# User Management Tools & Library
## Overview
This is a library and tools for user management.
It provides the following functions.
- usermgr library for Python
- Lambda functions for Cognito user management
- DynamoDB definition and Lambda functions for Cognito user activity management
- [Under construction] GUI tool for user management
## Description of each tool and library
### usermgr library
- This is a Python library for user management.
- It provides functions such as adding, updating, deleting, and searching users.
- At the moment, it supports AWS Cognito.
- It supports both direct operation of Cognito API and operation via Lambda function.
- Use a Lambda function when you cannot directly operate Cognito from a private subnet.
- In the future, it is planned to support other user management services. The structure of the library will be kept the same so that it can be used when other services are supported.
#### Install
- When directly operating Cognito API
```bash
pip install usermgr[cognito]
```
- When operating via Lambda function
```bash
pip install usermgr[lambda]
```
#### Usage
```python
from usermgr import Factory
instance = Factory.create(Factory.AWS_COGNITO) # For Lambda, use Factory.AWS_LAMBDA
instance.add_user('username', 'password', {
'custom:extra_info': 'extra_info'
})
```
- Please refer to usermgr/base.py for available functions.
### Cognito user management Lambda function
- Used when operating Cognito via Lambda function from a private subnet.
- Follow the steps below after moving to the etc folder.
#### 1. Create an environment configuration file
- Create the etc/.env file.
- The settings are as follows.
- AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_PROFILE should be set according to the aws cli configuration file.
| Name | Description |
| ---- | ----------- |
| AWS_ACCESS_KEY_ID | Access key ID |
| AWS_SECRET_ACCESS_KEY | Secret access key |
| AWS_PROFILE | Profile name in the aws cli configuration file |
| AWS_REGION | Region name |
| ACCOUNT_ID | AWS account ID |
| ROLE | IAM role name to be granted to the Lambda function |
| DYNAMODB_ACTIVITY_POLICY | DynamoDB access policy name to be granted to the role |
| DYNAMODB_NAME | DynamoDB table name |
| LAMBDA_NAME_ACTIVITY| Lambda function name for user activity management |
| LAMBDA_NAME_USERMGR| Lambda function name for user management |
| LAMBDA_NAME_DOWNLOAD| Lambda function name for JWKS download |
| USERPOOL_ID | Cognito user pool ID |
| CLIENT_ID | Cognito client ID |
| SECRET | Cognito client secret |
- Example (Modify as needed for your environment)
```ini
AWS_PROFILE=xxxx
AWS_REGION=ap-northeast-1
ACCOUNT_ID=xxxxxx
ROLE=usermgr-lambda-role
DYNAMODB_ACTIVITY_POLICY=usermgr_activity_policy
DYNAMODB_NAME=usermgr_activity
LAMBDA_NAME_ACTIVITY=usermgr_activity
LAMBDA_NAME_USERMGR=usermgr
LAMBDA_NAME_DOWNLOAD=usermgr_download_jwks
USERPOOL_ID=ap-northeast-1_xxxxxx
CLIENT_ID=xxxxxx
SECRET=xxxxx
```
#### 2. IAM role creation
- execute the following command in the etc folder.
```bash
dotenv run ./role/scripts/create_role.sh
```
#### 3. Register Lambda function
##### 3-1. Create a Lambda function for user management
- execute the following command in the etc folder.
```bash
dotenv run ./usermgr/scripts/create_usermgr.sh
```
##### 3-2. Create a Lambda function for JWKS download
- execute the following command in the etc folder.
- this function is needed when using Cognito's ID token validation in the private subnet.
```bash
dotenv run ./download_jwks/scripts/create_function.sh
```
- Please incorporate Lambda execution into each project by referring to ./download_jwks/scripts/create_function.sh.
##### 3-3. Create a Lambda function for user activity management
- execute the following command in the etc folder.
```bash
dotenv run ./activity/scripts/create_dynamodb.sh
dotenv run ./activity/scripts/create_function.sh
```
- Please regist the Lambda function with PreCreate Token Lambda Trigger in Cognito User Pool.
## How To Remove the User Management Tools & Library
- Follow the steps below after moving to the etc folder.
- If you are referring to Lambda from Cognito, remove the Lambda trigger from Cognito before deleting the Lambda function.
- Replace each name with the one specified in the environment settings.
```bash
dotenv run aws lambda delete-function --function-name usermgr
dotenv run aws lambda delete-function --function-name usermgr_dl_jwks
dotenv run aws lambda delete-function --function-name usermgr_activity
dotenv run aws dynamodb delete-table --table-name usermgr_activity
dotenv run aws iam delete-role --role-name usermgr-lambda-role
dotenv run aws iam delete-policy --policy-name usermgr_activity_policy
```
Raw data
{
"_id": null,
"home_page": "https://github.com/tamuto/usermgr",
"name": "usermgr",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.9,<4.0",
"maintainer_email": "",
"keywords": "",
"author": "tamuto",
"author_email": "tamuto@infodb.jp",
"download_url": "https://files.pythonhosted.org/packages/8d/ad/53ba2dc6bc3fe96bbd770ceefb766e84eecc874afb5e1881a1249b7b407f/usermgr-0.3.1.tar.gz",
"platform": null,
"description": "# User Management Tools & Library\n\n## Overview\n\nThis is a library and tools for user management.\nIt provides the following functions.\n\n- usermgr library for Python\n- Lambda functions for Cognito user management\n- DynamoDB definition and Lambda functions for Cognito user activity management\n- [Under construction] GUI tool for user management\n\n## Description of each tool and library\n\n### usermgr library\n\n- This is a Python library for user management.\n- It provides functions such as adding, updating, deleting, and searching users.\n- At the moment, it supports AWS Cognito.\n- It supports both direct operation of Cognito API and operation via Lambda function.\n - Use a Lambda function when you cannot directly operate Cognito from a private subnet.\n- In the future, it is planned to support other user management services. The structure of the library will be kept the same so that it can be used when other services are supported.\n\n#### Install\n\n- When directly operating Cognito API\n\n```bash\npip install usermgr[cognito]\n```\n\n- When operating via Lambda function\n\n```bash\npip install usermgr[lambda]\n```\n\n#### Usage\n\n```python\nfrom usermgr import Factory\n\ninstance = Factory.create(Factory.AWS_COGNITO) # For Lambda, use Factory.AWS_LAMBDA\n\ninstance.add_user('username', 'password', {\n 'custom:extra_info': 'extra_info'\n})\n```\n\n- Please refer to usermgr/base.py for available functions.\n\n### Cognito user management Lambda function\n\n- Used when operating Cognito via Lambda function from a private subnet.\n- Follow the steps below after moving to the etc folder.\n\n#### 1. Create an environment configuration file\n\n- Create the etc/.env file.\n- The settings are as follows.\n - AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_PROFILE should be set according to the aws cli configuration file.\n\n| Name | Description |\n| ---- | ----------- |\n| AWS_ACCESS_KEY_ID | Access key ID |\n| AWS_SECRET_ACCESS_KEY | Secret access key |\n| AWS_PROFILE | Profile name in the aws cli configuration file |\n| AWS_REGION | Region name |\n| ACCOUNT_ID | AWS account ID |\n| ROLE | IAM role name to be granted to the Lambda function |\n| DYNAMODB_ACTIVITY_POLICY | DynamoDB access policy name to be granted to the role |\n| DYNAMODB_NAME | DynamoDB table name |\n| LAMBDA_NAME_ACTIVITY| Lambda function name for user activity management |\n| LAMBDA_NAME_USERMGR| Lambda function name for user management |\n| LAMBDA_NAME_DOWNLOAD| Lambda function name for JWKS download |\n| USERPOOL_ID | Cognito user pool ID |\n| CLIENT_ID | Cognito client ID |\n| SECRET | Cognito client secret |\n\n- Example (Modify as needed for your environment)\n\n```ini\nAWS_PROFILE=xxxx\nAWS_REGION=ap-northeast-1\n\nACCOUNT_ID=xxxxxx\nROLE=usermgr-lambda-role\nDYNAMODB_ACTIVITY_POLICY=usermgr_activity_policy\nDYNAMODB_NAME=usermgr_activity\nLAMBDA_NAME_ACTIVITY=usermgr_activity\nLAMBDA_NAME_USERMGR=usermgr\nLAMBDA_NAME_DOWNLOAD=usermgr_download_jwks\n\nUSERPOOL_ID=ap-northeast-1_xxxxxx\nCLIENT_ID=xxxxxx\nSECRET=xxxxx\n```\n\n#### 2. IAM role creation\n\n- execute the following command in the etc folder.