/* * Copyright 2018-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with * the License. A copy of the License is located at * * http://aws.amazon.com/apache2.0 * * or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR * CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions * and limitations under the License. */ package com.amazonaws.services.identitymanagement.model; import java.io.Serializable; import javax.annotation.Generated; import com.amazonaws.AmazonWebServiceRequest; /** * * @see AWS API * Documentation */ @Generated("com.amazonaws:aws-java-sdk-code-generator") public class CreateRoleRequest extends com.amazonaws.AmazonWebServiceRequest implements Serializable, Cloneable { /** *

* The path to the role. For more information about paths, see IAM Identifiers in the IAM * User Guide. *

* This parameter is optional. If it is not included, it defaults to a slash (/). *

* This parameter allows (through its regex pattern) a string of * characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward * slashes. In addition, it can contain any ASCII character from the ! (\u0021) through the DEL * character (\u007F), including most punctuation characters, digits, and upper and lowercased letters. *

*/ private String path; /** *

* The name of the role to create. *

* IAM user, group, role, and policy names must be unique within the account. Names are not distinguished by case. * For example, you cannot create resources named both "MyResource" and "myresource". *

* This parameter allows (through its regex pattern) a string of * characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of * the following characters: _+=,.@- *

*/ private String roleName; /** *

* The trust relationship policy document that grants an entity permission to assume the role. *

* In IAM, you must provide a JSON policy that has been converted to a string. However, for CloudFormation templates * formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML * policy to JSON format before submitting it to IAM. *

* The regex pattern used to validate this parameter is a string of * characters consisting of the following: *

*
* Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII * character range *
*
*
* The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF) *
*
*
* The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D * ) *
*

* Upon success, the response includes the same trust policy in JSON format. *

*/ private String assumeRolePolicyDocument; /** *

* A description of the role. *

*/ private String description; /** *

* The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a * value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 * hours. *

* Anyone who assumes the role from the CLI or API can use the DurationSeconds API parameter or the * duration-seconds CLI parameter to request a longer session. The MaxSessionDuration * setting determines the maximum duration that can be requested using the DurationSeconds parameter. * If users don't specify a value for the DurationSeconds parameter, their security credentials are * valid for one hour by default. This applies when you use the AssumeRole* API operations or the * assume-role* CLI operations but does not apply when you use those operations to create a console * URL. For more information, see Using * IAM roles in the IAM User Guide. *

*/ private Integer maxSessionDuration; /** *

* The ARN of the managed policy that is used to set the permissions boundary for the role. *

* A permissions boundary policy defines the maximum permissions that identity-based policies can grant to an * entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a * resource-based policy can grant to an entity. To learn more, see Permissions boundaries * for IAM entities in the IAM User Guide. *

* For more information about policy types, see Policy types * in the IAM User Guide. *

*/ private String permissionsBoundary; /** *

* A list of tags that you want to attach to the new role. Each tag consists of a key name and an associated value. * For more information about tagging, see Tagging IAM resources in the IAM User * Guide. *

* *

* If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request * fails and the resource is not created. *

* */ private com.amazonaws.internal.SdkInternalList tags; /** *

* The path to the role. For more information about paths, see IAM Identifiers in the IAM * User Guide. *

* This parameter is optional. If it is not included, it defaults to a slash (/). *

* * @param path * The path to the role. For more information about paths, see IAM Identifiers in the * IAM User Guide.

* This parameter is optional. If it is not included, it defaults to a slash (/). *

* This parameter allows (through its regex pattern) a string * of characters consisting of either a forward slash (/) by itself or a string that must begin and end with * forward slashes. In addition, it can contain any ASCII character from the ! (\u0021) through * the DEL character (\u007F), including most punctuation characters, digits, and upper and * lowercased letters. */ public void setPath(String path) { this.path = path; } /** *

* The path to the role. For more information about paths, see IAM Identifiers in the IAM * User Guide. *

* This parameter is optional. If it is not included, it defaults to a slash (/). *

* * @return The path to the role. For more information about paths, see IAM Identifiers in the * IAM User Guide.

* This parameter is optional. If it is not included, it defaults to a slash (/). *

* The path to the role. For more information about paths, see IAM Identifiers in the IAM * User Guide. *

* This parameter is optional. If it is not included, it defaults to a slash (/). *

* * @param path * The path to the role. For more information about paths, see IAM Identifiers in the * IAM User Guide.

* This parameter is optional. If it is not included, it defaults to a slash (/). *

* This parameter allows (through its regex pattern) a string * of characters consisting of either a forward slash (/) by itself or a string that must begin and end with * forward slashes. In addition, it can contain any ASCII character from the ! (\u0021) through * the DEL character (\u007F), including most punctuation characters, digits, and upper and * lowercased letters. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateRoleRequest withPath(String path) { setPath(path); return this; } /** *

* The name of the role to create. *

* * @param roleName * The name of the role to create.

