Managing IAM Users - AWS SDK for Java version 2

Managing IAM Users

Creating a User

Create a new IAM user by providing the user name to the IamClient’s createUser method using a CreateUserRequest object containing the user name.

Imports

import software.amazon.awssdk.services.iam.model.CreateUserRequest; import software.amazon.awssdk.services.iam.model.CreateUserResponse; import software.amazon.awssdk.services.iam.model.IamException; import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.iam.IamClient;

Code

public static String createIAMUser(IamClient iam, String username ) { try { CreateUserRequest request = CreateUserRequest.builder() .userName(username).build(); CreateUserResponse response = iam.createUser(request); return response.user().userName(); } catch (IamException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } return ""; }

See the complete example on GitHub.

Listing Users

To list the IAM users for your account, create a new ListUsersRequest and pass it to the IamClient’s listUsers method. You can retrieve the list of users by calling users on the returned ListUsersResponse object.

The list of users returned by listUsers is paged. You can check to see there are more results to retrieve by calling the response object’s isTruncated method. If it returns true, then call the response object’s marker() method. Use the marker value to create a new request object. Then call the listUsers method again with the new request.

Imports

import software.amazon.awssdk.services.iam.model.IamException; import software.amazon.awssdk.services.iam.model.ListUsersRequest; import software.amazon.awssdk.services.iam.model.ListUsersResponse; import software.amazon.awssdk.services.iam.model.User; import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.iam.IamClient;

Code

public static void listAllUsers(IamClient iam ) { try { boolean done = false; String newMarker = null; while(!done) { ListUsersResponse response; if (newMarker == null) { ListUsersRequest request = ListUsersRequest.builder().build(); response = iam.listUsers(request); } else { ListUsersRequest request = ListUsersRequest.builder() .marker(newMarker).build(); response = iam.listUsers(request); } for(User user : response.users()) { System.out.format("\n Retrieved user %s", user.userName()); } if(!response.isTruncated()) { done = true; } else { newMarker = response.marker(); } } } catch (IamException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } System.out.println("Done");

See the complete example on GitHub.

Updating a User

To update a user, call the IamClient object’s updateUser method, which takes a UpdateUserRequest object that you can use to change the user’s name or path.

Imports

import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.iam.IamClient; import software.amazon.awssdk.services.iam.model.IamException; import software.amazon.awssdk.services.iam.model.UpdateUserRequest; import software.amazon.awssdk.services.iam.model.UpdateUserResponse;

Code

public static void updateIAMUser(IamClient iam, String curName,String newName ) { try { UpdateUserRequest request = UpdateUserRequest.builder() .userName(curName) .newUserName(newName).build(); UpdateUserResponse response = iam.updateUser(request); System.out.printf("Successfully updated user to username %s", newName); } catch (IamException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } System.out.println("Done"); }

See the complete example on GitHub.

Deleting a User

To delete a user, call the IamClient’s deleteUser request with a UpdateUserRequest object set with the user name to delete.

Imports

import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.iam.IamClient; import software.amazon.awssdk.services.iam.model.DeleteUserRequest; import software.amazon.awssdk.services.iam.model.IamException;

Code

public static void deleteIAMUser(IamClient iam, String username) { try { DeleteUserRequest request = DeleteUserRequest.builder() .userName(username).build(); iam.deleteUser(request); System.out.println("Successfully deleted IAM user " + username); } catch (IamException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } System.out.println("Done"); }

See the complete example on GitHub.

More Information