i*SSKrSSKJr SSKJr SSKJrJrJr SSjr Sr /SSSS4S jr SS/4S jr S r S rS rSrg)N)handle_truncated_response)generate_password) printInfo printErrorprintExceptionFcLU(d[SU-5 URX!S9 g)z{ Add an IAM user to an IAM group :param iam_client: :param group: :param user: :param user_info: :param dry_run: :return: zAdding user to group %s... GroupNameUserNameN)radd_user_to_group) iam_clientusergroupquiets P/home/kali/Scout2/scout2-env/lib/python3.13/site-packages/opinel/services/iam.pyr r s& .67  U Dc@/n[U5[:waU/nUH6n/n[SU-5 URUS9 URX4S.5 M8 U$![a<nUR SSS:wa[ U5 URS5 SnANZSnAff=f) a( Create a number of IAM group, silently handling exceptions when entity already exists . :param iam_client: AWS API client for IAM :param groups: Name of IAM groups to be created. :return: None zCreating group %s...)r ErrorCodeEntityAlreadyExistsziam:creategroupN) groupnameerrors)typelistr create_group Exceptionresponserappend)r groups groups_datarres r create_groupsr"sK F|t 1 ,u4 5  # # # 6 AB   1zz'"6*.CCq! /0 1sA B!2BBTc"U/S.n[SU-5 URUS9 [ U5[ :waU/nUHn [ XU 5 M U(a,[S5 [5US 'URXS US 9 U(a0[S 5 URUS9S nUSUS'USUS'U$U$![a nUSRS5 UsSnA$SnAff=f![a-n[U5 USRSU -5 SnAMSnAff=f![a)n[U5 USRS 5 SnANSnAff=f![a*n[U5 USRS5 SnAU$SnAff=f)a :param iam_client: AWS API client for IAM :param user: Name of the user to create :param groups: Name of the IAM groups to add the user to :param with_password: Boolean indicating whether creation of a password should be done :param with_mfa: Boolean indicating whether creation of an MFA device should be done :param with_access_key: Boolean indicating whether creation of an API access key should be done :param require_password_reset: Boolean indicating whether users should reset their password after first login :return: )usernamerzCreating user %s...r rziam:createuserNziam:addusertogroup - %szCreating a login profile...password)r PasswordPasswordResetRequiredziam:createloginprofilezCreating an API access key... AccessKey AccessKeyIdSecretAccessKeyziam:createaccesskey) r create_userrrrrr rrcreate_login_profilecreate_access_key)r rr with_passwordwith_mfawith_access_keyrequire_password_reset user_datar!rserial mfa_code1 mfa_code2 mfa_serial access_keys rr,r,4s"R0I #d*+$/  F|t J j 6 A 3 4$5$7Ij !  + +tR\H]yO + P   > 5 6#55t5D[QJ'1-'@Im $+56G+HI' ( 9U (""#34 J 1  h  & &'@5'H I I J A 1  h  & &'? @ @ A* > 1  h  & &'< = =  >seB= C*+D$ -E= C'C"C'"C'* D!4"DD!$ E.EE F$F  Fcp /n[SU-5 [X5nUH4n[SUS-S5 URUSUS9 [S5 M6 URUS 9S n U H=n U Sn [SU -S5 URXS9 [S5 [X 5 M? U(a [X5 URUS 9Sn U H4n [SU S-S5 URU SUS9 [S5 M6 /nURUS 9Sn[U5(a&[SS5 URUS 9 [S5 [SS5 UR!US 9nUSHnUR#UUS9 M [S5 [SS5 UR%US 9nUSHnUR'UUSS9 M [S5 U(dUR)US 9 [S U-5 U$UHn [+X U5 M U$![aCn[S5 [ U5 UR UR SS 5 S nAGMIS nAff=f![a$n[ U5 [S U-5 S nAGNBS nAff=f![aBn[S5 [ U5 UR UR SS 5 S nAGNJS nAff=f![aEn[ U5 [SU-5 UR UR SS 5 S nAGN{S nAff=f![aCn[S5 [ U5 UR UR SS 5 S nAGMS nAff=f![aEn[ U5 [SU-5 UR UR SS 5 S nAGNS nAff=f![a nS nAGNS nAff=f![aBn[S5 [ U5 UR UR SS 5 S nAGNS nAff=f![aBn[S5 [ U5 UR UR SS 5 S nAGNS nAff=f![aBn[S5 [ U5 UR UR SS 5 S nAGNS nAff=f![aBn[ U5 [S!5 UR UR SS 5 S nAU$S nAff=f)"zz Delete IAM user :param iam_client: :param user: :param mfa_serial: :param keep_user: :param terminated_groups: :return: zDeleting user %s...zDeleting access key ID %s... r*F)r*r SuccessFailedrrNz&Failed to get access keys for user %s.r% MFADevices SerialNumberzDeactivating MFA device %s... )r=r z;Faile to fetch/delete MFA device serial number for user %s.GroupszRemoving from group %s... r r z'Failed to fetch IAM groups for user %s. LoginProfilezDeleting login profile... zDeleting inline policies... PolicyNames)r PolicyNamezDetaching managed policies... AttachedPolicies PolicyArn)r rCzUser %s deleted.zFailed to delete user.)rget_access_keysdelete_access_keyrrrrrlist_mfa_devicesdeactivate_mfa_devicedelete_virtual_mfa_devicelist_groups_for_userremove_user_from_groupget_login_profilelendelete_login_profilelist_user_policiesdelete_user_policylist_attached_user_policiesdetach_user_policy delete_userr )r rr7 keep_userterminated_groupsraws_keysaws_keyr! mfa_devices mfa_devicer4rr login_profilepoliciespolicys rrRrRqs F #d*+ D":4G ;9GMP]a1b)$ M "444EnU 3 }   2E :  + +t + < i 30%800D0A}-F  ) )T ) O.) 32E:99T9J12F  ) )TvkGZ ) [3)    " "d " 3 (4/ 0 M+!*T:+ M{ ;(#q! ajj1&9:: ; Dq;dBCCD ;(#q! ajj1&9:: ; 3qPSWWX ajj)&1223 ;(#q! ajj1&9:: ; 3qI00H I0K05)J!!K0N0MNO$"6O<AQ AR"$S)S) I-*7I(!I0(I--I00 J:JJ! K-+7K("K0(K--K00 L?::L::L? N 7N N NN O!:OO!$ O94O9< Q7QQ R7RR S&$7S!!S&) T537T00T5c[SU-5 URUS9 g![a#n[U5 [ SU-5 SnAgSnAff=f)ze Delete a vritual MFA device given its serial number :param iam_client: :param mfa_serial: :return: zDeleting MFA device %s...)r=zFailed to delete MFA device %sN)rrHrrr)r r7r!s rrHrHsO - :;,,J,G  q3j@A  s A AA c@[URSU0S/5SnU$)0 :param iam_client: :param user_name: :return: r AccessKeyMetadata)rlist_access_keys)r user_namekeyss rrDrDs3 %Z%@%@:yBY\o[p qsF GD KrcF/nSn[U5(a$[U5[U5:wa [S5 gUHbn[U5S:a+US:aURS5 US-nM0[S5 gUR[R"U55 Md U$)z Initialize and compile regular expression for category groups :param category_regex_args: List of string regex :return: List of compiled regex z9Error: you must provide as many regex as category groups.NrzYError: you cannot have more than one empty regex to automatically assign groups to users.)rLrrrecompile)category_groupscategory_regex_argscategory_regexauthorized_empty_regexregexs rinit_group_category_regexrlsN C$8C@S%)%%d+&!+&vw  ! !"**U"3 4% rc[X5n[SU<S[U5<S35 UHn[SUS<SUS<S35 M g ) r^zUser 'z' currently has z access keys: r*z (Status)N)rDrrL)r rarbkeys rshow_access_keysrrs? : 1D YD RS]!3S]CDr)F)reopinel.utils.awsropinel.utils.credentialsropinel.utils.consolerrrr r"r,rRrHrDrlrrrrrwsa 66FF E 2,.ePUinJN:z04\^rj 6 Er