def _GetPolicy(organization_ref):
"""Get the access policy for the given organization.
The current user must have permission to list the policies for the
organization.
Args:
organization_ref: resources.Resource, a reference to a
cloudresourcemanager.organizations resource to look up the policy for.
Returns:
resources.Resource, a reference to an accesscontextmanager.accessPolicies
resource
Raises:
DefaultPolicyResolutionError: if the number of policies matching the
given organization is not exactly 1, or listing policies fails.
"""
try:
policies = list(policies_api.Client().List(organization_ref, limit=2))
except Exception as err:
raise DefaultPolicyResolutionError(
'Unable to resolve policy for organization [{}]: {}'.format(
organization_ref.Name(), err))
if not policies:
raise DefaultPolicyResolutionError(
'No matching policies found for organization [{}]'.format(
organization_ref.Name()))
elif len(policies) > 1:
raise DefaultPolicyResolutionError(
'Found more than one access policy for organization [{}]:\n{}'.format(
organization_ref.Name(), policies))
policy_ref = resources.REGISTRY.Parse(
policies[0].name, collection='accesscontextmanager.accessPolicies')
return policy_ref
def Run(self, args):
client = policies_api.Client(version=self._API_VERSION)
policy_ref = args.CONCEPTS.policy.Parse()
return client.Patch(policy_ref, title=args.title)
def Run(self, args):
client = policies_api.Client()
policy_ref = args.CONCEPTS.policy.Parse()
return client.Patch(policy_ref, title=args.title)