def delete_ipa_user(iam_conn, user_name): """Delete user from FreeIPA if not already deleted. """ try: iamclient.delete_user(iam_conn=iam_conn, user_name=user_name) except exc.NotFoundError: pass
def delete(force, user_name): """Delete IAM user.""" iam_conn = awscontext.GLOBAL.iam if force: user_policies = iamclient.list_user_policies(iam_conn, user_name) for policy in user_policies: _LOGGER.info('deleting inline policy: %s', policy) iamclient.delete_user_policy(iam_conn, user_name, policy) attached_pols = iamclient.list_attached_user_policies( iam_conn, user_name) for policy in attached_pols: _LOGGER.info('detaching policy: %s', policy['PolicyArn']) iamclient.detach_user_policy(iam_conn, user_name, policy['PolicyArn']) groups = iamclient.list_groups_for_user(iam_conn, user_name) for group in groups: _LOGGER.info('removing user from group: %s', group) iamclient.remove_user_from_group(iam_conn, user_name, group) try: iamclient.delete_user(iam_conn=iam_conn, user_name=user_name) except iam_conn.exceptions.DeleteConflictException: raise click.UsageError('User [%s] has inline or attached ' 'policies, or is a member of one or ' 'more group, use --force to force ' 'delete.' % user_name)
def delete(force, user_name): """Delete IAM user.""" iam_conn = awscontext.GLOBAL.iam if force: user_policies = iamclient.list_user_policies(iam_conn, user_name) for policy in user_policies: _LOGGER.info('deleting role policy: %s', policy) iamclient.delete_user_policy(iam_conn, user_name, policy) attached_pols = iamclient.list_attached_user_policies(iam_conn, user_name) for policy in attached_pols: _LOGGER.info('detaching managed policy: %s', policy['PolicyName']) iamclient.detach_user_policy(iam_conn, user_name, policy['PolicyArn']) try: iamclient.delete_user(iam_conn=iam_conn, user_name=user_name) except iam_conn.exceptions.DeleteConflictException: raise click.UsageError('User [%s] has inline or attached ' 'policies, use --force to force ' 'delete.' % user_name)
def delete_iam_user(iam_conn, user_name): """Delete user from AWS IAM if not already deleted. """ try: iamclient.delete_user(iam_conn=iam_conn, user_name=user_name) except exc.NotFoundError: pass try: iamclient.delete_role(iam_conn=iam_conn, role_name=user_name) except exc.NotFoundError: pass
def delete_user(iam_conn, ipa_client, user_name): """Delete user from freeIPA and AWS IAM if not already deleted. """ try: iamclient.delete_user(iam_conn=iam_conn, user_name=user_name) except exc.NotFoundError: pass try: iamclient.delete_role(iam_conn=iam_conn, role_name=user_name) except exc.NotFoundError: pass try: ipa_client.delete_user(user_name=user_name) except ipaclient.NotFoundError: pass