%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python2.7/site-packages/salt/modules/
Upload File :
Create Path :
Current File : //lib/python2.7/site-packages/salt/modules/boto_iam.pyo

�
���^c@@ssdZddlmZmZmZddlZddlZddlmZddl	Z
ddlZ
ddlj
jZddlZ
ddlmZylddlZddlZddlZddlZejd�jej�ejd�jej�eZWnek
reZnXeje�Zd�Z d	�Z!ddddd
�Z#ddddd�Z$ddddd�Z%ddddd
�Z&ddddd�Z'dddddd�Z(ddddddd�Z)ddddd�Z*dddddd�Z+ddddd�Z,dddddd�Z-dddddd�Z.ddddd�Z/ddddd�Z0ddddd�Z1ddddd�Z2ddddd�Z3ddddd�Z4ddddd�Z5ddddd�Z6dddddd�Z7dddddd �Z8dddddd!�Z9ddddd"�Z:ddddd#�Z;ddddd$�Z<ddddd%�Z=ddddd&�Z>ddddd'�Z?ddddd(�Z@dddddddddddddd)�
ZAddddd*�ZBddddddd+�ZCddddd,�ZDd-�ZEddddd.�ZFddddd/�ZGddddd0�ZHddddd1�ZIddddd2�ZJddddd3�ZKddddd4�ZLddddd5�ZMddddd6�ZNdddddd7�ZOdddddd8�ZPddddddd9�ZQddddd:�ZRddddd;�ZSddddd<�ZTddddddd=�ZUddddd>�ZVddddd?�ZWdddddd@�ZXddddddA�ZYdddddB�ZZdddddC�Z[dddddD�Z\dddddddE�Z]dddddF�Z^dddddG�Z_dddddH�Z`dddddI�ZaddddddJ�ZbdddddK�ZcdddddL�ZddddddM�ZedddddN�ZfdddddO�ZgdddddP�ZhdddddQ�ZidddddR�ZjdddddS�ZkdddddddT�ZldddddddU�ZmdddddddV�ZndddddddW�ZodddddX�ZpdddddY�ZqdddddZ�Zrddddd[�Zsddddd\�Ztddddd]�ZudS(^uF
Connection module for Amazon IAM

.. versionadded:: 2014.7.0

:configuration: This module accepts explicit iam credentials but can also utilize
    IAM roles assigned to the instance through Instance Profiles. Dynamic
    credentials are then automatically obtained from AWS API and no further
    configuration is necessary. More Information available at:

    .. code-block:: text

        http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html

    If IAM roles are not used you need to specify them either in a pillar or
    in the minion's config file:

    .. code-block:: yaml

        iam.keyid: GKTADJGHEIQSXMKKRBJ08H
        iam.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
        iam.region: us-east-1

    It's also possible to specify key, keyid and region via a profile, either
    as a passed in dict, or as a string to pull from pillars or minion config:

    .. code-block:: yaml

        myprofile:
            keyid: GKTADJGHEIQSXMKKRBJ08H
            key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
            region: us-east-1

:depends: boto
i(tabsolute_importtprint_functiontunicode_literalsN(tsix(tunquoteubotouboto3cC@stjjjdt�S(u,
    Only load if boto libraries exist.
    tcheck_boto3(tsalttutilstversionstcheck_boto_reqstFalse(((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyt__virtual__FscC@s7tjjjt�tr3tdtddt�ndS(Nuboto.assign_funcsuiamtpack(RRtcompattpack_dundert__name__tHAS_BOTOt	__utils__t__salt__(topts((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyt__init__Osc	C@sUtd|d|d|d|�}y|j|�tSWntjjk
rPtSXdS(u�
    Check to see if an instance profile exists.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.instance_profile_exists myiprofile
    tregiontkeytkeyidtprofileN(t	_get_conntget_instance_profiletTruetbotot	exceptiontBotoServerErrorR
(tnameRRRRtconn((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytinstance_profile_existsUs!
c	C@s�td|d|d|d|�}t|||||�r=tSy!|j|�tjd|�Wn7tjjk
r�}tj	|�tj
d|�tSXtS(u�
    Create an instance profile.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.create_instance_profile myiprofile
    RRRRuCreated %s instance profile.u%Failed to create %s instance profile.(RR!Rtcreate_instance_profiletlogtinfoRRRtdebugterrorR
(RRRRRR te((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR"ks!

c	C@s�td|d|d|d|�}t|||||�s=tSy!|j|�tjd|�Wn7tjjk
r�}tj	|�tj
d|�tSXtS(u�
    Delete an instance profile.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.delete_instance_profile myiprofile
    RRRRuDeleted %s instance profile.u%Failed to delete %s instance profile.(RR!Rtdelete_instance_profileR#R$RRRR%R&R
(RRRRRR R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR(�s!

c	C@sUtd|d|d|d|�}y|j|�tSWntjjk
rPtSXdS(u�
    Check to see if an IAM role exists.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.role_exists myirole
    RRRRN(Rtget_roleRRRRR
(RRRRRR ((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytrole_exists�s
!
c	C@std|d|d|d|�}y�|j|�}|s=tS|jjj}tjjj	t
|j��|d<x_|dj�D]M\}}	|dkrx2|	D]'}
d|
kr�|
dr�|
d=q�q�WqqW|SWn7t
jjk
r}tj|�tjd|�tSXd	S(
u�
    Get information for a role.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.describe_role myirole
    RRRRuassume_role_policy_documentu	StatementuSiduFailed to get %s information.N(RR)R
tget_role_responsetget_role_resulttroleRRtjsontloadst_unquotetassume_role_policy_documenttitemsRRRR#R%R&(RRRRRR R$R-t
policy_keytpolicytvalR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyt
describe_role�s$
!

c	C@s�|sd}nt|||||�r+tStd|d|d|d|�}y(|j||�tjd|�tSWn7tjjk
r�}tj	|�tj
d|�tSXdS(	u�
    Create a user.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.create_user myuser
    u/RRRRuCreated IAM user : %s.uFailed to create IAM user %s.N(tget_userRRtcreate_userR#R$RRRR%R&R
(t	user_nametpathRRRRR R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR8�s
	!
c		C@std|d|d|d|�}y|j|||�SWn@tjjk
rz}tj|�tjd|�tj	|�SXdS(u�
    Get all access keys from a user.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_all_access_keys myuser
    RRRRu*Failed to get access keys for IAM user %s.N(
Rtget_all_access_keysRRRR#R%R&Rt	text_type(	R9tmarkert	max_itemsRRRRR R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR;�s
!
c	C@svtd|d|d|d|�}y|j|�SWn=tjjk
rq}tj|�tjd�tj	|�SXdS(u�
    Create access key id for a user.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.create_access_key myuser
    RRRRuFailed to create access key.N(
Rtcreate_access_keyRRRR#R%R&RR<(R9RRRRR R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR?s!

c	C@s|td|d|d|d|�}y|j||�SWn@tjjk
rw}tj|�tjd|�tj	|�SXdS(u�
    Delete access key id from a user.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.delete_access_key myuser
    RRRRu"Failed to delete access key id %s.N(
Rtdelete_access_keyRRRR#R%R&RR<(t
access_key_idR9RRRRR R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR@s
!
c	C@s�t|||||�stStd|d|d|d|�}y%|j|�tjd|�tSWn@tjjk
r�}tj	|�tj
d|�tj|�SXdS(u�
    Delete a user.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.delete_user myuser
    RRRRuDeleted IAM user : %s .uFailed to delete IAM user %sN(
R7RRtdelete_userR#R$RRRR%R&RR<(R9RRRRR R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRB0s
!

c	C@s�td|d|d|d|�}y!|j|�}|s=tS|SWn7tjjk
r{}tj|�tjd|�tSXdS(u�
    Get user information.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_user myuser
    RRRRuFailed to get IAM user %s info.N(	RR7R
RRRR#R%R&(R9RRRRR R$R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR7Js!
c
C@s�|sd}nt|d|d|d|d|�r7tStd|d|d|d|�}y(|j||�tjd|�tSWn7tjjk
r�}tj	|�tj
d|�tSXdS(	u�
    Create a group.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.create_group group
    u/RRRRuCreated IAM group : %s.uFailed to create IAM group %s.N(t	get_groupRRtcreate_groupR#R$RRRR%R&R
(t
group_nameR:RRRRR R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRDbs
		!
c	C@s�td|d|d|d|�}y3|j|dd�}|sCtS|ddd	SWn7tjjk
r�}tj|�tjd
|�tSXdS(u�
    Get group information.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_group mygroup
    RRRRR>iuget_group_responseuget_group_resultugroupu Failed to get IAM group %s info.N(	RRCR
RRRR#R%R&(RERRRRR R$R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRCs!
c	C@std|d|d|d|�}y�d}t}g}x�|r�|j|d|dd�}	|	sdtSt|	dd	d
�}|r�d|	dd	kr�|	dd	d}nd}t}||	dd	d7}q9W|SWn7tjjk
r}
t	j
|
�t	jd
|�tSXdS(u�
    Get group information.

    .. versionadded:: 2016.3.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_group mygroup
    RRRRR=R>i�uget_group_responseuget_group_resultuis_truncatedumarkeruusersu'Failed to get members for IAM group %s.N(RtNoneRRCR
tboolRRRR#R%R&(RERRRRR R=t	truncatedtusersR$R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytget_group_members�s(!	
c
C@s�t|||||�}|s2tjd|�tSt||d|d|d|d|�r]tStd|d|d|d|�}y$|j||�}|s�tS|SWn:tj	j
k
r�}	tj|	�tjd||�tSXdS(u�
    Add user to group.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.add_user_to_group myuser mygroup
    uUsername : %s does not exist.RRRRu&Failed to add IAM user %s to group %s.N(R7R#R&R
tuser_exists_in_groupRRtadd_user_to_groupRRRR%(
R9RERRRRtuserR R$R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRL�s"
!
cC@sltd|d|d|d|d|�}|rhx8|D]-}||dkr4tjd||�tSq4WntS(u�
    Check if user exists in group.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.user_exists_in_group myuser mygroup
    RERRRRu	user_nameu'IAM user %s is already in IAM group %s.(RJR#R%RR
(R9RERRRRRIt_user((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRK�s	
c
C@s�t|||||�}|s2tjd|�tSt||d|d|d|d|�s]tStd|d|d|d|�}y$|j||�}|s�tS|SWn:tj	j
k
r�}	tj|	�tjd||�tSXdS(u�
    Remove user from group.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.remove_user_from_group mygroup myuser
    uIAM user %s does not exist.RRRRu*Failed to remove IAM user %s from group %sN(R7R#R&R
RKRRtremove_user_from_groupRRRR%(
RER9RRRRRMR R$R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRO�s"
!
c
C@s	t|d|d|d|d|�}|s>tjd|�tStd|d|d|d|�}ymt|tj�s�tj	j
j|�}n|j|||�}	|	r�tj
d|�tStjd|�Wn6tjjk
r}
tj|
�tjd|�nXtS(	u�
    Adds or updates the specified policy document for the specified group.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.put_group_policy mygroup policyname policyrules
    RRRRuGroup %s does not existu Created policy for IAM group %s.u(Could not create policy for IAM group %su(Failed to create policy for IAM group %s(RCR#R&R
Rt
isinstanceRtstring_typesRRR.tdumpstput_group_policyR$RRRRR%(REtpolicy_nametpolicy_jsonRRRRtgroupR tcreatedR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRSs&
	!	
c		C@s�td|d|d|d|�}|s+tSt||||||�}|sPtSy+|j||�tjd||�tSWn:tjj	k
r�}tj
|�tjd||�tSXdS(u�
    Delete a group policy.

    CLI Example::

    .. code-block:: bash

        salt myminion boto_iam.delete_group_policy mygroup mypolicy
    RRRRu0Successfully deleted policy %s for IAM group %s.u,Failed to delete policy %s for IAM group %s.N(RR
tget_group_policyRtdelete_group_policyR#R$RRRR%R&(	RERTRRRRR t_policyR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRY6s!
c		C@s�td|d|d|d|�}ym|j||�}tjd|�|sPtS|jjj}t|�}t	j
jj|dt
j�}|SWn7tjjk
r�}tj|�tjd|�tSXdS(	u�
    Retrieves the specified policy document for the specified group.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_group_policy mygroup policyname
    RRRRuinfo for group policy is : %stobject_pairs_hooku Failed to get IAM group %s info.N(RRXR#R%R
tget_group_policy_responsetget_group_policy_resulttpolicy_documentR0RRR.R/todicttOrderedDictRRRR&(	RERTRRRRR R$R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRXSs
!
u/c		C@s�td|d|d|d|�}|s+dS|jd|�}|jjj}t|jjdd�}xM|r�|jd|d|�}||jjj}t|jjdd�}qgW|S(	u�
    Get and return all IAM group details, starting at the optional path.

    .. versionadded:: 2016.3.0

    CLI Example:

        salt-call boto_iam.get_all_groups
    RRRRtpath_prefixumarkerR=N(RRFtget_all_groupstlist_groups_responsetlist_groups_resulttgroupstgetattr(	RaRRRRR t_groupsReR=((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRbps!	c
	C@s�td|d|d|d|�}t}g}xe|dk	r�|rH|nd}|jd|d|�}|jj}	||	j7}t|	dd�}q0W|S(	u�
    Get and return all IAM instance profiles, starting at the optional path.

    .. versionadded:: 2016.11.0

    CLI Example:

        salt-call boto_iam.get_all_instance_profiles
    RRRRRaR=umarkerN(RR
RFtlist_instance_profilestlist_instance_profiles_responsetlist_instance_profiles_resulttinstance_profilesRf(
RaRRRRR R=tprofilestptres((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytget_all_instance_profiles�s!	
cC@s3t|||||�}g|D]}|d^qS(u�
    List all IAM instance profiles, starting at the optional path.

    .. versionadded:: 2016.11.0

    CLI Example:

        salt-call boto_iam.list_instance_profiles
    uinstance_profile_name(Ro(RaRRRRRmti((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRh�sc		C@std|d|d|d|�}|s+tSy&|j|�}|jj}|jSWn'tjjk
rz}t	j
|�gSXdS(u�
    Get a list of policy names from a group.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_all_group_policies mygroup
    RRRRN(RR
tget_all_group_policiestlist_group_policies_responsetlist_group_policies_resulttpolicy_namesRRRR#R%(	RERRRRR tresponset_listR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRq�s!
c	C@s�td|d|d|d|�}|s+tSt|||||�}|sMtSy%|j|�tjd|�tSWn7tjj	k
r�}tj
|�tjd|�tSXdS(u�
    Delete a group policy.

    CLI Example::

    .. code-block:: bash

        salt myminion boto_iam.delete_group mygroup
    RRRRu"Successfully deleted IAM group %s.uFailed to delete IAM group %s.N(RR
RCRtdelete_groupR#R$RRRR%R&(RERRRRR t_groupR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRw�s!

c
	C@s�t|||||�}|s2tjd|�tStd|d|d|d|�}y*|j||�}tjd|�|SWnWtjj	k
r�}	tj
|	�d|	kr�tjd|�dStjd	|�tSXd
S(u"
    Creates a login profile for the specified user, give the user the
    ability to access AWS services and the AWS Management Console.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.create_login_profile user_name password
    uIAM user %s does not existRRRRu Created profile for IAM user %s.uConflictu'Profile already exists for IAM user %s.u)Failed to update profile for IAM user %s.N(R7R#R&R
Rtcreate_login_profileR$RRRR%(
R9tpasswordRRRRRMR R$R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRy�s !
c		C@s�t|||||�}|s2tjd|�tStd|d|d|d|�}y'|j|�}tjd|�tSWnWtj	j
k
r�}tj|�d|kr�tjd|�tStjd	|�tSXd
S(u�
    Deletes a login profile for the specified user.

    .. versionadded:: 2016.3.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.delete_login_profile user_name
    uIAM user %s does not existRRRRu&Deleted login profile for IAM user %s.u	Not Foundu.Login profile already deleted for IAM user %s.u/Failed to delete login profile for IAM user %s.N(R7R#R&R
Rtdelete_login_profileR$RRRRR%(	R9RRRRRMR R$R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR{s 
!
c
	C@s�t|||||�}|s2tjd|�tStd|d|d|d|�}y)|j|�}|ddd}|SWnWtjjk
r�}	tj	|	�d	|	kr�tj
d
|�gStjd|�tSXdS(
u�
    Get all MFA devices associated with an IAM user.

    .. versionadded:: 2016.3.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_all_mfa_devices user_name
    uIAM user %s does not existRRRRulist_mfa_devices_responseulist_mfa_devices_resultumfa_devicesu	Not FounduCould not find IAM user %s.u.Failed to get all MFA devices for IAM user %s.N(R7R#R&R
Rtget_all_mfa_devicesRRRR%R$(
R9RRRRRMR tresulttdevicesR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR|&s 
!
c		C@s�t|||||�}|s2tjd|�tStd|d|d|d|�}y+|j||�tjd||�tSWn]tj	j
k
r�}tj|�d|kr�tjd||�tStjd	||�tSXd
S(u�
    Deactivates the specified MFA device and removes it from association with
    the user.

    .. versionadded:: 2016.3.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.deactivate_mfa_device user_name serial_num
    uIAM user %s does not existRRRRu*Deactivated MFA device %s for IAM user %s.u	Not Foundu.MFA device %s not associated with IAM user %s.u3Failed to deactivate MFA device %s for IAM user %s.N(R7R#R&R
Rtdeactivate_mfa_deviceR$RRRRR%(	R9tserialRRRRRMR R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyREs !
cC@s�tdd��}y(|jd|�tjd|�tSWn`tjjk
r�}tj|�dt	j
|�kr�tjd|�tStjd|�tSXdS(	u�
    Deletes the specified virtual MFA device.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.delete_virtual_mfa_device serial_num
    uboto3.get_connection_funcuiamtSerialNumberuDeleted virtual MFA device %s.uNoSuchEntityu Virtual MFA device %s not found.u'Failed to delete virtual MFA device %s.N(
Rtdelete_virtual_mfa_deviceR#R$Rtbotocoret
exceptionstClientErrorR%RR<R&R
(R�RRRRR R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�es

c

C@s�td|	d|
d|d|�}
y:|
j|||||||||�	tjd�tSWn:tjjk
r�}tj|�d}tj	|�t
SXdS(u�
    Update the password policy for the AWS account.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.update_account_password_policy True
    RRRRu%The password policy has been updated.u$Failed to update the password policyN(Rtupdate_account_password_policyR#R$RRRRR%R&R
(tallow_users_to_change_passwordthard_expirytmax_password_agetminimum_password_lengthtpassword_reuse_preventiontrequire_lowercase_characterstrequire_numberstrequire_symbolstrequire_uppercase_charactersRRRRR R'tmsg((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�}s !	


c	C@std|d|d|d|�}y|j�}|jjjSWn:tjjk
rz}tj	|�d}tj
|�tSXdS(u�
    Get account policy for the AWS account.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_account_policy
    RRRRu%Failed to update the password policy.N(Rtget_account_password_policyt$get_account_password_policy_responset"get_account_password_policy_resulttpassword_policyRRRR#R%R&R
(RRRRR R$R'R�((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytget_account_policy�s!

c		C@s�td|d|d|d|�}t|||||�r=tS|sLd	}ny1|j|d|d|�tjd|�tSWn7tjj	k
r�}tj
|�tj
d|�tSXd	S(
u�
    Create an instance role.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.create_role myrole
    RRRRR1R:uCreated IAM role %s.uFailed to create IAM role %s.N(RR*RRFtcreate_roleR#R$RRRR&R
(	RR^R:RRRRR R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR��s!	
c	C@s�td|d|d|d|�}t|||||�s=tSy%|j|�tjd|�tSWn7tjjk
r�}tj	|�tj
d|�tSXdS(u}
    Delete an IAM role.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.delete_role myirole
    RRRRuDeleted %s IAM role.uFailed to delete %s IAM role.N(RR*Rtdelete_roleR#R$RRRR%R&R
(RRRRRR R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR��s
!

c		C@s�td|d|d|d|�}y|j|�}Wn'tjjk
r]}tj|�tSX|j}|j	}|j
}x!|D]}|j|kr�tSq�WtS(u�
    Check to see if an instance profile is associated with an IAM role.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.profile_associated myirole myiprofile
    RRRR(
Rtlist_instance_profiles_for_roleRRRR#R%R
t(list_instance_profiles_for_role_responset&list_instance_profiles_for_role_resultRktinstance_profile_nameR(	t	role_nametprofile_nameRRRRR RlR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytprofile_associated�s
!
			
c		C@s
td|d|d|d|�}t|||||�sMtjd|�tSt|||||�sytjd|�tSt||||||�}|r�tSy+|j||�tj	d||�tSWn:t
jjk
r}tj
|�tjd||�tSXd	S(
u�
    Associate an instance profile with an IAM role.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.associate_profile_to_role myirole myiprofile
    RRRRuIAM role %s does not exist.u#Instance profile %s does not exist.u)Added %s instance profile to IAM role %s.u0Failed to add %s instance profile to IAM role %sN(RR*R#R&R
R!R�Rtadd_role_to_instance_profileR$RRRR%(	R�R�RRRRR t
associatedR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytassociate_profile_to_role
s$!
c		C@s
td|d|d|d|�}t|||||�sMtjd|�tSt|||||�sytjd|�tSt||||||�}|s�tSy+|j||�tj	d||�tSWn:t
jjk
r}tj
|�tjd||�tSXd	S(
u�
    Disassociate an instance profile from an IAM role.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.disassociate_profile_from_role myirole myiprofile
    RRRRuIAM role %s does not exist.u#Instance profile %s does not exist.u-Removed %s instance profile from IAM role %s.u6Failed to remove %s instance profile from IAM role %s.N(RR*R#R&R
R!R�Rt!remove_role_from_instance_profileR$RRRR%(	R�R�RRRRR R�R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytdisassociate_profile_from_role+s$!
c		C@sutd|d|d|d|�}y&|j|�}|jj}|jSWn'tjjk
rp}tj	|�gSXdS(u�
    Get a list of policy names from a role.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.list_role_policies myirole
    RRRRN(
Rtlist_role_policiestlist_role_policies_responsetlist_role_policies_resultRtRRRR#R%(	R�RRRRR RuRvR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�Ls!
c	C@s�td|d|d|d|�}yP|j||�}|jj}t|�}tjjj|dt	j
�}|SWntjj
k
r�iSXdS(u�
    Get a role policy.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_role_policy myirole mypolicy
    RRRRR[N(Rtget_role_policytget_role_policy_responseR^R0RRR.R/R_R`RRR(R�RTRRRRR RZ((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�bs!c	C@s6td|d|d|d|�}t||||||�}d}	|ra||krXtSd}	nt|tj�r�tjjj	|dt
j�}ny^tjjj|�}|j
|||�|	dkr�d}
nd	}
tj|
||�tSWn=tjjk
r1}tj|�tjd
|	||�tSXdS(u
    Create or modify a role policy.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.create_role_policy myirole mypolicy '{"MyPolicy": "Statement": [{"Action": ["sqs:*"], "Effect": "Allow", "Resource": ["arn:aws:sqs:*:*:*"], "Sid": "MyPolicySqs1"}]}'
    RRRRucreateumodifyR[u,Successfully added policy %s to IAM role %s.u0Successfully modified policy %s for IAM role %s.u'Failed to %s policy %s for IAM role %s.N(RR�RRPRRQRRR.R/R_R`RRtput_role_policyR#R$RRRR&R
(R�RTR4RRRRR RZtmodeR�R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytcreate_role_policy{s,!	!	
	
c		C@s�td|d|d|d|�}t||||||�}|sFtSy+|j||�tjd||�tSWn:tjjk
r�}tj	|�tj
d||�tSXdS(u�
    Delete a role policy.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.delete_role_policy myirole mypolicy
    RRRRu/Successfully deleted policy %s for IAM role %s.u+Failed to delete policy %s for IAM role %s.N(RR�Rtdelete_role_policyR#R$RRRR%R&R
(	R�RTRRRRR RZR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR��s!	

	
c		C@s�td|d|d|d|�}t|tj�rTtjjj|dtj	�}ny=tjjj
|�}|j||�tj
d|�tSWn7tjjk
r�}tj|�tjd|�tSXdS(	u�
    Update an assume role policy for a role.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.update_assume_role_policy myrole '{"Statement":"..."}'
    RRRRR[u8Successfully updated assume role policy for IAM role %s.u4Failed to update assume role policy for IAM role %s.N(RRPRRQRRR.R/R_R`RRtupdate_assume_role_policyR#R$RRRRR&R
(	R�R^RRRRR t_policy_documentR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR��s
!
c	C@sGtd|d|d|d|�}t|d�rNtjjj|j��}n1t|d�r{tjjj|j��}niSx�|j�D]�\}}x�|D]�}t	|dt
�r�t|d�dkr�|dd	|d<nt	|d
dt
�r�t|d
d�dkr�|d
dd	|d
d<q�q�Wq�Wd|d
<|S(u�
    Build a default assume role policy.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.build_policy
    RRRRubuild_policyu
_build_policyuActioniiu	PrincipaluServiceu
2008-10-17uVersion(RthasattrRRR.R/tbuild_policyt
_build_policyR2RPtlisttlen(RRRRR R4t
policy_valt	statement((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR��s !
%
c	C@sd}|tkrtd|d|d|d|�}y9|j�}|dddd	}|jd
�d}Wn�tjjk
rtjjdd
d�}	tjj	ddd�}
tj
jd|	d|
�}y|dd}Wqtk
r�t
jd�qXnX|t|<nt|S(u�
    Get a the AWS account id associated with the used credentials.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_account_id
    uboto_iam.account_idRRRRuget_user_responseuget_user_resultuuseruarnu:iuBotoumetadata_service_timeoutg�?umetadata_service_num_attemptsittimeouttnum_retriesudocumentu	accountIduKFailed to get account id from instance_identity in boto_iam.get_account_id.(t__context__RR7tsplitRRRtconfigtgetfloattgetintRtget_instance_identitytKeyErrorR#R&(RRRRt	cache_keyR trettarnt
account_idR�tattemptstidentity((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytget_account_id�s(
!		

c		C@s�td|d|d|d|�}|s+dS|jd|�}|jjj}t|jjdd�}xM|r�|jd|d|�}||jjj}t|jjdd�}qgW|S(	u�
    Get and return all IAM role details, starting at the optional path.

    .. versionadded:: 2016.3.0

    CLI Example:

        salt-call boto_iam.get_all_roles
    RRRRRaumarkerR=N(RRFt
list_rolestlist_roles_responsetlist_roles_resulttrolesRf(	RaRRRRR t_rolesR�R=((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyt
get_all_roles$s!	c		C@s�td|d|d|d|�}|s+dS|jd|�}|jjj}t|jjdd�}xM|r�|jd|d|�}||jjj}t|jjdd�}qgW|S(	u�
    Get and return all IAM user details, starting at the optional path.

    .. versionadded:: 2016.3.0

    CLI Example:

        salt-call boto_iam.get_all_users
    RRRRRaumarkerR=N(RRFt
get_all_userstlist_users_responsetlist_users_resultRIRf(	RaRRRRR t_usersRIR=((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�@s!	c	C@s�td|d|d|d|�}y6|j|||�}|sCtS|jj}	|	jSWn7tjjk
r�}
t	j
|
�t	jd|�tSXdS(u�
    Get all user policies.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_all_user_policies myuser
    RRRRu#Failed to get policies for user %s.N(Rtget_all_user_policiesR
tlist_user_policies_responsetlist_user_policies_resultRtRRRR#R%R&(R9R=R>RRRRR R$RvR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�\s!
c		C@s�td|d|d|d|�}ys|j||�}tjd|||�|sVtS|jjj}t|�}t	j
jj|dt
j�}|SWn:tjjk
r�}tj|�tjd||�tSXdS(	u�
    Retrieves the specified policy document for the specified user.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_user_policy myuser mypolicyname
    RRRRu#Info for IAM user %s policy %s: %s.R[u(Failed to get policy %s for IAM user %s.N(Rtget_user_policyR#R%R
tget_user_policy_responsetget_user_policy_resultR^R0RRR.R/R_R`RRRR&(	R9RTRRRRR R$R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�us!
c	C@st|||||�}|s2tjd|�tStd|d|d|d|�}yst|tj�s�tj	j
j|�}n|j|||�}	|	r�tj
d||�tStjd||�Wn9tjjk
r}
tj|
�tjd||�nXtS(	u�
    Adds or updates the specified policy document for the specified user.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.put_user_policy myuser policyname policyrules
    uIAM user %s does not existRRRRu"Created policy %s for IAM user %s.u+Could not create policy %s for IAM user %s.u+Failed to create policy %s for IAM user %s.(R7R#R&R
RRPRRQRRR.RRtput_user_policyR$RRRRR%(R9RTRURRRRRMR RWR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR��s$!	
c		C@s�td|d|d|d|�}|s+tSt||||||�}|sPtSy+|j||�tjd||�tSWn:tjj	k
r�}tj
|�tjd||�tSXdS(u�
    Delete a user policy.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.delete_user_policy myuser mypolicy
    RRRRu/Successfully deleted policy %s for IAM user %s.u+Failed to delete policy %s for IAM user %s.N(RR
R�Rtdelete_user_policyR#R$RRRR%R&(	R9RTRRRRR RZR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR��s
!
c	
	C@s�t|||||�}	|	r"tStd|d|d|d|�}
y0|
j||||�}tjd|�|SWn7tjjk
r�}tj	|�tj
d|�tSXdS(u�
    Upload a certificate to Amazon.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.upload_server_cert mycert_name crt priv_key

    :param cert_name: The name for the server certificate. Do not include the path in this value.
    :param cert_body: The contents of the public key certificate in PEM-encoded format.
    :param private_key: The contents of the private key in PEM-encoded format.
    :param cert_chain:  The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.
    :param path: The path for the server certificate.
    :param region: The name of the region to connect to.
    :param key: The key to be used in order to connect
    :param keyid: The keyid to be used in order to connect
    :param profile: The profile that contains a dict of region, key, keyid
    :return: True / False
    RRRRuCreated certificate %s.u*Failed to failed to create certificate %s.N(tget_server_certificateRRtupload_server_certR#R$RRRR%R&R
(
t	cert_namet	cert_bodytprivate_keyt
cert_chainR:RRRRtexistsR R$R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR��s!
c	C@s�td|d|d|d|�}y!|j|�}|s=tS|SWn7tjjk
r{}tj|�tjd|�tSXdS(u�
    Returns certificate information from Amazon

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_server_certificate mycert_name
    RRRRu)Failed to get certificate %s information.N(	RR�R
RRRR#R%R&(R�RRRRR R$R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR��s!
c	C@sptd|d|d|d|�}y|j|�SWn7tjjk
rk}tj|�tjd|�tSXdS(u�
    Deletes a certificate from Amazon.

