@maxim_mazurok/gapi.client.iam-v1 0.0.20230119 → 0.0.20230202

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/index.d.ts +878 -20
  2. package/package.json +1 -1
  3. package/tests.ts +186 -1
package/index.d.ts CHANGED
@@ -9,7 +9,7 @@
9
9
  // This file was generated by https://github.com/Maxim-Mazurok/google-api-typings-generator. Please do not edit it manually.
10
10
  // In case of any problems please post issue to https://github.com/Maxim-Mazurok/google-api-typings-generator
11
11
  // Generated from: https://iam.googleapis.com/$discovery/rest?version=v1
12
- // Revision: 20230119
12
+ // Revision: 20230202
13
13
 
14
14
  /// <reference types="gapi.client" />
15
15
 
@@ -67,14 +67,14 @@ declare namespace gapi.client {
67
67
  * Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example,
68
68
  * `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service
69
69
  * account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. *
70
- * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique
71
- * identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to
72
- * `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing
73
- * a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value
74
- * reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique
75
- * identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to
76
- * `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For
77
- * example, `google.com` or `example.com`.
70
+ * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the
71
+ * users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has
72
+ * been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains
73
+ * the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently
74
+ * deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and
75
+ * the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that
76
+ * has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group
77
+ * retains the role in the binding.
78
78
  */
79
79
  members?: string[];
80
80
  /** Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. */
@@ -139,6 +139,37 @@ declare namespace gapi.client {
139
139
  /** Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. */
140
140
  title?: string;
141
141
  }
142
+ interface GetIamPolicyRequest {
143
+ /** OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`. */
144
+ options?: GetPolicyOptions;
145
+ }
146
+ interface GetPolicyOptions {
147
+ /**
148
+ * Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for
149
+ * policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in
150
+ * the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role
151
+ * bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM
152
+ * documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
153
+ */
154
+ requestedPolicyVersion?: number;
155
+ }
156
+ interface GoogleIamAdminV1WorkforcePoolProviderOidc {
157
+ /** Required. The client ID. Must match the audience claim of the JWT issued by the identity provider. */
158
+ clientId?: string;
159
+ /** Required. The OIDC issuer URI. Must be a valid URI using the 'https' scheme. */
160
+ issuerUri?: string;
161
+ }
162
+ interface GoogleIamAdminV1WorkforcePoolProviderSaml {
163
+ /**
164
+ * Required. SAML Identity provider configuration metadata xml doc. The xml document should comply with [SAML 2.0
165
+ * specification](https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf). The max size of the acceptable xml document will be bounded to 128k characters. The metadata
166
+ * xml document should satisfy the following constraints: 1) Must contain an Identity Provider Entity ID. 2) Must contain at least one non-expired signing key certificate. 3) For each
167
+ * signing key: a) Valid from should be no more than 7 days from now. b) Valid to should be no more than 14 years in the future. 4) Up to 3 IdP signing keys are allowed in the metadata
168
+ * xml. When updating the provider's metadata xml, at least one non-expired signing key must overlap with the existing metadata. This requirement is skipped if there are no non-expired
169
+ * signing keys present in the existing metadata.
170
+ */
171
+ idpMetadataXml?: string;
172
+ }
142
173
  interface LintPolicyRequest {
143
174
  /** google.iam.v1.Binding.condition object to be linted. */
144
175
  condition?: Expr;
@@ -186,6 +217,18 @@ declare namespace gapi.client {
186
217
  /** To retrieve the next page of results, set ListServiceAccountsRequest.page_token to this value. */
187
218
  nextPageToken?: string;
188
219
  }
220
+ interface ListWorkforcePoolProvidersResponse {
221
+ /** A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. */
222
+ nextPageToken?: string;
223
+ /** A list of providers. */
224
+ workforcePoolProviders?: WorkforcePoolProvider[];
225
+ }
226
+ interface ListWorkforcePoolsResponse {
227
+ /** A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. */
228
+ nextPageToken?: string;
229
+ /** A list of pools. */
230
+ workforcePools?: WorkforcePool[];
231
+ }
189
232
  interface ListWorkloadIdentityPoolProvidersResponse {
190
233
  /** A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages. */
191
234
  nextPageToken?: string;
@@ -497,6 +540,15 @@ declare namespace gapi.client {
497
540
  restoredAccount?: ServiceAccount;
498
541
  }
499
542
  // tslint:disable-next-line:no-empty-interface
543
+ interface UndeleteWorkforcePoolProviderRequest {
544
+ }
545
+ // tslint:disable-next-line:no-empty-interface
546
+ interface UndeleteWorkforcePoolRequest {
547
+ }
548
+ // tslint:disable-next-line:no-empty-interface
549
+ interface UndeleteWorkforcePoolSubjectRequest {
550
+ }
551
+ // tslint:disable-next-line:no-empty-interface
500
552
  interface UndeleteWorkloadIdentityPoolProviderRequest {
501
553
  }
502
554
  // tslint:disable-next-line:no-empty-interface
@@ -509,6 +561,75 @@ declare namespace gapi.client {
509
561
  */
510
562
  publicKeyData?: string;
511
563
  }
564
+ interface WorkforcePool {
565
+ /** A user-specified description of the pool. Cannot exceed 256 characters. */
566
+ description?: string;
567
+ /**
568
+ * Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access
569
+ * again.
570
+ */
571
+ disabled?: boolean;
572
+ /** A user-specified display name of the pool in Google Cloud Console. Cannot exceed 32 characters. */
573
+ displayName?: string;
574
+ /** Output only. The resource name of the pool. Format: `locations/{location}/workforcePools/{workforce_pool_id}` */
575
+ name?: string;
576
+ /** Immutable. The resource name of the parent. Format: `organizations/{org-id}`. */
577
+ parent?: string;
578
+ /**
579
+ * Duration that the Google Cloud access tokens, console sign-in sessions, and `gcloud` sign-in sessions from this pool are valid. Must be greater than 15 minutes (900s) and less than
580
+ * 12 hours (43200s). If `session_duration` is not configured, minted credentials have a default duration of one hour (3600s). For SAML providers, the lifetime of the token is the
581
+ * minimum of the `session_duration` and the SessionNotOnOrAfter claim in the SAML assertion.
582
+ */
583
+ sessionDuration?: string;
584
+ /** Output only. The state of the pool. */
585
+ state?: string;
586
+ }
587
+ interface WorkforcePoolProvider {
588
+ /**
589
+ * A [Common Expression Language](https://opensource.google/projects/cel) expression, in plain text, to restrict what otherwise valid authentication credentials issued by the provider
590
+ * should not be accepted. The expression must output a boolean representing whether to allow the federation. The following keywords may be referenced in the expressions: *
591
+ * `assertion`: JSON representing the authentication credential issued by the provider. * `google`: The Google attributes mapped from the assertion in the `attribute_mappings`.
