在Python中使用Compute Engine API中的securityPolicies [英] Working with securityPolicies in the Compute Engine API in Python

问题描述

我想使用 google-api-python-client :

  pip install google-api-python-client 

我以JSON格式从GCP生成并下载了此凭据信息(私钥)，并将路径导出到该文件的环境变量下:

  export GOOGLE_APPLICATION_CREDENTIALS ='[PATH]' 

现在，我对如何正确使用 google-api-python-client 库实现我的目标有疑问.

使用 addRule 方法，我编写了以下脚本(当然，其中包含 project 键和 securityPolicy 的有效值)，但是当我执行它时，尽管解释器没有返回任何错误，但是脚本没有提供预期的效果:

来自Googleapiclient导入发现的

 compute_service = Discovery.build('compute'，'v1')security_policies = compute_service.securityPolicies()security_policies.addRule(project ='existed_project_name'，securityPolicy ='existed_security_policy_name'，身体= {'kind':'compute#securityPolicyRule'，优先级":303，'action':'deny(403)'，'preview':错误，'比赛': {'config':{'srcIpRanges':['192.0.2.0/24'，'198.51.100.0/24'，'203.0.113.0/24']}，'versionedExpr':'SRC_IPS_V1'}}) 

所以我有以下问题:

1.我应该改善或改变什么?

2.我的身份验证方法正确吗?

有什么想法吗?

解决方案

您在 addRule 方法末尾缺少 .execute()>

因此您的代码应如下所示:

googleapiclient导入发现中的

 compute_service = Discovery.build('compute'，'v1')security_policies = compute_service.securityPolicies()security_policies.addRule(project ='existed_project_name'，securityPolicy ='existed_security_policy_name'，身体= {'kind':'compute#securityPolicyRule'，优先级":303，'action':'deny(403)'，'preview':错误，'比赛': {'config':{'srcIpRanges':['192.0.2.0/24'，'198.51.100.0/24'，'203.0.113.0/24']}，'versionedExpr':'SRC_IPS_V1'}}).执行() 

I want to use the securityPolicies API for the Google Cloud Platform in Linux in a script written in Python.

To do this:

I installed google-api-python-client:

 pip install google-api-python-client

I generated and downloaded from GCP this credential information (private key) in JSON format and exported the path to this file under the environmental variable:

export GOOGLE_APPLICATION_CREDENTIALS='[PATH]'

Now I have a doubt about how to properly use the google-api-python-client library to achieve my goal.

Using the addRule method according to the documentation I write the following script (of course with valid values for project keys and securityPolicy), but when I execute it, although the interpreter doesn't return any error, but the script doesn't give the expected effect:

from googleapiclient import discovery
compute_service = discovery.build('compute', 'v1')
security_policies = compute_service.securityPolicies()
security_policies.addRule(
    project='existed_project_name',
    securityPolicy='existed_security_policy_name',
    body={
        'kind': 'compute#securityPolicyRule',
        'priority': 303,
        'action': 'deny(403)',
        'preview': False,
        'match': {
            'config': {
                'srcIpRanges': [
                    '192.0.2.0/24',
                    '198.51.100.0/24',
                    '203.0.113.0/24'
                ]
            },
            'versionedExpr': 'SRC_IPS_V1'
        }
    }
)

So I have the following questions:

1. What should I improve or change?

2. Is my approach to authentication correct?

Any ideas?

解决方案

You're missing the .execute() at the end of your addRule method

So your code should look like this:

from googleapiclient import discovery
compute_service = discovery.build('compute', 'v1')
security_policies = compute_service.securityPolicies()
security_policies.addRule(
    project='existed_project_name',
    securityPolicy='existed_security_policy_name',
    body={
        'kind': 'compute#securityPolicyRule',
        'priority': 303,
        'action': 'deny(403)',
        'preview': False,
        'match': {
            'config': {
                'srcIpRanges': [
                    '192.0.2.0/24',
                    '198.51.100.0/24',
                    '203.0.113.0/24'
                ]
            },
            'versionedExpr': 'SRC_IPS_V1'
        }
    }
).execute()

这篇关于在Python中使用Compute Engine API中的securityPolicies的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！