當前位置: 首頁>>代碼示例>>Golang>>正文

Golang iam.IAM類代碼示例

本文整理匯總了Golang中github.com/aws/aws-sdk-go/service/iam.IAM的典型用法代碼示例。如果您正苦於以下問題:Golang IAM類的具體用法?Golang IAM怎麽用?Golang IAM使用的例子?那麽, 這裏精選的類代碼示例或許可以為您提供幫助。


在下文中一共展示了IAM類的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Golang代碼示例。

示例1: CreateUser

func (u *User) CreateUser(svc *iam.IAM) error {
	params := &iam.CreateUserInput{
		UserName: aws.String(u.UserName), // Required
		Path:     aws.String("/"),
	}
	_, err := svc.CreateUser(params)

	if err != nil {
		return err
	}

	return nil
}
開發者ID:humankeyboard,項目名稱:awsplus,代碼行數:13,代碼來源:user.go

示例2: ValidateAccountId

// ValidateAccountId returns a context-specific error if the configured account
// id is explicitly forbidden or not authorised; and nil if it is authorised.
func (c *Config) ValidateAccountId(iamconn *iam.IAM) error {
	if c.AllowedAccountIds == nil && c.ForbiddenAccountIds == nil {
		return nil
	}

	log.Printf("[INFO] Validating account ID")

	out, err := iamconn.GetUser(nil)
	if err != nil {
		return fmt.Errorf("Failed getting account ID from IAM: %s", err)
	}

	account_id := strings.Split(*out.User.ARN, ":")[4]

	if c.ForbiddenAccountIds != nil {
		for _, id := range c.ForbiddenAccountIds {
			if id == account_id {
				return fmt.Errorf("Forbidden account ID (%s)", id)
			}
		}
	}

	if c.AllowedAccountIds != nil {
		for _, id := range c.AllowedAccountIds {
			if id == account_id {
				return nil
			}
		}
		return fmt.Errorf("Account ID not allowed (%s)", account_id)
	}

	return nil
}
開發者ID:rgl,項目名稱:terraform,代碼行數:35,代碼來源:config.go

示例3: GetGroupPolicy

func (g *Group) GetGroupPolicy(cli *iam.IAM, groupName, policyName string) {
	//get-group-policy
	req := &iam.GetGroupPolicyInput{
		GroupName:  aws.String(groupName),
		PolicyName: aws.String(policyName),
	}
	resp, err := cli.GetGroupPolicy(req)
	raiseError(err)

	policyDocument := parsePolicyDocument(decodeUri(*resp.PolicyDocument))

	if len(policyDocument.Statement) < 1 {
		fmt.Printf("\"%s\", \"%s\", \"\"\n",
			*resp.GroupName,
			*resp.PolicyName,
		)
	}

	for i := 0; i < len(policyDocument.Statement); i++ {
		if len(policyDocument.Statement[i].Action) < 1 {
			fmt.Printf("\"%s\", \"%s\", \"\"\n",
				*resp.GroupName,
				*resp.PolicyName,
			)
		}
		for j := 0; j < len(policyDocument.Statement[i].Action); j++ {
			fmt.Printf("\"%s\", \"%s\", \"%s\"\n",
				*resp.GroupName,
				*resp.PolicyName,
				policyDocument.Statement[i].Action[j],
			)
		}
	}
}
開發者ID:honeybe,項目名稱:code-sample,代碼行數:34,代碼來源:group.go

示例4: instanceProfileAddRole

func instanceProfileAddRole(iamconn *iam.IAM, profileName, roleName string) error {
	request := &iam.AddRoleToInstanceProfileInput{
		InstanceProfileName: aws.String(profileName),
		RoleName:            aws.String(roleName),
	}

	_, err := iamconn.AddRoleToInstanceProfile(request)
	return err
}
開發者ID:solarnz,項目名稱:terraform,代碼行數:9,代碼來源:resource_aws_iam_instance_profile.go

