/*******************************************************************************
* Copyright 2012-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use
* this file except in compliance with the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file.
* This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
* specific language governing permissions and limitations under the License.
* *****************************************************************************
*
* AWS Tools for Windows (TM) PowerShell (TM)
*
*/
using System;
using System.Collections.Generic;
using System.Linq;
using System.Management.Automation;
using System.Text;
using Amazon.PowerShell.Common;
using Amazon.Runtime;
using Amazon.IdentityManagement;
using Amazon.IdentityManagement.Model;
namespace Amazon.PowerShell.Cmdlets.IAM
{
///
/// Lists all the managed policies that are available in your Amazon Web Services account,
/// including your own customer-defined managed policies and all Amazon Web Services managed
/// policies.
///
///
///
/// You can filter the list of policies that is returned using the optional OnlyAttached,
/// Scope, and PathPrefix parameters. For example, to list only
/// the customer managed policies in your Amazon Web Services account, set Scope
/// to Local. To list only Amazon Web Services managed policies, set Scope
/// to AWS.
///
/// You can paginate the results using the MaxItems and Marker
/// parameters.
///
/// For more information about managed policies, see Managed
/// policies and inline policies in the IAM User Guide.
///
/// IAM resource-listing operations return a subset of the available attributes for the
/// resource. For example, this operation does not return tags, even though they are an
/// attribute of the returned object. To view all of the information for a customer manged
/// policy, see GetPolicy.
///
This cmdlet automatically pages all available results to the pipeline - parameters related to iteration are only needed if you want to manually control the paginated output. To disable autopagination, use -NoAutoIteration.
///
[Cmdlet("Get", "IAMPolicyList")]
[OutputType("Amazon.IdentityManagement.Model.ManagedPolicy")]
[AWSCmdlet("Calls the AWS Identity and Access Management ListPolicies API operation.", Operation = new[] {"ListPolicies"}, SelectReturnType = typeof(Amazon.IdentityManagement.Model.ListPoliciesResponse), LegacyAlias="Get-IAMPolicies")]
[AWSCmdletOutput("Amazon.IdentityManagement.Model.ManagedPolicy or Amazon.IdentityManagement.Model.ListPoliciesResponse",
"This cmdlet returns a collection of Amazon.IdentityManagement.Model.ManagedPolicy objects.",
"The service call response (type Amazon.IdentityManagement.Model.ListPoliciesResponse) can also be referenced from properties attached to the cmdlet entry in the $AWSHistory stack."
)]
public partial class GetIAMPolicyListCmdlet : AmazonIdentityManagementServiceClientCmdlet, IExecutor
{
#region Parameter OnlyAttached
///
///
/// A flag to filter the results to only the attached policies.When OnlyAttached is true, the returned list contains only
/// the policies that are attached to an IAM user, group, or role. When OnlyAttached
/// is false, or when the parameter is not included, all policies are returned.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public System.Boolean? OnlyAttached { get; set; }
#endregion
#region Parameter PathPrefix
///
///
/// The path prefix for filtering the results. This parameter is optional. If it is not
/// included, it defaults to a slash (/), listing all policies. This parameter allows
/// (through its regex pattern) a string
/// of characters consisting of either a forward slash (/) by itself or a string that
/// must begin and end with forward slashes. In addition, it can contain any ASCII character
/// from the ! (\u0021) through the DEL character (\u007F),
/// including most punctuation characters, digits, and upper and lowercased letters.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public System.String PathPrefix { get; set; }
#endregion
#region Parameter PolicyUsageFilter
///
///
/// The policy usage method to use for filtering the results.To list only permissions policies, set PolicyUsageFilter to PermissionsPolicy.
/// To list only the policies used to set permissions boundaries, set the value to PermissionsBoundary.This parameter is optional. If it is not included, all policies are returned.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
[AWSConstantClassSource("Amazon.IdentityManagement.PolicyUsageType")]
public Amazon.IdentityManagement.PolicyUsageType PolicyUsageFilter { get; set; }
#endregion
#region Parameter Scope
///
///
/// The scope to use for filtering the results.To list only Amazon Web Services managed policies, set Scope to AWS.
/// To list only the customer managed policies in your Amazon Web Services account, set
/// Scope to Local.This parameter is optional. If it is not included, or if it is set to All,
/// all policies are returned.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
[AWSConstantClassSource("Amazon.IdentityManagement.PolicyScopeType")]
public Amazon.IdentityManagement.PolicyScopeType Scope { get; set; }
#endregion
#region Parameter Marker
///
///
/// Use this parameter only when paginating results and only after you receive a response
/// indicating that the results are truncated. Set it to the value of the Marker
/// element in the response that you received to indicate where the next call should start.
///
///
///
Note: This parameter is only used if you are manually controlling output pagination of the service API call.
///
In order to manually control output pagination, use '-Marker $null' for the first call and '-Marker $AWSHistory.LastServiceResponse.Marker' for subsequent calls.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
[Alias("NextToken")]
public System.String Marker { get; set; }
#endregion
#region Parameter MaxItem
///
///
/// Use this only when paginating results to indicate the maximum number of items you
/// want in the response. If additional items exist beyond the maximum you specify, the
/// IsTruncated response element is true.If you do not include this parameter, the number of items defaults to 100. Note that
/// IAM might return fewer results, even when there are more results available. In that
/// case, the IsTruncated response element returns true, and
/// Marker contains a value to include in the subsequent call that tells
/// the service where to continue from.
///
///
///
Note: In AWSPowerShell and AWSPowerShell.NetCore this parameter is used to limit the total number of items returned by the cmdlet.
///
In AWS.Tools this parameter is simply passed to the service to specify how many items should be returned by each service call.
///
Pipe the output of this cmdlet into Select-Object -First to terminate retrieving data pages early and control the number of items returned.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
[Alias("MaxItems")]
public int? MaxItem { get; set; }
#endregion
#region Parameter Select
///
/// Use the -Select parameter to control the cmdlet output. The default value is 'Policies'.
/// Specifying -Select '*' will result in the cmdlet returning the whole service response (Amazon.IdentityManagement.Model.ListPoliciesResponse).
/// Specifying the name of a property of type Amazon.IdentityManagement.Model.ListPoliciesResponse will result in that property being returned.
/// Specifying -Select '^ParameterName' will result in the cmdlet returning the selected cmdlet parameter value.
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public string Select { get; set; } = "Policies";
#endregion
#region Parameter NoAutoIteration
///
/// By default the cmdlet will auto-iterate and retrieve all results to the pipeline by performing multiple
/// service calls. If set, the cmdlet will retrieve only the next 'page' of results using the value of Marker
/// as the start point.
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public SwitchParameter NoAutoIteration { get; set; }
#endregion
protected override void ProcessRecord()
{
this._AWSSignerType = "v4";
base.ProcessRecord();
var context = new CmdletContext();
// allow for manipulation of parameters prior to loading into context
PreExecutionContextLoad(context);
if (ParameterWasBound(nameof(this.Select)))
{
context.Select = CreateSelectDelegate(Select) ??
throw new System.ArgumentException("Invalid value for -Select parameter.", nameof(this.Select));
}
context.Marker = this.Marker;
context.MaxItem = this.MaxItem;
#if !MODULAR
if (ParameterWasBound(nameof(this.MaxItem)) && this.MaxItem.HasValue)
{
WriteWarning("AWSPowerShell and AWSPowerShell.NetCore use the MaxItem parameter to limit the total number of items returned by the cmdlet." +
" This behavior is obsolete and will be removed in a future version of these modules. Pipe the output of this cmdlet into Select-Object -First to terminate" +
" retrieving data pages early and control the number of items returned. AWS.Tools already implements the new behavior of simply passing MaxItem" +
" to the service to specify how many items should be returned by each service call.");
}
#endif
context.OnlyAttached = this.OnlyAttached;
context.PathPrefix = this.PathPrefix;
context.PolicyUsageFilter = this.PolicyUsageFilter;
context.Scope = this.Scope;
// allow further manipulation of loaded context prior to processing
PostExecutionContextLoad(context);
var output = Execute(context) as CmdletOutput;
ProcessOutput(output);
}
#region IExecutor Members
#if MODULAR
public object Execute(ExecutorContext context)
{
var cmdletContext = context as CmdletContext;
var useParameterSelect = this.Select.StartsWith("^");
// create request and set iteration invariants
var request = new Amazon.IdentityManagement.Model.ListPoliciesRequest();
if (cmdletContext.MaxItem != null)
{
request.MaxItems = AutoIterationHelpers.ConvertEmitLimitToServiceTypeInt32(cmdletContext.MaxItem.Value);
}
if (cmdletContext.OnlyAttached != null)
{
request.OnlyAttached = cmdletContext.OnlyAttached.Value;
}
if (cmdletContext.PathPrefix != null)
{
request.PathPrefix = cmdletContext.PathPrefix;
}
if (cmdletContext.PolicyUsageFilter != null)
{
request.PolicyUsageFilter = cmdletContext.PolicyUsageFilter;
}
if (cmdletContext.Scope != null)
{
request.Scope = cmdletContext.Scope;
}
// Initialize loop variant and commence piping
