文档 AWS SDK 示例 GitHub 存储库中还有更多 S AWS DK 示例
本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
使用 AWS 开发工具包的 IAM 代码示例
以下代码示例演示如何将 AWS Identity and Access Management (IAM) 与 AWS 软件开发工具包 (SDK) 结合使用。
操作是大型程序的代码摘录,必须在上下文中运行。您可以通过操作了解如何调用单个服务函数,还可以通过函数相关场景和跨服务示例的上下文查看操作。
场景是指显示如何通过在同一服务中调用多个函数来完成特定任务的代码示例。
更多资源
IAM 用户指南 — 有关 IAM 的更多信息。
IAM API 参考 — 有关所有可用的 IAM 操作的详细信息。
AWS 开发人员中心
— 您可以按类别或全文搜索筛选的代码示例。 AWSSDK 示例
— 包含首选语言完整代码的 GitHub 存储库。包括有关设置和运行代码的说明。
开始使用
以下代码示例演示了如何开始使用 IAM。
- .NET
-
- AWS SDK for .NET
-
注意
还有更多相关信息 GitHub。在 AWS 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 namespace IAMActions; public class HelloIAM { static async Task Main(string[] args) { // Getting started with AWS Identity and Access Management (IAM). List // the policies for the account. var iamClient = new AmazonIdentityManagementServiceClient(); var listPoliciesPaginator = iamClient.Paginators.ListPolicies(new ListPoliciesRequest()); var policies = new List<ManagedPolicy>(); await foreach (var response in listPoliciesPaginator.Responses) { policies.AddRange(response.Policies); } Console.WriteLine("Here are the policies defined for your account:\n"); policies.ForEach(policy => { Console.WriteLine($"Created: {policy.CreateDate}\t{policy.PolicyName}\t{policy.Description}"); }); } }
-
有关 API 的详细信息,请参阅 AWS SDK for .NETAPI 参考ListPolicies中的。
-
- C++
-
- 适用于 C++ 的 SDK
-
注意
还有更多相关信息 GitHub。在 AWS 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 C MakeLists .txt cMake 文件的代码。
# Set the minimum required version of CMake for this project. cmake_minimum_required(VERSION 3.13) # Set the AWS service components used by this project. set(SERVICE_COMPONENTS iam) # Set this project's name. project("hello_iam") # Set the C++ standard to use to build this target. # At least C++ 11 is required for the AWS SDK for C++. set(CMAKE_CXX_STANDARD 11) # Use the MSVC variable to determine if this is a Windows build. set(WINDOWS_BUILD ${MSVC}) if (WINDOWS_BUILD) # Set the location where CMake can find the installed libraries for the AWS SDK. string(REPLACE ";" "/aws-cpp-sdk-all;" SYSTEM_MODULE_PATH "${CMAKE_SYSTEM_PREFIX_PATH}/aws-cpp-sdk-all") list(APPEND CMAKE_PREFIX_PATH ${SYSTEM_MODULE_PATH}) endif () # Find the AWS SDK for C++ package. find_package(AWSSDK REQUIRED COMPONENTS ${SERVICE_COMPONENTS}) if (WINDOWS_BUILD) # Copy relevant AWS SDK for C++ libraries into the current binary directory for running and debugging. # set(BIN_SUB_DIR "/Debug") # if you are building from the command line you may need to uncomment this # and set the proper subdirectory to the executables' location. AWSSDK_CPY_DYN_LIBS(SERVICE_COMPONENTS "" ${CMAKE_CURRENT_BINARY_DIR}${BIN_SUB_DIR}) endif () add_executable(${PROJECT_NAME} hello_iam.cpp) target_link_libraries(${PROJECT_NAME} ${AWSSDK_LINK_LIBRARIES})
iam.cpp 源文件的代码。
