本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
Amazon RAM 使用示例 Amazon CLI
以下代码示例向您展示了如何使用with来执行操作和实现常见场景 Amazon RAM。 Amazon Command Line Interface
操作是大型程序的代码摘录,必须在上下文中运行。您可以通过操作了解如何调用单个服务函数,还可以通过函数相关场景和跨服务示例的上下文查看操作。
场景是展示如何通过在同一服务中调用多个函数来完成特定任务任务的代码示例。
每个示例都包含一个指向的链接 GitHub,您可以在其中找到有关如何在上下文中设置和运行代码的说明。
主题
操作
以下代码示例演示如何使用 accept-resource-share-invitation
。
- Amazon CLI
-
接受资源共享邀请
以下
accept-resource-share-invitation
示例接受指定的资源共享邀请。受邀账户中的委托人可以立即开始使用共享中的资源。aws ram accept-resource-share-invitation \ --resource-share-invitation-arn arn:aws:ram:us-west-2:111111111111:resource-share-invitation/1e3477be-4a95-46b4-bbe0-c4001EXAMPLE
输出:
{ "resourceShareInvitation": { "resourceShareInvitationArn": "arn:aws:ram:us-west-2:111111111111:resource-share-invitation/1e3477be-4a95-46b4-bbe0-c4001EXAMPLE", "resourceShareName": "MyLicenseShare", "resourceShareArn": "arn:aws:ram:us-west-2:111111111111:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE", "senderAccountId": "111111111111", "receiverAccountId": "222222222222", "invitationTimestamp": "2021-09-22T15:07:35.620000-07:00", "status": "ACCEPTED" } }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考AcceptResourceShareInvitation
中的。
-
以下代码示例演示如何使用 associate-resource-share-permission
。
- Amazon CLI
-
将 RAM 托管权限与资源共享关联
以下
associate-resource-share-permission
示例将相关资源类型的现有托管权限替换为指定的托管权限。对相关资源类型的所有资源的访问权限受新权限的约束。aws ram associate-resource-share-permission \ --permission-arn arn:aws:ram::aws:permission/AWSRAMPermissionGlueDatabaseReadWrite \ --replace \ --resource-share-arn arn:aws:ram:us-west-2:123456789012:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE
输出:
{ "returnValue": true }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考AssociateResourceSharePermission
中的。
-
以下代码示例演示如何使用 associate-resource-share
。
- Amazon CLI
-
示例 1:将资源与资源共享关联
以下
associate-resource-share
示例将许可证配置添加到指定的资源共享。aws ram associate-resource-share \ --resource-share arn:aws:ram:us-west-2:123456789012:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE \ --resource-arns arn:aws:license-manager:us-west-2:123456789012:license-configuration:lic-36be0485f5ae379cc74cf8e92EXAMPLE
输出:
{ "resourceShareAssociations": [ { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE", "associatedEntity": "arn:aws:license-manager:us-west-2:123456789012:license-configuration:lic-36be0485f5ae379cc74cf8e92EXAMPLE", "associationType": "RESOURCE", "status": "ASSOCIATING", "external": false } ] }
示例 2:将委托人与资源共享关联
以下
associate-resource-share
示例向指定组织单位中的所有账户授予对指定资源共享的访问权限。aws ram associate-resource-share \ --resource-share-arn arn:aws:ram:us-west-2:123456789012:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE \ --principals arn:aws:organizations::123456789012:ou/o-63bEXAMPLE/ou-46xi-rEXAMPLE
输出:
{ "resourceShareAssociations": [ { "status": "ASSOCIATING", "associationType": "PRINCIPAL", "associatedEntity": "arn:aws:organizations::123456789012:ou/o-63bEXAMPLE/ou-46xi-rEXAMPLE", "external": false, "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE" } ] }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考AssociateResourceShare
中的。
-
以下代码示例演示如何使用 create-resource-share
。
- Amazon CLI
-
示例 1:创建资源共享
以下
create-resource-share
示例创建了一个具有指定名称的空资源共享。您必须分别向共享添加资源、委托人和权限。aws ram create-resource-share \ --name MyNewResourceShare
输出:
{ "resourceShare": { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/4476c27d-8feb-4b21-afe9-7de23EXAMPLE", "name": "MyNewResourceShare", "owningAccountId": "123456789012", "allowExternalPrincipals": true, "status": "ACTIVE", "creationTime": 1634586271.302, "lastUpdatedTime": 1634586271.302 } }
示例 2:创建以 Amazon 账户为委托人的资源共享
以下
create-resource-share
示例创建了一个资源共享并向指定 Amazon 账户 (222222222222) 授予访问权限。如果指定的委托人不属于同一个 Amazon 组织,则会发送邀请,并且在授予访问权限之前必须接受邀请。aws ram create-resource-share \ --name MyNewResourceShare \ --principals 222222222222
示例 3:创建仅限于您的 Amazon 组织的资源共享
以下
create-resource-share
示例创建一个资源共享,该共享仅限于您的账户所属的 Amazon 组织中的账户,并将指定的 OU 添加为委托人。该 OU 中的所有账户都可以使用资源共享中的资源。aws ram create-resource-share \ --name MyNewResourceShare \ --no-allow-external-principals \ --principals arn:aws:organizations::123456789012:ou/o-63bEXAMPLE/ou-46xi-rEXAMPLE
输出:
{ "resourceShare": { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7be8694e-095c-41ca-9ce8-7be4aEXAMPLE", "name": "MyNewResourceShare", "owningAccountId": "123456789012", "allowExternalPrincipals": false, "status": "ACTIVE", "creationTime": 1634587042.49, "lastUpdatedTime": 1634587042.49 } }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考CreateResourceShare
中的。
-
以下代码示例演示如何使用 delete-resource-share
。
- Amazon CLI
-
删除资源共享
以下
delete-resource-share
示例删除了指定的资源共享。aws ram delete-resource-share \ --resource-share-arn arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE
以下输出表示成功:
{ "returnValue": true }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考DeleteResourceShare
中的。
-
以下代码示例演示如何使用 disassociate-resource-share-permission
。
- Amazon CLI
-
从资源共享中移除资源类型的 RAM 托管权限
以下
disassociate-resource-share-permission
示例从指定的资源共享中移除 Glue 数据库的 RAM 托管权限。aws ram disassociate-resource-share-permission \ --resource-share-arn arn:aws:ram:us-west-2:123456789012:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE \ --permission-arn arn:aws:ram::aws:permission/AWSRAMPermissionGlueDatabaseReadWrite
输出:
{ "returnValue": true }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考DisassociateResourceSharePermission
中的。
-
以下代码示例演示如何使用 disassociate-resource-share
。
- Amazon CLI
-
从资源共享中移除资源
以下
disassociate-resource-share
示例从指定的资源共享中移除指定资源(在本例中为 VPC 子网)。任何有权访问资源共享的委托人都无法再对该资源执行操作。aws ram disassociate-resource-share \ --resource-arns arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0250c25a1fEXAMPLE \ --resource-share-arn arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE
输出:
{ "resourceShareAssociations": [ "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE", "associatedEntity": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0250c25a1fEXAMPLE", "associationType": "RESOURCE", "status": "DISASSOCIATING", "external": false ] }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考DisassociateResourceShare
中的。
-
以下代码示例演示如何使用 enable-sharing-with-aws-organization
。
- Amazon CLI
-
启用跨 Amazon 组织共享资源
以下
enable-sharing-with-aws-organization
示例启用了跨组织和组织单位的资源共享。aws ram enable-sharing-with-aws-organization
以下输出代表成功。
{ "returnValue": true }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考EnableSharingWithAwsOrganization
中的。
-
以下代码示例演示如何使用 get-permission
。
- Amazon CLI
-
检索 RAM 托管权限的详细信息
以下
get-permission
示例显示了指定 RAM 托管权限的默认版本的详细信息。aws ram get-permission \ --permission-arn arn:aws:ram::aws:permission/AWSRAMPermissionGlueTableReadWriteForDatabase
输出:
{ "permission": { "arn": "arn:aws:ram::aws:permission/AWSRAMPermissionGlueTableReadWriteForDatabase", "version": "2", "defaultVersion": true, "name": "AWSRAMPermissionGlueTableReadWriteForDatabase", "resourceType": "glue:Database", "permission": "{\"Effect\":\"Allow\",\"Action\":[\"glue:GetTable\", \"glue:UpdateTable\", \"glue:DeleteTable\", \"glue:BatchDeleteTable\", \"glue:BatchDeleteTableVersion\", \"glue:GetTableVersion\", \"glue:GetTableVersions\", \"glue:GetPartition\", \"glue:GetPartitions\", \"glue:BatchGetPartition\", \"glue:BatchCreatePartition\", \"glue:CreatePartition\", \"glue:UpdatePartition\", \"glue:BatchDeletePartition\", \"glue:DeletePartition\", \"glue:GetTables\", \"glue:SearchTables\"]}", "creationTime": 1624912434.431, "lastUpdatedTime": 1624912434.431, "isResourceTypeDefault": false } }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考GetPermission
中的。
-
以下代码示例演示如何使用 get-resource-policies
。
- Amazon CLI
-
获取资源的策略
以下
get-resource-policies
示例显示了与资源共享关联的指定资源的基于资源的权限策略。aws ram get-resource-policies \ --resource-arns arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0250c25a1fEXAMPLE
输出:
{ "policies": [ "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"RamStatement1\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":[]},\"Action\":[\"ec2:RunInstances\",\"ec2:CreateNetworkInterface\",\"ec2:DescribeSubnets\"],\"Resource\":\"arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0250c25a1fEXAMPLE\"}]}" ] }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考GetResourcePolicies
中的。
-
以下代码示例演示如何使用 get-resource-share-associations
。
- Amazon CLI
-
示例 1:列出所有资源类型的所有资源关联
以下
get-resource-share-associations
示例列出了所有资源共享中所有资源类型的资源关联。aws ram get-resource-share-associations \ --association-type RESOURCE
输出:
{ "resourceShareAssociations": [ { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE", "associatedEntity": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0250c25a1fEXAMPLE", "resourceShareName": "MySubnetShare", "associationType": "RESOURCE", "status": "ASSOCIATED", "creationTime": 1565303590.973, "lastUpdatedTime": 1565303591.695, "external": false }, { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/8167bdfe-4480-4a01-8632-315e0EXAMPLE", "associatedEntity": "arn:aws:license-manager:us-west-2:123456789012:license-configuration:lic-36be0485f5ae379cc74cf8e92EXAMPLE", "resourceShareName": "MyLicenseShare", "associationType": "RESOURCE", "status": "ASSOCIATED", "creationTime": 1632342958.457, "lastUpdatedTime": 1632342958.907, "external": false } ] }
示例 2:列出资源共享的主体关联
以下
get-resource-share-associations
示例仅列出指定资源共享的委托人关联。aws ram get-resource-share-associations \ --resource-share-arns arn:aws:ram:us-west-2:123456789012:resource-share/7be8694e-095c-41ca-9ce8-7be4aEXAMPLE \ --association-type PRINCIPAL
输出:
{ "resourceShareAssociations": [ { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7be8694e-095c-41ca-9ce8-7be4aEXAMPLE", "resourceShareName": "MyNewResourceShare", "associatedEntity": "arn:aws:organizations::123456789012:ou/o-63bEXAMPLE/ou-46xi-rEXAMPLE", "associationType": "PRINCIPAL", "status": "ASSOCIATED", "creationTime": 1634587042.49, "lastUpdatedTime": 1634587044.291, "external": false } ] }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考GetResourceShareAssociations
中的。
-
以下代码示例演示如何使用 get-resource-share-invitations
。
- Amazon CLI
-
列出您的资源共享邀请
以下
get-resource-share-invitations
示例列出了您当前的资源共享邀请。aws ram get-resource-share-invitations
输出:
{ "resourceShareInvitations": [ { "resourceShareInvitationArn": "arn:aws:ram:us-west2-1:111111111111:resource-share-invitation/32b639f0-14b8-7e8f-55ea-e6117EXAMPLE", "resourceShareName": "project-resource-share", "resourceShareArn": "arn:aws:ram:us-west-2:111111111111:resource-share/fcb639f0-1449-4744-35bc-a983fEXAMPLE", "senderAccountId": "111111111111", "receiverAccountId": "222222222222", "invitationTimestamp": 1565312166.258, "status": "PENDING" } ] }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考GetResourceShareInvitations
中的。
-
以下代码示例演示如何使用 get-resource-shares
。
- Amazon CLI
-
示例 1:列出您拥有并与其他人共享的资源共享
以下
get-resource-shares
示例列出了创建并正在与其他人共享的资源共享。aws ram get-resource-shares \ --resource-owner SELF
输出:
{ "resourceShares": [ { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/3ab63985-99d9-1cd2-7d24-75e93EXAMPLE", "name": "my-resource-share", "owningAccountId": "123456789012", "allowExternalPrincipals": false, "status": "ACTIVE", "tags": [ { "key": "project", "value": "lima" } ] "creationTime": 1565295733.282, "lastUpdatedTime": 1565295733.282 }, { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE", "name": "my-resource-share", "owningAccountId": "123456789012", "allowExternalPrincipals": true, "status": "ACTIVE", "creationTime": 1565295733.282, "lastUpdatedTime": 1565295733.282 } ] }
示例 2:列出他人拥有并与您共享的资源共享
以下
get-resource-shares
示例列出了其他人创建并与您共享的资源共享。在此示例中,没有。aws ram get-resource-shares \ --resource-owner OTHER-ACCOUNTS
输出:
{ "resourceShares": [] }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考GetResourceShares
中的。
-
以下代码示例演示如何使用 list-pending-invitation-resources
。
- Amazon CLI
-
列出待处理资源共享中可用的资源
以下
list-pending-invitation-resources
示例列出了与指定邀请关联的资源共享中的所有资源。aws ram list-pending-invitation-resources \ --resource-share-invitation-arn arn:aws:ram:us-west-2:123456789012:resource-share-invitation/1e3477be-4a95-46b4-bbe0-c4001EXAMPLE
输出:
{ "resources": [ { "arn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-04a555b0e6EXAMPLE", "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7be8694e-095c-41ca-9ce8-7be4aEXAMPLE", "creationTime": 1634676051.269, "lastUpdatedTime": 1634676052.07, "status": "AVAILABLE", "type": "ec2:Subnet" }, { "arn": "arn:aws:license-manager:us-west-2:123456789012:license-configuration:lic-36be0485f5ae379cc74cf8e92EXAMPLE", "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE", "creationTime": 1624912434.431, "lastUpdatedTime": 1624912434.431, "status": "AVAILABLE", "type": "license-manager:LicenseConfiguration" } ] }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考ListPendingInvitationResources
中的。
-
以下代码示例演示如何使用 list-permissions
。
- Amazon CLI
-
列出可用的 RAM 托管权限
以下
list-permissions
示例列出了仅适用于 G Amazon lue 数据库资源类型的所有 RAM 托管权限。aws ram list-permissions \ --resource-type glue:Database
输出:
{ "permissions": [ { "arn": "arn:aws:ram::aws:permission/AWSRAMDefaultPermissionGlueDatabase", "version": "1", "defaultVersion": true, "name": "AWSRAMDefaultPermissionGlueDatabase", "resourceType": "glue:Database", "creationTime": 1592007820.935, "lastUpdatedTime": 1592007820.935, "isResourceTypeDefault": true }, { "arn": "arn:aws:ram::aws:permission/AWSRAMPermissionGlueAllTablesReadWriteForDatabase", "version": "2", "defaultVersion": true, "name": "AWSRAMPermissionGlueAllTablesReadWriteForDatabase", "resourceType": "glue:Database", "creationTime": 1624912413.323, "lastUpdatedTime": 1624912413.323, "isResourceTypeDefault": false }, { "arn": "arn:aws:ram::aws:permission/AWSRAMPermissionGlueDatabaseReadWrite", "version": "2", "defaultVersion": true, "name": "AWSRAMPermissionGlueDatabaseReadWrite", "resourceType": "glue:Database", "creationTime": 1624912417.4, "lastUpdatedTime": 1624912417.4, "isResourceTypeDefault": false }, { "arn": "arn:aws:ram::aws:permission/AWSRAMPermissionGlueTableReadWriteForDatabase", "version": "2", "defaultVersion": true, "name": "AWSRAMPermissionGlueTableReadWriteForDatabase", "resourceType": "glue:Database", "creationTime": 1624912434.431, "lastUpdatedTime": 1624912434.431, "isResourceTypeDefault": false } ] }
