List of usage examples for com.amazonaws.auth.policy Principal AllUsers
Principal AllUsers
To view the source code for com.amazonaws.auth.policy Principal AllUsers.
Click Source Link
From source file:aws.example.s3.SetBucketPolicy.java
License:Open Source License
public static String getPublicReadPolicy(String bucket_name) { Policy bucket_policy = new Policy().withStatements(new Statement(Statement.Effect.Allow) .withPrincipals(Principal.AllUsers).withActions(S3Actions.GetObject) .withResources(new Resource("arn:aws:s3:::" + bucket_name + "/*"))); return bucket_policy.toJson(); }
From source file:com.clicktravel.infrastructure.messaging.aws.sns.DefaultSnsTopicResourceFactory.java
License:Apache License
private Policy allowAllQueuesPolicy(final SnsTopicResource snsTopicResource) { final String topicArn = snsTopicResource.getTopicArn(); final String[] topicArnParts = topicArn.split(":"); final String sourceOwner = topicArnParts[topicArnParts.length - 2]; final Condition condition = new Condition().withType("StringEquals").withConditionKey("AWS:SourceOwner") .withValues(sourceOwner);/*from w w w . ja va2s . c om*/ final Action receiveAction = new Action() { @Override public String getActionName() { return "sns:Receive"; } }; final Statement recieveStatement = new Statement(Effect.Allow).withPrincipals(Principal.AllUsers) .withActions(receiveAction).withResources(new Resource(topicArn)).withConditions(condition); final Statement subscribeStatement = new Statement(Effect.Allow).withPrincipals(Principal.AllUsers) .withActions(SNSActions.Subscribe); return new Policy().withStatements(recieveStatement, subscribeStatement); }
From source file:com.clicktravel.infrastructure.messaging.aws.sqs.DefaultSqsQueueResourceFactory.java
License:Apache License
private Statement acceptMessagesFromTopicStatement(final SqsQueueResource sqsQueueResource, final SnsTopicResource snsTopicResource) { return new Statement(Effect.Allow).withPrincipals(Principal.AllUsers).withActions(SQSActions.SendMessage) .withResources(new Resource(sqsQueueResource.queueArn())) .withConditions(new ArnCondition(ArnComparisonType.ArnEquals, ConditionFactory.SOURCE_ARN_CONDITION_KEY, snsTopicResource.getTopicArn())); }
From source file:com.connexience.server.model.archive.glacier.SetupUtils.java
License:Open Source License
public static SQSInfo setupSQS(String accessKey, String secretKey, String domainName, String vaultName) { SQSInfo sqsInfo = null;/* ww w.j av a 2 s.c om*/ try { AWSCredentials awsCredentials = new BasicAWSCredentials(accessKey, secretKey); AmazonSQSClient amazonSQSClient = new AmazonSQSClient(awsCredentials); amazonSQSClient.setEndpoint("https://sqs." + domainName + ".amazonaws.com/"); String queueName = vaultName + "-inkspot_glacier-queue"; CreateQueueRequest createQueueRequest = new CreateQueueRequest(); createQueueRequest.withQueueName(queueName); CreateQueueResult createQueueResult = amazonSQSClient.createQueue(createQueueRequest); if (createQueueResult != null) { String queueURL = createQueueResult.getQueueUrl(); GetQueueAttributesRequest getQueueAttributesRequest = new GetQueueAttributesRequest(); getQueueAttributesRequest.withQueueUrl(queueURL); getQueueAttributesRequest.withAttributeNames("QueueArn"); GetQueueAttributesResult getQueueAttributesResult = amazonSQSClient .getQueueAttributes(getQueueAttributesRequest); if (getQueueAttributesResult != null) { String queueARN = getQueueAttributesResult.getAttributes().get("QueueArn"); Statement sqsStatement = new Statement(Effect.Allow); sqsStatement.withPrincipals(Principal.AllUsers); sqsStatement.withActions(SQSActions.SendMessage); sqsStatement.withResources(new Resource(queueARN)); Policy sqsPolicy = new Policy(); sqsPolicy.withStatements(sqsStatement); Map<String, String> sqsAttributes = new HashMap<>(); sqsAttributes.put("Policy", sqsPolicy.toJson()); SetQueueAttributesRequest setQueueAttributesRequest = new SetQueueAttributesRequest(); setQueueAttributesRequest.withQueueUrl(queueURL); setQueueAttributesRequest.withAttributes(sqsAttributes); amazonSQSClient.setQueueAttributes(setQueueAttributesRequest); sqsInfo = new SQSInfo(queueARN, queueURL); } else logger.warn("Unable to get queue attributes: \"" + queueName + "\""); } else logger.warn("Unable to create queue: \"" + queueName + "\""); amazonSQSClient.shutdown(); } catch (AmazonServiceException amazonServiceException) { logger.warn("AmazonServiceException: " + amazonServiceException); logger.debug(amazonServiceException); } catch (IllegalArgumentException illegalArgumentException) { logger.warn("IllegalArgumentException: " + illegalArgumentException); logger.debug(illegalArgumentException); } catch (AmazonClientException amazonClientException) { logger.warn("AmazonClientException: " + amazonClientException); logger.debug(amazonClientException); } catch (Throwable throwable) { logger.warn("Throwable: " + throwable); logger.debug(throwable); } return sqsInfo; }
From source file:com.leverno.ysbos.archive.example.AmazonGlacierDownloadInventoryWithSQSPolling.java
License:Open Source License
private static void setupSQS() { CreateQueueRequest request = new CreateQueueRequest().withQueueName(sqsQueueName); CreateQueueResult result = sqsClient.createQueue(request); sqsQueueURL = result.getQueueUrl();/*from w w w. jav a 2s . co m*/ GetQueueAttributesRequest qRequest = new GetQueueAttributesRequest().withQueueUrl(sqsQueueURL) .withAttributeNames("QueueArn"); GetQueueAttributesResult qResult = sqsClient.getQueueAttributes(qRequest); sqsQueueARN = qResult.getAttributes().get("QueueArn"); Policy sqsPolicy = new Policy() .withStatements(new Statement(Effect.Allow).withPrincipals(Principal.AllUsers) .withActions(SQSActions.SendMessage).withResources(new Resource(sqsQueueARN))); Map<String, String> queueAttributes = new HashMap<String, String>(); queueAttributes.put("Policy", sqsPolicy.toJson()); sqsClient.setQueueAttributes(new SetQueueAttributesRequest(sqsQueueURL, queueAttributes)); }
From source file:io.konig.maven.CreateAwsSnsTopicAction.java
License:Apache License
public AwsDeployment from(String path) throws Exception { String cfTemplatePresent = System.getProperty("cfTemplatePresent"); if (cfTemplatePresent == null || cfTemplatePresent.equals("N")) { try {//from w w w .j a v a 2s .co m File file = deployment.file(path); ObjectMapper mapper = new ObjectMapper(); S3Bucket bucket = mapper.readValue(file, S3Bucket.class); deployment.verifyAWSCredentials(); String envtName = ""; if (System.getProperty("environmentName") != null) { envtName = System.getProperty("environmentName"); } String bucketName = StringUtils.replaceOnce(bucket.getBucketName(), "${environmentName}", envtName); TopicConfiguration notificationConfig = bucket.getNotificationConfiguration() .getTopicConfiguration(); if (notificationConfig != null && notificationConfig.getTopic() != null) { Topic topic = notificationConfig.getTopic(); Regions regions = Regions.fromName(topic.getRegion()); AmazonSNS sns = AmazonSNSClientBuilder.standard().withCredentials(deployment.getCredential()) .withRegion(regions).build(); CreateTopicResult result = sns.createTopic(topic.getResourceName()); deployment.setResponse("Topic with ARN : " + result.getTopicArn() + " is created"); Policy policy = new Policy().withStatements(new Statement(Effect.Allow) .withPrincipals(Principal.AllUsers).withActions(SNSActions.Publish) .withResources(new Resource(result.getTopicArn())) .withConditions(new ArnCondition(ArnComparisonType.ArnEquals, ConditionFactory.SOURCE_ARN_CONDITION_KEY, "arn:aws:s3:*:*:" + bucketName))); sns.setTopicAttributes( new SetTopicAttributesRequest(result.getTopicArn(), "Policy", policy.toJson())); } else { deployment.setResponse("No topic is configured to the S3 Bucket"); } } catch (Exception e) { throw e; } } else { deployment.setResponse("Topic will be created through cloud formation template"); } return deployment; }
From source file:io.konig.maven.CreateAwsSqsQueueAction.java
License:Apache License
public AwsDeployment from(String path) throws Exception { String cfTemplatePresent = System.getProperty("cfTemplatePresent"); if (cfTemplatePresent == null || cfTemplatePresent.equals("N")) { try {/*from w w w. jav a 2 s .c o m*/ File file = deployment.file(path); ObjectMapper mapper = new ObjectMapper(); S3Bucket bucket = mapper.readValue(file, S3Bucket.class); deployment.verifyAWSCredentials(); QueueConfiguration queueConfig = bucket.getNotificationConfiguration().getQueueConfiguration(); if (queueConfig != null && queueConfig.getQueue() != null) { String accountId = ""; if (System.getProperty("aws-account-id") != null) { accountId = System.getProperty("aws-account-id"); } Queue queue = queueConfig.getQueue(); Regions regions = Regions.fromName(queue.getRegion()); AmazonSQS sqs = AmazonSQSClientBuilder.standard().withCredentials(deployment.getCredential()) .withRegion(regions).build(); AmazonSNS