Server IP : 85.214.239.14 / Your IP : 3.144.119.149 Web Server : Apache/2.4.62 (Debian) System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64 User : www-data ( 33) PHP Version : 7.4.18 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /usr/lib/python3/dist-packages/ansible_collections/amazon/aws/plugins/modules/ |
Upload File : |
#!/usr/bin/python # -*- coding: utf-8 -*- # Copyright: (c) 2018, Ansible Project # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) from __future__ import absolute_import, division, print_function __metaclass__ = type DOCUMENTATION = ''' --- module: iam_user_info version_added: 5.0.0 short_description: Gather IAM user(s) facts in AWS description: - This module can be used to gather IAM user(s) facts in AWS. - This module was originally added to C(community.aws) in release 1.0.0. author: - Constantin Bugneac (@Constantin07) - Abhijeet Kasurde (@Akasurde) options: name: description: - The name of the IAM user to look for. required: false type: str group: description: - The group name name of the IAM user to look for. Mutually exclusive with C(path). required: false type: str path: description: - The path to the IAM user. Mutually exclusive with C(group). - If specified, then would get all user names whose path starts with user provided value. required: false default: '/' type: str extends_documentation_fragment: - amazon.aws.aws - amazon.aws.ec2 - amazon.aws.boto3 ''' EXAMPLES = r''' # Note: These examples do not set authentication details, see the AWS Guide for details. # Gather facts about "test" user. - name: Get IAM user info amazon.aws.iam_user_info: name: "test" # Gather facts about all users in the "dev" group. - name: Get IAM user info amazon.aws.iam_user_info: group: "dev" # Gather facts about all users with "/division_abc/subdivision_xyz/" path. - name: Get IAM user info amazon.aws.iam_user_info: path: "/division_abc/subdivision_xyz/" ''' RETURN = r''' iam_users: description: list of maching iam users returned: success type: complex contains: arn: description: the ARN of the user returned: if user exists type: str sample: "arn:aws:iam::123456789012:user/dev/test_user" create_date: description: the datetime user was created returned: if user exists type: str sample: "2016-05-24T12:24:59+00:00" password_last_used: description: the last datetime the password was used by user returned: if password was used at least once type: str sample: "2016-05-25T13:39:11+00:00" path: description: the path to user returned: if user exists type: str sample: "/dev/" user_id: description: the unique user id returned: if user exists type: str sample: "AIDUIOOCQKTUGI6QJLGH2" user_name: description: the user name returned: if user exists type: str sample: "test_user" tags: description: User tags. type: dict returned: if user exists sample: '{"Env": "Prod"}' ''' try: from botocore.exceptions import BotoCoreError, ClientError except ImportError: pass # caught by AnsibleAWSModule from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict from ansible_collections.amazon.aws.plugins.module_utils.core import AnsibleAWSModule from ansible_collections.amazon.aws.plugins.module_utils.core import is_boto3_error_code from ansible_collections.amazon.aws.plugins.module_utils.ec2 import AWSRetry from ansible_collections.amazon.aws.plugins.module_utils.ec2 import boto3_tag_list_to_ansible_dict @AWSRetry.exponential_backoff() def list_iam_users_with_backoff(client, operation, **kwargs): paginator = client.get_paginator(operation) return paginator.paginate(**kwargs).build_full_result() def describe_iam_user(user): tags = boto3_tag_list_to_ansible_dict(user.pop('Tags', [])) user = camel_dict_to_snake_dict(user) user['tags'] = tags return user def list_iam_users(connection, module): name = module.params.get('name') group = module.params.get('group') path = module.params.get('path') params = dict() iam_users = [] if not group and not path: if name: params['UserName'] = name try: iam_users.append(connection.get_user(**params)['User']) except is_boto3_error_code('NoSuchEntity'): pass except (ClientError, BotoCoreError) as e: # pylint: disable=duplicate-except module.fail_json_aws(e, msg="Couldn't get IAM user info for user %s" % name) if group: params['GroupName'] = group try: iam_users = list_iam_users_with_backoff(connection, 'get_group', **params)['Users'] except is_boto3_error_code('NoSuchEntity'): pass except (ClientError, BotoCoreError) as e: # pylint: disable=duplicate-except module.fail_json_aws(e, msg="Couldn't get IAM user info for group %s" % group) if name: iam_users = [user for user in iam_users if user['UserName'] == name] if path and not group: params['PathPrefix'] = path try: iam_users = list_iam_users_with_backoff(connection, 'list_users', **params)['Users'] except is_boto3_error_code('NoSuchEntity'): pass except (ClientError, BotoCoreError) as e: # pylint: disable=duplicate-except module.fail_json_aws(e, msg="Couldn't get IAM user info for path %s" % path) if name: iam_users = [user for user in iam_users if user['UserName'] == name] module.exit_json(iam_users=[describe_iam_user(user) for user in iam_users]) def main(): argument_spec = dict( name=dict(), group=dict(), path=dict(default='/') ) module = AnsibleAWSModule( argument_spec=argument_spec, mutually_exclusive=[ ['group', 'path'] ], supports_check_mode=True ) connection = module.client('iam') list_iam_users(connection, module) if __name__ == '__main__': main()