GCE module: added Service Account permissions sanity checks

pull/18777/head
Vasyl Kaigorodov 10 years ago committed by Matt Clay
parent 4400c5e163
commit 758688a667

@ -340,7 +340,13 @@ def create_instances(module, gce, instance_names):
metadata = {'items': items} metadata = {'items': items}
ex_sa_perms = [] ex_sa_perms = []
bad_perms = []
if service_account_permissions: if service_account_permissions:
for perm in service_account_permissions:
if not perm in gce.SA_SCOPES_MAP.keys():
bad_perms.append(perm)
if len(bad_perms) > 0:
module.fail_json(msg='bad permissions: %s' % str(bad_perms))
if service_account_email: if service_account_email:
ex_sa_perms.append({'email': service_account_email}) ex_sa_perms.append({'email': service_account_email})
else: else:

Loading…
Cancel
Save