I have a service account say for Project A which has write access to the Pubsub topic defined in Project B. I want to validate the same programatically? Could Anyone help me with this?
I was able to solve it myself. Here is the sample code
public static void PubSubTopicValidator(String projectId, String topicId)
throws IOException {
TopicAdminSettings topicAdminSettings = getTopicAdminSettings(projectId);
try (TopicAdminClient topicAdminClient = TopicAdminClient.create(topicAdminSettings)) {
ProjectTopicName topicName = ProjectTopicName.of(projectId, topicId);
List<String> permissions = new LinkedList<>();
permissions.add("pubsub.topics.attachSubscription");
permissions.add("pubsub.topics.publish");
permissions.add("pubsub.topics.update");
TestIamPermissionsRequest testIamPermissionsRequest =
TestIamPermissionsRequest.newBuilder()
.setResource(topicName.toString())
.addAllPermissions(permissions)
.build();
TestIamPermissionsResponse testedPermissionsResponse = topicAdminClient.testIamPermissions(testIamPermissionsRequest);
log.info("Tested:\n" + testedPermissionsResponse);
}
}
private static TopicAdminSettings getTopicAdminSettings(String projectId) throws IOException {
log.info("Get Topic admin settings ");
String defaultProjectId = System.getenv("GOOGLE_CLOUD_PROJECT");
GoogleCredentials credentials;
ClassLoader classloader = Thread.currentThread().getContextClassLoader();
InputStream is = classloader.getResourceAsStream("int_sa.json");
log.info(" inputstream "+ is);
if(projectId.equals(defaultProjectId)){
credentials = getDefaultCredentials();
}
else{
credentials = getGoogleCredentials(is);
}
return TopicAdminSettings.newBuilder()
.setCredentialsProvider(FixedCredentialsProvider.create(credentials))
.build();
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.