All Products
Search

This Product

    Resource Access Management:Call examples of IMS SDK for Python

    Document Center

    Resource Access Management:Call examples of IMS SDK for Python

    Last Updated:Jul 17, 2024

    This topic describes how to use Identity Management Service (IMS) SDK for Python to call the GetUser operation to query the details of a specific Resource Access Management (RAM) user.

    Step 1: View the API documentation

    To query the details of a specific RAM user, call the GetUser operation. For more information, see List of operations by function. For more information about the information and permissions that are required to call this operation, see GetUser. You can obtain information such as request parameters and permissions in the API reference.

    Step 2: Create a RAM user and grant permissions to the RAM user

    Identities

    You can use an Alibaba Cloud account, a RAM user, or a RAM role to call this operation. For more information about the differences among the identities, see Identity.

    In this example, a RAM user is used to call this operation.

    Log on to the RAM console and create a RAM user. For more information about how to create a RAM user, see Create a RAM user.

    Credentials

    Go to the details page of the RAM user. In the AccessKey section of the Authentication tab, click Create AccessKey to create an AccessKey pair. For more information, see Create an AccessKey pair.

    Important

    The AccessKey secret of a RAM user is displayed only when the RAM user is created. You cannot view the AccessKey secret after the RAM user is created. Store the AccessKey secret in a secure location.

    Authorization

    1. Go to the Users page in the RAM console, find the RAM user that you want to manage, and click Add Permissions in the Actions column.

    2. Enter the keyword ram in the search box and select the required system policy.

      • AliyunRAMFullAccess: grants the required permissions to manage RAM.

      • AliyunRAMReadOnlyAccess: grants read-only permissions on RAM.

      Note

      If system policies do not meet your requirements, you can create a custom policy. For more information, see Create custom policies and RAM authorization.

      In this example, the AliyunRAMReadOnlyAccess system policy is selected.

    3. Click Grant permissions to complete the authorization.

    Step 3: Call the operation

    In this topic, IMS SDK for Python is used to call this operation. You can use SDKs for other programming languages in a similar way. For more information, see IMS SDKs. In addition to ROS SDK, you can use other methods based on your business requirements to call the operation. For more information, see Overview.

    Prepare a Python environment

    Download and install Python 3.

    After you install Python 3, run the python --version command in the terminal to check the version of Python 3.

    Configure environment variables

    In this example, environment variables are configured to manage the AccessKey pair and prevent security risks that are caused by hard-coding the AccessKey pair into your business code. For more information, see Configure environment variables in Linux, macOS, and Windows.

    Install dependencies

    pip install alibabacloud_credentials
pip install alibabacloud_ims20190815==3.0.1
pip install alibabacloud_tea_console

    Download the sample code

    1. In OpenAPI Explorer, call the GetUser operation.

    2. Specify the request parameters, click Initiate Call, and then check whether the call is successful.

    3. On the Python tab of the SDK Sample Code tab, click Download Project to download the sample code package of IMS SDK for Python.

    4. Decompress the sample code package on your computer and go to the alibabacloud_sample directory.

    Run the sample code

    Run the following command:

    python sample.py

    The following command output is displayed:

    {
	"headers": {
		"date": "Thu, 17 Aug 2023 09:07:54 GMT",
		"content-type": "application/json;charset=utf-8",
		"content-length": "344",
		"connection": "keep-alive",
		"keep-alive": "timeout=25",
		"access-control-allow-origin": "*",
		"access-control-expose-headers": "*",
		"x-acs-request-id": "CCDC0D83-7A3E-59F1-9A27-F04F267591DB",
		"x-acs-trace-id": "d98639642df3407007b84a6dc3f8bb0f",
		"etag": "316nsRQdGEB/4H8NITW6C/w4"
	},
	"statusCode": 200,
	"body": {
		"RequestId": "CCDC0D83-7A3E-59F1-9A27-F04F267591DB",
		"User": {
			"Comments": "This is a cloud computing engineer.",
			"CreateDate": "2021-05-06T07:37:48Z",
			"DisplayName": "vpc-dev",
			"Email": "",
			"LastLoginDate": "2022-05-06T07:37:48Z",
			"MobilePhone": "",
			"ProvisionType": "Manual",
			"Tags": {
				"Tag": []
			},
			"UpdateDate": "2021-05-06T07:37:48Z",
			"UserId": "22718132028666****",
			"UserPrincipalName": "vpc-dev@151266687691****.onaliyun.com"
		}
	}
}