def iam_delete_role(self, rolename):
try:
# response = setup_cli_iam(self.profile_name).get_instance_profile(
# InstanceProfileName=rolename
# )
setup_cli_iam(self.profile_name).delete_instance_profile(
InstanceProfileName=rolename)
setup_cli_iam(self.profile_name).delete_role(RoleName=rolename)
print(f"Role '{rolename}' Deleted")
except botocore.errorfactory.NoSuchEntityException:
print()
def iam_delete_user(self, username):
try:
group_count = IamModify.list_group_for_user(self, username)
if group_count == 0:
try:
response = setup_cli_iam(
self.profile_name).get_login_profile(UserName=username)
setup_cli_iam(self.profile_name).delete_login_profile(
UserName=username)
except Exception as e:
pass
try:
response1 = setup_cli_iam().list_attached_user_policies(
UserName=username, )
if len(response1['AttachedPolicies']) == 0:
setup_cli_iam(
self.profile_name).delete_user(UserName=username)
print(f"User '{username}' Deleted")
else:
for policy in response1['AttachedPolicies']:
IamModify.iam_detech_policy_from_user(
self, username, policy['PolicyArn'])
setup_cli_iam(
self.profile_name).delete_user(UserName=username)
print(f"User '{username}' Deleted")
except Exception as e:
print(e)
else:
print(
"User is attached to above group/s, please remove user from above group before deleting this user."
)
except Exception as e:
print(e)
def remove_user_from_group(self, groupname, username):
try:
response = setup_cli_iam(self.profile_name).remove_user_from_group(
GroupName=groupname, UserName=username)
print("User Successfully removed from the group.")
except Exception as e:
print(e)
def user_login_profile(self, username):
password = IamProvision(self.profile_name).create_random_password()
response = setup_cli_iam(self.profile_name).create_login_profile(
UserName=username,
Password = password,
PasswordResetRequired=True
)
print(f"Username: '******' with password : {password} is created.")
def iam_detech_policy_from_group(self, groupname, policyarn):
try:
response = setup_cli_iam(self.profile_name).detach_group_policy(
GroupName=groupname, PolicyArn=policyarn)
print("Policy detech from group")
except Exception as e:
print(e)
print("!!!! Enter Correct inputs.")
def iam_detech_policy_from_user(self, username, policyarn):
try:
response = setup_cli_iam(self.profile_name).detach_user_policy(
UserName=username, PolicyArn=policyarn)
print("Policy detech from user")
except Exception as e:
print(e)
print("!!!! Enter Correct inputs.")
def list_group_for_user(self, username):
response = setup_cli_iam(self.profile_name).list_groups_for_user(
UserName=username, )
group_count = len(response['Groups'])
for group in response['Groups']:
print(group['GroupName'])
return group_count
def add_user_to_group(self,groupname, username):
try:
output = setup_cli_iam(self.profile_name).add_user_to_group(
GroupName=groupname,
UserName=username
)
print("User added to the Group")
except Exception as e:
print(e)
def all_groups_user_dict(self):
paginator = setup_cli_iam(
self.profile_name).get_paginator('list_groups')
response_iterator = paginator.paginate()
for each_page in response_iterator:
for each_group in each_page['Groups']:
group_name = each_group['GroupName']
IamInventory(self.profile_name).list_iam_group(group_name)
return IamInventory(self.profile_name).user_group
def list_iam_group(self, group_name):
message_output = setup_cli_iam(self.profile_name).get_group(
GroupName=group_name, )
count = 1
for each_user in message_output['Users']:
IamInventory(self.profile_name).user_group[
each_user['UserName']] = group_name
count += 1
return IamInventory(self.profile_name).user_group
def add_policy_to_user(self,username,policyarn):
try:
output = setup_cli_iam(self.profile_name).attach_user_policy(
UserName=username,
PolicyArn=policyarn
)
print("Policy added to the User")
except Exception as e:
print(e)
def attach_policy_to_group(self, groupname, policy_arn):
try:
message_output = setup_cli_iam(self.profile_name).attach_group_policy(
GroupName=groupname,
PolicyArn=policy_arn
)
print(f"Policy attached to {groupname}.....")
