List of usage examples for com.amazonaws.auth.policy.conditions ArnCondition ArnCondition
public ArnCondition(ArnComparisonType type, String key, String value)
From source file:com.clicktravel.infrastructure.messaging.aws.sqs.DefaultSqsQueueResourceFactory.java
License:Apache License
private Statement acceptMessagesFromTopicStatement(final SqsQueueResource sqsQueueResource, final SnsTopicResource snsTopicResource) { return new Statement(Effect.Allow).withPrincipals(Principal.AllUsers).withActions(SQSActions.SendMessage) .withResources(new Resource(sqsQueueResource.queueArn())) .withConditions(new ArnCondition(ArnComparisonType.ArnEquals, ConditionFactory.SOURCE_ARN_CONDITION_KEY, snsTopicResource.getTopicArn())); }
From source file:io.konig.maven.CreateAwsSnsTopicAction.java
License:Apache License
public AwsDeployment from(String path) throws Exception { String cfTemplatePresent = System.getProperty("cfTemplatePresent"); if (cfTemplatePresent == null || cfTemplatePresent.equals("N")) { try {// w ww .j a v a 2 s . c om File file = deployment.file(path); ObjectMapper mapper = new ObjectMapper(); S3Bucket bucket = mapper.readValue(file, S3Bucket.class); deployment.verifyAWSCredentials(); String envtName = ""; if (System.getProperty("environmentName") != null) { envtName = System.getProperty("environmentName"); } String bucketName = StringUtils.replaceOnce(bucket.getBucketName(), "${environmentName}", envtName); TopicConfiguration notificationConfig = bucket.getNotificationConfiguration() .getTopicConfiguration(); if (notificationConfig != null && notificationConfig.getTopic() != null) { Topic topic = notificationConfig.getTopic(); Regions regions = Regions.fromName(topic.getRegion()); AmazonSNS sns = AmazonSNSClientBuilder.standard().withCredentials(deployment.getCredential()) .withRegion(regions).build(); CreateTopicResult result = sns.createTopic(topic.getResourceName()); deployment.setResponse("Topic with ARN : " + result.getTopicArn() + " is created"); Policy policy = new Policy().withStatements(new Statement(Effect.Allow) .withPrincipals(Principal.AllUsers).withActions(SNSActions.Publish) .withResources(new Resource(result.getTopicArn())) .withConditions(new ArnCondition(ArnComparisonType.ArnEquals, ConditionFactory.SOURCE_ARN_CONDITION_KEY, "arn:aws:s3:*:*:" + bucketName))); sns.setTopicAttributes( new SetTopicAttributesRequest(result.getTopicArn(), "Policy", policy.toJson())); } else { deployment.setResponse("No topic is configured to the S3 Bucket"); } } catch (Exception e) { throw e; } } else { deployment.setResponse("Topic will be created through cloud formation template"); } return deployment; }