本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
正在删除 IAM 用户
此示例向您展示了如何使用 适用于 .NET 的 AWS 开发工具包 删除一个 IAM 用户。它首先删除访问密钥、附加策略等资源,然后删除用户。
以下部分提供了此示例的片段。的 示例的完整代码 之后显示,并且可以按原样构建和运行。
从用户中移除药品
以下片段显示了在删除用户之前必须从用户中删除的项目的示例,例如托管策略和访问密钥。
示例 在本主题结束时 显示此片段正在使用。
// // Method to detach managed policies from a user private static async Task DetachPolicies( IAmazonIdentityManagementService iamClient, string userName) { ListAttachedUserPoliciesResponse responseManagedPolicies = await iamClient.ListAttachedUserPoliciesAsync( new ListAttachedUserPoliciesRequest{UserName = userName}); foreach(AttachedPolicyType policy in responseManagedPolicies.AttachedPolicies) { Console.WriteLine($"\tDetaching policy {policy.PolicyName}"); await iamClient.DetachUserPolicyAsync(new DetachUserPolicyRequest{ PolicyArn = policy.PolicyArn, UserName = userName}); } } // // Method to delete access keys from a user private static async Task DeleteAccessKeys( IAmazonIdentityManagementService iamClient, string userName) { ListAccessKeysResponse responseAccessKeys = await iamClient.ListAccessKeysAsync( new ListAccessKeysRequest{UserName = userName}); foreach(AccessKeyMetadata accessKey in responseAccessKeys.AccessKeyMetadata) { Console.WriteLine($"\tDeleting Access key {accessKey.AccessKeyId}"); await iamClient.DeleteAccessKeyAsync(new DeleteAccessKeyRequest{ UserName = userName, AccessKeyId = accessKey.AccessKeyId}); } }
删除该用户:
以下代码段调用从用户中删除项目的方法,然后删除用户。
示例 在本主题结束时 显示此片段正在使用。
// // Method to delete a user private static async Task DeleteUser( IAmazonIdentityManagementService iamClient, string userName) { Console.WriteLine($"\nDeleting user {userName}..."); // // Remove items from the user // // Detach any managed policies await DetachPolicies(iamClient, userName); // Delete any access keys await DeleteAccessKeys(iamClient, userName); // DeleteLoginProfileAsycn(), DeleteUserPolicyAsync(), etc. // See the description of DeleteUserAsync for a full list. // // Delete the user // await iamClient.DeleteUserAsync(new DeleteUserRequest(userName)); Console.WriteLine("Done"); }
完整代码
本节显示此示例的相关参考和完整代码。
NuGet 程序包:
编程元素:
-
命名空间 亚马逊身份管理
职业 亚马逊身份管理服务客户
-
命名空间 Amazon.身份管理.模型
职业 访问密钥元数据
职业 附加政策类型
职业 删除访问键请求
职业 删除用户请求
职业 分离用户策略请求
职业 列表访问密钥请求
职业 列表访问密钥响应
职业 列表附加用户策略响应
using System; using System.Threading.Tasks; using Amazon.IdentityManagement; using Amazon.IdentityManagement.Model; namespace IamDeleteUser { class Program { static async Task Main(string[] args) { if(args.Length != 1) { Console.WriteLine("\nUsage: IamDeleteUser user-name"); Console.WriteLine(" user-name - The name of the user you want to delete."); return; } // Create an IAM service client var iamClient = new AmazonIdentityManagementServiceClient(); // Delete the given user await DeleteUser(iamClient, args[0]); // Could display a list of the users that are left. } // // Method to delete a user private static async Task DeleteUser( IAmazonIdentityManagementService iamClient, string userName) { Console.WriteLine($"\nDeleting user {userName}..."); // // Remove items from the user // // Detach any managed policies await DetachPolicies(iamClient, userName); // Delete any access keys await DeleteAccessKeys(iamClient, userName); // DeleteLoginProfileAsycn(), DeleteUserPolicyAsync(), etc. // See the description of DeleteUserAsync for a full list. // // Delete the user // await iamClient.DeleteUserAsync(new DeleteUserRequest(userName)); Console.WriteLine("Done"); } // // Method to detach managed policies from a user private static async Task DetachPolicies( IAmazonIdentityManagementService iamClient, string userName) { ListAttachedUserPoliciesResponse responseManagedPolicies = await iamClient.ListAttachedUserPoliciesAsync( new ListAttachedUserPoliciesRequest{UserName = userName}); foreach(AttachedPolicyType policy in responseManagedPolicies.AttachedPolicies) { Console.WriteLine($"\tDetaching policy {policy.PolicyName}"); await iamClient.DetachUserPolicyAsync(new DetachUserPolicyRequest{ PolicyArn = policy.PolicyArn, UserName = userName}); } } // // Method to delete access keys from a user private static async Task DeleteAccessKeys( IAmazonIdentityManagementService iamClient, string userName) { ListAccessKeysResponse responseAccessKeys = await iamClient.ListAccessKeysAsync( new ListAccessKeysRequest{UserName = userName}); foreach(AccessKeyMetadata accessKey in responseAccessKeys.AccessKeyMetadata) { Console.WriteLine($"\tDeleting Access key {accessKey.AccessKeyId}"); await iamClient.DeleteAccessKeyAsync(new DeleteAccessKeyRequest{ UserName = userName, AccessKeyId = accessKey.AccessKeyId}); } } } }
其他注意事项
-
有关必须从用户中删除的资源的信息,请参阅 删除用户异步 方法,但一定要使用参考方法的Async版本。
-
您也可以在 IAM 控制台
.