-
Notifications
You must be signed in to change notification settings - Fork 107
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
AWS Identity and Access Management (IAM) support.
This commit adds support for the following AWS IAM actions: - CreateAccessKey - CreateUser - DeleteAccessKey - DeleteUser - DeleteUserPolicy - GetUserPolicy - ListAccessKeys - ListUserPolicies - ListUsers - PutUserPolicy - UpdateAccessKey - UpdateUser Added self to contributors.
- Loading branch information
Showing
20 changed files
with
1,118 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,5 @@ | ||
*~ | ||
dist/* | ||
*.swp | ||
/.cabal-sandbox | ||
/cabal.sandbox.config |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
module Aws.Iam | ||
( module Aws.Iam.Commands | ||
, module Aws.Iam.Core | ||
) where | ||
|
||
import Aws.Iam.Commands | ||
import Aws.Iam.Core |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
module Aws.Iam.Commands | ||
( module Aws.Iam.Commands.CreateAccessKey | ||
, module Aws.Iam.Commands.CreateUser | ||
, module Aws.Iam.Commands.DeleteAccessKey | ||
, module Aws.Iam.Commands.DeleteUser | ||
, module Aws.Iam.Commands.DeleteUserPolicy | ||
, module Aws.Iam.Commands.GetUser | ||
, module Aws.Iam.Commands.GetUserPolicy | ||
, module Aws.Iam.Commands.ListAccessKeys | ||
, module Aws.Iam.Commands.ListUserPolicies | ||
, module Aws.Iam.Commands.ListUsers | ||
, module Aws.Iam.Commands.PutUserPolicy | ||
, module Aws.Iam.Commands.UpdateAccessKey | ||
, module Aws.Iam.Commands.UpdateUser | ||
) where | ||
|
||
import Aws.Iam.Commands.CreateAccessKey | ||
import Aws.Iam.Commands.CreateUser | ||
import Aws.Iam.Commands.DeleteAccessKey | ||
import Aws.Iam.Commands.DeleteUser | ||
import Aws.Iam.Commands.DeleteUserPolicy | ||
import Aws.Iam.Commands.GetUser | ||
import Aws.Iam.Commands.GetUserPolicy | ||
import Aws.Iam.Commands.ListAccessKeys | ||
import Aws.Iam.Commands.ListUserPolicies | ||
import Aws.Iam.Commands.ListUsers | ||
import Aws.Iam.Commands.PutUserPolicy | ||
import Aws.Iam.Commands.UpdateAccessKey | ||
import Aws.Iam.Commands.UpdateUser |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,84 @@ | ||
{-# LANGUAGE MultiParamTypeClasses #-} | ||
{-# LANGUAGE RecordWildCards #-} | ||
{-# LANGUAGE TupleSections #-} | ||
{-# LANGUAGE TypeFamilies #-} | ||
module Aws.Iam.Commands.CreateAccessKey | ||
( CreateAccessKey(..) | ||
, CreateAccessKeyResponse(..) | ||
, AccessKey(..) | ||
) where | ||
|
||
import Aws.Core | ||
import Aws.Iam.Core | ||
import Aws.Iam.Internal | ||
import Control.Applicative | ||
import Data.Text (Text) | ||
import qualified Data.Text as Text | ||
import Data.Time | ||
import Data.Typeable | ||
import Text.XML.Cursor (($//)) | ||
|
||
-- | Creates a new AWS secret access key and corresponding AWS access key ID | ||
-- for the given user name. | ||
-- | ||
-- If a user name is not provided, IAM will determine the user name based on | ||
-- the access key signing the request. | ||
-- | ||
-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateAccessKey.html> | ||
data CreateAccessKey = CreateAccessKey (Maybe Text) | ||
deriving (Eq, Ord, Show, Typeable) | ||
|
||
instance SignQuery CreateAccessKey where | ||
type ServiceConfiguration CreateAccessKey = IamConfiguration | ||
