List of usage examples for com.amazonaws.services.securitytoken.model GetCallerIdentityRequest GetCallerIdentityRequest
GetCallerIdentityRequest
From source file:com.github.kaklakariada.aws.sam.service.AwsMetadataService.java
License:Open Source License
public String getAccountId() { final GetCallerIdentityResult callerIdentity = tokenService .getCallerIdentity(new GetCallerIdentityRequest()); return callerIdentity.getAccount(); }
From source file:com.nike.cerberus.operation.cms.CreateCmsConfigOperation.java
License:Apache License
@Override public void run(final CreateCmsConfigCommand command) { configStore.storeCmsAdminGroup(command.getAdminGroup()); final BaseOutputs baseOutputs = configStore.getBaseStackOutputs(); final BaseParameters baseParameters = configStore.getBaseStackParameters(); final VaultParameters vaultParameters = configStore.getVaultStackParamters(); final GetCallerIdentityResult callerIdentity = securityTokenService .getCallerIdentity(new GetCallerIdentityRequest()); final Optional<String> cmsVaultToken = configStore.getCmsVaultToken(); final Optional<String> cmsDatabasePassword = configStore.getCmsDatabasePassword(); final Map<String, String> cmsConfigMap = Maps.newHashMap(); final String rootUserArn = String.format("arn:aws:iam::%s:root", callerIdentity.getAccount()); cmsConfigMap.put("vault.addr", String.format("https://%s", cnameToHost(vaultParameters.getCname()))); cmsConfigMap.put("vault.token", cmsVaultToken.get()); cmsConfigMap.put("cms.admin.group", command.getAdminGroup()); cmsConfigMap.put("root.user.arn", rootUserArn); cmsConfigMap.put("admin.role.arn", baseParameters.getAccountAdminArn()); cmsConfigMap.put("cms.role.arn", baseOutputs.getCmsIamRoleArn()); cmsConfigMap.put("JDBC.url", baseOutputs.getCmsDbJdbcConnectionString()); cmsConfigMap.put("JDBC.username", ConfigConstants.DEFAULT_CMS_DB_NAME); cmsConfigMap.put("JDBC.password", cmsDatabasePassword.get()); command.getAdditionalProperties().forEach((k, v) -> { if (!cmsConfigMap.containsKey(k)) { cmsConfigMap.put(k, v);//from w ww . j av a 2 s. com } else { logger.warn("Ignoring additional property that would override system configured property, " + k); } }); configStore.storeCmsEnvConfig(cmsConfigMap); }
From source file:com.yahoo.athenz.instance.provider.impl.InstanceAWSProvider.java
License:Apache License
public boolean verifyInstanceIdentity(AWSAttestationData info, final String awsAccount) { GetCallerIdentityRequest req = new GetCallerIdentityRequest(); try {//w w w .j av a2s . c o m AWSSecurityTokenServiceClient client = getInstanceClient(info); if (client == null) { LOGGER.error("verifyInstanceIdentity - unable to get AWS STS client object"); return false; } GetCallerIdentityResult res = client.getCallerIdentity(req); if (res == null) { LOGGER.error("verifyInstanceIdentity - unable to get caller identity"); return false; } String arn = "arn:aws:sts::" + awsAccount + ":assumed-role/" + info.getRole() + "/"; if (!res.getArn().startsWith(arn)) { LOGGER.error("verifyInstanceIdentity - ARN mismatch - request: {} caller-idenity: {}", arn, res.getArn()); return false; } return true; } catch (Exception ex) { LOGGER.error("CloudStore: verifyInstanceIdentity - unable get caller identity: {}", ex.getMessage()); return false; } }
From source file:jp.classmethod.aws.gradle.AwsPluginExtension.java
License:Apache License
public String getAccountId() { AWSSecurityTokenService sts = createClient(AWSSecurityTokenServiceClient.class, profileName); return sts.getCallerIdentity(new GetCallerIdentityRequest()).getAccount(); }
From source file:jp.classmethod.aws.gradle.AwsPluginExtension.java
License:Apache License
public String getUserArn() { AWSSecurityTokenService sts = createClient(AWSSecurityTokenServiceClient.class, profileName); return sts.getCallerIdentity(new GetCallerIdentityRequest()).getArn(); }