google-iam-v2 0.1.2 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +4 -4
- data/lib/google/iam/v2/deny_pb.rb +25 -8
- data/lib/google/iam/v2/policies/client.rb +18 -20
- data/lib/google/iam/v2/policies/operations.rb +14 -16
- data/lib/google/iam/v2/policies/rest/client.rb +735 -0
- data/lib/google/iam/v2/policies/rest/operations.rb +791 -0
- data/lib/google/iam/v2/policies/rest/service_stub.rb +343 -0
- data/lib/google/iam/v2/policies/rest.rb +50 -0
- data/lib/google/iam/v2/policies.rb +7 -1
- data/lib/google/iam/v2/policy_pb.rb +26 -47
- data/lib/google/iam/v2/rest.rb +35 -0
- data/lib/google/iam/v2/version.rb +1 -1
- data/lib/google/iam/v2.rb +7 -2
- data/proto_docs/google/api/client.rb +381 -0
- data/proto_docs/google/api/launch_stage.rb +71 -0
- data/proto_docs/google/protobuf/any.rb +7 -4
- data/proto_docs/google/protobuf/timestamp.rb +1 -3
- data/proto_docs/google/rpc/status.rb +4 -2
- metadata +17 -8
|
@@ -0,0 +1,735 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# Copyright 2023 Google LLC
|
|
4
|
+
#
|
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
|
+
# you may not use this file except in compliance with the License.
|
|
7
|
+
# You may obtain a copy of the License at
|
|
8
|
+
#
|
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
#
|
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
14
|
+
# See the License for the specific language governing permissions and
|
|
15
|
+
# limitations under the License.
|
|
16
|
+
|
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
|
18
|
+
|
|
19
|
+
require "google/cloud/errors"
|
|
20
|
+
require "google/iam/v2/policy_pb"
|
|
21
|
+
require "google/iam/v2/policies/rest/service_stub"
|
|
22
|
+
|
|
23
|
+
module Google
|
|
24
|
+
module Iam
|
|
25
|
+
module V2
|
|
26
|
+
module Policies
|
|
27
|
+
module Rest
|
|
28
|
+
##
|
|
29
|
+
# REST client for the Policies service.
|
|
30
|
+
#
|
|
31
|
+
# An interface for managing Identity and Access Management (IAM) policies.
|
|
32
|
+
#
|
|
33
|
+
class Client
|
|
34
|
+
# @private
|
|
35
|
+
attr_reader :policies_stub
|
|
36
|
+
|
|
37
|
+
##
|
|
38
|
+
# Configure the Policies Client class.
|
|
39
|
+
#
|
|
40
|
+
# See {::Google::Iam::V2::Policies::Rest::Client::Configuration}
|
|
41
|
+
# for a description of the configuration fields.
|
|
42
|
+
#
|
|
43
|
+
# @example
|
|
44
|
+
#
|
|
45
|
+
# # Modify the configuration for all Policies clients
|
|
46
|
+
# ::Google::Iam::V2::Policies::Rest::Client.configure do |config|
|
|
47
|
+
# config.timeout = 10.0
|
|
48
|
+
# end
|
|
49
|
+
#
|
|
50
|
+
# @yield [config] Configure the Client client.
|
|
51
|
+
# @yieldparam config [Client::Configuration]
|
|
52
|
+
#
|
|
53
|
+
# @return [Client::Configuration]
|
|
54
|
+
#
|
|
55
|
+
def self.configure
|
|
56
|
+
@configure ||= begin
|
|
57
|
+
namespace = ["Google", "Iam", "V2"]
|
|
58
|
+
parent_config = while namespace.any?
|
|
59
|
+
parent_name = namespace.join "::"
|
|
60
|
+
parent_const = const_get parent_name
|
|
61
|
+
break parent_const.configure if parent_const.respond_to? :configure
|
|
62
|
+
namespace.pop
|
|
63
|
+
end
|
|
64
|
+
default_config = Client::Configuration.new parent_config
|
|
65
|
+
|
|
66
|
+
default_config.rpcs.list_policies.timeout = 60.0
|
|
67
|
+
default_config.rpcs.list_policies.retry_policy = {
|
|
68
|
+
initial_delay: 1.0, max_delay: 10.0, multiplier: 1.3, retry_codes: [14]
|
|
69
|
+
}
|
|
70
|
+
|
|
71
|
+
default_config.rpcs.get_policy.timeout = 60.0
|
|
72
|
+
default_config.rpcs.get_policy.retry_policy = {
|
|
73
|
+
initial_delay: 1.0, max_delay: 10.0, multiplier: 1.3, retry_codes: [14]
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
default_config.rpcs.create_policy.timeout = 60.0
|
|
77
|
+
default_config.rpcs.create_policy.retry_policy = {
|
|
78
|
+
initial_delay: 1.0, max_delay: 10.0, multiplier: 1.3, retry_codes: [14]
|
|
79
|
+
}
|
|
80
|
+
|
|
81
|
+
default_config.rpcs.update_policy.timeout = 60.0
|
|
82
|
+
default_config.rpcs.update_policy.retry_policy = {
|
|
83
|
+
initial_delay: 1.0, max_delay: 10.0, multiplier: 1.3, retry_codes: [14]
|
|
84
|
+
}
|
|
85
|
+
|
|
86
|
+
default_config.rpcs.delete_policy.timeout = 60.0
|
|
87
|
+
default_config.rpcs.delete_policy.retry_policy = {
|
|
88
|
+
initial_delay: 1.0, max_delay: 10.0, multiplier: 1.3, retry_codes: [14]
|
|
89
|
+
}
|
|
90
|
+
|
|
91
|
+
default_config
|
|
92
|
+
end
|
|
93
|
+
yield @configure if block_given?
|
|
94
|
+
@configure
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
##
|
|
98
|
+
# Configure the Policies Client instance.
|
|
99
|
+
#
|
|
100
|
+
# The configuration is set to the derived mode, meaning that values can be changed,
|
|
101
|
+
# but structural changes (adding new fields, etc.) are not allowed. Structural changes
|
|
102
|
+
# should be made on {Client.configure}.
|
|
103
|
+
#
|
|
104
|
+
# See {::Google::Iam::V2::Policies::Rest::Client::Configuration}
|
|
105
|
+
# for a description of the configuration fields.
|
|
106
|
+
#
|
|
107
|
+
# @yield [config] Configure the Client client.
|
|
108
|
+
# @yieldparam config [Client::Configuration]
|
|
109
|
+
#
|
|
110
|
+
# @return [Client::Configuration]
|
|
111
|
+
#
|
|
112
|
+
def configure
|
|
113
|
+
yield @config if block_given?
|
|
114
|
+
@config
|
|
115
|
+
end
|
|
116
|
+
|
|
117
|
+
##
|
|
118
|
+
# Create a new Policies REST client object.
|
|
119
|
+
#
|
|
120
|
+
# @example
|
|
121
|
+
#
|
|
122
|
+
# # Create a client using the default configuration
|
|
123
|
+
# client = ::Google::Iam::V2::Policies::Rest::Client.new
|
|
124
|
+
#
|
|
125
|
+
# # Create a client using a custom configuration
|
|
126
|
+
# client = ::Google::Iam::V2::Policies::Rest::Client.new do |config|
|
|
127
|
+
# config.timeout = 10.0
|
|
128
|
+
# end
|
|
129
|
+
#
|
|
130
|
+
# @yield [config] Configure the Policies client.
|
|
131
|
+
# @yieldparam config [Client::Configuration]
|
|
132
|
+
#
|
|
133
|
+
def initialize
|
|
134
|
+
# Create the configuration object
|
|
135
|
+
@config = Configuration.new Client.configure
|
|
136
|
+
|
|
137
|
+
# Yield the configuration if needed
|
|
138
|
+
yield @config if block_given?
|
|
139
|
+
|
|
140
|
+
# Create credentials
|
|
141
|
+
credentials = @config.credentials
|
|
142
|
+
# Use self-signed JWT if the endpoint is unchanged from default,
|
|
143
|
+
# but only if the default endpoint does not have a region prefix.
|
|
144
|
+
enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
|
|
145
|
+
!@config.endpoint.split(".").first.include?("-")
|
|
146
|
+
credentials ||= Credentials.default scope: @config.scope,
|
|
147
|
+
enable_self_signed_jwt: enable_self_signed_jwt
|
|
148
|
+
if credentials.is_a?(::String) || credentials.is_a?(::Hash)
|
|
149
|
+
credentials = Credentials.new credentials, scope: @config.scope
|
|
150
|
+
end
|
|
151
|
+
|
|
152
|
+
@quota_project_id = @config.quota_project
|
|
153
|
+
@quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id
|
|
154
|
+
|
|
155
|
+
@operations_client = ::Google::Iam::V2::Policies::Rest::Operations.new do |config|
|
|
156
|
+
config.credentials = credentials
|
|
157
|
+
config.quota_project = @quota_project_id
|
|
158
|
+
config.endpoint = @config.endpoint
|
|
159
|
+
end
|
|
160
|
+
|
|
161
|
+
@policies_stub = ::Google::Iam::V2::Policies::Rest::ServiceStub.new endpoint: @config.endpoint, credentials: credentials
