获取 AWS IAM 用户的标签详细信息
Get the Tags detail of AWS IAM user
我想使用rest服务或AWS Java SDK获取AWS IAM用户的标签信息。我找不到任何 AWS SDK 示例或 class 来获取 IAM 用户标签信息。
下面是我如何获取用户列表的示例,但我也想提取他们的标签详细信息
AmazonIdentityManagement iam= AmazonIdentityManagementClientBuilder.standard().withCredentials(awCreds).withRegion(Regions.US_EAST_1).build();
ListiamUsers=iam.listUsers().getUsers();
谁能告诉我该怎么做?
我也尝试了下面的程序来列出用户的标签,但出现以下错误:
我们计算出的请求签名与您提供的签名不匹配。检查您的 AWS 秘密访问密钥和签名方法。有关详细信息,请参阅服务文档。
public class ListUserTags {
public static void main(String args[]) {
String kSecret = "adfdskjfdjssfjdjfdsdumykeysecret3eiiid";
String dateStamp = getConvertedDateString("yyyyMMdd", new Date());
System.out.println("dateStamp:" + dateStamp);
String regionName = "us-east-1";
String serviceName = "iam";
String xmzDate = getConvertedDateString("yyyyMMdd'T'HHmmss'Z'", new Date());;
System.out.println("date:" + xmzDate);
String signature = getSignatureKey(kSecret, dateStamp, regionName, serviceName); //signature
System.out.println("signature:" + signature);
OkHttpClient client = new OkHttpClient().clone();
//MediaType mediaType = MediaType.parse("text/plain");
Request request = new Request.Builder()
.url("https://iam.amazonaws.com/?Action=ListUserTags&Version=2010-05-08&UserName=SVC_ServiceAccount04")
.method("GET", null)
.addHeader("host", "iam.amazonaws.com")
.addHeader("X-Amz-Date", xmzDate)
.addHeader("Authorization", "AWS4-HMAC-SHA256 Credential=ABC787dsfsdDummyAccessKey/" + dateStamp + "/us-east-1/iam/aws4_request, SignedHeaders=host;x-amz-date, Signature=" + signature)
System.out.println("req:" + request.headers().toString());
Response response = client.newCall(request).execute();
}
static byte[] HmacSHA256(String data, byte[] key) throws Exception {
String algorithm = "HmacSHA256";
Mac mac = Mac.getInstance(algorithm);
mac.init(new SecretKeySpec(key, algorithm));
return mac.doFinal(data.getBytes("UTF-8"));
}
static String getSignatureKey(String key, String dateStamp, String regionName, String serviceName) throws Exception {
byte[] kSecret = ("AWS4" + key).getBytes("UTF-8");
byte[] kDate = HmacSHA256(dateStamp, kSecret);
byte[] kRegion = HmacSHA256(regionName, kDate);
byte[] kService = HmacSHA256(serviceName, kRegion);
byte[] kSigning = HmacSHA256("aws4_request", kService);
return Hex.encodeHexString(kSigning);
}
public static String getConvertedDateString(String format, Date date) {
return new SimpleDateFormat(format).format(date);
}
}
你试过ListUserTags了吗?似乎是您要找的东西
可以按如下方式获取用户的标签:
public static void main(String[] args) {
// Please consider using aws configure and avoid hard-coding credentials
BasicAWSCredentials awsCredentials = new BasicAWSCredentials("access_key_id", "secret_key_id");
AmazonIdentityManagement iam = AmazonIdentityManagementClientBuilder.standard()
.withCredentials(new AWSStaticCredentialsProvider(awsCredentials))
.build();
// Create a request with the username for which we want to query the tags
ListUserTagsRequest request = new ListUserTagsRequest().withUserName("username");
ListUserTagsResult result;
List<Tag> tags = new ArrayList<>();
do {
result = iam.listUserTags(request);
tags.addAll(result.getTags());
request.setMarker(result.getMarker());
} while (result.isTruncated());
// Do something with the tags
System.out.println(tags);
}
我认为代码不言自明。可以找到 AWS IAM Java sdk 的更深入的文档 here。
我想使用rest服务或AWS Java SDK获取AWS IAM用户的标签信息。我找不到任何 AWS SDK 示例或 class 来获取 IAM 用户标签信息。
下面是我如何获取用户列表的示例,但我也想提取他们的标签详细信息
AmazonIdentityManagement iam= AmazonIdentityManagementClientBuilder.standard().withCredentials(awCreds).withRegion(Regions.US_EAST_1).build(); ListiamUsers=iam.listUsers().getUsers();
谁能告诉我该怎么做?
我也尝试了下面的程序来列出用户的标签,但出现以下错误: 我们计算出的请求签名与您提供的签名不匹配。检查您的 AWS 秘密访问密钥和签名方法。有关详细信息,请参阅服务文档。
public class ListUserTags {
public static void main(String args[]) {
String kSecret = "adfdskjfdjssfjdjfdsdumykeysecret3eiiid";
String dateStamp = getConvertedDateString("yyyyMMdd", new Date());
System.out.println("dateStamp:" + dateStamp);
String regionName = "us-east-1";
String serviceName = "iam";
String xmzDate = getConvertedDateString("yyyyMMdd'T'HHmmss'Z'", new Date());;
System.out.println("date:" + xmzDate);
String signature = getSignatureKey(kSecret, dateStamp, regionName, serviceName); //signature
System.out.println("signature:" + signature);
OkHttpClient client = new OkHttpClient().clone();
//MediaType mediaType = MediaType.parse("text/plain");
Request request = new Request.Builder()
.url("https://iam.amazonaws.com/?Action=ListUserTags&Version=2010-05-08&UserName=SVC_ServiceAccount04")
.method("GET", null)
.addHeader("host", "iam.amazonaws.com")
.addHeader("X-Amz-Date", xmzDate)
.addHeader("Authorization", "AWS4-HMAC-SHA256 Credential=ABC787dsfsdDummyAccessKey/" + dateStamp + "/us-east-1/iam/aws4_request, SignedHeaders=host;x-amz-date, Signature=" + signature)
System.out.println("req:" + request.headers().toString());
Response response = client.newCall(request).execute();
}
static byte[] HmacSHA256(String data, byte[] key) throws Exception {
String algorithm = "HmacSHA256";
Mac mac = Mac.getInstance(algorithm);
mac.init(new SecretKeySpec(key, algorithm));
return mac.doFinal(data.getBytes("UTF-8"));
}
static String getSignatureKey(String key, String dateStamp, String regionName, String serviceName) throws Exception {
byte[] kSecret = ("AWS4" + key).getBytes("UTF-8");
byte[] kDate = HmacSHA256(dateStamp, kSecret);
byte[] kRegion = HmacSHA256(regionName, kDate);
byte[] kService = HmacSHA256(serviceName, kRegion);
byte[] kSigning = HmacSHA256("aws4_request", kService);
return Hex.encodeHexString(kSigning);
}
public static String getConvertedDateString(String format, Date date) {
return new SimpleDateFormat(format).format(date);
}
}
你试过ListUserTags了吗?似乎是您要找的东西
可以按如下方式获取用户的标签:
public static void main(String[] args) {
// Please consider using aws configure and avoid hard-coding credentials
BasicAWSCredentials awsCredentials = new BasicAWSCredentials("access_key_id", "secret_key_id");
AmazonIdentityManagement iam = AmazonIdentityManagementClientBuilder.standard()
.withCredentials(new AWSStaticCredentialsProvider(awsCredentials))
.build();
// Create a request with the username for which we want to query the tags
ListUserTagsRequest request = new ListUserTagsRequest().withUserName("username");
ListUserTagsResult result;
List<Tag> tags = new ArrayList<>();
do {
result = iam.listUserTags(request);
tags.addAll(result.getTags());
request.setMarker(result.getMarker());
} while (result.isTruncated());
// Do something with the tags
System.out.println(tags);
}
我认为代码不言自明。可以找到 AWS IAM Java sdk 的更深入的文档 here。