writeResources(resources); List<Condition> conditions = statement.getConditions(); if (isNotNull(conditions) && !conditions.isEmpty()) writeConditions(conditions);
for (Condition condition : statement.getConditions()) { if (logger.isTraceEnabled()) { logger.trace("condition type: {}, conditionKey: {}", condition.getType(), condition.getConditionKey());
@Test public void testMultipleConditionKeysForConditionType() throws Exception { Policy policy = new Policy(); policy.withStatements(new Statement(Effect.Allow) .withResources(new Resource("arn:aws:sqs:us-east-1:987654321000:MyQueue")) .withPrincipals(Principal.AllUsers) .withActions(new TestAction("foo")) .withConditions( new StringCondition(StringComparisonType.StringNotLike, "key1", "foo"), new StringCondition(StringComparisonType.StringNotLike, "key1", "bar"))); policy = Policy.fromJson(policy.toJson()); assertEquals(1, policy.getStatements().size()); List<Statement> statements = new LinkedList<Statement>(policy.getStatements()); assertEquals(Effect.Allow, statements.get(0).getEffect()); assertEquals(1, statements.get(0).getActions().size()); assertEquals("foo", statements.get(0).getActions().get(0).getActionName()); assertEquals(1, statements.get(0).getConditions().size()); assertEquals("StringNotLike", statements.get(0).getConditions().get(0).getType()); assertEquals("key1", statements.get(0).getConditions().get(0).getConditionKey()); assertEquals(2, statements.get(0).getConditions().get(0).getValues().size()); assertEquals("foo", statements.get(0).getConditions().get(0).getValues().get(0)); assertEquals("bar", statements.get(0).getConditions().get(0).getValues().get(1)); }
writeResources(resources); List<Condition> conditions = statement.getConditions(); if (isNotNull(conditions) && !conditions.isEmpty()) writeConditions(conditions);
assertEquals("sts:AssumeRoleWithSAML", statements.get(0).getActions().get(0) .getActionName()); assertEquals(1, statements.get(0).getConditions().size()); assertEquals("StringEquals", statements.get(0).getConditions().get(0).getType()); assertEquals("SAML:aud", statements.get(0).getConditions().get(0).getConditionKey()); assertEquals(1, statements.get(0).getConditions().get(0).getValues().size()); assertEquals("https://signin.aws.amazon.com/saml", statements.get(0).getConditions().get(0) .getValues().get(0)); assertEquals(1, statements.get(0).getPrincipals().size());
assertEquals(Effect.Allow, statements.get(0).getEffect()); assertEquals("sts:AssumeRole", statements.get(0).getActions().get(0).getActionName()); assertEquals(1, statements.get(0).getConditions().size()); assertEquals("IpAddress", statements.get(0).getConditions().get(0).getType()); assertEquals("aws:SourceIp", statements.get(0).getConditions().get(0).getConditionKey()); assertEquals(1, statements.get(0).getConditions().get(0).getValues().size()); assertEquals("10.10.10.10/32", statements.get(0).getConditions().get(0).getValues().get(0)); assertEquals(1, statements.get(0).getPrincipals().size()); assertEquals("*", statements.get(0).getPrincipals().get(0).getId());
@Test public void testCloudHSMServicePrincipal() { String jsonString = "{" + "\"Version\":\"2008-10-17\"," + "\"Statement\":[" + "{\"Sid\":\"\"," + "\"Effect\":\"Allow\"," + "\"Principal\":{\"Service\":\"cloudhsm.amazonaws.com\"}," + "\"Action\":\"sts:AssumeRole\"}" + "]" + "}"; Policy policy = Policy.fromJson(jsonString); assertEquals(POLICY_VERSION, policy.getVersion()); List<Statement> statements = new LinkedList<Statement>(policy.getStatements()); assertEquals(1, statements.size()); assertEquals(1, statements.get(0).getActions().size()); assertEquals(Effect.Allow, statements.get(0).getEffect()); assertEquals("sts:AssumeRole", statements.get(0).getActions().get(0).getActionName()); assertEquals(0, statements.get(0).getConditions().size()); assertEquals(1, statements.get(0).getPrincipals().size()); assertEquals(Services.AWSCloudHSM.getServiceId(), statements.get(0).getPrincipals().get(0) .getId()); assertEquals("Service", statements.get(0).getPrincipals().get(0).getProvider()); }
assertEquals("sts:AssumeRole", statements.get(0).getActions().get(0) .getActionName()); assertEquals(0, statements.get(0).getConditions().size()); assertEquals(1, statements.get(0).getPrincipals().size()); assertEquals("workspaces.amazonaws.com", statements.get(0)
assertEquals(1, statements.get(0).getActions().size()); assertEquals("action1", statements.get(0).getActions().get(0).getActionName()); assertEquals(1, statements.get(0).getConditions().size()); assertEquals("IpAddress", statements.get(0).getConditions().get(0).getType()); assertEquals(ConditionFactory.SOURCE_IP_CONDITION_KEY, statements.get(0).getConditions() .get(0).getConditionKey()); assertEquals(1, statements.get(0).getConditions().get(0).getValues().size()); assertEquals("192.168.143.0/24", statements.get(0).getConditions().get(0).getValues() .get(0)); assertEquals(1, statements.get(1).getActions().size()); assertEquals("action2", statements.get(1).getActions().get(0).getActionName()); assertEquals(1, statements.get(1).getConditions().size()); assertEquals("IpAddress", statements.get(1).getConditions().get(0).getType()); assertEquals(ConditionFactory.SOURCE_IP_CONDITION_KEY, statements.get(0).getConditions() .get(0).getConditionKey()); assertEquals(1, statements.get(0).getConditions().get(0).getValues().size()); assertEquals("10.1.2.0/24", statements.get(1).getConditions().get(0).getValues().get(0)); assertEquals(1, statements.get(2).getActions().size()); assertEquals("action3", statements.get(2).getActions().get(0).getActionName()); assertEquals(1, statements.get(2).getConditions().size()); assertEquals("NotIpAddress", statements.get(2).getConditions().get(0).getType()); assertEquals("192.168.143.188/32", statements.get(2).getConditions().get(0).getValues().get(0));
writeResources(resources); List<Condition> conditions = statement.getConditions(); if (isNotNull(conditions) && !conditions.isEmpty()) writeConditions(conditions);
writeResources(resources); List<Condition> conditions = statement.getConditions(); if (isNotNull(conditions) && !conditions.isEmpty()) writeConditions(conditions);
writeResources(resources); List<Condition> conditions = statement.getConditions(); if (isNotNull(conditions) && !conditions.isEmpty()) writeConditions(conditions);
writeResources(resources); List<Condition> conditions = statement.getConditions(); if (isNotNull(conditions) && !conditions.isEmpty()) writeConditions(conditions);