private Dictionary <string, string> CreateUnprivilegedUser(string awsid, string awskey, string path)
{
var now = Library.Utility.Utility.SerializeDateTime(DateTime.Now);
var username = string.Format("duplicati-autocreated-backup-user-{0}", now);
var policyname = string.Format("duplicati-autocreated-policy-{0}", now);
var policydoc = GeneratePolicyDoc(path);
var cl = new AmazonIdentityManagementServiceClient(awsid, awskey);
var user = cl.CreateUser(new CreateUserRequest(username)).User;
cl.PutUserPolicy(new PutUserPolicyRequest(
user.UserName,
policyname,
policydoc
));
var key = cl.CreateAccessKey(new CreateAccessKeyRequest()
{
UserName = user.UserName
}).AccessKey;
var dict = new Dictionary <string, string>();
dict["accessid"] = key.AccessKeyId;
dict["secretkey"] = key.SecretAccessKey;
dict["username"] = key.UserName;
return(dict);
}
public void SetUp()
{
_awsConfiguration = new AwsConfiguration
{
AwsEndpoint = TestConfiguration.AwsEndpoint,
Credentials = new TestSuiteCredentials()
};
_iamClient = new AmazonIdentityManagementServiceClient(
new AmazonIdentityManagementServiceConfig
{
RegionEndpoint = _awsConfiguration.AwsEndpoint,
ProxyHost = _awsConfiguration.ProxyHost,
ProxyPort = _awsConfiguration.ProxyPort
});
var user = _iamClient.CreateUser(new CreateUserRequest
{
UserName = _userName
}).User;
_roleToAssume = _iamClient.CreateRoleToAssume(user);
_awsConfiguration.RoleName = _roleToAssume.Arn;
_s3Client = new AmazonS3Client(new AmazonS3Config {
RegionEndpoint = _awsConfiguration.AwsEndpoint
});
DeletePreviousTestStack();
}
public static User CreateReadOnlyUser()
{
var iamClient = new AmazonIdentityManagementServiceClient();
try
{
// Create the IAM user
var readOnlyUser = iamClient.CreateUser(new CreateUserRequest
{
UserName = "******"
}).User;
// Assign the read only policy to the new user
iamClient.PutUserPolicy(new PutUserPolicyRequest
{
UserName = readOnlyUser.UserName,
PolicyName = "S3ReadOnlyAccess",
PolicyDocument = S3_READONLY_POLICY
});
return(readOnlyUser);
}
catch (EntityAlreadyExistsException e)
{
Console.WriteLine(e.Message);
var request = new GetUserRequest()
{
UserName = "******"
};
return(iamClient.GetUser(request).User);
}
}
private static void CreateUser(String User, String Path)
{
if (String.IsNullOrEmpty(Token))
{
stsClient = new AmazonIdentityManagementServiceClient(AccessKeyId, SecretKey, iamconfig);
}
else
{
stsClient = new AmazonIdentityManagementServiceClient(AccessKeyId, SecretKey, Token, iamconfig);
}
CreateUserRequest req = new CreateUserRequest(User);
if (!String.IsNullOrEmpty(Path))
{
req.Path = Path;
}
try
{
CreateUserResponse response = stsClient.CreateUser(req);
Console.WriteLine("User created");
}
catch (Exception ex)
{
Console.WriteLine("Error occured while creating user. " + ex.ToString());
}
}
public static string CreateTestUser(AmazonIdentityManagementServiceClient client)
{
string username = "******" + DateTime.Now.Ticks;
client.CreateUser(new CreateUserRequest()
{
UserName = username, Path = TEST_PATH
});
return(username);
}
public void IdentityManagementServiceCreateUser()
{
#region eb15f90b-e5f5-4af8-a594-e4e82b181a62
var client = new AmazonIdentityManagementServiceClient();
var response = client.CreateUser(new CreateUserRequest
{
UserName = "******"
});
User user = response.User;
#endregion
}
private static void CreateUser()
{
Console.WriteLine("** Create User **");
var iamClient = new AmazonIdentityManagementServiceClient();
var request = new CreateUserRequest
{
UserName = "******",
Path = @"/IT/architecture/"
};
var response = iamClient.CreateUser(request);
Console.WriteLine("User Created");
}
public static BasicAWSCredentials CreateTestRoleAndUser(string roleName, string userName, string externalId)
{
var assumeRolePolicy = AssumeRolePolicyDocument.Replace("{AccountId}", UtilityMethods.AccountId);
if (string.IsNullOrEmpty(externalId))
{
assumeRolePolicy = assumeRolePolicy.Replace("{Condition}", "");
}
else
{
assumeRolePolicy = assumeRolePolicy.Replace("{Condition}", AssumeRoleExternalIdCondition.Replace("{ExternalId}", externalId));
}
using (var iamClient = new AmazonIdentityManagementServiceClient())
{
var role = iamClient.CreateRole(new CreateRoleRequest
{
RoleName = roleName,
AssumeRolePolicyDocument = assumeRolePolicy
}).Role;
iamClient.PutRolePolicy(new PutRolePolicyRequest
{
RoleName = role.RoleName,
PolicyName = "allow-list-buckets",
PolicyDocument = AllowListBucketsRolePolicyDocument
});
var user = iamClient.CreateUser(new CreateUserRequest
{
UserName = userName
}).User;
iamClient.PutUserPolicy(new PutUserPolicyRequest
{
UserName = user.UserName,
PolicyName = "assume-policy-1",
PolicyDocument = AssumeRoleUserPolicyDocument
});
var accessKey = iamClient.CreateAccessKey(new CreateAccessKeyRequest
{
UserName = userName
}).AccessKey;
return(new BasicAWSCredentials(accessKey.AccessKeyId, accessKey.SecretAccessKey));
}
}
public static void CreateDemoUser()
{
var client = new AmazonIdentityManagementServiceClient();
var request = new CreateUserRequest
{
UserName = "******"
};
try
{
var response = client.CreateUser(request);
Console.WriteLine("User Name = '{0}', ARN = '{1}'",
response.User.UserName, response.User.Arn);
}
catch (EntityAlreadyExistsException)
{
Console.WriteLine("User 'DemoUser' already exists.");
}
}
// Button 2 - Create IAM User
private void button2_Click(object sender, EventArgs e)
{
txtOutput.Text += "Creating IAM User: "******"\r\n";
var iamClient2 = new AmazonIdentityManagementServiceClient();
try
{
var readOnlyUser = iamClient2.CreateUser(new CreateUserRequest
{
UserName = bucketName,
}).User;
txtOutput.Text += "IAM USER Created: " + bucketName + "\r\n";
}
catch (EntityAlreadyExistsException ex)
{
txtOutput.Text += ex.Message + "\r\n";
var request = new GetUserRequest()
{
UserName = bucketName
};
}
try
{
txtOutput.Text += "Creating Access Key" + "\r\n";
var iamClient1 = new AmazonIdentityManagementServiceClient();
var accessKey = iamClient1.CreateAccessKey(new CreateAccessKeyRequest
{
UserName = bucketName
}).AccessKey;
txtOutput.Text += "Access Keys Generated:" + "\r\n";
txtOutput.Text += accessKey.AccessKeyId + "\r\n";
key1 = accessKey.AccessKeyId;
txtOutput.Text += accessKey.SecretAccessKey + "\r\n";
key2 = accessKey.SecretAccessKey;
}
catch (LimitExceededException ex)
{
txtOutput.Text += ex.Message;
}
txtOutput.ScrollToCaret();
}
