+SrSSKrSSKJr SSKJr SSKJr SSKJr SS\ S\R4S jjr S \RS\R4S jr SS\R4S jjrSS\R4S jjrSS\R4SjjrSS\R4SjjrSS \RS\R4SjjrS \RS\4SjrSS\R4SjjrSS\R4SjjrS\R4SjrSS\ S\S\R4SjjrS\4SjrS\R4SjrSS\ S\R4Sjjrg)z+Specify common flags for management gcloud.N) arg_parsers)base) completers) constants resource_namereturnc :[R"SUS9nUR[R"SS[R "SR U55S95 UR[R"SSS[RS R U5S 95 UR[R"S SS [RS R U5S 95 UR[R"SSSSR U5S95 U$)aReturns a flag for capturing an org, project, or folder name. The flag can be provided in one of 2 forms: 1. --parent=organizations/, --parent=projects/, --parent=folders/ 2. One of: * --organizations= or organizations/ * --projects= or projects/ * --folders= or folders/ Args: resource_name: The name of the resource for which the flag is created. The default value is set to 'custom module'. required: whether or not this flag is required Tmutexrequired--parentFzrParent associated with the {}. Can be one of organizations/, projects/, folders/r help--organizationORGANIZATION_ID$Organization associated with the {}.r metavar completerr --projectPROJECT_ID_OR_NUMBERProject associated with the {}.z--folder FOLDER_IDzFolder associated with the {}.r rr r ArgumentGroup AddArgumentArgumenttextwrapdedentformatrOrganizationCompleterProjectCompleterrr roots 2lib/googlecloudsdk/command_lib/scc/manage/flags.pyCreateParentFlagr's&   $ :$ mm IIOJ    mm #445<<]K  mm (//077 F  mm /66}E  + module_typecL[R"SSRSU5S9$)z>A positional argument representing a custom module ID or name.module_id_or_nameaThe custom module ID or name. The expected format is {parent}/[locations/global]/MODULE_TYPE/{module_id} or just {module_id}. Where module_id is a numeric identifier 1-20 characters in length. Parent is of the form organizations/{id}, projects/{id or name}, folders/{id}. MODULE_TYPEr)rrreplace)r)s r&CreateModuleIdOrNameArgr/[s,  w   r(cX[R"SUSS[R"5S9$)Nz--custom-config-from-file CUSTOM_CONFIGz)Path to a YAML custom configuration file.r rrtyperrr FileContentsr s r&CreateCustomConfigFlagr7is+ ! :  # # %  r(cX[R"SUSS[R"5S9$)Nz--resource-from-file TEST_DATAztPath to a YAML file that contains the resource data to validate the Security Health Analytics custom module against.r2r4r6s r&CreateTestResourceFlagr:ss.  F  # # %  r(c0[R"SUSSS9$)Nz --module-typer,zType of the custom module. For a list of valid module types please visit https://cloud.google.com/security-command-center/docs/custom-modules-etd-overview#custom_modules_and_templates.rrrr6s r&CreateModuleTypeFlagr=}s"  J  r(c2[R"SUSSSS9$)Nz--validate-only store_truezSIf present, the request is validated (including IAM checks) but no action is taken.)r defaultactionrr<r6s r&CreateValidateOnlyFlagrBs"   d  r(c [R"SUS9nUR[R"SSSSR U5[ R "5S95 UR[SUS95 U$)zBReturns a custom-config flag or an enablement-state flag, or both.Fr --custom-config-fileNzHPath to a {} file that contains the custom config to set for the module.r r@rr3)r r))rrrrr!rr5CreateEnablementStateFlag)r) file_typer r%s r&CreateUpdateFlagsrHsy   %( ;$ mm ]dd '') KH +r(r cU[RR:XaSnO U[RR:XaSn[R "SUSSR W5S9$)z!Creates an enablement state flag.zSecurity Health AnalyticszEvent Threat Detection--enablement-stateNzeSets the enablement state of the {} custom module. Valid options are ENABLED, DISABLED, OR INHERITED.r r@r)rCustomModuleTypeSHAETDrrr!)r)r module_names r&rFrFsa I..222-Ki00444*K  v } }    r(cX[R"SUSS[R"5S9$)NrDr1zBPath to a JSON custom configuration file of the ETD custom module.r2r4r6s r&!CreateEtdCustomConfigFilePathFlagrQs+  S  # # %  r(c0[R"SUSSS9$)Nz--display-namez DISPLAY-NAMEz&The display name of the custom module.rr<r6s r&CreateDisplayNameFlagrSs  7  r(cSR[RVs/sHn[U5PM sn5n[R "SSU3S9$s snf)z4A positional argument representing the service name.z * service_namezThe service name, provided either in lowercase hyphenated form (e.g. security-health-analytics), or in abbreviated form (e.g. sha) if applicable. The list of supported services is: * r-)joinrSUPPORTED_SERVICESstrrr)servicevalid_service_namess r&CreateServiceNameArgr[s] #,#?#?@#?s7|#?@  " " $ AsArGc [R"SUS9nSnSnSUSUSUS3nUR[R"S SS U[R "5S 95 UR[ SS 95 U$) zBReturns a module-config flag or an enablement-state flag, or both.Fr zvDISK_CMEK_DISABLED: intended_enablement_state: DISABLED SQL_WEAK_ROOT_PASSWORD: intended_enablement_state: ENABLEDz{ "DISK_CMEK_DISABLED": { "intended_enablement_state": "DISABLED" }, "SQL_WEAK_ROOT_PASSWORD": { "intended_enablement_state": "ENABLED" } }z Path to a a  file that contains the module config to set for the given module and service. The file should contain a map where keys are module names (e.g., "DISK_CMEK_DISABLED") and values are objects with an "intended_enablement_state" field. Valid states are "ENABLED", "DISABLED", or "INHERITED". To find the available module names for a specific service and resource, use the `gcloud scc manage services describe --parent=` command and look for the keys in the "modules" section of the output. Example YAML format: ```yaml z$ ``` Example JSON format: ```json z ``` . z--module-config-fileNrEr6)rrrrrr5 CreateServiceEnablementStateFlag)rGr r% yaml_example json_example help_texts r&CreateServiceUpdateFlagsras   %( ;$(, , + +)4 mm '') 3UCD +r(cX[R"SUS[R"S5S9$)z(Creates a service enablement state flag.rJNz Sets the enablement state of the Security Center service. Valid options are ENABLED, DISABLED, OR INHERITED. The INHERITED state is only valid when setting the enablement state at the project or folder level.rK)rrrr r6s r&r]r]s/  ??   r(c,[R"SSS9$)zIAn optional argument representing a comma separated list of module names.z--filter-modulesaIf provided, only prints module information for modules specified in the list. Provided as a comma separated list of module names in SCREAMING_SNAKE_CASE format (e.g. WEB_UI_ENABLED, API_KEY_NOT_ROTATED). A single module name is also valid.r-r<r(r&CreateModuleListre/s  - r(c [R"SUS9nUR[R"SS[R "SR U55S95 UR[R"SSS[RS R U5S 95 UR[R"S SS [RS R U5S 95 U$)aReturns a flag for capturing an org, project name. The flag can be provided in one of 2 forms: 1. --parent=organizations/, --parent=projects/ 2. One of: * --organizations= or organizations/ * --projects= or projects/ Args: resource_name: The name of the resource for which the flag is created. The default value is set to 'billing metadata'. required: whether or not this flag is required Returns: A base.Argument object. Tr r FzfParent associated with the {}. Can be one of organizations/, projects/rrrrrrrrrr$s r&CreateFlagForParentrg:s(   $ :$ mm ==CV>    mm #445<<]K  mm (//077 F  +r()z custom moduleF)T)F)zbilling metadataF)__doc__rgooglecloudsdk.callioperr+googlecloudsdk.command_lib.resource_managerr%googlecloudsdk.command_lib.scc.managerrXrr'rLr/r7r:r=rBrHboolrFrQrSr[rar]rergrdr(r&rmsl2/(B;49?? ]]?D ++  ]] T]]T]]4==dmm++ ]] 2++& DMMdmm&<<< ]]<~   $--7<77 ]]7r(