/** * Validates a specified template. * * @param validateTemplateRequest The input for <a>ValidateTemplate</a> action. * @return Result of the ValidateTemplate operation returned by the service. * @sample AmazonCloudFormation.ValidateTemplate */ @Override public ValidateTemplateResult validateTemplate(ValidateTemplateRequest validateTemplateRequest) { ExecutionContext executionContext = createExecutionContext(validateTemplateRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request<ValidateTemplateRequest> request = null; Response<ValidateTemplateResult> response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new ValidateTemplateRequestMarshaller() .marshall(super.beforeMarshalling(validateTemplateRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } StaxResponseHandler<ValidateTemplateResult> responseHandler = new StaxResponseHandler<ValidateTemplateResult>( new ValidateTemplateResultStaxUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } }
private <X, Y extends AmazonWebServiceRequest> Response<X> invoke( Request<Y> request, HttpResponseHandler<AmazonWebServiceResponse<X>> responseHandler, ExecutionContext executionContext) { request.setEndpoint(endpoint); request.setTimeOffset(timeOffset); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); AWSCredentials credentials; awsRequestMetrics.startEvent(Field.CredentialsRequestTime); try { credentials = awsCredentialsProvider.getCredentials(); } finally { awsRequestMetrics.endEvent(Field.CredentialsRequestTime); } AmazonWebServiceRequest originalRequest = request.getOriginalRequest(); if (originalRequest != null && originalRequest.getRequestCredentials() != null) { credentials = originalRequest.getRequestCredentials(); } executionContext.setCredentials(credentials); DefaultErrorResponseHandler errorResponseHandler = new DefaultErrorResponseHandler(exceptionUnmarshallers); return client.execute(request, responseHandler, errorResponseHandler, executionContext); }
/** * Sends a signal to the specified resource with a success or failure status. You can use the * SignalResource API in conjunction with a creation policy or update policy. AWS CloudFormation * doesn't proceed with a stack creation or update until resources receive the required number of * signals or the timeout period is exceeded. The SignalResource API is useful in cases where you * want to send signals from anywhere other than an Amazon EC2 instance. * * @param signalResourceRequest The input for the <a>SignalResource</a> action. * @sample AmazonCloudFormation.SignalResource */ @Override public void signalResource(SignalResourceRequest signalResourceRequest) { ExecutionContext executionContext = createExecutionContext(signalResourceRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request<SignalResourceRequest> request = null; Response<Void> response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new SignalResourceRequestMarshaller() .marshall(super.beforeMarshalling(signalResourceRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } StaxResponseHandler<Void> responseHandler = new StaxResponseHandler<Void>(null); invoke(request, responseHandler, executionContext); } finally { endClientExecution(awsRequestMetrics, request, response); } }
/** * You use this operation to change the parameters specified in the original manifest file by * supplying a new manifest file. The manifest file attached to this request replaces the original * manifest file. You can only use the operation after a CreateJob request but before the data * transfer starts and you can only use it on jobs you own. * * @param updateJobRequest Container for the necessary parameters to execute the UpdateJob service * method on AmazonImportExport. * @return The response from the UpdateJob service method, as returned by AmazonImportExport. * @throws MalformedManifestException * @throws BucketPermissionException * @throws InvalidAddressException * @throws InvalidParameterException * @throws UnableToUpdateJobIdException * @throws MultipleRegionsException * @throws InvalidVersionException * @throws MissingParameterException * @throws InvalidFileSystemException * @throws CanceledJobIdException * @throws MissingCustomsException * @throws NoSuchBucketException * @throws ExpiredJobIdException * @throws InvalidAccessKeyIdException * @throws InvalidCustomsException * @throws InvalidManifestFieldException * @throws MissingManifestFieldException * @throws InvalidJobIdException * @throws AmazonClientException If any internal errors are encountered inside the client while * attempting to make the request or handle the response. For example if a network connection * is not available. * @throws AmazonServiceException If an error response is returned by AmazonImportExport * indicating either a problem with the data in the request, or a server side issue. */ public UpdateJobResult updateJob(UpdateJobRequest updateJobRequest) { ExecutionContext executionContext = createExecutionContext(updateJobRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request<UpdateJobRequest> request = null; Response<UpdateJobResult> response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new UpdateJobRequestMarshaller().marshall(super.beforeMarshalling(updateJobRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } response = invoke(request, new UpdateJobResultStaxUnmarshaller(), executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } }
/** * Deletes a specified stack. Once the call completes successfully, stack deletion starts. Deleted * stacks do not show up in the DescribeStacks API if the deletion has been completed * successfully. * * @param deleteStackRequest Container for the necessary parameters to execute the DeleteStack * service method on AmazonCloudFormation. * @throws AmazonClientException If any internal errors are encountered inside the client while * attempting to make the request or handle the response. For example if a network connection * is not available. * @throws AmazonServiceException If an error response is returned by AmazonCloudFormation * indicating either a problem with the data in the request, or a server side issue. */ public void deleteStack(DeleteStackRequest deleteStackRequest) { ExecutionContext executionContext = createExecutionContext(deleteStackRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); Request<DeleteStackRequest> request = null; awsRequestMetrics.startEvent(Field.ClientExecuteTime); try { request = new DeleteStackRequestMarshaller().marshall(deleteStackRequest); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); invoke(request, null, executionContext); } finally { endClientExecution(awsRequestMetrics, request, null); } }
/** * Creates a stack as specified in the template. After the call completes successfully, the stack * creation starts. You can check the status of the stack via the DescribeStacks API. * * @param createStackRequest Container for the necessary parameters to execute the CreateStack * service method on AmazonCloudFormation. * @return The response from the CreateStack service method, as returned by AmazonCloudFormation. * @throws AlreadyExistsException * @throws LimitExceededException * @throws InsufficientCapabilitiesException * @throws AmazonClientException If any internal errors are encountered inside the client while * attempting to make the request or handle the response. For example if a network connection * is not available. * @throws AmazonServiceException If an error response is returned by AmazonCloudFormation * indicating either a problem with the data in the request, or a server side issue. */ public CreateStackResult createStack(CreateStackRequest createStackRequest) { ExecutionContext executionContext = createExecutionContext(createStackRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); Request<CreateStackRequest> request = null; Response<CreateStackResult> response = null; awsRequestMetrics.startEvent(Field.ClientExecuteTime); try { request = new CreateStackRequestMarshaller().marshall(createStackRequest); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); response = invoke(request, new CreateStackResultStaxUnmarshaller(), executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } }
private <X, Y extends AmazonWebServiceRequest> Response<X> invoke( Request<Y> request, Unmarshaller<X, StaxUnmarshallerContext> unmarshaller, ExecutionContext executionContext) { request.setEndpoint(endpoint); request.setTimeOffset(timeOffset); AmazonWebServiceRequest originalRequest = request.getOriginalRequest(); AWSCredentials credentials = awsCredentialsProvider.getCredentials(); if (originalRequest.getRequestCredentials() != null) { credentials = originalRequest.getRequestCredentials(); } executionContext.setCredentials(credentials); StaxResponseHandler<X> responseHandler = new StaxResponseHandler<X>(unmarshaller); DefaultErrorResponseHandler errorResponseHandler = new DefaultErrorResponseHandler(exceptionUnmarshallers); return client.execute(request, responseHandler, errorResponseHandler, executionContext); }
/** * Returns a set of temporary security credentials for users who have been authenticated in a * mobile or web application with a web identity provider, such as Amazon Cognito, Login with * Amazon, Facebook, Google, or any OpenID Connect-compatible identity provider. * * <p><b>NOTE:</b> For mobile applications, we recommend that you use Amazon Cognito. You can use * Amazon Cognito with the AWS SDK for iOS and the AWS SDK for Android to uniquely identify a user * and supply the user with a consistent identity throughout the lifetime of an application. To * learn more about Amazon Cognito, see Amazon Cognito Overview in the AWS SDK for Android * Developer Guide guide and Amazon Cognito Overview in the AWS SDK for iOS Developer Guide. * * <p>Calling <code>AssumeRoleWithWebIdentity</code> does not require the use of AWS security * credentials. Therefore, you can distribute an application (for example, on mobile devices) that * requests temporary security credentials without including long-term AWS credentials in the * application, and without deploying server-based proxy services that use long-term AWS * credentials. Instead, the identity of the caller is validated by using a token from the web * identity provider. * * <p>The temporary security credentials returned by this API consist of an access key ID, a * secret access key, and a security token. Applications can use these temporary security * credentials to sign calls to AWS service APIs. The credentials are valid for the duration that * you specified when calling <code>AssumeRoleWithWebIdentity</code> , which can be from 900 * seconds (15 minutes) to 3600 seconds (1 hour). By default, the temporary security credentials * are valid for 1 hour. * * <p>Optionally, you can pass an IAM access policy to this operation. If you choose not to pass a * policy, the temporary security credentials that are returned by the operation have the * permissions that are defined in the access policy of the role that is being assumed. If you * pass a policy to this operation, the temporary security credentials that are returned by the * operation have the permissions that are allowed by both the access policy of the role that is * being assumed, <i> and </i> the policy that you pass. This gives you a way to further restrict * the permissions for the resulting temporary security credentials. You cannot use the passed * policy to grant permissions that are in excess of those allowed by the access policy of the * role that is being assumed. For more information, see <a * href="http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_assumerole.html"> * Permissions for AssumeRole, AssumeRoleWithSAML, and AssumeRoleWithWebIdentity </a> in the * <i>Using IAM</i> . * * <p>Before your application can call <code>AssumeRoleWithWebIdentity</code> , you must have an * identity token from a supported identity provider and create a role that the application can * assume. The role that your application assumes must trust the identity provider that is * associated with the identity token. In other words, the identity provider must be specified in * the role's trust policy. * * <p>For more information about how to use web identity federation and the <code> * AssumeRoleWithWebIdentity</code> API, see the following resources: * * <ul> * <li><a href="http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_manual"> * Using Web Identity Federation APIs for Mobile Apps </a> and <a * href="http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity"> * Federation Through a Web-based Identity Provider </a> . * <li><a href="https://web-identity-federation-playground.s3.amazonaws.com/index.html">Web * Identity Federation Playground </a> . This interactive website lets you walk through the * process of authenticating via Login with Amazon, Facebook, or Google, getting temporary * security credentials, and then using those credentials to make a request to AWS. * <li><a href="http://aws.amazon.com/sdkforios/">AWS SDK for iOS </a> and <a * href="http://aws.amazon.com/sdkforandroid/">AWS SDK for Android </a> . These toolkits * contain sample apps that show how to invoke the identity providers, and then how to use * the information from these providers to get and use temporary security credentials. * <li><a href="http://aws.amazon.com/articles/4617974389850313">Web Identity Federation with * Mobile Applications </a> . This article discusses web identity federation and shows an * example of how to use web identity federation to get access to content in Amazon S3. * </ul> * * @param assumeRoleWithWebIdentityRequest Container for the necessary parameters to execute the * AssumeRoleWithWebIdentity service method on AWSSecurityTokenService. * @return The response from the AssumeRoleWithWebIdentity service method, as returned by * AWSSecurityTokenService. * @throws PackedPolicyTooLargeException * @throws IDPRejectedClaimException * @throws MalformedPolicyDocumentException * @throws InvalidIdentityTokenException * @throws ExpiredTokenException * @throws IDPCommunicationErrorException * @throws AmazonClientException If any internal errors are encountered inside the client while * attempting to make the request or handle the response. For example if a network connection * is not available. * @throws AmazonServiceException If an error response is returned by AWSSecurityTokenService * indicating either a problem with the data in the request, or a server side issue. */ public AssumeRoleWithWebIdentityResult assumeRoleWithWebIdentity( AssumeRoleWithWebIdentityRequest assumeRoleWithWebIdentityRequest) { ExecutionContext executionContext = createExecutionContext(assumeRoleWithWebIdentityRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); Request<AssumeRoleWithWebIdentityRequest> request = null; Response<AssumeRoleWithWebIdentityResult> response = null; awsRequestMetrics.startEvent(Field.ClientExecuteTime); try { request = new AssumeRoleWithWebIdentityRequestMarshaller() .marshall(assumeRoleWithWebIdentityRequest); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); response = invoke(request, new AssumeRoleWithWebIdentityResultStaxUnmarshaller(), executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } }