google-cloud-privileged_access_manager-v1 0.a → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.yardopts +12 -0
- data/AUTHENTICATION.md +122 -0
- data/README.md +144 -8
- data/lib/google/cloud/privileged_access_manager/v1/bindings_override.rb +134 -0
- data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager/client.rb +1895 -0
- data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager/credentials.rb +47 -0
- data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager/operations.rb +809 -0
- data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager/paths.rb +206 -0
- data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager/rest/client.rb +1777 -0
- data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager/rest/operations.rb +944 -0
- data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager/rest/service_stub.rb +1109 -0
- data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager/rest.rb +73 -0
- data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager.rb +75 -0
- data/lib/google/cloud/privileged_access_manager/v1/rest.rb +38 -0
- data/lib/google/cloud/privileged_access_manager/v1/version.rb +7 -2
- data/lib/google/cloud/privileged_access_manager/v1.rb +45 -0
- data/lib/google/cloud/privilegedaccessmanager/v1/privilegedaccessmanager_pb.rb +108 -0
- data/lib/google/cloud/privilegedaccessmanager/v1/privilegedaccessmanager_services_pb.rb +121 -0
- data/lib/google-cloud-privileged_access_manager-v1.rb +21 -0
- data/proto_docs/README.md +4 -0
- data/proto_docs/google/api/client.rb +403 -0
- data/proto_docs/google/api/field_behavior.rb +85 -0
- data/proto_docs/google/api/launch_stage.rb +71 -0
- data/proto_docs/google/api/resource.rb +227 -0
- data/proto_docs/google/cloud/privilegedaccessmanager/v1/privilegedaccessmanager.rb +966 -0
- data/proto_docs/google/longrunning/operations.rb +164 -0
- data/proto_docs/google/protobuf/any.rb +145 -0
- data/proto_docs/google/protobuf/duration.rb +98 -0
- data/proto_docs/google/protobuf/empty.rb +34 -0
- data/proto_docs/google/protobuf/field_mask.rb +229 -0
- data/proto_docs/google/protobuf/timestamp.rb +127 -0
- data/proto_docs/google/rpc/status.rb +48 -0
- metadata +125 -10
|
@@ -0,0 +1,1777 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# Copyright 2024 Google LLC
|
|
4
|
+
#
|
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
|
+
# you may not use this file except in compliance with the License.
|
|
7
|
+
# You may obtain a copy of the License at
|
|
8
|
+
#
|
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
#
|
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
14
|
+
# See the License for the specific language governing permissions and
|
|
15
|
+
# limitations under the License.
|
|
16
|
+
|
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
|
18
|
+
|
|
19
|
+
require "google/cloud/errors"
|
|
20
|
+
require "google/cloud/privilegedaccessmanager/v1/privilegedaccessmanager_pb"
|
|
21
|
+
require "google/cloud/privileged_access_manager/v1/privileged_access_manager/rest/service_stub"
|
|
22
|
+
require "google/cloud/location/rest"
|
|
23
|
+
|
|
24
|
+
module Google
|
|
25
|
+
module Cloud
|
|
26
|
+
module PrivilegedAccessManager
|
|
27
|
+
module V1
|
|
28
|
+
module PrivilegedAccessManager
|
|
29
|
+
module Rest
|
|
30
|
+
##
|
|
31
|
+
# REST client for the PrivilegedAccessManager service.
|
|
32
|
+
#
|
|
33
|
+
# This API allows customers to manage temporary, request based privileged
|
|
34
|
+
# access to their resources.
|
|
35
|
+
#
|
|
36
|
+
# It defines the following resource model:
|
|
37
|
+
#
|
|
38
|
+
# * A collection of `Entitlement` resources. An entitlement allows configuring
|
|
39
|
+
# (among other things):
|
|
40
|
+
#
|
|
41
|
+
# * Some kind of privileged access that users can request.
|
|
42
|
+
# * A set of users called _requesters_ who can request this access.
|
|
43
|
+
# * A maximum duration for which the access can be requested.
|
|
44
|
+
# * An optional approval workflow which must be satisfied before access is
|
|
45
|
+
# granted.
|
|
46
|
+
#
|
|
47
|
+
# * A collection of `Grant` resources. A grant is a request by a requester to
|
|
48
|
+
# get the privileged access specified in an entitlement for some duration.
|
|
49
|
+
#
|
|
50
|
+
# After the approval workflow as specified in the entitlement is satisfied,
|
|
51
|
+
# the specified access is given to the requester. The access is automatically
|
|
52
|
+
# taken back after the requested duration is over.
|
|
53
|
+
#
|
|
54
|
+
class Client
|
|
55
|
+
# @private
|
|
56
|
+
API_VERSION = ""
|
|
57
|
+
|
|
58
|
+
# @private
|
|
59
|
+
DEFAULT_ENDPOINT_TEMPLATE = "privilegedaccessmanager.$UNIVERSE_DOMAIN$"
|
|
60
|
+
|
|
61
|
+
include Paths
|
|
62
|
+
|
|
63
|
+
# @private
|
|
64
|
+
attr_reader :privileged_access_manager_stub
|
|
65
|
+
|
|
66
|
+
##
|
|
67
|
+
# Configure the PrivilegedAccessManager Client class.
|
|
68
|
+
#
|
|
69
|
+
# See {::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client::Configuration}
|
|
70
|
+
# for a description of the configuration fields.
|
|
71
|
+
#
|
|
72
|
+
# @example
|
|
73
|
+
#
|
|
74
|
+
# # Modify the configuration for all PrivilegedAccessManager clients
|
|
75
|
+
# ::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.configure do |config|
|
|
76
|
+
# config.timeout = 10.0
|
|
77
|
+
# end
|
|
78
|
+
#
|
|
79
|
+
# @yield [config] Configure the Client client.
|
|
80
|
+
# @yieldparam config [Client::Configuration]
|
|
81
|
+
#
|
|
82
|
+
# @return [Client::Configuration]
|
|
83
|
+
#
|
|
84
|
+
def self.configure
|
|
85
|
+
@configure ||= begin
|
|
86
|
+
namespace = ["Google", "Cloud", "PrivilegedAccessManager", "V1"]
|
|
87
|
+
parent_config = while namespace.any?
|
|
88
|
+
parent_name = namespace.join "::"
|
|
89
|
+
parent_const = const_get parent_name
|
|
90
|
+
break parent_const.configure if parent_const.respond_to? :configure
|
|
91
|
+
namespace.pop
|
|
92
|
+
end
|
|
93
|
+
default_config = Client::Configuration.new parent_config
|
|
94
|
+
|
|
95
|
+
default_config
|
|
96
|
+
end
|
|
97
|
+
yield @configure if block_given?
|
|
98
|
+
@configure
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
##
|
|
102
|
+
# Configure the PrivilegedAccessManager Client instance.
|
|
103
|
+
#
|
|
104
|
+
# The configuration is set to the derived mode, meaning that values can be changed,
|
|
105
|
+
# but structural changes (adding new fields, etc.) are not allowed. Structural changes
|
|
106
|
+
# should be made on {Client.configure}.
|
|
107
|
+
#
|
|
108
|
+
# See {::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client::Configuration}
|
|
109
|
+
# for a description of the configuration fields.
|
|
110
|
+
#
|
|
111
|
+
# @yield [config] Configure the Client client.
|
|
112
|
+
# @yieldparam config [Client::Configuration]
|
|
113
|
+
#
|
|
114
|
+
# @return [Client::Configuration]
|
|
115
|
+
#
|
|
116
|
+
def configure
|
|
117
|
+
yield @config if block_given?
|
|
118
|
+
@config
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
##
|
|
122
|
+
# The effective universe domain
|
|
123
|
+
#
|
|
124
|
+
# @return [String]
|
|
125
|
+
#
|
|
126
|
+
def universe_domain
|
|
127
|
+
@privileged_access_manager_stub.universe_domain
|
|
128
|
+
end
|
|
129
|
+
|
|
130
|
+
##
|
|
131
|
+
# Create a new PrivilegedAccessManager REST client object.
|
|
132
|
+
#
|
|
133
|
+
# @example
|
|
134
|
+
#
|
|
135
|
+
# # Create a client using the default configuration
|
|
136
|
+
# client = ::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
137
|
+
#
|
|
138
|
+
# # Create a client using a custom configuration
|
|
139
|
+
# client = ::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new do |config|
|
|
140
|
+
# config.timeout = 10.0
|
|
141
|
+
# end
|
|
142
|
+
#
|
|
143
|
+
# @yield [config] Configure the PrivilegedAccessManager client.
|
|
144
|
+
# @yieldparam config [Client::Configuration]
|
|
145
|
+
#
|
|
146
|
+
def initialize
|
|
147
|
+
# Create the configuration object
|
|
148
|
+
@config = Configuration.new Client.configure
|
|
149
|
+
|
|
150
|
+
# Yield the configuration if needed
|
|
151
|
+
yield @config if block_given?
|
|
152
|
+
|
|
153
|
+
# Create credentials
|
|
154
|
+
credentials = @config.credentials
|
|
155
|
+
# Use self-signed JWT if the endpoint is unchanged from default,
|
|
156
|
+
# but only if the default endpoint does not have a region prefix.
|
|
157
|
+
enable_self_signed_jwt = @config.endpoint.nil? ||
|
|
158
|
+
(@config.endpoint == Configuration::DEFAULT_ENDPOINT &&
|
|
159
|
+
!@config.endpoint.split(".").first.include?("-"))
|
|
160
|
+
credentials ||= Credentials.default scope: @config.scope,
|
|
161
|
+
enable_self_signed_jwt: enable_self_signed_jwt
|
|
162
|
+
if credentials.is_a?(::String) || credentials.is_a?(::Hash)
|
|
163
|
+
credentials = Credentials.new credentials, scope: @config.scope
|
|
164
|
+
end
|
|
165
|
+
|
|
166
|
+
@quota_project_id = @config.quota_project
|
|
167
|
+
@quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id
|
|
168
|
+
|
|
169
|
+
@operations_client = ::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Operations.new do |config|
|
|
170
|
+
config.credentials = credentials
|
|
171
|
+
config.quota_project = @quota_project_id
|
|
172
|
+
config.endpoint = @config.endpoint
|
|
173
|
+
config.universe_domain = @config.universe_domain
|
|
174
|
+
end
|
|
175
|
+
|
|
176
|
+
@privileged_access_manager_stub = ::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::ServiceStub.new(
|
|
177
|
+
endpoint: @config.endpoint,
|
|
178
|
+
endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
|
|
179
|
+
universe_domain: @config.universe_domain,
|
|
180
|
+
credentials: credentials
|
|
181
|
+
)
|
|
182
|
+
|
|
183
|
+
@location_client = Google::Cloud::Location::Locations::Rest::Client.new do |config|
|
|
184
|
+
config.credentials = credentials
|
|
185
|
+
config.quota_project = @quota_project_id
|
|
186
|
+
config.endpoint = @privileged_access_manager_stub.endpoint
|
|
187
|
+
config.universe_domain = @privileged_access_manager_stub.universe_domain
|
|
188
|
+
config.bindings_override = @config.bindings_override
|
|
189
|
+
end
|
|
190
|
+
end
|
|
191
|
+
|
|
192
|
+
##
|
|
193
|
+
# Get the associated client for long-running operations.
|
|
194
|
+
#
|
|
195
|
+
# @return [::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Operations]
|
|
196
|
+
#
|
|
197
|
+
attr_reader :operations_client
|
|
198
|
+
|
|
199
|
+
##
|
|
200
|
+
# Get the associated client for mix-in of the Locations.
|
|
201
|
+
#
|
|
202
|
+
# @return [Google::Cloud::Location::Locations::Rest::Client]
|
|
203
|
+
#
|
|
204
|
+
attr_reader :location_client
|
|
205
|
+
|
|
206
|
+
# Service calls
|
|
207
|
+
|
|
208
|
+
##
|
|
209
|
+
# CheckOnboardingStatus reports the onboarding status for a
|
|
210
|
+
# project/folder/organization. Any findings reported by this API need to be
|
|
211
|
+
# fixed before PAM can be used on the resource.
|
|
212
|
+
#
|
|
213
|
+
# @overload check_onboarding_status(request, options = nil)
|
|
214
|
+
# Pass arguments to `check_onboarding_status` via a request object, either of type
|
|
215
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::CheckOnboardingStatusRequest} or an equivalent Hash.
|
|
216
|
+
#
|
|
217
|
+
# @param request [::Google::Cloud::PrivilegedAccessManager::V1::CheckOnboardingStatusRequest, ::Hash]
|
|
218
|
+
# A request object representing the call parameters. Required. To specify no
|
|
219
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
220
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
221
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
222
|
+
#
|
|
223
|
+
# @overload check_onboarding_status(parent: nil)
|
|
224
|
+
# Pass arguments to `check_onboarding_status` via keyword arguments. Note that at
|
|
225
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
226
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
227
|
+
#
|
|
228
|
+
# @param parent [::String]
|
|
229
|
+
# Required. The resource for which the onboarding status should be checked.
|
|
230
|
+
# Should be in one of the following formats:
|
|
231
|
+
#
|
|
232
|
+
# * `projects/{project-number|project-id}/locations/{region}`
|
|
233
|
+
# * `folders/{folder-number}/locations/{region}`
|
|
234
|
+
# * `organizations/{organization-number}/locations/{region}`
|
|
235
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
236
|
+
# @yieldparam result [::Google::Cloud::PrivilegedAccessManager::V1::CheckOnboardingStatusResponse]
|
|
237
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
238
|
+
#
|
|
239
|
+
# @return [::Google::Cloud::PrivilegedAccessManager::V1::CheckOnboardingStatusResponse]
|
|
240
|
+
#
|
|
241
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
242
|
+
#
|
|
243
|
+
# @example Basic example
|
|
244
|
+
# require "google/cloud/privileged_access_manager/v1"
|
|
245
|
+
#
|
|
246
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
247
|
+
# client = Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
248
|
+
#
|
|
249
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
250
|
+
# request = Google::Cloud::PrivilegedAccessManager::V1::CheckOnboardingStatusRequest.new
|
|
251
|
+
#
|
|
252
|
+
# # Call the check_onboarding_status method.
|
|
253
|
+
# result = client.check_onboarding_status request
|
|
254
|
+
#
|
|
255
|
+
# # The returned object is of type Google::Cloud::PrivilegedAccessManager::V1::CheckOnboardingStatusResponse.
|
|
256
|
+
# p result
|
|
257
|
+
#
|
|
258
|
+
def check_onboarding_status request, options = nil
|
|
259
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
260
|
+
|
|
261
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::PrivilegedAccessManager::V1::CheckOnboardingStatusRequest
|
|
262
|
+
|
|
263
|
+
# Converts hash and nil to an options object
|
|
264
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
265
|
+
|
|
266
|
+
# Customize the options with defaults
|
|
267
|
+
call_metadata = @config.rpcs.check_onboarding_status.metadata.to_h
|
|
268
|
+
|
|
269
|
+
# Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
|
|
270
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
271
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
272
|
+
gapic_version: ::Google::Cloud::PrivilegedAccessManager::V1::VERSION,
|
|
273
|
+
transports_version_send: [:rest]
|
|
274
|
+
|
|
275
|
+
call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
|
|
276
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
277
|
+
|
|
278
|
+
options.apply_defaults timeout: @config.rpcs.check_onboarding_status.timeout,
|
|
279
|
+
metadata: call_metadata,
|
|
280
|
+
retry_policy: @config.rpcs.check_onboarding_status.retry_policy
|
|
281
|
+
|
|
282
|
+
options.apply_defaults timeout: @config.timeout,
|
|
283
|
+
metadata: @config.metadata,
|
|
284
|
+
retry_policy: @config.retry_policy
|
|
285
|
+
|
|
286
|
+
@privileged_access_manager_stub.check_onboarding_status request, options do |result, operation|
|
|
287
|
+
yield result, operation if block_given?
|
|
288
|
+
return result
|
|
289
|
+
end
|
|
290
|
+
rescue ::Gapic::Rest::Error => e
|
|
291
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
292
|
+
end
|
|
293
|
+
|
|
294
|
+
##
|
|
295
|
+
# Lists entitlements in a given project/folder/organization and location.
|
|
296
|
+
#
|
|
297
|
+
# @overload list_entitlements(request, options = nil)
|
|
298
|
+
# Pass arguments to `list_entitlements` via a request object, either of type
|
|
299
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::ListEntitlementsRequest} or an equivalent Hash.
|
|
300
|
+
#
|
|
301
|
+
# @param request [::Google::Cloud::PrivilegedAccessManager::V1::ListEntitlementsRequest, ::Hash]
|
|
302
|
+
# A request object representing the call parameters. Required. To specify no
|
|
303
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
304
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
305
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
306
|
+
#
|
|
307
|
+
# @overload list_entitlements(parent: nil, page_size: nil, page_token: nil, filter: nil, order_by: nil)
|
|
308
|
+
# Pass arguments to `list_entitlements` via keyword arguments. Note that at
|
|
309
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
310
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
311
|
+
#
|
|
312
|
+
# @param parent [::String]
|
|
313
|
+
# Required. The parent which owns the entitlement resources.
|
|
314
|
+
# @param page_size [::Integer]
|
|
315
|
+
# Optional. Requested page size. Server may return fewer items than
|
|
316
|
+
# requested. If unspecified, the server picks an appropriate default.
|
|
317
|
+
# @param page_token [::String]
|
|
318
|
+
# Optional. A token identifying a page of results the server should return.
|
|
319
|
+
# @param filter [::String]
|
|
320
|
+
# Optional. Filtering results.
|
|
321
|
+
# @param order_by [::String]
|
|
322
|
+
# Optional. Hint for how to order the results.
|
|
323
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
324
|
+
# @yieldparam result [::Google::Cloud::PrivilegedAccessManager::V1::ListEntitlementsResponse]
|
|
325
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
326
|
+
#
|
|
327
|
+
# @return [::Google::Cloud::PrivilegedAccessManager::V1::ListEntitlementsResponse]
|
|
328
|
+
#
|
|
329
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
330
|
+
#
|
|
331
|
+
# @example Basic example
|
|
332
|
+
# require "google/cloud/privileged_access_manager/v1"
|
|
333
|
+
#
|
|
334
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
335
|
+
# client = Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
336
|
+
#
|
|
337
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
338
|
+
# request = Google::Cloud::PrivilegedAccessManager::V1::ListEntitlementsRequest.new
|
|
339
|
+
#
|
|
340
|
+
# # Call the list_entitlements method.
|
|
341
|
+
# result = client.list_entitlements request
|
|
342
|
+
#
|
|
343
|
+
# # The returned object is of type Gapic::PagedEnumerable. You can iterate
|
|
344
|
+
# # over elements, and API calls will be issued to fetch pages as needed.
|
|
345
|
+
# result.each do |item|
|
|
346
|
+
# # Each element is of type ::Google::Cloud::PrivilegedAccessManager::V1::Entitlement.
|
|
347
|
+
# p item
|
|
348
|
+
# end
|
|
349
|
+
#
|
|
350
|
+
def list_entitlements request, options = nil
|
|
351
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
352
|
+
|
|
353
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::PrivilegedAccessManager::V1::ListEntitlementsRequest
|
|
354
|
+
|
|
355
|
+
# Converts hash and nil to an options object
|
|
356
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
357
|
+
|
|
358
|
+
# Customize the options with defaults
|
|
359
|
+
call_metadata = @config.rpcs.list_entitlements.metadata.to_h
|
|
360
|
+
|
|
361
|
+
# Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
|
|
362
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
363
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
364
|
+
gapic_version: ::Google::Cloud::PrivilegedAccessManager::V1::VERSION,
|
|
365
|
+
transports_version_send: [:rest]
|
|
366
|
+
|
|
367
|
+
call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
|
|
368
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
369
|
+
|
|
370
|
+
options.apply_defaults timeout: @config.rpcs.list_entitlements.timeout,
|
|
371
|
+
metadata: call_metadata,
|
|
372
|
+
retry_policy: @config.rpcs.list_entitlements.retry_policy
|
|
373
|
+
|
|
374
|
+
options.apply_defaults timeout: @config.timeout,
|
|
375
|
+
metadata: @config.metadata,
|
|
376
|
+
retry_policy: @config.retry_policy
|
|
377
|
+
|
|
378
|
+
@privileged_access_manager_stub.list_entitlements request, options do |result, operation|
|
|
379
|
+
yield result, operation if block_given?
|
|
380
|
+
return result
|
|
381
|
+
end
|
|
382
|
+
rescue ::Gapic::Rest::Error => e
|
|
383
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
384
|
+
end
|
|
385
|
+
|
|
386
|
+
##
|
|
387
|
+
# `SearchEntitlements` returns entitlements on which the caller has the
|
|
388
|
+
# specified access.
|
|
389
|
+
#
|
|
390
|
+
# @overload search_entitlements(request, options = nil)
|
|
391
|
+
# Pass arguments to `search_entitlements` via a request object, either of type
|
|
392
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::SearchEntitlementsRequest} or an equivalent Hash.
|
|
393
|
+
#
|
|
394
|
+
# @param request [::Google::Cloud::PrivilegedAccessManager::V1::SearchEntitlementsRequest, ::Hash]
|
|
395
|
+
# A request object representing the call parameters. Required. To specify no
|
|
396
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
397
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
398
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
399
|
+
#
|
|
400
|
+
# @overload search_entitlements(parent: nil, caller_access_type: nil, filter: nil, page_size: nil, page_token: nil)
|
|
401
|
+
# Pass arguments to `search_entitlements` via keyword arguments. Note that at
|
|
402
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
403
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
404
|
+
#
|
|
405
|
+
# @param parent [::String]
|
|
406
|
+
# Required. The parent which owns the entitlement resources.
|
|
407
|
+
# @param caller_access_type [::Google::Cloud::PrivilegedAccessManager::V1::SearchEntitlementsRequest::CallerAccessType]
|
|
408
|
+
# Required. Only entitlements where the calling user has this access are
|
|
409
|
+
# returned.
|
|
410
|
+
# @param filter [::String]
|
|
411
|
+
# Optional. Only entitlements matching this filter are returned in the
|
|
412
|
+
# response.
|
|
413
|
+
# @param page_size [::Integer]
|
|
414
|
+
# Optional. Requested page size. The server may return fewer items than
|
|
415
|
+
# requested. If unspecified, the server picks an appropriate default.
|
|
416
|
+
# @param page_token [::String]
|
|
417
|
+
# Optional. A token identifying a page of results the server should return.
|
|
418
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
419
|
+
# @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Cloud::PrivilegedAccessManager::V1::Entitlement>]
|
|
420
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
421
|
+
#
|
|
422
|
+
# @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::PrivilegedAccessManager::V1::Entitlement>]
|
|
423
|
+
#
|
|
424
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
425
|
+
#
|
|
426
|
+
# @example Basic example
|
|
427
|
+
# require "google/cloud/privileged_access_manager/v1"
|
|
428
|
+
#
|
|
429
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
430
|
+
# client = Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
431
|
+
#
|
|
432
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
433
|
+
# request = Google::Cloud::PrivilegedAccessManager::V1::SearchEntitlementsRequest.new
|
|
434
|
+
#
|
|
435
|
+
# # Call the search_entitlements method.
|
|
436
|
+
# result = client.search_entitlements request
|
|
437
|
+
#
|
|
438
|
+
# # The returned object is of type Gapic::PagedEnumerable. You can iterate
|
|
439
|
+
# # over elements, and API calls will be issued to fetch pages as needed.
|
|
440
|
+
# result.each do |item|
|
|
441
|
+
# # Each element is of type ::Google::Cloud::PrivilegedAccessManager::V1::Entitlement.
|
|
442
|
+
# p item
|
|
443
|
+
# end
|
|
444
|
+
#
|
|
445
|
+
def search_entitlements request, options = nil
|
|
446
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
447
|
+
|
|
448
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::PrivilegedAccessManager::V1::SearchEntitlementsRequest
|
|
449
|
+
|
|
450
|
+
# Converts hash and nil to an options object
|
|
451
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
452
|
+
|
|
453
|
+
# Customize the options with defaults
|
|
454
|
+
call_metadata = @config.rpcs.search_entitlements.metadata.to_h
|
|
455
|
+
|
|
456
|
+
# Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
|
|
457
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
458
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
459
|
+
gapic_version: ::Google::Cloud::PrivilegedAccessManager::V1::VERSION,
|
|
460
|
+
transports_version_send: [:rest]
|
|
461
|
+
|
|
462
|
+
call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
|
|
463
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
464
|
+
|
|
465
|
+
options.apply_defaults timeout: @config.rpcs.search_entitlements.timeout,
|
|
466
|
+
metadata: call_metadata,
|
|
467
|
+
retry_policy: @config.rpcs.search_entitlements.retry_policy
|
|
468
|
+
|
|
469
|
+
options.apply_defaults timeout: @config.timeout,
|
|
470
|
+
metadata: @config.metadata,
|
|
471
|
+
retry_policy: @config.retry_policy
|
|
472
|
+
|
|
473
|
+
@privileged_access_manager_stub.search_entitlements request, options do |result, operation|
|
|
474
|
+
result = ::Gapic::Rest::PagedEnumerable.new @privileged_access_manager_stub, :search_entitlements, "entitlements", request, result, options
|
|
475
|
+
yield result, operation if block_given?
|
|
476
|
+
return result
|
|
477
|
+
end
|
|
478
|
+
rescue ::Gapic::Rest::Error => e
|
|
479
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
480
|
+
end
|
|
481
|
+
|
|
482
|
+
##
|
|
483
|
+
# Gets details of a single entitlement.
|
|
484
|
+
#
|
|
485
|
+
# @overload get_entitlement(request, options = nil)
|
|
486
|
+
# Pass arguments to `get_entitlement` via a request object, either of type
|
|
487
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::GetEntitlementRequest} or an equivalent Hash.
|
|
488
|
+
#
|
|
489
|
+
# @param request [::Google::Cloud::PrivilegedAccessManager::V1::GetEntitlementRequest, ::Hash]
|
|
490
|
+
# A request object representing the call parameters. Required. To specify no
|
|
491
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
492
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
493
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
494
|
+
#
|
|
495
|
+
# @overload get_entitlement(name: nil)
|
|
496
|
+
# Pass arguments to `get_entitlement` via keyword arguments. Note that at
|
|
497
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
498
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
499
|
+
#
|
|
500
|
+
# @param name [::String]
|
|
501
|
+
# Required. Name of the resource.
|
|
502
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
503
|
+
# @yieldparam result [::Google::Cloud::PrivilegedAccessManager::V1::Entitlement]
|
|
504
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
505
|
+
#
|
|
506
|
+
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Entitlement]
|
|
507
|
+
#
|
|
508
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
509
|
+
#
|
|
510
|
+
# @example Basic example
|
|
511
|
+
# require "google/cloud/privileged_access_manager/v1"
|
|
512
|
+
#
|
|
513
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
514
|
+
# client = Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
515
|
+
#
|
|
516
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
517
|
+
# request = Google::Cloud::PrivilegedAccessManager::V1::GetEntitlementRequest.new
|
|
518
|
+
#
|
|
519
|
+
# # Call the get_entitlement method.
|
|
520
|
+
# result = client.get_entitlement request
|
|
521
|
+
#
|
|
522
|
+
# # The returned object is of type Google::Cloud::PrivilegedAccessManager::V1::Entitlement.
|
|
523
|
+
# p result
|
|
524
|
+
#
|
|
525
|
+
def get_entitlement request, options = nil
|
|
526
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
527
|
+
|
|
528
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::PrivilegedAccessManager::V1::GetEntitlementRequest
|
|
529
|
+
|
|
530
|
+
# Converts hash and nil to an options object
|
|
531
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
532
|
+
|
|
533
|
+
# Customize the options with defaults
|
|
534
|
+
call_metadata = @config.rpcs.get_entitlement.metadata.to_h
|
|
535
|
+
|
|
536
|
+
# Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
|
|
537
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
538
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
539
|
+
gapic_version: ::Google::Cloud::PrivilegedAccessManager::V1::VERSION,
|
|
540
|
+
transports_version_send: [:rest]
|
|
541
|
+
|
|
542
|
+
call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
|
|
543
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
544
|
+
|
|
545
|
+
options.apply_defaults timeout: @config.rpcs.get_entitlement.timeout,
|
|
546
|
+
metadata: call_metadata,
|
|
547
|
+
retry_policy: @config.rpcs.get_entitlement.retry_policy
|
|
548
|
+
|
|
549
|
+
options.apply_defaults timeout: @config.timeout,
|
|
550
|
+
metadata: @config.metadata,
|
|
551
|
+
retry_policy: @config.retry_policy
|
|
552
|
+
|
|
553
|
+
@privileged_access_manager_stub.get_entitlement request, options do |result, operation|
|
|
554
|
+
yield result, operation if block_given?
|
|
555
|
+
return result
|
|
556
|
+
end
|
|
557
|
+
rescue ::Gapic::Rest::Error => e
|
|
558
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
559
|
+
end
|
|
560
|
+
|
|
561
|
+
##
|
|
562
|
+
# Creates a new entitlement in a given project/folder/organization and
|
|
563
|
+
# location.
|
|
564
|
+
#
|
|
565
|
+
# @overload create_entitlement(request, options = nil)
|
|
566
|
+
# Pass arguments to `create_entitlement` via a request object, either of type
|
|
567
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::CreateEntitlementRequest} or an equivalent Hash.
|
|
568
|
+
#
|
|
569
|
+
# @param request [::Google::Cloud::PrivilegedAccessManager::V1::CreateEntitlementRequest, ::Hash]
|
|
570
|
+
# A request object representing the call parameters. Required. To specify no
|
|
571
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
572
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
573
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
574
|
+
#
|
|
575
|
+
# @overload create_entitlement(parent: nil, entitlement_id: nil, entitlement: nil, request_id: nil)
|
|
576
|
+
# Pass arguments to `create_entitlement` via keyword arguments. Note that at
|
|
577
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
578
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
579
|
+
#
|
|
580
|
+
# @param parent [::String]
|
|
581
|
+
# Required. Name of the parent resource for the entitlement.
|
|
582
|
+
# Possible formats:
|
|
583
|
+
#
|
|
584
|
+
# * `organizations/{organization-number}/locations/{region}`
|
|
585
|
+
# * `folders/{folder-number}/locations/{region}`
|
|
586
|
+
# * `projects/{project-id|project-number}/locations/{region}`
|
|
587
|
+
# @param entitlement_id [::String]
|
|
588
|
+
# Required. The ID to use for this entitlement. This becomes the last part of
|
|
589
|
+
# the resource name.
|
|
590
|
+
#
|
|
591
|
+
# This value should be 4-63 characters in length, and valid characters are
|
|
592
|
+
# "[a-z]", "[0-9]", and "-". The first character should be from [a-z].
|
|
593
|
+
#
|
|
594
|
+
# This value should be unique among all other entitlements under the
|
|
595
|
+
# specified `parent`.
|
|
596
|
+
# @param entitlement [::Google::Cloud::PrivilegedAccessManager::V1::Entitlement, ::Hash]
|
|
597
|
+
# Required. The resource being created
|
|
598
|
+
# @param request_id [::String]
|
|
599
|
+
# Optional. An optional request ID to identify requests. Specify a unique
|
|
600
|
+
# request ID so that if you must retry your request, the server knows to
|
|
601
|
+
# ignore the request if it has already been completed. The server guarantees
|
|
602
|
+
# this for at least 60 minutes after the first request.
|
|
603
|
+
#
|
|
604
|
+
# For example, consider a situation where you make an initial request and the
|
|
605
|
+
# request times out. If you make the request again with the same request
|
|
606
|
+
# ID, the server can check if original operation with the same request ID
|
|
607
|
+
# was received, and if so, ignores the second request and returns the
|
|
608
|
+
# previous operation's response. This prevents clients from accidentally
|
|
609
|
+
# creating duplicate commitments.
|
|
610
|
+
#
|
|
611
|
+
# The request ID must be a valid UUID with the exception that zero UUID is
|
|
612
|
+
# not supported (00000000-0000-0000-0000-000000000000).
|
|
613
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
614
|
+
# @yieldparam result [::Gapic::Operation]
|
|
615
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
616
|
+
#
|
|
617
|
+
# @return [::Gapic::Operation]
|
|
618
|
+
#
|
|
619
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
620
|
+
#
|
|
621
|
+
# @example Basic example
|
|
622
|
+
# require "google/cloud/privileged_access_manager/v1"
|
|
623
|
+
#
|
|
624
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
625
|
+
# client = Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
626
|
+
#
|
|
627
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
628
|
+
# request = Google::Cloud::PrivilegedAccessManager::V1::CreateEntitlementRequest.new
|
|
629
|
+
#
|
|
630
|
+
# # Call the create_entitlement method.
|
|
631
|
+
# result = client.create_entitlement request
|
|
632
|
+
#
|
|
633
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
634
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
635
|
+
# # Here is how to wait for a response.
|
|
636
|
+
# result.wait_until_done! timeout: 60
|
|
637
|
+
# if result.response?
|
|
638
|
+
# p result.response
|
|
639
|
+
# else
|
|
640
|
+
# puts "No response received."
|
|
641
|
+
# end
|
|
642
|
+
#
|
|
643
|
+
def create_entitlement request, options = nil
|
|
644
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
645
|
+
|
|
646
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::PrivilegedAccessManager::V1::CreateEntitlementRequest
|
|
647
|
+
|
|
648
|
+
# Converts hash and nil to an options object
|
|
649
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
650
|
+
|
|
651
|
+
# Customize the options with defaults
|
|
652
|
+
call_metadata = @config.rpcs.create_entitlement.metadata.to_h
|
|
653
|
+
|
|
654
|
+
# Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
|
|
655
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
656
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
657
|
+
gapic_version: ::Google::Cloud::PrivilegedAccessManager::V1::VERSION,
|
|
658
|
+
transports_version_send: [:rest]
|
|
659
|
+
|
|
660
|
+
call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
|
|
661
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
662
|
+
|
|
663
|
+
options.apply_defaults timeout: @config.rpcs.create_entitlement.timeout,
|
|
664
|
+
metadata: call_metadata,
|
|
665
|
+
retry_policy: @config.rpcs.create_entitlement.retry_policy
|
|
666
|
+
|
|
667
|
+
options.apply_defaults timeout: @config.timeout,
|
|
668
|
+
metadata: @config.metadata,
|
|
669
|
+
retry_policy: @config.retry_policy
|
|
670
|
+
|
|
671
|
+
@privileged_access_manager_stub.create_entitlement request, options do |result, operation|
|
|
672
|
+
result = ::Gapic::Operation.new result, @operations_client, options: options
|
|
673
|
+
yield result, operation if block_given?
