hSrSSKJr SSKJr SSKJr SSKJr SSKJr SSKJ r SSK J r SS K J r SS KJr SS KJr SS KJr S SSS.r\ R("\ R*R,\ R*R.\ R*R05"SS\ R255rg)z+Command to simulate the IAM policy changes.)absolute_import)division)unicode_literals)encoding_helper) list_pager)assist) operations)base)iam_util)log) propertiesz^Determine affected recent access attempts before IAM policy change deployment.a[ Replay the most recent 1,000 access logs from the past 90 days using the simulated policy. For each log entry, the replay determines if setting the provided policy on the given resource would result in a change in the access state, e.g. a previously granted access becoming denied. Any differences found are returned.z To simulate a permission change of a member on a resource, run: $ {command} projects/project-id path/to/policy_file.json See https://cloud.google.com/iam/docs/managing-policies for details of policy role and member types.)brief DESCRIPTIONEXAMPLESc2\rSrSrSr\r\S5rSr Sr g)ReplayRecentAccessesGA4zNDetermine affected recent access attempts before IAM policy change deployment.cHURSSSS9 URSSSS9 g)NresourceRESOURCEz Full resource name to simulate the IAM policy for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name. )metavarhelp policy_file POLICY_FILEaY Path to a local JSON or YAML formatted file containing a valid policy. The output of the `get-iam-policy` command is a valid file, as is any JSON or YAML file conforming to the structure of a Policy. See [the Policy reference](https://cloud.google.com/iam/reference/rest/v1/Policy) for details. ) add_argument)parsers 1lib/surface/iam/simulator/replay_recent_access.pyArgsReplayRecentAccessesGA.Args<s@       cSn[R"U5up4[R"URUR 5n[R UlURRRURUS9nSR[RRR R#SS95nURRU/S9nURUS9n UR%U S9n UR'U US 9n UR(R+UR)U5U 5n [,R.R1U5n U R3U S RU R455n[6R8"UR$[6R:"U55nUR<(aUR<R>(d[@RBRES 5 URGUR4S 9nURIU5n[JRL"UUS SSS9$)Nv1)keyvaluezprojects/{0}/locations/globalT)required)additionalProperties) policyOverlay)config)"googleCloudPolicysimulatorV1Replayparentz&Waiting for operation [{}] to completez'No access changes found in the replay. )r*i replayResultspageSize) batch_sizefieldbatch_size_attribute)'rGetSimulatorClientAndMessagesr ParsePolicyFilerGoogleIamV1Policy!MAX_LIBRARY_IAM_SUPPORTED_VERSIONversion(GoogleCloudPolicysimulatorV1ReplayConfigPolicyOverlayValueAdditionalPropertyrformatr VALUEScoreprojectGet"GoogleCloudPolicysimulatorV1Replay4PolicysimulatorProjectsLocationsReplaysCreateRequestProjectsLocationsReplaysServiceCreater ClientFromApiVersionWaitForOperationnamer JsonToMessage MessageToJsonresultsSummarydifferenceCountr errPrint9PolicysimulatorProjectsLocationsReplaysResultsListRequest&ProjectsLocationsReplaysResultsServicer YieldFromList)selfargs api_versionclientmessagespolicyadditional_propertycreate_replay_parentoverlayr(replaycreate_replay_requestcreate_replay_responseoperations_clientoperation_response_rawoperation_responselist_replay_result_requestreplay_result_services rRunReplayRecentAccessesGA.RunRs2K;;KHF % %d&6&6&.&@&@BF??FN"KK^^qq MMr):AA&&**D*9;??RR12S4G  > >?F  8 8 8 GF$YY+1#Z%$CCJJ..v68MO#))88E.?? H O O " ' '!)*)6633%%&<=?  , ,4F4U4U4e4e ggmm>?"*!c!c!&&"d"("II  # #"'  ))r N) __name__ __module__ __qualname____firstlineno____doc___DETAILED_HELP detailed_help staticmethodrr___static_attributes__rar rrr4s$W -  *,)r rN)rf __future__rrrapitools.base.pyrrgooglecloudsdk.api_lib.iamr$googlecloudsdk.api_lib.iam.simulatorr googlecloudsdk.callioper googlecloudsdk.command_lib.iamr googlecloudsdk.corer r rg ReleaseTracks ReleaseTrackALPHABETAGACommandrrar rrxs2&','-;(3#* &  ,T..33T5F5F5I5IG)T\\G)G)r