Search in sources :

Example 1 with CredentialPrerequisitesResponse

use of com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse in project cloudbreak by hortonworks.

the class CredentialPrerequisiteService method getPrerequisites.

public CredentialPrerequisitesResponse getPrerequisites(String cloudPlatform, boolean govCloud, String deploymentAddress, CredentialType type) {
    CredentialPrerequisitesResponse result = getCloudbreakPrerequisites(cloudPlatform, govCloud, deploymentAddress, type);
    if (isPolicyFetchFromExperiencesAllowed()) {
        if (AWS.name().equalsIgnoreCase(cloudPlatform)) {
            try {
                Map<String, String> policies = getExperiencePrerequisites(cloudPlatform);
                if (result.getAws().getPolicies() != null) {
                    policies.putAll(result.getAws().getPolicies());
                }
                fillPoliciesWithDefaultIfMissing(result.getAws().getPolicyJson(), policies);
                result.getAws().setPolicies(policies);
            } catch (Exception e) {
                LOGGER.warn("Something has happened during the granular policy fetch from the experiences!", e);
            }
        } else {
            LOGGER.info("Fetching is enabled but the requested prerequisites from the experiences are addressed for a currently not supported " + "cloud platform: " + cloudPlatform);
        }
    } else {
        LOGGER.info("Fetching fine graded policies from the experiences has disabled by the entitlement: " + CDP_AWS_RESTRICTED_POLICY.name());
    }
    return result;
}
Also used : CredentialPrerequisitesResponse(com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse) BadRequestException(javax.ws.rs.BadRequestException) CredentialOperationException(com.sequenceiq.environment.credential.exception.CredentialOperationException) IOException(java.io.IOException) OperationException(com.sequenceiq.cloudbreak.service.OperationException)

Example 2 with CredentialPrerequisitesResponse

use of com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse in project cloudbreak by hortonworks.

the class CredentialExperienceTest method testAwsPoliciesArePresent.

@Test
public void testAwsPoliciesArePresent() {
    when(regionAwareInternalCrnGenerator.getInternalCrnForServiceAsString()).thenReturn("crn");
    when(regionAwareInternalCrnGeneratorFactory.iam()).thenReturn(regionAwareInternalCrnGenerator);
    CredentialPrerequisitesResponse res = testSkeleton("AWS", Boolean.TRUE);
    Assertions.assertNotNull(res.getAws().getPolicies());
    Assertions.assertEquals(3, res.getAws().getPolicies().size());
    ArgumentCaptor<String> a = ArgumentCaptor.forClass(String.class);
    ArgumentCaptor<String> b = ArgumentCaptor.forClass(String.class);
    verify(commonExperienceConnectorService).collectPolicy(a.capture(), b.capture());
    Assertions.assertTrue(a.getValue().contains("{cloudProvider}"));
    Assertions.assertTrue(res.getAws().getPolicies().containsKey("Environment"));
    Assertions.assertTrue(res.getAws().getPolicies().containsKey("Data Warehouses"));
    Assertions.assertTrue(res.getAws().getPolicies().containsKey("Kubernetes cluster manager"));
    Assertions.assertTrue(res.getAws().getPolicies().get("Environment").equals(MINIMAL_POLICY));
    Assertions.assertTrue(res.getAws().getPolicies().get("Data Warehouses").equals(COMMON_POLICY));
    Assertions.assertTrue(res.getAws().getPolicies().get("Kubernetes cluster manager").equals(LIFTIE_POLICY));
}
Also used : CredentialPrerequisitesResponse(com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Test(org.junit.jupiter.api.Test)

Example 3 with CredentialPrerequisitesResponse

use of com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse in project cloudbreak by hortonworks.

the class CredentialExperienceTest method testAwsEntitlementDisabled.

@Test
public void testAwsEntitlementDisabled() {
    CredentialPrerequisitesResponse res = testSkeleton("AWS", Boolean.FALSE);
    Assertions.assertNotNull(res.getAws().getPolicies());
    Assertions.assertEquals(1, res.getAws().getPolicies().size());
    verify(commonExperienceConnectorService, never()).collectPolicy(anyString(), anyString());
    Assertions.assertTrue(res.getAws().getPolicies().containsKey("Environment"));
    Assertions.assertTrue(res.getAws().getPolicies().get("Environment").equals(MINIMAL_POLICY));
}
Also used : CredentialPrerequisitesResponse(com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse) Test(org.junit.jupiter.api.Test)

Example 4 with CredentialPrerequisitesResponse

use of com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse in project cloudbreak by hortonworks.

the class CredentialExperienceTest method testAzureEntitlementAllowed.

@Test
public void testAzureEntitlementAllowed() {
    when(entitlementService.azureEnabled(any())).thenReturn(true);
    CredentialPrerequisitesResponse res = testSkeleton("AZURE", Boolean.FALSE);
    Assertions.assertNotNull(res.getAzure().getPolicies());
    Assertions.assertEquals(0, res.getAzure().getPolicies().size());
    verify(commonExperienceConnectorService, never()).collectPolicy(anyString(), anyString());
}
Also used : CredentialPrerequisitesResponse(com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse) Test(org.junit.jupiter.api.Test)

Example 5 with CredentialPrerequisitesResponse

use of com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse in project cloudbreak by hortonworks.

the class AwsCredentialConnector method getPrerequisites.

@Override
public CredentialPrerequisitesResponse getPrerequisites(CloudContext cloudContext, String externalId, String auditExternalId, String deploymentAddress, CredentialType type) {
    String policyJson;
    String actualExternalId;
    boolean govCloud = cloudContext.isGovCloud();
    switch(type) {
        case ENVIRONMENT:
            policyJson = awsPlatformParameters.getCredentialPoliciesJson().get(getPolicyType(govCloud));
            actualExternalId = externalId;
            break;
        case AUDIT:
            policyJson = awsPlatformParameters.getAuditPoliciesJson().get(getPolicyType(govCloud));
            actualExternalId = auditExternalId;
            break;
        default:
            policyJson = null;
            actualExternalId = null;
    }
    AwsCredentialPrerequisites awsPrerequisites = new AwsCredentialPrerequisites(actualExternalId, policyJson);
    awsPrerequisites.setPolicies(collectNecessaryPolicies(govCloud));
    return new CredentialPrerequisitesResponse(cloudContext.getPlatform().value(), getAccountId(govCloud), awsPrerequisites);
}
Also used : AwsCredentialPrerequisites(com.sequenceiq.cloudbreak.cloud.response.AwsCredentialPrerequisites) CredentialPrerequisitesResponse(com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse)

Aggregations

CredentialPrerequisitesResponse (com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse)15 Test (org.junit.jupiter.api.Test)6 GcpCredentialPrerequisites (com.sequenceiq.cloudbreak.cloud.response.GcpCredentialPrerequisites)3 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)3 AwsCredentialPrerequisites (com.sequenceiq.cloudbreak.cloud.response.AwsCredentialPrerequisites)2 AzureCredentialPrerequisites (com.sequenceiq.cloudbreak.cloud.response.AzureCredentialPrerequisites)2 OperationException (com.sequenceiq.cloudbreak.service.OperationException)2 CredentialOperationException (com.sequenceiq.environment.credential.exception.CredentialOperationException)2 IOException (java.io.IOException)2 BadRequestException (javax.ws.rs.BadRequestException)2 Test (org.junit.Test)2 AuthenticatedContext (com.sequenceiq.cloudbreak.cloud.context.AuthenticatedContext)1 CloudContext (com.sequenceiq.cloudbreak.cloud.context.CloudContext)1 CredentialPrerequisitesRequest (com.sequenceiq.cloudbreak.cloud.event.credential.CredentialPrerequisitesRequest)1 CredentialPrerequisitesResult (com.sequenceiq.cloudbreak.cloud.event.credential.CredentialPrerequisitesResult)1