Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
gcp-gce-project-audit-bq/owner_report.py
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
78 lines (57 sloc)
2.25 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import json | |
| import time | |
| import pandas as pd | |
| def get_entry(member, role, project): | |
| parts = member.split(':') | |
| type = parts[0] | |
| email = parts[1] | |
| entry = { | |
| 'project': project, | |
| 'role': role, | |
| 'type': type, | |
| 'email': email | |
| } | |
| if project['parent']['type'] == 'folder': | |
| parent_id = project['parent']['id'] | |
| folder = folders.get(parent_id) | |
| entry['project']['parent']['folder'] = folder['displayName'] | |
| entry['project']['parent']['path'] = folder['path'] | |
| return entry | |
| projects_by_user = {} | |
| entries = [] | |
| folders = {} | |
| df = pd.DataFrame() | |
| with open('folders.json', 'r') as jsonfile: | |
| folders = json.load(jsonfile) | |
| with open('projects.json', 'r') as jsonfile: | |
| projects = json.load(jsonfile) | |
| for project_id in projects.keys(): | |
| proj = projects[project_id] | |
| try: | |
| for binding in proj['iam_policy']['bindings']: | |
| for member in binding['members']: | |
| entry = get_entry(member=member, | |
| role=binding['role'], | |
| project=proj['project']) | |
| entry_df = pd.json_normalize(entry) | |
| entries.append(entry_df) | |
| #local_part = entry['email'].split('@')[0].lower() | |
| #if not projects_by_user.get(local_part): | |
| # projects_by_user[local_part] = [] | |
| #projects_by_user[local_part].append(entry) | |
| except: | |
| pass | |
| #print(json.dumps(projects_by_user)) | |
| df = df.append(other=entries) | |
| # get rid of the .'s in the column names created by json_normalize | |
| df.columns = df.columns.str.replace(r".", "_") | |
| df.columns = df.columns.str.replace("-", "_") | |
| # add the date of the audit so we can create a time series | |
| df['audit_time'] = pd.Timestamp.now().isoformat() | |
| # convert all field values to string type | |
| df = df.astype(str) | |
| # workaround for pandas v1.1.1, due to the fact that astype(str) will convert a np.nan to the literal string 'nan'.... | |
| # so we'll just flip it back to a none type.... | |
| df = df.replace(['nan'], [None]) | |
| #output to row delimited json | |
| df.to_json(path_or_buf='owners_nldj.json',orient='records', lines=True, date_format='iso') |