This module allows to evaluate the Google Cloud IAM Conditions where CEL is the expression language.
Project description
CEL evaluator for GCP
This is not an official Google product.
This module allows to evaluate the Google Cloud IAM Conditions where CEL is the expression language.
Author
hm98765@github
Usage
- Install the package
pip install celgcp
orpoetry add celgcp - Import the class and exception
from celgcp.celgcp import CELEvaluator, CELEvaluatorException
- Create a CEL Expression
cel_source = """ resource.matchTag('prj/dataset', 'value_1') && resource.name.startsWith('projects/my-project/datasets/foo') """
- Create an instance of the CELEvaluator
cel_evaluator = CELEvaluator(cel_source)
- Create the activation context
activation = { "resource": celpy.json_to_cel( { "name": "projects/my-project/datasets/foo/bar", "Tags": [ {"prj/dataset": "value_1"}, {"prj/table": "value_2"}, {"prj/mytag": "value_38"}, {"tagKeys/123456789012": "tagValues/567890123456"}, {"tagKeys/987654321": "tagValues/111111"}, ], }, ), }
- call the evaluate method
result = cel_evaluator.evaluate(activation)
Example
A complete example
from datetime import datetime
import celpy
from celgcp.celgcp import CELEvaluator, CELEvaluatorException
cel_source = """
resource.matchTag('prj/dataset', 'value_1')
&& resource.name.startsWith('projects/my-project/datasets/foo')
&& request.time < timestamp("2024-03-21T01:14:51Z")
"""
date_string = "2021-03-21T01:14:51Z"
datetime_object = datetime.strptime(date_string, "%Y-%m-%dT%H:%M:%SZ")
activation = {
"request": celpy.json_to_cel({"time": datetime_object}),
"resource": celpy.json_to_cel(
{
"name": "projects/my-project/datasets/foo/bar",
"Tags": [
{"prj/dataset": "value_1"},
{"prj/table": "value_2"},
{"prj/mytag": "value_38"},
{"tagKeys/123456789012": "tagValues/567890123456"},
{"tagKeys/987654321": "tagValues/111111"},
],
},
),
}
cel_evaluator = CELEvaluator(cel_source)
result = cel_evaluator.evaluate(activation)
Language
Dependencies
The dependencies are listed in the pyproject.toml
License
Apache 2.0; see LICENSE for details.
Tests
poetry run pytest ./tests/tests.py
This is not an officially supported Google product. This project is not eligible for the Google Open Source Software Vulnerability Rewards Program.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file celgcp-1.1.2.tar.gz.
File metadata
- Download URL: celgcp-1.1.2.tar.gz
- Upload date:
- Size: 6.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.8.3 CPython/3.9.6 Darwin/23.6.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
cefe9e1e3e01041835c4986b6022998190b13917ea06175f697a15f1d7410656
|
|
| MD5 |
9dc8f0e83f992165c002abc62154fe2a
|
|
| BLAKE2b-256 |
bb284f742c46b6ab306363d5a038f946b3b81b0a24d03c3a3d99b950387d1533
|
File details
Details for the file celgcp-1.1.2-py3-none-any.whl.
File metadata
- Download URL: celgcp-1.1.2-py3-none-any.whl
- Upload date:
- Size: 7.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.8.3 CPython/3.9.6 Darwin/23.6.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
99aa158525520e2e2d5e730ffe52019a42a32551487a18c750b93d5f7d8dd584
|
|
| MD5 |
ff9d447e4b3cffd5a3f54bc6c1c847f6
|
|
| BLAKE2b-256 |
55fc5d73e6ed5d05e37b88d7cdeda511a74c361c25ce632b585faceb9f70e43c
|
