List of usage examples for com.amazonaws.services.identitymanagement.model CreateUserRequest CreateUserRequest
public CreateUserRequest()
From source file:aws.example.iam.CreateUser.java
License:Open Source License
public static void main(String[] args) { final String USAGE = "To run this example, supply a username\n" + "Ex: CreateUser <username>\n"; if (args.length != 1) { System.out.println(USAGE); System.exit(1);//from ww w .jav a 2 s . co m } String username = args[0]; final AmazonIdentityManagement iam = AmazonIdentityManagementClientBuilder.defaultClient(); CreateUserRequest request = new CreateUserRequest().withUserName(username); CreateUserResult response = iam.createUser(request); System.out.println("Successfully created user: " + response.getUser().getUserName()); }
From source file:ch.cyberduck.core.iam.AmazonIdentityConfiguration.java
License:Open Source License
@Override public void create(final String username, final String policy, final LoginCallback prompt) throws BackgroundException { if (log.isInfoEnabled()) { log.info(String.format("Create user %s with policy %s", username, policy)); }/*from w w w.j a v a 2 s .co m*/ this.authenticated(new Authenticated<Void>() { @Override public Void call() throws BackgroundException { // Create new IAM credentials final AmazonIdentityManagementClient client = new AmazonIdentityManagementClient( new com.amazonaws.auth.AWSCredentials() { @Override public String getAWSAccessKeyId() { return host.getCredentials().getUsername(); } @Override public String getAWSSecretKey() { return host.getCredentials().getPassword(); } }, configuration); try { // Create new IAM credentials User user; try { user = client.createUser(new CreateUserRequest().withUserName(username)).getUser(); } catch (EntityAlreadyExistsException e) { user = client.getUser(new GetUserRequest().withUserName(username)).getUser(); } final CreateAccessKeyResult key = client .createAccessKey(new CreateAccessKeyRequest().withUserName(user.getUserName())); if (log.isDebugEnabled()) { log.debug(String.format("Created access key %s for user %s", key, username)); } // Write policy document to get read access client.putUserPolicy(new PutUserPolicyRequest(user.getUserName(), "Policy", policy)); // Map virtual user name to IAM access key final String id = key.getAccessKey().getAccessKeyId(); if (log.isInfoEnabled()) { log.info(String.format("Map user %s to access key %s", String.format("%s%s", prefix, username), id)); } PreferencesFactory.get().setProperty(String.format("%s%s", prefix, username), id); // Save secret PasswordStoreFactory.get().addPassword(host.getProtocol().getScheme(), host.getPort(), host.getHostname(), id, key.getAccessKey().getSecretAccessKey()); } catch (AmazonClientException e) { throw new AmazonServiceExceptionMappingService().map("Cannot write user configuration", e); } finally { client.shutdown(); } return null; } }, prompt); }
From source file:mail.server.storage.AWSStorageCreation.java
License:GNU General Public License
public Map<String, String> create(String email, String region) throws Exception { log.debug("I will now figure out what region to put things in", region); Region awsRegion = Region.valueOf(region); String awsRegionString = awsRegion.toString(); if (awsRegionString == null) awsRegionString = ""; String awsRegionStringEndPoint = awsRegionString.isEmpty() ? "s3.amazonaws.com" : ("s3-" + awsRegionString + ".amazonaws.com"); log.debug("I will now log in to S3 and the IdentityManagement to check these credentials."); SimpleAWSCredentials credentials = new SimpleAWSCredentials(awsAccessKeyId, awsSecretKey); AmazonS3 s3 = new AmazonS3Client(credentials); AmazonIdentityManagement im = new AmazonIdentityManagementClient(credentials); log.debug("Successfully logged into S3"); log.debug("I will now derive names for items"); deriveNames(generateBucketName(email)); log.debug("I will now try to:\n" + " 1. Create the S3 Bucket with name ", bucketName, "\n" + " 2. Create two IAM Identities for permissions -\n" + " ", writeIdentity, " to be sent to the mail server to be able to write to the mailbox.\n" + " ", writeIdentity, " to be stored in your configuration to enable the mail client to read and write mail.\n\n"); s3.setEndpoint(awsRegionStringEndPoint); s3.createBucket(bucketName, awsRegion); log.debug("Setting website configuration"); BucketWebsiteConfiguration bwc = new BucketWebsiteConfiguration("index.html"); s3.setBucketWebsiteConfiguration(bucketName, bwc); log.debug("Done"); log.debug("Enabling CORS"); CORSRule rule1 = new CORSRule().withId("CORSRule1") .withAllowedMethods(Arrays.asList(new CORSRule.AllowedMethods[] { CORSRule.AllowedMethods.GET, CORSRule.AllowedMethods.PUT, CORSRule.AllowedMethods.DELETE })) .withAllowedOrigins(Arrays.asList(new String[] { "*" })).withMaxAgeSeconds(3000) .withAllowedHeaders(Arrays.asList(new String[] { "*" })) .withExposedHeaders(Arrays.asList(new String[] { "ETag" })); BucketCrossOriginConfiguration cors = new BucketCrossOriginConfiguration(); cors.setRules(Arrays.asList(new CORSRule[] { rule1 })); s3.setBucketCrossOriginConfiguration(bucketName, cors); log.debug("Done"); log.format("Creating group %s ... ", groupName); im.createGroup(new CreateGroupRequest().withGroupName(groupName)); log.debug("Done"); log.format("Creating user %s ... ", writeIdentity); im.createUser(new CreateUserRequest().withUserName(writeIdentity)); log.debug("Done"); log.format("Adding user %s to group %s ... ", writeIdentity, groupName); im.addUserToGroup(new AddUserToGroupRequest().withGroupName(groupName).withUserName(writeIdentity)); log.debug("Done"); log.format("Creating user %s ... ", readWriteIdentity); im.createUser(new CreateUserRequest().withUserName(readWriteIdentity)); log.debug("Done"); log.format("Adding user %s to group %s ... ", readWriteIdentity, groupName); im.addUserToGroup(new AddUserToGroupRequest().withGroupName(groupName).withUserName(readWriteIdentity)); log.debug("Done"); log.format("Creating permissions for %s to write to bucket %s ... \n", writeIdentity, bucketName); String writePolicyRaw = "{ \n" + " #Statement#: [ \n" + " { \n" + " #Sid#: #SID#, \n" + " #Action#: [ \n" + " #s3:PutObject#, \n" + " #s3:PutObjectAcl# \n" + " ], \n" + " #Effect#: #Allow#, \n" + " #Resource#: [ \n" + " #arn:aws:s3:::BUCKET/*#\n" + " ] \n" + " } \n" + " ] \n" + "}\n"; String writePolicy = writePolicyRaw.replaceAll("#", "\"").replace("SID", policyWriteName).replace("BUCKET", bucketName);// ww w.j a v a 2s .c om // q.println ("Policy definition: " + writePolicy); im.putUserPolicy(new PutUserPolicyRequest().withUserName(writeIdentity).withPolicyDocument(writePolicy) .withPolicyName(policyWriteName)); log.debug("Done"); log.format("Creating permissions for %s to read/write to bucket %s ... \n", writeIdentity, bucketName); String readWritePolicyRaw = "{ \n" + " #Statement#: [ \n" + " { \n" + " #Sid#: #SID#, \n" + " #Action#: [ \n" + " #s3:PutObject#, \n" + " #s3:PutObjectAcl#, \n" + " #s3:DeleteObject#, \n" + " #s3:Get*#, \n" + " #s3:List*# \n" + " ], \n" + " #Effect#: #Allow#, \n" + " #Resource#: [ \n" + " #arn:aws:s3:::BUCKET/*#,\n" + " #arn:aws:s3:::BUCKET# \n" + " ] \n" + " } \n" + " ] \n" + "}\n"; String readWritePolicy = readWritePolicyRaw.replaceAll("#", "\"").replace("SID", policyReadWriteName) .replace("BUCKET", bucketName); // q.println ("Policy definition: " + readPolicy); im.putUserPolicy(new PutUserPolicyRequest().withUserName(readWriteIdentity) .withPolicyDocument(readWritePolicy).withPolicyName(policyReadWriteName)); log.debug("Done"); log.format("Requesting access key for %s", writeIdentity); writeAccessKey = im.createAccessKey(new CreateAccessKeyRequest().withUserName(writeIdentity)) .getAccessKey(); log.format("Received [%s] [%s] Done.\n", writeAccessKey.getAccessKeyId(), writeAccessKey.getSecretAccessKey()); log.format("Requesting access key for %s", readWriteIdentity); readWriteAccessKey = im.createAccessKey(new CreateAccessKeyRequest().withUserName(readWriteIdentity)) .getAccessKey(); log.format("Received [%s] [%s] Done.\n", readWriteAccessKey.getAccessKeyId(), readWriteAccessKey.getSecretAccessKey()); log.debug(); log.debug("I have finished the creating the S3 items.\n"); return Maps.toMap("bucketName", bucketName, "bucketRegion", awsRegionString, "writeAccessKey", writeAccessKey.getAccessKeyId(), "writeSecretKey", writeAccessKey.getSecretAccessKey(), "readWriteAccessKey", readWriteAccessKey.getAccessKeyId(), "readWriteSecretKey", readWriteAccessKey.getSecretAccessKey()); }
