Example usage for com.amazonaws.auth.policy Principal All

List of usage examples for com.amazonaws.auth.policy Principal All

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.auth.policy.*
  5. Principal
  6. All

Introduction

In this page you can find the example usage for com.amazonaws.auth.policy Principal All.

Prototype

Principal All

To view the source code for com.amazonaws.auth.policy Principal All.

Click Source Link

Document

Principal instance that includes all the AWS accounts, AWS web services and web identity providers.

Usage

From source file:com.netflix.spinnaker.clouddriver.aws.lifecycle.InstanceTerminationLifecycleAgent.java

License:Apache License

private static Policy buildSQSPolicy(ARN queue, ARN topic) {
    Statement statement = new Statement(Statement.Effect.Allow).withActions(SQSActions.SendMessage);
    statement.setPrincipals(Principal.All);
    statement.setResources(Collections.singletonList(new Resource(queue.arn)));
    statement.setConditions(Collections.singletonList(
            new Condition().withType("ArnEquals").withConditionKey("aws:SourceArn").withValues(topic.arn)));

    return new Policy("allow-sns-topic-send", Collections.singletonList(statement));
}

From source file:com.netflix.spinnaker.clouddriver.aws.lifecycle.InstanceTerminationLifecycleWorker.java

License:Apache License

/**
 * This policy allows operators to choose whether or not to have lifecycle hooks to be sent via SNS for fanout, or
 * be sent directly to an SQS queue from the autoscaling group.
 *//*from w w  w.  ja  v  a2s. c  o  m*/
private static Policy buildSQSPolicy(ARN queue, ARN topic, Set<String> terminatingRoleArns) {
    Statement snsStatement = new Statement(Effect.Allow).withActions(SQSActions.SendMessage);
    snsStatement.setPrincipals(Principal.All);
    snsStatement.setResources(Collections.singletonList(new Resource(queue.arn)));
    snsStatement.setConditions(Collections.singletonList(
            new Condition().withType("ArnEquals").withConditionKey("aws:SourceArn").withValues(topic.arn)));

    Statement sqsStatement = new Statement(Effect.Allow).withActions(SQSActions.SendMessage,
            SQSActions.GetQueueUrl);
    sqsStatement.setPrincipals(terminatingRoleArns.stream().map(Principal::new).collect(Collectors.toList()));
    sqsStatement.setResources(Collections.singletonList(new Resource(queue.arn)));

    return new Policy("allow-sns-or-sqs-send", Arrays.asList(snsStatement, sqsStatement));
}

From source file:com.netflix.spinnaker.echo.pubsub.amazon.SQSSubscriber.java

License:Apache License

/**
 * This policy allows operators to choose whether or not to have pubsub messages to be sent via SNS for fanout, or
 * be sent directly to an SQS queue from the autoscaling group.
 *//*from  w  w w  . j  a va2 s  . co  m*/
private static Policy buildSQSPolicy(ARN queue, ARN topic) {
    Statement snsStatement = new Statement(Statement.Effect.Allow).withActions(SQSActions.SendMessage);
    snsStatement.setPrincipals(Principal.All);
    snsStatement.setResources(Collections.singletonList(new Resource(queue.getArn())));
    snsStatement.setConditions(Collections.singletonList(new Condition().withType("ArnEquals")
            .withConditionKey("aws:SourceArn").withValues(topic.getArn())));

    Statement sqsStatement = new Statement(Statement.Effect.Allow).withActions(SQSActions.SendMessage,
            SQSActions.GetQueueUrl);
    sqsStatement.setPrincipals(Principal.All);
    sqsStatement.setResources(Collections.singletonList(new Resource(queue.getArn())));

    return new Policy("allow-sns-or-sqs-send", Arrays.asList(snsStatement, sqsStatement));
}

From source file:com.netflix.spinnaker.front50.model.TemporarySQSQueue.java

License:Apache License

private TemporaryQueue createQueue(String snsTopicArn, String sqsQueueArn, String sqsQueueName) {
    String sqsQueueUrl = amazonSQS.createQueue(new CreateQueueRequest().withQueueName(sqsQueueName)
            .withAttributes(Collections.singletonMap("MessageRetentionPeriod", "60")) // 60s message retention
    ).getQueueUrl();//from   ww  w  .  ja  v a  2 s .  co m
    log.info("Created Temporary S3 Notification Queue: {}", value("queue", sqsQueueUrl));

    String snsTopicSubscriptionArn = amazonSNS.subscribe(snsTopicArn, "sqs", sqsQueueArn).getSubscriptionArn();

    Statement snsStatement = new Statement(Statement.Effect.Allow).withActions(SQSActions.SendMessage);
    snsStatement.setPrincipals(Principal.All);
    snsStatement.setResources(Collections.singletonList(new Resource(sqsQueueArn)));
    snsStatement.setConditions(Collections.singletonList(
            new Condition().withType("ArnEquals").withConditionKey("aws:SourceArn").withValues(snsTopicArn)));

    Policy allowSnsPolicy = new Policy("allow-sns", Collections.singletonList(snsStatement));

    HashMap<String, String> attributes = new HashMap<>();
    attributes.put("Policy", allowSnsPolicy.toJson());
    amazonSQS.setQueueAttributes(sqsQueueUrl, attributes);

    return new TemporaryQueue(snsTopicArn, sqsQueueArn, sqsQueueUrl, snsTopicSubscriptionArn);
}

From source file:com.netflix.spinnaker.kork.aws.pubsub.PubSubUtils.java

License:Apache License

/**
 * This policy allows messages to be sent from an SNS topic.
 *//* w w  w . ja  v a  2s.c o m*/
public static Policy buildSQSPolicy(ARN queue, ARN topic) {
    Statement snsStatement = new Statement(Statement.Effect.Allow).withActions(SQSActions.SendMessage);
    snsStatement.setPrincipals(Principal.All);
    snsStatement.setResources(Collections.singletonList(new Resource(queue.getArn())));
    snsStatement.setConditions(Collections.singletonList(new Condition().withType("ArnEquals")
            .withConditionKey("aws:SourceArn").withValues(topic.getArn())));

    return new Policy("allow-sns-send", Collections.singletonList(snsStatement));
}