592
+ * `google.profile_photo` and `google.display_name` are not supported. * `attribute`: The custom attributes mapped from the assertion in the `attribute_mappings`. The maximum length of
593
+ * the attribute condition expression is 4096 characters. If unspecified, all valid authentication credentials will be accepted. The following example shows how to only allow
594
+ * credentials with a mapped `google.groups` value of `admins`: ``` "'admins' in google.groups" ```
595
+ */
596
+ attributeCondition?: string;
597
+ /**
598
+ * Required. Maps attributes from the authentication credentials issued by an external identity provider to Google Cloud attributes, such as `subject` and `segment`. Each key must be a
599
+ * string specifying the Google Cloud IAM attribute to map to. The following keys are supported: * `google.subject`: The principal IAM is authenticating. You can reference this value
600
+ * in IAM bindings. This is also the subject that appears in Cloud Logging logs. This is a required field and the mapped subject cannot exceed 127 bytes. * `google.groups`: Groups the
601
+ * authenticating user belongs to. You can grant groups access to resources using an IAM `principalSet` binding; access applies to all members of the group. * `google.display_name`:
602
+ * The name of the authenticated user. This is an optional field and the mapped display name cannot exceed 100 bytes. If not set, `google.subject` will be displayed instead. This
603
+ * attribute cannot be referenced in IAM bindings. * `google.profile_photo`: The URL that specifies the authenticated user's thumbnail photo. This is an optional field. When set, the
604
+ * image will be visible as the user's profile picture. If not set, a generic user icon will be displayed instead. This attribute cannot be referenced in IAM bindings. You can also
605
+ * provide custom attributes by specifying `attribute.{custom_attribute}`, where {custom_attribute} is the name of the custom attribute to be mapped. You can define a maximum of 50
606
+ * custom attributes. The maximum length of a mapped attribute key is 100 characters, and the key may only contain the characters [a-z0-9_]. You can reference these attributes in IAM
607
+ * policies to define fine-grained access for a workforce pool to Google Cloud resources. For example: * `google.subject`:
608
+ * `principal://iam.googleapis.com/locations/global/workforcePools/{pool}/subject/{value}` * `google.groups`:
609
+ * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool}/group/{value}` * `attribute.{custom_attribute}`:
610
+ * `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool}/attribute.{custom_attribute}/{value}` Each value must be a [Common Expression Language]
611
+ * (https://opensource.google/projects/cel) function that maps an identity provider credential to the normalized attribute specified by the corresponding map key. You can use the
612
+ * `assertion` keyword in the expression to access a JSON representation of the authentication credential issued by the provider. The maximum length of an attribute mapping expression
613
+ * is 2048 characters. When evaluated, the total size of all mapped attributes must not exceed 4KB. For OIDC providers, you must supply a custom mapping that includes the
614
+ * `google.subject` attribute. For example, the following maps the `sub` claim of the incoming credential to the `subject` attribute on a Google token: ``` {"google.subject":
615
+ * "assertion.sub"} ```
616
+ */
617
+ attributeMapping?: { [P in string]: string };
618
+ /** A user-specified description of the provider. Cannot exceed 256 characters. */
619
+ description?: string;
620
+ /** Whether the provider is disabled. You cannot use a disabled provider to exchange tokens. However, existing tokens still grant access. */
621
+ disabled?: boolean;
622
+ /** A user-specified display name for the provider. Cannot exceed 32 characters. */
623
+ displayName?: string;
624
+ /** Output only. The resource name of the provider. Format: `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provider_id}` */
625
+ name?: string;
626
+ /** An OpenId Connect 1.0 identity provider configuration. */
627
+ oidc?: GoogleIamAdminV1WorkforcePoolProviderOidc;
628
+ /** A SAML identity provider configuration. */
629
+ saml?: GoogleIamAdminV1WorkforcePoolProviderSaml;
630
+ /** Output only. The state of the provider. */
631
+ state?: string;
632
+ }
512
633
  interface WorkloadIdentityPool {
513
634
  /** A description of the pool. Cannot exceed 256 characters. */
514
635
  description?: string;
@@ -777,11 +898,103 @@ declare namespace gapi.client {
777
898
  }): Request<Operation>;
778
899
  }
779
900
  interface ProvidersResource {
780
- keys: KeysResource;
781
- operations: OperationsResource;
782
- }
783
- interface OperationsResource {
784
- /** Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. */
901
+ /** Creates a new WorkforcePoolProvider in a WorkforcePool. You cannot reuse the name of a deleted provider until 30 days after deletion. */
902
+ create(request: {
903
+ /** V1 error format. */
904
+ "$.xgafv"?: string;
905
+ /** OAuth access token. */
906
+ access_token?: string;
907
+ /** Data format for response. */
908
+ alt?: string;
909
+ /** JSONP */
910
+ callback?: string;
911
+ /** Selector specifying which fields to include in a partial response. */
912
+ fields?: string;
913
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
914
+ key?: string;
915
+ /** OAuth 2.0 token for the current user. */
916
+ oauth_token?: string;
917
+ /** Required. The pool to create this provider in. Format: `locations/{location}/workforcePools/{workforce_pool_id}` */
918
+ parent: string;
919
+ /** Returns response with indentations and line breaks. */
920
+ prettyPrint?: boolean;
921
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
922
+ quotaUser?: string;
923
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
924
+ upload_protocol?: string;
925
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
926
+ uploadType?: string;
927
+ /**
928
+ * Required. The ID for the provider, which becomes the final component of the resource name. This value must be 4-32 characters, and may contain the characters [a-z0-9-]. The
929
+ * prefix `gcp-` is reserved for use by Google, and may not be specified.
930
+ */
931
+ workforcePoolProviderId?: string;
932
+ /** Request body */
933
+ resource: WorkforcePoolProvider;
934
+ }): Request<Operation>;
935
+ create(request: {
936
+ /** V1 error format. */
937
+ "$.xgafv"?: string;
938
+ /** OAuth access token. */
939
+ access_token?: string;
940
+ /** Data format for response. */
941
+ alt?: string;
942
+ /** JSONP */
943
+ callback?: string;
944
+ /** Selector specifying which fields to include in a partial response. */
945
+ fields?: string;
946
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
947
+ key?: string;
948
+ /** OAuth 2.0 token for the current user. */
949
+ oauth_token?: string;
950
+ /** Required. The pool to create this provider in. Format: `locations/{location}/workforcePools/{workforce_pool_id}` */
951
+ parent: string;
952
+ /** Returns response with indentations and line breaks. */
953
+ prettyPrint?: boolean;
954
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
955
+ quotaUser?: string;
956
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
957
+ upload_protocol?: string;
958
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
959
+ uploadType?: string;
960
+ /**
961
+ * Required. The ID for the provider, which becomes the final component of the resource name. This value must be 4-32 characters, and may contain the characters [a-z0-9-]. The
962
+ * prefix `gcp-` is reserved for use by Google, and may not be specified.
963
+ */
964
+ workforcePoolProviderId?: string;
965
+ },
966
+ body: WorkforcePoolProvider): Request<Operation>;
967
+ /**
968
+ * Deletes a WorkforcePoolProvider. Deleting a provider does not revoke credentials that have already been\ issued; they continue to grant access. You can undelete a provider for 30
969
+ * days. After 30 days, deletion is permanent. You cannot update deleted providers. However, you can view and list them.
970
+ */
971
+ delete(request?: {
972
+ /** V1 error format. */
973
+ "$.xgafv"?: string;
974
+ /** OAuth access token. */
975
+ access_token?: string;
976
+ /** Data format for response. */
977
+ alt?: string;
978
+ /** JSONP */
979
+ callback?: string;
980
+ /** Selector specifying which fields to include in a partial response. */
981
+ fields?: string;
982
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
983
+ key?: string;
984
+ /** Required. The name of the provider to delete. Format: `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provider_id}` */
985
+ name: string;
986
+ /** OAuth 2.0 token for the current user. */
987
+ oauth_token?: string;
988
+ /** Returns response with indentations and line breaks. */
989
+ prettyPrint?: boolean;
990
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
991
+ quotaUser?: string;
992
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
993
+ upload_protocol?: string;
994
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
995
+ uploadType?: string;
996
+ }): Request<Operation>;
997
+ /** Gets an individual WorkforcePoolProvider. */
785
998
  get(request?: {
786
999
  /** V1 error format. */
787
1000
  "$.xgafv"?: string;
@@ -795,7 +1008,67 @@ declare namespace gapi.client {
795
1008
  fields?: string;
796
1009
  /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
797
1010
  key?: string;
798
- /** The name of the operation resource. */
1011
+ /** Required. The name of the provider to retrieve. Format: `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provider_id}` */
1012
+ name: string;
1013
+ /** OAuth 2.0 token for the current user. */
1014
+ oauth_token?: string;
1015
+ /** Returns response with indentations and line breaks. */
1016
+ prettyPrint?: boolean;
1017
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1018
+ quotaUser?: string;
1019
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1020
+ upload_protocol?: string;
1021
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1022
+ uploadType?: string;
1023
+ }): Request<WorkforcePoolProvider>;
1024
+ /** Lists all non-deleted WorkforcePoolProviders in a WorkforcePool. If `show_deleted` is set to `true`, then deleted providers are also listed. */
1025
+ list(request?: {
1026
+ /** V1 error format. */
1027
+ "$.xgafv"?: string;
1028
+ /** OAuth access token. */
1029
+ access_token?: string;
1030
+ /** Data format for response. */
1031
+ alt?: string;
1032
+ /** JSONP */
1033
+ callback?: string;
1034
+ /** Selector specifying which fields to include in a partial response. */
1035
+ fields?: string;
1036
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1037
+ key?: string;
1038
+ /** OAuth 2.0 token for the current user. */
1039
+ oauth_token?: string;
1040
+ /** The maximum number of providers to return. If unspecified, at most 50 providers are returned. The maximum value is 100; values above 100 are truncated to 100. */
1041
+ pageSize?: number;
1042
+ /** A page token, received from a previous `ListWorkforcePoolProviders` call. Provide this to retrieve the subsequent page. */
1043
+ pageToken?: string;
1044
+ /** Required. The pool to list providers for. Format: `locations/{location}/workforcePools/{workforce_pool_id}` */
1045
+ parent: string;
1046
+ /** Returns response with indentations and line breaks. */
1047
+ prettyPrint?: boolean;
1048
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1049
+ quotaUser?: string;
1050
+ /** Whether to return soft-deleted providers. */
1051
+ showDeleted?: boolean;
1052
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1053
+ upload_protocol?: string;
1054
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1055
+ uploadType?: string;
1056
+ }): Request<ListWorkforcePoolProvidersResponse>;
1057
+ /** Updates an existing WorkforcePoolProvider. */
1058
+ patch(request: {
1059
+ /** V1 error format. */
1060
+ "$.xgafv"?: string;
1061
+ /** OAuth access token. */
1062
+ access_token?: string;
1063
+ /** Data format for response. */
1064
+ alt?: string;
1065
+ /** JSONP */
1066
+ callback?: string;
1067
+ /** Selector specifying which fields to include in a partial response. */
1068
+ fields?: string;
1069
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1070
+ key?: string;
1071
+ /** Output only. The resource name of the provider. Format: `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provider_id}` */
799
1072
  name: string;
800
1073
  /** OAuth 2.0 token for the current user. */
801
1074
  oauth_token?: string;
@@ -803,16 +1076,601 @@ declare namespace gapi.client {
803
1076
  prettyPrint?: boolean;
804
1077
  /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
805
1078
  quotaUser?: string;
1079
+ /** Required. The list of fields to update. */
1080
+ updateMask?: string;
806
1081
  /** Upload protocol for media (e.g. "raw", "multipart"). */
807
1082
  upload_protocol?: string;
808
1083
  /** Legacy upload protocol for media (e.g. "media", "multipart"). */
809
1084
  uploadType?: string;
1085
+ /** Request body */
1086
+ resource: WorkforcePoolProvider;
810
1087
  }): Request<Operation>;
811
- }
812
- interface SubjectsResource {
813
- operations: OperationsResource;
814
- }
815
- interface WorkforcePoolsResource {
1088
+ patch(request: {
1089
+ /** V1 error format. */
1090
+ "$.xgafv"?: string;
1091
+ /** OAuth access token. */
1092
+ access_token?: string;
1093
+ /** Data format for response. */
1094
+ alt?: string;
1095
+ /** JSONP */
1096
+ callback?: string;
1097
+ /** Selector specifying which fields to include in a partial response. */
1098
+ fields?: string;
1099
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1100
+ key?: string;
1101
+ /** Output only. The resource name of the provider. Format: `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provider_id}` */
1102
+ name: string;
1103
+ /** OAuth 2.0 token for the current user. */
1104