|
|
674
|
+
return result
|
|
675
|
+
end
|
|
676
|
+
rescue ::Gapic::Rest::Error => e
|
|
677
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
678
|
+
end
|
|
679
|
+
|
|
680
|
+
##
|
|
681
|
+
# Deletes a single entitlement. This method can only be called when there
|
|
682
|
+
# are no in-progress (ACTIVE/ACTIVATING/REVOKING) grants under the
|
|
683
|
+
# entitlement.
|
|
684
|
+
#
|
|
685
|
+
# @overload delete_entitlement(request, options = nil)
|
|
686
|
+
# Pass arguments to `delete_entitlement` via a request object, either of type
|
|
687
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::DeleteEntitlementRequest} or an equivalent Hash.
|
|
688
|
+
#
|
|
689
|
+
# @param request [::Google::Cloud::PrivilegedAccessManager::V1::DeleteEntitlementRequest, ::Hash]
|
|
690
|
+
# A request object representing the call parameters. Required. To specify no
|
|
691
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
692
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
693
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
694
|
+
#
|
|
695
|
+
# @overload delete_entitlement(name: nil, request_id: nil, force: nil)
|
|
696
|
+
# Pass arguments to `delete_entitlement` via keyword arguments. Note that at
|
|
697
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
698
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
699
|
+
#
|
|
700
|
+
# @param name [::String]
|
|
701
|
+
# Required. Name of the resource.
|
|
702
|
+
# @param request_id [::String]
|
|
703
|
+
# Optional. An optional request ID to identify requests. Specify a unique
|
|
704
|
+
# request ID so that if you must retry your request, the server knows to
|
|
705
|
+
# ignore the request if it has already been completed. The server guarantees
|
|
706
|
+
# this for at least 60 minutes after the first request.
|
|
707
|
+
#
|
|
708
|
+
# For example, consider a situation where you make an initial request and the
|
|
709
|
+
# request times out. If you make the request again with the same request
|
|
710
|
+
# ID, the server can check if original operation with the same request ID
|
|
711
|
+
# was received, and if so, ignores the second request. This prevents
|
|
712
|
+
# clients from accidentally creating duplicate commitments.
|
|
713
|
+
#
|
|
714
|
+
# The request ID must be a valid UUID with the exception that zero UUID is
|
|
715
|
+
# not supported (00000000-0000-0000-0000-000000000000).
|
|
716
|
+
# @param force [::Boolean]
|
|
717
|
+
# Optional. If set to true, any child grant under this entitlement is also
|
|
718
|
+
# deleted. (Otherwise, the request only works if the entitlement has no child
|
|
719
|
+
# grant.)
|
|
720
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
721
|
+
# @yieldparam result [::Gapic::Operation]
|
|
722
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
723
|
+
#
|
|
724
|
+
# @return [::Gapic::Operation]
|
|
725
|
+
#
|
|
726
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
727
|
+
#
|
|
728
|
+
# @example Basic example
|
|
729
|
+
# require "google/cloud/privileged_access_manager/v1"
|
|
730
|
+
#
|
|
731
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
732
|
+
# client = Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
733
|
+
#
|
|
734
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
735
|
+
# request = Google::Cloud::PrivilegedAccessManager::V1::DeleteEntitlementRequest.new
|
|
736
|
+
#
|
|
737
|
+
# # Call the delete_entitlement method.
|
|
738
|
+
# result = client.delete_entitlement request
|
|
739
|
+
#
|
|
740
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
741
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
742
|
+
# # Here is how to wait for a response.
|
|
743
|
+
# result.wait_until_done! timeout: 60
|
|
744
|
+
# if result.response?
|
|
745
|
+
# p result.response
|
|
746
|
+
# else
|
|
747
|
+
# puts "No response received."
|
|
748
|
+
# end
|
|
749
|
+
#
|
|
750
|
+
def delete_entitlement request, options = nil
|
|
751
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
752
|
+
|
|
753
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::PrivilegedAccessManager::V1::DeleteEntitlementRequest
|
|
754
|
+
|
|
755
|
+
# Converts hash and nil to an options object
|
|
756
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
757
|
+
|
|
758
|
+
# Customize the options with defaults
|
|
759
|
+
call_metadata = @config.rpcs.delete_entitlement.metadata.to_h
|
|
760
|
+
|
|
761
|
+
# Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
|
|
762
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
763
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
764
|
+
gapic_version: ::Google::Cloud::PrivilegedAccessManager::V1::VERSION,
|
|
765
|
+
transports_version_send: [:rest]
|
|
766
|
+
|
|
767
|
+
call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
|
|
768
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
769
|
+
|
|
770
|
+
options.apply_defaults timeout: @config.rpcs.delete_entitlement.timeout,
|
|
771
|
+
metadata: call_metadata,
|
|
772
|
+
retry_policy: @config.rpcs.delete_entitlement.retry_policy
|
|
773
|
+
|
|
774
|
+
options.apply_defaults timeout: @config.timeout,
|
|
775
|
+
metadata: @config.metadata,
|
|
776
|
+
retry_policy: @config.retry_policy
|
|
777
|
+
|
|
778
|
+
@privileged_access_manager_stub.delete_entitlement request, options do |result, operation|
|
|
779
|
+
result = ::Gapic::Operation.new result, @operations_client, options: options
|
|
780
|
+
yield result, operation if block_given?
|
|
781
|
+
return result
|
|
782
|
+
end
|
|
783
|
+
rescue ::Gapic::Rest::Error => e
|
|
784
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
785
|
+
end
|
|
786
|
+
|
|
787
|
+
##
|
|
788
|
+
# Updates the entitlement specified in the request. Updated fields in the
|
|
789
|
+
# entitlement need to be specified in an update mask. The changes made to an
|
|
790
|
+
# entitlement are applicable only on future grants of the entitlement.
|
|
791
|
+
# However, if new approvers are added or existing approvers are removed from
|
|
792
|
+
# the approval workflow, the changes are effective on existing grants.
|
|
793
|
+
#
|
|
794
|
+
# The following fields are not supported for updates:
|
|
795
|
+
#
|
|
796
|
+
# * All immutable fields
|
|
797
|
+
# * Entitlement name
|
|
798
|
+
# * Resource name
|
|
799
|
+
# * Resource type
|
|
800
|
+
# * Adding an approval workflow in an entitlement which previously had no
|
|
801
|
+
# approval workflow.
|
|
802
|
+
# * Deleting the approval workflow from an entitlement.
|
|
803
|
+
# * Adding or deleting a step in the approval workflow (only one step is
|
|
804
|
+
# supported)
|
|
805
|
+
#
|
|
806
|
+
# Note that updates are allowed on the list of approvers in an approval
|
|
807
|
+
# workflow step.
|
|
808
|
+
#
|
|
809
|
+
# @overload update_entitlement(request, options = nil)
|
|
810
|
+
# Pass arguments to `update_entitlement` via a request object, either of type
|
|
811
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::UpdateEntitlementRequest} or an equivalent Hash.
|
|
812
|
+
#
|
|
813
|
+
# @param request [::Google::Cloud::PrivilegedAccessManager::V1::UpdateEntitlementRequest, ::Hash]
|
|
814
|
+
# A request object representing the call parameters. Required. To specify no
|
|
815
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
816
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
817
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
818
|
+
#
|
|
819
|
+
# @overload update_entitlement(entitlement: nil, update_mask: nil)
|
|
820
|
+
# Pass arguments to `update_entitlement` via keyword arguments. Note that at
|
|
821
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
822
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
823
|
+
#
|
|
824
|
+
# @param entitlement [::Google::Cloud::PrivilegedAccessManager::V1::Entitlement, ::Hash]
|
|
825
|
+
# Required. The entitlement resource that is updated.
|
|
826
|
+
# @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
|
|
827
|
+
# Required. The list of fields to update. A field is overwritten if, and only
|
|
828
|
+
# if, it is in the mask. Any immutable fields set in the mask are ignored by
|
|
829
|
+
# the server. Repeated fields and map fields are only allowed in the last
|
|
830
|
+
# position of a `paths` string and overwrite the existing values. Hence an
|
|
831
|
+
# update to a repeated field or a map should contain the entire list of
|
|
832
|
+
# values. The fields specified in the update_mask are relative to the
|
|
833
|
+
# resource and not to the request.
|
|
834
|
+
# (e.g. `MaxRequestDuration`; *not* `entitlement.MaxRequestDuration`)
|
|
835
|
+
# A value of '*' for this field refers to full replacement of the resource.
|
|
836
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
837
|
+
# @yieldparam result [::Gapic::Operation]
|
|
838
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
839
|
+
#
|
|
840
|
+
# @return [::Gapic::Operation]
|
|
841
|
+
#
|
|
842
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
843
|
+
#
|
|
844
|
+
# @example Basic example
|
|
845
|
+
# require "google/cloud/privileged_access_manager/v1"
|
|
846
|
+
#
|
|
847
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
848
|
+
# client = Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
849
|
+
#
|
|
850
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
851
|
+
# request = Google::Cloud::PrivilegedAccessManager::V1::UpdateEntitlementRequest.new
|
|
852
|
+
#
|
|
853
|
+
# # Call the update_entitlement method.
|
|
854
|
+
# result = client.update_entitlement request
|
|
855
|
+
#
|
|
856
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
857
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
858
|
+
# # Here is how to wait for a response.
|
|
859
|
+
# result.wait_until_done! timeout: 60
|
|
860
|
+
# if result.response?
|
|
861
|
+
# p result.response
|
|
862
|
+
# else
|
|
863
|
+
# puts "No response received."
|
|
864
|
+
# end
|
|
865
|
+
#
|
|
866
|
+
def update_entitlement request, options = nil
|
|
867
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
868
|
+
|
|
869
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::PrivilegedAccessManager::V1::UpdateEntitlementRequest
|
|
870
|
+
|
|
871
|
+
# Converts hash and nil to an options object
|
|
872
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
873
|
+
|
|
874
|
+
# Customize the options with defaults
|
|
875
|
+
call_metadata = @config.rpcs.update_entitlement.metadata.to_h
|
|
876
|
+
|
|
877
|
+
# Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
|
|
878
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
879
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
880
|
+
gapic_version: ::Google::Cloud::PrivilegedAccessManager::V1::VERSION,
|
|
881
|
+
transports_version_send: [:rest]
|
|
882
|
+
|
|
883
|
+
call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
|
|
884
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
885
|
+
|
|
886
|
+
options.apply_defaults timeout: @config.rpcs.update_entitlement.timeout,
|
|
887
|
+
metadata: call_metadata,
|
|
888
|
+
retry_policy: @config.rpcs.update_entitlement.retry_policy
|
|
889
|
+
|
|
890
|
+
options.apply_defaults timeout: @config.timeout,
|
|
891
|
+
metadata: @config.metadata,
|
|
892
|
+
retry_policy: @config.retry_policy
|
|
893
|
+
|
|
894
|
+
@privileged_access_manager_stub.update_entitlement request, options do |result, operation|
|
|
895
|
+
result = ::Gapic::Operation.new result, @operations_client, options: options
|
|
896
|
+
yield result, operation if block_given?
