com.amazonaws.services.resiliencehub.model

Class PermissionModel

java.lang.Object

com.amazonaws.services.resiliencehub.model.PermissionModel

All Implemented Interfaces:

StructuredPojo, Serializable, Cloneable

@Generated(value="com.amazonaws:aws-java-sdk-code-generator")
public class PermissionModel
extends Object
implements Serializable, Cloneable, StructuredPojo

Defines the roles and credentials that Resilience Hub would use while creating the application, importing its resources, and running an assessment.

See Also:

AWS API Documentation, Serialized Form

Constructor Summary

Constructors

Constructor and Description
PermissionModel()

Method Summary

Modifier and Type	Method and Description
PermissionModel	clone()
boolean	equals(Object obj)
List<String>	getCrossAccountRoleArns() Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts.
String	getInvokerRoleName() Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.
String	getType() Defines how Resilience Hub scans your resources.
int	hashCode()
void	marshall(ProtocolMarshaller protocolMarshaller) Marshalls this structured data using the given ProtocolMarshaller.
void	setCrossAccountRoleArns(Collection<String> crossAccountRoleArns) Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts.
void	setInvokerRoleName(String invokerRoleName) Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.
void	setType(String type) Defines how Resilience Hub scans your resources.
String	toString() Returns a string representation of this object.
PermissionModel	withCrossAccountRoleArns(Collection<String> crossAccountRoleArns) Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts.
PermissionModel	withCrossAccountRoleArns(String... crossAccountRoleArns) Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts.
PermissionModel	withInvokerRoleName(String invokerRoleName) Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.
PermissionModel	withType(PermissionModelType type) Defines how Resilience Hub scans your resources.
PermissionModel	withType(String type) Defines how Resilience Hub scans your resources.

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

PermissionModel

public PermissionModel()

Method Detail

getCrossAccountRoleArns

public List<String> getCrossAccountRoleArns()

Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.

• These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.

• These roles must have a trust policy with iam:AssumeRole permission to the invoker role in the primary account.

Returns:

Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.

• These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.

• These roles must have a trust policy with iam:AssumeRole permission to the invoker role in the primary account.

setCrossAccountRoleArns

public void setCrossAccountRoleArns(Collection<String> crossAccountRoleArns)

Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.

• These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.

• These roles must have a trust policy with iam:AssumeRole permission to the invoker role in the primary account.

Parameters:

crossAccountRoleArns - Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.

• These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.

• These roles must have a trust policy with iam:AssumeRole permission to the invoker role in the primary account.

withCrossAccountRoleArns

public PermissionModel withCrossAccountRoleArns(String... crossAccountRoleArns)

Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.

• These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.

• These roles must have a trust policy with iam:AssumeRole permission to the invoker role in the primary account.

NOTE: This method appends the values to the existing list (if any). Use setCrossAccountRoleArns(java.util.Collection) or withCrossAccountRoleArns(java.util.Collection) if you want to override the existing values.

Parameters:

crossAccountRoleArns - Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.

• These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.

• These roles must have a trust policy with iam:AssumeRole permission to the invoker role in the primary account.

Returns:

Returns a reference to this object so that method calls can be chained together.

withCrossAccountRoleArns

public PermissionModel withCrossAccountRoleArns(Collection<String> crossAccountRoleArns)

Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.

• These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.

• These roles must have a trust policy with iam:AssumeRole permission to the invoker role in the primary account.

Parameters:

crossAccountRoleArns - Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.

• These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.

• These roles must have a trust policy with iam:AssumeRole permission to the invoker role in the primary account.

Returns:

Returns a reference to this object so that method calls can be chained together.

setInvokerRoleName

public void setInvokerRoleName(String invokerRoleName)

Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.

• You must have iam:passRole permission for this role while creating or updating the application.

• Currently, invokerRoleName accepts only [A-Za-z0-9_+=,.@-] characters.

Parameters:

invokerRoleName - Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.

• You must have iam:passRole permission for this role while creating or updating the application.

• Currently, invokerRoleName accepts only [A-Za-z0-9_+=,.@-] characters.

getInvokerRoleName

public String getInvokerRoleName()

Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.

• You must have iam:passRole permission for this role while creating or updating the application.

• Currently, invokerRoleName accepts only [A-Za-z0-9_+=,.@-] characters.

Returns:

Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.

• You must have iam:passRole permission for this role while creating or updating the application.

• Currently, invokerRoleName accepts only [A-Za-z0-9_+=,.@-] characters.

withInvokerRoleName

public PermissionModel withInvokerRoleName(String invokerRoleName)

Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.

• You must have iam:passRole permission for this role while creating or updating the application.

• Currently, invokerRoleName accepts only [A-Za-z0-9_+=,.@-] characters.

Parameters:

invokerRoleName - Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.

• You must have iam:passRole permission for this role while creating or updating the application.

• Currently, invokerRoleName accepts only [A-Za-z0-9_+=,.@-] characters.

Returns:

Returns a reference to this object so that method calls can be chained together.

setType

public void setType(String type)

Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.

Parameters:

type - Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.

See Also:

PermissionModelType

getType

public String getType()

Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.

Returns:

Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.

See Also:

PermissionModelType

withType

public PermissionModel withType(String type)

Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.

Parameters:

type - Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.

Returns:

Returns a reference to this object so that method calls can be chained together.

See Also:

PermissionModelType

withType

public PermissionModel withType(PermissionModelType type)

Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.

Parameters:

type - Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.

Returns:

Returns a reference to this object so that method calls can be chained together.

See Also:

PermissionModelType

toString

public String toString()

Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.

Overrides:

toString in class Object

Returns:

A string representation of this object.

See Also:

Object.toString()

equals

public boolean equals(Object obj)

Overrides:

equals in class Object

hashCode

public int hashCode()

Overrides:

hashCode in class Object

clone

public PermissionModel clone()

Overrides:

clone in class Object

marshall

public void marshall(ProtocolMarshaller protocolMarshaller)

Description copied from interface: StructuredPojo

Marshalls this structured data using the given ProtocolMarshaller.

Specified by:

marshall in interface StructuredPojo

Parameters:

protocolMarshaller - Implementation of ProtocolMarshaller used to marshall this object's data.