def _CreatePolicy(self, args): """Create the policy on the service if needed. Args: args: argparse.Namespace, An object that contains the values for the arguments specified in the Args method. Returns: The created policy. """ name = utils.GetPolicyNameFromArgs(args) constraint = utils.GetConstraintFromArgs(args) parent = utils.GetResourceFromArgs(args) empty_policy = self.org_policy_messages.GoogleCloudOrgpolicyV2alpha1Policy( name=name, spec=self.org_policy_messages. GoogleCloudOrgpolicyV2alpha1PolicySpec()) new_policy = self.UpdatePolicy(empty_policy, args) if not new_policy.spec.rules and not new_policy.spec.inheritFromParent and not new_policy.spec.reset: # Return the response received after a successful DeletePolicy. return self.org_policy_messages.GoogleProtobufEmpty() create_request = self.org_policy_messages.OrgpolicyPoliciesCreateRequest( constraint=constraint, parent=parent, googleCloudOrgpolicyV2alpha1Policy=new_policy) create_response = self.policy_service.Create(create_request) log.CreatedResource(name, 'policy') return create_response
def Run(self, args): org_policy_api = org_policy_service.OrgPolicyApi(self.ReleaseTrack()) parent = utils.GetResourceFromArgs(args) output = [] policies = org_policy_api.ListPolicies(parent).policies for policy in policies: spec = policy.spec list_policy_set = HasListPolicy(spec) boolean_policy_set = HasBooleanPolicy(spec) output.append({ 'constraint': policy.name.split('/')[-1], 'listPolicy': 'SET' if list_policy_set else '-', 'booleanPolicy': 'SET' if boolean_policy_set else '-', 'etag': spec.etag }) if args.show_unset: constraints = org_policy_api.ListConstraints(parent).constraints existing_policy_names = {row['constraint'] for row in output} for constraint in constraints: constraint_name = constraint.name.split('/')[-1] if constraint_name not in existing_policy_names: output.append({ 'constraint': constraint_name, 'listPolicy': '-', 'booleanPolicy': '-' }) return output
def testGetResourceFromArgs_FolderResourceSpecified_ReturnsResource(self): args = self.parser.parse_args( [self.CONSTRAINT_A, self.FOLDER_FLAG, self.FOLDER_ID]) resource = utils.GetResourceFromArgs(args) self.assertEqual(resource, self.FOLDER_RESOURCE)
def testGetResourceFromArgs_ProjectResourceSpecified_ReturnsResource(self): args = self.parser.parse_args( [self.CONSTRAINT_A, self.PROJECT_FLAG, self.PROJECT_ID]) resource = utils.GetResourceFromArgs(args) self.assertEqual(resource, self.PROJECT_RESOURCE)
def Run(self, args): policy_service = org_policy_service.PolicyService() constraint_service = org_policy_service.ConstraintService() org_policy_messages = org_policy_service.OrgPolicyMessages() parent = utils.GetResourceFromArgs(args) list_policies_request = org_policy_messages.OrgpolicyPoliciesListRequest( parent=parent) list_policies_response = policy_service.List(list_policies_request) policies = list_policies_response.policies if args.show_unset: list_constraints_request = org_policy_messages.OrgpolicyConstraintsListRequest( parent=parent) list_constraints_response = constraint_service.List( list_constraints_request) constraints = list_constraints_response.constraints existing_policy_names = {policy.spec.name for policy in policies} for constraint in constraints: policy_name = org_policy_utils.GetPolicyNameFromConstraintName( constraint.name) if policy_name not in existing_policy_names: stubbed_policy = org_policy_messages.GoogleCloudOrgpolicyV2alpha1Policy( spec=org_policy_messages.GoogleCloudOrgpolicyV2alpha1PolicySpec( name=policy_name)) policies.append(stubbed_policy) return policies
def testGetResourceFromArgs_OrganizationResourceSpecified_ReturnsResource( self): args = self.parser.parse_args( [self.CONSTRAINT_A, self.ORGANIZATION_FLAG, self.ORGANIZATION_ID]) resource = utils.GetResourceFromArgs(args) self.assertEqual(resource, self.ORGANIZATION_RESOURCE)
def Run(self, args): org_policy_client = org_policy_service.OrgPolicyClient( self.ReleaseTrack()) messages = org_policy_service.OrgPolicyMessages(self.ReleaseTrack()) parent = utils.GetResourceFromArgs(args) request = messages.OrgpolicyOrganizationsCustomConstraintsListRequest( parent=parent) return list_pager.YieldFromList( org_policy_client.organizations_customConstraints, request, field='customConstraints', limit=args.limit, batch_size_attribute='pageSize', batch_size=args.page_size)
def Run(self, args): policy_service = org_policy_service.PolicyService() constraint_service = org_policy_service.ConstraintService() org_policy_messages = org_policy_service.OrgPolicyMessages() output = [] parent = utils.GetResourceFromArgs(args) list_policies_request = org_policy_messages.OrgpolicyPoliciesListRequest( parent=parent) list_policies_response = policy_service.List(list_policies_request) policies = list_policies_response.policies for policy in policies: spec = policy.spec list_policy_set = HasListPolicy(spec) boolean_policy_set = HasBooleanPolicy(spec) output.append({ 'constraint': policy.name.split('/')[-1], 'listPolicy': 'SET' if list_policy_set else '', 'booleanPolicy': 'SET' if boolean_policy_set else '', 'etag': spec.etag }) if args.show_unset: list_constraints_request = org_policy_messages.OrgpolicyConstraintsListRequest( parent=parent) list_constraints_response = constraint_service.List( list_constraints_request) constraints = list_constraints_response.constraints existing_policy_names = {row['constraint'] for row in output} for constraint in constraints: constraint_name = constraint.name.split('/')[-1] if constraint_name not in existing_policy_names: output.append({'constraint': constraint_name}) return output