google-cloud-org_policy-v2 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,877 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2023 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+ require "google/cloud/errors"
20
+ require "google/cloud/orgpolicy/v2/orgpolicy_pb"
21
+ require "google/cloud/org_policy/v2/org_policy/rest/service_stub"
22
+
23
+ module Google
24
+ module Cloud
25
+ module OrgPolicy
26
+ module V2
27
+ module OrgPolicy
28
+ module Rest
29
+ ##
30
+ # REST client for the OrgPolicy service.
31
+ #
32
+ # An interface for managing organization policies.
33
+ #
34
+ # The Cloud Org Policy service provides a simple mechanism for organizations to
35
+ # restrict the allowed configurations across their entire Cloud Resource
36
+ # hierarchy.
37
+ #
38
+ # You can use a `policy` to configure restrictions in Cloud resources. For
39
+ # example, you can enforce a `policy` that restricts which Google
40
+ # Cloud Platform APIs can be activated in a certain part of your resource
41
+ # hierarchy, or prevents serial port access to VM instances in a particular
42
+ # folder.
43
+ #
44
+ # `Policies` are inherited down through the resource hierarchy. A `policy`
45
+ # applied to a parent resource automatically applies to all its child resources
46
+ # unless overridden with a `policy` lower in the hierarchy.
47
+ #
48
+ # A `constraint` defines an aspect of a resource's configuration that can be
49
+ # controlled by an organization's policy administrator. `Policies` are a
50
+ # collection of `constraints` that defines their allowable configuration on a
51
+ # particular resource and its child resources.
52
+ #
53
+ class Client
54
+ include Paths
55
+
56
+ # @private
57
+ attr_reader :org_policy_stub
58
+
59
+ ##
60
+ # Configure the OrgPolicy Client class.
61
+ #
62
+ # See {::Google::Cloud::OrgPolicy::V2::OrgPolicy::Rest::Client::Configuration}
63
+ # for a description of the configuration fields.
64
+ #
65
+ # @example
66
+ #
67
+ # # Modify the configuration for all OrgPolicy clients
68
+ # ::Google::Cloud::OrgPolicy::V2::OrgPolicy::Rest::Client.configure do |config|
69
+ # config.timeout = 10.0
70
+ # end
71
+ #
72
+ # @yield [config] Configure the Client client.
73
+ # @yieldparam config [Client::Configuration]
74
+ #
75
+ # @return [Client::Configuration]
76
+ #
77
+ def self.configure
78
+ @configure ||= begin
79
+ namespace = ["Google", "Cloud", "OrgPolicy", "V2"]
80
+ parent_config = while namespace.any?
81
+ parent_name = namespace.join "::"
82
+ parent_const = const_get parent_name
83
+ break parent_const.configure if parent_const.respond_to? :configure
84
+ namespace.pop
85
+ end
86
+ default_config = Client::Configuration.new parent_config
87
+
88
+ default_config.rpcs.list_constraints.timeout = 60.0
89
+ default_config.rpcs.list_constraints.retry_policy = {
90
+ initial_delay: 1.0, max_delay: 10.0, multiplier: 1.3, retry_codes: [14, 4]
91
+ }
92
+
93
+ default_config.rpcs.list_policies.timeout = 60.0
94
+ default_config.rpcs.list_policies.retry_policy = {
95
+ initial_delay: 1.0, max_delay: 10.0, multiplier: 1.3, retry_codes: [14, 4]
96
+ }
97
+
98
+ default_config.rpcs.get_policy.timeout = 60.0
99
+ default_config.rpcs.get_policy.retry_policy = {
100
+ initial_delay: 1.0, max_delay: 10.0, multiplier: 1.3, retry_codes: [14, 4]
101
+ }
102
+
103
+ default_config.rpcs.get_effective_policy.timeout = 60.0
104
+ default_config.rpcs.get_effective_policy.retry_policy = {
105
+ initial_delay: 1.0, max_delay: 10.0, multiplier: 1.3, retry_codes: [14, 4]
106
+ }
107
+
108
+ default_config.rpcs.create_policy.timeout = 60.0
109
+ default_config.rpcs.create_policy.retry_policy = {
110
+ initial_delay: 1.0, max_delay: 10.0, multiplier: 1.3, retry_codes: [14, 4]
111
+ }
112
+
113
+ default_config.rpcs.update_policy.timeout = 60.0
114
+ default_config.rpcs.update_policy.retry_policy = {
115
+ initial_delay: 1.0, max_delay: 10.0, multiplier: 1.3, retry_codes: [14, 4]
116
+ }
117
+
118
+ default_config.rpcs.delete_policy.timeout = 60.0
119
+ default_config.rpcs.delete_policy.retry_policy = {
120
+ initial_delay: 1.0, max_delay: 10.0, multiplier: 1.3, retry_codes: [14, 4]
121
+ }
122
+
123
+ default_config
124
+ end
125
+ yield @configure if block_given?
