com.schibsted.security.strongbox.sdk.impl

Class DefaultSecretsGroupManager

java.lang.Object

com.schibsted.security.strongbox.sdk.impl.DefaultSecretsGroupManager

All Implemented Interfaces:

SecretsGroupManager

public class DefaultSecretsGroupManager
extends java.lang.Object
implements SecretsGroupManager

Constructor Summary

Constructors

Constructor and Description
DefaultSecretsGroupManager()
DefaultSecretsGroupManager(com.amazonaws.auth.AWSCredentialsProvider awsCredentials)
DefaultSecretsGroupManager(com.amazonaws.auth.AWSCredentialsProvider awsCredentials, com.schibsted.security.strongbox.sdk.internal.types.config.UserConfig userConfig)
DefaultSecretsGroupManager(com.amazonaws.auth.AWSCredentialsProvider awsCredentials, com.schibsted.security.strongbox.sdk.internal.types.config.UserConfig userConfig, EncryptionStrength encryptionStrength)
DefaultSecretsGroupManager(com.amazonaws.auth.AWSCredentialsProvider awsCredentials, com.schibsted.security.strongbox.sdk.internal.types.config.UserConfig userConfig, EncryptionStrength encryptionStrength, ClientConfiguration clientConfiguration)

Method Summary

Modifier and Type	Method and Description
void	attachAdmin(SecretsGroupIdentifier group, Principal principal) Attach the Principal to the SecretsGroup as an admin.
void	attachReadOnly(SecretsGroupIdentifier group, Principal principal) Attach the Principal to the SecretsGroup as a read-only user.
void	backup(SecretsGroupIdentifier group, com.schibsted.security.strongbox.sdk.internal.kv4j.generated.Store backupStore, boolean failIfBackupStoreAlreadyExists)
SecretsGroupInfo	create(SecretsGroupIdentifier group) Create a new secrets group.
SecretsGroupInfo	create(SecretsGroupIdentifier group, com.schibsted.security.strongbox.sdk.internal.types.store.StorageReference storageReference)
SecretsGroupInfo	create(SecretsGroupIdentifier group, com.schibsted.security.strongbox.sdk.internal.types.store.StorageReference storageReference, boolean allowExistingPendingDeletedOrDisabledKey)
void	delete(SecretsGroupIdentifier group) Delete a SecretsGroup and its underlying resources.
void	detachAdmin(SecretsGroupIdentifier group, Principal principal) Remove the Principal's admin privileges from the SecretsGroup.
void	detachReadOnly(SecretsGroupIdentifier group, Principal principal) Remove the Principal's read-only privileges from the SecretsGroup.
com.schibsted.security.strongbox.sdk.internal.encryption.Encryptor	encryptor(SecretsGroupIdentifier group)
SecretsGroup	get(SecretsGroupIdentifier group) Get an instance of the SecretsGroup.
java.util.Set<SecretsGroupIdentifier>	identifiers() List the identifiers that are under management.
SecretsGroupInfo	info(SecretsGroupIdentifier group) Get information about a SecretsGroup.
SecretsGroupInfo	migrate(SecretsGroupIdentifier group, com.schibsted.security.strongbox.sdk.internal.types.store.StorageReference newStorageReference)
void	restore(SecretsGroupIdentifier group, com.schibsted.security.strongbox.sdk.internal.kv4j.generated.Store backupStore, boolean failIfStoreToRestoreAlreadyExists)
SRN	srn(SecretsGroupIdentifier group)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DefaultSecretsGroupManager

public DefaultSecretsGroupManager()

DefaultSecretsGroupManager

public DefaultSecretsGroupManager(com.amazonaws.auth.AWSCredentialsProvider awsCredentials)

DefaultSecretsGroupManager

public DefaultSecretsGroupManager(com.amazonaws.auth.AWSCredentialsProvider awsCredentials,
                                  com.schibsted.security.strongbox.sdk.internal.types.config.UserConfig userConfig)

DefaultSecretsGroupManager

public DefaultSecretsGroupManager(com.amazonaws.auth.AWSCredentialsProvider awsCredentials,
                                  com.schibsted.security.strongbox.sdk.internal.types.config.UserConfig userConfig,
                                  EncryptionStrength encryptionStrength)

DefaultSecretsGroupManager

public DefaultSecretsGroupManager(com.amazonaws.auth.AWSCredentialsProvider awsCredentials,
                                  com.schibsted.security.strongbox.sdk.internal.types.config.UserConfig userConfig,
                                  EncryptionStrength encryptionStrength,
                                  ClientConfiguration clientConfiguration)

Method Detail

srn

public SRN srn(SecretsGroupIdentifier group)

create

public SecretsGroupInfo create(SecretsGroupIdentifier group)

Description copied from interface: SecretsGroupManager

Create a new secrets group. The underlying implementation is responsible for allocating any resources it might need.

Specified by:

create in interface SecretsGroupManager

Parameters:

group - the identifier of the SecretsGroup to be created

Returns:

information about the Secrets Group that was created

create

public SecretsGroupInfo create(SecretsGroupIdentifier group,
                               com.schibsted.security.strongbox.sdk.internal.types.store.StorageReference storageReference)

create

public SecretsGroupInfo create(SecretsGroupIdentifier group,
                               com.schibsted.security.strongbox.sdk.internal.types.store.StorageReference storageReference,
                               boolean allowExistingPendingDeletedOrDisabledKey)

encryptor

public com.schibsted.security.strongbox.sdk.internal.encryption.Encryptor encryptor(SecretsGroupIdentifier group)

get

public SecretsGroup get(SecretsGroupIdentifier group)

Description copied from interface: SecretsGroupManager

Get an instance of the SecretsGroup. The underlying implementation is responsible for tracking the necessary resources needed to construct the object.

Specified by:

get in interface SecretsGroupManager

Parameters:

group - the identifier of the SecretsGroup to be retrieved

Returns:

the desired SecretsGroup

identifiers

public java.util.Set<SecretsGroupIdentifier> identifiers()

Description copied from interface: SecretsGroupManager

List the identifiers that are under management.

Specified by:

identifiers in interface SecretsGroupManager

Returns:

the set of SecretsGroupIdentifier that is under management

info

public SecretsGroupInfo info(SecretsGroupIdentifier group)

Description copied from interface: SecretsGroupManager

Get information about a SecretsGroup. This method is best effort, and may return partial information. This is useful if debugging the underlying resources of a SecretsGroup.

Specified by:

info in interface SecretsGroupManager

Parameters:

group - the identifier of the SecretsGroup to get information about

Returns:

SecretsGroupInfo related to the SecretsGroup

delete

public void delete(SecretsGroupIdentifier group)

Description copied from interface: SecretsGroupManager

Delete a SecretsGroup and its underlying resources. This method will attempt to delete all resources of the given (@code SecretsGroup}, and will simply ignore any resource that does not exists.

Specified by:

delete in interface SecretsGroupManager

Parameters:

group - the identifier of the SecretsGroup to delete

attachAdmin

public void attachAdmin(SecretsGroupIdentifier group,
                        Principal principal)

Description copied from interface: SecretsGroupManager

Attach the Principal to the SecretsGroup as an admin. This will give the Principal full access to the SecretsGroup.

Specified by:

attachAdmin in interface SecretsGroupManager

Parameters:

group - identifier of the SecretsGroup to attach the principal to

principal - Principal to be attached

detachAdmin

public void detachAdmin(SecretsGroupIdentifier group,
                        Principal principal)

Description copied from interface: SecretsGroupManager

Remove the Principal's admin privileges from the SecretsGroup.

Specified by:

detachAdmin in interface SecretsGroupManager

Parameters:

group - identifier of the SecretsGroup to detach principal from

principal - Principal to be detached

detachReadOnly

public void detachReadOnly(SecretsGroupIdentifier group,
                           Principal principal)

Description copied from interface: SecretsGroupManager

Remove the Principal's read-only privileges from the SecretsGroup.

Specified by:

detachReadOnly in interface SecretsGroupManager

Parameters:

group - identifier of the SecretsGroup to detach the principal from

principal - Principal to be detached

attachReadOnly

public void attachReadOnly(SecretsGroupIdentifier group,
                           Principal principal)

Description copied from interface: SecretsGroupManager

Attach the Principal to the SecretsGroup as a read-only user. This will give the Principal read-only access to the SecretsGroup (i.e. ability to read secrets).

Specified by:

attachReadOnly in interface SecretsGroupManager

Parameters:

group - identifier of the SecretsGroup to attach the principal to

principal - Principal to be attached

backup

public void backup(SecretsGroupIdentifier group,
                   com.schibsted.security.strongbox.sdk.internal.kv4j.generated.Store backupStore,
                   boolean failIfBackupStoreAlreadyExists)

restore

public void restore(SecretsGroupIdentifier group,
                    com.schibsted.security.strongbox.sdk.internal.kv4j.generated.Store backupStore,
                    boolean failIfStoreToRestoreAlreadyExists)

migrate

public SecretsGroupInfo migrate(SecretsGroupIdentifier group,
                                com.schibsted.security.strongbox.sdk.internal.types.store.StorageReference newStorageReference)