There are more AWS SDK examples available in the [AWS Doc SDK Examples](https://github.com/awsdocs/aws-doc-sdk-examples) GitHub repo. # Code examples for IAM using AWS SDKs The following code examples show you how to use AWS Identity and Access Management with an AWS software development kit (SDK). *Basics* are code examples that show you how to perform the essential operations within a service. *Actions* are code excerpts from larger programs and must be run in context. While actions show you how to call individual service functions, you can see actions in context in their related scenarios. *Scenarios* are code examples that show you how to accomplish specific tasks by calling multiple functions within a service or combined with other AWS services. **More resources** + **[ IAM User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html)** – More information about IAM. + **[IAM API Reference](https://docs.aws.amazon.com/IAM/latest/APIReference/welcome.html)** – Details about all available IAM actions. + **[AWS Developer Center](https://aws.amazon.com/developer/code-examples/?awsf.sdk-code-examples-product=product%23iam)** – Code examples that you can filter by category or full-text search. + **[AWS SDK Examples](https://github.com/awsdocs/aws-doc-sdk-examples)** – GitHub repo with complete code in preferred languages. Includes instructions for setting up and running the code. **Contents** + [Basics](iam_code_examples_basics.md) + [Hello IAM](iam_example_iam_Hello_section.md) + [Learn the basics](iam_example_iam_Scenario_CreateUserAssumeRole_section.md) + [Actions](iam_code_examples_actions.md) + [`AddClientIdToOpenIdConnectProvider`](iam_example_iam_AddClientIdToOpenIdConnectProvider_section.md) + [`AddRoleToInstanceProfile`](iam_example_iam_AddRoleToInstanceProfile_section.md) + [`AddUserToGroup`](iam_example_iam_AddUserToGroup_section.md) + [`AttachGroupPolicy`](iam_example_iam_AttachGroupPolicy_section.md) + [`AttachRolePolicy`](iam_example_iam_AttachRolePolicy_section.md) + [`AttachUserPolicy`](iam_example_iam_AttachUserPolicy_section.md) + [`ChangePassword`](iam_example_iam_ChangePassword_section.md) + [`CreateAccessKey`](iam_example_iam_CreateAccessKey_section.md) + [`CreateAccountAlias`](iam_example_iam_CreateAccountAlias_section.md) + [`CreateGroup`](iam_example_iam_CreateGroup_section.md) + [`CreateInstanceProfile`](iam_example_iam_CreateInstanceProfile_section.md) + [`CreateLoginProfile`](iam_example_iam_CreateLoginProfile_section.md) + [`CreateOpenIdConnectProvider`](iam_example_iam_CreateOpenIdConnectProvider_section.md) + [`CreatePolicy`](iam_example_iam_CreatePolicy_section.md) + [`CreatePolicyVersion`](iam_example_iam_CreatePolicyVersion_section.md) + [`CreateRole`](iam_example_iam_CreateRole_section.md) + [`CreateSAMLProvider`](iam_example_iam_CreateSAMLProvider_section.md) + [`CreateServiceLinkedRole`](iam_example_iam_CreateServiceLinkedRole_section.md) + [`CreateUser`](iam_example_iam_CreateUser_section.md) + [`CreateVirtualMfaDevice`](iam_example_iam_CreateVirtualMfaDevice_section.md) + [`DeactivateMfaDevice`](iam_example_iam_DeactivateMfaDevice_section.md) + [`DeleteAccessKey`](iam_example_iam_DeleteAccessKey_section.md) + [`DeleteAccountAlias`](iam_example_iam_DeleteAccountAlias_section.md) + [`DeleteAccountPasswordPolicy`](iam_example_iam_DeleteAccountPasswordPolicy_section.md) + [`DeleteGroup`](iam_example_iam_DeleteGroup_section.md) + [`DeleteGroupPolicy`](iam_example_iam_DeleteGroupPolicy_section.md) + [`DeleteInstanceProfile`](iam_example_iam_DeleteInstanceProfile_section.md) + [`DeleteLoginProfile`](iam_example_iam_DeleteLoginProfile_section.md) + [`DeleteOpenIdConnectProvider`](iam_example_iam_DeleteOpenIdConnectProvider_section.md) + [`DeletePolicy`](iam_example_iam_DeletePolicy_section.md) + [`DeletePolicyVersion`](iam_example_iam_DeletePolicyVersion_section.md) + [`DeleteRole`](iam_example_iam_DeleteRole_section.md) + [`DeleteRolePermissionsBoundary`](iam_example_iam_DeleteRolePermissionsBoundary_section.md) + [`DeleteRolePolicy`](iam_example_iam_DeleteRolePolicy_section.md) + [`DeleteSAMLProvider`](iam_example_iam_DeleteSAMLProvider_section.md) + [`DeleteServerCertificate`](iam_example_iam_DeleteServerCertificate_section.md) + [`DeleteServiceLinkedRole`](iam_example_iam_DeleteServiceLinkedRole_section.md) + [`DeleteSigningCertificate`](iam_example_iam_DeleteSigningCertificate_section.md) + [`DeleteUser`](iam_example_iam_DeleteUser_section.md) + [`DeleteUserPermissionsBoundary`](iam_example_iam_DeleteUserPermissionsBoundary_section.md) + [`DeleteUserPolicy`](iam_example_iam_DeleteUserPolicy_section.md) + [`DeleteVirtualMfaDevice`](iam_example_iam_DeleteVirtualMfaDevice_section.md) + [`DetachGroupPolicy`](iam_example_iam_DetachGroupPolicy_section.md) + [`DetachRolePolicy`](iam_example_iam_DetachRolePolicy_section.md) + [`DetachUserPolicy`](iam_example_iam_DetachUserPolicy_section.md) + [`EnableMfaDevice`](iam_example_iam_EnableMfaDevice_section.md) + [`GenerateCredentialReport`](iam_example_iam_GenerateCredentialReport_section.md) + [`GenerateServiceLastAccessedDetails`](iam_example_iam_GenerateServiceLastAccessedDetails_section.md) + [`GetAccessKeyLastUsed`](iam_example_iam_GetAccessKeyLastUsed_section.md) + [`GetAccountAuthorizationDetails`](iam_example_iam_GetAccountAuthorizationDetails_section.md) + [`GetAccountPasswordPolicy`](iam_example_iam_GetAccountPasswordPolicy_section.md) + [`GetAccountSummary`](iam_example_iam_GetAccountSummary_section.md) + [`GetContextKeysForCustomPolicy`](iam_example_iam_GetContextKeysForCustomPolicy_section.md) + [`GetContextKeysForPrincipalPolicy`](iam_example_iam_GetContextKeysForPrincipalPolicy_section.md) + [`GetCredentialReport`](iam_example_iam_GetCredentialReport_section.md) + [`GetGroup`](iam_example_iam_GetGroup_section.md) + [`GetGroupPolicy`](iam_example_iam_GetGroupPolicy_section.md) + [`GetInstanceProfile`](iam_example_iam_GetInstanceProfile_section.md) + [`GetLoginProfile`](iam_example_iam_GetLoginProfile_section.md) + [`GetOpenIdConnectProvider`](iam_example_iam_GetOpenIdConnectProvider_section.md) + [`GetPolicy`](iam_example_iam_GetPolicy_section.md) + [`GetPolicyVersion`](iam_example_iam_GetPolicyVersion_section.md) + [`GetRole`](iam_example_iam_GetRole_section.md) + [`GetRolePolicy`](iam_example_iam_GetRolePolicy_section.md) + [`GetSamlProvider`](iam_example_iam_GetSamlProvider_section.md) + [`GetServerCertificate`](iam_example_iam_GetServerCertificate_section.md) + [`GetServiceLastAccessedDetails`](iam_example_iam_GetServiceLastAccessedDetails_section.md) + [`GetServiceLastAccessedDetailsWithEntities`](iam_example_iam_GetServiceLastAccessedDetailsWithEntities_section.md) + [`GetServiceLinkedRoleDeletionStatus`](iam_example_iam_GetServiceLinkedRoleDeletionStatus_section.md) + [`GetUser`](iam_example_iam_GetUser_section.md) + [`GetUserPolicy`](iam_example_iam_GetUserPolicy_section.md) + [`ListAccessKeys`](iam_example_iam_ListAccessKeys_section.md) + [`ListAccountAliases`](iam_example_iam_ListAccountAliases_section.md) + [`ListAttachedGroupPolicies`](iam_example_iam_ListAttachedGroupPolicies_section.md) + [`ListAttachedRolePolicies`](iam_example_iam_ListAttachedRolePolicies_section.md) + [`ListAttachedUserPolicies`](iam_example_iam_ListAttachedUserPolicies_section.md) + [`ListEntitiesForPolicy`](iam_example_iam_ListEntitiesForPolicy_section.md) + [`ListGroupPolicies`](iam_example_iam_ListGroupPolicies_section.md) + [`ListGroups`](iam_example_iam_ListGroups_section.md) + [`ListGroupsForUser`](iam_example_iam_ListGroupsForUser_section.md) + [`ListInstanceProfiles`](iam_example_iam_ListInstanceProfiles_section.md) + [`ListInstanceProfilesForRole`](iam_example_iam_ListInstanceProfilesForRole_section.md) + [`ListMfaDevices`](iam_example_iam_ListMfaDevices_section.md) + [`ListOpenIdConnectProviders`](iam_example_iam_ListOpenIdConnectProviders_section.md) + [`ListPolicies`](iam_example_iam_ListPolicies_section.md) + [`ListPolicyVersions`](iam_example_iam_ListPolicyVersions_section.md) + [`ListRolePolicies`](iam_example_iam_ListRolePolicies_section.md) + [`ListRoleTags`](iam_example_iam_ListRoleTags_section.md) + [`ListRoles`](iam_example_iam_ListRoles_section.md) + [`ListSAMLProviders`](iam_example_iam_ListSAMLProviders_section.md) + [`ListServerCertificates`](iam_example_iam_ListServerCertificates_section.md) + [`ListSigningCertificates`](iam_example_iam_ListSigningCertificates_section.md) + [`ListUserPolicies`](iam_example_iam_ListUserPolicies_section.md) + [`ListUserTags`](iam_example_iam_ListUserTags_section.md) + [`ListUsers`](iam_example_iam_ListUsers_section.md) + [`ListVirtualMfaDevices`](iam_example_iam_ListVirtualMfaDevices_section.md) + [`PutGroupPolicy`](iam_example_iam_PutGroupPolicy_section.md) + [`PutRolePermissionsBoundary`](iam_example_iam_PutRolePermissionsBoundary_section.md) + [`PutRolePolicy`](iam_example_iam_PutRolePolicy_section.md) + [`PutUserPermissionsBoundary`](iam_example_iam_PutUserPermissionsBoundary_section.md) + [`PutUserPolicy`](iam_example_iam_PutUserPolicy_section.md) + [`RemoveClientIdFromOpenIdConnectProvider`](iam_example_iam_RemoveClientIdFromOpenIdConnectProvider_section.md) + [`RemoveRoleFromInstanceProfile`](iam_example_iam_RemoveRoleFromInstanceProfile_section.md) + [`RemoveUserFromGroup`](iam_example_iam_RemoveUserFromGroup_section.md) + [`ResyncMfaDevice`](iam_example_iam_ResyncMfaDevice_section.md) + [`SetDefaultPolicyVersion`](iam_example_iam_SetDefaultPolicyVersion_section.md) + [`TagRole`](iam_example_iam_TagRole_section.md) + [`TagUser`](iam_example_iam_TagUser_section.md) + [`UntagRole`](iam_example_iam_UntagRole_section.md) + [`UntagUser`](iam_example_iam_UntagUser_section.md) + [`UpdateAccessKey`](iam_example_iam_UpdateAccessKey_section.md) + [`UpdateAccountPasswordPolicy`](iam_example_iam_UpdateAccountPasswordPolicy_section.md) + [`UpdateAssumeRolePolicy`](iam_example_iam_UpdateAssumeRolePolicy_section.md) + [`UpdateGroup`](iam_example_iam_UpdateGroup_section.md) + [`UpdateLoginProfile`](iam_example_iam_UpdateLoginProfile_section.md) + [`UpdateOpenIdConnectProviderThumbprint`](iam_example_iam_UpdateOpenIdConnectProviderThumbprint_section.md) + [`UpdateRole`](iam_example_iam_UpdateRole_section.md) + [`UpdateRoleDescription`](iam_example_iam_UpdateRoleDescription_section.md) + [`UpdateSamlProvider`](iam_example_iam_UpdateSamlProvider_section.md) + [`UpdateServerCertificate`](iam_example_iam_UpdateServerCertificate_section.md) + [`UpdateSigningCertificate`](iam_example_iam_UpdateSigningCertificate_section.md) + [`UpdateUser`](iam_example_iam_UpdateUser_section.md) + [`UploadServerCertificate`](iam_example_iam_UploadServerCertificate_section.md) + [`UploadSigningCertificate`](iam_example_iam_UploadSigningCertificate_section.md) + [Scenarios](iam_code_examples_scenarios.md) + [Build and manage a resilient service](iam_example_cross_ResilientService_section.md) + [Configure Amazon ECS Service Connect](iam_example_ecs_ServiceConnect_085_section.md) + [Create a REST API with Lambda proxy integration](iam_example_api_gateway_GettingStarted_087_section.md) + [Create an Amazon ECS Linux task for the Fargate launch type](iam_example_ecs_GettingStarted_086_section.md) + [Create read-only and read-write