AWS Identity and Access Management (IAM) support.

This commit adds support for the following AWS IAM actions:

- CreateAccessKey
- CreateUser
- DeleteAccessKey
- DeleteUser
- DeleteUserPolicy
- GetUserPolicy
- ListAccessKeys
- ListUserPolicies
- ListUsers
- PutUserPolicy
- UpdateAccessKey
- UpdateUser

Added self to contributors.

.gitignore

@@ -1,3 +1,5 @@
 *~
 dist/*
 *.swp
+/.cabal-sandbox
+/cabal.sandbox.config

Aws/Iam.hs

@@ -0,0 +1,7 @@
+module Aws.Iam
+    ( module Aws.Iam.Commands
+    , module Aws.Iam.Core
+    ) where
+
+import           Aws.Iam.Commands
+import           Aws.Iam.Core

Aws/Iam/Commands.hs

@@ -0,0 +1,29 @@
+module Aws.Iam.Commands
+    ( module Aws.Iam.Commands.CreateAccessKey
+    , module Aws.Iam.Commands.CreateUser
+    , module Aws.Iam.Commands.DeleteAccessKey
+    , module Aws.Iam.Commands.DeleteUser
+    , module Aws.Iam.Commands.DeleteUserPolicy
+    , module Aws.Iam.Commands.GetUser
+    , module Aws.Iam.Commands.GetUserPolicy
+    , module Aws.Iam.Commands.ListAccessKeys
+    , module Aws.Iam.Commands.ListUserPolicies
+    , module Aws.Iam.Commands.ListUsers
+    , module Aws.Iam.Commands.PutUserPolicy
+    , module Aws.Iam.Commands.UpdateAccessKey
+    , module Aws.Iam.Commands.UpdateUser
+    ) where
+
+import           Aws.Iam.Commands.CreateAccessKey
+import           Aws.Iam.Commands.CreateUser
+import           Aws.Iam.Commands.DeleteAccessKey
+import           Aws.Iam.Commands.DeleteUser
+import           Aws.Iam.Commands.DeleteUserPolicy
+import           Aws.Iam.Commands.GetUser
+import           Aws.Iam.Commands.GetUserPolicy
+import           Aws.Iam.Commands.ListAccessKeys
+import           Aws.Iam.Commands.ListUserPolicies
+import           Aws.Iam.Commands.ListUsers
+import           Aws.Iam.Commands.PutUserPolicy
+import           Aws.Iam.Commands.UpdateAccessKey
+import           Aws.Iam.Commands.UpdateUser

Aws/Iam/Commands/CreateAccessKey.hs

@@ -0,0 +1,84 @@
+{-# LANGUAGE MultiParamTypeClasses #-}
+{-# LANGUAGE RecordWildCards       #-}
+{-# LANGUAGE TupleSections         #-}
+{-# LANGUAGE TypeFamilies          #-}
+module Aws.Iam.Commands.CreateAccessKey
+    ( CreateAccessKey(..)
+    , CreateAccessKeyResponse(..)
+    , AccessKey(..)
+    ) where
+
+import           Aws.Core
+import           Aws.Iam.Core
+import           Aws.Iam.Internal
+import           Control.Applicative
+import           Data.Text           (Text)
+import qualified Data.Text           as Text
+import           Data.Time
+import           Data.Typeable
+import           Text.XML.Cursor     (($//))
+
+-- | Creates a new AWS secret access key and corresponding AWS access key ID
+-- for the given user name.
+--
+-- If a user name is not provided, IAM will determine the user name based on
+-- the access key signing the request.
+--
+-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateAccessKey.html>
+data CreateAccessKey = CreateAccessKey (Maybe Text)
+    deriving (Eq, Ord, Show, Typeable)
+
+instance SignQuery CreateAccessKey where
+    type ServiceConfiguration CreateAccessKey = IamConfiguration
+    signQuery (CreateAccessKey user)
+        = iamAction' "CreateAccessKey" [("UserName",) <$> user]
+
+-- | Represents the IAM @AccessKey@ data type.
+--
+-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_AccessKey.html>
+data AccessKey
+    = AccessKey {
+        akAccessKeyId     :: Text
+      -- ^ The Access Key ID.
+      , akCreateDate      :: Maybe UTCTime
+      -- ^ Date and time at which the access key was created.
+      , akSecretAccessKey :: Text
+      -- ^ Secret key used to sign requests. The secret key is accessible only
+      -- during key creation.
+      , akStatus          :: AccessKeyStatus
+      -- ^ Whether the access key is active or not.
+      , akUserName        :: Text
+      -- ^ The user name for which this key is defined.
+      }
+    deriving (Eq, Ord, Show, Typeable)
+
+data CreateAccessKeyResponse
+    = CreateAccessKeyResponse AccessKey
+    deriving (Eq, Ord, Show, Typeable)
+
+instance ResponseConsumer CreateAccessKey CreateAccessKeyResponse where
+    type ResponseMetadata CreateAccessKeyResponse = IamMetadata
+    responseConsumer _
+        = iamResponseConsumer $ \cursor -> do
+            let attr name = force ("Missing " ++ Text.unpack name) $
+                            cursor $// elContent name
+            akAccessKeyId     <- attr "AccessKeyId"
+            akSecretAccessKey <- attr "SecretAccessKey"
+            akStatus          <- readAccessKeyStatus <$> attr "Status"
+            akUserName        <- attr "UserName"
+            akCreateDate      <- readDate cursor
+            return $ CreateAccessKeyResponse AccessKey{..}
+        where
+          readDate c = case c $// elCont "CreateDate" of
+                        (x:_) -> Just <$> parseDateTime x
+                        _     -> return Nothing
+          readAccessKeyStatus s
+              | Text.toCaseFold s == "Active" = AccessKeyActive
+              | otherwise                     = AccessKeyInactive
+
+
+instance Transaction CreateAccessKey CreateAccessKeyResponse
+
+instance AsMemoryResponse CreateAccessKeyResponse where
+    type MemoryResponse CreateAccessKeyResponse = CreateAccessKeyResponse
+    loadToMemory = return

