def access_key(self, s3_user): connect = IAMConnection(self.admin_access_key, self.admin_secret_key) key = connect.create_access_key(s3_user) access_key = key['create_access_key_response'][u'create_access_key_result'][u'access_key'][u'access_key_id'] secret_key = key['create_access_key_response'][u'create_access_key_result'][u'access_key'][u'secret_access_key'] return s3_user, access_key, secret_key
def access_key(self, s3_user): connect = IAMConnection(self.admin_access_key, self.admin_secret_key) key = connect.create_access_key(s3_user) access_key = key['create_access_key_response'][ u'create_access_key_result'][u'access_key'][u'access_key_id'] secret_key = key['create_access_key_response'][ u'create_access_key_result'][u'access_key'][u'secret_access_key'] return s3_user, access_key, secret_key
def create_iam_user(): """Create a new IAM user. :rtype: json :returns: The resource uri of the new user, the ARN of the user, the user's access key, and their secret key. Usage:: $ curl -H "Content-Type: application/json" -X POST --data '{"user_name": "rdegges"}' /iam { "resource_uri": "http://dummy", "arn": "arn:aws:iam::xxxxxxxxxxxx:user/user_name", "aws_access_key_id": "blah" "aws_secret_access_key": "blah" } """ user_name = request.json.get("user_name") if request.json else None # If no user name is specified in the request, fail immediately: if not user_name: return (None, 400) # Create the new IAM user: conn = IAMConnection(app.config["AWS_ACCESS_KEY_ID"], app.config["AWS_SECRET_ACCESS_KEY"]) create_user_resp = conn.create_user(user_name) # Generate an AWS access key ID and secret access key for the new IAM user: create_key_resp = conn.create_access_key(user_name=user_name) # Store the new IAM user information: user_data = {} user_data["arn"] = create_user_resp["create_user_response"]["create_user_result"]["user"]["arn"] user_data["aws_access_key_id"] = create_key_resp["create_access_key_response"]["create_access_key_result"][ "access_key" ]["access_key_id"] user_data["aws_secret_access_key"] = create_key_resp["create_access_key_response"]["create_access_key_result"][ "access_key" ]["secret_access_key"] user_data["resource_uri"] = "http://dummy" return jsonify(user_data)
def s3_bucket_maker(answers): access_key = os.environ['ACCESS_KEY_ID'] secret_key = os.environ['SECRET_ACCESS_KEY'] s3conn = S3Connection(access_key, secret_key) iamconn = IAMConnection(access_key, secret_key) bucket = s3conn.create_bucket(answers['bucket_name']) print("BUCKET: %s created" % answers['bucket_name']) user = None try: user = iamconn.get_user(answers['username']) except boto.exception.BotoServerError, e: if e.status == 404: print('User not found... creating one') user = iamconn.create_user(answers['username']) keys = iamconn.create_access_key(answers['username']) print(keys) else: raise e
for key in iam.get_all_access_keys(user_name).list_access_keys_response.list_access_keys_result.access_key_metadata: print "DESTROY: Destroying access key %s of user %s" % ( key.access_key_id, user_name) iam.delete_access_key(key.access_key_id, user_name) print "DESTROY: Destructing old user %s" % (user_name,) iam.delete_user(user_name) if not user_exists or destructive: print "INIITALIZE: User %s does not exist, creating" % ( user_name,) user = iam.create_user(user_name) print "INITIALIZE: Adding user %s to group %s" % ( user_name, group_name) iam.add_user_to_group(group_name, user_name) print "INITIALIZE: Creating new access key for user %s" % ( user_name,) key = iam.create_access_key(user_name).create_access_key_response.create_access_key_result.access_key access_key = key.access_key_id secret_key = key.secret_access_key print """ **************************************************************************** IMPORTANT! The secret key cannot be recovered later - make a note of it NOW! User: %(userid)s Access Key: %(accesskey)s Secret Key: %(secretkey)s Export: export AWS_ACCESS_KEY_ID=%(accesskey)s \ AWS_SECRET_ACCESS_KEY=%(secretkey)s **************************************************************************** """ % {
username = raw_input('please input a name for iam create: ') #create the user on aws/iam create = iamconn.create_user(username) #diplay the user you created data = iamconn.get_user(user_name=username) print "useername is:%s" % data.get_user_result.user.user_name #print type(data) #create access_key key = iamconn.create_access_key(user_name=username) #keys/aws side of things key_id = key.create_access_key_response.create_access_key_result.access_key.access_key_id key_key = key.create_access_key_response.create_access_key_result.access_key.secret_access_key print "aws_key_id:%s" % key_id print "aws_key_key:%s" % key_key #put the user policy plicy_json = """{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow",
username=raw_input('please input a name for iam create: ') #create user create = iamconn.create_user(username) #print create data = iamconn.get_user(user_name=username) print "useername is:%s" % data.get_user_result.user.user_name #print type(data) #create access_key key = iamconn.create_access_key(user_name=username) key_id=key.create_access_key_response.create_access_key_result.access_key.access_key_id key_key=key.create_access_key_response.create_access_key_result.access_key.secret_access_key print "aws_key_id:%s" % key_id print "aws_key_key:%s" % key_key #put the user policy plicy_json="""{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "ses:SendRawEmail",