From AWS SDK, how to I get the current logged in username (or IAM user)?
I'm using the Ruby SDK (V2), but I guess my question is more general than the specific implementation as I couldn't find an answer in any of the SDKs.
How do I get the username (and/or IAM user) that my session currently belongs to?
I let the SDK run its default behaviour for choosing credentials (ENV vars, then 'default' profile or other if specified and then machine role). Then I initialize my client and run commands. I'd like to know 'who is running the commands'. I expect to get the AWS username and if the chosen credentials were of an IAM user in it, then this username too.
Any ideas?
The best I got so far was that after I build a Client object, I can query it's actual config and get Credentials. But that only gives me what credentials were chosen (i.e. SharedCredentials profile='default' vs. Credentials key=.. secret=..) and doesn't tell me who is the username behind it.
Many thanks!
Answer
Be careful with your terminology -- interactions with the AWS APIs are all over HTTP, and are sessionless and stateless, so there's not really a concept of the currently "logged in" user, or a "session."
However, for a given set of credentials, you can fetch the attributes of the "current" user (the user whose credentials you're using) from Aws::IAM::CurrentUser.
http://docs.aws.amazon.com/sdkforruby/api/Aws/IAM/CurrentUser.html
Apologies for the lack of an example -- I am unfamiliar with Ruby in general -- but found this based on what I knew could be done with the direct query APIs and command line client with aws iam get-user. The available attributes are all the same: user_name, password_last_used, create_date, user_id, path, and arn... so I suspect this is what you're looking for.
From the Query API docs:
it defaults to the user making the request