Class EvaluationResult

java.lang.Object
com.amazonaws.services.identitymanagement.model.EvaluationResult
All Implemented Interfaces:
Serializable, Cloneable

public class EvaluationResult extends Object implements Serializable, Cloneable

Contains the results of a simulation.

This data type is used by the return parameter of SimulateCustomPolicy and SimulatePrincipalPolicy .

See Also:
  • Constructor Details

    • EvaluationResult

      public EvaluationResult()
  • Method Details

    • setEvalActionName

      public void setEvalActionName(String evalActionName)

      The name of the API action tested on the indicated resource.

      Parameters:
      evalActionName - The name of the API action tested on the indicated resource.
    • getEvalActionName

      public String getEvalActionName()

      The name of the API action tested on the indicated resource.

      Returns:
      The name of the API action tested on the indicated resource.
    • withEvalActionName

      public EvaluationResult withEvalActionName(String evalActionName)

      The name of the API action tested on the indicated resource.

      Parameters:
      evalActionName - The name of the API action tested on the indicated resource.
      Returns:
      Returns a reference to this object so that method calls can be chained together.
    • setEvalResourceName

      public void setEvalResourceName(String evalResourceName)

      The ARN of the resource that the indicated API action was tested on.

      Parameters:
      evalResourceName - The ARN of the resource that the indicated API action was tested on.
    • getEvalResourceName

      public String getEvalResourceName()

      The ARN of the resource that the indicated API action was tested on.

      Returns:
      The ARN of the resource that the indicated API action was tested on.
    • withEvalResourceName

      public EvaluationResult withEvalResourceName(String evalResourceName)

      The ARN of the resource that the indicated API action was tested on.

      Parameters:
      evalResourceName - The ARN of the resource that the indicated API action was tested on.
      Returns:
      Returns a reference to this object so that method calls can be chained together.
    • setEvalDecision

      public void setEvalDecision(String evalDecision)

      The result of the simulation.

      Parameters:
      evalDecision - The result of the simulation.
      See Also:
    • getEvalDecision

      public String getEvalDecision()

      The result of the simulation.

      Returns:
      The result of the simulation.
      See Also:
    • withEvalDecision

      public EvaluationResult withEvalDecision(String evalDecision)

      The result of the simulation.

      Parameters:
      evalDecision - The result of the simulation.
      Returns:
      Returns a reference to this object so that method calls can be chained together.
      See Also:
    • setEvalDecision

      public void setEvalDecision(PolicyEvaluationDecisionType evalDecision)

      The result of the simulation.

      Parameters:
      evalDecision - The result of the simulation.
      See Also:
    • withEvalDecision

      public EvaluationResult withEvalDecision(PolicyEvaluationDecisionType evalDecision)

      The result of the simulation.

      Parameters:
      evalDecision - The result of the simulation.
      Returns:
      Returns a reference to this object so that method calls can be chained together.
      See Also:
    • getMatchedStatements

      public List<Statement> getMatchedStatements()

      A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.

      Returns:
      A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
    • setMatchedStatements

      public void setMatchedStatements(Collection<Statement> matchedStatements)

      A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.

      Parameters:
      matchedStatements - A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
    • withMatchedStatements

      public EvaluationResult withMatchedStatements(Statement... matchedStatements)

      A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.

      NOTE: This method appends the values to the existing list (if any). Use setMatchedStatements(java.util.Collection) or withMatchedStatements(java.util.Collection) if you want to override the existing values.

      Parameters:
      matchedStatements - A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
      Returns:
      Returns a reference to this object so that method calls can be chained together.
    • withMatchedStatements

      public EvaluationResult withMatchedStatements(Collection<Statement> matchedStatements)

      A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.

      Parameters:
      matchedStatements - A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
      Returns:
      Returns a reference to this object so that method calls can be chained together.
    • getMissingContextValues

      public List<String> getMissingContextValues()

      A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.

      Returns:
      A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
    • setMissingContextValues

      public void setMissingContextValues(Collection<String> missingContextValues)

      A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.

      Parameters:
      missingContextValues - A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
    • withMissingContextValues

      public EvaluationResult withMissingContextValues(String... missingContextValues)

      A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.

      NOTE: This method appends the values to the existing list (if any). Use setMissingContextValues(java.util.Collection) or withMissingContextValues(java.util.Collection) if you want to override the existing values.

      Parameters:
      missingContextValues - A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
      Returns:
      Returns a reference to this object so that method calls can be chained together.
    • withMissingContextValues

      public EvaluationResult withMissingContextValues(Collection<String> missingContextValues)

      A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.

      Parameters:
      missingContextValues - A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
      Returns:
      Returns a reference to this object so that method calls can be chained together.
    • getEvalDecisionDetails

      public Map<String,String> getEvalDecisionDetails()

      Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies

      Returns:
      Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies
    • setEvalDecisionDetails

      public void setEvalDecisionDetails(Map<String,String> evalDecisionDetails)

      Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies

      Parameters:
      evalDecisionDetails - Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies
    • withEvalDecisionDetails

      public EvaluationResult withEvalDecisionDetails(Map<String,String> evalDecisionDetails)

      Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies

      Parameters:
      evalDecisionDetails - Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies
      Returns:
      Returns a reference to this object so that method calls can be chained together.
    • addEvalDecisionDetailsEntry

      public EvaluationResult addEvalDecisionDetailsEntry(String key, String value)
    • clearEvalDecisionDetailsEntries

      public EvaluationResult clearEvalDecisionDetailsEntries()
      Removes all the entries added into EvalDecisionDetails. <p> Returns a reference to this object so that method calls can be chained together.
    • getResourceSpecificResults

      public List<ResourceSpecificResult> getResourceSpecificResults()

      The individual results of the simulation of the API action specified in EvalActionName on each resource.

      Returns:
      The individual results of the simulation of the API action specified in EvalActionName on each resource.
    • setResourceSpecificResults

      public void setResourceSpecificResults(Collection<ResourceSpecificResult> resourceSpecificResults)

      The individual results of the simulation of the API action specified in EvalActionName on each resource.

      Parameters:
      resourceSpecificResults - The individual results of the simulation of the API action specified in EvalActionName on each resource.
    • withResourceSpecificResults

      public EvaluationResult withResourceSpecificResults(ResourceSpecificResult... resourceSpecificResults)

      The individual results of the simulation of the API action specified in EvalActionName on each resource.

      NOTE: This method appends the values to the existing list (if any). Use setResourceSpecificResults(java.util.Collection) or withResourceSpecificResults(java.util.Collection) if you want to override the existing values.

      Parameters:
      resourceSpecificResults - The individual results of the simulation of the API action specified in EvalActionName on each resource.
      Returns:
      Returns a reference to this object so that method calls can be chained together.
    • withResourceSpecificResults

      public EvaluationResult withResourceSpecificResults(Collection<ResourceSpecificResult> resourceSpecificResults)

      The individual results of the simulation of the API action specified in EvalActionName on each resource.

      Parameters:
      resourceSpecificResults - The individual results of the simulation of the API action specified in EvalActionName on each resource.
      Returns:
      Returns a reference to this object so that method calls can be chained together.
    • toString

      public String toString()
      Returns a string representation of this object; useful for testing and debugging.
      Overrides:
      toString in class Object
      Returns:
      A string representation of this object.
      See Also:
    • equals

      public boolean equals(Object obj)
      Overrides:
      equals in class Object
    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object
    • clone

      public EvaluationResult clone()
      Overrides:
      clone in class Object