Examples with Action com.amazonaws.auth.policy.Action used on opensource projects

Search in sources :

Example 1 with Action

use of com.amazonaws.auth.policy.Action in project conductor by Netflix.

the class SQSObservableQueue method getPolicy.

private String getPolicy(List<String> accountIds) {
    Policy policy = new Policy("AuthorizedWorkerAccessPolicy");
    Statement stmt = new Statement(Effect.Allow);
    Action action = SQSActions.SendMessage;
    stmt.getActions().add(action);
    stmt.setResources(new LinkedList<>());
    for (String accountId : accountIds) {
        Principal principal = new Principal(accountId);
        stmt.getPrincipals().add(principal);
    }
    stmt.getResources().add(new Resource(getQueueARN()));
    policy.getStatements().add(stmt);
    return policy.toJson();
}
Also used : Policy(com.amazonaws.auth.policy.Policy) Action(com.amazonaws.auth.policy.Action) Statement(com.amazonaws.auth.policy.Statement) Resource(com.amazonaws.auth.policy.Resource) Principal(com.amazonaws.auth.policy.Principal)

Example 2 with Action

use of com.amazonaws.auth.policy.Action in project aws-sdk-android by aws-amplify.

the class JsonPolicyWriter method jsonStringOf.

/**
 * Converts the given <code>Policy</code> into a JSON String.
 *
 * @param policy the policy to be converted.
 * @return a JSON String of the specified policy object.
 */
private String jsonStringOf(Policy policy) throws IOException {
    jsonWriter.beginObject();
    writeJsonKeyValue(JsonDocumentFields.VERSION, policy.getVersion());
    if (isNotNull(policy.getId()))
        writeJsonKeyValue(JsonDocumentFields.POLICY_ID, policy.getId());
    writeJsonArrayStart(JsonDocumentFields.STATEMENT);
    for (Statement statement : policy.getStatements()) {
        jsonWriter.beginObject();
        if (isNotNull(statement.getId())) {
            writeJsonKeyValue(JsonDocumentFields.STATEMENT_ID, statement.getId());
        }
        writeJsonKeyValue(JsonDocumentFields.STATEMENT_EFFECT, statement.getEffect().toString());
        List<Principal> principals = statement.getPrincipals();
        if (isNotNull(principals) && !principals.isEmpty())
            writePrincipals(principals);
        List<Action> actions = statement.getActions();
        if (isNotNull(actions) && !actions.isEmpty())
            writeActions(actions);
        List<Resource> resources = statement.getResources();
        if (isNotNull(resources) && !resources.isEmpty())
            writeResources(resources);
        List<Condition> conditions = statement.getConditions();
        if (isNotNull(conditions) && !conditions.isEmpty())
            writeConditions(conditions);
        jsonWriter.endObject();
    }
    writeJsonArrayEnd();
    jsonWriter.endObject();
    jsonWriter.flush();
    return writer.toString();
}
Also used : Condition(com.amazonaws.auth.policy.Condition) Action(com.amazonaws.auth.policy.Action) Statement(com.amazonaws.auth.policy.Statement) Resource(com.amazonaws.auth.policy.Resource) Principal(com.amazonaws.auth.policy.Principal)

Example 3 with Action

use of com.amazonaws.auth.policy.Action in project cloudbreak by hortonworks.

the class AwsCredentialVerifier method getRequiredActions.

private List<RequiredAction> getRequiredActions(String policies) throws IOException {
    List<RequiredAction> requiredActions = new ArrayList<>();
    Policy policy = new JsonPolicyReader().createPolicyFromJsonString(policies);
    for (Statement statement : policy.getStatements()) {
        RequiredAction requiredAction = new RequiredAction();
        List<Action> actions = statement.getActions();
        if (actions != null) {
            List<String> actionNames = actions.stream().map(e -> e.getActionName()).collect(Collectors.toList());
            requiredAction.setActionNames(actionNames);
        }
        List<Condition> conditions = statement.getConditions();
        if (conditions != null) {
            for (Condition condition : conditions) {
                ContextEntry contextEntry = new ContextEntry();
                contextEntry.setContextKeyName(condition.getConditionKey());
                contextEntry.setContextKeyType(ContextKeyTypeEnum.String);
                contextEntry.setContextKeyValues(condition.getValues());
                requiredAction.getConditions().add(contextEntry);
            }
        }
        String resourceString = statement.getResources().stream().findFirst().get().getId();
        requiredAction.setResourceArn(resourceString);
        Optional<RequiredAction> first = requiredActions.stream().filter(e -> e.getConditions().equals(requiredAction.getConditions()) && e.getResourceArn().equals(requiredAction.getResourceArn())).findFirst();
        if (first.isPresent()) {
            requiredActions.remove(first.get());
            requiredAction.getActionNames().addAll(first.get().getActionNames());
            requiredAction.getConditions().addAll(first.get().getConditions());
            requiredActions.add(requiredAction);
        } else {
            requiredActions.add(requiredAction);
        }
    }
    return requiredActions;
}
Also used : Policy(com.amazonaws.auth.policy.Policy) JsonPolicyReader(com.amazonaws.auth.policy.internal.JsonPolicyReader) Policy(com.amazonaws.auth.policy.Policy) AwsCredentialCachingConfig(com.sequenceiq.cloudbreak.cloud.aws.common.cache.AwsCredentialCachingConfig) Action(com.amazonaws.auth.policy.Action) Cacheable(org.springframework.cache.annotation.Cacheable) LoggerFactory(org.slf4j.LoggerFactory) SimulatePrincipalPolicyRequest(com.amazonaws.services.identitymanagement.model.SimulatePrincipalPolicyRequest) ContextEntry(com.amazonaws.services.identitymanagement.model.ContextEntry) ArrayList(java.util.ArrayList) AwsPermissionMissingException(com.sequenceiq.cloudbreak.cloud.aws.common.exception.AwsPermissionMissingException) Inject(javax.inject.Inject) AwsCredentialView(com.sequenceiq.cloudbreak.cloud.aws.common.view.AwsCredentialView) Service(org.springframework.stereotype.Service) ContextKeyTypeEnum(com.amazonaws.services.identitymanagement.model.ContextKeyTypeEnum) AmazonIdentityManagementClient(com.sequenceiq.cloudbreak.cloud.aws.common.client.AmazonIdentityManagementClient) Statement(com.amazonaws.auth.policy.Statement) GetCallerIdentityResult(com.amazonaws.services.securitytoken.model.GetCallerIdentityResult) Logger(org.slf4j.Logger) JsonPolicyReader(com.amazonaws.auth.policy.internal.JsonPolicyReader) IOException(java.io.IOException) Collectors(java.util.stream.Collectors) Collectors.joining(java.util.stream.Collectors.joining) GetCallerIdentityRequest(com.amazonaws.services.securitytoken.model.GetCallerIdentityRequest) SimulatePrincipalPolicyResult(com.amazonaws.services.identitymanagement.model.SimulatePrincipalPolicyResult) Base64(java.util.Base64) List(java.util.List) AmazonSecurityTokenServiceClient(com.sequenceiq.cloudbreak.cloud.aws.common.client.AmazonSecurityTokenServiceClient) Optional(java.util.Optional) Collections(java.util.Collections) Condition(com.amazonaws.auth.policy.Condition) Condition(com.amazonaws.auth.policy.Condition) Action(com.amazonaws.auth.policy.Action) Statement(com.amazonaws.auth.policy.Statement) ArrayList(java.util.ArrayList) ContextEntry(com.amazonaws.services.identitymanagement.model.ContextEntry)

Example 4 with Action

use of com.amazonaws.auth.policy.Action in project aws-sdk-android by aws-amplify.

the class JsonPolicyWriter method writeActions.

/**
 * Writes the list of <code>Action</code>s to the JSONGenerator.
 *
 * @param actions the list of the actions to be written.
 */
private void writeActions(List<Action> actions) throws IOException {
    List<String> actionStrings = new ArrayList<String>();
    for (Action action : actions) {
        actionStrings.add(action.getActionName());
    }
    writeJsonArray(JsonDocumentFields.ACTION, actionStrings);
}
Also used : Action(com.amazonaws.auth.policy.Action) ArrayList(java.util.ArrayList)

Example 5 with Action

use of com.amazonaws.auth.policy.Action in project cerberus by Nike-Inc.

the class KmsPolicyServiceTest method test_that_overwriteCMSPolicy_returns_policy_that_includes_missing_actions.

@Test
public void test_that_overwriteCMSPolicy_returns_policy_that_includes_missing_actions() throws IOException {
    InputStream policy = getClass().getClassLoader().getResourceAsStream("com/nike/cerberus/service/invalid-cerberus-kms-key-policy-cms-cannot-delete.json");
    String policyJsonAsString = IOUtils.toString(policy, "UTF-8");
    Action actionNotIncludedInInvalidJson1 = KMSActions.ScheduleKeyDeletion;
    Action actionNotIncludedInInvalidJson2 = KMSActions.CancelKeyDeletion;
    String result = kmsPolicyService.overwriteCMSPolicy(policyJsonAsString);
    assertFalse(StringUtils.equals(policyJsonAsString, result));
    assertTrue(StringUtils.contains(result, actionNotIncludedInInvalidJson1.getActionName()));
    assertTrue(StringUtils.contains(result, actionNotIncludedInInvalidJson2.getActionName()));
    assertTrue(kmsPolicyService.cmsHasKeyDeletePermissions(result));
    policy.close();
}
Also used : Action(com.amazonaws.auth.policy.Action) InputStream(java.io.InputStream) Test(org.junit.Test)

Aggregations

Action (com.amazonaws.auth.policy.Action)6 Statement (com.amazonaws.auth.policy.Statement)4 Condition (com.amazonaws.auth.policy.Condition)2 Policy (com.amazonaws.auth.policy.Policy)2 Principal (com.amazonaws.auth.policy.Principal)2 Resource (com.amazonaws.auth.policy.Resource)2 ArrayList (java.util.ArrayList)2 Test (org.junit.Test)2 JsonPolicyReader (com.amazonaws.auth.policy.internal.JsonPolicyReader)1 ContextEntry (com.amazonaws.services.identitymanagement.model.ContextEntry)1 ContextKeyTypeEnum (com.amazonaws.services.identitymanagement.model.ContextKeyTypeEnum)1 SimulatePrincipalPolicyRequest (com.amazonaws.services.identitymanagement.model.SimulatePrincipalPolicyRequest)1 SimulatePrincipalPolicyResult (com.amazonaws.services.identitymanagement.model.SimulatePrincipalPolicyResult)1 GetCallerIdentityRequest (com.amazonaws.services.securitytoken.model.GetCallerIdentityRequest)1 GetCallerIdentityResult (com.amazonaws.services.securitytoken.model.GetCallerIdentityResult)1 AwsCredentialCachingConfig (com.sequenceiq.cloudbreak.cloud.aws.common.cache.AwsCredentialCachingConfig)1 AmazonIdentityManagementClient (com.sequenceiq.cloudbreak.cloud.aws.common.client.AmazonIdentityManagementClient)1 AmazonSecurityTokenServiceClient (com.sequenceiq.cloudbreak.cloud.aws.common.client.AmazonSecurityTokenServiceClient)1 AwsPermissionMissingException (com.sequenceiq.cloudbreak.cloud.aws.common.exception.AwsPermissionMissingException)1 AwsCredentialView (com.sequenceiq.cloudbreak.cloud.aws.common.view.AwsCredentialView)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial