0

我正在尝试学习 python SDK 来帮助我管理我的谷歌云平台资源。有人可以帮我理解。我从 Google API 获得了以下代码片段。
此代码单独工作。假设我想列出我组织中的所有角色,或者列出特定项目的角色,我应该在哪里做以及如何做?

非常感谢您提前。

from pprint import pprint

from googleapiclient import discovery
from oauth2client.client import GoogleCredentials

credentials = GoogleCredentials.get_application_default()

service = discovery.build('iam', 'v1', credentials=credentials)

request = service.roles().list()
while True:
    response = request.execute()

    for role in response.get('roles', []):
        # TODO: Change code below to process each `role` resource:
        pprint(role)

    request = service.roles().list_next(previous_request=request, previous_response=response)
    if request is None:
        break
4

1 回答 1

0

您可以通过使用项目 [1] 的“resourcemanager.projects.getIamPolicy”来获取 IAM 角色。如果这是您正在寻找的,那么您可以使用以下 python 库 [2]。

这是您可以使用的示例片段,它将返回 IAM 角色和分配给他们的用户:

    from apiclient.discovery import build
    service = build('cloudresourcemanager', 'v1')

    project_id = '[project_ID]'
    policy_request = service.projects().getIamPolicy(resource=project_id, body={})
    policy_response = policy_request.execute()

members = set()
for binding in policy_response['bindings']:
members |= set(binding['members'])

print('\n'.join(sorted(members)))

[1] https://developers.google.com/apis-explorer/#search/project/cloudresourcemanager/v1/cloudresourcemanager.projects.getIamPolicy

[2] https://developers.google.com/api-client-library/python/apis/cloudresourcemanager/v1

于 2020-01-30T17:47:27.503 回答