Menu
AWS SDK for .NET
Developer Guide

This documentation is for version 2.0 of the AWS SDK for .NET. For the latest version, see the AWS SDK for .NET Developer Guide for version 3.

AWS Identity and Access Management Programming with the AWS SDK for .NET

The AWS SDK for .NET supports AWS Identity and Access Management (IAM), which is a web service that enables Amazon Web Services (AWS) customers to manage users and user permissions in AWS.

The following information introduces you to the IAM programming models in the the SDK. There are also links to additional IAM programming resources within the the SDK.

Programming Models

The the SDK provides two programming models for working with IAM. These programming models are known as the low-level model and the resource model. The following information describes these models and how to use them.

Low-Level APIs

The the SDK provides low-level APIs for programming with IAM. These low-level APIs typically consist of sets of matching request-and-response objects that correspond to HTTP-based API calls focusing on their corresponding service-level constructs.

The following example shows how to use the low-level APIs to list accessible user accounts in IAM. For each user account, its associated groups, policies, and access key IDs are also listed:

Copy
// using Amazon.IdentityManagement; // using Amazon.IdentityManagement.Model; var client = new AmazonIdentityManagementServiceClient(); var requestUsers = new ListUsersRequest(); var responseUsers = client.ListUsers(requestUsers); foreach (var user in responseUsers.Users) { Console.WriteLine("For user {0}:", user.UserName); Console.WriteLine(" In groups:"); var requestGroups = new ListGroupsForUserRequest { UserName = user.UserName }; var responseGroups = client.ListGroupsForUser(requestGroups); foreach (var group in responseGroups.Groups) { Console.WriteLine(" {0}", group.GroupName); } Console.WriteLine(" Policies:"); var requestPolicies = new ListUserPoliciesRequest { UserName = user.UserName }; var responsePolicies = client.ListUserPolicies(requestPolicies); foreach (var policy in responsePolicies.PolicyNames) { Console.WriteLine(" {0}", policy); } var requestAccessKeys = new ListAccessKeysRequest { UserName = user.UserName }; var responseAccessKeys = client.ListAccessKeys(requestAccessKeys); Console.WriteLine(" Access keys:"); foreach (var accessKey in responseAccessKeys.AccessKeyMetadata) { Console.WriteLine(" {0}", accessKey.AccessKeyId); } }

For additional examples, see Tutorial: Grant Access Using an IAM Role and the AWS SDK for .NET.

For related API reference information, see Amazon.IdentityManagement and Amazon.IdentityManagement.Model.

Resource APIs

The the SDK provides the AWS Resource APIs for .NET for programming with IAM. These resource APIs provide a resource-level programming model that enables you to write code to work more directly with IAM resources as compared to their low-level API counterparts. (For more information about the AWS Resource APIs for .NET, including how to download and reference these resource APIs, see Programming with the AWS Resource APIs for .NET.)

The AWS Resource APIs for .NET are currently provided as a preview. This means that these resource APIs may frequently change in response to customer feedback, and these changes may happen without advance notice. Until these resource APIs exit the preview stage, please be cautious about writing and distributing production-quality code that relies on them.

The following example shows how to use the AWS Resource APIs for .NET to list accessible user accounts in IAM. For each user account, its associated groups, policies, and access key IDs are also listed:

Copy
// using Amazon.IdentityManagement.Resources; var iam = new IdentityManagementService(); var users = iam.GetUsers(); foreach (var user in users) { Console.WriteLine("For user {0}:", user.Name); Console.WriteLine(" In groups:"); foreach (var group in user.GetGroups()) { Console.WriteLine(" {0}", group.Name); } Console.WriteLine(" Policies:"); foreach (var policy in user.GetPolicies()) { Console.WriteLine(" {0}", policy.Name); } Console.WriteLine(" Access keys:"); foreach (var accessKey in user.GetAccessKeys()) { Console.WriteLine(" {0}", accessKey.Id); } }

For additional examples, see AWS Identity and Access Management Code Examples with the AWS Resource APIs for .NET.

For related API reference information, see Amazon.IdentityManagement.

On this page: