本文整理汇总了Java中com.amazonaws.services.identitymanagement.model.AttachedPolicy类的典型用法代码示例。如果您正苦于以下问题:Java AttachedPolicy类的具体用法?Java AttachedPolicy怎么用?Java AttachedPolicy使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
AttachedPolicy类属于com.amazonaws.services.identitymanagement.model包,在下文中一共展示了AttachedPolicy类的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: testGetRolePolicies
import com.amazonaws.services.identitymanagement.model.AttachedPolicy; //导入依赖的package包/类
@Test
public void testGetRolePolicies() throws Exception {
when(clientMock.listAttachedRolePolicies(any()))
.thenReturn(new ListAttachedRolePoliciesResult().withAttachedPolicies(
new AttachedPolicy().withPolicyName("bar1"),
new AttachedPolicy().withPolicyName("bar2")));
when(clientMock.listRolePolicies(any()))
.thenReturn(new ListRolePoliciesResult().withPolicyNames("foo", "bar"));
when(clientMock.getRolePolicy(any()))
.thenReturn(new GetRolePolicyResult().withPolicyDocument("%7B%22hello%22%3A%22world%22%7D"));
final RolePolicies rolePolicies = policyProvider.getRolePolicies("foo", Region.getRegion(US_EAST_1), "123456789012");
assertThat(rolePolicies).isNotNull();
assertThat(rolePolicies.getAttachedPolicyNames()).containsOnly("bar1", "bar2");
assertThat(rolePolicies.getInlinePolicyNames()).containsOnly("foo", "bar");
assertThat(rolePolicies.getMainPolicy()).isEqualTo("{\"hello\":\"world\"}");
verify(clientMock).listAttachedRolePolicies(any());
verify(clientMock).listRolePolicies(any());
verify(clientMock).getRolePolicy(any());
}
示例2: fetchAttachedPolicyNames
import com.amazonaws.services.identitymanagement.model.AttachedPolicy; //导入依赖的package包/类
private Set<String> fetchAttachedPolicyNames(String roleName, AmazonIdentityManagementClient iamClient) {
return Optional.of(new ListAttachedRolePoliciesRequest().withRoleName(roleName))
.map(iamClient::listAttachedRolePolicies)
.map(ListAttachedRolePoliciesResult::getAttachedPolicies)
.map(attachedPolicies -> attachedPolicies.stream().map(AttachedPolicy::getPolicyName).collect(toSet()))
.orElseGet(Collections::emptySet);
}
示例3: checkIamOrS3Access
import com.amazonaws.services.identitymanagement.model.AttachedPolicy; //导入依赖的package包/类
private boolean checkIamOrS3Access(AmazonIdentityManagement client, AttachedPolicy attachedPolicy) {
GetPolicyRequest getRolePolicyRequest = new GetPolicyRequest();
getRolePolicyRequest.setPolicyArn(attachedPolicy.getPolicyArn());
GetPolicyResult policy = client.getPolicy(getRolePolicyRequest);
if (policy.getPolicy().getArn().toLowerCase().contains("iam")) {
LOGGER.info("Role has policy for iam resources: {}.", policy.getPolicy().getArn());
return true;
}
return false;
}
示例4: main
import com.amazonaws.services.identitymanagement.model.AttachedPolicy; //导入依赖的package包/类
public static void main(String[] args) {
final String USAGE =
"To run this example, supply a role name\n" +
"Ex: AttachRolePolicy <role-name>\n";
if (args.length != 1) {
System.out.println(USAGE);
System.exit(1);
}
String role_name = args[0];
final AmazonIdentityManagement iam =
AmazonIdentityManagementClientBuilder.defaultClient();
ListAttachedRolePoliciesRequest request =
new ListAttachedRolePoliciesRequest()
.withRoleName(role_name);
List<AttachedPolicy> matching_policies = new ArrayList<>();
boolean done = false;
while(!done) {
ListAttachedRolePoliciesResult response =
iam.listAttachedRolePolicies(request);
matching_policies.addAll(
response.getAttachedPolicies()
.stream()
.filter(p -> p.getPolicyName().equals(role_name))
.collect(Collectors.toList()));
if(!response.getIsTruncated()) {
done = true;
}
request.setMarker(response.getMarker());
}
if (matching_policies.size() > 0) {
System.out.println(role_name +
" policy is already attached to this role.");
return;
}
AttachRolePolicyRequest attach_request =
new AttachRolePolicyRequest()
.withRoleName(role_name)
.withPolicyArn(POLICY_ARN);
iam.attachRolePolicy(attach_request);
System.out.println("Successfully attached policy " + POLICY_ARN +
" to role " + role_name);
}
示例5: validateInstanceProfileCreation
import com.amazonaws.services.identitymanagement.model.AttachedPolicy; //导入依赖的package包/类
private void validateInstanceProfileCreation(AwsCredentialView awsCredentialView) {
GetRoleRequest roleRequest = new GetRoleRequest();
String roleName = awsCredentialView.getRoleArn().split("/")[1];
LOGGER.info("Start validate {} role for S3 access.", roleName);
roleRequest.withRoleName(roleName);
AmazonIdentityManagement client = awsClient.createAmazonIdentityManagement(awsCredentialView);
try {
ListRolePoliciesRequest listRolePoliciesRequest = new ListRolePoliciesRequest();
listRolePoliciesRequest.setRoleName(roleName);
ListRolePoliciesResult listRolePoliciesResult = client.listRolePolicies(listRolePoliciesRequest);
for (String s : listRolePoliciesResult.getPolicyNames()) {
if (checkIamOrS3Statement(roleName, client, s)) {
LOGGER.info("Validation successful for s3 or iam access.");
return;
}
}
ListAttachedRolePoliciesRequest listAttachedRolePoliciesRequest = new ListAttachedRolePoliciesRequest();
listAttachedRolePoliciesRequest.setRoleName(roleName);
ListAttachedRolePoliciesResult listAttachedRolePoliciesResult = client.listAttachedRolePolicies(listAttachedRolePoliciesRequest);
for (AttachedPolicy attachedPolicy : listAttachedRolePoliciesResult.getAttachedPolicies()) {
if (checkIamOrS3Access(client, attachedPolicy)) {
LOGGER.info("Validation successful for s3 or iam access.");
return;
}
}
} catch (AmazonServiceException ase) {
if (ase.getStatusCode() == UNAUTHORIZED) {
String policyMEssage = "Could not get policies on the role because the arn role do not have enough permission: %s";
LOGGER.info(String.format(policyMEssage, ase.getErrorMessage()));
throw new CloudConnectorException(String.format(policyMEssage, ase.getErrorMessage()));
} else {
LOGGER.info(ase.getMessage());
throw new CloudConnectorException(ase.getErrorMessage());
}
} catch (Exception e) {
LOGGER.info(e.getMessage());
throw new CloudConnectorException(e.getMessage());
}
LOGGER.info("Could not get policies on the role because the arn role do not have enough permission.");
throw new CloudConnectorException("Could not get policies on the role because the arn role do not have enough permission.");
}