126
+ @configure
127
+ end
128
+
129
+ ##
130
+ # Configure the OrgPolicy Client instance.
131
+ #
132
+ # The configuration is set to the derived mode, meaning that values can be changed,
133
+ # but structural changes (adding new fields, etc.) are not allowed. Structural changes
134
+ # should be made on {Client.configure}.
135
+ #
136
+ # See {::Google::Cloud::OrgPolicy::V2::OrgPolicy::Rest::Client::Configuration}
137
+ # for a description of the configuration fields.
138
+ #
139
+ # @yield [config] Configure the Client client.
140
+ # @yieldparam config [Client::Configuration]
141
+ #
142
+ # @return [Client::Configuration]
143
+ #
144
+ def configure
145
+ yield @config if block_given?
146
+ @config
147
+ end
148
+
149
+ ##
150
+ # Create a new OrgPolicy REST client object.
151
+ #
152
+ # @example
153
+ #
154
+ # # Create a client using the default configuration
155
+ # client = ::Google::Cloud::OrgPolicy::V2::OrgPolicy::Rest::Client.new
156
+ #
157
+ # # Create a client using a custom configuration
158
+ # client = ::Google::Cloud::OrgPolicy::V2::OrgPolicy::Rest::Client.new do |config|
159
+ # config.timeout = 10.0
160
+ # end
161
+ #
162
+ # @yield [config] Configure the OrgPolicy client.
163
+ # @yieldparam config [Client::Configuration]
164
+ #
165
+ def initialize
166
+ # Create the configuration object
167
+ @config = Configuration.new Client.configure
168
+
169
+ # Yield the configuration if needed
170
+ yield @config if block_given?
171
+
172
+ # Create credentials
173
+ credentials = @config.credentials
174
+ # Use self-signed JWT if the endpoint is unchanged from default,
175
+ # but only if the default endpoint does not have a region prefix.
176
+ enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
177
+ !@config.endpoint.split(".").first.include?("-")
178
+ credentials ||= Credentials.default scope: @config.scope,
179
+ enable_self_signed_jwt: enable_self_signed_jwt
180
+ if credentials.is_a?(::String) || credentials.is_a?(::Hash)
181
+ credentials = Credentials.new credentials, scope: @config.scope
182
+ end
183
+
184
+ @quota_project_id = @config.quota_project
185
+ @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id
186
+
187
+ @org_policy_stub = ::Google::Cloud::OrgPolicy::V2::OrgPolicy::Rest::ServiceStub.new endpoint: @config.endpoint, credentials: credentials
188
+ end
189
+
190
+ # Service calls
191
+
192
+ ##
193
+ # Lists `Constraints` that could be applied on the specified resource.
194
+ #
195
+ # @overload list_constraints(request, options = nil)
196
+ # Pass arguments to `list_constraints` via a request object, either of type
197
+ # {::Google::Cloud::OrgPolicy::V2::ListConstraintsRequest} or an equivalent Hash.
198
+ #
199
+ # @param request [::Google::Cloud::OrgPolicy::V2::ListConstraintsRequest, ::Hash]
200
+ # A request object representing the call parameters. Required. To specify no
201
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
202
+ # @param options [::Gapic::CallOptions, ::Hash]
203
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
204
+ #
205
+ # @overload list_constraints(parent: nil, page_size: nil, page_token: nil)
206
+ # Pass arguments to `list_constraints` via keyword arguments. Note that at
207
+ # least one keyword argument is required. To specify no parameters, or to keep all
208
+ # the default parameter values, pass an empty Hash as a request object (see above).
209
+ #
210
+ # @param parent [::String]
211
+ # Required. The Cloud resource that parents the constraint. Must be in one of
212
+ # the following forms:
213
+ # * `projects/{project_number}`
214
+ # * `projects/{project_id}`
215
+ # * `folders/{folder_id}`
216
+ # * `organizations/{organization_id}`
217
+ # @param page_size [::Integer]
218
+ # Size of the pages to be returned. This is currently unsupported and will
219
+ # be ignored. The server may at any point start using this field to limit
220
+ # page size.
221
+ # @param page_token [::String]
222
+ # Page token used to retrieve the next page. This is currently unsupported
223
+ # and will be ignored. The server may at any point start using this field.
224
+ # @yield [result, operation] Access the result along with the TransportOperation object
225
+ # @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Cloud::OrgPolicy::V2::Constraint>]
226
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
227
+ #
228
+ # @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::OrgPolicy::V2::Constraint>]
229
+ #
230
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
231
+ def list_constraints request, options = nil
232
+ raise ::ArgumentError, "request must be provided" if request.nil?
233
+
234
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::OrgPolicy::V2::ListConstraintsRequest
235
+
236
+ # Converts hash and nil to an options object
237
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
238
+
239
+ # Customize the options with defaults
240
+ call_metadata = @config.rpcs.list_constraints.metadata.to_h
241
+
242
+ # Set x-goog-api-client and x-goog-user-project headers
243
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
244
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
245
+ gapic_version: ::Google::Cloud::OrgPolicy::V2::VERSION,
246
+ transports_version_send: [:rest]
247
+
248
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
249
+
250
+ options.apply_defaults timeout: @config.rpcs.list_constraints.timeout,
251
+ metadata: call_metadata,
252
+ retry_policy: @config.rpcs.list_constraints.retry_policy
253
+
254
+ options.apply_defaults timeout: @config.timeout,
255
+ metadata: @config.metadata,
256
+ retry_policy: @config.retry_policy
257
+
258
+ @org_policy_stub.list_constraints request, options do |result, operation|
259
+ result = ::Gapic::Rest::PagedEnumerable.new @org_policy_stub, :list_constraints, "constraints", request, result, options
260
+ yield result, operation if block_given?
261
+ return result
262
+ end
263
+ rescue ::Gapic::Rest::Error => e
264
+ raise ::Google::Cloud::Error.from_error(e)
265
+ end
266
+
267
+ ##
268
+ # Retrieves all of the `Policies` that exist on a particular resource.
269
+ #
270
+ # @overload list_policies(request, options = nil)
271
+ # Pass arguments to `list_policies` via a request object, either of type
272
+ # {::Google::Cloud::OrgPolicy::V2::ListPoliciesRequest} or an equivalent Hash.
273
+ #
274
+ # @param request [::Google::Cloud::OrgPolicy::V2::ListPoliciesRequest, ::Hash]
275
+ # A request object representing the call parameters. Required. To specify no
276
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
277
+ # @param options [::Gapic::CallOptions, ::Hash]
278
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
279
+ #
280
+ # @overload list_policies(parent: nil, page_size: nil, page_token: nil)
281
+ # Pass arguments to `list_policies` via keyword arguments. Note that at
282
+ # least one keyword argument is required. To specify no parameters, or to keep all
283
+ # the default parameter values, pass an empty Hash as a request object (see above).
284
+ #
285
+ # @param parent [::String]
286
+ # Required. The target Cloud resource that parents the set of constraints and
287
+ # policies that will be returned from this call. Must be in one of the
288
+ # following forms:
289
+ # * `projects/{project_number}`
290
+ # * `projects/{project_id}`
291
+ # * `folders/{folder_id}`
292
+ # * `organizations/{organization_id}`
293
+ # @param page_size [::Integer]
294
+ # Size of the pages to be returned. This is currently unsupported and will
295
+ # be ignored. The server may at any point start using this field to limit
296
+ # page size.
297
+ # @param page_token [::String]
298
+ # Page token used to retrieve the next page. This is currently unsupported
299
+ # and will be ignored. The server may at any point start using this field.
300
+ # @yield [result, operation] Access the result along with the TransportOperation object
301
+ # @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Cloud::OrgPolicy::V2::Policy>]
302
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
303
+ #
304
+ # @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::OrgPolicy::V2::Policy>]
305
+ #
306
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
307
+ def list_policies request, options = nil
308
+ raise ::ArgumentError, "request must be provided" if request.nil?
309
+
310
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::OrgPolicy::V2::ListPoliciesRequest
311
+
312
+ # Converts hash and nil to an options object
313
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
314
+
315
+ # Customize the options with defaults
316
+ call_metadata = @config.rpcs.list_policies.metadata.to_h
317
+
318
+ # Set x-goog-api-client and x-goog-user-project headers
319
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
320
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
321
+ gapic_version: ::Google::Cloud::OrgPolicy::V2::VERSION,
322
+ transports_version_send: [:rest]
323
+
324
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
325
+
326
+ options.apply_defaults timeout: @config.rpcs.list_policies.timeout,
327
+ metadata: call_metadata,
328
+ retry_policy: @config.rpcs.list_policies.retry_policy
329
+
330
+ options.apply_defaults timeout: @config.timeout,
331
+ metadata: @config.metadata,
332
+ retry_policy: @config.retry_policy
333
+
334
+ @org_policy_stub.list_policies request, options do |result, operation|
335
+ result = ::Gapic::Rest::PagedEnumerable.new @org_policy_stub, :list_policies, "policies", request, result, options
336
+ yield result, operation if block_given?
337
+ return result
338
+ end
339
+ rescue ::Gapic::Rest::Error => e
340
+ raise ::Google::Cloud::Error.from_error(e)
341
+ end
342
+
343
+ ##
344
+ # Gets a `Policy` on a resource.
345
+ #
346
+ # If no `Policy` is set on the resource, NOT_FOUND is returned. The
347
+ # `etag` value can be used with `UpdatePolicy()` to update a
348
+ # `Policy` during read-modify-write.
349
+ #
350
+ # @overload get_policy(request, options = nil)
351
+ # Pass arguments to `get_policy` via a request object, either of type
352
+ # {::Google::Cloud::OrgPolicy::V2::GetPolicyRequest} or an equivalent Hash.
353
+ #
354
+ # @param request [::Google::Cloud::OrgPolicy::V2::GetPolicyRequest, ::Hash]
355
+ # A request object representing the call parameters. Required. To specify no
356
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
357
+ # @param options [::Gapic::CallOptions, ::Hash]
358
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
359
+ #
360
+ # @overload get_policy(name: nil)
361
+ # Pass arguments to `get_policy` via keyword arguments. Note that at
362
+ # least one keyword argument is required. To specify no parameters, or to keep all
363
+ # the default parameter values, pass an empty Hash as a request object (see above).
364
+ #
365
+ # @param name [::String]
366
+ # Required. Resource name of the policy. See `Policy` for naming
367
+ # requirements.
368
+ # @yield [result, operation] Access the result along with the TransportOperation object
369
+ # @yieldparam result [::Google::Cloud::OrgPolicy::V2::Policy]
370
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
371
+ #
372
+ # @return [::Google::Cloud::OrgPolicy::V2::Policy]
373
+ #
374
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
375
+ def get_policy request, options = nil
376
+ raise ::ArgumentError, "request must be provided" if request.nil?
377
+
378
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::OrgPolicy::V2::GetPolicyRequest
379
+
380
+ # Converts hash and nil to an options object
381
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
382
+
383
+ # Customize the options with defaults
384
+ call_metadata = @config.rpcs.get_policy.metadata.to_h
385
+
386
+ # Set x-goog-api-client and x-goog-user-project headers
387
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
388
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
389
+ gapic_version: ::Google::Cloud::OrgPolicy::V2::VERSION,
390
+ transports_version_send: [:rest]
391
+
392
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
393
+
394
+ options.apply_defaults timeout: @config.rpcs.get_policy.timeout,
395
+ metadata: call_metadata,
396
+ retry_policy: @config.rpcs.get_policy.retry_policy
397
+
398
+ options.apply_defaults timeout: @config.timeout,
399
+ metadata: @config.metadata,
400
+ retry_policy: @config.retry_policy
401
+
402
+ @org_policy_stub.get_policy request, options do |result, operation|
403
+ yield result, operation if block_given?
404
+ return result
405
+ end
406
+ rescue ::Gapic::Rest::Error => e
407
+ raise ::Google::Cloud::Error.from_error(e)
408
+ end
409
+
410
+ ##
411
+ # Gets the effective `Policy` on a resource. This is the result of merging
412
+ # `Policies` in the resource hierarchy and evaluating conditions. The
413
+ # returned `Policy` will not have an `etag` or `condition` set because it is
414
+ # a computed `Policy` across multiple resources.
415
+ # Subtrees of Resource Manager resource hierarchy with 'under:' prefix will
416
+ # not be expanded.
417
+ #
418
+ # @overload get_effective_policy(request, options = nil)
419
+ # Pass arguments to `get_effective_policy` via a request object, either of type
420
+ # {::Google::Cloud::OrgPolicy::V2::GetEffectivePolicyRequest} or an equivalent Hash.
421
+ #
422
+ # @param request [::Google::Cloud::OrgPolicy::V2::GetEffectivePolicyRequest, ::Hash]
423
+ # A request object representing the call parameters. Required. To specify no
424
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
425
+ # @param options [::Gapic::CallOptions, ::Hash]
426
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
427
+ #
428
+ # @overload get_effective_policy(name: nil)
429
+ # Pass arguments to `get_effective_policy` via keyword arguments. Note that at
430
+ # least one keyword argument is required. To specify no parameters, or to keep all
431
+ # the default parameter values, pass an empty Hash as a request object (see above).
432
+ #
433
+ # @param name [::String]
434
+ # Required. The effective policy to compute. See `Policy` for naming rules.
