Class SNSConditionFactory

java.lang.Object
com.amazonaws.auth.policy.conditions.SNSConditionFactory

public class SNSConditionFactory extends Object
Factory for creating access control policy conditions specific to Amazon Simple Notification Service. This class provides access to the AWS access control policy condition keys specific to Amazon SNS, as well as methods for quickly creating common SNS specific policy conditions such as newEndpointCondition(String).
  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    Condition key for The URL, e-mail address, or ARN from a Subscribe request or a previously confirmed subscription.
    static final String
    Condition key for the protocol value from a Subscribe request or a previously confirmed subscription.
  • Method Summary

    Modifier and Type
    Method
    Description
    static Condition
    newEndpointCondition(String endpointPattern)
    Constructs a new access policy condition that compares the requested endpoint used to subscribe to an Amazon SNS topic with the specified endpoint pattern.
    static Condition
    Constructs a new AWS access control policy condition that allows an access control statement to restrict subscriptions to an Amazon SNS topic based on the protocol being used for the subscription.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Field Details

    • ENDPOINT_CONDITION_KEY

      public static final String ENDPOINT_CONDITION_KEY
      Condition key for The URL, e-mail address, or ARN from a Subscribe request or a previously confirmed subscription. Use with string conditions to restrict access to specific endpoints (e.g., *@mycompany.com).

      This condition key may only be used with StringCondition objects.

      See Also:
    • PROTOCOL_CONDITION_KEY

      public static final String PROTOCOL_CONDITION_KEY
      Condition key for the protocol value from a Subscribe request or a previously confirmed subscription. Use with string conditions to restrict publication to specific delivery protocols (e.g., HTTPS).

      This condition key may only be used with StringCondition objects.

      See Also:
  • Method Details

    • newEndpointCondition

      public static Condition newEndpointCondition(String endpointPattern)
      Constructs a new access policy condition that compares the requested endpoint used to subscribe to an Amazon SNS topic with the specified endpoint pattern. The endpoint pattern may optionally contain the multi-character wildcard (*) or the single-character wildcard (?).

      For example, this condition can restrict subscriptions to a topic to email addresses in a certain domain ("*@my-company.com").

       Policy policy = new Policy("MyTopicPolicy");
       policy.withStatements(new Statement("RestrictSubscriptions", Effect.Allow)
               .withPrincipals(new Principal("*")).withActions(SNSActions.Subscribe)
               .withResources(new Resource(myTopicArn))
               .withConditions(SNSConditionFactory.newEndpointCondition("*@my-company.com")));
       
      Parameters:
      endpointPattern - The endpoint pattern against which to compare the requested endpoint for an Amazon SNS topic subscription.
      Returns:
      A new access control policy condition that compares the endpoint used in a request to subscribe to an Amazon SNS topic with the endpoint pattern specified.
    • newProtocolCondition

      public static Condition newProtocolCondition(String protocol)
      Constructs a new AWS access control policy condition that allows an access control statement to restrict subscriptions to an Amazon SNS topic based on the protocol being used for the subscription. For example, this condition can restrict subscriptions to a topic to endpoints using HTTPS to ensure that messages are securely delivered.
      Parameters:
      protocol - The protocol against which to compare the requested protocol for an Amazon SNS topic subscription.
      Returns:
      A new access control policy condition that compares the notification protocol requested in a request to subscribe to an Amazon SNS topic with the protocol value specified.