Examples with AWSSecurityTokenServiceClient com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient used on opensource projects

Search in sources :

Example 11 with AWSSecurityTokenServiceClient

use of com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient in project athenz by yahoo.

the class InstanceAWSProviderTest method testVerifyInstanceIdentityARNMismatch.

@Test
public void testVerifyInstanceIdentityARNMismatch() {
    MockInstanceAWSProvider provider = new MockInstanceAWSProvider();
    provider.setIdentitySuper(true);
    AWSSecurityTokenServiceClient mockClient = Mockito.mock(AWSSecurityTokenServiceClient.class);
    GetCallerIdentityResult result = Mockito.mock(GetCallerIdentityResult.class);
    Mockito.when(result.getArn()).thenReturn("arn:aws:sts::1235:assumed-role/athenz.service/athenz.service");
    Mockito.when(mockClient.getCallerIdentity(ArgumentMatchers.any())).thenReturn(result);
    provider.setStsClient(mockClient);
    AWSAttestationData info = new AWSAttestationData();
    info.setRole("athenz.service");
    assertFalse(provider.verifyInstanceIdentity(info, "1234"));
}
Also used : AWSSecurityTokenServiceClient(com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient) GetCallerIdentityResult(com.amazonaws.services.securitytoken.model.GetCallerIdentityResult) Test(org.testng.annotations.Test)

Example 12 with AWSSecurityTokenServiceClient

use of com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient in project athenz by yahoo.

the class MockCloudStore method getTokenServiceClient.

@Override
public AWSSecurityTokenServiceClient getTokenServiceClient() {
    if (exceptionStatusCode != 0) {
        if (amazonException) {
            AmazonServiceException ex = new AmazonServiceException("Error");
            ex.setStatusCode(exceptionStatusCode);
            throw ex;
        } else {
            throw new IllegalArgumentException("Error");
        }
    } else {
        AWSSecurityTokenServiceClient client = Mockito.mock(AWSSecurityTokenServiceClient.class);
        Mockito.when(client.assumeRole(Mockito.any(AssumeRoleRequest.class))).thenReturn(assumeRoleResult);
        Mockito.when(client.getCallerIdentity(Mockito.any(GetCallerIdentityRequest.class))).thenReturn(callerIdentityResult);
        return client;
    }
}
Also used : AssumeRoleRequest(com.amazonaws.services.securitytoken.model.AssumeRoleRequest) AmazonServiceException(com.amazonaws.AmazonServiceException) AWSSecurityTokenServiceClient(com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient) GetCallerIdentityRequest(com.amazonaws.services.securitytoken.model.GetCallerIdentityRequest)

Example 13 with AWSSecurityTokenServiceClient

use of com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient in project athenz by yahoo.

the class CloudStore method assumeAWSRole.

public AWSTemporaryCredentials assumeAWSRole(String account, String roleName, String principal) {
    if (!awsEnabled) {
        throw new ResourceException(ResourceException.INTERNAL_SERVER_ERROR, "AWS Support not enabled");
    }
    AssumeRoleRequest req = getAssumeRoleRequest(account, roleName, principal);
    AWSTemporaryCredentials tempCreds = null;
    try {
        AWSSecurityTokenServiceClient client = getTokenServiceClient();
        AssumeRoleResult res = client.assumeRole(req);
        Credentials awsCreds = res.getCredentials();
        tempCreds = new AWSTemporaryCredentials().setAccessKeyId(awsCreds.getAccessKeyId()).setSecretAccessKey(awsCreds.getSecretAccessKey()).setSessionToken(awsCreds.getSessionToken()).setExpiration(Timestamp.fromMillis(awsCreds.getExpiration().getTime()));
    } catch (Exception ex) {
        LOGGER.error("CloudStore: assumeAWSRole - unable to assume role: " + ex.getMessage());
        return null;
    }
    return tempCreds;
}
Also used : AssumeRoleRequest(com.amazonaws.services.securitytoken.model.AssumeRoleRequest) AWSSecurityTokenServiceClient(com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient) ResourceException(com.yahoo.athenz.zts.ResourceException) AssumeRoleResult(com.amazonaws.services.securitytoken.model.AssumeRoleResult) AWSTemporaryCredentials(com.yahoo.athenz.zts.AWSTemporaryCredentials) BasicSessionCredentials(com.amazonaws.auth.BasicSessionCredentials) Credentials(com.amazonaws.services.securitytoken.model.Credentials) AWSTemporaryCredentials(com.yahoo.athenz.zts.AWSTemporaryCredentials) TimeoutException(java.util.concurrent.TimeoutException) ResourceException(com.yahoo.athenz.zts.ResourceException) ExecutionException(java.util.concurrent.ExecutionException)

