import json import sys """ Script accepts three parameters : input file(json formatted) , output file , role, user that needs to be added the role If the json input passed has an entry for role:"roles/<ROLE>" and the user exists as its member, no action is taken If the json input passed has an entry for role:"roles/<ROLE>" and the user doesn't exists as its member, it is added to members list If the json input passed has no entry for role:"roles/<ROLE>", an entry is added with user as member and role as "roles/<ROLE> """ input = sys.argv[1] output = sys.argv[2] role = sys.argv[3] users = sys.argv[4].split(',') users = [ "serviceAccount:" + user for user in users ] flag=0 with open(input) as f: input = json.load(f) for user in users: for k,v in input.items(): if k == "bindings": for list_item_dict in v: if 'role' in list_item_dict and list_item_dict['role']=="roles/" + role : if user in list_item_dict['members']: flag = 1 #no change needed as the user already exists as roles/<ROLE> else: list_item_dict['members'].append(user) flag = 1 #added the user as roles/<ROLE> if flag == 0: # No entry was found for roles/<ROLE> #print(input['bindings']) for k,v in input.items(): if k == "bindings": v.append({"members":[user],"role":"roles/" + role }) with open(output,'w') as f: json.dump(input,f,indent=2)