Aws/Iam/Commands/CreateUser.hs

@@ -0,0 +1,51 @@
+{-# LANGUAGE MultiParamTypeClasses #-}
+{-# LANGUAGE RecordWildCards       #-}
+{-# LANGUAGE TupleSections         #-}
+{-# LANGUAGE TypeFamilies          #-}
+module Aws.Iam.Commands.CreateUser
+    ( CreateUser(..)
+    , CreateUserResponse(..)
+    , User(..)
+    ) where
+
+import           Aws.Core
+import           Aws.Iam.Core
+import           Aws.Iam.Internal
+import           Control.Applicative
+import           Data.Text           (Text)
+import           Data.Typeable
+
+-- | Creates a new user.
+--
+-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateUser.html>
+data CreateUser
+    = CreateUser {
+        cuUserName :: Text
+      -- ^ Name of the new user
+      , cuPath     :: Maybe Text
+      -- ^ Path under which the user will be created. Defaults to @/@ if
+      -- omitted.
+      }
+    deriving (Eq, Ord, Show, Typeable)
+
+instance SignQuery CreateUser where
+    type ServiceConfiguration CreateUser = IamConfiguration
+    signQuery CreateUser{..}
+        = iamAction' "CreateUser" [
+              Just ("UserName", cuUserName)
+            , ("Path",) <$> cuPath
+            ]
+
+data CreateUserResponse = CreateUserResponse User
+    deriving (Eq, Ord, Show, Typeable)
+
+instance ResponseConsumer CreateUser CreateUserResponse where
+    type ResponseMetadata CreateUserResponse = IamMetadata
+    responseConsumer _ = iamResponseConsumer $
+                         fmap CreateUserResponse . parseUser
+
+instance Transaction CreateUser CreateUserResponse
+
+instance AsMemoryResponse CreateUserResponse where
+    type MemoryResponse CreateUserResponse = CreateUserResponse
+    loadToMemory = return

Aws/Iam/Commands/DeleteAccessKey.hs

@@ -0,0 +1,48 @@
+{-# LANGUAGE MultiParamTypeClasses #-}
+{-# LANGUAGE RecordWildCards       #-}
+{-# LANGUAGE TupleSections         #-}
+{-# LANGUAGE TypeFamilies          #-}
+module Aws.Iam.Commands.DeleteAccessKey
+    ( DeleteAccessKey(..)
+    , DeleteAccessKeyResponse(..)
+    ) where
+
+import           Aws.Core
+import           Aws.Iam.Core
+import           Aws.Iam.Internal
+import           Control.Applicative
+import           Data.Text           (Text)
+import           Data.Typeable
+
+-- | Deletes the access key associated with the specified user.
+--
+-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteAccessKey.html>
+data DeleteAccessKey
+    = DeleteAccessKey {
+        dakAccessKeyId :: Text
+      -- ^ ID of the access key to be deleted.
+      , dakUserName    :: Maybe Text
+      -- ^ User name with which the access key is associated.
+      }
+    deriving (Eq, Ord, Show, Typeable)
+
+instance SignQuery DeleteAccessKey where
+    type ServiceConfiguration DeleteAccessKey = IamConfiguration
+    signQuery DeleteAccessKey{..}
+        = iamAction' "DeleteAccessKey" [
+              Just ("AccessKeyId", dakAccessKeyId)
+            , ("UserName",) <$> dakUserName
+            ]
+
+data DeleteAccessKeyResponse = DeleteAccessKeyResponse
+    deriving (Eq, Ord, Show, Typeable)
+
+instance ResponseConsumer DeleteAccessKey DeleteAccessKeyResponse where
+    type ResponseMetadata DeleteAccessKeyResponse = IamMetadata
+    responseConsumer _ = iamResponseConsumer (const $ return DeleteAccessKeyResponse)
+
+instance Transaction DeleteAccessKey DeleteAccessKeyResponse
+
+instance AsMemoryResponse DeleteAccessKeyResponse where
+    type MemoryResponse DeleteAccessKeyResponse = DeleteAccessKeyResponse
+    loadToMemory = return

