Example 1 with Policy
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class ModifyPolicy method main.
public static void main(String... args) {
// Create Resource Manager service object
// By default, credentials are inferred from the runtime environment.
ResourceManager resourceManager = ResourceManagerOptions.getDefaultInstance().getService();
// Get a project from the server
// Use an existing project's ID
String projectId = "some-project-id";
Project project = resourceManager.get(projectId);
// Get the project's policy
Policy policy = project.getPolicy();
// Add a viewer
Policy.Builder modifiedPolicy = policy.toBuilder();
Identity newViewer = Identity.user("<insert user's email address here>");
modifiedPolicy.addIdentity(Role.viewer(), newViewer);
// Write policy
Policy updatedPolicy = project.replacePolicy(modifiedPolicy.build());
// Print policy
System.out.printf("Updated policy for %s: %n%s%n", projectId, updatedPolicy);
}
Also used :
Policy(com.google.cloud.Policy)
Project(com.google.cloud.resourcemanager.Project)
ResourceManager(com.google.cloud.resourcemanager.ResourceManager)
Identity(com.google.cloud.Identity)
Example 2 with Policy
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class BucketIamSnippets method listBucketIamMembers.
/**
* Example of listing the Bucket-Level IAM Roles and Members
*/
public Policy listBucketIamMembers(String bucketName) {
// [START view_bucket_iam_members]
// Initialize a Cloud Storage client
Storage storage = StorageOptions.getDefaultInstance().getService();
// Get IAM Policy for a bucket
Policy policy = storage.getIamPolicy(bucketName);
// Print Roles and its identities
Map<Role, Set<Identity>> policyBindings = policy.getBindings();
for (Map.Entry<Role, Set<Identity>> entry : policyBindings.entrySet()) {
System.out.printf("Role: %s Identities: %s\n", entry.getKey(), entry.getValue());
}
// [END view_bucket_iam_members]
return policy;
}Example 3 with Policy
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class BucketIamSnippets method addBucketIamMember.
/**
* Example of adding a member to the Bucket-level IAM
*/
public Policy addBucketIamMember(String bucketName, Role role, Identity identity) {
// [START add_bucket_iam_member]
// Initialize a Cloud Storage client
Storage storage = StorageOptions.getDefaultInstance().getService();
// Get IAM Policy for a bucket
Policy policy = storage.getIamPolicy(bucketName);
// Add identity to Bucket-level IAM role
Policy updatedPolicy = storage.setIamPolicy(bucketName, policy.toBuilder().addIdentity(role, identity).build());
if (updatedPolicy.getBindings().get(role).contains(identity)) {
System.out.printf("Added %s with role %s to %s\n", identity, role, bucketName);
}
// [END add_bucket_iam_member]
return updatedPolicy;
}Example 4 with Policy
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class BucketIamSnippets method removeBucketIamMember.
/**
* Example of removing a member from the Bucket-level IAM
*/
public Policy removeBucketIamMember(String bucketName, Role role, Identity identity) {
// [START remove_bucket_iam_member]
// Initialize a Cloud Storage client
Storage storage = StorageOptions.getDefaultInstance().getService();
// Get IAM Policy for a bucket
Policy policy = storage.getIamPolicy(bucketName);
// Remove an identity from a Bucket-level IAM role
Policy updatedPolicy = storage.setIamPolicy(bucketName, policy.toBuilder().removeIdentity(role, identity).build());
if (updatedPolicy.getBindings().get(role) == null || !updatedPolicy.getBindings().get(role).contains(identity)) {
System.out.printf("Removed %s with role %s from %s\n", identity, role, bucketName);
}
// [END remove_bucket_iam_member]
return updatedPolicy;
}Example 5 with Policy
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class ITBucketSnippets method testRemoveBucketIamMember.
@Test
public void testRemoveBucketIamMember() {
// Test a member is removed from Bucket-level IAM
Policy policy = storage.getIamPolicy(BUCKET);
policy = storage.setIamPolicy(BUCKET, policy.toBuilder().removeRole(StorageRoles.admin()).build());
assertNull(policy.getBindings().get(StorageRoles.admin()));
policy = storage.setIamPolicy(BUCKET, policy.toBuilder().addIdentity(StorageRoles.admin(), Identity.user(USER_EMAIL)).build());
assertTrue(policy.getBindings().get(StorageRoles.admin()).contains(Identity.user(USER_EMAIL)));
Policy snippetPolicy = bucketIamSnippets.removeBucketIamMember(BUCKET, StorageRoles.admin(), Identity.user(USER_EMAIL));
assertNull(snippetPolicy.getBindings().get(StorageRoles.admin()));
}Aggregations
Policy (com.google.cloud.Policy)15
Test (org.junit.Test)9
Identity (com.google.cloud.Identity)4
Set (java.util.Set)4
Bindings (com.google.api.services.storage.model.Policy.Bindings)3
Role (com.google.cloud.Role)3
Storage (com.google.cloud.storage.Storage)3
Map (java.util.Map)3
ImmutableSet (com.google.common.collect.ImmutableSet)2
ArrayList (java.util.ArrayList)2
Binding (com.google.api.services.cloudresourcemanager.model.Binding)1
Project (com.google.cloud.resourcemanager.Project)1
ResourceManager (com.google.cloud.resourcemanager.ResourceManager)1
Role (com.google.cloud.storage.Acl.Role)1
ApiPolicyMatcher (com.google.cloud.storage.testing.ApiPolicyMatcher)1
ApiPolicyMatcher.eqApiPolicy (com.google.cloud.storage.testing.ApiPolicyMatcher.eqApiPolicy)1
Function (com.google.common.base.Function)1
Sets.newHashSet (com.google.common.collect.Sets.newHashSet)1
HashMap (java.util.HashMap)1
LinkedList (java.util.LinkedList)1
