List of usage examples for com.amazonaws.auth.policy.conditions ConditionFactory newSourceArnCondition
public static Condition newSourceArnCondition(String arnPattern)
From source file:awslabs.lab31.SolutionCode.java
License:Open Source License
@Override public void grantNotificationPermission(AmazonSQSClient sqsClient, String queueArn, String queueUrl, String topicArn) {/*from ww w . j ava 2 s . co m*/ Statement statement = new Statement(Effect.Allow).withActions(SQSActions.SendMessage) .withPrincipals(new Principal("*")).withConditions(ConditionFactory.newSourceArnCondition(topicArn)) .withResources(new Resource(queueArn)); Policy policy = new Policy("SubscriptionPermission").withStatements(statement); HashMap<String, String> attributes = new HashMap<String, String>(); attributes.put("Policy", policy.toJson()); // Create the request to set the queue attributes for policy SetQueueAttributesRequest setQueueAttributesRequest = new SetQueueAttributesRequest().withQueueUrl(queueUrl) .withAttributes(attributes); // Set the queue policy sqsClient.setQueueAttributes(setQueueAttributesRequest); }
From source file:io.konig.maven.CreateAwsSqsQueueAction.java
License:Apache License
public AwsDeployment from(String path) throws Exception { String cfTemplatePresent = System.getProperty("cfTemplatePresent"); if (cfTemplatePresent == null || cfTemplatePresent.equals("N")) { try {//from w w w .j a v a2s .c o m File file = deployment.file(path); ObjectMapper mapper = new ObjectMapper(); S3Bucket bucket = mapper.readValue(file, S3Bucket.class); deployment.verifyAWSCredentials(); QueueConfiguration queueConfig = bucket.getNotificationConfiguration().getQueueConfiguration(); if (queueConfig != null && queueConfig.getQueue() != null) { String accountId = ""; if (System.getProperty("aws-account-id") != null) { accountId = System.getProperty("aws-account-id"); } Queue queue = queueConfig.getQueue(); Regions regions = Regions.fromName(queue.getRegion()); AmazonSQS sqs = AmazonSQSClientBuilder.standard().withCredentials(deployment.getCredential()) .withRegion(regions).build(); AmazonSNS sns = AmazonSNSClientBuilder.standard().withCredentials(deployment.getCredential()) .withRegion(regions).build(); CreateQueueResult result = sqs.createQueue(queue.getResourceName()); String topicArn = StringUtils.replaceOnce( bucket.getNotificationConfiguration().getTopicConfiguration().getTopicArn(), "${aws-account-id}", accountId); String queueArn = StringUtils.replaceOnce( bucket.getNotificationConfiguration().getQueueConfiguration().getQueueArn(), "${aws-account-id}", accountId); deployment.setResponse("Queue " + queueArn + " is created"); Policy policy = new Policy() .withStatements(new Statement(Effect.Allow).withPrincipals(Principal.AllUsers) .withActions(SQSActions.SendMessage).withResources(new Resource(queueArn)) .withConditions(ConditionFactory.newSourceArnCondition(topicArn))); Map<String, String> queueAttributes = new HashMap<String, String>(); queueAttributes.put(QueueAttributeName.Policy.toString(), policy.toJson()); deployment.setResponse("Queue Policy Configured : " + policy.toJson()); sqs.setQueueAttributes(new SetQueueAttributesRequest(result.getQueueUrl(), queueAttributes)); Topics.subscribeQueue(sns, sqs, topicArn, result.getQueueUrl()); deployment.setResponse( "Subscription is created : Topic [" + topicArn + "], Queue [" + queueArn + "]"); } else { deployment.setResponse("Queue Configuration Failed"); } } catch (Exception e) { throw e; } } else { deployment.setResponse("Queue will be created through cloud formation template"); } return deployment; }