z >SrSSKJr SSKJr SSKJr SSKJr SSKJr SSS .r S r S r \R"\RR5"S S \R55r\R"\RR"5"SS\55rg)z+Command AnalyzeOrgPolicyGovernedAssets API.)absolute_import)division)unicode_literals) client_util)basezE Analyze organization policies governed assets under a scope. z To list 10 assets governed by a constraint in an organization, run: $ {command} --scope=organizations/YOUR_ORG_ID --constraint=YOUR_CONSTRAINT_NAME --limit=10 ) DESCRIPTIONEXAMPLESc(URSSSSS9 g)Nz--scopeSCOPETa Scope can only be an organization. The analysis is limited to the Cloud organization policies and assets within this scope. The caller must be granted the `cloudasset.assets.searchAllResources` and `cloudasset.assets.searchAllIamPolicies` permission on the desired scope. The allowed values are: * ```organizations/{ORGANIZATION_NUMBER}``` (e.g. ``organizations/123456'') metavarrequiredhelp add_argumentparsers 7lib/surface/asset/analyze_org_policy_governed_assets.pyAddScopeArgumentr(s#  c(URSSSSS9 g)Nz --constraint CONSTRAINTTa The name of the constraint to analyze organization policies for. The response only contains analyzed organization policies for the provided constraint. Examples: * organizations/{ORGANIZATION_NUMBER}/customConstraints/{CUSTOM_CONSTRAINT_NAME} for a user-defined custom constraint. * organizations/{ORGANIZATION_NUMBER}/constraints/{CANNED_CONSTRAINT_NAME} for a gcp-service-defined canned constraint. r rrs rAddConstraintArgumentr9s# rc2\rSrSrSr\r\S5rSr Sr g)AnalyzeOrgPolicyGovernedAssetsOrKs2&'4(     ",D%%**+ 7T%5%5 7, 7 D%%(() 7'E 7* 7r