List of usage examples for com.amazonaws.services.identitymanagement.model AttachRolePolicyRequest AttachRolePolicyRequest
AttachRolePolicyRequest
From source file:aws.example.iam.AttachRolePolicy.java
License:Open Source License
public static void main(String[] args) { final String USAGE = "To run this example, supply a role name\n" + "Ex: AttachRolePolicy <role-name>\n"; if (args.length != 1) { System.out.println(USAGE); System.exit(1);//from www .j av a 2 s .c om } String role_name = args[0]; final AmazonIdentityManagement iam = AmazonIdentityManagementClientBuilder.defaultClient(); ListAttachedRolePoliciesRequest request = new ListAttachedRolePoliciesRequest().withRoleName(role_name); List<AttachedPolicy> matching_policies = new ArrayList<>(); boolean done = false; while (!done) { ListAttachedRolePoliciesResult response = iam.listAttachedRolePolicies(request); matching_policies.addAll(response.getAttachedPolicies().stream() .filter(p -> p.getPolicyName().equals(role_name)).collect(Collectors.toList())); if (!response.getIsTruncated()) { done = true; } request.setMarker(response.getMarker()); } if (matching_policies.size() > 0) { System.out.println(role_name + " policy is already attached to this role."); return; } AttachRolePolicyRequest attach_request = new AttachRolePolicyRequest().withRoleName(role_name) .withPolicyArn(POLICY_ARN); iam.attachRolePolicy(attach_request); System.out.println("Successfully attached policy " + POLICY_ARN + " to role " + role_name); }
From source file:com.nike.cerberus.operation.core.EnableConfigReplicationOperation.java
License:Apache License
private String createIamRoleForReplication(final String replicationBucketName) { final Mustache s3AssumeRoleTemplateCompiler = mustacheFactory.compile(s3AssumeRoleTemplate); final Mustache s3ReplicationPolicyTemplateCompiler = mustacheFactory.compile(s3ReplicationPolicyTemplate); final StringWriter s3AssumeRoleWriter = new StringWriter(); final StringWriter s3ReplicationPolicyWriter = new StringWriter(); final S3ReplicationPolicyInput s3ReplicationPolicyInput = new S3ReplicationPolicyInput(); s3ReplicationPolicyInput.setSourceBucket(environmentMetadata.getBucketName()); s3ReplicationPolicyInput.setReplicationBucket(replicationBucketName); try {/*from www . java2s.c o m*/ s3AssumeRoleTemplateCompiler.execute(s3AssumeRoleWriter, new S3AssumeRoleInput()).flush(); s3ReplicationPolicyTemplateCompiler.execute(s3ReplicationPolicyWriter, s3ReplicationPolicyInput) .flush(); } catch (IOException e) { throw new ConfigGenerationException("Failed to generate the policy documents for the replication role!", e); } // 1. Create the IAM role. final CreateRoleRequest createRoleRequest = new CreateRoleRequest(); createRoleRequest.setRoleName(String.format(replicationRoleNameTemplate, environmentMetadata.getName())); createRoleRequest.setAssumeRolePolicyDocument(s3AssumeRoleWriter.toString()); createRoleRequest.setPath("/"); logger.info("Creating the IAM role for replication."); final CreateRoleResult createRoleResult = iamClient.createRole(createRoleRequest); // 2. Create the IAM policy. final CreatePolicyRequest createPolicyRequest = new CreatePolicyRequest(); createPolicyRequest .setPolicyName(String.format(replicationPolicyNameTemplate, environmentMetadata.getName())); createPolicyRequest.setPath("/"); createPolicyRequest.setDescription("S3 bucket replication policy for Cerberus."); createPolicyRequest.setPolicyDocument(s3ReplicationPolicyWriter.toString()); logger.info("Creating the IAM policy for replication."); final CreatePolicyResult createPolicyResult = iamClient.createPolicy(createPolicyRequest); // 3. Attach the policy to the role. final AttachRolePolicyRequest attachRolePolicyRequest = new AttachRolePolicyRequest(); attachRolePolicyRequest.setRoleName(createRoleResult.getRole().getRoleName()); attachRolePolicyRequest.setPolicyArn(createPolicyResult.getPolicy().getArn()); logger.info("Attaching the policy to the IAM role."); iamClient.attachRolePolicy(attachRolePolicyRequest); return createRoleResult.getRole().getArn(); }
