def _get_iam_user_sync(account_id, user_name,
conn) -> Optional[Dict[str, Any]]:
client = boto3_cached_conn(
"iam",
account_number=account_id,
assume_role=config.get("policies.role_name"),
read_only=True,
retry_max_attempts=2,
client_kwargs=config.get("boto3.client_kwargs", {}),
)
user = client.get_user(UserName=user_name)["User"]
user["ManagedPolicies"] = get_user_managed_policies(
{"UserName": user_name}, **conn)
user["InlinePolicies"] = get_user_inline_policies(
{"UserName": user_name}, **conn)
user["Tags"] = client.list_user_tags(UserName=user_name)
user["Groups"] = client.list_groups_for_user(UserName=user_name)
return user
def get_user(user, output='camelized', **conn):
"""
Orchestrates all the calls required to fully build out an IAM User in the following format:
{
"Arn": ...,
"AccessKeys": ...,
"CreateDate": ..., # str
"InlinePolicies": ...,
"ManagedPolicies": ...,
"MFADevices": ...,
"Path": ...,
"UserId": ...,
"UserName": ...,
"SigningCerts": ...
}
:param user: dict containing (at the very least) arn or the combination of user_name and account_number
:param output: Determines whether keys should be returned camelized or underscored.
:param conn: dict containing enough information to make a connection to the desired account.
Must at least have 'assume_role' key.
:return: dict containing fully built out user.
"""
user = modify(user, 'camelized')
_conn_from_args(user, conn)
user = _get_base(user, **conn)
user.update({
'access_keys':
get_user_access_keys(user, **conn),
'inline_policies':
get_user_inline_policies(user, **conn),
'managed_policies':
get_user_managed_policies(user, **conn),
'mfa_devices':
get_user_mfa_devices(user, **conn),
'login_profile':
get_user_login_profile(user, **conn),
'signing_certificates':
get_user_signing_certificates(user, **conn),
'_version':
1
})
return modify(user, format=output)
def get_inline_policies(user, **conn):
return get_user_inline_policies(user, **conn)