davidkotnik/novafarma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add new gcloud commands, API clients, and third-party libraries across various services.

Browse Source
This commit is contained in:
David Kotnik
2026-01-01 20:26:35 +01:00
parent 5e23cbece0
commit a19e592eb7
25221 changed files with 8324611 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/__init__.py Normal file
View File

@@ -0,0 +1,29 @@
# -*- coding: utf-8 -*- #
# Copyright 2020 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Network Connectivity Center hubs."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.UniverseCompatible
@base.ReleaseTracks(
base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA, base.ReleaseTrack.GA
)
class Hubs(base.Group):
"""Manage Network Connectivity Center hubs."""

90
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/accept_spoke.py Normal file
View File

@@ -0,0 +1,90 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for accepting spokes into hubs."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_api
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_util
from googlecloudsdk.api_lib.util import waiter
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_connectivity import flags
from googlecloudsdk.core import log
from googlecloudsdk.core import properties
from googlecloudsdk.core import resources
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.BETA, base.ReleaseTrack.GA)
class AcceptSpoke(base.Command):
"""Accept a spoke into a hub.
Accept a proposed or previously rejected VPC spoke. By accepting a spoke,
you permit connectivity between the associated VPC network
and other VPC networks that are attached to the same hub.
"""
@staticmethod
def Args(parser):
flags.AddHubResourceArg(parser, 'to accept the spoke into')
flags.AddSpokeFlag(parser, 'URI of the spoke to accept')
flags.AddAsyncFlag(parser)
def Run(self, args):
client = networkconnectivity_api.HubsClient(
release_track=self.ReleaseTrack())
hub_ref = args.CONCEPTS.hub.Parse()
if self.ReleaseTrack() == base.ReleaseTrack.BETA:
op_ref = client.AcceptSpokeBeta(hub_ref, args.spoke)
else:
op_ref = client.AcceptSpoke(hub_ref, args.spoke)
log.status.Print('Accept spoke request issued for: [{}]'.format(
hub_ref.Name()))
op_resource = resources.REGISTRY.ParseRelativeName(
op_ref.name,
collection='networkconnectivity.projects.locations.operations',
api_version=networkconnectivity_util.VERSION_MAP[self.ReleaseTrack()])
poller = waiter.CloudOperationPollerNoResources(client.operation_service)
if op_ref.done:
return poller.GetResult(op_resource)
if args.async_:
log.status.Print('Check operation [{}] for status.'.format(op_ref.name))
return op_ref
res = waiter.WaitFor(
poller, op_resource,
'Waiting for operation [{}] to complete'.format(op_ref.name))
return res
AcceptSpoke.detailed_help = {
'EXAMPLES': f""" \
To accept a spoke named ``my-spoke'' into a hub named ``my-hub'', run:
$ {{command}} my-hub --spoke="https://networkconnectivity.{properties.VALUES.core.universe_domain.Get()}/v1/projects/spoke-project/locations/global/spokes/my-spoke"
""",
'API REFERENCE': """ \
This command uses the networkconnectivity/v1 API. The full documentation
for this API can be found at:
https://cloud.google.com/network-connectivity/docs/reference/networkconnectivity/rest
""",
}

97
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/accept_spoke_update.py Normal file
View File

@@ -0,0 +1,97 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for accepting spoke updates."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_api
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_util
from googlecloudsdk.api_lib.util import waiter
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_connectivity import flags
from googlecloudsdk.core import log
from googlecloudsdk.core import resources
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.BETA, base.ReleaseTrack.GA)
class AcceptSpokeUpdate(base.Command):
"""Accept a proposal to update a spoke in a hub.
Accept a proposed or previously rejected VPC spoke update. By accepting a
spoke update, you permit updating connectivity between the associated VPC
network and other VPC networks that are attached to the same hub.
"""
@staticmethod
def Args(parser):
flags.AddHubResourceArg(parser, 'to accept the spoke update')
flags.AddSpokeFlag(parser, 'URI of the spoke to accept update')
flags.AddSpokeEtagFlag(parser, 'Etag of the spoke to accept update')
flags.AddAsyncFlag(parser)
def Run(self, args):
client = networkconnectivity_api.HubsClient(
release_track=self.ReleaseTrack()
)
hub_ref = args.CONCEPTS.hub.Parse()
if self.ReleaseTrack() == base.ReleaseTrack.BETA:
op_ref = client.AcceptSpokeUpdateBeta(
hub_ref, args.spoke, args.spoke_etag
)
else:
op_ref = client.AcceptSpokeUpdate(hub_ref, args.spoke, args.spoke_etag)
log.status.Print(
'Accept spoke update request issued for: [{}]'.format(hub_ref.Name())
)
op_resource = resources.REGISTRY.ParseRelativeName(
op_ref.name,
collection='networkconnectivity.projects.locations.operations',
api_version=networkconnectivity_util.VERSION_MAP[self.ReleaseTrack()],
)
poller = waiter.CloudOperationPollerNoResources(client.operation_service)
if op_ref.done:
return poller.GetResult(op_resource)
if args.async_:
log.status.Print('Check operation [{}] for status.'.format(op_ref.name))
return op_ref
res = waiter.WaitFor(
poller, op_resource,
'Waiting for operation [{}] to complete'.format(op_ref.name))
return res
AcceptSpokeUpdate.detailed_help = {
'EXAMPLES':
""" \
To accept updating a spoke named ``my-spoke'' with ``etag'' in a hub named ``my-hub'', run:
$ {command} my-hub --spoke="projects/spoke-project/locations/global/hubs/my-spoke" --spoke-etag=etag
""",
'API REFERENCE':
""" \
This command uses the networkconnectivity/v1 API. The full documentation
for this API can be found at:
https://cloud.google.com/network-connectivity/docs/reference/networkconnectivity/rest
""",
}

47
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/add_iam_policy_binding.yaml Normal file
View File

@@ -0,0 +1,47 @@
- release_tracks: [BETA]
help_text:
brief: Add an IAM policy binding to the IAM policy of a hub resource.
description: |
Add an IAM policy binding to the IAM policy of a hub resource. One binding consists of
a member, a role, and an optional condition.
examples: |
To grant a user the ``roles/networkconnectivity.groupUser'' role on the hub called ``my-hub'', run the following command:
$ {command} my-hub --member="user:username@gmail.com" --role="roles/networkconnectivity.groupUser"
request:
collection: networkconnectivity.projects.locations.global.hubs
api_version: v1beta
arguments:
resource:
help_text: The hub that you want to update.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hub
iam:
set_iam_policy_request_path: googleIamV1SetIamPolicyRequest
message_type_overrides:
policy: GoogleIamV1Policy
set_iam_policy_request: NetworkconnectivityProjectsLocationsGlobalHubsSetIamPolicyRequest
- release_tracks: [GA]
help_text:
brief: Add an IAM policy binding to the IAM policy of a hub resource.
description: |
Add an IAM policy binding to the IAM policy of a hub resource. One binding consists of
a member, a role, and an optional condition.
examples: |
To grant a user the ``roles/networkconnectivity.groupUser'' role on the hub called ``my-hub'', run the following command:
$ {command} my-hub --member="user:username@gmail.com" --role="roles/networkconnectivity.groupUser"
request:
collection: networkconnectivity.projects.locations.global.hubs
api_version: v1
arguments:
resource:
help_text: The hub that you want to update.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hub

117
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/create.yaml Normal file
View File

@@ -0,0 +1,117 @@
- release_tracks: [BETA]
help_text:
brief: Create a new hub.
description: Create a new hub with the given name.
examples: |
To create a hub with the name ``my-hub'' and the description ``optional description'', run:
$ {command} my-hub --description="optional description"
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hub
help_text: Name of the hub to be created.
params:
- arg_name: description
api_field: googleCloudNetworkconnectivityV1betaHub.description
help_text: Description of the hub.
- arg_name: policy-mode
api_field: googleCloudNetworkconnectivityV1betaHub.policyMode
help_text: Policy mode of the hub.
- arg_name: preset-topology
api_field: googleCloudNetworkconnectivityV1betaHub.presetTopology
help_text: Topology of the hub. Only applicable when ``--policy-mode=PRESET''.
- group:
mutex: true
required: false
params:
- arg_name: export-psc
api_field: googleCloudNetworkconnectivityV1betaHub.exportPsc
default: null
help_text: |-
This boolean controls whether Private Service Connect transitivity is enabled for the hub.
- group:
hidden: true
required: false
params:
- arg_name: export-psc-published-services-and-regional-google-apis
api_field: googleCloudNetworkconnectivityV1betaHub.exportPscConfig.publishedServicesAndRegionalGoogleApis
hidden: true
default: null
help_text: |-
This boolean control whether Private Service Connect endpoints for regional ILBs and regional Google APIs should be propagated.
- arg_name: export-psc-global-google-apis
api_field: googleCloudNetworkconnectivityV1betaHub.exportPscConfig.globalGoogleApis
hidden: true
default: null
help_text: |-
This boolean controls whether Private Service Connect endpoints for global Google APIs should be propagated.
labels:
api_field: googleCloudNetworkconnectivityV1betaHub.labels
async:
collection: networkconnectivity.projects.locations.operations
request:
BETA:
api_version: v1beta
collection: networkconnectivity.projects.locations.global.hubs
method: create
modify_request_hooks:
- googlecloudsdk.command_lib.network_connectivity.util:AppendLocationsGlobalToParent
- googlecloudsdk.command_lib.network_connectivity.util:SetExportPscBeta
- release_tracks: [ALPHA, GA]
help_text:
brief: Create a new hub.
description: Create a new hub with the given name.
examples: |
To create a hub with the name ``my-hub'' and the description ``optional description'', run:
$ {command} my-hub --description="optional description"
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hub
help_text: Name of the hub to be created.
params:
- arg_name: description
api_field: hub.description
help_text: Description of the hub.
- arg_name: policy-mode
release_tracks: [GA]
api_field: hub.policyMode
help_text: Policy mode of the hub.
- arg_name: preset-topology
release_tracks: [GA]
api_field: hub.presetTopology
help_text: Topology of the hub. Only applicable when ``--policy-mode=PRESET''.
- group:
release_tracks: [GA]
mutex: true
required: false
params:
- arg_name: export-psc
release_tracks: [GA]
api_field: hub.exportPsc
help_text: |-
This boolean controls whether Private Service Connect transitivity is enabled for the hub.
labels:
api_field: hub.labels
async:
collection: networkconnectivity.projects.locations.operations
request:
ALPHA:
api_version: v1alpha1
GA:
api_version: v1
collection: networkconnectivity.projects.locations.global.hubs
method: create
modify_request_hooks:
- googlecloudsdk.command_lib.network_connectivity.util:AppendLocationsGlobalToParent
# TODO: b/420998347 - Remove this hook once v1 supports HYBRID_INSPECTION.
- googlecloudsdk.command_lib.network_connectivity.util:ProhibitHybridInspection

27
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/delete.yaml Normal file
View File

@@ -0,0 +1,27 @@
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Delete a hub.
description: Delete the specified hub.
examples: |
To delete a hub named ``my-hub'', run:
$ {command} my-hub
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hub
help_text: Name of the hub to be deleted.
async:
collection: networkconnectivity.projects.locations.operations
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta
GA:
api_version: v1
collection: networkconnectivity.projects.locations.global.hubs

24
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/describe.yaml Normal file
View File

@@ -0,0 +1,24 @@
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: Describe a hub.
description: Retrieve and display details about a hub.
examples: |
To display details about a hub named ``my-hub'', run:
$ {command} my-hub
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hub
help_text: Name of the hub to be described.
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta
GA:
api_version: v1
collection: networkconnectivity.projects.locations.global.hubs

48
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/get_iam_policy.yaml Normal file
View File

@@ -0,0 +1,48 @@
- release_tracks: [BETA]
help_text:
brief: Get the IAM policy for a hub resource.
description: |
Get the IAM policy of a hub. If formatted as JSON, the output
can be edited and used as a policy file for *set-iam-policy*.
examples: |
To get the IAM policy for a hub named ``my-hub'', run:
$ {command} my-hub
request:
collection: networkconnectivity.projects.locations.global.hubs
api_version: v1beta
arguments:
resource:
help_text: The hub for which you want the IAM policy.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hub
iam:
set_iam_policy_request_path: googleIamV1SetIamPolicyRequest
message_type_overrides:
policy: GoogleIamV1Policy
set_iam_policy_request: NetworkconnectivityProjectsLocationsGlobalHubsSetIamPolicyRequest
- release_tracks: [GA]
help_text:
brief: Get the IAM policy for a hub resource.
description: |
Get the IAM policy of a hub. If formatted as JSON, the output
can be edited and used as a policy file for *set-iam-policy*.
examples: |
To get the IAM policy for a hub named ``my-hub'', run:
$ {command} my-hub
request:
collection: networkconnectivity.projects.locations.global.hubs
api_version: v1
arguments:
resource:
help_text: The hub for which you want the IAM policy.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hub

27
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/groups/__init__.py Normal file
View File

@@ -0,0 +1,27 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for groups."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.BETA, base.ReleaseTrack.GA)
class Groups(base.Group):
"""Manage Network Connectivity Center groups."""

47
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/groups/add_iam_policy_binding.yaml Normal file
View File

@@ -0,0 +1,47 @@
- release_tracks: [BETA]
help_text:
brief: Add an IAM policy binding to the IAM policy of a group resource.
description: |
Add an IAM policy binding to the IAM policy of a group resource. One binding consists of
a member, a role, and an optional condition.
examples: |
To grant a user the ``roles/networkconnectivity.groupUser'' role on the group called ``my-group'' in the hub called ``my-hub''', run the following command:
$ {command} my-group --member="user:username@gmail.com" --role="roles/networkconnectivity.groupUser" --hub="my-hub"
request:
collection: networkconnectivity.projects.locations.global.hubs.groups
api_version: v1beta
arguments:
resource:
help_text: The group that you want to update.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:group
iam:
set_iam_policy_request_path: googleIamV1SetIamPolicyRequest
message_type_overrides:
policy: GoogleIamV1Policy
set_iam_policy_request: NetworkconnectivityProjectsLocationsGlobalHubsGroupsSetIamPolicyRequest
- release_tracks: [GA]
help_text:
brief: Add an IAM policy binding to the IAM policy of a group resource.
description: |
Add an IAM policy binding to the IAM policy of a group resource. One binding consists of
a member, a role, and an optional condition.
examples: |
To grant a user the ``roles/networkconnectivity.groupUser'' role on the group called ``my-group'' in the hub called ``my-hub''', run the following command:
$ {command} my-group --member="user:username@gmail.com" --role="roles/networkconnectivity.groupUser" --hub="my-hub"
request:
collection: networkconnectivity.projects.locations.global.hubs.groups
api_version: v1
arguments:
resource:
help_text: The group that you want to update.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:group

23
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/groups/describe.yaml Normal file
View File

@@ -0,0 +1,23 @@
- release_tracks: [BETA, GA]
help_text:
brief: Describe a group.
description: |
Retrieve and display details about a group.
examples: |
To display details about a group named ``my-group'', run:
$ {command} my-group
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:group
help_text: |
Name of the group to describe.
request: &request
BETA:
api_version: v1beta
GA:
api_version: v1
collection: networkconnectivity.projects.locations.global.hubs.groups

23
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/groups/get_iam_policy.yaml Normal file
View File

@@ -0,0 +1,23 @@
- release_tracks: [BETA, GA]
help_text:
brief: Get the IAM policy for a group resource.
description: |
Get the IAM policy of a group. If formatted as JSON, the output
can be edited and used as a policy file for *set-iam-policy*.
examples: |
To get the IAM policy for a group named ``my-group'' in the hub named ``my-hub'', run:
$ {command} my-group --hub="my-hub"
request: &request
collection: networkconnectivity.projects.locations.global.hubs.groups
BETA:
api_version: v1beta
GA:
api_version: v1
arguments:
resource:
help_text: The group for which you want the IAM policy.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:group

30
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/groups/list.yaml Normal file
View File

@@ -0,0 +1,30 @@
- release_tracks: [BETA, GA]
help_text:
brief: List groups.
description: Retrieve and display a list of all groups in the specified hub.
examples: |
To list all groups across all hubs, run:
$ {command} --hub=-
To list all groups in hub `my-hub`, run:
$ {command} --hub=my-hub
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hubDefaultAll
help_text: Parent hub of the groups to display.
request: &request
BETA:
api_version: v1beta
GA:
api_version: v1
collection: networkconnectivity.projects.locations.global.hubs.groups
output:
# Columns: NAME, HUB, DESCRIPTION
format: table(name.basename():sort=2, name.segment(5):label=HUB:sort=1, description)

47
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/groups/remove_iam_policy_binding.yaml Normal file
View File

@@ -0,0 +1,47 @@
- release_tracks: [BETA]
help_text:
brief: Remove an IAM policy binding from the IAM policy of a group resource.
description: |
Remove an IAM policy binding from the IAM policy of a group resource.
examples: |
To remove the ``roles/networkconnectivity.groupUser'' role from a user of the group ``my-group'' in the hub ``my-hub'',
run:
$ {command} my-group --member="user:username@gmail.com" --role="roles/networkconnectivity.groupUser" --hub="my-hub"
request:
collection: networkconnectivity.projects.locations.global.hubs.groups
api_version: v1beta
arguments:
resource:
help_text: The group that you want to update.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:group
iam:
set_iam_policy_request_path: googleIamV1SetIamPolicyRequest
message_type_overrides:
policy: GoogleIamV1Policy
set_iam_policy_request: NetworkconnectivityProjectsLocationsGlobalHubsGroupsSetIamPolicyRequest
- release_tracks: [GA]
help_text:
brief: Remove an IAM policy binding from the IAM policy of a group resource.
description: |
Remove an IAM policy binding from the IAM policy of a group resource.
examples: |
To remove the ``roles/networkconnectivity.groupUser'' role from a user of the group ``my-group'' in the hub ``my-hub'',
run:
$ {command} my-group --member="user:username@gmail.com" --role="roles/networkconnectivity.groupUser" --hub="my-hub"
request:
collection: networkconnectivity.projects.locations.global.hubs.groups
api_version: v1
arguments:
resource:
help_text: The group that you want to update.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:group

49
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/groups/set_iam_policy.yaml Normal file
View File

@@ -0,0 +1,49 @@
- release_tracks: [BETA]
help_text:
brief: Set the IAM policy of a group resource.
description: |
Replace the existing IAM policy of a group resource with a policy
encoded in a JSON or YAML file.
examples: |
To replace the IAM policy of a group resource with the policy defined in a
file called ``policy.json'', run:
$ {command} my-group policy.json --hub="my-hub"
request:
collection: networkconnectivity.projects.locations.global.hubs.groups
api_version: v1beta
arguments:
resource:
help_text: The hub for which to set the IAM policy.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:group
iam:
set_iam_policy_request_path: googleIamV1SetIamPolicyRequest
message_type_overrides:
policy: GoogleIamV1Policy
set_iam_policy_request: NetworkconnectivityProjectsLocationsGlobalHubsGroupsSetIamPolicyRequest
- release_tracks: [GA]
help_text:
brief: Set the IAM policy of a group resource.
description: |
Replace the existing IAM policy of a group resource with a policy
encoded in a JSON or YAML file.
examples: |
To replace the IAM policy of a group resource with the policy defined in a
file called ``policy.json'', run:
$ {command} my-group policy.json --hub="my-hub"
request:
collection: networkconnectivity.projects.locations.global.hubs.groups
api_version: v1
arguments:
resource:
help_text: The hub for which to set the IAM policy.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:group

192
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/groups/update.py Normal file
View File

@@ -0,0 +1,192 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for updating groups."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_api
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_util
from googlecloudsdk.api_lib.util import waiter
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_connectivity import flags
from googlecloudsdk.command_lib.util.args import labels_util
from googlecloudsdk.command_lib.util.args import repeated
from googlecloudsdk.core import log
from googlecloudsdk.core import resources
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.BETA, base.ReleaseTrack.GA)
class Update(base.Command):
"""Update a group.
Update the details of a group.
"""
@staticmethod
def Args(parser):
flags.AddGroupResourceArg(parser, 'to update')
flags.AddDescriptionFlag(parser, 'New description of the group.')
flags.AddAsyncFlag(parser)
labels_util.AddUpdateLabelsFlags(parser)
repeated.AddPrimitiveArgs(
parser,
'group',
'auto-accept-projects',
'auto-accept projects',
additional_help="""This controls the list of project ids or
project numbers for which auto-accept is enabled for the group.""",
include_set=False,
)
def UpdateGroupBeta(self, client, group_ref, args):
update_mask = []
description = args.description
if description is not None:
update_mask.append('description')
labels = None
labels_diff = labels_util.Diff.FromUpdateArgs(args)
original_group = client.Get(group_ref)
if labels_diff.MayHaveUpdates():
labels_update = labels_diff.Apply(
client.messages.GoogleCloudNetworkconnectivityV1betaGroup.LabelsValue,
original_group.labels,
)
if labels_update.needs_update:
labels = labels_update.labels
update_mask.append('labels')
# TODO: b/349140768 - Add e2e test for this command.
def _get_current_auto_accept_projects():
if original_group.autoAccept is None:
return []
return original_group.autoAccept.autoAcceptProjects
auto_accept_projects = repeated.ParsePrimitiveArgs(
args, 'auto_accept_projects', _get_current_auto_accept_projects
)
auto_accept = None
if auto_accept_projects is not None:
auto_accept = (
client.messages.GoogleCloudNetworkconnectivityV1betaAutoAccept(
autoAcceptProjects=auto_accept_projects
)
)
update_mask.append('auto_accept.auto_accept_projects')
# Construct a group message with only the updated fields
group = client.messages.GoogleCloudNetworkconnectivityV1betaGroup(
description=description, labels=labels, autoAccept=auto_accept
)
return client.UpdateGroupBeta(group_ref, group, update_mask)
def UpdateGroupGA(self, client, group_ref, args):
update_mask = []
description = args.description
if description is not None:
update_mask.append('description')
labels = None
labels_diff = labels_util.Diff.FromUpdateArgs(args)
original_group = client.Get(group_ref)
if labels_diff.MayHaveUpdates():
labels_update = labels_diff.Apply(
client.messages.Group.LabelsValue, original_group.labels
)
if labels_update.needs_update:
labels = labels_update.labels
update_mask.append('labels')
# TODO(b/349140768): Add e2e test for this command.
def _get_current_auto_accept_projects():
if original_group.autoAccept is None:
return []
return original_group.autoAccept.autoAcceptProjects
auto_accept_projects = repeated.ParsePrimitiveArgs(
args, 'auto_accept_projects', _get_current_auto_accept_projects
)
auto_accept = None
if auto_accept_projects is not None:
auto_accept = client.messages.AutoAccept(
autoAcceptProjects=auto_accept_projects
)
update_mask.append('auto_accept.auto_accept_projects')
# Construct a group message with only the updated fields
group = client.messages.Group(
description=description, labels=labels, autoAccept=auto_accept
)
return client.UpdateGroup(group_ref, group, update_mask)
def Run(self, args):
client = networkconnectivity_api.GroupsClient(
release_track=self.ReleaseTrack()
)
group_ref = args.CONCEPTS.group.Parse()
if self.ReleaseTrack() == base.ReleaseTrack.BETA:
op_ref = self.UpdateGroupBeta(client, group_ref, args)
else:
op_ref = self.UpdateGroupGA(client, group_ref, args)
log.status.Print('Update request issued for: [{}]'.format(group_ref.Name()))
if op_ref.done:
log.UpdatedResource(group_ref.Name(), kind='group')
return op_ref
if args.async_:
log.status.Print('Check operation [{}] for status.'.format(op_ref.name))
return op_ref
op_resource = resources.REGISTRY.ParseRelativeName(
op_ref.name,
collection='networkconnectivity.projects.locations.operations',
api_version=networkconnectivity_util.VERSION_MAP[self.ReleaseTrack()],
)
poller = waiter.CloudOperationPoller(
client.group_service, client.operation_service
)
res = waiter.WaitFor(
poller,
op_resource,
'Waiting for operation [{}] to complete'.format(op_ref.name),
)
log.UpdatedResource(group_ref.Name(), kind='group')
return res
Update.detailed_help = {
'EXAMPLES': """\
To update the description of a group named ``my-group'', in the hub ``my-hub'', run:
$ {command} my-group --hub=my-hub --description="new group description"
To add the project ``my-project'' to the auto-accept list of a group named ``my-group'' in the hub ``my-hub'', run:
$ {command} my-group --hub=my-hub --add-auto-accept-projects=my-project
""",
'API REFERENCE': """ \
This command uses the networkconnectivity/v1 API. The full documentation
for this API can be found at:
https://cloud.google.com/network-connectivity/docs/reference/networkconnectivity/rest
""",
}

29
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/list.yaml Normal file
View File

@@ -0,0 +1,29 @@
- release_tracks: [ALPHA, BETA, GA]
help_text:
brief: List hubs.
description: Retrieve and display a list of all hubs in the specified project.
examples: |
To list all hubs, run:
$ {command}
request: &request
ALPHA:
api_version: v1alpha1
BETA:
api_version: v1beta
GA:
api_version: v1
collection: networkconnectivity.projects.locations.global.hubs
modify_request_hooks:
- googlecloudsdk.command_lib.network_connectivity.util:AppendLocationsGlobalToParent
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:project
help_text: Project of the hubs to display.
output:
format: table(name.basename(), description)

83
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/list_spokes.py Normal file
View File

@@ -0,0 +1,83 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for listing spokes."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_api
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_util
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_connectivity import flags
from googlecloudsdk.command_lib.network_connectivity import util
@base.DefaultUniverseOnly
@base.ReleaseTracks(base.ReleaseTrack.BETA, base.ReleaseTrack.GA)
class ListSpokes(base.ListCommand):
"""List hub spokes.
Retrieve and display a list of all spokes associated with a hub.
"""
@staticmethod
def Args(parser):
# Remove URI flag to match surface spec
base.URI_FLAG.RemoveFromParser(parser)
# Add flags to identify region
flags.AddSpokeLocationsFlag(parser)
flags.AddViewFlag(parser)
flags.AddHubResourceArg(parser, """associated with the returned list of
spokes""")
# Table formatting
parser.display_info.AddFormat(util.LIST_SPOKES_FORMAT)
def Run(self, args):
release_track = self.ReleaseTrack()
view = ViewToEnum(args.view, release_track)
client = networkconnectivity_api.HubsClient(release_track)
hub_ref = args.CONCEPTS.hub.Parse()
return client.ListHubSpokes(
hub_ref,
spoke_locations=args.spoke_locations,
limit=args.limit,
order_by=None, # Do all sorting client-side
filter_expression=None, # Do all filtering client-side
view=view)
def ViewToEnum(view, release_track):
"""Converts the typed view into its Enum value."""
list_hub_spokes_req = networkconnectivity_util.GetMessagesModule(release_track).NetworkconnectivityProjectsLocationsGlobalHubsListSpokesRequest # pylint: disable=line-too-long
if view == 'detailed':
return list_hub_spokes_req.ViewValueValuesEnum.DETAILED
return list_hub_spokes_req.ViewValueValuesEnum.BASIC
ListSpokes.detailed_help = {
'EXAMPLES': """ \
To list all spokes in the ``us-central1'' region and the global location, run:
$ {command} HUB --spoke-locations=us-central1,global
""",
'API REFERENCE': """ \
This command uses the networkconnectivity/v1 API. The full documentation
for this API can be found at:
https://cloud.google.com/network-connectivity/docs/reference/networkconnectivity/rest
""",
}

151
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/query_status.py Normal file
View File

@@ -0,0 +1,151 @@
# -*- coding: utf-8 -*- #
# Copyright 2024 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for listing spokes."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_api
from googlecloudsdk.calliope import base
from googlecloudsdk.calliope import parser_arguments
from googlecloudsdk.command_lib.network_connectivity import filter_rewrite
from googlecloudsdk.command_lib.network_connectivity import flags
@base.DefaultUniverseOnly
@base.ReleaseTracks(base.ReleaseTrack.GA)
class QueryStatus(base.ListCommand):
"""Query the status of Private Service Connect propagation for a hub."""
@staticmethod
def Args(parser: parser_arguments.ArgumentInterceptor):
# Remove URI flag to match surface spec
base.URI_FLAG.RemoveFromParser(parser)
flags.AddHubResourceArg(
parser, """to query Private Service Connect propagation for"""
)
# TODO(b/347697136): remove list of values and instead link to documentation
parser.add_argument(
'--group-by',
help="""
Comma-separated list of resource field key names to group by. Aggregated
values will be displayed for each group. If `--group-by` is set, the value
of the `--sort-by` flag must be the same as or a subset of the `--group-by`
flag.
Accepted values are:
- 'psc_propagation_status.source_spoke'
- 'psc_propagation_status.source_group'
- 'psc_propagation_status.source_forwarding_rule'
- 'psc_propagation_status.target_spoke'
- 'psc_propagation_status.target_group'
- 'psc_propagation_status.code'
""",
)
parser.display_info.AddFormat("""
table(
pscPropagationStatus.sourceForwardingRule.basename(),
pscPropagationStatus.sourceSpoke.basename(),
pscPropagationStatus.sourceGroup.basename(),
pscPropagationStatus.targetSpoke.basename(),
pscPropagationStatus.targetGroup.basename(),
pscPropagationStatus.code:label=CODE,
count)
""")
def Run(self, args):
valid_fields = {
'psc_propagation_status.source_spoke',
'psc_propagation_status.source_group',
'psc_propagation_status.source_forwarding_rule',
'psc_propagation_status.target_spoke',
'psc_propagation_status.target_group',
'psc_propagation_status.code',
}
release_track = self.ReleaseTrack()
client = networkconnectivity_api.HubsClient(release_track)
hub_ref = args.CONCEPTS.hub.Parse()
group_by_fields: list[str] = []
if args.group_by:
group_by_fields: list[str] = args.group_by.replace(' ', '').split(',')
if not all((x in valid_fields) for x in group_by_fields):
raise ValueError(
'Invalid group-by fields: {} valid fields are:\n{}'.format(
', '.join(sorted((set(group_by_fields) - valid_fields))),
'\n'.join(sorted(valid_fields)),
)
)
filter_expression = ''
# this extracts the filter expression from the args.filter string
# then sets it to an empty string to bypass client-side filtering
if args.filter:
_, filter_expression = filter_rewrite.BackendFilterRewrite().Rewrite(
args.filter
)
args.filter = ''
sort_by_fields = []
if args.sort_by:
sort_by_fields: list[str] = args.sort_by
if not all((x in valid_fields) for x in sort_by_fields):
raise ValueError(
'Invalid sort-by fields: {}, valid fields are:\n{}'.format(
', '.join(sorted((set(sort_by_fields) - valid_fields))),
'\n'.join(sorted(valid_fields)),
)
)
limit = 5000
if args.limit:
limit = args.limit
page_size = 100
if args.page_size:
page_size = args.page_size
return client.QueryHubStatus(
hub_ref,
filter_expression=filter_expression,
group_by=','.join(group_by_fields),
order_by=','.join(sort_by_fields),
page_size=page_size,
limit=limit,
)
QueryStatus.detailed_help = {
'EXAMPLES': """ \
To query the Private Service Connect propagation status of a hub, run:
$ {command} HUB
To query the Private Service Connect propagation status of a hub grouped by source spoke and code, run:
$ {command} HUB --group-by="psc_propagation_status.source_spoke,psc_propagation_status.code"
To query the Private Service Connect propagation status of a hub sorted by the source forwarding rule, run:
$ {command} HUB --sort-by="psc_propagation_status.source_forwarding_rule"
""",
'API REFERENCE': """ \
This command uses the networkconnectivity/v1 API. The full documentation
for this API can be found at:
https://cloud.google.com/network-connectivity/docs/reference/networkconnectivity/rest
""",
}

