List of usage examples for com.amazonaws.services.cognitoidentity AmazonCognitoIdentity setIdentityPoolRoles
SetIdentityPoolRolesResult setIdentityPoolRoles(SetIdentityPoolRolesRequest setIdentityPoolRolesRequest);
Sets the roles for an identity pool.
From source file:squash.deployment.lambdas.CognitoCustomResourceLambda.java
License:Apache License
void addRolesToIdentityPool(String unauthenticatedRoleName, String unauthenticatedRole, String authenticatedRoleName, String authenticatedRole, String identityPoolId, AmazonCognitoIdentity client, LambdaLogger logger) { // First update the roles to use the actual pool id in their conditions logger.log("Updating authenticated and unauthenticated roles to use the actual identity pool id: " + identityPoolId);/*from ww w. jav a2s. c o m*/ AmazonIdentityManagement iamClient = AmazonIdentityManagementClientBuilder.standard().build(); UpdateAssumeRolePolicyRequest updateAssumeRolePolicyRequest = new UpdateAssumeRolePolicyRequest(); updateAssumeRolePolicyRequest.setRoleName(unauthenticatedRoleName); updateAssumeRolePolicyRequest.setPolicyDocument(getAssumeRolePolicyDocument(false, identityPoolId, logger)); iamClient.updateAssumeRolePolicy(updateAssumeRolePolicyRequest); updateAssumeRolePolicyRequest.setRoleName(authenticatedRoleName); updateAssumeRolePolicyRequest.setPolicyDocument(getAssumeRolePolicyDocument(true, identityPoolId, logger)); iamClient.updateAssumeRolePolicy(updateAssumeRolePolicyRequest); // And add the updated roles to the pool logger.log("Adding updated authenticated and unauthenticated roles to the identity pool"); SetIdentityPoolRolesRequest setIdentityPoolRolesRequest = new SetIdentityPoolRolesRequest(); setIdentityPoolRolesRequest.addRolesEntry("authenticated", authenticatedRole); setIdentityPoolRolesRequest.addRolesEntry("unauthenticated", unauthenticatedRole); setIdentityPoolRolesRequest.setIdentityPoolId(identityPoolId); client.setIdentityPoolRoles(setIdentityPoolRolesRequest); }