文件 AWS SDK AWS 範例 SDK 儲存庫中有更多可用的
本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
AWS RAM 使用 的範例 AWS CLI
下列程式碼範例示範如何使用 AWS Command Line Interface 搭配 來執行動作和實作常見案例 AWS RAM。
Actions 是大型程式的程式碼摘錄,必須在內容中執行。雖然動作會示範如何呼叫個別服務函數,但您可以在相關案例中查看內容中的動作。
每個範例都包含完整原始程式碼的連結,您可以在其中找到如何在內容中設定和執行程式碼的指示。
主題
動作
下列程式碼範例示範如何使用 accept-resource-share-invitation。
- AWS CLI
-
若要接受資源共用邀請
下列
accept-resource-share-invitation範例接受指定的資源共用邀請。受邀帳戶中的主體可以立即開始使用共用中的資源。aws ram accept-resource-share-invitation \ --resource-share-invitation-arnarn:aws:ram:us-west-2:111111111111:resource-share-invitation/1e3477be-4a95-46b4-bbe0-c4001EXAMPLE輸出:
{ "resourceShareInvitation": { "resourceShareInvitationArn": "arn:aws:ram:us-west-2:111111111111:resource-share-invitation/1e3477be-4a95-46b4-bbe0-c4001EXAMPLE", "resourceShareName": "MyLicenseShare", "resourceShareArn": "arn:aws:ram:us-west-2:111111111111:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE", "senderAccountId": "111111111111", "receiverAccountId": "222222222222", "invitationTimestamp": "2021-09-22T15:07:35.620000-07:00", "status": "ACCEPTED" } }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 AcceptResourceShareInvitation
。
-
下列程式碼範例示範如何使用 associate-resource-share-permission。
- AWS CLI
-
將 RAM 受管許可與資源共用建立關聯
下列
associate-resource-share-permission範例會將相關資源類型的現有受管許可取代為指定的受管許可。對相關資源類型的所有資源的存取受新許可的約束。aws ram associate-resource-share-permission \ --permission-arnarn:aws:ram::aws:permission/AWSRAMPermissionGlueDatabaseReadWrite\ --replace \ --resource-share-arnarn:aws:ram:us-west-2:123456789012:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE輸出:
{ "returnValue": true }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 AssociateResourceSharePermission
。
-
下列程式碼範例示範如何使用 associate-resource-share。
- AWS CLI
-
範例 1:將資源與資源共用建立關聯
下列
associate-resource-share範例會將授權組態新增至指定的資源共用。aws ram associate-resource-share \ --resource-sharearn:aws:ram:us-west-2:123456789012:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE\ --resource-arnsarn:aws:license-manager:us-west-2:123456789012:license-configuration:lic-36be0485f5ae379cc74cf8e92EXAMPLE輸出:
{ "resourceShareAssociations": [ { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE", "associatedEntity": "arn:aws:license-manager:us-west-2:123456789012:license-configuration:lic-36be0485f5ae379cc74cf8e92EXAMPLE", "associationType": "RESOURCE", "status": "ASSOCIATING", "external": false } ] }範例 2:將主體與資源共用建立關聯
下列
associate-resource-share範例會將指定資源共用的存取權授予指定組織單位中的所有帳戶。aws ram associate-resource-share \ --resource-share-arnarn:aws:ram:us-west-2:123456789012:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE\ --principalsarn:aws:organizations::123456789012:ou/o-63bEXAMPLE/ou-46xi-rEXAMPLE輸出:
{ "resourceShareAssociations": [ { "status": "ASSOCIATING", "associationType": "PRINCIPAL", "associatedEntity": "arn:aws:organizations::123456789012:ou/o-63bEXAMPLE/ou-46xi-rEXAMPLE", "external": false, "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE" } ] }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 AssociateResourceShare
。
-
下列程式碼範例示範如何使用 create-resource-share。
- AWS CLI
-
範例 1:建立資源共用
下列
create-resource-share範例會建立具有指定名稱的空白資源共用。您必須分別將資源、主體和許可新增至共用。aws ram create-resource-share \ --nameMyNewResourceShare輸出:
{ "resourceShare": { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/4476c27d-8feb-4b21-afe9-7de23EXAMPLE", "name": "MyNewResourceShare", "owningAccountId": "123456789012", "allowExternalPrincipals": true, "status": "ACTIVE", "creationTime": 1634586271.302, "lastUpdatedTime": 1634586271.302 } }範例 2:建立以主體身分與 AWS 帳戶共用的資源
下列
create-resource-share範例會建立資源共用,並授予指定 AWS 帳戶 (222222222222) 的存取權。如果指定的委託人不屬於同一個 AWS 組織,則系統會傳送邀請,且必須先接受才能授予存取權。aws ram create-resource-share \ --nameMyNewResourceShare\ --principals222222222222範例 3:建立僅限您 AWS Organization 的資源共用
下列
create-resource-share範例會建立資源共用,該資源共用僅限於您帳戶所屬 AWS 之 Organization 中的帳戶,並將指定的 OU 新增為主體。該 OU 中的所有帳戶都可以使用資源共用中的資源。aws ram create-resource-share \ --nameMyNewResourceShare\ --no-allow-external-principals \ --principalsarn:aws:organizations::123456789012:ou/o-63bEXAMPLE/ou-46xi-rEXAMPLE輸出:
{ "resourceShare": { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7be8694e-095c-41ca-9ce8-7be4aEXAMPLE", "name": "MyNewResourceShare", "owningAccountId": "123456789012", "allowExternalPrincipals": false, "status": "ACTIVE", "creationTime": 1634587042.49, "lastUpdatedTime": 1634587042.49 } }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 CreateResourceShare
。
-
下列程式碼範例示範如何使用 delete-resource-share。
- AWS CLI
-
若要刪除資源共用
下列
delete-resource-share範例會刪除指定的資源共用。aws ram delete-resource-share \ --resource-share-arnarn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE下列輸出表示成功:
{ "returnValue": true }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 DeleteResourceShare
。
-
下列程式碼範例示範如何使用 disassociate-resource-share-permission。
- AWS CLI
-
從資源共用中移除資源類型的 RAM 受管許可
下列
disassociate-resource-share-permission範例會從指定的資源共用中移除 Glue 資料庫的 RAM 受管許可。aws ram disassociate-resource-share-permission \ --resource-share-arnarn:aws:ram:us-west-2:123456789012:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE\ --permission-arnarn:aws:ram::aws:permission/AWSRAMPermissionGlueDatabaseReadWrite輸出:
{ "returnValue": true }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 DisassociateResourceSharePermission
。
-
下列程式碼範例示範如何使用 disassociate-resource-share。
- AWS CLI
-
從資源共用中移除資源
下列
disassociate-resource-share範例會從指定的資源共用中移除指定的資源,在此情況下為 VPC 子網路。任何有權存取資源共用的主體都無法再對該資源執行操作。aws ram disassociate-resource-share \ --resource-arnsarn:aws:ec2:us-west-2:123456789012:subnet/subnet-0250c25a1fEXAMPLE\ --resource-share-arnarn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE輸出:
{ "resourceShareAssociations": [ "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE", "associatedEntity": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0250c25a1fEXAMPLE", "associationType": "RESOURCE", "status": "DISASSOCIATING", "external": false ] }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 DisassociateResourceShare
。
-
下列程式碼範例示範如何使用 enable-sharing-with-aws-organization。
- AWS CLI
-
啟用跨 AWS 組織的資源共用
下列
enable-sharing-with-aws-organization範例可讓您跨組織和組織單位進行資源共用。aws ram enable-sharing-with-aws-organization以下輸出表示成功。
{ "returnValue": true }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 EnableSharingWithAwsOrganization
。
-
下列程式碼範例示範如何使用 get-permission。
- AWS CLI
-
擷取 RAM 受管許可的詳細資訊
下列
get-permission範例顯示指定 RAM 受管許可預設版本的詳細資訊。aws ram get-permission \ --permission-arnarn:aws:ram::aws:permission/AWSRAMPermissionGlueTableReadWriteForDatabase輸出:
{ "permission": { "arn": "arn:aws:ram::aws:permission/AWSRAMPermissionGlueTableReadWriteForDatabase", "version": "2", "defaultVersion": true, "name": "AWSRAMPermissionGlueTableReadWriteForDatabase", "resourceType": "glue:Database", "permission": "{\"Effect\":\"Allow\",\"Action\":[\"glue:GetTable\", \"glue:UpdateTable\", \"glue:DeleteTable\", \"glue:BatchDeleteTable\", \"glue:BatchDeleteTableVersion\", \"glue:GetTableVersion\", \"glue:GetTableVersions\", \"glue:GetPartition\", \"glue:GetPartitions\", \"glue:BatchGetPartition\", \"glue:BatchCreatePartition\", \"glue:CreatePartition\", \"glue:UpdatePartition\", \"glue:BatchDeletePartition\", \"glue:DeletePartition\", \"glue:GetTables\", \"glue:SearchTables\"]}", "creationTime": 1624912434.431, "lastUpdatedTime": 1624912434.431, "isResourceTypeDefault": false } }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 GetPermission
。
-
下列程式碼範例示範如何使用 get-resource-policies。
- AWS CLI
-
取得資源的政策
下列
get-resource-policies範例顯示與資源共用相關聯的指定資源的資源型許可政策。aws ram get-resource-policies \ --resource-arnsarn:aws:ec2:us-west-2:123456789012:subnet/subnet-0250c25a1fEXAMPLE輸出:
{ "policies": [ "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"RamStatement1\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":[]},\"Action\":[\"ec2:RunInstances\",\"ec2:CreateNetworkInterface\",\"ec2:DescribeSubnets\"],\"Resource\":\"arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0250c25a1fEXAMPLE\"}]}" ] }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 GetResourcePolicies
。
-
下列程式碼範例示範如何使用 get-resource-share-associations。
- AWS CLI
-
範例 1:列出所有資源類型的所有資源關聯
下列
get-resource-share-associations範例列出所有資源共用中所有資源類型的資源關聯。aws ram get-resource-share-associations \ --association-typeRESOURCE輸出:
{ "resourceShareAssociations": [ { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE", "associatedEntity": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0250c25a1fEXAMPLE", "resourceShareName": "MySubnetShare", "associationType": "RESOURCE", "status": "ASSOCIATED", "creationTime": 1565303590.973, "lastUpdatedTime": 1565303591.695, "external": false }, { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/8167bdfe-4480-4a01-8632-315e0EXAMPLE", "associatedEntity": "arn:aws:license-manager:us-west-2:123456789012:license-configuration:lic-36be0485f5ae379cc74cf8e92EXAMPLE", "resourceShareName": "MyLicenseShare", "associationType": "RESOURCE", "status": "ASSOCIATED", "creationTime": 1632342958.457, "lastUpdatedTime": 1632342958.907, "external": false } ] }範例 2:列出資源共用的主體關聯
下列
get-resource-share-associations範例僅列出指定資源共用的主要關聯。aws ram get-resource-share-associations \ --resource-share-arnsarn:aws:ram:us-west-2:123456789012:resource-share/7be8694e-095c-41ca-9ce8-7be4aEXAMPLE\ --association-typePRINCIPAL輸出:
{ "resourceShareAssociations": [ { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7be8694e-095c-41ca-9ce8-7be4aEXAMPLE", "resourceShareName": "MyNewResourceShare", "associatedEntity": "arn:aws:organizations::123456789012:ou/o-63bEXAMPLE/ou-46xi-rEXAMPLE", "associationType": "PRINCIPAL", "status": "ASSOCIATED", "creationTime": 1634587042.49, "lastUpdatedTime": 1634587044.291, "external": false } ] }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 GetResourceShareAssociations
。
-
下列程式碼範例示範如何使用 get-resource-share-invitations。
- AWS CLI
-
列出您的資源共用邀請
下列
get-resource-share-invitations範例列出您目前的資源共用邀請。aws ram get-resource-share-invitations輸出:
{ "resourceShareInvitations": [ { "resourceShareInvitationArn": "arn:aws:ram:us-west2-1:111111111111:resource-share-invitation/32b639f0-14b8-7e8f-55ea-e6117EXAMPLE", "resourceShareName": "project-resource-share", "resourceShareArn": "arn:aws:ram:us-west-2:111111111111:resource-share/fcb639f0-1449-4744-35bc-a983fEXAMPLE", "senderAccountId": "111111111111", "receiverAccountId": "222222222222", "invitationTimestamp": 1565312166.258, "status": "PENDING" } ] }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 GetResourceShareInvitations
。
-
下列程式碼範例示範如何使用 get-resource-shares。
- AWS CLI
-
範例 1:列出您擁有的資源共用,並與他人共用
下列
get-resource-shares範例列出建立和與他人共用的資源共用。aws ram get-resource-shares \ --resource-ownerSELF輸出:
{ "resourceShares": [ { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/3ab63985-99d9-1cd2-7d24-75e93EXAMPLE", "name": "my-resource-share", "owningAccountId": "123456789012", "allowExternalPrincipals": false, "status": "ACTIVE", "tags": [ { "key": "project", "value": "lima" } ] "creationTime": 1565295733.282, "lastUpdatedTime": 1565295733.282 }, { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE", "name": "my-resource-share", "owningAccountId": "123456789012", "allowExternalPrincipals": true, "status": "ACTIVE", "creationTime": 1565295733.282, "lastUpdatedTime": 1565295733.282 } ] }範例 2:列出其他人擁有並與您共用的資源共用
下列
get-resource-shares範例列出其他人建立並與您共用的資源共用。在此範例中,沒有 。aws ram get-resource-shares \ --resource-ownerOTHER-ACCOUNTS輸出:
{ "resourceShares": [] }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 GetResourceShares
。
-
下列程式碼範例示範如何使用 list-pending-invitation-resources。
- AWS CLI
-
列出擱置資源共用中可用的資源
下列
list-pending-invitation-resources範例會列出與指定邀請相關聯的資源共用中的所有資源。aws ram list-pending-invitation-resources \ --resource-share-invitation-arnarn:aws:ram:us-west-2:123456789012:resource-share-invitation/1e3477be-4a95-46b4-bbe0-c4001EXAMPLE輸出:
{ "resources": [ { "arn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-04a555b0e6EXAMPLE", "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7be8694e-095c-41ca-9ce8-7be4aEXAMPLE", "creationTime": 1634676051.269, "lastUpdatedTime": 1634676052.07, "status": "AVAILABLE", "type": "ec2:Subnet" }, { "arn": "arn:aws:license-manager:us-west-2:123456789012:license-configuration:lic-36be0485f5ae379cc74cf8e92EXAMPLE", "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE", "creationTime": 1624912434.431, "lastUpdatedTime": 1624912434.431, "status": "AVAILABLE", "type": "license-manager:LicenseConfiguration" } ] }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 ListPendingInvitationResources
。
-
下列程式碼範例示範如何使用 list-permissions。
- AWS CLI
-
列出可用的 RAM 受管許可
下列
list-permissions範例列出僅適用於 Glue 資料庫資源類型的所有 RAM AWS 受管許可。aws ram list-permissions \ --resource-typeglue:Database輸出:
{ "permissions": [ { "arn": "arn:aws:ram::aws:permission/AWSRAMDefaultPermissionGlueDatabase", "version": "1", "defaultVersion": true, "name": "AWSRAMDefaultPermissionGlueDatabase", "resourceType": "glue:Database", "creationTime": 1592007820.935, "lastUpdatedTime": 1592007820.935, "isResourceTypeDefault": true }, { "arn": "arn:aws:ram::aws:permission/AWSRAMPermissionGlueAllTablesReadWriteForDatabase", "version": "2", "defaultVersion": true, "name": "AWSRAMPermissionGlueAllTablesReadWriteForDatabase", "resourceType": "glue:Database", "creationTime": 1624912413.323, "lastUpdatedTime": 1624912413.323, "isResourceTypeDefault": false }, { "arn": "arn:aws:ram::aws:permission/AWSRAMPermissionGlueDatabaseReadWrite", "version": "2", "defaultVersion": true, "name": "AWSRAMPermissionGlueDatabaseReadWrite", "resourceType": "glue:Database", "creationTime": 1624912417.4, "lastUpdatedTime": 1624912417.4, "isResourceTypeDefault": false }, { "arn": "arn:aws:ram::aws:permission/AWSRAMPermissionGlueTableReadWriteForDatabase", "version": "2", "defaultVersion": true, "name": "AWSRAMPermissionGlueTableReadWriteForDatabase", "resourceType": "glue:Database", "creationTime": 1624912434.431, "lastUpdatedTime": 1624912434.431, "isResourceTypeDefault": false } ] }下列