sns = AmazonSNSClientBuilder.standard().withCredentials(deployment.getCredential()) .withRegion(regions).build(); CreateQueueResult result = sqs.createQueue(queue.getResourceName()); String topicArn = StringUtils.replaceOnce( bucket.getNotificationConfiguration().getTopicConfiguration().getTopicArn(), "${aws-account-id}", accountId); String queueArn = StringUtils.replaceOnce( bucket.getNotificationConfiguration().getQueueConfiguration().getQueueArn(), "${aws-account-id}", accountId); deployment.setResponse("Queue " + queueArn + " is created"); Policy policy = new Policy() .withStatements(new Statement(Effect.Allow).withPrincipals(Principal.AllUsers) .withActions(SQSActions.SendMessage).withResources(new Resource(queueArn)) .withConditions(ConditionFactory.newSourceArnCondition(topicArn))); Map<String, String> queueAttributes = new HashMap<String, String>(); queueAttributes.put(QueueAttributeName.Policy.toString(), policy.toJson()); deployment.setResponse("Queue Policy Configured : " + policy.toJson()); sqs.setQueueAttributes(new SetQueueAttributesRequest(result.getQueueUrl(), queueAttributes)); Topics.subscribeQueue(sns, sqs, topicArn, result.getQueueUrl()); deployment.setResponse( "Subscription is created : Topic [" + topicArn + "], Queue [" + queueArn + "]"); } else { deployment.setResponse("Queue Configuration Failed"); } } catch (Exception e) { throw e; } } else { deployment.setResponse("Queue will be created through cloud formation template"); } return deployment; }
From source file:org.apache.usergrid.apm.service.AWSUtil.java
License:Apache License
public static String getSQSIPAddressWhiteListPolicy(String queueArn) { Policy policy = null;/*w w w .j av a2 s .c o m*/ IpAddressCondition[] ipAddressConditions = AWSUtil.getIPAddressRangeWhiteList(); if (ipAddressConditions != null && ipAddressConditions.length != 0) { policy = new Policy().withStatements(new Statement(Effect.Allow).withPrincipals(Principal.AllUsers) .withActions(SQSActions.SendMessage).withConditions(ipAddressConditions) .withResources(new Resource(queueArn))); } else { policy = new Policy().withStatements(new Statement(Effect.Allow).withPrincipals(Principal.AllUsers) .withActions(SQSActions.SendMessage).withResources(new Resource(queueArn))); } return policy.toJson(); }
From source file:org.apache.usergrid.apm.service.AWSUtil.java
License:Apache License
public static String getS3IPAddressWhiteListPolicy(String s3Bucket) { Policy policy = null;/*w ww . j av a 2 s . c o m*/ IpAddressCondition[] ipAddressConditions = AWSUtil.getIPAddressRangeWhiteList(); if (ipAddressConditions != null && ipAddressConditions.length != 0) { policy = new Policy().withStatements(new Statement(Effect.Allow).withPrincipals(Principal.AllUsers) .withActions(S3Actions.PutObject, S3Actions.GetObject).withConditions(ipAddressConditions) .withResources(new S3ObjectResource(s3Bucket, "*"))); } else { policy = new Policy().withStatements(new Statement(Effect.Allow).withPrincipals(Principal.AllUsers) .withActions(S3Actions.PutObject, S3Actions.GetObject) .withResources(new S3ObjectResource(s3Bucket, "*"))); } return policy.toJson(); }
From source file:org.transitime.maintenance.AwsGlacierInventoryRetriever.java
License:Open Source License
/** * For retrieving vault inventory. For initializing SQS for determining when * job completed. Does nothing if member snsTopicName is null. Sets members * sqsQueueURL, sqsQueueARN, and sqsClient. *//*ww w. j a v a 2s .co m*/ private void setupSQS() { // If no sqsQueueName setup then simply return if (sqsQueueName == null) return; CreateQueueRequest request = new CreateQueueRequest().withQueueName(sqsQueueName); CreateQueueResult result = sqsClient.createQueue(request); sqsQueueURL = result.getQueueUrl(); GetQueueAttributesRequest qRequest = new GetQueueAttributesRequest().withQueueUrl(sqsQueueURL) .withAttributeNames("QueueArn"); GetQueueAttributesResult qResult = sqsClient.getQueueAttributes(qRequest); sqsQueueARN = qResult.getAttributes().get("QueueArn"); Policy sqsPolicy = new Policy() .withStatements(new Statement(Effect.Allow).withPrincipals(Principal.AllUsers) .withActions(SQSActions.SendMessage).withResources(new Resource(sqsQueueARN))); Map<String, String> queueAttributes = new HashMap<String, String>(); queueAttributes.put("Policy", sqsPolicy.toJson()); sqsClient.setQueueAttributes(new SetQueueAttributesRequest(sqsQueueURL, queueAttributes)); }