支援終止通知:2027 年 3 月 31 日, AWS 將終止對 Amazon WorkMail 的支援。2027 年 3 月 31 日之後,您將無法再存取 Amazon WorkMail 主控台或 Amazon WorkMail 資源。如需詳細資訊,請參閱 [Amazon WorkMail 終止支援](https://docs.aws.amazon.com/workmail/latest/adminguide/workmail-end-of-support.html)。 本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。 # 使用模擬角色 若要存取信箱資料,請使用 Amazon WorkMail API 動作 `AssumeImpersonationRole`。如需 Amazon WorkMail APIs的詳細資訊,請參閱 [API 參考](https://docs.aws.amazon.com/workmail/latest/APIReference/Welcome.html)。 `AssumeImpersonationRole` 傳回 `Token`。這`Token`必須在 15 分鐘內透過 HTTP 標頭 傳遞至 EWS 通訊協定`Authorization`。 下列範例示範如何搭配 EWS 通訊協定使用模擬角色。範例中使用的常數會指定組織和帳戶獨有的下列詳細資訊: + `{{WORKMAIL_ORGANIZATION_ID}}` – Amazon WorkMail 組織 ID + `{{IMPERSONATION_ROLE_ID}}` – 模擬角色 ID + `{{WORKMAIL_EWS_URL}}` – [Amazon WorkMail 端點和配額提供 EWS 端點](https://docs.aws.amazon.com/general/latest/gr/workmail.html) + `{{EMAIL_ADDRESS}}` – 使用者信箱的電子郵件地址 **Example Java – [EWS Java API](https://github.com/OfficeDev/ews-java-api)** ``` import software.amazon.awssdk.services.workmail.WorkMailClient; import software.amazon.awssdk.services.workmail.model.AssumeImpersonationRoleRequest; import software.amazon.awssdk.services.workmail.model.AssumeImpersonationRoleResponse; import microsoft.exchange.webservices.data.core.ExchangeService; import microsoft.exchange.webservices.data.core.enumeration.misc.ExchangeVersion; import microsoft.exchange.webservices.data.misc.ImpersonatedUserId; import microsoft.exchange.webservices.data.core.enumeration.misc.ConnectingIdType; // ... AssumeImpersonationRoleResponse response = workMailClient.assumeImpersonationRole( AssumeImpersonationRoleRequest.builder() .organizationId({{WORKMAIL_ORGANIZATION_ID}}) .impersonationRoleId({{IMPERSONATION_ROLE_ID}}) .build()); ExchangeService exchangeService = new ExchangeService(ExchangeVersion.Exchange2010_SP2); exchangeService.setUrl(URI.create({{WORKMAIL_EWS_URL}})); exchangeService.getHttpHeaders().put("Authorization", "Bearer " + response.token()); exchangeService.setImpersonatedUserId(new ImpersonatedUserId(ConnectingIdType.SmtpAddress, {{EMAIL_ADDRESS}})); ``` **Example .Net – [EWS 受管 API](https://github.com/OfficeDev/ews-managed-api)** ``` using Amazon.WorkMail; using Amazon.WorkMail.Model; using Microsoft.Exchange.WebServices.Data; // ... AssumeImpersonationRoleRequest request = new AssumeImpersonationRoleRequest(); request.OrganizationId = {{WORKMAIL_ORGANIZATION_ID}}; request.ImpersonationRoleId = {{IMPERSONATION_ROLE_ID}}; AssumeImpersonationRoleResponse response = workMailClient.AssumeImpersonationRole(request); ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2010_SP2); service.Url = new Uri({{WORKMAIL_EWS_URL}}); service.HttpHeaders.Add("Authorization", "Bearer " + response.Token); service.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, {{EMAIL_ADDRESS}}); ``` **Example Python – [Exchangelib](https://pypi.org/project/exchangelib/)** ``` import boto3 from requests.auth import AuthBase from exchangelib.transport import AUTH_TYPE_MAP from exchangelib import Configuration, Account, Version, IMPERSONATION from exchangelib.version import EXCHANGE_2010_SP2 work_mail_client = boto3.client("workmail") class ImpersonationRoleAuth(AuthBase): def __init__(self): self.token = work_mail_client.assume_impersonation_role( OrganizationId={{WORKMAIL_ORGANIZATION_ID}}, ImpersonationRoleId={{IMPERSONATION_ROLE_ID}} )["Token"] def __call__(self, r): r.headers["Authorization"] = "Bearer " + self.token return r AUTH_TYPE_MAP["ImpersonationRoleAuth"] = ImpersonationRoleAuth ews_config = Configuration( service_endpoint={{WORKMAIL_EWS_URL}}, version=Version(build=EXCHANGE_2010_SP2), auth_type="ImpersonationRoleAuth" ) ews_account = Account( config=ews_config, primary_smtp_address={{EMAIL_ADDRESS}}, access_type=IMPERSONATION ) ```