Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
//snippet-service:[iam]
//snippet-sourcetype:[full-example]
//snippet-sourcedate:[2018-06-02]
//snippet-sourceauthor:[AWS-JSDG]
// ABOUT THIS NODE.JS SAMPLE: This sample is part of the SDK for JavaScript Developer Guide topic at
// https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/iam-examples-account-alises.html
// snippet-start:[iam.JavaScript.alias.deleteAccountAlias]
// Load the AWS SDK for Node.js
var AWS = require('aws-sdk');
// Set the region
AWS.config.update({region: 'REGION'});
// Create the IAM service object
var iam = new AWS.IAM({apiVersion: '2010-05-08'});
iam.deleteAccountAlias({AccountAlias: process.argv[2]}, function(err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
});
// snippet-end:[iam.JavaScript.alias.deleteAccountAlias]
//snippet-sourcedate:[2018-06-02]
//snippet-sourceauthor:[daviddeyo]
// Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
// Licensed under the Apache-2.0 License on an "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND.
// ABOUT THIS NODE.JS SAMPLE: This sample is part of the SDK for JavaScript Developer Guide topic at
// https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/iam-examples-managing-access-keys.html
// Load the AWS SDK for Node.js
var AWS = require('aws-sdk');
// Set the region
AWS.config.update({region: 'REGION'});
// Create the IAM service object
var iam = new AWS.IAM({apiVersion: '2010-05-08'});
var params = {
AccessKeyId: 'ACCESS_KEY_ID',
UserName: 'USER_NAME'
};
iam.deleteAccessKey(params, function(err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
});
* - group: The IAM group of users authorized for SSH access, defaults to "ssh".
*
* Meant to be used with Amazon API Gateway
*
* Copyright 2017, Sebastian Tschan
* https://blueimp.net
*
* Licensed under the MIT license:
* https://opensource.org/licenses/MIT
*/
'use strict'
// eslint-disable-next-line node/no-unpublished-require
const AWS = require('aws-sdk')
const IAM = new AWS.IAM()
const GROUP = process.env.group || 'ssh'
/**
* Retrievs the group users
*
* @param {string} groupName Group name
* @returns {Promise} Resolves with the group users
*/
function getGroupUsers(groupName) {
return IAM.getGroup({
GroupName: groupName
})
.promise()
.then(data => data.Users.map(user => user.UserName))
}
const SHORT_GIT_HASH = ARGS[1].substring(0, 7);
const CLUSTER_NAME = 'microservicemovies-review';
// config
AWS.config = new AWS.Config();
AWS.config.accessKeyId = AWS_ACCESS_KEY_ID;
AWS.config.secretAccessKey = AWS_SECRET_ACCESS_KEY;
AWS.config.region = AWS_CONFIG_REGION;
// init aws services
const iam = new AWS.IAM();
const elbv2 = new AWS.ELBv2();
const ecs = new AWS.ECS();
// methods
function ensureAuthenticated() {
return new Promise((resolve, reject) => {
const params = { UserName: AWS_USERNAME };
iam.getUser(params, (err, data) => {
if (err) { reject(err); }
resolve(data);
});
});
}
'use strict';
const path = require('path');
const lager = require('@lager/lager/src/lib/lager');
const Promise = lager.import.Promise;
const _ = lager.import._;
const fs = Promise.promisifyAll(require('fs'));
const AWS = require('aws-sdk');
const iam = new AWS.IAM();
const Policy = require('./policy');
const Role = require('./role');
/**
* Load all policy configurations
* @return {Promise<[Policy]>} - promise of an array of policies
*/
function loadPolicies() {
const policyConfigsPath = path.join(plugin.getPath(), 'iam', 'policies');
// This event allows to inject code before loading all APIs
return lager.fire('beforePoliciesLoad')
.then(() => {
// Retrieve configuration path of all API specifications
return fs.readdirAsync(policyConfigsPath);
updateLambda (file) {
debug('updateLambda called')
const iam = new AWS.IAM()
return iam.getRole({RoleName: this.config.lambda.RoleName}).promise()
.then(data => {
logger.info('found lambda execution role %s', data.Role.Arn)
// replace RoleName -> Role (ARN)
this.config.lambda.Role = data.Role.Arn
delete this.config.lambda.RoleName
return this.lambda.getFunction({FunctionName: this.config.lambda.FunctionName}).promise()
}, err => {
logger.info((err.toString()).red)
throw err
})
.then(lambda => {
logger.info(`found lambda ${lambda.Configuration.FunctionName}`)
logger.info(('update configuration for %s').yellow, lambda.Configuration.FunctionName)
return this.lambda.updateFunctionConfiguration(this.config.lambda).promise()
return new Promise((resolve, reject) => {
const iam = new AWS.IAM(credentials);
const policy = JSON.stringify(this.getPolicyDocument(credentials.region));
const variables = {
PolicyDocument: policy,
RoleName: `lambdr_${projectName}_${stageName}`,
PolicyName: `lambdr_${projectName}_${stageName}_policy`
}
console.log('Adding role policy...');
iam.putRolePolicy(variables, (err, data) => {
if (err) reject(err);
else resolve();
});
});
},
function initAWS(region) {
aws = {
iam: new awsSdk.IAM(),
dynamo: new awsSdk.DynamoDB(),
lambda: new awsSdk.Lambda(),
gateway: new awsSdk.APIGateway(),
s3: new awsSdk.S3(),
};
}
return co(function* () {
let roleName = _this.roleName;
let credentials = yield _this.assumeRole(roleName);
_this.iam = new AWS.IAM({
region: _this.event.awsRegion,
credentials: credentials
});
yield _this.tagIamUserResource();
});
}
beforeAll(() => {
iam = new aws.IAM({ region: awsRegion });
lambda = new aws.Lambda({ region: awsRegion });
s3 = new aws.S3({region: awsRegion, signatureVersion: 'v4'});
apiGatewayPromise = retriableWrap(new aws.APIGateway({ region: awsRegion }));
logs = new aws.CloudWatchLogs({ region: awsRegion });
sns = new aws.SNS({region: awsRegion});
});
beforeEach(() => {