google-identity-access_context_manager-v1 0.2.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +1 -1
- data/README.md +2 -2
- data/lib/google/identity/access_context_manager/v1/access_context_manager/client.rb +513 -198
- data/lib/google/identity/access_context_manager/v1/access_context_manager/operations.rb +12 -14
- data/lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb +2467 -0
- data/lib/google/identity/access_context_manager/v1/access_context_manager/rest/operations.rb +793 -0
- data/lib/google/identity/access_context_manager/v1/access_context_manager/rest/service_stub.rb +1608 -0
- data/lib/google/identity/access_context_manager/v1/access_context_manager/rest.rb +63 -0
- data/lib/google/identity/access_context_manager/v1/access_context_manager.rb +15 -9
- data/lib/google/identity/access_context_manager/v1/rest.rb +37 -0
- data/lib/google/identity/access_context_manager/v1/version.rb +1 -1
- data/lib/google/identity/access_context_manager/v1.rb +7 -2
- data/lib/google/identity/accesscontextmanager/v1/access_context_manager_pb.rb +2 -0
- data/lib/google/identity/accesscontextmanager/v1/access_context_manager_services_pb.rb +128 -112
- data/lib/google/identity/accesscontextmanager/v1/access_policy_pb.rb +1 -0
- data/lib/google/identity/accesscontextmanager/v1/service_perimeter_pb.rb +11 -10
- data/proto_docs/google/api/client.rb +318 -0
- data/proto_docs/google/api/launch_stage.rb +71 -0
- data/proto_docs/google/iam/v1/iam_policy.rb +87 -0
- data/proto_docs/google/iam/v1/options.rb +50 -0
- data/proto_docs/google/iam/v1/policy.rb +418 -0
- data/proto_docs/google/identity/accesscontextmanager/v1/access_context_manager.rb +1 -1
- data/proto_docs/google/identity/accesscontextmanager/v1/access_policy.rb +16 -0
- data/proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb +72 -64
- data/proto_docs/google/protobuf/empty.rb +0 -2
- data/proto_docs/google/rpc/status.rb +4 -2
- metadata +32 -8
|
@@ -27,15 +27,15 @@ module Google
|
|
|
27
27
|
##
|
|
28
28
|
# Client for the AccessContextManager service.
|
|
29
29
|
#
|
|
30
|
-
# API for setting [
|
|
31
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel] and [
|
|
32
|
-
#
|
|
33
|
-
# for Google Cloud
|
|
34
|
-
# [google.identity.accesscontextmanager.v1.AccessPolicy]
|
|
35
|
-
# [
|
|
36
|
-
# and [
|
|
30
|
+
# API for setting [access levels]
|
|
31
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] and [service
|
|
32
|
+
# perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
|
33
|
+
# for Google Cloud projects. Each organization has one [access policy]
|
|
34
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] that contains the
|
|
35
|
+
# [access levels] [google.identity.accesscontextmanager.v1.AccessLevel]
|
|
36
|
+
# and [service perimeters]
|
|
37
37
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter]. This
|
|
38
|
-
# [
|
|
38
|
+
# [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is
|
|
39
39
|
# applicable to all resources in the organization.
|
|
40
40
|
# AccessPolicies
|
|
41
41
|
#
|
|
@@ -170,9 +170,9 @@ module Google
|
|
|
170
170
|
# Service calls
|
|
171
171
|
|
|
172
172
|
##
|
|
173
|
-
#
|
|
174
|
-
# [google.identity.accesscontextmanager.v1.AccessPolicy]
|
|
175
|
-
#
|
|
173
|
+
# Lists all [access policies]
|
|
174
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] in an
|
|
175
|
+
# organization.
|
|
176
176
|
#
|
|
177
177
|
# @overload list_access_policies(request, options = nil)
|
|
178
178
|
# Pass arguments to `list_access_policies` via a request object, either of type
|
|
@@ -221,13 +221,11 @@ module Google
|
|
|
221
221
|
# # Call the list_access_policies method.
|
|
222
222
|
# result = client.list_access_policies request
|
|
223
223
|
#
|
|
224
|
-
# # The returned object is of type Gapic::PagedEnumerable. You can
|
|
225
|
-
# #
|
|
226
|
-
#
|
|
227
|
-
# # methods are also available for managing paging directly.
|
|
228
|
-
# result.each do |response|
|
|
224
|
+
# # The returned object is of type Gapic::PagedEnumerable. You can iterate
|
|
225
|
+
# # over elements, and API calls will be issued to fetch pages as needed.
|
|
226
|
+
# result.each do |item|
|
|
229
227
|
# # Each element is of type ::Google::Identity::AccessContextManager::V1::AccessPolicy.
|
|
230
|
-
# p
|
|
228
|
+
# p item
|
|
231
229
|
# end
|
|
232
230
|
#
|
|
233
231
|
def list_access_policies request, options = nil
|
|
@@ -265,8 +263,8 @@ module Google
|
|
|
265
263
|
end
|
|
266
264
|
|
|
267
265
|
##
|
|
268
|
-
#
|
|
269
|
-
# [google.identity.accesscontextmanager.v1.AccessPolicy]
|
|
266
|
+
# Returns an [access policy]
|
|
267
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] based on the name.
|
|
270
268
|
#
|
|
271
269
|
# @overload get_access_policy(request, options = nil)
|
|
272
270
|
# Pass arguments to `get_access_policy` via a request object, either of type
|
|
@@ -353,10 +351,10 @@ module Google
|
|
|
353
351
|
end
|
|
354
352
|
|
|
355
353
|
##
|
|
356
|
-
#
|
|
357
|
-
#
|
|
358
|
-
#
|
|
359
|
-
# Syntactic and basic semantic errors
|
|
354
|
+
# Creates an access policy. This method fails if the organization already has
|
|
355
|
+
# an access policy. The long-running operation has a successful status
|
|
356
|
+
# after the access policy propagates to long-lasting storage.
|
|
357
|
+
# Syntactic and basic semantic errors are returned in `metadata` as a
|
|
360
358
|
# BadRequest proto.
|
|
361
359
|
#
|
|
362
360
|
# @overload create_access_policy(request, options = nil)
|
|
@@ -369,7 +367,7 @@ module Google
|
|
|
369
367
|
# @param options [::Gapic::CallOptions, ::Hash]
|
|
370
368
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
|
371
369
|
#
|
|
372
|
-
# @overload create_access_policy(name: nil, parent: nil, title: nil, create_time: nil, update_time: nil, etag: nil)
|
|
370
|
+
# @overload create_access_policy(name: nil, parent: nil, title: nil, scopes: nil, create_time: nil, update_time: nil, etag: nil)
|
|
373
371
|
# Pass arguments to `create_access_policy` via keyword arguments. Note that at
|
|
374
372
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
375
373
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
@@ -383,6 +381,21 @@ module Google
|
|
|
383
381
|
# `organizations/{organization_id}`
|
|
384
382
|
# @param title [::String]
|
|
385
383
|
# Required. Human readable title. Does not affect behavior.
|
|
384
|
+
# @param scopes [::Array<::String>]
|
|
385
|
+
# The scopes of a policy define which resources an ACM policy can restrict,
|
|
386
|
+
# and where ACM resources can be referenced.
|
|
387
|
+
# For example, a policy with scopes=["folders/123"] has the following
|
|
388
|
+
# behavior:
|
|
389
|
+
# - vpcsc perimeters can only restrict projects within folders/123
|
|
390
|
+
# - access levels can only be referenced by resources within folders/123.
|
|
391
|
+
# If empty, there are no limitations on which resources can be restricted by
|
|
392
|
+
# an ACM policy, and there are no limitations on where ACM resources can be
|
|
393
|
+
# referenced.
|
|
394
|
+
# Only one policy can include a given scope (attempting to create a second
|
|
395
|
+
# policy which includes "folders/123" will result in an error).
|
|
396
|
+
# Currently, scopes cannot be modified after a policy is created.
|
|
397
|
+
# Currently, policies can only have a single scope.
|
|
398
|
+
# Format: list of `folders/{folder_number}` or `projects/{project_number}`
|
|
386
399
|
# @param create_time [::Google::Protobuf::Timestamp, ::Hash]
|
|
387
400
|
# Output only. Time the `AccessPolicy` was created in UTC.
|
|
388
401
|
# @param update_time [::Google::Protobuf::Timestamp, ::Hash]
|
|
@@ -413,14 +426,14 @@ module Google
|
|
|
413
426
|
# # Call the create_access_policy method.
|
|
414
427
|
# result = client.create_access_policy request
|
|
415
428
|
#
|
|
416
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
417
|
-
# #
|
|
418
|
-
# #
|
|
429
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
430
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
431
|
+
# # Here is how to wait for a response.
|
|
419
432
|
# result.wait_until_done! timeout: 60
|
|
420
433
|
# if result.response?
|
|
421
434
|
# p result.response
|
|
422
435
|
# else
|
|
423
|
-
# puts "
|
|
436
|
+
# puts "No response received."
|
|
424
437
|
# end
|
|
425
438
|
#
|
|
426
439
|
def create_access_policy request, options = nil
|
|
@@ -458,13 +471,12 @@ module Google
|
|
|
458
471
|
end
|
|
459
472
|
|
|
460
473
|
##
|
|
461
|
-
#
|
|
474
|
+
# Updates an [access policy]
|
|
462
475
|
# [google.identity.accesscontextmanager.v1.AccessPolicy]. The
|
|
463
|
-
#
|
|
464
|
-
# changes to the [
|
|
465
|
-
# [google.identity.accesscontextmanager.v1.AccessPolicy]
|
|
466
|
-
# to long-lasting storage.
|
|
467
|
-
# returned in `metadata` as a BadRequest proto.
|
|
476
|
+
# long-running operation from this RPC has a successful status after the
|
|
477
|
+
# changes to the [access policy]
|
|
478
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] propagate
|
|
479
|
+
# to long-lasting storage.
|
|
468
480
|
#
|
|
469
481
|
# @overload update_access_policy(request, options = nil)
|
|
470
482
|
# Pass arguments to `update_access_policy` via a request object, either of type
|
|
@@ -506,14 +518,14 @@ module Google
|
|
|
506
518
|
# # Call the update_access_policy method.
|
|
507
519
|
# result = client.update_access_policy request
|
|
508
520
|
#
|
|
509
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
510
|
-
# #
|
|
511
|
-
# #
|
|
521
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
522
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
523
|
+
# # Here is how to wait for a response.
|
|
512
524
|
# result.wait_until_done! timeout: 60
|
|
513
525
|
# if result.response?
|
|
514
526
|
# p result.response
|
|
515
527
|
# else
|
|
516
|
-
# puts "
|
|
528
|
+
# puts "No response received."
|
|
517
529
|
# end
|
|
518
530
|
#
|
|
519
531
|
def update_access_policy request, options = nil
|
|
@@ -559,11 +571,11 @@ module Google
|
|
|
559
571
|
end
|
|
560
572
|
|
|
561
573
|
##
|
|
562
|
-
#
|
|
563
|
-
# [google.identity.accesscontextmanager.v1.AccessPolicy]
|
|
564
|
-
# name. The
|
|
565
|
-
# [
|
|
566
|
-
#
|
|
574
|
+
# Deletes an [access policy]
|
|
575
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] based on the
|
|
576
|
+
# resource name. The long-running operation has a successful status after the
|
|
577
|
+
# [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy]
|
|
578
|
+
# is removed from long-lasting storage.
|
|
567
579
|
#
|
|
568
580
|
# @overload delete_access_policy(request, options = nil)
|
|
569
581
|
# Pass arguments to `delete_access_policy` via a request object, either of type
|
|
@@ -605,14 +617,14 @@ module Google
|
|
|
605
617
|
# # Call the delete_access_policy method.
|
|
606
618
|
# result = client.delete_access_policy request
|
|
607
619
|
#
|
|
608
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
609
|
-
# #
|
|
610
|
-
# #
|
|
620
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
621
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
622
|
+
# # Here is how to wait for a response.
|
|
611
623
|
# result.wait_until_done! timeout: 60
|
|
612
624
|
# if result.response?
|
|
613
625
|
# p result.response
|
|
614
626
|
# else
|
|
615
|
-
# puts "
|
|
627
|
+
# puts "No response received."
|
|
616
628
|
# end
|
|
617
629
|
#
|
|
618
630
|
def delete_access_policy request, options = nil
|
|
@@ -658,7 +670,7 @@ module Google
|
|
|
658
670
|
end
|
|
659
671
|
|
|
660
672
|
##
|
|
661
|
-
#
|
|
673
|
+
# Lists all [access levels]
|
|
662
674
|
# [google.identity.accesscontextmanager.v1.AccessLevel] for an access
|
|
663
675
|
# policy.
|
|
664
676
|
#
|
|
@@ -716,13 +728,11 @@ module Google
|
|
|
716
728
|
# # Call the list_access_levels method.
|
|
717
729
|
# result = client.list_access_levels request
|
|
718
730
|
#
|
|
719
|
-
# # The returned object is of type Gapic::PagedEnumerable. You can
|
|
720
|
-
# #
|
|
721
|
-
#
|
|
722
|
-
# # methods are also available for managing paging directly.
|
|
723
|
-
# result.each do |response|
|
|
731
|
+
# # The returned object is of type Gapic::PagedEnumerable. You can iterate
|
|
732
|
+
# # over elements, and API calls will be issued to fetch pages as needed.
|
|
733
|
+
# result.each do |item|
|
|
724
734
|
# # Each element is of type ::Google::Identity::AccessContextManager::V1::AccessLevel.
|
|
725
|
-
# p
|
|
735
|
+
# p item
|
|
726
736
|
# end
|
|
727
737
|
#
|
|
728
738
|
def list_access_levels request, options = nil
|
|
@@ -768,8 +778,8 @@ module Google
|
|
|
768
778
|
end
|
|
769
779
|
|
|
770
780
|
##
|
|
771
|
-
#
|
|
772
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]
|
|
781
|
+
# Gets an [access level]
|
|
782
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource
|
|
773
783
|
# name.
|
|
774
784
|
#
|
|
775
785
|
# @overload get_access_level(request, options = nil)
|
|
@@ -868,13 +878,13 @@ module Google
|
|
|
868
878
|
end
|
|
869
879
|
|
|
870
880
|
##
|
|
871
|
-
#
|
|
872
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]. The
|
|
873
|
-
# operation from this RPC
|
|
874
|
-
#
|
|
875
|
-
#
|
|
876
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]
|
|
877
|
-
# errors
|
|
881
|
+
# Creates an [access level]
|
|
882
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running
|
|
883
|
+
# operation from this RPC has a successful status after the [access
|
|
884
|
+
# level] [google.identity.accesscontextmanager.v1.AccessLevel]
|
|
885
|
+
# propagates to long-lasting storage. If [access levels]
|
|
886
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] contain
|
|
887
|
+
# errors, an error response is returned for the first error encountered.
|
|
878
888
|
#
|
|
879
889
|
# @overload create_access_level(request, options = nil)
|
|
880
890
|
# Pass arguments to `create_access_level` via a request object, either of type
|
|
@@ -923,14 +933,14 @@ module Google
|
|
|
923
933
|
# # Call the create_access_level method.
|
|
924
934
|
# result = client.create_access_level request
|
|
925
935
|
#
|
|
926
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
927
|
-
# #
|
|
928
|
-
# #
|
|
936
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
937
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
938
|
+
# # Here is how to wait for a response.
|
|
929
939
|
# result.wait_until_done! timeout: 60
|
|
930
940
|
# if result.response?
|
|
931
941
|
# p result.response
|
|
932
942
|
# else
|
|
933
|
-
# puts "
|
|
943
|
+
# puts "No response received."
|
|
934
944
|
# end
|
|
935
945
|
#
|
|
936
946
|
def create_access_level request, options = nil
|
|
@@ -976,14 +986,14 @@ module Google
|
|
|
976
986
|
end
|
|
977
987
|
|
|
978
988
|
##
|
|
979
|
-
#
|
|
980
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]. The
|
|
981
|
-
# operation from this RPC
|
|
982
|
-
# the [
|
|
983
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]
|
|
984
|
-
# to long-lasting storage. [
|
|
985
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]
|
|
986
|
-
# errors
|
|
989
|
+
# Updates an [access level]
|
|
990
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running
|
|
991
|
+
# operation from this RPC has a successful status after the changes to
|
|
992
|
+
# the [access level]
|
|
993
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] propagate
|
|
994
|
+
# to long-lasting storage. If [access levels]
|
|
995
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] contain
|
|
996
|
+
# errors, an error response is returned for the first error encountered.
|
|
987
997
|
#
|
|
988
998
|
# @overload update_access_level(request, options = nil)
|
|
989
999
|
# Pass arguments to `update_access_level` via a request object, either of type
|
|
@@ -1029,14 +1039,14 @@ module Google
|
|
|
1029
1039
|
# # Call the update_access_level method.
|
|
1030
1040
|
# result = client.update_access_level request
|
|
1031
1041
|
#
|
|
1032
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
1033
|
-
# #
|
|
1034
|
-
# #
|
|
1042
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
1043
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
1044
|
+
# # Here is how to wait for a response.
|
|
1035
1045
|
# result.wait_until_done! timeout: 60
|
|
1036
1046
|
# if result.response?
|
|
1037
1047
|
# p result.response
|
|
1038
1048
|
# else
|
|
1039
|
-
# puts "
|
|
1049
|
+
# puts "No response received."
|
|
1040
1050
|
# end
|
|
1041
1051
|
#
|
|
1042
1052
|
def update_access_level request, options = nil
|
|
@@ -1082,10 +1092,10 @@ module Google
|
|
|
1082
1092
|
end
|
|
1083
1093
|
|
|
1084
1094
|
##
|
|
1085
|
-
#
|
|
1086
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]
|
|
1087
|
-
# name. The
|
|
1088
|
-
#
|
|
1095
|
+
# Deletes an [access level]
|
|
1096
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource
|
|
1097
|
+
# name. The long-running operation from this RPC has a successful status
|
|
1098
|
+
# after the [access level]
|
|
1089
1099
|
# [google.identity.accesscontextmanager.v1.AccessLevel] has been removed
|
|
1090
1100
|
# from long-lasting storage.
|
|
1091
1101
|
#
|
|
@@ -1131,14 +1141,14 @@ module Google
|
|
|
1131
1141
|
# # Call the delete_access_level method.
|
|
1132
1142
|
# result = client.delete_access_level request
|
|
1133
1143
|
#
|
|
1134
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
1135
|
-
# #
|
|
1136
|
-
# #
|
|
1144
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
1145
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
1146
|
+
# # Here is how to wait for a response.
|
|
1137
1147
|
# result.wait_until_done! timeout: 60
|
|
1138
1148
|
# if result.response?
|
|
1139
1149
|
# p result.response
|
|
1140
1150
|
# else
|
|
1141
|
-
# puts "
|
|
1151
|
+
# puts "No response received."
|
|
1142
1152
|
# end
|
|
1143
1153
|
#
|
|
1144
1154
|
def delete_access_level request, options = nil
|
|
@@ -1184,22 +1194,22 @@ module Google
|
|
|
1184
1194
|
end
|
|
1185
1195
|
|
|
1186
1196
|
##
|
|
1187
|
-
#
|
|
1188
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel] in an [
|
|
1189
|
-
#
|
|
1190
|
-
# the [
|
|
1197
|
+
# Replaces all existing [access levels]
|
|
1198
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] in an [access
|
|
1199
|
+
# policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with
|
|
1200
|
+
# the [access levels]
|
|
1191
1201
|
# [google.identity.accesscontextmanager.v1.AccessLevel] provided. This
|
|
1192
|
-
# is done atomically. The
|
|
1193
|
-
# successful status
|
|
1194
|
-
# storage.
|
|
1195
|
-
# for the first error encountered.
|
|
1196
|
-
# existing [
|
|
1197
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]
|
|
1198
|
-
# affected. Operation.response field
|
|
1199
|
-
# ReplaceAccessLevelsResponse. Removing [
|
|
1202
|
+
# is done atomically. The long-running operation from this RPC has a
|
|
1203
|
+
# successful status after all replacements propagate to long-lasting
|
|
1204
|
+
# storage. If the replacement contains errors, an error response is returned
|
|
1205
|
+
# for the first error encountered. Upon error, the replacement is cancelled,
|
|
1206
|
+
# and existing [access levels]
|
|
1207
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] are not
|
|
1208
|
+
# affected. The Operation.response field contains
|
|
1209
|
+
# ReplaceAccessLevelsResponse. Removing [access levels]
|
|
1200
1210
|
# [google.identity.accesscontextmanager.v1.AccessLevel] contained in existing
|
|
1201
|
-
# [
|
|
1202
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
|
1211
|
+
# [service perimeters]
|
|
1212
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] result in an
|
|
1203
1213
|
# error.
|
|
1204
1214
|
#
|
|
1205
1215
|
# @overload replace_access_levels(request, options = nil)
|
|
@@ -1259,14 +1269,14 @@ module Google
|
|
|
1259
1269
|
# # Call the replace_access_levels method.
|
|
1260
1270
|
# result = client.replace_access_levels request
|
|
1261
1271
|
#
|
|
1262
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
1263
|
-
# #
|
|
1264
|
-
# #
|
|
1272
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
1273
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
1274
|
+
# # Here is how to wait for a response.
|
|
1265
1275
|
# result.wait_until_done! timeout: 60
|
|
1266
1276
|
# if result.response?
|
|
1267
1277
|
# p result.response
|
|
1268
1278
|
# else
|
|
1269
|
-
# puts "
|
|
1279
|
+
# puts "No response received."
|
|
1270
1280
|
# end
|
|
1271
1281
|
#
|
|
1272
1282
|
def replace_access_levels request, options = nil
|
|
@@ -1312,7 +1322,7 @@ module Google
|
|
|
1312
1322
|
end
|
|
1313
1323
|
|
|
1314
1324
|
##
|
|
1315
|
-
#
|
|
1325
|
+
# Lists all [service perimeters]
|
|
1316
1326
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter] for an
|
|
1317
1327
|
# access policy.
|
|
1318
1328
|
#
|
|
@@ -1366,13 +1376,11 @@ module Google
|
|
|
1366
1376
|
# # Call the list_service_perimeters method.
|
|
1367
1377
|
# result = client.list_service_perimeters request
|
|
1368
1378
|
#
|
|
1369
|
-
# # The returned object is of type Gapic::PagedEnumerable. You can
|
|
1370
|
-
# #
|
|
1371
|
-
#
|
|
1372
|
-
# # methods are also available for managing paging directly.
|
|
1373
|
-
# result.each do |response|
|
|
1379
|
+
# # The returned object is of type Gapic::PagedEnumerable. You can iterate
|
|
1380
|
+
# # over elements, and API calls will be issued to fetch pages as needed.
|
|
1381
|
+
# result.each do |item|
|
|
1374
1382
|
# # Each element is of type ::Google::Identity::AccessContextManager::V1::ServicePerimeter.
|
|
1375
|
-
# p
|
|
1383
|
+
# p item
|
|
1376
1384
|
# end
|
|
1377
1385
|
#
|
|
1378
1386
|
def list_service_perimeters request, options = nil
|
|
@@ -1418,9 +1426,9 @@ module Google
|
|
|
1418
1426
|
end
|
|
1419
1427
|
|
|
1420
1428
|
##
|
|
1421
|
-
#
|
|
1422
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
|
1423
|
-
# name.
|
|
1429
|
+
# Gets a [service perimeter]
|
|
1430
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the
|
|
1431
|
+
# resource name.
|
|
1424
1432
|
#
|
|
1425
1433
|
# @overload get_service_perimeter(request, options = nil)
|
|
1426
1434
|
# Pass arguments to `get_service_perimeter` via a request object, either of type
|
|
@@ -1509,14 +1517,14 @@ module Google
|
|
|
1509
1517
|
end
|
|
1510
1518
|
|
|
1511
1519
|
##
|
|
1512
|
-
#
|
|
1520
|
+
# Creates a [service perimeter]
|
|
1513
1521
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter]. The
|
|
1514
|
-
#
|
|
1515
|
-
# [
|
|
1516
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
|
1517
|
-
#
|
|
1518
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
|
1519
|
-
# errors
|
|
1522
|
+
# long-running operation from this RPC has a successful status after the
|
|
1523
|
+
# [service perimeter]
|
|
1524
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
|
1525
|
+
# propagates to long-lasting storage. If a [service perimeter]
|
|
1526
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] contains
|
|
1527
|
+
# errors, an error response is returned for the first error encountered.
|
|
1520
1528
|
#
|
|
1521
1529
|
# @overload create_service_perimeter(request, options = nil)
|
|
1522
1530
|
# Pass arguments to `create_service_perimeter` via a request object, either of type
|
|
@@ -1565,14 +1573,14 @@ module Google
|
|
|
1565
1573
|
# # Call the create_service_perimeter method.
|
|
1566
1574
|
# result = client.create_service_perimeter request
|
|
1567
1575
|
#
|
|
1568
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
1569
|
-
# #
|
|
1570
|
-
# #
|
|
1576
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
1577
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
1578
|
+
# # Here is how to wait for a response.
|
|
1571
1579
|
# result.wait_until_done! timeout: 60
|
|
1572
1580
|
# if result.response?
|
|
1573
1581
|
# p result.response
|
|
1574
1582
|
# else
|
|
1575
|
-
# puts "
|
|
1583
|
+
# puts "No response received."
|
|
1576
1584
|
# end
|
|
1577
1585
|
#
|
|
1578
1586
|
def create_service_perimeter request, options = nil
|
|
@@ -1618,14 +1626,14 @@ module Google
|
|
|
1618
1626
|
end
|
|
1619
1627
|
|
|
1620
1628
|
##
|
|
1621
|
-
#
|
|
1629
|
+
# Updates a [service perimeter]
|
|
1622
1630
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter]. The
|
|
1623
|
-
#
|
|
1624
|
-
#
|
|
1625
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
|
1626
|
-
#
|
|
1627
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
|
1628
|
-
# errors
|
|
1631
|
+
# long-running operation from this RPC has a successful status after the
|
|
1632
|
+
# [service perimeter]
|
|
1633
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
|
1634
|
+
# propagates to long-lasting storage. If a [service perimeter]
|
|
1635
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] contains
|
|
1636
|
+
# errors, an error response is returned for the first error encountered.
|
|
1629
1637
|
#
|
|
1630
1638
|
# @overload update_service_perimeter(request, options = nil)
|
|
1631
1639
|
# Pass arguments to `update_service_perimeter` via a request object, either of type
|
|
@@ -1668,14 +1676,14 @@ module Google
|
|
|
1668
1676
|
# # Call the update_service_perimeter method.
|
|
1669
1677
|
# result = client.update_service_perimeter request
|
|
1670
1678
|
#
|
|
1671
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
1672
|
-
# #
|
|
1673
|
-
# #
|
|
1679
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
1680
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
1681
|
+
# # Here is how to wait for a response.
|
|
1674
1682
|
# result.wait_until_done! timeout: 60
|
|
1675
1683
|
# if result.response?
|
|
1676
1684
|
# p result.response
|
|
1677
1685
|
# else
|
|
1678
|
-
# puts "
|
|
1686
|
+
# puts "No response received."
|
|
1679
1687
|
# end
|
|
1680
1688
|
#
|
|
1681
1689
|
def update_service_perimeter request, options = nil
|
|
@@ -1721,12 +1729,12 @@ module Google
|
|
|
1721
1729
|
end
|
|
1722
1730
|
|
|
1723
1731
|
##
|
|
1724
|
-
#
|
|
1725
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
|
1726
|
-
# name. The
|
|
1727
|
-
#
|
|
1728
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
|
1729
|
-
#
|
|
1732
|
+
# Deletes a [service perimeter]
|
|
1733
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the
|
|
1734
|
+
# resource name. The long-running operation from this RPC has a successful
|
|
1735
|
+
# status after the [service perimeter]
|
|
1736
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] is removed from
|
|
1737
|
+
# long-lasting storage.
|
|
1730
1738
|
#
|
|
1731
1739
|
# @overload delete_service_perimeter(request, options = nil)
|
|
1732
1740
|
# Pass arguments to `delete_service_perimeter` via a request object, either of type
|
|
@@ -1770,14 +1778,14 @@ module Google
|
|
|
1770
1778
|
# # Call the delete_service_perimeter method.
|
|
1771
1779
|
# result = client.delete_service_perimeter request
|
|
1772
1780
|
#
|
|
1773
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
1774
|
-
# #
|
|
1775
|
-
# #
|
|
1781
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
1782
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
1783
|
+
# # Here is how to wait for a response.
|
|
1776
1784
|
# result.wait_until_done! timeout: 60
|
|
1777
1785
|
# if result.response?
|
|
1778
1786
|
# p result.response
|
|
1779
1787
|
# else
|
|
1780
|
-
# puts "
|
|
1788
|
+
# puts "No response received."
|
|
1781
1789
|
# end
|
|
1782
1790
|
#
|
|
1783
1791
|
def delete_service_perimeter request, options = nil
|
|
@@ -1823,18 +1831,18 @@ module Google
|
|
|
1823
1831
|
end
|
|
1824
1832
|
|
|
1825
1833
|
##
|
|
1826
|
-
# Replace all existing [
|
|
1827
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter] in an
|
|
1828
|
-
#
|
|
1829
|
-
#
|
|
1830
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter] provided.
|
|
1831
|
-
#
|
|
1832
|
-
#
|
|
1833
|
-
#
|
|
1834
|
-
# error
|
|
1835
|
-
#
|
|
1836
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
|
1837
|
-
# affected. Operation.response field
|
|
1834
|
+
# Replace all existing [service perimeters]
|
|
1835
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access
|
|
1836
|
+
# policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the
|
|
1837
|
+
# [service perimeters]
|
|
1838
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] provided. This
|
|
1839
|
+
# is done atomically. The long-running operation from this RPC has a
|
|
1840
|
+
# successful status after all replacements propagate to long-lasting storage.
|
|
1841
|
+
# Replacements containing errors result in an error response for the first
|
|
1842
|
+
# error encountered. Upon an error, replacement are cancelled and existing
|
|
1843
|
+
# [service perimeters]
|
|
1844
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] are not
|
|
1845
|
+
# affected. The Operation.response field contains
|
|
1838
1846
|
# ReplaceServicePerimetersResponse.
|
|
1839
1847
|
#
|
|
1840
1848
|
# @overload replace_service_perimeters(request, options = nil)
|
|
@@ -1894,14 +1902,14 @@ module Google
|
|
|
1894
1902
|
# # Call the replace_service_perimeters method.
|
|
1895
1903
|
# result = client.replace_service_perimeters request
|
|
1896
1904
|
#
|
|
1897
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
1898
|
-
# #
|
|
1899
|
-
# #
|
|
1905
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
1906
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
1907
|
+
# # Here is how to wait for a response.
|
|
1900
1908
|
# result.wait_until_done! timeout: 60
|
|
1901
1909
|
# if result.response?
|
|
1902
1910
|
# p result.response
|
|
1903
1911
|
# else
|
|
1904
|
-
# puts "
|
|
1912
|
+
# puts "No response received."
|
|
1905
1913
|
# end
|
|
1906
1914
|
#
|
|
1907
1915
|
def replace_service_perimeters request, options = nil
|
|
@@ -1947,21 +1955,21 @@ module Google
|
|
|
1947
1955
|
end
|
|
1948
1956
|
|
|
1949
1957
|
##
|
|
1950
|
-
#
|
|
1958
|
+
# Commits the dry-run specification for all the [service perimeters]
|
|
1951
1959
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter] in an
|
|
1952
|
-
# {::Google::Identity::AccessContextManager::V1::AccessPolicy
|
|
1953
|
-
# A commit operation on a
|
|
1954
|
-
# to
|
|
1960
|
+
# {::Google::Identity::AccessContextManager::V1::AccessPolicy access policy}.
|
|
1961
|
+
# A commit operation on a service perimeter involves copying its `spec` field
|
|
1962
|
+
# to the `status` field of the service perimeter. Only [service perimeters]
|
|
1955
1963
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter] with
|
|
1956
1964
|
# `use_explicit_dry_run_spec` field set to true are affected by a commit
|
|
1957
|
-
# operation. The
|
|
1958
|
-
# status
|
|
1965
|
+
# operation. The long-running operation from this RPC has a successful
|
|
1966
|
+
# status after the dry-run specifications for all the [service perimeters]
|
|
1959
1967
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter] have been
|
|
1960
|
-
# committed. If a commit fails, it
|
|
1961
|
-
# return an error response and the entire commit operation
|
|
1962
|
-
# When successful, Operation.response field
|
|
1963
|
-
# CommitServicePerimetersResponse. The `dry_run` and the `spec` fields
|
|
1964
|
-
#
|
|
1968
|
+
# committed. If a commit fails, it causes the long-running operation to
|
|
1969
|
+
# return an error response and the entire commit operation is cancelled.
|
|
1970
|
+
# When successful, the Operation.response field contains
|
|
1971
|
+
# CommitServicePerimetersResponse. The `dry_run` and the `spec` fields are
|
|
1972
|
+
# cleared after a successful commit operation.
|
|
1965
1973
|
#
|
|
1966
1974
|
# @overload commit_service_perimeters(request, options = nil)
|
|
1967
1975
|
# Pass arguments to `commit_service_perimeters` via a request object, either of type
|
|
@@ -1988,7 +1996,7 @@ module Google
|
|
|
1988
1996
|
# Format: `accessPolicies/{policy_id}`
|
|
1989
1997
|
# @param etag [::String]
|
|
1990
1998
|
# Optional. The etag for the version of the [Access Policy]
|
|
1991
|
-
# [google.identity.accesscontextmanager.
|
|
1999
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] that this
|
|
1992
2000
|
# commit operation is to be performed on. If, at the time of commit, the
|
|
1993
2001
|
# etag for the Access Policy stored in Access Context Manager is different
|
|
1994
2002
|
# from the specified etag, then the commit operation will not be performed
|
|
@@ -2015,14 +2023,14 @@ module Google
|
|
|
2015
2023
|
# # Call the commit_service_perimeters method.
|
|
2016
2024
|
# result = client.commit_service_perimeters request
|
|
2017
2025
|
#
|
|
2018
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
2019
|
-
# #
|
|
2020
|
-
# #
|
|
2026
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
2027
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
2028
|
+
# # Here is how to wait for a response.
|
|
2021
2029
|
# result.wait_until_done! timeout: 60
|
|
2022
2030
|
# if result.response?
|
|
2023
2031
|
# p result.response
|
|
2024
2032
|
# else
|
|
2025
|
-
# puts "
|
|
2033
|
+
# puts "No response received."
|
|
2026
2034
|
# end
|
|
2027
2035
|
#
|
|
2028
2036
|
def commit_service_perimeters request, options = nil
|
|
@@ -2118,13 +2126,11 @@ module Google
|
|
|
2118
2126
|
# # Call the list_gcp_user_access_bindings method.
|
|
2119
2127
|
# result = client.list_gcp_user_access_bindings request
|
|
2120
2128
|
#
|
|
2121
|
-
# # The returned object is of type Gapic::PagedEnumerable. You can
|
|
2122
|
-
# #
|
|
2123
|
-
#
|
|
2124
|
-
# # methods are also available for managing paging directly.
|
|
2125
|
-
# result.each do |response|
|
|
2129
|
+
# # The returned object is of type Gapic::PagedEnumerable. You can iterate
|
|
2130
|
+
# # over elements, and API calls will be issued to fetch pages as needed.
|
|
2131
|
+
# result.each do |item|
|
|
2126
2132
|
# # Each element is of type ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding.
|
|
2127
|
-
# p
|
|
2133
|
+
# p item
|
|
2128
2134
|
# end
|
|
2129
2135
|
#
|
|
2130
2136
|
def list_gcp_user_access_bindings request, options = nil
|
|
@@ -2261,7 +2267,7 @@ module Google
|
|
|
2261
2267
|
# [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. If the
|
|
2262
2268
|
# client specifies a [name]
|
|
2263
2269
|
# [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.name],
|
|
2264
|
-
# the server
|
|
2270
|
+
# the server ignores it. Fails if a resource already exists with the same
|
|
2265
2271
|
# [group_key]
|
|
2266
2272
|
# [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.group_key].
|
|
2267
2273
|
# Completion of this long-running operation does not necessarily signify that
|
|
@@ -2309,14 +2315,14 @@ module Google
|
|
|
2309
2315
|
# # Call the create_gcp_user_access_binding method.
|
|
2310
2316
|
# result = client.create_gcp_user_access_binding request
|
|
2311
2317
|
#
|
|
2312
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
2313
|
-
# #
|
|
2314
|
-
# #
|
|
2318
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
2319
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
2320
|
+
# # Here is how to wait for a response.
|
|
2315
2321
|
# result.wait_until_done! timeout: 60
|
|
2316
2322
|
# if result.response?
|
|
2317
2323
|
# p result.response
|
|
2318
2324
|
# else
|
|
2319
|
-
# puts "
|
|
2325
|
+
# puts "No response received."
|
|
2320
2326
|
# end
|
|
2321
2327
|
#
|
|
2322
2328
|
def create_gcp_user_access_binding request, options = nil
|
|
@@ -2414,14 +2420,14 @@ module Google
|
|
|
2414
2420
|
# # Call the update_gcp_user_access_binding method.
|
|
2415
2421
|
# result = client.update_gcp_user_access_binding request
|
|
2416
2422
|
#
|
|
2417
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
2418
|
-
# #
|
|
2419
|
-
# #
|
|
2423
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
2424
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
2425
|
+
# # Here is how to wait for a response.
|
|
2420
2426
|
# result.wait_until_done! timeout: 60
|
|
2421
2427
|
# if result.response?
|
|
2422
2428
|
# p result.response
|
|
2423
2429
|
# else
|
|
2424
|
-
# puts "
|
|
2430
|
+
# puts "No response received."
|
|
2425
2431
|
# end
|
|
2426
2432
|
#
|
|
2427
2433
|
def update_gcp_user_access_binding request, options = nil
|
|
@@ -2511,14 +2517,14 @@ module Google
|
|
|
2511
2517
|
# # Call the delete_gcp_user_access_binding method.
|
|
2512
2518
|
# result = client.delete_gcp_user_access_binding request
|
|
2513
2519
|
#
|
|
2514
|
-
# # The returned object is of type Gapic::Operation. You can use
|
|
2515
|
-
# #
|
|
2516
|
-
# #
|
|
2520
|
+
# # The returned object is of type Gapic::Operation. You can use it to
|
|
2521
|
+
# # check the status of an operation, cancel it, or wait for results.
|
|
2522
|
+
# # Here is how to wait for a response.
|
|
2517
2523
|
# result.wait_until_done! timeout: 60
|
|
2518
2524
|
# if result.response?
|
|
2519
2525
|
# p result.response
|
|
2520
2526
|
# else
|
|
2521
|
-
# puts "
|
|
2527
|
+
# puts "No response received."
|
|
2522
2528
|
# end
|
|
2523
2529
|
#
|
|
2524
2530
|
def delete_gcp_user_access_binding request, options = nil
|
|
@@ -2563,6 +2569,294 @@ module Google
|
|
|
2563
2569
|
raise ::Google::Cloud::Error.from_error(e)
|
|
2564
2570
|
end
|
|
2565
2571
|
|
|
2572
|
+
##
|
|
2573
|
+
# Sets the IAM policy for the specified Access Context Manager
|
|
2574
|
+
# {::Google::Identity::AccessContextManager::V1::AccessPolicy access policy}.
|
|
2575
|
+
# This method replaces the existing IAM policy on the access policy. The IAM
|
|
2576
|
+
# policy controls the set of users who can perform specific operations on the
|
|
2577
|
+
# Access Context Manager [access
|
|
2578
|
+
# policy][google.identity.accesscontextmanager.v1.AccessPolicy].
|
|
2579
|
+
#
|
|
2580
|
+
# @overload set_iam_policy(request, options = nil)
|
|
2581
|
+
# Pass arguments to `set_iam_policy` via a request object, either of type
|
|
2582
|
+
# {::Google::Iam::V1::SetIamPolicyRequest} or an equivalent Hash.
|
|
2583
|
+
#
|
|
2584
|
+
# @param request [::Google::Iam::V1::SetIamPolicyRequest, ::Hash]
|
|
2585
|
+
# A request object representing the call parameters. Required. To specify no
|
|
2586
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
2587
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
2588
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
|
2589
|
+
#
|
|
2590
|
+
# @overload set_iam_policy(resource: nil, policy: nil, update_mask: nil)
|
|
2591
|
+
# Pass arguments to `set_iam_policy` via keyword arguments. Note that at
|
|
2592
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
2593
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
2594
|
+
#
|
|
2595
|
+
# @param resource [::String]
|
|
2596
|
+
# REQUIRED: The resource for which the policy is being specified.
|
|
2597
|
+
# See the operation documentation for the appropriate value for this field.
|
|
2598
|
+
# @param policy [::Google::Iam::V1::Policy, ::Hash]
|
|
2599
|
+
# REQUIRED: The complete policy to be applied to the `resource`. The size of
|
|
2600
|
+
# the policy is limited to a few 10s of KB. An empty policy is a
|
|
2601
|
+
# valid policy but certain Cloud Platform services (such as Projects)
|
|
2602
|
+
# might reject them.
|
|
2603
|
+
# @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
|
|
2604
|
+
# OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
|
|
2605
|
+
# the fields in the mask will be modified. If no mask is provided, the
|
|
2606
|
+
# following default mask is used:
|
|
2607
|
+
#
|
|
2608
|
+
# `paths: "bindings, etag"`
|
|
2609
|
+
#
|
|
2610
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
|
2611
|
+
# @yieldparam response [::Google::Iam::V1::Policy]
|
|
2612
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
|
2613
|
+
#
|
|
2614
|
+
# @return [::Google::Iam::V1::Policy]
|
|
2615
|
+
#
|
|
2616
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
|
2617
|
+
#
|
|
2618
|
+
# @example Basic example
|
|
2619
|
+
# require "google/identity/access_context_manager/v1"
|
|
2620
|
+
#
|
|
2621
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
2622
|
+
# client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new
|
|
2623
|
+
#
|
|
2624
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
2625
|
+
# request = Google::Iam::V1::SetIamPolicyRequest.new
|
|
2626
|
+
#
|
|
2627
|
+
# # Call the set_iam_policy method.
|
|
2628
|
+
# result = client.set_iam_policy request
|
|
2629
|
+
#
|
|
2630
|
+
# # The returned object is of type Google::Iam::V1::Policy.
|
|
2631
|
+
# p result
|
|
2632
|
+
#
|
|
2633
|
+
def set_iam_policy request, options = nil
|
|
2634
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
2635
|
+
|
|
2636
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V1::SetIamPolicyRequest
|
|
2637
|
+
|
|
2638
|
+
# Converts hash and nil to an options object
|
|
2639
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
2640
|
+
|
|
2641
|
+
# Customize the options with defaults
|
|
2642
|
+
metadata = @config.rpcs.set_iam_policy.metadata.to_h
|
|
2643
|
+
|
|
2644
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
|
2645
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
2646
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
2647
|
+
gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
|
|
2648
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
2649
|
+
|
|
2650
|
+
header_params = {}
|
|
2651
|
+
if request.resource
|
|
2652
|
+
header_params["resource"] = request.resource
|
|
2653
|
+
end
|
|
2654
|
+
|
|
2655
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
|
2656
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
|
2657
|
+
|
|
2658
|
+
options.apply_defaults timeout: @config.rpcs.set_iam_policy.timeout,
|
|
2659
|
+
metadata: metadata,
|
|
2660
|
+
retry_policy: @config.rpcs.set_iam_policy.retry_policy
|
|
2661
|
+
|
|
2662
|
+
options.apply_defaults timeout: @config.timeout,
|
|
2663
|
+
metadata: @config.metadata,
|
|
2664
|
+
retry_policy: @config.retry_policy
|
|
2665
|
+
|
|
2666
|
+
@access_context_manager_stub.call_rpc :set_iam_policy, request, options: options do |response, operation|
|
|
2667
|
+
yield response, operation if block_given?
|
|
2668
|
+
return response
|
|
2669
|
+
end
|
|
2670
|
+
rescue ::GRPC::BadStatus => e
|
|
2671
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
2672
|
+
end
|
|
2673
|
+
|
|
2674
|
+
##
|
|
2675
|
+
# Gets the IAM policy for the specified Access Context Manager
|
|
2676
|
+
# {::Google::Identity::AccessContextManager::V1::AccessPolicy access policy}.
|
|
2677
|
+
#
|
|
2678
|
+
# @overload get_iam_policy(request, options = nil)
|
|
2679
|
+
# Pass arguments to `get_iam_policy` via a request object, either of type
|
|
2680
|
+
# {::Google::Iam::V1::GetIamPolicyRequest} or an equivalent Hash.
|
|
2681
|
+
#
|
|
2682
|
+
# @param request [::Google::Iam::V1::GetIamPolicyRequest, ::Hash]
|
|
2683
|
+
# A request object representing the call parameters. Required. To specify no
|
|
2684
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
2685
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
2686
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
|
2687
|
+
#
|
|
2688
|
+
# @overload get_iam_policy(resource: nil, options: nil)
|
|
2689
|
+
# Pass arguments to `get_iam_policy` via keyword arguments. Note that at
|
|
2690
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
2691
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
2692
|
+
#
|
|
2693
|
+
# @param resource [::String]
|
|
2694
|
+
# REQUIRED: The resource for which the policy is being requested.
|
|
2695
|
+
# See the operation documentation for the appropriate value for this field.
|
|
2696
|
+
# @param options [::Google::Iam::V1::GetPolicyOptions, ::Hash]
|
|
2697
|
+
# OPTIONAL: A `GetPolicyOptions` object for specifying options to
|
|
2698
|
+
# `GetIamPolicy`.
|
|
2699
|
+
#
|
|
2700
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
|
2701
|
+
# @yieldparam response [::Google::Iam::V1::Policy]
|
|
2702
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
|
2703
|
+
#
|
|
2704
|
+
# @return [::Google::Iam::V1::Policy]
|
|
2705
|
+
#
|
|
2706
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
|
2707
|
+
#
|
|
2708
|
+
# @example Basic example
|
|
2709
|
+
# require "google/identity/access_context_manager/v1"
|
|
2710
|
+
#
|
|
2711
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
2712
|
+
# client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new
|
|
2713
|
+
#
|
|
2714
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
2715
|
+
# request = Google::Iam::V1::GetIamPolicyRequest.new
|
|
2716
|
+
#
|
|
2717
|
+
# # Call the get_iam_policy method.
|
|
2718
|
+
# result = client.get_iam_policy request
|
|
2719
|
+
#
|
|
2720
|
+
# # The returned object is of type Google::Iam::V1::Policy.
|
|
2721
|
+
# p result
|
|
2722
|
+
#
|
|
2723
|
+
def get_iam_policy request, options = nil
|
|
2724
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
2725
|
+
|
|
2726
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V1::GetIamPolicyRequest
|
|
2727
|
+
|
|
2728
|
+
# Converts hash and nil to an options object
|
|
2729
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
2730
|
+
|
|
2731
|
+
# Customize the options with defaults
|
|
2732
|
+
metadata = @config.rpcs.get_iam_policy.metadata.to_h
|
|
2733
|
+
|
|
2734
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
|
2735
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
2736
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
2737
|
+
gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
|
|
2738
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
2739
|
+
|
|
2740
|
+
header_params = {}
|
|
2741
|
+
if request.resource
|
|
2742
|
+
header_params["resource"] = request.resource
|
|
2743
|
+
end
|
|
2744
|
+
|
|
2745
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
|
2746
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
|
2747
|
+
|
|
2748
|
+
options.apply_defaults timeout: @config.rpcs.get_iam_policy.timeout,
|
|
2749
|
+
metadata: metadata,
|
|
2750
|
+
retry_policy: @config.rpcs.get_iam_policy.retry_policy
|
|
2751
|
+
|
|
2752
|
+
options.apply_defaults timeout: @config.timeout,
|
|
2753
|
+
metadata: @config.metadata,
|
|
2754
|
+
retry_policy: @config.retry_policy
|
|
2755
|
+
|
|
2756
|
+
@access_context_manager_stub.call_rpc :get_iam_policy, request, options: options do |response, operation|
|
|
2757
|
+
yield response, operation if block_given?
|
|
2758
|
+
return response
|
|
2759
|
+
end
|
|
2760
|
+
rescue ::GRPC::BadStatus => e
|
|
2761
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
2762
|
+
end
|
|
2763
|
+
|
|
2764
|
+
##
|
|
2765
|
+
# Returns the IAM permissions that the caller has on the specified Access
|
|
2766
|
+
# Context Manager resource. The resource can be an
|
|
2767
|
+
# {::Google::Identity::AccessContextManager::V1::AccessPolicy AccessPolicy},
|
|
2768
|
+
# {::Google::Identity::AccessContextManager::V1::AccessLevel AccessLevel}, or
|
|
2769
|
+
# [ServicePerimeter][google.identity.accesscontextmanager.v1.ServicePerimeter
|
|
2770
|
+
# ]. This method does not support other resources.
|
|
2771
|
+
#
|
|
2772
|
+
# @overload test_iam_permissions(request, options = nil)
|
|
2773
|
+
# Pass arguments to `test_iam_permissions` via a request object, either of type
|
|
2774
|
+
# {::Google::Iam::V1::TestIamPermissionsRequest} or an equivalent Hash.
|
|
2775
|
+
#
|
|
2776
|
+
# @param request [::Google::Iam::V1::TestIamPermissionsRequest, ::Hash]
|
|
2777
|
+
# A request object representing the call parameters. Required. To specify no
|
|
2778
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
2779
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
2780
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
|
2781
|
+
#
|
|
2782
|
+
# @overload test_iam_permissions(resource: nil, permissions: nil)
|
|
2783
|
+
# Pass arguments to `test_iam_permissions` via keyword arguments. Note that at
|
|
2784
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
2785
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
2786
|
+
#
|
|
2787
|
+
# @param resource [::String]
|
|
2788
|
+
# REQUIRED: The resource for which the policy detail is being requested.
|
|
2789
|
+
# See the operation documentation for the appropriate value for this field.
|
|
2790
|
+
# @param permissions [::Array<::String>]
|
|
2791
|
+
# The set of permissions to check for the `resource`. Permissions with
|
|
2792
|
+
# wildcards (such as '*' or 'storage.*') are not allowed. For more
|
|
2793
|
+
# information see
|
|
2794
|
+
# [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
|
|
2795
|
+
#
|
|
2796
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
|
2797
|
+
# @yieldparam response [::Google::Iam::V1::TestIamPermissionsResponse]
|
|
2798
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
|
2799
|
+
#
|
|
2800
|
+
# @return [::Google::Iam::V1::TestIamPermissionsResponse]
|
|
2801
|
+
#
|
|
2802
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
|
2803
|
+
#
|
|
2804
|
+
# @example Basic example
|
|
2805
|
+
# require "google/identity/access_context_manager/v1"
|
|
2806
|
+
#
|
|
2807
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
2808
|
+
# client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new
|
|
2809
|
+
#
|
|
2810
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
2811
|
+
# request = Google::Iam::V1::TestIamPermissionsRequest.new
|
|
2812
|
+
#
|
|
2813
|
+
# # Call the test_iam_permissions method.
|
|
2814
|
+
# result = client.test_iam_permissions request
|
|
2815
|
+
#
|
|
2816
|
+
# # The returned object is of type Google::Iam::V1::TestIamPermissionsResponse.
|
|
2817
|
+
# p result
|
|
2818
|
+
#
|
|
2819
|
+
def test_iam_permissions request, options = nil
|
|
2820
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
2821
|
+
|
|
2822
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V1::TestIamPermissionsRequest
|
|
2823
|
+
|
|
2824
|
+
# Converts hash and nil to an options object
|
|
2825
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
2826
|
+
|
|
2827
|
+
# Customize the options with defaults
|
|
2828
|
+
metadata = @config.rpcs.test_iam_permissions.metadata.to_h
|
|
2829
|
+
|
|
2830
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
|
2831
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
2832
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
2833
|
+
gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
|
|
2834
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
2835
|
+
|
|
2836
|
+
header_params = {}
|
|
2837
|
+
if request.resource
|
|
2838
|
+
header_params["resource"] = request.resource
|
|
2839
|
+
end
|
|
2840
|
+
|
|
2841
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
|
2842
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
|
2843
|
+
|
|
2844
|
+
options.apply_defaults timeout: @config.rpcs.test_iam_permissions.timeout,
|
|
2845
|
+
metadata: metadata,
|
|
2846
|
+
retry_policy: @config.rpcs.test_iam_permissions.retry_policy
|
|
2847
|
+
|
|
2848
|
+
options.apply_defaults timeout: @config.timeout,
|
|
2849
|
+
metadata: @config.metadata,
|
|
2850
|
+
retry_policy: @config.retry_policy
|
|
2851
|
+
|
|
2852
|
+
@access_context_manager_stub.call_rpc :test_iam_permissions, request, options: options do |response, operation|
|
|
2853
|
+
yield response, operation if block_given?
|
|
2854
|
+
return response
|
|
2855
|
+
end
|
|
2856
|
+
rescue ::GRPC::BadStatus => e
|
|
2857
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
2858
|
+
end
|
|
2859
|
+
|
|
2566
2860
|
##
|
|
2567
2861
|
# Configuration class for the AccessContextManager API.
|
|
2568
2862
|
#
|
|
@@ -2813,6 +3107,21 @@ module Google
|
|
|
2813
3107
|
# @return [::Gapic::Config::Method]
|
|
2814
3108
|
#
|
|
2815
3109
|
attr_reader :delete_gcp_user_access_binding
|
|
3110
|
+
##
|
|
3111
|
+
# RPC-specific configuration for `set_iam_policy`
|
|
3112
|
+
# @return [::Gapic::Config::Method]
|
|
3113
|
+
#
|
|
3114
|
+
attr_reader :set_iam_policy
|
|
3115
|
+
##
|
|
3116
|
+
# RPC-specific configuration for `get_iam_policy`
|
|
3117
|
+
# @return [::Gapic::Config::Method]
|
|
3118
|
+
#
|
|
3119
|
+
attr_reader :get_iam_policy
|
|
3120
|
+
##
|
|
3121
|
+
# RPC-specific configuration for `test_iam_permissions`
|
|
3122
|
+
# @return [::Gapic::Config::Method]
|
|
3123
|
+
#
|
|
3124
|
+
attr_reader :test_iam_permissions
|
|
2816
3125
|
|
|
2817
3126
|
# @private
|
|
2818
3127
|
def initialize parent_rpcs = nil
|
|
@@ -2862,6 +3171,12 @@ module Google
|
|
|
2862
3171
|
@update_gcp_user_access_binding = ::Gapic::Config::Method.new update_gcp_user_access_binding_config
|
|
2863
3172
|
delete_gcp_user_access_binding_config = parent_rpcs.delete_gcp_user_access_binding if parent_rpcs.respond_to? :delete_gcp_user_access_binding
|
|
2864
3173
|
@delete_gcp_user_access_binding = ::Gapic::Config::Method.new delete_gcp_user_access_binding_config
|
|
3174
|
+
set_iam_policy_config = parent_rpcs.set_iam_policy if parent_rpcs.respond_to? :set_iam_policy
|
|
3175
|
+
@set_iam_policy = ::Gapic::Config::Method.new set_iam_policy_config
|
|
3176
|
+
get_iam_policy_config = parent_rpcs.get_iam_policy if parent_rpcs.respond_to? :get_iam_policy
|
|
3177
|
+
@get_iam_policy = ::Gapic::Config::Method.new get_iam_policy_config
|
|
3178
|
+
test_iam_permissions_config = parent_rpcs.test_iam_permissions if parent_rpcs.respond_to? :test_iam_permissions
|
|
3179
|
+
@test_iam_permissions = ::Gapic::Config::Method.new test_iam_permissions_config
|
|
2865
3180
|
|
|
2866
3181
|
yield self if block_given?
|
|
2867
3182
|
end
|