internet/community.general
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-05-07 05:42:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

cloud: gce: Allow specifying scopes by URI (#25074)

Browse Source 
Previously the gce module would only allow scopes to be specified by
alias, this adds support for specifying scopes by full URI, however
validation is limited to just ensuring the URI begins with:
https://www.googleapis.com/auth
This commit is contained in:
Jason DeTiberus
2017-07-11 15:12:10 -04:00
committed by Ryan Brown
parent 43e5f34ffd
commit d173217833
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/ansible/modules/cloud/google/gce.py
View File

@@ -233,6 +233,7 @@ EXAMPLES = '''
- storage-full
- taskqueue
- bigquery
- https://www.googleapis.com/auth/ndev.clouddns.readwrite
service_account_email: "your-sa@your-project-name.iam.gserviceaccount.com"
credentials_file: "/path/to/your-key.json"
project_id: "your-project-name"
@@ -463,7 +464,7 @@ def create_instances(module, gce, instance_names, number, lc_zone):
bad_perms = []
if service_account_permissions:
for perm in service_account_permissions:
if perm not in gce.SA_SCOPES_MAP:
if perm not in gce.SA_SCOPES_MAP and not perm.startswith('https://www.googleapis.com/auth'):
bad_perms.append(perm)
if len(bad_perms) > 0:
module.fail_json(msg='bad permissions: %s' % str(bad_perms))