Class EvaluationResult
- All Implemented Interfaces:
Serializable
,Cloneable
Contains the results of a simulation.
This data type is used by the return parameter of
SimulateCustomPolicy
and
SimulatePrincipalPolicy
.
- See Also:
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionaddEvalDecisionDetailsEntry
(String key, String value) Removes all the entries added into EvalDecisionDetails.clone()
boolean
The name of the API action tested on the indicated resource.The result of the simulation.Additional details about the results of the evaluation decision.The ARN of the resource that the indicated API action was tested on.A list of the statements in the input policies that determine the result for this scenario.A list of context keys that are required by the included input policies but that were not provided by one of the input parameters.The individual results of the simulation of the API action specified in EvalActionName on each resource.int
hashCode()
void
setEvalActionName
(String evalActionName) The name of the API action tested on the indicated resource.void
setEvalDecision
(PolicyEvaluationDecisionType evalDecision) The result of the simulation.void
setEvalDecision
(String evalDecision) The result of the simulation.void
setEvalDecisionDetails
(Map<String, String> evalDecisionDetails) Additional details about the results of the evaluation decision.void
setEvalResourceName
(String evalResourceName) The ARN of the resource that the indicated API action was tested on.void
setMatchedStatements
(Collection<Statement> matchedStatements) A list of the statements in the input policies that determine the result for this scenario.void
setMissingContextValues
(Collection<String> missingContextValues) A list of context keys that are required by the included input policies but that were not provided by one of the input parameters.void
setResourceSpecificResults
(Collection<ResourceSpecificResult> resourceSpecificResults) The individual results of the simulation of the API action specified in EvalActionName on each resource.toString()
Returns a string representation of this object; useful for testing and debugging.withEvalActionName
(String evalActionName) The name of the API action tested on the indicated resource.withEvalDecision
(PolicyEvaluationDecisionType evalDecision) The result of the simulation.withEvalDecision
(String evalDecision) The result of the simulation.withEvalDecisionDetails
(Map<String, String> evalDecisionDetails) Additional details about the results of the evaluation decision.withEvalResourceName
(String evalResourceName) The ARN of the resource that the indicated API action was tested on.withMatchedStatements
(Statement... matchedStatements) A list of the statements in the input policies that determine the result for this scenario.withMatchedStatements
(Collection<Statement> matchedStatements) A list of the statements in the input policies that determine the result for this scenario.withMissingContextValues
(String... missingContextValues) A list of context keys that are required by the included input policies but that were not provided by one of the input parameters.withMissingContextValues
(Collection<String> missingContextValues) A list of context keys that are required by the included input policies but that were not provided by one of the input parameters.withResourceSpecificResults
(ResourceSpecificResult... resourceSpecificResults) The individual results of the simulation of the API action specified in EvalActionName on each resource.withResourceSpecificResults
(Collection<ResourceSpecificResult> resourceSpecificResults) The individual results of the simulation of the API action specified in EvalActionName on each resource.
-
Constructor Details
-
EvaluationResult
public EvaluationResult()
-
-
Method Details
-
setEvalActionName
The name of the API action tested on the indicated resource.
- Parameters:
evalActionName
- The name of the API action tested on the indicated resource.
-
getEvalActionName
The name of the API action tested on the indicated resource.
- Returns:
- The name of the API action tested on the indicated resource.
-
withEvalActionName
The name of the API action tested on the indicated resource.
- Parameters:
evalActionName
- The name of the API action tested on the indicated resource.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
setEvalResourceName
The ARN of the resource that the indicated API action was tested on.
- Parameters:
evalResourceName
- The ARN of the resource that the indicated API action was tested on.
-
getEvalResourceName
The ARN of the resource that the indicated API action was tested on.
- Returns:
- The ARN of the resource that the indicated API action was tested on.
-
withEvalResourceName
The ARN of the resource that the indicated API action was tested on.
- Parameters:
evalResourceName
- The ARN of the resource that the indicated API action was tested on.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
setEvalDecision
The result of the simulation.
- Parameters:
evalDecision
- The result of the simulation.- See Also:
-
getEvalDecision
The result of the simulation.
- Returns:
- The result of the simulation.
- See Also:
-
withEvalDecision
The result of the simulation.
- Parameters:
evalDecision
- The result of the simulation.- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
setEvalDecision
The result of the simulation.
- Parameters:
evalDecision
- The result of the simulation.- See Also:
-
withEvalDecision
The result of the simulation.
- Parameters:
evalDecision
- The result of the simulation.- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
getMatchedStatements
A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
- Returns:
- A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
-
setMatchedStatements
A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
- Parameters:
matchedStatements
- A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
-
withMatchedStatements
A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
NOTE: This method appends the values to the existing list (if any). Use
setMatchedStatements(java.util.Collection)
orwithMatchedStatements(java.util.Collection)
if you want to override the existing values.- Parameters:
matchedStatements
- A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
withMatchedStatements
A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.
- Parameters:
matchedStatements
- A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the action on the resource, if only one statement denies that action, then the explicit deny overrides any allow, and the deny statement is the only entry included in the result.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
getMissingContextValues
A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the
ResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.- Returns:
- A list of context keys that are required by the included input
policies but that were not provided by one of the input
parameters. This list is used when the resource in a simulation
is "*", either explicitly, or when the
ResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
-
setMissingContextValues
A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the
ResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.- Parameters:
missingContextValues
- A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when theResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
-
withMissingContextValues
A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the
ResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.NOTE: This method appends the values to the existing list (if any). Use
setMissingContextValues(java.util.Collection)
orwithMissingContextValues(java.util.Collection)
if you want to override the existing values.- Parameters:
missingContextValues
- A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when theResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
withMissingContextValues
A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the
ResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.- Parameters:
missingContextValues
- A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when theResourceArns
parameter blank. If you include a list of resources, then any missing context values are instead included under theResourceSpecificResults
section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
getEvalDecisionDetails
Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies
- Returns:
- Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies
-
setEvalDecisionDetails
Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies
- Parameters:
evalDecisionDetails
- Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies
-
withEvalDecisionDetails
Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies
- Parameters:
evalDecisionDetails
- Additional details about the results of the evaluation decision. When there are both IAM policies and resource policies, this parameter explains how each set of policies contributes to the final evaluation decision. When simulating cross-account access to a resource, both the resource-based policy and the caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based Policies- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
addEvalDecisionDetailsEntry
-
clearEvalDecisionDetailsEntries
Removes all the entries added into EvalDecisionDetails. <p> Returns a reference to this object so that method calls can be chained together. -
getResourceSpecificResults
The individual results of the simulation of the API action specified in EvalActionName on each resource.
- Returns:
- The individual results of the simulation of the API action specified in EvalActionName on each resource.
-
setResourceSpecificResults
The individual results of the simulation of the API action specified in EvalActionName on each resource.
- Parameters:
resourceSpecificResults
- The individual results of the simulation of the API action specified in EvalActionName on each resource.
-
withResourceSpecificResults
public EvaluationResult withResourceSpecificResults(ResourceSpecificResult... resourceSpecificResults) The individual results of the simulation of the API action specified in EvalActionName on each resource.
NOTE: This method appends the values to the existing list (if any). Use
setResourceSpecificResults(java.util.Collection)
orwithResourceSpecificResults(java.util.Collection)
if you want to override the existing values.- Parameters:
resourceSpecificResults
- The individual results of the simulation of the API action specified in EvalActionName on each resource.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
withResourceSpecificResults
public EvaluationResult withResourceSpecificResults(Collection<ResourceSpecificResult> resourceSpecificResults) The individual results of the simulation of the API action specified in EvalActionName on each resource.
- Parameters:
resourceSpecificResults
- The individual results of the simulation of the API action specified in EvalActionName on each resource.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
toString
Returns a string representation of this object; useful for testing and debugging. -
equals
-
hashCode
public int hashCode() -
clone
-