|
|
897
|
+
return result
|
|
898
|
+
end
|
|
899
|
+
rescue ::Gapic::Rest::Error => e
|
|
900
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
901
|
+
end
|
|
902
|
+
|
|
903
|
+
##
|
|
904
|
+
# Lists grants for a given entitlement.
|
|
905
|
+
#
|
|
906
|
+
# @overload list_grants(request, options = nil)
|
|
907
|
+
# Pass arguments to `list_grants` via a request object, either of type
|
|
908
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::ListGrantsRequest} or an equivalent Hash.
|
|
909
|
+
#
|
|
910
|
+
# @param request [::Google::Cloud::PrivilegedAccessManager::V1::ListGrantsRequest, ::Hash]
|
|
911
|
+
# A request object representing the call parameters. Required. To specify no
|
|
912
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
913
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
914
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
915
|
+
#
|
|
916
|
+
# @overload list_grants(parent: nil, page_size: nil, page_token: nil, filter: nil, order_by: nil)
|
|
917
|
+
# Pass arguments to `list_grants` via keyword arguments. Note that at
|
|
918
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
919
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
920
|
+
#
|
|
921
|
+
# @param parent [::String]
|
|
922
|
+
# Required. The parent resource which owns the grants.
|
|
923
|
+
# @param page_size [::Integer]
|
|
924
|
+
# Optional. Requested page size. The server may return fewer items than
|
|
925
|
+
# requested. If unspecified, the server picks an appropriate default.
|
|
926
|
+
# @param page_token [::String]
|
|
927
|
+
# Optional. A token identifying a page of results the server should return.
|
|
928
|
+
# @param filter [::String]
|
|
929
|
+
# Optional. Filtering results.
|
|
930
|
+
# @param order_by [::String]
|
|
931
|
+
# Optional. Hint for how to order the results
|
|
932
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
933
|
+
# @yieldparam result [::Google::Cloud::PrivilegedAccessManager::V1::ListGrantsResponse]
|
|
934
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
935
|
+
#
|
|
936
|
+
# @return [::Google::Cloud::PrivilegedAccessManager::V1::ListGrantsResponse]
|
|
937
|
+
#
|
|
938
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
939
|
+
#
|
|
940
|
+
# @example Basic example
|
|
941
|
+
# require "google/cloud/privileged_access_manager/v1"
|
|
942
|
+
#
|
|
943
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
944
|
+
# client = Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
945
|
+
#
|
|
946
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
947
|
+
# request = Google::Cloud::PrivilegedAccessManager::V1::ListGrantsRequest.new
|
|
948
|
+
#
|
|
949
|
+
# # Call the list_grants method.
|
|
950
|
+
# result = client.list_grants request
|
|
951
|
+
#
|
|
952
|
+
# # The returned object is of type Gapic::PagedEnumerable. You can iterate
|
|
953
|
+
# # over elements, and API calls will be issued to fetch pages as needed.
|
|
954
|
+
# result.each do |item|
|
|
955
|
+
# # Each element is of type ::Google::Cloud::PrivilegedAccessManager::V1::Grant.
|
|
956
|
+
# p item
|
|
957
|
+
# end
|
|
958
|
+
#
|
|
959
|
+
def list_grants request, options = nil
|
|
960
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
961
|
+
|
|
962
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::PrivilegedAccessManager::V1::ListGrantsRequest
|
|
963
|
+
|
|
964
|
+
# Converts hash and nil to an options object
|
|
965
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
966
|
+
|
|
967
|
+
# Customize the options with defaults
|
|
968
|
+
call_metadata = @config.rpcs.list_grants.metadata.to_h
|
|
969
|
+
|
|
970
|
+
# Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
|
|
971
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
972
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
973
|
+
gapic_version: ::Google::Cloud::PrivilegedAccessManager::V1::VERSION,
|
|
974
|
+
transports_version_send: [:rest]
|
|
975
|
+
|
|
976
|
+
call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
|
|
977
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
978
|
+
|
|
979
|
+
options.apply_defaults timeout: @config.rpcs.list_grants.timeout,
|
|
980
|
+
metadata: call_metadata,
|
|
981
|
+
retry_policy: @config.rpcs.list_grants.retry_policy
|
|
982
|
+
|
|
983
|
+
options.apply_defaults timeout: @config.timeout,
|
|
984
|
+
metadata: @config.metadata,
|
|
985
|
+
retry_policy: @config.retry_policy
|
|
986
|
+
|
|
987
|
+
@privileged_access_manager_stub.list_grants request, options do |result, operation|
|
|
988
|
+
yield result, operation if block_given?
|
|
989
|
+
return result
|
|
990
|
+
end
|
|
991
|
+
rescue ::Gapic::Rest::Error => e
|
|
992
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
993
|
+
end
|
|
994
|
+
|
|
995
|
+
##
|
|
996
|
+
# `SearchGrants` returns grants that are related to the calling user in the
|
|
997
|
+
# specified way.
|
|
998
|
+
#
|
|
999
|
+
# @overload search_grants(request, options = nil)
|
|
1000
|
+
# Pass arguments to `search_grants` via a request object, either of type
|
|
1001
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::SearchGrantsRequest} or an equivalent Hash.
|
|
1002
|
+
#
|
|
1003
|
+
# @param request [::Google::Cloud::PrivilegedAccessManager::V1::SearchGrantsRequest, ::Hash]
|
|
1004
|
+
# A request object representing the call parameters. Required. To specify no
|
|
1005
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
1006
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
1007
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
1008
|
+
#
|
|
1009
|
+
# @overload search_grants(parent: nil, caller_relationship: nil, filter: nil, page_size: nil, page_token: nil)
|
|
1010
|
+
# Pass arguments to `search_grants` via keyword arguments. Note that at
|
|
1011
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
1012
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
1013
|
+
#
|
|
1014
|
+
# @param parent [::String]
|
|
1015
|
+
# Required. The parent which owns the grant resources.
|
|
1016
|
+
# @param caller_relationship [::Google::Cloud::PrivilegedAccessManager::V1::SearchGrantsRequest::CallerRelationshipType]
|
|
1017
|
+
# Required. Only grants which the caller is related to by this relationship
|
|
1018
|
+
# are returned in the response.
|
|
1019
|
+
# @param filter [::String]
|
|
1020
|
+
# Optional. Only grants matching this filter are returned in the response.
|
|
1021
|
+
# @param page_size [::Integer]
|
|
1022
|
+
# Optional. Requested page size. The server may return fewer items than
|
|
1023
|
+
# requested. If unspecified, server picks an appropriate default.
|
|
1024
|
+
# @param page_token [::String]
|
|
1025
|
+
# Optional. A token identifying a page of results the server should return.
|
|
1026
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
1027
|
+
# @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Cloud::PrivilegedAccessManager::V1::Grant>]
|
|
1028
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
1029
|
+
#
|
|
1030
|
+
# @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::PrivilegedAccessManager::V1::Grant>]
|
|
1031
|
+
#
|
|
1032
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
1033
|
+
#
|
|
1034
|
+
# @example Basic example
|
|
1035
|
+
# require "google/cloud/privileged_access_manager/v1"
|
|
1036
|
+
#
|
|
1037
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
1038
|
+
# client = Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
1039
|
+
#
|
|
1040
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
1041
|
+
# request = Google::Cloud::PrivilegedAccessManager::V1::SearchGrantsRequest.new
|
|
1042
|
+
#
|
|
1043
|
+
# # Call the search_grants method.
|
|
1044
|
+
# result = client.search_grants request
|
|
1045
|
+
#
|
|
1046
|
+
# # The returned object is of type Gapic::PagedEnumerable. You can iterate
|
|
1047
|
+
# # over elements, and API calls will be issued to fetch pages as needed.
|
|
1048
|
+
# result.each do |item|
|
|
1049
|
+
# # Each element is of type ::Google::Cloud::PrivilegedAccessManager::V1::Grant.
|
|
1050
|
+
# p item
|
|
1051
|
+
# end
|
|
1052
|
+
#
|
|
1053
|
+
def search_grants request, options = nil
|
|
1054
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
1055
|
+
|
|
1056
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::PrivilegedAccessManager::V1::SearchGrantsRequest
|
|
1057
|
+
|
|
1058
|
+
# Converts hash and nil to an options object
|
|
1059
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
1060
|
+
|
|
1061
|
+
# Customize the options with defaults
|
|
1062
|
+
call_metadata = @config.rpcs.search_grants.metadata.to_h
|
|
1063
|
+
|
|
1064
|
+
# Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
|
|
1065
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
1066
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
1067
|
+
gapic_version: ::Google::Cloud::PrivilegedAccessManager::V1::VERSION,
|
|
1068
|
+
transports_version_send: [:rest]
|
|
1069
|
+
|
|
1070
|
+
call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
|
|
1071
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
1072
|
+
|
|
1073
|
+
options.apply_defaults timeout: @config.rpcs.search_grants.timeout,
|
|
1074
|
+
metadata: call_metadata,
|
|
1075
|
+
retry_policy: @config.rpcs.search_grants.retry_policy
|
|
1076
|
+
|
|
1077
|
+
options.apply_defaults timeout: @config.timeout,
|
|
1078
|
+
metadata: @config.metadata,
|
|
1079
|
+
retry_policy: @config.retry_policy
|
|
1080
|
+
|
|
1081
|
+
@privileged_access_manager_stub.search_grants request, options do |result, operation|
|
|
1082
|
+
result = ::Gapic::Rest::PagedEnumerable.new @privileged_access_manager_stub, :search_grants, "grants", request, result, options
|
|
1083
|
+
yield result, operation if block_given?
|
|
1084
|
+
return result
|
|
1085
|
+
end
|
|
1086
|
+
rescue ::Gapic::Rest::Error => e
|
|
1087
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
1088
|
+
end
|
|
1089
|
+
|
|
1090
|
+
##
|
|
1091
|
+
# Get details of a single grant.
|
|
1092
|
+
#
|
|
1093
|
+
# @overload get_grant(request, options = nil)
|
|
1094
|
+
# Pass arguments to `get_grant` via a request object, either of type
|
|
1095
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::GetGrantRequest} or an equivalent Hash.
|
|
1096
|
+
#
|
|
1097
|
+
# @param request [::Google::Cloud::PrivilegedAccessManager::V1::GetGrantRequest, ::Hash]
|
|
1098
|
+
# A request object representing the call parameters. Required. To specify no
|
|
1099
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
1100
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
1101
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
1102
|
+
#
|
|
1103
|
+
# @overload get_grant(name: nil)
|
|
1104
|
+
# Pass arguments to `get_grant` via keyword arguments. Note that at
|
|
1105
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
1106
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
1107
|
+
#
|
|
1108
|
+
# @param name [::String]
|
|
1109
|
+
# Required. Name of the resource.
|
|
1110
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
1111
|
+
# @yieldparam result [::Google::Cloud::PrivilegedAccessManager::V1::Grant]
|
|
1112
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
1113
|
+
#
|
|
1114
|
+
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Grant]
|
|
1115
|
+
#
|
|
1116
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
1117
|
+
#
|
|
1118
|
+
# @example Basic example
|
|
1119
|
+
# require "google/cloud/privileged_access_manager/v1"
|
|
1120
|
+
#
|
|
1121
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
1122
|
+
# client = Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
1123
|
+
#
|
|
1124
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
1125
|
+
# request = Google::Cloud::PrivilegedAccessManager::V1::GetGrantRequest.new
|
|
1126
|
+
#
|
|
1127
|
+
# # Call the get_grant method.
|
|
1128
|
+
# result = client.get_grant request
|
|
1129
|
+
#
|
|
1130
|
+
# # The returned object is of type Google::Cloud::PrivilegedAccessManager::V1::Grant.
|
|
1131
|
+
# p result
|
|
1132
|
+
#
|
|
1133
|
+
def get_grant request, options = nil
|
|
1134
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
1135
|
+
|
|
1136
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::PrivilegedAccessManager::V1::GetGrantRequest
|
|
1137
|
+
|
|
1138
|
+
# Converts hash and nil to an options object
|
|
1139
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
1140
|
+
|
|
1141
|
+
# Customize the options with defaults
|
|
1142
|
+
call_metadata = @config.rpcs.get_grant.metadata.to_h
|
|
1143
|
+
|
|
1144
|
+
# Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
|
|
1145
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
1146
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
1147
|
+
gapic_version: ::Google::Cloud::PrivilegedAccessManager::V1::VERSION,
|
|
1148
|
+
transports_version_send: [:rest]
|
|
1149
|
+
|
|
1150
|
+
call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
|
|
1151
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
1152
|
+
|
|
1153
|
+
options.apply_defaults timeout: @config.rpcs.get_grant.timeout,
|
|
1154
|
+
metadata: call_metadata,
|
|
1155
|
+
retry_policy: @config.rpcs.get_grant.retry_policy
|
|
1156
|
+
|
|
1157
|
+
options.apply_defaults timeout: @config.timeout,
|
|
1158
|
+
metadata: @config.metadata,
|
|
1159
|
+
retry_policy: @config.retry_policy
|
|
1160
|
+
|
|
1161
|
+
@privileged_access_manager_stub.get_grant request, options do |result, operation|
|
|
1162
|
+
yield result, operation if block_given?
