我正在尝试学习python SDK,以帮助我管理我的Google Cloud Platform资源。 有人可以帮助我理解。 我从Google API中获得了以下代码片段。
此代码单独工作。假设我想列出组织中的所有角色,或者列出特定项目的角色,我在哪里以及如何做?
提前非常感谢你。
from pprint import pprint
from googleapiclient import discovery
from oauth2client.client import GoogleCredentials
credentials = GoogleCredentials.get_application_default()
service = discovery.build('iam', 'v1', credentials=credentials)
request = service.roles().list()
while True:
response = request.execute()
for role in response.get('roles', []):
# TODO: Change code below to process each `role` resource:
pprint(role)
request = service.roles().list_next(previous_request=request, previous_response=response)
if request is None:
break
您可以使用项目 [1] 的"resourcemanager.projects.getIamPolicy"获取 IAM 角色。如果这是你要找的,那么你可以使用下面的python库[2]。
下面是一个可供您使用的 samp 截图,它将返回 IAM 角色和分配给它们的用户:
from apiclient.discovery import build
service = build('cloudresourcemanager', 'v1')
project_id = '[project_ID]'
policy_request = service.projects().getIamPolicy(resource=project_id, body={})
policy_response = policy_request.execute()
members = set()
for binding in policy_response['bindings']:
members |= set(binding['members'])
print('n'.join(sorted(members)))
[1] https://developers.google.com/apis-explorer/#search/project/cloudresourcemanager/v1/cloudresourcemanager.projects.getIamPolicy
[2] https://developers.google.com/api-client-library/python/apis/cloudresourcemanager/v1