cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

GCE module: added Service Account permissions sanity checks

Browse source
This commit is contained in:
Vasyl Kaigorodov 2015-05-15 16:00:24 +02:00 committed by Matt Clay
parent 4400c5e163
commit 758688a667
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/ansible/modules/cloud/google/gce.py
View file

@ -340,7 +340,13 @@ def create_instances(module, gce, instance_names):
metadata = {'items': items}
ex_sa_perms = []
bad_perms = []
if service_account_permissions:
for perm in service_account_permissions:
if not perm in gce.SA_SCOPES_MAP.keys():
bad_perms.append(perm)
if len(bad_perms) > 0:
module.fail_json(msg='bad permissions: %s' % str(bad_perms))
if service_account_email:
ex_sa_perms.append({'email': service_account_email})
else: