Package software.amazon.awssdk.services.resiliencehub.model

Class PermissionModel

    • Method Detail

      • hasCrossAccountRoleArns

        public final boolean hasCrossAccountRoleArns()
        For responses, this returns true if the service returned a value for the CrossAccountRoleArns property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

      • crossAccountRoleArns

        public final List<String> crossAccountRoleArns()

        Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.

        • These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.

        • These roles must have a trust policy with iam:AssumeRole permission to the invoker role in the primary account.

        Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

        This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasCrossAccountRoleArns() method.

        Returns:
        Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.

        • These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.

        • These roles must have a trust policy with iam:AssumeRole permission to the invoker role in the primary account.

      • invokerRoleName

        public final String invokerRoleName()

        Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.

        • You must have iam:passRole permission for this role while creating or updating the application.

        • Currently, invokerRoleName accepts only [A-Za-z0-9_+=,.@-] characters.

        Returns:
        Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.

        • You must have iam:passRole permission for this role while creating or updating the application.

        • Currently, invokerRoleName accepts only [A-Za-z0-9_+=,.@-] characters.

      • type

        public final PermissionModelType type()

        Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.

        If the service returns an enum value that is not available in the current SDK version, type will return PermissionModelType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from typeAsString().

        Returns:
        Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.
        See Also:
        PermissionModelType

      • typeAsString

        public final String typeAsString()

        Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.

        If the service returns an enum value that is not available in the current SDK version, type will return PermissionModelType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from typeAsString().

        Returns:
        Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.
        See Also:
        PermissionModelType

      • hashCode

        public final int hashCode()
        Overrides:
        hashCode in class Object

      • equals

        public final boolean equals​(Object obj)
        Overrides:
        equals in class Object

      • toString

        public final String toString()
        Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
        Overrides:
        toString in class Object

      • getValueForField

        public final <T> Optional<T> getValueForField​(String fieldName,
                                              Class<T> clazz)