tessl/maven-com-amazonaws--aws-java-sdk-core
Core foundational library for AWS SDK for Java 1.x providing authentication, HTTP transport, regions, protocols, and shared utilities for all AWS service clients
—
Pending
arn-support.mddocs/
ARN Support & Resource Management
Amazon Resource Names (ARNs) uniquely identify AWS resources. The AWS Java SDK Core provides comprehensive ARN parsing, validation, and manipulation capabilities for working with AWS resources programmatically.
Core ARN Classes
ARN Class
// Core ARN parsing and manipulation class
class Arn {
// Static factory methods
public static Arn fromString(String arn);
public static Builder builder();
// ARN component accessors
public String getPartition();
public String getService();
public String getRegion();
public String getAccountId();
public ArnResource getResource();
// ARN formatting
public String toString();
// ARN builder for constructing ARNs
interface Builder {
Builder partition(String partition);
Builder service(String service);
Builder region(String region);
Builder accountId(String accountId);
Builder resource(String resource);
Builder resource(String resourceType, String resourceId);
Builder resource(ArnResource resource);
Arn build();
}
}ARN Resource
// ARN resource component representation
class ArnResource {
public static ArnResource fromString(String resource);
public String getResourceType();
public String getResource();
public String getQualifier();
// Check if resource has a type
public boolean hasResourceType();
// String representation
public String toString();
}
// AWS resource abstraction
interface AwsResource {
String getPartition();
String getService();
String getRegion();
String getAccount();
String getResourceType();
String getResourceId();
// Convert to ARN
Arn getArn();
}ARN Converter
// ARN conversion utilities
class ArnConverter {
// Convert between ARN and resource representations
public static <T extends AwsResource> T convertArn(Arn arn, Class<T> resourceClass);
public static Arn convertResource(AwsResource resource);
// Resource-specific converters
public static S3ObjectIdentifier toS3ObjectIdentifier(Arn arn);
public static DynamoDbTableIdentifier toDynamoDbTableIdentifier(Arn arn);
public static LambdaFunctionIdentifier toLambdaFunctionIdentifier(Arn arn);
}ARN Validation
ARN Validation Utilities
// ARN validation and format checking
class ArnValidator {
// Validate ARN format
public static boolean isValidArn(String arn);
public static boolean isValidArnFormat(String arn);
// Service-specific validation
public static boolean isValidS3Arn(String arn);
public static boolean isValidDynamoDbArn(String arn);
public static boolean isValidLambdaArn(String arn);
public static boolean isValidIamArn(String arn);
// Validation with detailed errors
public static ValidationResult validateArn(String arn);
}
// Validation result with detailed error information
class ValidationResult {
public boolean isValid();
public List<String> getErrors();
public List<String> getWarnings();
}Basic Usage Examples
ARN Parsing
import com.amazonaws.arn.Arn;
import com.amazonaws.arn.ArnResource;
// Parse an ARN string
String arnString = "arn:aws:s3:::my-bucket/my-object";
Arn arn = Arn.fromString(arnString);
// Access ARN components
System.out.println("Partition: " + arn.getPartition()); // "aws"
System.out.println("Service: " + arn.getService()); // "s3"
System.out.println("Region: " + arn.getRegion()); // "" (empty for S3)
System.out.println("Account: " + arn.getAccountId()); // "" (empty for S3)
// Access resource information
ArnResource resource = arn.getResource();
System.out.println("Resource: " + resource.getResource()); // "my-bucket/my-object"ARN Construction
import com.amazonaws.arn.Arn;
// Build an ARN using the builder pattern
Arn dynamoArn = Arn.builder()
.partition("aws")
.service("dynamodb")