示例5: GetAccountId

func GetAccountId(iamconn *iam.IAM, stsconn *sts.STS, authProviderName string) (string, error) {
	// If we have creds from instance profile, we can use metadata API
	if authProviderName == ec2rolecreds.ProviderName {
		log.Println("[DEBUG] Trying to get account ID via AWS Metadata API")

		cfg := &aws.Config{}
		setOptionalEndpoint(cfg)
		metadataClient := ec2metadata.New(session.New(cfg))
		info, err := metadataClient.IAMInfo()
		if err != nil {
			// This can be triggered when no IAM Role is assigned
			// or AWS just happens to return invalid response
			return "", fmt.Errorf("Failed getting EC2 IAM info: %s", err)
		}

		return parseAccountIdFromArn(info.InstanceProfileArn)
	}

	// Then try IAM GetUser
	log.Println("[DEBUG] Trying to get account ID via iam:GetUser")
	outUser, err := iamconn.GetUser(nil)
	if err == nil {
		return parseAccountIdFromArn(*outUser.User.Arn)
	}

	awsErr, ok := err.(awserr.Error)
	// AccessDenied and ValidationError can be raised
	// if credentials belong to federated profile, so we ignore these
	if !ok || (awsErr.Code() != "AccessDenied" && awsErr.Code() != "ValidationError") {
		return "", fmt.Errorf("Failed getting account ID via 'iam:GetUser': %s", err)
	}
	log.Printf("[DEBUG] Getting account ID via iam:GetUser failed: %s", err)

	// Then try STS GetCallerIdentity
	log.Println("[DEBUG] Trying to get account ID via sts:GetCallerIdentity")
	outCallerIdentity, err := stsconn.GetCallerIdentity(&sts.GetCallerIdentityInput{})
	if err == nil {
		return *outCallerIdentity.Account, nil
	}
	log.Printf("[DEBUG] Getting account ID via sts:GetCallerIdentity failed: %s", err)

	// Then try IAM ListRoles
	log.Println("[DEBUG] Trying to get account ID via iam:ListRoles")
	outRoles, err := iamconn.ListRoles(&iam.ListRolesInput{
		MaxItems: aws.Int64(int64(1)),
	})
	if err != nil {
		return "", fmt.Errorf("Failed getting account ID via 'iam:ListRoles': %s", err)
	}

	if len(outRoles.Roles) < 1 {
		return "", fmt.Errorf("Failed getting account ID via 'iam:ListRoles': No roles available")
	}

	return parseAccountIdFromArn(*outRoles.Roles[0].Arn)
}
開發者ID:RezaDKhan,項目名稱:terraform,代碼行數:56,代碼來源:auth_helpers.go

示例6: detachPolicyFromUser

func detachPolicyFromUser(conn *iam.IAM, user string, arn string) error {
	_, err := conn.DetachUserPolicy(&iam.DetachUserPolicyInput{
		UserName:  aws.String(user),
		PolicyArn: aws.String(arn),
	})
	if err != nil {
		return err
	}
	return nil
}
開發者ID:RezaDKhan,項目名稱:terraform,代碼行數:10,代碼來源:resource_aws_iam_user_policy_attachment.go

示例7: detachPolicyFromRole

func detachPolicyFromRole(conn *iam.IAM, role string, arn string) error {
	_, err := conn.DetachRolePolicy(&iam.DetachRolePolicyInput{
		RoleName:  aws.String(role),
		PolicyArn: aws.String(arn),
	})
	if err != nil {
		return err
	}
	return nil
}
開發者ID:Originate,項目名稱:terraform,代碼行數:10,代碼來源:resource_aws_iam_role_policy_attachment.go

示例8: detachPolicyFromGroup

func detachPolicyFromGroup(conn *iam.IAM, group string, arn string) error {
	_, err := conn.DetachGroupPolicy(&iam.DetachGroupPolicyInput{
		GroupName: aws.String(group),
		PolicyArn: aws.String(arn),
	})
	if err != nil {
		return err
	}
	return nil
}
開發者ID:RezaDKhan,項目名稱:terraform,代碼行數:10,代碼來源:resource_aws_iam_group_policy_attachment.go

