AWS 使用 Java SDK 检查用户策略文档

Question

我正在 Java 开发一个应用程序，它要求用户有一个政策文件。用户输入访问密钥和秘密密钥。我使用凭据获得了 AmazonIdentityManagementClient 对象。我的应用程序需要 "lambda:InvokeFunction"。谁能指导我如何检查用户策略是否有 lambdainvoke。

Answer 1

您可以使用 AmazonIdentityManagementClient.listAttachedUserPolicies() to list the policies attached to a user. This will get you to a list of policy ARNs which you can pass to AmazonIdentityManagementClient.getPolicy().

Answer 2

尝试使用以下代码获取字符串形式的附加政策。

AmazonIdentityManagementAsync iam = AmazonIdentityManagementAsyncClientBuilder
                .standard()
                .withCredentials(new AWSStaticCredentialsProvider(
                        new BasicAWSCredentials("",
                                "")))
                .withRegion(Regions.fromName(""))
                .withClientConfiguration(getClientConfiguration()).build();

        ListAttachedUserPoliciesRequest pre = new ListAttachedUserPoliciesRequest();
        pre.setUserName(iam.getUser().getUser().getUserName());

        ListAttachedUserPoliciesResult re = iam.listAttachedUserPolicies(pre);
        re.getAttachedPolicies().forEach(p -> {
            GetPolicyRequest preq = new GetPolicyRequest();
            preq.setPolicyArn(p.getPolicyArn());
            GetPolicyResult r = iam.getPolicy(preq);
            GetPolicyVersionRequest req = new GetPolicyVersionRequest();
            req.setPolicyArn(p.getPolicyArn());
            req.setVersionId(r.getPolicy().getDefaultVersionId());
            GetPolicyVersionResult res = iam.getPolicyVersion(req);
            System.out.println(URLDecoder.decode(res.getPolicyVersion().getDocument()));
        });