This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
while remaining: | |
for perm in remaining: | |
# get set of roles which contain permission | |
satisfy = perms_to_roles[perm] | |
# sort roles by the number of permissions they contain, select role | |
# with the most | |
sorted_roles = sorted((role, perms_counts[role]) | |
for role in satisfy) | |
selected = sorted_roles[-1][0] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
remaining = unique_perms - roles_to_perms['roles/owner'] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
selected_roles = {role_with_most_perms,} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
role_with_most_perms = roles_sorted_by_perms_asc[-1][0] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
subset_roles = set() | |
for this_role, _ in roles_sorted_by_perms_asc: | |
for other_role, other_perms in roles_to_perms.items(): | |
if this_role == other_role: | |
continue | |
this_perms = roles_to_perms[this_role] | |
if this_perms.issubset(other_perms): | |
subset_roles.add(this_role) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
roles_sorted_by_perms_asc = sorted(perms_counts.items(), | |
key=lambda x: x[1]) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import collections | |
roles_to_perms = collections.defaultdict(set) | |
perms_to_roles = collections.defaultdict(set) | |
perms_counts = collections.defaultdict(int) | |
unique_perms = set() | |
for role_name, role_data in raw_role_data.items(): | |
for perm in role_data.get('includedPermissions', tuple()): | |
roles_to_perms[role_name].add(perm) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"roles/accessapproval.approver": { | |
"name": "roles/accessapproval.approver", | |
"title": "Access Approval Approver", | |
"description": "Ability to view or act...", | |
"includedPermissions": [ | |
"accessapproval.requests.approve", | |
"accessapproval.requests.dismiss", | |
"accessapproval.requests.get", | |
"Accessapproval.requests.list", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import json | |
from googleapiclient import discovery | |
# Fetch most up to date role list and role descriptions from API | |
iam = discovery.build('iam', 'v1') | |
raw_role_data = {} | |
# Build initial request |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- name: Test split | |
hosts: localhost | |
gather_facts: false | |
vars: | |
- facter_blockdevices: "sda,sdb,sdc,sdd,sde,sdf" | |
tasks: | |
- name: Let's split | |
debug: var=item | |
with_items: "facter_blockdevices.split(',')" |