AWS SDK for Java
Developer Guide

Managing IAM Users

Important

This is a preview release and is not recommended for production environments.

Creating a User

Create a new IAM user by providing the user name to the IamClient's createUser method using a CreateUserRequest object containing the user name.

Imports

import software.amazon.awssdk.services.iam.model.CreateUserRequest; import software.amazon.awssdk.services.iam.model.CreateUserResponse; import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.iam.IamClient;

Code

Region region = Region.AWS_GLOBAL; IamClient iam = IamClient.builder().region(region).build(); CreateUserRequest request = CreateUserRequest.builder() .userName(username).build(); CreateUserResponse response = iam.createUser(request);

See the complete example on GitHub.

Listing Users

To list the IAM users for your account, create a new ListUsersRequest and pass it to the IamClient's listUsers method. You can retrieve the list of users by calling users on the returned ListUsersResponse object.

The list of users returned by listUsers is paged. You can check to see there are more results to retrieve by calling the response object's isTruncated method. If it returns true, then call the response object's marker() method. Use the marker value to create a new request object. Then call the listUsers method again with the new request.

Imports

import software.amazon.awssdk.services.iam.model.ListUsersRequest; import software.amazon.awssdk.services.iam.model.ListUsersResponse; import software.amazon.awssdk.services.iam.model.User; import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.iam.IamClient;

Code

Region region = Region.AWS_GLOBAL; IamClient iam = IamClient.builder().region(region).build(); boolean done = false; String new_marker = null; while(!done) { ListUsersResponse response; if (new_marker == null) { ListUsersRequest request = ListUsersRequest.builder().build(); response = iam.listUsers(request); } else { ListUsersRequest request = ListUsersRequest.builder() .marker(new_marker).build(); response = iam.listUsers(request); } for(User user : response.users()) { System.out.format("Retrieved user %s", user.userName()); } if(!response.isTruncated()) { done = true; } else { new_marker = response.marker(); } }

See the complete example on GitHub.

Updating a User

To update a user, call the IamClient object's updateUser method, which takes a UpdateUserRequest object that you can use to change the user's name or path.

Imports

import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.iam.IamClient; import software.amazon.awssdk.services.iam.model.UpdateUserRequest; import software.amazon.awssdk.services.iam.model.UpdateUserResponse;

Code

Region region = Region.AWS_GLOBAL; IamClient iam = IamClient.builder().region(region).build(); UpdateUserRequest request = UpdateUserRequest.builder() .userName(cur_name) .newUserName(new_name).build(); UpdateUserResponse response = iam.updateUser(request);

See the complete example on GitHub.

Deleting a User

To delete a user, call the IamClient's deleteUser request with a UpdateUserRequest object set with the user name to delete.

Imports

import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.iam.IamClient; import software.amazon.awssdk.services.iam.model.DeleteConflictException; import software.amazon.awssdk.services.iam.model.DeleteUserRequest;

Code

Region region = Region.AWS_GLOBAL; IamClient iam = IamClient.builder().region(region).build(); DeleteUserRequest request = DeleteUserRequest.builder() .userName(username).build(); try { iam.deleteUser(request); } catch (DeleteConflictException e) { System.out.println("Unable to delete user. Verify user is not" + " associated with any resources"); throw e; }

See the complete example on GitHub.

More Information