435
+ # @yield [result, operation] Access the result along with the TransportOperation object
436
+ # @yieldparam result [::Google::Cloud::OrgPolicy::V2::Policy]
437
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
438
+ #
439
+ # @return [::Google::Cloud::OrgPolicy::V2::Policy]
440
+ #
441
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
442
+ def get_effective_policy request, options = nil
443
+ raise ::ArgumentError, "request must be provided" if request.nil?
444
+
445
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::OrgPolicy::V2::GetEffectivePolicyRequest
446
+
447
+ # Converts hash and nil to an options object
448
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
449
+
450
+ # Customize the options with defaults
451
+ call_metadata = @config.rpcs.get_effective_policy.metadata.to_h
452
+
453
+ # Set x-goog-api-client and x-goog-user-project headers
454
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
455
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
456
+ gapic_version: ::Google::Cloud::OrgPolicy::V2::VERSION,
457
+ transports_version_send: [:rest]
458
+
459
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
460
+
461
+ options.apply_defaults timeout: @config.rpcs.get_effective_policy.timeout,
462
+ metadata: call_metadata,
463
+ retry_policy: @config.rpcs.get_effective_policy.retry_policy
464
+
465
+ options.apply_defaults timeout: @config.timeout,
466
+ metadata: @config.metadata,
467
+ retry_policy: @config.retry_policy
468
+
469
+ @org_policy_stub.get_effective_policy request, options do |result, operation|
470
+ yield result, operation if block_given?
471
+ return result
472
+ end
473
+ rescue ::Gapic::Rest::Error => e
474
+ raise ::Google::Cloud::Error.from_error(e)
475
+ end
476
+
477
+ ##
478
+ # Creates a Policy.
479
+ #
480
+ # Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the
481
+ # constraint does not exist.
482
+ # Returns a `google.rpc.Status` with `google.rpc.Code.ALREADY_EXISTS` if the
483
+ # policy already exists on the given Cloud resource.
484
+ #
485
+ # @overload create_policy(request, options = nil)
486
+ # Pass arguments to `create_policy` via a request object, either of type
487
+ # {::Google::Cloud::OrgPolicy::V2::CreatePolicyRequest} or an equivalent Hash.
488
+ #
489
+ # @param request [::Google::Cloud::OrgPolicy::V2::CreatePolicyRequest, ::Hash]
490
+ # A request object representing the call parameters. Required. To specify no
491
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
492
+ # @param options [::Gapic::CallOptions, ::Hash]
493
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
494
+ #
495
+ # @overload create_policy(parent: nil, policy: nil)
496
+ # Pass arguments to `create_policy` via keyword arguments. Note that at
497
+ # least one keyword argument is required. To specify no parameters, or to keep all
498
+ # the default parameter values, pass an empty Hash as a request object (see above).
499
+ #
500
+ # @param parent [::String]
501
+ # Required. The Cloud resource that will parent the new Policy. Must be in
502
+ # one of the following forms:
503
+ # * `projects/{project_number}`
504
+ # * `projects/{project_id}`
505
+ # * `folders/{folder_id}`
506
+ # * `organizations/{organization_id}`
507
+ # @param policy [::Google::Cloud::OrgPolicy::V2::Policy, ::Hash]
508
+ # Required. `Policy` to create.
509
+ # @yield [result, operation] Access the result along with the TransportOperation object
510
+ # @yieldparam result [::Google::Cloud::OrgPolicy::V2::Policy]
511
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
512
+ #
513
+ # @return [::Google::Cloud::OrgPolicy::V2::Policy]
514
+ #
515
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
516
+ def create_policy request, options = nil
517
+ raise ::ArgumentError, "request must be provided" if request.nil?
518
+
519
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::OrgPolicy::V2::CreatePolicyRequest
520
+
521
+ # Converts hash and nil to an options object
522
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
523
+
524
+ # Customize the options with defaults
525
+ call_metadata = @config.rpcs.create_policy.metadata.to_h
526
+
527
+ # Set x-goog-api-client and x-goog-user-project headers
528
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
529
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
530
+ gapic_version: ::Google::Cloud::OrgPolicy::V2::VERSION,
531
+ transports_version_send: [:rest]
532
+
533
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
534
+
535
+ options.apply_defaults timeout: @config.rpcs.create_policy.timeout,
536
+ metadata: call_metadata,
537
+ retry_policy: @config.rpcs.create_policy.retry_policy
538
+
539
+ options.apply_defaults timeout: @config.timeout,
540
+ metadata: @config.metadata,
541
+ retry_policy: @config.retry_policy
542
+
543
+ @org_policy_stub.create_policy request, options do |result, operation|
544
+ yield result, operation if block_given?
545
+ return result
546
+ end
547
+ rescue ::Gapic::Rest::Error => e
548
+ raise ::Google::Cloud::Error.from_error(e)
549
+ end
550
+
551
+ ##
552
+ # Updates a Policy.
