private Dictionary <string, string> CreateUnprivilegedUser(string awsid, string awskey, string path)
{
var now = Library.Utility.Utility.SerializeDateTime(DateTime.Now);
var username = string.Format("duplicati-autocreated-backup-user-{0}", now);
var policyname = string.Format("duplicati-autocreated-policy-{0}", now);
var policydoc = GeneratePolicyDoc(path);
var cl = new AmazonIdentityManagementServiceClient(awsid, awskey);
var user = cl.CreateUser(new CreateUserRequest(username)).User;
cl.PutUserPolicy(new PutUserPolicyRequest(
user.UserName,
policyname,
policydoc
));
var key = cl.CreateAccessKey(new CreateAccessKeyRequest()
{
UserName = user.UserName
}).AccessKey;
var dict = new Dictionary <string, string>();
dict["accessid"] = key.AccessKeyId;
dict["secretkey"] = key.SecretAccessKey;
dict["username"] = key.UserName;
return(dict);
}
private static void CreateAccessKey(String User)
{
if (String.IsNullOrEmpty(Token))
{
stsClient = new AmazonIdentityManagementServiceClient(AccessKeyId, SecretKey, iamconfig);
}
else
{
stsClient = new AmazonIdentityManagementServiceClient(AccessKeyId, SecretKey, Token, iamconfig);
}
try
{
CreateAccessKeyRequest accesskeyReq = new CreateAccessKeyRequest();
if (!String.IsNullOrEmpty(User))
{
accesskeyReq.UserName = User;
}
CreateAccessKeyResponse response = stsClient.CreateAccessKey(accesskeyReq);
Console.WriteLine("Access keys :{0}, Secret Key: {1}", response.AccessKey.AccessKeyId,
response.AccessKey.SecretAccessKey);
}
catch (Exception ex)
{
Console.WriteLine("Error occured while creating user. " + ex.ToString());
}
}
public void IdentityManagementServiceCreateAccessKey()
{
#region 1fbb3211-4cf2-41db-8c20-ba58d9f5802d
var client = new AmazonIdentityManagementServiceClient();
var response = client.CreateAccessKey(new CreateAccessKeyRequest
{
UserName = "******"
});
AccessKey accessKey = response.AccessKey;
#endregion
}
public static BasicAWSCredentials CreateTestRoleAndUser(string roleName, string userName, string externalId)
{
var assumeRolePolicy = AssumeRolePolicyDocument.Replace("{AccountId}", UtilityMethods.AccountId);
if (string.IsNullOrEmpty(externalId))
{
assumeRolePolicy = assumeRolePolicy.Replace("{Condition}", "");
}
else
{
assumeRolePolicy = assumeRolePolicy.Replace("{Condition}", AssumeRoleExternalIdCondition.Replace("{ExternalId}", externalId));
}
using (var iamClient = new AmazonIdentityManagementServiceClient())
{
var role = iamClient.CreateRole(new CreateRoleRequest
{
RoleName = roleName,
AssumeRolePolicyDocument = assumeRolePolicy
}).Role;
iamClient.PutRolePolicy(new PutRolePolicyRequest
{
RoleName = role.RoleName,
PolicyName = "allow-list-buckets",
PolicyDocument = AllowListBucketsRolePolicyDocument
});
var user = iamClient.CreateUser(new CreateUserRequest
{
UserName = userName
}).User;
iamClient.PutUserPolicy(new PutUserPolicyRequest
{
UserName = user.UserName,
PolicyName = "assume-policy-1",
PolicyDocument = AssumeRoleUserPolicyDocument
});
var accessKey = iamClient.CreateAccessKey(new CreateAccessKeyRequest
{
UserName = userName
}).AccessKey;
return(new BasicAWSCredentials(accessKey.AccessKeyId, accessKey.SecretAccessKey));
}
}
public static void CreateAccessKey()
{
try
{
var iamClient = new AmazonIdentityManagementServiceClient();
// Create an access key for the IAM user that can be used by the SDK
var accessKey = iamClient.CreateAccessKey(new CreateAccessKeyRequest
{
// Use the user we created in the CreateUser example
UserName = "******"
}).AccessKey;
}
catch (LimitExceededException e)
{
Console.WriteLine(e.Message);
}
}
// Button 2 - Create IAM User
private void button2_Click(object sender, EventArgs e)
{
txtOutput.Text += "Creating IAM User: "******"\r\n";
var iamClient2 = new AmazonIdentityManagementServiceClient();
try
{
var readOnlyUser = iamClient2.CreateUser(new CreateUserRequest
{
UserName = bucketName,
}).User;
txtOutput.Text += "IAM USER Created: " + bucketName + "\r\n";
}
catch (EntityAlreadyExistsException ex)
{
txtOutput.Text += ex.Message + "\r\n";
var request = new GetUserRequest()
{
UserName = bucketName
};
}
try
{
txtOutput.Text += "Creating Access Key" + "\r\n";
var iamClient1 = new AmazonIdentityManagementServiceClient();
var accessKey = iamClient1.CreateAccessKey(new CreateAccessKeyRequest
{
UserName = bucketName
}).AccessKey;
txtOutput.Text += "Access Keys Generated:" + "\r\n";
txtOutput.Text += accessKey.AccessKeyId + "\r\n";
key1 = accessKey.AccessKeyId;
txtOutput.Text += accessKey.SecretAccessKey + "\r\n";
key2 = accessKey.SecretAccessKey;
}
catch (LimitExceededException ex)
{
txtOutput.Text += ex.Message;
}
txtOutput.ScrollToCaret();
}
