Class EvaluationResult
- java.lang.Object
-
- com.amazonaws.services.identitymanagement.model.EvaluationResult
-
- All Implemented Interfaces:
Serializable
,Cloneable
public class EvaluationResult extends Object implements Serializable, Cloneable
Contains the results of a simulation.
This data type is used by the return parameter of
SimulateCustomPolicy
andSimulatePrincipalPolicy
.- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description EvaluationResult()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description EvaluationResult
addEvalDecisionDetailsEntry(String key, String value)
EvaluationResult
clearEvalDecisionDetailsEntries()
Removes all the entries added into EvalDecisionDetails.EvaluationResult
clone()
boolean
equals(Object obj)
String
getEvalActionName()
The name of the API action tested on the indicated resource.String
getEvalDecision()
The result of the simulation.Map<String,String>
getEvalDecisionDetails()
Additional details about the results of the evaluation decision.String
getEvalResourceName()
The ARN of the resource that the indicated API action was tested on.List<Statement>
getMatchedStatements()
A list of the statements in the input policies that determine the result for this scenario.List<String>
getMissingContextValues()
A list of context keys that are required by the included input policies but that were not provided by one of the input parameters.List<ResourceSpecificResult>
getResourceSpecificResults()
The individual results of the simulation of the API action specified in EvalActionName on each resource.int
hashCode()
void
setEvalActionName(String evalActionName)
The name of the API action tested on the indicated resource.void
setEvalDecision(PolicyEvaluationDecisionType evalDecision)
The result of the simulation.void
setEvalDecision(String evalDecision)
The result of the simulation.void
setEvalDecisionDetails(Map<String,String> evalDecisionDetails)
Additional details about the results of the evaluation decision.void
setEvalResourceName(String evalResourceName)
The ARN of the resource that the indicated API action was tested on.void
setMatchedStatements(Collection<Statement> matchedStatements)
A list of the statements in the input policies that determine the result for this scenario.void
setMissingContextValues(Collection<String> missingContextValues)
A list of context keys that are required by the included input policies but that were not provided by one of the input parameters.void
setResourceSpecificResults(Collection<ResourceSpecificResult> resourceSpecificResults)
The individual results of the simulation of the API action specified in EvalActionName on each resource.String
toString()
Returns a string representation of this object; useful for testing and debugging.EvaluationResult
withEvalActionName(String evalActionName)
The name of the API action tested on the indicated resource.EvaluationResult
withEvalDecision(PolicyEvaluationDecisionType evalDecision)
The result of the simulation.EvaluationResult
withEvalDecision(String evalDecision)
The result of the simulation.EvaluationResult
withEvalDecisionDetails(Map<String,String> evalDecisionDetails)
Additional details about the results of the evaluation decision.EvaluationResult
withEvalResourceName(String evalResourceName)
The ARN of the resource that the indicated API action was tested on.EvaluationResult
withMatchedStatements(Statement... matchedStatements)
A list of the statements in the input policies that determine the result for this scenario.EvaluationResult
withMatchedStatements(Collection<Statement> matchedStatements)
A list of the statements in the input policies that determine the result for this scenario.EvaluationResult
withMissingContextValues(String... missingContextValues)
A list of context keys that are required by the included input policies but that were not provided by one of the input parameters.EvaluationResult
withMissingContextValues(Collection<String> missingContextValues)
A list of context keys that are required by the included input policies but that were not provided by one of the input parameters.EvaluationResult
withResourceSpecificResults(ResourceSpecificResult... resourceSpecificResults)
The individual results of the simulation of the API action specified in EvalActionName on each resource.EvaluationResult
withResourceSpecificResults(Collection<ResourceSpecificResult> resourceSpecificResults)
The individual results of the simulation of the API action specified in EvalActionName on each resource.
-
-
-
Method Detail
-
setEvalActionName
public void setEvalActionName(String evalActionName)
The name of the API action tested on the indicated resource.
- Parameters:
evalActionName
- The name of the API action tested on the indicated resource.
-
getEvalActionName
public String getEvalActionName()
The name of the API action tested on the indicated resource.
- Returns:
- The name of the API action tested on the indicated resource.
-
withEvalActionName
public EvaluationResult withEvalActionName(String evalActionName)
The name of the API action tested on the indicated resource.
- Parameters:
evalActionName
- The name of the API action tested on the indicated resource.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
setEvalResourceName
public void setEvalResourceName(String evalResourceName)
The ARN of the resource that the indicated API action was tested on.
- Parameters:
evalResourceName
- The ARN of the resource that the indicated API action was tested on.
-
getEvalResourceName
public String getEvalResourceName()
The ARN of the resource that the indicated API action was tested on.
- Returns:
- The ARN of the resource that the indicated API action was tested on.
-
withEvalResourceName
public EvaluationResult withEvalResourceName(String evalResourceName)
The ARN of the resource that the indicated API action was tested on.
- Parameters:
evalResourceName
- The ARN of the resource that the indicated API action was tested on.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
setEvalDecision
public void setEvalDecision(String evalDecision)
The result of the simulation.
- Parameters:
evalDecision
- The result of the simulation.- See Also:
PolicyEvaluationDecisionType
-
getEvalDecision
public String getEvalDecision()
The result of the simulation.
- Returns:
- The result of the simulation.
- See Also:
PolicyEvaluationDecisionType
-
withEvalDecision
public EvaluationResult withEvalDecision(String evalDecision)
The result of the simulation.
- Parameters:
evalDecision
- The result of the simulation.- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
PolicyEvaluationDecisionType
-
setEvalDecision
public void setEvalDecision(PolicyEvaluationDecisionType evalDecision)
The result of the simulation.
- Parameters:
evalDecision
- The result of the simulation.- See Also:
PolicyEvaluationDecisionType
-
withEvalDecision
public EvaluationResult withEvalDecision(PolicyEvaluationDecisionType evalDecision)
The result of the simulation.
- Parameters:
evalDecision
- The result of the simulation.- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
PolicyEvaluationDecisionType
-
getMatchedStatements
public List<Statement> getMatchedStatements()
A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
- Returns:
- A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
-
setMatchedStatements
public void setMatchedStatements(Collection<Statement> matchedStatements)
A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
- Parameters:
matchedStatements
- A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
-
withMatchedStatements
public EvaluationResult withMatchedStatements(Statement... matchedStatements)
A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
NOTE: This method appends the values to the existing list (if any). Use
setMatchedStatements(java.util.Collection)
orwithMatchedStatements(java.util.Collection)
if you want to override the existing values.- Parameters:
matchedStatements
- A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
withMatchedStatements
public EvaluationResult withMatchedStatements(Collection<Statement> matchedStatements)
A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
- Parameters:
matchedStatements
- A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
getMissingContextValues
public List<String> getMissingContextValues()
A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the
ResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.- Returns:
- A list of context keys that are required by the included input
policies but that were not provided by one of the input
parameters. This list is used when the resource in a simulation
is "*", either explicitly, or when the
ResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
-
setMissingContextValues
public void setMissingContextValues(Collection<String> missingContextValues)
A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the
ResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.- Parameters:
missingContextValues
- A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when theResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
-
withMissingContextValues
public EvaluationResult withMissingContextValues(String... missingContextValues)
A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the
ResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.NOTE: This method appends the values to the existing list (if any). Use
setMissingContextValues(java.util.Collection)
orwithMissingContextValues(java.util.Collection)
if you want to override the existing values.- Parameters:
missingContextValues
- A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when theResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
withMissingContextValues
public EvaluationResult withMissingContextValues(Collection<String> missingContextValues)
A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the
ResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.- Parameters:
missingContextValues
- A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when theResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
getEvalDecisionDetails
public Map<String,String> getEvalDecisionDetails()
Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies
- Returns:
- Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies
-
setEvalDecisionDetails
public void setEvalDecisionDetails(Map<String,String> evalDecisionDetails)
Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies
- Parameters:
evalDecisionDetails
- Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies
-
withEvalDecisionDetails
public EvaluationResult withEvalDecisionDetails(Map<String,String> evalDecisionDetails)
Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies
- Parameters:
evalDecisionDetails
- Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
addEvalDecisionDetailsEntry
public EvaluationResult addEvalDecisionDetailsEntry(String key, String value)
-
clearEvalDecisionDetailsEntries
public EvaluationResult clearEvalDecisionDetailsEntries()
Removes all the entries added into EvalDecisionDetails. <p> Returns a reference to this object so that method calls can be chained together.
-
getResourceSpecificResults
public List<ResourceSpecificResult> getResourceSpecificResults()
The individual results of the simulation of the API action specified in EvalActionName on each resource.
- Returns:
- The individual results of the simulation of the API action specified in EvalActionName on each resource.
-
setResourceSpecificResults
public void setResourceSpecificResults(Collection<ResourceSpecificResult> resourceSpecificResults)
The individual results of the simulation of the API action specified in EvalActionName on each resource.
- Parameters:
resourceSpecificResults
- The individual results of the simulation of the API action specified in EvalActionName on each resource.
-
withResourceSpecificResults
public EvaluationResult withResourceSpecificResults(ResourceSpecificResult... resourceSpecificResults)
The individual results of the simulation of the API action specified in EvalActionName on each resource.
NOTE: This method appends the values to the existing list (if any). Use
setResourceSpecificResults(java.util.Collection)
orwithResourceSpecificResults(java.util.Collection)
if you want to override the existing values.- Parameters:
resourceSpecificResults
- The individual results of the simulation of the API action specified in EvalActionName on each resource.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
withResourceSpecificResults
public EvaluationResult withResourceSpecificResults(Collection<ResourceSpecificResult> resourceSpecificResults)
The individual results of the simulation of the API action specified in EvalActionName on each resource.
- Parameters:
resourceSpecificResults
- The individual results of the simulation of the API action specified in EvalActionName on each resource.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
toString
public String toString()
Returns a string representation of this object; useful for testing and debugging.- Overrides:
toString
in classObject
- Returns:
- A string representation of this object.
- See Also:
Object.toString()
-
clone
public EvaluationResult clone()
-
-