#!/usr/bin/env python """CLI for iam, version v1.""" # NOTE: This file is autogenerated and should not be edited by hand. import code import os import platform import sys from apitools.base.protorpclite import message_types from apitools.base.protorpclite import messages from google.apputils import appcommands import gflags as flags import apitools.base.py as apitools_base from apitools.base.py import cli as apitools_base_cli import iam_v1_client as client_lib import iam_v1_messages as messages def _DeclareIamFlags(): """Declare global flags in an idempotent way.""" if 'api_endpoint' in flags.FLAGS: return flags.DEFINE_string( 'api_endpoint', u'https://iam.googleapis.com/', 'URL of the API endpoint to use.', short_name='iam_url') flags.DEFINE_string( 'history_file', u'~/.iam.v1.history', 'File with interactive shell history.') flags.DEFINE_multistring( 'add_header', [], 'Additional http headers (as key=value strings). ' 'Can be specified multiple times.') flags.DEFINE_string( 'service_account_json_keyfile', '', 'Filename for a JSON service account key downloaded' ' from the Developer Console.') flags.DEFINE_enum( 'f__xgafv', u'_1', [u'_1', u'_2'], u'V1 error format.') flags.DEFINE_string( 'access_token', None, u'OAuth access token.') flags.DEFINE_enum( 'alt', u'json', [u'json', u'media', u'proto'], u'Data format for response.') flags.DEFINE_string( 'bearer_token', None, u'OAuth bearer token.') flags.DEFINE_string( 'callback', None, u'JSONP') flags.DEFINE_string( 'fields', None, u'Selector specifying which fields to include in a partial response.') flags.DEFINE_string( 'key', None, u'API key. Your API key identifies your project and provides you with ' u'API access, quota, and reports. Required unless you provide an OAuth ' u'2.0 token.') flags.DEFINE_string( 'oauth_token', None, u'OAuth 2.0 token for the current user.') flags.DEFINE_boolean( 'pp', 'True', u'Pretty-print response.') flags.DEFINE_boolean( 'prettyPrint', 'True', u'Returns response with indentations and line breaks.') flags.DEFINE_string( 'quotaUser', None, u'Available to use for quota purposes for server-side applications. Can' u' be any arbitrary string assigned to a user, but should not exceed 40' u' characters.') flags.DEFINE_string( 'trace', None, 'A tracing token of the form "token:<tokenid>" to include in api ' 'requests.') flags.DEFINE_string( 'uploadType', None, u'Legacy upload protocol for media (e.g. "media", "multipart").') flags.DEFINE_string( 'upload_protocol', None, u'Upload protocol for media (e.g. "raw", "multipart").') FLAGS = flags.FLAGS apitools_base_cli.DeclareBaseFlags() _DeclareIamFlags() def GetGlobalParamsFromFlags(): """Return a StandardQueryParameters based on flags.""" result = messages.StandardQueryParameters() if FLAGS['f__xgafv'].present: result.f__xgafv = messages.StandardQueryParameters.FXgafvValueValuesEnum(FLAGS.f__xgafv) if FLAGS['access_token'].present: result.access_token = FLAGS.access_token.decode('utf8') if FLAGS['alt'].present: result.alt = messages.StandardQueryParameters.AltValueValuesEnum(FLAGS.alt) if FLAGS['bearer_token'].present: result.bearer_token = FLAGS.bearer_token.decode('utf8') if FLAGS['callback'].present: result.callback = FLAGS.callback.decode('utf8') if FLAGS['fields'].present: result.fields = FLAGS.fields.decode('utf8') if FLAGS['key'].present: result.key = FLAGS.key.decode('utf8') if FLAGS['oauth_token'].present: result.oauth_token = FLAGS.oauth_token.decode('utf8') if FLAGS['pp'].present: result.pp = FLAGS.pp if FLAGS['prettyPrint'].present: result.prettyPrint = FLAGS.prettyPrint if FLAGS['quotaUser'].present: result.quotaUser = FLAGS.quotaUser.decode('utf8') if FLAGS['trace'].present: result.trace = FLAGS.trace.decode('utf8') if FLAGS['uploadType'].present: result.uploadType = FLAGS.uploadType.decode('utf8') if FLAGS['upload_protocol'].present: result.upload_protocol = FLAGS.upload_protocol.decode('utf8') return result def GetClientFromFlags(): """Return a client object, configured from flags.""" log_request = FLAGS.log_request or FLAGS.log_request_response log_response = FLAGS.log_response or FLAGS.log_request_response api_endpoint = apitools_base.NormalizeApiEndpoint(FLAGS.api_endpoint) additional_http_headers = dict(x.split('=', 1) for x in FLAGS.add_header) credentials_args = { 'service_account_json_keyfile': os.path.expanduser(FLAGS.service_account_json_keyfile) } try: client = client_lib.IamV1( api_endpoint, log_request=log_request, log_response=log_response, credentials_args=credentials_args, additional_http_headers=additional_http_headers) except apitools_base.CredentialsError as e: print 'Error creating credentials: %s' % e sys.exit(1) return client class PyShell(appcommands.Cmd): def Run(self, _): """Run an interactive python shell with the client.""" client = GetClientFromFlags() params = GetGlobalParamsFromFlags() for field in params.all_fields(): value = params.get_assigned_value(field.name) if value != field.default: client.AddGlobalParam(field.name, value) banner = """ == iam interactive console == client: a iam client apitools_base: base apitools module messages: the generated messages module """ local_vars = { 'apitools_base': apitools_base, 'client': client, 'client_lib': client_lib, 'messages': messages, } if platform.system() == 'Linux': console = apitools_base_cli.ConsoleWithReadline( local_vars, histfile=FLAGS.history_file) else: console = code.InteractiveConsole(local_vars) try: console.interact(banner) except SystemExit as e: return e.code class IamPoliciesGetPolicyDetails(apitools_base_cli.NewCmd): """Command wrapping iamPolicies.GetPolicyDetails.""" usage = """iamPolicies_getPolicyDetails""" def __init__(self, name, fv): super(IamPoliciesGetPolicyDetails, self).__init__(name, fv) flags.DEFINE_string( 'fullResourcePath', None, u'REQUIRED: The full resource path of the current policy being ' u'requested, e.g., `//dataflow.googleapis.com/projects/../jobs/..`.', flag_values=fv) flags.DEFINE_integer( 'pageSize', None, u'Limit on the number of policies to include in the response. Further' u' accounts can subsequently be obtained by including the ' u'GetPolicyDetailsResponse.next_page_token in a subsequent request. ' u'If zero, the default page size 20 will be used. Must be given a ' u'value in range [0, 100], otherwise an invalid argument error will ' u'be returned.', flag_values=fv) flags.DEFINE_string( 'pageToken', None, u'Optional pagination token returned in an earlier ' u'GetPolicyDetailsResponse.next_page_token response.', flag_values=fv) def RunWithArgs(self): """Returns the current IAM policy and the policies on the inherited resources that the user has access to. Flags: fullResourcePath: REQUIRED: The full resource path of the current policy being requested, e.g., `//dataflow.googleapis.com/projects/../jobs/..`. pageSize: Limit on the number of policies to include in the response. Further accounts can subsequently be obtained by including the GetPolicyDetailsResponse.next_page_token in a subsequent request. If zero, the default page size 20 will be used. Must be given a value in range [0, 100], otherwise an invalid argument error will be returned. pageToken: Optional pagination token returned in an earlier GetPolicyDetailsResponse.next_page_token response. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.GetPolicyDetailsRequest( ) if FLAGS['fullResourcePath'].present: request.fullResourcePath = FLAGS.fullResourcePath.decode('utf8') if FLAGS['pageSize'].present: request.pageSize = FLAGS.pageSize if FLAGS['pageToken'].present: request.pageToken = FLAGS.pageToken.decode('utf8') result = client.iamPolicies.GetPolicyDetails( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class ProjectsServiceAccountsCreate(apitools_base_cli.NewCmd): """Command wrapping projects_serviceAccounts.Create.""" usage = """projects_serviceAccounts_create <name>""" def __init__(self, name, fv): super(ProjectsServiceAccountsCreate, self).__init__(name, fv) flags.DEFINE_string( 'createServiceAccountRequest', None, u'A CreateServiceAccountRequest resource to be passed as the request ' u'body.', flag_values=fv) def RunWithArgs(self, name): """Creates a ServiceAccount and returns it. Args: name: Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`. Flags: createServiceAccountRequest: A CreateServiceAccountRequest resource to be passed as the request body. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.IamProjectsServiceAccountsCreateRequest( name=name.decode('utf8'), ) if FLAGS['createServiceAccountRequest'].present: request.createServiceAccountRequest = apitools_base.JsonToMessage(messages.CreateServiceAccountRequest, FLAGS.createServiceAccountRequest) result = client.projects_serviceAccounts.Create( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class ProjectsServiceAccountsDelete(apitools_base_cli.NewCmd): """Command wrapping projects_serviceAccounts.Delete.""" usage = """projects_serviceAccounts_delete <name>""" def __init__(self, name, fv): super(ProjectsServiceAccountsDelete, self).__init__(name, fv) def RunWithArgs(self, name): """Deletes a ServiceAccount. Args: name: The resource name of the service account in the following format: `projects/{project}/serviceAccounts/{account}`. Using `-` as a wildcard for the project will infer the project from the account. The `account` value can be the `email` address or the `unique_id` of the service account. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.IamProjectsServiceAccountsDeleteRequest( name=name.decode('utf8'), ) result = client.projects_serviceAccounts.Delete( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class ProjectsServiceAccountsGet(apitools_base_cli.NewCmd): """Command wrapping projects_serviceAccounts.Get.""" usage = """projects_serviceAccounts_get <name>""" def __init__(self, name, fv): super(ProjectsServiceAccountsGet, self).__init__(name, fv) def RunWithArgs(self, name): """Gets a ServiceAccount. Args: name: The resource name of the service account in the following format: `projects/{project}/serviceAccounts/{account}`. Using `-` as a wildcard for the project will infer the project from the account. The `account` value can be the `email` address or the `unique_id` of the service account. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.IamProjectsServiceAccountsGetRequest( name=name.decode('utf8'), ) result = client.projects_serviceAccounts.Get( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class ProjectsServiceAccountsGetIamPolicy(apitools_base_cli.NewCmd): """Command wrapping projects_serviceAccounts.GetIamPolicy.""" usage = """projects_serviceAccounts_getIamPolicy <resource>""" def __init__(self, name, fv): super(ProjectsServiceAccountsGetIamPolicy, self).__init__(name, fv) def RunWithArgs(self, resource): """Returns the IAM access control policy for specified IAM resource. Args: resource: REQUIRED: The resource for which the policy is being requested. `resource` is usually specified as a path, such as `projects/*project*/zones/*zone*/disks/*disk*`. The format for the path specified in this value is resource specific and is specified in the `getIamPolicy` documentation. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.IamProjectsServiceAccountsGetIamPolicyRequest( resource=resource.decode('utf8'), ) result = client.projects_serviceAccounts.GetIamPolicy( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class ProjectsServiceAccountsList(apitools_base_cli.NewCmd): """Command wrapping projects_serviceAccounts.List.""" usage = """projects_serviceAccounts_list <name>""" def __init__(self, name, fv): super(ProjectsServiceAccountsList, self).__init__(name, fv) flags.DEFINE_integer( 'pageSize', None, u'Optional limit on the number of service accounts to include in the ' u'response. Further accounts can subsequently be obtained by ' u'including the ListServiceAccountsResponse.next_page_token in a ' u'subsequent request.', flag_values=fv) flags.DEFINE_string( 'pageToken', None, u'Optional pagination token returned in an earlier ' u'ListServiceAccountsResponse.next_page_token.', flag_values=fv) flags.DEFINE_boolean( 'removeDeletedServiceAccounts', None, u'Do not list service accounts deleted from Gaia. <b><font ' u'color="red">DO NOT INCLUDE IN EXTERNAL DOCUMENTATION</font></b>.', flag_values=fv) def RunWithArgs(self, name): """Lists ServiceAccounts for a project. Args: name: Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`. Flags: pageSize: Optional limit on the number of service accounts to include in the response. Further accounts can subsequently be obtained by including the ListServiceAccountsResponse.next_page_token in a subsequent request. pageToken: Optional pagination token returned in an earlier ListServiceAccountsResponse.next_page_token. removeDeletedServiceAccounts: Do not list service accounts deleted from Gaia. <b><font color="red">DO NOT INCLUDE IN EXTERNAL DOCUMENTATION</font></b>. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.IamProjectsServiceAccountsListRequest( name=name.decode('utf8'), ) if FLAGS['pageSize'].present: request.pageSize = FLAGS.pageSize if FLAGS['pageToken'].present: request.pageToken = FLAGS.pageToken.decode('utf8') if FLAGS['removeDeletedServiceAccounts'].present: request.removeDeletedServiceAccounts = FLAGS.removeDeletedServiceAccounts result = client.projects_serviceAccounts.List( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class ProjectsServiceAccountsSetIamPolicy(apitools_base_cli.NewCmd): """Command wrapping projects_serviceAccounts.SetIamPolicy.""" usage = """projects_serviceAccounts_setIamPolicy <resource>""" def __init__(self, name, fv): super(ProjectsServiceAccountsSetIamPolicy, self).__init__(name, fv) flags.DEFINE_string( 'setIamPolicyRequest', None, u'A SetIamPolicyRequest resource to be passed as the request body.', flag_values=fv) def RunWithArgs(self, resource): """Sets the IAM access control policy for the specified IAM resource. Args: resource: REQUIRED: The resource for which the policy is being specified. `resource` is usually specified as a path, such as `projects/*project*/zones/*zone*/disks/*disk*`. The format for the path specified in this value is resource specific and is specified in the `setIamPolicy` documentation. Flags: setIamPolicyRequest: A SetIamPolicyRequest resource to be passed as the request body. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.IamProjectsServiceAccountsSetIamPolicyRequest( resource=resource.decode('utf8'), ) if FLAGS['setIamPolicyRequest'].present: request.setIamPolicyRequest = apitools_base.JsonToMessage(messages.SetIamPolicyRequest, FLAGS.setIamPolicyRequest) result = client.projects_serviceAccounts.SetIamPolicy( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class ProjectsServiceAccountsSignBlob(apitools_base_cli.NewCmd): """Command wrapping projects_serviceAccounts.SignBlob.""" usage = """projects_serviceAccounts_signBlob <name>""" def __init__(self, name, fv): super(ProjectsServiceAccountsSignBlob, self).__init__(name, fv) flags.DEFINE_string( 'signBlobRequest', None, u'A SignBlobRequest resource to be passed as the request body.', flag_values=fv) def RunWithArgs(self, name): """Signs a blob using a service account's system-managed private key. Args: name: The resource name of the service account in the following format: `projects/{project}/serviceAccounts/{account}`. Using `-` as a wildcard for the project will infer the project from the account. The `account` value can be the `email` address or the `unique_id` of the service account. Flags: signBlobRequest: A SignBlobRequest resource to be passed as the request body. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.IamProjectsServiceAccountsSignBlobRequest( name=name.decode('utf8'), ) if FLAGS['signBlobRequest'].present: request.signBlobRequest = apitools_base.JsonToMessage(messages.SignBlobRequest, FLAGS.signBlobRequest) result = client.projects_serviceAccounts.SignBlob( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class ProjectsServiceAccountsSignJwt(apitools_base_cli.NewCmd): """Command wrapping projects_serviceAccounts.SignJwt.""" usage = """projects_serviceAccounts_signJwt <name>""" def __init__(self, name, fv): super(ProjectsServiceAccountsSignJwt, self).__init__(name, fv) flags.DEFINE_string( 'signJwtRequest', None, u'A SignJwtRequest resource to be passed as the request body.', flag_values=fv) def RunWithArgs(self, name): """Signs a JWT using a service account's system-managed private key. If no `exp` (expiry) time is contained in the claims, we will provide an expiry of one hour in the future. If an expiry of more than one hour in the future is requested, the request will fail. Args: name: The resource name of the service account in the following format: `projects/{project}/serviceAccounts/{account}`. Using `-` as a wildcard for the project will infer the project from the account. The `account` value can be the `email` address or the `unique_id` of the service account. Flags: signJwtRequest: A SignJwtRequest resource to be passed as the request body. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.IamProjectsServiceAccountsSignJwtRequest( name=name.decode('utf8'), ) if FLAGS['signJwtRequest'].present: request.signJwtRequest = apitools_base.JsonToMessage(messages.SignJwtRequest, FLAGS.signJwtRequest) result = client.projects_serviceAccounts.SignJwt( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class ProjectsServiceAccountsTestIamPermissions(apitools_base_cli.NewCmd): """Command wrapping projects_serviceAccounts.TestIamPermissions.""" usage = """projects_serviceAccounts_testIamPermissions <resource>""" def __init__(self, name, fv): super(ProjectsServiceAccountsTestIamPermissions, self).__init__(name, fv) flags.DEFINE_string( 'testIamPermissionsRequest', None, u'A TestIamPermissionsRequest resource to be passed as the request ' u'body.', flag_values=fv) def RunWithArgs(self, resource): """Tests the specified permissions against the IAM access control policy for the specified IAM resource. Args: resource: REQUIRED: The resource for which the policy detail is being requested. `resource` is usually specified as a path, such as `projects/*project*/zones/*zone*/disks/*disk*`. The format for the path specified in this value is resource specific and is specified in the `testIamPermissions` documentation. Flags: testIamPermissionsRequest: A TestIamPermissionsRequest resource to be passed as the request body. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.IamProjectsServiceAccountsTestIamPermissionsRequest( resource=resource.decode('utf8'), ) if FLAGS['testIamPermissionsRequest'].present: request.testIamPermissionsRequest = apitools_base.JsonToMessage(messages.TestIamPermissionsRequest, FLAGS.testIamPermissionsRequest) result = client.projects_serviceAccounts.TestIamPermissions( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class ProjectsServiceAccountsUpdate(apitools_base_cli.NewCmd): """Command wrapping projects_serviceAccounts.Update.""" usage = """projects_serviceAccounts_update <name>""" def __init__(self, name, fv): super(ProjectsServiceAccountsUpdate, self).__init__(name, fv) flags.DEFINE_string( 'description', None, u'Optional. A user-specified opaque description of the service ' u'account.', flag_values=fv) flags.DEFINE_string( 'displayName', None, u'Optional. A user-specified description of the service account. ' u'Must be fewer than 100 UTF-8 bytes.', flag_values=fv) flags.DEFINE_string( 'email', None, u'@OutputOnly The email address of the service account.', flag_values=fv) flags.DEFINE_string( 'etag', None, u'Used to perform a consistent read-modify-write.', flag_values=fv) flags.DEFINE_string( 'oauth2ClientId', None, u'@OutputOnly. The OAuth2 client id for the service account. This is ' u'used in conjunction with the OAuth2 clientconfig API to make three ' u'legged OAuth2 (3LO) flows to access the data of Google users.', flag_values=fv) flags.DEFINE_string( 'projectId', None, u'@OutputOnly The id of the project that owns the service account.', flag_values=fv) flags.DEFINE_string( 'uniqueId', None, u'@OutputOnly The unique and stable id of the service account.', flag_values=fv) def RunWithArgs(self, name): """Updates a ServiceAccount. Currently, only the following fields are updatable: `display_name` . The `etag` is mandatory. Args: name: The resource name of the service account in the following format: `projects/{project}/serviceAccounts/{account}`. Requests using `-` as a wildcard for the project will infer the project from the `account` and the `account` value can be the `email` address or the `unique_id` of the service account. In responses the resource name will always be in the format `projects/{project}/serviceAccounts/{email}`. Flags: description: Optional. A user-specified opaque description of the service account. displayName: Optional. A user-specified description of the service account. Must be fewer than 100 UTF-8 bytes. email: @OutputOnly The email address of the service account. etag: Used to perform a consistent read-modify-write. oauth2ClientId: @OutputOnly. The OAuth2 client id for the service account. This is used in conjunction with the OAuth2 clientconfig API to make three legged OAuth2 (3LO) flows to access the data of Google users. projectId: @OutputOnly The id of the project that owns the service account. uniqueId: @OutputOnly The unique and stable id of the service account. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.ServiceAccount( name=name.decode('utf8'), ) if FLAGS['description'].present: request.description = FLAGS.description.decode('utf8') if FLAGS['displayName'].present: request.displayName = FLAGS.displayName.decode('utf8') if FLAGS['email'].present: request.email = FLAGS.email.decode('utf8') if FLAGS['etag'].present: request.etag = FLAGS.etag if FLAGS['oauth2ClientId'].present: request.oauth2ClientId = FLAGS.oauth2ClientId.decode('utf8') if FLAGS['projectId'].present: request.projectId = FLAGS.projectId.decode('utf8') if FLAGS['uniqueId'].present: request.uniqueId = FLAGS.uniqueId.decode('utf8') result = client.projects_serviceAccounts.Update( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class ProjectsServiceAccountsKeysCreate(apitools_base_cli.NewCmd): """Command wrapping projects_serviceAccounts_keys.Create.""" usage = """projects_serviceAccounts_keys_create <name>""" def __init__(self, name, fv): super(ProjectsServiceAccountsKeysCreate, self).__init__(name, fv) flags.DEFINE_string( 'createServiceAccountKeyRequest', None, u'A CreateServiceAccountKeyRequest resource to be passed as the ' u'request body.', flag_values=fv) def RunWithArgs(self, name): """Creates a ServiceAccountKey and returns it. Args: name: The resource name of the service account in the following format: `projects/{project}/serviceAccounts/{account}`. Using `-` as a wildcard for the project will infer the project from the account. The `account` value can be the `email` address or the `unique_id` of the service account. Flags: createServiceAccountKeyRequest: A CreateServiceAccountKeyRequest resource to be passed as the request body. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.IamProjectsServiceAccountsKeysCreateRequest( name=name.decode('utf8'), ) if FLAGS['createServiceAccountKeyRequest'].present: request.createServiceAccountKeyRequest = apitools_base.JsonToMessage(messages.CreateServiceAccountKeyRequest, FLAGS.createServiceAccountKeyRequest) result = client.projects_serviceAccounts_keys.Create( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class ProjectsServiceAccountsKeysDelete(apitools_base_cli.NewCmd): """Command wrapping projects_serviceAccounts_keys.Delete.""" usage = """projects_serviceAccounts_keys_delete <name>""" def __init__(self, name, fv): super(ProjectsServiceAccountsKeysDelete, self).__init__(name, fv) def RunWithArgs(self, name): """Deletes a ServiceAccountKey. Args: name: The resource name of the service account key in the following format: `projects/{project}/serviceAccounts/{account}/keys/{key}`. Using `-` as a wildcard for the project will infer the project from the account. The `account` value can be the `email` address or the `unique_id` of the service account. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.IamProjectsServiceAccountsKeysDeleteRequest( name=name.decode('utf8'), ) result = client.projects_serviceAccounts_keys.Delete( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class ProjectsServiceAccountsKeysGet(apitools_base_cli.NewCmd): """Command wrapping projects_serviceAccounts_keys.Get.""" usage = """projects_serviceAccounts_keys_get <name>""" def __init__(self, name, fv): super(ProjectsServiceAccountsKeysGet, self).__init__(name, fv) flags.DEFINE_enum( 'publicKeyType', u'TYPE_NONE', [u'TYPE_NONE', u'TYPE_X509_PEM_FILE', u'TYPE_RAW_PUBLIC_KEY'], u'The output format of the public key requested. X509_PEM is the ' u'default output format.', flag_values=fv) def RunWithArgs(self, name): """Gets the ServiceAccountKey by key id. Args: name: The resource name of the service account key in the following format: `projects/{project}/serviceAccounts/{account}/keys/{key}`. Using `-` as a wildcard for the project will infer the project from the account. The `account` value can be the `email` address or the `unique_id` of the service account. Flags: publicKeyType: The output format of the public key requested. X509_PEM is the default output format. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.IamProjectsServiceAccountsKeysGetRequest( name=name.decode('utf8'), ) if FLAGS['publicKeyType'].present: request.publicKeyType = messages.IamProjectsServiceAccountsKeysGetRequest.PublicKeyTypeValueValuesEnum(FLAGS.publicKeyType) result = client.projects_serviceAccounts_keys.Get( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class ProjectsServiceAccountsKeysList(apitools_base_cli.NewCmd): """Command wrapping projects_serviceAccounts_keys.List.""" usage = """projects_serviceAccounts_keys_list <name>""" def __init__(self, name, fv): super(ProjectsServiceAccountsKeysList, self).