use of com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse in project cloudbreak by hortonworks.
the class CredentialPrerequisiteService method getPrerequisites.
public CredentialPrerequisitesResponse getPrerequisites(String cloudPlatform, boolean govCloud, String deploymentAddress, CredentialType type) {
CredentialPrerequisitesResponse result = getCloudbreakPrerequisites(cloudPlatform, govCloud, deploymentAddress, type);
if (isPolicyFetchFromExperiencesAllowed()) {
if (AWS.name().equalsIgnoreCase(cloudPlatform)) {
try {
Map<String, String> policies = getExperiencePrerequisites(cloudPlatform);
if (result.getAws().getPolicies() != null) {
policies.putAll(result.getAws().getPolicies());
}
fillPoliciesWithDefaultIfMissing(result.getAws().getPolicyJson(), policies);
result.getAws().setPolicies(policies);
} catch (Exception e) {
LOGGER.warn("Something has happened during the granular policy fetch from the experiences!", e);
}
} else {
LOGGER.info("Fetching is enabled but the requested prerequisites from the experiences are addressed for a currently not supported " + "cloud platform: " + cloudPlatform);
}
} else {
LOGGER.info("Fetching fine graded policies from the experiences has disabled by the entitlement: " + CDP_AWS_RESTRICTED_POLICY.name());
}
return result;
}
use of com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse in project cloudbreak by hortonworks.
the class CredentialExperienceTest method testAwsPoliciesArePresent.
@Test
public void testAwsPoliciesArePresent() {
when(regionAwareInternalCrnGenerator.getInternalCrnForServiceAsString()).thenReturn("crn");
when(regionAwareInternalCrnGeneratorFactory.iam()).thenReturn(regionAwareInternalCrnGenerator);
CredentialPrerequisitesResponse res = testSkeleton("AWS", Boolean.TRUE);
Assertions.assertNotNull(res.getAws().getPolicies());
Assertions.assertEquals(3, res.getAws().getPolicies().size());
ArgumentCaptor<String> a = ArgumentCaptor.forClass(String.class);
ArgumentCaptor<String> b = ArgumentCaptor.forClass(String.class);
verify(commonExperienceConnectorService).collectPolicy(a.capture(), b.capture());
Assertions.assertTrue(a.getValue().contains("{cloudProvider}"));
Assertions.assertTrue(res.getAws().getPolicies().containsKey("Environment"));
Assertions.assertTrue(res.getAws().getPolicies().containsKey("Data Warehouses"));
Assertions.assertTrue(res.getAws().getPolicies().containsKey("Kubernetes cluster manager"));
Assertions.assertTrue(res.getAws().getPolicies().get("Environment").equals(MINIMAL_POLICY));
Assertions.assertTrue(res.getAws().getPolicies().get("Data Warehouses").equals(COMMON_POLICY));
Assertions.assertTrue(res.getAws().getPolicies().get("Kubernetes cluster manager").equals(LIFTIE_POLICY));
}
use of com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse in project cloudbreak by hortonworks.
the class CredentialExperienceTest method testAwsEntitlementDisabled.
@Test
public void testAwsEntitlementDisabled() {
CredentialPrerequisitesResponse res = testSkeleton("AWS", Boolean.FALSE);
Assertions.assertNotNull(res.getAws().getPolicies());
Assertions.assertEquals(1, res.getAws().getPolicies().size());
verify(commonExperienceConnectorService, never()).collectPolicy(anyString(), anyString());
Assertions.assertTrue(res.getAws().getPolicies().containsKey("Environment"));
Assertions.assertTrue(res.getAws().getPolicies().get("Environment").equals(MINIMAL_POLICY));
}
use of com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse in project cloudbreak by hortonworks.
the class CredentialExperienceTest method testAzureEntitlementAllowed.
@Test
public void testAzureEntitlementAllowed() {
when(entitlementService.azureEnabled(any())).thenReturn(true);
CredentialPrerequisitesResponse res = testSkeleton("AZURE", Boolean.FALSE);
Assertions.assertNotNull(res.getAzure().getPolicies());
Assertions.assertEquals(0, res.getAzure().getPolicies().size());
verify(commonExperienceConnectorService, never()).collectPolicy(anyString(), anyString());
}
use of com.sequenceiq.cloudbreak.cloud.response.CredentialPrerequisitesResponse in project cloudbreak by hortonworks.
the class AwsCredentialConnector method getPrerequisites.
@Override
public CredentialPrerequisitesResponse getPrerequisites(CloudContext cloudContext, String externalId, String auditExternalId, String deploymentAddress, CredentialType type) {
String policyJson;
String actualExternalId;
boolean govCloud = cloudContext.isGovCloud();
switch(type) {
case ENVIRONMENT:
policyJson = awsPlatformParameters.getCredentialPoliciesJson().get(getPolicyType(govCloud));
actualExternalId = externalId;
break;
case AUDIT:
policyJson = awsPlatformParameters.getAuditPoliciesJson().get(getPolicyType(govCloud));
actualExternalId = auditExternalId;
break;
default:
policyJson = null;
actualExternalId = null;
}
AwsCredentialPrerequisites awsPrerequisites = new AwsCredentialPrerequisites(actualExternalId, policyJson);
awsPrerequisites.setPolicies(collectNecessaryPolicies(govCloud));
return new CredentialPrerequisitesResponse(cloudContext.getPlatform().value(), getAccountId(govCloud), awsPrerequisites);
}
Aggregations