正在删除 IAM 用户 - 适用于 .NET 的 AWS 开发工具包
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 AWS 服务入门

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

正在删除 IAM 用户

此示例向您展示了如何使用 适用于 .NET 的 AWS 开发工具包 删除一个 IAM 用户。它首先删除访问密钥、附加策略等资源,然后删除用户。

以下部分提供了此示例的片段。的 示例的完整代码 之后显示,并且可以按原样构建和运行。

从用户中移除药品

以下片段显示了在删除用户之前必须从用户中删除的项目的示例,例如托管策略和访问密钥。

示例 在本主题结束时 显示此片段正在使用。

// // Method to detach managed policies from a user private static async Task DetachPolicies( IAmazonIdentityManagementService iamClient, string userName) { ListAttachedUserPoliciesResponse responseManagedPolicies = await iamClient.ListAttachedUserPoliciesAsync( new ListAttachedUserPoliciesRequest{UserName = userName}); foreach(AttachedPolicyType policy in responseManagedPolicies.AttachedPolicies) { Console.WriteLine($"\tDetaching policy {policy.PolicyName}"); await iamClient.DetachUserPolicyAsync(new DetachUserPolicyRequest{ PolicyArn = policy.PolicyArn, UserName = userName}); } } // // Method to delete access keys from a user private static async Task DeleteAccessKeys( IAmazonIdentityManagementService iamClient, string userName) { ListAccessKeysResponse responseAccessKeys = await iamClient.ListAccessKeysAsync( new ListAccessKeysRequest{UserName = userName}); foreach(AccessKeyMetadata accessKey in responseAccessKeys.AccessKeyMetadata) { Console.WriteLine($"\tDeleting Access key {accessKey.AccessKeyId}"); await iamClient.DeleteAccessKeyAsync(new DeleteAccessKeyRequest{ UserName = userName, AccessKeyId = accessKey.AccessKeyId}); } }

删除该用户:

以下代码段调用从用户中删除项目的方法,然后删除用户。

示例 在本主题结束时 显示此片段正在使用。

// // Method to delete a user private static async Task DeleteUser( IAmazonIdentityManagementService iamClient, string userName) { Console.WriteLine($"\nDeleting user {userName}..."); // // Remove items from the user // // Detach any managed policies await DetachPolicies(iamClient, userName); // Delete any access keys await DeleteAccessKeys(iamClient, userName); // DeleteLoginProfileAsycn(), DeleteUserPolicyAsync(), etc. // See the description of DeleteUserAsync for a full list. // // Delete the user // await iamClient.DeleteUserAsync(new DeleteUserRequest(userName)); Console.WriteLine("Done"); }

完整代码

本节显示此示例的相关参考和完整代码。

using System; using System.Threading.Tasks; using Amazon.IdentityManagement; using Amazon.IdentityManagement.Model; namespace IamDeleteUser { class Program { static async Task Main(string[] args) { if(args.Length != 1) { Console.WriteLine("\nUsage: IamDeleteUser user-name"); Console.WriteLine(" user-name - The name of the user you want to delete."); return; } // Create an IAM service client var iamClient = new AmazonIdentityManagementServiceClient(); // Delete the given user await DeleteUser(iamClient, args[0]); // Could display a list of the users that are left. } // // Method to delete a user private static async Task DeleteUser( IAmazonIdentityManagementService iamClient, string userName) { Console.WriteLine($"\nDeleting user {userName}..."); // // Remove items from the user // // Detach any managed policies await DetachPolicies(iamClient, userName); // Delete any access keys await DeleteAccessKeys(iamClient, userName); // DeleteLoginProfileAsycn(), DeleteUserPolicyAsync(), etc. // See the description of DeleteUserAsync for a full list. // // Delete the user // await iamClient.DeleteUserAsync(new DeleteUserRequest(userName)); Console.WriteLine("Done"); } // // Method to detach managed policies from a user private static async Task DetachPolicies( IAmazonIdentityManagementService iamClient, string userName) { ListAttachedUserPoliciesResponse responseManagedPolicies = await iamClient.ListAttachedUserPoliciesAsync( new ListAttachedUserPoliciesRequest{UserName = userName}); foreach(AttachedPolicyType policy in responseManagedPolicies.AttachedPolicies) { Console.WriteLine($"\tDetaching policy {policy.PolicyName}"); await iamClient.DetachUserPolicyAsync(new DetachUserPolicyRequest{ PolicyArn = policy.PolicyArn, UserName = userName}); } } // // Method to delete access keys from a user private static async Task DeleteAccessKeys( IAmazonIdentityManagementService iamClient, string userName) { ListAccessKeysResponse responseAccessKeys = await iamClient.ListAccessKeysAsync( new ListAccessKeysRequest{UserName = userName}); foreach(AccessKeyMetadata accessKey in responseAccessKeys.AccessKeyMetadata) { Console.WriteLine($"\tDeleting Access key {accessKey.AccessKeyId}"); await iamClient.DeleteAccessKeyAsync(new DeleteAccessKeyRequest{ UserName = userName, AccessKeyId = accessKey.AccessKeyId}); } } } }

其他注意事项

  • 有关必须从用户中删除的资源的信息,请参阅 删除用户异步 方法,但一定要使用参考方法的Async版本。