List of usage examples for com.amazonaws.auth.policy.actions SQSActions GetQueueUrl
SQSActions GetQueueUrl
To view the source code for com.amazonaws.auth.policy.actions SQSActions GetQueueUrl.
Click Source Link
From source file:com.netflix.spinnaker.clouddriver.aws.lifecycle.InstanceTerminationLifecycleWorker.java
License:Apache License
/** * This policy allows operators to choose whether or not to have lifecycle hooks to be sent via SNS for fanout, or * be sent directly to an SQS queue from the autoscaling group. *///from ww w. j a v a2s. c om private static Policy buildSQSPolicy(ARN queue, ARN topic, Set<String> terminatingRoleArns) { Statement snsStatement = new Statement(Effect.Allow).withActions(SQSActions.SendMessage); snsStatement.setPrincipals(Principal.All); snsStatement.setResources(Collections.singletonList(new Resource(queue.arn))); snsStatement.setConditions(Collections.singletonList( new Condition().withType("ArnEquals").withConditionKey("aws:SourceArn").withValues(topic.arn))); Statement sqsStatement = new Statement(Effect.Allow).withActions(SQSActions.SendMessage, SQSActions.GetQueueUrl); sqsStatement.setPrincipals(terminatingRoleArns.stream().map(Principal::new).collect(Collectors.toList())); sqsStatement.setResources(Collections.singletonList(new Resource(queue.arn))); return new Policy("allow-sns-or-sqs-send", Arrays.asList(snsStatement, sqsStatement)); }
From source file:com.netflix.spinnaker.echo.pubsub.amazon.SQSSubscriber.java
License:Apache License
/** * This policy allows operators to choose whether or not to have pubsub messages to be sent via SNS for fanout, or * be sent directly to an SQS queue from the autoscaling group. *//* w w w. j a v a 2 s .c om*/ private static Policy buildSQSPolicy(ARN queue, ARN topic) { Statement snsStatement = new Statement(Statement.Effect.Allow).withActions(SQSActions.SendMessage); snsStatement.setPrincipals(Principal.All); snsStatement.setResources(Collections.singletonList(new Resource(queue.getArn()))); snsStatement.setConditions(Collections.singletonList(new Condition().withType("ArnEquals") .withConditionKey("aws:SourceArn").withValues(topic.getArn()))); Statement sqsStatement = new Statement(Statement.Effect.Allow).withActions(SQSActions.SendMessage, SQSActions.GetQueueUrl); sqsStatement.setPrincipals(Principal.All); sqsStatement.setResources(Collections.singletonList(new Resource(queue.getArn()))); return new Policy("allow-sns-or-sqs-send", Arrays.asList(snsStatement, sqsStatement)); }