/// <summary>
/// Simulate how a set of IAM policies and optionally a resource-based policy works with
/// a list of API actions and AWS resources to determine the policies' effective permissions.
/// The policies are provided as strings.
///
///
/// <para>
/// The simulation does not perform the API actions; it only checks the authorization
/// to determine if the simulated policies allow or deny the actions.
/// </para>
///
/// <para>
/// If you want to simulate existing policies attached to an IAM user, group, or role,
/// use <a>SimulatePrincipalPolicy</a> instead.
/// </para>
///
/// <para>
/// Context keys are variables maintained by AWS and its services that provide details
/// about the context of an API query request. You can use the <code>Condition</code>
/// element of an IAM policy to evaluate context keys. To get the list of context keys
/// that the policies require for correct simulation, use <a>GetContextKeysForCustomPolicy</a>.
/// </para>
///
/// <para>
/// If the output is long, you can use <code>MaxItems</code> and <code>Marker</code> parameters
/// to paginate the results.
/// </para>
/// </summary>
/// <param name="request">Container for the necessary parameters to execute the SimulateCustomPolicy service method.</param>
///
/// <returns>The response from the SimulateCustomPolicy service method, as returned by IdentityManagementService.</returns>
/// <exception cref="Amazon.IdentityManagement.Model.InvalidInputException">
/// The request was rejected because an invalid or out-of-range value was supplied for
/// an input parameter.
/// </exception>
/// <exception cref="Amazon.IdentityManagement.Model.PolicyEvaluationException">
/// The request failed because a provided policy could not be successfully evaluated.
/// An additional detail message indicates the source of the failure.
/// </exception>
public SimulateCustomPolicyResponse SimulateCustomPolicy(SimulateCustomPolicyRequest request)
{
var marshaller = new SimulateCustomPolicyRequestMarshaller();
var unmarshaller = SimulateCustomPolicyResponseUnmarshaller.Instance;
return Invoke<SimulateCustomPolicyRequest,SimulateCustomPolicyResponse>(request, marshaller, unmarshaller);
}
/// <summary>
/// Initiates the asynchronous execution of the SimulateCustomPolicy operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the SimulateCustomPolicy operation on AmazonIdentityManagementServiceClient.</param>
/// <param name="callback">An AsyncCallback delegate that is invoked when the operation completes.</param>
/// <param name="state">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback
/// procedure using the AsyncState property.</param>
///
/// <returns>An IAsyncResult that can be used to poll or wait for results, or both; this value is also needed when invoking EndSimulateCustomPolicy
/// operation.</returns>
public IAsyncResult BeginSimulateCustomPolicy(SimulateCustomPolicyRequest request, AsyncCallback callback, object state)
{
var marshaller = new SimulateCustomPolicyRequestMarshaller();
var unmarshaller = SimulateCustomPolicyResponseUnmarshaller.Instance;
return BeginInvoke<SimulateCustomPolicyRequest>(request, marshaller, unmarshaller,
callback, state);
}
/// <summary>
/// Paginator for SimulateCustomPolicy operation
///</summary>
public ISimulateCustomPolicyPaginator SimulateCustomPolicy(SimulateCustomPolicyRequest request)
{
return(new SimulateCustomPolicyPaginator(this.client, request));
}
/// <summary>
/// Initiates the asynchronous execution of the SimulateCustomPolicy operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the SimulateCustomPolicy operation.</param>
/// <param name="cancellationToken">
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
/// </param>
/// <returns>The task object representing the asynchronous operation.</returns>
public Task<SimulateCustomPolicyResponse> SimulateCustomPolicyAsync(SimulateCustomPolicyRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var marshaller = new SimulateCustomPolicyRequestMarshaller();
var unmarshaller = SimulateCustomPolicyResponseUnmarshaller.Instance;
return InvokeAsync<SimulateCustomPolicyRequest,SimulateCustomPolicyResponse>(request, marshaller,
unmarshaller, cancellationToken);
}
/// <summary>
/// Initiates the asynchronous execution of the SimulateCustomPolicy operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the SimulateCustomPolicy operation on AmazonIdentityManagementServiceClient.</param>
/// <param name="callback">An Action delegate that is invoked when the operation completes.</param>
/// <param name="options">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback
/// procedure using the AsyncState property.</param>
public void SimulateCustomPolicyAsync(SimulateCustomPolicyRequest request, AmazonServiceCallback<SimulateCustomPolicyRequest, SimulateCustomPolicyResponse> callback, AsyncOptions options = null)
{
options = options == null?new AsyncOptions():options;
var marshaller = new SimulateCustomPolicyRequestMarshaller();
var unmarshaller = SimulateCustomPolicyResponseUnmarshaller.Instance;
Action<AmazonWebServiceRequest, AmazonWebServiceResponse, Exception, AsyncOptions> callbackHelper = null;
if(callback !=null )
callbackHelper = (AmazonWebServiceRequest req, AmazonWebServiceResponse res, Exception ex, AsyncOptions ao) => {
AmazonServiceResult<SimulateCustomPolicyRequest,SimulateCustomPolicyResponse> responseObject
= new AmazonServiceResult<SimulateCustomPolicyRequest,SimulateCustomPolicyResponse>((SimulateCustomPolicyRequest)req, (SimulateCustomPolicyResponse)res, ex , ao.State);
callback(responseObject);
};
BeginInvoke<SimulateCustomPolicyRequest>(request, marshaller, unmarshaller, options, callbackHelper);
}
private Amazon.IdentityManagement.Model.SimulateCustomPolicyResponse CallAWSServiceOperation(IAmazonIdentityManagementService client, Amazon.IdentityManagement.Model.SimulateCustomPolicyRequest request)
{
Utils.Common.WriteVerboseEndpointMessage(this, client.Config, "AWS Identity and Access Management", "SimulateCustomPolicy");
try
{
#if DESKTOP
return(client.SimulateCustomPolicy(request));
#elif CORECLR
return(client.SimulateCustomPolicyAsync(request).GetAwaiter().GetResult());
#else
#error "Unknown build edition"
#endif
}
catch (AmazonServiceException exc)
{
var webException = exc.InnerException as System.Net.WebException;
if (webException != null)
{
throw new Exception(Utils.Common.FormatNameResolutionFailureMessage(client.Config, webException.Message), webException);
}
throw;
}
}
public object Execute(ExecutorContext context)
{
var cmdletContext = context as CmdletContext;
var useParameterSelect = this.Select.StartsWith("^");
// create request and set iteration invariants
var request = new Amazon.IdentityManagement.Model.SimulateCustomPolicyRequest();
if (cmdletContext.ActionName != null)
{
request.ActionNames = cmdletContext.ActionName;
}
if (cmdletContext.CallerArn != null)
{
request.CallerArn = cmdletContext.CallerArn;
}
if (cmdletContext.ContextEntry != null)
{
request.ContextEntries = cmdletContext.ContextEntry;
}
if (cmdletContext.PermissionsBoundaryPolicyInputList != null)
{
request.PermissionsBoundaryPolicyInputList = cmdletContext.PermissionsBoundaryPolicyInputList;
}
if (cmdletContext.PolicyInputList != null)
{
request.PolicyInputList = cmdletContext.PolicyInputList;
}
if (cmdletContext.ResourceArn != null)
{
request.ResourceArns = cmdletContext.ResourceArn;
}
if (cmdletContext.ResourceHandlingOption != null)
{
request.ResourceHandlingOption = cmdletContext.ResourceHandlingOption;
}
if (cmdletContext.ResourceOwner != null)
{
request.ResourceOwner = cmdletContext.ResourceOwner;
}
if (cmdletContext.ResourcePolicy != null)
{
request.ResourcePolicy = cmdletContext.ResourcePolicy;
}
// Initialize loop variants and commence piping
System.String _nextToken = null;
int? _emitLimit = null;
int _retrievedSoFar = 0;
if (AutoIterationHelpers.HasValue(cmdletContext.Marker))
{
_nextToken = cmdletContext.Marker;
}
if (cmdletContext.MaxItem.HasValue)
{
// The service has a maximum page size of 1000. If the user has
// asked for more items than page max, and there is no page size
// configured, we rely on the service ignoring the set maximum
// and giving us 1000 items back. If a page size is set, that will
// be used to configure the pagination.
// We'll make further calls to satisfy the user's request.
