AWS Identity and Access Management (IAM)
AWS Identity and Access Management (IAM) API enables you to manage access to AWS services and resources securely. AWS WAF allows you to control access to your content based on the conditions you specify (IP address) and configure CloudFront to return a custom error page when a request is blocked.
Supported Actions and Example Prompts
The following table lists the supported actions and prompt examples for an action:
Action Name | Description | Prompt Example |
|---|---|---|
Delete Access Key | The action deletes the access key pair associated with the specified IAM user. For more information, see Action: Delete access key. | Delete the access key 972a2167c93df3372de3 from the user John Doe. |
Get User Information | The action retrieves detailed information about a specific IAM user. This action returns information such as the user's creation date, path, unique ID, and ARN. For more information, see Action: Get User Information. | Get the user information of John Doe. |
Remove User from Group | This action removes the specified IAM user from a specific group. For more information, see Action: Remove User from Group. | Remove the user Jane Dan from the admin group. |
Install and Configure the App
Install and configure the required apps to enable Quarterback AI to perform various security-related tasks and provide relevant responses. After installing an app, you must create an instance that will be used to communicate with the app endpoints. An app can have multiple instances, and you can set a default instance from the configured instance list.
Before you Start
Ensure that you have the API token to authenticate with the AWS Identity and Access Management (IAM) app.
Steps:
To install and configure an app, follow these steps:
Go to the application, in the left pane, select Quarterback AI.
In Apps, select AWS Identity and Access Management (IAM) and click Install.
After the app is installed, click Configure and enter the following details to create an instance:
Instance Name: Enter a name for the instance.
Instance Description: Enter a description for the instance.
Expiry: Select an expiry date for the instance.
Set as default instance: Select this option to set this instance as the default instance. By default, this instance will be used to perform actions from this app.
Access Key Id: Enter the access key ID to access the IAM API.
Secret Access Key: Enter the secret key to access the IAM resources. For example, XXXX97-2a2167-c93df33-72de34-c2fb18.
Region Name: Enter the region name. For example, us-east-1.
Click Done.
The instance is created, and you can view it in Instances. To create another instance, click Add Instance.
Action: Delete access key
The action deletes access key pair associated with the specified IAM user.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Username | Enter the username to delete the access key for. Example: "testuser" | Text | Required | Minimum character: 1 Maximum character length: 128 |
Access key ID | Enter the access key ID you want to delete. Example: "972a2167c93df3372de3" | Text | Required |
Example Request
[
{
"username": “testuser”,
"access_key_id": "972a2167c93df3372de3"
}
]Action Response Parameters
Parameter | Type | Description |
|---|---|---|
DeleteAccessKeyResponse | Object | The root element of the XML response. |
ResponseMetadata | Object | Contains metadata about the response. |
RequestId | String | The unique identifier for the request. |
Action: Get User Information
The action retrieves detailed information about a specific IAM user. This action returns information such as the user's creation date, path, unique ID, and ARN.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Username | Enter the username to retrieve the details. Example: "testuser" | Text | Required |
Example Request
[
{
"username": "testuser"
}
]Action Response Parameter
Parameter | Type | Description |
|---|---|---|
User | Object | An object containing information about a user. |
Path | String | The path to the user. |
UserName | String | The name of the user. |
UserId | String | The ID of the user. |
Arn | String | The Amazon Resource Name (ARN) of the user. |
CreateDate | Datetime | The date and time when the user was created. |
PasswordLastUsed | Datetime | The date and time when the user's password was last used. |
PermissionsBoundary | Object | An object containing information about the permissions boundary. |
PermissionsBoundaryType | PermissionsBoundaryPolicy | The type of the permissions boundary policy. |
PermissionsBoundaryArn | String | The ARN of the permissions boundary. |
Tags | Array | An array containing tags associated with the user. |
Key | String | The key of the tag. |
Value | String | The value of the tag. |
Action: Remove User from Group
This action removes the specified IAM user from a specific group.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Group name | Enter the group name to remove the user from. Example: "samplegroup1" | Text | Required | |
Username | Enter the user to be removed from group. Example: "testuser" | Text | Required |
Example Request
[
{
"group_name": “samplegroup1",
"username": "testuser"
}
]Action Response Parameters
Parameter | Type | Description |
|---|---|---|
RemoveUserFromGroupResponse | Object | The root element containing the response details. |
ResponseMetadata | Object | Metadata about the response. |
RequestId | String | The ID of the request. |