本教程详细介绍如何使用Alibaba Cloud SDK for Java新建RAM用户并授权。
前提条件
在使用本教程前,请确保已完成以下操作:
- 使用Alibaba Cloud SDK for Java,您需要一个阿里云账号和访问密钥(AccessKey)。 请在阿里云控制台中的AccessKey管理页面上创建和查看您的AccessKey。
- 确保您已经安装了Alibaba Cloud SDK for Java,准确的SDK版本号,请参见阿里云开发工具包(SDK)。
<dependencies> <!-- https://mvnrepository.com/artifact/com.aliyun/aliyun-java-sdk-core --> <dependency> <groupId>com.aliyun</groupId> <artifactId>aliyun-java-sdk-core</artifactId> <version>4.4.3</version> </dependency> <!-- https://mvnrepository.com/artifact/com.aliyun/aliyun-java-sdk-ram --> <dependency> <groupId>com.aliyun</groupId> <artifactId>aliyun-java-sdk-ram</artifactId> <version>2.0.7</version> </dependency> </dependencies>
代码示例
本文操作示例主要以代码形式体现,具体代码如下:
import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.IAcsClient;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.profile.DefaultProfile;
import com.aliyuncs.ram.model.v20150501.*;
import com.google.gson.Gson;
/**
* 新建RAM用户,启用WEB控制台登录并绑定权限
*/
public class CreateRamUserDemo {
/**
* 新建RAM用户
*/
private CreateUserResponse createUser(CreateUserRequest request, IAcsClient client) throws ClientException {
return client.getAcsResponse(request);
}
/**
* 为一个RAM用户启用Web控制台登录
*/
private CreateLoginProfileResponse createLoginProfile(CreateLoginProfileRequest request, IAcsClient client) throws ClientException {
return client.getAcsResponse(request);
}
/**
* 为指定用户添加权限
*/
private AttachPolicyToUserResponse attachPolicyToUser(AttachPolicyToUserRequest request,IAcsClient client) throws ClientException {
return client.getAcsResponse(request);
}
private static void log_print(String functionName, Object result) {
Gson gson = new Gson();
System.out.println("-------------------------------" + functionName + "-------------------------------");
System.out.println(gson.toJson(result));
}
public static void main(String[] args) {
// 设置鉴权参数,初始化客户端
DefaultProfile profile = DefaultProfile.getProfile(
"cn-qingdao",// 地域ID
"your-access-key-id",// 您的AccessKey ID
"your-access-key-secret");// 您的AccessKey Secret
IAcsClient client = new DefaultAcsClient(profile);
CreateRamUserDemo createRamUserDemo = new CreateRamUserDemo();
try {
// 新建RAM用户
CreateUserRequest createUserRequest = new CreateUserRequest();
// 指定用户名
createUserRequest.setUserName("doctest");
// 显示名称
createUserRequest.setDisplayName("doc测试");
// 用户手机号
createUserRequest.setMobilePhone("1583773xxxx");
CreateUserResponse createUserResponse = createRamUserDemo.createUser(createUserRequest, client);
log_print("createUser",createUserResponse);
// 为新用户启用Web控制台登录
CreateLoginProfileRequest createLoginProfileRequest = new CreateLoginProfileRequest();
// 指定用户名
createLoginProfileRequest.setUserName("doctest");
// 指定密码,密码必须符合密码强度要求
createLoginProfileRequest.setPassword("87EFZdTs@$df");
CreateLoginProfileResponse createLoginProfileResponse = createRamUserDemo.createLoginProfile(createLoginProfileRequest, client);
log_print("createLoginProfile",createLoginProfileResponse);
// 为新用户添加权限
AttachPolicyToUserRequest attachPolicyToUserRequest = new AttachPolicyToUserRequest();
// 指定权限策略的类型, 取值为:System或Custom
attachPolicyToUserRequest.setPolicyType("System");
// 指定权限策略名称,AdministratorAccess:管理所有阿里云资源权限
attachPolicyToUserRequest.setPolicyName("AdministratorAccess");
// 指定用户名
attachPolicyToUserRequest.setUserName("doctest");
AttachPolicyToUserResponse attachPolicyToUserResponse = createRamUserDemo.attachPolicyToUser(attachPolicyToUserRequest, client);
log_print("attachPolicyToUser",attachPolicyToUserResponse);
} catch (ClientException e) {
System.out.println("ErrCode:" + e.getErrCode());
System.out.println("ErrMsg:" + e.getErrMsg());
System.out.println("RequestId:" + e.getRequestId());
}
}
}运行结果
正确运行结果类似如下:
-------------------------------createUser-------------------------------
{
"User": {
"Comments": "",
"Email": "",
"UserName": "doctest",
"UserId": "22930857069752xxxx",
"MobilePhone": "86-1583773xxxx",
"DisplayName": "doc测试",
"CreateDate": "2019-10-10T08:52:04Z"
},
"RequestId": "D5F7497E-C6AA-4C62-BD61-F9FA2279998E"
}
-------------------------------createLoginProfile-------------------------------
{
"RequestId": "D1AD4033-5986-4EEE-89E4-DF821169FCC2",
"LoginProfile": {
"PasswordResetRequired": false,
"MFABindRequired": false,
"UserName": "doctest",
"CreateDate": "2019-10-10T08:52:04Z"
}
}
-------------------------------attachPolicyToUser-------------------------------
{
"RequestId": "60B4077D-B8B9-447F-88BF-E48E4443B715"
}