List of usage examples for com.amazonaws.services.identitymanagement.model Role getAssumeRolePolicyDocument
public String getAssumeRolePolicyDocument()
The policy that grants an entity permission to assume the role.
From source file:com.haskins.cloudtrailviewer.dialog.resourcedetail.detailpanels.IamRoleDetail.java
License:Open Source License
private void buildUI(GetRoleResult detail) { this.add(primaryScrollPane, BorderLayout.CENTER); if (detail.getRole() != null) { Role role = detail.getRole(); if (role.getCreateDate() != null) { primaryTableModel.addRow(new Object[] { "Created", getDateString(role.getCreateDate()) }); }/*from w ww . j a v a2 s . c om*/ if (role.getArn() != null) { primaryTableModel.addRow(new Object[] { "Arn", role.getArn() }); } if (role.getAssumeRolePolicyDocument() != null) { primaryTableModel .addRow(new Object[] { "Assume Role Policy Document", role.getAssumeRolePolicyDocument() }); } if (role.getPath() != null) { primaryTableModel.addRow(new Object[] { "Path", role.getPath() }); } if (role.getRoleId() != null) { primaryTableModel.addRow(new Object[] { "Role Id", role.getRoleId() }); } if (role.getRoleName() != null) { primaryTableModel.addRow(new Object[] { "Role Name", role.getRoleName() }); } } }
From source file:com.netflix.spinnaker.clouddriver.ecs.deploy.ops.CreateServerGroupAtomicOperation.java
License:Apache License
private void checkRoleTrustRelations(String roleName) { updateTaskStatus("Checking role trust relations for: " + roleName); AmazonIdentityManagement iamClient = getAmazonIdentityManagementClient(); GetRoleResult response = iamClient.getRole(new GetRoleRequest().withRoleName(roleName)); Role role = response.getRole(); Set<IamTrustRelationship> trustedEntities = iamPolicyReader .getTrustedEntities(role.getAssumeRolePolicyDocument()); Set<String> trustedServices = trustedEntities.stream() .filter(trustRelation -> trustRelation.getType().equals("Service")) .map(IamTrustRelationship::getValue).collect(Collectors.toSet()); if (!trustedServices.contains(NECESSARY_TRUSTED_SERVICE)) { throw new IllegalArgumentException( "The " + roleName + " role does not have a trust relationship to ecs-tasks.amazonaws.com."); }/*from w w w . j a v a2 s . c o m*/ }
From source file:com.netflix.spinnaker.clouddriver.ecs.provider.agent.IamRoleCachingAgent.java
License:Apache License
Set<IamRole> fetchIamRoles(AmazonIdentityManagement iam, String accountName) {
Set<IamRole> cacheableRoles = new HashSet<>();
String marker = null;/* www.j a v a 2s. c om*/
do {
ListRolesRequest request = new ListRolesRequest();
if (marker != null) {
request.setMarker(marker);
}
ListRolesResult listRolesResult = iam.listRoles(request);
List<Role> roles = listRolesResult.getRoles();
for (Role role : roles) {
cacheableRoles.add(new IamRole(role.getArn(), role.getRoleName(), accountName,
iamPolicyReader.getTrustedEntities(role.getAssumeRolePolicyDocument())));
}
if (listRolesResult.isTruncated()) {
marker = listRolesResult.getMarker();
} else {
marker = null;
}
} while (marker != null && marker.length() != 0);
return cacheableRoles;
}
From source file:com.netflix.spinnaker.clouddriver.lambda.provider.agent.IamRoleCachingAgent.java
License:Apache License
private Set<IamRole> fetchIamRoles(AmazonIdentityManagement iam, String accountName) { Set<IamRole> cacheableRoles = new HashSet<>(); String marker = null;/*from ww w .j av a 2 s . c om*/ do { ListRolesRequest request = new ListRolesRequest(); if (marker != null) { request.setMarker(marker); } ListRolesResult listRolesResult = iam.listRoles(request); List<Role> roles = listRolesResult.getRoles(); for (Role role : roles) { cacheableRoles.add(new IamRole(role.getArn(), role.getRoleName(), accountName, getTrustedEntities(role.getAssumeRolePolicyDocument()))); } if (listRolesResult.isTruncated()) { marker = listRolesResult.getMarker(); } else { marker = null; } } while (marker != null && marker.length() != 0); return cacheableRoles; }