Examples with AwsIamRoleRecord com.nike.cerberus.record.AwsIamRoleRecord used on opensource projects

Search in sources :

Example 21 with AwsIamRoleRecord

use of com.nike.cerberus.record.AwsIamRoleRecord in project cerberus by Nike-Inc.

the class AuthenticationServiceTest method test_that_findIamRoleAssociatedWithSdb_returns_empty_optional_when_roles_not_found.

@Test
public void test_that_findIamRoleAssociatedWithSdb_returns_empty_optional_when_roles_not_found() {
    String accountId = "0000000000";
    String roleName = "role/path";
    String principalArn = String.format("arn:aws:iam::%s:instance-profile/%s", accountId, roleName);
    String roleArn = String.format("arn:aws:iam::%s:role/%s", accountId, roleName);
    String rootArn = String.format("arn:aws:iam::%s:root", accountId);
    when(awsIamRoleDao.getIamRole(principalArn)).thenReturn(Optional.empty());
    when(awsIamRoleDao.getIamRole(roleArn)).thenReturn(Optional.empty());
    when(awsIamRoleDao.getIamRole(rootArn)).thenReturn(Optional.empty());
    when(awsIamRoleArnParser.isRoleArn(principalArn)).thenReturn(false);
    when(awsIamRoleArnParser.convertPrincipalArnToRoleArn(principalArn)).thenReturn(roleArn);
    when(awsIamRoleArnParser.convertPrincipalArnToRootArn(roleArn)).thenReturn(rootArn);
    Optional<AwsIamRoleRecord> result = authenticationService.findIamRoleAssociatedWithSdb(principalArn);
    assertFalse(result.isPresent());
}
Also used : AwsIamRoleRecord(com.nike.cerberus.record.AwsIamRoleRecord) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Example 22 with AwsIamRoleRecord

use of com.nike.cerberus.record.AwsIamRoleRecord in project cerberus by Nike-Inc.

the class AwsIamRoleService method createIamRole.

@Transactional
public AwsIamRoleRecord createIamRole(String iamPrincipalArn) {
    String iamRoleId = uuidSupplier.get();
    OffsetDateTime dateTime = dateTimeSupplier.get();
    AwsIamRoleRecord awsIamRoleRecord = new AwsIamRoleRecord();
    awsIamRoleRecord.setId(iamRoleId);
    awsIamRoleRecord.setAwsIamRoleArn(iamPrincipalArn);
    awsIamRoleRecord.setCreatedBy(SYSTEM_USER);
    awsIamRoleRecord.setLastUpdatedBy(SYSTEM_USER);
    awsIamRoleRecord.setCreatedTs(dateTime);
    awsIamRoleRecord.setLastUpdatedTs(dateTime);
    awsIamRoleDao.createIamRole(awsIamRoleRecord);
    return awsIamRoleRecord;
}
Also used : OffsetDateTime(java.time.OffsetDateTime) AwsIamRoleRecord(com.nike.cerberus.record.AwsIamRoleRecord) Transactional(org.springframework.transaction.annotation.Transactional)

Example 23 with AwsIamRoleRecord

use of com.nike.cerberus.record.AwsIamRoleRecord in project cerberus by Nike-Inc.

the class IamPrincipalPermissionService method updateIamPrincipalPermission.

/**
 * Updates a IAM role permission.
 *
 * @param safeDepositBoxId The safe deposit box id
 * @param iamPrincipalPermission The IAM principal permission
 * @param user The user making the changes
 * @param dateTime The time of the changes
 */
@Transactional
public void updateIamPrincipalPermission(final String safeDepositBoxId, final IamPrincipalPermission iamPrincipalPermission, final String user, final OffsetDateTime dateTime) {
    final Optional<AwsIamRoleRecord> iamRole = awsIamRoleDao.getIamRole(iamPrincipalPermission.getIamPrincipalArn());
    if (iamRole.isEmpty()) {
        String msg = "Unable to update permissions for IAM role that doesn't exist.";
        throw ApiException.newBuilder().withApiErrors(CustomApiError.createCustomApiError(DefaultApiError.ENTITY_NOT_FOUND, msg)).withExceptionMessage(msg).build();
    }
    AwsIamRolePermissionRecord record = new AwsIamRolePermissionRecord();
    record.setSdboxId(safeDepositBoxId);
    record.setAwsIamRoleId(iamRole.get().getId());
    record.setRoleId(iamPrincipalPermission.getRoleId());
    record.setLastUpdatedBy(user);
    record.setLastUpdatedTs(dateTime);
    awsIamRoleDao.updateIamRolePermission(record);
}
Also used : AwsIamRoleRecord(com.nike.cerberus.record.AwsIamRoleRecord) AwsIamRolePermissionRecord(com.nike.cerberus.record.AwsIamRolePermissionRecord) Transactional(org.springframework.transaction.annotation.Transactional)

Example 24 with AwsIamRoleRecord

use of com.nike.cerberus.record.AwsIamRoleRecord in project cerberus by Nike-Inc.

the class IamPrincipalPermissionService method getIamPrincipalPermissions.

public Set<IamPrincipalPermission> getIamPrincipalPermissions(final String safeDepositBoxId) {
    final Set<IamPrincipalPermission> iamPrincipalPermissionSet = Sets.newHashSet();
    final List<AwsIamRolePermissionRecord> permissionRecords = awsIamRoleDao.getIamRolePermissions(safeDepositBoxId);
    permissionRecords.forEach(r -> {
        final Optional<AwsIamRoleRecord> iamRoleRecord = awsIamRoleDao.getIamRoleById(r.getAwsIamRoleId());
        if (iamRoleRecord.isPresent()) {
            final IamPrincipalPermission permission = new IamPrincipalPermission();
            permission.setId(r.getId());
            permission.setIamPrincipalArn(iamRoleRecord.get().getAwsIamRoleArn());
            permission.setRoleId(r.getRoleId());
            permission.setCreatedBy(r.getCreatedBy());
            permission.setLastUpdatedBy(r.getLastUpdatedBy());
            permission.setCreatedTs(r.getCreatedTs());
            permission.setLastUpdatedTs(r.getLastUpdatedTs());
            iamPrincipalPermissionSet.add(permission);
        }
    });
    return iamPrincipalPermissionSet;
}
Also used : AwsIamRoleRecord(com.nike.cerberus.record.AwsIamRoleRecord) AwsIamRolePermissionRecord(com.nike.cerberus.record.AwsIamRolePermissionRecord) IamPrincipalPermission(com.nike.cerberus.domain.IamPrincipalPermission)

Aggregations

AwsIamRoleRecord (com.nike.cerberus.record.AwsIamRoleRecord)24 Test (org.junit.Test)17 IamPrincipalPermission (com.nike.cerberus.domain.IamPrincipalPermission)8 AwsIamRolePermissionRecord (com.nike.cerberus.record.AwsIamRolePermissionRecord)8 Matchers.anyString (org.mockito.Matchers.anyString)6 Role (com.nike.cerberus.domain.Role)3 AwsIamRoleKmsKeyRecord (com.nike.cerberus.record.AwsIamRoleKmsKeyRecord)3 OffsetDateTime (java.time.OffsetDateTime)3 HashSet (java.util.HashSet)3 Transactional (org.springframework.transaction.annotation.Transactional)3 AmazonServiceException (com.amazonaws.AmazonServiceException)1 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)1 AuthKmsKeyMetadata (com.nike.cerberus.domain.AuthKmsKeyMetadata)1 AuthTokenResponse (com.nike.cerberus.domain.AuthTokenResponse)1 EncryptedAuthDataWrapper (com.nike.cerberus.domain.EncryptedAuthDataWrapper)1 ArrayList (java.util.ArrayList)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial