Uses of Interface
com.yahoo.vespa.athenz.api.AthenzIdentity
Package
Description
-
Uses of AthenzIdentity in com.yahoo.vespa.athenz.api
Modifier and TypeMethodDescriptionAthenzAccessToken.getAthenzIdentity()
AthenzPrincipal.getIdentity()
ZToken.getIdentity()
Modifier and TypeMethodDescriptionstatic AwsRole
AwsRole.from
(AthenzIdentity identity) NTokenGenerator.setIdentity
(AthenzIdentity identity) Required.ModifierConstructorDescriptionAthenzPrincipal
(AthenzIdentity athenzIdentity) AthenzPrincipal
(AthenzIdentity athenzIdentity, NToken nToken) AthenzPrincipal
(AthenzIdentity identity, List<AthenzRole> roles) -
Uses of AthenzIdentity in com.yahoo.vespa.athenz.client.zms
Modifier and TypeMethodDescriptionDefaultZmsClient.listMembers
(AthenzRole athenzRole) ZmsClient.listMembers
(AthenzRole athenzRole) DefaultZmsClient.listPendingRoleApprovals
(AthenzRole athenzRole) ZmsClient.listPendingRoleApprovals
(AthenzRole athenzRole) Modifier and TypeMethodDescriptionvoid
DefaultZmsClient.addRoleMember
(AthenzRole role, AthenzIdentity member, Optional<String> reason) void
ZmsClient.addRoleMember
(AthenzRole role, AthenzIdentity member, Optional<String> reason) void
DefaultZmsClient.createProviderResourceGroup
(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, Set<RoleAction> roleActions, OAuthCredentials oAuthCredentials) void
ZmsClient.createProviderResourceGroup
(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, Set<RoleAction> roleActions, OAuthCredentials oAuthCredentials) void
DefaultZmsClient.createTenancy
(AthenzDomain tenantDomain, AthenzIdentity providerService, OAuthCredentials oAuthCredentials) void
ZmsClient.createTenancy
(AthenzDomain tenantDomain, AthenzIdentity providerService, OAuthCredentials oAuthCredentials) void
DefaultZmsClient.createTenantResourceGroup
(AthenzDomain tenantDomain, AthenzIdentity provider, String resourceGroup, Set<RoleAction> roleActions) void
ZmsClient.createTenantResourceGroup
(AthenzDomain tenantDomain, AthenzIdentity provider, String resourceGroup, Set<RoleAction> roleActions) For manual tenancy provisioning - only creates roles/policies on provider domainvoid
DefaultZmsClient.decidePendingRoleMembership
(AthenzRole athenzRole, AthenzIdentity athenzIdentity, Instant expiry, Optional<String> reason, Optional<OAuthCredentials> oAuthCredentials, boolean approve) void
ZmsClient.decidePendingRoleMembership
(AthenzRole athenzRole, AthenzIdentity athenzIdentity, Instant expiry, Optional<String> reason, Optional<OAuthCredentials> oAuthCredentials, boolean approve) void
DefaultZmsClient.deleteProviderResourceGroup
(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, OAuthCredentials oAuthCredentials) void
ZmsClient.deleteProviderResourceGroup
(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, OAuthCredentials oAuthCredentials) void
DefaultZmsClient.deleteRoleMember
(AthenzRole role, AthenzIdentity member) void
ZmsClient.deleteRoleMember
(AthenzRole role, AthenzIdentity member) void
DefaultZmsClient.deleteTenancy
(AthenzDomain tenantDomain, AthenzIdentity providerService, OAuthCredentials oAuthCredentials) void
ZmsClient.deleteTenancy
(AthenzDomain tenantDomain, AthenzIdentity providerService, OAuthCredentials oAuthCredentials) boolean
DefaultZmsClient.getGroupMembership
(AthenzGroup group, AthenzIdentity identity) boolean
ZmsClient.getGroupMembership
(AthenzGroup group, AthenzIdentity identity) boolean
DefaultZmsClient.getMembership
(AthenzRole role, AthenzIdentity identity) boolean
ZmsClient.getMembership
(AthenzRole role, AthenzIdentity identity) DefaultZmsClient.getTenantResourceGroups
(AthenzDomain tenantDomain, AthenzIdentity provider, String resourceGroup) ZmsClient.getTenantResourceGroups
(AthenzDomain tenantDomain, AthenzIdentity provider, String resourceGroup) boolean
DefaultZmsClient.hasAccess
(AthenzResourceName resource, String action, AthenzIdentity identity) boolean
ZmsClient.hasAccess
(AthenzResourceName resource, String action, AthenzIdentity identity) ModifierConstructorDescriptionDefaultZmsClient
(URI zmsUrl, AthenzIdentity identity, SSLContext sslContext, ErrorHandler errorHandler) -
Uses of AthenzIdentity in com.yahoo.vespa.athenz.client.zms.bindings
ModifierConstructorDescriptionResourceGroupRolesEntity
(AthenzIdentity providerService, AthenzDomain tenantDomain, Set<RoleAction> rolesActions, String resourceGroup) TenancyRequestEntity
(AthenzDomain tenantDomain, AthenzIdentity providerService, List<String> resourceGroups) -
Uses of AthenzIdentity in com.yahoo.vespa.athenz.client.zts
Modifier and TypeMethodDescriptionDefaultZtsClient.getServiceIdentity
(AthenzIdentity identity, String keyId, com.yahoo.security.Pkcs10Csr csr) DefaultZtsClient.getServiceIdentity
(AthenzIdentity identity, String keyId, com.yahoo.security.Pkcs10Csr csr, Optional<NToken> nToken) DefaultZtsClient.getServiceIdentity
(AthenzIdentity identity, String keyId, KeyPair keyPair, String dnsSuffix) ZtsClient.getServiceIdentity
(AthenzIdentity identity, String keyId, com.yahoo.security.Pkcs10Csr csr) Get service identityZtsClient.getServiceIdentity
(AthenzIdentity identity, String keyId, KeyPair keyPair, String dnsSuffix) Get service identityDefaultZtsClient.getTenantDomains
(AthenzIdentity providerIdentity, AthenzIdentity userIdentity, String roleName) ZtsClient.getTenantDomains
(AthenzIdentity providerIdentity, AthenzIdentity userIdentity, String roleName) For a given provider, get a list of tenant domains that the user is a member ofboolean
DefaultZtsClient.hasAccess
(AthenzResourceName resource, String action, AthenzIdentity identity) boolean
ZtsClient.hasAccess
(AthenzResourceName resource, String action, AthenzIdentity identity) Check access to resource for a given principalDefaultZtsClient.refreshInstance
(AthenzIdentity providerIdentity, AthenzIdentity instanceIdentity, String instanceId, com.yahoo.security.Pkcs10Csr csr) ZtsClient.refreshInstance
(AthenzIdentity providerIdentity, AthenzIdentity instanceIdentity, String instanceId, com.yahoo.security.Pkcs10Csr csr) Refresh an existing instanceDefaultZtsClient.registerInstance
(AthenzIdentity providerIdentity, AthenzIdentity instanceIdentity, String attestationData, com.yahoo.security.Pkcs10Csr csr) ZtsClient.registerInstance
(AthenzIdentity providerIdentity, AthenzIdentity instanceIdentity, String attestationData, com.yahoo.security.Pkcs10Csr csr) Register an instance using the specified provider.Modifier and TypeMethodDescriptionDefaultZtsClient.getAccessToken
(AthenzDomain domain, List<AthenzIdentity> proxyPrincipals) ZtsClient.getAccessToken
(AthenzDomain domain, List<AthenzIdentity> proxyPrincipals) Fetch an access token for the target domain -
Uses of AthenzIdentity in com.yahoo.vespa.athenz.client.zts.bindings
ModifierConstructorDescriptionInstanceRegisterInformation
(AthenzIdentity providerIdentity, AthenzIdentity instanceIdentity, String attestationData, com.yahoo.security.Pkcs10Csr csr) -
Uses of AthenzIdentity in com.yahoo.vespa.athenz.client.zts.utils
Modifier and TypeMethodDescriptioncom.yahoo.security.Pkcs10Csr
RoleCsrGenerator.generateCsr
(AthenzIdentity identity, AthenzRole role, KeyPair keyPair) com.yahoo.security.Pkcs10Csr
IdentityCsrGenerator.generateIdentityCsr
(AthenzIdentity identity, KeyPair keypair) -
Uses of AthenzIdentity in com.yahoo.vespa.athenz.identity
Modifier and TypeMethodDescriptionServiceIdentityProvider.identity()
SiaIdentityProvider.identity()
ModifierConstructorDescriptionSiaIdentityProvider
(AthenzIdentity service, Path siaPath, Path clientTruststoreFile) SiaIdentityProvider
(AthenzIdentity service, Path privateKeyFile, Path certificateFile, Path clientTruststoreFile) -
Uses of AthenzIdentity in com.yahoo.vespa.athenz.identityprovider.api
Modifier and TypeMethodDescriptionIdentityDocument.providerService()
Returns the value of theproviderService
record component.IdentityDocument.serviceIdentity()
Returns the value of theserviceIdentity
record component.Modifier and TypeMethodDescriptionIdentityDocument.withServiceIdentity
(AthenzIdentity serviceIdentity) ModifierConstructorDescriptionIdentityDocument
(VespaUniqueInstanceId providerUniqueId, AthenzIdentity providerService, String configServerHostname, String instanceHostname, Instant createdAt, Set<String> ipAddresses, IdentityType identityType, ClusterType clusterType, URI ztsUrl, AthenzIdentity serviceIdentity) IdentityDocument
(VespaUniqueInstanceId providerUniqueId, AthenzIdentity providerService, String configServerHostname, String instanceHostname, Instant createdAt, Set<String> ipAddresses, IdentityType identityType, ClusterType clusterType, URI ztsUrl, AthenzIdentity serviceIdentity, Map<String, Object> unknownAttributes) Creates an instance of aIdentityDocument
record class. -
Uses of AthenzIdentity in com.yahoo.vespa.athenz.identityprovider.client
Modifier and TypeMethodDescriptioncom.yahoo.security.Pkcs10Csr
CsrGenerator.generateInstanceCsr
(AthenzIdentity instanceIdentity, VespaUniqueInstanceId instanceId, Set<String> ipAddresses, ClusterType clusterType, KeyPair keyPair) com.yahoo.security.Pkcs10Csr
CsrGenerator.generateRoleCsr
(AthenzIdentity identity, AthenzRole role, VespaUniqueInstanceId instanceId, ClusterType clusterType, KeyPair keyPair) -
Uses of AthenzIdentity in com.yahoo.vespa.athenz.tls
Modifier and TypeMethodDescriptionstatic AthenzIdentity
AthenzX509CertificateUtils.getIdentityFromRoleCertificate
(X509Certificate certificate) Modifier and TypeMethodDescriptionboolean
AthenzIdentityVerifier.isTrusted
(AthenzIdentity identity) -
Uses of AthenzIdentity in com.yahoo.vespa.athenz.utils
Modifier and TypeMethodDescriptionstatic AthenzIdentity
AthenzIdentities.from
(AthenzDomain domain, String identityName) static AthenzIdentity
static AthenzIdentity
AthenzIdentities.from
(X509Certificate certificate) Modifier and TypeMethodDescriptionstatic List<AthenzIdentity>
SiaUtils.findSiaServices()
static List<AthenzIdentity>
SiaUtils.findSiaServices
(Path root) Modifier and TypeMethodDescriptionstatic Path
SiaUtils.getCertificateFile
(AthenzIdentity service) static Path
SiaUtils.getCertificateFile
(Path root, AthenzIdentity service) static Path
SiaUtils.getPrivateKeyFile
(AthenzIdentity service) static Path
SiaUtils.getPrivateKeyFile
(Path root, AthenzIdentity service) static Optional<X509Certificate>
SiaUtils.readCertificateFile
(AthenzIdentity service) static Optional<X509Certificate>
SiaUtils.readCertificateFile
(Path root, AthenzIdentity service) static Optional<PrivateKey>
SiaUtils.readPrivateKeyFile
(AthenzIdentity service) static Optional<PrivateKey>
SiaUtils.readPrivateKeyFile
(Path root, AthenzIdentity service) static void
SiaUtils.writeCertificateFile
(AthenzIdentity service, X509Certificate certificate) static void
SiaUtils.writeCertificateFile
(Path root, AthenzIdentity service, X509Certificate certificate) static void
SiaUtils.writePrivateKeyFile
(AthenzIdentity service, PrivateKey privateKey) static void
SiaUtils.writePrivateKeyFile
(Path root, AthenzIdentity service, PrivateKey privateKey)