我正在尝试使用python在GCP的组织级别创建聚合sink,不知道出了什么问题,得到一个错误sink()得到了一个意想不到的关键字' parent '
I am passing parent = organizations/orgid
下面是代码
import requests
import json
import re
import sys
import subprocess
import os
from googleapiclient import discovery
from google.cloud import logging
from google.oauth2 import service_account
from oauth2client.client import GoogleCredentials
from datetime import date, timedelta
from google.cloud import pubsub_v1
credentials = service_account.Credentials.from_service_account_file("")
filterstring = "protoPayload.methodName=google.cloud.orgpolicy.v2.OrgPolicy.CreatePolicy OR protoPayload.methodName=google.cloud.orgpolicy.v2.OrgPolicy.UpdatePolicy OR protoPayload.methodName=google.cloud.orgpolicy.v2.OrgPolicy.DeletePolicy"
orgid = ""
logging_client = logging.Client()
projectid = ""
publisher = pubsub_v1.PublisherClient()
def create_topic(projectid, topicid):
try:
topicpath = publisher.topic_path(projectid, topicid)
topic = publisher.create_topic(request={"name": topicpath})
print(f"Created topic: {topic.name}")
except Exception as e:
pass
def create_sink(sink_name, topicid, filter_, orgid):
destination = "pubsub.googleapis.com/projects/{}/topics/{}".format(projectid, topicid)
sink = logging_client.sink(sink_name, filter_=filter_, parent="organizations/orgid", destination=destination)
if sink.exists():
print("Sink {} already exists.".format(sink.name))
else:
sink.create()
print("Created sink {}".format(sink.name))
# def publishing_message(projectid, topicid):
# publisher = pubsub_v1.PublisherClient()
# topic_path = publisher.topic_path(projectid, topicid)
# for n in range(1, 10):
# data_str = f"Message number {n}"
# data = data_str.encode("utf-8")
# future = publisher.publish(topic_path, data)
# print(future.result())
# print(f"Published messages to {topic_path}.")
if __name__ == "__main__":
sink_name = "newsink"
filter_ = filterstring
topicid = "newtopic"
create_topic(projectid, topicid)
create_sink(sink_name, topicid, filter_, orgid)
sinks = list(logging_client.list_sinks())
for sink in sinks:
print(dir(sink))
你知道代码有什么问题吗?想要在组织级别创建接收器…
下面是一个工作示例:
main.py
:
from google.cloud import logging
from os import getenv
name = getenv("NAME")
bucket = getenv("BUCKET")
org = getenv("ORG")
parent = f"organizations/{org}"
destination = f"storage.googleapis.com/{bucket}"
# Uses Google Application (Default) Credentials
# Service Account "sinkator" has Org roles/logging.admin
client = logging.Client()
sink = logging.Sink(
name,
parent=parent,
destination=destination,
client=client)
sink.create()
print(f"{name} {'DOES' if sink.exists() else 'NOT'} exist")
:
gcloud logging sinks describe ${NAME}
--organization=${ORG}
--format="value(createTime)"
收益率:
2022-04-22T00:00:00.000000000Z
:
Q="71970259"
PROJECT=$(whoami)-$(date +%y%m%d)-${Q}
BUCKET=${PROJECT}
ACCOUNT="sinkator"
NAME="Freddie"
ORG=$(gcloud organizations list
--format="value(name)") && echo ${ORG}
gcloud project create ${PROJECT}
EMAIL=${ACCOUNT}@${PROJECT}.iam.gserviceaccount.com
gcloud iam service-accounts create ${ACCOUNT}
--project=${PROJECT}
gcloud iam service-accounts keys create ${PWD}/${ACCOUNT}.json
--iam-account=${EMAIL}
--project=${PROJECT}
# Add Service Account to the Organizational IAM
gcloud organizations add-iam-policy-binding ${ORG}
--member=serviceAccount:${EMAIL}
--role=roles/logging.admin
export GOOGLE_APPLICATION_CREDENTIALS=${PWD}/${ACCOUNT}.json
export ORG
export BUCKET
export NAME
python3 main.py
收益率:
Freddie DOES exist