diff --git a/lists/v1alpha/create_list.py b/lists/v1alpha/create_list.py index c721980..0105d03 100644 --- a/lists/v1alpha/create_list.py +++ b/lists/v1alpha/create_list.py @@ -34,6 +34,7 @@ from common import project_instance from common import regions +CHRONICLE_API_BASE_URL = "https://chronicle.googleapis.com" SCOPES = [ "https://www.googleapis.com/auth/cloud-platform", ] @@ -55,6 +56,7 @@ def create_list( description: str, content_lines: Sequence[str], content_type: str, + scope_name: str | None = None, ) -> str: """Creates a list. @@ -67,6 +69,7 @@ def create_list( description: Description of the list. content_lines: Array containing each line of the list's content. content_type: Type of list content, indicating how to interpret this list. + scope_name: (Optional) Data RBAC scope name for the list. Returns: Creation timestamp of the new list. @@ -75,10 +78,13 @@ def create_list( requests.exceptions.HTTPError: HTTP request resulted in an error (response.status_code >= 400). """ - # pylint: disable=line-too-long + base_url_with_region = regions.url_always_prepend_region( + CHRONICLE_API_BASE_URL, + proj_region + ) parent = f"projects/{proj_id}/locations/{proj_region}/instances/{proj_instance}" - url = f"https://{proj_region}-chronicle.googleapis.com/v1alpha/{parent}/referenceLists" + url = f"{base_url_with_region}/v1alpha/{parent}/referenceLists" # pylint: enable=line-too-long # entries are list like [{"value": }, ...] @@ -94,15 +100,25 @@ def create_list( "entries": entries, "syntax_type": content_type, } - url_w_query_string = f"{url}?referenceListId={name}" - response = http_session.request("POST", url_w_query_string, json=body) + if scope_name: + body["scope_info"] = { + "referenceListScope": { + "scopeNames": [ + f"projects/{proj_id}/locations/{proj_region}/instances/{proj_instance}/dataAccessScopes/{scope_name}" + ] + } + } + else: + body["scope_info"] = None + params = {"referenceListId": name} + response = http_session.request("POST", url, params=params, json=body) # Expected server response: # ['name', 'displayName', 'revisionCreateTime', 'description', # 'entries', 'syntaxType']) if response.status_code >= 400: print(response.text) response.raise_for_status() - return response.json()["revisionCreateTime"] + return response.json() if __name__ == "__main__": @@ -121,6 +137,9 @@ def create_list( required=True, help="description of the list", ) + parser.add_argument( + "-s", "--scope_name", type=str, help="data RBAC scope name for the list" + ) parser.add_argument( "-t", "--syntax_type", @@ -146,7 +165,7 @@ def create_list( # pylint: disable-next=line-too-long auth_session = chronicle_auth.initialize_http_session(args.credentials_file, SCOPES) - new_list_create_time = create_list( + response_json = new_list_create_time = create_list( auth_session, args.project_id, args.project_instance, @@ -155,5 +174,7 @@ def create_list( args.description, args.list_file.read().splitlines(), args.syntax_type, + args.scope_name, ) - print(f"New list created successfully, at {new_list_create_time}") + print("New list created successfully, at " + f"{response_json['revisionCreateTime']}")