List of usage examples for com.amazonaws.services.identitymanagement AmazonIdentityManagement createRole
CreateRoleResult createRole(CreateRoleRequest createRoleRequest);
Creates a new role for your AWS account.
From source file:example.swf.hellolambda.HelloTypes.java
License:Apache License
/** * Creeate an IAM role that gives SWF permissions for Lambda, and return its ARN. */// ww w.j a v a2 s. c om public static String createLambdaRole() { final String ROLE_NAME = "hello-swf-lambda-role"; System.out.println("** Attempting to create Lambda role: " + ROLE_NAME); final String ROLE_POLICY = "{" + " \"Version\": \"2012-10-17\"," + " \"Statement\": [{" + " \"Effect\": \"Allow\"," + " \"Action\": [" + " \"lambda:InvokeFunction\"" + " ]," + " \"Resource\": [\"*\"]" + " }]" + "}"; final String SWF_LAMBDA_TRUST = "{" + " \"Version\": \"2012-10-17\"," + " \"Statement\": [" + " {" + " \"Sid\": \"\"," + " \"Effect\": \"Allow\"," + " \"Principal\": {" + " \"Service\": [" + " \"lambda.amazonaws.com\"," + " \"swf.amazonaws.com\"" + " ]" + " }," + " \"Action\": \"sts:AssumeRole\"" + " }" + " ]" + "}"; AmazonIdentityManagement iam = AmazonIdentityManagementClientBuilder.defaultClient(); CreateRoleRequest request = new CreateRoleRequest().withRoleName(ROLE_NAME) .withAssumeRolePolicyDocument(SWF_LAMBDA_TRUST); CreateRoleResult result = null; String role_arn = null; try { result = iam.createRole(request); role_arn = result.getRole().getArn(); } catch (EntityAlreadyExistsException e) { System.out.println("** IAM Role already exists!"); role_arn = iam.getRole(new GetRoleRequest().withRoleName(ROLE_NAME)).getRole().getArn(); } return role_arn; }
From source file:jp.classmethod.aws.gradle.identitymanagement.AmazonIdentityManagementCreateRoleTask.java
License:Apache License
@TaskAction public void createRole() { // to enable conventionMappings feature String roleName = getRoleName(); String assumeRolePolicyDocument = getAssumeRolePolicyDocument(); if (roleName == null) { throw new GradleException("roleName is required"); }/* w w w . j a va 2 s . c om*/ if (assumeRolePolicyDocument == null) { throw new GradleException("assumeRolePolicyDocument is required"); } AmazonIdentityManagementPluginExtension ext = getProject().getExtensions() .getByType(AmazonIdentityManagementPluginExtension.class); AmazonIdentityManagement iam = ext.getClient(); CreateRoleRequest request = new CreateRoleRequest().withRoleName(roleName).withPath(getPath()) .withAssumeRolePolicyDocument(assumeRolePolicyDocument); createRole = iam.createRole(request); getLogger().info("Create Role requested: {}", createRole.getRole().getArn()); policyArns.stream().forEach(policyArn -> { iam.attachRolePolicy(new AttachRolePolicyRequest().withRoleName(roleName).withPolicyArn(policyArn)); getLogger().info("Attach Managed policy {} to Role {} requested", policyArn, roleName); }); }
From source file:org.xmlsh.aws.gradle.identitymanagement.AmazonIdentityManagementCreateRoleTask.java
License:BSD License
@TaskAction public void createRole() { // to enable conventionMappings feature String roleName = getRoleName(); String assumeRolePolicyDocument = getAssumeRolePolicyDocument(); if (roleName == null) throw new GradleException("roleName is required"); if (assumeRolePolicyDocument == null) throw new GradleException("assumeRolePolicyDocument is required"); AmazonIdentityManagementPluginExtension ext = getProject().getExtensions() .getByType(AmazonIdentityManagementPluginExtension.class); AmazonIdentityManagement iam = ext.getClient(); CreateRoleRequest request = new CreateRoleRequest().withRoleName(roleName).withPath(getPath()) .withAssumeRolePolicyDocument(assumeRolePolicyDocument); createRole = iam.createRole(request); getLogger().info("Create Role requested: {}", createRole.getRole().getArn()); policyArns.stream().forEach(policyArn -> { iam.attachRolePolicy(new AttachRolePolicyRequest().withRoleName(roleName).withPolicyArn(policyArn)); getLogger().info("Attach Managed policy {} to Role {} requested", policyArn, roleName); });/*from www .ja v a 2 s .co m*/ }