· 6 years ago · Feb 26, 2019, 06:02 AM
1"""
2IAM boto examples:
3In this example we create a group that provides access
4to all EC2 and S3 resources and actions and then add a
5user to that group.
6"""
7import boto
8
9#
10# First create a connection to the IAM service
11#
12iam = boto.connect_iam()
13
14#
15# Now create a group for EC2/S3 users.
16# This group will allow members to use all EC2 and S3 functionality
17#
18ec2s3_policy = """
19{
20 "Statement":[{
21 "Effect":"Allow",
22 "Action":["ec2:*", "s3:*"],
23 "Resource":"*"
24 }
25 ]
26}"""
27response = iam.create_group('EC2-S3-Users')
28response = iam.put_group_policy('EC2-S3-Users', 'EC2andS3', ec2s3_policy)
29
30#
31# Now create a user and place him in the EC2 group.
32#
33response = iam.create_user('Bob')
34user = response.user
35response = iam.add_user_to_group('EC2-S3-Users', 'Bob')
36
37#
38# Create AccessKey/SecretKey pair for Bob
39#
40response = iam.create_access_key('Bob')
41access_key = response.access_key_id
42secret_key = response.secret_access_key
43
44#
45# create connection to EC2 as user Bob
46#
47ec2 = boto.connect_ec2(access_key, secret_key)
48
49#
50# Now do some crazy EC2 shit
51#