List of usage examples for com.amazonaws.services.identitymanagement AmazonIdentityManagementClient getUser
@Override
public GetUserResult getUser()
From source file:awslabs.lab41.SolutionCode.java
License:Open Source License
@Override public String prepMode_GetUserArn(AmazonIdentityManagementClient iamClient, String userName) { String userArn = null;//ww w. j av a2s . c o m // Construct a GetUserRequest object using the provided user name. GetUserRequest getUserRequest = new GetUserRequest().withUserName(userName); // Submit the request using the getUser method of the iamClient object. userArn = iamClient.getUser(getUserRequest).getUser().getArn(); // Return the ARN representing the IAM user. return userArn; }
From source file:ch.cyberduck.core.iam.AmazonIdentityConfiguration.java
License:Open Source License
@Override public void create(final String username, final String policy, final LoginCallback prompt) throws BackgroundException { if (log.isInfoEnabled()) { log.info(String.format("Create user %s with policy %s", username, policy)); }/*w w w. j a v a2s . c om*/ this.authenticated(new Authenticated<Void>() { @Override public Void call() throws BackgroundException { // Create new IAM credentials final AmazonIdentityManagementClient client = new AmazonIdentityManagementClient( new com.amazonaws.auth.AWSCredentials() { @Override public String getAWSAccessKeyId() { return host.getCredentials().getUsername(); } @Override public String getAWSSecretKey() { return host.getCredentials().getPassword(); } }, configuration); try { // Create new IAM credentials User user; try { user = client.createUser(new CreateUserRequest().withUserName(username)).getUser(); } catch (EntityAlreadyExistsException e) { user = client.getUser(new GetUserRequest().withUserName(username)).getUser(); } final CreateAccessKeyResult key = client .createAccessKey(new CreateAccessKeyRequest().withUserName(user.getUserName())); if (log.isDebugEnabled()) { log.debug(String.format("Created access key %s for user %s", key, username)); } // Write policy document to get read access client.putUserPolicy(new PutUserPolicyRequest(user.getUserName(), "Policy", policy)); // Map virtual user name to IAM access key final String id = key.getAccessKey().getAccessKeyId(); if (log.isInfoEnabled()) { log.info(String.format("Map user %s to access key %s", String.format("%s%s", prefix, username), id)); } PreferencesFactory.get().setProperty(String.format("%s%s", prefix, username), id); // Save secret PasswordStoreFactory.get().addPassword(host.getProtocol().getScheme(), host.getPort(), host.getHostname(), id, key.getAccessKey().getSecretAccessKey()); } catch (AmazonClientException e) { throw new AmazonServiceExceptionMappingService().map("Cannot write user configuration", e); } finally { client.shutdown(); } return null; } }, prompt); }
From source file:com.mweagle.tereus.commands.pipelines.AWSEvaluationPipeline.java
License:Open Source License
protected void publishGlobals(ScriptEngine engine) { // Stuff the arguments in there... Supplier<String> fnAWSInfo = () -> { final Map<String, String> creds = new HashMap<>(); creds.put("accessKeyId", this.getAwsCredentials().getAWSAccessKeyId()); creds.put("secretAccessKey", this.getAwsCredentials().getAWSSecretKey()); final Map<String, Object> awsInfo = new HashMap<>(); awsInfo.put("credentials", creds); awsInfo.put("region", this.getRegion().toString()); Gson gson = new Gson(); return gson.toJson(awsInfo); };/*from w w w. j a v a 2s . com*/ engine.put("AWSInfoImpl", fnAWSInfo); // User information final AmazonIdentityManagementClient client = new AmazonIdentityManagementClient(); final GetUserResult result = client.getUser(); engine.put("UserInfoImpl", result); // And the logger engine.put("logger", this.logger); }
From source file:com.vmware.photon.controller.model.adapters.awsadapter.AWSEndpointAdapterService.java
License:Open Source License
/** * Method gets the aws accountId from the specified credentials. * * @param privateKeyId/*from www . j a v a 2s .co m*/ * @param privateKey * @return account ID */ private String getAccountId(String privateKeyId, String privateKey) { AWSCredentials awsCredentials = new BasicAWSCredentials(privateKeyId, privateKey); AmazonIdentityManagementClient iamClient = new AmazonIdentityManagementClient(awsCredentials); String userId = null; try { if ((iamClient.getUser() != null) && (iamClient.getUser().getUser() != null) && (iamClient.getUser().getUser().getArn() != null)) { String arn = iamClient.getUser().getUser().getArn(); /* * arn:aws:service:region:account:resource -> so limiting the split to 6 words and * extracting the accountId which is 5th one in list. If the user is not authorized * to perform iam:GetUser on that resource,still error mesage will have accountId */ userId = arn.split(":", 6)[4]; } } catch (AmazonServiceException ex) { if (ex.getErrorCode().compareTo("AccessDenied") == 0) { String msg = ex.getMessage(); userId = msg.split(":", 7)[5]; } } return userId; }
