public String createIAMRoleIfNotExist(String roleName) { GetRoleRequest getRoleRequest = new GetRoleRequest() .withRoleName(roleName); try { GetRoleResult getRoleResult = identityManagement.getRole(getRoleRequest); return getRoleResult.getRole().getArn(); } catch (NoSuchEntityException e) { CreateRoleRequest request = new CreateRoleRequest().withRoleName(roleName) .withAssumeRolePolicyDocument("{\"Version\": \"2008-10-17\"," + "\"Statement\": [" + "{" + "\"Sid\": \"1\"," + "\"Effect\": \"Allow\"," + "\"Principal\": {" + "\"Service\": \"elastictranscoder.amazonaws.com\"" + "}," + "\"Action\": \"sts:AssumeRole\"" + "}" + "]" + "}"); CreateRoleResult roleResult = identityManagement.createRole(request); PutRolePolicyRequest putRolePolicyRequest = new PutRolePolicyRequest() .withPolicyName("s3video_generated_policy") .withPolicyDocument("{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"1\",\"Effect\":\"Allow\",\"Action\":[\"s3:ListBucket\",\"s3:Put*\",\"s3:Get*\",\"s3:*MultipartUpload*\"],\"Resource\":\"*\"},{\"Sid\":\"2\",\"Effect\":\"Allow\",\"Action\":\"sns:Publish\",\"Resource\":\"*\"},{\"Sid\":\"3\",\"Effect\":\"Deny\",\"Action\":[\"s3:*Policy*\",\"sns:*Permission*\",\"sns:*Delete*\",\"s3:*Delete*\",\"sns:*Remove*\"],\"Resource\":\"*\"}]}") .withRoleName(roleName); identityManagement.putRolePolicy(putRolePolicyRequest); return roleResult.getRole().getArn(); } }
@Override public Role createRole(CreateRoleRequest request, ResultCapture<CreateRoleResult> extractor) { ActionResult result = service.performAction("CreateRole", request, extractor); if (result == null) return null; return new RoleImpl(result.getResource()); }
/** * Performs the <code>CreateRole</code> action and use a ResultCapture to * retrieve the low-level client response. * * <p> * * @return The <code>Role</code> resource object associated with the result * of this action. * @see CreateRoleRequest */ com.amazonaws.resources.identitymanagement.Role createRole(CreateRoleRequest request, ResultCapture<CreateRoleResult> extractor);
