Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
 /*
  * Copyright 2010-2015 Amazon.com, Inc. or its affiliates. All Rights Reserved.
  *
  * Licensed under the Apache License, Version 2.0 (the "License").
  * You may not use this file except in compliance with the License.
  * A copy of the License is located at
  *
  *  http://aws.amazon.com/apache2.0
  *
 * or in the "license" file accompanying this file. This file is distributed
 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied. See the License for the specific language governing
 * permissions and limitations under the License.
 */
package com.amazonaws.auth.policy.conditions;
AWS access control policy condition that allows an access control statement to be conditionally applied based on the comparison of an Amazon Resource Name (ARN).

An Amazon Resource Name (ARN) takes the following format: arn:aws:<vendor>:<region>:<namespace>:<relative-id>

  • vendor identifies the AWS product (e.g., sns)
  • region is the AWS Region the resource resides in (e.g., us-east-1), if any
  • namespace is the AWS account ID with no hyphens (e.g., 123456789012)
  • relative-id is the service specific portion that identifies the specific resource

For example, an Amazon SQS queue might be addressed with the following ARN: arn:aws:sqs:us-east-1:987654321000:MyQueue

Currently the only valid condition key to use in an ARN condition is ConditionFactory.SOURCE_ARN_CONDITION_KEY, which indicates the source resource that is modifying another resource, for example, an SNS topic is the source ARN when publishing messages from the topic to an SQS queue.

public class ArnCondition extends Condition {

    
Enumeration of the supported ways an ARN comparison can be evaluated.
    public static enum ArnComparisonType {
        
Exact matching
        ArnEquals,

        
Loose case-insensitive matching of the ARN. Each of the six colon-delimited components of the ARN is checked separately and each can include a multi-character match wildcard (*) or a single-character match wildcard (?).
        ArnLike,

        
Negated form of ArnEquals
        ArnNotEquals,

        
Negated form of ArnLike
        ArnNotLike;
    };

    
Constructs a new access control policy condition that compares ARNs (Amazon Resource Names).

Parameters:
type The type of comparison to perform.
key The access policy condition key specifying where to get the first ARN for the comparison (ex: ConditionFactory.SOURCE_ARN_CONDITION_KEY).
value The second ARN to compare against. When using ArnCondition.ArnComparisonType.ArnLike or ArnCondition.ArnComparisonType.ArnNotLike this may contain the multi-character wildcard (*) or the single-character wildcard (?).
    public ArnCondition(ArnComparisonType typeString keyString value) {
        super. = type.toString();
        super. = key;
        super. = Arrays.asList(new String[] {value});
    }
New to GrepCode? Check out our FAQ X