Example usage for com.amazonaws.services.identitymanagement AmazonIdentityManagementClient getRole

Introduction

In this page you can find the example usage for com.amazonaws.services.identitymanagement AmazonIdentityManagementClient getRole.

Prototype

@Override
public GetRoleResult getRole(GetRoleRequest request) 

Source Link

Document

Retrieves information about the specified role, including the role's path, GUID, ARN, and the role's trust policy that grants permission to assume the role.

Usage

From source file:awslabs.lab41.SolutionCode.java

License:Open Source License

@Override
public void prepMode_RemoveRoles(AmazonIdentityManagementClient iamClient, String... roles) {
    for (String roleName : roles) {
        try {/*from  w w  w . ja  va  2  s.  c  o m*/
            iamClient.getRole(new GetRoleRequest().withRoleName(roleName));
            System.out.println("Removing old role " + roleName);
            // Remove existing policies
            ListRolePoliciesResult listRolePoliciesResult = iamClient
                    .listRolePolicies(new ListRolePoliciesRequest().withRoleName(roleName));
            for (String policyName : listRolePoliciesResult.getPolicyNames()) {
                DeleteRolePolicyRequest deleteRolePolicyRequest = new DeleteRolePolicyRequest()
                        .withPolicyName(policyName).withRoleName(roleName);
                iamClient.deleteRolePolicy(deleteRolePolicyRequest);
            }
            iamClient.deleteRole(new DeleteRoleRequest().withRoleName(roleName));
        } catch (NoSuchEntityException nse) {
            // Role doesn't exist, so don't do anything.
            // Gobble the exception and loop.
            break;
        }
    }

}

---

From source file:com.okta.tools.awscli.java

License:Open Source License

private static void GetRoleToAssume(String roleName) {

    if (roleName != null && !roleName.equals("") && awsIamKey != null && awsIamSecret != null
            && !awsIamKey.equals("") && !awsIamSecret.equals("")) {

        logger.debug("Creating the AWS Identity Management client");
        AmazonIdentityManagementClient identityManagementClient = new AmazonIdentityManagementClient(
                new BasicAWSCredentials(awsIamKey, awsIamSecret));

        logger.debug("Getting role: " + roleName);
        GetRoleResult roleresult = identityManagementClient
                .getRole(new GetRoleRequest().withRoleName(roleName));
        logger.debug("GetRoleResult: " + roleresult.toString());
        Role role = roleresult.getRole();
        logger.debug("getRole: " + role.toString());
        ListAttachedRolePoliciesResult arpr = identityManagementClient
                .listAttachedRolePolicies(new ListAttachedRolePoliciesRequest().withRoleName(roleName));
        logger.debug("ListAttachedRolePoliciesResult: " + arpr.toString());
        ListRolePoliciesResult lrpr = identityManagementClient
                .listRolePolicies(new ListRolePoliciesRequest().withRoleName(roleName));
        logger.debug("ListRolePoliciesResult: " + lrpr.toString());
        List<String> inlinePolicies = lrpr.getPolicyNames();
        if (inlinePolicies.size() == 0) {
            logger.debug("There are no inlines policies");
        }/*ww  w. j a v a2s  .  co m*/
        List<AttachedPolicy> managedPolicies = arpr.getAttachedPolicies();
        if (managedPolicies.size() == 0) {
            logger.debug("There are no managed policies");
        }
        if (managedPolicies.size() >= 1) //we prioritize managed policies over inline policies
        {
            List<String> lstManagedPolicies = new ArrayList<String>();

            for (AttachedPolicy managedPolicy : managedPolicies) {
                lstManagedPolicies.add(managedPolicy.getPolicyName());
            }

            logger.debug("Managed Policies: " + managedPolicies.toString());
            //TODO: handle more than 1 policy (ask the user to choose it?)
            AttachedPolicy attachedPolicy = managedPolicies.get(0);
            logger.debug("First Attached Policy " + attachedPolicy.toString());
            GetPolicyRequest gpr = new GetPolicyRequest().withPolicyArn(attachedPolicy.getPolicyArn());

            GetPolicyResult rpr = identityManagementClient.getPolicy(gpr);
            logger.debug("GetPolicyResult: " + attachedPolicy.toString());
            Policy policy = rpr.getPolicy();

            GetPolicyVersionResult pvr = identityManagementClient.getPolicyVersion(new GetPolicyVersionRequest()
                    .withPolicyArn(policy.getArn()).withVersionId(policy.getDefaultVersionId()));
            logger.debug("GetPolicyVersionResult: " + pvr.toString());

            String policyDoc = pvr.getPolicyVersion().getDocument();

            roleToAssume = ProcessPolicyDocument(policyDoc);
        } else if (inlinePolicies.size() >= 1) //if we only have one policy, then use it by default
        {
            logger.debug("Inline Policies " + inlinePolicies.toString());

            if (inlinePolicies.size() > 1) { //there are more than one policy
            }

            //Have to set the role name and the policy name (both are mandatory fields
            //TODO: handle more than 1 policy (ask the user to choose it?)
            GetRolePolicyRequest grpr = new GetRolePolicyRequest().withRoleName(roleName)
                    .withPolicyName(inlinePolicies.get(0));
            GetRolePolicyResult rpr = identityManagementClient.getRolePolicy(grpr);
            String policyDoc = rpr.getPolicyDocument();

            roleToAssume = ProcessPolicyDocument(policyDoc);
        }
    }
}

---