将托管策略添加到 IAM 用户 - 适用于 Ruby 的 Amazon 开发工具包
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 Amazon Web Services 服务入门

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

将托管策略添加到 IAM 用户

以下示例将托管策略添加到AmazonS3FullAccess适用于 IAM 用户my_groovy_user中的us-west-2区域。

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. # SPDX - License - Identifier: Apache - 2.0 require 'aws-sdk-iam' # Attaches a policy to a user in AWS Identity and Access Management (IAM). # # Prerequisites: # - The user in IAM. # # @param iam [Aws::IAM::Client] An initialized IAM client. # @param user_name [String] The name of the user. # @param policy_arn [String] The Amazon Resource Name (ARN) of the policy. # @return [Boolean] true if the policy was attached; otherwise, false. # @example # exit 1 unless alias_created?( # Aws::IAM::Client.new, # 'my-user', # 'arn:aws:iam::aws:policy/AmazonS3FullAccess' # ) def policy_attached_to_user?(iam_client, user_name, policy_arn) iam_client.attach_user_policy( user_name: user_name, policy_arn: policy_arn ) return true rescue StandardError => e puts "Error attaching policy to user: #{e.message}" return false end # Full example call: def run_me user_name = 'my-user' arn_prefix = 'arn:aws:iam::aws:policy/' policy_arn = arn_prefix + 'AmazonS3FullAccess' iam_client = Aws::IAM::Client.new puts "Attempting to attach policy with ARN '#{policy_arn}' to " \ "user '#{user_name}'..." if policy_attached_to_user?(iam_client, user_name, policy_arn) puts 'Policy attached.' else puts 'Policy not attached.' end end run_me if $PROGRAM_NAME == __FILE__