in emr-user-role-mapper-application/src/main/java/com/amazon/aws/emr/mapping/ManagedPolicyBasedUserRoleMapperImpl.java [102:135]
void processFile(String jsonString) {
log.info("Received the following JSON {}", jsonString);
PrincipalPolicyMappings principalPolicyMappings = GSON
.fromJson(jsonString, PrincipalPolicyMappings.class);
// Clear the old mapping now since we found a new valid mapping!
principalRoleMapping.clear();
noMatchPolicyArn = DEFAULT_NO_MATCH_POLICY_ARN;
if (principalPolicyMappings.getNoMatchPolicyArn() != null) {
noMatchPolicyArn = principalPolicyMappings.getNoMatchPolicyArn();
}
log.info("No-Match Policy ARN is : " + noMatchPolicyArn);
for (PrincipalPolicyMapping principalPolicyMapping : principalPolicyMappings
.getPrincipalPolicyMappings()) {
if (!isValidMapping(principalPolicyMapping)) {
log.info("Invalid record!");
continue;
}
String principal =
principalPolicyMapping.getUsername() != null ? principalPolicyMapping.getUsername() :
principalPolicyMapping.getGroupname();
List<PolicyDescriptorType> policyDescriptorTypes = new ArrayList<>();
principalPolicyMapping.getPolicyArns().stream()
.map(p -> new PolicyDescriptorType().withArn(p))
.forEach(policyDescriptorTypes::add);
principalRoleMapping.put(principal, policyDescriptorTypes);
log.info("Mapped {} to {}", principal, principalPolicyMapping.getPolicyArns());
}
}