__init__(name, fv) flags.DEFINE_enum( 'keyTypes', u'KEY_TYPE_UNSPECIFIED', [u'KEY_TYPE_UNSPECIFIED', u'USER_MANAGED', u'SYSTEM_MANAGED'], u'Filters the types of keys the user wants to include in the list ' u'response. Duplicate key types are not allowed. If no key type is ' u'provided, all keys are returned.', flag_values=fv) def RunWithArgs(self, name): """Lists ServiceAccountKeys. Args: name: The resource name of the service account in the following format: `projects/{project}/serviceAccounts/{account}`. Using `-` as a wildcard for the project, will infer the project from the account. The `account` value can be the `email` address or the `unique_id` of the service account. Flags: keyTypes: Filters the types of keys the user wants to include in the list response. Duplicate key types are not allowed. If no key type is provided, all keys are returned. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.IamProjectsServiceAccountsKeysListRequest( name=name.decode('utf8'), ) if FLAGS['keyTypes'].present: request.keyTypes = [messages.IamProjectsServiceAccountsKeysListRequest.KeyTypesValueValuesEnum(x) for x in FLAGS.keyTypes] result = client.projects_serviceAccounts_keys.List( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) class RolesQueryGrantableRoles(apitools_base_cli.NewCmd): """Command wrapping roles.QueryGrantableRoles.""" usage = """roles_queryGrantableRoles""" def __init__(self, name, fv): super(RolesQueryGrantableRoles, self).__init__(name, fv) flags.DEFINE_string( 'fullResourceName', None, u'Required. The full resource name to query from the list of ' u'grantable roles. The name follows the Google Cloud Platform ' u'resource format. For example, a Cloud Platform project with id `my-' u'project` will be named ' u'`//cloudresourcemanager.googleapis.com/projects/my-project`.', flag_values=fv) def RunWithArgs(self): """Queries roles that can be granted on a particular resource. Flags: fullResourceName: Required. The full resource name to query from the list of grantable roles. The name follows the Google Cloud Platform resource format. For example, a Cloud Platform project with id `my- project` will be named `//cloudresourcemanager.googleapis.com/projects /my-project`. """ client = GetClientFromFlags() global_params = GetGlobalParamsFromFlags() request = messages.QueryGrantableRolesRequest( ) if FLAGS['fullResourceName'].present: request.fullResourceName = FLAGS.fullResourceName.decode('utf8') result = client.roles.QueryGrantableRoles( request, global_params=global_params) print apitools_base_cli.FormatOutput(result) def main(_): appcommands.AddCmd('pyshell', PyShell) appcommands.AddCmd('iamPolicies_getPolicyDetails', IamPoliciesGetPolicyDetails) appcommands.AddCmd('projects_serviceAccounts_create', ProjectsServiceAccountsCreate) appcommands.AddCmd('projects_serviceAccounts_delete', ProjectsServiceAccountsDelete) appcommands.AddCmd('projects_serviceAccounts_get', ProjectsServiceAccountsGet) appcommands.AddCmd('projects_serviceAccounts_getIamPolicy', ProjectsServiceAccountsGetIamPolicy) appcommands.AddCmd('projects_serviceAccounts_list', ProjectsServiceAccountsList) appcommands.AddCmd('projects_serviceAccounts_setIamPolicy', ProjectsServiceAccountsSetIamPolicy) appcommands.AddCmd('projects_serviceAccounts_signBlob', ProjectsServiceAccountsSignBlob) appcommands.AddCmd('projects_serviceAccounts_signJwt', ProjectsServiceAccountsSignJwt) appcommands.AddCmd('projects_serviceAccounts_testIamPermissions', ProjectsServiceAccountsTestIamPermissions) appcommands.AddCmd('projects_serviceAccounts_update', ProjectsServiceAccountsUpdate) appcommands.AddCmd('projects_serviceAccounts_keys_create', ProjectsServiceAccountsKeysCreate) appcommands.AddCmd('projects_serviceAccounts_keys_delete', ProjectsServiceAccountsKeysDelete) appcommands.AddCmd('projects_serviceAccounts_keys_get', ProjectsServiceAccountsKeysGet) appcommands.AddCmd('projects_serviceAccounts_keys_list', ProjectsServiceAccountsKeysList) appcommands.AddCmd('roles_queryGrantableRoles', RolesQueryGrantableRoles) apitools_base_cli.SetupLogger() if hasattr(appcommands, 'SetDefaultCommand'): appcommands.SetDefaultCommand('pyshell') run_main = apitools_base_cli.run_main if __name__ == '__main__': appcommands.Run()