Example 16 with Policy
use of io.envoyproxy.envoy.config.rbac.v3.Policy in project google-cloud-java by GoogleCloudPlatform.
the class SourceSnippets method getIamPolicySource.
// [END securitycenter_set_source_iam]
/**
* Get IAM policy for a source.
*
* @param sourceName The source to set IAM Policy for.
*/
// [START securitycenter_get_source_iam]
static Policy getIamPolicySource(SourceName sourceName) {
try (SecurityCenterClient client = SecurityCenterClient.create()) {
// Start setting up a request to get IAM policy for a source.
// SourceName sourceName = SourceName.of(/*organization=*/"123234324",/*source=*/
// "423432321");
GetIamPolicyRequest request = GetIamPolicyRequest.newBuilder().setResource(sourceName.toString()).build();
// Call the API.
Policy response = client.getIamPolicy(request);
System.out.println("Policy: " + response);
return response;
} catch (IOException e) {
throw new RuntimeException("Couldn't create client.", e);
}
}
Also used :
Policy(com.google.iam.v1.Policy)
IOException(java.io.IOException)
GetIamPolicyRequest(com.google.iam.v1.GetIamPolicyRequest)
SecurityCenterClient(com.google.cloud.securitycenter.v1.SecurityCenterClient)
Example 17 with Policy
use of io.envoyproxy.envoy.config.rbac.v3.Policy in project google-cloud-java by GoogleCloudPlatform.
the class ITTopicAdminClientSnippets method replaceTopicPolicyAndTestPermissionsIsSuccessful.
@Test
public void replaceTopicPolicyAndTestPermissionsIsSuccessful() throws Exception {
String topicName = topics[0];
topicAdminClientSnippets.createTopic(topicName);
Policy policy = topicAdminClientSnippets.replaceTopicPolicy(topicName);
assertNotNull(policy.getBindingsCount());
assertTrue(policy.getBindings(0).getRole().equalsIgnoreCase(Role.viewer().toString()));
assertTrue(policy.getBindings(0).getMembers(0).equalsIgnoreCase(Identity.allAuthenticatedUsers().toString()));
TestIamPermissionsResponse response = topicAdminClientSnippets.testTopicPermissions(topicName);
assertTrue(response.getPermissionsList().contains("pubsub.topics.get"));
}
Also used :
Policy(com.google.iam.v1.Policy)
TestIamPermissionsResponse(com.google.iam.v1.TestIamPermissionsResponse)
Test(org.junit.Test)
Example 18 with Policy
use of io.envoyproxy.envoy.config.rbac.v3.Policy in project google-cloud-java by GoogleCloudPlatform.
the class ITTopicAdminClientSnippets method topicPolicyIsCorrectlyRetrieved.
@Test
public void topicPolicyIsCorrectlyRetrieved() throws Exception {
String topicName = topics[0];
topicAdminClientSnippets.createTopic(topicName);
Policy policy = topicAdminClientSnippets.getTopicPolicy(topicName);
assertNotNull(policy);
}Example 19 with Policy
use of io.envoyproxy.envoy.config.rbac.v3.Policy in project google-cloud-java by GoogleCloudPlatform.
the class ITSubscriptionAdminClientSnippets method replaceSubscriptionPolicyAndTestPermissionsIsSuccessful.
@Test
public void replaceSubscriptionPolicyAndTestPermissionsIsSuccessful() throws Exception {
String topicName = topics[0];
String subscriptionName = subscriptions[0];
createSubscription(topicName, subscriptionName);
Policy policy = subscriptionAdminClientSnippets.replaceSubscriptionPolicy(subscriptionName);
assertNotNull(policy.getBindingsCount());
assertTrue(policy.getBindings(0).getRole().equalsIgnoreCase(Role.viewer().toString()));
assertTrue(policy.getBindings(0).getMembers(0).equalsIgnoreCase(Identity.allAuthenticatedUsers().toString()));
TestIamPermissionsResponse response = subscriptionAdminClientSnippets.testSubscriptionPermissions(subscriptionName);
assertTrue(response.getPermissionsList().contains("pubsub.subscriptions.get"));
}
Also used :
Policy(com.google.iam.v1.Policy)
TestIamPermissionsResponse(com.google.iam.v1.TestIamPermissionsResponse)
ByteString(com.google.protobuf.ByteString)
Test(org.junit.Test)
Example 20 with Policy
use of io.envoyproxy.envoy.config.rbac.v3.Policy in project google-cloud-java by GoogleCloudPlatform.
the class SubscriptionAdminClientTest method setIamPolicyExceptionTest.
@Test
@SuppressWarnings("all")
public void setIamPolicyExceptionTest() throws Exception {
StatusRuntimeException exception = new StatusRuntimeException(Status.INVALID_ARGUMENT);
mockIAMPolicy.addException(exception);
try {
String formattedResource = SubscriptionName.create("[PROJECT]", "[SUBSCRIPTION]").toString();
Policy policy = Policy.newBuilder().build();
client.setIamPolicy(formattedResource, policy);
Assert.fail("No exception raised");
} catch (ApiException e) {
Assert.assertEquals(Status.INVALID_ARGUMENT.getCode(), e.getStatusCode());
}
}
Also used :
Policy(com.google.iam.v1.Policy)
StatusRuntimeException(io.grpc.StatusRuntimeException)
ByteString(com.google.protobuf.ByteString)
ApiException(com.google.api.gax.grpc.ApiException)
Test(org.junit.Test)
Aggregations
Policy (com.google.iam.v1.Policy)17
Test (org.junit.Test)16
ByteString (com.google.protobuf.ByteString)9
Binding (com.google.iam.v1.Binding)4
GeneratedMessageV3 (com.google.protobuf.GeneratedMessageV3)4
RBAC (io.envoyproxy.envoy.config.rbac.v3.RBAC)4
GetIamPolicyRequest (com.google.iam.v1.GetIamPolicyRequest)3
SetIamPolicyRequest (com.google.iam.v1.SetIamPolicyRequest)3
ApiException (com.google.api.gax.grpc.ApiException)2
SubscriptionAdminClient (com.google.cloud.pubsub.spi.v1.SubscriptionAdminClient)2
TopicAdminClient (com.google.cloud.pubsub.spi.v1.TopicAdminClient)2
SecurityCenterClient (com.google.cloud.securitycenter.v1.SecurityCenterClient)2
TestIamPermissionsResponse (com.google.iam.v1.TestIamPermissionsResponse)2
SubscriptionName (com.google.pubsub.v1.SubscriptionName)2
TopicName (com.google.pubsub.v1.TopicName)2
Permission (io.envoyproxy.envoy.config.rbac.v3.Permission)2
Policy (io.envoyproxy.envoy.config.rbac.v3.Policy)2
Principal (io.envoyproxy.envoy.config.rbac.v3.Principal)2
StatusRuntimeException (io.grpc.StatusRuntimeException)2
IOException (java.io.IOException)2
