NAME
Net::Amazon::IAM - Perl interface to the Amazon Identity and Access Management.
VERSION
This is Net::Amazon::IAM version 0.01
IAM Query API version: '2010-05-08'
SYNOPSIS
use Net::Amazon::IAM;
my $iam = Net::Amazon::IAM->new(
AWSAccessKeyId => 'PUBLIC_KEY_HERE',
SecretAccessKey => 'SECRET_KEY_HERE'
);
# create new user
my $user = $iam->create_user (
UserName => 'testuser',
Path => '/path/to/test/user/',
);
# delete user
my $delete = $iam->delete_user(UserName => 'testuser');
if($delete->isa("Net::Amazon::IAM::Error")) {
print Dumper $delete;
}else{
print "User was successfuly deleted\n";
}
# add policy to user
my $policy_document = {
Version => '2012-10-17',
Statement => [
{
Effect => 'Allow',
Action => [
's3:Get*',
's3:List*',
],
Resource => [
'arn:aws:s3:::sometestbucket',
'arn:aws:s3:::sometestbucket/*',
],
},
],
};my $policy = $iam->put_user_policy ( PolicyName => 'somtestpolicy', UserName => 'sometestuser', PolicyDocument => $policy_document, );
if($policy->isa("Net::Amazon::IAM::Error")) {
print Dumper $policy;
}else{
print "Policy was added\n";
}If an error occurs while communicating with IAM, these methods will throw a Net::Amazon::IAM::Error exception.
DESCRIPTION
This module is a Perl interface to Amazon's Identity and Access Management (IAM). It uses the Query API to communicate with Amazon's Web Services framework.
CLASS METHODS
new(%params)
This is the constructor, it will return you a Net::Amazon::IAM object to work with. It takes these parameters:
- AWSAccessKeyId (required)
-
Your AWS access key.
- SecretAccessKey (required)
-
Your secret key, WARNING! don't give this out or someone will be able to use your account and incur charges on your behalf.
- debug (optional)
-
A flag to turn on debugging. Among other useful things, it will make the failing api calls print a stack trace. It is turned off by default.
create_user(%params)
Create new IAM user
Returns a Net::Amazon::IAM::User object on success or Net::Amazon::IAM::Error on fail.
delete_user(%params)
Delete IAM User
Returns true on success or Net::Amazon::IAM::Error on fail.
get_user(%params)
Get IAM user details
Returns a Net::Amazon::IAM::User object on success or Net::Amazon::IAM::Error on fail.
update_user(%params)
Updates the name and/or the path of the specified user.
- UserName (required)
-
Name of the user to update. If you're changing the name of the user, this is the original user name.
- NewPath (optional)
-
New path for the user. Include this parameter only if you're changing the user's path.
- NewUserName (optional)
-
New name for the user. Include this parameter only if you're changing the user's name.
Returns true on success or Net::Amazon::IAM::Error on fail.
add_user_to_group(%params)
Adds the specified user to the specified group.
- GroupName (required)
-
The name of the group to update.
- UserName (required)
-
The name of the user to add.
Returns true on success or Net::Amazon::IAM::Error on fail.
remove_user_from_group(%params)
Removes the specified user from the specified group.
- GroupName (required)
-
The name of the group to update.
- UserName (required)
-
The name of the user to remove.
Returns true on success or Net::Amazon::IAM::Error on fail.
create_group(%params)
Creates a new group.
Returns Net::Amazon::IAM::Group object on success or Net::Amazon::IAM::Error on fail.
get_group(%params)
Returns group details and list of users that are in the specified group.
Returns Net::Amazon::IAM::Group object on success or Net::Amazon::IAM::Error on fail. If there one or more users in specified group, Net::Amazon::IAM::Group object will containt Users attribute wich is ArrayRef of Net::Amazon::IAM::User objects
delete_group(%params)
Deletes the specified group. The group must not contain any users or have any attached policies.
Returns true on success or Net::Amazon::IAM::Error on fail.
create_policy(%params)
Creates a new managed policy for your AWS account.
- PolicyName (required)
-
The name of the policy document.
- PolicyDocument (required)
-
The policy document.
- Description (optional)
-
A friendly description of the policy.
- Path (optional)
-
The path for the policy.
Returns Net::Amazon::IAM::Policy object on success or Net::Amazon::IAM::Error on fail.
get_policy(%params)
Retrieves information about the specified managed policy.
Returns Net::Amazon::IAM::Policy object on success or Net::Amazon::IAM::Error on fail.
delete_policy(%params)
Deletes the specified managed policy.
Returns true on success or Net::Amazon::IAM::Error on fail.
put_user_policy(%params)
Deletes the specified managed policy.
- PolicyDocument (required)
-
The policy document. Must be HashRef.
- PolicyName (required)
-
The name of the policy document.
- UserName (required)
-
The name of the user to associate the policy with.
Returns true on success or Net::Amazon::IAM::Error on fail.
get_user_policy(%params)
Retrieves the specified inline policy document that is embedded in the specified user.
- PolicyName (required)
-
The name of the policy document to get.
- UserName (required)
-
The name of the user who the policy is associated with.
Returns Net::Amazon::IAM::UserPolicy object on success or Net::Amazon::IAM::Error on fail.
delete_user_policy(%params)
Deletes the specified inline policy that is embedded in the specified user.
- PolicyName (required)
-
The name identifying the policy document to delete.
- UserName (required)
-
The name (friendly name, not ARN) identifying the user that the policy is embedded in.
Returns true on success or Net::Amazon::IAM::Error on fail.
create_access_key(%params)
Creates a new AWS secret access key and corresponding AWS access key ID for the specified user. The default status for new keys is Active. If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request. Because this action works for access keys under the AWS account, you can use this action to manage root credentials even if the AWS account has no associated users.
Important: To ensure the security of your AWS account, the secret access key is accessible only during key and user creation. You must save the key (for example, in a text file) if you want to be able to access it again. If a secret key is lost, you can delete the access keys for the associated user and then create new keys.
Returns Net::Amazon::IAM::AccessKey object on success or Net::Amazon::IAM::Error on fail.
delete_access_key(%params)
Deletes the access key associated with the specified user.
If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request. Because this action works for access keys under the AWS account, you can use this action to manage root credentials even if the AWS account has no associated users.
- AccessKeyId (required)
-
The access key ID for the access key ID and secret access key you want to delete.
- UserName (optional)
-
The name of the user whose key you want to delete.
Returns true on success or Net::Amazon::IAM::Error on fail.
list_access_keys(%params)
Returns information about the access key IDs associated with the specified user. If the UserName field is not specified, the UserName is determined implicitly based on the AWS access key ID used to sign the request. Because this action works for access keys under the AWS account, you can use this action to manage root credentials even if the AWS account has no associated users.
Returns Net::Amazon::IAM::AccessKeysList on success. If specified user has no keys, "Keys" attribute of Net::Amazon::IAM::AccessKeysList object will be just empty array. Returns Net::Amazon::IAM::Error on fail.
AUTHOR
Igor Tsigankov <tsiganenok@gmail.com>
COPYRIGHT
Copyright (c) 2015 Igor Tsigankov.
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.