Package com.cloudforge.core.iam

Class IAMProfileMapper

java.lang.Object
com.cloudforge.core.iam.IAMProfileMapper
public final class IAMProfileMapper extends Object
Maps Security Profiles to appropriate IAM Profiles following security best practices. This ensures that IAM permissions align with security requirements.

  • Method Details

    • mapFromSecurity

      public static IAMProfile mapFromSecurity(SecurityProfile securityProfile)
      Maps a Security Profile to the appropriate IAM Profile. Security Profile -> IAM Profile Mapping: - PRODUCTION -> MINIMAL (least privilege for production) - STAGING -> STANDARD (balanced permissions for testing) - DEV -> EXTENDED (broader permissions for development)
      Parameters:
      securityProfile - the security profile
      Returns:
      the corresponding IAM profile

    • mapFromSecurity

      public static IAMProfile mapFromSecurity(SecurityProfile securityProfile, IAMProfile overrideIamProfile)
      Maps a Security Profile to the appropriate IAM Profile with override capability. This allows explicit IAM profile selection when needed.
      Parameters:
      securityProfile - the security profile
      overrideIamProfile - the IAM profile override (null to use default mapping)
      Returns:
      the IAM profile to use

    • isValidCombination

      public static boolean isValidCombination(SecurityProfile securityProfile, IAMProfile iamProfile)
      Validates that the IAM profile is appropriate for the security profile. Prevents dangerous combinations like PRODUCTION + EXTENDED IAM.
      Parameters:
      securityProfile - the security profile
      iamProfile - the IAM profile
      Returns:
      true if the combination is valid, false otherwise

    • getRecommended

      public static IAMProfile getRecommended(SecurityProfile securityProfile)
      Gets the recommended IAM profile for a given security profile.
      Parameters:
      securityProfile - the security profile
      Returns:
      the recommended IAM profile