def _transform(self, resource_from_api):
"""Yield an iterator of loadable iam policies.
Args:
resource_from_api (iterable): IAM policies as per-project
dictionary.
Example: {'project_number': 11111,
'iam_policy': policy}
https://cloud.google.com/resource-manager/reference/rest/Shared.Types/Policy
Yields:
iterable: Loadable iam policies, as a per-org dictionary.
"""
for iam_policy_map in resource_from_api:
iam_policy = iam_policy_map['iam_policy']
bindings = iam_policy.get('bindings', [])
for binding in bindings:
members = binding.get('members', [])
for member in members:
member_type, member_name, member_domain = (
parser.parse_member_info(member))
role = binding.get('role', '')
if role.startswith('roles/'):
role = role.replace('roles/', '')
yield {
'project_number': iam_policy_map['project_number'],
'role': role,
'member_type': member_type,
'member_name': member_name,
'member_domain': member_domain
}
def _transform(self, resource_from_api):
"""Yield an iterator of loadable iam policies.
Args:
resource_from_api (iterable): IAM policies as per-folder
dictionary.
Example: [{'folder_id': folder_id,
'iam_policy': policy}]
Yields:
iterable: IAM policies formatted for loading into database,
as a per-folder dictionary.
"""
for folder_policy_map in resource_from_api:
iam_policy = folder_policy_map['iam_policy']
bindings = iam_policy.get('bindings', [])
for binding in bindings:
members = binding.get('members', [])
for member in members:
member_type, member_name, member_domain = (
parser.parse_member_info(member))
role = binding.get('role', '')
if role.startswith('roles/'):
role = role.replace('roles/', '')
yield {'folder_id': folder_policy_map['folder_id'],
'role': role,
'member_type': member_type,
'member_name': member_name,
'member_domain': member_domain}