signQuery (CreateAccessKey user) | ||
= iamAction' "CreateAccessKey" [("UserName",) <$> user] | ||
|
||
-- | Represents the IAM @AccessKey@ data type. | ||
-- | ||
-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_AccessKey.html> | ||
data AccessKey | ||
= AccessKey { | ||
akAccessKeyId :: Text | ||
-- ^ The Access Key ID. | ||
, akCreateDate :: Maybe UTCTime | ||
-- ^ Date and time at which the access key was created. | ||
, akSecretAccessKey :: Text | ||
-- ^ Secret key used to sign requests. The secret key is accessible only | ||
-- during key creation. | ||
, akStatus :: AccessKeyStatus | ||
-- ^ Whether the access key is active or not. | ||
, akUserName :: Text | ||
-- ^ The user name for which this key is defined. | ||
} | ||
deriving (Eq, Ord, Show, Typeable) | ||
|
||
data CreateAccessKeyResponse | ||
= CreateAccessKeyResponse AccessKey | ||
deriving (Eq, Ord, Show, Typeable) | ||
|
||
instance ResponseConsumer CreateAccessKey CreateAccessKeyResponse where | ||
type ResponseMetadata CreateAccessKeyResponse = IamMetadata | ||
responseConsumer _ | ||
= iamResponseConsumer $ \cursor -> do | ||
let attr name = force ("Missing " ++ Text.unpack name) $ | ||
cursor $// elContent name | ||
akAccessKeyId <- attr "AccessKeyId" | ||
akSecretAccessKey <- attr "SecretAccessKey" | ||
akStatus <- readAccessKeyStatus <$> attr "Status" | ||
akUserName <- attr "UserName" | ||
akCreateDate <- readDate cursor | ||
return $ CreateAccessKeyResponse AccessKey{..} | ||
where | ||
readDate c = case c $// elCont "CreateDate" of | ||
(x:_) -> Just <$> parseDateTime x | ||
_ -> return Nothing | ||
readAccessKeyStatus s | ||
| Text.toCaseFold s == "Active" = AccessKeyActive | ||
| otherwise = AccessKeyInactive | ||
|
||
|
||
instance Transaction CreateAccessKey CreateAccessKeyResponse | ||
|
||
instance AsMemoryResponse CreateAccessKeyResponse where | ||
type MemoryResponse CreateAccessKeyResponse = CreateAccessKeyResponse | ||
loadToMemory = return |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
{-# LANGUAGE MultiParamTypeClasses #-} | ||
{-# LANGUAGE RecordWildCards #-} | ||
{-# LANGUAGE TupleSections #-} | ||
{-# LANGUAGE TypeFamilies #-} | ||
module Aws.Iam.Commands.CreateUser | ||
( CreateUser(..) | ||
, CreateUserResponse(..) | ||
, User(..) | ||
) where | ||
|
||
import Aws.Core | ||
import Aws.Iam.Core | ||
import Aws.Iam.Internal | ||
import Control.Applicative | ||
import Data.Text (Text) | ||
import Data.Typeable | ||
|
||
-- | Creates a new user. | ||
-- | ||
-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateUser.html> | ||
data CreateUser | ||
= CreateUser { | ||
cuUserName :: Text | ||
-- ^ Name of the new user | ||
, cuPath :: Maybe Text | ||
-- ^ Path under which the user will be created. Defaults to @/@ if | ||
-- omitted. | ||
} | ||
deriving (Eq, Ord, Show, Typeable) | ||
|
||
instance SignQuery CreateUser where | ||
type ServiceConfiguration CreateUser = IamConfiguration | ||
signQuery CreateUser{..} | ||
= iamAction' "CreateUser" [ | ||
Just ("UserName", cuUserName) | ||
, ("Path",) <$> cuPath | ||
] | ||
|
||
data CreateUserResponse = CreateUserResponse User | ||
deriving (Eq, Ord, Show, Typeable) | ||
|
||
instance ResponseConsumer CreateUser CreateUserResponse where | ||
type ResponseMetadata CreateUserResponse = IamMetadata | ||
