/** Example of replacing a topic policy. */ public Policy replaceTopicPolicy(String topicId) throws Exception { // [START pubsub_set_topic_policy] try (TopicAdminClient topicAdminClient = TopicAdminClient.create()) { String topicName = ProjectTopicName.format(projectId, topicId); Policy policy = topicAdminClient.getIamPolicy(topicName); // add role -> members binding Binding binding = Binding.newBuilder() .setRole(Role.viewer().toString()) .addMembers(Identity.allAuthenticatedUsers().toString()) .build(); // create updated policy Policy updatedPolicy = Policy.newBuilder(policy).addBindings(binding).build(); updatedPolicy = topicAdminClient.setIamPolicy(topicName, updatedPolicy); return updatedPolicy; } // [END pubsub_set_topic_policy] }
/** Example of replacing a subscription policy. */ public Policy replaceSubscriptionPolicy(String subscriptionId) throws Exception { // [START pubsub_set_subscription_policy] try (SubscriptionAdminClient subscriptionAdminClient = SubscriptionAdminClient.create()) { ProjectSubscriptionName subscriptionName = ProjectSubscriptionName.of(projectId, subscriptionId); Policy policy = subscriptionAdminClient.getIamPolicy(subscriptionName.toString()); // Create a role => members binding Binding binding = Binding.newBuilder() .setRole(Role.viewer().toString()) .addMembers(Identity.allAuthenticatedUsers().toString()) .build(); // Update policy Policy updatedPolicy = policy.toBuilder().addBindings(binding).build(); updatedPolicy = subscriptionAdminClient.setIamPolicy(subscriptionName.toString(), updatedPolicy); return updatedPolicy; } // [END pubsub_set_subscription_policy] }
/** * Converts a string to an {@code Identity}. Used primarily for converting protobuf-generated * policy identities to {@code Identity} objects. */ public static Identity valueOf(String identityStr) { String[] info = identityStr.split(":"); Type type = Type.valueOf(CaseFormat.LOWER_CAMEL.to(CaseFormat.UPPER_UNDERSCORE, info[0])); switch (type) { case ALL_USERS: return Identity.allUsers(); case ALL_AUTHENTICATED_USERS: return Identity.allAuthenticatedUsers(); case USER: return Identity.user(info[1]); case SERVICE_ACCOUNT: return Identity.serviceAccount(info[1]); case GROUP: return Identity.group(info[1]); case DOMAIN: return Identity.domain(info[1]); default: throw new IllegalStateException("Unexpected identity type " + type); } } }