internet/community.general
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-05-07 05:42:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

GCE module: added Service Account permissions sanity checks

Browse Source
This commit is contained in:
Vasyl Kaigorodov
2015-05-15 16:00:24 +02:00
committed by Matt Clay
parent 4400c5e163
commit 758688a667
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/ansible/modules/cloud/google/gce.py
View File

@@ -340,7 +340,13 @@ def create_instances(module, gce, instance_names):
metadata = {'items': items}
ex_sa_perms = []
bad_perms = []
if service_account_permissions:
for perm in service_account_permissions:
if not perm in gce.SA_SCOPES_MAP.keys():
bad_perms.append(perm)
if len(bad_perms) > 0:
module.fail_json(msg='bad permissions: %s' % str(bad_perms))
if service_account_email:
ex_sa_perms.append({'email': service_account_email})
else: