iampolicymanagementv1

package
v0.31.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 17, 2023 License: Apache-2.0 Imports: 9 Imported by: 22

Documentation

Overview

Package iampolicymanagementv1 : Operations and models for the IamPolicyManagementV1 service

Index

Constants

View Source 
const (
	ListPoliciesOptionsTypeAccessConst        = "access"
	ListPoliciesOptionsTypeAuthorizationConst = "authorization"
)

Constants associated with the ListPoliciesOptions.Type property. Optional type of policy.

View Source 
const (
	ListPoliciesOptionsServiceTypePlatformServiceConst = "platform_service"
	ListPoliciesOptionsServiceTypeServiceConst         = "service"
)

Constants associated with the ListPoliciesOptions.ServiceType property. Optional type of service.

View Source 
const (
	ListPoliciesOptionsSortCreatedAtConst        = "created_at"
	ListPoliciesOptionsSortCreatedByIDConst      = "created_by_id"
	ListPoliciesOptionsSortHrefConst             = "href"
	ListPoliciesOptionsSortIDConst               = "id"
	ListPoliciesOptionsSortLastModifiedAtConst   = "last_modified_at"
	ListPoliciesOptionsSortLastModifiedByIDConst = "last_modified_by_id"
	ListPoliciesOptionsSortStateConst            = "state"
	ListPoliciesOptionsSortTypeConst             = "type"
)

Constants associated with the ListPoliciesOptions.Sort property. Optional top level policy field to sort results. Ascending sort is default. Descending sort available by prepending '-' to field. Example '-last_modified_at'.

View Source 
const (
	ListPoliciesOptionsFormatDisplayConst           = "display"
	ListPoliciesOptionsFormatIncludeLastPermitConst = "include_last_permit"
)

Constants associated with the ListPoliciesOptions.Format property. Include additional data per policy returned * `include_last_permit` - returns details of when the policy last granted a permit decision and the number of times it has done so * `display` - returns the list of all actions included in each of the policy roles.

View Source 
const (
	ListPoliciesOptionsStateActiveConst  = "active"
	ListPoliciesOptionsStateDeletedConst = "deleted"
)

Constants associated with the ListPoliciesOptions.State property. The state of the policy. * `active` - returns active policies * `deleted` - returns non-active policies.

View Source 
const (
	PatchPolicyOptionsStateActiveConst  = "active"
	PatchPolicyOptionsStateDeletedConst = "deleted"
)

Constants associated with the PatchPolicyOptions.State property. The policy state.

View Source 
const (
	V2ListPoliciesOptionsTypeAccessConst        = "access"
	V2ListPoliciesOptionsTypeAuthorizationConst = "authorization"
)

Constants associated with the V2ListPoliciesOptions.Type property. Optional type of policy.

View Source 
const (
	V2ListPoliciesOptionsServiceTypePlatformServiceConst = "platform_service"
	V2ListPoliciesOptionsServiceTypeServiceConst         = "service"
)

Constants associated with the V2ListPoliciesOptions.ServiceType property. Optional type of service.

View Source 
const (
	V2ListPoliciesOptionsFormatDisplayConst           = "display"
	V2ListPoliciesOptionsFormatIncludeLastPermitConst = "include_last_permit"
)

Constants associated with the V2ListPoliciesOptions.Format property. Include additional data per policy returned * `include_last_permit` - returns details of when the policy last granted a permit decision and the number of times it has done so * `display` - returns the list of all actions included in each of the policy roles and translations for all relevant fields.

View Source 
const (
	V2ListPoliciesOptionsStateActiveConst  = "active"
	V2ListPoliciesOptionsStateDeletedConst = "deleted"
)

Constants associated with the V2ListPoliciesOptions.State property. The state of the policy. * `active` - returns active policies * `deleted` - returns non-active policies.

View Source 
const (
	PolicyStateActiveConst  = "active"
	PolicyStateDeletedConst = "deleted"
)

Constants associated with the Policy.State property. The policy state.

View Source 
const (
	V2PolicyStateActiveConst  = "active"
	V2PolicyStateDeletedConst = "deleted"
)

Constants associated with the V2Policy.State property. The policy state.

View Source 
const (
	V2PolicyBaseRuleV2RuleWithConditionsOperatorAndConst = "and"
	V2PolicyBaseRuleV2RuleWithConditionsOperatorOrConst  = "or"
)

Constants associated with the V2PolicyBaseRuleV2RuleWithConditions.Operator property. Operator to evalute conditions.

View Source 
const DefaultServiceName = "iam_policy_management"

DefaultServiceName is the default key used to find external configuration information.

View Source 
const DefaultServiceURL = "https://iam.cloud.ibm.com"

DefaultServiceURL is the default URL to make service requests to.

Variables

This section is empty.

Functions

func GetServiceURLForRegion added in v0.17.2 

func GetServiceURLForRegion(region string) (string, error)

GetServiceURLForRegion returns the service URL to be used for the specified region

func UnmarshalCustomRole 

func UnmarshalCustomRole(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalCustomRole unmarshals an instance of CustomRole from the specified map of raw messages.

func UnmarshalPolicy 

func UnmarshalPolicy(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalPolicy unmarshals an instance of Policy from the specified map of raw messages.

func UnmarshalPolicyList 

func UnmarshalPolicyList(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalPolicyList unmarshals an instance of PolicyList from the specified map of raw messages.

func UnmarshalPolicyResource 

func UnmarshalPolicyResource(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalPolicyResource unmarshals an instance of PolicyResource from the specified map of raw messages.

func UnmarshalPolicyRole 

func UnmarshalPolicyRole(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalPolicyRole unmarshals an instance of PolicyRole from the specified map of raw messages.

func UnmarshalPolicySubject 

func UnmarshalPolicySubject(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalPolicySubject unmarshals an instance of PolicySubject from the specified map of raw messages.

func UnmarshalResourceAttribute 

func UnmarshalResourceAttribute(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalResourceAttribute unmarshals an instance of ResourceAttribute from the specified map of raw messages.

func UnmarshalResourceTag added in v0.17.15 

func UnmarshalResourceTag(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalResourceTag unmarshals an instance of ResourceTag from the specified map of raw messages.

func UnmarshalRole 

func UnmarshalRole(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalRole unmarshals an instance of Role from the specified map of raw messages.

func UnmarshalRoleList 

func UnmarshalRoleList(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalRoleList unmarshals an instance of RoleList from the specified map of raw messages.

func UnmarshalSubjectAttribute 

func UnmarshalSubjectAttribute(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalSubjectAttribute unmarshals an instance of SubjectAttribute from the specified map of raw messages.

func UnmarshalV2Policy added in v0.30.0 

func UnmarshalV2Policy(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2Policy unmarshals an instance of V2Policy from the specified map of raw messages.

func UnmarshalV2PolicyAttribute added in v0.30.0 

func UnmarshalV2PolicyAttribute(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyAttribute unmarshals an instance of V2PolicyAttribute from the specified map of raw messages.

func UnmarshalV2PolicyBaseControl added in v0.30.0 

func UnmarshalV2PolicyBaseControl(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyBaseControl unmarshals an instance of V2PolicyBaseControl from the specified map of raw messages.

func UnmarshalV2PolicyBaseControlGrant added in v0.30.0 

func UnmarshalV2PolicyBaseControlGrant(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyBaseControlGrant unmarshals an instance of V2PolicyBaseControlGrant from the specified map of raw messages.

func UnmarshalV2PolicyBaseResource added in v0.30.0 

func UnmarshalV2PolicyBaseResource(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyBaseResource unmarshals an instance of V2PolicyBaseResource from the specified map of raw messages.

func UnmarshalV2PolicyBaseRule added in v0.30.0 

func UnmarshalV2PolicyBaseRule(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyBaseRule unmarshals an instance of V2PolicyBaseRule from the specified map of raw messages.

func UnmarshalV2PolicyBaseRuleV2PolicyAttribute added in v0.30.0 

func UnmarshalV2PolicyBaseRuleV2PolicyAttribute(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyBaseRuleV2PolicyAttribute unmarshals an instance of V2PolicyBaseRuleV2PolicyAttribute from the specified map of raw messages.

func UnmarshalV2PolicyBaseRuleV2RuleWithConditions added in v0.30.0 

func UnmarshalV2PolicyBaseRuleV2RuleWithConditions(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyBaseRuleV2RuleWithConditions unmarshals an instance of V2PolicyBaseRuleV2RuleWithConditions from the specified map of raw messages.

func UnmarshalV2PolicyBaseSubject added in v0.30.0 

func UnmarshalV2PolicyBaseSubject(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyBaseSubject unmarshals an instance of V2PolicyBaseSubject from the specified map of raw messages.

func UnmarshalV2PolicyList added in v0.30.0 

func UnmarshalV2PolicyList(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyList unmarshals an instance of V2PolicyList from the specified map of raw messages.

Types

type CreatePolicyOptions 

type CreatePolicyOptions struct {
	// The policy type; either 'access' or 'authorization'.
	Type *string `json:"type" validate:"required"`

	// The subjects associated with a policy.
	Subjects []PolicySubject `json:"subjects" validate:"required"`

	// A set of role cloud resource names (CRNs) granted by the policy.
	Roles []PolicyRole `json:"roles" validate:"required"`

	// The resources associated with a policy.
	Resources []PolicyResource `json:"resources" validate:"required"`

	// Customer-defined description.
	Description *string `json:"description,omitempty"`

	// Language code for translations
	// * `default` - English
	// * `de` -  German (Standard)
	// * `en` - English
	// * `es` - Spanish (Spain)
	// * `fr` - French (Standard)
	// * `it` - Italian (Standard)
	// * `ja` - Japanese
	// * `ko` - Korean
	// * `pt-br` - Portuguese (Brazil)
	// * `zh-cn` - Chinese (Simplified, PRC)
	// * `zh-tw` - (Chinese, Taiwan).
	AcceptLanguage *string `json:"Accept-Language,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

CreatePolicyOptions : The CreatePolicy options.

func (*CreatePolicyOptions) SetAcceptLanguage 

func (_options *CreatePolicyOptions) SetAcceptLanguage(acceptLanguage string) *CreatePolicyOptions

SetAcceptLanguage : Allow user to set AcceptLanguage

func (*CreatePolicyOptions) SetDescription added in v0.17.2 

func (_options *CreatePolicyOptions) SetDescription(description string) *CreatePolicyOptions

SetDescription : Allow user to set Description

func (*CreatePolicyOptions) SetHeaders 

func (options *CreatePolicyOptions) SetHeaders(param map[string]string) *CreatePolicyOptions

SetHeaders : Allow user to set Headers

func (*CreatePolicyOptions) SetResources 

func (_options *CreatePolicyOptions) SetResources(resources []PolicyResource) *CreatePolicyOptions

SetResources : Allow user to set Resources

func (*CreatePolicyOptions) SetRoles 

func (_options *CreatePolicyOptions) SetRoles(roles []PolicyRole) *CreatePolicyOptions

SetRoles : Allow user to set Roles

func (*CreatePolicyOptions) SetSubjects 

func (_options *CreatePolicyOptions) SetSubjects(subjects []PolicySubject) *CreatePolicyOptions

SetSubjects : Allow user to set Subjects

func (*CreatePolicyOptions) SetType 

func (_options *CreatePolicyOptions) SetType(typeVar string) *CreatePolicyOptions

SetType : Allow user to set Type

type CreateRoleOptions 

type CreateRoleOptions struct {
	// The display name of the role that is shown in the console.
	DisplayName *string `json:"display_name" validate:"required"`

	// The actions of the role. Please refer to [IAM roles and
	// actions](https://cloud.ibm.com/docs/account?topic=account-iam-service-roles-actions).
	Actions []string `json:"actions" validate:"required"`

	// The name of the role that is used in the CRN. Can only be alphanumeric and has to be capitalized.
	Name *string `json:"name" validate:"required"`

	// The account GUID.
	AccountID *string `json:"account_id" validate:"required"`

	// The service name.
	ServiceName *string `json:"service_name" validate:"required"`

	// The description of the role.
	Description *string `json:"description,omitempty"`

	// Language code for translations
	// * `default` - English
	// * `de` -  German (Standard)
	// * `en` - English
	// * `es` - Spanish (Spain)
	// * `fr` - French (Standard)
	// * `it` - Italian (Standard)
	// * `ja` - Japanese
	// * `ko` - Korean
	// * `pt-br` - Portuguese (Brazil)
	// * `zh-cn` - Chinese (Simplified, PRC)
	// * `zh-tw` - (Chinese, Taiwan).
	AcceptLanguage *string `json:"Accept-Language,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

CreateRoleOptions : The CreateRole options.

func (*CreateRoleOptions) SetAcceptLanguage 

func (_options *CreateRoleOptions) SetAcceptLanguage(acceptLanguage string) *CreateRoleOptions

SetAcceptLanguage : Allow user to set AcceptLanguage

func (*CreateRoleOptions) SetAccountID 

func (_options *CreateRoleOptions) SetAccountID(accountID string) *CreateRoleOptions