93
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/reject_spoke.py Normal file
View File

@@ -0,0 +1,93 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for rejecting spokes from hubs."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_api
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_util
from googlecloudsdk.api_lib.util import waiter
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_connectivity import flags
from googlecloudsdk.core import log
from googlecloudsdk.core import properties
from googlecloudsdk.core import resources
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.BETA, base.ReleaseTrack.GA)
class RejectSpoke(base.Command):
"""Reject a spoke from a hub.
Reject a VPC spoke. By rejecting a spoke,
you prevent or remove connectivity between the associated VPC network
and any other VPC networks that are attached to the same hub.
"""
@staticmethod
def Args(parser):
flags.AddHubResourceArg(parser, 'to reject the spoke from')
flags.AddSpokeFlag(parser, 'URI of the spoke to reject')
flags.AddRejectionDetailsFlag(parser)
flags.AddAsyncFlag(parser)
def Run(self, args):
client = networkconnectivity_api.HubsClient(
release_track=self.ReleaseTrack())
hub_ref = args.CONCEPTS.hub.Parse()
if self.ReleaseTrack() == base.ReleaseTrack.BETA:
op_ref = client.RejectSpokeBeta(hub_ref, args.spoke, args.details)
else:
op_ref = client.RejectSpoke(hub_ref, args.spoke, args.details)
log.status.Print('Reject spoke request issued for: [{}]'.format(
hub_ref.Name()))
op_resource = resources.REGISTRY.ParseRelativeName(
op_ref.name,
collection='networkconnectivity.projects.locations.operations',
api_version=networkconnectivity_util.VERSION_MAP[self.ReleaseTrack()])
poller = waiter.CloudOperationPollerNoResources(client.operation_service)
if op_ref.done:
return poller.GetResult(op_resource)
if args.async_:
log.status.Print('Check operation [{}] for status.'.format(op_ref.name))
return op_ref
res = waiter.WaitFor(
poller, op_resource,
'Waiting for operation [{}] to complete'.format(op_ref.name))
return res
RejectSpoke.detailed_help = {
'EXAMPLES':
f""" \
To reject a spoke named ``my-spoke'' from a hub named ``my-hub'' with reason ``my-reason'', run:
$ {{command}} my-hub --spoke="https://networkconnectivity.{properties.VALUES.core.universe_domain.Get()}/v1/projects/spoke-project/locations/global/spokes/my-spoke" --details=my-reason
""",
'API REFERENCE':
""" \
This command uses the networkconnectivity/v1 API. The full documentation
for this API can be found at:
https://cloud.google.com/network-connectivity/docs/reference/networkconnectivity/rest
""",
}

100
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/reject_spoke_update.py Normal file
View File

@@ -0,0 +1,100 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for rejecting spokes updates."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_api
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_util
from googlecloudsdk.api_lib.util import waiter
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_connectivity import flags
from googlecloudsdk.core import log
from googlecloudsdk.core import resources
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.BETA, base.ReleaseTrack.GA)
class RejectSpokeUpdate(base.Command):
"""Reject a proposal to update a spoke in a hub.
Reject a VPC spoke update proposal. By rejecting a spoke update,
you prevent updating the connectivity between the associated VPC network and
any other VPC networks that are attached to the same hub.
"""
@staticmethod
def Args(parser):
flags.AddHubResourceArg(parser, 'to reject the spoke update')
flags.AddSpokeFlag(parser, 'URI of the spoke to reject update')
flags.AddSpokeEtagFlag(parser, 'Etag of the spoke to reject update')
flags.AddRejectionDetailsFlag(parser)
flags.AddAsyncFlag(parser)
def Run(self, args):
client = networkconnectivity_api.HubsClient(
release_track=self.ReleaseTrack()
)
hub_ref = args.CONCEPTS.hub.Parse()
if self.ReleaseTrack() == base.ReleaseTrack.BETA:
op_ref = client.RejectSpokeUpdateBeta(
hub_ref, args.spoke, args.spoke_etag, args.details
)
else:
op_ref = client.RejectSpokeUpdate(
hub_ref, args.spoke, args.spoke_etag, args.details
)
log.status.Print(
'Reject spoke update request issued for: [{}]'.format(hub_ref.Name())
)
op_resource = resources.REGISTRY.ParseRelativeName(
op_ref.name,
collection='networkconnectivity.projects.locations.operations',
api_version=networkconnectivity_util.VERSION_MAP[self.ReleaseTrack()],
)
poller = waiter.CloudOperationPollerNoResources(client.operation_service)
if op_ref.done:
return poller.GetResult(op_resource)
if args.async_:
log.status.Print('Check operation [{}] for status.'.format(op_ref.name))
return op_ref
res = waiter.WaitFor(
poller, op_resource,
'Waiting for operation [{}] to complete'.format(op_ref.name))
return res
RejectSpokeUpdate.detailed_help = {
'EXAMPLES':
""" \
To reject updating a spoke named ``my-spoke'' with ``etag'' in a hub named ``my-hub'' with reason ``my-reason'', run:
$ {command} my-hub --spoke="projects/spoke-project/locations/global/hubs/my-spoke" --spoke-etag=etag --details=my-reason
""",
'API REFERENCE':
""" \
This command uses the networkconnectivity/v1 API. The full documentation
for this API can be found at:
https://cloud.google.com/network-connectivity/docs/reference/networkconnectivity/rest
""",
}

47
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/remove_iam_policy_binding.yaml Normal file
View File

@@ -0,0 +1,47 @@
- release_tracks: [BETA]
help_text:
brief: Remove an IAM policy binding from the IAM policy of a hub resource.
description: |
Remove an IAM policy binding from the IAM policy of a hub resource.
examples: |
To remove the ``roles/networkconnectivity.groupUser'' role from a user of the hub ``my-hub'',
run:
$ {command} my-hub --member="user:username@gmail.com" --role="roles/networkconnectivity.groupUser"
request:
collection: networkconnectivity.projects.locations.global.hubs
api_version: v1beta
arguments:
resource:
help_text: The hub that you want to update.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hub
iam:
set_iam_policy_request_path: googleIamV1SetIamPolicyRequest
message_type_overrides:
policy: GoogleIamV1Policy
set_iam_policy_request: NetworkconnectivityProjectsLocationsGlobalHubsSetIamPolicyRequest
- release_tracks: [GA]
help_text:
brief: Remove an IAM policy binding from the IAM policy of a hub resource.
description: |
Remove an IAM policy binding from the IAM policy of a hub resource.
examples: |
To remove the ``roles/networkconnectivity.groupUser'' role from a user of the hub ``my-hub'',
run:
$ {command} my-hub --member="user:username@gmail.com" --role="roles/networkconnectivity.groupUser"
request:
collection: networkconnectivity.projects.locations.global.hubs
api_version: v1
arguments:
resource:
help_text: The hub that you want to update.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hub

27
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/route_tables/__init__.py Normal file
View File

@@ -0,0 +1,27 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for route tables."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.BETA, base.ReleaseTrack.GA)
class RouteTables(base.Group):
"""Manage Network Connectivity Center route tables."""

