google.cloud.forseti.common.gcp_api.storage module

Wrapper for Storage API client.

class StorageClient(*args, **kwargs)[source]

Bases: object

Storage Client.

get_bucket_acls(bucket, user_project=None)[source]

Gets acls for GCS bucket.

Parameters:
  • bucket (str) – The name of the bucket.
  • user_project (str) – The user project to bill the bucket access to, for requester pays buckets.
Returns:

ACL json for bucket

Return type:

dict

Raises:

ApiExecutionError – ApiExecutionError is raised if the call to the GCP API fails

get_bucket_iam_policy(bucket, user_project=None)[source]

Gets the IAM policy for a bucket.

Parameters:
  • bucket (str) – The bucket to fetch the policy for.
  • user_project (str) – The user project to bill the bucket access to, for requester pays buckets.
Returns:

The IAM policies for the bucket.

Return type:

dict

Raises:

ApiExecutionError – ApiExecutionError is raised if the call to the GCP API fails

get_buckets(project_id)[source]

Gets all GCS buckets for a project.

Parameters:project_id (int) – The project id for a GCP project.
Returns:a list of bucket resource dicts. https://cloud.google.com/storage/docs/json_api/v1/buckets
Return type:list
Raises:ApiExecutionError – ApiExecutionError is raised if the call to the GCP API fails
get_default_object_acls(bucket, user_project=None)[source]

Gets acls for GCS bucket.

Parameters:
  • bucket (str) – The name of the bucket.
  • user_project (str) – The user project to bill the bucket access to, for requester pays buckets.
Returns:

ACL json for bucket

Return type:

dict

Raises:

ApiExecutionError – ApiExecutionError is raised if the call to the GCP API fails

get_object_acls(bucket, object_name, user_project=None)[source]

Gets acls for GCS object.

Parameters:
  • bucket (str) – The name of the bucket.
  • object_name (str) – The name of the object.
  • user_project (str) – The user project to bill the bucket access to, for requester pays buckets.
Returns:

ACL json for bucket

Return type:

dict

Raises:

ApiExecutionError – ApiExecutionError is raised if the call to the GCP API fails

get_object_iam_policy(bucket, object_name, user_project=None)[source]

Gets the IAM policy for an object.

Parameters:
  • bucket (str) – The bucket to fetch the policy for.
  • object_name (str) – The object name to fetch the policy for.
  • user_project (str) – The user project to bill the bucket access to, for requester pays buckets.
Returns:

The IAM policies for the object.

Return type:

dict

Raises:

ApiExecutionError – ApiExecutionError is raised if the call to the GCP API fails

get_objects(bucket, user_project=None)[source]

Gets all objects in a bucket.

Parameters:
  • bucket (str) – The bucket to list to objects in.
  • user_project (str) – The user project to bill the bucket access to, for requester pays buckets.
Returns:

a list of object resource dicts. https://cloud.google.com/storage/docs/json_api/v1/objects

Return type:

list

Raises:

ApiExecutionError – ApiExecutionError is raised if the call to the GCP API fails

get_text_file(full_bucket_path)[source]

Gets a text file object as a string.

Parameters:full_bucket_path (str) – The full path of the bucket object.
Returns:The object’s content as a string.
Return type:str
Raises:HttpError – HttpError is raised if the call to the GCP storage API fails
put_text_file(local_file_path, full_bucket_path)[source]

Put a text object into a bucket.

Parameters:
  • local_file_path (str) – The local path of the file to upload.
  • full_bucket_path (str) – The full GCS path for the output.
Returns:

The uploaded object’s resource metadata.

Return type:

dict

class StorageRepositoryClient(credentials=None, quota_max_calls=None, quota_period=1.0, use_rate_limiter=True)[source]

Bases: google.cloud.forseti.common.gcp_api._base_repository.BaseRepositoryClient

Storage API Respository.

bucket_acls

An _StorageBucketAclsRepository instance.

buckets

An _StorageBucketsRepository instance.

default_object_acls

An _StorageDefaultObjectAclsRepository instance.

object_acls

An _StorageObjectAclsRepository instance.

objects

An _StorageObjectsRepository instance.

class _StorageBucketAclsRepository(**kwargs)[source]

Bases: google.cloud.forseti.common.gcp_api.repository_mixins.ListQueryMixin, google.cloud.forseti.common.gcp_api._base_repository.GCPRepository

Implementation of Storage Bucket Access Controls repository.

class _StorageBucketsRepository(**kwargs)[source]

Bases: google.cloud.forseti.common.gcp_api.repository_mixins.GetIamPolicyQueryMixin, google.cloud.forseti.common.gcp_api.repository_mixins.ListQueryMixin, google.cloud.forseti.common.gcp_api._base_repository.GCPRepository

Implementation of Storage Buckets repository.

get_iam_policy(bucket, fields=None, **kwargs)[source]

Get Bucket IAM Policy.

Parameters:
  • bucket (str) – The id of the bucket to fetch.
  • fields (str) – Fields to include in the response - partial response.
  • **kwargs (dict) – Optional additional arguments to pass to the query.
Returns:

GCE response.

Return type:

dict

class _StorageDefaultObjectAclsRepository(**kwargs)[source]

Bases: google.cloud.forseti.common.gcp_api.repository_mixins.ListQueryMixin, google.cloud.forseti.common.gcp_api._base_repository.GCPRepository

Implementation of Storage Default Object Access Controls repository.

class _StorageObjectAclsRepository(**kwargs)[source]

Bases: google.cloud.forseti.common.gcp_api.repository_mixins.ListQueryMixin, google.cloud.forseti.common.gcp_api._base_repository.GCPRepository

Implementation of Storage Object Access Controls repository.

class _StorageObjectsRepository(**kwargs)[source]

Bases: google.cloud.forseti.common.gcp_api.repository_mixins.GetIamPolicyQueryMixin, google.cloud.forseti.common.gcp_api.repository_mixins.ListQueryMixin, google.cloud.forseti.common.gcp_api._base_repository.GCPRepository

Implementation of Iam Projects ServiceAccounts repository.

download(bucket, object_name)[source]

Download an object from a bucket.

Parameters:
  • bucket (str) – The name of the bucket to read from.
  • object_name (str) – The name of the object to read.
Returns:

The contents of the object.

Return type:

str

get_iam_policy(bucket, object_name, fields=None, **kwargs)[source]

Get Object IAM Policy.

Parameters:
  • bucket (str) – The name of the bucket to fetch.
  • object_name (str) – The name of the object to fetch.
  • fields (str) – Fields to include in the response - partial response.
  • **kwargs (dict) – Optional additional arguments to pass to the query.
Returns:

GCE response.

Return type:

dict

upload(bucket, object_name, file_content)[source]

Upload an object to a bucket.

Parameters:
  • bucket (str) – The id of the bucket to insert into.
  • object_name (str) – The name of the object to write.
  • file_content (file) – An open file object of the content to write to the object.
Returns:

The resource metadata for the object.

Return type:

dict

_get_projectid_from_metadata()[source]

Get the current project id from the metadata server, if reachable.

Returns:
The current project id or None if the metadata server is
unreachable.
Return type:str
_user_project_missing_error(error)[source]

Parses the error and checks if it is a no user project exception.

Parameters:error (Exception) – The error message to check.
Returns:True if this is a user project missing error, else False.
Return type:bool
get_bucket_and_path_from(full_path)[source]

Get the bucket and object path.

Parameters:full_path (str) – The full GCS path. Must be in the format gs://bucket-name/path/to/object
Returns:
The bucket name and object path.
Ex. (bucket-name, path/to/object)
Return type:tuple
Raises:InvalidBucketPathError – Raised if the full path cannot be parsed or does not look like a GCS bucket URL.