pparse 0.2.0

Creator: railscoder56

Last updated:

Languages

Python

Categories

Python
Add to Cart

Description:

pparse 0.2.0

Policy Parser
Easily parse and filter yaml or json-based Google Cloud Platform (GCP) IAM policy documents.
$ gcloud projects get-iam-policy my-project | pparse -o table
principal_type principal role
---------------- --------------------------------------------------------------------------- ------------------------------------
serviceAccount 555555555555@cloudbuild.gserviceaccount.com roles/cloudbuild.builds.builder
group tech-dev-team@company.com roles/cloudbuild.builds.editor
serviceAccount service-555555555555@gcp-sa-cloudbuild.iam.gserviceaccount.com roles/cloudbuild.serviceAgent
serviceAccount service-555555555555@gcp-sa-computescanning.iam.gserviceaccount.com roles/computescanning.serviceAgent
group tech-dev-managers@company.com roles/owner
user annbaker@company.com roles/storage.admin
user louiefranco@company.com roles/storage.admin
user annbaker@company.com roles/storage.objectAdmin
user louiefranco@company.com roles/storage.objectAdmin
group tech-all@company.com roles/viewer
group tech-dev-team@company.com roles/viewer

Installation
# Requires Python >= 3.8
pip install pparse

Usage
Parse
Pass in a policy document into pparse directly from gcloud and select an output format using --output-format.
$ gcloud projects get-iam-policy my-project | pparse --output-format csv


csv
table
json
yaml

Filters
You can filter policy documents by using one of the following commands. Use the -s flag to return a simple list of users or roles.
Filter by User Principal: pparse principal
$ gcloud ... | pparse principal louiefranco@company.com -s
roles/owner
roles/storage.admin
roles/storage.objectAdmin

Filter by Role pparse role
$ gcloud ... | pparse role roles/owner -s
group:tech-code-guidance@company.com
group:tech-dev-managers@company.com
user:annbaker@company.com
user:jimmyjohn@company.com
user:louiefranco@company.com
user:rhondaseltzer@company.com

Filter by Domain pparse domain
$ gcloud ... | pparse domain company.com
bindings:
- members:
- group:tech-dev-team@company.com
role: roles/cloudbuild.builds.editor
- members:
- group:tech-code-guidance@company.com
- group:tech-dev-managers@company.com
- user:annbaker@company.com
- user:jimmyjohn@company.com
- user:louiefranco@company.com
- user:rhondaseltzer@company.com
role: roles/owner

Filter by Principal Type pparse type
$ gcloud ... | pparse -o csv type serviceaccount
principal_type,principal,role
serviceAccount,555555555555@cloudbuild.gserviceaccount.com,roles/cloudbuild.builds.builder
serviceAccount,service-555555555555@gcp-sa-cloudbuild.iam.gserviceaccount.com,roles/cloudbuild.serviceAgent
serviceAccount,service-555555555555@compute-system.iam.gserviceaccount.com,roles/compute.serviceAgent
serviceAccount,service-555555555555@gcp-sa-computescanning.iam.gserviceaccount.com,roles/computescanning.serviceAgent
serviceAccount,service-555555555555@container-engine-robot.iam.gserviceaccount.com,roles/container.serviceAgent

Filter by Permission pparse permission
$ gcloud ... | pparse -o table permission storage.objects.get
principal_type principal role
---------------- --------------------------------------------------------------------------- ------------------------------------
serviceAccount 555555555555@cloudbuild.gserviceaccount.com roles/cloudbuild.builds.builder
serviceAccount service-555555555555@gcp-sa-cloudbuild.iam.gserviceaccount.com roles/cloudbuild.serviceAgent
serviceAccount service-555555555555@container-analysis.iam.gserviceaccount.com roles/containeranalysis.ServiceAgent
serviceAccount service-555555555555@dataflow-service-producer-prod.iam.gserviceaccount.com roles/dataflow.serviceAgent
serviceAccount service-555555555555@gcp-sa-datamigration.iam.gserviceaccount.com roles/datamigration.serviceAgent
serviceAccount service-555555555555@firebase-rules.iam.gserviceaccount.com roles/firebaserules.system
serviceAccount service-555555555555@gcp-sa-firestore.iam.gserviceaccount.com roles/firestore.serviceAgent
user annbaker@company.com roles/storage.admin
user louiefranco@company.com roles/storage.admin
user annbaker@company.com roles/storage.objectAdmin
user louiefranco@company.com roles/storage.objectAdmin

License

For personal and professional use. You cannot resell or redistribute these repositories in their original state.

Share

Customer Reviews

There are no reviews.

Related Products

TODO

Gitlocker Clone

Assembly

Python

New

$1.00
TODO

Views For YouTube Bot writed on Python

Python

5.0(1)

$10.00
TODO

AI-Web-Scraper

Python

New

Free
TODO

quivr

Python

New

Free
TODO

roop

Python

New

Free
TODO

zed

Python

Rust

TypeScript

New

Free
TODO

Awesome Game Analysis

Python

New

Free
TODO

Blender For UnrealEngine Addons

Python

New

Free
TODO

holodeck develop

Python

New

Free
TODO

aws-cli

Python

New

Free
TODO

django framework

Python

New

Free
TODO

fastapi

Python

New

Free
TODO

flask framework

Python

New

Free
TODO

jaxley

Python

New

Free
TODO

lorrystream

Python

New

Free