堆栈内存溢出
  简体   繁体   English

使用 boto3 创建帐户后,如何通过电子邮件自动邀请 IAM 用户?

[英]How to automatically invite an IAM user via email after creating account using boto3?

 原文  2019-12-23 15:52:48       python/ amazon-web-services/ boto3/ amazon-iam

问题描述

I'm creating an IAM user programmatically using boto3 .我正在使用boto3编程方式创建 IAM 用户。

I also want to invite the user that I've just created using email.我还想邀请我刚刚使用电子邮件创建的用户。

Here's what I've tried so far for creating and updating the password.这是我迄今为止尝试创建和更新密码的方法。

iam.create_user(UserName='username')
iam.create_login_profile(
    UserName='username',
    Password='password',
    PasswordResetRequired=False
)

But I haven't found an option to automatically send an invite email to the user after it's been created.但是我还没有找到在创建后自动向用户发送邀请电子邮件的选项。

Is there any way to automatically send an invite mail with the password and so that user can login?有没有办法自动发送带有密码的邀请邮件,以便用户可以登录?

Something like就像是

invite_mail='somemail'

2 个解决方案

解决方案1
 1 已采纳  2019-12-23 21:10:28

There is no in-built AWS capability to send users their login information.没有内置的 AWS 功能可以向用户发送他们的登录信息。

In fact, there is not even a standard field for storing email addresses for IAM Users.事实上,甚至没有用于存储 IAM 用户电子邮件地址的标准字段。

You would need to code such functionality yourself.您需要自己编写此类功能。

解决方案2
 0  2019-12-24 22:40:49

1 1

You can use a cloud trail to trigger Lambda upon the IAM-user creation event and send email to newly created users using AWS SES client.您可以使用云跟踪在 IAM 用户创建事件时触发 Lambda,并使用 AWS SES 客户端向新创建的用户发送电子邮件。 You can validate the format of the email with a regex like abc.xyx@company.com.您可以使用像 abc.xyx@company.com 这样的正则表达式来验证电子邮件的格式。 This you can only do if the user name is in email format.仅当用户名采用电子邮件格式时才能执行此操作。

2 2

import boto3

import logging

ses_client = boto3.client('ses', region_name='us-east-1')

iam_client = boto3.client('iam')


response = iam_client.create_user(
    Path='string',
    UserName='string',
    PermissionsBoundary='string',
    Tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
)

#if username as email id 
user_email =  response['User']['UserName']

#if user has tagged with email

#user_email =  response['User']['Tags']['KeyName']

SMTP_FROM = 'EMAIL_ADDRESS'

html = "html_email_template"

SMTP_TO = user_email

try:
    response = ses_client.send_email(
        Source=SMTP_FROM,
        Destination={
            'ToAddresses': SMTP_TO 
        },
        Message={
            'Body': {
                'Html': {
                    'Charset': "UTF-8",
                    'Data': html,
                }
            },
            'Subject': {
                'Data': 'New User Created '
            }
        }
    )
    logger.info(response)
except ClientError as e:
    logger.error(e.response['Error']['Message'])
else:
    logger.info("Email sent! Message ID: " + response['MessageId'])

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用boto3,如何检查AWS IAM用户是否具有密码? - Using boto3, how to check if AWS IAM user has password? 使用 Boto3 将 IAM 用户附加到 IAM 组 - Attaching IAM user to IAM Group using Boto3 通过 boto3 担任 IAM 用户角色时访问被拒绝 - Access denied when assuming role as IAM user via boto3 使用 Boto3 以编程方式获取 IAM 用户的 UserID - Get the UserID for an IAM user programatically using Boto3 如何使用 boto3 为 IAM 用户授予对 S3 存储桶的完全权限? - How to grant full permissions on an S3 bucket for an IAM user using boto3? 如何使用boto3更改AWS账户电子邮件? - How can I change the AWS Account Email with boto3? 创建 CSV 文件,然后使用 boto3 附加到 email - creating a CSV file and then attaching to an email using boto3 使用boto3查询AWS CloudTrail以确定哪个IAM用户将文件上传到S3? - Using boto3 to query AWS CloudTrail to determine which IAM user uploaded a file to S3? 如何查找boot3的AWS IAM用户闲置/闲置了多少天? - How can I find how many days has an AWS IAM user been inactive/idle for with boto3? 使用Athena和boto3切换IAM用户角色 - Switching IAM-user roles with Athena and boto3
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM