`8SrSSKJr SSKJr SSKJr SSKJr SSKJr SSK J r SSK J r SS K J r SS KrS rSS jr"S S\5rg )z8API library for VPC Service Controls Service Perimeters.)absolute_import)division)unicode_literals) list_pager)util)waiter)log) resourcesNcFUb[X U5 URU5 gg)aSets specified field to the provided value and adds it to update mask. Args: field_name: The name of the field to set the value of. field_value: The value to set the field to. If it is None, the field will NOT be set. obj: The object on which the value is to be set. update_mask: The update mask to add this field to. Returns: True if the field was set and False otherwise. TF)setattrappend) field_name field_valueobj update_masks 8lib/googlecloudsdk/api_lib/accesscontextmanager/zones.py _SetIfNotNoners( C[)z"  c UR5n /n [SX+U 5 [SX;U 5 [SXU 5 [SXU 5 UbrU RS5 /n UHYn[U[R 5(aU RU5 OU RUR 55 XlM[ U(aU RS5 XlO^UcUbXUR5n/n[SX_U5 [S UUU5 XlU RUVs/sHnS U-PM sn5 U (dS/4$XVs/sHnS RUU5PM sn4$s snfs snf) z5Returns a ServicePerimeterConfig and its update mask.r restrictedServicesingressPoliciesegressPoliciesN accessLevelsvpcAccessibleServicesallowedServicesenableRestrictionzvpcAccessibleServices.z{}.{}) ServicePerimeterConfigrr isinstancesix string_types RelativeNamerrVpcAccessibleServicesextendformat)messages mask_prefixr restricted_serviceslevelsvpc_allowed_servicesenable_vpc_accessible_servicesvpc_yaml_flag_usedvpc_accessible_services_configingress_policiesegress_policiesconfigmask level_nameslservice_filterservice_filter_maskmitems r_CreateServicePerimeterConfigr72so  * * ,& $ Y5$&94H!#3TB /4@ KKK  As'' ( (1 1>>+,'KK'(#A $0  )335N#%9%'%'E "57#1 KK7JK7J!)A-7JKL 8O E'..d3E EE L Fs #E(E-c\rSrSrSrSSjrSrSSjrSrSr SS jr SS jr S r S r S rg)ClienthzBHigh-level API client for VPC Service Controls Service Perimeters.NcU=(d [R"US9UlU=(d URRUlg)N)version)r GetClientclientMESSAGES_MODULEr%)selfr>r%r<s r__init__Client.__init__ks-;DNN7;DK; ; ;DMrcURRRURR UR 5S95$)N)name)r> accessPolicies_servicePerimetersGetr%=AccesscontextmanagerAccessPoliciesServicePerimetersGetRequestr!)r@zone_refs rrF Client.GetosC ;; 7 7 ; ; F F&&( G * ++rc URRUR5S9n[R"UR R UUSSSS9$)N)parentpageSizeservicePerimeters)limitbatch_size_attribute batch_sizefield)r%>AccesscontextmanagerAccessPoliciesServicePerimetersListRequestr!r YieldFromListr>rE)r@ policy_refrNreqs rList Client.ListusW -- V V&&( W *C  # # 44 '!  ##rcURRUS9nURRUR5US9nURR R U5n[R"URR5n[RRURSS9n[R"XgSRUR!555$)N)etag)rKcommitServicePerimetersRequestaccesscontextmanager.operations collectionz!Waiting for COMMIT operation [{}])r%CommitServicePerimetersRequest@AccesscontextmanagerAccessPoliciesServicePerimetersCommitRequestr!r>rECommitrCloudOperationPollerNoResources operationscore_resourcesREGISTRYParserDWaitForr$Name)r@rTrY commit_reqrU operationpoller operation_refs rr` Client.Commits==4=HJ -- X X&&('1 Y 3C <<CCCHI  3 3DKK4J4J KF"++11#D2FM >>+22=3E3E3GH JJrcURn[U5nURnU"UUR5SR U5S9nUR R RU5n[R"UR R UR RU5n[RRURSS9n [R "XSR#U R%555$)z2Applies a PATCH to the provided Service Perimeter.,)servicePerimeterrD updateMaskr[r\z Waiting for PATCH operation [{}])r%sorted?AccesscontextmanagerAccessPoliciesServicePerimetersPatchRequestr!joinr>rEPatchrOperationPollerrbrcrdrerDrrfr$rg) r@ perimeter_ref perimeterrr5 request_typerequestrirjrks r _ApplyPatchClient._ApplyPatchs A%K II"  ' ' )88K(G  <<BB7KI  ! !$++"N"N"&++"8"8-IF"++11#D2FM >>*11-2D2D2FG IIrcnURnUR5n/n[SUUU5 [SUUU5 [SUUU5 [SUUU5 [USUUUUU U U U U S9 unnUUlUR U5 U(d[ R"S5 U$URUUU5$)aPatch a service perimeter. Args: perimeter_ref: resources.Resource, reference to the perimeter to patch description: str, description of the zone or None if not updating title: str, title of the zone or None if not updating perimeter_type: PerimeterTypeValueValuesEnum type enum value for the level or None if not updating resources: list of str, the names of resources (for now, just 'projects/...') in the zone or None if not updating. restricted_services: list of str, the names of services ('example.googleapis.com') that *are* restricted by the access zone or None if not updating. levels: list of Resource, the access levels (in the same policy) that must be satisfied for calls into this zone or None if not updating. vpc_allowed_services: list of str, the names of services ('example.googleapis.com') that *are* allowed to be made within the access zone, or None if not updating. enable_vpc_accessible_services: bool, whether to restrict the set of APIs callable within the access zone, or None if not updating. vpc_yaml_flag_used: bool, whether the vpc yaml flag was used. vpc_accessible_services_config: VpcAccessibleServices, or None if not updating. ingress_policies: list of IngressPolicy, or None if not updating. egress_policies: list of EgressPolicy, or None if not updating. etag: str, the optional etag for the version of the Perimeter that this operation is to be performed on. Returns: ServicePerimeter, the updated Service Perimeter. title description perimeterTyperYstatus r%r&r r'r(r)r*r+r,r-r.zHThe update specified results in an identical resource. Skipping request.) r%ServicePerimeterrr7rr#r warningrzr@rvr~r}perimeter_typer r'r(r)r*r+r,r-r.rYr5rwrr/config_mask_additionss rrt Client.Patchs` A""$IK'5)[9-iE/>9kJ&$ ;7$A/1'E-'E)' %)!F !I,-  kk T   M9k BBrcURnUR5n/n[SUUU5(a&UR5UlUR S5 [SUUU5 [SUUU5 [SUUU5 [ USUUUUU U U U U S9 unnUUlURU5 SUl UR S 5 URUUU5$) aPatch the dry-run config (spec) for a Service Perimeter. Args: perimeter_ref: resources.Resource, reference to the perimeter to patch description: str, description of the zone or None if not updating title: str, title of the zone or None if not updating perimeter_type: PerimeterTypeValueValuesEnum type enum value for the level or None if not updating resources: list of str, the names of resources (for now, just 'projects/...') in the zone or None if not updating. restricted_services: list of str, the names of services ('example.googleapis.com') that *are* restricted by the access zone or None if not updating. levels: list of Resource, the access levels (in the same policy) that must be satisfied for calls into this zone or None if not updating. vpc_allowed_services: list of str, the names of services ('example.googleapis.com') that *are* allowed to be made within the access zone, or None if not updating. enable_vpc_accessible_services: bool, whether to restrict the set of APIs callable within the access zone, or None if not updating. vpc_yaml_flag_used: bool, whether the vpc yaml flag was used. vpc_accessible_services_config: VpcAccessibleServices, or None if not updating. ingress_policies: list of IngressPolicy, or None if not updating. egress_policies: list of EgressPolicy, or None if not updating. etag: str, the optional etag for the version of the Perimeter that this operation is to be performed on. Returns: ServicePerimeter, the updated Service Perimeter. r}rDr~rrYspecrTuseExplicitDryRunSpec) r%rrr!rDr r7rr#rrzrs rPatchDryRunConfigClient.PatchDryRunConfigs` A""$IKWeY <<$113in -iE/>9kJ&$ ;7$A/1'E-'E)' %)!F !IN,-&*I#./   M9k BBrcURU5nURnUR5n/SQnURUlSUlSUlUR XU5$)zPromotes a Service Perimeter's dry-run config to enforcement config. Args: perimeter_ref: resources.Resource, reference to the perimeter to patch Returns: ServicePerimeter, the updated Service Perimeter. )rrrNF)rFr%rrrrrz)r@rvoriginal_perimeterr5rwrs rEnforceDryRunConfigClient.EnforceDryRunConfig@s_-0 A""$I=K)..IIN&+I#   Mk BBrc|URR5nX#lSUlSS/nUR XU5$)aUnsets the spec for a Service Perimeter. Args: perimeter_ref: resources.Resource, reference to the perimeter to patch. use_explicit_dry_run_spec: The value to use for the perimeter field of the same name. Returns: ServicePerimeter, the updated Service Perimeter. Nrr)r%rrrrz)r@rvuse_explicit_dry_run_specrwrs r UnsetSpecClient.UnsetSpecRsA ..0I&?#IN23K   Mk BBr)r>r%)NNv1)N) NNNNNNNNFNNNN)__name__ __module__ __qualname____firstlineno____doc__rArFrVr`rzrtrrr__static_attributes__rrr9r9hsJ<+ # JI.  %)%) OCh  %)%) LC\C$Crr9)NNN)r __future__rrrapitools.base.pyr+googlecloudsdk.api_lib.accesscontextmanagerrgooglecloudsdk.api_lib.utilrgooglecloudsdk.corer r rcrrr7objectr9rrrrsP?&'(<.#; 8BF37263FlyCVyCr