Doc AWS SDK 예제 GitHub 리포지토리에서 더 많은 SDK 예제를 사용할 수 있습니다. AWS
기계 번역으로 제공되는 번역입니다. 제공된 번역과 원본 영어의 내용이 상충하는 경우에는 영어 버전이 우선합니다.
AWS SDKs를 사용하는 IAM의 코드 예제
다음 코드 예제에서는 AWS 소프트웨어 개발 키트(SDK)와 AWS Identity and Access Management 함께를 사용하는 방법을 보여줍니다.
기본 사항은 서비스 내에서 필수 작업을 수행하는 방법을 보여주는 코드 예제입니다.
작업은 대규모 프로그램에서 발췌한 코드이며 컨텍스트에 맞춰 실행해야 합니다. 작업은 관련 시나리오의 컨텍스트에 따라 표시되며, 개별 서비스 함수를 직접적으로 호출하는 방법을 보여줍니다.
시나리오는 동일한 서비스 내에서 또는 다른 AWS 서비스와 결합된 상태에서 여러 함수를 호출하여 특정 태스크를 수행하는 방법을 보여주는 코드 예제입니다.
추가 리소스
IAM 사용 설명서 - IAM에 대한 자세한 정보입니다.
IAM API 참조 - 사용 가능한 모든 IAM 작업에 대한 세부 정보입니다.
AWS 개발자 센터 - 범주 또는 전체 텍스트 검색을 기준으로 필터링할 수 있는 코드 예제입니다.
AWS SDK 예제 - 기본 언어로 된 전체 코드가 포함된 GitHub 리포지토리. 코드 설정 및 실행을 위한 지침이 포함되어 있습니다.
시작
다음 코드 예제에서는 IAM을 사용하여 시작하는 방법을 보여 줍니다.
- .NET
-
- AWS SDK for .NET
-
namespace IAMActions;
public class HelloIAM
{
static async Task Main(string[] args)
{
// Getting started with AWS Identity and Access Management (IAM). List
// the policies for the account.
var iamClient = new AmazonIdentityManagementServiceClient();
var listPoliciesPaginator = iamClient.Paginators.ListPolicies(new ListPoliciesRequest());
var policies = new List<ManagedPolicy>();
await foreach (var response in listPoliciesPaginator.Responses)
{
policies.AddRange(response.Policies);
}
Console.WriteLine("Here are the policies defined for your account:\n");
policies.ForEach(policy =>
{
Console.WriteLine($"Created: {policy.CreateDate}\t{policy.PolicyName}\t{policy.Description}");
});
}
}
- C++
-
- SDK for C++
-
CMakeLists.txt CMake 파일의 코드입니다.
# Set the minimum required version of CMake for this project.
cmake_minimum_required(VERSION 3.13)
# Set the AWS service components used by this project.
set(SERVICE_COMPONENTS iam)
# Set this project's name.
project("hello_iam")
# Set the C++ standard to use to build this target.
# At least C++ 11 is required for the AWS SDK for C++.
set(CMAKE_CXX_STANDARD 11)
# Use the MSVC variable to determine if this is a Windows build.
set(WINDOWS_BUILD ${MSVC})
if (WINDOWS_BUILD) # Set the location where CMake can find the installed libraries for the AWS SDK.
string(REPLACE ";" "/aws-cpp-sdk-all;" SYSTEM_MODULE_PATH "${CMAKE_SYSTEM_PREFIX_PATH}/aws-cpp-sdk-all")
list(APPEND CMAKE_PREFIX_PATH ${SYSTEM_MODULE_PATH})
endif ()
# Find the AWS SDK for C++ package.
find_package(AWSSDK REQUIRED COMPONENTS ${SERVICE_COMPONENTS})
if (WINDOWS_BUILD AND AWSSDK_INSTALL_AS_SHARED_LIBS)
# Copy relevant AWS SDK for C++ libraries into the current binary directory for running and debugging.
# set(BIN_SUB_DIR "/Debug") # if you are building from the command line you may need to uncomment this
# and set the proper subdirectory to the executables' location.
AWSSDK_CPY_DYN_LIBS(SERVICE_COMPONENTS "" ${CMAKE_CURRENT_BINARY_DIR}${BIN_SUB_DIR})
endif ()
add_executable(${PROJECT_NAME}
hello_iam.cpp)
target_link_libraries(${PROJECT_NAME}
${AWSSDK_LINK_LIBRARIES})
iam.cpp 소스 파일의 코드입니다.
#include <aws/core/Aws.h>
#include <aws/iam/IAMClient.h>
#include <aws/iam/model/ListPoliciesRequest.h>
#include <iostream>
#include <iomanip>
/*
* A "Hello IAM" starter application which initializes an AWS Identity and Access Management (IAM) client
* and lists the IAM policies.
*
* main function
*
* Usage: 'hello_iam'
*
*/
int main(int argc, char **argv) {
Aws::SDKOptions options;
// Optionally change the log level for debugging.
// options.loggingOptions.logLevel = Utils::Logging::LogLevel::Debug;
Aws::InitAPI(options); // Should only be called once.
int result = 0;
{
const Aws::String DATE_FORMAT("%Y-%m-%d");
Aws::Client::ClientConfiguration clientConfig;
// Optional: Set to the AWS Region (overrides config file).
// clientConfig.region = "us-east-1";
Aws::IAM::IAMClient iamClient(clientConfig);
Aws::IAM::Model::ListPoliciesRequest request;
bool done = false;
bool header = false;
while (!done) {
auto outcome = iamClient.ListPolicies(request);
if (!outcome.IsSuccess()) {
std::cerr << "Failed to list iam policies: " <<
outcome.GetError().GetMessage() << std::endl;
result = 1;
break;
}
if (!header) {
std::cout << std::left << std::setw(55) << "Name" <<
std::setw(30) << "ID" << std::setw(80) << "Arn" <<
std::setw(64) << "Description" << std::setw(12) <<
"CreateDate" << std::endl;
header = true;
}
const auto &policies = outcome.GetResult().GetPolicies();
for (const auto &policy: policies) {
std::cout << std::left << std::setw(55) <<
policy.GetPolicyName() << std::setw(30) <<
policy.GetPolicyId() << std::setw(80) << policy.GetArn() <<
std::setw(64) << policy.GetDescription() << std::setw(12) <<
policy.GetCreateDate().ToGmtString(DATE_FORMAT.c_str()) <<
std::endl;
}
if (outcome.GetResult().GetIsTruncated()) {
request.SetMarker(outcome.GetResult().GetMarker());
} else {
done = true;
}
}
}
Aws::ShutdownAPI(options); // Should only be called once.
return result;
}
- Go
-
- SDK for Go V2
-
package main
import (
"context"
"fmt"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/service/iam"
)
// main uses the AWS SDK for Go (v2) to create an AWS Identity and Access Management (IAM)
// client and list up to 10 policies in your account.
// This example uses the default settings specified in your shared credentials
// and config files.
func main() {
ctx := context.Background()
sdkConfig, err := config.LoadDefaultConfig(ctx)
if err != nil {
fmt.Println("Couldn't load default configuration. Have you set up your AWS account?")
fmt.Println(err)
return
}
iamClient := iam.NewFromConfig(sdkConfig)
const maxPols = 10
fmt.Printf("Let's list up to %v policies for your account.\n", maxPols)
result, err := iamClient.ListPolicies(ctx, &iam.ListPoliciesInput{
MaxItems: aws.Int32(maxPols),
})
if err != nil {
fmt.Printf("Couldn't list policies for your account. Here's why: %v\n", err)
return
}
if len(result.Policies) == 0 {
fmt.Println("You don't have any policies!")
} else {
for _, policy := range result.Policies {
fmt.Printf("\t%v\n", *policy.PolicyName)
}
}
}
- Java
-
- SDK for Java 2.x
-
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.iam.IamClient;
import software.amazon.awssdk.services.iam.model.ListPoliciesResponse;
import software.amazon.awssdk.services.iam.model.Policy;
import java.util.List;
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class HelloIAM {
public static void main(String[] args) {
Region region = Region.AWS_GLOBAL;
IamClient iam = IamClient.builder()
.region(region)
.build();
listPolicies(iam);
}
public static void listPolicies(IamClient iam) {
ListPoliciesResponse response = iam.listPolicies();
List<Policy> polList = response.policies();
polList.forEach(policy -> {
System.out.println("Policy Name: " + policy.policyName());
});
}
}
- JavaScript
-
- SDK for JavaScript (v3)
-
import { IAMClient, paginateListPolicies } from "@aws-sdk/client-iam";
const client = new IAMClient({});
export const listLocalPolicies = async () => {
/**
* In v3, the clients expose paginateOperationName APIs that are written using async generators so that you can use async iterators in a for await..of loop.
* https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/index.html#paginators
*/
const paginator = paginateListPolicies(
{ client, pageSize: 10 },
// List only customer managed policies.
{ Scope: "Local" },
);
console.log("IAM policies defined in your account:");
let policyCount = 0;
for await (const page of paginator) {
if (page.Policies) {
for (const policy of page.Policies) {
console.log(`${policy.PolicyName}`);
policyCount++;
}
}
}
console.log(`Found ${policyCount} policies.`);
};
- Python
-
- SDK for Python (Boto3)
-
import boto3
def main():
"""
Lists the managed policies in your AWS account using the AWS SDK for Python (Boto3).
"""
iam = boto3.client("iam")
try:
# Get a paginator for the list_policies operation
paginator = iam.get_paginator("list_policies")
# Iterate through the pages of results
for page in paginator.paginate(Scope="All", OnlyAttached=False):
for policy in page["Policies"]:
print(f"Policy name: {policy['PolicyName']}")
print(f" Policy ARN: {policy['Arn']}")
except boto3.exceptions.BotoCoreError as e:
print(f"Encountered an error while listing policies: {e}")
if __name__ == "__main__":
main()
- Ruby
-
- SDK for Ruby
-
require 'aws-sdk-iam'
require 'logger'
# IAMManager is a class responsible for managing IAM operations
# such as listing all IAM policies in the current AWS account.
class IAMManager
def initialize(client)
@client = client
@logger = Logger.new($stdout)
end
# Lists and prints all IAM policies in the current AWS account.
def list_policies
@logger.info('Here are the IAM policies in your account:')
paginator = @client.list_policies
policies = []
paginator.each_page do |page|
policies.concat(page.policies)
end
if policies.empty?
@logger.info("You don't have any IAM policies.")
else
policies.each do |policy|
@logger.info("- #{policy.policy_name}")
end
end
end
end
if $PROGRAM_NAME == __FILE__
iam_client = Aws::IAM::Client.new
manager = IAMManager.new(iam_client)
manager.list_policies
end
- Rust
-
- SDK for Rust
-
src/bin/hello.rs에서
use aws_sdk_iam::error::SdkError;
use aws_sdk_iam::operation::list_policies::ListPoliciesError;
use clap::Parser;
const PATH_PREFIX_HELP: &str = "The path prefix for filtering the results.";
#[derive(Debug, clap::Parser)]
#[command(about)]
struct HelloScenarioArgs {
#[arg(long, default_value="/", help=PATH_PREFIX_HELP)]
pub path_prefix: String,
}
#[tokio::main]
async fn main() -> Result<(), SdkError<ListPoliciesError>> {
let sdk_config = aws_config::load_from_env().await;
let client = aws_sdk_iam::Client::new(&sdk_config);
let args = HelloScenarioArgs::parse();
iam_service::list_policies(client, args.path_prefix).await?;
Ok(())
}
src/iam-service-lib.rs에서
pub async fn list_policies(
client: iamClient,
path_prefix: String,
) -> Result<Vec<String>, SdkError<ListPoliciesError>> {
let list_policies = client
.list_policies()
.path_prefix(path_prefix)
.scope(PolicyScopeType::Local)
.into_paginator()
.items()
.send()
.try_collect()
.await?;
let policy_names = list_policies
.into_iter()
.map(|p| {
let name = p
.policy_name
.unwrap_or_else(|| "Missing Policy Name".to_string());
println!("{}", name);
name
})
.collect();
Ok(policy_names)
}