\n\n```bash\ndotenv run ./role/scripts/create_role.sh\n```\n\n#### 3. Register Lambda function\n\n##### 3-1. Create a Lambda function for user management\n\n- execute the following command in the etc folder.\n\n```bash\ndotenv run ./usermgr/scripts/create_usermgr.sh\n```\n\n##### 3-2. Create a Lambda function for JWKS download\n\n- execute the following command in the etc folder.\n- this function is needed when using Cognito's ID token validation in the private subnet.\n\n```bash\ndotenv run ./download_jwks/scripts/create_function.sh\n```\n\n- Please incorporate Lambda execution into each project by referring to ./download_jwks/scripts/create_function.sh.\n\n##### 3-3. Create a Lambda function for user activity management\n\n- execute the following command in the etc folder.\n\n```bash\ndotenv run ./activity/scripts/create_dynamodb.sh\ndotenv run ./activity/scripts/create_function.sh\n```\n\n- Please regist the Lambda function with PreCreate Token Lambda Trigger in Cognito User Pool.\n\n## How To Remove the User Management Tools & Library\n\n- Follow the steps below after moving to the etc folder.\n- If you are referring to Lambda from Cognito, remove the Lambda trigger from Cognito before deleting the Lambda function.\n- Replace each name with the one specified in the environment settings.\n\n```bash\ndotenv run aws lambda delete-function --function-name usermgr\ndotenv run aws lambda delete-function --function-name usermgr_dl_jwks\ndotenv run aws lambda delete-function --function-name usermgr_activity\ndotenv run aws dynamodb delete-table --table-name usermgr_activity\ndotenv run aws iam delete-role --role-name usermgr-lambda-role\ndotenv run aws iam delete-policy --policy-name usermgr_activity_policy\n```\n",
"bugtrack_url": null,
"license": "",
"summary": "",
"version": "0.3.1",
"project_urls": {
"Homepage": "https://github.com/tamuto/usermgr",
"Repository": "https://github.com/tamuto/usermgr"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "af3155707f7032ccf16545614e592b50473db195acfeae1c373ad07a935d523e",
"md5": "c50321d210e2ba5296cf99e7205582ea",
"sha256": "f61604ce42ee83c00666eab625b27e7ac824e160d93c63767c5731eef35acaa0"
},
"downloads": -1,
"filename": "usermgr-0.3.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "c50321d210e2ba5296cf99e7205582ea",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.9,<4.0",
"size": 6325,
"upload_time": "2024-02-27T22:21:00",
"upload_time_iso_8601": "2024-02-27T22:21:00.006615Z",
"url": "https://files.pythonhosted.org/packages/af/31/55707f7032ccf16545614e592b50473db195acfeae1c373ad07a935d523e/usermgr-0.3.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "8dad53ba2dc6bc3fe96bbd770ceefb766e84eecc874afb5e1881a1249b7b407f",
"md5": "5cd686a0372c00451679aba4d7049570",
"sha256": "22661ae7c61e7662d9516de8242b9371a9fffcfe6fab12737a224bcf52ad0d09"
},
"downloads": -1,
"filename": "usermgr-0.3.1.tar.gz",
"has_sig": false,
"md5_digest": "5cd686a0372c00451679aba4d7049570",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.9,<4.0",
"size": 4981,
"upload_time": "2024-02-27T22:21:01",
"upload_time_iso_8601": "2024-02-27T22:21:01.799325Z",
"url": "https://files.pythonhosted.org/packages/8d/ad/53ba2dc6bc3fe96bbd770ceefb766e84eecc874afb5e1881a1249b7b407f/usermgr-0.3.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-02-27 22:21:01",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "tamuto",
"github_project": "usermgr",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "usermgr"
}
JSON