    .. versionadded:: 2015.8.0

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.delete_server_cert mycert_name
    RRRRu Failed to delete certificate %s.N(	Rtdelete_server_certRRRR#R%R&R
(R�RRRRR R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�s!
c	C@sXtd|d|d|d|�}|s+dStj�}t|||||�}x�|D]�}|j}	|j|	dd�}
|
jjj	}
i}xN|
D]F}|j
|	|�}
tjj
jt|
jjj��}
|
||<q�Wg}|ji|	d6�|ji|d6�|ji|jd	6�i|d
6|d|	<qVWtd|d
tdd�S(u�
    Get all IAM user details. Produces results that can be used to create an
    sls file.

    .. versionadded:: 2016.3.0

    CLI Example:

        salt-call boto_iam.export_users --out=txt | sed "s/local: //" > iam_users.sls
    RRRRR>idunameupoliciesupathuboto_iam.user_presentumanage user uyaml.safe_dumptdefault_flow_styletindentiN(RRFR_R`R�R9R�R�R�RtR�RRR.R/R0R�R�R^tappendR:RR
(RaRRRRR tresultsRIRMRt	_policiestpoliciesRTRZtuser_sls((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytexport_users!s0!
	
c	C@s�td|d|d|d|�}|s+dStj�}t|||||�}x|D]}|j}	|j|	dd�}
|
jjj	}
i}xN|
D]F}|j
|	|�}
tjj
jt|
jjj��}
|
||<q�Wg}|ji|	d6�|ji|d6�|jitjj
jt|j��d	6�|ji|jd
6�i|d6|d|	<qVWtd
|dtdd�S(u�
    Get all IAM role details. Produces results that can be used to create an
    sls file.

    CLI Example:

        salt-call boto_iam.export_roles --out=txt | sed "s/local: //" > iam_roles.sls
    RRRRR>idunameupoliciesupolicy_documentupathuboto_iam_role.presentumanage role uyaml.safe_dumpR�R�iN(RRFR_R`R�R�R�R�R�RtR�RRR.R/R0R�tget_role_policy_resultR^R�R1R:RR
(RaRRRRR R�R�R-RR�R�RTRZtrole_sls((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytexport_rolesHs2	!
	
,c	C@sD|jd�r|Std|d|d|d|�}dj||�S(Nuarn:aws:iam:RRRRuarn:aws:iam::{0}:policy/{1}(t
startswithR�tformat(RRRRRR�((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyt_get_policy_arnms
cC@sstd|d|d|d|�}y3|jt|d|d|d|d|��tSWntjjk
rntSXdS(u�
    Check to see if policy exists.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.instance_profile_exists myiprofile
    RRRRN(Rt
get_policyR�RRRRR
(RTRRRRR ((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyt
policy_existsws!cC@s�td|d|d|d|�}yM|jt|d|d|d|d|��}|jdi�jdi�SWntjjk
r�dSXdS(u�
    Check to see if policy exists.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.instance_profile_exists myiprofile
    RRRRuget_policy_responseuget_policy_resultN(RR�R�tgetRRRRF(RTRRRRR R�((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR��s! c	C@s
td|d|d|d|�}t|tj�sKtjjj|�}ni}	x5d	D]-}
t�|
d
k	rXt�|
|	|
<qXqXWt
|||||�r�tSy'|j|||	�t
jd|�Wn7tjjk
r}t
j|�t
jd|�tSXtS(u
    Create a policy.

    CLI Example:

    .. code-block:: bash

        salt myminios boto_iam.create_policy mypolicy '{"Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Action": ["s3:Get*", "s3:List*"], "Resource": ["arn:aws:s3:::my-bucket/shared/*"]},]}'
    RRRRupathudescriptionuCreated IAM policy %s.uFailed to create IAM policy %s.(upathudescriptionN(RRPRRQRRR.RRtlocalsRFR�Rt
create_policyR#R$RRRR%R&R
(RTR^R:tdescriptionRRRRR tparamstargR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR��s"!

c		C@s�td|d|d|d|�}t|||||�}t|||||�sUtSy!|j|�tjd|�WnStjj	k
r�}t
d|�}tj|�tjd||j
d��tSXtS(	u}
    Delete a policy.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.delete_policy mypolicy
    RRRRuDeleted %s policy.uboto.get_erroruFailed to delete %s policy: %s.umessage(RR�R�Rt
delete_policyR#R$RRRRR%R&R�R
(	RTRRRRR t
policy_arnR'taws((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR��s!

c		C@s�td|d|d|d|�}yZg}xItd|j�D]4}|j|jdi�jdi�jd��q>W|SWn:tjjk
r�}tj	|�d	}tj
|�gSXd
S(ur
    List policies.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.list_policies
    RRRRuboto.paged_callulist_policies_responseulist_policies_resultupoliciesuFailed to list policy versions.N(RRt
list_policiesR�R�RRRR#R%R&(	RRRRR R�R�R'R�((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR��s
!2

c	C@sptd|d|d|d|�}t|||||�}y|j||�tSWntjjk
rktSXdS(u�
    Check to see if policy exists.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.instance_profile_exists myiprofile
    RRRRN(RR�tget_policy_versionRRRRR
(RTt
version_idRRRRR R�((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytpolicy_version_exists�s!c	C@s�td|d|d|d|�}y�|jt|d|d|d|d|�|�}|jdi�jdi�jdi�}t|jd��|d<i|d6SWntjjk
r�d	SXd	S(
u�
    Check to see if policy exists.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.instance_profile_exists myiprofile
    RRRRuget_policy_version_responseuget_policy_version_resultupolicy_versionudocumentN(	RR�R�R�R0RRRRF(	RTR�RRRRR R�tretval((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�s!!*c	C@sktd|d|d|d|�}t|tj�sKtjjj|�}ni}x5dD]-}	t�|	dk	rXt�|	||	<qXqXWt
|||||�}
yq|j|
||�}|jdi�jdi�jdi�jd	�}t
jd
||�itd6|d	6SWnRtjjk
rf}
t
j|
�t
jd||�itd6td
|
�d6SXdS(u#
    Create a policy version.

    CLI Example:

    .. code-block:: bash

        salt myminios boto_iam.create_policy_version mypolicy '{"Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Action": ["s3:Get*", "s3:List*"], "Resource": ["arn:aws:s3:::my-bucket/shared/*"]},]}'
    RRRRuset_as_defaultucreate_policy_version_responseucreate_policy_version_resultupolicy_versionu
version_idu!Created IAM policy %s version %s.ucreatedu*Failed to create IAM policy %s version %s.uboto.get_erroruerrorN(uset_as_default(RRPRRQRRR.RRR�RFR�tcreate_policy_versionR�R#R$RRRRR%R&R
R(RTR^tset_as_defaultRRRRR R�R�R�R�tvidR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�s"!
3
c
	C@s�td|d|d|d|�}t|||||�}t||||||�sXtSy'|j||�tjd||�WnVtjj	k
r�}t
d|�}	tj|	�tjd|||	j
d��tSXtS(	u�
    Delete a policy version.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.delete_policy_version mypolicy v1
    RRRRu!Deleted IAM policy %s version %s.uboto.get_erroru-Failed to delete IAM policy %s version %s: %sumessage(RR�R�Rtdelete_policy_versionR#R$RRRRR%R&R�R
(
RTR�RRRRR R�R'R�((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR>s!
	c		C@s�td|d|d|d|�}t|||||�}y8|j|�}|jdi�jdi�jd�SWn7tjjk
r�}tj|�tj	d|�gSXd	S(
u�
    List versions of a policy.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.list_policy_versions mypolicy
    RRRRulist_policy_versions_responseulist_policy_versions_resultuversionsu*Failed to list versions for IAM policy %s.N(
RR�tlist_policy_versionsR�RRRR#R%R&(	RTRRRRR R�R�R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRZs!)
c
	C@s�td|d|d|d|�}t|||||�}y'|j||�tjd||�WnVtjjk
r�}td|�}	tj	|	�tj
d|||	jd��tSXt
S(	u�
    Set the default version of  a policy.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.set_default_policy_version mypolicy v1
    RRRRuSet %s policy to version %s.uboto.get_erroru)Failed to set %s policy to version %s: %sumessage(RR�tset_default_policy_versionR#R$RRRRR%R&R�R
R(
RTR�RRRRR R�R'R�((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyRqs!
	c		C@s�td|d|d|d|�}t|||||�}y'|j||�tjd||�Wn:tjjk
r�}tj|�tj	d||�t
SXtS(u�
    Attach a managed policy to a user.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.attach_user_policy mypolicy myuser
    RRRRu"Attached policy %s to IAM user %s.u*Failed to attach %s policy to IAM user %s.(RR�tattach_user_policyR#R$RRRR%R&R
R(	RTR9RRRRR R�R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�s!
c		C@s�td|d|d|d|�}t|||||�}y'|j||�tjd||�Wn:tjjk
r�}tj|�tj	d||�t
SXtS(u�
    Detach a managed policy to a user.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.detach_user_policy mypolicy myuser
    RRRRu$Detached %s policy from IAM user %s.u,Failed to detach %s policy from IAM user %s.(RR�tdetach_user_policyR#R$RRRR%R&R
R(	RTR9RRRRR R�R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�s!
c		C@s�td|d|d|d|�}t|||||�}y'|j||�tjd||�Wn:tjjk
r�}tj|�tj	d||�t
SXtS(u�
    Attach a managed policy to a group.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.attach_group_policy mypolicy mygroup
    RRRRu#Attached policy %s to IAM group %s.u+Failed to attach policy %s to IAM group %s.(RR�tattach_group_policyR#R$RRRR%R&R
R(	RTRERRRRR R�R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�s!
c		C@s�td|d|d|d|�}t|||||�}y'|j||�tjd||�Wn:tjjk
r�}tj|�tj	d||�t
SXtS(u�
    Detach a managed policy to a group.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.detach_group_policy mypolicy mygroup
    RRRRu%Detached policy %s from IAM group %s.u-Failed to detach policy %s from IAM group %s.(RR�tdetach_group_policyR#R$RRRR%R&R
R(	RTRERRRRR R�R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�s!
c		C@s�td|d|d|d|�}t|||||�}y'|j||�tjd||�Wn:tjjk
r�}tj|�tj	d||�t
SXtS(u�
    Attach a managed policy to a role.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.attach_role_policy mypolicy myrole
    RRRRu"Attached policy %s to IAM role %s.u*Failed to attach policy %s to IAM role %s.(RR�tattach_role_policyR#R$RRRR%R&R
R(	RTR�RRRRR R�R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�s!
c		C@s�td|d|d|d|�}t|||||�}y'|j||�tjd||�Wn:tjjk
r�}tj|�tj	d||�t
SXtS(u�
    Detach a managed policy to a role.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.detach_role_policy mypolicy myrole
    RRRRu$Detached policy %s from IAM role %s.u,Failed to detach policy %s from IAM role %s.(RR�tdetach_role_policyR#R$RRRR%R&R
R(	RTR�RRRRR R�R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR	s!
c	C@s�td|d|d|d|�}d}i}	x5dD]-}
t�|
dk	r4t�|
|	|
<q4q4Wt|||||�}x|r�y�igd6gd	6gd
6}xrtd|jd||	�D]T}
xKtj|�D]:\}}|j|
j	d
i�j	di�j	|��q�Wq�W|SWq�t
jjk
r�}|j
dkrotjd�tjd�|d8}q�ntjd||j�iSXq�WiS(u�
    List entities that a policy is attached to.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.list_entities_for_policy mypolicy
    RRRRiupath_prefixu
entity_filteru
policy_groupsupolicy_usersupolicy_rolesuboto.paged_callR�u!list_entities_for_policy_responseulist_entities_for_policy_resultu
Throttlingu0Throttled by AWS API, will retry in 5 seconds...iiu-Failed to list entities for IAM policy %s: %s(upath_prefixu
entity_filterN(RR�RFR�Rtlist_entities_for_policyRt	iteritemstextendR�RRRt
error_codeR#R%ttimetsleepR&tmessage(RTRat
entity_filterRRRRR tretriesR�R�R�tallretR�tktvR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR
s4!
	