SetAccountID : Allow user to set AccountID

func (*CreateRoleOptions) SetActions 

func (_options *CreateRoleOptions) SetActions(actions []string) *CreateRoleOptions

SetActions : Allow user to set Actions

func (*CreateRoleOptions) SetDescription 

func (_options *CreateRoleOptions) SetDescription(description string) *CreateRoleOptions

SetDescription : Allow user to set Description

func (*CreateRoleOptions) SetDisplayName 

func (_options *CreateRoleOptions) SetDisplayName(displayName string) *CreateRoleOptions

SetDisplayName : Allow user to set DisplayName

func (*CreateRoleOptions) SetHeaders 

func (options *CreateRoleOptions) SetHeaders(param map[string]string) *CreateRoleOptions

SetHeaders : Allow user to set Headers

func (*CreateRoleOptions) SetName 

func (_options *CreateRoleOptions) SetName(name string) *CreateRoleOptions

SetName : Allow user to set Name

func (*CreateRoleOptions) SetServiceName 

func (_options *CreateRoleOptions) SetServiceName(serviceName string) *CreateRoleOptions

SetServiceName : Allow user to set ServiceName

type CustomRole 

type CustomRole struct {
	// The role ID. Composed of hexadecimal characters.
	ID *string `json:"id,omitempty"`

	// The display name of the role that is shown in the console.
	DisplayName *string `json:"display_name,omitempty"`

	// The description of the role.
	Description *string `json:"description,omitempty"`

	// The actions of the role. Please refer to [IAM roles and
	// actions](https://cloud.ibm.com/docs/account?topic=account-iam-service-roles-actions).
	Actions []string `json:"actions,omitempty"`

	// The role Cloud Resource Name (CRN). Example CRN:
	// 'crn:v1:ibmcloud:public:iam-access-management::a/exampleAccountId::customRole:ExampleRoleName'.
	CRN *string `json:"crn,omitempty"`

	// The name of the role that is used in the CRN. Can only be alphanumeric and has to be capitalized.
	Name *string `json:"name,omitempty"`

	// The account GUID.
	AccountID *string `json:"account_id,omitempty"`

	// The service name.
	ServiceName *string `json:"service_name,omitempty"`

	// The UTC timestamp when the role was created.
	CreatedAt *strfmt.DateTime `json:"created_at,omitempty"`

	// The iam ID of the entity that created the role.
	CreatedByID *string `json:"created_by_id,omitempty"`

	// The UTC timestamp when the role was last modified.
	LastModifiedAt *strfmt.DateTime `json:"last_modified_at,omitempty"`

	// The iam ID of the entity that last modified the policy.
	LastModifiedByID *string `json:"last_modified_by_id,omitempty"`

	// The href link back to the role.
	Href *string `json:"href,omitempty"`
}

CustomRole : An additional set of properties associated with a role.

type DeletePolicyOptions 

type DeletePolicyOptions struct {
	// The policy ID.
	PolicyID *string `json:"policy_id" validate:"required,ne="`

	// Allows users to set headers on API requests
	Headers map[string]string
}

DeletePolicyOptions : The DeletePolicy options.

func (*DeletePolicyOptions) SetHeaders 

func (options *DeletePolicyOptions) SetHeaders(param map[string]string) *DeletePolicyOptions

SetHeaders : Allow user to set Headers

func (*DeletePolicyOptions) SetPolicyID 

func (_options *DeletePolicyOptions) SetPolicyID(policyID string) *DeletePolicyOptions

SetPolicyID : Allow user to set PolicyID

type DeleteRoleOptions 

type DeleteRoleOptions struct {
	// The role ID.
	RoleID *string `json:"role_id" validate:"required,ne="`

	// Allows users to set headers on API requests
	Headers map[string]string
}

DeleteRoleOptions : The DeleteRole options.

func (*DeleteRoleOptions) SetHeaders 

func (options *DeleteRoleOptions) SetHeaders(param map[string]string) *DeleteRoleOptions

SetHeaders : Allow user to set Headers

func (*DeleteRoleOptions) SetRoleID 

func (_options *DeleteRoleOptions) SetRoleID(roleID string) *DeleteRoleOptions

SetRoleID : Allow user to set RoleID

type GetPolicyOptions 

type GetPolicyOptions struct {
	// The policy ID.
	PolicyID *string `json:"policy_id" validate:"required,ne="`

	// Allows users to set headers on API requests
	Headers map[string]string
}

GetPolicyOptions : The GetPolicy options.

func (*GetPolicyOptions) SetHeaders 

func (options *GetPolicyOptions) SetHeaders(param map[string]string) *GetPolicyOptions

SetHeaders : Allow user to set Headers

func (*GetPolicyOptions) SetPolicyID 

func (_options *GetPolicyOptions) SetPolicyID(policyID string) *GetPolicyOptions

SetPolicyID : Allow user to set PolicyID

type GetRoleOptions 

type GetRoleOptions struct {
	// The role ID.
	RoleID *string `json:"role_id" validate:"required,ne="`

	// Allows users to set headers on API requests
	Headers map[string]string
}

GetRoleOptions : The GetRole options.

func (*GetRoleOptions) SetHeaders 

func (options *GetRoleOptions) SetHeaders(param map[string]string) *GetRoleOptions

SetHeaders : Allow user to set Headers

func (*GetRoleOptions) SetRoleID 

func (_options *GetRoleOptions) SetRoleID(roleID string) *GetRoleOptions

SetRoleID : Allow user to set RoleID

type IamPolicyManagementV1 

type IamPolicyManagementV1 struct {
	Service *core.BaseService
}

IamPolicyManagementV1 : IAM Policy Management API

API Version: 1.0.1

func NewIamPolicyManagementV1 

func NewIamPolicyManagementV1(options *IamPolicyManagementV1Options) (service *IamPolicyManagementV1, err error)

NewIamPolicyManagementV1 : constructs an instance of IamPolicyManagementV1 with passed in options.

func NewIamPolicyManagementV1UsingExternalConfig 

func NewIamPolicyManagementV1UsingExternalConfig(options *IamPolicyManagementV1Options) (iamPolicyManagement *IamPolicyManagementV1, err error)

NewIamPolicyManagementV1UsingExternalConfig : constructs an instance of IamPolicyManagementV1 with passed in options and external configuration.

func (*IamPolicyManagementV1) Clone added in v0.17.2 

func (iamPolicyManagement *IamPolicyManagementV1) Clone() *IamPolicyManagementV1

Clone makes a copy of "iamPolicyManagement" suitable for processing requests.

func (*IamPolicyManagementV1) CreatePolicy 

func (iamPolicyManagement *IamPolicyManagementV1) CreatePolicy(createPolicyOptions *CreatePolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

CreatePolicy : Create a policy Creates a policy to grant access between a subject and a resource. There are two types of policies: **access** and **authorization**. A policy administrator might want to create an access policy which grants access to a user, service-id, or an access group. They might also want to create an authorization policy and setup access between services.

### Access

To create an access policy, use **`"type": "access"`** in the body. The possible subject attributes are **`iam_id`** and **`access_group_id`**. Use the **`iam_id`** subject attribute for assigning access for a user or service-id. Use the **`access_group_id`** subject attribute for assigning access for an access group. The roles must be a subset of a service's or the platform's supported roles. The resource attributes must be a subset of a service's or the platform's supported attributes. The policy resource must include either the **`serviceType`**, **`serviceName`**, **`resourceGroupId`** or **`service_group_id`** attribute and the **`accountId`** attribute.` The IAM Services group (`IAM`) is a subset of account management services that includes the IAM platform services IAM Identity, IAM Access Management, IAM Users Management, IAM Groups, and future IAM services. If the subject is a locked service-id, the request will fail.

### Authorization

Authorization policies are supported by services on a case by case basis. Refer to service documentation to verify their support of authorization policies. To create an authorization policy, use **`"type": "authorization"`** in the body. The subject attributes must match the supported authorization subjects of the resource. Multiple subject attributes might be provided. The following attributes are supported: 

serviceName, serviceInstance, region, resourceType, resource, accountId The policy roles must be a subset of the

supported authorization roles supported by the target service. The user must also have the same level of access or greater to the target resource in order to grant the role. The resource attributes must be a subset of a service's or the platform's supported attributes. Both the policy subject and the policy resource must include the **`serviceName`** and **`accountId`** attributes.

### Attribute Operators

Currently, only the `stringEquals` and the `stringMatch` operators are available. Resource attributes may support one or both operators. For more information, see [how to assign access by using wildcards policies](https://cloud.ibm.com/docs/account?topic=account-wildcard).

### Attribute Validations

Policy attribute values must be between 1 and 1,000 characters in length. If location related attributes like geography, country, metro, region, satellite, and locationvalues are supported by the service, they are validated against Global Catalog locations.

func (*IamPolicyManagementV1) CreatePolicyWithContext added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) CreatePolicyWithContext(ctx context.Context, createPolicyOptions *CreatePolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

CreatePolicyWithContext is an alternate form of the CreatePolicy method which supports a Context parameter

func (*IamPolicyManagementV1) CreateRole 

func (iamPolicyManagement *IamPolicyManagementV1) CreateRole(createRoleOptions *CreateRoleOptions) (result *CustomRole, response *core.DetailedResponse, err error)

CreateRole : Create a role Creates a custom role for a specific service within the account. An account owner or a user assigned the Administrator role on the Role management service can create a custom role. Any number of actions for a single service can be mapped to the new role, but there must be at least one service-defined action to successfully create the new role.

func (*IamPolicyManagementV1) CreateRoleWithContext added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) CreateRoleWithContext(ctx context.Context, createRoleOptions *CreateRoleOptions) (result *CustomRole, response *core.DetailedResponse, err error)

CreateRoleWithContext is an alternate form of the CreateRole method which supports a Context parameter

func (*IamPolicyManagementV1) DeletePolicy 

func (iamPolicyManagement *IamPolicyManagementV1) DeletePolicy(deletePolicyOptions *DeletePolicyOptions) (response *core.DetailedResponse, err error)

DeletePolicy : Delete a policy by ID Delete a policy by providing a policy ID. A policy cannot be deleted if the subject ID contains a locked service ID. If the subject of the policy is a locked service-id, the request will fail.

func (*IamPolicyManagementV1) DeletePolicyWithContext added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) DeletePolicyWithContext(ctx context.Context, deletePolicyOptions *DeletePolicyOptions) (response *core.DetailedResponse, err error)

DeletePolicyWithContext is an alternate form of the DeletePolicy method which supports a Context parameter

func (*IamPolicyManagementV1) DeleteRole 

func (iamPolicyManagement *IamPolicyManagementV1) DeleteRole(deleteRoleOptions *DeleteRoleOptions) (response *core.DetailedResponse, err error)

DeleteRole : Delete a role by ID Delete a role by providing a role ID.

func (*IamPolicyManagementV1) DeleteRoleWithContext added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) DeleteRoleWithContext(ctx context.Context, deleteRoleOptions *DeleteRoleOptions) (response *core.DetailedResponse, err error)

DeleteRoleWithContext is an alternate form of the DeleteRole method which supports a Context parameter

func (*IamPolicyManagementV1) DisableRetries added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) DisableRetries()

DisableRetries disables automatic retries for requests invoked for this service instance.

func (*IamPolicyManagementV1) EnableRetries added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) EnableRetries(maxRetries int, maxRetryInterval time.Duration)

EnableRetries enables automatic retries for requests invoked for this service instance. If either parameter is specified as 0, then a default value is used instead.

func (*IamPolicyManagementV1) GetEnableGzipCompression added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) GetEnableGzipCompression() bool

GetEnableGzipCompression returns the service's EnableGzipCompression field

func (*IamPolicyManagementV1) GetPolicy 

func (iamPolicyManagement *IamPolicyManagementV1) GetPolicy(getPolicyOptions *GetPolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

GetPolicy : Retrieve a policy by ID Retrieve a policy by providing a policy ID.

func (*IamPolicyManagementV1) GetPolicyWithContext added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) GetPolicyWithContext(ctx context.Context, getPolicyOptions *GetPolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

GetPolicyWithContext is an alternate form of the GetPolicy method which supports a Context parameter

func (*IamPolicyManagementV1) GetRole 

func (iamPolicyManagement *IamPolicyManagementV1) GetRole(getRoleOptions *GetRoleOptions) (result *CustomRole, response *core.DetailedResponse, err error)

GetRole : Retrieve a role by ID Retrieve a role by providing a role ID.

func (*IamPolicyManagementV1) GetRoleWithContext added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) GetRoleWithContext(ctx context.Context, getRoleOptions *GetRoleOptions) (result *CustomRole, response *core.DetailedResponse, err error)

GetRoleWithContext is an alternate form of the GetRole method which supports a Context parameter

func (*IamPolicyManagementV1) GetServiceURL added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) GetServiceURL() string

