使用 Python 更新组织策略约束
Update Org Policy constraints with Python
我正在做一个小项目,使用 python 更新组织策略约束。
我想使用 python 因为我已经设置了 Secret Manager 和 Impersonation。
现在我正处于修改组织政策约束的最后阶段
带有创建约束的代码示例。
我想修改这个:“projects/project-id-from-gcp/policies/compute.skipDefaultNetworkCreation”为强制。
我目前的代码是这样的:
from google.cloud import orgpolicy_v2
def sample_update_policy():
# Create a client
client = orgpolicy_v2.OrgPolicyClient()
# Initialize request argument(s)
request = orgpolicy_v2.UpdatePolicyRequest(
policy="""
name: "projects/project-id-from-gcp/policies/compute.skipDefaultNetworkCreation"
spec {
rules {
enforce: true
}
}
"""
)
# Make the request
response = client.update_policy(request=request)
#
# Handle the response
print(response)
sample_update_policy()
但我收到错误 google.api_core.exceptions.InvalidArgument:400 请求包含无效参数。
我不明白在“CreatePolicyRequest”中究竟要写什么。
我也找到了这个,https://googleapis.dev/python/orgpolicy/1.0.2/orgpolicy_v2/types.html#google.cloud.orgpolicy_v2.types.Policy但我不是很清楚。
(我觉得我修改的也不对。)
你能给我指明正确的方向吗?
谢谢
您的问题是您将 YAML 字符串作为参数传递给 UpdatePolicyRequest()。您的链接路径正确。
from google.cloud import orgpolicy_v2
from google.cloud.orgpolicy_v2 import types
def build_policy():
rule = types.PolicySpec.PolicyRule()
rule.enforce = True
spec = types.PolicySpec()
spec.rules.append(rule)
policy = types.Policy(
name="projects/project-id-from-gcp/policies/compute.skipDefaultNetworkCreation",
spec = spec
)
return policy
def sample_update_policy():
# Create a client
client = orgpolicy_v2.OrgPolicyClient()
policy = build_policy()
# Debug - view created policy
print(policy)
# Initialize request argument(s)
request = orgpolicy_v2.UpdatePolicyRequest(
policy=policy
)
# Make the request
response = client.update_policy(request=request)
#
# Handle the response
print(response)
sample_update_policy()
我正在做一个小项目,使用 python 更新组织策略约束。 我想使用 python 因为我已经设置了 Secret Manager 和 Impersonation。 现在我正处于修改组织政策约束的最后阶段
带有创建约束的代码示例。
我想修改这个:“projects/project-id-from-gcp/policies/compute.skipDefaultNetworkCreation”为强制。
我目前的代码是这样的:
from google.cloud import orgpolicy_v2
def sample_update_policy():
# Create a client
client = orgpolicy_v2.OrgPolicyClient()
# Initialize request argument(s)
request = orgpolicy_v2.UpdatePolicyRequest(
policy="""
name: "projects/project-id-from-gcp/policies/compute.skipDefaultNetworkCreation"
spec {
rules {
enforce: true
}
}
"""
)
# Make the request
response = client.update_policy(request=request)
#
# Handle the response
print(response)
sample_update_policy()
但我收到错误 google.api_core.exceptions.InvalidArgument:400 请求包含无效参数。 我不明白在“CreatePolicyRequest”中究竟要写什么。 我也找到了这个,https://googleapis.dev/python/orgpolicy/1.0.2/orgpolicy_v2/types.html#google.cloud.orgpolicy_v2.types.Policy但我不是很清楚。
(我觉得我修改的也不对。)
你能给我指明正确的方向吗?
谢谢
您的问题是您将 YAML 字符串作为参数传递给 UpdatePolicyRequest()。您的链接路径正确。
from google.cloud import orgpolicy_v2
from google.cloud.orgpolicy_v2 import types
def build_policy():
rule = types.PolicySpec.PolicyRule()
rule.enforce = True
spec = types.PolicySpec()
spec.rules.append(rule)
policy = types.Policy(
name="projects/project-id-from-gcp/policies/compute.skipDefaultNetworkCreation",
spec = spec
)
return policy
def sample_update_policy():
# Create a client
client = orgpolicy_v2.OrgPolicyClient()
policy = build_policy()
# Debug - view created policy
print(policy)
# Initialize request argument(s)
request = orgpolicy_v2.UpdatePolicyRequest(
policy=policy
)
# Make the request
response = client.update_policy(request=request)
#
# Handle the response
print(response)
sample_update_policy()