com.amazonaws.auth.policy.Action Java Examples

The following examples show how to use com.amazonaws.auth.policy.Action. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: KmsPolicyServiceTest.java    From cerberus with Apache License 2.0 6 votes vote down vote up 
@Test
public void test_that_overwriteCMSPolicy_returns_policy_that_includes_missing_actions()
    throws IOException {
  InputStream policy =
      getClass()
          .getClassLoader()
          .getResourceAsStream(
              "com/nike/cerberus/service/invalid-cerberus-kms-key-policy-cms-cannot-delete.json");
  String policyJsonAsString = IOUtils.toString(policy, "UTF-8");

  Action actionNotIncludedInInvalidJson1 = KMSActions.ScheduleKeyDeletion;
  Action actionNotIncludedInInvalidJson2 = KMSActions.CancelKeyDeletion;
  String result = kmsPolicyService.overwriteCMSPolicy(policyJsonAsString);
  assertFalse(StringUtils.equals(policyJsonAsString, result));
  assertTrue(StringUtils.contains(result, actionNotIncludedInInvalidJson1.getActionName()));
  assertTrue(StringUtils.contains(result, actionNotIncludedInInvalidJson2.getActionName()));
  assertTrue(kmsPolicyService.cmsHasKeyDeletePermissions(result));

  policy.close();
}
Example #2
Source File: CommonTestUtils.java    From pacbot with Apache License 2.0 5 votes vote down vote up 
public static Policy getPolicy() {
  	Policy policy = new Policy();
List<Statement> statements = new ArrayList<Statement>();
Statement statement = new Statement(Effect.Allow);
  	List<Action> actions = new ArrayList<>();
actions.add(IdentityManagementActions.AllIdentityManagementActions);
actions.add(EC2Actions.RunInstances);
statement.setActions(actions);
statements.add(statement);
policy.setStatements(statements);
      policy.setId("123");
      policy.setStatements(statements);
return policy;
  }
Example #3
Source File: IAMUtils.java    From pacbot with Apache License 2.0 5 votes vote down vote up 
private static Set<String> getActionSet(Policy policy) {
	Set<String> actionsSet = new HashSet();
	for (Statement statement : policy.getStatements()) {
		if (statement.getEffect().equals(Effect.Allow)) {
			for (Action action : statement.getActions()) {
				actionsSet.add(action.getActionName());
			}
		}

	}
	return actionsSet;
}
Example #4
Source File: SQSObservableQueue.java    From conductor with Apache License 2.0 5 votes vote down vote up 
private String getPolicy(List<String> accountIds) {
	Policy policy = new Policy("AuthorizedWorkerAccessPolicy");
	Statement stmt = new Statement(Effect.Allow);
	Action action = SQSActions.SendMessage;
	stmt.getActions().add(action);
	stmt.setResources(new LinkedList<>());
	for(String accountId : accountIds) {
		Principal principal = new Principal(accountId);
		stmt.getPrincipals().add(principal);
	}
	stmt.getResources().add(new Resource(getQueueARN()));
	policy.getStatements().add(stmt);
	return policy.toJson();
}
Example #5
Source File: AwsIamService.java    From cloudbreak with Apache License 2.0 5 votes vote down vote up 
/**
 * Returns actions from the given statement
 *
 * @param statement statement to get actions from
 * @return sorted set of actions
 */
public SortedSet<String> getStatementActions(Statement statement) {
    List<Action> actions = statement.getActions();
    if (actions == null) {
        return new TreeSet<>();
    }
    return statement.getActions().stream()
            .map(Action::getActionName)
            .collect(Collectors.toCollection(TreeSet::new));
}
Example #6
Source File: KmsPolicyServiceTest.java    From cerberus with Apache License 2.0 4 votes vote down vote up 
@Test
public void test_that_statementAllowsAction_returns_true_when_action_in_statement() {
  Action action = KMSActions.CancelKeyDeletion;
  Statement statement = new Statement(Statement.Effect.Allow).withActions(action);
  assertTrue(kmsPolicyService.statementIncludesAction(statement, action));
}
Example #7
Source File: AwsInstanceProfileEC2TrustValidator.java    From cloudbreak with Apache License 2.0 4 votes vote down vote up 
boolean checkAssumeRoleInActions(List<Action> actions) {
    return actions.stream().anyMatch(
            action -> SecurityTokenServiceActions.AssumeRole.getActionName().equals(action.getActionName()));
}