GetServiceURL returns the service URL

func (*IamPolicyManagementV1) ListPolicies 

func (iamPolicyManagement *IamPolicyManagementV1) ListPolicies(listPoliciesOptions *ListPoliciesOptions) (result *PolicyList, response *core.DetailedResponse, err error)

ListPolicies : Get policies by attributes Get policies and filter by attributes. While managing policies, you may want to retrieve policies in the account and filter by attribute values. This can be done through query parameters. Currently, only the following attributes are supported: account_id, iam_id, access_group_id, type, service_type, sort, format and state. account_id is a required query parameter. Only policies that have the specified attributes and that the caller has read access to are returned. If the caller does not have read access to any policies an empty array is returned.

func (*IamPolicyManagementV1) ListPoliciesWithContext added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) ListPoliciesWithContext(ctx context.Context, listPoliciesOptions *ListPoliciesOptions) (result *PolicyList, response *core.DetailedResponse, err error)

ListPoliciesWithContext is an alternate form of the ListPolicies method which supports a Context parameter

func (*IamPolicyManagementV1) ListRoles 

func (iamPolicyManagement *IamPolicyManagementV1) ListRoles(listRolesOptions *ListRolesOptions) (result *RoleList, response *core.DetailedResponse, err error)

ListRoles : Get roles by filters Get roles based on the filters. While managing roles, you may want to retrieve roles and filter by usages. This can be done through query parameters. Currently, we only support the following attributes: account_id, service_name, source_service_name and policy_type. Only roles that match the filter and that the caller has read access to are returned. If the caller does not have read access to any roles an empty array is returned.

func (*IamPolicyManagementV1) ListRolesWithContext added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) ListRolesWithContext(ctx context.Context, listRolesOptions *ListRolesOptions) (result *RoleList, response *core.DetailedResponse, err error)

ListRolesWithContext is an alternate form of the ListRoles method which supports a Context parameter

func (*IamPolicyManagementV1) NewCreatePolicyOptions 

func (*IamPolicyManagementV1) NewCreatePolicyOptions(typeVar string, subjects []PolicySubject, roles []PolicyRole, resources []PolicyResource) *CreatePolicyOptions

NewCreatePolicyOptions : Instantiate CreatePolicyOptions

func (*IamPolicyManagementV1) NewCreateRoleOptions 

func (*IamPolicyManagementV1) NewCreateRoleOptions(displayName string, actions []string, name string, accountID string, serviceName string) *CreateRoleOptions

NewCreateRoleOptions : Instantiate CreateRoleOptions

func (*IamPolicyManagementV1) NewDeletePolicyOptions 

func (*IamPolicyManagementV1) NewDeletePolicyOptions(policyID string) *DeletePolicyOptions

NewDeletePolicyOptions : Instantiate DeletePolicyOptions

func (*IamPolicyManagementV1) NewDeleteRoleOptions 

func (*IamPolicyManagementV1) NewDeleteRoleOptions(roleID string) *DeleteRoleOptions

NewDeleteRoleOptions : Instantiate DeleteRoleOptions

func (*IamPolicyManagementV1) NewGetPolicyOptions 

func (*IamPolicyManagementV1) NewGetPolicyOptions(policyID string) *GetPolicyOptions

NewGetPolicyOptions : Instantiate GetPolicyOptions

func (*IamPolicyManagementV1) NewGetRoleOptions 

func (*IamPolicyManagementV1) NewGetRoleOptions(roleID string) *GetRoleOptions

NewGetRoleOptions : Instantiate GetRoleOptions

func (*IamPolicyManagementV1) NewListPoliciesOptions 

func (*IamPolicyManagementV1) NewListPoliciesOptions(accountID string) *ListPoliciesOptions

NewListPoliciesOptions : Instantiate ListPoliciesOptions

func (*IamPolicyManagementV1) NewListRolesOptions 

func (*IamPolicyManagementV1) NewListRolesOptions() *ListRolesOptions

NewListRolesOptions : Instantiate ListRolesOptions

func (*IamPolicyManagementV1) NewPatchPolicyOptions added in v0.18.5 

func (*IamPolicyManagementV1) NewPatchPolicyOptions(policyID string, ifMatch string) *PatchPolicyOptions

NewPatchPolicyOptions : Instantiate PatchPolicyOptions

func (*IamPolicyManagementV1) NewPolicyRole 

func (*IamPolicyManagementV1) NewPolicyRole(roleID string) (_model *PolicyRole, err error)

NewPolicyRole : Instantiate PolicyRole (Generic Model Constructor)

func (*IamPolicyManagementV1) NewResourceAttribute 

func (*IamPolicyManagementV1) NewResourceAttribute(name string, value string) (_model *ResourceAttribute, err error)

NewResourceAttribute : Instantiate ResourceAttribute (Generic Model Constructor)

func (*IamPolicyManagementV1) NewResourceTag added in v0.17.15 

func (*IamPolicyManagementV1) NewResourceTag(name string, value string) (_model *ResourceTag, err error)

NewResourceTag : Instantiate ResourceTag (Generic Model Constructor)

func (*IamPolicyManagementV1) NewSubjectAttribute 

func (*IamPolicyManagementV1) NewSubjectAttribute(name string, value string) (_model *SubjectAttribute, err error)

NewSubjectAttribute : Instantiate SubjectAttribute (Generic Model Constructor)

func (*IamPolicyManagementV1) NewUpdatePolicyOptions 

func (*IamPolicyManagementV1) NewUpdatePolicyOptions(policyID string, ifMatch string, typeVar string, subjects []PolicySubject, roles []PolicyRole, resources []PolicyResource) *UpdatePolicyOptions

NewUpdatePolicyOptions : Instantiate UpdatePolicyOptions

func (*IamPolicyManagementV1) NewUpdateRoleOptions 

func (*IamPolicyManagementV1) NewUpdateRoleOptions(roleID string, ifMatch string) *UpdateRoleOptions

NewUpdateRoleOptions : Instantiate UpdateRoleOptions

func (*IamPolicyManagementV1) NewV2CreatePolicyOptions added in v0.30.0 

func (*IamPolicyManagementV1) NewV2CreatePolicyOptions(typeVar string, control *V2PolicyBaseControl) *V2CreatePolicyOptions

NewV2CreatePolicyOptions : Instantiate V2CreatePolicyOptions

func (*IamPolicyManagementV1) NewV2DeletePolicyOptions added in v0.30.0 

func (*IamPolicyManagementV1) NewV2DeletePolicyOptions(policyID string) *V2DeletePolicyOptions

