def main(self):
if self.args['recursive'] or self.args['pretend']:
# Figure out what we'd have to delete
req = GetGroup.from_other(
self, GroupName=self.args['GroupName'],
DelegateAccount=self.params['DelegateAccount'])
members = req.main().get('Users', [])
req = ListGroupPolicies.from_other(
self, GroupName=self.args['GroupName'],
DelegateAccount=self.params['DelegateAccount'])
policies = req.main().get('PolicyNames', [])
else:
# Just in case
members = []
policies = []
if self.args['pretend']:
return {'members': [member['Arn'] for member in members],
'policies': policies}
else:
if self.args['recursive']:
member_names = [member['UserName'] for member in members]
req = RemoveUserFromGroup.from_other(
self, GroupName=self.args['GroupName'],
user_names=member_names,
DelegateAccount=self.params['DelegateAccount'])
req.main()
for policy in policies:
req = DeleteGroupPolicy.from_other(
self, GroupName=self.args['GroupName'],
PolicyName=policy,
DelegateAccount=self.params['DelegateAccount'])
req.main()
return self.send()
def main(self):
if self.args['recursive'] or self.args['pretend']:
# Figure out what we'd have to delete
req = GetGroup(config=self.config,
service=self.service,
GroupName=self.args['GroupName'],
DelegateAccount=self.params['DelegateAccount'])
members = req.main().get('Users', [])
req = ListGroupPolicies(
config=self.config,
service=self.service,
GroupName=self.args['GroupName'],
DelegateAccount=self.params['DelegateAccount'])
policies = req.main().get('PolicyNames', [])
else:
# Just in case
members = []
policies = []
if self.args['pretend']:
return {
'members': [member['Arn'] for member in members],
'policies': policies
}
else:
if self.args['recursive']:
member_names = [member['UserName'] for member in members]
req = RemoveUserFromGroup(
config=self.config,
service=self.service,
GroupName=self.args['GroupName'],
user_names=member_names,
DelegateAccount=self.params['DelegateAccount'])
req.main()
for policy in policies:
req = DeleteGroupPolicy(
config=self.config,
service=self.service,
GroupName=self.args['GroupName'],
PolicyName=policy,
DelegateAccount=self.params['DelegateAccount'])
req.main()
return self.send()
def main(self):
if self.args['recursive'] or self.args['pretend']:
# Figure out what we'd have to delete
req = ListAccessKeys(
config=self.config,
service=self.service,
UserName=self.args['UserName'],
DelegateAccount=self.params['DelegateAccount'])
keys = req.main().get('AccessKeyMetadata', [])
req = ListUserPolicies(
config=self.config,
service=self.service,
UserName=self.args['UserName'],
DelegateAccount=self.params['DelegateAccount'])
policies = req.main().get('PolicyNames', [])
req = ListSigningCertificates(
config=self.config,
service=self.service,
UserName=self.args['UserName'],
DelegateAccount=self.params['DelegateAccount'])
certs = req.main().get('Certificates', [])
req = ListGroupsForUser(
config=self.config,
service=self.service,
UserName=self.args['UserName'],
DelegateAccount=self.params['DelegateAccount'])
groups = req.main().get('Groups', [])
req = GetLoginProfile(
config=self.config,
service=self.service,
UserName=self.args['UserName'],
DelegateAccount=self.params['DelegateAccount'])
try:
# This will raise an exception if no login profile is found.
req.main()
has_login_profile = True
except AWSError as err:
if err.code == 'NoSuchEntity':
# It doesn't exist
has_login_profile = False
else:
# Something else went wrong; not our problem
raise
else:
# Just in case
keys = []
policies = []
certs = []
groups = []
has_login_profile = False
if self.args['pretend']:
return {
'keys': keys,
'policies': policies,
'certificates': certs,
'groups': groups,
'has_login_profile': has_login_profile
}
else:
if self.args['recursive']:
for key in keys:
req = DeleteAccessKey(
config=self.config,
service=self.service,
UserName=self.args['UserName'],
AccessKeyId=key['AccessKeyId'],
DelegateAccount=self.params['DelegateAccount'])
req.main()
for policy in policies:
req = DeleteUserPolicy(
config=self.config,
service=self.service,
UserName=self.args['UserName'],
PolicyName=policy,
DelegateAccount=self.params['DelegateAccount'])
req.main()
for cert in certs:
req = DeleteSigningCertificate(
config=self.config,
service=self.service,
UserName=self.args['UserName'],
CertificateId=cert['CertificateId'],
DelegateAccount=self.params['DelegateAccount'])
req.main()
for group in groups:
req = RemoveUserFromGroup(
config=self.config,
service=self.service,
user_names=[self.args['UserName']],
GroupName=group['GroupName'],
DelegateAccount=self.params['DelegateAccount'])
req.main()
if has_login_profile:
req = DeleteLoginProfile(
config=self.config,
service=self.service,
UserName=self.args['UserName'],
DelegateAccount=self.params['DelegateAccount'])
req.main()
return self.send()
def main(self):
if self.args["recursive"] or self.args["pretend"]:
# Figure out what we'd have to delete
req = ListAccessKeys.from_other(
self, UserName=self.args["UserName"], DelegateAccount=self.params["DelegateAccount"]
)
keys = req.main().get("AccessKeyMetadata", [])
req = ListUserPolicies.from_other(
self, UserName=self.args["UserName"], DelegateAccount=self.params["DelegateAccount"]
)
policies = req.main().get("PolicyNames", [])
req = ListSigningCertificates.from_other(
self, UserName=self.args["UserName"], DelegateAccount=self.params["DelegateAccount"]
)
certs = req.main().get("Certificates", [])
req = ListGroupsForUser.from_other(
self, UserName=self.args["UserName"], DelegateAccount=self.params["DelegateAccount"]
)
groups = req.main().get("Groups", [])
req = GetLoginProfile.from_other(
self, UserName=self.args["UserName"], DelegateAccount=self.params["DelegateAccount"]
)
try:
# This will raise an exception if no login profile is found.
req.main()
has_login_profile = True
except AWSError as err:
if err.code == "NoSuchEntity":
# It doesn't exist
has_login_profile = False
else:
# Something else went wrong; not our problem
raise
else:
# Just in case
keys = []
policies = []
certs = []
groups = []
has_login_profile = False
if self.args["pretend"]:
return {
"keys": keys,
"policies": policies,
"certificates": certs,
"groups": groups,
"has_login_profile": has_login_profile,
}
else:
if self.args["recursive"]:
for key in keys:
req = DeleteAccessKey.from_other(
self,
UserName=self.args["UserName"],
AccessKeyId=key["AccessKeyId"],
DelegateAccount=self.params["DelegateAccount"],
)
req.main()
for policy in policies:
req = DeleteUserPolicy.from_other(
self,
UserName=self.args["UserName"],
PolicyName=policy,
DelegateAccount=self.params["DelegateAccount"],
)
req.main()
for cert in certs:
req = DeleteSigningCertificate.from_other(
self,
UserName=self.args["UserName"],
CertificateId=cert["CertificateId"],
DelegateAccount=self.params["DelegateAccount"],
)
req.main()
for group in groups:
req = RemoveUserFromGroup.from_other(
self,
user_names=[self.args["UserName"]],
GroupName=group["GroupName"],
DelegateAccount=self.params["DelegateAccount"],
)
req.main()
if has_login_profile:
req = DeleteLoginProfile.from_other(
self, UserName=self.args["UserName"], DelegateAccount=self.params["DelegateAccount"]
)
req.main()
return self.send()
def main(self):
if self.args['recursive'] or self.args['pretend']:
# Figure out what we'd have to delete
req = ListAccessKeys.from_other(
self, UserName=self.args['UserName'],
DelegateAccount=self.params['DelegateAccount'])
keys = req.main().get('AccessKeyMetadata', [])
req = ListUserPolicies.from_other(
self, UserName=self.args['UserName'],
DelegateAccount=self.params['DelegateAccount'])
policies = req.main().get('PolicyNames', [])
req = ListSigningCertificates.from_other(
self, UserName=self.args['UserName'],
DelegateAccount=self.params['DelegateAccount'])
certs = req.main().get('Certificates', [])
req = ListGroupsForUser.from_other(
self, UserName=self.args['UserName'],
DelegateAccount=self.params['DelegateAccount'])
groups = req.main().get('Groups', [])
req = GetLoginProfile.from_other(
self, UserName=self.args['UserName'],
DelegateAccount=self.params['DelegateAccount'])
try:
# This will raise an exception if no login profile is found.
req.main()
has_login_profile = True
except AWSError as err:
if err.code == 'NoSuchEntity':
# It doesn't exist
has_login_profile = False
else:
# Something else went wrong; not our problem
raise
else:
# Just in case
keys = []
policies = []
certs = []
groups = []
has_login_profile = False
if self.args['pretend']:
return {'keys': keys, 'policies': policies,
'certificates': certs, 'groups': groups,
'has_login_profile': has_login_profile}
else:
if self.args['recursive']:
for key in keys:
req = DeleteAccessKey.from_other(
self, UserName=self.args['UserName'],
AccessKeyId=key['AccessKeyId'],
DelegateAccount=self.params['DelegateAccount'])
req.main()
for policy in policies:
req = DeleteUserPolicy.from_other(
self, UserName=self.args['UserName'],
PolicyName=policy,
DelegateAccount=self.params['DelegateAccount'])
req.main()
for cert in certs:
req = DeleteSigningCertificate.from_other(
self, UserName=self.args['UserName'],
CertificateId=cert['CertificateId'],
DelegateAccount=self.params['DelegateAccount'])
req.main()
for group in groups:
req = RemoveUserFromGroup.from_other(
self, user_names=[self.args['UserName']],
GroupName=group['GroupName'],
DelegateAccount=self.params['DelegateAccount'])
req.main()
if has_login_profile:
req = DeleteLoginProfile.from_other(
self, UserName=self.args['UserName'],
DelegateAccount=self.params['DelegateAccount'])
req.main()
return self.send()
