Example 1 with DecodeAuthorizationMessageResult
use of com.amazonaws.services.securitytoken.model.DecodeAuthorizationMessageResult in project cloudbreak by hortonworks.
the class AwsEncodedAuthorizationFailureMessageDecoder method getResultMessage.
private String getResultMessage(AwsCredentialView credentialView, String region, String encodedMessage) {
AmazonSecurityTokenServiceClient awsSts = awsClient.createSecurityTokenService(credentialView, region);
DecodeAuthorizationMessageRequest decodeAuthorizationMessageRequest = new DecodeAuthorizationMessageRequest().withEncodedMessage(encodedMessage);
DecodeAuthorizationMessageResult decodeAuthorizationMessageResult = awsSts.decodeAuthorizationMessage(decodeAuthorizationMessageRequest);
String decodedMessage = decodeAuthorizationMessageResult.getDecodedMessage();
Json authorizationError = new Json(decodedMessage);
String action = authorizationError.getValue("context.action");
String resource = authorizationError.getValue("context.resource");
return String.format("Your AWS credential is not authorized to perform action %s on resource %s. " + "Please contact your system administrator to update your AWS policy.", action, resource);
}
Also used :
DecodeAuthorizationMessageResult(com.amazonaws.services.securitytoken.model.DecodeAuthorizationMessageResult)
DecodeAuthorizationMessageRequest(com.amazonaws.services.securitytoken.model.DecodeAuthorizationMessageRequest)
Json(com.sequenceiq.cloudbreak.common.json.Json)
AmazonSecurityTokenServiceClient(com.sequenceiq.cloudbreak.cloud.aws.common.client.AmazonSecurityTokenServiceClient)
Aggregations
DecodeAuthorizationMessageRequest (com.amazonaws.services.securitytoken.model.DecodeAuthorizationMessageRequest)1
DecodeAuthorizationMessageResult (com.amazonaws.services.securitytoken.model.DecodeAuthorizationMessageResult)1
AmazonSecurityTokenServiceClient (com.sequenceiq.cloudbreak.cloud.aws.common.client.AmazonSecurityTokenServiceClient)1
Json (com.sequenceiq.cloudbreak.common.json.Json)1
