public override void Invoke(AWSCredentials creds, RegionEndpoint region, int maxItems)
{
AmazonIdentityManagementServiceConfig config = new AmazonIdentityManagementServiceConfig();
config.RegionEndpoint = region;
ConfigureClient(config);
AmazonIdentityManagementServiceClient client = new AmazonIdentityManagementServiceClient(creds, config);
ListRolesResponse resp = new ListRolesResponse();
do
{
ListRolesRequest req = new ListRolesRequest
{
Marker = resp.Marker
,
MaxItems = maxItems
};
resp = client.ListRoles(req);
CheckError(resp.HttpStatusCode, "200");
foreach (var obj in resp.Roles)
{
AddObject(obj);
}
}while (!string.IsNullOrEmpty(resp.Marker));
}
/// <summary>
/// Create a client for the Amazon IdentityManagementService Service with the specified configuration
/// </summary>
/// <param name="awsAccessKey">The AWS Access Key associated with the account</param>
/// <param name="awsSecretAccessKey">The AWS Secret Access Key associated with the account</param>
/// <param name="config">Configuration options for the service like HTTP Proxy, # of connections, etc
/// </param>
/// <returns>An Amazon IdentityManagementService client</returns>
/// <remarks>
/// </remarks>
public static IAmazonIdentityManagementService CreateAmazonIdentityManagementServiceClient(
string awsAccessKey,
string awsSecretAccessKey, AmazonIdentityManagementServiceConfig config
)
{
return(new AmazonIdentityManagementServiceClient(awsAccessKey, awsSecretAccessKey, config));
}
static async Task <string> GetRoleArn(string roleName)
{
try
{
var config = new AmazonIdentityManagementServiceConfig();
config.RegionEndpoint = region;
using (var aimsc = new AmazonIdentityManagementServiceClient(config))
{
var response = await aimsc.GetRoleAsync(new GetRoleRequest
{
RoleName = roleName
});
Role role = response.Role;
return(role.Arn);
}
}
catch (NoSuchEntityException) // role was not present
{
return(null);
}
catch (AmazonIdentityManagementServiceException imsException)
{
Console.WriteLine(imsException.Message, imsException.InnerException);
throw;
}
}
public override IAmazonIdentityManagementService CreateAIMClient()
{
var config = new AmazonIdentityManagementServiceConfig()
{
RegionEndpoint = AWSRegion
};
return(new AmazonIdentityManagementServiceClient(Credentials, config));
}
private IAmazonIdentityManagementService CreateIAMClient()
{
AmazonIdentityManagementServiceConfig config = new AmazonIdentityManagementServiceConfig();
config.RegionEndpoint = DetermineAWSRegion();
IAmazonIdentityManagementService client = new AmazonIdentityManagementServiceClient(DetermineAWSCredentials(), config);
return(client);
}
protected IAmazonIdentityManagementService CreateClient(AWSCredentials credentials, RegionEndpoint region)
{
var config = new AmazonIdentityManagementServiceConfig {
RegionEndpoint = region
};
Amazon.PowerShell.Utils.Common.PopulateConfig(this, config);
this.CustomizeClientConfig(config);
var client = new AmazonIdentityManagementServiceClient(credentials, config);
client.BeforeRequestEvent += RequestEventHandler;
client.AfterResponseEvent += ResponseEventHandler;
return(client);
}
private IAmazonIdentityManagementService CreateIAMClient()
{
// If the client is being created then the LambdaTools
// is not being invoked from the VS toolkit. The toolkit will pass in
// its configured Lambda client.
SetUserAgentString();
AmazonIdentityManagementServiceConfig config = new AmazonIdentityManagementServiceConfig();
config.RegionEndpoint = DetermineAWSRegion();
IAmazonIdentityManagementService client = new AmazonIdentityManagementServiceClient(DetermineAWSCredentials(), config);
return(client);
}
static async Task <string> CreateRole(string roleName, string service, string policy)
{
try
{
var config = new AmazonIdentityManagementServiceConfig();
config.RegionEndpoint = region;
using (var aimsc = new AmazonIdentityManagementServiceClient(config))
{
string assumeRole = @"{""Version"":""2012-10-17"",""Statement"":[{""Effect"":""Allow"",""Principal"":{""Service"": """ + service + @".amazonaws.com""},""Action"":""sts:AssumeRole""}]}";
var crres = await aimsc.CreateRoleAsync(new CreateRoleRequest
{
AssumeRolePolicyDocument = assumeRole,
Path = "/",
RoleName = roleName
});
Role role = crres.Role;
bucket = "buildbucket-" + region.SystemName + "-" + GetAWSNum(role.Arn);
var cpres = await aimsc.CreatePolicyAsync(new CreatePolicyRequest
{
PolicyName = roleName + "Policy",
Description = "This allows " + service + " to access services",
PolicyDocument = policy,
Path = "/"
});
var policyArn = cpres.Policy.Arn;
var response = await aimsc.AttachRolePolicyAsync(new AttachRolePolicyRequest
{
PolicyArn = policyArn,
RoleName = roleName
});
return(role.Arn);
}
}
catch (AmazonIdentityManagementServiceException imsException)
{
Console.WriteLine(imsException.Message, imsException.InnerException);
throw;
}
}
private IAmazonIdentityManagementService CreateIAMClient()
{
AmazonIdentityManagementServiceConfig config = new AmazonIdentityManagementServiceConfig();
var regionName = this.GetStringValueOrDefault(this.Region, DefinedCommandOptions.ARGUMENT_AWS_REGION, true);
if (!string.IsNullOrEmpty(regionName))
{
config.RegionEndpoint = RegionEndpoint.GetBySystemName(regionName);
}
else
{
config.RegionEndpoint = RegionEndpoint.USEast1;
}
IAmazonIdentityManagementService client = new AmazonIdentityManagementServiceClient(DetermineAWSCredentials(), config);
return(client);
}
public override void Invoke(AWSCredentials creds, RegionEndpoint region, int maxItems)
{
AmazonIdentityManagementServiceConfig config = new AmazonIdentityManagementServiceConfig();
config.RegionEndpoint = region;
ConfigureClient(config);
AmazonIdentityManagementServiceClient client = new AmazonIdentityManagementServiceClient(creds, config);
ListSAMLProvidersResponse resp = new ListSAMLProvidersResponse();
ListSAMLProvidersRequest req = new ListSAMLProvidersRequest
{
};
resp = client.ListSAMLProviders(req);
CheckError(resp.HttpStatusCode, "200");
foreach (var obj in resp.SAMLProviderList)
{
AddObject(obj);
}
}
private static string GetAWSNum()
{
try
{
var config = new AmazonIdentityManagementServiceConfig();
config.RegionEndpoint = region;
using (var aimsc = new AmazonIdentityManagementServiceClient(config))
{
var response = aimsc.GetUser();
string arn = response.User.Arn;
return(arn.Split(':')[4]);
}
}
catch (NoSuchEntityException) // role was not present
{
return(null);
}
catch (AmazonIdentityManagementServiceException imsException)
{
Console.WriteLine(imsException.Message, imsException.InnerException);
throw;
}
}
/// <summary>
/// Create a client for the Amazon IdentityManagementService Service with AWSCredentials and an AmazonIdentityManagementService Configuration object.
/// </summary>
/// <param name="credentials">AWS Credentials</param>
/// <param name="config">Configuration options for the service like HTTP Proxy, # of connections, etc</param>
/// <returns>An Amazon IdentityManagementService client</returns>
/// <remarks>
/// </remarks>
public static IAmazonIdentityManagementService CreateAmazonIdentityManagementServiceClient(AWSCredentials credentials, AmazonIdentityManagementServiceConfig config)
{
return(new AmazonIdentityManagementServiceClient(credentials, config));
}