23
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/route_tables/describe.yaml Normal file
View File

@@ -0,0 +1,23 @@
- release_tracks: [BETA, GA]
help_text:
brief: Describe a route table.
description: |
Retrieve and display details about a route table.
examples: |
To display details about a route table named ``my-route-table'', run:
$ {command} my-route-table
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:routeTable
help_text: |
Name of the route table to describe.
request: &request
BETA:
api_version: v1beta
GA:
api_version: v1
collection: networkconnectivity.projects.locations.global.hubs.routeTables

30
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/route_tables/list.yaml Normal file
View File

@@ -0,0 +1,30 @@
- release_tracks: [BETA, GA]
help_text:
brief: List route tables.
description: Retrieve and display a list of all route tables in the specified hub.
examples: |
To list all route tables across all hubs, run:
$ {command} --hub=-
To list all route tables in hub `my-hub`, run:
$ {command} --hub=my-hub
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hubDefaultAll
help_text: Parent hub of the route tables to display.
request: &request
BETA:
api_version: v1beta
GA:
api_version: v1
collection: networkconnectivity.projects.locations.global.hubs.routeTables
output:
# Columns: NAME, HUB, DESCRIPTION
format: table(name.basename(), name.segment(5):label=HUB, description)

27
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/route_tables/routes/__init__.py Normal file
View File

@@ -0,0 +1,27 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for routes."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.BETA, base.ReleaseTrack.GA)
class Routes(base.Group):
"""Manage Network Connectivity Center routes."""

23
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/route_tables/routes/describe.yaml Normal file
View File

@@ -0,0 +1,23 @@
- release_tracks: [BETA, GA]
help_text:
brief: Describe a route.
description: |
Retrieve and display details about a route.
examples: |
To display details about a route named ``my-route'', run:
$ {command} my-route
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:route
help_text: |
Name of the route to describe.
request: &request
BETA:
api_version: v1beta
GA:
api_version: v1
collection: networkconnectivity.projects.locations.global.hubs.routeTables.routes

55
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/route_tables/routes/list.yaml Normal file
View File

@@ -0,0 +1,55 @@
- release_tracks: [BETA, GA]
help_text:
brief: List routes.
description: Retrieve and display a list of all routes in the specified route table.
examples: |
To list all routes across all route tables, run:
$ {command} --hub=- --route_table=-
To list all routes in route table `my-route-table`, run:
$ {command} --hub=my-hub --route_table=my-route-table
To list all routes in route table `my-route-table`, effective at a location/region run:
$ {command} --hub=my-hub --route_table=my-route-table --effective-location=location
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:routeTableDefaultAll
help_text: Parent route table of the routes to display.
params:
- arg_name: effective-location
help_text: The effective location/region to limit the list of routes. The effective location must be a valid region name. To list valid region names, use 'gcloud compute regions list'.
request: &request
BETA:
api_version: v1beta
GA:
api_version: v1
collection: networkconnectivity.projects.locations.global.hubs.routeTables.routes
modify_request_hooks:
- googlecloudsdk.command_lib.network_connectivity.util:CheckForRouteTableAndHubWildcardMismatch
- googlecloudsdk.command_lib.network_connectivity.util:AppendEffectiveLocationFilter
output:
# Columns: IP_CIDR_RANGE, PRIORITY, LOCATION, STATE, TYPE, NEXT_HOP, HUB, ROUTE_TABLE
format: |
table(
ipCidrRange,
priority,
location.basename(),
state,
type,
format(
"{0}{1}",
nextHopVpcNetwork.yesno(yes="N/A", no=""),
firstof(nextHopVpnTunnel.siteToSiteDataTransfer, nextHopRouterApplianceInstance.siteToSiteDataTransfer, nextHopInterconnectAttachment.siteToSiteDataTransfer, nextHopSpoke.siteToSiteDataTransfer).yesno(yes="ON", no="")
).yesno(no="OFF"):label=SITE_TO_SITE,
firstof(nextHopVpcNetwork.uri, nextHopVpnTunnel.uri, nextHopRouterApplianceInstance.uri, nextHopInterconnectAttachment.uri, nextHopSpoke.uri).basename():label=NEXT_HOP,
name.segment(5):label=HUB:sort=1,
name.segment(7):label=ROUTE_TABLE:sort=2
)

49
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/set_iam_policy.yaml Normal file
View File

@@ -0,0 +1,49 @@
- release_tracks: [BETA]
help_text:
brief: Set the IAM policy of a hub resource.
description: |
Replace the existing IAM policy of a hub resource with a policy
encoded in a JSON or YAML file.
examples: |
To replace the IAM policy of a hub resource with the policy defined in a
file called ``policy.json'', run:
$ {command} my-hub policy.json
request:
collection: networkconnectivity.projects.locations.global.hubs
api_version: v1beta
arguments:
resource:
help_text: The hub for which to set the IAM policy.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hub
iam:
set_iam_policy_request_path: googleIamV1SetIamPolicyRequest
message_type_overrides:
policy: GoogleIamV1Policy
set_iam_policy_request: NetworkconnectivityProjectsLocationsGlobalHubsSetIamPolicyRequest
- release_tracks: [GA]
help_text:
brief: Set the IAM policy of a hub resource.
description: |
Replace the existing IAM policy of a hub resource with a policy
encoded in a JSON or YAML file.
examples: |
To replace the IAM policy of a hub resource with the policy defined in a
file called ``policy.json'', run:
$ {command} my-hub policy.json
request:
collection: networkconnectivity.projects.locations.global.hubs
api_version: v1
arguments:
resource:
help_text: The hub for which to set the IAM policy.
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hub

189
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/update.py Normal file
View File

@@ -0,0 +1,189 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for updating hubs."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_api
from googlecloudsdk.api_lib.network_connectivity import networkconnectivity_util
from googlecloudsdk.api_lib.util import waiter
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.network_connectivity import flags
from googlecloudsdk.command_lib.util.args import labels_util
from googlecloudsdk.core import log
from googlecloudsdk.core import resources
def UpdatedPscFields(args, export_psc_config):
"""UpdatedPscFields returns the updated PSC field values.
This method uses the existing hub and the flags to determine the new values.
Args:
args: The arguments that the user specified.
export_psc_config: The existing hub's exportPscConfig.
Returns:
A tuple of the updated exportPsc field and updated exportPscConfig field.
"""
# If the user did not specify any PSC flags, we can return early.
if not (
args.IsSpecified('export_psc')
or args.IsSpecified(
'export_psc_published_services_and_regional_google_apis'
)
or args.IsSpecified('export_psc_global_google_apis')
):
return None, None
# Handle the case where export_psc_config is None. This will happen if the
# user does not have the NCC_PSC_GAPI visiblity label: b/391865147#comment29.
# TODO: b/406009715 - Remove this once the API is GA.
if export_psc_config is None:
return args.export_psc, None
# Check if this is the legacy case. We can ignore the other flags because the
# mutex group ensures that the other flags are not set.
if args.export_psc is not None:
if args.export_psc:
# If true, enable only PSC-ILB propagation.
export_psc_config.publishedServicesAndRegionalGoogleApis = True
return True, export_psc_config
# If false, disable PSC-ILB and PSC-GAPI propagation.
export_psc_config.publishedServicesAndRegionalGoogleApis = False
export_psc_config.globalGoogleApis = False
return False, export_psc_config
# If this is not the legacy case, handle the new PSC flags.
# 1. Update the new exportPscConfig values if they are set.
if args.export_psc_published_services_and_regional_google_apis is not None:
export_psc_config.publishedServicesAndRegionalGoogleApis = (
args.export_psc_published_services_and_regional_google_apis
)
if args.export_psc_global_google_apis is not None:
export_psc_config.globalGoogleApis = args.export_psc_global_google_apis
# 2. If either of the values in the updated exportPscConfig are true, then set
# exportPsc to true. Otherwise, set exportPsc to false.
updated_export_psc = (
export_psc_config.publishedServicesAndRegionalGoogleApis
or export_psc_config.globalGoogleApis
)
return updated_export_psc, export_psc_config
@base.UniverseCompatible
@base.ReleaseTracks(base.ReleaseTrack.BETA)
class Update(base.Command):
"""Update a hub.
Update the details of a hub.
"""
@staticmethod
def Args(parser):
flags.AddHubResourceArg(parser, 'to be updated')
flags.AddDescriptionFlag(parser, 'New description of the hub.')
flags.AddPscGroup(parser)
flags.AddAsyncFlag(parser)
labels_util.AddUpdateLabelsFlags(parser)
def Run(self, args):
client = networkconnectivity_api.HubsClient(
release_track=self.ReleaseTrack()
)
hub_ref = args.CONCEPTS.hub.Parse()
update_mask = []
description = args.description
if description is not None:
update_mask.append('description')
# Fetch the hub so we can update the PSC fields.
original_hub = client.Get(hub_ref)
updated_export_psc, updated_export_psc_config = UpdatedPscFields(
args, original_hub.exportPscConfig
)
# We use both the export_psc field and the new export_psc_config, so we need
# to include both in the mask.
if updated_export_psc is not None:
update_mask.append('exportPsc')
update_mask.append('exportPscConfig')
# Update the labels (using the original hub as well).
labels = None
labels_diff = labels_util.Diff.FromUpdateArgs(args)
if labels_diff.MayHaveUpdates():
labels_update = labels_diff.Apply(
client.messages.GoogleCloudNetworkconnectivityV1betaHub.LabelsValue,
original_hub.labels,
)
if labels_update.needs_update:
labels = labels_update.labels
update_mask.append('labels')
hub = client.messages.GoogleCloudNetworkconnectivityV1betaHub(
description=description,
exportPsc=updated_export_psc,
exportPscConfig=updated_export_psc_config,
labels=labels,
)
op_ref = client.UpdateHubBeta(hub_ref, hub, update_mask)
log.status.Print('Update request issued for: [{}]'.format(hub_ref.Name()))
if args.async_:
log.status.Print('Check operation [{}] for status.'.format(op_ref.name))
return op_ref
op_resource = resources.REGISTRY.ParseRelativeName(
op_ref.name,
collection='networkconnectivity.projects.locations.operations',
api_version=networkconnectivity_util.VERSION_MAP[self.ReleaseTrack()],
)
poller = waiter.CloudOperationPoller(
client.hub_service, client.operation_service
)
if op_ref.done:
log.UpdatedResource(hub_ref.Name(), kind='hub')
return poller.GetResult(op_resource)
res = waiter.WaitFor(
poller,
op_resource,
'Waiting for operation [{}] to complete'.format(op_ref.name),
max_wait_ms=3600000, # 1 hour
)
log.UpdatedResource(hub_ref.Name(), kind='hub')
return res
Update.detailed_help = {
'EXAMPLES': """ \
To update the description of a hub named ``my-hub'', run:
$ {command} my-hub --description="The new description of my-hub".
""",
'API REFERENCE': """ \
This command uses the networkconnectivity/v1beta API. The full documentation
for this API can be found at:
https://cloud.google.com/network-connectivity/docs/reference/networkconnectivity/rest
""",
}

57
gcloud auth application-default login/google-cloud-sdk/lib/surface/network_connectivity/hubs/update.yaml Normal file
View File

@@ -0,0 +1,57 @@
- release_tracks: [ALPHA, GA]
help_text:
brief: Update a hub.
description: Update the details of a hub.
examples: |
To update the description of a hub named ``my-hub'', run:
$ {command} my-hub --description="The new description of my-hub".
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.network_connectivity.resources:hub
help_text: Name of the hub to be updated.
params:
- arg_name: description
api_field: hub.description
help_text: New description of the hub.
- arg_name: labels
release_tracks: [ALPHA]
api_field: hub.labels.additionalProperties
metavar: KEY=VALUE
help_text: |
List of label KEY=VALUE pairs to add.
type:
arg_dict:
flatten: true
spec:
- api_field: key
- api_field: value
- group:
release_tracks: [GA]
mutex: true
required: false
params:
- arg_name: export-psc
release_tracks: [GA]
api_field: hub.exportPsc
help_text: Whether Private Service Connect transitivity is enabled for the hub.
GA:
labels:
api_field: hub.labels
update:
read_modify_update: true
async:
collection: networkconnectivity.projects.locations.operations
request:
ALPHA:
api_version: v1alpha1
GA:
api_version: v1
collection: networkconnectivity.projects.locations.global.hubs
method: patch