#6


	c	C@s�td|d|d|d|�}i|d6}|dk	rG||d<ng}	ycxXtd|jd|d	d
�D]7}
|	j|
jdi�jdi�jd
g��qpW|	SWn7tjjk
r�}t	j
|�t	jd|�gSXdS(u�
    List entities attached to the given user.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.list_entities_for_policy mypolicy
    RRRRuUserNameu
PathPrefixuboto.paged_calluListAttachedUserPoliciestlist_markeruAttachedPoliciesu$list_attached_user_policies_responseu"list_attached_user_policies_resultuattached_policiesu1Failed to list attached policies for IAM user %s.N(RRFRtget_responseRR�RRRR#R%R&(R9RaRRRRRR R�R�R�R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytlist_attached_user_policiesEs!

&$
c	C@s�td|d|d|d|�}i|d6}|dk	rG||d<ng}	ycxXtd|jd|d	d
�D]7}
|	j|
jdi�jdi�jd
g��qpW|	SWn7tjjk
r�}t	j
|�t	jd|�gSXdS(u�
    List entities attached to the given group.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.list_entities_for_policy mypolicy
    RRRRu	GroupNameu
PathPrefixuboto.paged_calluListAttachedGroupPoliciesRuAttachedPoliciesu%list_attached_group_policies_responseu#list_attached_group_policies_resultuattached_policiesu2Failed to list attached policies for IAM group %s.N(RRFRRRR�RRRR#R%R&(RERaRRRRRR R�R�R�R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytlist_attached_group_policiesds!

&$
c	C@s�td|d|d|d|�}i|d6}|dk	rG||d<ng}	ycxXtd|jd|d	d
�D]7}
|	j|
jdi�jdi�jd
g��qpW|	SWn7tjjk
r�}t	j
|�t	jd|�gSXdS(u�
    List entities attached to the given role.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.list_entities_for_policy mypolicy
    RRRRuRoleNameu
PathPrefixuboto.paged_calluListAttachedRolePoliciesRuAttachedPoliciesu$list_attached_role_policies_responseu"list_attached_role_policies_resultuattached_policiesu1Failed to list attached policies for IAM role %s.N(RRFRRRR�RRRR#R%R&(R�RaRRRRRR R�R�R�R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytlist_attached_role_policies�s!

&$
c		C@s�td|d|d|d|�}y(|j||�tjd|�tSWnGtjjk
r�}td|�}tj	|�tj
d|�tSXdS(	u�
    Create SAML provider

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.create_saml_provider my_saml_provider_name saml_metadata_document
    RRRRu&Successfully created %s SAML provider.uboto.get_erroru"Failed to create SAML provider %s.N(Rtcreate_saml_providerR#R$RRRRRR%R&R
(	Rtsaml_metadata_documentRRRRR R'R�((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�s
!
c
	C@s�td|d|d|d|�}yM|j�}x6|jjjD]%}|djd|�r@|dSq@WtSWnGtjj	k
r�}t
d|�}	tj|	�tj
d|�tSXd	S(
u�
    Get SAML provider

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_saml_provider_arn my_saml_provider_name
    RRRRuarnu:saml-provider/uboto.get_erroru&Failed to get ARN of SAML provider %s.N(Rtlist_saml_providerstlist_saml_providers_responsetlist_saml_providers_resulttsaml_provider_listtendswithR
RRRRR#R%R&(
RRRRRR Rut
saml_providerR'R�((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pytget_saml_provider_arn�s
!
c	
C@s�td|d|d|d|�}yct|d|d|d|d|�}|sbtjd|�tS|j|�tjd|�tSWnGtjjk
r�}t	d|�}tj
|�tjd|�tSXd	S(
u�
    Delete SAML provider

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.delete_saml_provider my_saml_provider_name
    RRRRuSAML provider %s not found.u&Successfully deleted SAML provider %s.uboto.get_erroru"Failed to delete SAML provider %s.N(
RR#R#R$Rtdelete_saml_providerRRRRR%R&R
(	RRRRRR tsaml_provider_arnR'R�((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR$�s
!$

c		C@s�td|d|d|d|�}yXg}|j�}x;|dddD]'}|j|djd	d
�d
�qIW|SWn>tjjk
r�}tjt	d|��tj
d�tSXd
S(u~
    List SAML providers.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.list_saml_providers
    RRRRulist_saml_providers_responseulist_saml_providers_resultusaml_provider_listuarnu/iuboto.get_erroru%Failed to get list of SAML providers.N(RRR�trsplitRRRR#R%RR&R
(	RRRRR t	providersR$R�R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR�s
!%
c	C@s�td|d|d|d|�}y#|j|�}|dddSWnAtjjk
r�}tjtd|��tjd	|�t	SXd
S(u�
    Get SAML provider document.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.get_saml_provider arn
    RRRRuget_saml_provider_responseuget_saml_provider_resultusaml_metadata_documentuboto.get_erroru(Failed to get SAML provider document %s.N(
Rtget_saml_providerRRRR#R%RR&R
(RRRRRR tproviderR'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR(	s
!c	
C@s�td|d|d|d|�}y\t|d|d|d|d|�}|sbtjd|�tS|j||�rxtStSWnAtjj	k
r�}tj
td|��tjd|�tSXdS(	u�
    Update SAML provider.

    CLI Example:

    .. code-block:: bash

        salt myminion boto_iam.update_saml_provider my_saml_provider_name saml_metadata_document
    RRRRuSAML provider %s not found.uboto.get_erroru"Failed to update SAML provider %s.N(
RR#R#R$R
tupdate_saml_providerRRRRR%RR&(	RRRRRRR R%R'((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyR*	s
!$(vt__doc__t
__future__RRRtloggingRtsalt.extRtsalt.utils.compatRtsalt.utils.jsontsalt.utils.odictRR_tsalt.utils.versionstsalt.ext.six.moves.urllib.parseRR0Rtboto.iamtboto3R�t	getLoggertsetLeveltCRITICALRRtImportErrorR
RR#RRRFR!R"R(R*R6R8R;R?R@RBR7RDRCRJRLRKRORSRYRXRbRoRhRqRwRyR{R|RR�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�RRRRRRRRR	R
RRRRR#R$RR(R*(((s9/usr/lib/python2.7/site-packages/salt/modules/boto_iam.pyt<module>$s4


						"		#			!								  	$$' &&%)

Zerion Mini Shell 1.0