def get_gcp_buckets(storage, project_id):
"""
Returns a list of storage objects within some given project
:type storage: The GCP storage resource object
:param storage: The storage resource object created by googleapiclient.discovery.build()
:type project_id: str
:param project_id: The Google Project Id that you are retrieving buckets from
:rtype: Storage Object
:return: Storage response object
"""
try:
req = storage.buckets().list(project=project_id)
res = req.execute()
return res
except HttpError as e:
reason = compute._get_error_reason(e)
if reason == 'invalid':
logger.warning(
(
"The project %s is invalid - returned a 400 invalid error."
"Full details: %s"
),
project_id,
e,
)
return {}
elif reason == 'forbidden':
logger.warning(
(
"You do not have storage.bucket.list access to the project %s. "
"Full details: %s"
), project_id, e, )
return {}
else:
raise
def get_gke_clusters(container, project_id):
"""
Returns a list of GKE clusters within some given project.
:type container: The GCP Container resource object
:param container: The Container resource object created by googleapiclient.discovery.build()
:type project_id: str
:param project_id: The Google Project Id that you are retrieving clusters from
:rtype: Cluster Object
:return: Cluster response object
"""
try:
req = container.projects().zones().clusters().list(
projectId=project_id, zone='-')
res = req.execute()
return res
except HttpError as e:
reason = compute._get_error_reason(e)
if reason == 'invalid':
logger.warning(
("The project %s is invalid - returned a 400 invalid error."
"Full details: %s"),
project_id,
e,
)
return {}
elif reason == 'forbidden':
logger.warning(
("You do not have container.projects.zones.clusters.list access to the project %s. "
"Full details: %s"),
project_id,
e,
)
return {}
else:
raise
def get_gcp_bucket_iam_policy(storage, bucket):
"""
Retrieves IAM policy about the given bucket.
:type storage: A storage resource object
:param storage: The storage resource object created by googleapiclient.discovery.build()
:type bucket: str
:param bucket: Google Cloud Bucket name
:rtype: IAM Policy Object
:return: IAM Policy for specified bucket
"""
try:
req = storage.buckets().getIamPolicy(bucket=bucket)
res = req.execute()
return res
except HttpError as e:
reason = compute._get_error_reason(e)
if reason == 'notFound':
logger.debug(
("The bucket %s was not found - returned a 404 not found error."
"Full details: %s"),
bucket,
e,
)
return None
elif reason == 'forbidden':
logger.debug(
("You do not have storage.bucket.getIamPolicy access to the bucket %s. "
"Full details: %s"),
bucket,
e,
)
return None
else:
raise