responseConsumer _ = iamResponseConsumer $ | ||
fmap CreateUserResponse . parseUser | ||
|
||
instance Transaction CreateUser CreateUserResponse | ||
|
||
instance AsMemoryResponse CreateUserResponse where | ||
type MemoryResponse CreateUserResponse = CreateUserResponse | ||
loadToMemory = return |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
{-# LANGUAGE MultiParamTypeClasses #-} | ||
{-# LANGUAGE RecordWildCards #-} | ||
{-# LANGUAGE TupleSections #-} | ||
{-# LANGUAGE TypeFamilies #-} | ||
module Aws.Iam.Commands.DeleteAccessKey | ||
( DeleteAccessKey(..) | ||
, DeleteAccessKeyResponse(..) | ||
) where | ||
|
||
import Aws.Core | ||
import Aws.Iam.Core | ||
import Aws.Iam.Internal | ||
import Control.Applicative | ||
import Data.Text (Text) | ||
import Data.Typeable | ||
|
||
-- | Deletes the access key associated with the specified user. | ||
-- | ||
-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteAccessKey.html> | ||
data DeleteAccessKey | ||
= DeleteAccessKey { | ||
dakAccessKeyId :: Text | ||
-- ^ ID of the access key to be deleted. | ||
, dakUserName :: Maybe Text | ||
-- ^ User name with which the access key is associated. | ||
} | ||
deriving (Eq, Ord, Show, Typeable) | ||
|
||
instance SignQuery DeleteAccessKey where | ||
type ServiceConfiguration DeleteAccessKey = IamConfiguration | ||
signQuery DeleteAccessKey{..} | ||
= iamAction' "DeleteAccessKey" [ | ||
Just ("AccessKeyId", dakAccessKeyId) | ||
, ("UserName",) <$> dakUserName | ||
] | ||
|
||
data DeleteAccessKeyResponse = DeleteAccessKeyResponse | ||
deriving (Eq, Ord, Show, Typeable) | ||
|
||
instance ResponseConsumer DeleteAccessKey DeleteAccessKeyResponse where | ||
type ResponseMetadata DeleteAccessKeyResponse = IamMetadata | ||
responseConsumer _ = iamResponseConsumer (const $ return DeleteAccessKeyResponse) | ||
|
||
instance Transaction DeleteAccessKey DeleteAccessKeyResponse | ||
|
||
instance AsMemoryResponse DeleteAccessKeyResponse where | ||
type MemoryResponse DeleteAccessKeyResponse = DeleteAccessKeyResponse | ||
loadToMemory = return |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
{-# LANGUAGE MultiParamTypeClasses #-} | ||
{-# LANGUAGE TypeFamilies #-} | ||
module Aws.Iam.Commands.DeleteUser | ||
( DeleteUser(..) | ||
, DeleteUserResponse(..) | ||
) where | ||
|
||
import Aws.Core | ||
import Aws.Iam.Core | ||
import Aws.Iam.Internal | ||
import Data.Text (Text) | ||
import Data.Typeable | ||
|
||
-- | Deletes the specified user. | ||
-- | ||
-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteUser.html> | ||
data DeleteUser = DeleteUser Text | ||
deriving (Eq, Ord, Show, Typeable) | ||
|
||
instance SignQuery DeleteUser where | ||
type ServiceConfiguration DeleteUser = IamConfiguration | ||
signQuery (DeleteUser userName) | ||
= iamAction "DeleteUser" [("UserName", userName)] | ||
|
||
data DeleteUserResponse = DeleteUserResponse | ||
deriving (Eq, Ord, Show, Typeable) | ||
|
||
instance ResponseConsumer DeleteUser DeleteUserResponse where | ||
type ResponseMetadata DeleteUserResponse = IamMetadata | ||
responseConsumer _ = iamResponseConsumer (const $ return DeleteUserResponse) | ||
|
||
instance Transaction DeleteUser DeleteUserResponse | ||
|
||
instance AsMemoryResponse DeleteUserResponse where | ||
