的版本 4 (V4) 适用于 .NET 的 Amazon SDK 已经发布! 有关重大更改和迁移应用程序的信息,请参阅[迁移主题](https://docs.amazonaws.cn/sdk-for-net/v4/developer-guide/net-dg-v4.html)。 [https://docs.amazonaws.cn/sdk-for-net/v4/developer-guide/net-dg-v4.html](https://docs.amazonaws.cn/sdk-for-net/v4/developer-guide/net-dg-v4.html) 本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。 # 显示 IAM 托管式策略的策略文档 显示策略文档 此示例向您展示如何使用 适用于 .NET 的 Amazon SDK 来显示策略文档。该应用程序创建 IAM 客户端对象,找到给定 IAM 托管式策略的默认版本,然后以 JSON 格式显示策略文档。 以下各节提供了此示例的片段。此后显示了[该示例的完整代码](#iam-policies-display-complete-code),并且可以按原样构建和运行。 **Topics** + [ ## 查找默认版本 ](#iam-policies-display-version) + [ ## 显示策略文档 ](#iam-policies-display-doc) + [ ## 完整代码 ](#iam-policies-display-complete-code) ## 查找默认版本 以下代码片段查找给定 IAM 策略的默认版本。 [本主题末尾](#iam-policies-display-complete-code)的示例显示了此片段的使用情况。 ``` // // Method to determine the default version of an IAM policy // Returns a string with the version private static async Task GetDefaultVersion( IAmazonIdentityManagementService iamClient, string policyArn) { // Retrieve all the versions of this policy string defaultVersion = string.Empty; ListPolicyVersionsResponse reponseVersions = await iamClient.ListPolicyVersionsAsync(new ListPolicyVersionsRequest{ PolicyArn = policyArn}); // Find the default version foreach(PolicyVersion version in reponseVersions.Versions) { if(version.IsDefaultVersion) { defaultVersion = version.VersionId; break; } } return defaultVersion; } ``` ## 显示策略文档 以下代码片段以 JSON 格式显示了给定 IAM 策略的策略文档。 [本主题末尾](#iam-policies-display-complete-code)的示例显示了此片段的使用情况。 ``` // // Method to retrieve and display the policy document of an IAM policy private static async Task ShowPolicyDocument( IAmazonIdentityManagementService iamClient, string policyArn, string defaultVersion) { // Retrieve the policy document of the default version GetPolicyVersionResponse responsePolicy = await iamClient.GetPolicyVersionAsync(new GetPolicyVersionRequest{ PolicyArn = policyArn, VersionId = defaultVersion}); // Display the policy document (in JSON) Console.WriteLine($"Version {defaultVersion} of the policy (in JSON format):"); Console.WriteLine( $"{HttpUtility.UrlDecode(responsePolicy.PolicyVersion.Document)}"); } ``` ## 完整代码 本部分显示了本示例的相关参考和完整代码。 ### SDK 参考 NuGet 包裹: + [AWSSDK.IdentityManagement](https://www.nuget.org/packages/AWSSDK.IdentityManagement) 编程元素: + 命名空间 [Amazon。 IdentityManagement](https://docs.amazonaws.cn/sdkfornet/v4/apidocs/items/IAM/NIAM.html) 班级 [AmazonIdentityManagementServiceClient](https://docs.amazonaws.cn/sdkfornet/v4/apidocs/items/IAM/TIAMServiceClient.html) + 命名空间 [Amazon。 IdentityManagement.Model](https://docs.amazonaws.cn/sdkfornet/v4/apidocs/items/IAM/NIAMModel.html) 班级 [GetPolicyVersionRequest](https://docs.amazonaws.cn/sdkfornet/v4/apidocs/items/IAM/TGetPolicyVersionRequest.html) 班级 [GetPolicyVersionResponse](https://docs.amazonaws.cn/sdkfornet/v4/apidocs/items/IAM/TGetPolicyVersionResponse.html) 班级 [ListPolicyVersionsRequest](https://docs.amazonaws.cn/sdkfornet/v4/apidocs/items/IAM/TListPolicyVersionsRequest.html) 班级 [ListPolicyVersionsResponse](https://docs.amazonaws.cn/sdkfornet/v4/apidocs/items/IAM/TListPolicyVersionsResponse.html) 班级 [PolicyVersion](https://docs.amazonaws.cn/sdkfornet/v4/apidocs/items/IAM/TPolicyVersion.html) ### 代码 ``` using System; using System.Web; using System.Threading.Tasks; using Amazon.IdentityManagement; using Amazon.IdentityManagement.Model; namespace IamDisplayPolicyJson { class Program { static async Task Main(string[] args) { // Parse the command line and show help if necessary if(args.Length != 1) { Console.WriteLine("\nUsage: IamDisplayPolicyJson policy-arn"); Console.WriteLine(" policy-arn: The ARN of the policy to retrieve."); return; } if(!args[0].StartsWith("arn:")) { Console.WriteLine("\nCould not find policy ARN in the command-line arguments:"); Console.WriteLine($"{args[0]}"); return; } // Create an IAM service client var iamClient = new AmazonIdentityManagementServiceClient(); // Retrieve and display the policy document of the given policy string defaultVersion = await GetDefaultVersion(iamClient, args[0]); if(string.IsNullOrEmpty(defaultVersion)) Console.WriteLine($"Could not find the default version for policy {args[0]}."); else await ShowPolicyDocument(iamClient, args[0], defaultVersion); } // // Method to determine the default version of an IAM policy // Returns a string with the version private static async Task GetDefaultVersion( IAmazonIdentityManagementService iamClient, string policyArn) { // Retrieve all the versions of this policy string defaultVersion = string.Empty; ListPolicyVersionsResponse reponseVersions = await iamClient.ListPolicyVersionsAsync(new ListPolicyVersionsRequest{ PolicyArn = policyArn}); // Find the default version foreach(PolicyVersion version in reponseVersions.Versions) { if(version.IsDefaultVersion) { defaultVersion = version.VersionId; break; } } return defaultVersion; } // // Method to retrieve and display the policy document of an IAM policy private static async Task ShowPolicyDocument( IAmazonIdentityManagementService iamClient, string policyArn, string defaultVersion) { // Retrieve the policy document of the default version GetPolicyVersionResponse responsePolicy = await iamClient.GetPolicyVersionAsync(new GetPolicyVersionRequest{ PolicyArn = policyArn, VersionId = defaultVersion}); // Display the policy document (in JSON) Console.WriteLine($"Version {defaultVersion} of the policy (in JSON format):"); Console.WriteLine( $"{HttpUtility.UrlDecode(responsePolicy.PolicyVersion.Document)}"); } } } ```