def Run(self, args):
messages = cloudkms_base.GetMessagesModule()
policy, update_mask = iam_util.ParseYamlOrJsonPolicyFile(args.policy_file,
messages.Policy)
crypto_key_ref = flags.ParseCryptoKeyName(args)
result = iam.SetCryptoKeyIamPolicy(crypto_key_ref, policy, update_mask)
iam_util.LogSetIamPolicy(crypto_key_ref.Name(), 'key')
return result
def Run(self, args):
client = iam.Client()
authority_ref = util.GetAuthorityRef(args.authority_name)
policy, _ = iam_util.ParseYamlOrJsonPolicyFile(
args.policy_file, client.messages.IamPolicy)
result = client.Set(authority_ref, policy)
iam_util.LogSetIamPolicy(authority_ref.Name(), 'authority')
return result
def Run(self, args):
messages = cloudkms_base.GetMessagesModule()
policy, update_mask = iam_util.ParseYamlOrJsonPolicyFile(
args.policy_file, messages.Policy)
keyring_ref = flags.ParseKeyRingName(args)
result = iam.SetKeyRingIamPolicy(keyring_ref, policy, update_mask)
iam_util.LogSetIamPolicy(keyring_ref.Name(), 'keyring')
return result
def Run(self, args):
client = iam.Client()
policy_ref = util.GetPolicyRef()
policy, _ = iam_util.ParseYamlOrJsonPolicyFile(args.policy_file,
client.messages.IamPolicy)
result = client.Set(policy_ref, policy)
iam_util.LogSetIamPolicy(policy_ref.Name(), 'policy')
return result
def Run(self, args):
client = iam.Client(apis.V1_BETA1)
attestor_ref = util.GetAttestorRef(args.attestor_name)
policy, _ = iam_util.ParseYamlOrJsonPolicyFile(
args.policy_file, client.messages.IamPolicy)
result = client.Set(attestor_ref, policy)
iam_util.LogSetIamPolicy(attestor_ref.Name(), 'attestor')
return result
def Run(self, args):
api_version = apis.GetApiVersion(self.ReleaseTrack())
client = iam.Client(api_version)
policy_ref = util.GetPolicyRef()
policy, _ = iam_util.ParseYamlOrJsonPolicyFile(
args.policy_file, client.messages.IamPolicy)
result = client.Set(policy_ref, policy)
iam_util.LogSetIamPolicy(policy_ref.Name(), 'policy')
return result
def Run(args):
"""Set the IAM policy for a Google Cloud Function."""
client = util.GetApiClientInstance()
messages = client.MESSAGES_MODULE
function_ref = args.CONCEPTS.name.Parse()
policy, update_mask = iam_util.ParseYamlOrJsonPolicyFile(
args.policy_file, messages.Policy)
result = client.projects_locations_functions.SetIamPolicy(
messages.CloudfunctionsProjectsLocationsFunctionsSetIamPolicyRequest(
resource=function_ref.RelativeName(),
setIamPolicyRequest=messages.SetIamPolicyRequest(
policy=policy, updateMask=update_mask)))
iam_util.LogSetIamPolicy(function_ref.Name(), 'function')
return result
def Run(args, release_track):
"""Set the IAM policy for a Google Cloud Function."""
client = api_util.GetClientInstance(release_track=release_track)
messages = api_util.GetMessagesModule(release_track=release_track)
function_ref = args.CONCEPTS.name.Parse()
function_relative_name = function_ref.RelativeName()
policy, update_mask = iam_util.ParseYamlOrJsonPolicyFile(
args.policy_file, messages.Policy)
return client.projects_locations_functions.SetIamPolicy(
messages.CloudfunctionsProjectsLocationsFunctionsSetIamPolicyRequest(
resource=function_relative_name,
setIamPolicyRequest=messages.SetIamPolicyRequest(
policy=policy, updateMask=update_mask)))
def Run(self, args):
"""Sets the IAM policy for the repository.
Args:
args: argparse.Namespace, the arguments this command is run with.
Returns:
(sourcerepo_v1_messsages.Policy) The IAM policy.
Raises:
sourcerepo.RepoResourceError: on resource initialization errors.
iam_util.BadFileException: if the YAML or JSON file is malformed.
iam_util.IamEtagReadError: if the etag is badly formatted.
apitools.base.py.exceptions.HttpError: on request errors.
"""
res = sourcerepo.ParseRepo(args.name)
source = sourcerepo.Source()
policy, unused_mask = iam_util.ParseYamlOrJsonPolicyFile(
args.policy_file, source.messages.Policy)
result = source.SetIamPolicy(res, policy)
iam_util.LogSetIamPolicy(res.Name(), 'repo')
return result
def Run(self, args):
"""This is what gets called when the user runs this command.
Args:
args: an argparse namespace. All the arguments that were provided to this
command invocation.
Returns:
The specified function with its description and configured filter.
"""
client = util.GetApiClientInstance()
messages = client.MESSAGES_MODULE
function_ref = args.CONCEPTS.name.Parse()
policy, update_mask = iam_util.ParseYamlOrJsonPolicyFile(
args.policy_file, messages.Policy)
result = client.projects_locations_functions.SetIamPolicy(
messages.
CloudfunctionsProjectsLocationsFunctionsSetIamPolicyRequest(
resource=function_ref.RelativeName(),
setIamPolicyRequest=messages.SetIamPolicyRequest(
policy=policy, updateMask=update_mask)))
iam_util.LogSetIamPolicy(function_ref.Name(), 'function')
return result
def ParsePolicyFile(policy_file_path, policy_message_type):
"""Constructs an IAM Policy message from a JSON/YAML formatted file.
Args:
policy_file_path: Path to the JSON or YAML IAM policy file.
policy_message_type: Policy message type to convert JSON or YAML to.
Returns:
a protorpc.Message of type policy_message_type filled in from the JSON or
YAML policy file.
Raises:
BadFileException if the JSON or YAML file is malformed.
"""
policy, unused_mask = iam_util.ParseYamlOrJsonPolicyFile(
policy_file_path, policy_message_type)
if not policy.etag:
msg = ('The specified policy does not contain an "etag" field '
'identifying a specific version to replace. Changing a '
'policy without an "etag" can overwrite concurrent policy '
'changes.')
console_io.PromptContinue(message=msg,
prompt_string='Replace existing policy',
cancel_on_no=True)
return policy
