User guide
Console.WriteLine("Group 'DemoGroup' already exists.");
}
Create a Role
The following example creates a new role and then confirms whether the group was successfully created.
// using Amazon.IdentityManagement.Resources;
// using Amazon.IdentityManagement.Model;
var iam = new IdentityManagementService();
// GenerateAssumeRolePolicy() is a custom method.
string assumeRole = GenerateAssumeRolePolicy();
try
{
var role = iam.CreateRole(new CreateRoleRequest
{
RoleName = "DemoEC2",
AssumeRolePolicyDocument = assumeRole
});
Console.WriteLine(role.Name + " was created.");
}
catch (EntityAlreadyExistsException)
{
Console.WriteLine("Role 'DemoEC2' already exists.");
}
The preceding example relies on the following example to create the new policy.
The following example doesn't use the AWS Resource APIs for .NET, as the resource APIs currently
don't support creating a policy document. However, this example is presented for completeness:
public static string GenerateAssumeRolePolicy()
{
// using Amazon.Auth.AccessControlPolicy;
// Create a policy that looks like this:
/*
{
"Version": "2012-10-17",
"Id": "DemoEC2Trust",
"Statement": [
{
"Sid": "DemoEC2TrustStatement",
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
*/
Version v2.0.0
99
AWS SDK for .NET Developer Guide
IAM Resource API Examples