# 将 `UpdateAccessKey` 与 AWS SDK 或 CLI 配合使用 `UpdateAccessKey` 以下代码示例演示如何使用 `UpdateAccessKey`。 操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文: + [管理访问密钥](iam_example_iam_Scenario_ManageAccessKeys_section.md) ------ #### [ Bash ] **AWS CLI 及 Bash 脚本** 查看 GitHub,了解更多信息。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/aws-cli/bash-linux/iam#code-examples)中查找完整示例,了解如何进行设置和运行。 ``` ############################################################################### # function iam_update_access_key # # This function can activate or deactivate an IAM access key for the specified IAM user. # # Parameters: # -u user_name -- The name of the user. # -k access_key -- The access key to update. # -a -- Activate the selected access key. # -d -- Deactivate the selected access key. # # Example: # # To deactivate the selected access key for IAM user Bob # iam_update_access_key -u Bob -k AKIAIOSFODNN7EXAMPLE -d # # Returns: # 0 - If successful. # 1 - If it fails. ############################################################################### function iam_update_access_key() { local user_name access_key status response local option OPTARG # Required to use getopts command in a function. local activate_flag=false deactivate_flag=false # bashsupport disable=BP5008 function usage() { echo "function iam_update_access_key" echo "Updates the status of an AWS Identity and Access Management (IAM) access key for the specified IAM user" echo " -u user_name The name of the user." echo " -k access_key The access key to update." echo " -a Activate the access key." echo " -d Deactivate the access key." echo "" } # Retrieve the calling parameters. while getopts "u:k:adh" option; do case "${option}" in u) user_name="${OPTARG}" ;; k) access_key="${OPTARG}" ;; a) activate_flag=true ;; d) deactivate_flag=true ;; h) usage return 0 ;; \?) echo "Invalid parameter" usage return 1 ;; esac done export OPTIND=1 # Validate input parameters if [[ -z "$user_name" ]]; then errecho "ERROR: You must provide a username with the -u parameter." usage return 1 fi if [[ -z "$access_key" ]]; then errecho "ERROR: You must provide an access key with the -k parameter." usage return 1 fi # Ensure that only -a or -d is specified if [[ "$activate_flag" == true && "$deactivate_flag" == true ]]; then errecho "ERROR: You cannot specify both -a (activate) and -d (deactivate) at the same time." usage return 1 fi # If neither -a nor -d is provided, return an error if [[ "$activate_flag" == false && "$deactivate_flag" == false ]]; then errecho "ERROR: You must specify either -a (activate) or -d (deactivate)." usage return 1 fi # Determine the status based on the flag if [[ "$activate_flag" == true ]]; then status="Active" elif [[ "$deactivate_flag" == true ]]; then status="Inactive" fi iecho "Parameters:\n" iecho " Username: $user_name" iecho " Access key: $access_key" iecho " New status: $status" iecho "" # Update the access key status response=$(aws iam update-access-key \ --user-name "$user_name" \ --access-key-id "$access_key" \ --status "$status" 2>&1) local error_code=${?} if [[ $error_code -ne 0 ]]; then aws_cli_error_log $error_code errecho "ERROR: AWS reports update-access-key operation failed.\n$response" return 1 fi iecho "update-access-key response: $response" iecho return 0 } ``` + 有关 API 详细信息,请参阅《AWS CLI 命令参考》**中的 [UpdateAccessKey](https://docs.aws.amazon.com/goto/aws-cli/iam-2010-05-08/UpdateAccessKey)。 ------ #### [ C\$1\$1 ] **SDK for C\$1\$1** 查看 GitHub,了解更多信息。查找完整示例,学习如何在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/iam#code-examples)中进行设置和运行。 ``` bool AwsDoc::IAM::updateAccessKey(const Aws::String &userName, const Aws::String &accessKeyID, Aws::IAM::Model::StatusType status, const Aws::Client::ClientConfiguration &clientConfig) { Aws::IAM::IAMClient iam(clientConfig); Aws::IAM::Model::UpdateAccessKeyRequest request; request.SetUserName(userName); request.SetAccessKeyId(accessKeyID); request.SetStatus(status); auto outcome = iam.UpdateAccessKey(request); if (outcome.IsSuccess()) { std::cout << "Successfully updated status of access key " << accessKeyID << " for user " << userName << std::endl; } else { std::cerr << "Error updated status of access key " << accessKeyID << " for user " << userName << ": " << outcome.GetError().GetMessage() << std::endl; } return outcome.IsSuccess(); } ``` + 有关 API 详细信息,请参阅《适用于 C\$1\$1 的 AWS SDK API Reference》**中的 [UpdateAccessKey](https://docs.aws.amazon.com/goto/SdkForCpp/iam-2010-05-08/UpdateAccessKey)。 ------ #### [ CLI ] **AWS CLI** **激活或停用 IAM 用户的访问密钥** 以下 `update-access-key` 命令停用名为 `Bob` 的 IAM 用户的指定访问密钥(访问密钥 ID 和秘密访问密钥)。 ``` aws iam update-access-key \ --access-key-id AKIAIOSFODNN7EXAMPLE \ --status Inactive \ --user-name Bob ``` 此命令不生成任何输出。 停用密钥意味着它不能用于以编程方式访问 AWS。但密钥仍然可用且可以重新激活。 有关更多信息,请参阅《AWS IAM 用户指南》**中的[管理 IAM 用户的访问密钥](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html)。 + 有关 API 详细信息,请参阅《AWS CLI 命令参考》**中的 [UpdateAccessKey](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/iam/update-access-key.html)。 ------ #### [ Java ] **适用于 Java 的 SDK 2.x** 查看 GitHub,了解更多信息。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/iam#code-examples)中查找完整示例,了解如何进行设置和运行。 ``` import software.amazon.awssdk.services.iam.model.IamException; import software.amazon.awssdk.services.iam.model.StatusType; import software.amazon.awssdk.services.iam.model.UpdateAccessKeyRequest; import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.iam.IamClient; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class UpdateAccessKey { private static StatusType statusType; public static void main(String[] args) { final String usage = """ Usage: \s Where: username - The name of the user whose key you want to update.\s accessId - The access key ID of the secret access key you want to update.\s status - The status you want to assign to the secret access key.\s """; if (args.length != 3) { System.out.println(usage); System.exit(1); } String username = args[0]; String accessId = args[1]; String status = args[2]; Region region = Region.AWS_GLOBAL; IamClient iam = IamClient.builder() .region(region) .build(); updateKey(iam, username, accessId, status); System.out.println("Done"); iam.close(); } public static void updateKey(IamClient iam, String username, String accessId, String status) { try { if (status.toLowerCase().equalsIgnoreCase("active")) { statusType = StatusType.ACTIVE; } else if (status.toLowerCase().equalsIgnoreCase("inactive")) { statusType = StatusType.INACTIVE; } else { statusType = StatusType.UNKNOWN_TO_SDK_VERSION; } UpdateAccessKeyRequest request = UpdateAccessKeyRequest.builder() .accessKeyId(accessId) .userName(username) .status(statusType) .build(); iam.updateAccessKey(request); System.out.printf("Successfully updated the status of access key %s to" + "status %s for user %s", accessId, status, username); } catch (IamException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } } ``` + 有关 API 详细信息,请参阅《AWS SDK for Java 2.x API Reference》**中的 [UpdateAccessKey](https://docs.aws.amazon.com/goto/SdkForJavaV2/iam-2010-05-08/UpdateAccessKey)。 ------ #### [ JavaScript ] **SDK for JavaScript (v3)** 查看 GitHub,了解更多信息。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/iam#code-examples)中查找完整示例,了解如何进行设置和运行。 更新访问密钥。 ``` import { UpdateAccessKeyCommand, IAMClient, StatusType, } from "@aws-sdk/client-iam"; const client = new IAMClient({}); /** * * @param {string} userName * @param {string} accessKeyId */ export const updateAccessKey = (userName, accessKeyId) => { const command = new UpdateAccessKeyCommand({ AccessKeyId: accessKeyId, Status: StatusType.Inactive, UserName: userName, }); return client.send(command); }; ``` + 有关更多信息,请参阅《适用于 JavaScript 的 AWS SDK 开发人员指南》[https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/iam-examples-managing-access-keys.html#iam-examples-managing-access-keys-updating](https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/iam-examples-managing-access-keys.html#iam-examples-managing-access-keys-updating)。 + 有关 API 详细信息,请参阅《适用于 JavaScript 的 AWS SDK API Reference》**中的 [UpdateAccessKey](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/iam/command/UpdateAccessKeyCommand)。 **SDK for JavaScript (v2)** 查看 GitHub,了解更多信息。查找完整示例,了解如何在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascript/example_code/iam#code-examples)中进行设置和运行。 ``` // Load the AWS SDK for Node.js var AWS = require("aws-sdk"); // Set the region AWS.config.update({ region: "REGION" }); // Create the IAM service object var iam = new AWS.IAM({ apiVersion: "2010-05-08" }); var params = { AccessKeyId: "ACCESS_KEY_ID", Status: "Active", UserName: "USER_NAME", }; iam.updateAccessKey(params, function (err, data) { if (err) { console.log("Error", err); } else { console.log("Success", data); } }); ``` + 有关更多信息,请参阅《适用于 JavaScript 的 AWS SDK 开发人员指南》[https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/iam-examples-managing-access-keys.html#iam-examples-managing-access-keys-updating](https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/iam-examples-managing-access-keys.html#iam-examples-managing-access-keys-updating)。 + 有关 API 详细信息,请参阅《适用于 JavaScript 的 AWS SDK API Reference》**中的 [UpdateAccessKey](https://docs.aws.amazon.com/goto/AWSJavaScriptSDK/iam-2010-05-08/UpdateAccessKey)。 ------ #### [ PowerShell ] **适用于 PowerShell V4 的工具** **示例 1:此示例将名为 `Bob` 的 IAM 用户的访问密钥 `AKIAIOSFODNN7EXAMPLE` 状态更改为 `Inactive`。** ``` Update-IAMAccessKey -UserName Bob -AccessKeyId AKIAIOSFODNN7EXAMPLE -Status Inactive ``` + 有关 API 详细信息,请参阅《AWS Tools for PowerShell Cmdlet Reference (V4)》**中的 [UpdateAccessKey](https://docs.aws.amazon.com/powershell/v4/reference)。 **Tools for PowerShell V5** **示例 1:此示例将名为 `Bob` 的 IAM 用户的访问密钥 `AKIAIOSFODNN7EXAMPLE` 状态更改为 `Inactive`。** ``` Update-IAMAccessKey -UserName Bob -AccessKeyId AKIAIOSFODNN7EXAMPLE -Status Inactive ``` + 有关 API 详细信息,请参阅《*AWS Tools for PowerShell Cmdlet Reference (V5)*》中的 [UpdateAccessKey](https://docs.aws.amazon.com/powershell/v5/reference)。 ------ #### [ Python ] **适用于 Python 的 SDK(Boto3)** 查看 GitHub,了解更多信息。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/iam#code-examples)中查找完整示例,了解如何进行设置和运行。 ``` def update_key(user_name, key_id, activate): """ Updates the status of a key. :param user_name: The user that owns the key. :param key_id: The ID of the key to update. :param activate: When True, the key is activated. Otherwise, the key is deactivated. """ try: key = iam.User(user_name).AccessKey(key_id) if activate: key.activate() else: key.deactivate() logger.info("%s key %s.", "Activated" if activate else "Deactivated", key_id) except ClientError: logger.exception( "Couldn't %s key %s.", "Activate" if activate else "Deactivate", key_id ) raise ``` + 有关 API 详细信息,请参阅《AWS SDK for Python (Boto3) API Reference》**中的 [UpdateAccessKey](https://docs.aws.amazon.com/goto/boto3/iam-2010-05-08/UpdateAccessKey)。 ------ #### [ SAP ABAP ] **适用于 SAP ABAP 的 SDK** 查看 GitHub,了解更多信息。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/iam#code-examples)中查找完整示例,了解如何进行设置和运行。 ``` TRY. lo_iam->updateaccesskey( iv_accesskeyid = iv_access_key_id iv_status = iv_status iv_username = iv_user_name ). MESSAGE 'Access key updated successfully.' TYPE 'I'. CATCH /aws1/cx_iamnosuchentityex. MESSAGE 'Access key or user does not exist.' TYPE 'E'. ENDTRY. ``` + 有关 API 详细信息,请参阅《AWS SDK for SAP ABAP API Reference》**中的 [UpdateAccessKey](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。 ------ 有关 AWS SDK 开发人员指南和代码示例的完整列表,请参阅 [将此服务与 AWS SDK 结合使用](sdk-general-information-section.md) 本主题还包括有关入门的信息以及有关先前的 SDK 版本的详细信息。