last_usedTime

The date and time, in ISO 8601 date-time format, when the user's password was last used to sign in to an AWS website. For a list of AWS websites that capture a user's last sign-in time, see the Credential Reports topic in the Using IAM guide. If a password is used more than once in a five-minute span, only the first use is returned in this field. This field is null (not present) when:

  • The user does not have a password

  • The password exists but has never been used (at least not since IAM started tracking this information on October 20th, 2014

  • there is no sign-in data associated with the user

This value is returned only in the GetUser and ListUsers actions.

Returns:

  • (Time)


101
102
103
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 101

def password_last_used
  data.password_last_used
end

#pathString

The path to the user. For more information about paths, see IAM Identifiers in the Using IAM guide.

Returns:

  • (String)


41
42
43
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 41

def path
  data.path
end

#policies(options = {}) ⇒ UserPolicy::Collection

Examples:

Request syntax with placeholder values


user.policies()

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Returns:



660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 660

def policies(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(user_name: @name)
    resp = @client.list_user_policies(options)
    resp.each_page do |page|
      batch = []
      page.data.policy_names.each do |p|
        batch << UserPolicy.new(
          user_name: @name,
          name: p,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  UserPolicy::Collection.new(batches)
end

#policy(name) ⇒ UserPolicy

Parameters:

  • name (String)

Returns:



681
682
683
684
685
686
687
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 681

def policy(name)
  UserPolicy.new(
    user_name: @name,
    name: name,
    client: @client
  )
end

#remove_group(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values


user.remove_group({
  group_name: "groupNameType", # required
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :group_name (required, String)

    The name of the group to update.

    This parameter allows (per its regex pattern) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-

Returns:

  • (EmptyStructure)


462
463
464
465
466
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 462

def remove_group(options = {})
  options = options.merge(user_name: @name)
  resp = @client.remove_user_from_group(options)
  resp.data
end

#signing_certificate(id) ⇒ SigningCertificate

Parameters:

  • id (String)

Returns:



691
692
693
694
695
696
697
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 691

def signing_certificate(id)
  SigningCertificate.new(
    user_name: @name,
    id: id,
    client: @client
  )
end

#signing_certificates(options = {}) ⇒ SigningCertificate::Collection

Examples:

Request syntax with placeholder values


user.signing_certificates()

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Returns:



704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 704

def signing_certificates(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(user_name: @name)
    resp = @client.list_signing_certificates(options)
    resp.each_page do |page|
      batch = []
      page.data.certificates.each do |c|
        batch << SigningCertificate.new(
          user_name: @name,
          id: c.certificate_id,
          data: c,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  SigningCertificate::Collection.new(batches)
end

#update(options = {}) ⇒ User

Examples:

Request syntax with placeholder values


user = user.update({
  new_path: "pathType",
  new_user_name: "userNameType",
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :new_path (String)

    New path for the IAM user. Include this parameter only if you're changing the user's path.

    This paramater allows (per its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes, containing any ASCII character from the ! (\u0021) thru the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercased letters.

  • :new_user_name (String)

    New name for the user. Include this parameter only if you're changing the user's name.

    This parameter allows (per its regex pattern) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-

Returns:



502
503
504
505
506
507
508
509
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 502

def update(options = {})
  options = options.merge(user_name: @name)
  resp = @client.update_user(options)
  User.new(
    name: options[:new_user_name],
    client: @client
  )
end

#user_idString

The stable and unique string identifying the user. For more information about IDs, see IAM Identifiers in the Using IAM guide.

Returns:

  • (String)


53
54
55
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 53

def user_id
  data.user_id
end

#wait_until_exists(options = {}) ⇒ User

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :max_attempts (Integer) — default: 20
  • :delay (Float) — default: 1
  • :before_attempt (Proc)
  • :before_wait (Proc)

Returns:



160
161
162
163
164
165
166
167
168
169
# File 'gems/aws-sdk-iam/lib/aws-sdk-iam/user.rb', line 160

def wait_until_exists(options = {})
  options, params = separate_params_and_options(options)
  waiter = Waiters::UserExists.new(options)
  yield_waiter_and_warn(waiter, &Proc.new) if block_given?
  waiter.wait(params.merge(user_name: @name))
  User.new({
    name: @name,
    client: @client
  })
end