Class GcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder
java.lang.Object
org.springframework.vault.authentication.GcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder
- Enclosing class:
- GcpIamAuthenticationOptions
Builder for
GcpIamAuthenticationOptions.-
Method Summary
Modifier and TypeMethodDescriptionbuild()Build a newGcpIamAuthenticationOptionsinstance.Configure theClockused to calculate epoch seconds until the JWT expiration.credential(com.google.api.client.googleapis.auth.oauth2.GoogleCredential credential) Configure static Google credentials, required to create a signed JWT.credentialSupplier(GcpCredentialSupplier credentialSupplier) Configure aGcpCredentialSupplier, required to create a signed JWT.jwtValidity(Duration jwtValidity) Configure theDurationfor the JWT expiration.Configure the mount path, defaults to aws.Configure an explicit GCP project id to use in GCP IAM API calls.Configure the name of the role against which the login is being attempted.serviceAccountId(String serviceAccountId) Configure an explicit service account id to use in GCP IAM calls.
-
Method Details
-
path
Configure the mount path, defaults to aws.- Parameters:
path- must not be empty or null.- Returns:
- this builder.
-
credential
public GcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder credential(com.google.api.client.googleapis.auth.oauth2.GoogleCredential credential) Configure static Google credentials, required to create a signed JWT. Either use static credentials or provide acredentials provider.- Parameters:
credential- must not be null.- Returns:
- this builder.
- See Also:
-
credentialSupplier
public GcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder credentialSupplier(GcpCredentialSupplier credentialSupplier) Configure aGcpCredentialSupplier, required to create a signed JWT. Alternatively, configure staticcredentials.- Parameters:
credentialSupplier- must not be null.- Returns:
- this builder.
- See Also:
-
serviceAccountId
public GcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder serviceAccountId(String serviceAccountId) Configure an explicit service account id to use in GCP IAM calls. If none is configured, falls back to usingGoogleCredential.getServiceAccountId().- Parameters:
serviceAccountId- the service account id (email) to use- Returns:
- this builder.
- Since:
- 2.1
-
projectId
Configure an explicit GCP project id to use in GCP IAM API calls. If none is configured, falls back usingGoogleCredential.getServiceAccountProjectId().- Parameters:
projectId- the GCP project id to use in GCP IAM API calls- Returns:
- this builder.
- Since:
- 2.1
-
role
Configure the name of the role against which the login is being attempted.- Parameters:
role- must not be empty or null.- Returns:
- this builder.
-
jwtValidity
public GcpIamAuthenticationOptions.GcpIamAuthenticationOptionsBuilder jwtValidity(Duration jwtValidity) Configure theDurationfor the JWT expiration. This defaults to 15 minutes and cannot be more than a hour.- Parameters:
jwtValidity- must not be null.- Returns:
- this builder.
-
clock
Configure theClockused to calculate epoch seconds until the JWT expiration.- Parameters:
clock- must not be null.- Returns:
- this builder.
-
build
Build a newGcpIamAuthenticationOptionsinstance.- Returns:
- a new
GcpIamAuthenticationOptions.
-