com.amazonaws.services.identitymanagement.model.EvaluationResult Maven / Gradle / Ivy
Show all versions of aws-java-sdk-iam Show documentation
/*
* Copyright 2011-2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.identitymanagement.model;
import java.io.Serializable;
/**
*
* Contains the results of a simulation.
*
*
* This data type is used by the return parameter of SimulateCustomPolicy and
* SimulatePrincipalPolicy .
*
*/
public class EvaluationResult implements Serializable, Cloneable {
/**
*
* The name of the API action tested on the indicated resource.
*
*/
private String evalActionName;
/**
*
* The ARN of the resource that the indicated API action was tested on.
*
*/
private String evalResourceName;
/**
*
* The result of the simulation.
*
*/
private String evalDecision;
/**
*
* A list of the statements in the input policies that determine the result for this scenario. Remember that even if
* multiple statements allow the action on the resource, if only one statement denies that action, then the explicit
* deny overrides any allow, and the deny statement is the only entry included in the result.
*
*/
private com.amazonaws.internal.SdkInternalList matchedStatements;
/**
*
* A list of context keys that are required by the included input policies but that were not provided by one of the
* input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the
* ResourceArns parameter blank. If you include a list of resources, then any missing context values
* are instead included under the ResourceSpecificResults section. To discover the context keys used by
* a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
*
*/
private com.amazonaws.internal.SdkInternalList missingContextValues;
/**
*
* Additional details about the results of the evaluation decision. When there are both IAM policies and resource
* policies, this parameter explains how each set of policies contributes to the final evaluation decision. When
* simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must
* grant access. See How IAM Roles
* Differ from Resource-based Policies
*
*/
private com.amazonaws.internal.SdkInternalMap evalDecisionDetails;
/**
*
* The individual results of the simulation of the API action specified in EvalActionName on each resource.
*
*/
private com.amazonaws.internal.SdkInternalList resourceSpecificResults;
/**
*
* The name of the API action tested on the indicated resource.
*
*
* @param evalActionName
* The name of the API action tested on the indicated resource.
*/
public void setEvalActionName(String evalActionName) {
this.evalActionName = evalActionName;
}
/**
*
* The name of the API action tested on the indicated resource.
*
*
* @return The name of the API action tested on the indicated resource.
*/
public String getEvalActionName() {
return this.evalActionName;
}
/**
*
* The name of the API action tested on the indicated resource.
*
*
* @param evalActionName
* The name of the API action tested on the indicated resource.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EvaluationResult withEvalActionName(String evalActionName) {
setEvalActionName(evalActionName);
return this;
}
/**
*
* The ARN of the resource that the indicated API action was tested on.
*
*
* @param evalResourceName
* The ARN of the resource that the indicated API action was tested on.
*/
public void setEvalResourceName(String evalResourceName) {
this.evalResourceName = evalResourceName;
}
/**
*
* The ARN of the resource that the indicated API action was tested on.
*
*
* @return The ARN of the resource that the indicated API action was tested on.
*/
public String getEvalResourceName() {
return this.evalResourceName;
}
/**
*
* The ARN of the resource that the indicated API action was tested on.
*
*
* @param evalResourceName
* The ARN of the resource that the indicated API action was tested on.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EvaluationResult withEvalResourceName(String evalResourceName) {
setEvalResourceName(evalResourceName);
return this;
}
/**
*
* The result of the simulation.
*
*
* @param evalDecision
* The result of the simulation.
* @see PolicyEvaluationDecisionType
*/
public void setEvalDecision(String evalDecision) {
this.evalDecision = evalDecision;
}
/**
*
* The result of the simulation.
*
*
* @return The result of the simulation.
* @see PolicyEvaluationDecisionType
*/
public String getEvalDecision() {
return this.evalDecision;
}
/**
*
* The result of the simulation.
*
*
* @param evalDecision
* The result of the simulation.
* @return Returns a reference to this object so that method calls can be chained together.
* @see PolicyEvaluationDecisionType
*/
public EvaluationResult withEvalDecision(String evalDecision) {
setEvalDecision(evalDecision);
return this;
}
/**
*
* The result of the simulation.
*
*
* @param evalDecision
* The result of the simulation.
* @see PolicyEvaluationDecisionType
*/
public void setEvalDecision(PolicyEvaluationDecisionType evalDecision) {
this.evalDecision = evalDecision.toString();
}
/**
*
* The result of the simulation.
*
*
* @param evalDecision
* The result of the simulation.
* @return Returns a reference to this object so that method calls can be chained together.
* @see PolicyEvaluationDecisionType
*/
public EvaluationResult withEvalDecision(PolicyEvaluationDecisionType evalDecision) {
setEvalDecision(evalDecision);
return this;
}
/**
*
* A list of the statements in the input policies that determine the result for this scenario. Remember that even if
* multiple statements allow the action on the resource, if only one statement denies that action, then the explicit
* deny overrides any allow, and the deny statement is the only entry included in the result.
*
*
* @return A list of the statements in the input policies that determine the result for this scenario. Remember that
* even if multiple statements allow the action on the resource, if only one statement denies that action,
* then the explicit deny overrides any allow, and the deny statement is the only entry included in the
* result.
*/
public java.util.List getMatchedStatements() {
if (matchedStatements == null) {
matchedStatements = new com.amazonaws.internal.SdkInternalList();
}
return matchedStatements;
}
/**
*
* A list of the statements in the input policies that determine the result for this scenario. Remember that even if
* multiple statements allow the action on the resource, if only one statement denies that action, then the explicit
* deny overrides any allow, and the deny statement is the only entry included in the result.
*
*
* @param matchedStatements
* A list of the statements in the input policies that determine the result for this scenario. Remember that
* even if multiple statements allow the action on the resource, if only one statement denies that action,
* then the explicit deny overrides any allow, and the deny statement is the only entry included in the
* result.
*/
public void setMatchedStatements(java.util.Collection matchedStatements) {
if (matchedStatements == null) {
this.matchedStatements = null;
return;
}
this.matchedStatements = new com.amazonaws.internal.SdkInternalList(matchedStatements);
}
/**
*
* A list of the statements in the input policies that determine the result for this scenario. Remember that even if
* multiple statements allow the action on the resource, if only one statement denies that action, then the explicit
* deny overrides any allow, and the deny statement is the only entry included in the result.
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setMatchedStatements(java.util.Collection)} or {@link #withMatchedStatements(java.util.Collection)} if
* you want to override the existing values.
*
*
* @param matchedStatements
* A list of the statements in the input policies that determine the result for this scenario. Remember that
* even if multiple statements allow the action on the resource, if only one statement denies that action,
* then the explicit deny overrides any allow, and the deny statement is the only entry included in the
* result.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EvaluationResult withMatchedStatements(Statement... matchedStatements) {
if (this.matchedStatements == null) {
setMatchedStatements(new com.amazonaws.internal.SdkInternalList(matchedStatements.length));
}
for (Statement ele : matchedStatements) {
this.matchedStatements.add(ele);
}
return this;
}
/**
*
* A list of the statements in the input policies that determine the result for this scenario. Remember that even if
* multiple statements allow the action on the resource, if only one statement denies that action, then the explicit
* deny overrides any allow, and the deny statement is the only entry included in the result.
*
*
* @param matchedStatements
* A list of the statements in the input policies that determine the result for this scenario. Remember that
* even if multiple statements allow the action on the resource, if only one statement denies that action,
* then the explicit deny overrides any allow, and the deny statement is the only entry included in the
* result.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EvaluationResult withMatchedStatements(java.util.Collection matchedStatements) {
setMatchedStatements(matchedStatements);
return this;
}
/**
*
* A list of context keys that are required by the included input policies but that were not provided by one of the
* input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the
* ResourceArns parameter blank. If you include a list of resources, then any missing context values
* are instead included under the ResourceSpecificResults section. To discover the context keys used by
* a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
*
*
* @return A list of context keys that are required by the included input policies but that were not provided by one
* of the input parameters. This list is used when the resource in a simulation is "*", either explicitly,
* or when the ResourceArns parameter blank. If you include a list of resources, then any
* missing context values are instead included under the ResourceSpecificResults section. To
* discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or
* GetContextKeysForPrincipalPolicy.
*/
public java.util.List getMissingContextValues() {
if (missingContextValues == null) {
missingContextValues = new com.amazonaws.internal.SdkInternalList();
}
return missingContextValues;
}
/**
*
* A list of context keys that are required by the included input policies but that were not provided by one of the
* input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the
* ResourceArns parameter blank. If you include a list of resources, then any missing context values
* are instead included under the ResourceSpecificResults section. To discover the context keys used by
* a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
*
*
* @param missingContextValues
* A list of context keys that are required by the included input policies but that were not provided by one
* of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or
* when the ResourceArns parameter blank. If you include a list of resources, then any missing
* context values are instead included under the ResourceSpecificResults section. To discover
* the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or
* GetContextKeysForPrincipalPolicy.
*/
public void setMissingContextValues(java.util.Collection missingContextValues) {
if (missingContextValues == null) {
this.missingContextValues = null;
return;
}
this.missingContextValues = new com.amazonaws.internal.SdkInternalList(missingContextValues);
}
/**
*
* A list of context keys that are required by the included input policies but that were not provided by one of the
* input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the
* ResourceArns parameter blank. If you include a list of resources, then any missing context values
* are instead included under the ResourceSpecificResults section. To discover the context keys used by
* a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setMissingContextValues(java.util.Collection)} or {@link #withMissingContextValues(java.util.Collection)}
* if you want to override the existing values.
*
*
* @param missingContextValues
* A list of context keys that are required by the included input policies but that were not provided by one
* of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or
* when the ResourceArns parameter blank. If you include a list of resources, then any missing
* context values are instead included under the ResourceSpecificResults section. To discover
* the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or
* GetContextKeysForPrincipalPolicy.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EvaluationResult withMissingContextValues(String... missingContextValues) {
if (this.missingContextValues == null) {
setMissingContextValues(new com.amazonaws.internal.SdkInternalList(missingContextValues.length));
}
for (String ele : missingContextValues) {
this.missingContextValues.add(ele);
}
return this;
}
/**
*
* A list of context keys that are required by the included input policies but that were not provided by one of the
* input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the
* ResourceArns parameter blank. If you include a list of resources, then any missing context values
* are instead included under the ResourceSpecificResults section. To discover the context keys used by
* a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
*
*
* @param missingContextValues
* A list of context keys that are required by the included input policies but that were not provided by one
* of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or
* when the ResourceArns parameter blank. If you include a list of resources, then any missing
* context values are instead included under the ResourceSpecificResults section. To discover
* the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or
* GetContextKeysForPrincipalPolicy.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EvaluationResult withMissingContextValues(java.util.Collection missingContextValues) {
setMissingContextValues(missingContextValues);
return this;
}
/**
*
* Additional details about the results of the evaluation decision. When there are both IAM policies and resource
* policies, this parameter explains how each set of policies contributes to the final evaluation decision. When
* simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must
* grant access. See How IAM Roles
* Differ from Resource-based Policies
*
*
* @return Additional details about the results of the evaluation decision. When there are both IAM policies and
* resource policies, this parameter explains how each set of policies contributes to the final evaluation
* decision. When simulating cross-account access to a resource, both the resource-based policy and the
* caller's IAM policy must grant access. See How IAM
* Roles Differ from Resource-based Policies
*/
public java.util.Map getEvalDecisionDetails() {
if (evalDecisionDetails == null) {
evalDecisionDetails = new com.amazonaws.internal.SdkInternalMap();
}
return evalDecisionDetails;
}
/**
*
* Additional details about the results of the evaluation decision. When there are both IAM policies and resource
* policies, this parameter explains how each set of policies contributes to the final evaluation decision. When
* simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must
* grant access. See How IAM Roles
* Differ from Resource-based Policies
*
*
* @param evalDecisionDetails
* Additional details about the results of the evaluation decision. When there are both IAM policies and
* resource policies, this parameter explains how each set of policies contributes to the final evaluation
* decision. When simulating cross-account access to a resource, both the resource-based policy and the
* caller's IAM policy must grant access. See How IAM
* Roles Differ from Resource-based Policies
*/
public void setEvalDecisionDetails(java.util.Map evalDecisionDetails) {
this.evalDecisionDetails = evalDecisionDetails == null ? null : new com.amazonaws.internal.SdkInternalMap(evalDecisionDetails);
}
/**
*
* Additional details about the results of the evaluation decision. When there are both IAM policies and resource
* policies, this parameter explains how each set of policies contributes to the final evaluation decision. When
* simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must
* grant access. See How IAM Roles
* Differ from Resource-based Policies
*
*
* @param evalDecisionDetails
* Additional details about the results of the evaluation decision. When there are both IAM policies and
* resource policies, this parameter explains how each set of policies contributes to the final evaluation
* decision. When simulating cross-account access to a resource, both the resource-based policy and the
* caller's IAM policy must grant access. See How IAM
* Roles Differ from Resource-based Policies
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EvaluationResult withEvalDecisionDetails(java.util.Map evalDecisionDetails) {
setEvalDecisionDetails(evalDecisionDetails);
return this;
}
public EvaluationResult addEvalDecisionDetailsEntry(String key, String value) {
if (null == this.evalDecisionDetails) {
this.evalDecisionDetails = new com.amazonaws.internal.SdkInternalMap();
}
if (this.evalDecisionDetails.containsKey(key))
throw new IllegalArgumentException("Duplicated keys (" + key.toString() + ") are provided.");
this.evalDecisionDetails.put(key, value);
return this;
}
/**
* Removes all the entries added into EvalDecisionDetails.
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EvaluationResult clearEvalDecisionDetailsEntries() {
this.evalDecisionDetails = null;
return this;
}
/**
*
* The individual results of the simulation of the API action specified in EvalActionName on each resource.
*
*
* @return The individual results of the simulation of the API action specified in EvalActionName on each resource.
*/
public java.util.List getResourceSpecificResults() {
if (resourceSpecificResults == null) {
resourceSpecificResults = new com.amazonaws.internal.SdkInternalList();
}
return resourceSpecificResults;
}
/**
*
* The individual results of the simulation of the API action specified in EvalActionName on each resource.
*
*
* @param resourceSpecificResults
* The individual results of the simulation of the API action specified in EvalActionName on each resource.
*/
public void setResourceSpecificResults(java.util.Collection resourceSpecificResults) {
if (resourceSpecificResults == null) {
this.resourceSpecificResults = null;
return;
}
this.resourceSpecificResults = new com.amazonaws.internal.SdkInternalList(resourceSpecificResults);
}
/**
*
* The individual results of the simulation of the API action specified in EvalActionName on each resource.
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setResourceSpecificResults(java.util.Collection)} or
* {@link #withResourceSpecificResults(java.util.Collection)} if you want to override the existing values.
*
*
* @param resourceSpecificResults
* The individual results of the simulation of the API action specified in EvalActionName on each resource.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EvaluationResult withResourceSpecificResults(ResourceSpecificResult... resourceSpecificResults) {
if (this.resourceSpecificResults == null) {
setResourceSpecificResults(new com.amazonaws.internal.SdkInternalList(resourceSpecificResults.length));
}
for (ResourceSpecificResult ele : resourceSpecificResults) {
this.resourceSpecificResults.add(ele);
}
return this;
}
/**
*
* The individual results of the simulation of the API action specified in EvalActionName on each resource.
*
*
* @param resourceSpecificResults
* The individual results of the simulation of the API action specified in EvalActionName on each resource.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EvaluationResult withResourceSpecificResults(java.util.Collection resourceSpecificResults) {
setResourceSpecificResults(resourceSpecificResults);
return this;
}
/**
* Returns a string representation of this object; useful for testing and debugging.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getEvalActionName() != null)
sb.append("EvalActionName: " + getEvalActionName() + ",");
if (getEvalResourceName() != null)
sb.append("EvalResourceName: " + getEvalResourceName() + ",");
if (getEvalDecision() != null)
sb.append("EvalDecision: " + getEvalDecision() + ",");
if (getMatchedStatements() != null)
sb.append("MatchedStatements: " + getMatchedStatements() + ",");
if (getMissingContextValues() != null)
sb.append("MissingContextValues: " + getMissingContextValues() + ",");
if (getEvalDecisionDetails() != null)
sb.append("EvalDecisionDetails: " + getEvalDecisionDetails() + ",");
if (getResourceSpecificResults() != null)
sb.append("ResourceSpecificResults: " + getResourceSpecificResults());
sb.append("}");
return sb.toString();
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof EvaluationResult == false)
return false;
EvaluationResult other = (EvaluationResult) obj;
if (other.getEvalActionName() == null ^ this.getEvalActionName() == null)
return false;
if (other.getEvalActionName() != null && other.getEvalActionName().equals(this.getEvalActionName()) == false)
return false;
if (other.getEvalResourceName() == null ^ this.getEvalResourceName() == null)
return false;
if (other.getEvalResourceName() != null && other.getEvalResourceName().equals(this.getEvalResourceName()) == false)
return false;
if (other.getEvalDecision() == null ^ this.getEvalDecision() == null)
return false;
if (other.getEvalDecision() != null && other.getEvalDecision().equals(this.getEvalDecision()) == false)
return false;
if (other.getMatchedStatements() == null ^ this.getMatchedStatements() == null)
return false;
if (other.getMatchedStatements() != null && other.getMatchedStatements().equals(this.getMatchedStatements()) == false)
return false;
if (other.getMissingContextValues() == null ^ this.getMissingContextValues() == null)
return false;
if (other.getMissingContextValues() != null && other.getMissingContextValues().equals(this.getMissingContextValues()) == false)
return false;
if (other.getEvalDecisionDetails() == null ^ this.getEvalDecisionDetails() == null)
return false;
if (other.getEvalDecisionDetails() != null && other.getEvalDecisionDetails().equals(this.getEvalDecisionDetails()) == false)
return false;
if (other.getResourceSpecificResults() == null ^ this.getResourceSpecificResults() == null)
return false;
if (other.getResourceSpecificResults() != null && other.getResourceSpecificResults().equals(this.getResourceSpecificResults()) == false)
return false;
return true;
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getEvalActionName() == null) ? 0 : getEvalActionName().hashCode());
hashCode = prime * hashCode + ((getEvalResourceName() == null) ? 0 : getEvalResourceName().hashCode());
hashCode = prime * hashCode + ((getEvalDecision() == null) ? 0 : getEvalDecision().hashCode());
hashCode = prime * hashCode + ((getMatchedStatements() == null) ? 0 : getMatchedStatements().hashCode());
hashCode = prime * hashCode + ((getMissingContextValues() == null) ? 0 : getMissingContextValues().hashCode());
hashCode = prime * hashCode + ((getEvalDecisionDetails() == null) ? 0 : getEvalDecisionDetails().hashCode());
hashCode = prime * hashCode + ((getResourceSpecificResults() == null) ? 0 : getResourceSpecificResults().hashCode());
return hashCode;
}
@Override
public EvaluationResult clone() {
try {
return (EvaluationResult) super.clone();
} catch (CloneNotSupportedException e) {
throw new IllegalStateException("Got a CloneNotSupportedException from Object.clone() " + "even though we're Cloneable!", e);
}
}
}