type MemoryResponse DeleteUserResponse = DeleteUserResponse | ||
loadToMemory = return |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
{-# LANGUAGE MultiParamTypeClasses #-} | ||
{-# LANGUAGE RecordWildCards #-} | ||
{-# LANGUAGE TypeFamilies #-} | ||
module Aws.Iam.Commands.DeleteUserPolicy | ||
( DeleteUserPolicy(..) | ||
, DeleteUserPolicyResponse(..) | ||
) where | ||
|
||
import Aws.Core | ||
import Aws.Iam.Core | ||
import Aws.Iam.Internal | ||
import Data.Text (Text) | ||
import Data.Typeable | ||
|
||
-- | Deletes the specified policy associated with the specified user. | ||
-- | ||
-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteUserPolicy.html> | ||
data DeleteUserPolicy | ||
= DeleteUserPolicy { | ||
dupPolicyName :: Text | ||
-- ^ Name of the policy to be deleted. | ||
, dupUserName :: Text | ||
-- ^ Name of the user with whom the policy is associated. | ||
} | ||
deriving (Eq, Ord, Show, Typeable) | ||
|
||
instance SignQuery DeleteUserPolicy where | ||
type ServiceConfiguration DeleteUserPolicy = IamConfiguration | ||
signQuery DeleteUserPolicy{..} | ||
= iamAction "DeleteUserPolicy" [ | ||
("PolicyName", dupPolicyName) | ||
, ("UserName", dupUserName) | ||
] | ||
|
||
data DeleteUserPolicyResponse = DeleteUserPolicyResponse | ||
deriving (Eq, Ord, Show, Typeable) | ||
|
||
instance ResponseConsumer DeleteUserPolicy DeleteUserPolicyResponse where | ||
type ResponseMetadata DeleteUserPolicyResponse = IamMetadata | ||
responseConsumer _ = iamResponseConsumer (const $ return DeleteUserPolicyResponse) | ||
|
||
instance Transaction DeleteUserPolicy DeleteUserPolicyResponse | ||
|
||
instance AsMemoryResponse DeleteUserPolicyResponse where | ||
type MemoryResponse DeleteUserPolicyResponse = DeleteUserPolicyResponse | ||
loadToMemory = return |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
{-# LANGUAGE MultiParamTypeClasses #-} | ||
{-# LANGUAGE TupleSections #-} | ||
{-# LANGUAGE TypeFamilies #-} | ||
module Aws.Iam.Commands.GetUser | ||
( GetUser(..) | ||
, GetUserResponse(..) | ||
, User(..) | ||
) where | ||
|
||
import Aws.Core | ||
import Aws.Iam.Core | ||
import Aws.Iam.Internal | ||
import Control.Applicative | ||
import Data.Text (Text) | ||
import Data.Typeable | ||
|
||
-- | Retreives information about the given user. | ||
-- | ||
-- If a user name is not given, IAM determines the user name based on the | ||
-- access key signing the request. | ||
-- | ||
-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_GetUser.html> | ||
data GetUser = GetUser (Maybe Text) | ||
deriving (Eq, Ord, Show, Typeable) | ||
|
||
instance SignQuery GetUser where | ||
type ServiceConfiguration GetUser = IamConfiguration | ||
signQuery (GetUser user) | ||
= iamAction' "GetUser" [("UserName",) <$> user] | ||
|
||
data GetUserResponse = GetUserResponse User | ||
deriving (Eq, Ord, Show, Typeable) | ||
|
||
instance ResponseConsumer GetUser GetUserResponse where | ||
type ResponseMetadata GetUserResponse = IamMetadata | ||
responseConsumer _ = iamResponseConsumer $ | ||
fmap GetUserResponse . parseUser | ||
|
||
instance Transaction GetUser GetUserResponse | ||
|
||
instance AsMemoryResponse GetUserResponse where | ||
type MemoryResponse GetUserResponse = GetUserResponse | ||
loadToMemory = return |
Oops, something went wrong.