davidkotnik/novafarma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add new gcloud commands, API clients, and third-party libraries across various services.

Browse Source
This commit is contained in:
David Kotnik
2026-01-01 20:26:35 +01:00
parent 5e23cbece0
commit a19e592eb7
25221 changed files with 8324611 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
gcloud auth application-default login/google-cloud-sdk/lib/surface/vmware/network_policies/__init__.py Normal file
View File

@@ -0,0 +1,27 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""The command group for the VMware Engine network policy CLI."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.GA)
class NetworkPolicies(base.Group):
"""Manage VMware Engine network policies in Google Cloud VMware Engine."""
category = base.COMPUTE_CATEGORY

115
gcloud auth application-default login/google-cloud-sdk/lib/surface/vmware/network_policies/create.py Normal file
View File

@@ -0,0 +1,115 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""'vmware network-policies create' command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.vmware.networkpolicies import NetworkPoliciesClient
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.vmware.network_policies import flags
from googlecloudsdk.core import log
DETAILED_HELP = {
'DESCRIPTION':
"""
Create a VMware Engine network policy. Only one network policy applies to a VMware Engine network per region. Check the progress of a network policy creation using `{parent_command} list`.
""",
'EXAMPLES':
"""
To create a network policy called `my-network-policy` which connects to the VMware Engine network `my-vmware-engine-network` using the edge services address range `192.168.0.0/26` with the internet access service enabled and the external IP access service disabled, run:
$ {command} my-network-policy --location=us-west2 --project=my-project --vmware-engine-network=my-vmware-engine-network --edge-services-cidr=192.168.0.0/26 --internet-access --no-external-ip-access
Or:
$ {command} my-network-policy --vmware-engine-network=my-vmware-engine-network --edge-services-cidr=192.168.0.0/26 --internet-access
In the second example, the project and the location are taken from gcloud properties core/project and compute/region respectively. If the `--external-ip-access` flag is not specified, it is taken as `False`.
""",
}
@base.ReleaseTracks(base.ReleaseTrack.GA)
class Create(base.CreateCommand):
"""Create a VMware Engine network policy."""
detailed_help = DETAILED_HELP
@staticmethod
def Args(parser):
"""Register flags for this command."""
flags.AddNetworkPolicyToParser(parser, positional=True)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
parser.display_info.AddFormat('yaml')
parser.add_argument(
'--vmware-engine-network',
required=True,
help="""\
Resource ID of the VMware Engine network to attach the new policy to.
""")
parser.add_argument(
'--description',
help="""\
User-provided description of the network policy.
""")
parser.add_argument(
'--edge-services-cidr',
required=True,
help="""\
IP address range to use for internet access and external IP access gateways, in CIDR notation. An RFC 1918 CIDR block with a "/26" prefix is required.
""")
parser.add_argument(
'--internet-access',
action='store_true',
default=False,
help="""\
Enable or disable network service that allows VMware workloads to access the internet. Use `--no-internet-access` to disable. If the flag is not provided, internet access is disabled.
""")
parser.add_argument(
'--external-ip-access',
action='store_true',
default=False,
help="""\
Enable or disable network service that allows external IP addresses to be assigned to VMware workloads. To enable this service, `internet-access` must also be enabled. Use `--no-external-ip-access` to disable. If the flag is not provided, access to VMware workloads through external IP addresses is disabled.
""")
def Run(self, args):
network_policy = args.CONCEPTS.network_policy.Parse()
client = NetworkPoliciesClient()
is_async = args.async_
operation = client.Create(
network_policy,
vmware_engine_network_id=args.vmware_engine_network,
edge_services_cidr=args.edge_services_cidr,
description=args.description,
internet_access=args.internet_access,
external_ip_access=args.external_ip_access,
)
if is_async:
log.CreatedResource(
operation.name, kind='VMware Engine network policy', is_async=True)
return
resource = client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message='waiting for network policy [{}] to be created'.format(
network_policy.RelativeName()
),
)
log.CreatedResource(
network_policy.RelativeName(), kind='VMware Engine network policy'
)
return resource

72
gcloud auth application-default login/google-cloud-sdk/lib/surface/vmware/network_policies/delete.py Normal file
View File

@@ -0,0 +1,72 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""'vmware network-policies delete' command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.vmware.networkpolicies import NetworkPoliciesClient
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.vmware.network_policies import flags
from googlecloudsdk.core import log
DETAILED_HELP = {
'DESCRIPTION':
"""
Delete a VMware Engine network policy.
""",
'EXAMPLES':
"""
To delete a network policy called `my-network-policy` in project `my-project` and region `us-west2`, run:
$ {command} my-network-policy --location=us-west2 --project=my-project
Or:
$ {command} my-network-policy
In the second example, the project and the location are taken from gcloud properties core/project and compute/region respectively.
""",
}
@base.ReleaseTracks(base.ReleaseTrack.GA)
class Delete(base.DeleteCommand):
"""Delete a VMware Engine network policy."""
detailed_help = DETAILED_HELP
@staticmethod
def Args(parser):
"""Register flags for this command."""
flags.AddNetworkPolicyToParser(parser, positional=True)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
def Run(self, args):
network_policy = args.CONCEPTS.network_policy.Parse()
client = NetworkPoliciesClient()
is_async = args.async_
operation = client.Delete(network_policy)
if is_async:
log.DeletedResource(
operation.name, kind='VMware Engine network policy', is_async=True)
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message='waiting for network policy [{}] to be deleted'.format(
network_policy.RelativeName()),
has_result=False)

58
gcloud auth application-default login/google-cloud-sdk/lib/surface/vmware/network_policies/describe.py Normal file
View File

@@ -0,0 +1,58 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""'vmware network-policies describe' command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.vmware.networkpolicies import NetworkPoliciesClient
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.vmware.network_policies import flags
DETAILED_HELP = {
'DESCRIPTION':
"""
Describe a VMware Engine network policy.
""",
'EXAMPLES':
"""
To get a description of a network policy called `my-network-policy` in project `my-project` and region `us-west2`, run:
$ {command} my-network-policy --location=us-west2 --project=my-project
Or:
$ {command} my-network-policy
In the second example, the project and the location are taken from gcloud properties core/project and compute/region respectively.
""",
}
@base.ReleaseTracks(base.ReleaseTrack.GA)
class Describe(base.DescribeCommand):
"""Describe a VMware Engine network policy."""
detailed_help = DETAILED_HELP
@staticmethod
def Args(parser):
"""Register flags for this command."""
flags.AddNetworkPolicyToParser(parser, positional=True)
def Run(self, args):
network_policy = args.CONCEPTS.network_policy.Parse()
client = NetworkPoliciesClient()
return client.Get(network_policy)

27
gcloud auth application-default login/google-cloud-sdk/lib/surface/vmware/network_policies/external_access_rules/__init__.py Normal file
View File

@@ -0,0 +1,27 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""The command group for the VMware Engine external access firewall rules CLI."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.GA)
class ExternalAccessRules(base.Group):
"""Manage VMware Engine external access firewall rules in Google Cloud VMware Engine."""
category = base.COMPUTE_CATEGORY

148
gcloud auth application-default login/google-cloud-sdk/lib/surface/vmware/network_policies/external_access_rules/create.py Normal file
View File

@@ -0,0 +1,148 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""'vmware external-access-rules create' command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.vmware.externalaccessrules import ExternalAccessRulesClient
from googlecloudsdk.calliope import arg_parsers
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.vmware.network_policies import flags
from googlecloudsdk.core import log
DETAILED_HELP = {
'DESCRIPTION':
"""
Create a VMware Engine external access firewall rule. Check the progress of a VMware Engine external access firewall rule creation using `{parent_command} list`.
""",
'EXAMPLES':
"""
To create an external access firewall rule called `my-external-access-rule` associated with the network policy `my-network-policy` in the `us-west2` region, run:
$ {command} my-external-access-rule --network-policy=my-network-policy --priority=1000 --ip-protocol=TCP --source-ranges=34.148.30.114/32 --destination-ranges=projects/sample-project/locations/us-west2-a/privateClouds/my-private-cloud/externalAddresses/my-external-address --source-ports=22,10000-11000 --destination-ports=22 --action=ALLOW --location=us-west2 --project=sample-project
Or:
$ {command} my-external-access-rule --network-policy=my-network-policy --priority=1000 --ip-protocol=TCP --source-ranges=34.148.30.114/32 --destination-ranges=projects/sample-project/locations/us-west2-a/privateClouds/my-private-cloud/externalAddresses/my-external-address --source-ports=22,10000-11000 --destination-ports=22
In the second example, the project and the location are taken from gcloud properties core/project and compute/region respectively. The `--action` field also isn't specified, so its value defaults to `ALLOW`.
""",
}
@base.ReleaseTracks(base.ReleaseTrack.GA)
class Create(base.CreateCommand):
"""Create a VMware Engine external access firewall rule."""
detailed_help = DETAILED_HELP
@staticmethod
def Args(parser):
"""Register flags for this command."""
flags.AddExternalAccessRuleToParser(parser, positional=True)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
parser.display_info.AddFormat('yaml')
parser.add_argument(
'--description',
help="""\
User-provided description of the external access rule.
""")
parser.add_argument(
'--priority',
required=True,
type=arg_parsers.BoundedInt(100, 4096),
help="""\
Priority of this external access rule. Valid values are numbers between 100 and 4096, with 100 being the highest priority. Firewall rules are processed from highest to lowest priority.
""")
parser.add_argument(
'--ip-protocol',
required=True,
choices=['TCP', 'UDP', 'ICMP'],
help="""\
Internet protocol covered by the rule. Valid values are TCP, UDP, and ICMP.
""")
parser.add_argument(
'--source-ranges',
required=True,
type=arg_parsers.ArgList(min_length=1),
metavar='SOURCE_IP_RANGES',
help="""\
A list of source IP addresses that the rule applies to. Each entry in the list can be a CIDR notation or a single IP address. When the value is set to `0.0.0.0/0`, all IP addresses are allowed.
""")
parser.add_argument(
'--destination-ranges',
required=True,
type=arg_parsers.ArgList(min_length=1),
metavar='DESTINATION_IP_RANGES',
help="""\
A list of destination IP addresses that the rule applies to. Each entry in the list can be an ExternalAddress resource name or `0.0.0.0/0`. When the value is set to `0.0.0.0/0`, all IP addresses are allowed.
""")
parser.add_argument(
'--source-ports',
type=arg_parsers.ArgList(min_length=1),
metavar='SOURCE_PORTS',
help="""\
List of allowed source ports. Each entry must be either an integer or a range.
""")
parser.add_argument(
'--destination-ports',
type=arg_parsers.ArgList(min_length=1),
metavar='DESTINATION_PORTS',
help="""\
List of allowed destination ports. Each entry must be either an integer or a range.
""")
parser.add_argument(
'--action',
choices=['ALLOW', 'DENY'],
default='ALLOW',
help="""\
Whether the firewall rule allows or denies traffic based on a successful rule match. By default, the action is ALLOW.
""")
def Run(self, args):
external_access_rule = args.CONCEPTS.external_access_rule.Parse()
client = ExternalAccessRulesClient()
is_async = args.async_
operation = client.Create(
external_access_rule,
priority=args.priority,
ip_protocol=args.ip_protocol,
source_ranges=args.source_ranges,
destination_ranges=args.destination_ranges,
source_ports=args.source_ports,
destination_ports=args.destination_ports,
description=args.description,
action=args.action,
)
if is_async:
log.CreatedResource(
operation.name,
kind='VMware Engine external access rule',
is_async=True)
return
resource = client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message='waiting for external access rule [{}] to be created'.format(
external_access_rule.RelativeName()
),
)
log.CreatedResource(
external_access_rule.RelativeName(),
kind='VMware Engine external access rule',
)
return resource

74
gcloud auth application-default login/google-cloud-sdk/lib/surface/vmware/network_policies/external_access_rules/delete.py Normal file
View File

@@ -0,0 +1,74 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""'vmware external-access-rules delete' command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.vmware.externalaccessrules import ExternalAccessRulesClient
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.vmware.network_policies import flags
from googlecloudsdk.core import log
DETAILED_HELP = {
'DESCRIPTION':
"""
Delete a VMware Engine external access firewall rule.
""",
'EXAMPLES':
"""
To delete an external access firewall rule called `my-external-access-rule` in project `my-project` and region `us-west2` associated with network policy `my-network-policy`, run:
$ {command} my-external-access-rule --location=us-west2 --project=my-project --network-policy=my-network-policy
Or:
$ {command} my-external-access-rule --network-policy=my-network-policy
In the second example, the project and the location are taken from gcloud properties core/project and compute/region respectively.
""",
}
@base.ReleaseTracks(base.ReleaseTrack.GA)
class Delete(base.DeleteCommand):
"""Delete a VMware Engine external access rule."""
detailed_help = DETAILED_HELP
@staticmethod
def Args(parser):
"""Register flags for this command."""
flags.AddExternalAccessRuleToParser(parser, positional=True)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
def Run(self, args):
external_access_rule = args.CONCEPTS.external_access_rule.Parse()
client = ExternalAccessRulesClient()
is_async = args.async_
operation = client.Delete(external_access_rule)
if is_async:
log.DeletedResource(
operation.name,
kind='VMware Engine external access rule',
is_async=True)
return operation
return client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message='waiting for external access rule [{}] to be deleted'.format(
external_access_rule.RelativeName()),
has_result=False)

58
gcloud auth application-default login/google-cloud-sdk/lib/surface/vmware/network_policies/external_access_rules/describe.py Normal file
View File

@@ -0,0 +1,58 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""'vmware external-access-rules describe' command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.vmware.externalaccessrules import ExternalAccessRulesClient
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.vmware.network_policies import flags
DETAILED_HELP = {
'DESCRIPTION':
"""
Describe a VMware Engine external access firewall rule.
""",
'EXAMPLES':
"""
To get a description of an external access firewall rule called `my-external-access-rule` in project `my-project` and region `us-west2` associated with network policy `my-network-policy`, run:
$ {command} my-external-access-rule --network-policy=my-network-policy --location=us-west2 --project=my-project
Or:
$ {command} my-external-access-rule --network-policy=my-network-policy
In the second example, the project and the location are taken from gcloud properties core/project and compute/region respectively.
""",
}
@base.ReleaseTracks(base.ReleaseTrack.GA)
class Describe(base.DescribeCommand):
"""Describe a VMware Engine external access rule."""
detailed_help = DETAILED_HELP
@staticmethod
def Args(parser):
"""Register flags for this command."""
flags.AddExternalAccessRuleToParser(parser, positional=True)
def Run(self, args):
external_access_rule = args.CONCEPTS.external_access_rule.Parse()
client = ExternalAccessRulesClient()
return client.Get(external_access_rule)

73
gcloud auth application-default login/google-cloud-sdk/lib/surface/vmware/network_policies/external_access_rules/list.py Normal file
View File

@@ -0,0 +1,73 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""'vmware external-access-rules list' command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.vmware.externalaccessrules import ExternalAccessRulesClient
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.vmware.network_policies import flags
from googlecloudsdk.core import log
DETAILED_HELP = {
'DESCRIPTION':
"""
List VMware Engine external access firewall rules.
"""
}
EXAMPLE_FORMAT = """\
To list external access firewall rules in your project in the region `us-west2` associated with network policy `my-network-policy`, sorted from oldest to newest, run:
$ {{command}} --location=us-west2 --project=my-project --network-policy=my-network-policy --sort-by=~create_time
Or:
$ {{command}} --sort-by=~create_time --network-policy=my-network-policy
In the second example, the project and the location are taken from gcloud properties `core/project` and `compute/region` respectively.
To list custom set of fields of external access firewall rules in a project, run:
$ {{command}} --format="{0}"
"""
@base.ReleaseTracks(base.ReleaseTrack.GA)
class List(base.ListCommand):
"""List VMware Engine external access rules."""
detailed_help = DETAILED_HELP.copy()
detailed_help['EXAMPLES'] = EXAMPLE_FORMAT.format(
flags.LIST_WITH_CUSTOM_FIELDS_FORMAT)
@staticmethod
def Args(parser):
"""Register flags for this command."""
flags.AddNetworkPolicyToParser(parser)
parser.display_info.AddFormat(
'table(name.segment(-1):label=NAME,'
'priority,ipProtocol,sourcePorts.list(),'
'destinationPorts.list(),action)')
def Run(self, args):
network_policy = args.CONCEPTS.network_policy.Parse()
client = ExternalAccessRulesClient()
return client.List(network_policy)
def Epilog(self, resources_were_displayed):
del resources_were_displayed
log.status.Print('\n' + flags.LIST_NOTICE)

136
gcloud auth application-default login/google-cloud-sdk/lib/surface/vmware/network_policies/external_access_rules/update.py Normal file
View File

@@ -0,0 +1,136 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""'vmware external-access-rules update' command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.vmware.externalaccessrules import ExternalAccessRulesClient
from googlecloudsdk.calliope import arg_parsers
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.vmware.network_policies import flags
from googlecloudsdk.core import log
DETAILED_HELP = {
'DESCRIPTION':
"""
Update a VMware Engine external access firewall rule.
""",
'EXAMPLES':
"""
To update an external access firewall rule named `my-external-access-rule` so that it denies the traffic for that rule, run:
$ {command} my-external-access-rule --network-policy=my-network-policy --action=DENY --location=us-west2 --project=my-project
Or:
$ {command} my-external-access-rule --network-policy=my-network-policy --action=DENY
In the second example, the project and the location are taken from gcloud properties core/project and compute/regions respectively.
""",
}
@base.ReleaseTracks(base.ReleaseTrack.GA)
class Update(base.UpdateCommand):
"""Update a VMware Engine network policy."""
detailed_help = DETAILED_HELP
@staticmethod
def Args(parser):
"""Register flags for this command."""
flags.AddExternalAccessRuleToParser(parser, positional=True)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
parser.display_info.AddFormat('yaml')
parser.add_argument(
'--description',
help="""\
User-provided description of the external access rule.
""")
parser.add_argument(
'--priority',
type=arg_parsers.BoundedInt(100, 4096),
help="""\
Priority of this external access rule. Valid values are numbers between 100 and 4096, with 100 being the highest priority. Firewall rules are processed from highest to lowest priority.
""")
parser.add_argument(
'--ip-protocol',
choices=['TCP', 'UDP', 'ICMP'],
help="""\
Internet protocol covered by the rule. Valid values are TCP, UDP, and ICMP.
""")
parser.add_argument(
'--source-ranges',
type=arg_parsers.ArgList(min_length=1),
metavar='SOURCE_IP_RANGES',
help="""\
A list of source IP addresses that the rule applies to. Each entry in the list can be a CIDR notation or a single IP address. When the value is set to `0.0.0.0/0`, all IP addresses are allowed.
""")
parser.add_argument(
'--destination-ranges',
type=arg_parsers.ArgList(min_length=1),
metavar='DESTINATION_IP_RANGES',
help="""\
A list of destination IP addresses that the rule applies to. Each entry in the list be an ExternalAddress resource name or `0.0.0.0/0`. When the value is set to `0.0.0.0/0`, all IP addresses are allowed.
""")
parser.add_argument(
'--source-ports',
type=arg_parsers.ArgList(min_length=1),
metavar='SOURCE_PORTS',
help="""\
List of allowed source ports. Each entry must be either an integer or a range.
""")
parser.add_argument(
'--destination-ports',
type=arg_parsers.ArgList(min_length=1),
metavar='DESTINATION_PORTS',
help="""\
List of allowed destination ports. Each entry must be either an integer or a range.
""")
parser.add_argument(
'--action',
choices=['ALLOW', 'DENY'],
help="""\
Whether the firewall rule allows or denies traffic based on a successful rule match.
""")
def Run(self, args):
external_access_rule = args.CONCEPTS.external_access_rule.Parse()
client = ExternalAccessRulesClient()
is_async = args.async_
operation = client.Update(external_access_rule, args.priority,
args.ip_protocol, args.source_ranges,
args.destination_ranges, args.source_ports,
args.destination_ports, args.description,
args.action)
if is_async:
log.UpdatedResource(
operation.name,
kind='VMware Engine external access rule',
is_async=True)
return
resource = client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message='waiting for external access rule [{}] to be updated'.format(
external_access_rule.RelativeName()),
has_result=True)
log.UpdatedResource(
external_access_rule.RelativeName(),
kind='VMware Engine external access rule',
)
return resource

73
gcloud auth application-default login/google-cloud-sdk/lib/surface/vmware/network_policies/list.py Normal file
View File

@@ -0,0 +1,73 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""'vmware network-policies list' command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.vmware.networkpolicies import NetworkPoliciesClient
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.vmware.network_policies import flags
DETAILED_HELP = {
'DESCRIPTION':
"""
List VMware Engine network policies.
""",
'EXAMPLES':
"""
To list network policies in your project in the region `us-west2` sorted from oldest to newest, run:
$ {command} --location=us-west2 --project=my-project --sort-by=~create_time
Or:
$ {command} --sort-by=~create_time
In the second example, the project and the location are taken from gcloud properties core/project and compute/region respectively.
To list network policies in your project from all regions, run:
$ {command} --location=- --project=my-project
Or:
$ {command} --location=-
In the last example, the project is taken from gcloud properties core/project.
""",
}
@base.ReleaseTracks(base.ReleaseTrack.GA)
class List(base.ListCommand):
"""List VMware Engine network policies."""
detailed_help = DETAILED_HELP
@staticmethod
def Args(parser):
"""Register flags for this command."""
flags.AddLocationArgToParser(parser)
parser.display_info.AddFormat('table(name.segment(-1):label=NAME,'
'name.segment(-5):label=PROJECT,'
'name.segment(-3):label=LOCATION,'
'createTime,internetAccess,externalIp,'
'edgeServicesCidr,vmwareEngineNetwork)')
def Run(self, args):
location = args.CONCEPTS.location.Parse()
client = NetworkPoliciesClient()
return client.List(location)

104
gcloud auth application-default login/google-cloud-sdk/lib/surface/vmware/network_policies/update.py Normal file
View File

@@ -0,0 +1,104 @@
# -*- coding: utf-8 -*- #
# Copyright 2022 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""'vmware network-policies update' command."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.api_lib.vmware.networkpolicies import NetworkPoliciesClient
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.vmware.network_policies import flags
from googlecloudsdk.core import log
DETAILED_HELP = {
'DESCRIPTION':
"""
Update a VMware Engine network policy.
""",
'EXAMPLES':
"""
To update a network policy named `my-network-policy` so that it disables the external IP access service, run:
$ {command} my-network-policy --location=us-west2 --project=my-project --no-external-ip-access
Or:
$ {command} my-network-policy --no-external-ip-access
In the second example, the project and the location are taken from gcloud properties core/project and compute/regions respectively.
""",
}
@base.ReleaseTracks(base.ReleaseTrack.GA)
class Update(base.UpdateCommand):
"""Update a VMware Engine network policy."""
detailed_help = DETAILED_HELP
@staticmethod
def Args(parser):
"""Register flags for this command."""
flags.AddNetworkPolicyToParser(parser, positional=True)
base.ASYNC_FLAG.AddToParser(parser)
base.ASYNC_FLAG.SetDefault(parser, True)
parser.display_info.AddFormat('yaml')
parser.add_argument(
'--description',
help="""\
Updated description for the network policy.
""")
parser.add_argument(
'--edge-services-cidr',
help="""\
Updated IP address range to use for internet access and external IP access gateways, in CIDR notation.
""")
parser.add_argument(
'--internet-access',
action='store_true',
default=None,
help="""\
Enable or disable network service that allows VMware workloads to access the internet. Use `--no-internet-access` to disable.
""")
parser.add_argument(
'--external-ip-access',
action='store_true',
default=None,
help="""\
Enable or disable network service that allows external IP addresses to be assigned to VMware workloads. To enable this service, `internet-access` must also be enabled. Use `--no-external-ip-access` to disable.
""")
def Run(self, args):
network_policy = args.CONCEPTS.network_policy.Parse()
client = NetworkPoliciesClient()
is_async = args.async_
operation = client.Update(network_policy, args.description,
args.edge_services_cidr, args.internet_access,
args.external_ip_access)
if is_async:
log.UpdatedResource(
operation.name, kind='VMware Engine network policy', is_async=True)
return
resource = client.WaitForOperation(
operation_ref=client.GetOperationRef(operation),
message='waiting for network policy [{}] to be updated'.format(
network_policy.RelativeName()
),
)
log.UpdatedResource(
network_policy.RelativeName(), kind='VMware Engine network policy'
)
return resource