使用 Amazon 开发工具包列出附加到 IAM 角色的策略

以下代码示例显示如何列出附加到 IAM 角色的策略。

.NET

Amazon SDK for .NET

提示

要了解如何设置和运行此示例，请参阅 GitHub。



using System;
using Amazon.IdentityManagement;
using Amazon.IdentityManagement.Model;

var client = new AmazonIdentityManagementServiceClient();
var request = new ListAttachedRolePoliciesRequest
{
    MaxItems = 10,
    RoleName = "testAssumeRole",
};

var response = await client.ListAttachedRolePoliciesAsync(request);

do
{
    response.AttachedPolicies.ForEach(policy =>
    {
        Console.WriteLine($"{policy.PolicyName} with ARN: {policy.PolicyArn}");
    });

    if (response.IsTruncated)
    {
        request.Marker = response.Marker;
        response = await client.ListAttachedRolePoliciesAsync(request);
    }

} while (response.IsTruncated);

有关 API 详细信息，请参阅《Amazon SDK for .NET API 参考》中的 ListAttachedRolePolicies。

Go

SDK for Go V2

提示

要了解如何设置和运行此示例，请参阅 GitHub。



	// ListAttachedRolePolicies

	attachedPoliciesList, err := service.ListAttachedRolePolicies(context.Background(), &iam.ListAttachedRolePoliciesInput{
		RoleName: aws.String(ExampleRoleName),
	})

	if err != nil {
		panic("Couldn't call ListAttachedRolePolicies: " + err.Error())
	}

	fmt.Println("➡️ List attached role policies for " + ExampleRoleName)

	for _, attachedPolicy := range attachedPoliciesList.AttachedPolicies {
		fmt.Printf("attached policy: %v\n (%v) \n", attachedPolicy.PolicyArn, attachedPolicy.PolicyName)
	}

有关 API 详细信息，请参阅《Amazon SDK for Go API 参考》中的 ListAttachedRolePolicies。

JavaScript

SDK for JavaScript V3

提示

要了解如何设置和运行此示例，请参阅 GitHub。

创建客户端。


import { IAMClient } from "@aws-sdk/client-iam";
// Set the AWS Region.
const REGION = "REGION"; // For example, "us-east-1".
// Create an IAM service client object.
const iamClient = new IAMClient({ region: REGION });
export { iamClient };

列出附加到角色的策略。


// Import required AWS SDK clients and commands for Node.js.
import { iamClient } from "./libs/iamClient.js";
import {ListAttachedRolePoliciesCommand} from "@aws-sdk/client-iam";

// Set the parameters.
export const params = {
    RoleName: 'ROLE_NAME' /* required */
};

export const run = async () => {
    try {
        const data = await iamClient.send(new ListAttachedRolePoliciesCommand(params));
        console.log("Success", data.AttachedPolicies);
    } catch (err) {
        console.log("Error", err);
    }
}
run();

有关 API 详细信息，请参阅《Amazon SDK for JavaScript API 参考》中的 ListAttachedRolePolicies。

PHP

SDK for PHP

提示

要了解如何设置和运行此示例，请参阅 GitHub。


$uuid = uniqid();
$service = new IamService();

    public function listAttachedRolePolicies($roleName, $pathPrefix = "", $marker = "", $maxItems = 0)
    {
        $listAttachRolePoliciesArguments = ['RoleName' => $roleName];
        if ($pathPrefix) {
            $listAttachRolePoliciesArguments['PathPrefix'] = $pathPrefix;
        }
        if ($marker) {
            $listAttachRolePoliciesArguments['Marker'] = $marker;
        }
        if ($maxItems) {
            $listAttachRolePoliciesArguments['MaxItems'] = $maxItems;
        }
        return $this->iamClient->listAttachedRolePolicies($listAttachRolePoliciesArguments);
    }

有关 API 详细信息，请参阅《Amazon SDK for PHP API 参考》中的 ListAttachedRolePolicies。

Python

适用于 Python (Boto3) 的 SDK

提示

要了解如何设置和运行此示例，请参阅 GitHub。


def list_attached_policies(role_name):
    """
    Lists policies attached to a role.

    :param role_name: The name of the role to query.
    """
    try:
        role = iam.Role(role_name)
        for policy in role.attached_policies.all():
            logger.info("Got policy %s.", policy.arn)
    except ClientError:
        logger.exception("Couldn't list attached policies for %s.", role_name)
        raise

有关 API 详细信息，请参阅《Amazon SDK for Python（Boto3）API 参考》中的 ListAttachedRolePolicies。

Ruby

SDK for Ruby

提示

要了解如何设置和运行此示例，请参阅 GitHub。


  # Deletes a role. If the role has policies attached, they are detached and
  # deleted before the role is deleted.
  #
  # @param role [Aws::IAM::Role] The role to delete.
  def delete_role(role)
    role.attached_policies.each do |policy|
      name = policy.policy_name
      policy.detach_role(role_name: role.name)
      policy.delete
      puts("Deleted policy #{name}.")
    end
    name = role.name
    role.delete
    puts("Deleted role #{name}.")
  rescue Aws::Errors::ServiceError => e
    puts("Couldn't detach policies and delete role #{role.name}. Here's why:")
    puts("\t#{e.code}: #{e.message}")
    raise
  end

有关 API 详细信息，请参阅《Amazon SDK for Ruby API 参考》中的 ListAttachedRolePolicies。

Rust

SDK for Rust

注意

本文档适用于预览版中的软件开发工具包。软件开发工具包可能随时发生变化，不应在生产环境中使用。

提示

要了解如何设置和运行此示例，请参阅 GitHub。


pub async fn list_attached_role_policies(
    client: &iamClient,
    role_name: String,
    path_prefix: Option<String>,
    marker: Option<String>,
    max_items: Option<i32>,
) -> Result<ListAttachedRolePoliciesOutput, SdkError<ListAttachedRolePoliciesError>> {
    let response = client
        .list_attached_role_policies()
        .role_name(role_name)
        .set_path_prefix(path_prefix)
        .set_marker(marker)
        .set_max_items(max_items)
        .send()
        .await?;

    Ok(response)
}

有关 API 详细信息，请参阅《Amazon SDK for Rust API 参考》中的 ListAttachedRolePolicies。

有关 Amazon 软件开发工具包开发人员指南和代码示例的完整列表，请参阅将 IAM 与 Amazon 开发工具包配合使用。本主题还包括有关入门的信息以及有关先前的软件开发工具包版本的详细信息。

Javascript 在您的浏览器中被禁用或不可用。

要使用 Amazon Web Services 文档，必须启用 Javascript。请参阅浏览器的帮助页面以了解相关说明。

列出策略

列出角色