public void TestRemoveBucketConditionalIamBinding()
{
AddBucketConditionalIamBindingSample addBucketConditionalIamBindingSample = new AddBucketConditionalIamBindingSample();
RemoveBucketConditionalIamBindingSample removeBucketConditionalIamBindingSample = new RemoveBucketConditionalIamBindingSample();
ViewBucketIamMembersSample viewBucketIamMembersSample = new ViewBucketIamMembersSample();
EnableUniformBucketLevelAccessSample enableUniformBucketLevelAccessSample = new EnableUniformBucketLevelAccessSample();
DisableUniformBucketLevelAccessSample disableUniformBucketLevelAccessSample = new DisableUniformBucketLevelAccessSample();
string memberType = "serviceAccount";
string role = "roles/storage.objectViewer";
// Enable Uniform bucket level access.
enableUniformBucketLevelAccessSample.EnableUniformBucketLevelAccess(_fixture.BucketNameGeneric);
_fixture.SleepAfterBucketCreateUpdateDelete();
// Add Conditional Binding.
addBucketConditionalIamBindingSample.AddBucketConditionalIamBinding(_fixture.BucketNameGeneric,
role, $"{memberType}:{_fixture.ServiceAccountEmail}", "title", "description",
"resource.name.startsWith(\"projects/_/buckets/bucket-name/objects/prefix-a-\")");
_fixture.SleepAfterBucketCreateUpdateDelete();
// Remove Conditional Binding.
removeBucketConditionalIamBindingSample.RemoveBucketConditionalIamBinding(_fixture.BucketNameGeneric,
role, "title", "description",
"resource.name.startsWith(\"projects/_/buckets/bucket-name/objects/prefix-a-\")");
_fixture.SleepAfterBucketCreateUpdateDelete();
// Get Bucket Iam Members.
var policy = viewBucketIamMembersSample.ViewBucketIamMembers(_fixture.BucketNameGeneric);
Assert.DoesNotContain(policy.Bindings, c => c.Members.Contains($"{memberType}:{_fixture.ServiceAccountEmail}"));
// Disable Uniform bucket level access
disableUniformBucketLevelAccessSample.DisableUniformBucketLevelAccess(_fixture.BucketNameGeneric);
_fixture.SleepAfterBucketCreateUpdateDelete();
}
public void TestAddBucketConditionalIamBinding()
{
AddBucketConditionalIamBindingSample addBucketConditionalIamBindingSample = new AddBucketConditionalIamBindingSample();
EnableUniformBucketLevelAccessSample enableUniformBucketLevelAccessSample = new EnableUniformBucketLevelAccessSample();
var bucketName = Guid.NewGuid().ToString();
string memberType = "serviceAccount";
string role = "roles/storage.objectViewer";
// Create bucket
_fixture.CreateBucket(bucketName);
// Enable Uniform bucket level access.
enableUniformBucketLevelAccessSample.EnableUniformBucketLevelAccess(bucketName);
_fixture.SleepAfterBucketCreateUpdateDelete();
// Add Conditional Binding.
var policy = addBucketConditionalIamBindingSample.AddBucketConditionalIamBinding(bucketName,
role, $"{memberType}:{_fixture.ServiceAccountEmail}", "title", "description",
"resource.name.startsWith(\"projects/_/buckets/bucket-name/objects/prefix-a-\")");
_fixture.SleepAfterBucketCreateUpdateDelete();
Assert.Contains(policy.Bindings, c => c.Members.Contains($"{memberType}:{_fixture.ServiceAccountEmail}"));
}