static void SetVaultAccessPolicy(IAmazonGlacier glacier)
{
// note - the actual account ID is required in the arn being constructed
// here; it should have been set by modifying the sample code before running
// or, if left as '-' by default, by the vault creation logic.
var jsonPolicy = @"{
""Version"":""2012-10-17"",
""Statement"":[
{
""Sid"": ""glacier-perm"",
""Principal"": {""AWS"":""arn:aws:iam::" + _accountId + @":root""},
""Effect"": ""Allow"",
""Action"": [
""glacier:*""
],
""Resource"": [
""arn:aws:glacier:us-west-2:" + _accountId + @":vaults/" + VaultName + @"""
]
}
]
}";
var req = new SetVaultAccessPolicyRequest
{
VaultName = VaultName,
Policy = new VaultAccessPolicy
{
Policy = jsonPolicy
}
};
Task <SetVaultAccessPolicyResponse> res = glacier.SetVaultAccessPolicyAsync(req);
Task.WaitAll(res);
if (res.IsCompletedSuccessfully)
{
Console.WriteLine($"Vault access policy set successfully on vault {VaultName}");
}
}
private Amazon.Glacier.Model.SetVaultAccessPolicyResponse CallAWSServiceOperation(IAmazonGlacier client, Amazon.Glacier.Model.SetVaultAccessPolicyRequest request)
{
Utils.Common.WriteVerboseEndpointMessage(this, client.Config, "Amazon Glacier", "SetVaultAccessPolicy");
try
{
#if DESKTOP
return(client.SetVaultAccessPolicy(request));
#elif CORECLR
return(client.SetVaultAccessPolicyAsync(request).GetAwaiter().GetResult());
#else
#error "Unknown build edition"
#endif
}
catch (AmazonServiceException exc)
{
var webException = exc.InnerException as System.Net.WebException;
if (webException != null)
{
throw new Exception(Utils.Common.FormatNameResolutionFailureMessage(client.Config, webException.Message), webException);
}
throw;
}
}