List of usage examples for com.amazonaws.auth.policy Principal Principal
public Principal(WebIdentityProviders webIdentityProvider)
From source file:awslabs.lab31.SolutionCode.java
License:Open Source License
@Override public void grantNotificationPermission(AmazonSQSClient sqsClient, String queueArn, String queueUrl, String topicArn) {//from w w w . j av a 2 s. c o m Statement statement = new Statement(Effect.Allow).withActions(SQSActions.SendMessage) .withPrincipals(new Principal("*")).withConditions(ConditionFactory.newSourceArnCondition(topicArn)) .withResources(new Resource(queueArn)); Policy policy = new Policy("SubscriptionPermission").withStatements(statement); HashMap<String, String> attributes = new HashMap<String, String>(); attributes.put("Policy", policy.toJson()); // Create the request to set the queue attributes for policy SetQueueAttributesRequest setQueueAttributesRequest = new SetQueueAttributesRequest().withQueueUrl(queueUrl) .withAttributes(attributes); // Set the queue policy sqsClient.setQueueAttributes(setQueueAttributesRequest); }
From source file:com.netflix.conductor.contribs.queue.sqs.SQSObservableQueue.java
License:Apache License
private String getPolicy(List<String> accountIds) { Policy policy = new Policy("ReloadedWorkerAccessPolicy"); Statement stmt = new Statement(Effect.Allow); Action action = SQSActions.SendMessage; stmt.getActions().add(action);//from w w w . ja va 2 s . co m stmt.setResources(new LinkedList<>()); for (String accountId : accountIds) { Principal principal = new Principal(accountId); stmt.getPrincipals().add(principal); } stmt.getResources().add(new Resource(getQueueARN())); policy.getStatements().add(stmt); return policy.toJson(); }
From source file:n3phele.storage.s3.CloudStorageImpl.java
License:Open Source License
public boolean setPermissions(Repository repo, String filename, boolean isPublic) { String bucket = repo.getRoot(); Credential credential = repo.getCredential().decrypt(); AmazonS3Client s3 = new AmazonS3Client( new BasicAWSCredentials(credential.getAccount(), credential.getSecret())); String key = new S3ObjectResource(bucket, filename).getId(); boolean inserted = false; s3.setEndpoint(repo.getTarget().toString()); try {/*from w w w .j a v a 2 s .c o m*/ List<Statement> statements = new ArrayList<Statement>(); Policy policy = null; BucketPolicy bp = s3.getBucketPolicy(repo.getRoot()); if (bp != null && bp.getPolicyText() != null) { log.info("Policy text " + bp.getPolicyText()); policy = PolicyHelper.parse(bp.getPolicyText()); log.info("Policy object is " + (policy == null ? null : policy.toJson())); if (policy != null) { if (policy.getStatements() != null) { for (Statement statement : policy.getStatements()) { if (statement.getId().equals("n3phele")) { List<com.amazonaws.auth.policy.Resource> resources = statement.getResources(); List<com.amazonaws.auth.policy.Resource> update = new ArrayList<com.amazonaws.auth.policy.Resource>(); if (resources != null) { for (com.amazonaws.auth.policy.Resource resource : resources) { String resourceName = resource.getId(); if (resourceName.endsWith("*")) { resourceName = resourceName.substring(0, resourceName.length() - 1); } if (!(resourceName + "/").startsWith(key + "/")) { update.add(resource); } else { log.info("Removing " + resource.getId()); } } } if (isPublic && !inserted) update.add(new S3ObjectResource(repo.getRoot(), filename + "*")); if (update.size() > 0) { statement.setResources(update); statements.add(statement); } inserted = true; } else { statements.add(statement); } } } if (!inserted && isPublic) { Statement statement = new Statement(Effect.Allow); statement.setId("n3phele"); statement.setPrincipals(Arrays.asList(new Principal("*"))); statement.setActions(Arrays.asList((Action) S3Actions.GetObject)); statement.setResources(Arrays .asList((com.amazonaws.auth.policy.Resource) new S3ObjectResource(repo.getRoot(), filename + "*"))); statements.add(statement); } } } if (policy == null && isPublic) { policy = new Policy("n3phele-" + repo.getRoot()); Statement statement = new Statement(Effect.Allow); statement.setId("n3phele"); statement.setPrincipals(Arrays.asList(new Principal("*"))); statement.setActions(Arrays.asList((Action) S3Actions.GetObject)); statement.setResources(Arrays.asList( (com.amazonaws.auth.policy.Resource) new S3ObjectResource(repo.getRoot(), filename + "*"))); statements.add(statement); } if (policy != null) { if (statements.size() != 0) { policy.setStatements(statements); s3.setBucketPolicy(repo.getRoot(), policy.toJson()); log.info("Set policy " + policy.toJson()); } else { s3.deleteBucketPolicy(repo.getRoot()); } } return true; } catch (AmazonServiceException e) { log.log(Level.WARNING, "Service Error processing " + repo, e); } catch (AmazonClientException e) { log.log(Level.SEVERE, "Client Error processing " + repo, e); } catch (IllegalArgumentException e) { log.log(Level.SEVERE, "parse error ", e); log.log(Level.SEVERE, "cause", e.getCause()); } return false; }
From source file:n3phele.storage.s3.PolicyHelper.java
License:Open Source License
private static List<Principal> parsePrincipal(Object o) { List<Principal> result = new ArrayList<Principal>(); if (o instanceof JSONArray) { JSONArray jsonArray = (JSONArray) o; for (int i = 0; i < jsonArray.length(); i++) { try { JSONObject jo = jsonArray.getJSONObject(i); Principal principal = new Principal(jo.getString("AWS")); result.add(principal);/*from w ww. j a va 2 s.co m*/ } catch (JSONException e) { } } } else if (o instanceof JSONObject) { try { JSONObject jo = (JSONObject) o; Principal principal; principal = new Principal(jo.getString("AWS")); result.add(principal); } catch (JSONException e) { ; } } return result; }