IAM¶
- bibtutils.gcp.iam.get_access_token(acct, scopes=['https://www.googleapis.com/auth/cloud-platform'])[source]¶
Generates an access token for a target service account which may be used to impersonate that service account in API calls. Requires the calling account have the “Service Account Token Creator” role on the target account.
from bibtutils.gcp import iam from google.oauth2 import credentials def main(event, context): token = iam.get_access_token( acct="myserviceaccount@myproject.iam.gserviceaccount.com" ) api_creds = credentials.Credentials(token=token) storage_client = storage.Client(credentials=api_creds) storage_client.get_bucket("mybucket")
- Parameters:
- Return type:
- Returns:
an access token with can be used to generate credentials for Google APIs.
- bibtutils.gcp.iam.get_credentials(acct, scopes=['https://www.googleapis.com/auth/cloud-platform'])[source]¶
Generates a credentials object for a target service account which may be used to impersonate that service account in API calls. Requires the calling account have the “Service Account Token Creator” role on the target account. This version takes care of credentials object creation for you.
from bibtutils.gcp import iam from google.oauth2 import credentials def main(event, context): api_creds = iam.get_credentials( acct="myserviceaccount@myproject.iam.gserviceaccount.com" ) storage_client = storage.Client(credentials=api_creds) storage_client.get_bucket("mybucket")
- Parameters:
- Return type:
- Returns:
a credentials object with can be used for authentication with Google APIs.