Examples with Principal com.amazonaws.auth.policy.Principal used on opensource projects

Search in sources :

Example 1 with Principal

use of com.amazonaws.auth.policy.Principal in project conductor by Netflix.

the class SQSObservableQueue method getPolicy.

private String getPolicy(List<String> accountIds) {
    Policy policy = new Policy("AuthorizedWorkerAccessPolicy");
    Statement stmt = new Statement(Effect.Allow);
    Action action = SQSActions.SendMessage;
    stmt.getActions().add(action);
    stmt.setResources(new LinkedList<>());
    for (String accountId : accountIds) {
        Principal principal = new Principal(accountId);
        stmt.getPrincipals().add(principal);
    }
    stmt.getResources().add(new Resource(getQueueARN()));
    policy.getStatements().add(stmt);
    return policy.toJson();
}
Also used : Policy(com.amazonaws.auth.policy.Policy) Action(com.amazonaws.auth.policy.Action) Statement(com.amazonaws.auth.policy.Statement) Resource(com.amazonaws.auth.policy.Resource) Principal(com.amazonaws.auth.policy.Principal)

Example 2 with Principal

use of com.amazonaws.auth.policy.Principal in project cerberus by Nike-Inc.

the class KmsServiceTest method test_that_filterKeysCreatedByKmsService_filters_out_keys_that_do_not_contain_expected_arn_prefix.

@Test
public void test_that_filterKeysCreatedByKmsService_filters_out_keys_that_do_not_contain_expected_arn_prefix() {
    Policy policyThatShouldBeInSet = new Policy().withStatements(new Statement(Statement.Effect.Allow).withId(CERBERUS_MANAGEMENT_SERVICE_SID).withPrincipals(new Principal("arn:aws:iam:123456:role/" + ENV + "-cms-role-alk234khsdf")), new Statement(Statement.Effect.Allow), new Statement(Statement.Effect.Allow), new Statement(Statement.Effect.Allow));
    Policy policyThatShouldNotBeInSet = new Policy().withStatements(new Statement(Statement.Effect.Allow).withId(CERBERUS_MANAGEMENT_SERVICE_SID).withPrincipals(new Principal("arn:aws:iam:123456:role/prod-cms-role-alk234khsdf")), new Statement(Statement.Effect.Allow), new Statement(Statement.Effect.Allow), new Statement(Statement.Effect.Allow));
    Policy policyThatWasntCreatedByCms = new Policy().withStatements(new Statement(Statement.Effect.Allow).withId("foo-bar").withPrincipals(new Principal("arn:aws:iam:123456:role/" + ENV + "-cms-role-alk234khsdf")));
    KmsService kmsServiceSpy = spy(kmsService);
    Set<String> allKmsCmkIdsForRegion = ImmutableSet.of("key1", "key2", "key3", "key4", "key5");
    String region = "us-west-2";
    Set<String> expectedKeys = ImmutableSet.of("key3");
    doReturn(Optional.of(policyThatShouldNotBeInSet)).when(kmsServiceSpy).downloadPolicy("key1", region, 0);
    doReturn(Optional.of(policyThatShouldNotBeInSet)).when(kmsServiceSpy).downloadPolicy("key2", region, 0);
    doReturn(Optional.of(policyThatShouldBeInSet)).when(kmsServiceSpy).downloadPolicy("key3", region, 0);
    doReturn(Optional.of(policyThatShouldNotBeInSet)).when(kmsServiceSpy).downloadPolicy("key4", region, 0);
    doReturn(Optional.of(policyThatWasntCreatedByCms)).when(kmsServiceSpy).downloadPolicy("key5", region, 0);
    Set<String> actual = kmsServiceSpy.filterKeysCreatedByKmsService(allKmsCmkIdsForRegion, region);
    assertEquals(expectedKeys, actual);
}
Also used : Policy(com.amazonaws.auth.policy.Policy) Statement(com.amazonaws.auth.policy.Statement) Principal(com.amazonaws.auth.policy.Principal) Test(org.junit.Test)

Example 3 with Principal

use of com.amazonaws.auth.policy.Principal in project cloudbreak by hortonworks.

the class AwsIamServiceTest method testGetAssumeRolePolicyDocument.

@Test
public void testGetAssumeRolePolicyDocument() throws IOException {
    String assumeRolePolicyDocument = awsIamService.getResourceFileAsString("json/aws-assume-role-policy-document.json");
    String encodedAssumeRolePolicyDocument = URLEncoder.encode(assumeRolePolicyDocument, StandardCharsets.UTF_8);
    Statement statement = new Statement(Effect.Allow).withId("1").withPrincipals(new Principal("AWS", "arn:aws:iam::123456890:role/assume-role")).withActions(SecurityTokenServiceActions.AssumeRole);
    Policy expectedAssumeRolePolicy = new Policy().withStatements(statement);
    Role role = mock(Role.class);
    when(role.getAssumeRolePolicyDocument()).thenReturn(encodedAssumeRolePolicyDocument);
    Policy assumeRolePolicy = awsIamService.getAssumeRolePolicy(role);
    assertThat(assumeRolePolicy).isNotNull();
    assertThat(assumeRolePolicy.toJson()).isEqualTo(expectedAssumeRolePolicy.toJson());
}
Also used : Policy(com.amazonaws.auth.policy.Policy) Role(com.amazonaws.services.identitymanagement.model.Role) Statement(com.amazonaws.auth.policy.Statement) Principal(com.amazonaws.auth.policy.Principal) Test(org.junit.jupiter.api.Test)

Example 4 with Principal

use of com.amazonaws.auth.policy.Principal in project aws-sdk-android by aws-amplify.

the class JsonPolicyWriter method jsonStringOf.

/**
 * Converts the given <code>Policy</code> into a JSON String.
 *
 * @param policy the policy to be converted.
 * @return a JSON String of the specified policy object.
 */
private String jsonStringOf(Policy policy) throws IOException {
    jsonWriter.beginObject();
    writeJsonKeyValue(JsonDocumentFields.VERSION, policy.getVersion());
    if (isNotNull(policy.getId()))
        writeJsonKeyValue(JsonDocumentFields.POLICY_ID, policy.getId());
    writeJsonArrayStart(JsonDocumentFields.STATEMENT);
    for (Statement statement : policy.getStatements()) {
        jsonWriter.beginObject();
        if (isNotNull(statement.getId())) {
            writeJsonKeyValue(JsonDocumentFields.STATEMENT_ID, statement.getId());
        }
        writeJsonKeyValue(JsonDocumentFields.STATEMENT_EFFECT, statement.getEffect().toString());
        List<Principal> principals = statement.getPrincipals();
        if (isNotNull(principals) && !principals.isEmpty())
            writePrincipals(principals);
        List<Action> actions = statement.getActions();
        if (isNotNull(actions) && !actions.isEmpty())
            writeActions(actions);
        List<Resource> resources = statement.getResources();
        if (isNotNull(resources) && !resources.isEmpty())
            writeResources(resources);
        List<Condition> conditions = statement.getConditions();
        if (isNotNull(conditions) && !conditions.isEmpty())
            writeConditions(conditions);
        jsonWriter.endObject();
    }
    writeJsonArrayEnd();
    jsonWriter.endObject();
    jsonWriter.flush();
    return writer.toString();
}
Also used : Condition(com.amazonaws.auth.policy.Condition) Action(com.amazonaws.auth.policy.Action) Statement(com.amazonaws.auth.policy.Statement) Resource(com.amazonaws.auth.policy.Resource) Principal(com.amazonaws.auth.policy.Principal)

Example 5 with Principal

use of com.amazonaws.auth.policy.Principal in project aws-sdk-android by aws-amplify.

the class JsonPolicyWriter method groupPrincipalByScheme.

/**
 * Groups the list of <code>Principal</code>s by the Scheme.
 *
 * @param principals the list of <code>Principal</code>s
 * @return a map grouped by scheme of the principal.
 */
private Map<String, List<String>> groupPrincipalByScheme(List<Principal> principals) {
    Map<String, List<String>> principalsByScheme = new HashMap<String, List<String>>();
    String provider;
    List<String> principalValues;
    for (Principal principal : principals) {
        provider = principal.getProvider();
        if (!principalsByScheme.containsKey(provider)) {
            principalsByScheme.put(provider, new ArrayList<String>());
        }
        principalValues = principalsByScheme.get(provider);
        principalValues.add(principal.getId());
    }
    return principalsByScheme;
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) List(java.util.List) Principal(com.amazonaws.auth.policy.Principal)

Aggregations

Principal (com.amazonaws.auth.policy.Principal)5 Statement (com.amazonaws.auth.policy.Statement)4 Policy (com.amazonaws.auth.policy.Policy)3 Action (com.amazonaws.auth.policy.Action)2 Resource (com.amazonaws.auth.policy.Resource)2 Condition (com.amazonaws.auth.policy.Condition)1 Role (com.amazonaws.services.identitymanagement.model.Role)1 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1 List (java.util.List)1 Test (org.junit.Test)1 Test (org.junit.jupiter.api.Test)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial