diff options
| author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2022-02-02 16:11:22 +0100 |
|---|---|---|
| committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2022-02-02 16:11:27 +0100 |
| commit | d4d045124ce173c513dd88ec14efa3cc792d341c (patch) | |
| tree | c9c4b026bdbb97c5365211dc302ca3a6ac7f2219 /controller-api | |
| parent | 3c0146091cb7d06b8a436b5051a356894b0166c5 (diff) | |
Only update policy for a key once
Diffstat (limited to 'controller-api')
2 files changed, 15 insertions, 4 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/archive/ArchiveService.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/archive/ArchiveService.java index 5363e8d0150..c939055ffa5 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/archive/ArchiveService.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/archive/ArchiveService.java @@ -5,6 +5,7 @@ import com.yahoo.config.provision.TenantName; import com.yahoo.config.provision.zone.ZoneId; import java.util.Map; +import java.util.Set; /** * Service that manages archive storage URIs for tenant nodes. @@ -16,5 +17,7 @@ public interface ArchiveService { ArchiveBucket createArchiveBucketFor(ZoneId zoneId, boolean sharded); - void updateBucketAndKeyPolicy(ZoneId zoneId, ArchiveBucket bucket, Map<TenantName, String> authorizeIamRoleByTenantName); + void updateBucketPolicy(ZoneId zoneId, ArchiveBucket bucket, Map<TenantName, String> authorizeIamRoleByTenantName); + + void updateKeyPolicy(ZoneId zoneId, String keyArn, Set<String> tenantAuthorizedIamRoles); } diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/archive/MockArchiveService.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/archive/MockArchiveService.java index 5c979ddfc7b..796ca46ae4e 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/archive/MockArchiveService.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/archive/MockArchiveService.java @@ -6,6 +6,8 @@ import com.yahoo.config.provision.zone.ZoneId; import java.util.HashMap; import java.util.Map; +import java.util.Set; +import java.util.TreeMap; /** * @author freva @@ -13,7 +15,8 @@ import java.util.Map; */ public class MockArchiveService implements ArchiveService { - public Map<ArchiveBucket, Map<TenantName, String>> authorizedIamRoles = new HashMap<>(); + public Map<ArchiveBucket, Map<TenantName, String>> authorizedIamRolesForBucket = new HashMap<>(); + public Map<String, Set<String>> authorizedIamRolesForKey = new TreeMap<>(); @Override public ArchiveBucket createArchiveBucketFor(ZoneId zoneId, boolean sharded) { @@ -21,7 +24,12 @@ public class MockArchiveService implements ArchiveService { } @Override - public void updateBucketAndKeyPolicy(ZoneId zoneId, ArchiveBucket bucket, Map<TenantName, String> authorizeIamRoleByTenantName) { - authorizedIamRoles.put(bucket, authorizeIamRoleByTenantName); + public void updateBucketPolicy(ZoneId zoneId, ArchiveBucket bucket, Map<TenantName, String> authorizeIamRoleByTenantName) { + authorizedIamRolesForBucket.put(bucket, authorizeIamRoleByTenantName); + } + + @Override + public void updateKeyPolicy(ZoneId zoneId, String keyArn, Set<String> tenantAuthorizedIamRoles) { + authorizedIamRolesForKey.put(keyArn, tenantAuthorizedIamRoles); } } |