显示 IAM 托管策略的策略文档 - Amazon SDK for .NET
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 Amazon Web Services 服务入门

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

显示 IAM 托管策略的策略文档

此示例向您演示如何使用Amazon SDK for .NET以显示策略文档。应用程序创建 IAM 客户端对象,查找给定 IAM 托管策略的默认版本,然后以 JSON 形式显示策略文档。

以下各节提供了此示例的片段。这些区域有:例子的完整代码在此之后显示,并且可以按原样构建和运行。

查找默认版本

以下代码段查找给定 IAM 策略的默认版本。

的示例本主题末尾的显示了这个片段正在使用中。

// // Method to determine the default version of an IAM policy // Returns a string with the version private static async Task<string> GetDefaultVersion( IAmazonIdentityManagementService iamClient, string policyArn) { // Retrieve all the versions of this policy string defaultVersion = string.Empty; ListPolicyVersionsResponse reponseVersions = await iamClient.ListPolicyVersionsAsync(new ListPolicyVersionsRequest{ PolicyArn = policyArn}); // Find the default version foreach(PolicyVersion version in reponseVersions.Versions) { if(version.IsDefaultVersion) { defaultVersion = version.VersionId; break; } } return defaultVersion; }

显示策略文档

以下代码段以 JSON 形式显示给定 IAM 策略的策略文档。

的示例本主题末尾的显示了这个片段正在使用中。

// // Method to retrieve and display the policy document of an IAM policy private static async Task ShowPolicyDocument( IAmazonIdentityManagementService iamClient, string policyArn, string defaultVersion) { // Retrieve the policy document of the default version GetPolicyVersionResponse responsePolicy = await iamClient.GetPolicyVersionAsync(new GetPolicyVersionRequest{ PolicyArn = policyArn, VersionId = defaultVersion}); // Display the policy document (in JSON) Console.WriteLine($"Version {defaultVersion} of the policy (in JSON format):"); Console.WriteLine( $"{HttpUtility.UrlDecode(responsePolicy.PolicyVersion.Document)}"); }

代码完成

本节显示了此示例的相关参考和完整代码。

using System; using System.Web; using System.Threading.Tasks; using Amazon.IdentityManagement; using Amazon.IdentityManagement.Model; namespace IamDisplayPolicyJson { class Program { static async Task Main(string[] args) { // Parse the command line and show help if necessary if(args.Length != 1) { Console.WriteLine("\nUsage: IamDisplayPolicyJson policy-arn"); Console.WriteLine(" policy-arn: The ARN of the policy to retrieve."); return; } if(!args[0].StartsWith("arn:")) { Console.WriteLine("\nCould not find policy ARN in the command-line arguments:"); Console.WriteLine($"{args[0]}"); return; } // Create an IAM service client var iamClient = new AmazonIdentityManagementServiceClient(); // Retrieve and display the policy document of the given policy string defaultVersion = await GetDefaultVersion(iamClient, args[0]); if(string.IsNullOrEmpty(defaultVersion)) Console.WriteLine($"Could not find the default version for policy {args[0]}."); else await ShowPolicyDocument(iamClient, args[0], defaultVersion); } // // Method to determine the default version of an IAM policy // Returns a string with the version private static async Task<string> GetDefaultVersion( IAmazonIdentityManagementService iamClient, string policyArn) { // Retrieve all the versions of this policy string defaultVersion = string.Empty; ListPolicyVersionsResponse reponseVersions = await iamClient.ListPolicyVersionsAsync(new ListPolicyVersionsRequest{ PolicyArn = policyArn}); // Find the default version foreach(PolicyVersion version in reponseVersions.Versions) { if(version.IsDefaultVersion) { defaultVersion = version.VersionId; break; } } return defaultVersion; } // // Method to retrieve and display the policy document of an IAM policy private static async Task ShowPolicyDocument( IAmazonIdentityManagementService iamClient, string policyArn, string defaultVersion) { // Retrieve the policy document of the default version GetPolicyVersionResponse responsePolicy = await iamClient.GetPolicyVersionAsync(new GetPolicyVersionRequest{ PolicyArn = policyArn, VersionId = defaultVersion}); // Display the policy document (in JSON) Console.WriteLine($"Version {defaultVersion} of the policy (in JSON format):"); Console.WriteLine( $"{HttpUtility.UrlDecode(responsePolicy.PolicyVersion.Document)}"); } } }