Create IAM access_policy

"""Create a IAM access_policy given url to Archivist and user Token.

Main function parses in
a url to the Archivist and client credentials, which is a user authorization.
The main function would initialize an archivist connection using the url and
the credentials, called "arch", then call arch.access_policies.create() and the access_policy
will be created.

from os import getenv
from warnings import filterwarnings

from archivist.archivist import Archivist
from archivist.constants import ASSET_BEHAVIOURS

filterwarnings("ignore", message="Unverified HTTPS request")

def main():
    """Main function of create access_policy.

    Parse in user input of url and auth token and use them to
    create an example archivist connection and create an asset.

    # client id and client secret is obtained from the appidp endpoint - see the
    # application registrations example code in examples/
    # client id is an environment variable. client_secret is stored in a file in a
    # directory that has 0700 permissions. The location of this file is set in
    # the client_secret_file environment variable.
    client_id = getenv("DATATRAILS_APPREG_CLIENT")
    client_secret_file = getenv("DATATRAILS_APPREG_SECRET_FILENAME")
    with open(client_secret_file, mode="r", encoding="utf-8") as tokenfile:
        client_secret =

    with Archivist(
        (client_id, client_secret),
    ) as arch:
        props = {
            "display_name": "Friendly name of the policy",
            "description": "Description of the policy",
        filters = [
                "or": [
                "or": [
                "or": [
        access_permissions = [
                "asset_attributes_read": ["toner_colour", "toner_type"],
                "asset_attributes_write": ["toner_colour"],
                "behaviours": ASSET_BEHAVIOURS,
                "event_arc_display_type_read": ["toner_type", "toner_colour"],
                "event_arc_display_type_write": ["toner_replacement"],
                "include_attributes": [
                "subjects": [
                "user_attributes": [
                    {"or": ["group:maintainers", "group:supervisors"]},
        access_policy = arch.access_policies.create(props, filters, access_permissions)
        print("access Policy", access_policy)

if __name__ == "__main__":