list-permissions範例顯示所有資源類型的可用 RAM 受管許可。aws ram list-permissions輸出:
{ "permissions": [ { "arn": "arn:aws:ram::aws:permission/AWSRAMBlankEndEntityCertificateAPICSRPassthroughIssuanceCertificateAuthority", "version": "1", "defaultVersion": true, "name": "AWSRAMBlankEndEntityCertificateAPICSRPassthroughIssuanceCertificateAuthority", "resourceType": "acm-pca:CertificateAuthority", "creationTime": 1623264861.085, "lastUpdatedTime": 1623264861.085, "isResourceTypeDefault": false }, { "arn": "arn:aws:ram::aws:permission/AWSRAMDefaultPermissionAppMesh", "version": "1", "defaultVersion": true, "name": "AWSRAMDefaultPermissionAppMesh", "resourceType": "appmesh:Mesh", "creationTime": 1589307188.584, "lastUpdatedTime": 1589307188.584, "isResourceTypeDefault": true }, ...TRUNCATED FOR BREVITY... { "arn": "arn:aws:ram::aws:permission/AWSRAMSubordinateCACertificatePathLen0IssuanceCertificateAuthority", "version": "1", "defaultVersion": true, "name": "AWSRAMSubordinateCACertificatePathLen0IssuanceCertificateAuthority", "resourceType": "acm-pca:CertificateAuthority", "creationTime": 1623264876.75, "lastUpdatedTime": 1623264876.75, "isResourceTypeDefault": false } ] }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 ListPermissions
。
-
下列程式碼範例示範如何使用 list-principals。
- AWS CLI
-
列出有權存取資源的主體
下列
list-principals範例顯示可透過任何資源共用存取指定類型資源的主體清單。aws ram list-principals \ --resource-typeec2:Subnet輸出:
{ "principals": [ { "id": "arn:aws:organizations::123456789012:ou/o-gx7EXAMPLE/ou-29c5-zEXAMPLE", "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE", "creationTime": 1565298209.737, "lastUpdatedTime": 1565298211.019, "external": false } ] }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 ListPrincipals
。
-
下列程式碼範例示範如何使用 list-resource-share-permissions。
- AWS CLI
-
若要列出目前連接至資源共用的所有 RAM 受管許可
下列
list-resource-share-permissions範例會列出連接至指定資源共用的所有 RAM 受管許可。aws ram list-resource-share-permissions \ --resource-share-arnarn:aws:ram:us-west-2:123456789012:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE輸出:
{ "permissions": [ { "arn": "arn:aws:ram::aws:permission/AWSRAMDefaultPermissionLicenseConfiguration", "version": "1", "resourceType": "license-manager:LicenseConfiguration", "status": "ASSOCIATED", "lastUpdatedTime": 1632342984.234 }, { "arn": "arn:aws:ram::aws:permission/AWSRAMPermissionGlueDatabaseReadWrite", "version": "2", "resourceType": "glue:Database", "status": "ASSOCIATED", "lastUpdatedTime": 1632512462.297 } ] }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 ListResourceSharePermissions
。
-
下列程式碼範例示範如何使用 list-resource-types。
- AWS CLI
-
列出 AWS RAM 支援的資源類型
下列
list-resource-types範例列出 AWS RAM 目前支援的所有資源類型。aws ram list-resource-types輸出:
{ "resourceTypes": [ { "resourceType": "route53resolver:FirewallRuleGroup", "serviceName": "route53resolver" }, { "resourceType": "ec2:LocalGatewayRouteTable", "serviceName": "ec2" }, ...OUTPUT TRUNCATED FOR BREVITY... { "resourceType": "ec2:Subnet", "serviceName": "ec2" }, { "resourceType": "ec2:TransitGatewayMulticastDomain", "serviceName": "ec2" } ] }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 ListResourceTypes
。
-
下列程式碼範例示範如何使用 list-resources。
- AWS CLI
-
列出與資源共用相關聯的資源
下列
list-resources範例列出指定資源共用中屬於指定資源類型的所有資源。aws ram list-resources \ --resource-typeec2:Subnet\ --resource-ownerSELF\ --resource-share-arnarn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE輸出:
{ "resources": [ { "arn": "aarn:aws:ec2:us-west-2:123456789012:subnet/subnet-0250c25a1f4e15235", "type": "ec2:Subnet", "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE", "creationTime": 1565301545.023, "lastUpdatedTime": 1565301545.947 } ] }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 ListResources
。
-
下列程式碼範例示範如何使用 promote-resource-share-created-from-policy。
- AWS CLI
-
將資源政策型資源共用提升為 in AWS RAM 的完整功能
下列
promote-resource-share-created-from-policy範例會採用您透過連接資源型政策隱含建立的資源共用,並將其轉換為與 AWS RAM 主控台及其 CLI 和 API 操作完全運作。aws ram promote-resource-share-created-from-policy \ --resource-share-arnarn:aws:ram:us-east-1:123456789012:resource-share/91fa8429-2d06-4032-909a-90909EXAMPLE輸出:
{ "returnValue": true }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 PromoteResourceShareCreatedFromPolicy
。
-
下列程式碼範例示範如何使用 reject-resource-share-invitation。
- AWS CLI
-
若要拒絕資源共用邀請
下列
reject-resource-share-invitation範例會拒絕指定的資源共用邀請。aws ram reject-resource-share-invitation \ --resource-share-invitation-arnarn:aws:ram:us-west-2:111111111111:resource-share-invitation/32b639f0-14b8-7e8f-55ea-e6117EXAMPLE輸出:
"resourceShareInvitations": [ { "resourceShareInvitationArn": "arn:aws:ram:us-west2-1:111111111111:resource-share-invitation/32b639f0-14b8-7e8f-55ea-e6117EXAMPLE", "resourceShareName": "project-resource-share", "resourceShareArn": "arn:aws:ram:us-west-2:111111111111:resource-share/fcb639f0-1449-4744-35bc-a983fEXAMPLE", "senderAccountId": "111111111111", "receiverAccountId": "222222222222", "invitationTimestamp": 1565319592.463, "status": "REJECTED" } ]-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 RejectResourceShareInvitation
。
-
下列程式碼範例示範如何使用 tag-resource。
- AWS CLI
-
將標籤新增至資源共用
下列
tag-resource範例會將標籤索引鍵project和相關聯的值新增至lima指定的資源共用。aws ram tag-resource \ --tagskey=project,value=lima\ --resource-share-arnarn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE此命令不會產生輸出。
-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 TagResource
。
-
下列程式碼範例示範如何使用 untag-resource。
- AWS CLI
-
從資源共用中移除標籤
下列
untag-resource範例會從指定的資源共用中移除project標籤金鑰和相關聯的值。aws ram untag-resource \ --tag-keysproject\ --resource-share-arnarn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE此命令不會產生輸出。
-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 UntagResource
。
-
下列程式碼範例示範如何使用 update-resource-share。
- AWS CLI
-
更新資源共用
下列
update-resource-share範例會變更指定的資源共用,以允許不在 AWS 組織的外部主體。aws ram update-resource-share \ --allow-external-principals \ --resource-share-arnarn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE輸出:
{ "resourceShare": { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE", "name": "my-resource-share", "owningAccountId": "123456789012", "allowExternalPrincipals": true, "status": "ACTIVE", "creationTime": 1565295733.282, "lastUpdatedTime": 1565303080.023 } }-
如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 UpdateResourceShare
。
-
