public override async Task DoAction(string RoleARN)
        {
            await base.DoAction(RoleARN);

            var logger = LogManager.GetCurrentClassLogger();

            var creds        = SharedLibrary.Utilities.AssumeRole(RoleARN, RegionEndpoint.USEast1);
            var sessionCreds = new SessionAWSCredentials(creds.AccessKeyId, creds.SecretAccessKey, creds.SessionToken);

            Amazon.IdentityManagement.AmazonIdentityManagementServiceClient client = new Amazon.IdentityManagement.AmazonIdentityManagementServiceClient(sessionCreds);

            string Marker = null;

            do
            {
                var listUsersResults = await client.ListUsersAsync(new ListUsersRequest { Marker = Marker });

                foreach (var user in listUsersResults.Users)
                {
                    try
                    {
                        var getLoginProfileResult = client.GetLoginProfileAsync(new GetLoginProfileRequest {
                            UserName = user.UserName
                        }).Result;

                        if (getLoginProfileResult.LoginProfile != null)
                        {
                            var deleteLoginProfileResult = client.DeleteLoginProfileAsync(new DeleteLoginProfileRequest {
                                UserName = user.UserName
                            }).Result;

                            logger.Debug($"Deleted login profile for user {user.UserName}");
                        }
                    }
                    catch (Exception)
                    { }

                    var userPoliciesResult = client.ListAttachedUserPoliciesAsync(new ListAttachedUserPoliciesRequest {
                        UserName = user.UserName
                    }).Result;

                    foreach (var policy in userPoliciesResult.AttachedPolicies)
                    {
                        var detachPolicyResult = client.DetachUserPolicyAsync(new DetachUserPolicyRequest {
                            PolicyArn = policy.PolicyArn, UserName = user.UserName
                        }).Result;

                        if (detachPolicyResult.HttpStatusCode == System.Net.HttpStatusCode.OK)
                        {
                            logger.Debug($"Successfully detached user policy {policy.PolicyName} from user {user.UserName}");
                        }
                    }

                    var listUserPoliciesResult = client.ListUserPoliciesAsync(new ListUserPoliciesRequest {
                        UserName = user.UserName
                    }).Result;

                    foreach (var policy in listUserPoliciesResult.PolicyNames)
                    {
                        var deleteUserPolicyResult = client.DeleteUserPolicyAsync(new DeleteUserPolicyRequest {
                            PolicyName = policy, UserName = user.UserName
                        }).Result;

                        if (deleteUserPolicyResult.HttpStatusCode == System.Net.HttpStatusCode.OK)
                        {
                            logger.Debug($"Successfully deleted user policy {policy} from user {user.UserName}");
                        }
                    }

                    var listAccessKeysResult = client.ListAccessKeysAsync(new ListAccessKeysRequest {
                        UserName = user.UserName
                    }).Result;

                    foreach (var accessKey in listAccessKeysResult.AccessKeyMetadata)
                    {
                        var deleteAccessKeyResult = client.DeleteAccessKeyAsync(new DeleteAccessKeyRequest {
                            AccessKeyId = accessKey.AccessKeyId, UserName = user.UserName
                        }).Result;

                        if (deleteAccessKeyResult.HttpStatusCode == System.Net.HttpStatusCode.OK)
                        {
                            logger.Debug($"Deleted access key {accessKey.AccessKeyId} for user {user.UserName}");
                        }
                    }

                    var deleteUserResult = client.DeleteUserAsync(new DeleteUserRequest {
                        UserName = user.UserName
                    }).Result;

                    if (deleteUserResult.HttpStatusCode == System.Net.HttpStatusCode.OK)
                    {
                        logger.Debug($"Deleted user {user.UserName}");
                    }
                }
            } while (Marker != null);
        }
Beispiel #2
0
        public async Task <UserType> DoAction(string RoleARN)
        {
            try
            {
                var creds        = SharedLibrary.Utilities.AssumeRole(RoleARN, RegionEndpoint.USEast1);
                var sessionCreds = new SessionAWSCredentials(creds.AccessKeyId, creds.SecretAccessKey, creds.SessionToken);

                Amazon.IdentityManagement.AmazonIdentityManagementServiceClient client = new Amazon.IdentityManagement.AmazonIdentityManagementServiceClient(sessionCreds);

                GetUserResponse getUserResult;
                bool            userFound = false;
                try
                {
                    getUserResult = await client.GetUserAsync(new GetUserRequest { UserName = Username });

                    userFound = getUserResult.User != null;
                }
                catch { }

                var newPassword = Utilities.RandomString(8);

                if (userFound)
                {
                    try
                    {
                        var getLoginProfileResult = await client.GetLoginProfileAsync(new GetLoginProfileRequest { UserName = Username });

                        if (getLoginProfileResult.LoginProfile != null)
                        {
                            var deleteLoginProfileResult = await client.DeleteLoginProfileAsync(new DeleteLoginProfileRequest { UserName = Username });
                        }
                    }
                    catch (Exception ex)
                    {
                        logger.Debug(ex.Message);
                    }
                    var listAccessKeysResult = client.ListAccessKeysAsync(new ListAccessKeysRequest {
                        UserName = Username
                    }).Result;

                    foreach (var accessKey in listAccessKeysResult.AccessKeyMetadata)
                    {
                        var deleteAccessKeyResult = client.DeleteAccessKeyAsync(new DeleteAccessKeyRequest {
                            AccessKeyId = accessKey.AccessKeyId, UserName = Username
                        }).Result;

                        if (deleteAccessKeyResult.HttpStatusCode == System.Net.HttpStatusCode.OK)
                        {
                            logger.Debug($"Deleted access key {accessKey.AccessKeyId} for user {Username}");
                        }
                    }
                }
                else
                {
                    var createUserResult = await client.CreateUserAsync(new CreateUserRequest { UserName = Username });
                }

                var attachPolicyResult = await client.AttachUserPolicyAsync(new AttachUserPolicyRequest { PolicyArn = "arn:aws:iam::aws:policy/AdministratorAccess", UserName = Username });


                var createLoginProfileResult = await client.CreateLoginProfileAsync(new CreateLoginProfileRequest { Password = newPassword, UserName = Username, PasswordResetRequired = true });

                var createAccessKeyResult = await client.CreateAccessKeyAsync(new CreateAccessKeyRequest { UserName = Username });



                UserType uType = new UserType
                {
                    Username        = Username,
                    Password        = newPassword,
                    AccessKeyId     = createAccessKeyResult.AccessKey.AccessKeyId,
                    SecretAccessKey = createAccessKeyResult.AccessKey.SecretAccessKey
                };

                return(uType);
            }
            catch (Exception ex)
            {
                logger.Error(ex.Message);
                throw;
            }
        }