获取 AWS IAM 用户的标签详细信息

Get the Tags detail of AWS IAM user

我想使用rest服务或AWS Java SDK获取AWS IAM用户的标签信息。我找不到任何 AWS SDK 示例或 class 来获取 IAM 用户标签信息。 下面是我如何获取用户列表的示例,但我也想提取他们的标签详细信息

AmazonIdentityManagement iam= AmazonIdentityManagementClientBuilder.standard().withCredentials(awCreds).withRegion(Regions.US_EAST_1).build(); ListiamUsers=iam.listUsers().getUsers();

谁能告诉我该怎么做?

我也尝试了下面的程序来列出用户的标签,但出现以下错误: 我们计算出的请求签名与您提供的签名不匹配。检查您的 AWS 秘密访问密钥和签名方法。有关详细信息,请参阅服务文档。

public class ListUserTags {

public static void main(String args[]) {
    String kSecret = "adfdskjfdjssfjdjfdsdumykeysecret3eiiid";
    String dateStamp = getConvertedDateString("yyyyMMdd", new Date());
    System.out.println("dateStamp:" + dateStamp);
    String regionName = "us-east-1";
    String serviceName = "iam";

    String xmzDate = getConvertedDateString("yyyyMMdd'T'HHmmss'Z'", new Date());;
    System.out.println("date:" + xmzDate);

    String signature = getSignatureKey(kSecret, dateStamp, regionName, serviceName); //signature


    System.out.println("signature:" + signature);


    OkHttpClient client = new OkHttpClient().clone();
    //MediaType mediaType = MediaType.parse("text/plain");

    Request request = new Request.Builder()
        .url("https://iam.amazonaws.com/?Action=ListUserTags&Version=2010-05-08&UserName=SVC_ServiceAccount04")
        .method("GET", null)
        .addHeader("host", "iam.amazonaws.com")
        .addHeader("X-Amz-Date", xmzDate)
        .addHeader("Authorization", "AWS4-HMAC-SHA256 Credential=ABC787dsfsdDummyAccessKey/" + dateStamp + "/us-east-1/iam/aws4_request, SignedHeaders=host;x-amz-date, Signature=" + signature)


    System.out.println("req:" + request.headers().toString());
    Response response = client.newCall(request).execute();

}

static byte[] HmacSHA256(String data, byte[] key) throws Exception {
    String algorithm = "HmacSHA256";
    Mac mac = Mac.getInstance(algorithm);
    mac.init(new SecretKeySpec(key, algorithm));
    return mac.doFinal(data.getBytes("UTF-8"));
}



static String getSignatureKey(String key, String dateStamp, String regionName, String serviceName) throws Exception {
    byte[] kSecret = ("AWS4" + key).getBytes("UTF-8");
    byte[] kDate = HmacSHA256(dateStamp, kSecret);
    byte[] kRegion = HmacSHA256(regionName, kDate);
    byte[] kService = HmacSHA256(serviceName, kRegion);
    byte[] kSigning = HmacSHA256("aws4_request", kService);
    return Hex.encodeHexString(kSigning);

}

public static String getConvertedDateString(String format, Date date) {

    return new SimpleDateFormat(format).format(date);

}

}

你试过ListUserTags了吗?似乎是您要找的东西

可以按如下方式获取用户的标签:

public static void main(String[] args) {

    // Please consider using aws configure and avoid hard-coding credentials
    BasicAWSCredentials awsCredentials = new BasicAWSCredentials("access_key_id", "secret_key_id");

    AmazonIdentityManagement iam = AmazonIdentityManagementClientBuilder.standard()
            .withCredentials(new AWSStaticCredentialsProvider(awsCredentials))
            .build();

    // Create a request with the username for which we want to query the tags
    ListUserTagsRequest request = new ListUserTagsRequest().withUserName("username");

    ListUserTagsResult result;
    List<Tag> tags = new ArrayList<>();
    do {
        result = iam.listUserTags(request);
        tags.addAll(result.getTags());
        request.setMarker(result.getMarker());
    } while (result.isTruncated());

    // Do something with the tags
    System.out.println(tags);
}

我认为代码不言自明。可以找到 AWS IAM Java sdk 的更深入的文档 here