Examples with Policy com.google.api.services.healthcare.v1.model.Policy used on opensource projects

Example 6 with Policy

use of com.google.api.services.healthcare.v1.model.Policy in project java-docs-samples by GoogleCloudPlatform.

the class FhirStoreSetIamPolicy method fhirStoreSetIamPolicy.

public static void fhirStoreSetIamPolicy(String fhirStoreName) throws IOException {
    // String fhirStoreName =
    // String.format(
    // FHIR_NAME, "your-project-id", "your-region-id", "your-dataset-id", "your-fhir-id");
    // Initialize the client, which will be used to interact with the service.
    CloudHealthcare client = createClient();
    // Configure the IAMPolicy to apply to the store.
    // For more information on understanding IAM roles, see the following:
    // https://cloud.google.com/iam/docs/understanding-roles
    Binding binding = new Binding().setRole("roles/healthcare.fhirResourceReader").setMembers(Arrays.asList("domain:google.com"));
    Policy policy = new Policy().setBindings(Arrays.asList(binding));
    SetIamPolicyRequest policyRequest = new SetIamPolicyRequest().setPolicy(policy);
    // Create request and configure any parameters.
    FhirStores.SetIamPolicy request = client.projects().locations().datasets().fhirStores().setIamPolicy(fhirStoreName, policyRequest);
    // Execute the request and process the results.
    Policy updatedPolicy = request.execute();
    System.out.println("FHIR policy has been updated: " + updatedPolicy.toPrettyString());
}

Example 7 with Policy

use of com.google.api.services.healthcare.v1.model.Policy in project java-docs-samples by GoogleCloudPlatform.

the class Quickstart method removeMember.

public static void removeMember(CloudResourceManager crmService, String projectId, String member, String role) {
    // Gets the project's policy.
    Policy policy = getPolicy(crmService, projectId);
    // Removes the member from the role.
    Binding binding = null;
    for (Binding b : policy.getBindings()) {
        if (b.getRole().equals(role)) {
            binding = b;
            break;
        }
    }
    if (binding.getMembers().contains(member)) {
        binding.getMembers().remove(member);
        if (binding.getMembers().isEmpty()) {
            policy.getBindings().remove(binding);
        }
    }
    // Sets the updated policy.
    setPolicy(crmService, projectId, policy);
}

Example 8 with Policy

use of com.google.api.services.healthcare.v1.model.Policy in project java-docs-samples by GoogleCloudPlatform.

the class Hl7v2StoreSetIamPolicy method hl7v2StoreSetIamPolicy.

public static void hl7v2StoreSetIamPolicy(String hl7v2StoreName) throws IOException {
    // String hl7v2StoreName =
    // String.format(
    // HL7v2_NAME, "your-project-id", "your-region-id", "your-dataset-id", "your-hl7v2-id");
    // Initialize the client, which will be used to interact with the service.
    CloudHealthcare client = createClient();
    // Configure the IAMPolicy to apply to the store.
    // For more information on understanding IAM roles, see the following:
    // https://cloud.google.com/iam/docs/understanding-roles
    Binding binding = new Binding().setRole("roles/healthcare.hl7V2Consumer").setMembers(Arrays.asList("domain:google.com"));
    Policy policy = new Policy().setBindings(Arrays.asList(binding));
    SetIamPolicyRequest policyRequest = new SetIamPolicyRequest().setPolicy(policy);
    // Create request and configure any parameters.
    Hl7V2Stores.SetIamPolicy request = client.projects().locations().datasets().hl7V2Stores().setIamPolicy(hl7v2StoreName, policyRequest);
    // Execute the request and process the results.
    Policy updatedPolicy = request.execute();
    System.out.println("HL7v2 policy has been updated: " + updatedPolicy.toPrettyString());
}

Example 9 with Policy

use of com.google.api.services.healthcare.v1.model.Policy in project java-docs-samples by GoogleCloudPlatform.

the class DicomStoreGetIamPolicy method dicomStoreGetIamPolicy.

public static void dicomStoreGetIamPolicy(String dicomStoreName) throws IOException {
    // String dicomStoreName =
    // String.format(
    // DICOM_NAME, "your-project-id", "your-region-id", "your-dataset-id", "your-dicom-id");
    // Initialize the client, which will be used to interact with the service.
    CloudHealthcare client = createClient();
    // Create request and configure any parameters.
    DicomStores.GetIamPolicy request = client.projects().locations().datasets().dicomStores().getIamPolicy(dicomStoreName);
    // Execute the request and process the results.
    Policy policy = request.execute();
    System.out.println("DICOM store IAMPolicy retrieved: \n" + policy.toPrettyString());
}

Example 10 with Policy

use of com.google.api.services.healthcare.v1.model.Policy in project terra-resource-buffer by DataBiosphere.

the class CreateGkeDefaultSAStep method doStep.

@Override
public StepResult doStep(FlightContext flightContext) throws RetryException {
    if (!createGkeDefaultSa(gcpProjectConfig)) {
        return StepResult.getStepResultSuccess();
    }
    String projectId = flightContext.getWorkingMap().get(GOOGLE_PROJECT_ID, String.class);
    CreateServiceAccountRequest createRequest = new CreateServiceAccountRequest().setAccountId(GKE_SA_NAME).setServiceAccount(new ServiceAccount().setDescription("Default service account can be used on GKE node. "));
    try {
        iamCow.projects().serviceAccounts().create("projects/" + projectId, createRequest).execute();
    } catch (GoogleJsonResponseException e) {
        // Otherwise throw a retry exception.
        if (e.getStatusCode() != HttpStatus.CONFLICT.value()) {
            throw new RetryException(e);
        }
        logger.warn("Service account {} already created for notebook instance.", GKE_SA_NAME);
    } catch (IOException e) {
        throw new RetryException(e);
    }
    // Grants permission that a GKE node runner needs
    String serviceAccountEmail = ServiceAccountName.emailFromAccountId(GKE_SA_NAME, projectId);
    try {
        Policy policy = rmCow.projects().getIamPolicy(projectId, new GetIamPolicyRequest()).execute();
        GKE_SA_ROLES.forEach(r -> policy.getBindings().add(new Binding().setRole(r).setMembers(Collections.singletonList("serviceAccount:" + serviceAccountEmail))));
        // Duplicating bindings is harmless (e.g. on retry). GCP de-duplicates.
        rmCow.projects().setIamPolicy(projectId, new SetIamPolicyRequest().setPolicy(policy)).execute();
    } catch (IOException e) {
        logger.info("Error when setting IAM policy for GKE default node SA", e);
        return new StepResult(StepStatus.STEP_RESULT_FAILURE_RETRY, e);
    }
    return StepResult.getStepResultSuccess();
}