示例9: ValidateCredentials

// Validate credentials early and fail before we do any graph walking
func (c *Config) ValidateCredentials(iamconn *iam.IAM) error {
	_, err := iamconn.GetUser(nil)

	if awsErr, ok := err.(awserr.Error); ok {
		if awsErr.Code() == "SignatureDoesNotMatch" {
			return fmt.Errorf("Failed authenticating with AWS: please verify credentials")
		}
	}

	return err
}
開發者ID:econnell,項目名稱:terraform,代碼行數:12,代碼來源:config.go

示例10: UserAccount

func UserAccount(iamsvc *iam.IAM) (string, error) {
	getUserInput := &iam.GetUserInput{}
	getUserOutput, err := iamsvc.GetUser(getUserInput)
	if err != nil {
		return "", err
	}

	userAccount := strings.Split(*getUserOutput.User.Arn, ":")

	return userAccount[4], nil
}
開發者ID:x6j8x,項目名稱:rds-broker,代碼行數:11,代碼來源:utils.go

示例11: iamPolicyListVersions

func iamPolicyListVersions(arn string, iamconn *iam.IAM) ([]*iam.PolicyVersion, error) {
	request := &iam.ListPolicyVersionsInput{
		PolicyARN: aws.String(arn),
	}

	response, err := iamconn.ListPolicyVersions(request)
	if err != nil {
		return nil, fmt.Errorf("Error listing versions for IAM policy %s: %s", arn, err)
	}
	return response.Versions, nil
}
開發者ID:keen99,項目名稱:terraform,代碼行數:11,代碼來源:resource_aws_iam_policy.go

示例12: detachPolicyFromUsers

func detachPolicyFromUsers(conn *iam.IAM, users []*string, arn string) error {
	for _, u := range users {
		_, err := conn.DetachUserPolicy(&iam.DetachUserPolicyInput{
			UserName:  u,
			PolicyArn: aws.String(arn),
		})
		if err != nil {
			return err
		}
	}
	return nil
}
開發者ID:morts1a,項目名稱:terraform,代碼行數:12,代碼來源:resource_aws_iam_policy_attachment.go

示例13: iamPolicyDeleteVersion

func iamPolicyDeleteVersion(arn, versionID string, iamconn *iam.IAM) error {
	request := &iam.DeletePolicyVersionInput{
		PolicyARN: aws.String(arn),
		VersionID: aws.String(versionID),
	}

	_, err := iamconn.DeletePolicyVersion(request)
	if err != nil {
		return fmt.Errorf("Error deleting version %s from IAM policy %s: %s", versionID, arn, err)
	}
	return nil
}
開發者ID:keen99,項目名稱:terraform,代碼行數:12,代碼來源:resource_aws_iam_policy.go

示例14: detachPolicyFromRoles

func detachPolicyFromRoles(conn *iam.IAM, roles []*string, arn string) error {
	for _, r := range roles {
		_, err := conn.DetachRolePolicy(&iam.DetachRolePolicyInput{
			RoleName:  r,
			PolicyArn: aws.String(arn),
		})
		if err != nil {
			return err
		}
	}
	return nil
}
開發者ID:morts1a,項目名稱:terraform,代碼行數:12,代碼來源:resource_aws_iam_policy_attachment.go

示例15: detachPolicyFromGroups

func detachPolicyFromGroups(conn *iam.IAM, groups []*string, arn string) error {
	for _, g := range groups {
		_, err := conn.DetachGroupPolicy(&iam.DetachGroupPolicyInput{
			GroupName: g,
			PolicyArn: aws.String(arn),
		})
		if err != nil {
			return err
		}
	}
	return nil
}
開發者ID:morts1a,項目名稱:terraform,代碼行數:12,代碼來源:resource_aws_iam_policy_attachment.go


注:本文中的github.com/aws/aws-sdk-go/service/iam.IAM類示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。