List of usage examples for com.amazonaws.services.identitymanagement.model GetPolicyVersionRequest GetPolicyVersionRequest
GetPolicyVersionRequest
From source file:com.okta.tools.awscli.java
License:Open Source License
private static void GetRoleToAssume(String roleName) { if (roleName != null && !roleName.equals("") && awsIamKey != null && awsIamSecret != null && !awsIamKey.equals("") && !awsIamSecret.equals("")) { logger.debug("Creating the AWS Identity Management client"); AmazonIdentityManagementClient identityManagementClient = new AmazonIdentityManagementClient( new BasicAWSCredentials(awsIamKey, awsIamSecret)); logger.debug("Getting role: " + roleName); GetRoleResult roleresult = identityManagementClient .getRole(new GetRoleRequest().withRoleName(roleName)); logger.debug("GetRoleResult: " + roleresult.toString()); Role role = roleresult.getRole(); logger.debug("getRole: " + role.toString()); ListAttachedRolePoliciesResult arpr = identityManagementClient .listAttachedRolePolicies(new ListAttachedRolePoliciesRequest().withRoleName(roleName)); logger.debug("ListAttachedRolePoliciesResult: " + arpr.toString()); ListRolePoliciesResult lrpr = identityManagementClient .listRolePolicies(new ListRolePoliciesRequest().withRoleName(roleName)); logger.debug("ListRolePoliciesResult: " + lrpr.toString()); List<String> inlinePolicies = lrpr.getPolicyNames(); if (inlinePolicies.size() == 0) { logger.debug("There are no inlines policies"); }// w w w. j a va 2 s . c o m List<AttachedPolicy> managedPolicies = arpr.getAttachedPolicies(); if (managedPolicies.size() == 0) { logger.debug("There are no managed policies"); } if (managedPolicies.size() >= 1) //we prioritize managed policies over inline policies { List<String> lstManagedPolicies = new ArrayList<String>(); for (AttachedPolicy managedPolicy : managedPolicies) { lstManagedPolicies.add(managedPolicy.getPolicyName()); } logger.debug("Managed Policies: " + managedPolicies.toString()); //TODO: handle more than 1 policy (ask the user to choose it?) AttachedPolicy attachedPolicy = managedPolicies.get(0); logger.debug("First Attached Policy " + attachedPolicy.toString()); GetPolicyRequest gpr = new GetPolicyRequest().withPolicyArn(attachedPolicy.getPolicyArn()); GetPolicyResult rpr = identityManagementClient.getPolicy(gpr); logger.debug("GetPolicyResult: " + attachedPolicy.toString()); Policy policy = rpr.getPolicy(); GetPolicyVersionResult pvr = identityManagementClient.getPolicyVersion(new GetPolicyVersionRequest() .withPolicyArn(policy.getArn()).withVersionId(policy.getDefaultVersionId())); logger.debug("GetPolicyVersionResult: " + pvr.toString()); String policyDoc = pvr.getPolicyVersion().getDocument(); roleToAssume = ProcessPolicyDocument(policyDoc); } else if (inlinePolicies.size() >= 1) //if we only have one policy, then use it by default { logger.debug("Inline Policies " + inlinePolicies.toString()); if (inlinePolicies.size() > 1) { //there are more than one policy } //Have to set the role name and the policy name (both are mandatory fields //TODO: handle more than 1 policy (ask the user to choose it?) GetRolePolicyRequest grpr = new GetRolePolicyRequest().withRoleName(roleName) .withPolicyName(inlinePolicies.get(0)); GetRolePolicyResult rpr = identityManagementClient.getRolePolicy(grpr); String policyDoc = rpr.getPolicyDocument(); roleToAssume = ProcessPolicyDocument(policyDoc); } } }