except Exception as e:
print(e)
def list_iam_groups(self):
paginator = setup_cli_iam(
self.profile_name).get_paginator('list_groups')
response_iterator = paginator.paginate()
count = 1
print("\nGroup information is as follows:\n")
for each_page in response_iterator:
for each_group in each_page['Groups']:
print(f"{count}. {each_group['GroupName']}")
count += 1
def create_group(self, groupname):
try:
message_output = setup_cli_iam(self.profile_name).create_group(
#Path='string',
GroupName=groupname
)
output = f"Group '{message_output['Group']['GroupName']}' created"
except Exception as e:
print(e)
return output
def list_group_policies(self, groupname):
response = setup_cli_iam(
self.profile_name).list_attached_group_policies(
GroupName=groupname, )
policy_count = len(response['AttachedPolicies'])
if policy_count > 0:
policy_list = []
for arn in response['AttachedPolicies']:
policy_list.append(arn['PolicyArn'])
return policy_list
else:
return policy_count
def iam_delete_group(self, groupname):
try:
response1 = setup_cli_iam(self.profile_name).get_group(
GroupName=groupname, )
if len(response1['Users']) == 0:
x = iam_list.IamInventory.list_group_policies(self, groupname)
if x == 0:
response2 = setup_cli_iam(
self.profile_name).delete_group(GroupName=groupname)
else:
for policyarn in x:
IamModify.iam_detech_policy_from_group(
self, groupname, policyarn)
response3 = setup_cli_iam(
self.profile_name).delete_group(GroupName=groupname)
print(f"Group '{groupname}' Deleted")
else:
print("Removed attached user before deleting the group")
except Exception as e:
print(e)
def list_iam_users(self):
paginator = setup_cli_iam(
self.profile_name).get_paginator('list_users')
message_output = paginator.paginate()
user_group = IamInventory(self.profile_name).all_groups_user_dict()
count = 1
print("\nUser information is as follows:\n")
for each_page in message_output:
for each_user in each_page['Users']:
print(
f"{count}. UserName : {each_user['UserName']}, UserId : {each_user['UserId']}, "
f"Group Name: {user_group.get(each_user['UserName'])}, "
f"CreationDate : {each_user['CreateDate'].strftime('%d-%b-%Y')}, "
)
count += 1
def list_all_roles(self):
try:
paginator = setup_cli_iam(
self.profile_name).get_paginator('list_roles')
response_iterator = paginator.paginate()
print(
"Requested Roles information is as follows:\nRole Name, Role Id, Role Arn\n"
)
count = 1
for page in response_iterator:
for role in page["Roles"]:
print(
f"{count}. {role['RoleName']}, {role['RoleId']}, {role['Arn']}"
)
count += 1
except Exception as e:
print(e)
def create_user(self, username):
try:
message_output = setup_cli_iam(self.profile_name).create_user(
UserName=username,
#PermissionsBoundary='string',
# Tags=[
# {
# 'Key': 'string',
# 'Value': 'string'
# },
#]
)
output = f"User/User Id : {message_output['User']['UserName']}/{message_output['User']['UserId']} Created."
except Exception as e:
print(e)
#print(output)
return username
def list_all_policies(self, pattern_to_filter="all"):
try:
paginator = setup_cli_iam(
self.profile_name).get_paginator('list_policies')
response_iterator = paginator.paginate()
count = 1
filter = pattern_to_filter.lower()
print("\nUser Policy information is as follows:\n")
for each_policy in response_iterator:
for policy in each_policy['Policies']:
if pattern_to_filter != "all":
x = re.search(filter, policy['PolicyName'].lower())
if x is not None:
print(
f"{count}. {policy['PolicyName']} | {policy['Arn']}"
)
count += 1
else:
print(
f"{count}. {policy['PolicyName']} | {policy['Arn']}"
)
count += 1
except Exception as e:
print(e)
