|SrSSKJr SSKJr SSKJr SSKJr SSKJr SSK J r \R"\RR5\R"SS \R 555r\R"\RR$\RR&5"S S \55rg ) zAdd IAM Policy Binding.)absolute_import)division)unicode_literals)base)iam_util)utilc:\rSrSrSrSS0rSr\S5rSr Sr g ) AddIamPolicyBindingAdd IAM policy binding to an IAP IAM resource. Adds a policy binding to the IAM policy of an IAP IAM resource. One binding consists of a member, a role, and an optional condition. See $ {parent_command} get-iam-policy for examples of how to specify an IAP IAM resource. EXAMPLESa See $ {parent_command} get-iam-policy for examples of how to specify an IAP IAM resource. To add an IAM policy binding for the role of 'roles/editor' for the user 'test-user@gmail.com' on IAP IAM resource IAP_IAM_RESOURCE, run: $ {command} --resource-type=IAP_IAM_RESOURCE --member='user:test-user@gmail.com' --role='roles/editor' To add an IAM policy binding for the role of 'roles/editor' for the user 'test-user@gmail.com' on regional IAP IAM resource IAP_IAM_RESOURCE, run: $ {command} --resource-type=IAP_IAM_RESOURCE --member='user:test-user@gmail.com' --role='roles/editor' --region=REGION To add an IAM policy binding for the role of 'roles/editor' for all authenticated users on IAP IAM resource IAP_IAM_RESOURCE, run: $ {command} --resource-type=IAP_IAM_RESOURCE --member='allAuthenticatedUsers' --role='roles/editor' To add an IAM policy binding which expires at the end of the year 2018 for the role of 'roles/browser' and the user 'test-user@gmail.com' on IAP IAM resource IAP_IAM_RESOURCE, run: $ {command} --resource-type=IAP_IAM_RESOURCE --member='user:test-user@gmail.com' --role='roles/browser' --condition='expression=request.time < timestamp("2019-01-01T00:00:00Z"),title=expires_end_of_2018, description=Expires at midnight on 2018-12-31' See https://cloud.google.com/iam/docs/managing-policies for details of policy role and member types. Fc[R"UURS9 [R"U5 [R R U5 g)zRegister flags for this command. Args: parser: An argparse.ArgumentParser-like object. It is mocked out in order to capture some information, but behaves like an ArgumentParser. )support_cloud_runN)iap_utilAddIapIamResourceArgs_support_cloud_runAddAddIamPolicyBindingArgsrURI_FLAGRemoveFromParser)clsparsers -lib/surface/iap/web/add_iam_policy_binding.pyArgsAddIamPolicyBinding.ArgsPs@ ""00 ''/MM""6*c[R"U5n[R"UR 5UUR 5nUR URURU5$)zThis is what gets called when the user runs this command. Args: args: an argparse namespace. All the arguments that were provided to this command invocation. Returns: The specified function with its description and configured filter. ) r$ValidateAndExtractConditionMutexRolerParseIapIamResource ReleaseTrackrr memberrole)selfargs condition iap_iam_refs rRunAddIamPolicyBinding.Run_s[==dCI..   K  * *4;; 9 MMrN) __name__ __module__ __qualname____firstlineno____doc__ detailed_helpr classmethodrr&__static_attributes__r(rrr r s9$ '-R + +Nrr c\rSrSrSrSrSrg)AddIamPolicyBindingAlpharr Tr(N)r)r*r+r,r-rr0r(rrr2r2rsrr2N)r- __future__rrrgooglecloudsdk.calliopergooglecloudsdk.command_lib.iamrgooglecloudsdk.command_lib.iaprr ReleaseTracksrGADefaultUniverseOnlyCommandr ALPHABETAr2r(rrr>s &'(3;D%%(()RN$,,RN*RNjD%%++T->->-C-CD 2 E r