本文整理汇总了Golang中github.com/aws/aws-sdk-go/service/iam.New函数的典型用法代码示例。如果您正苦于以下问题:Golang New函数的具体用法?Golang New怎么用?Golang New使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了New函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: New
func New(config Config) (*Client, error) {
credentials := credentials.NewStaticCredentials(config.AccessKey, config.SecretKey, "")
sdkConfig := &aws.Config{
Credentials: credentials,
Region: aws.String(config.Region),
}
session := session.New(sdkConfig)
if config.CloudFormationWaitTimeout == 0 {
return nil, fmt.Errorf("AWS config CloudFormationWaitTimeout must be a positive timeout")
}
ec2EndpointConfig, err := config.getEndpoint("ec2")
if err != nil {
return nil, err
}
cloudformationEndpointConfig, err := config.getEndpoint("cloudformation")
if err != nil {
return nil, err
}
iamEndpointConfig, err := config.getEndpoint("iam")
if err != nil {
return nil, err
}
return &Client{
EC2: ec2.New(session, ec2EndpointConfig),
CloudFormation: cloudformation.New(session, cloudformationEndpointConfig),
IAM: iam.New(session, iamEndpointConfig),
Clock: clockImpl{},
CloudFormationWaitTimeout: config.CloudFormationWaitTimeout,
}, nil
}
示例2: validateUserAccess
/// validateUserAccess checks for the "AdministratorAccess" policy needed to create a rack.
func validateUserAccess(region string, creds *AwsCredentials) error {
// this validation need to check for actual permissions somehow and not
// just a policy name
return nil
Iam := iam.New(session.New(), awsConfig(region, creds))
userOutput, err := Iam.GetUser(&iam.GetUserInput{})
if err != nil {
if ae, ok := err.(awserr.Error); ok {
return fmt.Errorf("%s. See %s", ae.Code(), iamUserURL)
}
return fmt.Errorf("%s. See %s", err, iamUserURL)
}
policies, err := Iam.ListAttachedUserPolicies(&iam.ListAttachedUserPoliciesInput{
UserName: userOutput.User.UserName,
})
if err != nil {
if ae, ok := err.(awserr.Error); ok {
return fmt.Errorf("%s. See %s", ae.Code(), iamUserURL)
}
}
for _, policy := range policies.AttachedPolicies {
if "AdministratorAccess" == *policy.PolicyName {
return nil
}
}
msg := fmt.Errorf("Administrator access needed. See %s", iamUserURL)
stdcli.QOSEventSend("cli-install", distinctID, stdcli.QOSEventProperties{Error: msg})
return stdcli.Error(msg)
}
示例3: createIAMLambdaRolePolicy
func (infra *Infrastructure) createIAMLambdaRolePolicy(roleName string) error {
svc := iam.New(session.New(), infra.config)
_, err := svc.PutRolePolicy(&iam.PutRolePolicyInput{
PolicyDocument: aws.String(`{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"sqs:SendMessage"
],
"Effect": "Allow",
"Resource": "arn:aws:sqs:*:*:goad-*"
},
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "arn:aws:logs:*:*:*"
}
]
}`),
PolicyName: aws.String("goad-lambda-role-policy"),
RoleName: aws.String(roleName),
})
return err
}
示例4: createIAMLambdaRole
func (infra *Infrastructure) createIAMLambdaRole(roleName string) (arn string, err error) {
svc := iam.New(session.New(), infra.config)
resp, err := svc.GetRole(&iam.GetRoleInput{
RoleName: aws.String(roleName),
})
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
if awsErr.Code() == "NoSuchEntity" {
res, err := svc.CreateRole(&iam.CreateRoleInput{
AssumeRolePolicyDocument: aws.String(`{
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Principal": {"Service": "lambda.amazonaws.com"},
"Action": "sts:AssumeRole"
}
}`),
RoleName: aws.String(roleName),
Path: aws.String("/"),
})
if err != nil {
return "", err
}
if err := infra.createIAMLambdaRolePolicy(*res.Role.RoleName); err != nil {
return "", err
}
return *res.Role.Arn, nil
}
}
return "", err
}
return *resp.Role.Arn, nil
}
示例5: main
func main() {
flag.Parse()
config, err := LoadConfig(configFilePath)
if err != nil {
log.Fatalf("Error loading config file: %s", err)
}
logger := buildLogger(config.LogLevel)
awsConfig := aws.NewConfig().WithRegion(config.SQSConfig.Region)
awsSession := session.New(awsConfig)
sqssvc := sqs.New(awsSession)
queue := awssqs.NewSQSQueue(sqssvc, logger)
iamsvc := iam.New(awsSession)
user := awsiam.NewIAMUser(iamsvc, logger)
serviceBroker := sqsbroker.New(config.SQSConfig, queue, user, logger)
credentials := brokerapi.BrokerCredentials{
Username: config.Username,
Password: config.Password,
}
brokerAPI := brokerapi.New(serviceBroker, logger, credentials)
http.Handle("/", brokerAPI)
fmt.Println("SQS Service Broker started on port " + port + "...")
http.ListenAndServe(":"+port, nil)
}
示例6: Run
func (u *User) Run(args []string) int {
cli := iam.New(session.New(aws.NewConfig().WithRegion(u.config.Region)))
u.ListUsers(cli)
return 0
}
示例7: teardown
func teardown() error {
creds := credentials.NewStaticCredentials(os.Getenv("AWS_ACCESS_KEY_ID"), os.Getenv("AWS_SECRET_ACCESS_KEY"), "")
awsConfig := &aws.Config{
Credentials: creds,
Region: aws.String("us-east-1"),
HTTPClient: cleanhttp.DefaultClient(),
}
svc := iam.New(session.New(awsConfig))
attachment := &iam.DetachRolePolicyInput{
PolicyArn: aws.String(testPolicyArn),
RoleName: aws.String(testRoleName), // Required
}
_, err := svc.DetachRolePolicy(attachment)
params := &iam.DeleteRoleInput{
RoleName: aws.String(testRoleName),
}
log.Printf("[INFO] AWS DeleteRole: %s", testRoleName)
_, err = svc.DeleteRole(params)
if err != nil {
log.Printf("[WARN] AWS DeleteRole failed: %v", err)
}
return err
}
示例8: main
func main() {
flag.Parse()
config, err := LoadConfig(configFilePath)
if err != nil {
log.Fatalf("Error loading config file: %s", err)
}
logger := buildLogger(config.LogLevel)
awsConfig := aws.NewConfig().WithRegion(config.RDSConfig.Region)
awsSession := session.New(awsConfig)
iamsvc := iam.New(awsSession)
rdssvc := rds.New(awsSession)
dbInstance := awsrds.NewRDSDBInstance(config.RDSConfig.Region, iamsvc, rdssvc, logger)
dbCluster := awsrds.NewRDSDBCluster(config.RDSConfig.Region, iamsvc, rdssvc, logger)
sqlProvider := sqlengine.NewProviderService(logger)
serviceBroker := rdsbroker.New(config.RDSConfig, dbInstance, dbCluster, sqlProvider, logger)
credentials := brokerapi.BrokerCredentials{
Username: config.Username,
Password: config.Password,
}
brokerAPI := brokerapi.New(serviceBroker, logger, credentials)
http.Handle("/", brokerAPI)
fmt.Println("RDS Service Broker started on port " + port + "...")
http.ListenAndServe(":"+port, nil)
}
示例9: AccountID
// AccountID parses an AWS arn string to get the Account ID.
func (c *Cred) AccountID() (string, error) {
user, err := iam.New(c.session()).GetUser(nil)
if err == nil {
return parseAccountID(aws.StringValue(user.User.Arn))
}
for msg := err.Error(); msg != ""; {
i := strings.Index(msg, arnPrefix)
if i == -1 {
break
}
msg = msg[i:]
accountID, e := parseAccountID(msg)
if e != nil {
continue
}
return accountID, nil
}
return "", err
}
示例10: Run
func (r *Role) Run(args []string) int {
cli := iam.New(session.New(aws.NewConfig().WithRegion(r.config.Region)))
r.ListRole(cli)
return 0
}
示例11: clientIAM
// clientIAM creates a client to interact with AWS IAM API
func (b *backend) clientIAM(s logical.Storage, region string) (*iam.IAM, error) {
b.configMutex.RLock()
if b.IAMClientsMap[region] != nil {
defer b.configMutex.RUnlock()
// If the client object was already created, return it
return b.IAMClientsMap[region], nil
}
// Release the read lock and acquire the write lock
b.configMutex.RUnlock()
b.configMutex.Lock()
defer b.configMutex.Unlock()
// If the client gets created while switching the locks, return it
if b.IAMClientsMap[region] != nil {
return b.IAMClientsMap[region], nil
}
// Create an AWS config object using a chain of providers
awsConfig, err := b.getClientConfig(s, region)
if err != nil {
return nil, err
}
// Create a new IAM client object, cache it and return the same
b.IAMClientsMap[region] = iam.New(session.New(awsConfig))
return b.IAMClientsMap[region], nil
}
示例12: clientIAM
func clientIAM(s logical.Storage) (*iam.IAM, error) {
entry, err := s.Get("config/root")
if err != nil {
return nil, err
}
if entry == nil {
return nil, fmt.Errorf(
"root credentials haven't been configured. Please configure\n" +
"them at the 'config/root' endpoint")
}
var config rootConfig
if err := entry.DecodeJSON(&config); err != nil {
return nil, fmt.Errorf("error reading root configuration: %s", err)
}
creds := credentials.NewStaticCredentials(config.AccessKey, config.SecretKey, "")
awsConfig := &aws.Config{
Credentials: creds,
Region: aws.String(config.Region),
HTTPClient: cleanhttp.DefaultClient(),
}
return iam.New(session.New(awsConfig)), nil
}
示例13: initIamClient
func (r *run) initIamClient() *iam.IAM {
var awsconf aws.Config
if r.c.AccessKey != "" && r.c.SecretKey != "" {
awscreds := awscred.NewStaticCredentials(r.c.AccessKey, r.c.SecretKey, "")
awsconf.Credentials = awscreds
}
return iam.New(session.New(), &awsconf)
}
示例14: initIamClient
func (r *run) initIamClient() *iam.IAM {
awsconf := aws.NewConfig()
if r.c.AccessKey != "" && r.c.SecretKey != "" {
creds := awscred.NewStaticCredentials(r.c.AccessKey, r.c.SecretKey, "")
awsconf = awsconf.WithCredentials(creds)
}
return iam.New(session.New(), awsconf)
}
示例15: determineAccountIdViaGetUser
// see http://stackoverflow.com/a/18124234
func determineAccountIdViaGetUser(sess *session.Session) (string, error) {
getUserResp, err := iam.New(sess).GetUser(&iam.GetUserInput{})
if err != nil {
return "", err
}
return getAccountIdFromArn(*getUserResp.User.Arn), nil
}