use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class ModifyPolicy method main.
public static void main(String... args) {
// Create Resource Manager service object
// By default, credentials are inferred from the runtime environment.
ResourceManager resourceManager = ResourceManagerOptions.getDefaultInstance().getService();
// Get a project from the server
// Use an existing project's ID
String projectId = "some-project-id";
Project project = resourceManager.get(projectId);
// Get the project's policy
Policy policy = project.getPolicy();
// Add a viewer
Policy.Builder modifiedPolicy = policy.toBuilder();
Identity newViewer = Identity.user("<insert user's email address here>");
modifiedPolicy.addIdentity(Role.viewer(), newViewer);
// Write policy
Policy updatedPolicy = project.replacePolicy(modifiedPolicy.build());
// Print policy
System.out.printf("Updated policy for %s: %n%s%n", projectId, updatedPolicy);
}
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class BucketIamSnippets method listBucketIamMembers.
/**
* Example of listing the Bucket-Level IAM Roles and Members
*/
public Policy listBucketIamMembers(String bucketName) {
// [START view_bucket_iam_members]
// Initialize a Cloud Storage client
Storage storage = StorageOptions.getDefaultInstance().getService();
// Get IAM Policy for a bucket
Policy policy = storage.getIamPolicy(bucketName);
// Print Roles and its identities
Map<Role, Set<Identity>> policyBindings = policy.getBindings();
for (Map.Entry<Role, Set<Identity>> entry : policyBindings.entrySet()) {
System.out.printf("Role: %s Identities: %s\n", entry.getKey(), entry.getValue());
}
// [END view_bucket_iam_members]
return policy;
}
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class BucketIamSnippets method addBucketIamMember.
/**
* Example of adding a member to the Bucket-level IAM
*/
public Policy addBucketIamMember(String bucketName, Role role, Identity identity) {
// [START add_bucket_iam_member]
// Initialize a Cloud Storage client
Storage storage = StorageOptions.getDefaultInstance().getService();
// Get IAM Policy for a bucket
Policy policy = storage.getIamPolicy(bucketName);
// Add identity to Bucket-level IAM role
Policy updatedPolicy = storage.setIamPolicy(bucketName, policy.toBuilder().addIdentity(role, identity).build());
if (updatedPolicy.getBindings().get(role).contains(identity)) {
System.out.printf("Added %s with role %s to %s\n", identity, role, bucketName);
}
// [END add_bucket_iam_member]
return updatedPolicy;
}
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class BucketIamSnippets method removeBucketIamMember.
/**
* Example of removing a member from the Bucket-level IAM
*/
public Policy removeBucketIamMember(String bucketName, Role role, Identity identity) {
// [START remove_bucket_iam_member]
// Initialize a Cloud Storage client
Storage storage = StorageOptions.getDefaultInstance().getService();
// Get IAM Policy for a bucket
Policy policy = storage.getIamPolicy(bucketName);
// Remove an identity from a Bucket-level IAM role
Policy updatedPolicy = storage.setIamPolicy(bucketName, policy.toBuilder().removeIdentity(role, identity).build());
if (updatedPolicy.getBindings().get(role) == null || !updatedPolicy.getBindings().get(role).contains(identity)) {
System.out.printf("Removed %s with role %s from %s\n", identity, role, bucketName);
}
// [END remove_bucket_iam_member]
return updatedPolicy;
}
use of com.google.cloud.Policy in project google-cloud-java by GoogleCloudPlatform.
the class ITBucketSnippets method testRemoveBucketIamMember.
@Test
public void testRemoveBucketIamMember() {
// Test a member is removed from Bucket-level IAM
Policy policy = storage.getIamPolicy(BUCKET);
policy = storage.setIamPolicy(BUCKET, policy.toBuilder().removeRole(StorageRoles.admin()).build());
assertNull(policy.getBindings().get(StorageRoles.admin()));
policy = storage.setIamPolicy(BUCKET, policy.toBuilder().addIdentity(StorageRoles.admin(), Identity.user(USER_EMAIL)).build());
assertTrue(policy.getBindings().get(StorageRoles.admin()).contains(Identity.user(USER_EMAIL)));
Policy snippetPolicy = bucketIamSnippets.removeBucketIamMember(BUCKET, StorageRoles.admin(), Identity.user(USER_EMAIL));
assertNull(snippetPolicy.getBindings().get(StorageRoles.admin()));
}
Aggregations