Comprehensive user lifecycle management including creation, deletion, modification, and access configuration.
Creates a new IAM user with optional configuration.
/**
* Creates a new IAM user for your AWS account
* @param UserName - The name of the user to create
* @param Path - The path for the user name (default: /)
* @param PermissionsBoundary - ARN of the policy to use as permissions boundary
* @param Tags - List of tags to attach to the user
*/
interface CreateUserCommandInput {
UserName: string;
Path?: string;
PermissionsBoundary?: string;
Tags?: Tag[];
}
interface CreateUserCommandOutput {
User?: User;
}Usage Example:
import { IAMClient, CreateUserCommand } from "@aws-sdk/client-iam";
const client = new IAMClient({ region: "us-east-1" });
const command = new CreateUserCommand({
UserName: "developer-john",
Path: "/developers/",
Tags: [
{ Key: "Department", Value: "Engineering" },
{ Key: "Team", Value: "Backend" }
]
});
const result = await client.send(command);
console.log("Created user:", result.User?.UserName);Deletes an IAM user from your AWS account.
/**
* Deletes the specified IAM user
* @param UserName - The name of the user to delete
*/
interface DeleteUserCommandInput {
UserName: string;
}
interface DeleteUserCommandOutput {}Usage Example:
import { IAMClient, DeleteUserCommand } from "@aws-sdk/client-iam";
const client = new IAMClient({ region: "us-east-1" });
const command = new DeleteUserCommand({
UserName: "developer-john"
});
await client.send(command);
console.log("User deleted successfully");Retrieves information about the specified IAM user.
/**
* Retrieves information about the specified IAM user
* @param UserName - The name of the user to get information about (optional, defaults to current user)
*/
interface GetUserCommandInput {
UserName?: string;
}
interface GetUserCommandOutput {
User: User;
}Usage Example:
import { IAMClient, GetUserCommand } from "@aws-sdk/client-iam";
const client = new IAMClient({ region: "us-east-1" });
// Get specific user
const command = new GetUserCommand({
UserName: "developer-john"
});
const result = await client.send(command);
console.log("User ARN:", result.User.Arn);
// Get current user (no UserName parameter)
const currentUserResult = await client.send(new GetUserCommand({}));
console.log("Current user:", currentUserResult.User.UserName);Lists the IAM users that have the specified path prefix.
/**
* Lists the IAM users that have the specified path prefix
* @param PathPrefix - The path prefix for filtering users (default: /)
* @param Marker - Pagination marker for continuing a previous request
* @param MaxItems - Maximum number of users to return (1-1000, default: 100)
*/
interface ListUsersCommandInput {
PathPrefix?: string;
Marker?: string;
MaxItems?: number;
}
interface ListUsersCommandOutput {
Users: User[];
IsTruncated?: boolean;
Marker?: string;
}Usage Example:
import { IAMClient, ListUsersCommand } from "@aws-sdk/client-iam";
const client = new IAMClient({ region: "us-east-1" });
const command = new ListUsersCommand({
PathPrefix: "/developers/",
MaxItems: 50
});
const result = await client.send(command);
result.Users.forEach(user => {
console.log(`User: ${user.UserName}, Created: ${user.CreateDate}`);
});
// Handle pagination
if (result.IsTruncated) {
const nextPage = new ListUsersCommand({
PathPrefix: "/developers/",
Marker: result.Marker
});
const nextResult = await client.send(nextPage);
}Updates the name and/or the path of the specified IAM user.
/**
* Updates the name and/or the path of the specified IAM user
* @param UserName - Name of the user to update
* @param NewPath - New path for the user
* @param NewUserName - New name for the user
*/
interface UpdateUserCommandInput {
UserName: string;
NewPath?: string;
NewUserName?: string;
}
interface UpdateUserCommandOutput {}Usage Example:
import { IAMClient, UpdateUserCommand } from "@aws-sdk/client-iam";
const client = new IAMClient({ region: "us-east-1" });
const command = new UpdateUserCommand({
UserName: "developer-john",
NewPath: "/senior-developers/",
NewUserName: "senior-developer-john"
});
await client.send(command);
console.log("User updated successfully");Adds the specified user to the specified group.