From source file:jp.classmethod.aws.gradle.identitymanagement.AmazonIdentityManagementAttachRolePolicyTask.java
License:Apache License
@TaskAction public void attachRolePolicy() { // to enable conventionMappings feature String roleName = getRoleName(); if (roleName == null) { throw new GradleException("roleName is required"); }// www . java 2 s .c o m AmazonIdentityManagementPluginExtension ext = getProject().getExtensions() .getByType(AmazonIdentityManagementPluginExtension.class); AmazonIdentityManagement iam = ext.getClient(); policyArns.stream().forEach(policyArn -> { iam.attachRolePolicy(new AttachRolePolicyRequest().withRoleName(roleName).withPolicyArn(policyArn)); getLogger().info("Attach Managed policy {} to Role {} requested", policyArn, roleName); }); }
From source file:jp.classmethod.aws.gradle.identitymanagement.AmazonIdentityManagementCreateRoleTask.java
License:Apache License
@TaskAction public void createRole() { // to enable conventionMappings feature String roleName = getRoleName(); String assumeRolePolicyDocument = getAssumeRolePolicyDocument(); if (roleName == null) { throw new GradleException("roleName is required"); }// ww w.j av a 2 s . co m if (assumeRolePolicyDocument == null) { throw new GradleException("assumeRolePolicyDocument is required"); } AmazonIdentityManagementPluginExtension ext = getProject().getExtensions() .getByType(AmazonIdentityManagementPluginExtension.class); AmazonIdentityManagement iam = ext.getClient(); CreateRoleRequest request = new CreateRoleRequest().withRoleName(roleName).withPath(getPath()) .withAssumeRolePolicyDocument(assumeRolePolicyDocument); createRole = iam.createRole(request); getLogger().info("Create Role requested: {}", createRole.getRole().getArn()); policyArns.stream().forEach(policyArn -> { iam.attachRolePolicy(new AttachRolePolicyRequest().withRoleName(roleName).withPolicyArn(policyArn)); getLogger().info("Attach Managed policy {} to Role {} requested", policyArn, roleName); }); }
From source file:org.xmlsh.aws.gradle.identitymanagement.AmazonIdentityManagementAttachRolePolicyTask.java
License:BSD License
@TaskAction public void attachRolePolicy() { // to enable conventionMappings feature String roleName = getRoleName(); if (roleName == null) throw new GradleException("roleName is required"); AmazonIdentityManagementPluginExtension ext = getProject().getExtensions() .getByType(AmazonIdentityManagementPluginExtension.class); AmazonIdentityManagement iam = ext.getClient(); policyArns.stream().forEach(policyArn -> { iam.attachRolePolicy(new AttachRolePolicyRequest().withRoleName(roleName).withPolicyArn(policyArn)); getLogger().info("Attach Managed policy {} to Role {} requested", policyArn, roleName); });// w w w.j av a 2 s. co m }
From source file:org.xmlsh.aws.gradle.identitymanagement.AmazonIdentityManagementCreateRoleTask.java
License:BSD License
@TaskAction public void createRole() { // to enable conventionMappings feature String roleName = getRoleName(); String assumeRolePolicyDocument = getAssumeRolePolicyDocument(); if (roleName == null) throw new GradleException("roleName is required"); if (assumeRolePolicyDocument == null) throw new GradleException("assumeRolePolicyDocument is required"); AmazonIdentityManagementPluginExtension ext = getProject().getExtensions() .getByType(AmazonIdentityManagementPluginExtension.class); AmazonIdentityManagement iam = ext.getClient(); CreateRoleRequest request = new CreateRoleRequest().withRoleName(roleName).withPath(getPath()) .withAssumeRolePolicyDocument(assumeRolePolicyDocument); createRole = iam.createRole(request); getLogger().info("Create Role requested: {}", createRole.getRole().getArn()); policyArns.stream().forEach(policyArn -> { iam.attachRolePolicy(new AttachRolePolicyRequest().withRoleName(roleName).withPolicyArn(policyArn)); getLogger().info("Attach Managed policy {} to Role {} requested", policyArn, roleName); });//www . jav a 2s .c o m }