Example usage for com.amazonaws.services.identitymanagement.model PutRolePolicyRequest PutRolePolicyRequest

List of usage examples for com.amazonaws.services.identitymanagement.model PutRolePolicyRequest PutRolePolicyRequest

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.services.identitymanagement.model.*
  5. PutRolePolicyRequest
  6. PutRolePolicyRequest

Introduction

In this page you can find the example usage for com.amazonaws.services.identitymanagement.model PutRolePolicyRequest PutRolePolicyRequest.

Prototype

PutRolePolicyRequest

Source Link

Usage

From source file:AbstractAmazonKinesisFirehoseDelivery.java

License:Open Source License

/**
 * Method to put the role policy with permissions document. Permission document would change
 * based on KMS Key ARN specified in properties file. If KMS Key ARN is specified, permissions
 * document will contain KMS resource.//  w  ww  .ja  v  a 2  s  . c  om
 *
 * @param s3Prefix the s3Prefix which will be included in KMS Condition (only if KMS Key is provided)
 */
protected static void putRolePolicy(String s3Prefix) {
    try {
        // set permissions policy for the role
        String permissionsPolicyDocument = containsKMSKeyARN() ? getPermissionsPolicyWithKMSResources(s3Prefix)
                : getPermissionsPolicyWithoutKMSResources();
        iamClient.putRolePolicy(new PutRolePolicyRequest().withRoleName(iamRoleName)
                .withPolicyName(FIREHOSE_ROLE_POLICY_NAME).withPolicyDocument(permissionsPolicyDocument));
    } catch (MalformedPolicyDocumentException policyDocumentException) {
        LOG.error(String.format("Please check the permissions policy document for malformation: %s",
                containsKMSKeyARN() ? IAM_ROLE_PERMISSIONS_POLICY_WITH_KMS_RESOURCES_DOCUMENT
                        : IAM_ROLE_PERMISSIONS_POLICY_WITHOUT_KMS_RESOURCES_DOCUMENT));
        throw policyDocumentException;
    }
}

From source file:awslabs.lab41.SolutionCode.java

License:Open Source License

@Override
public String prepMode_CreateRole(AmazonIdentityManagementClient iamClient, String roleName, String policyText,
        String trustRelationshipText) {
    String roleArn = null;/*from   ww  w.j a  va2s.  com*/

    //  Construct a CreateRoleRequest object using the specified name and "assume role" policy. The policy is the trustRelationshipText parameter.
    CreateRoleRequest createRoleRequest = new CreateRoleRequest()
            .withAssumeRolePolicyDocument(trustRelationshipText).withRoleName(roleName);
    //  Submit the request using the createRole method of the iamClient object.
    //  Retrieve and store the role ARN from the request response.
    roleArn = iamClient.createRole(createRoleRequest).getRole().getArn();

    //  Construct a PutRolePolicyRequest object using the provided policy for the new role. Use whatever policy name you like.
    PutRolePolicyRequest putRolePolicyRequest = new PutRolePolicyRequest().withPolicyDocument(policyText)
            .withPolicyName(roleName + "_policy").withRoleName(roleName);
    //  Submit the request using the putRolePolicy method of the iamClient object.
    iamClient.putRolePolicy(putRolePolicyRequest);

    //  Return the ARN for the new role.
    return roleArn;
}