当前位置: 首页>>代码示例>>Java>>正文


Java Principal类代码示例

本文整理汇总了Java中com.amazonaws.auth.policy.Principal的典型用法代码示例。如果您正苦于以下问题:Java Principal类的具体用法?Java Principal怎么用?Java Principal使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


Principal类属于com.amazonaws.auth.policy包,在下文中一共展示了Principal类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: writePrincipals

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
/**
 * Writes the list of <code>Principal</code>s to the JSONGenerator.
 *
 * @param principals
 *            the list of principals to be written.
 */
private void writePrincipals(List<Principal> principals)
        throws JsonGenerationException, IOException {
    if (principals.size() == 1 && principals.get(0).equals(Principal.All)) {
        writeJsonKeyValue(JsonDocumentFields.PRINCIPAL, Principal.All.getId());
    } else {
        writeJsonObjectStart(JsonDocumentFields.PRINCIPAL);

        Map<String, List<String>> principalsByScheme = groupPrincipalByScheme(principals);

        List<String> principalValues;
        for (Map.Entry<String, List<String>> entry : principalsByScheme.entrySet()) {
            principalValues = principalsByScheme.get(entry.getKey());

            if (principalValues.size() == 1) {
                writeJsonKeyValue(entry.getKey(), principalValues.get(0));
            } else {
                writeJsonArray(entry.getKey(), principalValues);
            }

        }
        writeJsonObjectEnd();
    }
}
 
开发者ID:IBM,项目名称:ibm-cos-sdk-java,代码行数:30,代码来源:JsonPolicyWriter.java

示例2: groupPrincipalByScheme

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
/**
 * Groups the list of <code>Principal</code>s by the Scheme.
 *
 * @param principals
 *            the list of <code>Principal</code>s
 * @return a map grouped by scheme of the principal.
 */
private Map<String, List<String>> groupPrincipalByScheme(
        List<Principal> principals) {
    Map<String, List<String>> principalsByScheme = new LinkedHashMap<String, List<String>>();

    String provider;
    List<String> principalValues;
    for (Principal principal : principals) {
        provider = principal.getProvider();
        if (!principalsByScheme.containsKey(provider)) {
            principalsByScheme.put(provider, new ArrayList<String>());
        }
        principalValues = principalsByScheme.get(provider);
        principalValues.add(principal.getId());
    }

    return principalsByScheme;
}
 
开发者ID:IBM,项目名称:ibm-cos-sdk-java,代码行数:25,代码来源:JsonPolicyWriter.java

示例3: generateStandardCMSPolicyStatement

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
/**
 * Generates the standard KMS key policy statement for the Cerberus Management Service
 */
protected Statement generateStandardCMSPolicyStatement() {
    Statement cmsStatement = new Statement(Statement.Effect.Allow);
    cmsStatement.withId(CERBERUS_MANAGEMENT_SERVICE_SID);
    cmsStatement.withPrincipals(new Principal(AWS_PROVIDER, cmsRoleArn, false));
    cmsStatement.withActions(
            KMSActions.Encrypt,
            KMSActions.Decrypt,
            KMSActions.ReEncryptFrom,
            KMSActions.ReEncryptTo,
            KMSActions.GenerateDataKey,
            KMSActions.GenerateDataKeyWithoutPlaintext,
            KMSActions.GenerateRandom,
            KMSActions.DescribeKey,
            KMSActions.ScheduleKeyDeletion,
            KMSActions.CancelKeyDeletion);
    cmsStatement.withResources(new Resource("*"));

    return cmsStatement;
}
 
开发者ID:Nike-Inc,项目名称:cerberus-management-service,代码行数:23,代码来源:KmsPolicyService.java

示例4: subscribeQueueToTopic

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
public String subscribeQueueToTopic(String snsTopicArn, String sqsQueueUrl){		
       Map<String, String> queueAttributes = sqsClient.getQueueAttributes(new GetQueueAttributesRequest(sqsQueueUrl)
               .withAttributeNames(QueueAttributeName.QueueArn.toString())).getAttributes();
       String sqsQueueArn = queueAttributes.get(QueueAttributeName.QueueArn.toString());

       Policy policy = new Policy().withStatements(
               new Statement(Effect.Allow)
                   .withId("topic-subscription-" + snsTopicArn)
                   .withPrincipals(Principal.AllUsers)
                   .withActions(SQSActions.SendMessage)
                   .withResources(new Resource(sqsQueueArn))
                   .withConditions(ConditionFactory.newSourceArnCondition(snsTopicArn)));

       logger.debug("Policy: " + policy.toJson());

       queueAttributes = new HashMap<String, String>();
       queueAttributes.put(QueueAttributeName.Policy.toString(), policy.toJson());
       sqsClient.setQueueAttributes(new SetQueueAttributesRequest(sqsQueueUrl, queueAttributes));

       SubscribeResult subscribeResult =
               snsClient.subscribe(new SubscribeRequest()
                   .withEndpoint(sqsQueueArn)
                   .withProtocol("sqs")
                   .withTopicArn(snsTopicArn));
       return subscribeResult.getSubscriptionArn();
}
 
开发者ID:TimShi,项目名称:s3_video,代码行数:27,代码来源:AWSAdapter.java

示例5: principalOf

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
/**
 * Generates a list of principals from the Principal Json Node
 *
 * @param principalNodes
 *            the principal Json to be parsed
 * @return a list of principals
 */
private List<Principal> principalOf(JsonNode principalNodes) {
    List<Principal> principals = new LinkedList<Principal>();

    if (principalNodes.asText().equals("*")) {
        principals.add(Principal.All);
        return principals;
    }

    Iterator<Map.Entry<String, JsonNode>> mapOfPrincipals = principalNodes
            .fields();
    String schema;
    JsonNode principalNode;
    Entry<String, JsonNode> principal;
    Iterator<JsonNode> elements;
    while (mapOfPrincipals.hasNext()) {
        principal = mapOfPrincipals.next();
        schema = principal.getKey();
        principalNode = principal.getValue();

        if (principalNode.isArray()) {
            elements = principalNode.elements();
            while (elements.hasNext()) {
                principals.add(createPrincipal(schema, elements.next()));
            }
        } else {
            principals.add(createPrincipal(schema, principalNode));
        }
    }

    return principals;
}
 
开发者ID:IBM,项目名称:ibm-cos-sdk-java,代码行数:39,代码来源:JsonPolicyReader.java

示例6: createPrincipal

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
/**
 * Creates a new principal instance for the given schema and the Json node.
 *
 * @param schema
 *            the schema for the principal instance being created.
 * @param principalNode
 *            the node indicating the AWS account that is making the
 *            request.
 * @return a principal instance.
 */
private Principal createPrincipal(String schema, JsonNode principalNode) {
    if (schema.equalsIgnoreCase(PRINCIPAL_SCHEMA_USER)) {
        return new Principal(PRINCIPAL_SCHEMA_USER, principalNode.asText(), options.isStripAwsPrincipalIdHyphensEnabled());
    } else if (schema.equalsIgnoreCase(PRINCIPAL_SCHEMA_SERVICE)) {
        return new Principal(schema, principalNode.asText());
    } else if (schema.equalsIgnoreCase(PRINCIPAL_SCHEMA_FEDERATED)) {
        if (WebIdentityProviders.fromString(principalNode.asText()) != null) {
            return new Principal(WebIdentityProviders.fromString(principalNode.asText()));
        } else {
            return new Principal(PRINCIPAL_SCHEMA_FEDERATED, principalNode.asText());
        }
    }
    throw new SdkClientException("Schema " + schema + " is not a valid value for the principal.");
}
 
开发者ID:IBM,项目名称:ibm-cos-sdk-java,代码行数:25,代码来源:JsonPolicyReader.java

示例7: getPolicy

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
private String getPolicy(List<String> accountIds) {
	Policy policy = new Policy("AuthorizedWorkerAccessPolicy");
	Statement stmt = new Statement(Effect.Allow);
	Action action = SQSActions.SendMessage;
	stmt.getActions().add(action);
	stmt.setResources(new LinkedList<>());
	for(String accountId : accountIds) {
		Principal principal = new Principal(accountId);
		stmt.getPrincipals().add(principal);
	}
	stmt.getResources().add(new Resource(getQueueARN()));
	policy.getStatements().add(stmt);
	return policy.toJson();
}
 
开发者ID:Netflix,项目名称:conductor,代码行数:15,代码来源:SQSObservableQueue.java

示例8: generateStandardKmsPolicy

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
public String generateStandardKmsPolicy(String iamRoleArn) {
    Policy kmsPolicy = new Policy();

    Statement rootUserStatement = new Statement(Statement.Effect.Allow);
    rootUserStatement.withId("Root User Has All Actions");
    rootUserStatement.withPrincipals(new Principal(AWS_PROVIDER, rootUserArn, false));
    rootUserStatement.withActions(KMSActions.AllKMSActions);
    rootUserStatement.withResources(new Resource("*"));

    Statement keyAdministratorStatement = new Statement(Statement.Effect.Allow);
    keyAdministratorStatement.withId("Admin Role Has All Actions");
    keyAdministratorStatement.withPrincipals(new Principal(AWS_PROVIDER, adminRoleArn, false));
    keyAdministratorStatement.withActions(KMSActions.AllKMSActions);
    keyAdministratorStatement.withResources(new Resource("*"));

    Statement instanceUsageStatement = generateStandardCMSPolicyStatement();

    Statement iamRoleUsageStatement = new Statement(Statement.Effect.Allow);
    iamRoleUsageStatement.withId(CERBERUS_CONSUMER_SID);
    iamRoleUsageStatement.withPrincipals(
            new Principal(AWS_PROVIDER, iamRoleArn, false));
    iamRoleUsageStatement.withActions(KMSActions.Decrypt);
    iamRoleUsageStatement.withResources(new Resource("*"));

    kmsPolicy.withStatements(rootUserStatement,
            keyAdministratorStatement,
            instanceUsageStatement,
            iamRoleUsageStatement);

    return kmsPolicy.toJson();
}
 
开发者ID:Nike-Inc,项目名称:cerberus-management-service,代码行数:32,代码来源:KmsPolicyService.java

示例9: getPublicReadPolicy

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
public static String getPublicReadPolicy(String bucket_name)
{
    Policy bucket_policy = new Policy().withStatements(
        new Statement(Statement.Effect.Allow)
            .withPrincipals(Principal.AllUsers)
            .withActions(S3Actions.GetObject)
            .withResources(new Resource(
                "arn:aws:s3:::" + bucket_name + "/*")));
    return bucket_policy.toJson();
}
 
开发者ID:awsdocs,项目名称:aws-doc-sdk-examples,代码行数:11,代码来源:SetBucketPolicy.java

示例10: provisionKmsCmkForBackupRegion

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
private String provisionKmsCmkForBackupRegion(String region) {
    Policy kmsPolicy = new Policy();
    final List<Statement> statements = new LinkedList<>();
    // allow the configured admin iam principals all permissions
    configStore.getBackupAdminIamPrincipals().forEach( principal -> {
        log.debug("Adding principal: {} to the CMK Policy for region {}", principal, region);
        statements.add(new Statement(Statement.Effect.Allow)
            .withId("Principal " + principal + " Has All Actions")
            .withPrincipals(new Principal(AWS_PROVIDER, principal, false))
            .withActions(KMSActions.AllKMSActions)
            .withResources(new Resource("*")));
    });

    kmsPolicy.setStatements(statements);

    String policyString = kmsPolicy.toJson();

    log.debug("Creating key for region {} with policy {}", region, policyString);

    AWSKMS kms = AWSKMSClient.builder().withCredentials(getAWSCredentialsProviderChain()).withRegion(region).build();
    CreateKeyResult createKeyResult = kms.createKey(
            new CreateKeyRequest()
                .withPolicy(policyString)
                .withBypassPolicyLockoutSafetyCheck(true)
                .withDescription(String.format("Cerberus Backup Encryption key for env: %S region: %s",
                        environmentMetadata.getName(), region))
                .withTags(
                        new Tag().withTagKey("env").withTagValue(environmentMetadata.getName()),
                        new Tag().withTagKey("region").withTagValue(region),
                        new Tag().withTagKey("cerberus-backup-key").withTagValue("true")

                )
    );

    String keyId = createKeyResult.getKeyMetadata().getKeyId();

    log.info("Created new backup KMS CMK with id: {} for region: {}", keyId, region);

    return keyId;
}
 
开发者ID:Nike-Inc,项目名称:cerberus-lifecycle-cli,代码行数:41,代码来源:CreateCerberusBackupOperation.java

示例11: statementEquals

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
private Boolean statementEquals(Statement statement1, Statement statement2) {
    List<Action> actions1 = statement1.getActions();
    List<Action> actions2 = statement2.getActions();
    boolean actionMatches = actions1.size() == actions2.size()
        && actions1.stream().allMatch(action1 -> actions2.stream().anyMatch(action2 -> action1.getActionName().equals(action2.getActionName())));
    if (!actionMatches) return false;

    boolean effectMatches = statement1.getEffect().equals(statement2.getEffect());
    if (!effectMatches) return false;

    List<Resource> resources1 = statement1.getResources();
    List<Resource> resources2 = statement2.getResources();
    boolean resourceMatches = resources1.size() == resources2.size()
        && resources1.stream().allMatch(resource1 -> resources2.stream().anyMatch(resource2 -> resource1.getId().equals(resource2.getId())));
    if (!resourceMatches) return false;

    List<Condition> conditions1 = statement1.getConditions();
    List<Condition> conditions2 = statement2.getConditions();
    boolean conditionMatches = conditions1.size() == conditions2.size()
        && conditions1.stream().allMatch(condition1 -> conditions2.stream().anyMatch(condition2 -> conditionEquals(condition1, condition2)));
    if (!conditionMatches) return false;

    List<Principal> principals1 = statement1.getPrincipals();
    List<Principal> principals2 = statement2.getPrincipals();
    boolean principleMatches = principals1.size() == principals2.size()
        && principals1.stream().allMatch(principle1 -> principals2.stream().anyMatch(principal2 -> principleEquals(principle1, principal2)));
    if (!principleMatches) return false;

    return true;
}
 
开发者ID:neowu,项目名称:cmn-project,代码行数:31,代码来源:InstanceProfileHelper.java

示例12: jsonStringOf

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
/**
 * Converts the given <code>Policy</code> into a JSON String.
 *
 * @param policy
 *            the policy to be converted.
 * @return a JSON String of the specified policy object.
 */
private String jsonStringOf(Policy policy) throws JsonGenerationException,
        IOException {
    generator.writeStartObject();

    writeJsonKeyValue(JsonDocumentFields.VERSION, policy.getVersion());

    if (isNotNull(policy.getId()))
        writeJsonKeyValue(JsonDocumentFields.POLICY_ID, policy.getId());

    writeJsonArrayStart(JsonDocumentFields.STATEMENT);

    for (Statement statement : policy.getStatements()) {
        generator.writeStartObject();

        if (isNotNull(statement.getId())) {
            writeJsonKeyValue(JsonDocumentFields.STATEMENT_ID, statement.getId());
        }
        writeJsonKeyValue(JsonDocumentFields.STATEMENT_EFFECT, statement
                .getEffect().toString());

        List<Principal> principals = statement.getPrincipals();
        if (isNotNull(principals) && !principals.isEmpty())
            writePrincipals(principals);

        List<Action> actions = statement.getActions();
        if (isNotNull(actions) && !actions.isEmpty())
            writeActions(actions);

        List<Resource> resources = statement.getResources();
        if (isNotNull(resources) && !resources.isEmpty())
            writeResources(resources);

        List<Condition> conditions = statement.getConditions();
        if (isNotNull(conditions) && !conditions.isEmpty())
            writeConditions(conditions);

        generator.writeEndObject();
    }

    writeJsonArrayEnd();

    generator.writeEndObject();

    generator.flush();

    return writer.toString();

}
 
开发者ID:IBM,项目名称:ibm-cos-sdk-java,代码行数:56,代码来源:JsonPolicyWriter.java

示例13: run

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
@Override
public void run(SetBackupAdminPrincipalsCommand command) {
    GetCallerIdentityResult identityResult = sts.getCallerIdentity(new GetCallerIdentityRequest());
    String accountId = identityResult.getAccount();
    String rootArn = String.format("arn:aws:iam::%s:root", accountId);
    String adminRoleArn = configStore.getAccountAdminArn().get();

    Set<String> principals = new HashSet<>();
    principals.add(rootArn);
    principals.add(adminRoleArn);
    principals.addAll(command.getAdditionalPrincipals());

    configStore.storeBackupAdminIamPrincipals(principals);

    if (! configStore.getRegionBackupBucketMap().isEmpty()) {
        configStore.getRegionBackupBucketMap().forEach((region, backupRegionInfo) -> {
            final List<Statement> statements = new LinkedList<>();
            principals.forEach( principal -> {
                log.debug("Adding principal: {} to the CMK Policy for region {}", principal, region);
                statements.add(new Statement(Statement.Effect.Allow)
                        .withId("Principal " + principal + " Has All Actions")
                        .withPrincipals(new Principal(AWS_PROVIDER, principal, false))
                        .withActions(KMSActions.AllKMSActions)
                        .withResources(new Resource("*")));
            });

            Policy kmsPolicy = new Policy();
            kmsPolicy.setStatements(statements);
            String policyString = kmsPolicy.toJson();

            log.debug("Updating key {} for region {} with policy {}", backupRegionInfo.getKmsCmkId(), region, policyString);

            AWSKMS kms = AWSKMSClient.builder().withCredentials(getAWSCredentialsProviderChain()).withRegion(region).build();
            PutKeyPolicyRequest request = new PutKeyPolicyRequest()
                    .withKeyId(backupRegionInfo.getKmsCmkId())
                    .withPolicyName("default")
                    .withBypassPolicyLockoutSafetyCheck(true)
                    .withPolicy(policyString);

            kms.putKeyPolicy(request);

            log.info("Successfully updated key {} in region {} to allow the following principals access {}",
                    backupRegionInfo.getKmsCmkId(), region, String.join(", ", principals));
        });
    }
}
 
开发者ID:Nike-Inc,项目名称:cerberus-lifecycle-cli,代码行数:47,代码来源:SetBackupAdminPrincipalsOperation.java

示例14: principleEquals

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
private boolean principleEquals(Principal principle1, Principal principal2) {
    return principle1.getId().equals(principal2.getId())
        && principle1.getProvider().equals(principal2.getProvider());
}
 
开发者ID:neowu,项目名称:cmn-project,代码行数:5,代码来源:InstanceProfileHelper.java

示例15: allowSQSQueueToReceiveMessagesFromSNSTopic

import com.amazonaws.auth.policy.Principal; //导入依赖的package包/类
private static void allowSQSQueueToReceiveMessagesFromSNSTopic(
    AmazonSQS amazonSQS,
    String queueURL,
    String queueARN,
    String topicARN
) {
    GetQueueAttributesResult queueAttributesResult =
        amazonSQS.getQueueAttributes(
            new GetQueueAttributesRequest().withQueueUrl(queueURL).withAttributeNames(
                QueueAttributeName.Policy
            )
        );

    String policyJson = queueAttributesResult.getAttributes().get(QueueAttributeName.Policy.name());

    final List<Statement> statements;
    if (policyJson != null) {
        statements = new ArrayList<>(Policy.fromJson(policyJson).getStatements());
    } else {
        // no policies yet exist
        statements = new ArrayList<>();
    }

    statements.add(
        new Statement(Statement.Effect.Allow)
            .withPrincipals(Principal.AllUsers)
            .withResources(new Resource(queueARN))
            .withActions(SQSActions.SendMessage)
            .withConditions(ConditionFactory.newSourceArnCondition(topicARN))
    );

    Policy policy = new Policy();
    policy.setStatements(statements);
    Map<String, String> queueAttributes = new HashMap<>();
    queueAttributes.put(QueueAttributeName.Policy.name(), policy.toJson());

    // Note that if the queue already has this policy, this will do nothing.
    amazonSQS.setQueueAttributes(
        new SetQueueAttributesRequest()
            .withQueueUrl(queueURL)
            .withAttributes(queueAttributes)
    );
}
 
开发者ID:iZettle,项目名称:izettle-toolbox,代码行数:44,代码来源:AmazonSNSSubscriptionSetup.java


注:本文中的com.amazonaws.auth.policy.Principal类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。