Shows how to use the AWS Command Line Interface with Bash script to work with AWS Identity and Access Management (IAM).
IAM is a web service for securely controlling access to AWS services. With IAM, you can centrally manage permissions in your AWS account.
- Running this code might result in charges to your AWS account. For more details, see AWS Pricing and Free Tier.
- Running the tests might result in charges to your AWS account.
- We recommend that you grant your code least privilege. At most, grant only the minimum permissions required to perform the task. For more information, see Grant least privilege.
- This code is not tested in every AWS Region. For more information, see AWS Regional Services.
For prerequisites, see the README in the aws-cli folder.
Code examples that show you how to perform the essential operations within a service.
Code excerpts that show you how to call individual service functions.
- AttachRolePolicy
- CreateAccessKey
- CreatePolicy
- CreateRole
- CreateUser
- DeleteAccessKey
- DeletePolicy
- DeleteRole
- DeleteUser
- DetachRolePolicy
- GetUser
- ListAccessKeys
- ListUsers
- UpdateAccessKey
This example shows you how to create a user and assume a role.
- Create a user with no permissions.
- Create a role that grants permission to list Amazon S3 buckets for the account.
- Add a policy to let the user assume the role.
- Assume the role and list S3 buckets using temporary credentials, then clean up resources.
⚠ Running tests might result in charges to your AWS account.
To find instructions for running these tests, see the README
in the aws-cli folder.
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0