var _nextToken = cmdletContext.Marker;
var _userControllingPaging = this.NoAutoIteration.IsPresent || ParameterWasBound(nameof(this.Marker));
var client = Client ?? CreateClient(_CurrentCredentials, _RegionEndpoint);
do
{
request.Marker = _nextToken;
CmdletOutput output;
try
{
var response = CallAWSServiceOperation(client, request);
object pipelineOutput = null;
if (!useParameterSelect)
{
pipelineOutput = cmdletContext.Select(response, this);
}
output = new CmdletOutput
{
PipelineOutput = pipelineOutput,
ServiceResponse = response
};
_nextToken = response.Marker;
}
catch (Exception e)
{
output = new CmdletOutput { ErrorResponse = e };
}
ProcessOutput(output);
} while (!_userControllingPaging && AutoIterationHelpers.HasValue(_nextToken));
if (useParameterSelect)
{
WriteObject(cmdletContext.Select(null, this));
}
return null;
}
#else
public object Execute(ExecutorContext context)
{
var cmdletContext = context as CmdletContext;
var useParameterSelect = this.Select.StartsWith("^");
// create request and set iteration invariants
var request = new Amazon.IdentityManagement.Model.ListPoliciesRequest();
if (cmdletContext.OnlyAttached != null)
{
request.OnlyAttached = cmdletContext.OnlyAttached.Value;
}
if (cmdletContext.PathPrefix != null)
{
request.PathPrefix = cmdletContext.PathPrefix;
}
if (cmdletContext.PolicyUsageFilter != null)
{
request.PolicyUsageFilter = cmdletContext.PolicyUsageFilter;
}
if (cmdletContext.Scope != null)
{
request.Scope = cmdletContext.Scope;
}
// Initialize loop variants and commence piping
System.String _nextToken = null;
int? _emitLimit = null;
int _retrievedSoFar = 0;
if (AutoIterationHelpers.HasValue(cmdletContext.Marker))
{
_nextToken = cmdletContext.Marker;
}
if (cmdletContext.MaxItem.HasValue)
{
// The service has a maximum page size of 1000. If the user has
// asked for more items than page max, and there is no page size
// configured, we rely on the service ignoring the set maximum
// and giving us 1000 items back. If a page size is set, that will
// be used to configure the pagination.
// We'll make further calls to satisfy the user's request.
_emitLimit = cmdletContext.MaxItem;
}
var _userControllingPaging = this.NoAutoIteration.IsPresent || ParameterWasBound(nameof(this.Marker));
var client = Client ?? CreateClient(_CurrentCredentials, _RegionEndpoint);
do
{
request.Marker = _nextToken;
if (_emitLimit.HasValue)
{
int correctPageSize = Math.Min(1000, _emitLimit.Value);
request.MaxItems = AutoIterationHelpers.ConvertEmitLimitToInt32(correctPageSize);
}
CmdletOutput output;
try
{
var response = CallAWSServiceOperation(client, request);
object pipelineOutput = null;
if (!useParameterSelect)
{
pipelineOutput = cmdletContext.Select(response, this);
}
output = new CmdletOutput
{
PipelineOutput = pipelineOutput,
ServiceResponse = response
};
int _receivedThisCall = response.Policies.Count;
_nextToken = response.Marker;
_retrievedSoFar += _receivedThisCall;
if (_emitLimit.HasValue)
{
_emitLimit -= _receivedThisCall;
}
}
catch (Exception e)
{
if (_retrievedSoFar == 0 || !_emitLimit.HasValue)
{
output = new CmdletOutput { ErrorResponse = e };
}
else
{
break;
}
}
ProcessOutput(output);
} while (!_userControllingPaging && AutoIterationHelpers.HasValue(_nextToken) && (!_emitLimit.HasValue || _emitLimit.Value >= 1));
if (useParameterSelect)
{
WriteObject(cmdletContext.Select(null, this));
}
return null;
}
#endif
public ExecutorContext CreateContext()
{
return new CmdletContext();
}
#endregion
#region AWS Service Operation Call
private Amazon.IdentityManagement.Model.ListPoliciesResponse CallAWSServiceOperation(IAmazonIdentityManagementService client, Amazon.IdentityManagement.Model.ListPoliciesRequest request)
{
Utils.Common.WriteVerboseEndpointMessage(this, client.Config, "AWS Identity and Access Management", "ListPolicies");
try
{
#if DESKTOP
return client.ListPolicies(request);
#elif CORECLR
return client.ListPoliciesAsync(request).GetAwaiter().GetResult();
#else
#error "Unknown build edition"
#endif
}
catch (AmazonServiceException exc)
{
var webException = exc.InnerException as System.Net.WebException;
if (webException != null)
{
throw new Exception(Utils.Common.FormatNameResolutionFailureMessage(client.Config, webException.Message), webException);
}
throw;
}
}
#endregion
internal partial class CmdletContext : ExecutorContext
{
public System.String Marker { get; set; }
public int? MaxItem { get; set; }
public System.Boolean? OnlyAttached { get; set; }
public System.String PathPrefix { get; set; }
public Amazon.IdentityManagement.PolicyUsageType PolicyUsageFilter { get; set; }
public Amazon.IdentityManagement.PolicyScopeType Scope { get; set; }
public System.Func Select { get; set; } =
(response, cmdlet) => response.Policies;
}
}
}