Example 14 with AWSSecurityTokenServiceClient

use of com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient in project cloudbreak by hortonworks.

the class AwsSessionCredentialClient method awsSecurityTokenServiceClient.

private AWSSecurityTokenServiceClient awsSecurityTokenServiceClient() {
    if (!awsEnvironmentVariableChecker.isAwsAccessKeyAvailable() || !awsEnvironmentVariableChecker.isAwsSecretAccessKeyAvailable()) {
        InstanceProfileCredentialsProvider instanceProfileCredentialsProvider = new InstanceProfileCredentialsProvider();
        LOGGER.info("AWSSecurityTokenServiceClient will use aws metadata because environment variables are undefined");
        return new AWSSecurityTokenServiceClient(instanceProfileCredentialsProvider);
    } else {
        LOGGER.info("AWSSecurityTokenServiceClient will use environment variables");
        return new AWSSecurityTokenServiceClient();
    }
}
Also used : InstanceProfileCredentialsProvider(com.amazonaws.auth.InstanceProfileCredentialsProvider) AWSSecurityTokenServiceClient(com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient)

Example 15 with AWSSecurityTokenServiceClient

use of com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient in project ice by Netflix.

the class AwsUtils method init.

/**
 * This method must be called before all methods can be used.
 * @param credentialsProvider
 */
public static void init(AWSCredentialsProvider credentialsProvider) {
    awsCredentialsProvider = credentialsProvider;
    clientConfig = new ClientConfiguration();
    String proxyHost = System.getProperty("https.proxyHost");
    String proxyPort = System.getProperty("https.proxyPort");
    if (proxyHost != null && proxyPort != null) {
        clientConfig.setProxyHost(proxyHost);
        clientConfig.setProxyPort(Integer.parseInt(proxyPort));
    }
    s3Client = new AmazonS3Client(awsCredentialsProvider, clientConfig);
    securityClient = new AWSSecurityTokenServiceClient(awsCredentialsProvider, clientConfig);
    if (System.getProperty("EC2_REGION") != null && !"us-east-1".equals(System.getProperty("EC2_REGION"))) {
        if ("global".equals(System.getProperty("EC2_REGION"))) {
            s3Client.setEndpoint("s3.amazonaws.com");
        } else {
            s3Client.setEndpoint("s3-" + System.getProperty("EC2_REGION") + ".amazonaws.com");
        }
    }
}
Also used : AmazonS3Client(com.amazonaws.services.s3.AmazonS3Client) AWSSecurityTokenServiceClient(com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient) ClientConfiguration(com.amazonaws.ClientConfiguration)

Aggregations

AWSSecurityTokenServiceClient (com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient)15 AssumeRoleRequest (com.amazonaws.services.securitytoken.model.AssumeRoleRequest)6 AssumeRoleResult (com.amazonaws.services.securitytoken.model.AssumeRoleResult)5 Test (org.testng.annotations.Test)4 ClientConfiguration (com.amazonaws.ClientConfiguration)3 Credentials (com.amazonaws.services.securitytoken.model.Credentials)3 AWSCredentials (com.amazonaws.auth.AWSCredentials)2 AWSCredentialsProvider (com.amazonaws.auth.AWSCredentialsProvider)2 BasicSessionCredentials (com.amazonaws.auth.BasicSessionCredentials)2 InstanceProfileCredentialsProvider (com.amazonaws.auth.InstanceProfileCredentialsProvider)2 AWSSecurityTokenService (com.amazonaws.services.securitytoken.AWSSecurityTokenService)2 GetCallerIdentityResult (com.amazonaws.services.securitytoken.model.GetCallerIdentityResult)2 AmazonServiceException (com.amazonaws.AmazonServiceException)1 BasicAWSCredentials (com.amazonaws.auth.BasicAWSCredentials)1 STSAssumeRoleSessionCredentialsProvider (com.amazonaws.auth.STSAssumeRoleSessionCredentialsProvider)1 AmazonS3Client (com.amazonaws.services.s3.AmazonS3Client)1 GetCallerIdentityRequest (com.amazonaws.services.securitytoken.model.GetCallerIdentityRequest)1 GetFederationTokenRequest (com.amazonaws.services.securitytoken.model.GetFederationTokenRequest)1 GetFederationTokenResult (com.amazonaws.services.securitytoken.model.GetFederationTokenResult)1 GetSessionTokenRequest (com.amazonaws.services.securitytoken.model.GetSessionTokenRequest)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial