public static Role CreateRoleToAssume(this AmazonIdentityManagementServiceClient client, User user) { var roleName = "assume-role-" + DateTime.Now.ToFileTime(); var role = client.CreateRole(new CreateRoleRequest { RoleName = roleName, AssumeRolePolicyDocument = @"{ ""Statement"": [ { ""Principal"":{""AWS"":""{AccountId}""}, ""Effect"":""Allow"", ""Action"":[""sts:AssumeRole""] } ] }".Replace("{AccountId}", GetAWSAccountIdFromArn(user)) }).Role; client.PutUserPolicy(new PutUserPolicyRequest { UserName = user.UserName, PolicyName = "assume-policy-42", PolicyDocument = @"{ ""Statement"":{ ""Effect"":""Allow"", ""Action"":""sts:AssumeRole"", ""Resource"":""{RoleARN}"" } }".Replace("{RoleARN}", role.Arn) }); return role; }
public string Identify(User user) { if (null == user) { throw new ArgumentNullException(AnchoringByNameBehavior.ArgumentNameUser); } return user.UserName; }
/// <summary> /// Sets the User property /// </summary> /// <param name="user">The value to set for the User property </param> /// <returns>this instance</returns> public GetUserResult WithUser(User user) { this.user = user; return this; }
public CreateUserResult WithUser(User user) { this.user = user; return this; }
/// <summary> /// Sets the User property /// </summary> /// <param name="user">The value to set for the User property </param> /// <returns>this instance</returns> public VirtualMFADevice WithUser(User user) { this.user = user; return this; }
private static string GetAWSAccountIdFromArn(User user) { return user.Arn.Split(':')[4]; }
private string GetAWSAccountIdFromArn(User user) { var tokens = user.Arn.Split(':'); return tokens[4]; // yep - you heard me }