_emitLimit = cmdletContext.MaxItem;
}
var _userControllingPaging = this.NoAutoIteration.IsPresent || ParameterWasBound(nameof(this.Marker));
var client = Client ?? CreateClient(_CurrentCredentials, _RegionEndpoint);
do
{
request.Marker = _nextToken;
if (_emitLimit.HasValue)
{
int correctPageSize = Math.Min(1000, _emitLimit.Value);
request.MaxItems = AutoIterationHelpers.ConvertEmitLimitToInt32(correctPageSize);
}
CmdletOutput output;
try
{
var response = CallAWSServiceOperation(client, request);
object pipelineOutput = null;
if (!useParameterSelect)
{
pipelineOutput = cmdletContext.Select(response, this);
}
output = new CmdletOutput
{
PipelineOutput = pipelineOutput,
ServiceResponse = response
};
int _receivedThisCall = response.EvaluationResults.Count;
_nextToken = response.Marker;
_retrievedSoFar += _receivedThisCall;
if (_emitLimit.HasValue)
{
_emitLimit -= _receivedThisCall;
}
}
catch (Exception e)
{
if (_retrievedSoFar == 0 || !_emitLimit.HasValue)
{
output = new CmdletOutput {
ErrorResponse = e
};
}
else
{
break;
}
}
ProcessOutput(output);
} while (!_userControllingPaging && AutoIterationHelpers.HasValue(_nextToken) && (!_emitLimit.HasValue || _emitLimit.Value >= 1));
if (useParameterSelect)
{
WriteObject(cmdletContext.Select(null, this));
}
return(null);
}
public object Execute(ExecutorContext context)
{
var cmdletContext = context as CmdletContext;
var useParameterSelect = this.Select.StartsWith("^");
// create request and set iteration invariants
var request = new Amazon.IdentityManagement.Model.SimulateCustomPolicyRequest();
if (cmdletContext.ActionName != null)
{
request.ActionNames = cmdletContext.ActionName;
}
if (cmdletContext.CallerArn != null)
{
request.CallerArn = cmdletContext.CallerArn;
}
if (cmdletContext.ContextEntry != null)
{
request.ContextEntries = cmdletContext.ContextEntry;
}
if (cmdletContext.MaxItem != null)
{
request.MaxItems = AutoIterationHelpers.ConvertEmitLimitToServiceTypeInt32(cmdletContext.MaxItem.Value);
}
if (cmdletContext.PermissionsBoundaryPolicyInputList != null)
{
request.PermissionsBoundaryPolicyInputList = cmdletContext.PermissionsBoundaryPolicyInputList;
}
if (cmdletContext.PolicyInputList != null)
{
request.PolicyInputList = cmdletContext.PolicyInputList;
}
if (cmdletContext.ResourceArn != null)
{
request.ResourceArns = cmdletContext.ResourceArn;
}
if (cmdletContext.ResourceHandlingOption != null)
{
request.ResourceHandlingOption = cmdletContext.ResourceHandlingOption;
}
if (cmdletContext.ResourceOwner != null)
{
request.ResourceOwner = cmdletContext.ResourceOwner;
}
if (cmdletContext.ResourcePolicy != null)
{
request.ResourcePolicy = cmdletContext.ResourcePolicy;
}
// Initialize loop variant and commence piping
var _nextToken = cmdletContext.Marker;
var _userControllingPaging = this.NoAutoIteration.IsPresent || ParameterWasBound(nameof(this.Marker));
var client = Client ?? CreateClient(_CurrentCredentials, _RegionEndpoint);
do
{
request.Marker = _nextToken;
CmdletOutput output;
try
{
var response = CallAWSServiceOperation(client, request);
object pipelineOutput = null;
if (!useParameterSelect)
{
pipelineOutput = cmdletContext.Select(response, this);
}
output = new CmdletOutput
{
PipelineOutput = pipelineOutput,
ServiceResponse = response
};
_nextToken = response.Marker;
}
catch (Exception e)
{
output = new CmdletOutput {
ErrorResponse = e
};
}
ProcessOutput(output);
} while (!_userControllingPaging && AutoIterationHelpers.HasValue(_nextToken));
if (useParameterSelect)
{
WriteObject(cmdletContext.Select(null, this));
}
return(null);
}
internal SimulateCustomPolicyPaginator(IAmazonIdentityManagementService client, SimulateCustomPolicyRequest request)
{
this._client = client;
this._request = request;
}