8SSrSSKJr SSKJr SSKJr SSK Jr SSK J r Sr SrSrS rS rS rS rS r\ \4r\ \\\4r\ \\\\\\\4rSrSrSrSrSrSrSrSrSr Sr!Sr"Sr#Sr$Sr%Sr&Sr'Sr(Sr)g )!zUtils for IAP commands.)util) exceptions)iam_util) propertiesz app-enginezbackend-servicesiap_webcompute organizationfolderzforwarding-rulez cloud-runcHURSSSS9 URSSSS9 g)zAdds DestGroup args for managing IAM policies. Args: parser: An argparse.ArgumentParser-like object. It is mocked out in order to capture some information, but behaves like an ArgumentParser. z --dest-groupTName of the Destination Group.requiredhelp--region Region of the Destination Group.N add_argumentparsers *lib/googlecloudsdk/command_lib/iap/util.pyAddIamDestGroupArgsr8s>  +-  -/cHURSSS9 URSSSSS9 g ) zAdds DestGroup args for managing the resource. Args: parser: An argparse.ArgumentParser-like object. It is mocked out in order to capture some information, but behaves like an ArgumentParser. group_namer rrREGIONTr)metavarrrNrrs rAddDestGroupArgsrIs>  +-  - /rcDURSSS9 URSSS9 g)zAdds IP and FQDN args for DestGroup Create command. Args: parser: An argparse.ArgumentParser-like object. It is mocked out in order to capture some information, but behaves like an ArgumentParser. --ip-range-list+List of ip-ranges in the Destination Group.r --fqdn-list'List of FQDNs in the Destination Group.Nrrs rAddDestGroupCreateIpAndFqdnArgsr$Zs8  8:  46rcbURSS9nURSSS9 URSSS9 g) zAdds IP and FQDN args for DestGroup Update command. Args: parser: An argparse.ArgumentParser-like object. It is mocked out in order to capture some information, but behaves like an ArgumentParser. T)rr r!rr"r#N add_grouprrgroups rAddDestGroupUpdateIpAndFqdnArgsr*isK   D  )% 8: 46rc*URSSSSSS9 g)zAdds Region arg for DestGroup List command. Args: parser: An argparse.ArgumentParser-like object. It is mocked out in order to capture some information, but behaves like an ArgumentParser. rrFzARegion of the Destination Group, will list all regions by default-)rrrdefaultNrrs rAddDestGroupListRegionArgsr.ys&  N rcUR5nURS[SS9 URSSS9 URSSS9 URS S S9 g ) zAdds flags for an IAP IAM resource. Args: parser: An argparse.ArgumentParser-like object. It is mocked out in order to capture some information, but behaves like an ArgumentParser. --resource-type"Resource type of the IAP resource.choicesr --servicez Service name.rrzRegion name. Not applicable for `resource-type=app-engine`. Required when `resource-type=backend-services` and regional scoped. Not applicable for global backend-services. Required when `resource-type=cloud-run`. --versionzLService version. Should only be specified with `--resource-type=app-engine`.N)r'rIAM_RESOURCE_TYPE_ENUMr(s rAddIapIamResourceArgsr7s{    %$ / [7 ( *rcUR5nURSS[SS9 URSSS9 URSS S9 g ) zAdds flags for an IAP resource. Args: parser: An argparse.ArgumentParser-like object. It is mocked out in order to capture some information, but behaves like an ArgumentParser. r0Tr1)rr3rr4z?Service name. Required with `--resource-type=backend-services`.rrz_Region name. Not applicable for ``app-engine''. Optional when ``resource-type'' is ``compute''.N)r'r%WEB_ENABLE_DISABLE_RESOURCE_TYPE_ENUMr(s rAddIapResourceArgsr:sj    %3 / 1  LN /rcUR5nURSSS9 URSSS9 URSSS9 URS[S S 9 URS S S9 URS SS9 URSSS9 g)zAdds flags for an IAP settings resource. Args: parser: An argparse.ArgumentParser-like object. It is mocked out in order to capture some information, but behaves like an ArgumentParser. z--organizationzOrganization ID.rz--folderz Folder ID. --projectz Project ID.r0z|Resource type of the IAP resource. For Backend Services, you can use both `compute` and `backend-services` as resource type.r2r4zIService name. Optional when `resource-type` is `compute` or `app-engine`.rzRegion name. Not applicable for `app-engine`. Required when `resource-type=compute` and regional scoped. Not applicable for global scoped compute. Required when `resource-type=cloud-run`.r5zUVersion name. Not applicable for `compute`. Optional when `resource-type=app-engine`.N)r'rSETTING_RESOURCE_TYPE_ENUMr(s rAddIapSettingArgr>s    %%,>?Zl3[}5( I   ( )rchUR5nURSSSS9 URSSSS9 g)zAdds OAuth client args. Args: parser: An argparse.ArgumentParser-like object. It is mocked out in order to capture some information, but behaves like an ArgumentParser. z--oauth2-client-idTzOAuth 2.0 client ID to use.r z--oauth2-client-secretzOAuth 2.0 client secret to use.Nr&r(s rAddOauthClientArgsr@sL    % (* ,.rc.[R"USS9 gNT) add_condition)rAddArgsForAddIamPolicyBindingrs rAddAddIamPolicyBindingArgsrE s (( rc.[R"USS9 grB)r AddArgsForRemoveIamPolicyBindingrs rAddRemoveIamPolicyBindingArgsrHs ++ rc$URSSS9 g)zAdds flags for an IAM policy file. Args: parser: An argparse.ArgumentParser-like object. It is mocked out in order to capture some information, but behaves like an ArgumentParser. policy_filez,JSON or YAML file containing the IAM policy.rNrrs rAddIAMPolicyFileArgrKs HJrc$URSSS9 g)zAdd flags for the IAP setting file. Args: parser: An argparse.ArgumentParser-like object. It is mocked out in order to capture some information, but behaves like an ArgumentParser. setting_fileaJSON or YAML file containing the IAP resource settings. JSON example: ``` { "access_settings": { "oauth_settings": { "login_hint": { "value": "test_hint" } }, "gcip_settings": { "tenant_ids": [ "tenant1-p9puj", "tenant2-y8rxc" ], "login_page_uri": { "value": "https://test.com/?apiKey=abcd_efgh" } }, "cors_settings": { "allow_http_options": { "value": true } } }, "application_settings": { "csm_settings": { "rctoken_aud": { "value": "test_aud" } } } } ``` YAML example: ``` accessSettings : oauthSettings: loginHint: test_hint gcipSettings: tenantIds: - tenant1-p9puj - tenant2-y8rxc loginPageUri: https://test.com/?apiKey=abcd_efgh corsSettings: allowHttpOptions: true applicationSettings: csmSettings: rctokenAud: test_aud ``` rNrrs rAddIapSettingFileArgrN!s 6 8rcf[RRRR 5nUR (dUR (a[R"SS5eUR(a[R"SS5eUR(a[R"SS5e[R"X5$UR [:XaUR(a[R"SS5eUR (a=UR(a,[R"XUR UR5$UR (a![R"XUR 5$UR(a[R"SS5e[R "X5$UR [":XaUR(a[R"SS 5eUR(a^UR (a,[R$"XURUR 5$[R&"XUR5$UR (a"[R$"XS UR 5$[R&"XS 5$UR [(:XaUR(a[R"SS 5eUR (a,[R*"XURUR 5$[R,"XUR5$UR [.:XaUR(a[R"SS 5eUR(d[R"SS 5eUR (a,[R0"XURUR 5$[R2"XUR5$[4R6"S5e)aParse an IAP IAM resource from the input arguments. Args: release_track: base.ReleaseTrack, release track of command. args: an argparse namespace. All the arguments that were provided to this command invocation. Raises: calliope_exc.InvalidArgumentException: if a provided argument does not apply to the specified resource type. iap_exc.InvalidIapIamResourceError: if an IapIamResource could not be parsed from the arguments. Returns: The specified IapIamResource r4:`--service` cannot be specified without `--resource-type`.r9`--region` cannot be specified without `--resource-type`.r5:`--version` cannot be specified without `--resource-type`.z@`--region` cannot be specified for `--resource-type=app-engine`.z4`--version` cannot be specified without `--service`.zG`--version` cannot be specified for `--resource-type=backend-services`.NF`--version` cannot be specified for `--resource-type=forwarding-rule`.@`--version` cannot be specified for `--resource-type=cloud-run`.=`--region` must be specified for `--resource-type=cloud-run`.z!Could not parse IAP IAM resource.)rVALUEScoreproject GetOrFail resource_typeservice calliope_excInvalidArgumentExceptionregionversioniap_apiIAPWebAPP_ENGINE_RESOURCE_TYPEAppEngineServiceVersionAppEngineServiceAppEngineApplicationBACKEND_SERVICES_RESOURCE_TYPEBackendServiceBackendServicesFORWARDING_RULE_RESOURCE_TYPEForwardingRuleForwardingRulesCLOUD_RUN_RESOURCE_TYPECloudRun CloudRunsiap_excInvalidIapIamResourceError release_trackargsrXs rParseIapIamResourcertcs(    " " * * 4 4 6'   ||  1 1  F  {{  1 1  E  ||  1 1  F  >>- 11 55 {{  1 1  L  ||  , , $,,    % %mdll KK ||  1 1 M   ' ' ?? ;; ||  1 1  0   {{ %% DKK  &&}t{{KK   # #MD$,, OO  " "=4 @@ :: ||  1 1  /   ||  # #MDKK$(LL22 $ $]T[[ II 44 ||  1 1  )  ;;  1 1  )   ||   mdkk4<< PP   }t{{ CC **+NOOrc*[RRRR 5nUR (aUR [ :Xa?UR(a[R"SS5e[R"UU5$UR [:XaTUR(d[R"SS5e[R"XURUR5$[ R""S5e)aParse an IAP resource from the input arguments. Args: release_track: base.ReleaseTrack, release track of command. args: an argparse namespace. All the arguments that were provided to this command invocation. Raises: calliope_exc.InvalidArgumentException: if `--version` was specified with resource type 'backend-services'. iap_exc.InvalidIapIamResourceError: if an IapIamResource could not be parsed from the arguments. Returns: The specified IapIamResource r4zA`--service` cannot be specified for `--resource-type=app-engine`.zE`--service` must be specified for `--resource-type=backend-services`.zCould not parse IAP resource.)rrVrWrXrYrZrbr[r\r]r`rerfRequiredArgumentExceptionrgr^rorprqs rParseIapResourcerws"    " " * * 4 4 6'  55 33  ,- - ) )     = = \\44  23 3  # # $++t|| **+JKKrc  UR(aUR(a[R"SS5eUR(a[R"SS5e[ R "USRUR55$UR(aUR(a[R"SS5eUR(a[R"SS5e[ R "USRUR55$UR(GaUR(a(UR(d[R"S S 5eUR(a(UR(d[R"S S 5eUR(a(UR(d[R"S S5eUR(d0[ R "USRUR55$UR[:Xa0[ R "USRUR55$UR[:XaUR(d;[ R "USRURUR55$UR(aQ[ R "USRURURURUR55$[ R "USRURURUR55$UR[:XdUR[:XaSURS/nUR(a+UR!SRUR55 OUR!S5 UR(aUR#SUR/5 [ R "USR%U55$UR[&:XaSURS/nUR(a[R"S S5eUR(a+UR!SRUR55 OUR!S5 UR(aUR#SUR/5 [ R "USR%U55$UR[(:XaSURS/nUR(a[R"S S5eUR(d[R"S S5eUR!SRUR55 UR(aUR#SUR/5 [ R "USR%U55$[*R,"S 5e[*R,"S!5e)"aParse an IAP setting resource from the input arguments. Args: release_track: base.ReleaseTrack, release track of command. args: an argparse namespace. All the arguments that were provided to this command invocation. Raises: calliope_exc.InvalidArgumentException: if `--version` was specified with resource type 'backend-services'. Returns: The specified IapSettingsResource r0z?`--resource-type` should not be specified at organization levelr<z9`--project` should not be specified at organization levelzorganizations/{0}z9`--resource-type` should not be specified at folder levelz3`--project` should not be specified at folder levelz folders/{0}r4rPrrQr5rRz projects/{0}zprojects/{0}/iap_webz"projects/{0}/iap_web/appengine-{1}z ? ++' ( << ++z4<<0 1**=#((4.II   "9 9DLL)4 <<55-  {{55-  N))$++67 << ++z4<<0 1**=#((4.II00 57 7 **. 00rc[RRRR 5n[ USS5nUc UR n[R"XURU5$)aParses an IAP TCP DestGroup resource from the input arguments. Args: release_track: base.ReleaseTrack, release track of command. args: an argparse namespace. All the arguments that were provided to this command invocation. Returns: The specified IAP TCP DestGroup resource. rN) rrVrWrXrYgetattr dest_groupr`IapTunnelDestGroupResourcer^)rrrsrXr)s rParseIapDestGroupResourcers^    " " * * 4 4 6' $ d +% ] OOE  + +MDKK,1 33rc[RRRR 5n[ R "XUR5$)aParses an IAP TCP Tunnel resource from the input arguments. Args: release_track: base.ReleaseTrack, release track of command. args: an argparse namespace. All the arguments that were provided to this command invocation. Returns: The specified IAP TCP Tunnel resource. )rrVrWrXrYr`rr^rqs r&ParseIapDestGroupResourceWithNoGroupIdrs;    " " * * 4 4 6'  + +MDKK PPrN)*__doc__googlecloudsdk.api_lib.iaprr`googlecloudsdk.callioperr\googlecloudsdk.command_lib.iamrgooglecloudsdk.command_lib.iaprogooglecloudsdk.corerrbrfrrORG_RESOURCE_TYPEFOLDER_RESOURCE_TYPErirlr9r6r=rrr$r*r.r7r:r>r@rErHrKrNrtrwrrrrrrs 7>3@*(!3!" 1%")% "! "! /"/" 6 6  !H2/d.$  J?DgPT'LTL0^3& Qr