Crate wami

Expand description

WAMI - Who Am I: Multicloud Identity and Access Management library for Rust

This library provides a multicloud implementation of Identity and Access Management (IAM), Security Token Service (STS), and Single Sign-On Admin operations. It’s designed to work across multiple cloud providers (AWS, GCP, Azure, and custom platforms) and can be used for testing, development, or as a unified identity layer for multicloud environments.

§Features

🌐 Multicloud Support: AWS, GCP, Azure, and custom identity providers
IAM Operations: Complete user, group, role, and policy management
STS Operations: Temporary credentials and identity inspection
SSO Admin Operations: Permission sets, assignments, and instances
Pluggable Storage: In-memory, database, or cloud-native backends
Async API: All operations are asynchronous for better performance
Type Safety: Strongly typed requests and responses

§Example

use wami::store::memory::InMemoryWamiStore;
use wami::store::traits::UserStore;
use wami::provider::{AwsProvider, CloudProvider};
use wami::wami::identity::user::builder::build_user;

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    // Initialize logging
    env_logger::init();
     
    // Initialize store
    let mut store = InMemoryWamiStore::default();
     
    // Create provider
    let provider = AwsProvider::new();
     
    // Build a user using pure functions
    let user = build_user(
        "alice".to_string(),
        Some("/".to_string()),
        &provider,
        "123456789012",
    );
     
    // Store the user
    let created_user = store.create_user(user).await?;
    println!("Created user: {}", created_user.user_name);
    println!("User ARN: {}", created_user.arn);
     
    // Retrieve the user
    let retrieved = store.get_user("alice").await?;
    if let Some(user) = retrieved {
        println!("Retrieved user: {}", user.user_name);
    }
     
    Ok(())
}

Re-exports§

pub use error::AmiError;
pub use error::Result;
pub use types::AmiResponse;
pub use types::AwsConfig;
pub use types::PaginationParams;
pub use types::PolicyDocument;
pub use types::PolicyStatement;
pub use types::Tag;
pub use store::memory::InMemoryStore;
pub use store::SsoAdminStore;
pub use store::Store;
pub use store::StsStore;
pub use store::WamiStore;
pub use provider::ProviderConfig;
pub use service::AccessKeyService;
pub use service::AccountAssignmentService;
pub use service::ApplicationService;
pub use service::AssumeRoleService;
pub use service::CredentialReportService;
pub use service::EvaluationService;
pub use service::FederationService;
pub use service::GroupService;
pub use service::IdentityService;
pub use service::InstanceService as SsoInstanceService;
pub use service::LoginProfileService;
pub use service::MfaDeviceService;
pub use service::PermissionSetService;
pub use service::PolicyService;
pub use service::RoleService;
pub use service::ServerCertificateService;
pub use service::ServiceCredentialService;
pub use service::ServiceLinkedRoleService;
pub use service::SessionService;
pub use service::SessionTokenService;
pub use service::SigningCertificateService;
pub use service::TenantService;
pub use service::TrustedTokenIssuerService;
pub use service::UserService;
pub use wami::sso_admin;
pub use wami::sts;
pub use wami::tenant;
pub use wami::identity::Group;
pub use wami::identity::Role;
pub use wami::identity::User;
pub use wami::credentials::AccessKey;
pub use wami::credentials::LoginProfile;
pub use wami::credentials::MfaDevice;
pub use wami::credentials::ServerCertificate;
pub use wami::credentials::ServiceSpecificCredential;
pub use wami::policies::Policy;
pub use wami::reports::CredentialReport;
pub use wami::sts::Credentials;
pub use wami::sts::StsSession;
pub use wami::tenant::check_tenant_permission;
pub use wami::tenant::BillingInfo;
pub use wami::tenant::QuotaMode;
pub use wami::tenant::Tenant;
pub use wami::tenant::TenantAction;
pub use wami::tenant::TenantId;
pub use wami::tenant::TenantQuotas;
pub use wami::tenant::TenantStatus;
pub use wami::tenant::TenantType;
pub use wami::tenant::TenantUsage;
pub use wami::credentials::access_key::AccessKeyLastUsed;
pub use wami::credentials::access_key::CreateAccessKeyRequest;
pub use wami::credentials::access_key::ListAccessKeysRequest;
pub use wami::credentials::access_key::ListAccessKeysResponse;
pub use wami::credentials::access_key::UpdateAccessKeyRequest;
pub use wami::credentials::login_profile::CreateLoginProfileRequest;
pub use wami::credentials::login_profile::GetLoginProfileRequest;
pub use wami::credentials::login_profile::UpdateLoginProfileRequest;
pub use wami::credentials::mfa_device::EnableMfaDeviceRequest;
pub use wami::credentials::mfa_device::ListMfaDevicesRequest;
pub use wami::credentials::server_certificate::DeleteServerCertificateRequest;
pub use wami::credentials::server_certificate::GetServerCertificateRequest;
pub use wami::credentials::server_certificate::GetServerCertificateResponse;
pub use wami::credentials::server_certificate::ListServerCertificatesRequest;
pub use wami::credentials::server_certificate::ListServerCertificatesResponse;
pub use wami::credentials::server_certificate::UpdateServerCertificateRequest;
pub use wami::credentials::server_certificate::UploadServerCertificateRequest;
pub use wami::credentials::server_certificate::UploadServerCertificateResponse;
pub use wami::credentials::service_credential::CreateServiceSpecificCredentialRequest;
pub use wami::credentials::service_credential::CreateServiceSpecificCredentialResponse;
pub use wami::credentials::service_credential::DeleteServiceSpecificCredentialRequest;
pub use wami::credentials::service_credential::ListServiceSpecificCredentialsRequest;
pub use wami::credentials::service_credential::ListServiceSpecificCredentialsResponse;
pub use wami::credentials::service_credential::ResetServiceSpecificCredentialRequest;
pub use wami::credentials::service_credential::ResetServiceSpecificCredentialResponse;
pub use wami::credentials::service_credential::UpdateServiceSpecificCredentialRequest;
pub use wami::credentials::signing_certificate::CertificateStatus;
pub use wami::credentials::signing_certificate::DeleteSigningCertificateRequest;
pub use wami::credentials::signing_certificate::ListSigningCertificatesRequest;
pub use wami::credentials::signing_certificate::ListSigningCertificatesResponse;
pub use wami::credentials::signing_certificate::SigningCertificate;
pub use wami::credentials::signing_certificate::UpdateSigningCertificateRequest;
pub use wami::credentials::signing_certificate::UploadSigningCertificateRequest;
pub use wami::credentials::signing_certificate::UploadSigningCertificateResponse;
pub use wami::identity::group::CreateGroupRequest;
pub use wami::identity::group::ListGroupsRequest;
pub use wami::identity::group::ListGroupsResponse;
pub use wami::identity::group::UpdateGroupRequest;
pub use wami::identity::role::CreateRoleRequest;
pub use wami::identity::role::ListRolesRequest;
pub use wami::identity::role::ListRolesResponse;
pub use wami::identity::role::UpdateRoleRequest;
pub use wami::identity::service_linked_role::CreateServiceLinkedRoleRequest;
pub use wami::identity::service_linked_role::CreateServiceLinkedRoleResponse;
pub use wami::identity::service_linked_role::DeleteServiceLinkedRoleRequest;
pub use wami::identity::service_linked_role::DeleteServiceLinkedRoleResponse;
pub use wami::identity::service_linked_role::DeletionTaskFailureReason;
pub use wami::identity::service_linked_role::DeletionTaskInfo;
pub use wami::identity::service_linked_role::DeletionTaskStatus;
pub use wami::identity::service_linked_role::GetServiceLinkedRoleDeletionStatusRequest;
pub use wami::identity::service_linked_role::GetServiceLinkedRoleDeletionStatusResponse;
pub use wami::identity::service_linked_role::RoleUsageType;
pub use wami::identity::user::CreateUserRequest;
pub use wami::identity::user::ListUsersRequest;
pub use wami::identity::user::ListUsersResponse;
pub use wami::identity::user::UpdateUserRequest;
pub use wami::policies::evaluation::ContextEntry;
pub use wami::policies::evaluation::EvaluationResult;
pub use wami::policies::evaluation::SimulateCustomPolicyRequest;
pub use wami::policies::evaluation::SimulatePolicyResponse;
pub use wami::policies::evaluation::SimulatePrincipalPolicyRequest;
pub use wami::policies::evaluation::StatementMatch;
pub use wami::policies::policy::CreatePolicyRequest;
pub use wami::policies::policy::ListPoliciesRequest;
pub use wami::policies::policy::ListPoliciesResponse;
pub use wami::policies::policy::UpdatePolicyRequest;
pub use wami::reports::credential_report::AccountSummaryMap;
pub use wami::reports::credential_report::CredentialReport as CredentialReportType;
pub use wami::reports::credential_report::GenerateCredentialReportRequest;
pub use wami::reports::credential_report::GenerateCredentialReportResponse;
pub use wami::reports::credential_report::GetAccountSummaryRequest;
pub use wami::reports::credential_report::GetAccountSummaryResponse;
pub use wami::reports::credential_report::GetCredentialReportRequest;
pub use wami::reports::credential_report::GetCredentialReportResponse;
pub use wami::reports::credential_report::ReportState;
pub use wami::tags::ListResourceTagsRequest;
pub use wami::tags::TagResourceRequest;
pub use wami::tags::UntagResourceRequest;
pub use sts::AssumeRoleRequest;
pub use sts::GetSessionTokenRequest;

Modules§

error
provider: Cloud Provider Abstraction
service: Service Layer
store: Store Module
types
wami: WAMI - Web-compatible Access Management Interface

Functions§

create_memory_store: Create a new in-memory store

Crate wami

Crate wami Copy item path

§Features

§Example

Re-exports§

Modules§

Functions§

Crate wami