From source file:org.apache.usergrid.apm.service.ApplicationServiceImpl.java
License:Apache License
public AccessKey createAuthorizedAppPrinciple(Long applicationId, String orgAppName) { CreateUserRequest createUserRequest = new CreateUserRequest(); createUserRequest.setUserName(APP_PRINCIPLE_USER_PREFIX + "_" + orgAppName); createUserRequest.setRequestCredentials(awsCredentials); try {//from w w w . j a v a 2s . c om CreateUserResult createUserResult = identityManagementClient.createUser(createUserRequest); log.info("cloud user id for app with " + orgAppName + " created with " + createUserResult.getUser().getUserName()); CreateAccessKeyRequest accessKeyRequest = new CreateAccessKeyRequest(); accessKeyRequest.setUserName(createUserResult.getUser().getUserName()); CreateAccessKeyResult accessKeyResult = identityManagementClient.createAccessKey(accessKeyRequest); //Create policy of queue GetQueueAttributesRequest attributesRequest = new GetQueueAttributesRequest(); log.info("Going to secure sqs queue : " + AWSUtil.formFullQueueUrl(orgAppName)); attributesRequest.setQueueUrl(AWSUtil.formFullQueueUrl(orgAppName)); List<String> attributeNames = new ArrayList<String>(); attributeNames.add("QueueArn"); attributesRequest.setAttributeNames(attributeNames); GetQueueAttributesResult attributesResult = sqsClient.getQueueAttributes(attributesRequest); String queueArn = attributesResult.getAttributes().get("QueueArn"); String policy = POLICY_DOCUMENT_TEMPLATE.replace("QUEUE_ARN", queueArn); String formattedPolicy = String.format(POLICY_DOCUMENT_TEMPLATE, queueArn); log.info("Applying authorization for following AWS resources" + formattedPolicy); PutUserPolicyRequest policyRequest = new PutUserPolicyRequest(); policyRequest.setPolicyName(POLICY_NAME); policyRequest.setPolicyDocument(formattedPolicy); policyRequest.setUserName(createUserResult.getUser().getUserName()); identityManagementClient.putUserPolicy(policyRequest); log.info("User policy for queue " + queueArn + " was set"); return accessKeyResult.getAccessKey(); } catch (EntityAlreadyExistsException e) { log.error("This should not happen in production. Swallowing the error fow now " + e.getMessage()); log.error(e); return null; } }
From source file:org.applicationMigrator.userManagement.UserManagementWorker.java
License:Apache License
private void createUser(String ANDROID_ID) throws FileNotFoundException, IllegalArgumentException, IOException { Random randomizer = new Random(System.currentTimeMillis()); String userName = "User" + randomizer.nextDouble(); CreateUserRequest user = new CreateUserRequest(); user.setUserName(userName);//from w w w.j av a 2 s.c om AWSCredentials credentials = new PropertiesCredentials( new File("C:\\AndroidMigration\\Credentials\\AwsCredentials.properties")); AmazonIdentityManagementClient client = new AmazonIdentityManagementClient(credentials); CreateUserResult result = null; AccessKey accessKey = null; try { boolean userCreatedSuccessfully = false; while (!userCreatedSuccessfully) { try { result = client.createUser(user); userCreatedSuccessfully = true; } catch (EntityAlreadyExistsException exception) { user.setUserName(userName + randomizer.nextDouble()); userCreatedSuccessfully = false; } } CreateAccessKeyRequest accessKeyRequest = new CreateAccessKeyRequest(); accessKeyRequest.setUserName(result.getUser().getUserName()); CreateAccessKeyResult accessKeyResult = client.createAccessKey(accessKeyRequest); accessKey = accessKeyResult.getAccessKey(); grantPermissions(user, client); File userList = new File(USER_LIST_FILEPATH); BufferedWriter userListFileWriter = new BufferedWriter(new FileWriter(userList)); // Concurrency ? userListFileWriter.write(ANDROID_ID + " "); userListFileWriter.write(accessKey.getAccessKeyId() + " "); userListFileWriter.write(accessKey.getSecretAccessKey() + " "); userListFileWriter.write(user.getUserName() + " "); userListFileWriter.close(); } catch (Exception e) { if (accessKey != null) { DeleteAccessKeyRequest deleteAccessKeyRequest = new DeleteAccessKeyRequest( accessKey.getAccessKeyId()); deleteAccessKeyRequest.setUserName(user.getUserName()); client.deleteAccessKey(deleteAccessKeyRequest); DeleteUserRequest deleteUserRequest = new DeleteUserRequest(user.getUserName()); client.deleteUser(deleteUserRequest); } throw e; } }