我正在用Java开发应用程序,它要求用户拥有一个策略文档。用户输入访问密钥和密钥。我使用凭据获得了AmazonIdentityManagementClient对象。我的应用程序需要" lambda:InvokeFunction"。任何人都可以指导我如何检查用户策略lambdainvoke。
答案 0 :(得分:1)
您可以使用AmazonIdentityManagementClient.listAttachedUserPolicies()列出附加到用户的政策。这将使您进入可以传递到AmazonIdentityManagementClient.getPolicy()的策略ARN列表。
答案 1 :(得分:1)
尝试下面的代码以字符串形式获取附加策略。
AmazonIdentityManagementAsync iam = AmazonIdentityManagementAsyncClientBuilder
.standard()
.withCredentials(new AWSStaticCredentialsProvider(
new BasicAWSCredentials("",
"")))
.withRegion(Regions.fromName(""))
.withClientConfiguration(getClientConfiguration()).build();
ListAttachedUserPoliciesRequest pre = new ListAttachedUserPoliciesRequest();
pre.setUserName(iam.getUser().getUser().getUserName());
ListAttachedUserPoliciesResult re = iam.listAttachedUserPolicies(pre);
re.getAttachedPolicies().forEach(p -> {
GetPolicyRequest preq = new GetPolicyRequest();
preq.setPolicyArn(p.getPolicyArn());
GetPolicyResult r = iam.getPolicy(preq);
GetPolicyVersionRequest req = new GetPolicyVersionRequest();
req.setPolicyArn(p.getPolicyArn());
req.setVersionId(r.getPolicy().getDefaultVersionId());
GetPolicyVersionResult res = iam.getPolicyVersion(req);
System.out.println(URLDecoder.decode(res.getPolicyVersion().getDocument()));
});