From source file:org.elasticdroid.model.LoginModel.java
License:Open Source License
public Object performLogin(String... params) { //we need username, accessKey, secretAccessKey if (params.length != 3) { Log.e(this.getClass().getName(), "Need 3 params."); //TODO do something better. return null; }// w w w .j a v a 2s .co m //create credentials using the BasicAWSCredentials class BasicAWSCredentials credentials = new BasicAWSCredentials(params[1], params[2]); //create an IAM client AmazonIdentityManagementClient idManagementClient = new AmazonIdentityManagementClient(credentials); User userData = null; Log.v(this.getClass().getName(), "Executing performLogin AsyncTask..."); try { userData = idManagementClient.getUser().getUser();//ensure the user ID is //matched to the access and secret access keys } catch (AmazonServiceException amazonServiceException) { //if an error response is returned by AmazonIdentityManagement indicating either a //problem with the data in the request, or a server side issue. Log.e(this.getClass().getName(), "Exception:" + amazonServiceException.getMessage()); return amazonServiceException; } catch (AmazonClientException amazonClientException) { //If any internal errors are encountered inside the client while attempting to make //the request or handle the response. For example if a network connection is not available. Log.e(this.getClass().getName(), "Exception:" + amazonClientException.getMessage()); return amazonClientException; } //if we get here, the userData variable has been initialised. //check if the user name specified by the user corresponds to the //user name associated with the acess and secret access keys specified String username = userData.getUserName(); if (username != null) { //this is an IAM username if (!username.equals(params[0])) { /*Log.e(this.getClass().getName(), "Username " + params[0] + ", " + userData. getUserName() + " does not correspond to access and secret access key!");*/ //return *not throw* an illegalArgumentException, because this is a different thread. return new IllegalArgumentException( "Username does not correspond to access and " + "secret access key!"); } } else { //this is a proper AWS account, and not an IAM username. //check if the username is a proper email address. Java regexes look +vely awful! Pattern emailPattern = Pattern.compile("^[\\w\\.-]+@([\\w\\-]+\\.)+[A-Z]{2,4}$", Pattern.CASE_INSENSITIVE); //if this is not an email address if (!emailPattern.matcher(params[0]).matches()) { return new IllegalArgumentException( "Username is an AWS account. Please enter a" + " valid email address."); } } /*writing to DB*/ // if we get here, then write the data to the DB ElasticDroidDB elasticDroidDB = new ElasticDroidDB(activity); //open the database for writing SQLiteDatabase db = elasticDroidDB.getWritableDatabase(); ContentValues rowValues = new ContentValues(); //check if the username already exists //set the data to write rowValues.put(LoginTbl.COL_USERNAME, params[0]); rowValues.put(LoginTbl.COL_ACCESSKEY, params[1]); rowValues.put(LoginTbl.COL_SECRETACCESSKEY, params[2]); //if data is found, update. if (db.query(LoginTbl.TBL_NAME, new String[] {}, LoginTbl.COL_USERNAME + "=?", new String[] { params[0] }, null, null, null).getCount() != 0) { try { db.update(LoginTbl.TBL_NAME, rowValues, LoginTbl.COL_USERNAME + "=?", new String[] { params[0] }); } catch (SQLException sqlException) { Log.e(this.getClass().getName(), "SQLException: " + sqlException.getMessage()); return sqlException; //return the exception for the View to process. } finally { db.close(); } } else { //now write the data in, replacing if necessary! try { db.insertOrThrow(LoginTbl.TBL_NAME, null, rowValues); } catch (SQLException sqlException) { Log.e(this.getClass().getName(), "SQLException: " + sqlException.getMessage()); return sqlException; //return the exception for the View to process. } finally { db.close(); } } return true; }