正在删除 IAM 用户 - 适用于 .NET 的 AWS 开发工具包
从用户中移除药品删除该用户:完整代码其他注意事项
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 AWS 服务入门

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

正在删除 IAM 用户

此示例向您展示了如何使用 适用于 .NET 的 AWS 开发工具包 删除一个 IAM 用户。它首先删除访问密钥、附加策略等资源,然后删除用户。

以下部分提供了此示例的片段。的 示例的完整代码 之后显示,并且可以按原样构建和运行。

从用户中移除药品

以下片段显示了在删除用户之前必须从用户中删除的项目的示例,例如托管策略和访问密钥。

示例 在本主题结束时 显示此片段正在使用。 

    //
    // Method to detach managed policies from a user
    private static async Task DetachPolicies(
      IAmazonIdentityManagementService iamClient, string userName)
    {
      ListAttachedUserPoliciesResponse responseManagedPolicies =
        await iamClient.ListAttachedUserPoliciesAsync(
          new ListAttachedUserPoliciesRequest{UserName = userName});
      foreach(AttachedPolicyType policy in responseManagedPolicies.AttachedPolicies)
      {
        Console.WriteLine($"\tDetaching policy {policy.PolicyName}");
        await iamClient.DetachUserPolicyAsync(new DetachUserPolicyRequest{
          PolicyArn = policy.PolicyArn,
          UserName = userName});
      }
    }


    //
    // Method to delete access keys from a user
    private static async Task DeleteAccessKeys(
      IAmazonIdentityManagementService iamClient, string userName)
    {
      ListAccessKeysResponse responseAccessKeys =
        await iamClient.ListAccessKeysAsync(
          new ListAccessKeysRequest{UserName = userName});
      foreach(AccessKeyMetadata accessKey in responseAccessKeys.AccessKeyMetadata)
      {
        Console.WriteLine($"\tDeleting Access key {accessKey.AccessKeyId}");
        await iamClient.DeleteAccessKeyAsync(new DeleteAccessKeyRequest{
          UserName = userName,
          AccessKeyId = accessKey.AccessKeyId});
      }
    }

删除该用户:

以下代码段调用从用户中删除项目的方法,然后删除用户。

示例 在本主题结束时 显示此片段正在使用。 

    //
    // Method to delete a user
    private static async Task DeleteUser(
      IAmazonIdentityManagementService iamClient, string userName)
    {
      Console.WriteLine($"\nDeleting user {userName}...");
      //
      // Remove items from the user
      //
      // Detach any managed policies
      await DetachPolicies(iamClient, userName);

      // Delete any access keys
      await DeleteAccessKeys(iamClient, userName);

      // DeleteLoginProfileAsycn(), DeleteUserPolicyAsync(), etc.
      // See the description of DeleteUserAsync for a full list.

      //
      // Delete the user
      //
      await iamClient.DeleteUserAsync(new DeleteUserRequest(userName));
      Console.WriteLine("Done");
    }

完整代码

本节显示此示例的相关参考和完整代码。

NuGet 程序包:

编程元素:

 
using System;
using System.Threading.Tasks;
using Amazon.IdentityManagement;
using Amazon.IdentityManagement.Model;

namespace IamDeleteUser
{
  class Program
  {
    static async Task Main(string[] args)
    {
      if(args.Length != 1)
      {
        Console.WriteLine("\nUsage: IamDeleteUser user-name");
        Console.WriteLine("   user-name - The name of the user you want to delete.");
        return;
      }

      // Create an IAM service client
      var iamClient = new AmazonIdentityManagementServiceClient();

      // Delete the given user
      await DeleteUser(iamClient, args[0]);

      // Could display a list of the users that are left.
    }

    //
    // Method to delete a user
    private static async Task DeleteUser(
      IAmazonIdentityManagementService iamClient, string userName)
    {
      Console.WriteLine($"\nDeleting user {userName}...");
      //
      // Remove items from the user
      //
      // Detach any managed policies
      await DetachPolicies(iamClient, userName);

      // Delete any access keys
      await DeleteAccessKeys(iamClient, userName);

      // DeleteLoginProfileAsycn(), DeleteUserPolicyAsync(), etc.
      // See the description of DeleteUserAsync for a full list.

      //
      // Delete the user
      //
      await iamClient.DeleteUserAsync(new DeleteUserRequest(userName));
      Console.WriteLine("Done");
    }


    //
    // Method to detach managed policies from a user
    private static async Task DetachPolicies(
      IAmazonIdentityManagementService iamClient, string userName)
    {
      ListAttachedUserPoliciesResponse responseManagedPolicies =
        await iamClient.ListAttachedUserPoliciesAsync(
          new ListAttachedUserPoliciesRequest{UserName = userName});
      foreach(AttachedPolicyType policy in responseManagedPolicies.AttachedPolicies)
      {
        Console.WriteLine($"\tDetaching policy {policy.PolicyName}");
        await iamClient.DetachUserPolicyAsync(new DetachUserPolicyRequest{
          PolicyArn = policy.PolicyArn,
          UserName = userName});
      }
    }


    //
    // Method to delete access keys from a user
    private static async Task DeleteAccessKeys(
      IAmazonIdentityManagementService iamClient, string userName)
    {
      ListAccessKeysResponse responseAccessKeys =
        await iamClient.ListAccessKeysAsync(
          new ListAccessKeysRequest{UserName = userName});
      foreach(AccessKeyMetadata accessKey in responseAccessKeys.AccessKeyMetadata)
      {
        Console.WriteLine($"\tDeleting Access key {accessKey.AccessKeyId}");
        await iamClient.DeleteAccessKeyAsync(new DeleteAccessKeyRequest{
          UserName = userName,
          AccessKeyId = accessKey.AccessKeyId});
      }
    }
  }
}

其他注意事项

  • 有关必须从用户中删除的资源的信息,请参阅 删除用户异步 方法,但一定要使用参考方法的Async版本。