553
+ #
554
+ # Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the
555
+ # constraint or the policy do not exist.
556
+ # Returns a `google.rpc.Status` with `google.rpc.Code.ABORTED` if the etag
557
+ # supplied in the request does not match the persisted etag of the policy
558
+ #
559
+ # Note: the supplied policy will perform a full overwrite of all
560
+ # fields.
561
+ #
562
+ # @overload update_policy(request, options = nil)
563
+ # Pass arguments to `update_policy` via a request object, either of type
564
+ # {::Google::Cloud::OrgPolicy::V2::UpdatePolicyRequest} or an equivalent Hash.
565
+ #
566
+ # @param request [::Google::Cloud::OrgPolicy::V2::UpdatePolicyRequest, ::Hash]
567
+ # A request object representing the call parameters. Required. To specify no
568
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
569
+ # @param options [::Gapic::CallOptions, ::Hash]
570
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
571
+ #
572
+ # @overload update_policy(policy: nil, update_mask: nil)
573
+ # Pass arguments to `update_policy` via keyword arguments. Note that at
574
+ # least one keyword argument is required. To specify no parameters, or to keep all
575
+ # the default parameter values, pass an empty Hash as a request object (see above).
576
+ #
577
+ # @param policy [::Google::Cloud::OrgPolicy::V2::Policy, ::Hash]
578
+ # Required. `Policy` to update.
579
+ # @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
580
+ # Field mask used to specify the fields to be overwritten in the policy
581
+ # by the set. The fields specified in the update_mask are relative to the
582
+ # policy, not the full request.
583
+ # @yield [result, operation] Access the result along with the TransportOperation object
584
+ # @yieldparam result [::Google::Cloud::OrgPolicy::V2::Policy]
585
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
586
+ #
587
+ # @return [::Google::Cloud::OrgPolicy::V2::Policy]
588
+ #
589
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
590
+ def update_policy request, options = nil
591
+ raise ::ArgumentError, "request must be provided" if request.nil?
592
+
593
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::OrgPolicy::V2::UpdatePolicyRequest
594
+
595
+ # Converts hash and nil to an options object
596
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
597
+
598
+ # Customize the options with defaults
599
+ call_metadata = @config.rpcs.update_policy.metadata.to_h
600
+
601
+ # Set x-goog-api-client and x-goog-user-project headers
602
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
603
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
604
+ gapic_version: ::Google::Cloud::OrgPolicy::V2::VERSION,
605
+ transports_version_send: [:rest]
606
+
607
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
608
+
609
+ options.apply_defaults timeout: @config.rpcs.update_policy.timeout,
610
+ metadata: call_metadata,
611
+ retry_policy: @config.rpcs.update_policy.retry_policy
612
+
613
+ options.apply_defaults timeout: @config.timeout,
614
+ metadata: @config.metadata,
615
+ retry_policy: @config.retry_policy
616
+
617
+ @org_policy_stub.update_policy request, options do |result, operation|
618
+ yield result, operation if block_given?
619
+ return result
620
+ end
621
+ rescue ::Gapic::Rest::Error => e
622
+ raise ::Google::Cloud::Error.from_error(e)
623
+ end
624
+
625
+ ##
626
+ # Deletes a Policy.
627
+ #
628
+ # Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the
629
+ # constraint or Org Policy does not exist.
630
+ #
631
+ # @overload delete_policy(request, options = nil)
632
+ # Pass arguments to `delete_policy` via a request object, either of type
633
+ # {::Google::Cloud::OrgPolicy::V2::DeletePolicyRequest} or an equivalent Hash.
634
+ #
635
+ # @param request [::Google::Cloud::OrgPolicy::V2::DeletePolicyRequest, ::Hash]
636
+ # A request object representing the call parameters. Required. To specify no
637
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
638
+ # @param options [::Gapic::CallOptions, ::Hash]
639
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
640
+ #
641
+ # @overload delete_policy(name: nil)
642
+ # Pass arguments to `delete_policy` via keyword arguments. Note that at
643
+ # least one keyword argument is required. To specify no parameters, or to keep all
644
+ # the default parameter values, pass an empty Hash as a request object (see above).
645
+ #
646
+ # @param name [::String]
647
+ # Required. Name of the policy to delete.
648
+ # See `Policy` for naming rules.
649
+ # @yield [result, operation] Access the result along with the TransportOperation object
650
+ # @yieldparam result [::Google::Protobuf::Empty]
651
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
652
+ #
653
+ # @return [::Google::Protobuf::Empty]
654
+ #
655
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
656
+ def delete_policy request, options = nil
657
+ raise ::ArgumentError, "request must be provided" if request.nil?
658
+
659
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::OrgPolicy::V2::DeletePolicyRequest
660
+
661
+ # Converts hash and nil to an options object
662
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
663
+
664
+ # Customize the options with defaults
665
+ call_metadata = @config.rpcs.delete_policy.metadata.to_h
666
+
667
+ # Set x-goog-api-client and x-goog-user-project headers
668
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
669
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
670
+ gapic_version: ::Google::Cloud::OrgPolicy::V2::VERSION,
671
+ transports_version_send: [:rest]
672
+
673
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
674
+
675
+ options.apply_defaults timeout: @config.rpcs.delete_policy.timeout,
676
+ metadata: call_metadata,
677
+ retry_policy: @config.rpcs.delete_policy.retry_policy
678
+
679
+ options.apply_defaults timeout: @config.timeout,
680
+ metadata: @config.metadata,
681
+ retry_policy: @config.retry_policy
682
+
683
+ @org_policy_stub.delete_policy request, options do |result, operation|
684
+ yield result, operation if block_given?
685
+ return result
686
+ end
687
+ rescue ::Gapic::Rest::Error => e
688
+ raise ::Google::Cloud::Error.from_error(e)
689
+ end
690
+
691
+ ##
692
+ # Configuration class for the OrgPolicy REST API.
693
+ #
694
+ # This class represents the configuration for OrgPolicy REST,
695
+ # providing control over timeouts, retry behavior, logging, transport
696
+ # parameters, and other low-level controls. Certain parameters can also be
697
+ # applied individually to specific RPCs. See
698
+ # {::Google::Cloud::OrgPolicy::V2::OrgPolicy::Rest::Client::Configuration::Rpcs}
699
+ # for a list of RPCs that can be configured independently.
700
+ #
701
+ # Configuration can be applied globally to all clients, or to a single client
702
+ # on construction.
703
+ #
704
+ # @example
705
+ #
706
+ # # Modify the global config, setting the timeout for
707
+ # # list_constraints to 20 seconds,
708
+ # # and all remaining timeouts to 10 seconds.
709
+ # ::Google::Cloud::OrgPolicy::V2::OrgPolicy::Rest::Client.configure do |config|
710
+ # config.timeout = 10.0
711
+ # config.rpcs.list_constraints.timeout = 20.0
712
+ # end
713
+ #
714
+ # # Apply the above configuration only to a new client.
715
+ # client = ::Google::Cloud::OrgPolicy::V2::OrgPolicy::Rest::Client.new do |config|
716
+ # config.timeout = 10.0
717
+ # config.rpcs.list_constraints.timeout = 20.0
718
+ # end
719
+ #
720
+ # @!attribute [rw] endpoint
721
+ # The hostname or hostname:port of the service endpoint.
722
+ # Defaults to `"orgpolicy.googleapis.com"`.
723
+ # @return [::String]
724
+ # @!attribute [rw] credentials
725
+ # Credentials to send with calls. You may provide any of the following types:
726
+ # * (`String`) The path to a service account key file in JSON format
727
+ # * (`Hash`) A service account key as a Hash
728
+ # * (`Google::Auth::Credentials`) A googleauth credentials object
729
+ # (see the [googleauth docs](https://googleapis.dev/ruby/googleauth/latest/index.html))
730
+ # * (`Signet::OAuth2::Client`) A signet oauth2 client object
731
+ # (see the [signet docs](https://googleapis.dev/ruby/signet/latest/Signet/OAuth2/Client.html))
732
+ # * (`nil`) indicating no credentials
733
+ # @return [::Object]
734
+ # @!attribute [rw] scope
735
+ # The OAuth scopes
736
+ # @return [::Array<::String>]
737
+ # @!attribute [rw] lib_name
738
+ # The library name as recorded in instrumentation and logging
739
+ # @return [::String]
740
+ # @!attribute [rw] lib_version
741
+ # The library version as recorded in instrumentation and logging
742
+ # @return [::String]
743
+ # @!attribute [rw] timeout
744
+ # The call timeout in seconds.
745
+ # @return [::Numeric]
746
+ # @!attribute [rw] metadata
747
+ # Additional headers to be sent with the call.
748
+ # @return [::Hash{::Symbol=>::String}]
749
+ # @!attribute [rw] retry_policy
750
+ # The retry policy. The value is a hash with the following keys:
751
+ # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
752
+ # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
753
+ # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
754
+ # * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
755
+ # trigger a retry.
756
+ # @return [::Hash]
757
+ # @!attribute [rw] quota_project
758
+ # A separate project against which to charge quota.
759
+ # @return [::String]
760
+ #
761
+ class Configuration
762
+ extend ::Gapic::Config
763
+
764
+ config_attr :endpoint, "orgpolicy.googleapis.com", ::String
765
+ config_attr :credentials, nil do |value|
766
+ allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
767
+ allowed.any? { |klass| klass === value }
768
+ end
769
+ config_attr :scope, nil, ::String, ::Array, nil
770
+ config_attr :lib_name, nil, ::String, nil
771
+ config_attr :lib_version, nil, ::String, nil
772
+ config_attr :timeout, nil, ::Numeric, nil
773
+ config_attr :metadata, nil, ::Hash, nil
774
+ config_attr :retry_policy, nil, ::Hash, ::Proc, nil
775
+ config_attr :quota_project, nil, ::String, nil
776
+
777
+ # @private
778
+ def initialize parent_config = nil
779
+ @parent_config = parent_config unless parent_config.nil?
780
+
781
+ yield self if block_given?
782
+ end
783
+
784
+ ##
785
+ # Configurations for individual RPCs
786
+ # @return [Rpcs]
787
+ #
788
+ def rpcs
789
+ @rpcs ||= begin
790
+ parent_rpcs = nil
791
+ parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs)
792
+ Rpcs.new parent_rpcs
793
+ end
794
+ end
795
+
796
+ ##
797
+ # Configuration RPC class for the OrgPolicy API.
798
+ #
799
+ # Includes fields providing the configuration for each RPC in this service.
800
+ # Each configuration object is of type `Gapic::Config::Method` and includes
801
+ # the following configuration fields:
802
+ #
803
+ # * `timeout` (*type:* `Numeric`) - The call timeout in seconds
804
+ # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional headers
805
+ # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields
806
+ # include the following keys:
807
+ # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
808
+ # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
809
+ # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
810
+ # * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
811
+ # trigger a retry.
812
+ #
813
+ class Rpcs
814
+ ##
815
+ # RPC-specific configuration for `list_constraints`
816
+ # @return [::Gapic::Config::Method]
817
+ #
818
+ attr_reader :list_constraints
819
+ ##
820
+ # RPC-specific configuration for `list_policies`
821
+ # @return [::Gapic::Config::Method]
822
+ #
823
+ attr_reader :list_policies
824
+ ##
825
+ # RPC-specific configuration for `get_policy`
826
+ # @return [::Gapic::Config::Method]
827
+ #
828
+ attr_reader :get_policy
829
+ ##
830
+ # RPC-specific configuration for `get_effective_policy`
831
+ # @return [::Gapic::Config::Method]
832
+ #
833
+ attr_reader :get_effective_policy
834
+ ##
835
+ # RPC-specific configuration for `create_policy`
836
+ # @return [::Gapic::Config::Method]
837
+ #
838
+ attr_reader :create_policy
839
+ ##
840
+ # RPC-specific configuration for `update_policy`
841
+ # @return [::Gapic::Config::Method]
842
+ #
843
+ attr_reader :update_policy
844
+ ##
845
+ # RPC-specific configuration for `delete_policy`
846
+ # @return [::Gapic::Config::Method]
847
+ #
848
+ attr_reader :delete_policy
849
+
850
+ # @private
851
+ def initialize parent_rpcs = nil
852
+ list_constraints_config = parent_rpcs.list_constraints if parent_rpcs.respond_to? :list_constraints
853
+ @list_constraints = ::Gapic::Config::Method.new list_constraints_config
854
+ list_policies_config = parent_rpcs.list_policies if parent_rpcs.respond_to? :list_policies
855
+ @list_policies = ::Gapic::Config::Method.new list_policies_config
856
+ get_policy_config = parent_rpcs.get_policy if parent_rpcs.respond_to? :get_policy
857
+ @get_policy = ::Gapic::Config::Method.new get_policy_config
858
+ get_effective_policy_config = parent_rpcs.get_effective_policy if parent_rpcs.respond_to? :get_effective_policy
859
+ @get_effective_policy = ::Gapic::Config::Method.new get_effective_policy_config
860
+ create_policy_config = parent_rpcs.create_policy if parent_rpcs.respond_to? :create_policy
861
+ @create_policy = ::Gapic::Config::Method.new create_policy_config
862
+ update_policy_config = parent_rpcs.update_policy if parent_rpcs.respond_to? :update_policy
863
+ @update_policy = ::Gapic::Config::Method.new update_policy_config
864
+ delete_policy_config = parent_rpcs.delete_policy if parent_rpcs.respond_to? :delete_policy
865
+ @delete_policy = ::Gapic::Config::Method.new delete_policy_config
866
+
867
+ yield self if block_given?
868
+ end
869
+ end
870
+ end
871
+ end
872
+ end
873
+ end
874
+ end
875
+ end
876
+ end
877
+ end