Skip to content

downscoping

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History
 
 

downscoping

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
requirements-test.txt
requirements-test.txt
 
 
requirements.txt
requirements.txt
 
 
snippets.py
snippets.py
 
 
snippets_test.py
snippets_test.py
 
 

README.md

Downscoping with Credential Access Boundaries

Open in Cloud Shell

This section contains samples for Downscoping with Credential Access Boundaries.

Running the samples

  1. Your environment must be setup with authentication information. If you're running on Cloud Shell or Compute Engine, this is already setup. You can also use gcloud auth application-default login.

  2. Install dependencies from requirements.txt

     $ pip install -r requirements.txt

  3. Set the environment variable GOOGLE_CLOUD_PROJECT to the project ID. More details are available in the AUTHORING_GUIDE.

  4. To run the samples, the main(bucket_name, object_name) function should be run with a created storage bucket name and the object name in that bucket of the file to use to test access.

  5. To run the tests, the application default credentials principal should have the ability to create and delete a Cloud Storage bucket:

     $ nox -s py-3.7 -- snippets_test.py

Additional resources

For more information on downscoped credentials you can visit:

https://github.com/googleapis/google-auth-library-python