def delete_access_key(self, kwargs):
"""Delete access key if access key exists."""
try:
self.access_keys.pop(kwargs['AccessKeyId'])
except KeyError:
self._access_key_not_found(kwargs['AccessKeyId'],
'DeleteAccessKey')
return responses.generic_response()
def delete_login_profile(self, kwargs):
"""Delete login profile (password) from user if users has password."""
self._check_user_exists(kwargs['UserName'], 'DeleteLoginProfile')
user = self.users[kwargs['UserName']]
self._check_login_profile_exists(user, 'DeleteLoginProfile')
user.delete_login_profile()
return responses.generic_response()
def delete_login_profile(self, kwargs):
"""Delete login profile (password) from user if users has password."""
self._check_user_exists(kwargs['UserName'], 'DeleteLoginProfile')
user = self.users[kwargs['UserName']]
self._check_login_profile_exists(user, 'DeleteLoginProfile')
user.delete_login_profile()
return responses.generic_response()
def delete_access_key(self, kwargs):
"""Delete access key if access key exists."""
try:
self.access_keys.pop(kwargs['AccessKeyId'])
except KeyError:
self._access_key_not_found(kwargs['AccessKeyId'],
'DeleteAccessKey')
return responses.generic_response()
def update_access_key(self, kwargs):
try:
access_key = self.access_keys.get(kwargs['AccessKeyId'])
except KeyError:
self._access_key_not_found(kwargs['AccessKeyId'],
'UpdateAccessKey')
access_key.status = kwargs['Status']
return responses.generic_response()
def update_access_key(self, kwargs):
try:
access_key = self.access_keys.get(kwargs['AccessKeyId'])
except KeyError:
self._access_key_not_found(kwargs['AccessKeyId'],
'UpdateAccessKey')
access_key.status = kwargs['Status']
return responses.generic_response()
def delete_user(self, kwargs):
"""Delete user if user exists."""
self._check_user_exists(kwargs['UserName'], 'DeleteUser')
for group in self.groups:
if kwargs['UserName'] in group.users:
group.remove_user(kwargs['UserName'])
self.users.pop(kwargs['UserName'], None)
return responses.generic_response()
def delete_signing_certificate(self, kwargs):
"""Delete signing cert if cert exists."""
self._check_user_exists(kwargs['UserName'], 'DeleteSigningCertificate')
self._check_signing_certificate_exists(kwargs['UserName'],
kwargs['CertificateId'],
'DeleteSigningCertificate')
user = self.users[kwargs['UserName']]
user.delete_signing_certificate(kwargs['CertificateId'])
return responses.generic_response()
def delete_group(self, kwargs):
"""Delete group if group exists."""
self._check_group_exists(kwargs['GroupName'], 'DeleteGroup')
for key, user in self.users.items():
if kwargs['GroupName'] in user.groups:
user.remove_group(kwargs['GroupName'])
self.groups.pop(kwargs['GroupName'], None)
return responses.generic_response()
def attach_user_policy(self, kwargs):
self._check_user_exists(kwargs['UserName'], 'AttachUserPolicy')
user = self.users[kwargs['UserName']]
policy_name = get_value_from_arn(kwargs['PolicyArn'])
policy = self._check_policy_exists(policy_name, 'AttachUserPolicy')
user.attach_policy(policy_name)
policy.attach_user(user.username)
return responses.generic_response()
def attach_user_policy(self, kwargs):
self._check_user_exists(kwargs['UserName'], 'AttachUserPolicy')
user = self.users[kwargs['UserName']]
policy_name = get_value_from_arn(kwargs['PolicyArn'])
policy = self._check_policy_exists(policy_name, 'AttachUserPolicy')
user.attach_policy(policy_name)
policy.attach_user(user.username)
return responses.generic_response()
def delete_user(self, kwargs):
"""Delete user if user exists."""
self._check_user_exists(kwargs['UserName'], 'DeleteUser')
for group in self.groups:
if kwargs['UserName'] in group.users:
group.remove_user(kwargs['UserName'])
self.users.pop(kwargs['UserName'], None)
return responses.generic_response()
def delete_group(self, kwargs):
"""Delete group if group exists."""
self._check_group_exists(kwargs['GroupName'], 'DeleteGroup')
for key, user in self.users.items():
if kwargs['GroupName'] in user.groups:
user.remove_group(kwargs['GroupName'])
self.groups.pop(kwargs['GroupName'], None)
return responses.generic_response()
def delete_signing_certificate(self, kwargs):
"""Delete signing cert if cert exists."""
self._check_user_exists(kwargs['UserName'], 'DeleteSigningCertificate')
self._check_signing_certificate_exists(kwargs['UserName'],
kwargs['CertificateId'],
'DeleteSigningCertificate')
user = self.users[kwargs['UserName']]
user.delete_signing_certificate(kwargs['CertificateId'])
return responses.generic_response()
def update_signing_certificate(self, kwargs):
"""Update signing certificate status."""
self._check_user_exists(kwargs['UserName'], 'UpdateSigningCertificate')
self._check_signing_certificate_exists(kwargs['UserName'],
kwargs['CertificateId'],
'UpdateSigningCertificate')
user = self.users[kwargs['UserName']]
user.update_signing_certificate(kwargs['CertificateId'],
kwargs['Status'])
return responses.generic_response()
def remove_user_from_group(self, kwargs):
"""Remove user from group if user exists."""
self._check_user_exists(kwargs['UserName'], 'RemoveUserFromGroup')
self._check_group_exists(kwargs['GroupName'], 'RemoveUserFromGroup')
group = self.groups[kwargs['GroupName']]
user = self.users[kwargs['UserName']]
group.remove_user(kwargs['UserName'])
user.remove_group(kwargs['GroupName'])
return responses.generic_response()
def remove_user_from_group(self, kwargs):
"""Remove user from group if user exists."""
self._check_user_exists(kwargs['UserName'], 'RemoveUserFromGroup')
self._check_group_exists(kwargs['GroupName'], 'RemoveUserFromGroup')
group = self.groups[kwargs['GroupName']]
user = self.users[kwargs['UserName']]
group.remove_user(kwargs['UserName'])
user.remove_group(kwargs['GroupName'])
return responses.generic_response()
def update_signing_certificate(self, kwargs):
"""Update signing certificate status."""
self._check_user_exists(kwargs['UserName'], 'UpdateSigningCertificate')
self._check_signing_certificate_exists(kwargs['UserName'],
kwargs['CertificateId'],
'UpdateSigningCertificate')
user = self.users[kwargs['UserName']]
user.update_signing_certificate(kwargs['CertificateId'],
kwargs['Status'])
return responses.generic_response()
def update_login_profile(self, kwargs):
"""Update login profile for user."""
self._check_user_exists(kwargs['UserName'], 'UpdateLoginProfile')
user = self.users[kwargs['UserName']]
self._check_login_profile_exists(user, 'UpdateLoginProfile')
reset_required = kwargs.get('PasswordResetRequired', None)
password = kwargs.get('Password', None)
user.update_login_profile(password=password,
reset_required=reset_required)
return responses.generic_response()
def detach_user_policy(self, kwargs):
"""Detach user policy if policy exists."""
self._check_user_exists(kwargs['UserName'], 'DetachUserPolicy')
user = self.users[kwargs['UserName']]
policy_name = get_value_from_arn(kwargs['PolicyArn'])
self._check_user_has_policy(policy_name, user, 'DetachUserPolicy')
policy = self._check_policy_exists(policy_name, 'DetachUserPolicy')
user.detach_policy(policy_name)
policy.detach_user(user.username)
return responses.generic_response()
def detach_user_policy(self, kwargs):
"""Detach user policy if policy exists."""
self._check_user_exists(kwargs['UserName'], 'DetachUserPolicy')
user = self.users[kwargs['UserName']]
policy_name = get_value_from_arn(kwargs['PolicyArn'])
self._check_user_has_policy(policy_name, user, 'DetachUserPolicy')
policy = self._check_policy_exists(policy_name, 'DetachUserPolicy')
user.detach_policy(policy_name)
policy.detach_user(user.username)
return responses.generic_response()
def update_login_profile(self, kwargs):
"""Update login profile for user."""
self._check_user_exists(kwargs['UserName'], 'UpdateLoginProfile')
user = self.users[kwargs['UserName']]
self._check_login_profile_exists(user, 'UpdateLoginProfile')
reset_required = kwargs.get('PasswordResetRequired', None)
password = kwargs.get('Password', None)
user.update_login_profile(password=password,
reset_required=reset_required)
return responses.generic_response()
def deactivate_mfa_device(self, kwargs):
"""Deactivate and detach MFA Device from user if device exists."""
self._check_user_exists(kwargs['UserName'], 'DeactivateMFADevice')
user = self.users[kwargs['UserName']]
if kwargs['SerialNumber'] not in user.mfa_devices:
raise client_error(
'DeactivateMFADevice', 'NoSuchEntity',
'Device with serial number %s cannot '
'be found.' % kwargs['SerialNumber'])
user.deactivate_mfa_device(kwargs['SerialNumber'])
return responses.generic_response()
def deactivate_mfa_device(self, kwargs):
"""Deactivate and detach MFA Device from user if device exists."""
self._check_user_exists(kwargs['UserName'], 'DeactivateMFADevice')
user = self.users[kwargs['UserName']]
if kwargs['SerialNumber'] not in user.mfa_devices:
raise client_error('DeactivateMFADevice',
'NoSuchEntity',
'Device with serial number %s cannot '
'be found.' % kwargs['SerialNumber'])
user.deactivate_mfa_device(kwargs['SerialNumber'])
return responses.generic_response()
def enable_mfa_device(self, kwargs):
"""Enable MFA Device for user."""
self._check_user_exists(kwargs['UserName'], 'EnableMFADevice')
user = self.users[kwargs['UserName']]
if kwargs['SerialNumber'] in user.mfa_devices:
raise client_error('EnableMFADevice',
'EntityAlreadyExists',
'Device with serial number %s already '
'exists.' % kwargs['SerialNumber'])
user.enable_mfa_device(kwargs['SerialNumber'])
return responses.generic_response()
def enable_mfa_device(self, kwargs):
"""Enable MFA Device for user."""
self._check_user_exists(kwargs['UserName'], 'EnableMFADevice')
user = self.users[kwargs['UserName']]
if kwargs['SerialNumber'] in user.mfa_devices:
raise client_error(
'EnableMFADevice', 'EntityAlreadyExists',
'Device with serial number %s already '
'exists.' % kwargs['SerialNumber'])
user.enable_mfa_device(kwargs['SerialNumber'])
return responses.generic_response()