NewV2DeletePolicyOptions : Instantiate V2DeletePolicyOptions

func (*IamPolicyManagementV1) NewV2GetPolicyOptions added in v0.30.0 

func (*IamPolicyManagementV1) NewV2GetPolicyOptions(policyID string) *V2GetPolicyOptions

NewV2GetPolicyOptions : Instantiate V2GetPolicyOptions

func (*IamPolicyManagementV1) NewV2ListPoliciesOptions added in v0.30.0 

func (*IamPolicyManagementV1) NewV2ListPoliciesOptions(accountID string) *V2ListPoliciesOptions

NewV2ListPoliciesOptions : Instantiate V2ListPoliciesOptions

func (*IamPolicyManagementV1) NewV2PolicyAttribute added in v0.30.0 

func (*IamPolicyManagementV1) NewV2PolicyAttribute(key string, operator string, value interface{}) (_model *V2PolicyAttribute, err error)

NewV2PolicyAttribute : Instantiate V2PolicyAttribute (Generic Model Constructor)

func (*IamPolicyManagementV1) NewV2PolicyBaseControl added in v0.30.0 

func (*IamPolicyManagementV1) NewV2PolicyBaseControl(grant *V2PolicyBaseControlGrant) (_model *V2PolicyBaseControl, err error)

NewV2PolicyBaseControl : Instantiate V2PolicyBaseControl (Generic Model Constructor)

func (*IamPolicyManagementV1) NewV2PolicyBaseControlGrant added in v0.30.0 

func (*IamPolicyManagementV1) NewV2PolicyBaseControlGrant(roles []PolicyRole) (_model *V2PolicyBaseControlGrant, err error)

NewV2PolicyBaseControlGrant : Instantiate V2PolicyBaseControlGrant (Generic Model Constructor)

func (*IamPolicyManagementV1) NewV2PolicyBaseRuleV2PolicyAttribute added in v0.30.0 

func (*IamPolicyManagementV1) NewV2PolicyBaseRuleV2PolicyAttribute(key string, operator string, value interface{}) (_model *V2PolicyBaseRuleV2PolicyAttribute, err error)

NewV2PolicyBaseRuleV2PolicyAttribute : Instantiate V2PolicyBaseRuleV2PolicyAttribute (Generic Model Constructor)

func (*IamPolicyManagementV1) NewV2PolicyBaseRuleV2RuleWithConditions added in v0.30.0 

func (*IamPolicyManagementV1) NewV2PolicyBaseRuleV2RuleWithConditions(operator string, conditions []V2PolicyAttribute) (_model *V2PolicyBaseRuleV2RuleWithConditions, err error)

NewV2PolicyBaseRuleV2RuleWithConditions : Instantiate V2PolicyBaseRuleV2RuleWithConditions (Generic Model Constructor)

func (*IamPolicyManagementV1) NewV2UpdatePolicyOptions added in v0.30.0 

func (*IamPolicyManagementV1) NewV2UpdatePolicyOptions(policyID string, ifMatch string, typeVar string, control *V2PolicyBaseControl) *V2UpdatePolicyOptions

NewV2UpdatePolicyOptions : Instantiate V2UpdatePolicyOptions

func (*IamPolicyManagementV1) PatchPolicy added in v0.18.5 

func (iamPolicyManagement *IamPolicyManagementV1) PatchPolicy(patchPolicyOptions *PatchPolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

PatchPolicy : Restore a deleted policy by ID Restore a policy that has recently been deleted. A policy administrator might want to restore a deleted policy. To restore a policy, use **`"state": "active"`** in the body.

func (*IamPolicyManagementV1) PatchPolicyWithContext added in v0.18.5 

func (iamPolicyManagement *IamPolicyManagementV1) PatchPolicyWithContext(ctx context.Context, patchPolicyOptions *PatchPolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

PatchPolicyWithContext is an alternate form of the PatchPolicy method which supports a Context parameter

func (*IamPolicyManagementV1) SetDefaultHeaders added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) SetDefaultHeaders(headers http.Header)

SetDefaultHeaders sets HTTP headers to be sent in every request

func (*IamPolicyManagementV1) SetEnableGzipCompression added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) SetEnableGzipCompression(enableGzip bool)

SetEnableGzipCompression sets the service's EnableGzipCompression field

func (*IamPolicyManagementV1) SetServiceURL 

func (iamPolicyManagement *IamPolicyManagementV1) SetServiceURL(url string) error

SetServiceURL sets the service URL

func (*IamPolicyManagementV1) UpdatePolicy 

func (iamPolicyManagement *IamPolicyManagementV1) UpdatePolicy(updatePolicyOptions *UpdatePolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

UpdatePolicy : Update a policy Update a policy to grant access between a subject and a resource. A policy administrator might want to update an existing policy. The policy type cannot be changed (You cannot change an access policy to an authorization policy).

### Access

To update an access policy, use **`"type": "access"`** in the body. The possible subject attributes are **`iam_id`** and **`access_group_id`**. Use the **`iam_id`** subject attribute for assigning access for a user or service-id. Use the **`access_group_id`** subject attribute for assigning access for an access group. The roles must be a subset of a service's or the platform's supported roles. The resource attributes must be a subset of a service's or the platform's supported attributes. The policy resource must include either the **`serviceType`**, **`serviceName`**, or **`resourceGroupId`** attribute and the **`accountId`** attribute.` If the subject is a locked service-id, the request will fail.

### Authorization

To update an authorization policy, use **`"type": "authorization"`** in the body. The subject attributes must match the supported authorization subjects of the resource. Multiple subject attributes might be provided. The following attributes are supported: 

serviceName, serviceInstance, region, resourceType, resource, accountId The policy roles must be a subset of the

supported authorization roles supported by the target service. The user must also have the same level of access or greater to the target resource in order to grant the role. The resource attributes must be a subset of a service's or the platform's supported attributes. Both the policy subject and the policy resource must include the **`serviceName`** and **`accountId`** attributes.

### Attribute Operators

Currently, only the `stringEquals` and the `stringMatch` operators are available. Resource attributes might support one or both operators. For more information, see [how to assign access by using wildcards policies](https://cloud.ibm.com/docs/account?topic=account-wildcard).

### Attribute Validations

Policy attribute values must be between 1 and 1,000 characters in length. If location related attributes like geography, country, metro, region, satellite, and locationvalues are supported by the service, they are validated against Global Catalog locations.

func (*IamPolicyManagementV1) UpdatePolicyWithContext added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) UpdatePolicyWithContext(ctx context.Context, updatePolicyOptions *UpdatePolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

UpdatePolicyWithContext is an alternate form of the UpdatePolicy method which supports a Context parameter

func (*IamPolicyManagementV1) UpdateRole 

func (iamPolicyManagement *IamPolicyManagementV1) UpdateRole(updateRoleOptions *UpdateRoleOptions) (result *CustomRole, response *core.DetailedResponse, err error)

UpdateRole : Update a role Update a custom role. A role administrator might want to update an existing role by updating the display name, description, or the actions that are mapped to the role. The name, account_id, and service_name can't be changed.

func (*IamPolicyManagementV1) UpdateRoleWithContext added in v0.12.2 

func (iamPolicyManagement *IamPolicyManagementV1) UpdateRoleWithContext(ctx context.Context, updateRoleOptions *UpdateRoleOptions) (result *CustomRole, response *core.DetailedResponse, err error)

UpdateRoleWithContext is an alternate form of the UpdateRole method which supports a Context parameter

func (*IamPolicyManagementV1) V2CreatePolicy added in v0.30.0 

func (iamPolicyManagement *IamPolicyManagementV1) V2CreatePolicy(v2CreatePolicyOptions *V2CreatePolicyOptions) (result *V2Policy, response *core.DetailedResponse, err error)

V2CreatePolicy : Create a policy Creates a policy to grant access between a subject and a resource. Currently, there is one type of a v2/policy: **access**. A policy administrator might want to create an access policy which grants access to a user, service-id, or an access group.

### Access

To create an access policy, use **`"type": "access"`** in the body. The possible subject attributes are **`iam_id`** and **`access_group_id`**. Use the **`iam_id`** subject attribute for assigning access for a user or service-id. Use the **`access_group_id`** subject attribute for assigning access for an access group. The roles must be a subset of a service's or the platform's supported roles. The resource attributes must be a subset of a service's or the platform's supported attributes. The policy resource must include either the **`serviceType`**, **`serviceName`**, **`resourceGroupId`** or **`service_group_id`** attribute and the **`accountId`** attribute.` The rule field can either specify single **`key`**, **`value`**, and **`operator`** or be set of **`conditions`** with a combination **`operator`**. The possible combination operator are **`and`** and **`or`**. The rule field has a maximum of 2 levels of nested **`conditions`**. The operator for a rule can be used to specify a time based restriction (e.g., access only during business hours, during the Monday-Friday work week). For example, a policy can grant access Monday-Friday, 9:00am-5:00pm using the following rule: ```json 

"rule": {
  "operator": "and",
  "conditions": [{
    "key": "{{environment.attributes.day_of_week}}",
    "operator": "dayOfWeekAnyOf",
    "value": [1, 2, 3, 4, 5]
  },
    "key": "{{environment.attributes.current_time}}",
    "operator": "timeGreaterThanOrEquals",
    "value": "09:00:00+00:00"
  },
    "key": "{{environment.attributes.current_time}}",
    "operator": "timeLessThanOrEquals",
    "value": "17:00:00+00:00"
  }]
}

``` Rules and conditions allow the following operators with **`key`**, **`value`** : ``` 

'timeLessThan', 'timeLessThanOrEquals', 'timeGreaterThan', 'timeGreaterThanOrEquals',
'dateLessThan', 'dateLessThanOrEquals', 'dateGreaterThan', 'dateGreaterThanOrEquals',
'dateTimeLessThan', 'dateTimeLessThanOrEquals', 'dateTimeGreaterThan', 'dateTimeGreaterThanOrEquals',
'dayOfWeekEquals', 'dayOfWeekAnyOf',
'monthEquals', 'monthAnyOf',
'dayOfMonthEquals', 'dayOfMonthAnyOf'

``` The pattern field can be coupled with a rule that matches the pattern. For the business hour rule example above, the **`pattern`** is **`"time-based-restrictions:weekly"`**. The IAM Services group (`IAM`) is a subset of account management services that includes the IAM platform services IAM Identity, IAM Access Management, IAM Users Management, IAM Groups, and future IAM services. If the subject is a locked service-id, the request will fail.

### Attribute Operators

Currently, only the `stringEquals`, `stringMatch`, and `stringEquals` operators are available. For more information, see [how to assign access by using wildcards policies](https://cloud.ibm.com/docs/account?topic=account-wildcard).

### Attribute Validations

Policy attribute values must be between 1 and 1,000 characters in length. If location related attributes like geography, country, metro, region, satellite, and locationvalues are supported by the service, they are validated against Global Catalog locations.

func (*IamPolicyManagementV1) V2CreatePolicyWithContext added in v0.30.0 

func (iamPolicyManagement *IamPolicyManagementV1) V2CreatePolicyWithContext(ctx context.Context, v2CreatePolicyOptions *V2CreatePolicyOptions) (result *V2Policy, response *core.DetailedResponse, err error)

V2CreatePolicyWithContext is an alternate form of the V2CreatePolicy method which supports a Context parameter

func (*IamPolicyManagementV1) V2DeletePolicy added in v0.30.0 

func (iamPolicyManagement *IamPolicyManagementV1) V2DeletePolicy(v2DeletePolicyOptions *V2DeletePolicyOptions) (response *core.DetailedResponse, err error)

V2DeletePolicy : Delete a policy by ID Delete a policy by providing a policy ID. A policy cannot be deleted if the subject ID contains a locked service ID. If the subject of the policy is a locked service-id, the request will fail.

func (*IamPolicyManagementV1) V2DeletePolicyWithContext added in v0.30.0 

func (iamPolicyManagement *IamPolicyManagementV1) V2DeletePolicyWithContext(ctx context.Context, v2DeletePolicyOptions *V2DeletePolicyOptions) (response *core.DetailedResponse, err error)

V2DeletePolicyWithContext is an alternate form of the V2DeletePolicy method which supports a Context parameter

func (*IamPolicyManagementV1) V2GetPolicy added in v0.30.0 

func (iamPolicyManagement *IamPolicyManagementV1) V2GetPolicy(v2GetPolicyOptions *V2GetPolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

V2GetPolicy : Retrieve a policy by ID Retrieve a policy by providing a policy ID.

func (*IamPolicyManagementV1) V2GetPolicyWithContext added in v0.30.0 

func (iamPolicyManagement *IamPolicyManagementV1) V2GetPolicyWithContext(ctx context.Context, v2GetPolicyOptions *V2GetPolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

V2GetPolicyWithContext is an alternate form of the V2GetPolicy method which supports a Context parameter

func (*IamPolicyManagementV1) V2ListPolicies added in v0.30.0 

func (iamPolicyManagement *IamPolicyManagementV1) V2ListPolicies(v2ListPoliciesOptions *V2ListPoliciesOptions) (result *V2PolicyList, response *core.DetailedResponse, err error)

