Blame: php/example_code/iam/GettingStartedWithIAM.php - awsdocs/aws-doc-sdk-examples

awsdocs / aws-doc-sdk-examples UNCLAIMED

Welcome to the AWS Code Examples Repository. This repo contains code examples used in the AWS documentation, AWS SDK Developer Guides, and more. For more information, see the Readme.md file below.

0 0 2 Java

Normal View History Raw

Adds GettingStartedWithIAM scenario, IamService file, associated tests, composer files, and SoS metadata. 2022-03-15 09:44:40 -07:00			`<?php`
			`# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.`
			`# SPDX-License-Identifier: Apache-2.0`

			`/**`
			`* Purpose`
			`*`
			`* Shows how to use AWS SDK for PHP v3 to get started using AWS Identity and Access Management (IAM).`
			`* Create an IAM user, assume a role, and perform AWS actions.`
			`*`
			`* 1. Create a user that has no permissions.`
			`* 2. Create a role and policy that grant s3:ListAllMyBuckets permission.`
			`* 3. Grant the user permission to assume the role.`
			`* 4. Create an S3 client object as the user and try to list buckets (this should fail).`
			`* 5. Get temporary credentials by assuming the role.`
			`* 6. Create an S3 client object with the temporary credentials and list the buckets (this should succeed).`
			`* 7. Delete all the resources.`
			`*`
			`* You will need to run the following command to install dependencies:`
			`* composer install`
			`*`
			`* Then run the example either directly with:`
			`* php GettingStartedWithIAM.php`
			`*`
			`* or as a PHPUnit test:`
Updates to tests including quarantining and tagging to fit the Docker requirements for automated testing. (#4782) * Updates to tests including quarantining and tagging to fit the Docker requirements for automated testing. * Update php/README.md Co-authored-by: Liz Kellebrew-Davies <35241259+lkdavies@users.noreply.github.com> --------- Co-authored-by: Liz Kellebrew-Davies <35241259+lkdavies@users.noreply.github.com> 2023-05-12 05:28:46 -07:00			`* vendor/bin/phpunit IAMBasicsTest.php`
Adds GettingStartedWithIAM scenario, IamService file, associated tests, composer files, and SoS metadata. 2022-03-15 09:44:40 -07:00			`*`
			`**/`

Adds the scenario info to the sos metadata. 2022-03-15 14:25:19 -07:00			`# snippet-start:[php.example_code.iam.iam_basics.scenario]`
Adds GettingStartedWithIAM scenario, IamService file, associated tests, composer files, and SoS metadata. 2022-03-15 09:44:40 -07:00			`namespace Iam\Basics;`

			`require 'vendor/autoload.php';`

			`use Aws\Credentials\Credentials;`
			`use Aws\S3\Exception\S3Exception;`
			`use Aws\S3\S3Client;`
			`use Aws\Sts\StsClient;`
Php docker (#4384) * Adjusts docker container for php. Also fixes some problems with pathing and tests for extant php tests to better work with docker. 2023-02-14 16:31:03 -07:00			`use Iam\IAMService;`
Adds GettingStartedWithIAM scenario, IamService file, associated tests, composer files, and SoS metadata. 2022-03-15 09:44:40 -07:00
Updates to tests including quarantining and tagging to fit the Docker requirements for automated testing. (#4782) * Updates to tests including quarantining and tagging to fit the Docker requirements for automated testing. * Update php/README.md Co-authored-by: Liz Kellebrew-Davies <35241259+lkdavies@users.noreply.github.com> --------- Co-authored-by: Liz Kellebrew-Davies <35241259+lkdavies@users.noreply.github.com> 2023-05-12 05:28:46 -07:00			`echo("\n");`
Adds GettingStartedWithIAM scenario, IamService file, associated tests, composer files, and SoS metadata. 2022-03-15 09:44:40 -07:00			`echo("--------------------------------------\n");`
Updates to tests including quarantining and tagging to fit the Docker requirements for automated testing. (#4782) * Updates to tests including quarantining and tagging to fit the Docker requirements for automated testing. * Update php/README.md Co-authored-by: Liz Kellebrew-Davies <35241259+lkdavies@users.noreply.github.com> --------- Co-authored-by: Liz Kellebrew-Davies <35241259+lkdavies@users.noreply.github.com> 2023-05-12 05:28:46 -07:00			`print("Welcome to the IAM getting started demo using PHP!\n");`
Adds GettingStartedWithIAM scenario, IamService file, associated tests, composer files, and SoS metadata. 2022-03-15 09:44:40 -07:00			`echo("--------------------------------------\n");`
Updates to tests including quarantining and tagging to fit the Docker requirements for automated testing. (#4782) * Updates to tests including quarantining and tagging to fit the Docker requirements for automated testing. * Update php/README.md Co-authored-by: Liz Kellebrew-Davies <35241259+lkdavies@users.noreply.github.com> --------- Co-authored-by: Liz Kellebrew-Davies <35241259+lkdavies@users.noreply.github.com> 2023-05-12 05:28:46 -07:00
Adds GettingStartedWithIAM scenario, IamService file, associated tests, composer files, and SoS metadata. 2022-03-15 09:44:40 -07:00			`# snippet-start:[php.example_code.iam.iam_basics.startService]`
			`$uuid = uniqid();`
Php docker (#4384) * Adjusts docker container for php. Also fixes some problems with pathing and tests for extant php tests to better work with docker. 2023-02-14 16:31:03 -07:00			`$service = new IAMService();`
Adds GettingStartedWithIAM scenario, IamService file, associated tests, composer files, and SoS metadata. 2022-03-15 09:44:40 -07:00			`# snippet-end:[php.example_code.iam.iam_basics.startService]`

			`# snippet-start:[php.example_code.iam.iam_basics.createUser]`
			`$user = $service->createUser("iam_demo_user_$uuid");`
			`echo "Created user with the arn: {$user['Arn']}\n";`
			`# snippet-end:[php.example_code.iam.iam_basics.createUser]`

			`$key = $service->createAccessKey($user['UserName']);`
			`# snippet-start:[php.example_code.iam.iam_basics.createRole]`
			`$assumeRolePolicyDocument = "{`
			`\"Version\": \"2012-10-17\",`
			`\"Statement\": [{`
			`\"Effect\": \"Allow\",`
			`\"Principal\": {\"AWS\": \"{$user['Arn']}\"},`
			`\"Action\": \"sts:AssumeRole\"`
			`}]`
			`}";`
			`$assumeRoleRole = $service->createRole("iam_demo_role_$uuid", $assumeRolePolicyDocument);`
			`echo "Created role: {$assumeRoleRole['RoleName']}\n";`
			`# snippet-end:[php.example_code.iam.iam_basics.createRole]`

			`# snippet-start:[php.example_code.iam.iam_basics.createPolicy]`
			`$listAllBucketsPolicyDocument = "{`
			`\"Version\": \"2012-10-17\",`
			`\"Statement\": [{`
			`\"Effect\": \"Allow\",`
			`\"Action\": \"s3:ListAllMyBuckets\",`
			`\"Resource\": \"arn:aws:s3:::*\"}]`
			`}";`
			`$listAllBucketsPolicy = $service->createPolicy("iam_demo_policy_$uuid", $listAllBucketsPolicyDocument);`
			`echo "Created policy: {$listAllBucketsPolicy['PolicyName']}\n";`
			`# snippet-end:[php.example_code.iam.iam_basics.createPolicy]`

			`# snippet-start:[php.example_code.iam.iam_basics.attachRolePolicy]`
			`$service->attachRolePolicy($assumeRoleRole['RoleName'], $listAllBucketsPolicy['Arn']);`
			`# snippet-end:[php.example_code.iam.iam_basics.attachRolePolicy]`

			`$inlinePolicyDocument = "{`
			`\"Version\": \"2012-10-17\",`
			`\"Statement\": [{`
			`\"Effect\": \"Allow\",`
			`\"Action\": \"sts:AssumeRole\",`
			`\"Resource\": \"{$assumeRoleRole['Arn']}\"}]`
			`}";`
			`$inlinePolicy = $service->createUserPolicy("iam_demo_inline_policy_$uuid", $inlinePolicyDocument, $user['UserName']);`
			`//First, fail to list the buckets with the user`
			`$credentials = new Credentials($key['AccessKeyId'], $key['SecretAccessKey']);`
			`$s3Client = new S3Client(['region' => 'us-west-2', 'version' => 'latest', 'credentials' => $credentials]);`
			`try {`
			`$s3Client->listBuckets([`
			`]);`
			`echo "this should not run";`
			`} catch (S3Exception $exception) {`
			`echo "successfully failed!\n";`
			`}`

			`$stsClient = new StsClient(['region' => 'us-west-2', 'version' => 'latest', 'credentials' => $credentials]);`
			`sleep(10);`
			`$assumedRole = $stsClient->assumeRole([`
			`'RoleArn' => $assumeRoleRole['Arn'],`
			`'RoleSessionName' => "DemoAssumeRoleSession_$uuid",`
			`]);`
			`$assumedCredentials = [`
			`'key' => $assumedRole['Credentials']['AccessKeyId'],`
			`'secret' => $assumedRole['Credentials']['SecretAccessKey'],`
			`'token' => $assumedRole['Credentials']['SessionToken'],`
			`];`
			`$s3Client = new S3Client(['region' => 'us-west-2', 'version' => 'latest', 'credentials' => $assumedCredentials]);`
			`try {`
Updates to tests including quarantining and tagging to fit the Docker requirements for automated testing. (#4782) * Updates to tests including quarantining and tagging to fit the Docker requirements for automated testing. * Update php/README.md Co-authored-by: Liz Kellebrew-Davies <35241259+lkdavies@users.noreply.github.com> --------- Co-authored-by: Liz Kellebrew-Davies <35241259+lkdavies@users.noreply.github.com> 2023-05-12 05:28:46 -07:00			`$s3Client->listBuckets([]);`
Adds GettingStartedWithIAM scenario, IamService file, associated tests, composer files, and SoS metadata. 2022-03-15 09:44:40 -07:00			`echo "this should now run!\n";`
			`} catch (S3Exception $exception) {`
			`echo "this should now not fail\n";`
			`}`

			`$service->detachRolePolicy($assumeRoleRole['RoleName'], $listAllBucketsPolicy['Arn']);`
			`$deletePolicy = $service->deletePolicy($listAllBucketsPolicy['Arn']);`
			`echo "Delete policy: {$listAllBucketsPolicy['PolicyName']}\n";`
			`$deletedRole = $service->deleteRole($assumeRoleRole['Arn']);`
			`echo "Deleted role: {$assumeRoleRole['RoleName']}\n";`
Updates IAM tests to use better policies and to clean up after itself. (#4790) Co-authored-by: ford prior <108086978+ford-at-aws@users.noreply.github.com> 2023-05-12 13:58:41 -07:00			`$deletedKey = $service->deleteAccessKey($key['AccessKeyId'], $user['UserName']);`
Adds GettingStartedWithIAM scenario, IamService file, associated tests, composer files, and SoS metadata. 2022-03-15 09:44:40 -07:00			`$deletedUser = $service->deleteUser($user['UserName']);`
			`echo "Delete user: {$user['UserName']}\n";`
Adds the scenario info to the sos metadata. 2022-03-15 14:25:19 -07:00
			`# snippet-end:[php.example_code.iam.iam_basics.scenario]`