以下
list-permissions
示例显示了所有资源类型的可用的 RAM 托管权限。aws ram list-permissions
输出:
{ "permissions": [ { "arn": "arn:aws:ram::aws:permission/AWSRAMBlankEndEntityCertificateAPICSRPassthroughIssuanceCertificateAuthority", "version": "1", "defaultVersion": true, "name": "AWSRAMBlankEndEntityCertificateAPICSRPassthroughIssuanceCertificateAuthority", "resourceType": "acm-pca:CertificateAuthority", "creationTime": 1623264861.085, "lastUpdatedTime": 1623264861.085, "isResourceTypeDefault": false }, { "arn": "arn:aws:ram::aws:permission/AWSRAMDefaultPermissionAppMesh", "version": "1", "defaultVersion": true, "name": "AWSRAMDefaultPermissionAppMesh", "resourceType": "appmesh:Mesh", "creationTime": 1589307188.584, "lastUpdatedTime": 1589307188.584, "isResourceTypeDefault": true }, ...TRUNCATED FOR BREVITY... { "arn": "arn:aws:ram::aws:permission/AWSRAMSubordinateCACertificatePathLen0IssuanceCertificateAuthority", "version": "1", "defaultVersion": true, "name": "AWSRAMSubordinateCACertificatePathLen0IssuanceCertificateAuthority", "resourceType": "acm-pca:CertificateAuthority", "creationTime": 1623264876.75, "lastUpdatedTime": 1623264876.75, "isResourceTypeDefault": false } ] }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考ListPermissions
中的。
-
以下代码示例演示如何使用 list-principals
。
- Amazon CLI
-
列出有权访问资源的委托人
以下
list-principals
示例显示了可以通过任何资源共享访问指定类型资源的委托人列表。aws ram list-principals \ --resource-type ec2:Subnet
输出:
{ "principals": [ { "id": "arn:aws:organizations::123456789012:ou/o-gx7EXAMPLE/ou-29c5-zEXAMPLE", "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE", "creationTime": 1565298209.737, "lastUpdatedTime": 1565298211.019, "external": false } ] }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考ListPrincipals
中的。
-
以下代码示例演示如何使用 list-resource-share-permissions
。
- Amazon CLI
-
列出当前附加到资源共享的所有 RAM 托管权限
以下
list-resource-share-permissions
示例列出了附加到指定资源共享的所有 RAM 托管权限。aws ram list-resource-share-permissions \ --resource-share-arn arn:aws:ram:us-west-2:123456789012:resource-share/27d09b4b-5e12-41d1-a4f2-19dedEXAMPLE
输出:
{ "permissions": [ { "arn": "arn:aws:ram::aws:permission/AWSRAMDefaultPermissionLicenseConfiguration", "version": "1", "resourceType": "license-manager:LicenseConfiguration", "status": "ASSOCIATED", "lastUpdatedTime": 1632342984.234 }, { "arn": "arn:aws:ram::aws:permission/AWSRAMPermissionGlueDatabaseReadWrite", "version": "2", "resourceType": "glue:Database", "status": "ASSOCIATED", "lastUpdatedTime": 1632512462.297 } ] }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考ListResourceSharePermissions
中的。
-
以下代码示例演示如何使用 list-resource-types
。
- Amazon CLI
-
列出 Amazon RAM 支持的资源类型
以下
list-resource-types
示例列出了 Amazon RAM 当前支持的所有资源类型。aws ram list-resource-types
输出:
{ "resourceTypes": [ { "resourceType": "route53resolver:FirewallRuleGroup", "serviceName": "route53resolver" }, { "resourceType": "ec2:LocalGatewayRouteTable", "serviceName": "ec2" }, ...OUTPUT TRUNCATED FOR BREVITY... { "resourceType": "ec2:Subnet", "serviceName": "ec2" }, { "resourceType": "ec2:TransitGatewayMulticastDomain", "serviceName": "ec2" } ] }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考ListResourceTypes
中的。
-
以下代码示例演示如何使用 list-resources
。
- Amazon CLI
-
列出与资源共享关联的资源
以下
list-resources
示例列出了指定资源共享中属于指定资源类型的所有资源。aws ram list-resources \ --resource-type ec2:Subnet \ --resource-owner SELF \ --resource-share-arn arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE
输出:
{ "resources": [ { "arn": "aarn:aws:ec2:us-west-2:123456789012:subnet/subnet-0250c25a1f4e15235", "type": "ec2:Subnet", "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE", "creationTime": 1565301545.023, "lastUpdatedTime": 1565301545.947 } ] }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考ListResources
中的。
-
以下代码示例演示如何使用 promote-resource-share-created-from-policy
。
- Amazon CLI
-
在 RAM 中将基于资源策略的资源共享提升到全部功能 Amazon
以下
promote-resource-share-created-from-policy
示例采用您通过附加基于资源的策略隐式创建的资源共享,并将其转换为 Amazon RAM 控制台及其 CLI 和 API 操作的完整功能。aws ram promote-resource-share-created-from-policy \ --resource-share-arn arn:aws:ram:us-east-1:123456789012:resource-share/91fa8429-2d06-4032-909a-90909EXAMPLE
输出:
{ "returnValue": true }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考PromoteResourceShareCreatedFromPolicy
中的。
-
以下代码示例演示如何使用 reject-resource-share-invitation
。
- Amazon CLI
-
拒绝资源共享邀请
以下
reject-resource-share-invitation
示例拒绝了指定的资源共享邀请。aws ram reject-resource-share-invitation \ --resource-share-invitation-arn arn:aws:ram:us-west-2:111111111111:resource-share-invitation/32b639f0-14b8-7e8f-55ea-e6117EXAMPLE
输出:
"resourceShareInvitations": [ { "resourceShareInvitationArn": "arn:aws:ram:us-west2-1:111111111111:resource-share-invitation/32b639f0-14b8-7e8f-55ea-e6117EXAMPLE", "resourceShareName": "project-resource-share", "resourceShareArn": "arn:aws:ram:us-west-2:111111111111:resource-share/fcb639f0-1449-4744-35bc-a983fEXAMPLE", "senderAccountId": "111111111111", "receiverAccountId": "222222222222", "invitationTimestamp": 1565319592.463, "status": "REJECTED" } ]
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考RejectResourceShareInvitation
中的。
-
以下代码示例演示如何使用 tag-resource
。
- Amazon CLI
-
向资源共享添加标签
以下
tag-resource
示例向指定的资源共享添加标签键project
和关联值lima
。aws ram tag-resource \ --tags key=project,value=lima \ --resource-share-arn arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE
此命令不生成任何输出。
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考TagResource
中的。
-
以下代码示例演示如何使用 untag-resource
。
- Amazon CLI
-
从资源共享中移除标签
以下
untag-resource
示例从指定的资源共享中删除project
标签键和关联值。aws ram untag-resource \ --tag-keys project \ --resource-share-arn arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE
此命令不生成任何输出。
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考UntagResource
中的。
-
以下代码示例演示如何使用 update-resource-share
。
- Amazon CLI
-
更新资源共享
以下
update-resource-share
示例更改了指定的资源共享,以允许不在 Amazon 组织中的外部委托人。aws ram update-resource-share \ --allow-external-principals \ --resource-share-arn arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE
输出:
{ "resourceShare": { "resourceShareArn": "arn:aws:ram:us-west-2:123456789012:resource-share/7ab63972-b505-7e2a-420d-6f5d3EXAMPLE", "name": "my-resource-share", "owningAccountId": "123456789012", "allowExternalPrincipals": true, "status": "ACTIVE", "creationTime": 1565295733.282, "lastUpdatedTime": 1565303080.023 } }
-
有关 API 的详细信息,请参阅Amazon CLI 命令参考UpdateResourceShare
中的。
-