|
|
162
|
+
end
|
|
163
|
+
|
|
164
|
+
##
|
|
165
|
+
# Get the associated client for long-running operations.
|
|
166
|
+
#
|
|
167
|
+
# @return [::Google::Iam::V2::Policies::Rest::Operations]
|
|
168
|
+
#
|
|
169
|
+
attr_reader :operations_client
|
|
170
|
+
|
|
171
|
+
# Service calls
|
|
172
|
+
|
|
173
|
+
##
|
|
174
|
+
# Retrieves the policies of the specified kind that are attached to a
|
|
175
|
+
# resource.
|
|
176
|
+
#
|
|
177
|
+
# The response lists only policy metadata. In particular, policy rules are
|
|
178
|
+
# omitted.
|
|
179
|
+
#
|
|
180
|
+
# @overload list_policies(request, options = nil)
|
|
181
|
+
# Pass arguments to `list_policies` via a request object, either of type
|
|
182
|
+
# {::Google::Iam::V2::ListPoliciesRequest} or an equivalent Hash.
|
|
183
|
+
#
|
|
184
|
+
# @param request [::Google::Iam::V2::ListPoliciesRequest, ::Hash]
|
|
185
|
+
# A request object representing the call parameters. Required. To specify no
|
|
186
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
187
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
188
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
189
|
+
#
|
|
190
|
+
# @overload list_policies(parent: nil, page_size: nil, page_token: nil)
|
|
191
|
+
# Pass arguments to `list_policies` via keyword arguments. Note that at
|
|
192
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
193
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
194
|
+
#
|
|
195
|
+
# @param parent [::String]
|
|
196
|
+
# Required. The resource that the policy is attached to, along with the kind of policy
|
|
197
|
+
# to list. Format:
|
|
198
|
+
# `policies/{attachment_point}/denypolicies`
|
|
199
|
+
#
|
|
200
|
+
#
|
|
201
|
+
# The attachment point is identified by its URL-encoded full resource name,
|
|
202
|
+
# which means that the forward-slash character, `/`, must be written as
|
|
203
|
+
# `%2F`. For example,
|
|
204
|
+
# `policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies`.
|
|
205
|
+
#
|
|
206
|
+
# For organizations and folders, use the numeric ID in the full resource
|
|
207
|
+
# name. For projects, you can use the alphanumeric or the numeric ID.
|
|
208
|
+
# @param page_size [::Integer]
|
|
209
|
+
# The maximum number of policies to return. IAM ignores this value and uses
|
|
210
|
+
# the value 1000.
|
|
211
|
+
# @param page_token [::String]
|
|
212
|
+
# A page token received in a {::Google::Iam::V2::ListPoliciesResponse ListPoliciesResponse}. Provide this token to
|
|
213
|
+
# retrieve the next page.
|
|
214
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
215
|
+
# @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Iam::V2::Policy>]
|
|
216
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
217
|
+
#
|
|
218
|
+
# @return [::Gapic::Rest::PagedEnumerable<::Google::Iam::V2::Policy>]
|
|
219
|
+
#
|
|
220
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
221
|
+
def list_policies request, options = nil
|
|
222
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
223
|
+
|
|
224
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V2::ListPoliciesRequest
|
|
225
|
+
|
|
226
|
+
# Converts hash and nil to an options object
|
|
227
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
228
|
+
|
|
229
|
+
# Customize the options with defaults
|
|
230
|
+
call_metadata = @config.rpcs.list_policies.metadata.to_h
|
|
231
|
+
|
|
232
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
|
233
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
234
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
235
|
+
gapic_version: ::Google::Iam::V2::VERSION,
|
|
236
|
+
transports_version_send: [:rest]
|
|
237
|
+
|
|
238
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
239
|
+
|
|
240
|
+
options.apply_defaults timeout: @config.rpcs.list_policies.timeout,
|
|
241
|
+
metadata: call_metadata,
|
|
242
|
+
retry_policy: @config.rpcs.list_policies.retry_policy
|
|
243
|
+
|
|
244
|
+
options.apply_defaults timeout: @config.timeout,
|
|
245
|
+
metadata: @config.metadata,
|
|
246
|
+
retry_policy: @config.retry_policy
|
|
247
|
+
|
|
248
|
+
@policies_stub.list_policies request, options do |result, operation|
|
|
249
|
+
result = ::Gapic::Rest::PagedEnumerable.new @policies_stub, :list_policies, "policies", request, result, options
|
|
250
|
+
yield result, operation if block_given?
