class AddIamPolicyBinding(base_classes.BaseIamCommand):
"""Add an IAM policy binding to a service account.
This command adds a policy binding to the IAM policy of a service account,
given an IAM-ACCOUNT and the binding.
"""
detailed_help = iam_util.GetDetailedHelpForAddIamPolicyBinding(
'service account', '*****@*****.**')
@staticmethod
def Args(parser):
parser.add_argument('account',
metavar='IAM-ACCOUNT',
help='The service account whose policy to '
'add bindings to.')
iam_util.AddArgsForAddIamPolicyBinding(parser)
@utils.CatchServiceAccountErrors
@http_retry.RetryOnHttpStatus(httplib.CONFLICT)
def Run(self, args):
self.SetAddress(args.account)
policy = self.iam_client.projects_serviceAccounts.GetIamPolicy(
self.messages.IamProjectsServiceAccountsGetIamPolicyRequest(
resource=utils.EmailToAccountResourceName(args.account)))
iam_util.AddBindingToIamPolicy(self.messages, policy, args)
return self.iam_client.projects_serviceAccounts.SetIamPolicy(
self.messages.IamProjectsServiceAccountsSetIamPolicyRequest(
resource=utils.EmailToAccountResourceName(args.account),
setIamPolicyRequest=self.messages.SetIamPolicyRequest(
policy=policy)))
class AddIamPolicyBinding(base.Command):
"""Add IAM policy binding for a project.
Adds a policy binding to the IAM policy of a project,
given a project ID and the binding.
"""
detailed_help = iam_util.GetDetailedHelpForAddIamPolicyBinding(
'project', 'example-project-id-1')
@staticmethod
def Args(parser):
parser.add_argument(
'id',
metavar='PROJECT_ID',
completion_resource='cloudresourcemanager.projects',
list_command_path='projects',
help='ID for the project you want to update')
iam_util.AddArgsForAddIamPolicyBinding(parser)
@util.HandleHttpError
@http_retry.RetryOnHttpStatus(httplib.CONFLICT)
def Run(self, args):
projects = self.context['projects_client']
messages = self.context['projects_messages']
resources = self.context['projects_resources']
project_ref = resources.Parse(
args.id, collection='cloudresourcemanager.projects')
policy_request = messages.CloudresourcemanagerProjectsGetIamPolicyRequest(
resource=project_ref.Name(),
getIamPolicyRequest=messages.GetIamPolicyRequest())
policy = projects.projects.GetIamPolicy(policy_request)
iam_util.AddBindingToIamPolicy(messages, policy, args)
policy_request = messages.CloudresourcemanagerProjectsSetIamPolicyRequest(
resource=project_ref.Name(),
setIamPolicyRequest=messages.SetIamPolicyRequest(policy=policy))
return projects.projects.SetIamPolicy(policy_request)
def Display(self, args, result):
"""This method is called to print the result of the Run() method.
Args:
args: The arguments that command was run with.
result: The value returned from the Run() method.
"""
_ = args # in case lint gets unhappy about unused args.
# pylint:disable=not-callable, self.format is callable.
self.format(result)
class AddIamPolicyBinding(base.Command):
"""Add IAM policy binding for a dataset.
This command adds a policy binding to the IAM policy of a dataset,
given a dataset ID and the binding.
"""
detailed_help = iam_util.GetDetailedHelpForAddIamPolicyBinding(
'dataset', '1000')
@staticmethod
def Args(parser):
parser.add_argument('id', type=str, help='The ID of the dataset.')
iam_util.AddArgsForAddIamPolicyBinding(parser, 'id',
'genomics.datasets')
@genomics_util.ReraiseHttpException
def Run(self, args):
apitools_client = self.context[lib.GENOMICS_APITOOLS_CLIENT_KEY]
messages = self.context[lib.GENOMICS_MESSAGES_MODULE_KEY]
resources = self.context[lib.GENOMICS_RESOURCES_KEY]
dataset_resource = resources.Parse(args.id,
collection='genomics.datasets')
policy_request = messages.GenomicsDatasetsGetIamPolicyRequest(
resource='datasets/{0}'.format(dataset_resource.Name()),
getIamPolicyRequest=messages.GetIamPolicyRequest(),
)
policy = apitools_client.datasets.GetIamPolicy(policy_request)
iam_util.AddBindingToIamPolicy(messages, policy, args)
policy_request = messages.GenomicsDatasetsSetIamPolicyRequest(
resource='datasets/{0}'.format(dataset_resource.Name()),
setIamPolicyRequest=messages.SetIamPolicyRequest(policy=policy),
)
return apitools_client.datasets.SetIamPolicy(policy_request)
def Display(self, args, result):
"""This method is called to print the result of the Run() method.
Args:
args: The arguments that command was run with.
result: The value returned from the Run() method.
"""
_ = args # in case lint gets unhappy about unused args.
# pylint:disable=not-callable, self.format is callable.
self.format(result)
class AddIamPolicyBinding(util.ProjectCommand):
"""Add IAM policy binding for a project.
Adds a policy binding to the IAM policy of a project,
given a project ID and the binding.
"""
detailed_help = iam_util.GetDetailedHelpForAddIamPolicyBinding(
'project', 'example-project-id-1')
@staticmethod
def Args(parser):
parser.add_argument(
'id',
metavar='PROJECT_ID',
completion_resource='cloudresourcemanager.projects',
list_command_path='projects',
help='ID for the project you want to update')
iam_util.AddArgsForAddIamPolicyBinding(
parser, 'id', 'cloudresourcemanager.projects')
@util.HandleHttpError
@http_retry.RetryOnHttpStatus(httplib.CONFLICT)
def Run(self, args):
projects = self.context['projects_client']
messages = self.context['projects_messages']
project_ref = self.GetProject(args.id)
policy_request = messages.CloudresourcemanagerProjectsGetIamPolicyRequest(
resource=project_ref.Name(),
getIamPolicyRequest=messages.GetIamPolicyRequest())
policy = projects.projects.GetIamPolicy(policy_request)
iam_util.AddBindingToIamPolicy(messages, policy, args)
policy_request = messages.CloudresourcemanagerProjectsSetIamPolicyRequest(
resource=project_ref.Name(),
setIamPolicyRequest=messages.SetIamPolicyRequest(policy=policy))
return projects.projects.SetIamPolicy(policy_request)