All Superinterfaces:

AutoCloseable

All Known Implementing Classes:

DefaultZmsClient
```
public interface ZmsClient
extends AutoCloseable
```
Author:

bjorncs

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method	Description
`void`	`addPolicyRule(AthenzDomain athenzDomain, String athenzPolicy, String action, AthenzResourceName resourceName, AthenzRole athenzRole)`
`void`	`addRoleMember(AthenzRole role, AthenzIdentity member, Optional<String> reason)`
`void`	`approvePendingRoleMembership(AthenzRole athenzRole, AthenzUser athenzUser, Instant expiry, Optional<String> reason)`
`void`	`close()`
`void`	`createOrUpdateService(AthenzService athenzService)`
`void`	`createPolicy(AthenzDomain athenzDomain, String athenzPolicy)`
`void`	`createProviderResourceGroup(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, Set<RoleAction> roleActions, OktaIdentityToken identityToken, OktaAccessToken accessToken)`
`void`	`createRole(AthenzRole role, Map<String,Object> properties)`
`void`	`createTenancy(AthenzDomain tenantDomain, AthenzIdentity providerService, OktaIdentityToken identityToken, OktaAccessToken accessToken)`
`void`	`createTenantResourceGroup(AthenzDomain tenantDomain, AthenzIdentity provider, String resourceGroup, Set<RoleAction> roleActions)`	For manual tenancy provisioning - only creates roles/policies on provider domain
`boolean`	`deletePolicyRule(AthenzDomain athenzDomain, String athenzPolicy, String action, AthenzResourceName resourceName, AthenzRole athenzRole)`
`void`	`deleteProviderResourceGroup(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, OktaIdentityToken identityToken, OktaAccessToken accessToken)`
`void`	`deleteRole(AthenzRole athenzRole)`
`void`	`deleteRoleMember(AthenzRole role, AthenzIdentity member)`
`void`	`deleteService(AthenzService athenzService)`
`void`	`deleteTenancy(AthenzDomain tenantDomain, AthenzIdentity providerService, OktaIdentityToken identityToken, OktaAccessToken accessToken)`
`List<AthenzDomain>`	`getDomainList(String prefix)`
`boolean`	`getGroupMembership(AthenzGroup group, AthenzIdentity identity)`
`boolean`	`getMembership(AthenzRole role, AthenzIdentity identity)`
`Optional<AthenzPolicy>`	`getPolicy(AthenzDomain domain, String name)`
`Set<RoleAction>`	`getTenantResourceGroups(AthenzDomain tenantDomain, AthenzIdentity provider, String resourceGroup)`
`boolean`	`hasAccess(AthenzResourceName resource, String action, AthenzIdentity identity)`
`List<AthenzIdentity>`	`listMembers(AthenzRole athenzRole)`
`Map<AthenzUser,String>`	`listPendingRoleApprovals(AthenzRole athenzRole)`
`Set<String>`	`listPolicies(AthenzDomain domain)`
`Set<AthenzRole>`	`listRoles(AthenzDomain domain)`
`List<AthenzService>`	`listServices(AthenzDomain athenzDomain)`

Method Detail

createTenancy

void createTenancy(AthenzDomain tenantDomain,
                   AthenzIdentity providerService,
                   OktaIdentityToken identityToken,
                   OktaAccessToken accessToken)

deleteTenancy

void deleteTenancy(AthenzDomain tenantDomain,
                   AthenzIdentity providerService,
                   OktaIdentityToken identityToken,
                   OktaAccessToken accessToken)

createProviderResourceGroup

void createProviderResourceGroup(AthenzDomain tenantDomain,
                                 AthenzIdentity providerService,
                                 String resourceGroup,
                                 Set<RoleAction> roleActions,
                                 OktaIdentityToken identityToken,
                                 OktaAccessToken accessToken)

deleteProviderResourceGroup

void deleteProviderResourceGroup(AthenzDomain tenantDomain,
                                 AthenzIdentity providerService,
                                 String resourceGroup,
                                 OktaIdentityToken identityToken,
                                 OktaAccessToken accessToken)

createTenantResourceGroup

void createTenantResourceGroup(AthenzDomain tenantDomain,
                               AthenzIdentity provider,
                               String resourceGroup,
                               Set<RoleAction> roleActions)

For manual tenancy provisioning - only creates roles/policies on provider domain

getTenantResourceGroups

Set<RoleAction> getTenantResourceGroups(AthenzDomain tenantDomain,
                                        AthenzIdentity provider,
                                        String resourceGroup)

addRoleMember

void addRoleMember(AthenzRole role,
                   AthenzIdentity member,
                   Optional<String> reason)

deleteRoleMember

void deleteRoleMember(AthenzRole role,
                      AthenzIdentity member)

getMembership

boolean getMembership(AthenzRole role,
                      AthenzIdentity identity)

getGroupMembership

boolean getGroupMembership(AthenzGroup group,
                           AthenzIdentity identity)

getDomainList

List<AthenzDomain> getDomainList(String prefix)

hasAccess

boolean hasAccess(AthenzResourceName resource,
                  String action,
                  AthenzIdentity identity)

createPolicy

void createPolicy(AthenzDomain athenzDomain,
                  String athenzPolicy)

addPolicyRule

void addPolicyRule(AthenzDomain athenzDomain,
                   String athenzPolicy,
                   String action,
                   AthenzResourceName resourceName,
                   AthenzRole athenzRole)

deletePolicyRule

boolean deletePolicyRule(AthenzDomain athenzDomain,
                         String athenzPolicy,
                         String action,
                         AthenzResourceName resourceName,
                         AthenzRole athenzRole)

getPolicy

Optional<AthenzPolicy> getPolicy(AthenzDomain domain,
                                 String name)

listPendingRoleApprovals

Map<AthenzUser,String> listPendingRoleApprovals(AthenzRole athenzRole)

approvePendingRoleMembership

void approvePendingRoleMembership(AthenzRole athenzRole,
                                  AthenzUser athenzUser,
                                  Instant expiry,
                                  Optional<String> reason)

listMembers

List<AthenzIdentity> listMembers(AthenzRole athenzRole)

listServices

List<AthenzService> listServices(AthenzDomain athenzDomain)

createOrUpdateService

void createOrUpdateService(AthenzService athenzService)

deleteService

void deleteService(AthenzService athenzService)

createRole

void createRole(AthenzRole role,
                Map<String,Object> properties)

listRoles

Set<AthenzRole> listRoles(AthenzDomain domain)

listPolicies

Set<String> listPolicies(AthenzDomain domain)

deleteRole

void deleteRole(AthenzRole athenzRole)

close
```
void close()
```
Specified by:

close in interface AutoCloseable

Interface ZmsClient

Method Summary

Method Detail

createTenancy

deleteTenancy

createProviderResourceGroup

deleteProviderResourceGroup

createTenantResourceGroup

getTenantResourceGroups

addRoleMember

deleteRoleMember

getMembership

getGroupMembership

getDomainList

hasAccess

createPolicy

addPolicyRule

deletePolicyRule

getPolicy

listPendingRoleApprovals

approvePendingRoleMembership

listMembers

listServices

createOrUpdateService

deleteService

createRole

listRoles

listPolicies

deleteRole

close