/** * Sets the principals associated with this policy statement, and returns * this updated Statement object. Principals control which AWS accounts are * affected by this policy statement. * <p> * If you don't want to restrict your policy to specific users, you can use * {@link Principal#AllUsers} to apply the policy to any user trying to * access your resource. * * @param principals * The list of principals associated with this policy statement. * * @return The updated Statement object so that additional method calls can * be chained together. */ public Statement withPrincipals(Principal... principals) { setPrincipals(principals); return this; }
/** * Sets the principals associated with this policy statement, indicating * which AWS accounts are affected by this policy statement. * <p> * If you don't want to restrict your policy to specific users, you can use * {@link Principal#AllUsers} to apply the policy to any user trying to * access your resource. * * @param principals * The list of principals associated with this policy statement. */ public void setPrincipals(Principal... principals) { setPrincipals(new ArrayList<Principal>(Arrays.asList(principals))); }
statement.setPrincipals(principalOf(principalNodes));
/** * Sets the principals associated with this policy statement, and returns * this updated Statement object. Principals control which AWS accounts are * affected by this policy statement. * <p> * If you don't want to restrict your policy to specific users, you can use * {@link Principal#AllUsers} to apply the policy to any user trying to * access your resource. * * @param principals * The list of principals associated with this policy statement. * * @return The updated Statement object so that additional method calls can * be chained together. */ public Statement withPrincipals(Principal... principals) { setPrincipals(principals); return this; }
/** * Sets the principals associated with this policy statement, and returns * this updated Statement object. Principals control which AWS accounts are * affected by this policy statement. * <p> * If you don't want to restrict your policy to specific users, you can use * {@link Principal#AllUsers} to apply the policy to any user trying to * access your resource. * * @param principals The list of principals associated with this policy * statement. * @return The updated Statement object so that additional method calls can * be chained together. */ @SuppressWarnings("checkstyle:hiddenfield") public Statement withPrincipals(Principal... principals) { setPrincipals(principals); return this; }
/** * Sets the principals associated with this policy statement, indicating * which AWS accounts are affected by this policy statement. * <p> * If you don't want to restrict your policy to specific users, you can use * {@link Principal#AllUsers} to apply the policy to any user trying to * access your resource. * * @param principals * The list of principals associated with this policy statement. */ public void setPrincipals(Principal... principals) { setPrincipals(new ArrayList<Principal>(Arrays.asList(principals))); }
/** * Sets the principals associated with this policy statement, indicating * which AWS accounts are affected by this policy statement. * <p> * If you don't want to restrict your policy to specific users, you can use * {@link Principal#AllUsers} to apply the policy to any user trying to * access your resource. * * @param principals The list of principals associated with this policy * statement. */ public void setPrincipals(Principal... principals) { setPrincipals(new ArrayList<Principal>(Arrays.asList(principals))); }
statement.setPrincipals(principalOf(principalNodes));
statement.setResources(resourcesOf(reader)); } else if (JsonDocumentFields.PRINCIPAL.equals(name)) { statement.setPrincipals(principalOf(reader)); } else if (JsonDocumentFields.CONDITION.equals(name)) { statement.setConditions(conditionsOf(reader));
/** * Sets the principals associated with this policy statement, and returns * this updated Statement object. Principals control which AWS accounts are * affected by this policy statement. * <p> * If you don't want to restrict your policy to specific users, you can use * {@link Principal#AllUsers} to apply the policy to any user trying to * access your resource. * * @param principals The list of principals associated with this policy * statement. * @return The updated Statement object so that additional method calls can * be chained together. */ @SuppressWarnings("checkstyle:hiddenfield") public Statement withPrincipals(Principal... principals) { setPrincipals(principals); return this; }
/** * Sets the principals associated with this policy statement, and returns * this updated Statement object. Principals control which AWS accounts are * affected by this policy statement. * <p> * If you don't want to restrict your policy to specific users, you can use * {@link Principal#AllUsers} to apply the policy to any user trying to * access your resource. * * @param principals The list of principals associated with this policy * statement. * @return The updated Statement object so that additional method calls can * be chained together. */ @SuppressWarnings("checkstyle:hiddenfield") public Statement withPrincipals(Principal... principals) { setPrincipals(principals); return this; }
/** * Sets the principals associated with this policy statement, and returns * this updated Statement object. Principals control which AWS accounts are * affected by this policy statement. * <p> * If you don't want to restrict your policy to specific users, you can use * {@link Principal#AllUsers} to apply the policy to any user trying to * access your resource. * * @param principals * The list of principals associated with this policy statement. * * @return The updated Statement object so that additional method calls can * be chained together. */ public Statement withPrincipals(Principal... principals) { setPrincipals(principals); return this; }
/** * Sets the principals associated with this policy statement, indicating * which AWS accounts are affected by this policy statement. * <p> * If you don't want to restrict your policy to specific users, you can use * {@link Principal#AllUsers} to apply the policy to any user trying to * access your resource. * * @param principals The list of principals associated with this policy * statement. */ public void setPrincipals(Principal... principals) { setPrincipals(new ArrayList<Principal>(Arrays.asList(principals))); }
/** * Sets the principals associated with this policy statement, indicating * which AWS accounts are affected by this policy statement. * <p> * If you don't want to restrict your policy to specific users, you can use * {@link Principal#AllUsers} to apply the policy to any user trying to * access your resource. * * @param principals The list of principals associated with this policy * statement. */ public void setPrincipals(Principal... principals) { setPrincipals(new ArrayList<Principal>(Arrays.asList(principals))); }
/** * Sets the principals associated with this policy statement, indicating * which AWS accounts are affected by this policy statement. * <p> * If you don't want to restrict your policy to specific users, you can use * {@link Principal#AllUsers} to apply the policy to any user trying to * access your resource. * * @param principals * The list of principals associated with this policy statement. */ public void setPrincipals(Principal... principals) { setPrincipals(new ArrayList<Principal>(Arrays.asList(principals))); }
private static Policy buildSNSPolicy(ARN topicARN, List<String> allAccountIds) { Statement statement = new Statement(Statement.Effect.Allow).withActions(SNSActions.Publish); statement.setPrincipals(allAccountIds.stream().map(Principal::new).collect(Collectors.toList())); statement.setResources(Collections.singletonList(new Resource(topicARN.arn))); return new Policy("allow-remote-account-send", Collections.singletonList(statement)); }
private static Policy buildSNSPolicy(ARN topicARN, List<String> allAccountIds) { Statement statement = new Statement(Statement.Effect.Allow).withActions(SNSActions.Publish); statement.setPrincipals(allAccountIds.stream().map(Principal::new).collect(Collectors.toList())); statement.setResources(Collections.singletonList(new Resource(topicARN.arn))); return new Policy("allow-remote-account-send", Collections.singletonList(statement)); }
/** * This policy allows operators to choose whether or not to have lifecycle hooks to be sent via SNS for fanout, or * be sent directly to an SQS queue from the autoscaling group. */ private static Policy buildSQSPolicy(ARN queue, ARN topic, Set<String> terminatingRoleArns) { Statement snsStatement = new Statement(Effect.Allow).withActions(SQSActions.SendMessage); snsStatement.setPrincipals(Principal.All); snsStatement.setResources(Collections.singletonList(new Resource(queue.arn))); snsStatement.setConditions(Collections.singletonList( new Condition().withType("ArnEquals").withConditionKey("aws:SourceArn").withValues(topic.arn) )); Statement sqsStatement = new Statement(Effect.Allow).withActions(SQSActions.SendMessage, SQSActions.GetQueueUrl); sqsStatement.setPrincipals(terminatingRoleArns.stream().map(Principal::new).collect(Collectors.toList())); sqsStatement.setResources(Collections.singletonList(new Resource(queue.arn))); return new Policy("allow-sns-or-sqs-send", Arrays.asList(snsStatement, sqsStatement)); }
private static Policy buildSQSPolicy(ARN queue, ARN topic) { Statement statement = new Statement(Statement.Effect.Allow).withActions(SQSActions.SendMessage); statement.setPrincipals(Principal.All); statement.setResources(Collections.singletonList(new Resource(queue.arn))); statement.setConditions(Collections.singletonList( new Condition().withType("ArnEquals").withConditionKey("aws:SourceArn").withValues(topic.arn) )); return new Policy("allow-sns-topic-send", Collections.singletonList(statement)); }
/** * This policy allows messages to be sent from an SNS topic. */ public static Policy buildSQSPolicy(ARN queue, ARN topic) { Statement snsStatement = new Statement(Statement.Effect.Allow).withActions(SQSActions.SendMessage); snsStatement.setPrincipals(Principal.All); snsStatement.setResources(Collections.singletonList(new Resource(queue.getArn()))); snsStatement.setConditions(Collections.singletonList( new Condition().withType("ArnEquals").withConditionKey("aws:SourceArn").withValues(topic.getArn()) )); return new Policy("allow-sns-send", Collections.singletonList(snsStatement)); } }