|
|
1163
|
+
return result
|
|
1164
|
+
end
|
|
1165
|
+
rescue ::Gapic::Rest::Error => e
|
|
1166
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
1167
|
+
end
|
|
1168
|
+
|
|
1169
|
+
##
|
|
1170
|
+
# Creates a new grant in a given project and location.
|
|
1171
|
+
#
|
|
1172
|
+
# @overload create_grant(request, options = nil)
|
|
1173
|
+
# Pass arguments to `create_grant` via a request object, either of type
|
|
1174
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::CreateGrantRequest} or an equivalent Hash.
|
|
1175
|
+
#
|
|
1176
|
+
# @param request [::Google::Cloud::PrivilegedAccessManager::V1::CreateGrantRequest, ::Hash]
|
|
1177
|
+
# A request object representing the call parameters. Required. To specify no
|
|
1178
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
1179
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
1180
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
1181
|
+
#
|
|
1182
|
+
# @overload create_grant(parent: nil, grant: nil, request_id: nil)
|
|
1183
|
+
# Pass arguments to `create_grant` via keyword arguments. Note that at
|
|
1184
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
1185
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
1186
|
+
#
|
|
1187
|
+
# @param parent [::String]
|
|
1188
|
+
# Required. Name of the parent entitlement for which this grant is being
|
|
1189
|
+
# requested.
|
|
1190
|
+
# @param grant [::Google::Cloud::PrivilegedAccessManager::V1::Grant, ::Hash]
|
|
1191
|
+
# Required. The resource being created.
|
|
1192
|
+
# @param request_id [::String]
|
|
1193
|
+
# Optional. An optional request ID to identify requests. Specify a unique
|
|
1194
|
+
# request ID so that if you must retry your request, the server knows to
|
|
1195
|
+
# ignore the request if it has already been completed. The server guarantees
|
|
1196
|
+
# this for at least 60 minutes after the first request.
|
|
1197
|
+
#
|
|
1198
|
+
# For example, consider a situation where you make an initial request and the
|
|
1199
|
+
# request times out. If you make the request again with the same request
|
|
1200
|
+
# ID, the server can check if original operation with the same request ID
|
|
1201
|
+
# was received, and if so, ignores the second request. This prevents
|
|
1202
|
+
# clients from accidentally creating duplicate commitments.
|
|
1203
|
+
#
|
|
1204
|
+
# The request ID must be a valid UUID with the exception that zero UUID is
|
|
1205
|
+
# not supported (00000000-0000-0000-0000-000000000000).
|
|
1206
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
1207
|
+
# @yieldparam result [::Google::Cloud::PrivilegedAccessManager::V1::Grant]
|
|
1208
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
1209
|
+
#
|
|
1210
|
+
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Grant]
|
|
1211
|
+
#
|
|
1212
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
1213
|
+
#
|
|
1214
|
+
# @example Basic example
|
|
1215
|
+
# require "google/cloud/privileged_access_manager/v1"
|
|
1216
|
+
#
|
|
1217
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
1218
|
+
# client = Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
1219
|
+
#
|
|
1220
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
1221
|
+
# request = Google::Cloud::PrivilegedAccessManager::V1::CreateGrantRequest.new
|
|
1222
|
+
#
|
|
1223
|
+
# # Call the create_grant method.
|
|
1224
|
+
# result = client.create_grant request
|
|
1225
|
+
#
|
|
1226
|
+
# # The returned object is of type Google::Cloud::PrivilegedAccessManager::V1::Grant.
|
|
1227
|
+
# p result
|
|
1228
|
+
#
|
|
1229
|
+
def create_grant request, options = nil
|
|
1230
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
1231
|
+
|
|
1232
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::PrivilegedAccessManager::V1::CreateGrantRequest
|
|
1233
|
+
|
|
1234
|
+
# Converts hash and nil to an options object
|
|
1235
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
1236
|
+
|
|
1237
|
+
# Customize the options with defaults
|
|
1238
|
+
call_metadata = @config.rpcs.create_grant.metadata.to_h
|
|
1239
|
+
|
|
1240
|
+
# Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
|
|
1241
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
1242
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
1243
|
+
gapic_version: ::Google::Cloud::PrivilegedAccessManager::V1::VERSION,
|
|
1244
|
+
transports_version_send: [:rest]
|
|
1245
|
+
|
|
1246
|
+
call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
|
|
1247
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
1248
|
+
|
|
1249
|
+
options.apply_defaults timeout: @config.rpcs.create_grant.timeout,
|
|
1250
|
+
metadata: call_metadata,
|
|
1251
|
+
retry_policy: @config.rpcs.create_grant.retry_policy
|
|
1252
|
+
|
|
1253
|
+
options.apply_defaults timeout: @config.timeout,
|
|
1254
|
+
metadata: @config.metadata,
|
|
1255
|
+
retry_policy: @config.retry_policy
|
|
1256
|
+
|
|
1257
|
+
@privileged_access_manager_stub.create_grant request, options do |result, operation|
|
|
1258
|
+
yield result, operation if block_given?
|
|
1259
|
+
return result
|
|
1260
|
+
end
|
|
1261
|
+
rescue ::Gapic::Rest::Error => e
|
|
1262
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
1263
|
+
end
|
|
1264
|
+
|
|
1265
|
+
##
|
|
1266
|
+
# `ApproveGrant` is used to approve a grant. This method can only be called
|
|
1267
|
+
# on a grant when it's in the `APPROVAL_AWAITED` state. This operation can't
|
|
1268
|
+
# be undone.
|
|
1269
|
+
#
|
|
1270
|
+
# @overload approve_grant(request, options = nil)
|
|
1271
|
+
# Pass arguments to `approve_grant` via a request object, either of type
|
|
1272
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::ApproveGrantRequest} or an equivalent Hash.
|
|
1273
|
+
#
|
|
1274
|
+
# @param request [::Google::Cloud::PrivilegedAccessManager::V1::ApproveGrantRequest, ::Hash]
|
|
1275
|
+
# A request object representing the call parameters. Required. To specify no
|
|
1276
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
1277
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
1278
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
1279
|
+
#
|
|
1280
|
+
# @overload approve_grant(name: nil, reason: nil)
|
|
1281
|
+
# Pass arguments to `approve_grant` via keyword arguments. Note that at
|
|
1282
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
1283
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
1284
|
+
#
|
|
1285
|
+
# @param name [::String]
|
|
1286
|
+
# Required. Name of the grant resource which is being approved.
|
|
1287
|
+
# @param reason [::String]
|
|
1288
|
+
# Optional. The reason for approving this grant. This is required if the
|
|
1289
|
+
# `require_approver_justification` field of the `ManualApprovals` workflow
|
|
1290
|
+
# used in this grant is true.
|
|
1291
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
1292
|
+
# @yieldparam result [::Google::Cloud::PrivilegedAccessManager::V1::Grant]
|
|
1293
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
1294
|
+
#
|
|
1295
|
+
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Grant]
|
|
1296
|
+
#
|
|
1297
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
1298
|
+
#
|
|
1299
|
+
# @example Basic example
|
|
1300
|
+
# require "google/cloud/privileged_access_manager/v1"
|
|
1301
|
+
#
|
|
1302
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
1303
|
+
# client = Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
1304
|
+
#
|
|
1305
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
1306
|
+
# request = Google::Cloud::PrivilegedAccessManager::V1::ApproveGrantRequest.new
|
|
1307
|
+
#
|
|
1308
|
+
# # Call the approve_grant method.
|
|
1309
|
+
# result = client.approve_grant request
|
|
1310
|
+
#
|
|
1311
|
+
# # The returned object is of type Google::Cloud::PrivilegedAccessManager::V1::Grant.
|
|
1312
|
+
# p result
|
|
1313
|
+
#
|
|
1314
|
+
def approve_grant request, options = nil
|
|
1315
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
1316
|
+
|
|
1317
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::PrivilegedAccessManager::V1::ApproveGrantRequest
|
|
1318
|
+
|
|
1319
|
+
# Converts hash and nil to an options object
|
|
1320
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
1321
|
+
|
|
1322
|
+
# Customize the options with defaults
|
|
1323
|
+
call_metadata = @config.rpcs.approve_grant.metadata.to_h
|
|
1324
|
+
|
|
1325
|
+
# Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
|
|
1326
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
1327
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
1328
|
+
gapic_version: ::Google::Cloud::PrivilegedAccessManager::V1::VERSION,
|
|
1329
|
+
transports_version_send: [:rest]
|
|
1330
|
+
|
|
1331
|
+
call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
|
|
1332
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
1333
|
+
|
|
1334
|
+
options.apply_defaults timeout: @config.rpcs.approve_grant.timeout,
|
|
1335
|
+
metadata: call_metadata,
|
|
1336
|
+
retry_policy: @config.rpcs.approve_grant.retry_policy
|
|
1337
|
+
|
|
1338
|
+
options.apply_defaults timeout: @config.timeout,
|
|
1339
|
+
metadata: @config.metadata,
|
|
1340
|
+
retry_policy: @config.retry_policy
|
|
1341
|
+
|
|
1342
|
+
@privileged_access_manager_stub.approve_grant request, options do |result, operation|
|
|
1343
|
+
yield result, operation if block_given?
|
|
1344
|
+
return result
|
|
1345
|
+
end
|
|
1346
|
+
rescue ::Gapic::Rest::Error => e
|
|
1347
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
1348
|
+
end
|
|
1349
|
+
|
|
1350
|
+
##
|
|
1351
|
+
# `DenyGrant` is used to deny a grant. This method can only be called on a
|
|
1352
|
+
# grant when it's in the `APPROVAL_AWAITED` state. This operation can't be
|
|
1353
|
+
# undone.
|
|
1354
|
+
#
|
|
1355
|
+
# @overload deny_grant(request, options = nil)
|
|
1356
|
+
# Pass arguments to `deny_grant` via a request object, either of type
|
|
1357
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::DenyGrantRequest} or an equivalent Hash.
