当前位置: 首页>>代码示例>>Golang>>正文


Golang iam.IAM类代码示例

本文整理汇总了Golang中github.com/aws/aws-sdk-go/service/iam.IAM的典型用法代码示例。如果您正苦于以下问题:Golang IAM类的具体用法?Golang IAM怎么用?Golang IAM使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


在下文中一共展示了IAM类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。

示例1: CreateUser

func (u *User) CreateUser(svc *iam.IAM) error {
	params := &iam.CreateUserInput{
		UserName: aws.String(u.UserName), // Required
		Path:     aws.String("/"),
	}
	_, err := svc.CreateUser(params)

	if err != nil {
		return err
	}

	return nil
}
开发者ID:humankeyboard,项目名称:awsplus,代码行数:13,代码来源:user.go

示例2: ValidateAccountId

// ValidateAccountId returns a context-specific error if the configured account
// id is explicitly forbidden or not authorised; and nil if it is authorised.
func (c *Config) ValidateAccountId(iamconn *iam.IAM) error {
	if c.AllowedAccountIds == nil && c.ForbiddenAccountIds == nil {
		return nil
	}

	log.Printf("[INFO] Validating account ID")

	out, err := iamconn.GetUser(nil)
	if err != nil {
		return fmt.Errorf("Failed getting account ID from IAM: %s", err)
	}

	account_id := strings.Split(*out.User.ARN, ":")[4]

	if c.ForbiddenAccountIds != nil {
		for _, id := range c.ForbiddenAccountIds {
			if id == account_id {
				return fmt.Errorf("Forbidden account ID (%s)", id)
			}
		}
	}

	if c.AllowedAccountIds != nil {
		for _, id := range c.AllowedAccountIds {
			if id == account_id {
				return nil
			}
		}
		return fmt.Errorf("Account ID not allowed (%s)", account_id)
	}

	return nil
}
开发者ID:rgl,项目名称:terraform,代码行数:35,代码来源:config.go

示例3: GetGroupPolicy

func (g *Group) GetGroupPolicy(cli *iam.IAM, groupName, policyName string) {
	//get-group-policy
	req := &iam.GetGroupPolicyInput{
		GroupName:  aws.String(groupName),
		PolicyName: aws.String(policyName),
	}
	resp, err := cli.GetGroupPolicy(req)
	raiseError(err)

	policyDocument := parsePolicyDocument(decodeUri(*resp.PolicyDocument))

	if len(policyDocument.Statement) < 1 {
		fmt.Printf("\"%s\", \"%s\", \"\"\n",
			*resp.GroupName,
			*resp.PolicyName,
		)
	}

	for i := 0; i < len(policyDocument.Statement); i++ {
		if len(policyDocument.Statement[i].Action) < 1 {
			fmt.Printf("\"%s\", \"%s\", \"\"\n",
				*resp.GroupName,
				*resp.PolicyName,
			)
		}
		for j := 0; j < len(policyDocument.Statement[i].Action); j++ {
			fmt.Printf("\"%s\", \"%s\", \"%s\"\n",
				*resp.GroupName,
				*resp.PolicyName,
				policyDocument.Statement[i].Action[j],
			)
		}
	}
}
开发者ID:honeybe,项目名称:code-sample,代码行数:34,代码来源:group.go

示例4: instanceProfileAddRole

func instanceProfileAddRole(iamconn *iam.IAM, profileName, roleName string) error {
	request := &iam.AddRoleToInstanceProfileInput{
		InstanceProfileName: aws.String(profileName),
		RoleName:            aws.String(roleName),
	}

	_, err := iamconn.AddRoleToInstanceProfile(request)
	return err
}
开发者ID:solarnz,项目名称:terraform,代码行数:9,代码来源:resource_aws_iam_instance_profile.go

示例5: GetAccountId

func GetAccountId(iamconn *iam.IAM, stsconn *sts.STS, authProviderName string) (string, error) {
	// If we have creds from instance profile, we can use metadata API
	if authProviderName == ec2rolecreds.ProviderName {
		log.Println("[DEBUG] Trying to get account ID via AWS Metadata API")

		cfg := &aws.Config{}
		setOptionalEndpoint(cfg)
		metadataClient := ec2metadata.New(session.New(cfg))
		info, err := metadataClient.IAMInfo()
		if err != nil {
			// This can be triggered when no IAM Role is assigned
			// or AWS just happens to return invalid response
			return "", fmt.Errorf("Failed getting EC2 IAM info: %s", err)
		}

		return parseAccountIdFromArn(info.InstanceProfileArn)
	}

	// Then try IAM GetUser
	log.Println("[DEBUG] Trying to get account ID via iam:GetUser")
	outUser, err := iamconn.GetUser(nil)
	if err == nil {
		return parseAccountIdFromArn(*outUser.User.Arn)
	}

	awsErr, ok := err.(awserr.Error)
	// AccessDenied and ValidationError can be raised
	// if credentials belong to federated profile, so we ignore these
	if !ok || (awsErr.Code() != "AccessDenied" && awsErr.Code() != "ValidationError") {
		return "", fmt.Errorf("Failed getting account ID via 'iam:GetUser': %s", err)
	}
	log.Printf("[DEBUG] Getting account ID via iam:GetUser failed: %s", err)

	// Then try STS GetCallerIdentity
	log.Println("[DEBUG] Trying to get account ID via sts:GetCallerIdentity")
	outCallerIdentity, err := stsconn.GetCallerIdentity(&sts.GetCallerIdentityInput{})
	if err == nil {
		return *outCallerIdentity.Account, nil
	}
	log.Printf("[DEBUG] Getting account ID via sts:GetCallerIdentity failed: %s", err)

	// Then try IAM ListRoles
	log.Println("[DEBUG] Trying to get account ID via iam:ListRoles")
	outRoles, err := iamconn.ListRoles(&iam.ListRolesInput{
		MaxItems: aws.Int64(int64(1)),
	})
	if err != nil {
		return "", fmt.Errorf("Failed getting account ID via 'iam:ListRoles': %s", err)
	}

	if len(outRoles.Roles) < 1 {
		return "", fmt.Errorf("Failed getting account ID via 'iam:ListRoles': No roles available")
	}

	return parseAccountIdFromArn(*outRoles.Roles[0].Arn)
}
开发者ID:RezaDKhan,项目名称:terraform,代码行数:56,代码来源:auth_helpers.go

示例6: detachPolicyFromUser

func detachPolicyFromUser(conn *iam.IAM, user string, arn string) error {
	_, err := conn.DetachUserPolicy(&iam.DetachUserPolicyInput{
		UserName:  aws.String(user),
		PolicyArn: aws.String(arn),
	})
	if err != nil {
		return err
	}
	return nil
}
开发者ID:RezaDKhan,项目名称:terraform,代码行数:10,代码来源:resource_aws_iam_user_policy_attachment.go

示例7: detachPolicyFromRole

func detachPolicyFromRole(conn *iam.IAM, role string, arn string) error {
	_, err := conn.DetachRolePolicy(&iam.DetachRolePolicyInput{
		RoleName:  aws.String(role),
		PolicyArn: aws.String(arn),
	})
	if err != nil {
		return err
	}
	return nil
}
开发者ID:Originate,项目名称:terraform,代码行数:10,代码来源:resource_aws_iam_role_policy_attachment.go

示例8: detachPolicyFromGroup

func detachPolicyFromGroup(conn *iam.IAM, group string, arn string) error {
	_, err := conn.DetachGroupPolicy(&iam.DetachGroupPolicyInput{
		GroupName: aws.String(group),
		PolicyArn: aws.String(arn),
	})
	if err != nil {
		return err
	}
	return nil
}
开发者ID:RezaDKhan,项目名称:terraform,代码行数:10,代码来源:resource_aws_iam_group_policy_attachment.go

示例9: ValidateCredentials

// Validate credentials early and fail before we do any graph walking
func (c *Config) ValidateCredentials(iamconn *iam.IAM) error {
	_, err := iamconn.GetUser(nil)

	if awsErr, ok := err.(awserr.Error); ok {
		if awsErr.Code() == "SignatureDoesNotMatch" {
			return fmt.Errorf("Failed authenticating with AWS: please verify credentials")
		}
	}

	return err
}
开发者ID:econnell,项目名称:terraform,代码行数:12,代码来源:config.go

示例10: UserAccount

func UserAccount(iamsvc *iam.IAM) (string, error) {
	getUserInput := &iam.GetUserInput{}
	getUserOutput, err := iamsvc.GetUser(getUserInput)
	if err != nil {
		return "", err
	}

	userAccount := strings.Split(*getUserOutput.User.Arn, ":")

	return userAccount[4], nil
}
开发者ID:x6j8x,项目名称:rds-broker,代码行数:11,代码来源:utils.go

示例11: iamPolicyListVersions

func iamPolicyListVersions(arn string, iamconn *iam.IAM) ([]*iam.PolicyVersion, error) {
	request := &iam.ListPolicyVersionsInput{
		PolicyARN: aws.String(arn),
	}

	response, err := iamconn.ListPolicyVersions(request)
	if err != nil {
		return nil, fmt.Errorf("Error listing versions for IAM policy %s: %s", arn, err)
	}
	return response.Versions, nil
}
开发者ID:keen99,项目名称:terraform,代码行数:11,代码来源:resource_aws_iam_policy.go

示例12: detachPolicyFromUsers

func detachPolicyFromUsers(conn *iam.IAM, users []*string, arn string) error {
	for _, u := range users {
		_, err := conn.DetachUserPolicy(&iam.DetachUserPolicyInput{
			UserName:  u,
			PolicyArn: aws.String(arn),
		})
		if err != nil {
			return err
		}
	}
	return nil
}
开发者ID:morts1a,项目名称:terraform,代码行数:12,代码来源:resource_aws_iam_policy_attachment.go

示例13: iamPolicyDeleteVersion

func iamPolicyDeleteVersion(arn, versionID string, iamconn *iam.IAM) error {
	request := &iam.DeletePolicyVersionInput{
		PolicyARN: aws.String(arn),
		VersionID: aws.String(versionID),
	}

	_, err := iamconn.DeletePolicyVersion(request)
	if err != nil {
		return fmt.Errorf("Error deleting version %s from IAM policy %s: %s", versionID, arn, err)
	}
	return nil
}
开发者ID:keen99,项目名称:terraform,代码行数:12,代码来源:resource_aws_iam_policy.go

示例14: detachPolicyFromRoles

func detachPolicyFromRoles(conn *iam.IAM, roles []*string, arn string) error {
	for _, r := range roles {
		_, err := conn.DetachRolePolicy(&iam.DetachRolePolicyInput{
			RoleName:  r,
			PolicyArn: aws.String(arn),
		})
		if err != nil {
			return err
		}
	}
	return nil
}
开发者ID:morts1a,项目名称:terraform,代码行数:12,代码来源:resource_aws_iam_policy_attachment.go

示例15: detachPolicyFromGroups

func detachPolicyFromGroups(conn *iam.IAM, groups []*string, arn string) error {
	for _, g := range groups {
		_, err := conn.DetachGroupPolicy(&iam.DetachGroupPolicyInput{
			GroupName: g,
			PolicyArn: aws.String(arn),
		})
		if err != nil {
			return err
		}
	}
	return nil
}
开发者ID:morts1a,项目名称:terraform,代码行数:12,代码来源:resource_aws_iam_policy_attachment.go


注:本文中的github.com/aws/aws-sdk-go/service/iam.IAM类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。