Class ArnCondition
java.lang.Object
com.amazonaws.auth.policy.Condition
com.amazonaws.auth.policy.conditions.ArnCondition
AWS access control policy condition that allows an access control statement
to be conditionally applied based on the comparison of an Amazon Resource
Name (ARN).
An Amazon Resource Name (ARN) takes the following format: arn:aws:<vendor>:<region>:<namespace>:<relative-id>
- vendor identifies the AWS product (e.g., sns)
- region is the AWS Region the resource resides in (e.g., us-east-1), if any
- namespace is the AWS account ID with no hyphens (e.g., 123456789012)
- relative-id is the service specific portion that identifies the specific resource
For example, an Amazon SQS queue might be addressed with the following ARN: arn:aws:sqs:us-east-1:987654321000:MyQueue
Currently the only valid condition key to use in an ARN condition is
ConditionFactory.SOURCE_ARN_CONDITION_KEY
, which indicates the
source resource that is modifying another resource, for example, an SNS topic
is the source ARN when publishing messages from the topic to an SQS queue.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic enum
Enumeration of the supported ways an ARN comparison can be evaluated. -
Field Summary
Fields inherited from class com.amazonaws.auth.policy.Condition
conditionKey, type, values
-
Constructor Summary
ConstructorsConstructorDescriptionArnCondition
(ArnCondition.ArnComparisonType type, String key, String value) Constructs a new access control policy condition that compares ARNs (Amazon Resource Names). -
Method Summary
Methods inherited from class com.amazonaws.auth.policy.Condition
getConditionKey, getType, getValues, setConditionKey, setType, setValues, withConditionKey, withType, withValues, withValues
-
Constructor Details
-
ArnCondition
Constructs a new access control policy condition that compares ARNs (Amazon Resource Names).- Parameters:
type
- The type of comparison to perform.key
- The access policy condition key specifying where to get the first ARN for the comparison (ex:ConditionFactory.SOURCE_ARN_CONDITION_KEY
).value
- The second ARN to compare against. When usingArnCondition.ArnComparisonType.ArnLike
orArnCondition.ArnComparisonType.ArnNotLike
this may contain the multi-character wildcard (*) or the single-character wildcard (?).
-