diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2021-09-23 12:55:41 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2021-09-23 12:55:41 +0200 |
commit | f3d84d3f615a121d9b29f366b940b9c120df10a8 (patch) | |
tree | 1224672b7737b74d6192e9ddad311f5cd712c5fe /controller-server | |
parent | 746c2382cd258ddc750a2c1e8f5112b4c5a67740 (diff) |
Add createTenantRole taking tenant domain as second parameter
Diffstat (limited to 'controller-server')
-rw-r--r-- | controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/TenantRoleMaintainer.java | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/TenantRoleMaintainer.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/TenantRoleMaintainer.java index ce6f9c802d6..47d5d81479e 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/TenantRoleMaintainer.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/TenantRoleMaintainer.java @@ -7,6 +7,7 @@ import com.yahoo.config.provision.TenantName; import com.yahoo.config.provision.zone.ZoneId; import com.yahoo.vespa.hosted.controller.Application; import com.yahoo.vespa.hosted.controller.Controller; +import com.yahoo.vespa.hosted.controller.tenant.AthenzTenant; import com.yahoo.vespa.hosted.controller.tenant.Tenant; import java.time.Duration; @@ -27,9 +28,10 @@ public class TenantRoleMaintainer extends ControllerMaintainer { var tenants = controller().tenants().asList(); // Create separate athenz service for all tenants - tenants.stream() - .map(Tenant::name) - .forEach(roleService::createTenantRole); + for (Tenant t : tenants) { + if (t instanceof AthenzTenant) roleService.createTenantRole(t.name(), ((AthenzTenant)t).domain().getName()); + else roleService.createTenantRole(t.name()); + } // Until we have moved to separate athenz service per tenant, make sure we update the shared policy // to allow ssh logins for hosts in prod/perf with a separate tenant iam role. |