/**
* Adds the specified user to the specified group
* @param GroupName - The name of the group to update
* @param UserName - The name of the user to add
*/
interface AddUserToGroupCommandInput {
GroupName: string;
UserName: string;
}
interface AddUserToGroupCommandOutput {}Usage Example:
import { IAMClient, AddUserToGroupCommand } from "@aws-sdk/client-iam";
const client = new IAMClient({ region: "us-east-1" });
const command = new AddUserToGroupCommand({
GroupName: "Developers",
UserName: "developer-john"
});
await client.send(command);
console.log("User added to group successfully");Removes the specified user from the specified group.
/**
* Removes the specified user from the specified group
* @param GroupName - The name of the group to update
* @param UserName - The name of the user to remove
*/
interface RemoveUserFromGroupCommandInput {
GroupName: string;
UserName: string;
}
interface RemoveUserFromGroupCommandOutput {}Usage Example:
import { IAMClient, RemoveUserFromGroupCommand } from "@aws-sdk/client-iam";
const client = new IAMClient({ region: "us-east-1" });
const command = new RemoveUserFromGroupCommand({
GroupName: "Developers",
UserName: "developer-john"
});
await client.send(command);
console.log("User removed from group successfully");Lists the IAM groups that the specified IAM user belongs to.
/**
* Lists the IAM groups that the specified IAM user belongs to
* @param UserName - The name of the user to list groups for
* @param Marker - Pagination marker for continuing a previous request
* @param MaxItems - Maximum number of groups to return (1-1000, default: 100)
*/
interface ListGroupsForUserCommandInput {
UserName: string;
Marker?: string;
MaxItems?: number;
}
interface ListGroupsForUserCommandOutput {
Groups: Group[];
IsTruncated?: boolean;
Marker?: string;
}Usage Example:
import { IAMClient, ListGroupsForUserCommand } from "@aws-sdk/client-iam";
const client = new IAMClient({ region: "us-east-1" });
const command = new ListGroupsForUserCommand({
UserName: "developer-john"
});
const result = await client.send(command);
result.Groups.forEach(group => {
console.log(`Group: ${group.GroupName}, Path: ${group.Path}`);
});Manage console login profiles for IAM users.
/**
* Creates a password for the specified IAM user
* @param UserName - The name of the IAM user to create a password for
* @param Password - The new password for the user
* @param PasswordResetRequired - Specifies whether the user is required to set a new password on next sign-in
*/
interface CreateLoginProfileCommandInput {
UserName: string;
Password: string;
PasswordResetRequired?: boolean;
}
interface CreateLoginProfileCommandOutput {
LoginProfile: LoginProfile;
}
/**
* Deletes the password for the specified IAM user
* @param UserName - The name of the user whose password you want to delete
*/
interface DeleteLoginProfileCommandInput {
UserName: string;
}
interface DeleteLoginProfileCommandOutput {}
/**
* Retrieves the user name for the specified IAM user
* @param UserName - The name of the user whose login profile you want to retrieve
*/
interface GetLoginProfileCommandInput {
UserName: string;
}
interface GetLoginProfileCommandOutput {
LoginProfile: LoginProfile;
}
/**
* Changes the password for the specified IAM user
* @param UserName - The name of the user whose password you want to update
* @param Password - The new password for the specified IAM user
* @param PasswordResetRequired - Allows this new password to be used only once
*/
interface UpdateLoginProfileCommandInput {
UserName: string;
Password?: string;
PasswordResetRequired?: boolean;
}
interface UpdateLoginProfileCommandOutput {}Usage Example:
import {
IAMClient,
CreateLoginProfileCommand,
UpdateLoginProfileCommand,
DeleteLoginProfileCommand
} from "@aws-sdk/client-iam";
const client = new IAMClient({ region: "us-east-1" });
// Create login profile
const createCommand = new CreateLoginProfileCommand({
UserName: "developer-john",
Password: "TempPassword123!",
PasswordResetRequired: true
});
await client.send(createCommand);
// Update login profile
const updateCommand = new UpdateLoginProfileCommand({
UserName: "developer-john",
PasswordResetRequired: false
});
await client.send(updateCommand);
// Delete login profile
const deleteCommand = new DeleteLoginProfileCommand({
UserName: "developer-john"
});
await client.send(deleteCommand);Allows an IAM user to change their own password.
/**
* Changes the password of the IAM user who is calling this operation
* @param OldPassword - The IAM user's current password
* @param NewPassword - The new password
*/
interface ChangePasswordCommandInput {
OldPassword: string;
NewPassword: string;
}
interface ChangePasswordCommandOutput {}Usage Example:
import { IAMClient, ChangePasswordCommand } from "@aws-sdk/client-iam";
const client = new IAMClient({ region: "us-east-1" });
const command = new ChangePasswordCommand({
OldPassword: "OldPassword123!",
NewPassword: "NewPassword456!"
});
await client.send(command);
console.log("Password changed successfully");Manage tags on IAM users.
/**
* Adds one or more tags to an IAM user
* @param UserName - The name of the IAM user to which you want to add tags
* @param Tags - The list of tags that you want to attach to the IAM user
*/
interface TagUserCommandInput {
UserName: string;
Tags: Tag[];
}
interface TagUserCommandOutput {}
/**
* Removes the specified tags from the specified IAM user
* @param UserName - The name of the IAM user from which you want to remove tags
* @param TagKeys - A list of key names as a simple array of strings
*/
interface UntagUserCommandInput {
UserName: string;
TagKeys: string[];
}
interface UntagUserCommandOutput {}
/**
* Lists the tags that are attached to the specified IAM user
* @param UserName - The name of the IAM user whose tags you want to see
* @param Marker - Use this parameter only when paginating results
* @param MaxItems - Use this only when paginating results to indicate the maximum number of items you want in the response
*/
interface ListUserTagsCommandInput {
UserName: string;
Marker?: string;
MaxItems?: number;
}
interface ListUserTagsCommandOutput {
Tags: Tag[];
IsTruncated?: boolean;
Marker?: string;
}Usage Example:
import {
IAMClient,
TagUserCommand,
ListUserTagsCommand,
UntagUserCommand
} from "@aws-sdk/client-iam";
const client = new IAMClient({ region: "us-east-1" });
// Add tags
const tagCommand = new TagUserCommand({
UserName: "developer-john",
Tags: [
{ Key: "Department", Value: "Engineering" },
{ Key: "CostCenter", Value: "123456" }
]
});
await client.send(tagCommand);
// List tags
const listCommand = new ListUserTagsCommand({
UserName: "developer-john"
});
const result = await client.send(listCommand);
console.log("User tags:", result.Tags);
// Remove tags
const untagCommand = new UntagUserCommand({
UserName: "developer-john",
TagKeys: ["CostCenter"]
});
await client.send(untagCommand);interface User {
Path: string;
UserName: string;
UserId: string;
Arn: string;
CreateDate: Date;
PasswordLastUsed?: Date;
PermissionsBoundary?: AttachedPermissionsBoundary;
Tags?: Tag[];
}
interface LoginProfile {
UserName: string;
CreateDate: Date;
PasswordResetRequired?: boolean;
}
interface Group {
Path: string;
GroupName: string;
GroupId: string;
Arn: string;
CreateDate: Date;
}
interface Tag {
Key: string;
Value: string;
}
interface AttachedPermissionsBoundary {
PermissionsBoundaryType?: PermissionsBoundaryAttachmentType;
PermissionsBoundaryArn?: string;
}
enum PermissionsBoundaryAttachmentType {
PermissionsBoundaryPolicy = "PermissionsBoundaryPolicy"
}