* IAM user, group, role, and policy names must be unique within the account. Names are not distinguished by * case. For example, you cannot create resources named both "MyResource" and "myresource". *

* This parameter allows (through its regex pattern) a string * of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also * include any of the following characters: _+=,.@- */ public void setRoleName(String roleName) { this.roleName = roleName; } /** *

* The name of the role to create. *

* * @return The name of the role to create.

* The name of the role to create. *

* * @param roleName * The name of the role to create.

* This parameter allows (through its regex pattern) a string * of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also * include any of the following characters: _+=,.@- * @return Returns a reference to this object so that method calls can be chained together. */ public CreateRoleRequest withRoleName(String roleName) { setRoleName(roleName); return this; } /** *

* The trust relationship policy document that grants an entity permission to assume the role. *

* The regex pattern used to validate this parameter is a string of * characters consisting of the following: *

*
* Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII * character range *
*
*
* The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF) *
*
*
* The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D * ) *
*

* Upon success, the response includes the same trust policy in JSON format. *

* * @param assumeRolePolicyDocument * The trust relationship policy document that grants an entity permission to assume the role.

* In IAM, you must provide a JSON policy that has been converted to a string. However, for CloudFormation * templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always * converts a YAML policy to JSON format before submitting it to IAM. *

* The regex pattern used to validate this parameter is a * string of characters consisting of the following: *

*
* Any printable ASCII character ranging from the space character (\u0020) through the end of * the ASCII character range *
*
*
* The printable characters in the Basic Latin and Latin-1 Supplement character set (through * \u00FF) *
*
*
* The special characters tab (\u0009), line feed (\u000A), and carriage return ( * \u000D) *
*

* Upon success, the response includes the same trust policy in JSON format. */ public void setAssumeRolePolicyDocument(String assumeRolePolicyDocument) { this.assumeRolePolicyDocument = assumeRolePolicyDocument; } /** *

* The trust relationship policy document that grants an entity permission to assume the role. *

* The regex pattern used to validate this parameter is a string of * characters consisting of the following: *

*
* Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII * character range *
*
*
* The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF) *
*
*
* The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D * ) *
*

* Upon success, the response includes the same trust policy in JSON format. *

* * @return The trust relationship policy document that grants an entity permission to assume the role.

* The regex pattern used to validate this parameter is a * string of characters consisting of the following: *

*
* Any printable ASCII character ranging from the space character (\u0020) through the end of * the ASCII character range *
*
*
* The printable characters in the Basic Latin and Latin-1 Supplement character set (through * \u00FF) *
*
*
* The special characters tab (\u0009), line feed (\u000A), and carriage return ( * \u000D) *
*

* Upon success, the response includes the same trust policy in JSON format. */ public String getAssumeRolePolicyDocument() { return this.assumeRolePolicyDocument; } /** *

* The trust relationship policy document that grants an entity permission to assume the role. *

* The regex pattern used to validate this parameter is a string of * characters consisting of the following: *

*
* Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII * character range *
*
*
* The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF) *
*
*
* The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D * ) *
*

* Upon success, the response includes the same trust policy in JSON format. *

* * @param assumeRolePolicyDocument * The trust relationship policy document that grants an entity permission to assume the role.

* The regex pattern used to validate this parameter is a * string of characters consisting of the following: *

*
* Any printable ASCII character ranging from the space character (\u0020) through the end of * the ASCII character range *
*
*
* The printable characters in the Basic Latin and Latin-1 Supplement character set (through * \u00FF) *
*
*
* The special characters tab (\u0009), line feed (\u000A), and carriage return ( * \u000D) *
*

* Upon success, the response includes the same trust policy in JSON format. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateRoleRequest withAssumeRolePolicyDocument(String assumeRolePolicyDocument) { setAssumeRolePolicyDocument(assumeRolePolicyDocument); return this; } /** *

* A description of the role. *

* * @param description * A description of the role. */ public void setDescription(String description) { this.description = description; } /** *

* A description of the role. *

* * @return A description of the role. */ public String getDescription() { return this.description; } /** *

* A description of the role. *

* * @param description * A description of the role. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateRoleRequest withDescription(String description) { setDescription(description); return this; } /** *

* * @param maxSessionDuration * The maximum session duration (in seconds) that you want to set for the specified role. If you do not * specify a value for this setting, the default value of one hour is applied. This setting can have a value * from 1 hour to 12 hours.

* Anyone who assumes the role from the CLI or API can use the DurationSeconds API parameter or * the duration-seconds CLI parameter to request a longer session. The * MaxSessionDuration setting determines the maximum duration that can be requested using the * DurationSeconds parameter. If users don't specify a value for the * DurationSeconds parameter, their security credentials are valid for one hour by default. This * applies when you use the AssumeRole* API operations or the assume-role* CLI * operations but does not apply when you use those operations to create a console URL. For more information, * see Using IAM roles in * the IAM User Guide. */ public void setMaxSessionDuration(Integer maxSessionDuration) { this.maxSessionDuration = maxSessionDuration; } /** *

* * @return The maximum session duration (in seconds) that you want to set for the specified role. If you do not * specify a value for this setting, the default value of one hour is applied. This setting can have a value * from 1 hour to 12 hours.

* Anyone who assumes the role from the CLI or API can use the DurationSeconds API parameter or * the duration-seconds CLI parameter to request a longer session. The * MaxSessionDuration setting determines the maximum duration that can be requested using the * DurationSeconds parameter. If users don't specify a value for the * DurationSeconds parameter, their security credentials are valid for one hour by default. * This applies when you use the AssumeRole* API operations or the assume-role* * CLI operations but does not apply when you use those operations to create a console URL. For more * information, see Using IAM * roles in the IAM User Guide. */ public Integer getMaxSessionDuration() { return this.maxSessionDuration; } /** *

* Anyone who assumes the role from the CLI or API can use the DurationSeconds API parameter or * the duration-seconds CLI parameter to request a longer session. The * MaxSessionDuration setting determines the maximum duration that can be requested using the * DurationSeconds parameter. If users don't specify a value for the * DurationSeconds parameter, their security credentials are valid for one hour by default. This * applies when you use the AssumeRole* API operations or the assume-role* CLI * operations but does not apply when you use those operations to create a console URL. For more information, * see Using IAM roles in * the IAM User Guide. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateRoleRequest withMaxSessionDuration(Integer maxSessionDuration) { setMaxSessionDuration(maxSessionDuration); return this; } /** *

* The ARN of the managed policy that is used to set the permissions boundary for the role. *

* For more information about policy types, see Policy types * in the IAM User Guide. *

* * @param permissionsBoundary * The ARN of the managed policy that is used to set the permissions boundary for the role.

* A permissions boundary policy defines the maximum permissions that identity-based policies can grant to an * entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that * a resource-based policy can grant to an entity. To learn more, see Permissions * boundaries for IAM entities in the IAM User Guide. *

* For more information about policy types, see Policy * types in the IAM User Guide. */ public void setPermissionsBoundary(String permissionsBoundary) { this.permissionsBoundary = permissionsBoundary; } /** *

* The ARN of the managed policy that is used to set the permissions boundary for the role. *

* For more information about policy types, see Policy types * in the IAM User Guide. *

* * @return The ARN of the managed policy that is used to set the permissions boundary for the role.

* A permissions boundary policy defines the maximum permissions that identity-based policies can grant to * an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions * that a resource-based policy can grant to an entity. To learn more, see Permissions * boundaries for IAM entities in the IAM User Guide. *

* For more information about policy types, see Policy * types in the IAM User Guide. */ public String getPermissionsBoundary() { return this.permissionsBoundary; } /** *

* The ARN of the managed policy that is used to set the permissions boundary for the role. *

* For more information about policy types, see Policy types * in the IAM User Guide. *

* * @param permissionsBoundary * The ARN of the managed policy that is used to set the permissions boundary for the role.

* A permissions boundary policy defines the maximum permissions that identity-based policies can grant to an * entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that * a resource-based policy can grant to an entity. To learn more, see Permissions * boundaries for IAM entities in the IAM User Guide. *

* For more information about policy types, see Policy * types in the IAM User Guide. * @return Returns a reference to this object so that method calls can be chained together. */ public CreateRoleRequest withPermissionsBoundary(String permissionsBoundary) { setPermissionsBoundary(permissionsBoundary); return this; } /** *

* *

* If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request * fails and the resource is not created. *

* * * @return A list of tags that you want to attach to the new role. Each tag consists of a key name and an associated * value. For more information about tagging, see Tagging IAM resources in the * IAM User Guide.

* If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire * request fails and the resource is not created. *

*/ public java.util.List getTags() { if (tags == null) { tags = new com.amazonaws.internal.SdkInternalList(); } return tags; } /** *

* *

* If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request * fails and the resource is not created. *

* * * @param tags * A list of tags that you want to attach to the new role. Each tag consists of a key name and an associated * value. For more information about tagging, see Tagging IAM resources in the * IAM User Guide.

* If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire * request fails and the resource is not created. *

*/ public void setTags(java.util.Collection tags) { if (tags == null) { this.tags = null; return; } this.tags = new com.amazonaws.internal.SdkInternalList(tags); } /** *

* *

* If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request * fails and the resource is not created. *

* *

* NOTE: This method appends the values to the existing list (if any). Use * {@link #setTags(java.util.Collection)} or {@link #withTags(java.util.Collection)} if you want to override the * existing values. *

* * @param tags * A list of tags that you want to attach to the new role. Each tag consists of a key name and an associated * value. For more information about tagging, see Tagging IAM resources in the * IAM User Guide.

* If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire * request fails and the resource is not created. *

* @return Returns a reference to this object so that method calls can be chained together. */ public CreateRoleRequest withTags(Tag... tags) { if (this.tags == null) { setTags(new com.amazonaws.internal.SdkInternalList(tags.length)); } for (Tag ele : tags) { this.tags.add(ele); } return this; } /** *

* *

* If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request * fails and the resource is not created. *

* If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire * request fails and the resource is not created. *

* @return Returns a reference to this object so that method calls can be chained together. */ public CreateRoleRequest withTags(java.util.Collection tags) { setTags(tags); return this; } /** * Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be * redacted from this string using a placeholder value. * * @return A string representation of this object. * * @see java.lang.Object#toString() */ @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getPath() != null) sb.append("Path: ").append(getPath()).append(","); if (getRoleName() != null) sb.append("RoleName: ").append(getRoleName()).append(","); if (getAssumeRolePolicyDocument() != null) sb.append("AssumeRolePolicyDocument: ").append(getAssumeRolePolicyDocument()).append(","); if (getDescription() != null) sb.append("Description: ").append(getDescription()).append(","); if (getMaxSessionDuration() != null) sb.append("MaxSessionDuration: ").append(getMaxSessionDuration()).append(","); if (getPermissionsBoundary() != null) sb.append("PermissionsBoundary: ").append(getPermissionsBoundary()).append(","); if (getTags() != null) sb.append("Tags: ").append(getTags()); sb.append("}"); return sb.toString(); } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (obj instanceof CreateRoleRequest == false) return false; CreateRoleRequest other = (CreateRoleRequest) obj; if (other.getPath() == null ^ this.getPath() == null) return false; if (other.getPath() != null && other.getPath().equals(this.getPath()) == false) return false; if (other.getRoleName() == null ^ this.getRoleName() == null) return false; if (other.getRoleName() != null && other.getRoleName().equals(this.getRoleName()) == false) return false; if (other.getAssumeRolePolicyDocument() == null ^ this.getAssumeRolePolicyDocument() == null) return false; if (other.getAssumeRolePolicyDocument() != null && other.getAssumeRolePolicyDocument().equals(this.getAssumeRolePolicyDocument()) == false) return false; if (other.getDescription() == null ^ this.getDescription() == null) return false; if (other.getDescription() != null && other.getDescription().equals(this.getDescription()) == false) return false; if (other.getMaxSessionDuration() == null ^ this.getMaxSessionDuration() == null) return false; if (other.getMaxSessionDuration() != null && other.getMaxSessionDuration().equals(this.getMaxSessionDuration()) == false) return false; if (other.getPermissionsBoundary() == null ^ this.getPermissionsBoundary() == null) return false; if (other.getPermissionsBoundary() != null && other.getPermissionsBoundary().equals(this.getPermissionsBoundary()) == false) return false; if (other.getTags() == null ^ this.getTags() == null) return false; if (other.getTags() != null && other.getTags().equals(this.getTags()) == false) return false; return true; } @Override public int hashCode() { final int prime = 31; int hashCode = 1; hashCode = prime * hashCode + ((getPath() == null) ? 0 : getPath().hashCode()); hashCode = prime * hashCode + ((getRoleName() == null) ? 0 : getRoleName().hashCode()); hashCode = prime * hashCode + ((getAssumeRolePolicyDocument() == null) ? 0 : getAssumeRolePolicyDocument().hashCode()); hashCode = prime * hashCode + ((getDescription() == null) ? 0 : getDescription().hashCode()); hashCode = prime * hashCode + ((getMaxSessionDuration() == null) ? 0 : getMaxSessionDuration().hashCode()); hashCode = prime * hashCode + ((getPermissionsBoundary() == null) ? 0 : getPermissionsBoundary().hashCode()); hashCode = prime * hashCode + ((getTags() == null) ? 0 : getTags().hashCode()); return hashCode; } @Override public CreateRoleRequest clone() { return (CreateRoleRequest) super.clone(); } }