7dZddlmZddlmZddlmZddlmZddlmZddlm Z dd d Z d Z d Z e je jjGd de j Zy)z5Command to call batch get Effective IAM Policies API.)absolute_import)division)unicode_literals) client_util) arg_parsers)basez? Batch get effective IAM policies that match a request. a To list effective IAM policies of 1 resource in an organization, run: $ {command} --scope=organizations/YOUR_ORG_ID --names=RESOURCE_NAME1 To list effective IAM policies of 2 resources in a folder, run: $ {command} --scope=folders/YOUR_FOLDER_ID --names=RESOURCE_NAME1,RESOURCE_NAME2 To list effective IAM policies of 3 resources in a project using project ID, run: $ {command} --scope=projects/YOUR_PROJECT_ID --names=RESOURCE_NAME1,RESOURCE_NAME2,RESOURCE_NAME3 To list effective IAM policies of 2 resources in a project using project number, run: $ {command} --scope=projects/YOUR_PROJECT_NUMBER --names=RESOURCE_NAME1,RESOURCE_NAME2 ) DESCRIPTIONEXAMPLESc.|jddddy)Nz--scopeSCOPETa Scope can be a project, a folder, or an organization. The search is limited to the IAM policies within this scope. The caller must be granted the ``cloudasset.assets.analyzeIamPolicy'', ``cloudasset.assets.searchAllResources'', ``cloudasset.assets.searchAllIamPolicies'' permissions on the desired scope. The allowed values are: * ```projects/{PROJECT_ID}``` (e.g. ``projects/foo-bar'') * ```projects/{PROJECT_NUMBER}``` (e.g. ``projects/12345678'') * ```folders/{FOLDER_NUMBER}``` (e.g. ``folders/1234567'') * ```organizations/{ORGANIZATION_NUMBER}``` (e.g. ``organizations/123456'') )metavarrequiredhelp) add_argumentparsers -lib/surface/asset/get_effective_iam_policy.pyAddScopeArgumentr4s# cZ|jddtjddddy) Nz--namesNAMES) min_length max_lengthTa Names refer to a list of [full resource names](https://cloud.google.com/asset-inventory/docs/resource-name-format) of [searchable asset types](https://cloud.google.com/asset-inventory/docs/supported-asset-types). For each batch call, total number of names provided is between 1 and 20. The example value is: * ```//cloudsql.googleapis.com/projects/{PROJECT_ID}/instances/{INSTANCE}``` (e.g. ``//cloudsql.googleapis.com/projects/probe-per-rt-project/instances/instance1'') )r typerr)rrArgListrs rAddNamesArgumentrJs3   ! ; rc*eZdZdZeZedZdZy)EffectiveIAMPolicyGAzGet effective IAM policies for a specified list of resources within accessible scope, such as a project, folder or organization.c0t|t|yN)rrrs rArgszEffectiveIAMPolicyGA.ArgsfsVVrcLtj}|j|Sr")rEffectiveIAMPolicyClientBatchGetEffectiveIAMPolicies)selfargsclients rRunzEffectiveIAMPolicyGA.Runks!  1 1 3F  . .t 44rN) __name__ __module__ __qualname____doc__ DETAILED_HELP detailed_help staticmethodr#r*rrr r `s$I-5rr N)r. __future__rrrgooglecloudsdk.api_lib.assetrgooglecloudsdk.callioperrr/rr ReleaseTracks ReleaseTrackGACommandr r2rrr:so<&'4/(     4,,D%%(() 54<< 5* 5r