Class GcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder
java.lang.Object
org.springframework.vault.authentication.GcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder
- Enclosing class:
- GcpIamAuthenticationOptions
Builder for
GcpIamAuthenticationOptions.-
Method Summary
Modifier and TypeMethodDescriptionbuild()Build a newGcpIamAuthenticationOptionsinstance.Configure theClockused to calculate epoch seconds until the JWT expiration.credential(com.google.api.client.googleapis.auth.oauth2.GoogleCredential credential) Configure static Google credentials, required to create a signed JWT.credentialSupplier(GcpCredentialSupplier credentialSupplier) Configure aGcpCredentialSupplier, required to create a signed JWT.jwtValidity(Duration jwtValidity) Configure theDurationfor the JWT expiration.Configure the mount path, defaults to aws.Configure an explicit GCP project id to use in GCP IAM API calls.Configure the name of the role against which the login is being attempted.serviceAccountId(String serviceAccountId) Configure an explicit service account id to use in GCP IAM calls.
-
Method Details
-
path
Configure the mount path, defaults to aws.- Parameters:
path- must not be empty or null.- Returns:
thisGcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder.
-
credential
public GcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder credential(com.google.api.client.googleapis.auth.oauth2.GoogleCredential credential) Configure static Google credentials, required to create a signed JWT. Either use static credentials or provide acredentials provider.- Parameters:
credential- must not be null.- Returns:
thisGcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder.- See Also:
-
credentialSupplier
public GcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder credentialSupplier(GcpCredentialSupplier credentialSupplier) Configure aGcpCredentialSupplier, required to create a signed JWT. Alternatively, configure staticcredentials.- Parameters:
credentialSupplier- must not be null.- Returns:
thisGcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder.- See Also:
-
serviceAccountId
public GcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder serviceAccountId(String serviceAccountId) Configure an explicit service account id to use in GCP IAM calls. If none is configured, falls back to usingGoogleCredential.getServiceAccountId().- Parameters:
serviceAccountId- the service account id (email) to use- Returns:
thisGcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder.- Since:
- 2.1
-
projectId
Configure an explicit GCP project id to use in GCP IAM API calls. If none is configured, falls back usingGoogleCredential.getServiceAccountProjectId().- Parameters:
projectId- the GCP project id to use in GCP IAM API calls- Returns:
thisGcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder.- Since:
- 2.1
-
role
Configure the name of the role against which the login is being attempted.- Parameters:
role- must not be empty or null.- Returns:
thisGcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder.
-
jwtValidity
public GcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder jwtValidity(Duration jwtValidity) Configure theDurationfor the JWT expiration. This defaults to 15 minutes and cannot be more than a hour.- Parameters:
jwtValidity- must not be null.- Returns:
thisGcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder.
-
clock
Configure theClockused to calculate epoch seconds until the JWT expiration.- Parameters:
clock- must not be null.- Returns:
thisGcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder.
-
build
Build a newGcpIamAuthenticationOptionsinstance.- Returns:
- a new
GcpIamAuthenticationOptions.
-