Examples with AbstractTemporaryCredentials com.epam.pipeline.entity.datastorage.AbstractTemporaryCredentials used on opensource projects

Search in sources :

Example 1 with AbstractTemporaryCredentials

use of com.epam.pipeline.entity.datastorage.AbstractTemporaryCredentials in project cloud-pipeline by epam.

the class S3TemporaryCredentials method generate.

@Override
public AbstractTemporaryCredentials generate(List<DataStorageAction> actions) {
    String policy = createPolicyWithPermissions(actions);
    AssumeRoleRequest assumeRoleRequest = new AssumeRoleRequest().withDurationSeconds(getDuration()).withPolicy(policy).withRoleSessionName(sessionName).withRoleArn(getRole());
    AWSSecurityTokenServiceClientBuilder builder = AWSSecurityTokenServiceClientBuilder.standard();
    builder.setRegion(getAwsRegionId());
    builder.setCredentials(DefaultAWSCredentialsProviderChain.getInstance());
    AssumeRoleResult assumeRoleResult = builder.build().assumeRole(assumeRoleRequest);
    Credentials resultingCredentials = assumeRoleResult.getCredentials();
    setAccessKey(resultingCredentials.getSecretAccessKey());
    setKeyId(resultingCredentials.getAccessKeyId());
    setToken(resultingCredentials.getSessionToken());
    setExpirationTime(expirationTimeWithUTC(resultingCredentials.getExpiration()));
    setRegion(getAwsRegionId());
    return this;
}
Also used : AssumeRoleRequest(com.amazonaws.services.securitytoken.model.AssumeRoleRequest) AWSSecurityTokenServiceClientBuilder(com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder) AssumeRoleResult(com.amazonaws.services.securitytoken.model.AssumeRoleResult) AbstractTemporaryCredentials(com.epam.pipeline.entity.datastorage.AbstractTemporaryCredentials) Credentials(com.amazonaws.services.securitytoken.model.Credentials)

Example 2 with AbstractTemporaryCredentials

use of com.epam.pipeline.entity.datastorage.AbstractTemporaryCredentials in project cloud-pipeline by epam.

the class DataStorageManager method generateTemporaryCredentials.

public AbstractTemporaryCredentials generateTemporaryCredentials(List<DataStorageAction> actions) {
    AbstractDataStorage dataStorage = ListUtils.emptyIfNull(actions).stream().findFirst().map(action -> load(action.getId())).orElseThrow(() -> new IllegalArgumentException("Actions are not provided"));
    Assert.isTrue(dataStorage instanceof S3bucketDataStorage, "Temporary credentials are supported only for S3 Buckets.");
    S3bucketDataStorage bucket = (S3bucketDataStorage) dataStorage;
    AwsRegion awsRegion = awsRegionManager.getAwsRegion(bucket);
    actions.forEach(action -> {
        AbstractDataStorage loaded = action.getId().equals(dataStorage.getId()) ? dataStorage : load(action.getId());
        Assert.isTrue(loaded instanceof S3bucketDataStorage, "Temporary credentials are supported only for S3 Buckets.");
        action.setBucketName(loaded.getPath());
        Long regionId = ((S3bucketDataStorage) loaded).getRegionId();
        Assert.isTrue(Objects.equals(regionId, bucket.getRegionId()), "Actions shall be requested for buckets from the same region");
    });
    return dataStorageFactory.temporaryCredentials(bucket.getType()).withRole(preferenceManager.getPreference(SystemPreferences.DATA_STORAGE_TEMP_CREDENTIALS_ROLE)).withDurationSeconds(preferenceManager.getPreference(SystemPreferences.DATA_STORAGE_TEMP_CREDENTIALS_DURATION)).withKmsArn(awsRegion.getKmsKeyArn()).withRegionId(awsRegion.getAwsRegionName()).generate(actions);
}
Also used : Arrays(java.util.Arrays) S3Constants(com.epam.pipeline.manager.datastorage.providers.aws.s3.S3Constants) LoggerFactory(org.slf4j.LoggerFactory) SystemPreferences(com.epam.pipeline.manager.preference.SystemPreferences) Autowired(org.springframework.beans.factory.annotation.Autowired) StoragePolicy(com.epam.pipeline.entity.datastorage.StoragePolicy) StringUtils(org.apache.commons.lang3.StringUtils) DataStorageVO(com.epam.pipeline.controller.vo.DataStorageVO) Folder(com.epam.pipeline.entity.pipeline.Folder) PipelineRun(com.epam.pipeline.entity.pipeline.PipelineRun) PipeConfValue(com.epam.pipeline.entity.metadata.PipeConfValue) MessageHelper(com.epam.pipeline.common.MessageHelper) ListUtils(org.apache.commons.collections4.ListUtils) Map(java.util.Map) DataStorageItemContent(com.epam.pipeline.entity.datastorage.DataStorageItemContent) DataStorageListing(com.epam.pipeline.entity.datastorage.DataStorageListing) AntPathMatcher(org.springframework.util.AntPathMatcher) SecuredEntityManager(com.epam.pipeline.manager.security.SecuredEntityManager) DataStorageItemType(com.epam.pipeline.entity.datastorage.DataStorageItemType) DataStorageLink(com.epam.pipeline.entity.pipeline.run.parameter.DataStorageLink) AbstractSecuredEntity(com.epam.pipeline.entity.AbstractSecuredEntity) RoleManager(com.epam.pipeline.manager.user.RoleManager) DataStorageDownloadFileUrl(com.epam.pipeline.entity.datastorage.DataStorageDownloadFileUrl) Collection(java.util.Collection) Set(java.util.Set) StorageContainer(com.epam.pipeline.entity.user.StorageContainer) AwsRegion(com.epam.pipeline.entity.region.AwsRegion) Collectors(java.util.stream.Collectors) AbstractDataStorageFactory(com.epam.pipeline.entity.datastorage.AbstractDataStorageFactory) DataStorageFile(com.epam.pipeline.entity.datastorage.DataStorageFile) Objects(java.util.Objects) List(java.util.List) UserManager(com.epam.pipeline.manager.user.UserManager) DataStorageStreamingContent(com.epam.pipeline.entity.datastorage.DataStorageStreamingContent) AclSync(com.epam.pipeline.manager.security.acl.AclSync) Optional(java.util.Optional) EntityVO(com.epam.pipeline.controller.vo.EntityVO) AbstractTemporaryCredentials(com.epam.pipeline.entity.datastorage.AbstractTemporaryCredentials) DataStorageDao(com.epam.pipeline.dao.datastorage.DataStorageDao) MessageConstants(com.epam.pipeline.common.MessageConstants) DataStorageAction(com.epam.pipeline.entity.datastorage.DataStorageAction) HashMap(java.util.HashMap) Function(java.util.function.Function) DataStorageFolder(com.epam.pipeline.entity.datastorage.DataStorageFolder) ArrayList(java.util.ArrayList) MetadataManager(com.epam.pipeline.manager.metadata.MetadataManager) CollectionUtils(org.apache.commons.collections.CollectionUtils) Propagation(org.springframework.transaction.annotation.Propagation) Service(org.springframework.stereotype.Service) DataStorageException(com.epam.pipeline.entity.datastorage.DataStorageException) BaseEntity(com.epam.pipeline.entity.BaseEntity) PreferenceManager(com.epam.pipeline.manager.preference.PreferenceManager) Logger(org.slf4j.Logger) FolderManager(com.epam.pipeline.manager.pipeline.FolderManager) MapUtils(org.apache.commons.collections.MapUtils) AbstractDataStorage(com.epam.pipeline.entity.datastorage.AbstractDataStorage) DataStorageType(com.epam.pipeline.entity.datastorage.DataStorageType) AbstractDataStorageItem(com.epam.pipeline.entity.datastorage.AbstractDataStorageItem) Paths(java.nio.file.Paths) NumberUtils(org.apache.commons.lang3.math.NumberUtils) AclClass(com.epam.pipeline.entity.security.acl.AclClass) S3bucketDataStorage(com.epam.pipeline.entity.datastorage.aws.S3bucketDataStorage) AuthManager(com.epam.pipeline.manager.security.AuthManager) UpdateDataStorageItemVO(com.epam.pipeline.controller.vo.data.storage.UpdateDataStorageItemVO) Collections(java.util.Collections) AwsRegionManager(com.epam.pipeline.manager.region.AwsRegionManager) Transactional(org.springframework.transaction.annotation.Transactional) Assert(org.springframework.util.Assert) InputStream(java.io.InputStream) AbstractDataStorage(com.epam.pipeline.entity.datastorage.AbstractDataStorage) AwsRegion(com.epam.pipeline.entity.region.AwsRegion) S3bucketDataStorage(com.epam.pipeline.entity.datastorage.aws.S3bucketDataStorage)

Example 3 with AbstractTemporaryCredentials

use of com.epam.pipeline.entity.datastorage.AbstractTemporaryCredentials in project cloud-pipeline by epam.

the class S3Synchronizer method createIndexAndDocuments.

@SuppressWarnings("PMD.AvoidCatchingGenericException")
void createIndexAndDocuments(final AbstractDataStorage dataStorage) {
    EntityPermissionVO entityPermission = cloudPipelineAPIClient.loadPermissionsForEntity(dataStorage.getId(), dataStorage.getAclClass());
    PermissionsContainer permissionsContainer = new PermissionsContainer();
    if (entityPermission != null) {
        permissionsContainer.add(entityPermission.getPermissions(), dataStorage.getOwner());
    }
    String alias = indexPrefix + indexName + String.format("-%d", dataStorage.getId());
    String indexName = generateRandomString(5).toLowerCase() + "-" + alias;
    try {
        String currentIndexName = elasticsearchServiceClient.getIndexNameByAlias(alias);
        elasticIndexService.createIndexIfNotExist(indexName, indexSettingsPath);
        DataStorageAction action = new DataStorageAction();
        action.setBucketName(dataStorage.getPath());
        action.setId(dataStorage.getId());
        action.setWrite(false);
        action.setRead(true);
        AbstractTemporaryCredentials credentials = cloudPipelineAPIClient.generateTemporaryCredentials(Collections.singletonList(action));
        BulkRequestCreator bulkRequestCreator = requests -> elasticsearchServiceClient.sendRequests(indexName, requests);
        S3Helper s3Helper = new S3Helper(enableTags, credentials, bulkRequestCreator, dataStorage, indexName, bulkInsertSize, permissionsContainer);
        s3Helper.addItems();
        elasticsearchServiceClient.createIndexAlias(indexName, alias);
        if (StringUtils.hasText(currentIndexName)) {
            elasticsearchServiceClient.deleteIndex(currentIndexName);
        }
    } catch (Exception e) {
        log.error(e.getMessage(), e);
        if (elasticsearchServiceClient.isIndexExists(indexName)) {
            elasticsearchServiceClient.deleteIndex(indexName);
        }
    }
}
Also used : AbstractTemporaryCredentials(com.epam.pipeline.entity.datastorage.AbstractTemporaryCredentials) DataStorageAction(com.epam.pipeline.entity.datastorage.DataStorageAction) LocalDateTime(java.time.LocalDateTime) ElasticsearchSynchronizer(com.epam.pipeline.elasticsearchagent.service.ElasticsearchSynchronizer) AbstractDataStorage(com.epam.pipeline.entity.datastorage.AbstractDataStorage) DataStorageType(com.epam.pipeline.entity.datastorage.DataStorageType) ElasticsearchServiceClient(com.epam.pipeline.elasticsearchagent.service.ElasticsearchServiceClient) PasswordGenerator.generateRandomString(com.epam.pipeline.utils.PasswordGenerator.generateRandomString) S3Helper(com.epam.pipeline.elasticsearchagent.utils.S3Helper) Value(org.springframework.beans.factory.annotation.Value) BulkRequestCreator(com.epam.pipeline.elasticsearchagent.service.BulkRequestCreator) Slf4j(lombok.extern.slf4j.Slf4j) List(java.util.List) Service(org.springframework.stereotype.Service) PermissionsContainer(com.epam.pipeline.elasticsearchagent.model.PermissionsContainer) ConditionalOnProperty(org.springframework.boot.autoconfigure.condition.ConditionalOnProperty) Collections(java.util.Collections) EntityPermissionVO(com.epam.pipeline.vo.EntityPermissionVO) StringUtils(org.springframework.util.StringUtils) S3Helper(com.epam.pipeline.elasticsearchagent.utils.S3Helper) EntityPermissionVO(com.epam.pipeline.vo.EntityPermissionVO) DataStorageAction(com.epam.pipeline.entity.datastorage.DataStorageAction) PermissionsContainer(com.epam.pipeline.elasticsearchagent.model.PermissionsContainer) PasswordGenerator.generateRandomString(com.epam.pipeline.utils.PasswordGenerator.generateRandomString) AbstractTemporaryCredentials(com.epam.pipeline.entity.datastorage.AbstractTemporaryCredentials) BulkRequestCreator(com.epam.pipeline.elasticsearchagent.service.BulkRequestCreator)

Aggregations

AbstractTemporaryCredentials (com.epam.pipeline.entity.datastorage.AbstractTemporaryCredentials)3 AbstractDataStorage (com.epam.pipeline.entity.datastorage.AbstractDataStorage)2 DataStorageAction (com.epam.pipeline.entity.datastorage.DataStorageAction)2 DataStorageType (com.epam.pipeline.entity.datastorage.DataStorageType)2 Collections (java.util.Collections)2 List (java.util.List)2 Service (org.springframework.stereotype.Service)2 AWSSecurityTokenServiceClientBuilder (com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder)1 AssumeRoleRequest (com.amazonaws.services.securitytoken.model.AssumeRoleRequest)1 AssumeRoleResult (com.amazonaws.services.securitytoken.model.AssumeRoleResult)1 Credentials (com.amazonaws.services.securitytoken.model.Credentials)1 MessageConstants (com.epam.pipeline.common.MessageConstants)1 MessageHelper (com.epam.pipeline.common.MessageHelper)1 DataStorageVO (com.epam.pipeline.controller.vo.DataStorageVO)1 EntityVO (com.epam.pipeline.controller.vo.EntityVO)1 UpdateDataStorageItemVO (com.epam.pipeline.controller.vo.data.storage.UpdateDataStorageItemVO)1 DataStorageDao (com.epam.pipeline.dao.datastorage.DataStorageDao)1 PermissionsContainer (com.epam.pipeline.elasticsearchagent.model.PermissionsContainer)1 BulkRequestCreator (com.epam.pipeline.elasticsearchagent.service.BulkRequestCreator)1 ElasticsearchServiceClient (com.epam.pipeline.elasticsearchagent.service.ElasticsearchServiceClient)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial