Uses of Interface
com.yahoo.vespa.athenz.api.AthenzIdentity

Packages that use AthenzIdentity

Package	Description
com.yahoo.vespa.athenz.api
com.yahoo.vespa.athenz.client.zms
com.yahoo.vespa.athenz.client.zms.bindings
com.yahoo.vespa.athenz.client.zts
com.yahoo.vespa.athenz.client.zts.bindings
com.yahoo.vespa.athenz.client.zts.utils
com.yahoo.vespa.athenz.identity
com.yahoo.vespa.athenz.identityprovider.api
com.yahoo.vespa.athenz.identityprovider.client
com.yahoo.vespa.athenz.tls
com.yahoo.vespa.athenz.utils

Uses of AthenzIdentity in com.yahoo.vespa.athenz.api

Classes in com.yahoo.vespa.athenz.api that implement AthenzIdentity

Modifier and Type	Class	Description
class	AthenzGroup
class	AthenzService
class	AthenzUser

Methods in com.yahoo.vespa.athenz.api that return AthenzIdentity

Modifier and Type	Method	Description
AthenzIdentity	AthenzAccessToken.getAthenzIdentity()
AthenzIdentity	AthenzPrincipal.getIdentity()
AthenzIdentity	ZToken.getIdentity()

Methods in com.yahoo.vespa.athenz.api with parameters of type AthenzIdentity

Modifier and Type	Method	Description
static AwsRole	AwsRole.from(AthenzIdentity identity)
NTokenGenerator	NTokenGenerator.setIdentity(AthenzIdentity identity)	Required.

Constructors in com.yahoo.vespa.athenz.api with parameters of type AthenzIdentity

Modifier	Constructor	Description
	AthenzPrincipal(AthenzIdentity athenzIdentity)
	AthenzPrincipal(AthenzIdentity athenzIdentity, NToken nToken)
	AthenzPrincipal(AthenzIdentity identity, List<AthenzRole> roles)

Uses of AthenzIdentity in com.yahoo.vespa.athenz.client.zms

Methods in com.yahoo.vespa.athenz.client.zms that return types with arguments of type AthenzIdentity

Modifier and Type	Method	Description
List<AthenzIdentity>	DefaultZmsClient.listMembers(AthenzRole athenzRole)
List<AthenzIdentity>	ZmsClient.listMembers(AthenzRole athenzRole)
Map<AthenzIdentity,String>	DefaultZmsClient.listPendingRoleApprovals(AthenzRole athenzRole)
Map<AthenzIdentity,String>	ZmsClient.listPendingRoleApprovals(AthenzRole athenzRole)

Methods in com.yahoo.vespa.athenz.client.zms with parameters of type AthenzIdentity

Modifier and Type	Method	Description
void	DefaultZmsClient.addRoleMember(AthenzRole role, AthenzIdentity member, Optional<String> reason)
void	ZmsClient.addRoleMember(AthenzRole role, AthenzIdentity member, Optional<String> reason)
void	DefaultZmsClient.createProviderResourceGroup(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, Set<RoleAction> roleActions, OAuthCredentials oAuthCredentials)
void	ZmsClient.createProviderResourceGroup(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, Set<RoleAction> roleActions, OAuthCredentials oAuthCredentials)
void	DefaultZmsClient.createTenancy(AthenzDomain tenantDomain, AthenzIdentity providerService, OAuthCredentials oAuthCredentials)
void	ZmsClient.createTenancy(AthenzDomain tenantDomain, AthenzIdentity providerService, OAuthCredentials oAuthCredentials)
void	DefaultZmsClient.createTenantResourceGroup(AthenzDomain tenantDomain, AthenzIdentity provider, String resourceGroup, Set<RoleAction> roleActions)
void	ZmsClient.createTenantResourceGroup(AthenzDomain tenantDomain, AthenzIdentity provider, String resourceGroup, Set<RoleAction> roleActions)	For manual tenancy provisioning - only creates roles/policies on provider domain
void	DefaultZmsClient.decidePendingRoleMembership(AthenzRole athenzRole, AthenzIdentity athenzIdentity, Instant expiry, Optional<String> reason, Optional<OAuthCredentials> oAuthCredentials, boolean approve)
void	ZmsClient.decidePendingRoleMembership(AthenzRole athenzRole, AthenzIdentity athenzIdentity, Instant expiry, Optional<String> reason, Optional<OAuthCredentials> oAuthCredentials, boolean approve)
void	DefaultZmsClient.deleteProviderResourceGroup(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, OAuthCredentials oAuthCredentials)
void	ZmsClient.deleteProviderResourceGroup(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, OAuthCredentials oAuthCredentials)
void	DefaultZmsClient.deleteRoleMember(AthenzRole role, AthenzIdentity member)
void	ZmsClient.deleteRoleMember(AthenzRole role, AthenzIdentity member)
void	DefaultZmsClient.deleteTenancy(AthenzDomain tenantDomain, AthenzIdentity providerService, OAuthCredentials oAuthCredentials)
void	ZmsClient.deleteTenancy(AthenzDomain tenantDomain, AthenzIdentity providerService, OAuthCredentials oAuthCredentials)
boolean	DefaultZmsClient.getGroupMembership(AthenzGroup group, AthenzIdentity identity)
boolean	ZmsClient.getGroupMembership(AthenzGroup group, AthenzIdentity identity)
boolean	DefaultZmsClient.getMembership(AthenzRole role, AthenzIdentity identity)
boolean	ZmsClient.getMembership(AthenzRole role, AthenzIdentity identity)
Set<RoleAction>	DefaultZmsClient.getTenantResourceGroups(AthenzDomain tenantDomain, AthenzIdentity provider, String resourceGroup)
Set<RoleAction>	ZmsClient.getTenantResourceGroups(AthenzDomain tenantDomain, AthenzIdentity provider, String resourceGroup)
boolean	DefaultZmsClient.hasAccess(AthenzResourceName resource, String action, AthenzIdentity identity)
boolean	ZmsClient.hasAccess(AthenzResourceName resource, String action, AthenzIdentity identity)

Constructors in com.yahoo.vespa.athenz.client.zms with parameters of type AthenzIdentity

Modifier	Constructor	Description
	DefaultZmsClient(URI zmsUrl, AthenzIdentity identity, SSLContext sslContext, ErrorHandler errorHandler)

Uses of AthenzIdentity in com.yahoo.vespa.athenz.client.zms.bindings

Constructors in com.yahoo.vespa.athenz.client.zms.bindings with parameters of type AthenzIdentity

Modifier	Constructor	Description
	ResourceGroupRolesEntity(AthenzIdentity providerService, AthenzDomain tenantDomain, Set<RoleAction> rolesActions, String resourceGroup)
	TenancyRequestEntity(AthenzDomain tenantDomain, AthenzIdentity providerService, List<String> resourceGroups)

Uses of AthenzIdentity in com.yahoo.vespa.athenz.client.zts

Methods in com.yahoo.vespa.athenz.client.zts with parameters of type AthenzIdentity

Modifier and Type	Method	Description
Identity	DefaultZtsClient.getServiceIdentity(AthenzIdentity identity, String keyId, com.yahoo.security.Pkcs10Csr csr)
Identity	DefaultZtsClient.getServiceIdentity(AthenzIdentity identity, String keyId, com.yahoo.security.Pkcs10Csr csr, Optional<NToken> nToken)
Identity	DefaultZtsClient.getServiceIdentity(AthenzIdentity identity, String keyId, KeyPair keyPair, String dnsSuffix)
Identity	ZtsClient.getServiceIdentity(AthenzIdentity identity, String keyId, com.yahoo.security.Pkcs10Csr csr)	Get service identity
Identity	ZtsClient.getServiceIdentity(AthenzIdentity identity, String keyId, KeyPair keyPair, String dnsSuffix)	Get service identity
List<AthenzDomain>	DefaultZtsClient.getTenantDomains(AthenzIdentity providerIdentity, AthenzIdentity userIdentity, String roleName)
List<AthenzDomain>	ZtsClient.getTenantDomains(AthenzIdentity providerIdentity, AthenzIdentity userIdentity, String roleName)	For a given provider, get a list of tenant domains that the user is a member of
boolean	DefaultZtsClient.hasAccess(AthenzResourceName resource, String action, AthenzIdentity identity)
boolean	ZtsClient.hasAccess(AthenzResourceName resource, String action, AthenzIdentity identity)	Check access to resource for a given principal
InstanceIdentity	DefaultZtsClient.refreshInstance(AthenzIdentity providerIdentity, AthenzIdentity instanceIdentity, String instanceId, com.yahoo.security.Pkcs10Csr csr)
InstanceIdentity	ZtsClient.refreshInstance(AthenzIdentity providerIdentity, AthenzIdentity instanceIdentity, String instanceId, com.yahoo.security.Pkcs10Csr csr)	Refresh an existing instance
InstanceIdentity	DefaultZtsClient.registerInstance(AthenzIdentity providerIdentity, AthenzIdentity instanceIdentity, String attestationData, com.yahoo.security.Pkcs10Csr csr)
InstanceIdentity	ZtsClient.registerInstance(AthenzIdentity providerIdentity, AthenzIdentity instanceIdentity, String attestationData, com.yahoo.security.Pkcs10Csr csr)	Register an instance using the specified provider.

Method parameters in com.yahoo.vespa.athenz.client.zts with type arguments of type AthenzIdentity

Modifier and Type	Method	Description
AthenzAccessToken	DefaultZtsClient.getAccessToken(AthenzDomain domain, List<AthenzIdentity> proxyPrincipals)
AthenzAccessToken	ZtsClient.getAccessToken(AthenzDomain domain, List<AthenzIdentity> proxyPrincipals)	Fetch an access token for the target domain

Uses of AthenzIdentity in com.yahoo.vespa.athenz.client.zts.bindings

Constructors in com.yahoo.vespa.athenz.client.zts.bindings with parameters of type AthenzIdentity

Modifier	Constructor	Description
	InstanceRegisterInformation(AthenzIdentity providerIdentity, AthenzIdentity instanceIdentity, String attestationData, com.yahoo.security.Pkcs10Csr csr)

Uses of AthenzIdentity in com.yahoo.vespa.athenz.client.zts.utils

Methods in com.yahoo.vespa.athenz.client.zts.utils with parameters of type AthenzIdentity

Modifier and Type	Method	Description
com.yahoo.security.Pkcs10Csr	RoleCsrGenerator.generateCsr(AthenzIdentity identity, AthenzRole role, KeyPair keyPair)
com.yahoo.security.Pkcs10Csr	IdentityCsrGenerator.generateIdentityCsr(AthenzIdentity identity, KeyPair keypair)

Uses of AthenzIdentity in com.yahoo.vespa.athenz.identity

Methods in com.yahoo.vespa.athenz.identity that return AthenzIdentity

Modifier and Type	Method	Description
AthenzIdentity	ServiceIdentityProvider.identity()
AthenzIdentity	SiaIdentityProvider.identity()

Constructors in com.yahoo.vespa.athenz.identity with parameters of type AthenzIdentity

Modifier	Constructor	Description
	SiaIdentityProvider(AthenzIdentity service, Path siaPath, Path clientTruststoreFile)
	SiaIdentityProvider(AthenzIdentity service, Path privateKeyFile, Path certificateFile, Path clientTruststoreFile)

Uses of AthenzIdentity in com.yahoo.vespa.athenz.identityprovider.api

Methods in com.yahoo.vespa.athenz.identityprovider.api that return AthenzIdentity

Modifier and Type	Method	Description
AthenzIdentity	SignedIdentityDocument.serviceIdentity()	Returns the value of the serviceIdentity record component.

Methods in com.yahoo.vespa.athenz.identityprovider.api with parameters of type AthenzIdentity

Modifier and Type	Method	Description
SignedIdentityDocument	SignedIdentityDocument.withServiceIdentity(AthenzIdentity identity)

Constructors in com.yahoo.vespa.athenz.identityprovider.api with parameters of type AthenzIdentity

Modifier	Constructor	Description
	SignedIdentityDocument(String signature, int signingKeyVersion, VespaUniqueInstanceId providerUniqueId, AthenzService providerService, int documentVersion, String configServerHostname, String instanceHostname, Instant createdAt, Set<String> ipAddresses, IdentityType identityType, ClusterType clusterType, String ztsUrl, AthenzIdentity serviceIdentity)
	SignedIdentityDocument(String signature, int signingKeyVersion, VespaUniqueInstanceId providerUniqueId, AthenzService providerService, int documentVersion, String configServerHostname, String instanceHostname, Instant createdAt, Set<String> ipAddresses, IdentityType identityType, ClusterType clusterType, String ztsUrl, AthenzIdentity serviceIdentity, Map<String,Object> unknownAttributes)	Creates an instance of a SignedIdentityDocument record class.

Uses of AthenzIdentity in com.yahoo.vespa.athenz.identityprovider.client

Methods in com.yahoo.vespa.athenz.identityprovider.client with parameters of type AthenzIdentity

Modifier and Type	Method	Description
com.yahoo.security.Pkcs10Csr	CsrGenerator.generateInstanceCsr(AthenzIdentity instanceIdentity, VespaUniqueInstanceId instanceId, Set<String> ipAddresses, ClusterType clusterType, KeyPair keyPair)
com.yahoo.security.Pkcs10Csr	CsrGenerator.generateRoleCsr(AthenzIdentity identity, AthenzRole role, VespaUniqueInstanceId instanceId, ClusterType clusterType, KeyPair keyPair)
String	IdentityDocumentSigner.generateSignature(VespaUniqueInstanceId providerUniqueId, AthenzService providerService, String configServerHostname, String instanceHostname, Instant createdAt, Set<String> ipAddresses, IdentityType identityType, PrivateKey privateKey, AthenzIdentity serviceIdentity)

Uses of AthenzIdentity in com.yahoo.vespa.athenz.tls

Methods in com.yahoo.vespa.athenz.tls that return AthenzIdentity

Modifier and Type	Method	Description
static AthenzIdentity	AthenzX509CertificateUtils.getIdentityFromRoleCertificate(X509Certificate certificate)

Methods in com.yahoo.vespa.athenz.tls with parameters of type AthenzIdentity

Modifier and Type	Method	Description
boolean	AthenzIdentityVerifier.isTrusted(AthenzIdentity identity)

Constructor parameters in com.yahoo.vespa.athenz.tls with type arguments of type AthenzIdentity

Modifier	Constructor	Description
	AthenzIdentityVerifier(Set<AthenzIdentity> allowedIdentities)

Uses of AthenzIdentity in com.yahoo.vespa.athenz.utils

Methods in com.yahoo.vespa.athenz.utils that return AthenzIdentity

Modifier and Type	Method	Description
static AthenzIdentity	AthenzIdentities.from(AthenzDomain domain, String identityName)
static AthenzIdentity	AthenzIdentities.from(String fullName)
static AthenzIdentity	AthenzIdentities.from(X509Certificate certificate)

Methods in com.yahoo.vespa.athenz.utils that return types with arguments of type AthenzIdentity

Modifier and Type	Method	Description
static List<AthenzIdentity>	SiaUtils.findSiaServices()
static List<AthenzIdentity>	SiaUtils.findSiaServices(Path root)

Methods in com.yahoo.vespa.athenz.utils with parameters of type AthenzIdentity

Modifier and Type	Method	Description
static Path	SiaUtils.getCertificateFile(AthenzIdentity service)
static Path	SiaUtils.getCertificateFile(Path root, AthenzIdentity service)
static Path	SiaUtils.getPrivateKeyFile(AthenzIdentity service)
static Path	SiaUtils.getPrivateKeyFile(Path root, AthenzIdentity service)
static Optional<X509Certificate>	SiaUtils.readCertificateFile(AthenzIdentity service)
static Optional<X509Certificate>	SiaUtils.readCertificateFile(Path root, AthenzIdentity service)
static Optional<PrivateKey>	SiaUtils.readPrivateKeyFile(AthenzIdentity service)
static Optional<PrivateKey>	SiaUtils.readPrivateKeyFile(Path root, AthenzIdentity service)
static void	SiaUtils.writeCertificateFile(AthenzIdentity service, X509Certificate certificate)
static void	SiaUtils.writeCertificateFile(Path root, AthenzIdentity service, X509Certificate certificate)
static void	SiaUtils.writePrivateKeyFile(AthenzIdentity service, PrivateKey privateKey)
static void	SiaUtils.writePrivateKeyFile(Path root, AthenzIdentity service, PrivateKey privateKey)