#include <aws/core/Aws.h> #include <aws/iam/IAMClient.h> #include <aws/iam/model/ListPoliciesRequest.h> #include <iostream> #include <iomanip> /* * A "Hello IAM" starter application which initializes an AWS Identity and Access Management (IAM) client * and lists the IAM policies. * * main function * * Usage: 'hello_iam' * */ int main(int argc, char **argv) { Aws::SDKOptions options; // Optionally change the log level for debugging. // options.loggingOptions.logLevel = Utils::Logging::LogLevel::Debug; Aws::InitAPI(options); // Should only be called once. int result = 0; { const Aws::String DATE_FORMAT("%Y-%m-%d"); Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::IAM::IAMClient iamClient(clientConfig); Aws::IAM::Model::ListPoliciesRequest request; bool done = false; bool header = false; while (!done) { auto outcome = iamClient.ListPolicies(request); if (!outcome.IsSuccess()) { std::cerr << "Failed to list iam policies: " << outcome.GetError().GetMessage() << std::endl; result = 1; break; } if (!header) { std::cout << std::left << std::setw(55) << "Name" << std::setw(30) << "ID" << std::setw(80) << "Arn" << std::setw(64) << "Description" << std::setw(12) << "CreateDate" << std::endl; header = true; } const auto &policies = outcome.GetResult().GetPolicies(); for (const auto &policy: policies) { std::cout << std::left << std::setw(55) << policy.GetPolicyName() << std::setw(30) << policy.GetPolicyId() << std::setw(80) << policy.GetArn() << std::setw(64) << policy.GetDescription() << std::setw(12) << policy.GetCreateDate().ToGmtString(DATE_FORMAT.c_str()) << std::endl; } if (outcome.GetResult().GetIsTruncated()) { request.SetMarker(outcome.GetResult().GetMarker()); } else { done = true; } } } Aws::ShutdownAPI(options); // Should only be called once. return result; }
-
有关 API 的详细信息,请参阅 AWS SDK for C++API 参考ListPolicies中的。
-
- Go
-
- 适用于 Go V2 的 SDK
-
注意
还有更多相关信息 GitHub。在 AWS 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 package main import ( "context" "fmt" "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/service/iam" ) // main uses the AWS SDK for Go (v2) to create an AWS Identity and Access Management (IAM) // client and list up to 10 policies in your account. // This example uses the default settings specified in your shared credentials // and config files. func main() { sdkConfig, err := config.LoadDefaultConfig(context.TODO()) if err != nil { fmt.Println("Couldn't load default configuration. Have you set up your AWS account?") fmt.Println(err) return } iamClient := iam.NewFromConfig(sdkConfig) const maxPols = 10 fmt.Printf("Let's list up to %v policies for your account.\n", maxPols) result, err := iamClient.ListPolicies(context.TODO(), &iam.ListPoliciesInput{ MaxItems: aws.Int32(maxPols), }) if err != nil { fmt.Printf("Couldn't list policies for your account. Here's why: %v\n", err) return } if len(result.Policies) == 0 { fmt.Println("You don't have any policies!") } else { for _, policy := range result.Policies { fmt.Printf("\t%v\n", *policy.PolicyName) } } }
-
有关 API 的详细信息,请参阅 AWS SDK for GoAPI 参考ListPolicies
中的。
-
- Java
-
- 适用于 Java 2.x 的 SDK
-
注意
还有更多相关信息 GitHub。在 AWS 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.iam.IamClient; import software.amazon.awssdk.services.iam.model.ListPoliciesResponse; import software.amazon.awssdk.services.iam.model.Policy; import java.util.List; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class HelloIAM { public static void main(String[] args) { Region region = Region.AWS_GLOBAL; IamClient iam = IamClient.builder() .region(region) .build(); listPolicies(iam); } public static void listPolicies(IamClient iam) { ListPoliciesResponse response = iam.listPolicies(); List<Policy> polList = response.policies(); polList.forEach(policy -> { System.out.println("Policy Name: " + policy.policyName()); }); } }
-
有关 API 的详细信息,请参阅 AWS SDK for Java 2.xAPI 参考ListPolicies中的。
-
- JavaScript
-
- 适用于 JavaScript (v3) 的软件开发工具包
-
注意
还有更多相关信息 GitHub。在 AWS 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 import { IAMClient, paginateListPolicies } from "@aws-sdk/client-iam"; const client = new IAMClient({}); export const listLocalPolicies = async () => { /** * In v3, the clients expose paginateOperationName APIs that are written using async generators so that you can use async iterators in a for await..of loop. * https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/index.html#paginators */ const paginator = paginateListPolicies( { client, pageSize: 10 }, // List only customer managed policies. { Scope: "Local" }, ); console.log("IAM policies defined in your account:"); let policyCount = 0; for await (const page of paginator) { if (page.Policies) { page.Policies.forEach((p) => { console.log(`${p.PolicyName}`); policyCount++; }); } } console.log(`Found ${policyCount} policies.`); };
-
有关 API 的详细信息,请参阅 AWS SDK for JavaScriptAPI 参考ListPolicies中的。
-
- Rust
-
- 适用于 Rust 的 SDK
-
注意
还有更多相关信息 GitHub。在 AWS 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 来自 src/bin/hello.rs。
use aws_sdk_iam::error::SdkError; use aws_sdk_iam::operation::list_policies::ListPoliciesError; use clap::Parser; const PATH_PREFIX_HELP: &str = "The path prefix for filtering the results."; #[derive(Debug, clap::Parser)] #[command(about)] struct HelloScenarioArgs { #[arg(long, default_value="/", help=PATH_PREFIX_HELP)] pub path_prefix: String, } #[tokio::main] async fn main() -> Result<(), SdkError<ListPoliciesError>> { let sdk_config = aws_config::load_from_env().await; let client = aws_sdk_iam::Client::new(&sdk_config); let args = HelloScenarioArgs::parse(); iam_service::list_policies(client, args.path_prefix).await?; Ok(()) }
来自 src/ .r iam-service-lib s.
pub async fn list_policies( client: iamClient, path_prefix: String, ) -> Result<Vec<String>, SdkError<ListPoliciesError>> { let list_policies = client .list_policies() .path_prefix(path_prefix) .scope(PolicyScopeType::Local) .into_paginator() .items() .send() .try_collect() .await?; let policy_names = list_policies .into_iter() .map(|p| { let name = p .policy_name .unwrap_or_else(|| "Missing Policy Name".to_string()); println!("{}", name); name }) .collect(); Ok(policy_names) }
-
有关 API 的详细信息,请参阅适用ListPolicies
于 Rust 的 AWS SDK API 参考。
-
代码示例
- 操作
- 将用户添加到组
- 将策略附加到角色
- 将策略附加到用户
- 将内联策略附加到角色
- 创建 SAML 提供者
- 创建组
- 创建策略
- 创建策略版本
- 创建角色
- 创建服务相关角色
- 创建用户
- 创建访问密钥
- 为账户创建别名
- 为组创建内联策略
- 为用户创建内联策略
- 创建实例配置文件
- 删除 SAML 提供者
- 删除组
- 删除组策略
- 删除策略
- 删除角色
- 删除角色策略
- 删除服务器证书
- 删除服务相关角色
- 删除用户
- 删除访问密钥
- 删除账户别名
- 删除用户的内联策略
- 删除实例配置文件
- 从角色分离策略
- 从用户分离策略
- 生成凭证报告
- 获取凭证报告
- 获取您的账户的详细授权报告
- 获取策略
- 获取策略版本
- 获取角色
- 获取服务器证书
- 获取服务相关角色的删除状态
- 获取账户使用情况摘要
- 获取用户
- 获取有关上次使用访问密钥的数据
- 获取账户密码策略
- 列出 SAML 提供商
- 列出用户的访问密钥
- 列出账户别名
- 列出组
- 列出角色的内联策略
- 列出用户的内联策略
- 列出策略
- 列出附加到角色的策略
- 列出角色
- 列出服务器证书
- 列出用户
- 从组中删除用户
- 更新服务器证书
- 更新用户
- 更新访问密钥
- 上传服务器证书
- 场景