|
|
251
|
+
return result
|
|
252
|
+
end
|
|
253
|
+
rescue ::Gapic::Rest::Error => e
|
|
254
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
255
|
+
end
|
|
256
|
+
|
|
257
|
+
##
|
|
258
|
+
# Gets a policy.
|
|
259
|
+
#
|
|
260
|
+
# @overload get_policy(request, options = nil)
|
|
261
|
+
# Pass arguments to `get_policy` via a request object, either of type
|
|
262
|
+
# {::Google::Iam::V2::GetPolicyRequest} or an equivalent Hash.
|
|
263
|
+
#
|
|
264
|
+
# @param request [::Google::Iam::V2::GetPolicyRequest, ::Hash]
|
|
265
|
+
# A request object representing the call parameters. Required. To specify no
|
|
266
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
267
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
268
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
269
|
+
#
|
|
270
|
+
# @overload get_policy(name: nil)
|
|
271
|
+
# Pass arguments to `get_policy` via keyword arguments. Note that at
|
|
272
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
273
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
274
|
+
#
|
|
275
|
+
# @param name [::String]
|
|
276
|
+
# Required. The resource name of the policy to retrieve. Format:
|
|
277
|
+
# `policies/{attachment_point}/denypolicies/{policy_id}`
|
|
278
|
+
#
|
|
279
|
+
#
|
|
280
|
+
# Use the URL-encoded full resource name, which means that the forward-slash
|
|
281
|
+
# character, `/`, must be written as `%2F`. For example,
|
|
282
|
+
# `policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my-policy`.
|
|
283
|
+
#
|
|
284
|
+
# For organizations and folders, use the numeric ID in the full resource
|
|
285
|
+
# name. For projects, you can use the alphanumeric or the numeric ID.
|
|
286
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
287
|
+
# @yieldparam result [::Google::Iam::V2::Policy]
|
|
288
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
289
|
+
#
|
|
290
|
+
# @return [::Google::Iam::V2::Policy]
|
|
291
|
+
#
|
|
292
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
293
|
+
def get_policy request, options = nil
|
|
294
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
295
|
+
|
|
296
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V2::GetPolicyRequest
|
|
297
|
+
|
|
298
|
+
# Converts hash and nil to an options object
|
|
299
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
300
|
+
|
|
301
|
+
# Customize the options with defaults
|
|
302
|
+
call_metadata = @config.rpcs.get_policy.metadata.to_h
|
|
303
|
+
|
|
304
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
|
305
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
306
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
307
|
+
gapic_version: ::Google::Iam::V2::VERSION,
|
|
308
|
+
transports_version_send: [:rest]
|
|
309
|
+
|
|
310
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
311
|
+
|
|
312
|
+
options.apply_defaults timeout: @config.rpcs.get_policy.timeout,
|
|
313
|
+
metadata: call_metadata,
|
|
314
|
+
retry_policy: @config.rpcs.get_policy.retry_policy
|
|
315
|
+
|
|
316
|
+
options.apply_defaults timeout: @config.timeout,
|
|
317
|
+
metadata: @config.metadata,
|
|
318
|
+
retry_policy: @config.retry_policy
|
|
319
|
+
|
|
320
|
+
@policies_stub.get_policy request, options do |result, operation|
|
|
321
|
+
yield result, operation if block_given?
|
|
322
|
+
return result
|
|
323
|
+
end
|
|
324
|
+
rescue ::Gapic::Rest::Error => e
|
|
325
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
326
|
+
end
|
|
327
|
+
|
|
328
|
+
##
|
|
329
|
+
# Creates a policy.
|
|
330
|
+
#
|
|
331
|
+
# @overload create_policy(request, options = nil)
|
|
332
|
+
# Pass arguments to `create_policy` via a request object, either of type
|
|
333
|
+
# {::Google::Iam::V2::CreatePolicyRequest} or an equivalent Hash.
|
|
334
|
+
#
|
|
335
|
+
# @param request [::Google::Iam::V2::CreatePolicyRequest, ::Hash]
|
|
336
|
+
# A request object representing the call parameters. Required. To specify no
|
|
337
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
338
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
339
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
340
|
+
#
|
|
341
|
+
# @overload create_policy(parent: nil, policy: nil, policy_id: nil)
|
|
342
|
+
# Pass arguments to `create_policy` via keyword arguments. Note that at
|
|
343
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
344
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
345
|
+
#
|
|
346
|
+
# @param parent [::String]
|
|
347
|
+
# Required. The resource that the policy is attached to, along with the kind of policy
|
|
348
|
+
# to create. Format: `policies/{attachment_point}/denypolicies`
|
|
349
|
+
#
|
|
350
|
+
#
|
|
351
|
+
# The attachment point is identified by its URL-encoded full resource name,
|
|
352
|
+
# which means that the forward-slash character, `/`, must be written as
|
|
353
|
+
# `%2F`. For example,
|
|
354
|
+
# `policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies`.
|
|
355
|
+
#
|
|
356
|
+
# For organizations and folders, use the numeric ID in the full resource
|
|
357
|
+
# name. For projects, you can use the alphanumeric or the numeric ID.
|
|
358
|
+
# @param policy [::Google::Iam::V2::Policy, ::Hash]
|
|
359
|
+
# Required. The policy to create.
|
|
360
|
+
# @param policy_id [::String]
|
|
361
|
+
# The ID to use for this policy, which will become the final component of
|
|
362
|
+
# the policy's resource name. The ID must contain 3 to 63 characters. It can
|
|
363
|
+
# contain lowercase letters and numbers, as well as dashes (`-`) and periods
|
|
364
|
+
# (`.`). The first character must be a lowercase letter.
|
|
365
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
366
|
+
# @yieldparam result [::Gapic::Operation]
|
|
367
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
368
|
+
#
|
|
369
|
+
# @return [::Gapic::Operation]
|
|
370
|
+
#
|
|
371
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
372
|
+
def create_policy request, options = nil
|
|
373
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
374
|
+
|
|
375
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V2::CreatePolicyRequest
|
|
376
|
+
|
|
377
|
+
# Converts hash and nil to an options object
|
|
378
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
379
|
+
|
|
380
|
+
# Customize the options with defaults
|
|
381
|
+
call_metadata = @config.rpcs.create_policy.metadata.to_h
|
|
382
|
+
|
|
383
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
|
384
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
385
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
386
|
+
gapic_version: ::Google::Iam::V2::VERSION,
|
|
387
|
+
transports_version_send: [:rest]
|
|
388
|
+
|
|
389
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
390
|
+
|
|
391
|
+
options.apply_defaults timeout: @config.rpcs.create_policy.timeout,
|
|
392
|
+
metadata: call_metadata,
|
|
393
|
+
retry_policy: @config.rpcs.create_policy.retry_policy
|
|
394
|
+
|
|
395
|
+
options.apply_defaults timeout: @config.timeout,
|
|
396
|
+
metadata: @config.metadata,
|
|
397
|
+
retry_policy: @config.retry_policy
|
|
398
|
+
|
|
399
|
+
@policies_stub.create_policy request, options do |result, operation|
|
|
400
|
+
result = ::Gapic::Operation.new result, @operations_client, options: options
|
|
401
|
+
yield result, operation if block_given?
|
|
402
|
+
return result
|
|
403
|
+
end
|
|
404
|
+
rescue ::Gapic::Rest::Error => e
|
|
405
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
406
|
+
end
|
|
407
|
+
|
|
408
|
+
##
|
|
409
|
+
# Updates the specified policy.
|
|
410
|
+
#
|
|
411
|
+
# You can update only the rules and the display name for the policy.
|
|
412
|
+
#
|
|
413
|
+
# To update a policy, you should use a read-modify-write loop:
|
|
414
|
+
#
|
|
415
|
+
# 1. Use {::Google::Iam::V2::Policies::Rest::Client#get_policy GetPolicy} to read the current version of the policy.
|
|
416
|
+
# 2. Modify the policy as needed.
|
|
417
|
+
# 3. Use `UpdatePolicy` to write the updated policy.
|
|
418
|
+
#
|
|
419
|
+
# This pattern helps prevent conflicts between concurrent updates.
|
|
420
|
+
#
|
|
421
|
+
# @overload update_policy(request, options = nil)
|
|
422
|
+
# Pass arguments to `update_policy` via a request object, either of type
|
|
423
|
+
# {::Google::Iam::V2::UpdatePolicyRequest} or an equivalent Hash.
|
|
424
|
+
#
|
|
425
|
+
# @param request [::Google::Iam::V2::UpdatePolicyRequest, ::Hash]
|
|
426
|
+
# A request object representing the call parameters. Required. To specify no
|
|
427
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
428
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
429
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
430
|
+
#
|
|
431
|
+
# @overload update_policy(policy: nil)
|
|
432
|
+
# Pass arguments to `update_policy` via keyword arguments. Note that at
|
|
433
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
434
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
435
|
+
#
|
|
436
|
+
# @param policy [::Google::Iam::V2::Policy, ::Hash]
|
|
437
|
+
# Required. The policy to update.
|
|
438
|
+
#
|
|
439
|
+
# To prevent conflicting updates, the `etag` value must match the value that
|
|
440
|
+
# is stored in IAM. If the `etag` values do not match, the request fails with
|
|
441
|
+
# a `409` error code and `ABORTED` status.
|
|
442
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
443
|
+
# @yieldparam result [::Gapic::Operation]
|
|
444
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
445
|
+
#
|
|
446
|
+
# @return [::Gapic::Operation]
|
|
447
|
+
#
|
|
448
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
449
|
+
def update_policy request, options = nil
|
|
450
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
451
|
+
|
|
452
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V2::UpdatePolicyRequest
|
|
453
|
+
|
|
454
|
+
# Converts hash and nil to an options object
|
|
455
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
456
|
+
|
|
457
|
+
# Customize the options with defaults
|
|
458
|
+
call_metadata = @config.rpcs.update_policy.metadata.to_h
|
|
459
|
+
|
|
460
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
|
461
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
462
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
463
|
+
gapic_version: ::Google::Iam::V2::VERSION,
|
|
464
|
+
transports_version_send: [:rest]
|
|
465
|
+
|
|
466
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
467
|
+
|
|
468
|
+
options.apply_defaults timeout: @config.rpcs.update_policy.timeout,
|
|
469
|
+
metadata: call_metadata,
|
|
470
|
+
retry_policy: @config.rpcs.update_policy.retry_policy
|
|
471
|
+
|
|
472
|
+
options.apply_defaults timeout: @config.timeout,
|
|
473
|
+
metadata: @config.metadata,
|
|
474
|
+
retry_policy: @config.retry_policy
|
|
475
|
+
|
|
476
|
+
@policies_stub.update_policy request, options do |result, operation|
|
|
477
|
+
result = ::Gapic::Operation.new result, @operations_client, options: options
|
|
478
|
+
yield result, operation if block_given?
|
|
479
|
+
return result
|
|
480
|
+
end
|
|
481
|
+
rescue ::Gapic::Rest::Error => e
|
|
482
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
483
|
+
end
|
|
484
|
+
|
|
485
|
+
##
|
|
486
|
+
# Deletes a policy. This action is permanent.
|
|
487
|
+
#
|
|
488
|
+
# @overload delete_policy(request, options = nil)
|
|
489
|
+
# Pass arguments to `delete_policy` via a request object, either of type
|
|
490
|
+
# {::Google::Iam::V2::DeletePolicyRequest} or an equivalent Hash.
|
|
491
|
+
#
|
|
492
|
+
# @param request [::Google::Iam::V2::DeletePolicyRequest, ::Hash]
|
|
493
|
+
# A request object representing the call parameters. Required. To specify no
|
|
494
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
495
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
496
|
+
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
497
|
+
#
|
|
498
|
+
# @overload delete_policy(name: nil, etag: nil)
|
|
499
|
+
# Pass arguments to `delete_policy` via keyword arguments. Note that at
|
|
500
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
501
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
502
|
+
#
|
|
503
|
+
# @param name [::String]
|
|
504
|
+
# Required. The resource name of the policy to delete. Format:
|
|
505
|
+
# `policies/{attachment_point}/denypolicies/{policy_id}`
|
|
506
|
+
#
|
|
507
|
+
#
|
|
508
|
+
# Use the URL-encoded full resource name, which means that the forward-slash
|
|
509
|
+
# character, `/`, must be written as `%2F`. For example,
|
|
510
|
+
# `policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my-policy`.
|
|
511
|
+
#
|
|
512
|
+
# For organizations and folders, use the numeric ID in the full resource
|
|
513
|
+
# name. For projects, you can use the alphanumeric or the numeric ID.
|
|
514
|
+
# @param etag [::String]
|
|
515
|
+
# Optional. The expected `etag` of the policy to delete. If the value does not match
|
|
516
|
+
# the value that is stored in IAM, the request fails with a `409` error code
|
|
517
|
+
# and `ABORTED` status.
|
|
518
|
+
#
|
|
519
|
+
# If you omit this field, the policy is deleted regardless of its current
|
|
520
|
+
# `etag`.
|
|
521
|
+
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
522
|
+
# @yieldparam result [::Gapic::Operation]
|
|
523
|
+
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
524
|
+
#
|
|
525
|
+
# @return [::Gapic::Operation]
|
|
526
|
+
#
|
|
527
|
+
# @raise [::Google::Cloud::Error] if the REST call is aborted.
|
|
528
|
+
def delete_policy request, options = nil
|
|
529
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
530
|
+
|
|
531
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V2::DeletePolicyRequest
|
|
532
|
+
|
|
533
|
+
# Converts hash and nil to an options object
|
|
534
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
535
|
+
|
|
536
|
+
# Customize the options with defaults
|
|
537
|
+
call_metadata = @config.rpcs.delete_policy.metadata.to_h
|
|
538
|
+
|
|
539
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
|
540
|
+
call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
541
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
542
|
+
gapic_version: ::Google::Iam::V2::VERSION,
|
|
543
|
+
transports_version_send: [:rest]
|
|
544
|
+
|
|
545
|
+
call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
546
|
+
|
|
547
|
+
options.apply_defaults timeout: @config.rpcs.delete_policy.timeout,
|
|
548
|
+
metadata: call_metadata,
|
|
549
|
+
retry_policy: @config.rpcs.delete_policy.retry_policy
|
|
550
|
+
|
|
551
|
+
options.apply_defaults timeout: @config.timeout,
|
|
552
|
+
metadata: @config.metadata,
|
|
553
|
+
retry_policy: @config.retry_policy
|
|
554
|
+
|
|
555
|
+
@policies_stub.delete_policy request, options do |result, operation|
|
|
556
|
+
result = ::Gapic::Operation.new result, @operations_client, options: options
|
|
557
|
+
yield result, operation if block_given?
|
|
558
|
+
return result
|
|
559
|
+
end
|
|
560
|
+
rescue ::Gapic::Rest::Error => e
|
|
561
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
562
|
+
end
|
|
563
|
+
|
|
564
|
+
##
|
|
565
|
+
# Configuration class for the Policies REST API.
|
|
566
|
+
#
|
|
567
|
+
# This class represents the configuration for Policies REST,
|
|
568
|
+
# providing control over timeouts, retry behavior, logging, transport
|
|
569
|
+
# parameters, and other low-level controls. Certain parameters can also be
|
|
570
|
+
# applied individually to specific RPCs. See
|
|
571
|
+
# {::Google::Iam::V2::Policies::Rest::Client::Configuration::Rpcs}
|
|
572
|
+
# for a list of RPCs that can be configured independently.
|
|
573
|
+
#
|
|
574
|
+
# Configuration can be applied globally to all clients, or to a single client
|
|
575
|
+
# on construction.
|
|
576
|
+
#
|
|
577
|
+
# @example
|
|
578
|
+
#
|
|
579
|
+
# # Modify the global config, setting the timeout for
|
|
580
|
+
# # list_policies to 20 seconds,
|
|
581
|
+
# # and all remaining timeouts to 10 seconds.
|
|
582
|
+
# ::Google::Iam::V2::Policies::Rest::Client.configure do |config|
|
|
583
|
+
# config.timeout = 10.0
|
|
584
|
+
# config.rpcs.list_policies.timeout = 20.0
|
|
585
|
+
# end
|
|
586
|
+
#
|
|
587
|
+
# # Apply the above configuration only to a new client.
|
|
588
|
+
# client = ::Google::Iam::V2::Policies::Rest::Client.new do |config|
|
|
589
|
+
# config.timeout = 10.0
|
|
590
|
+
# config.rpcs.list_policies.timeout = 20.0
|
|
591
|
+
# end
|
|
592
|
+
#
|
|
593
|
+
# @!attribute [rw] endpoint
|
|
594
|
+
# The hostname or hostname:port of the service endpoint.
|
|
595
|
+
# Defaults to `"iam.googleapis.com"`.
|
|
596
|
+
# @return [::String]
|
|
597
|
+
# @!attribute [rw] credentials
|
|
598
|
+
# Credentials to send with calls. You may provide any of the following types:
|
|
599
|
+
# * (`String`) The path to a service account key file in JSON format
|
|
600
|
+
# * (`Hash`) A service account key as a Hash
|
|
601
|
+
# * (`Google::Auth::Credentials`) A googleauth credentials object
|
|
602
|
+
# (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials))
|
|
603
|
+
# * (`Signet::OAuth2::Client`) A signet oauth2 client object
|
|
604
|
+
# (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client))
|
|
605
|
+
# * (`nil`) indicating no credentials
|
|
606
|
+
# @return [::Object]
|
|
607
|
+
# @!attribute [rw] scope
|
|
608
|
+
# The OAuth scopes
|
|
609
|
+
# @return [::Array<::String>]
|
|
610
|
+
# @!attribute [rw] lib_name
|
|
611
|
+
# The library name as recorded in instrumentation and logging
|
|
612
|
+
# @return [::String]
|
|
613
|
+
# @!attribute [rw] lib_version
|
|
614
|
+
# The library version as recorded in instrumentation and logging
|
|
615
|
+
# @return [::String]
|
|
616
|
+
# @!attribute [rw] timeout
|
|
617
|
+
# The call timeout in seconds.
|
|
618
|
+
# @return [::Numeric]
|
|
619
|
+
# @!attribute [rw] metadata
|
|
620
|
+
# Additional headers to be sent with the call.
|
|
621
|
+
# @return [::Hash{::Symbol=>::String}]
|
|
622
|
+
# @!attribute [rw] retry_policy
|
|
623
|
+
# The retry policy. The value is a hash with the following keys:
|
|
624
|
+
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
|
625
|
+
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
|
626
|
+
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
|
627
|
+
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
|
628
|
+
# trigger a retry.
|
|
629
|
+
# @return [::Hash]
|
|
630
|
+
# @!attribute [rw] quota_project
|
|
631
|
+
# A separate project against which to charge quota.
|
|
632
|
+
# @return [::String]
|
|
633
|
+
#
|
|
634
|
+
class Configuration
|
|
635
|
+
extend ::Gapic::Config
|
|
636
|
+
|
|
637
|
+
config_attr :endpoint, "iam.googleapis.com", ::String
|
|
638
|
+
config_attr :credentials, nil do |value|
|
|
639
|
+
allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
|
640
|
+
allowed.any? { |klass| klass === value }
|
|
641
|
+
end
|
|
642
|
+
config_attr :scope, nil, ::String, ::Array, nil
|
|
643
|
+
config_attr :lib_name, nil, ::String, nil
|
|
644
|
+
config_attr :lib_version, nil, ::String, nil
|
|
645
|
+
config_attr :timeout, nil, ::Numeric, nil
|
|
646
|
+
config_attr :metadata, nil, ::Hash, nil
|
|
647
|
+
config_attr :retry_policy, nil, ::Hash, ::Proc, nil
|
|
648
|
+
config_attr :quota_project, nil, ::String, nil
|
|
649
|
+
|
|
650
|
+
# @private
|
|
651
|
+
def initialize parent_config = nil
|
|
652
|
+
@parent_config = parent_config unless parent_config.nil?
|
|
653
|
+
|
|
654
|
+
yield self if block_given?
|
|
655
|
+
end
|
|
656
|
+
|
|
657
|
+
##
|
|
658
|
+
# Configurations for individual RPCs
|
|
659
|
+
# @return [Rpcs]
|
|
660
|
+
#
|
|
661
|
+
def rpcs
|
|
662
|
+
@rpcs ||= begin
|
|
663
|
+
parent_rpcs = nil
|
|
664
|
+
parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs)
|
|
665
|
+
Rpcs.new parent_rpcs
|
|
666
|
+
end
|
|
667
|
+
end
|
|
668
|
+
|
|
669
|
+
##
|
|
670
|
+
# Configuration RPC class for the Policies API.
|
|
671
|
+
#
|
|
672
|
+
# Includes fields providing the configuration for each RPC in this service.
|
|
673
|
+
# Each configuration object is of type `Gapic::Config::Method` and includes
|
|
674
|
+
# the following configuration fields:
|
|
675
|
+
#
|
|
676
|
+
# * `timeout` (*type:* `Numeric`) - The call timeout in seconds
|
|
677
|
+
# * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional headers
|
|
678
|
+
# * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields
|
|
679
|
+
# include the following keys:
|
|
680
|
+
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
|
681
|
+
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
|
682
|
+
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
|
683
|
+
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
|
684
|
+
# trigger a retry.
|
|
685
|
+
#
|
|
686
|
+
class Rpcs
|
|
687
|
+
##
|
|
688
|
+
# RPC-specific configuration for `list_policies`
|
|
689
|
+
# @return [::Gapic::Config::Method]
|
|
690
|
+
#
|
|
691
|
+
attr_reader :list_policies
|
|
692
|
+
##
|
|
693
|
+
# RPC-specific configuration for `get_policy`
|
|
694
|
+
# @return [::Gapic::Config::Method]
|
|
695
|
+
#
|
|
696
|
+
attr_reader :get_policy
|
|
697
|
+
##
|
|
698
|
+
# RPC-specific configuration for `create_policy`
|
|
699
|
+
# @return [::Gapic::Config::Method]
|
|
700
|
+
#
|
|
701
|
+
attr_reader :create_policy
|
|
702
|
+
##
|
|
703
|
+
# RPC-specific configuration for `update_policy`
|
|
704
|
+
# @return [::Gapic::Config::Method]
|
|
705
|
+
#
|
|
706
|
+
attr_reader :update_policy
|
|
707
|
+
##
|
|
708
|
+
# RPC-specific configuration for `delete_policy`
|
|
709
|
+
# @return [::Gapic::Config::Method]
|
|
710
|
+
#
|
|
711
|
+
attr_reader :delete_policy
|
|
712
|
+
|
|
713
|
+
# @private
|
|
714
|
+
def initialize parent_rpcs = nil
|
|
715
|
+
list_policies_config = parent_rpcs.list_policies if parent_rpcs.respond_to? :list_policies
|
|
716
|
+
@list_policies = ::Gapic::Config::Method.new list_policies_config
|
|
717
|
+
get_policy_config = parent_rpcs.get_policy if parent_rpcs.respond_to? :get_policy
|
|
718
|
+
@get_policy = ::Gapic::Config::Method.new get_policy_config
|
|
719
|
+
create_policy_config = parent_rpcs.create_policy if parent_rpcs.respond_to? :create_policy
|
|
720
|
+
@create_policy = ::Gapic::Config::Method.new create_policy_config
|
|
721
|
+
update_policy_config = parent_rpcs.update_policy if parent_rpcs.respond_to? :update_policy
|
|
722
|
+
@update_policy = ::Gapic::Config::Method.new update_policy_config
|
|
723
|
+
delete_policy_config = parent_rpcs.delete_policy if parent_rpcs.respond_to? :delete_policy
|
|
724
|
+
@delete_policy = ::Gapic::Config::Method.new delete_policy_config
|
|
725
|
+
|
|
726
|
+
yield self if block_given?
|
|
727
|
+
end
|
|
728
|
+
end
|
|
729
|
+
end
|
|
730
|
+
end
|
|
731
|
+
end
|
|
732
|
+
end
|
|
733
|
+
end
|
|
734
|
+
end
|
|
735
|
+
end
|