예제 #1
0
def create_group(module=None, iam=None, name=None, path=None):
    changed = False
    try:
        iam.create_group(
            name, path).create_group_response.create_group_result.group
    except boto.exception.BotoServerError, err:
        module.fail_json(changed=changed, msg=str(err))
예제 #2
0
파일: iam.py 프로젝트: RajeevNambiar/temp
def create_group(module=None, iam=None, name=None, path=None):
    changed = False
    try:
        iam.create_group(
            name, path).create_group_response.create_group_result.group
    except boto.exception.BotoServerError, err:
        module.fail_json(changed=changed, msg=str(err))
예제 #3
0
def create_users():
    try:
        iam.create_group(group)
    except boto.exception.BotoServerError as e:
        if e.code == 'EntityAlreadyExists':
            print e.message + " Will overwrite."
        else:
            print "Exception: %s" % str(e)
            exit(1)

    # attach policy to group
    # security policy: allows access to everything but IAM
    # if the IAM lab is included in the day, then remove the line "NotAction": "iam:*",
    policy = '''{
      "Version": "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "NotAction": "iam:*",
          "Resource": "*"
        }
      ]
    }'''
    iam.put_group_policy(group, policy_name, policy)

    # add users to group
    with open(DATA_FILE_NAME, 'rU') as data_file:
        user_reader = csv.reader(data_file)
        for row in user_reader:
            user, password = row[0], row[1]
            try:
                iam.create_user(user)
                iam.create_login_profile(user, password)
                iam.add_user_to_group(group, user)
                print("Added " + user)
            except boto.exception.BotoServerError as e:
                print "Problems creating %s.  Exiting due to error: %s" % (
                    user, str(e.message))
                exit(1)

    print "Users created.  They can login to the AWS Console using this link: " + iam.get_signin_url(
    )
예제 #4
0
def create_users():
    try:
        iam.create_group(group)
    except boto.exception.BotoServerError as e:
        if e.code == 'EntityAlreadyExists':
            print e.message + " Will overwrite."
        else:
            print "Exception: %s" % str(e)
            exit(1)

    # attach policy to group
    # security policy: allows access to everything but IAM
    # if the IAM lab is included in the day, then remove the line "NotAction": "iam:*",
    policy = '''{
      "Version": "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "NotAction": "iam:*",
          "Resource": "*"
        }
      ]
    }'''
    iam.put_group_policy(group, policy_name, policy)


    # add users to group
    with open(DATA_FILE_NAME, 'rU') as data_file:
        user_reader = csv.reader(data_file)
        for row in user_reader:
            user, password = row[0], row[1]
            try:
                iam.create_user(user)
                iam.create_login_profile(user, password)
                iam.add_user_to_group(group, user)
                print("Added " + user)
            except boto.exception.BotoServerError as e:
                print "Problems creating %s.  Exiting due to error: %s" % (user, str(e.message))
                exit(1)

    print "Users created.  They can login to the AWS Console using this link: " + iam.get_signin_url()
예제 #5
0
def create_group(iam, name, path):
    iam.create_group(
        name, path).create_group_response.create_group_result.group
    changed = True
    return name, changed