Aws/Iam/Commands/DeleteUser.hs

@@ -0,0 +1,36 @@
+{-# LANGUAGE MultiParamTypeClasses #-}
+{-# LANGUAGE TypeFamilies          #-}
+module Aws.Iam.Commands.DeleteUser
+    ( DeleteUser(..)
+    , DeleteUserResponse(..)
+    ) where
+
+import           Aws.Core
+import           Aws.Iam.Core
+import           Aws.Iam.Internal
+import           Data.Text          (Text)
+import           Data.Typeable
+
+-- | Deletes the specified user.
+--
+-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteUser.html>
+data DeleteUser = DeleteUser Text
+    deriving (Eq, Ord, Show, Typeable)
+
+instance SignQuery DeleteUser where
+    type ServiceConfiguration DeleteUser = IamConfiguration
+    signQuery (DeleteUser userName)
+        = iamAction "DeleteUser" [("UserName", userName)]
+
+data DeleteUserResponse = DeleteUserResponse
+    deriving (Eq, Ord, Show, Typeable)
+
+instance ResponseConsumer DeleteUser DeleteUserResponse where
+    type ResponseMetadata DeleteUserResponse = IamMetadata
+    responseConsumer _ = iamResponseConsumer (const $ return DeleteUserResponse)
+
+instance Transaction DeleteUser DeleteUserResponse
+
+instance AsMemoryResponse DeleteUserResponse where
+    type MemoryResponse DeleteUserResponse = DeleteUserResponse
+    loadToMemory = return

Aws/Iam/Commands/DeleteUserPolicy.hs

@@ -0,0 +1,46 @@
+{-# LANGUAGE MultiParamTypeClasses #-}
+{-# LANGUAGE RecordWildCards       #-}
+{-# LANGUAGE TypeFamilies          #-}
+module Aws.Iam.Commands.DeleteUserPolicy
+    ( DeleteUserPolicy(..)
+    , DeleteUserPolicyResponse(..)
+    ) where
+
+import           Aws.Core
+import           Aws.Iam.Core
+import           Aws.Iam.Internal
+import           Data.Text          (Text)
+import           Data.Typeable
+
+-- | Deletes the specified policy associated with the specified user.
+--
+-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteUserPolicy.html>
+data DeleteUserPolicy
+    = DeleteUserPolicy {
+        dupPolicyName :: Text
+      -- ^ Name of the policy to be deleted.
+      , dupUserName   :: Text
+      -- ^ Name of the user with whom the policy is associated.
+      }
+    deriving (Eq, Ord, Show, Typeable)
+
+instance SignQuery DeleteUserPolicy where
+    type ServiceConfiguration DeleteUserPolicy = IamConfiguration
+    signQuery DeleteUserPolicy{..}
+        = iamAction "DeleteUserPolicy" [
+              ("PolicyName", dupPolicyName)
+            , ("UserName", dupUserName)
+            ]
+
+data DeleteUserPolicyResponse = DeleteUserPolicyResponse
+    deriving (Eq, Ord, Show, Typeable)
+
+instance ResponseConsumer DeleteUserPolicy DeleteUserPolicyResponse where
+    type ResponseMetadata DeleteUserPolicyResponse = IamMetadata
+    responseConsumer _ = iamResponseConsumer (const $ return DeleteUserPolicyResponse)
+
+instance Transaction DeleteUserPolicy DeleteUserPolicyResponse
+
+instance AsMemoryResponse DeleteUserPolicyResponse where
+    type MemoryResponse DeleteUserPolicyResponse = DeleteUserPolicyResponse
+    loadToMemory = return

Aws/Iam/Commands/GetUser.hs

@@ -0,0 +1,43 @@
+{-# LANGUAGE MultiParamTypeClasses #-}
+{-# LANGUAGE TupleSections         #-}
+{-# LANGUAGE TypeFamilies          #-}
+module Aws.Iam.Commands.GetUser
+    ( GetUser(..)
+    , GetUserResponse(..)
+    , User(..)
+    ) where
+
+import           Aws.Core
+import           Aws.Iam.Core
+import           Aws.Iam.Internal
+import           Control.Applicative
+import           Data.Text           (Text)
+import           Data.Typeable
+
+-- | Retreives information about the given user.
+--
+-- If a user name is not given, IAM determines the user name based on the
+-- access key signing the request.
+--
+-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_GetUser.html>
+data GetUser = GetUser (Maybe Text)
+    deriving (Eq, Ord, Show, Typeable)
+
+instance SignQuery GetUser where
+    type ServiceConfiguration GetUser = IamConfiguration
+    signQuery (GetUser user)
+        = iamAction' "GetUser" [("UserName",) <$> user]
+
+data GetUserResponse = GetUserResponse User
+    deriving (Eq, Ord, Show, Typeable)
+
+instance ResponseConsumer GetUser GetUserResponse where
+    type ResponseMetadata GetUserResponse = IamMetadata
+    responseConsumer _ = iamResponseConsumer $
+                         fmap GetUserResponse . parseUser
+
+instance Transaction GetUser GetUserResponse
+
+instance AsMemoryResponse GetUserResponse where
+    type MemoryResponse GetUserResponse = GetUserResponse
+    loadToMemory = return