in sources/src/main/java/com/google/solutions/jitaccess/catalog/provisioning/Provisioner.java [251:295]
public void provision(
@NotNull JitGroupPolicy group,
@NotNull EndUserId member,
@NotNull Instant expiry
) throws AccessException, IOException {
var groupId = this.mapping.groupFromJitGroup(group.id());
//
// Create group if it doesn't exist yet.
//
try {
var groupKey = this.groupsClient.createGroup(
groupId,
CloudIdentityGroupsClient.GroupType.Security,
String.format(
"JIT Group %s \u203A %s \u203A %s",
group.id().environment(),
group.id().system(),
group.id().name()),
group.description());
//
// Add user to group.
//
this.groupsClient.addMembership(
groupKey,
member,
expiry);
this.logger.info(
EventIds.PROVISION_MEMBER,
"Added %s to group %s with expiry %s",
member,
groupId,
expiry);
}
catch (AccessException e) {
this.logger.error(
EventIds.PROVISION_MEMBER,
String.format("Adding %s to group %s failed", member, groupId),
e);
throw (AccessException)e.fillInStackTrace();
}
}