IAM examples using SDK for JavaScript (v2) (original) (raw)
The following code examples show you how to perform actions and implement common scenarios by using the AWS SDK for JavaScript (v2) with IAM.
Actions are code excerpts from larger programs and must be run in context. While actions show you how to call individual service functions, you can see actions in context in their related scenarios.
Each example includes a link to the complete source code, where you can find instructions on how to set up and run the code in context.
Actions
The following code example shows how to use AttachRolePolicy.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
var paramsRoleList = {
RoleName: process.argv[2],
};
iam.listAttachedRolePolicies(paramsRoleList, function (err, data) {
if (err) {
console.log("Error", err);
} else {
var myRolePolicies = data.AttachedPolicies;
myRolePolicies.forEach(function (val, index, array) {
if (myRolePolicies[index].PolicyName === "AmazonDynamoDBFullAccess") {
console.log(
"AmazonDynamoDBFullAccess is already attached to this role."
);
process.exit();
}
});
var params = {
PolicyArn: "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess",
RoleName: process.argv[2],
};
iam.attachRolePolicy(params, function (err, data) {
if (err) {
console.log("Unable to attach policy to role", err);
} else {
console.log("Role attached successfully");
}
});
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeAttachRolePolicy in AWS SDK for JavaScript API Reference.
The following code example shows how to use CreateAccessKey.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
iam.createAccessKey({ UserName: "IAM_USER_NAME" }, function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data.AccessKey);
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeCreateAccessKey in AWS SDK for JavaScript API Reference.
The following code example shows how to use CreateAccountAlias.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
iam.createAccountAlias({ AccountAlias: process.argv[2] }, function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeCreateAccountAlias in AWS SDK for JavaScript API Reference.
The following code example shows how to use CreatePolicy.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
var myManagedPolicy = {
Version: "2012-10-17",
Statement: [
{
Effect: "Allow",
Action: "logs:CreateLogGroup",
Resource: "RESOURCE_ARN",
},
{
Effect: "Allow",
Action: [
"dynamodb:DeleteItem",
"dynamodb:GetItem",
"dynamodb:PutItem",
"dynamodb:Scan",
"dynamodb:UpdateItem",
],
Resource: "RESOURCE_ARN",
},
],
};
var params = {
PolicyDocument: JSON.stringify(myManagedPolicy),
PolicyName: "myDynamoDBPolicy",
};
iam.createPolicy(params, function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeCreatePolicy in AWS SDK for JavaScript API Reference.
The following code example shows how to use CreateUser.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
var params = {
UserName: process.argv[2],
};
iam.getUser(params, function (err, data) {
if (err && err.code === "NoSuchEntity") {
iam.createUser(params, function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
});
} else {
console.log(
"User " + process.argv[2] + " already exists",
data.User.UserId
);
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeCreateUser in AWS SDK for JavaScript API Reference.
The following code example shows how to use DeleteAccessKey.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
var params = {
AccessKeyId: "ACCESS_KEY_ID",
UserName: "USER_NAME",
};
iam.deleteAccessKey(params, function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeDeleteAccessKey in AWS SDK for JavaScript API Reference.
The following code example shows how to use DeleteAccountAlias.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
iam.deleteAccountAlias({ AccountAlias: process.argv[2] }, function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeDeleteAccountAlias in AWS SDK for JavaScript API Reference.
The following code example shows how to use DeleteServerCertificate.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
iam.deleteServerCertificate(
{ ServerCertificateName: "CERTIFICATE_NAME" },
function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
}
);
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeDeleteServerCertificate in AWS SDK for JavaScript API Reference.
The following code example shows how to use DeleteUser.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
var params = {
UserName: process.argv[2],
};
iam.getUser(params, function (err, data) {
if (err && err.code === "NoSuchEntity") {
console.log("User " + process.argv[2] + " does not exist.");
} else {
iam.deleteUser(params, function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
});
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeDeleteUser in AWS SDK for JavaScript API Reference.
The following code example shows how to use DetachRolePolicy.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
var paramsRoleList = {
RoleName: process.argv[2],
};
iam.listAttachedRolePolicies(paramsRoleList, function (err, data) {
if (err) {
console.log("Error", err);
} else {
var myRolePolicies = data.AttachedPolicies;
myRolePolicies.forEach(function (val, index, array) {
if (myRolePolicies[index].PolicyName === "AmazonDynamoDBFullAccess") {
var params = {
PolicyArn: "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess",
RoleName: process.argv[2],
};
iam.detachRolePolicy(params, function (err, data) {
if (err) {
console.log("Unable to detach policy from role", err);
} else {
console.log("Policy detached from role successfully");
process.exit();
}
});
}
});
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeDetachRolePolicy in AWS SDK for JavaScript API Reference.
The following code example shows how to use GetAccessKeyLastUsed.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
iam.getAccessKeyLastUsed(
{ AccessKeyId: "ACCESS_KEY_ID" },
function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data.AccessKeyLastUsed);
}
}
);
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeGetAccessKeyLastUsed in AWS SDK for JavaScript API Reference.
The following code example shows how to use GetPolicy.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
var params = {
PolicyArn: "arn:aws:iam::aws:policy/AWSLambdaExecute",
};
iam.getPolicy(params, function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data.Policy.Description);
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeGetPolicy in AWS SDK for JavaScript API Reference.
The following code example shows how to use GetServerCertificate.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
iam.getServerCertificate(
{ ServerCertificateName: "CERTIFICATE_NAME" },
function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
}
);
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeGetServerCertificate in AWS SDK for JavaScript API Reference.
The following code example shows how to use ListAccessKeys.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
var params = {
MaxItems: 5,
UserName: "IAM_USER_NAME",
};
iam.listAccessKeys(params, function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeListAccessKeys in AWS SDK for JavaScript API Reference.
The following code example shows how to use ListAccountAliases.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
iam.listAccountAliases({ MaxItems: 10 }, function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeListAccountAliases in AWS SDK for JavaScript API Reference.
The following code example shows how to use ListServerCertificates.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
iam.listServerCertificates({}, function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeListServerCertificates in AWS SDK for JavaScript API Reference.
The following code example shows how to use ListUsers.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
var params = {
MaxItems: 10,
};
iam.listUsers(params, function (err, data) {
if (err) {
console.log("Error", err);
} else {
var users = data.Users || [];
users.forEach(function (user) {
console.log("User " + user.UserName + " created", user.CreateDate);
});
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeListUsers in AWS SDK for JavaScript API Reference.
The following code example shows how to use UpdateAccessKey.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
var params = {
AccessKeyId: "ACCESS_KEY_ID",
Status: "Active",
UserName: "USER_NAME",
};
iam.updateAccessKey(params, function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeUpdateAccessKey in AWS SDK for JavaScript API Reference.
The following code example shows how to use UpdateServerCertificate.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
var params = {
ServerCertificateName: "CERTIFICATE_NAME",
NewServerCertificateName: "NEW_CERTIFICATE_NAME",
};
iam.updateServerCertificate(params, function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeUpdateServerCertificate in AWS SDK for JavaScript API Reference.
The following code example shows how to use UpdateUser.
SDK for JavaScript (v2)
// Load the AWS SDK for Node.js
var AWS = require("aws-sdk");
// Set the region
AWS.config.update({ region: "REGION" });
// Create the IAM service object
var iam = new AWS.IAM({ apiVersion: "2010-05-08" });
var params = {
UserName: process.argv[2],
NewUserName: process.argv[3],
};
iam.updateUser(params, function (err, data) {
if (err) {
console.log("Error", err);
} else {
console.log("Success", data);
}
});
- For more information, see AWS SDK for JavaScript Developer Guide.
- For API details, seeUpdateUser in AWS SDK for JavaScript API Reference.
Did this page help you? - Yes
Thanks for letting us know we're doing a good job!
If you've got a moment, please tell us what we did right so we can do more of it.
Did this page help you? - No
Thanks for letting us know this page needs work. We're sorry we let you down.
If you've got a moment, please tell us how we can make the documentation better.