use of com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View in project cloudbreak by hortonworks.
the class StackToCloudStackConverter method buildFileSystemViewFromTelemetry.
private Optional<CloudFileSystemView> buildFileSystemViewFromTelemetry(Logging logging) {
if (logging.getStorageLocation() != null) {
if (logging.getS3() != null) {
CloudS3View s3View = new CloudS3View(CloudIdentityType.LOG);
s3View.setInstanceProfile(logging.getS3().getInstanceProfile());
return Optional.of(s3View);
} else if (logging.getAdlsGen2() != null) {
CloudAdlsGen2View adlsGen2View = new CloudAdlsGen2View(CloudIdentityType.LOG);
AdlsGen2CloudStorageV1Parameters adlsGen2Params = logging.getAdlsGen2();
adlsGen2View.setAccountKey(adlsGen2Params.getAccountKey());
adlsGen2View.setAccountName(adlsGen2Params.getAccountName());
adlsGen2View.setSecure(adlsGen2Params.isSecure());
adlsGen2View.setManagedIdentity(adlsGen2Params.getManagedIdentity());
return Optional.of(adlsGen2View);
} else if (logging.getGcs() != null) {
CloudGcsView cloudGcsView = new CloudGcsView(CloudIdentityType.LOG);
cloudGcsView.setServiceAccountEmail(logging.getGcs().getServiceAccountEmail());
return Optional.of(cloudGcsView);
} else if (logging.getCloudwatch() != null) {
CloudS3View s3View = new CloudS3View(CloudIdentityType.LOG);
s3View.setInstanceProfile(logging.getCloudwatch().getInstanceProfile());
return Optional.of(s3View);
}
}
return Optional.empty();
}
use of com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View in project cloudbreak by hortonworks.
the class StackToCloudStackConverter method buildFileSystemViewFromBackup.
private Optional<CloudFileSystemView> buildFileSystemViewFromBackup(Backup backup) {
if (backup.getStorageLocation() != null) {
if (backup.getS3() != null) {
CloudS3View s3View = new CloudS3View(CloudIdentityType.LOG);
s3View.setInstanceProfile(backup.getS3().getInstanceProfile());
return Optional.of(s3View);
} else if (backup.getAdlsGen2() != null) {
CloudAdlsGen2View adlsGen2View = new CloudAdlsGen2View(CloudIdentityType.LOG);
AdlsGen2CloudStorageV1Parameters adlsGen2Params = backup.getAdlsGen2();
adlsGen2View.setAccountKey(adlsGen2Params.getAccountKey());
adlsGen2View.setAccountName(adlsGen2Params.getAccountName());
adlsGen2View.setSecure(adlsGen2Params.isSecure());
adlsGen2View.setManagedIdentity(adlsGen2Params.getManagedIdentity());
return Optional.of(adlsGen2View);
} else if (backup.getGcs() != null) {
CloudGcsView cloudGcsView = new CloudGcsView(CloudIdentityType.LOG);
cloudGcsView.setServiceAccountEmail(backup.getGcs().getServiceAccountEmail());
return Optional.of(cloudGcsView);
}
}
return Optional.empty();
}
use of com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View in project cloudbreak by hortonworks.
the class AwsDataAccessRolePermissionValidatorTest method testGetPolicyJsonReplacementsNoDynamodb.
@Test
@Override
public void testGetPolicyJsonReplacementsNoDynamodb() {
String storageLocationBaseStr = "bucket/cluster";
String bucket = "bucket";
Map<String, String> expectedPolicyJsonReplacements = Map.ofEntries(Map.entry("${ARN_PARTITION}", "aws"), Map.entry("${STORAGE_LOCATION_BASE}", storageLocationBaseStr), Map.entry("${DATALAKE_BUCKET}", bucket), Map.entry("${DYNAMODB_TABLE_NAME}", ""));
StorageLocationBase storageLocationBase = new StorageLocationBase();
storageLocationBase.setValue(storageLocationBaseStr);
CloudS3View cloudFileSystem = new CloudS3View(CloudIdentityType.ID_BROKER);
cloudFileSystem.setInstanceProfile("arn:aws:iam::11111111111:instance-profile/instanceprofile");
Map<String, String> policyJsonReplacements = awsDataAccessRolePermissionValidator.getPolicyJsonReplacements(storageLocationBase, cloudFileSystem);
assertThat(policyJsonReplacements).isEqualTo(expectedPolicyJsonReplacements);
}
use of com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View in project cloudbreak by hortonworks.
the class AwsRangerAuditRolePermissionValidatorTest method testCollectPolicies.
@Test
@Override
public void testCollectPolicies() {
ArgumentCaptor<Map<String, String>> replacementsCaptor = ArgumentCaptor.forClass(Map.class);
when(awsIamService.getPolicy(anyString(), replacementsCaptor.capture())).thenReturn(new Policy());
CloudS3View cloudFileSystem = new CloudS3View(CloudIdentityType.ID_BROKER);
cloudFileSystem.setInstanceProfile("arn:aws:iam::11111111111:instance-profile/instanceprofile");
StorageLocationBase storageLocationBase1 = new StorageLocationBase();
storageLocationBase1.setType(CloudStorageCdpService.RANGER_AUDIT);
storageLocationBase1.setValue("s3a://bucket/cluster/ranger/audit");
cloudFileSystem.setLocations(List.of(storageLocationBase1));
List<Policy> policies = getValidator().collectPolicies(cloudFileSystem, List.of("policyFile1", "policyFile2"));
assertEquals(2, policies.size());
Map<String, String> replacements = replacementsCaptor.getValue();
assertEquals("bucket/cluster", replacements.get("${STORAGE_LOCATION_BASE}"));
assertEquals("bucket", replacements.get("${DATALAKE_BUCKET}"));
assertEquals("", replacements.get("${DYNAMODB_TABLE_NAME}"));
}
use of com.sequenceiq.cloudbreak.cloud.model.filesystem.CloudS3View in project cloudbreak by hortonworks.
the class AwsRangerAuditRolePermissionValidatorTest method testGetPolicyJsonReplacements.
@Test
@Override
public void testGetPolicyJsonReplacements() {
String storageLocationBaseStr = "bucket/cluster";
String bucket = "bucket";
String dynamodbTableName = "tableName";
Map<String, String> expectedPolicyJsonReplacements = Map.ofEntries(Map.entry("${ARN_PARTITION}", "aws"), Map.entry("${STORAGE_LOCATION_BASE}", storageLocationBaseStr), Map.entry("${DATALAKE_BUCKET}", bucket), Map.entry("${DYNAMODB_TABLE_NAME}", dynamodbTableName));
StorageLocationBase storageLocationBase = new StorageLocationBase();
storageLocationBase.setValue(storageLocationBaseStr);
CloudS3View cloudFileSystem = new CloudS3View(CloudIdentityType.ID_BROKER);
cloudFileSystem.setInstanceProfile("arn:aws:iam::11111111111:instance-profile/instanceprofile");
cloudFileSystem.setS3GuardDynamoTableName(dynamodbTableName);
Map<String, String> policyJsonReplacements = awsRangerAuditRolePermissionValidator.getPolicyJsonReplacements(storageLocationBase, cloudFileSystem);
assertThat(policyJsonReplacements).isEqualTo(expectedPolicyJsonReplacements);
}
Aggregations