Interface ZmsClient
- All Superinterfaces:
AutoCloseable
,Closeable
- All Known Implementing Classes:
DefaultZmsClient
- Author:
- bjorncs
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addPolicyRule
(AthenzDomain athenzDomain, String athenzPolicy, String action, AthenzResourceName resourceName, AthenzRole athenzRole) void
addRoleMember
(AthenzRole role, AthenzIdentity member, Optional<String> reason) void
close()
void
createOrUpdateService
(AthenzService athenzService) void
createPolicy
(AthenzDomain athenzDomain, String athenzPolicy) void
createProviderResourceGroup
(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, Set<RoleAction> roleActions, OAuthCredentials oAuthCredentials) void
createRole
(AthenzRole role, Map<String, Object> properties) default void
createSubdomain
(AthenzDomain parent, String name) void
createSubdomain
(AthenzDomain parent, String name, Map<String, Object> attributes) void
createTenancy
(AthenzDomain tenantDomain, AthenzIdentity providerService, OAuthCredentials oAuthCredentials) void
createTenantResourceGroup
(AthenzDomain tenantDomain, AthenzIdentity provider, String resourceGroup, Set<RoleAction> roleActions) For manual tenancy provisioning - only creates roles/policies on provider domainvoid
decidePendingRoleMembership
(AthenzRole athenzRole, AthenzIdentity athenzIdentity, Instant expiry, Optional<String> reason, Optional<OAuthCredentials> oAuthCredentials, boolean approve) void
deletePolicy
(AthenzDomain domain, String athenzPolicy) boolean
deletePolicyRule
(AthenzDomain athenzDomain, String athenzPolicy, String action, AthenzResourceName resourceName, AthenzRole athenzRole) void
deleteProviderResourceGroup
(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, OAuthCredentials oAuthCredentials) void
deleteRole
(AthenzRole athenzRole) void
deleteRoleMember
(AthenzRole role, AthenzIdentity member) void
deleteService
(AthenzService athenzService) void
deleteSubdomain
(AthenzDomain parent, String name) void
deleteTenancy
(AthenzDomain tenantDomain, AthenzIdentity providerService, OAuthCredentials oAuthCredentials) getDomainList
(String prefix) getDomainMeta
(AthenzDomain domain) boolean
getGroupMembership
(AthenzGroup group, AthenzIdentity identity) boolean
getMembership
(AthenzRole role, AthenzIdentity identity) getPolicy
(AthenzDomain domain, String name) getTenantResourceGroups
(AthenzDomain tenantDomain, AthenzIdentity provider, String resourceGroup) boolean
hasAccess
(AthenzResourceName resource, String action, AthenzIdentity identity) listMembers
(AthenzRole athenzRole) listPendingRoleApprovals
(AthenzRole athenzRole) listPolicies
(AthenzDomain domain) listRoles
(AthenzDomain domain) listServices
(AthenzDomain athenzDomain) void
updateDomain
(AthenzDomain domain, String mainKey, Map<String, Object> attributes) void
updateProviderEndpoint
(AthenzService athenzService, String endpoint) void
updateServicePublicKey
(AthenzService athenzService, String publicKeyId, PublicKey publicKey)
-
Method Details
-
createTenancy
void createTenancy(AthenzDomain tenantDomain, AthenzIdentity providerService, OAuthCredentials oAuthCredentials) -
deleteTenancy
void deleteTenancy(AthenzDomain tenantDomain, AthenzIdentity providerService, OAuthCredentials oAuthCredentials) -
createProviderResourceGroup
void createProviderResourceGroup(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, Set<RoleAction> roleActions, OAuthCredentials oAuthCredentials) -
deleteProviderResourceGroup
void deleteProviderResourceGroup(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, OAuthCredentials oAuthCredentials) -
createTenantResourceGroup
void createTenantResourceGroup(AthenzDomain tenantDomain, AthenzIdentity provider, String resourceGroup, Set<RoleAction> roleActions) For manual tenancy provisioning - only creates roles/policies on provider domain -
getTenantResourceGroups
Set<RoleAction> getTenantResourceGroups(AthenzDomain tenantDomain, AthenzIdentity provider, String resourceGroup) -
addRoleMember
-
deleteRoleMember
-
getMembership
-
getGroupMembership
-
getDomainList
-
getDomainListByAccount
-
getDomainMeta
-
updateDomain
-
hasAccess
-
createPolicy
-
addPolicyRule
void addPolicyRule(AthenzDomain athenzDomain, String athenzPolicy, String action, AthenzResourceName resourceName, AthenzRole athenzRole) -
deletePolicyRule
boolean deletePolicyRule(AthenzDomain athenzDomain, String athenzPolicy, String action, AthenzResourceName resourceName, AthenzRole athenzRole) -
getPolicy
-
listPendingRoleApprovals
-
decidePendingRoleMembership
void decidePendingRoleMembership(AthenzRole athenzRole, AthenzIdentity athenzIdentity, Instant expiry, Optional<String> reason, Optional<OAuthCredentials> oAuthCredentials, boolean approve) -
listMembers
-
listServices
-
createOrUpdateService
-
updateServicePublicKey
-
updateProviderEndpoint
-
deleteService
-
createRole
-
listRoles
-
listPolicies
-
deleteRole
-
createSubdomain
-
createSubdomain
-
getFullRoleInformation
-
getQuotaUsage
QuotaUsage getQuotaUsage() -
deleteSubdomain
-
deletePolicy
-
close
void close()- Specified by:
close
in interfaceAutoCloseable
- Specified by:
close
in interfaceCloseable
-