本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
显示 IAM 托管策略的策略文档
此示例向您演示如何使用Amazon SDK for .NET以显示策略文档。应用程序创建 IAM 客户端对象,查找给定 IAM 托管策略的默认版本,然后以 JSON 形式显示策略文档。
以下各节提供了此示例的片段。这些区域有:例子的完整代码在此之后显示,并且可以按原样构建和运行。
查找默认版本
以下代码段查找给定 IAM 策略的默认版本。
的示例本主题末尾的显示了这个片段正在使用中。
// // Method to determine the default version of an IAM policy // Returns a string with the version private static async Task<string> GetDefaultVersion( IAmazonIdentityManagementService iamClient, string policyArn) { // Retrieve all the versions of this policy string defaultVersion = string.Empty; ListPolicyVersionsResponse reponseVersions = await iamClient.ListPolicyVersionsAsync(new ListPolicyVersionsRequest{ PolicyArn = policyArn}); // Find the default version foreach(PolicyVersion version in reponseVersions.Versions) { if(version.IsDefaultVersion) { defaultVersion = version.VersionId; break; } } return defaultVersion; }
显示策略文档
以下代码段以 JSON 形式显示给定 IAM 策略的策略文档。
的示例本主题末尾的显示了这个片段正在使用中。
// // Method to retrieve and display the policy document of an IAM policy private static async Task ShowPolicyDocument( IAmazonIdentityManagementService iamClient, string policyArn, string defaultVersion) { // Retrieve the policy document of the default version GetPolicyVersionResponse responsePolicy = await iamClient.GetPolicyVersionAsync(new GetPolicyVersionRequest{ PolicyArn = policyArn, VersionId = defaultVersion}); // Display the policy document (in JSON) Console.WriteLine($"Version {defaultVersion} of the policy (in JSON format):"); Console.WriteLine( $"{HttpUtility.UrlDecode(responsePolicy.PolicyVersion.Document)}"); }
代码完成
本节显示了此示例的相关参考和完整代码。
NuGet 软件包:
编程元素:
-
命名空间卓越亚马逊身份管理
-
命名空间卓越亚马逊身份管理。模型
Class获取策略版本请求
Class获取策略版本响应
Class列出策略版本请求
Class列出策略版本响应
ClassPolicyVersion
using System; using System.Web; using System.Threading.Tasks; using Amazon.IdentityManagement; using Amazon.IdentityManagement.Model; namespace IamDisplayPolicyJson { class Program { static async Task Main(string[] args) { // Parse the command line and show help if necessary if(args.Length != 1) { Console.WriteLine("\nUsage: IamDisplayPolicyJson policy-arn"); Console.WriteLine(" policy-arn: The ARN of the policy to retrieve."); return; } if(!args[0].StartsWith("arn:")) { Console.WriteLine("\nCould not find policy ARN in the command-line arguments:"); Console.WriteLine($"{args[0]}"); return; } // Create an IAM service client var iamClient = new AmazonIdentityManagementServiceClient(); // Retrieve and display the policy document of the given policy string defaultVersion = await GetDefaultVersion(iamClient, args[0]); if(string.IsNullOrEmpty(defaultVersion)) Console.WriteLine($"Could not find the default version for policy {args[0]}."); else await ShowPolicyDocument(iamClient, args[0], defaultVersion); } // // Method to determine the default version of an IAM policy // Returns a string with the version private static async Task<string> GetDefaultVersion( IAmazonIdentityManagementService iamClient, string policyArn) { // Retrieve all the versions of this policy string defaultVersion = string.Empty; ListPolicyVersionsResponse reponseVersions = await iamClient.ListPolicyVersionsAsync(new ListPolicyVersionsRequest{ PolicyArn = policyArn}); // Find the default version foreach(PolicyVersion version in reponseVersions.Versions) { if(version.IsDefaultVersion) { defaultVersion = version.VersionId; break; } } return defaultVersion; } // // Method to retrieve and display the policy document of an IAM policy private static async Task ShowPolicyDocument( IAmazonIdentityManagementService iamClient, string policyArn, string defaultVersion) { // Retrieve the policy document of the default version GetPolicyVersionResponse responsePolicy = await iamClient.GetPolicyVersionAsync(new GetPolicyVersionRequest{ PolicyArn = policyArn, VersionId = defaultVersion}); // Display the policy document (in JSON) Console.WriteLine($"Version {defaultVersion} of the policy (in JSON format):"); Console.WriteLine( $"{HttpUtility.UrlDecode(responsePolicy.PolicyVersion.Document)}"); } } }