+ oauth_token?: string;
1105
+ /** Returns response with indentations and line breaks. */
1106
+ prettyPrint?: boolean;
1107
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1108
+ quotaUser?: string;
1109
+ /** Required. The list of fields to update. */
1110
+ updateMask?: string;
1111
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1112
+ upload_protocol?: string;
1113
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1114
+ uploadType?: string;
1115
+ },
1116
+ body: WorkforcePoolProvider): Request<Operation>;
1117
+ /** Undeletes a WorkforcePoolProvider, as long as it was deleted fewer than 30 days ago. */
1118
+ undelete(request: {
1119
+ /** V1 error format. */
1120
+ "$.xgafv"?: string;
1121
+ /** OAuth access token. */
1122
+ access_token?: string;
1123
+ /** Data format for response. */
1124
+ alt?: string;
1125
+ /** JSONP */
1126
+ callback?: string;
1127
+ /** Selector specifying which fields to include in a partial response. */
1128
+ fields?: string;
1129
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1130
+ key?: string;
1131
+ /** Required. The name of the provider to undelete. Format: `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provider_id}` */
1132
+ name: string;
1133
+ /** OAuth 2.0 token for the current user. */
1134
+ oauth_token?: string;
1135
+ /** Returns response with indentations and line breaks. */
1136
+ prettyPrint?: boolean;
1137
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1138
+ quotaUser?: string;
1139
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1140
+ upload_protocol?: string;
1141
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1142
+ uploadType?: string;
1143
+ /** Request body */
1144
+ resource: UndeleteWorkforcePoolProviderRequest;
1145
+ }): Request<Operation>;
1146
+ undelete(request: {
1147
+ /** V1 error format. */
1148
+ "$.xgafv"?: string;
1149
+ /** OAuth access token. */
1150
+ access_token?: string;
1151
+ /** Data format for response. */
1152
+ alt?: string;
1153
+ /** JSONP */
1154
+ callback?: string;
1155
+ /** Selector specifying which fields to include in a partial response. */
1156
+ fields?: string;
1157
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1158
+ key?: string;
1159
+ /** Required. The name of the provider to undelete. Format: `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provider_id}` */
1160
+ name: string;
1161
+ /** OAuth 2.0 token for the current user. */
1162
+ oauth_token?: string;
1163
+ /** Returns response with indentations and line breaks. */
1164
+ prettyPrint?: boolean;
1165
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1166
+ quotaUser?: string;
1167
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1168
+ upload_protocol?: string;
1169
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1170
+ uploadType?: string;
1171
+ },
1172
+ body: UndeleteWorkforcePoolProviderRequest): Request<Operation>;
1173
+ keys: KeysResource;
1174
+ operations: OperationsResource;
1175
+ }
1176
+ interface OperationsResource {
1177
+ /** Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. */
1178
+ get(request?: {
1179
+ /** V1 error format. */
1180
+ "$.xgafv"?: string;
1181
+ /** OAuth access token. */
1182
+ access_token?: string;
1183
+ /** Data format for response. */
1184
+ alt?: string;
1185
+ /** JSONP */
1186
+ callback?: string;
1187
+ /** Selector specifying which fields to include in a partial response. */
1188
+ fields?: string;
1189
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1190
+ key?: string;
1191
+ /** The name of the operation resource. */
1192
+ name: string;
1193
+ /** OAuth 2.0 token for the current user. */
1194
+ oauth_token?: string;
1195
+ /** Returns response with indentations and line breaks. */
1196
+ prettyPrint?: boolean;
1197
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1198
+ quotaUser?: string;
1199
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1200
+ upload_protocol?: string;
1201
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1202
+ uploadType?: string;
1203
+ }): Request<Operation>;
1204
+ }
1205
+ interface SubjectsResource {
1206
+ /**
1207
+ * Deletes a WorkforcePoolSubject. Subject must not already be in a deleted state. A WorkforcePoolSubject is automatically created the first time an external credential is exchanged
1208
+ * for a Google Cloud credential with a mapped `google.subject` attribute. There is no path to manually create WorkforcePoolSubjects. Once deleted, the WorkforcePoolSubject may not be
1209
+ * used for 30 days. After 30 days, the WorkforcePoolSubject will be deleted forever and can be reused in token exchanges with Google Cloud STS. This will automatically create a new
1210
+ * WorkforcePoolSubject that is independent of the previously deleted WorkforcePoolSubject with the same google.subject value.
1211
+ */
1212
+ delete(request?: {
1213
+ /** V1 error format. */
1214
+ "$.xgafv"?: string;
1215
+ /** OAuth access token. */
1216
+ access_token?: string;
1217
+ /** Data format for response. */
1218
+ alt?: string;
1219
+ /** JSONP */
1220
+ callback?: string;
1221
+ /** Selector specifying which fields to include in a partial response. */
1222
+ fields?: string;
1223
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1224
+ key?: string;
1225
+ /**
1226
+ * Required. The resource name of the WorkforcePoolSubject. Special characters, like '/' and ':', must be escaped, because all URLs need to conform to the "When to Escape and
1227
+ * Unescape" section of [RFC3986](https://www.ietf.org/rfc/rfc2396.txt). Format: `locations/{location}/workforcePools/{workforce_pool_id}/subjects/{subject_id}`
1228
+ */
1229
+ name: string;
1230
+ /** OAuth 2.0 token for the current user. */
1231
+ oauth_token?: string;
1232
+ /** Returns response with indentations and line breaks. */
1233
+ prettyPrint?: boolean;
1234
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1235
+ quotaUser?: string;
1236
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1237
+ upload_protocol?: string;
1238
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1239
+ uploadType?: string;
1240
+ }): Request<Operation>;
1241
+ /** Undeletes a WorkforcePoolSubject, as long as it was deleted fewer than 30 days ago. */
1242
+ undelete(request: {
1243
+ /** V1 error format. */
1244
+ "$.xgafv"?: string;
1245
+ /** OAuth access token. */
1246
+ access_token?: string;
1247
+ /** Data format for response. */
1248
+ alt?: string;
1249
+ /** JSONP */
1250
+ callback?: string;
1251
+ /** Selector specifying which fields to include in a partial response. */
1252
+ fields?: string;
1253
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1254
+ key?: string;
1255
+ /**
1256
+ * Required. The resource name of the WorkforcePoolSubject. Special characters, like '/' and ':', must be escaped, because all URLs need to conform to the "When to Escape and
1257
+ * Unescape" section of [RFC3986](https://www.ietf.org/rfc/rfc2396.txt). Format: `locations/{location}/workforcePools/{workforce_pool_id}/subjects/{subject_id}`
1258
+ */
1259
+ name: string;
1260
+ /** OAuth 2.0 token for the current user. */
1261
+ oauth_token?: string;
1262
+ /** Returns response with indentations and line breaks. */
1263
+ prettyPrint?: boolean;
1264
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1265
+ quotaUser?: string;
1266
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1267
+ upload_protocol?: string;
1268
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1269
+ uploadType?: string;
1270
+ /** Request body */
1271
+ resource: UndeleteWorkforcePoolSubjectRequest;
1272
+ }): Request<Operation>;
1273
+ undelete(request: {
1274
+ /** V1 error format. */
1275
+ "$.xgafv"?: string;
1276
+ /** OAuth access token. */
1277
+ access_token?: string;
1278
+ /** Data format for response. */
1279
+ alt?: string;
1280
+ /** JSONP */
1281
+ callback?: string;
1282
+ /** Selector specifying which fields to include in a partial response. */
1283
+ fields?: string;
1284
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1285
+ key?: string;
1286
+ /**
1287
+ * Required. The resource name of the WorkforcePoolSubject. Special characters, like '/' and ':', must be escaped, because all URLs need to conform to the "When to Escape and
1288
+ * Unescape" section of [RFC3986](https://www.ietf.org/rfc/rfc2396.txt). Format: `locations/{location}/workforcePools/{workforce_pool_id}/subjects/{subject_id}`
1289
+ */
1290
+ name: string;
1291
+ /** OAuth 2.0 token for the current user. */
1292
+ oauth_token?: string;
1293
+ /** Returns response with indentations and line breaks. */
1294
+ prettyPrint?: boolean;
1295
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1296
+ quotaUser?: string;
1297
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1298
+ upload_protocol?: string;
1299
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1300
+ uploadType?: string;
1301
+ },
1302
+ body: UndeleteWorkforcePoolSubjectRequest): Request<Operation>;
1303
+ operations: OperationsResource;
1304
+ }
1305
+ interface WorkforcePoolsResource {
1306
+ /** Creates a new WorkforcePool. You cannot reuse the name of a deleted pool until 30 days after deletion. */
1307
+ create(request: {
1308
+ /** V1 error format. */
1309
+ "$.xgafv"?: string;
1310
+ /** OAuth access token. */
1311
+ access_token?: string;
1312
+ /** Data format for response. */
1313
+ alt?: string;
1314
+ /** JSONP */
1315
+ callback?: string;
1316
+ /** Selector specifying which fields to include in a partial response. */
1317
+ fields?: string;
1318
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1319
+ key?: string;
1320
+ /** The location of the pool to create. Format: `locations/{location}`. */
1321
+ location: string;
1322
+ /** OAuth 2.0 token for the current user. */
1323
+ oauth_token?: string;
1324
+ /** Returns response with indentations and line breaks. */
1325
+ prettyPrint?: boolean;
1326
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1327
+ quotaUser?: string;
1328
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1329
+ upload_protocol?: string;
1330
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1331
+ uploadType?: string;
1332
+ /**
1333
+ * The ID to use for the pool, which becomes the final component of the resource name. The IDs must be a globally unique string of 6 to 63 lowercase letters, digits, or hyphens. It
1334
+ * must start with a letter, and cannot have a trailing hyphen. The prefix `gcp-` is reserved for use by Google, and may not be specified.
1335
+ */
1336
+ workforcePoolId?: string;
1337
+ /** Request body */
1338
+ resource: WorkforcePool;
1339
+ }): Request<Operation>;
1340
+ create(request: {
1341
+ /** V1 error format. */
1342
+ "$.xgafv"?: string;
1343
+ /** OAuth access token. */
1344
+ access_token?: string;
1345
+ /** Data format for response. */
1346
+ alt?: string;
1347
+ /** JSONP */
1348
+ callback?: string;
1349
+ /** Selector specifying which fields to include in a partial response. */
1350
+ fields?: string;
1351
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1352
+ key?: string;
1353
+ /** The location of the pool to create. Format: `locations/{location}`. */
1354
+ location: string;
1355
+ /** OAuth 2.0 token for the current user. */
1356
+ oauth_token?: string;
1357
+ /** Returns response with indentations and line breaks. */
1358
+ prettyPrint?: boolean;
1359
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1360
+ quotaUser?: string;
1361
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1362
+ upload_protocol?: string;
1363
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1364
+ uploadType?: string;
1365
+ /**
1366
+ * The ID to use for the pool, which becomes the final component of the resource name. The IDs must be a globally unique string of 6 to 63 lowercase letters, digits, or hyphens. It
1367
+ * must start with a letter, and cannot have a trailing hyphen. The prefix `gcp-` is reserved for use by Google, and may not be specified.
1368
+ */
1369
+ workforcePoolId?: string;
1370
+ },
1371
+ body: WorkforcePool): Request<Operation>;
1372
+ /**
1373
+ * Deletes a WorkforcePool. You cannot use a deleted WorkforcePool to exchange external credentials for Google Cloud credentials. However, deletion does not revoke credentials that
1374
+ * have already been issued. Credentials issued for a deleted pool do not grant access to resources. If the pool is undeleted, and the credentials are not expired, they grant access
1375
+ * again. You can undelete a pool for 30 days. After 30 days, deletion is permanent. You cannot update deleted pools. However, you can view and list them.
1376
+ */
1377
+ delete(request?: {
1378
+ /** V1 error format. */
1379
+ "$.xgafv"?: string;
1380
+ /** OAuth access token. */
1381
+ access_token?: string;
1382
+ /** Data format for response. */
1383
+ alt?: string;
1384
+ /** JSONP */
1385
+ callback?: string;
1386
+ /** Selector specifying which fields to include in a partial response. */
1387
+ fields?: string;
1388
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1389
+ key?: string;
1390
+ /** Required. The name of the pool to delete. Format: `locations/{location}/workforcePools/{workforce_pool_id}` */
1391
+ name: string;
1392
+ /** OAuth 2.0 token for the current user. */
1393
+ oauth_token?: string;
1394
+ /** Returns response with indentations and line breaks. */
1395
+ prettyPrint?: boolean;
1396
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1397
+ quotaUser?: string;
1398
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1399
+ upload_protocol?: string;
1400
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1401
+ uploadType?: string;
1402
+ }): Request<Operation>;
1403
+ /** Gets an individual WorkforcePool. */
1404
+ get(request?: {
1405
+ /** V1 error format. */
1406
+ "$.xgafv"?: string;
1407
+ /** OAuth access token. */
1408
+ access_token?: string;
1409
+ /** Data format for response. */
1410
+ alt?: string;
1411
+ /** JSONP */
1412
+ callback?: string;
1413
+ /** Selector specifying which fields to include in a partial response. */
1414
+ fields?: string;
1415
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1416
+ key?: string;
1417
+ /** Required. The name of the pool to retrieve. Format: `locations/{location}/workforcePools/{workforce_pool_id}` */
1418
+ name: string;
1419
+ /** OAuth 2.0 token for the current user. */
1420
+ oauth_token?: string;
1421
+ /** Returns response with indentations and line breaks. */
1422
+ prettyPrint?: boolean;
1423
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1424
+ quotaUser?: string;
1425
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1426
+ upload_protocol?: string;
1427
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1428
+ uploadType?: string;
1429
+ }): Request<WorkforcePool>;
1430
+ /** Gets IAM policies on a WorkforcePool. */
1431
+ getIamPolicy(request: {
1432
+ /** V1 error format. */
1433
+ "$.xgafv"?: string;
1434
+ /** OAuth access token. */
1435
+ access_token?: string;
1436
+ /** Data format for response. */
1437
+ alt?: string;
1438
+ /** JSONP */
1439
+ callback?: string;
1440
+ /** Selector specifying which fields to include in a partial response. */
1441
+ fields?: string;
1442
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1443
+ key?: string;
1444
+ /** OAuth 2.0 token for the current user. */
1445
+ oauth_token?: string;
1446
+ /** Returns response with indentations and line breaks. */
1447
+ prettyPrint?: boolean;
1448
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1449
+ quotaUser?: string;
1450
+ /**
1451
+ * REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this
1452
+ * field.
1453
+ */
1454
+ resource: string;
1455
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1456
+ upload_protocol?: string;
1457
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1458
+ uploadType?: string;
1459
+ },
1460
+ body: GetIamPolicyRequest): Request<Policy>;
1461
+ /** Lists all non-deleted WorkforcePools under the specified parent. If `show_deleted` is set to `true`, then deleted pools are also listed. */
1462
+ list(request?: {
1463
+ /** V1 error format. */
1464
+ "$.xgafv"?: string;
1465
+ /** OAuth access token. */
1466
+ access_token?: string;
1467
+ /** Data format for response. */
1468
+ alt?: string;
1469
+ /** JSONP */
1470
+ callback?: string;
1471
+ /** Selector specifying which fields to include in a partial response. */
1472
+ fields?: string;
1473
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1474
+ key?: string;
1475
+ /** The location of the pool. Format: `locations/{location}`. */
1476
+ location: string;
1477
+ /** OAuth 2.0 token for the current user. */
1478
+ oauth_token?: string;
1479
+ /** The maximum number of pools to return. If unspecified, at most 50 pools will be returned. The maximum value is 1000; values above 1000 are truncated to 1000. */
1480
+ pageSize?: number;
1481
+ /** A page token, received from a previous `ListWorkforcePools` call. Provide this to retrieve the subsequent page. */
1482
+ pageToken?: string;
1483
+ /** Required. The parent resource to list pools for. Format: `organizations/{org-id}`. */
1484
+ parent?: string;
1485
+ /** Returns response with indentations and line breaks. */
1486
+ prettyPrint?: boolean;
1487
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1488
+ quotaUser?: string;
1489
+ /** Whether to return soft-deleted pools. */
1490
+ showDeleted?: boolean;
1491
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1492
+ upload_protocol?: string;
1493
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1494
+ uploadType?: string;
1495
+ }): Request<ListWorkforcePoolsResponse>;
1496
+ /** Updates an existing WorkforcePool. */
1497
+ patch(request: {
1498
+ /** V1 error format. */
1499
+ "$.xgafv"?: string;
1500
+ /** OAuth access token. */
1501
+ access_token?: string;
1502
+ /** Data format for response. */
1503
+ alt?: string;
1504
+ /** JSONP */
1505
+ callback?: string;
1506
+ /** Selector specifying which fields to include in a partial response. */
1507
+ fields?: string;
1508
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1509
+ key?: string;
1510
+ /** Output only. The resource name of the pool. Format: `locations/{location}/workforcePools/{workforce_pool_id}` */
1511
+ name: string;
1512
+ /** OAuth 2.0 token for the current user. */
1513
+ oauth_token?: string;
1514
+ /** Returns response with indentations and line breaks. */
1515
+ prettyPrint?: boolean;
1516
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1517
+ quotaUser?: string;
1518
+ /** Required. The list of fields to update. */
1519
+ updateMask?: string;
1520
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1521
+ upload_protocol?: string;
1522
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1523
+ uploadType?: string;
1524
+ /** Request body */
1525
+ resource: WorkforcePool;
1526
+ }): Request<Operation>;
1527
+ patch(request: {
1528
+ /** V1 error format. */
1529
+ "$.xgafv"?: string;
1530
+ /** OAuth access token. */
1531
+ access_token?: string;
1532
+ /** Data format for response. */
1533
+ alt?: string;
1534
+ /** JSONP */
1535
+ callback?: string;
1536
+ /** Selector specifying which fields to include in a partial response. */
1537
+ fields?: string;
1538
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1539
+ key?: string;
1540
+ /** Output only. The resource name of the pool. Format: `locations/{location}/workforcePools/{workforce_pool_id}` */
1541
+ name: string;
1542
+ /** OAuth 2.0 token for the current user. */
1543
+ oauth_token?: string;
1544
+ /** Returns response with indentations and line breaks. */
1545
+ prettyPrint?: boolean;
1546
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1547
+ quotaUser?: string;
1548
+ /** Required. The list of fields to update. */
1549
+ updateMask?: string;
1550
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1551
+ upload_protocol?: string;
1552
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1553
+ uploadType?: string;
1554
+ },
1555
+ body: WorkforcePool): Request<Operation>;
1556
+ /** Sets IAM policies on a WorkforcePool. */
1557
+ setIamPolicy(request: {
1558
+ /** V1 error format. */
1559
+ "$.xgafv"?: string;
1560
+ /** OAuth access token. */
1561
+ access_token?: string;
1562
+ /** Data format for response. */
1563
+ alt?: string;
1564
+ /** JSONP */
1565
+ callback?: string;
1566
+ /** Selector specifying which fields to include in a partial response. */
1567
+ fields?: string;
1568
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1569
+ key?: string;
1570
+ /** OAuth 2.0 token for the current user. */
1571
+ oauth_token?: string;
1572
+ /** Returns response with indentations and line breaks. */
1573
+ prettyPrint?: boolean;
1574
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1575
+ quotaUser?: string;
1576
+ /**
1577
+ * REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this
1578
+ * field.
1579
+ */
1580
+ resource: string;
1581
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1582
+ upload_protocol?: string;
1583
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1584
+ uploadType?: string;
1585
+ },
1586
+ body: SetIamPolicyRequest): Request<Policy>;
1587
+ /** Returns the caller's permissions on the WorkforcePool. If the pool does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. */
1588
+ testIamPermissions(request: {
1589
+ /** V1 error format. */
1590
+ "$.xgafv"?: string;
1591
+ /** OAuth access token. */
1592
+ access_token?: string;
1593
+ /** Data format for response. */
1594
+ alt?: string;
1595
+ /** JSONP */
1596
+ callback?: string;
1597
+ /** Selector specifying which fields to include in a partial response. */
1598
+ fields?: string;
1599
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1600
+ key?: string;
1601
+ /** OAuth 2.0 token for the current user. */
1602
+ oauth_token?: string;
1603
+ /** Returns response with indentations and line breaks. */
1604
+ prettyPrint?: boolean;
1605
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1606
+ quotaUser?: string;
1607
+ /**
1608
+ * REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for
1609
+ * this field.
1610
+ */
1611
+ resource: string;
1612
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1613
+ upload_protocol?: string;
1614
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1615
+ uploadType?: string;
1616
+ },
1617
+ body: TestIamPermissionsRequest): Request<TestIamPermissionsResponse>;
1618
+ /** Undeletes a WorkforcePool, as long as it was deleted fewer than 30 days ago. */
1619
+ undelete(request: {
1620
+ /** V1 error format. */
1621
+ "$.xgafv"?: string;
1622
+ /** OAuth access token. */
1623
+ access_token?: string;
1624
+ /** Data format for response. */
1625
+ alt?: string;
1626
+ /** JSONP */
1627
+ callback?: string;
1628
+ /** Selector specifying which fields to include in a partial response. */
1629
+ fields?: string;
1630
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1631
+ key?: string;
1632
+ /** Required. The name of the pool to undelete. Format: `locations/{location}/workforcePools/{workforce_pool_id}` */
1633
+ name: string;
1634
+ /** OAuth 2.0 token for the current user. */
1635
+ oauth_token?: string;
1636
+ /** Returns response with indentations and line breaks. */
1637
+ prettyPrint?: boolean;
1638
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1639
+ quotaUser?: string;
1640
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1641
+ upload_protocol?: string;
1642
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1643
+ uploadType?: string;
1644
+ /** Request body */
1645
+ resource: UndeleteWorkforcePoolRequest;
1646
+ }): Request<Operation>;
1647
+ undelete(request: {
1648
+ /** V1 error format. */
1649
+ "$.xgafv"?: string;
1650
+ /** OAuth access token. */
1651
+ access_token?: string;
1652
+ /** Data format for response. */
1653
+ alt?: string;
1654
+ /** JSONP */
1655
+ callback?: string;
1656
+ /** Selector specifying which fields to include in a partial response. */
1657
+ fields?: string;
1658
+ /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
1659
+ key?: string;
1660
+ /** Required. The name of the pool to undelete. Format: `locations/{location}/workforcePools/{workforce_pool_id}` */
1661
+ name: string;
1662
+ /** OAuth 2.0 token for the current user. */
1663
+ oauth_token?: string;
1664
+ /** Returns response with indentations and line breaks. */
1665
+ prettyPrint?: boolean;
1666
+ /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
1667
+ quotaUser?: string;
1668
+ /** Upload protocol for media (e.g. "raw", "multipart"). */
1669
+ upload_protocol?: string;
1670
+ /** Legacy upload protocol for media (e.g. "media", "multipart"). */
1671
+ uploadType?: string;
1672
+ },
1673
+ body: UndeleteWorkforcePoolRequest): Request<Operation>;
816
1674
  operations: OperationsResource;
817
1675
  providers: ProvidersResource;
818
1676
  subjects: SubjectsResource;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@maxim_mazurok/gapi.client.iam-v1",
3
- "version": "0.0.20230119",
3
+ "version": "0.0.20230202",
4
4
  "description": "TypeScript typings for Identity and Access Management (IAM) API v1",
5
5
  "license": "MIT",
6
6
  "author": {
package/tests.ts CHANGED
@@ -3,7 +3,7 @@
3
3
  // This file was generated by https://github.com/Maxim-Mazurok/google-api-typings-generator. Please do not edit it manually.
4
4
  // In case of any problems please post issue to https://github.com/Maxim-Mazurok/google-api-typings-generator
5
5
 
6
- // Revision: 20230119
6
+ // Revision: 20230202
7
7
 
8
8
  gapi.load('client', async () => {
9
9
  /** now we can use gapi.client */
@@ -51,10 +51,181 @@ gapi.load('client', async () => {
51
51
  }, {
52
52
  fullResourceName: "Test string",
53
53
  });
54
+ /** Creates a new WorkforcePool. You cannot reuse the name of a deleted pool until 30 days after deletion. */
55
+ await gapi.client.iam.locations.workforcePools.create({
56
+ location: "Test string",
57
+ workforcePoolId: "Test string",
58
+ }, {
59
+ description: "Test string",
60
+ disabled: true,
61
+ displayName: "Test string",
62
+ name: "Test string",
63
+ parent: "Test string",
64
+ sessionDuration: "Test string",
65
+ state: "Test string",
66
+ });
67
+ /**
68
+ * Deletes a WorkforcePool. You cannot use a deleted WorkforcePool to exchange external credentials for Google Cloud credentials. However, deletion does not revoke credentials that have
69
+ * already been issued. Credentials issued for a deleted pool do not grant access to resources. If the pool is undeleted, and the credentials are not expired, they grant access again. You
70
+ * can undelete a pool for 30 days. After 30 days, deletion is permanent. You cannot update deleted pools. However, you can view and list them.
71
+ */
72
+ await gapi.client.iam.locations.workforcePools.delete({
73
+ name: "Test string",
74
+ });
75
+ /** Gets an individual WorkforcePool. */
76
+ await gapi.client.iam.locations.workforcePools.get({
77
+ name: "Test string",
78
+ });
79
+ /** Gets IAM policies on a WorkforcePool. */
80
+ await gapi.client.iam.locations.workforcePools.getIamPolicy({
81
+ resource: "Test string",
82
+ }, {
83
+ options: {
84
+ requestedPolicyVersion: 42,
85
+ },
86
+ });
87
+ /** Lists all non-deleted WorkforcePools under the specified parent. If `show_deleted` is set to `true`, then deleted pools are also listed. */
88
+ await gapi.client.iam.locations.workforcePools.list({
89
+ location: "Test string",
90
+ pageSize: 42,
91
+ pageToken: "Test string",
92
+ parent: "Test string",
93
+ showDeleted: true,
94
+ });
95
+ /** Updates an existing WorkforcePool. */
96
+ await gapi.client.iam.locations.workforcePools.patch({
97
+ name: "Test string",
98
+ updateMask: "Test string",
99
+ }, {
100
+ description: "Test string",
101
+ disabled: true,
102
+ displayName: "Test string",
103
+ name: "Test string",
104
+ parent: "Test string",
105
+ sessionDuration: "Test string",
106
+ state: "Test string",
107
+ });
108
+ /** Sets IAM policies on a WorkforcePool. */
109
+ await gapi.client.iam.locations.workforcePools.setIamPolicy({
110
+ resource: "Test string",
111
+ }, {
112
+ policy: {
113
+ auditConfigs: [
114
+ {
115
+ auditLogConfigs: [
116
+ {
117
+ exemptedMembers: [
118
+ "Test string"
119
+ ],
120
+ logType: "Test string",
121
+ }
122
+ ],
123
+ service: "Test string",
124
+ }
125
+ ],
126
+ bindings: [
127
+ {
128
+ condition: {
129
+ description: "Test string",
130
+ expression: "Test string",
131
+ location: "Test string",
132
+ title: "Test string",
133
+ },
134
+ members: [
135
+ "Test string"
136
+ ],
137
+ role: "Test string",
138
+ }
139
+ ],
140
+ etag: "Test string",
141
+ version: 42,
142
+ },
143
+ updateMask: "Test string",
144
+ });
145
+ /** Returns the caller's permissions on the WorkforcePool. If the pool does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. */
146
+ await gapi.client.iam.locations.workforcePools.testIamPermissions({
147
+ resource: "Test string",
148
+ }, {
149
+ permissions: [
150
+ "Test string"
151
+ ],
152
+ });
153
+ /** Undeletes a WorkforcePool, as long as it was deleted fewer than 30 days ago. */
154
+ await gapi.client.iam.locations.workforcePools.undelete({
155
+ name: "Test string",
156
+ }, {
157
+ });
54
158
  /** Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. */
55
159
  await gapi.client.iam.locations.workforcePools.operations.get({
56
160
  name: "Test string",
57
161
  });
162
+ /** Creates a new WorkforcePoolProvider in a WorkforcePool. You cannot reuse the name of a deleted provider until 30 days after deletion. */
163
+ await gapi.client.iam.locations.workforcePools.providers.create({
164
+ parent: "Test string",
165
+ workforcePoolProviderId: "Test string",
166
+ }, {
167
+ attributeCondition: "Test string",
168
+ attributeMapping: {
169
+ A: "Test string"
170
+ },
171
+ description: "Test string",
172
+ disabled: true,
173
+ displayName: "Test string",
174
+ name: "Test string",
175
+ oidc: {
176
+ clientId: "Test string",
177
+ issuerUri: "Test string",
178
+ },
179
+ saml: {
180
+ idpMetadataXml: "Test string",
181
+ },
182
+ state: "Test string",
183
+ });
184
+ /**
185
+ * Deletes a WorkforcePoolProvider. Deleting a provider does not revoke credentials that have already been\ issued; they continue to grant access. You can undelete a provider for 30 days.
186
+ * After 30 days, deletion is permanent. You cannot update deleted providers. However, you can view and list them.
187
+ */
188
+ await gapi.client.iam.locations.workforcePools.providers.delete({
189
+ name: "Test string",
190
+ });
191
+ /** Gets an individual WorkforcePoolProvider. */
192
+ await gapi.client.iam.locations.workforcePools.providers.get({
193
+ name: "Test string",
194
+ });
195
+ /** Lists all non-deleted WorkforcePoolProviders in a WorkforcePool. If `show_deleted` is set to `true`, then deleted providers are also listed. */
196
+ await gapi.client.iam.locations.workforcePools.providers.list({
197
+ pageSize: 42,
198
+ pageToken: "Test string",
199
+ parent: "Test string",
200
+ showDeleted: true,
201
+ });
202
+ /** Updates an existing WorkforcePoolProvider. */
203
+ await gapi.client.iam.locations.workforcePools.providers.patch({
204
+ name: "Test string",
205
+ updateMask: "Test string",
206
+ }, {
207
+ attributeCondition: "Test string",
208
+ attributeMapping: {
209
+ A: "Test string"
210
+ },
211
+ description: "Test string",
212
+ disabled: true,
213
+ displayName: "Test string",
214
+ name: "Test string",
215
+ oidc: {
216
+ clientId: "Test string",
217
+ issuerUri: "Test string",
218
+ },
219
+ saml: {
220
+ idpMetadataXml: "Test string",
221
+ },
222
+ state: "Test string",
223
+ });
224
+ /** Undeletes a WorkforcePoolProvider, as long as it was deleted fewer than 30 days ago. */
225
+ await gapi.client.iam.locations.workforcePools.providers.undelete({
226
+ name: "Test string",
227
+ }, {
228
+ });
58
229
  /** Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. */
59
230
  await gapi.client.iam.locations.workforcePools.providers.keys.operations.get({
60
231
  name: "Test string",
@@ -63,6 +234,20 @@ gapi.load('client', async () => {
63
234
  await gapi.client.iam.locations.workforcePools.providers.operations.get({
64
235
  name: "Test string",
65
236
  });
237
+ /**
238
+ * Deletes a WorkforcePoolSubject. Subject must not already be in a deleted state. A WorkforcePoolSubject is automatically created the first time an external credential is exchanged for a
239
+ * Google Cloud credential with a mapped `google.subject` attribute. There is no path to manually create WorkforcePoolSubjects. Once deleted, the WorkforcePoolSubject may not be used for
240
+ * 30 days. After 30 days, the WorkforcePoolSubject will be deleted forever and can be reused in token exchanges with Google Cloud STS. This will automatically create a new
241
+ * WorkforcePoolSubject that is independent of the previously deleted WorkforcePoolSubject with the same google.subject value.
242
+ */
243
+ await gapi.client.iam.locations.workforcePools.subjects.delete({
244
+ name: "Test string",
245
+ });
246
+ /** Undeletes a WorkforcePoolSubject, as long as it was deleted fewer than 30 days ago. */
247
+ await gapi.client.iam.locations.workforcePools.subjects.undelete({
248
+ name: "Test string",
249
+ }, {
250
+ });
66
251
  /** Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. */
67
252
  await gapi.client.iam.locations.workforcePools.subjects.operations.get({
68
253
  name: "Test string",