aws_iam
- Components
- Code examples
Manage Roles
--- installs the iam module
SELECT * FROM iasql_install('<modules>');
--- adds a new role
INSERT INTO iam_role (role_name, assume_role_policy_document, attached_policies_arns)
VALUES ('<taskRoleName>', '<attachAssumeTaskPolicy>', array['<taskPolicyArn>']);
--- check a new role addition
SELECT *
FROM iam_role
WHERE role_name = '<principalServArr>';
--- tries to update a role description
UPDATE iam_role SET description = 'description' WHERE role_name = '<taskRoleName>';
--- tries to update ec2 policy field
UPDATE iam_role SET assume_role_policy_document = '<attachAssumeLambdaPolicy>' WHERE role_name = '<ec2RoleName>';
--- tries to restore ec2 policy field
UPDATE iam_role SET assume_role_policy_document = '<attachAssumeEc2Policy>' WHERE role_name = '<ec2RoleName>';
--- tries to update role attached policies
UPDATE iam_role SET attached_policies_arns=array['<servicePolicyArn>'] WHERE role_name = '<taskRoleName>';
--- deletes the role
DELETE FROM iam_role
WHERE role_name = '<taskRoleName>';
Manage Users
--- installs the iam module
SELECT * FROM iasql_install('<modules>');
--- adds a new user
INSERT INTO iam_user (user_name, path)
VALUES ('<userName>', '<userPath>');
--- check a new user addition
SELECT *
FROM iam_user
WHERE user_name = '<userName>';
--- generates an user password
SELECT *
FROM set_user_password('<userName>', 'P4ssP4ss', 'true');
--- updates an user password
SELECT *
FROM set_user_password('<userName>', 'P4ssp4ss', 'false');
--- deletes an user password
SELECT *
FROM set_user_password('<userName>', '');
--- updates user path
UPDATE iam_user SET path = '<userNewPath>' WHERE user_name = '<userName>';
--- check that path has been modified
SELECT *
FROM iam_user
WHERE user_name = '<userName>' AND path = '<userNewPath>';
--- tries to update user attached policies
UPDATE iam_user SET attached_policies_arns=array['<supportUserPolicyArn>'] WHERE user_name = '<userName>';
--- generates a new access key
SELECT *
FROM access_key_request('<userName>');
--- check new access key added
SELECT *
FROM access_key
WHERE user_name = '<userName>' AND status='Active';
--- updates access key status
UPDATE access_key SET status='Inactive'
WHERE user_name = '<userName>';
--- check access key updated
SELECT *
FROM access_key
WHERE user_name = '<userName>' AND status='Inactive';
--- deletes the access key
DELETE FROM access_key
WHERE user_name = '<userName>';
--- tries to delete an aws user
DELETE FROM iam_user WHERE user_name = '<userName>';