update resource_builder to take project argument (#727)

Netflix · May 19, 2017 · 4787f46 · 4787f46
1 parent 83f1ed1
commit 4787f46
Show file tree

Hide file tree

Showing 5 changed files with 6 additions and 6 deletions.
diff --git a/security_monkey/common/gcp/util.py b/security_monkey/common/gcp/util.py
@@ -54,8 +54,8 @@ def get_gcp_project_creds(account_names):
 
     return project_creds
 
-def gcp_resource_id_builder(service, identifier, region=''):
-    resource = 'gcp:%s:%s:%s' % (region, service, identifier)
+def gcp_resource_id_builder(service, identifier, project_id, region=''):
+    resource = 'gcp:%s:%s:%s:%s' % (project_id, region, service, identifier)
     return resource.replace('/', ':').replace('.', ':')
 
 

diff --git a/security_monkey/watchers/gcp/gce/firewall.py b/security_monkey/watchers/gcp/gce/firewall.py
@@ -57,7 +57,7 @@ def slurp_items(**kwargs):
 
             for rule in rules:
                 resource_id = gcp_resource_id_builder(
-                    'compute.firewall.get', rule['name'])
+                    kwargs['project'], 'compute.firewall.get', rule['name'])
                 item_list.append(
                     GCEFirewallRuleItem(
                         region='global',

diff --git a/security_monkey/watchers/gcp/gce/network.py b/security_monkey/watchers/gcp/gce/network.py
@@ -60,7 +60,7 @@ def slurp_items(**kwargs):
 
             for network in networks:
                 resource_id = gcp_resource_id_builder(
-                    'compute.network.get', network['name'])
+                    kwargs['project'], 'compute.network.get', network['name'])
                 net_complete = get_network_and_subnetworks(
                     network['name'], **kwargs)
                 item_list.append(

diff --git a/security_monkey/watchers/gcp/gcs/bucket.py b/security_monkey/watchers/gcp/gcs/bucket.py
@@ -60,7 +60,7 @@ def slurp_items(**kwargs):
 
             for bucket in buckets:
                 resource_id = gcp_resource_id_builder(
-                    'storage.bucket.get', bucket['name'])
+                    kwargs['project'], 'storage.bucket.get', bucket['name'])
                 b = get_bucket(
                     bucket_name=bucket['name'], **kwargs)
                 item_list.append(

diff --git a/security_monkey/watchers/gcp/iam/serviceaccount.py b/security_monkey/watchers/gcp/iam/serviceaccount.py
@@ -60,7 +60,7 @@ def slurp_items(**kwargs):
 
             for service_account in service_accounts:
                 resource_id = gcp_resource_id_builder(
-                    'projects.serviceaccounts.get', service_account['name'])
+                    kwargs['project'], 'projects.serviceaccounts.get', service_account['name'])
                 sa = get_serviceaccount_complete(
                     service_account=service_account['name'], **kwargs)