策略管理接口
更新时间:2024-04-26
创建策略
通过以下代码创建策略
Go
1name := "test_sdk_go_policy"
2args := &api.CreatePolicyArgs{
3 Name: name,
4 Description: "description",
5 Document: "{\"accessControlList\": [{\"region\":\"bj\",\"service\":\"bcc\"," +
6"\"resource\":[\"*\"],\"permission\":[\"*\"],\"effect\":\"Allow\"}]}",
7}
8
9result, err := client.CreatePolicy(args)
10if err != nil {
11 fmt.Println("Update policy failed", err)
12} else {
13 fmt.Println("Update policy success", result)
14}
提示:
- 详细的参数配置及限制条件,可以参考IAM API 文档创建策略
查询策略
通过以下代码查询策略
Go
1 name := "test_sdk_go_policy"
2 policyType := "Custom"
3 result, err := client.GetPolicy(name, policyType)
4 if err != nil {
5 fmt.Println("Update policy failed", err)
6 } else {
7 fmt.Println("Update policy success", result)
8 }
提示:
- 详细的参数配置及限制条件,可以参考IAM API 文档创建策略
删除策略
通过以下代码删除策略
Go
1 name := "test_sdk_go_policy"
2 err = client.DeletePolicy(name)
3 if err != nil {
4 fmt.Println("List policy failed", err)
5 } else {
6 fmt.Println("List policy success", name)
7 }
提示:
- 详细的参数配置及限制条件,可以参考IAM API 文档删除策略
列举策略
通过以下代码列举策略
Go
1 name := "test_sdk_go_policy"
2 policyType := "Custom"
3 result, err := client.ListPolicy(name, policyType)
4 if err != nil {
5 fmt.Println("List policy failed", err)
6 } else {
7 fmt.Println("List policy success", result)
8 }
提示:
- 详细的参数配置及限制条件,可以参考IAM API 文档列举策略
关联用户权限
通过以下代码关联用户权限
Go
1 userName := "test_sdk_go_user"
2 policyName := "test_sdk_go_policy"
3 args := &api.AttachPolicyToUserArgs{
4 UserName: userName,
5 PolicyName: policyName,
6 }
7 err = client.AttachPolicyToUser(args)
8 if err != nil {
9 fmt.Println("Attach policy to user failed", err)
10 } else {
11 fmt.Println("Attach policy to user success", args)
12 }
提示:
- 详细的参数配置及限制条件,可以参考IAM API 文档关联用户权限
解除用户权限
通过以下代码解除用户权限
Go
1 userName := "test_sdk_go_user"
2 policyName := "test_sdk_go_policy"
3 args := &api.DetachPolicyFromUserArgs{
4 UserName: userName,
5 PolicyName: policyName,
6 }
7 err = client.DetachPolicyFromUser(args)
8 if err != nil {
9 fmt.Println("Detach policy to user failed", err)
10 } else {
11 fmt.Println("Detach policy to user success", args)
12 }
提示:
- 详细的参数配置及限制条件,可以参考IAM API 文档解除用户权限
列举用户的权限
通过以下代码列举用户的权限
Go
1 userName := "test_sdk_go_user"
2 result, err := client.ListUserAttachedPolicies(userName)
3 if err != nil {
4 fmt.Println("List user attached policy failed", err)
5 } else {
6 fmt.Println("List user attached policy success", result)
7 }
提示:
- 详细的参数配置及限制条件,可以参考IAM API 文档列举用户的权限
关联组权限
通过以下代码关联组权限
Go
1 groupName := "test_sdk_go_group"
2 policyName := "test_sdk_go_policy"
3 args := &api.AttachPolicyToGroupArgs{
4 GroupName: groupName,
5 PolicyName: policyName,
6 }
7 err = client.AttachPolicyToGroup(args)
8 if err != nil {
9 fmt.Println("Attach policy to group failed", err)
10 } else {
11 fmt.Println("Attach policy to group success", args)
12 }
提示:
- 详细的参数配置及限制条件,可以参考IAM API 文档关联组权限
解除组权限
通过以下代码解除组权限
Go
1 groupName := "test_sdk_go_group"
2 policyName := "test_sdk_go_policy"
3 args := &api.DetachPolicyFromGroupArgs{
4 GroupName: groupName,
5 PolicyName: policyName,
6 }
7 err = client.DetachPolicyFromGroup(args)
8 if err != nil {
9 fmt.Println("Detach policy to group failed", err)
10 } else {
11 fmt.Println("Detach policy to group success", args)
12 }
提示:
- 详细的参数配置及限制条件,可以参考IAM API 文档解除组权限
列举组权限
通过以下代码列举组权限
Go
1 groupName := "test_sdk_go_group"
2 result, err := client.ListGroupAttachedPolicies(groupName)
3 if err != nil {
4 fmt.Println("List group attached policy failed", err)
5 } else {
6 fmt.Println("List group attached policy success", result)
7 }
提示:
- 详细的参数配置及限制条件,可以参考IAM API 文档列举组权限
关联角色权限
通过以下代码关联角色权限
Go
1 roleName := "test_sdk_go_group"
2 policyName := "test_sdk_go_policy"
3 args := &api.AttachPolicyToRoleArgs{
4 RoleName: roleName,
5 PolicyName: policyName,
6 }
7 err = client.AttachPolicyToRole(args)
8 if err != nil {
9 fmt.Println("Attach policy to role failed", err)
10 } else {
11 fmt.Println("Attach policy to role success", args)
12 }
提示:
- 详细的参数配置及限制条件,可以参考IAM API 文档关联角色权限
解除角色权限
通过以下代码关联角色权限
Go
1 roleName := "test_sdk_go_group"
2 policyName := "test_sdk_go_policy"
3 args := &api.DetachPolicyToRoleArgs{
4 RoleName: roleName,
5 PolicyName: policyName,
6 }
7 err = client.DetachPolicyFromRole(args)
8 if err != nil {
9 fmt.Println("Detach policy to role failed", err)
10 } else {
11 fmt.Println("Detach policy to role success", args)
12 }
提示:
- 详细的参数配置及限制条件,可以参考IAM API 文档解除角色权限
列举角色的权限
通过以下代码列举角色权限
Go
1 roleName := "test_sdk_go_group"
2 result, err := client.ListRoleAttachedPolicies(roleName)
3 if err != nil {
4 fmt.Println("List role attached policy failed", err)
5 } else {
6 fmt.Println("List role attached policy success", result)
7 }
提示:
- 详细的参数配置及限制条件,可以参考IAM API 文档列举角色的权限
列举权限绑定的实体
通过以下代码列举权限绑定实体
Go
1 policyId := "test_policy_id"
2 entities, err := client.ListPolicyAttachedEntities(policyId)
3 if err != nil {
4 fmt.Println("List policy attached entities failed", err)
5 } else {
6 fmt.Println("List policy attached entities success", entities)
7 }
提示:
- 详细的参数配置及限制条件,可以参考IAM API 文档列举权限授予的所有主体