GoogleCloudPlatform · unforced · Oct 4, 2021 · Sep 28, 2021 · Sep 29, 2021 · Sep 29, 2021
diff --git a/storage/cloud-client/public_access_prevention_test.py b/storage/cloud-client/public_access_prevention_test.py
@@ -16,41 +16,35 @@
 
 import storage_get_public_access_prevention
 import storage_set_public_access_prevention_enforced
+import storage_set_public_access_prevention_inherited
 import storage_set_public_access_prevention_unspecified
 
 
-@pytest.mark.skip(reason="Unspecified PAP is changing to inherited")
+@pytest.mark.skip(reason="Inconsistent due to unspecified->inherited change")
 def test_get_public_access_prevention(bucket, capsys):
     short_name = storage_get_public_access_prevention
-    short_name.get_public_access_prevention(
-        bucket.name
-    )
+    short_name.get_public_access_prevention(bucket.name)
     out, _ = capsys.readouterr()
-    assert (
-        f"Public access prevention is unspecified for {bucket.name}."
-        in out
-    )
+    assert f"Public access prevention is inherited for {bucket.name}." in out
 
 
 def test_set_public_access_prevention_enforced(bucket, capsys):
     short_name = storage_set_public_access_prevention_enforced
-    short_name.set_public_access_prevention_enforced(
-        bucket.name
-    )
+    short_name.set_public_access_prevention_enforced(bucket.name)
     out, _ = capsys.readouterr()
-    assert (
-        f"Public access prevention is set to enforced for {bucket.name}."
-        in out
-    )
+    assert f"Public access prevention is set to enforced for {bucket.name}." in out
 
 
+@pytest.mark.skip(reason="Inconsistent due to unspecified->inherited change")
 def test_set_public_access_prevention_unspecified(bucket, capsys):
     short_name = storage_set_public_access_prevention_unspecified
-    short_name.set_public_access_prevention_unspecified(
-        bucket.name
-    )
+    short_name.set_public_access_prevention_unspecified(bucket.name)
     out, _ = capsys.readouterr()
-    assert (
-        f"Public access prevention is 'unspecified' for {bucket.name}."
-        in out
-    )
+    assert f"Public access prevention is 'unspecified' for {bucket.name}." in out
+
+
+def test_set_public_access_prevention_inherited(bucket, capsys):
+    short_name = storage_set_public_access_prevention_inherited
+    short_name.set_public_access_prevention_inherited(bucket.name)
+    out, _ = capsys.readouterr()
+    assert f"Public access prevention is 'inherited' for {bucket.name}." in out
diff --git a/storage/cloud-client/requirements.txt b/storage/cloud-client/requirements.txt
@@ -1,3 +1,3 @@
 google-cloud-pubsub==2.8.0
-google-cloud-storage==1.42.2
-google-api-python-client==2.23.0
+google-cloud-storage==1.42.3
+google-api-python-client==2.23.0
diff --git a/storage/cloud-client/storage_get_public_access_prevention.py b/storage/cloud-client/storage_get_public_access_prevention.py
@@ -21,7 +21,7 @@
 
 
 def get_public_access_prevention(bucket_name):
-    """Gets the public access prevention setting (either 'unspecified' or 'enforced') for a bucket."""
+    """Gets the public access prevention setting (either 'inherited' or 'enforced') for a bucket."""
     # The ID of your GCS bucket
     # bucket_name = "my-bucket"
 

diff --git a/storage/cloud-client/storage_set_public_access_prevention_inherited.py b/storage/cloud-client/storage_set_public_access_prevention_inherited.py
@@ -0,0 +1,50 @@
+#!/usr/bin/env python
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the 'License');
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import sys
+
+"""Sample that sets public access prevention to inherited.
+This sample is used on this page:
+    https://cloud.google.com/storage/docs/using-public-access-prevention
+For more information, see README.md.
+"""
+
+# [START storage_set_public_access_prevention_inherited]
+
+from google.cloud import storage
+from google.cloud.storage.constants import PUBLIC_ACCESS_PREVENTION_INHERITED
+
+
+def set_public_access_prevention_inherited(bucket_name):
+    """Sets the public access prevention status to inherited, so that the bucket inherits its setting from its parent project."""
+    # The ID of your GCS bucket
+    # bucket_name = "my-bucket"
+
+    storage_client = storage.Client()
+    bucket = storage_client.get_bucket(bucket_name)
+
+    bucket.iam_configuration.public_access_prevention = (
+        PUBLIC_ACCESS_PREVENTION_INHERITED
+    )
+    bucket.patch()
+
+    print(f"Public access prevention is 'inherited' for {bucket.name}.")
+
+
+# [END storage_set_public_access_prevention_inherited]
+
+if __name__ == "__main__":
+    set_public_access_prevention_inherited(bucket_name=sys.argv[1])