|
|
1358
|
+
#
|
|
1359
|
+
# @param request [::Google::Cloud::PrivilegedAccessManager::V1::DenyGrantRequest, ::Hash]
|
|
1360
|
+
# A request object representing the call parameters. Required. To specify no
|
|
1361
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
1362
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
1363
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
1364
|
+
#
|
|
1365
|
+
# @overload deny_grant(name: nil, reason: nil)
|
|
1366
|
+
# Pass arguments to `deny_grant` via keyword arguments. Note that at
|
|
1367
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
1368
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
1369
|
+
#
|
|
1370
|
+
# @param name [::String]
|
|
1371
|
+
# Required. Name of the grant resource which is being denied.
|
|
1372
|
+
# @param reason [::String]
|
|
1373
|
+
# Optional. The reason for denying this grant. This is required if
|
|
1374
|
+
# `require_approver_justification` field of the `ManualApprovals` workflow
|
|
1375
|
+
# used in this grant is true.
|
|
1376
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
1377
|
+
# @yieldparam result [::Google::Cloud::PrivilegedAccessManager::V1::Grant]
|
|
1378
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
1379
|
+
#
|
|
1380
|
+
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Grant]
|
|
1381
|
+
#
|
|
1382
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
1383
|
+
#
|
|
1384
|
+
# @example Basic example
|
|
1385
|
+
# require "google/cloud/privileged_access_manager/v1"
|
|
1386
|
+
#
|
|
1387
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
1388
|
+
# client = Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
1389
|
+
#
|
|
1390
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
1391
|
+
# request = Google::Cloud::PrivilegedAccessManager::V1::DenyGrantRequest.new
|
|
1392
|
+
#
|
|
1393
|
+
# # Call the deny_grant method.
|
|
1394
|
+
# result = client.deny_grant request
|
|
1395
|
+
#
|
|
1396
|
+
# # The returned object is of type Google::Cloud::PrivilegedAccessManager::V1::Grant.
|
|
1397
|
+
# p result
|
|
1398
|
+
#
|
|
1399
|
+
def deny_grant request, options = nil
|
|
1400
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
1401
|
+
|
|
1402
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::PrivilegedAccessManager::V1::DenyGrantRequest
|
|
1403
|
+
|
|
1404
|
+
# Converts hash and nil to an options object
|
|
1405
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
1406
|
+
|
|
1407
|
+
# Customize the options with defaults
|
|
1408
|
+
call_metadata = @config.rpcs.deny_grant.metadata.to_h
|
|
1409
|
+
|
|
1410
|
+
# Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
|
|
1411
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
1412
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
1413
|
+
gapic_version: ::Google::Cloud::PrivilegedAccessManager::V1::VERSION,
|
|
1414
|
+
transports_version_send: [:rest]
|
|
1415
|
+
|
|
1416
|
+
call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
|
|
1417
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
1418
|
+
|
|
1419
|
+
options.apply_defaults timeout: @config.rpcs.deny_grant.timeout,
|
|
1420
|
+
metadata: call_metadata,
|
|
1421
|
+
retry_policy: @config.rpcs.deny_grant.retry_policy
|
|
1422
|
+
|
|
1423
|
+
options.apply_defaults timeout: @config.timeout,
|
|
1424
|
+
metadata: @config.metadata,
|
|
1425
|
+
retry_policy: @config.retry_policy
|
|
1426
|
+
|
|
1427
|
+
@privileged_access_manager_stub.deny_grant request, options do |result, operation|
|
|
1428
|
+
yield result, operation if block_given?
|
|
1429
|
+
return result
|
|
1430
|
+
end
|
|
1431
|
+
rescue ::Gapic::Rest::Error => e
|
|
1432
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
1433
|
+
end
|
|
1434
|
+
|
|
1435
|
+
##
|
|
1436
|
+
# `RevokeGrant` is used to immediately revoke access for a grant. This method
|
|
1437
|
+
# can be called when the grant is in a non-terminal state.
|
|
1438
|
+
#
|
|
1439
|
+
# @overload revoke_grant(request, options = nil)
|
|
1440
|
+
# Pass arguments to `revoke_grant` via a request object, either of type
|
|
1441
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::RevokeGrantRequest} or an equivalent Hash.
|
|
1442
|
+
#
|
|
1443
|
+
# @param request [::Google::Cloud::PrivilegedAccessManager::V1::RevokeGrantRequest, ::Hash]
|
|
1444
|
+
# A request object representing the call parameters. Required. To specify no
|
|
1445
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
1446
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
1447
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
1448
|
+
#
|
|
1449
|
+
# @overload revoke_grant(name: nil, reason: nil)
|
|
1450
|
+
# Pass arguments to `revoke_grant` via keyword arguments. Note that at
|
|
1451
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
1452
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
1453
|
+
#
|
|
1454
|
+
# @param name [::String]
|
|
1455
|
+
# Required. Name of the grant resource which is being revoked.
|
|
1456
|
+
# @param reason [::String]
|
|
1457
|
+
# Optional. The reason for revoking this grant.
|
|
1458
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
1459
|
+
# @yieldparam result [::Gapic::Operation]
|
|
1460
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
1461
|
+
#
|
|
1462
|
+
# @return [::Gapic::Operation]
|
|
1463
|
+
#
|
|
1464
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
1465
|
+
#
|
|
1466
|
+
# @example Basic example
|
|
1467
|
+
# require "google/cloud/privileged_access_manager/v1"
|
|
1468
|
+
#
|
|
1469
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
1470
|
+
# client = Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new
|
|
1471
|
+
#
|
|
1472
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
1473
|
+
# request = Google::Cloud::PrivilegedAccessManager::V1::RevokeGrantRequest.new
|
|
1474
|
+
#
|
|
1475
|
+
# # Call the revoke_grant method.
|
|
1476
|
+
# result = client.revoke_grant request
|
|
1477
|
+
#
|
|
1478
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
1479
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
1480
|
+
# # Here is how to wait for a response.
|
|
1481
|
+
# result.wait_until_done! timeout: 60
|
|
1482
|
+
# if result.response?
|
|
1483
|
+
# p result.response
|
|
1484
|
+
# else
|
|
1485
|
+
# puts "No response received."
|
|
1486
|
+
# end
|
|
1487
|
+
#
|
|
1488
|
+
def revoke_grant request, options = nil
|
|
1489
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
1490
|
+
|
|
1491
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::PrivilegedAccessManager::V1::RevokeGrantRequest
|
|
1492
|
+
|
|
1493
|
+
# Converts hash and nil to an options object
|
|
1494
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
1495
|
+
|
|
1496
|
+
# Customize the options with defaults
|
|
1497
|
+
call_metadata = @config.rpcs.revoke_grant.metadata.to_h
|
|
1498
|
+
|
|
1499
|
+
# Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
|
|
1500
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
1501
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
1502
|
+
gapic_version: ::Google::Cloud::PrivilegedAccessManager::V1::VERSION,
|
|
1503
|
+
transports_version_send: [:rest]
|
|
1504
|
+
|
|
1505
|
+
call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
|
|
1506
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
1507
|
+
|
|
1508
|
+
options.apply_defaults timeout: @config.rpcs.revoke_grant.timeout,
|
|
1509
|
+
metadata: call_metadata,
|
|
1510
|
+
retry_policy: @config.rpcs.revoke_grant.retry_policy
|
|
1511
|
+
|
|
1512
|
+
options.apply_defaults timeout: @config.timeout,
|
|
1513
|
+
metadata: @config.metadata,
|
|
1514
|
+
retry_policy: @config.retry_policy
|
|
1515
|
+
|
|
1516
|
+
@privileged_access_manager_stub.revoke_grant request, options do |result, operation|
|
|
1517
|
+
result = ::Gapic::Operation.new result, @operations_client, options: options
|
|
1518
|
+
yield result, operation if block_given?
