All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.amazonaws.auth.policy.Condition Maven / Gradle / Ivy

/*
 * Copyright 2010-2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License").
 * You may not use this file except in compliance with the License.
 * A copy of the License is located at
 *
 *  http://aws.amazon.com/apache2.0
 *
 * or in the "license" file accompanying this file. This file is distributed
 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied. See the License for the specific language governing
 * permissions and limitations under the License.
 */
package com.amazonaws.auth.policy;

import java.util.Arrays;
import java.util.List;

import com.amazonaws.auth.policy.conditions.ConditionFactory;
import com.amazonaws.auth.policy.conditions.NumericCondition;
import com.amazonaws.auth.policy.conditions.NumericCondition.NumericComparisonType;

/**
 * AWS access control policy conditions are contained in {@link Statement}
 * objects, and affect when a statement is applied. For example, a statement
 * that allows access to an Amazon SQS queue could use a condition to only apply
 * the effect of that statement for requests that are made before a certain
 * date, or that originate from a range of IP addresses.
 * 

* Multiple conditions can be included in a single statement, and all conditions * must evaluate to true in order for the statement to take effect. *

* The set of conditions is D in the statement * "A has permission to do B to C where D applies." *

* A condition is composed of three parts: *

    *
  • Condition Key - The condition key declares which value of a * request to pull in and compare against when a policy is evaluated by AWS. For * example, using {@link ConditionFactory#SOURCE_IP_CONDITION_KEY} will cause * AWS to pull in the current request's source IP as the first value to compare * against every time your policy is evaluated. *
  • Comparison Type - Most condition types allow several ways to * compare the value obtained from the condition key and the comparison value. * For example, the {@link NumericComparisonType} enumerates the ways a * {@link NumericCondition} can be evaluated (less than, greater than, equals, * etc). *
  • Comparison Value - This is a static value used as the second value * in the comparison when your policy is evaluated. Depending on the comparison * type, this value can optionally use wildcards. See the documentation for * individual comparison types for more information. *
*

* There are many expressive conditions available in the * com.amazonaws.auth.policy.conditions package to use in access * control policy statements. *

* This class is not intended to be directly subclassed by users, instead users * should use the many available conditions and condition factories in the * com.amazonaws.auth.policy.conditions package. */ public class Condition { protected String type; protected String conditionKey; protected List values; /** * Returns the type of this condition. * * @return The type of this condition. */ public String getType() { return type; } /** * Sets the type of this condition. * * @param type * The type of this condition. */ public void setType(String type) { this.type = type; } /** * Returns the name of the condition key involved in this condition. * Condition keys are predefined values supported by AWS that provide input * to a condition's evaluation, such as the current time, or the IP address * of the incoming request. *

* Your policy is evaluated for each incoming request, and condition keys * specify what information to pull out of those incoming requests and plug * into the conditions in your policy. * * @return The name of the condition key involved in this condition. */ public String getConditionKey() { return conditionKey; } /** * Sets the name of the condition key involved in this condition. * Condition keys are predefined values supported by AWS that provide * input to a condition's evaluation, such as the current time, or the IP * address of the incoming request. *

* Your policy is evaluated for each incoming request, and condition keys * specify what information to pull out of those incoming requests and plug * into the conditions in your policy. * * @param conditionKey * The name of the condition key involved in this condition. */ public void setConditionKey(String conditionKey) { this.conditionKey = conditionKey; } /** * Returns the values specified for this access control policy condition. * For example, in a condition that compares the incoming IP address of a * request to a specified range of IP addresses, the range of IP addresses * is the single value in the condition. *

* Most conditions accept only one value, but multiple values are possible. * * @return The values specified for this access control policy condition. */ public List getValues() { return values; } /** * Sets the values specified for this access control policy condition. For * example, in a condition that compares the incoming IP address of a * request to a specified range of IP addresses, the range of IP addresses * is the single value in the condition. *

* Most conditions accept only one value, but multiple values are possible. * * @param values * The values specified for this access control policy condition. */ public void setValues(List values) { this.values = values; } /** * Fluent version of {@link Condition#setType(String)} * @return this */ public Condition withType(String type) { setType(type); return this; } /** * Fluent version of {@link Condition#setConditionKey(String)} * @return this */ public Condition withConditionKey(String key) { setConditionKey(key); return this; } /** * Fluent version of {@link Condition#setValues(List)} * @return this */ public Condition withValues(String... values) { setValues(Arrays.asList(values)); return this; } /** * Fluent version of {@link Condition#setValues(List)} * @return this */ public Condition withValues(List values) { setValues(values); return this; } }





© 2015 - 2025 Weber Informatics LLC | Privacy Policy