/
CreatePolicy.java
102 lines (86 loc) · 3.75 KB
/
CreatePolicy.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
package com.example.iam;
// snippet-start:[iam.java2.create_policy.main]
// snippet-start:[iam.java2.create_policy.import]
import software.amazon.awssdk.core.waiters.WaiterResponse;
import software.amazon.awssdk.services.iam.model.CreatePolicyRequest;
import software.amazon.awssdk.services.iam.model.CreatePolicyResponse;
import software.amazon.awssdk.services.iam.model.GetPolicyRequest;
import software.amazon.awssdk.services.iam.model.GetPolicyResponse;
import software.amazon.awssdk.services.iam.model.IamException;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.iam.IamClient;
import software.amazon.awssdk.services.iam.waiters.IamWaiter;
// snippet-end:[iam.java2.create_policy.import]
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class CreatePolicy {
// snippet-start:[iam.java2.create_policy.policy_document]
public static final String PolicyDocument = "{" +
" \"Version\": \"2012-10-17\"," +
" \"Statement\": [" +
" {" +
" \"Effect\": \"Allow\"," +
" \"Action\": [" +
" \"dynamodb:DeleteItem\"," +
" \"dynamodb:GetItem\"," +
" \"dynamodb:PutItem\"," +
" \"dynamodb:Scan\"," +
" \"dynamodb:UpdateItem\"" +
" ]," +
" \"Resource\": \"*\"" +
" }" +
" ]" +
"}";
// snippet-end:[iam.java2.create_policy.policy_document]
public static void main(String[] args) {
final String usage = """
Usage:
CreatePolicy <policyName>\s
Where:
policyName - A unique policy name.\s
""";
if (args.length != 1) {
System.out.println(usage);
System.exit(1);
}
String policyName = args[0];
Region region = Region.AWS_GLOBAL;
IamClient iam = IamClient.builder()
.region(region)
.build();
String result = createIAMPolicy(iam, policyName);
System.out.println("Successfully created a policy with this ARN value: " + result);
iam.close();
}
public static String createIAMPolicy(IamClient iam, String policyName) {
try {
// Create an IamWaiter object.
IamWaiter iamWaiter = iam.waiter();
CreatePolicyRequest request = CreatePolicyRequest.builder()
.policyName(policyName)
.policyDocument(PolicyDocument)
.build();
CreatePolicyResponse response = iam.createPolicy(request);
// Wait until the policy is created.
GetPolicyRequest polRequest = GetPolicyRequest.builder()
.policyArn(response.policy().arn())
.build();
WaiterResponse<GetPolicyResponse> waitUntilPolicyExists = iamWaiter.waitUntilPolicyExists(polRequest);
waitUntilPolicyExists.matched().response().ifPresent(System.out::println);
return response.policy().arn();
} catch (IamException e) {
System.err.println(e.awsErrorDetails().errorMessage());
System.exit(1);
}
return "";
}
}
// snippet-end:[iam.java2.create_policy.main]