Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/353.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
如何从Java SDK查询AWS中的我是谁?_Java_Amazon Web Services_Credentials - Fatal编程技术网
Fatal编程技术网
  • java/
  • 如何从Java SDK查询AWS中的我是谁?

如何从Java SDK查询AWS中的我是谁?

java amazon-web-services

如何从Java SDK查询AWS中的我是谁?,java,amazon-web-services,credentials,Java,Amazon Web Services,Credentials,特别是,在测试环境中使用DefaultAWSCredentialsProviderChain时,AWS SDK获取哪一组凭据可能会令人惊讶。为此,找出用于发出请求的用户或角色是有帮助的 我尝试了以下代码: AmazonIdentityManagement amazonIdentityManagement = AmazonIdentityManagementClient .builder() .withRegion(REGION)

特别是,在测试环境中使用DefaultAWSCredentialsProviderChain时,AWS SDK获取哪一组凭据可能会令人惊讶。为此,找出用于发出请求的用户或角色是有帮助的

我尝试了以下代码:

    AmazonIdentityManagement amazonIdentityManagement = AmazonIdentityManagementClient
            .builder()
            .withRegion(REGION)
            .build();
        User user = amazonIdentityManagement.getUser().getUser();
        log.info("AWS self-check successful with user {}: {}", user.getUserName(), user.getArn());
如果用户有权查询IAM,则该操作应能正常工作。在我的测试系统上,我得到:

com.amazonaws.services.identitymanagement.model.AmazonIdentityManagementException:
User: arn:aws:iam::999:user/test.developer is not authorized to perform: iam:GetUser on resource: arn:aws:iam::999:user/test.developer
(Service: AmazonIdentityManagement; Status Code: 403; Error Code: AccessDenied; Request ID: xxx)
这接近于我想要在异常中包装的内容。我可以直接获取arn字符串吗?

是的,只要用户具有执行:iam:GetUser的权限,就可以获取arn。
我正在测试类似的东西,以便确认。

是的,只要用户有执行:iam:GetUser的权限,您就可以获得ARN。
我正在测试类似的东西,以便确认。

@hjpotter92使用限制性权限是否有效?@hjpotter92使用限制性权限是否有效?