Search in sources :

Example 1 with CloudS3View

use of com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View in project cloudbreak by hortonworks.

the class StackToCloudStackConverter method buildFileSystemViewFromTelemetry.

private Optional<CloudFileSystemView> buildFileSystemViewFromTelemetry(Logging logging) {
    if (logging.getStorageLocation() != null) {
        if (logging.getS3() != null) {
            CloudS3View s3View = new CloudS3View(CloudIdentityType.LOG);
            s3View.setInstanceProfile(logging.getS3().getInstanceProfile());
            return Optional.of(s3View);
        } else if (logging.getAdlsGen2() != null) {
            CloudAdlsGen2View adlsGen2View = new CloudAdlsGen2View(CloudIdentityType.LOG);
            AdlsGen2CloudStorageV1Parameters adlsGen2Params = logging.getAdlsGen2();
            adlsGen2View.setAccountKey(adlsGen2Params.getAccountKey());
            adlsGen2View.setAccountName(adlsGen2Params.getAccountName());
            adlsGen2View.setSecure(adlsGen2Params.isSecure());
            adlsGen2View.setManagedIdentity(adlsGen2Params.getManagedIdentity());
            return Optional.of(adlsGen2View);
        } else if (logging.getGcs() != null) {
            CloudGcsView cloudGcsView = new CloudGcsView(CloudIdentityType.LOG);
            cloudGcsView.setServiceAccountEmail(logging.getGcs().getServiceAccountEmail());
            return Optional.of(cloudGcsView);
        } else if (logging.getCloudwatch() != null) {
            CloudS3View s3View = new CloudS3View(CloudIdentityType.LOG);
            s3View.setInstanceProfile(logging.getCloudwatch().getInstanceProfile());
            return Optional.of(s3View);
        }
    }
    return Optional.empty();
}
Also used : CloudGcsView(com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudGcsView) AdlsGen2CloudStorageV1Parameters(com.sequenceiq.common.api.cloudstorage.old.AdlsGen2CloudStorageV1Parameters) CloudAdlsGen2View(com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudAdlsGen2View) CloudS3View(com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View)

Example 2 with CloudS3View

use of com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View in project cloudbreak by hortonworks.

the class StackToCloudStackConverter method buildFileSystemViewFromBackup.

private Optional<CloudFileSystemView> buildFileSystemViewFromBackup(Backup backup) {
    if (backup.getStorageLocation() != null) {
        if (backup.getS3() != null) {
            CloudS3View s3View = new CloudS3View(CloudIdentityType.LOG);
            s3View.setInstanceProfile(backup.getS3().getInstanceProfile());
            return Optional.of(s3View);
        } else if (backup.getAdlsGen2() != null) {
            CloudAdlsGen2View adlsGen2View = new CloudAdlsGen2View(CloudIdentityType.LOG);
            AdlsGen2CloudStorageV1Parameters adlsGen2Params = backup.getAdlsGen2();
            adlsGen2View.setAccountKey(adlsGen2Params.getAccountKey());
            adlsGen2View.setAccountName(adlsGen2Params.getAccountName());
            adlsGen2View.setSecure(adlsGen2Params.isSecure());
            adlsGen2View.setManagedIdentity(adlsGen2Params.getManagedIdentity());
            return Optional.of(adlsGen2View);
        } else if (backup.getGcs() != null) {
            CloudGcsView cloudGcsView = new CloudGcsView(CloudIdentityType.LOG);
            cloudGcsView.setServiceAccountEmail(backup.getGcs().getServiceAccountEmail());
            return Optional.of(cloudGcsView);
        }
    }
    return Optional.empty();
}
Also used : CloudGcsView(com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudGcsView) AdlsGen2CloudStorageV1Parameters(com.sequenceiq.common.api.cloudstorage.old.AdlsGen2CloudStorageV1Parameters) CloudAdlsGen2View(com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudAdlsGen2View) CloudS3View(com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View)

Example 3 with CloudS3View

use of com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View in project cloudbreak by hortonworks.

the class AwsDataAccessRolePermissionValidatorTest method testGetPolicyJsonReplacementsNoDynamodb.

@Test
@Override
public void testGetPolicyJsonReplacementsNoDynamodb() {
    String storageLocationBaseStr = "bucket/cluster";
    String bucket = "bucket";
    Map<String, String> expectedPolicyJsonReplacements = Map.ofEntries(Map.entry("${ARN_PARTITION}", "aws"), Map.entry("${STORAGE_LOCATION_BASE}", storageLocationBaseStr), Map.entry("${DATALAKE_BUCKET}", bucket), Map.entry("${DYNAMODB_TABLE_NAME}", ""));
    StorageLocationBase storageLocationBase = new StorageLocationBase();
    storageLocationBase.setValue(storageLocationBaseStr);
    CloudS3View cloudFileSystem = new CloudS3View(CloudIdentityType.ID_BROKER);
    cloudFileSystem.setInstanceProfile("arn:aws:iam::11111111111:instance-profile/instanceprofile");
    Map<String, String> policyJsonReplacements = awsDataAccessRolePermissionValidator.getPolicyJsonReplacements(storageLocationBase, cloudFileSystem);
    assertThat(policyJsonReplacements).isEqualTo(expectedPolicyJsonReplacements);
}
Also used : CloudS3View(com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View) StorageLocationBase(com.sequenceiq.common.api.cloudstorage.StorageLocationBase) Test(org.junit.jupiter.api.Test)

Example 4 with CloudS3View

use of com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View in project cloudbreak by hortonworks.

the class AwsRangerAuditRolePermissionValidatorTest method testCollectPolicies.

@Test
@Override
public void testCollectPolicies() {
    ArgumentCaptor<Map<String, String>> replacementsCaptor = ArgumentCaptor.forClass(Map.class);
    when(awsIamService.getPolicy(anyString(), replacementsCaptor.capture())).thenReturn(new Policy());
    CloudS3View cloudFileSystem = new CloudS3View(CloudIdentityType.ID_BROKER);
    cloudFileSystem.setInstanceProfile("arn:aws:iam::11111111111:instance-profile/instanceprofile");
    StorageLocationBase storageLocationBase1 = new StorageLocationBase();
    storageLocationBase1.setType(CloudStorageCdpService.RANGER_AUDIT);
    storageLocationBase1.setValue("s3a://bucket/cluster/ranger/audit");
    cloudFileSystem.setLocations(List.of(storageLocationBase1));
    List<Policy> policies = getValidator().collectPolicies(cloudFileSystem, List.of("policyFile1", "policyFile2"));
    assertEquals(2, policies.size());
    Map<String, String> replacements = replacementsCaptor.getValue();
    assertEquals("bucket/cluster", replacements.get("${STORAGE_LOCATION_BASE}"));
    assertEquals("bucket", replacements.get("${DATALAKE_BUCKET}"));
    assertEquals("", replacements.get("${DYNAMODB_TABLE_NAME}"));
}
Also used : Policy(com.amazonaws.auth.policy.Policy) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Map(java.util.Map) CloudS3View(com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View) StorageLocationBase(com.sequenceiq.common.api.cloudstorage.StorageLocationBase) Test(org.junit.jupiter.api.Test)

Example 5 with CloudS3View

use of com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View in project cloudbreak by hortonworks.

the class AwsRangerAuditRolePermissionValidatorTest method testGetPolicyJsonReplacements.

@Test
@Override
public void testGetPolicyJsonReplacements() {
    String storageLocationBaseStr = "bucket/cluster";
    String bucket = "bucket";
    String dynamodbTableName = "tableName";
    Map<String, String> expectedPolicyJsonReplacements = Map.ofEntries(Map.entry("${ARN_PARTITION}", "aws"), Map.entry("${STORAGE_LOCATION_BASE}", storageLocationBaseStr), Map.entry("${DATALAKE_BUCKET}", bucket), Map.entry("${DYNAMODB_TABLE_NAME}", dynamodbTableName));
    StorageLocationBase storageLocationBase = new StorageLocationBase();
    storageLocationBase.setValue(storageLocationBaseStr);
    CloudS3View cloudFileSystem = new CloudS3View(CloudIdentityType.ID_BROKER);
    cloudFileSystem.setInstanceProfile("arn:aws:iam::11111111111:instance-profile/instanceprofile");
    cloudFileSystem.setS3GuardDynamoTableName(dynamodbTableName);
    Map<String, String> policyJsonReplacements = awsRangerAuditRolePermissionValidator.getPolicyJsonReplacements(storageLocationBase, cloudFileSystem);
    assertThat(policyJsonReplacements).isEqualTo(expectedPolicyJsonReplacements);
}
Also used : ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) CloudS3View(com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View) StorageLocationBase(com.sequenceiq.common.api.cloudstorage.StorageLocationBase) Test(org.junit.jupiter.api.Test)

Aggregations

CloudS3View (com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View)15 Test (org.junit.jupiter.api.Test)7 StorageLocationBase (com.sequenceiq.common.api.cloudstorage.StorageLocationBase)6 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)3 Policy (com.amazonaws.auth.policy.Policy)2 Group (com.sequenceiq.cloudbreak.cloud.model.Group)2 CloudAdlsGen2View (com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudAdlsGen2View)2 CloudGcsView (com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudGcsView)2 AdlsGen2CloudStorageV1Parameters (com.sequenceiq.common.api.cloudstorage.old.AdlsGen2CloudStorageV1Parameters)2 Map (java.util.Map)2 InstanceProfile (com.amazonaws.services.identitymanagement.model.InstanceProfile)1 ModelContext (com.sequenceiq.cloudbreak.cloud.aws.common.resource.ModelContext)1 Security (com.sequenceiq.cloudbreak.cloud.model.Security)1 CloudFileSystemView (com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudFileSystemView)1 S3Identity (com.sequenceiq.cloudbreak.domain.cloudstorage.S3Identity)1 CloudIdentityType (com.sequenceiq.common.model.CloudIdentityType)1 Matchers.containsString (org.hamcrest.Matchers.containsString)1