|
|
1519
|
+
return result
|
|
1520
|
+
end
|
|
1521
|
+
rescue ::Gapic::Rest::Error => e
|
|
1522
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
1523
|
+
end
|
|
1524
|
+
|
|
1525
|
+
##
|
|
1526
|
+
# Configuration class for the PrivilegedAccessManager REST API.
|
|
1527
|
+
#
|
|
1528
|
+
# This class represents the configuration for PrivilegedAccessManager REST,
|
|
1529
|
+
# providing control over timeouts, retry behavior, logging, transport
|
|
1530
|
+
# parameters, and other low-level controls. Certain parameters can also be
|
|
1531
|
+
# applied individually to specific RPCs. See
|
|
1532
|
+
# {::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client::Configuration::Rpcs}
|
|
1533
|
+
# for a list of RPCs that can be configured independently.
|
|
1534
|
+
#
|
|
1535
|
+
# Configuration can be applied globally to all clients, or to a single client
|
|
1536
|
+
# on construction.
|
|
1537
|
+
#
|
|
1538
|
+
# @example
|
|
1539
|
+
#
|
|
1540
|
+
# # Modify the global config, setting the timeout for
|
|
1541
|
+
# # check_onboarding_status to 20 seconds,
|
|
1542
|
+
# # and all remaining timeouts to 10 seconds.
|
|
1543
|
+
# ::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.configure do |config|
|
|
1544
|
+
# config.timeout = 10.0
|
|
1545
|
+
# config.rpcs.check_onboarding_status.timeout = 20.0
|
|
1546
|
+
# end
|
|
1547
|
+
#
|
|
1548
|
+
# # Apply the above configuration only to a new client.
|
|
1549
|
+
# client = ::Google::Cloud::PrivilegedAccessManager::V1::PrivilegedAccessManager::Rest::Client.new do |config|
|
|
1550
|
+
# config.timeout = 10.0
|
|
1551
|
+
# config.rpcs.check_onboarding_status.timeout = 20.0
|
|
1552
|
+
# end
|
|
1553
|
+
#
|
|
1554
|
+
# @!attribute [rw] endpoint
|
|
1555
|
+
# A custom service endpoint, as a hostname or hostname:port. The default is
|
|
1556
|
+
# nil, indicating to use the default endpoint in the current universe domain.
|
|
1557
|
+
# @return [::String,nil]
|
|
1558
|
+
# @!attribute [rw] credentials
|
|
1559
|
+
# Credentials to send with calls. You may provide any of the following types:
|
|
1560
|
+
# * (`String`) The path to a service account key file in JSON format
|
|
1561
|
+
# * (`Hash`) A service account key as a Hash
|
|
1562
|
+
# * (`Google::Auth::Credentials`) A googleauth credentials object
|
|
1563
|
+
# (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials))
|
|
1564
|
+
# * (`Signet::OAuth2::Client`) A signet oauth2 client object
|
|
1565
|
+
# (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client))
|
|
1566
|
+
# * (`nil`) indicating no credentials
|
|
1567
|
+
# @return [::Object]
|
|
1568
|
+
# @!attribute [rw] scope
|
|
1569
|
+
# The OAuth scopes
|
|
1570
|
+
# @return [::Array<::String>]
|
|
1571
|
+
# @!attribute [rw] lib_name
|
|
1572
|
+
# The library name as recorded in instrumentation and logging
|
|
1573
|
+
# @return [::String]
|
|
1574
|
+
# @!attribute [rw] lib_version
|
|
1575
|
+
# The library version as recorded in instrumentation and logging
|
|
1576
|
+
# @return [::String]
|
|
1577
|
+
# @!attribute [rw] timeout
|
|
1578
|
+
# The call timeout in seconds.
|
|
1579
|
+
# @return [::Numeric]
|
|
1580
|
+
# @!attribute [rw] metadata
|
|
1581
|
+
# Additional headers to be sent with the call.
|
|
1582
|
+
# @return [::Hash{::Symbol=>::String}]
|
|
1583
|
+
# @!attribute [rw] retry_policy
|
|
1584
|
+
# The retry policy. The value is a hash with the following keys:
|
|
1585
|
+
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
|
1586
|
+
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
|
1587
|
+
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
|
1588
|
+
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
|
1589
|
+
# trigger a retry.
|
|
1590
|
+
# @return [::Hash]
|
|
1591
|
+
# @!attribute [rw] quota_project
|
|
1592
|
+
# A separate project against which to charge quota.
|
|
1593
|
+
# @return [::String]
|
|
1594
|
+
# @!attribute [rw] universe_domain
|
|
1595
|
+
# The universe domain within which to make requests. This determines the
|
|
1596
|
+
# default endpoint URL. The default value of nil uses the environment
|
|
1597
|
+
# universe (usually the default "googleapis.com" universe).
|
|
1598
|
+
# @return [::String,nil]
|
|
1599
|
+
#
|
|
1600
|
+
class Configuration
|
|
1601
|
+
extend ::Gapic::Config
|
|
1602
|
+
|
|
1603
|
+
# @private
|
|
1604
|
+
# The endpoint specific to the default "googleapis.com" universe. Deprecated.
|
|
1605
|
+
DEFAULT_ENDPOINT = "privilegedaccessmanager.googleapis.com"
|
|
1606
|
+
|
|
1607
|
+
config_attr :endpoint, nil, ::String, nil
|
|
1608
|
+
config_attr :credentials, nil do |value|
|
|
1609
|
+
allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
|
1610
|
+
allowed.any? { |klass| klass === value }
|
|
1611
|
+
end
|
|
1612
|
+
config_attr :scope, nil, ::String, ::Array, nil
|
|
1613
|
+
config_attr :lib_name, nil, ::String, nil
|
|
1614
|
+
config_attr :lib_version, nil, ::String, nil
|
|
1615
|
+
config_attr :timeout, nil, ::Numeric, nil
|
|
1616
|
+
config_attr :metadata, nil, ::Hash, nil
|
|
1617
|
+
config_attr :retry_policy, nil, ::Hash, ::Proc, nil
|
|
1618
|
+
config_attr :quota_project, nil, ::String, nil
|
|
1619
|
+
config_attr :universe_domain, nil, ::String, nil
|
|
1620
|
+
|
|
1621
|
+
# @private
|
|
1622
|
+
# Overrides for http bindings for the RPCs of this service
|
|
1623
|
+
# are only used when this service is used as mixin, and only
|
|
1624
|
+
# by the host service.
|
|
1625
|
+
# @return [::Hash{::Symbol=>::Array<::Gapic::Rest::GrpcTranscoder::HttpBinding>}]
|
|
1626
|
+
config_attr :bindings_override, {}, ::Hash, nil
|
|
1627
|
+
|
|
1628
|
+
# @private
|
|
1629
|
+
def initialize parent_config = nil
|
|
1630
|
+
@parent_config = parent_config unless parent_config.nil?
|
|
1631
|
+
|
|
1632
|
+
yield self if block_given?
|
|
1633
|
+
end
|
|
1634
|
+
|
|
1635
|
+
##
|
|
1636
|
+
# Configurations for individual RPCs
|
|
1637
|
+
# @return [Rpcs]
|
|
1638
|
+
#
|
|
1639
|
+
def rpcs
|
|
1640
|
+
@rpcs ||= begin
|
|
1641
|
+
parent_rpcs = nil
|
|
1642
|
+
parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs)
|
|
1643
|
+
Rpcs.new parent_rpcs
|
|
1644
|
+
end
|
|
1645
|
+
end
|
|
1646
|
+
|
|
1647
|
+
##
|
|
1648
|
+
# Configuration RPC class for the PrivilegedAccessManager API.
|
|
1649
|
+
#
|
|
1650
|
+
# Includes fields providing the configuration for each RPC in this service.
|
|
1651
|
+
# Each configuration object is of type `Gapic::Config::Method` and includes
|
|
1652
|
+
# the following configuration fields:
|
|
1653
|
+
#
|
|
1654
|
+
# * `timeout` (*type:* `Numeric`) - The call timeout in seconds
|
|
1655
|
+
# * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional headers
|
|
1656
|
+
# * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields
|
|
1657
|
+
# include the following keys:
|
|
1658
|
+
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
|
1659
|
+
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
|
1660
|
+
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
|
1661
|
+
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
|
1662
|
+
# trigger a retry.
|
|
1663
|
+
#
|
|
1664
|
+
class Rpcs
|
|
1665
|
+
##
|
|
1666
|
+
# RPC-specific configuration for `check_onboarding_status`
|
|
1667
|
+
# @return [::Gapic::Config::Method]
|
|
1668
|
+
#
|
|
1669
|
+
attr_reader :check_onboarding_status
|
|
1670
|
+
##
|
|
1671
|
+
# RPC-specific configuration for `list_entitlements`
|
|
1672
|
+
# @return [::Gapic::Config::Method]
|
|
1673
|
+
#
|
|
1674
|
+
attr_reader :list_entitlements
|
|
1675
|
+
##
|
|
1676
|
+
# RPC-specific configuration for `search_entitlements`
|
|
1677
|
+
# @return [::Gapic::Config::Method]
|
|
1678
|
+
#
|
|
1679
|
+
attr_reader :search_entitlements
|
|
1680
|
+
##
|
|
1681
|
+
# RPC-specific configuration for `get_entitlement`
|
|
1682
|
+
# @return [::Gapic::Config::Method]
|
|
1683
|
+
#
|
|
1684
|
+
attr_reader :get_entitlement
|
|
1685
|
+
##
|
|
1686
|
+
# RPC-specific configuration for `create_entitlement`
|
|
1687
|
+
# @return [::Gapic::Config::Method]
|
|
1688
|
+
#
|
|
1689
|
+
attr_reader :create_entitlement
|
|
1690
|
+
##
|
|
1691
|
+
# RPC-specific configuration for `delete_entitlement`
|
|
1692
|
+
# @return [::Gapic::Config::Method]
|
|
1693
|
+
#
|
|
1694
|
+
attr_reader :delete_entitlement
|
|
1695
|
+
##
|
|
1696
|
+
# RPC-specific configuration for `update_entitlement`
|
|
1697
|
+
# @return [::Gapic::Config::Method]
|
|
1698
|
+
#
|
|
1699
|
+
attr_reader :update_entitlement
|
|
1700
|
+
##
|
|
1701
|
+
# RPC-specific configuration for `list_grants`
|
|
1702
|
+
# @return [::Gapic::Config::Method]
|
|
1703
|
+
#
|
|
1704
|
+
attr_reader :list_grants
|
|
1705
|
+
##
|
|
1706
|
+
# RPC-specific configuration for `search_grants`
|
|
1707
|
+
# @return [::Gapic::Config::Method]
|
|
1708
|
+
#
|
|
1709
|
+
attr_reader :search_grants
|
|
1710
|
+
##
|
|
1711
|
+
# RPC-specific configuration for `get_grant`
|
|
1712
|
+
# @return [::Gapic::Config::Method]
|
|
1713
|
+
#
|
|
1714
|
+
attr_reader :get_grant
|
|
1715
|
+
##
|
|
1716
|
+
# RPC-specific configuration for `create_grant`
|
|
1717
|
+
# @return [::Gapic::Config::Method]
|
|
1718
|
+
#
|
|
1719
|
+
attr_reader :create_grant
|
|
1720
|
+
##
|
|
1721
|
+
# RPC-specific configuration for `approve_grant`
|
|
1722
|
+
# @return [::Gapic::Config::Method]
|
|
1723
|
+
#
|
|
1724
|
+
attr_reader :approve_grant
|
|
1725
|
+
##
|
|
1726
|
+
# RPC-specific configuration for `deny_grant`
|
|
1727
|
+
# @return [::Gapic::Config::Method]
|
|
1728
|
+
#
|
|
1729
|
+
attr_reader :deny_grant
|
|
1730
|
+
##
|
|
1731
|
+
# RPC-specific configuration for `revoke_grant`
|
|
1732
|
+
# @return [::Gapic::Config::Method]
|
|
1733
|
+
#
|
|
1734
|
+
attr_reader :revoke_grant
|
|
1735
|
+
|
|
1736
|
+
# @private
|
|
1737
|
+
def initialize parent_rpcs = nil
|
|
1738
|
+
check_onboarding_status_config = parent_rpcs.check_onboarding_status if parent_rpcs.respond_to? :check_onboarding_status
|
|
1739
|
+
@check_onboarding_status = ::Gapic::Config::Method.new check_onboarding_status_config
|
|
1740
|
+
list_entitlements_config = parent_rpcs.list_entitlements if parent_rpcs.respond_to? :list_entitlements
|
|
1741
|
+
@list_entitlements = ::Gapic::Config::Method.new list_entitlements_config
|
|
1742
|
+
search_entitlements_config = parent_rpcs.search_entitlements if parent_rpcs.respond_to? :search_entitlements
|
|
1743
|
+
@search_entitlements = ::Gapic::Config::Method.new search_entitlements_config
|
|
1744
|
+
get_entitlement_config = parent_rpcs.get_entitlement if parent_rpcs.respond_to? :get_entitlement
|
|
1745
|
+
@get_entitlement = ::Gapic::Config::Method.new get_entitlement_config
|
|
1746
|
+
create_entitlement_config = parent_rpcs.create_entitlement if parent_rpcs.respond_to? :create_entitlement
|
|
1747
|
+
@create_entitlement = ::Gapic::Config::Method.new create_entitlement_config
|
|
1748
|
+
delete_entitlement_config = parent_rpcs.delete_entitlement if parent_rpcs.respond_to? :delete_entitlement
|
|
1749
|
+
@delete_entitlement = ::Gapic::Config::Method.new delete_entitlement_config
|
|
1750
|
+
update_entitlement_config = parent_rpcs.update_entitlement if parent_rpcs.respond_to? :update_entitlement
|
|
1751
|
+
@update_entitlement = ::Gapic::Config::Method.new update_entitlement_config
|
|
1752
|
+
list_grants_config = parent_rpcs.list_grants if parent_rpcs.respond_to? :list_grants
|
|
1753
|
+
@list_grants = ::Gapic::Config::Method.new list_grants_config
|
|
1754
|
+
search_grants_config = parent_rpcs.search_grants if parent_rpcs.respond_to? :search_grants
|
|
1755
|
+
@search_grants = ::Gapic::Config::Method.new search_grants_config
|
|
1756
|
+
get_grant_config = parent_rpcs.get_grant if parent_rpcs.respond_to? :get_grant
|
|
1757
|
+
@get_grant = ::Gapic::Config::Method.new get_grant_config
|
|
1758
|
+
create_grant_config = parent_rpcs.create_grant if parent_rpcs.respond_to? :create_grant
|
|
1759
|
+
@create_grant = ::Gapic::Config::Method.new create_grant_config
|
|
1760
|
+
approve_grant_config = parent_rpcs.approve_grant if parent_rpcs.respond_to? :approve_grant
|
|
1761
|
+
@approve_grant = ::Gapic::Config::Method.new approve_grant_config
|
|
1762
|
+
deny_grant_config = parent_rpcs.deny_grant if parent_rpcs.respond_to? :deny_grant
|
|
1763
|
+
@deny_grant = ::Gapic::Config::Method.new deny_grant_config
|
|
1764
|
+
revoke_grant_config = parent_rpcs.revoke_grant if parent_rpcs.respond_to? :revoke_grant
|
|
1765
|
+
@revoke_grant = ::Gapic::Config::Method.new revoke_grant_config
|
|
1766
|
+
|
|
1767
|
+
yield self if block_given?
|
|
1768
|
+
end
|
|
1769
|
+
end
|
|
1770
|
+
end
|
|
1771
|
+
end
|
|
1772
|
+
end
|
|
1773
|
+
end
|
|
1774
|
+
end
|
|
1775
|
+
end
|
|
1776
|
+
end
|
|
1777
|
+
end
|