com.google.cloud.storage.StorageRoles Maven / Gradle / Ivy

Go to download
Show more of this group Show more artifacts with this name
Show all versions of google-cloud-storage Show documentation
Java idiomatic client for Google Cloud Storage.
There is a newer version: 2.45.0
/*
 * Copyright 2017 Google LLC
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *       http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package com.google.cloud.storage;

import com.google.cloud.Role;

/**
 * IAM roles specific to Storage. An overview of the permissions available to Storage and the
 * capabilities they grant can be found in the Google Cloud Storage IAM
 * documentation.
 */
public class StorageRoles {

  /**
   * Grants the following permissions:
   *
   * 
   *   storage.buckets.*
   *   
storage.objects.*
   * 
   */
  public static Role admin() {
    return Role.of("roles/storage.admin");
  }

  /**
   * Grants the following permissions:
   *
   * 
   *   storage.objects.list
   *   
storage.objects.get
   * 
   */
  public static Role objectViewer() {
    return Role.of("roles/storage.objectViewer");
  }

  /**
   * Grants the following permissions:
   *
   * 
   *   storage.objects.create
   * 
   */
  public static Role objectCreator() {
    return Role.of("roles/storage.objectCreator");
  }

  /**
   * Grants the following permissions:
   *
   * 
   *   storage.objects.*
   * 
   */
  public static Role objectAdmin() {
    return Role.of("roles/storage.objectAdmin");
  }

  /**
   * Grants the following permissions:
   *
   * 
   *   storage.buckets.get
   *   
storage.buckets.update
   *   
storage.buckets.setIamPolicy
   *   
storage.buckets.getIamPolicy
   *   
storage.objects.list
   *   
storage.objects.create
   *   
storage.objects.delete
   * 
   */
  public static Role legacyBucketOwner() {
    return Role.of("roles/storage.legacyBucketOwner");
  }

  /**
   * Grants the following permissions:
   *
   * 
   *   storage.buckets.get
   *   
storage.objects.list
   *   
storage.objects.create
   *   
storage.objects.delete
   * 
   */
  public static Role legacyBucketWriter() {
    return Role.of("roles/storage.legacyBucketWriter");
  }

  /**
   * Grants the following permissions:
   *
   * 
   *   storage.buckets.get
   *   
storage.objects.list
   * 
   */
  public static Role legacyBucketReader() {
    return Role.of("roles/storage.legacyBucketReader");
  }

  /**
   * Grants the following permissions:
   *
   * 
   *   storage.objects.get
   *   
storage.objects.update
   *   
storage.objects.getIamPolicy
   *   
storage.objects.setIamPolicy
   * 
   */
  public static Role legacyObjectOwner() {
    return Role.of("roles/storage.legacyObjectOwner");
  }

  /**
   * Grants the following permissions:
   *
   * 
   *   storage.objects.get
   * 
   */
  public static Role legacyObjectReader() {
    return Role.of("roles/storage.legacyObjectReader");
  }

  private StorageRoles() {
    // Intentionally left blank.
  }
}