2022-10-06 16:46:51 -04:00
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
/**
* Before running this C++ code example, set up your development environment, including your credentials.
*
* For more information, see the following documentation topic:
2022-10-14 09:27:14 -04:00
* https://docs.aws.amazon.com/sdk-for-cpp/v1/developer-guide/getting-started.html.
2022-10-06 16:46:51 -04:00
*
2022-10-12 14:52:10 -04:00
* For information on the structure of the code examples and how to build and run the examples, see
* https://docs.aws.amazon.com/sdk-for-cpp/v1/developer-guide/getting-started-code-examples.html.
*
2022-10-06 16:46:51 -04:00
* Purpose
*
* Demonstrates detaching a policy from a role.
*
*/
2022-10-07 15:58:01 -04:00
// snippet-start:[iam.cpp.detach_role_policy.inc]
# include <aws/core/Aws.h>
# include <aws/iam/IAMClient.h>
# include <aws/iam/model/DetachRolePolicyRequest.h>
# include <aws/iam/model/ListAttachedRolePoliciesRequest.h>
# include <aws/iam/model/ListAttachedRolePoliciesResult.h>
# include <iostream>
# include "iam_samples.h"
// snippet-end:[iam.cpp.detach_role_policy.inc]
2022-10-06 16:46:51 -04:00
//! Detaches a policy from a role.
/*!
\sa detachRolePolicy()
\param roleName: The user name.
2022-10-20 15:00:56 -04:00
\param policyArn: The policy Amazon Resource Name (ARN).
2022-10-06 16:46:51 -04:00
\param clientConfig: Aws client configuration.
\return bool: Successful completion.
*/
2022-10-07 15:58:01 -04:00
bool AwsDoc : : IAM : : detachRolePolicy ( const Aws : : String & roleName ,
const Aws : : String & policyArn ,
const Aws : : Client : : ClientConfiguration & clientConfig ) {
2021-11-15 13:15:43 +00:00
// snippet-start:[iam.cpp.detach_role_policy01.code]
2022-10-06 16:46:51 -04:00
Aws : : IAM : : IAMClient iam ( clientConfig ) ;
2021-11-15 13:15:43 +00:00
// snippet-end:[iam.cpp.detach_role_policy01.code]
Aws : : IAM : : Model : : ListAttachedRolePoliciesRequest list_request ;
2022-10-06 16:46:51 -04:00
list_request . SetRoleName ( roleName ) ;
2021-11-15 13:15:43 +00:00
bool done = false ;
bool attached = false ;
2022-10-07 15:58:01 -04:00
while ( ! done ) {
2022-10-06 16:46:51 -04:00
auto listOutcome = iam . ListAttachedRolePolicies ( list_request ) ;
2022-10-07 15:58:01 -04:00
if ( ! listOutcome . IsSuccess ( ) ) {
2022-10-06 16:46:51 -04:00
std : : cerr < < " Failed to list attached policies of role " < <
roleName < < " : " < < listOutcome . GetError ( ) . GetMessage ( ) < <
std : : endl ;
return false ;
2021-11-15 13:15:43 +00:00
}
2022-10-07 15:58:01 -04:00
const auto & policies = listOutcome . GetResult ( ) . GetAttachedPolicies ( ) ;
2021-11-15 13:15:43 +00:00
attached = std : : any_of (
2022-10-07 15:58:01 -04:00
policies . cbegin ( ) , policies . cend ( ) ,
[ = ] ( const Aws : : IAM : : Model : : AttachedPolicy & policy ) {
return policy . GetPolicyArn ( ) = = policyArn ;
} ) ;
if ( attached ) {
2021-11-15 13:15:43 +00:00
break ;
}
2022-10-06 16:46:51 -04:00
done = ! listOutcome . GetResult ( ) . GetIsTruncated ( ) ;
list_request . SetMarker ( listOutcome . GetResult ( ) . GetMarker ( ) ) ;
2021-11-15 13:15:43 +00:00
}
2022-10-07 15:58:01 -04:00
if ( ! attached ) {
2022-10-06 16:46:51 -04:00
std : : cerr < < " Policy " < < policyArn < < " is not attached to role " < <
roleName < < std : : endl ;
return false ;
2021-11-15 13:15:43 +00:00
}
// snippet-start:[iam.cpp.detach_role_policy02.code]
2022-10-06 16:46:51 -04:00
Aws : : IAM : : Model : : DetachRolePolicyRequest detachRequest ;
detachRequest . SetRoleName ( roleName ) ;
detachRequest . SetPolicyArn ( policyArn ) ;
2021-11-15 13:15:43 +00:00
2022-10-06 16:46:51 -04:00
auto detachOutcome = iam . DetachRolePolicy ( detachRequest ) ;
2022-10-07 15:58:01 -04:00
if ( ! detachOutcome . IsSuccess ( ) ) {
2022-10-06 16:46:51 -04:00
std : : cerr < < " Failed to detach policy " < < policyArn < < " from role "
< < roleName < < " : " < < detachOutcome . GetError ( ) . GetMessage ( ) < <
std : : endl ;
2022-10-07 15:58:01 -04:00
}
else {
2022-10-06 16:46:51 -04:00
std : : cout < < " Successfully detached policy " < < policyArn < < " from role "
< < roleName < < std : : endl ;
2021-11-15 13:15:43 +00:00
}
2022-10-06 16:46:51 -04:00
return detachOutcome . IsSuccess ( ) ;
2021-11-15 13:15:43 +00:00
// snippet-end:[iam.cpp.detach_role_policy02.code]
}
2022-10-06 16:46:51 -04:00
/*
*
* main function
*
2022-10-07 15:58:01 -04:00
* Prerequisites: An existing IAM role with an attached policy.
*
2022-10-06 16:46:51 -04:00
* Usage: 'run_detach_role_policy <role_name> <policy_arn>'
*
2021-11-15 13:15:43 +00:00
*/
2022-10-06 16:46:51 -04:00
# ifndef TESTING_BUILD
2022-10-07 15:58:01 -04:00
int main ( int argc , char * * argv ) {
if ( argc ! = 3 ) {
2022-10-06 16:46:51 -04:00
std : : cout < < " Usage: run_detach_role_policy <role_name> <policy_arn> " < <
2022-10-07 15:58:01 -04:00
std : : endl ;
2021-11-15 13:15:43 +00:00
return 1 ;
}
Aws : : SDKOptions options ;
Aws : : InitAPI ( options ) ;
{
2022-10-06 16:46:51 -04:00
Aws : : String roleName ( argv [ 1 ] ) ;
Aws : : String policyArn = argv [ 2 ] ;
2021-11-15 13:15:43 +00:00
2022-10-06 16:46:51 -04:00
Aws : : Client : : ClientConfiguration clientConfig ;
// Optional: Set to the AWS Region in which the bucket was created (overrides config file).
// clientConfig.region = "us-east-1";
AwsDoc : : IAM : : detachRolePolicy ( roleName , policyArn , clientConfig ) ;
2022-10-07 15:58:01 -04:00
}
Aws : : ShutdownAPI ( options ) ;
2021-11-15 13:15:43 +00:00
return 0 ;
}
2022-10-07 15:58:01 -04:00
2022-10-06 16:46:51 -04:00
# endif // TESTING_BUILD
2021-11-15 13:15:43 +00:00