users](iam_example_iam_Scenario_UserPolicies_section.md) + [Creating a CloudWatch dashboard with function name as a variable](iam_example_cloudwatch_GettingStarted_031_section.md) + [Creating an Amazon ECS service for the EC2 launch type](iam_example_ecs_GettingStarted_018_section.md) + [Creating an Amazon Managed Grafana workspace](iam_example_iam_GettingStarted_044_section.md) + [Creating your first Lambda function](iam_example_lambda_GettingStarted_019_section.md) + [Get started with Redshift Serverless](iam_example_redshift_GettingStarted_038_section.md) + [Getting Started with IoT Device Defender](iam_example_iot_GettingStarted_079_section.md) + [Getting started with Amazon EKS](iam_example_eks_GettingStarted_034_section.md) + [Getting started with Amazon MSK](iam_example_ec2_GettingStarted_057_section.md) + [Getting started with Amazon Redshift provisioned clusters](iam_example_redshift_GettingStarted_039_section.md) + [Getting started with Amazon SageMaker Feature Store](iam_example_iam_GettingStarted_028_section.md) + [Getting started with Config](iam_example_config_service_GettingStarted_053_section.md) + [Getting started with Step Functions](iam_example_iam_GettingStarted_080_section.md) + [Manage access keys](iam_example_iam_Scenario_ManageAccessKeys_section.md) + [Manage policies](iam_example_iam_Scenario_PolicyManagement_section.md) + [Manage roles](iam_example_iam_Scenario_RoleManagement_section.md) + [Manage your account](iam_example_iam_Scenario_AccountManagement_section.md) + [Moving hardcoded secrets to Secrets Manager](iam_example_secrets_manager_GettingStarted_073_section.md) + [Permission policy allows AWS Compute Optimizer Automation to apply recommended actions](iam_example_iam-policies.AWSMettleDocs.latest.userguide.managed-policies.xml.10_section.md) + [Permission policy to enable Automation across your organization](iam_example_iam-policies.AWSMettleDocs.latest.userguide.automation.xml.2_section.md) + [Permission policy to enable Automation for your account](iam_example_iam-policies.AWSMettleDocs.latest.userguide.automation.xml.1_section.md) + [Permission policy to grant full access to Compute Optimizer Automation for a management account of an organization](iam_example_iam-policies.AWSMettleDocs.latest.userguide.automation.xml.5_section.md) + [Permission policy to grant full access to Compute Optimizer Automation for standalone AWS accounts](iam_example_iam-policies.AWSMettleDocs.latest.userguide.automation.xml.3_section.md) + [Permission policy to grant read-only access to Compute Optimizer Automation for a management account of an organization](iam_example_iam-policies.AWSMettleDocs.latest.userguide.automation.xml.6_section.md) + [Permission policy to grant read-only access to Compute Optimizer Automation for standalone AWS accounts](iam_example_iam-policies.AWSMettleDocs.latest.userguide.automation.xml.4_section.md) + [Permission policy to grant service-linked role permissions for Compute Optimization Automation](iam_example_iam-policies.AWSMettleDocs.latest.userguide.slr-automation.xml.1_section.md) + [Roll back a policy version](iam_example_iam_Scenario_RollbackPolicyVersion_section.md) + [Run CPU stress tests on EC2 instances using FIS](iam_example_iam_GettingStarted_069_section.md) + [Set up Attribute-Based Access Control](iam_example_dynamodb_Scenario_ABACSetup_section.md) + [Setting up Systems Manager](iam_example_iam_GettingStarted_046_section.md) + [Using property variables in CloudWatch dashboards to monitor multiple Lambda functions](iam_example_iam_GettingStarted_032_section.md) + [Work with Streams and Time-to-Live](iam_example_dynamodb_Scenario_StreamsAndTTL_section.md) + [Work with the IAM Policy Builder API](iam_example_iam_Scenario_IamPolicyBuilder_section.md)