/// <summary> /// This creates some service accounts with permissions to read and write to a project, which expire /// in one week. /// </summary> private static void Setup() { ServiceAccountIds = new List <long>(); var perm = new Permission { Parts = { new RepeatedField <string> { "prj", ProjectName, "*" } }, Verbs = { new RepeatedField <Permission.Types.Verb> { Permission.Types.Verb.Read, Permission.Types.Verb.Write } } }; Console.WriteLine("Setting up for the scenario by creating new service accounts..."); for (var i = 0; i < NumberOfServiceAccountsToCreate; i++) { var resp = ServiceAccountServiceClient.CreateServiceAccount(new CreateServiceAccountRequest { Name = ServiceAccountName, ProjectName = ProjectName, Permissions = { new RepeatedField <Permission> { perm } }, Lifetime = Duration.FromTimeSpan(new TimeSpan(1)) // Let this service account live for one day }); ServiceAccountIds.Add(resp.Id); } }
public async Task <object> CreateServiceAccount(dynamic data) { return(await Task.Run(() => { PlatformRefreshTokenCredential CredentialWithProvidedToken = new PlatformRefreshTokenCredential(data._RefreshToken); ServiceAccountServiceClient _serviceAccountServiceClient = ServiceAccountServiceClient.Create(credentials: CredentialWithProvidedToken); var perm = new Permission { Parts = { new RepeatedField <string> { "prj", data._ProjectName, "*" } } }; if (data._WritePermission) { perm.Verbs.Add(Permission.Types.Verb.Write); } if (data._ReadPermission) { perm.Verbs.Add(Permission.Types.Verb.Read); } if (data._GrantPermission) { perm.Verbs.Add(Permission.Types.Verb.Grant); } var _newAccount = _serviceAccountServiceClient.CreateServiceAccount(new CreateServiceAccountRequest { Name = data._ServiceAccountName, ProjectName = data._ProjectName, Permissions = { new RepeatedField <Permission> { perm } }, Lifetime = Duration.FromTimeSpan(TimeSpan.FromSeconds(data._Lifetime)) }); return _newAccount.Id; })); }
private static int CreateServiceAccount(CreateOptions opts) { var parsedLifetime = TimeSpan.Zero; try { parsedLifetime = TimeSpan.Parse(opts.Lifetime); } catch (FormatException) { Console.WriteLine($"Failed to parse lifetime: {opts.Lifetime}"); Console.WriteLine("Expected it to be in a format that can be parsed as a TimeSpan."); Console.WriteLine("E.g. 1.2:15 is 1 day, 2 hours and 15 minutes."); return(1); } if (File.Exists(opts.RefreshTokenFile)) { Console.WriteLine($"Refresh token output file {opts.RefreshTokenFile} already exists."); Console.WriteLine("Aborting service account creation. Please delete / move it before running again."); return(1); } var projectPermissionVerbs = new RepeatedField <Permission.Types.Verb> { Permission.Types.Verb.Read }; if (opts.ProjectWrite) { Console.WriteLine("Granting the service account project write access."); projectPermissionVerbs.Add(Permission.Types.Verb.Write); } var projectPermission = new Permission { Parts = { new RepeatedField <string> { "prj", opts.ProjectName, "*" } }, Verbs = { projectPermissionVerbs } }; var packagePermissions = new Permission { Parts = { new RepeatedField <string> { "srv", "pkg" } }, Verbs = { new RepeatedField <Permission.Types.Verb> { Permission.Types.Verb.Read } } }; var bundlePermissions = new Permission { Parts = { new RepeatedField <string> { "srv", "bundles" } }, Verbs = { new RepeatedField <Permission.Types.Verb> { Permission.Types.Verb.Read } } }; var permissions = new RepeatedField <Permission> { projectPermission, bundlePermissions, packagePermissions }; if (opts.MetricsRead) { Console.WriteLine("Granting the service account metrics read access."); var metricsReadPermissions = new Permission { Parts = { new RepeatedField <string> { "srv", "*" } }, Verbs = { new RepeatedField <Permission.Types.Verb> { Permission.Types.Verb.Read } } }; permissions.Add(metricsReadPermissions); } var serviceAccount = ServiceAccountServiceClient.CreateServiceAccount(new CreateServiceAccountRequest { Name = opts.ServiceAccountName, ProjectName = opts.ProjectName, Permissions = { permissions }, Lifetime = Duration.FromTimeSpan(parsedLifetime), }); Console.WriteLine($"Service account created with ID {serviceAccount.Id}"); Console.WriteLine($"Writing service account refresh token to {opts.RefreshTokenFile}."); // Don't put a byte-order mark in the created file. var encoding = new UTF8Encoding(false); File.WriteAllText(opts.RefreshTokenFile, serviceAccount.Token, encoding); return(0); }