cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

fix: do not set scopes account to service account used for instance creation

Browse source
This commit is contained in:
Marios Andreopoulos 2015-12-02 19:47:25 +00:00 committed by Matt Clay
parent 41ab7f8aed
commit 1ae765d61f
1 changed files with 2 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
lib/ansible/modules/cloud/google/gce.py
View file

@ -69,7 +69,7 @@ options:
default: null default: null
choices: [ choices: [
"bigquery", "cloud-platform", "compute-ro", "compute-rw", "bigquery", "cloud-platform", "compute-ro", "compute-rw",
"computeaccounts-ro", "computeaccounts-rw", "datastore", "logging-write", "useraccounts-ro", "useraccounts-rw", "datastore", "logging-write",
"monitoring", "sql", "sql-admin", "storage-full", "storage-ro", "monitoring", "sql", "sql-admin", "storage-full", "storage-ro",
"storage-rw", "taskqueue", "userinfo-email" "storage-rw", "taskqueue", "userinfo-email"
] ]
@ -400,10 +400,7 @@ def create_instances(module, gce, instance_names):
bad_perms.append(perm) bad_perms.append(perm)
if len(bad_perms) > 0: if len(bad_perms) > 0:
module.fail_json(msg='bad permissions: %s' % str(bad_perms)) module.fail_json(msg='bad permissions: %s' % str(bad_perms))
if service_account_email: ex_sa_perms.append({'email': "default"})
ex_sa_perms.append({'email': service_account_email})
else:
ex_sa_perms.append({'email': "default"})
ex_sa_perms[0]['scopes'] = service_account_permissions ex_sa_perms[0]['scopes'] = service_account_permissions
# These variables all have default values but check just in case # These variables all have default values but check just in case