.region("us-east-1")
.accountId("123456789012")
.resource("table", "my-table")
.build();
System.out.println(dynamoArn.toString());
// Output: arn:aws:dynamodb:us-east-1:123456789012:table/my-tableARN Validation
import com.amazonaws.arn.ArnValidator;
import com.amazonaws.arn.ValidationResult;
// Simple validation
String arnString = "arn:aws:lambda:us-west-2:123456789012:function:my-function";
boolean isValid = ArnValidator.isValidArn(arnString);
// Detailed validation with error reporting
ValidationResult result = ArnValidator.validateArn(arnString);
if (!result.isValid()) {
System.err.println("ARN validation errors:");
result.getErrors().forEach(System.err::println);
}
// Service-specific validation
boolean isValidLambda = ArnValidator.isValidLambdaArn(arnString);Service-Specific ARN Handling
S3 ARN Handling
import com.amazonaws.arn.Arn;
// S3 bucket ARN
Arn s3BucketArn = Arn.builder()
.partition("aws")
.service("s3")
.resource("my-bucket")
.build();
// S3 object ARN
Arn s3ObjectArn = Arn.builder()
.partition("aws")
.service("s3")
.resource("my-bucket/path/to/object.txt")
.build();
// Parse S3 ARNs
String s3ArnString = "arn:aws:s3:::my-bucket/my-object";
Arn parsedS3Arn = Arn.fromString(s3ArnString);
ArnResource resource = parsedS3Arn.getResource();
// Extract bucket and key
String fullResource = resource.getResource(); // "my-bucket/my-object"
String[] parts = fullResource.split("/", 2);
String bucket = parts[0];
String key = parts.length > 1 ? parts[1] : null;DynamoDB ARN Handling
// DynamoDB table ARN
Arn dynamoTableArn = Arn.builder()
.partition("aws")
.service("dynamodb")
.region("us-east-1")
.accountId("123456789012")
.resource("table", "Users")
.build();
// DynamoDB stream ARN
Arn dynamoStreamArn = Arn.builder()
.partition("aws")
.service("dynamodb")
.region("us-east-1")
.accountId("123456789012")
.resource("table/Users/stream/2023-01-01T00:00:00.000")
.build();
// Parse and extract table name
String dynamoArnString = "arn:aws:dynamodb:us-east-1:123456789012:table/Users";
Arn parsedDynamoArn = Arn.fromString(dynamoArnString);
ArnResource resource = parsedDynamoArn.getResource();
String tableName = resource.getResource(); // "Users"Lambda ARN Handling
// Lambda function ARN
Arn lambdaArn = Arn.builder()
.partition("aws")
.service("lambda")
.region("us-west-2")
.accountId("123456789012")
.resource("function", "my-function")
.build();
// Lambda function version ARN
Arn lambdaVersionArn = Arn.builder()
.partition("aws")
.service("lambda")
.region("us-west-2")
.accountId("123456789012")
.resource("function:my-function:1")
.build();
// Parse Lambda ARN and extract function name
String lambdaArnString = "arn:aws:lambda:us-west-2:123456789012:function:my-function:$LATEST";
Arn parsedLambdaArn = Arn.fromString(lambdaArnString);
ArnResource resource = parsedLambdaArn.getResource();
// Handle function name and qualifier
String resourceStr = resource.getResource();
if (resourceStr.contains(":")) {
String[] parts = resourceStr.split(":", 2);
String functionName = parts[0]; // "my-function"
String qualifier = parts[1]; // "$LATEST"
}IAM ARN Handling
// IAM role ARN
Arn iamRoleArn = Arn.builder()
.partition("aws")
.service("iam")
.accountId("123456789012")
.resource("role", "my-role")
.build();
// IAM user ARN
Arn iamUserArn = Arn.builder()
.partition("aws")
.service("iam")
.accountId("123456789012")
.resource("user", "my-user")
.build();
// IAM policy ARN
Arn iamPolicyArn = Arn.builder()
.partition("aws")
.service("iam")
.accountId("123456789012")
.resource("policy", "my-policy")
.build();Advanced ARN Operations
ARN Pattern Matching
import java.util.regex.Pattern;
// Match ARNs by pattern
public class ArnMatcher {
private static final Pattern S3_ARN_PATTERN =
Pattern.compile("arn:aws:s3:::([^/]+)(/.*)?");
private static final Pattern LAMBDA_ARN_PATTERN =
Pattern.compile("arn:aws:lambda:([^:]+):([^:]+):function:([^:]+)(:.*)?");
public static boolean isS3Arn(String arn) {
return S3_ARN_PATTERN.matcher(arn).matches();
}
public static boolean isLambdaArn(String arn) {
return LAMBDA_ARN_PATTERN.matcher(arn).matches();
}
}ARN Transformation
// Transform ARNs for different contexts
public class ArnTransformer {
// Convert S3 object ARN to bucket ARN
public static Arn toBucketArn(Arn s3ObjectArn) {
if (!"s3".equals(s3ObjectArn.getService())) {
throw new IllegalArgumentException("Not an S3 ARN");
}
String resource = s3ObjectArn.getResource().getResource();
String bucket = resource.split("/")[0];
return Arn.builder()
.partition(s3ObjectArn.getPartition())
.service(s3ObjectArn.getService())
.region(s3ObjectArn.getRegion())
.accountId(s3ObjectArn.getAccountId())
.resource(bucket)
.build();
}
// Extract region from ARN
public static String extractRegion(Arn arn) {
return arn.getRegion();
}
// Extract account ID from ARN
public static String extractAccountId(Arn arn) {
return arn.getAccountId();
}
}Bulk ARN Processing
import java.util.List;
import java.util.stream.Collectors;
// Process multiple ARNs
public class ArnProcessor {
// Filter ARNs by service
public static List<Arn> filterByService(List<String> arnStrings, String service) {
return arnStrings.stream()
.map(Arn::fromString)
.filter(arn -> service.equals(arn.getService()))
.collect(Collectors.toList());
}
// Group ARNs by region
public static Map<String, List<Arn>> groupByRegion(List<Arn> arns) {
return arns.stream()
.collect(Collectors.groupingBy(Arn::getRegion));
}
// Extract unique account IDs
public static Set<String> extractAccountIds(List<Arn> arns) {
return arns.stream()
.map(Arn::getAccountId)
.filter(Objects::nonNull)
.filter(accountId -> !accountId.isEmpty())
.collect(Collectors.toSet());
}
}Error Handling
ARN Parsing Errors
import com.amazonaws.arn.Arn;
import com.amazonaws.SdkClientException;
try {
Arn arn = Arn.fromString("invalid-arn-format");
} catch (IllegalArgumentException e) {
System.err.println("Invalid ARN format: " + e.getMessage());
} catch (SdkClientException e) {
System.err.println("SDK error parsing ARN: " + e.getMessage());
}Safe ARN Operations
// Safe ARN parsing with validation
public static Optional<Arn> safeParseArn(String arnString) {
try {
if (ArnValidator.isValidArn(arnString)) {
return Optional.of(Arn.fromString(arnString));
}
} catch (Exception e) {
// Log error but don't propagate
System.err.println("Failed to parse ARN: " + arnString + ", error: " + e.getMessage());
}
return Optional.empty();
}
// Usage
String arnString = "arn:aws:s3:::my-bucket/my-object";
Optional<Arn> arn = safeParseArn(arnString);
if (arn.isPresent()) {
System.out.println("Successfully parsed ARN: " + arn.get().toString());
} else {
System.out.println("Failed to parse ARN");
}Best Practices
ARN Validation Best Practices
- Always validate ARNs before parsing when handling user input
- Use service-specific validation when possible for stricter checks
- Handle parsing exceptions gracefully in production code
- Cache parsed ARNs when processing the same ARN multiple times
Performance Considerations
- Reuse Arn objects rather than re-parsing the same ARN string
- Use batch processing for multiple ARN operations
- Consider ARN pattern matching for high-volume filtering operations
Security Considerations
- Validate ARN ownership before performing operations
- Check account boundaries when processing cross-account ARNs
- Sanitize ARN inputs from external sources
- Use least-privilege principles when working with ARN-based policies
ARN support in the AWS Java SDK Core provides the foundation for resource identification and manipulation across all AWS services, enabling robust and type-safe resource management in Java applications.
Install with Tessl CLI
npx tessl i tessl/maven-com-amazonaws--aws-java-sdk-core