in src/access-analyzer/analyze.py [0:0]
def get_recommendations(project_id, sa_email):
authed_session = AuthorizedSession(cred)
data = {}
response = authed_session.get(
f"https://recommender.googleapis.com/v1/projects/{project_id}/"
+ "locations/global/recommenders/google.iam.policy.Recommender/recommendations"
).json()
if response and "error" not in response:
for recommendation in response["recommendations"]:
if sa_email in recommendation["content"]["overview"]["member"]:
data = {
"recommenderSubtype": recommendation["recommenderSubtype"],
"recommenderDescription": recommendation["description"],
"recommenderRevokedIamPermissionsCount": recommendation[
"primaryImpact"
]["securityProjection"]["details"].get(
"revokedIamPermissionsCount", 0
),
"recommenderPriority": recommendation["priority"],
"associatedRecommendation": recommendation["name"],
}
return data