Shows how to use the AWS SDK for Ruby to work with AWS Identity and Access Management (IAM).
IAM is a web service for securely controlling access to AWS services. With IAM, you can centrally manage permissions in your AWS account.
- Running this code might result in charges to your AWS account. For more details, see AWS Pricing and Free Tier.
- Running the tests might result in charges to your AWS account.
- We recommend that you grant your code least privilege. At most, grant only the minimum permissions required to perform the task. For more information, see Grant least privilege.
- This code is not tested in every AWS Region. For more information, see AWS Regional Services.
For prerequisites, see the README in the ruby folder.
- Hello IAM (
ListPolicies)
Code examples that show you how to perform the essential operations within a service.
Code excerpts that show you how to call individual service functions.
- AttachRolePolicy
- AttachUserPolicy
- CreateAccessKey
- CreateAccountAlias
- CreatePolicy
- CreateRole
- CreateServiceLinkedRole
- CreateUser
- DeleteAccessKey
- DeleteAccountAlias
- DeleteRole
- DeleteServerCertificate
- DeleteServiceLinkedRole
- DeleteUser
- DeleteUserPolicy
- DetachRolePolicy
- DetachUserPolicy
- GetAccountPasswordPolicy
- GetPolicy
- GetRole
- GetUser
- ListAccessKeys
- ListAccountAliases
- ListAttachedRolePolicies
- ListGroups
- ListPolicies
- ListRolePolicies
- ListRoles
- ListSAMLProviders
- ListServerCertificates
- ListUsers
- PutUserPolicy
- UpdateServerCertificate
- UpdateUser
The quickest way to interact with this example code is to invoke a Scenario from your command line. For example, ruby some_scenario.rb will invoke some_scenario.rb.
This example shows you how to get started using IAM.
ruby hello/hello_iam.rb
This example shows you how to create a user and assume a role.
- Create a user with no permissions.
- Create a role that grants permission to list Amazon S3 buckets for the account.
- Add a policy to let the user assume the role.
- Assume the role and list S3 buckets using temporary credentials, then clean up resources.
Start the example by running the following at a command prompt:
ruby scenario_users.rb
⚠ Running tests might result in charges to your AWS account.
To find instructions for running these tests, see the README
in the ruby folder.
Code examples thrive on community contribution.
To learn more about the contributing process, see CONTRIBUTING.md.
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0