V2ListPolicies : Get policies by attributes Get policies and filter by attributes. While managing policies, you may want to retrieve policies in the account and filter by attribute values. This can be done through query parameters. Currently, only the following attributes are supported: account_id, iam_id, access_group_id, type, service_type, sort, format and state. account_id is a required query parameter. Only policies that have the specified attributes and that the caller has read access to are returned. If the caller does not have read access to any policies an empty array is returned.

func (*IamPolicyManagementV1) V2ListPoliciesWithContext added in v0.30.0 

func (iamPolicyManagement *IamPolicyManagementV1) V2ListPoliciesWithContext(ctx context.Context, v2ListPoliciesOptions *V2ListPoliciesOptions) (result *V2PolicyList, response *core.DetailedResponse, err error)

V2ListPoliciesWithContext is an alternate form of the V2ListPolicies method which supports a Context parameter

func (*IamPolicyManagementV1) V2UpdatePolicy added in v0.30.0 

func (iamPolicyManagement *IamPolicyManagementV1) V2UpdatePolicy(v2UpdatePolicyOptions *V2UpdatePolicyOptions) (result *V2Policy, response *core.DetailedResponse, err error)

V2UpdatePolicy : Update a policy Update a policy to grant access between a subject and a resource. A policy administrator might want to update an existing policy.

### Access

To update an access policy, use **`"type": "access"`** in the body. The possible subject attributes are **`iam_id`** and **`access_group_id`**. Use the **`iam_id`** subject attribute for assigning access for a user or service-id. Use the **`access_group_id`** subject attribute for assigning access for an access group. The roles must be a subset of a service's or the platform's supported roles. The resource attributes must be a subset of a service's or the platform's supported attributes. The policy resource must include either the **`serviceType`**, **`serviceName`**, or **`resourceGroupId`** attribute and the **`accountId`** attribute.` The rule field can either specify single **`key`**, **`value`**, and **`operator`** or be set of **`conditions`** with a combination **`operator`**. The possible combination operator are **`and`** and **`or`**. The rule field has a maximum of 2 levels of nested **`conditions`**. The operator for a rule can be used to specify a time based restriction (e.g., access only during business hours, during the Monday-Friday work week). For example, a policy can grant access Monday-Friday, 9:00am-5:00pm using the following rule: ```json 

"rule": {
  "operator": "and",
  "conditions": [{
    "key": "{{environment.attributes.day_of_week}}",
    "operator": "dayOfWeekAnyOf",
    "value": [1, 2, 3, 4, 5]
  },
    "key": "{{environment.attributes.current_time}}",
    "operator": "timeGreaterThanOrEquals",
    "value": "09:00:00+00:00"
  },
    "key": "{{environment.attributes.current_time}}",
    "operator": "timeLessThanOrEquals",
    "value": "17:00:00+00:00"
  }]
}

``` Rules and conditions allow the following operators with **`key`**, **`value`** : ``` 

'timeLessThan', 'timeLessThanOrEquals', 'timeGreaterThan', 'timeGreaterThanOrEquals',
'dateLessThan', 'dateLessThanOrEquals', 'dateGreaterThan', 'dateGreaterThanOrEquals',
'dateTimeLessThan', 'dateTimeLessThanOrEquals', 'dateTimeGreaterThan', 'dateTimeGreaterThanOrEquals',
'dayOfWeekEquals', 'dayOfWeekAnyOf',
'monthEquals', 'monthAnyOf',
'dayOfMonthEquals', 'dayOfMonthAnyOf'

``` The pattern field can be coupled with a rule that matches the pattern. For the business hour rule example above, the **`pattern`** is **`"time-based-restrictions:weekly"`**. If the subject is a locked service-id, the request will fail.

### Attribute Operators

Currently, only the `stringEquals`, `stringMatch`, and `stringEquals` operators are available. For more information, see [how to assign access by using wildcards policies](https://cloud.ibm.com/docs/account?topic=account-wildcard).

### Attribute Validations

Policy attribute values must be between 1 and 1,000 characters in length. If location related attributes like geography, country, metro, region, satellite, and locationvalues are supported by the service, they are validated against Global Catalog locations.

func (*IamPolicyManagementV1) V2UpdatePolicyWithContext added in v0.30.0 

func (iamPolicyManagement *IamPolicyManagementV1) V2UpdatePolicyWithContext(ctx context.Context, v2UpdatePolicyOptions *V2UpdatePolicyOptions) (result *V2Policy, response *core.DetailedResponse, err error)

V2UpdatePolicyWithContext is an alternate form of the V2UpdatePolicy method which supports a Context parameter

type IamPolicyManagementV1Options 

type IamPolicyManagementV1Options struct {
	ServiceName   string
	URL           string
	Authenticator core.Authenticator
}

IamPolicyManagementV1Options : Service options

type ListPoliciesOptions 

type ListPoliciesOptions struct {
	// The account GUID in which the policies belong to.
	AccountID *string `json:"account_id" validate:"required"`

	// Language code for translations
	// * `default` - English
	// * `de` -  German (Standard)
	// * `en` - English
	// * `es` - Spanish (Spain)
	// * `fr` - French (Standard)
	// * `it` - Italian (Standard)
	// * `ja` - Japanese
	// * `ko` - Korean
	// * `pt-br` - Portuguese (Brazil)
	// * `zh-cn` - Chinese (Simplified, PRC)
	// * `zh-tw` - (Chinese, Taiwan).
	AcceptLanguage *string `json:"Accept-Language,omitempty"`

	// Optional IAM ID used to identify the subject.
	IamID *string `json:"iam_id,omitempty"`

	// Optional access group id.
	AccessGroupID *string `json:"access_group_id,omitempty"`

	// Optional type of policy.
	Type *string `json:"type,omitempty"`

	// Optional type of service.
	ServiceType *string `json:"service_type,omitempty"`

	// Optional name of the access management tag in the policy.
	TagName *string `json:"tag_name,omitempty"`

	// Optional value of the access management tag in the policy.
	TagValue *string `json:"tag_value,omitempty"`

	// Optional top level policy field to sort results. Ascending sort is default. Descending sort available by prepending
	// '-' to field. Example '-last_modified_at'.
	Sort *string `json:"sort,omitempty"`

	// Include additional data per policy returned
	// * `include_last_permit` - returns details of when the policy last granted a permit decision and the number of times
	// it has done so
	// * `display` - returns the list of all actions included in each of the policy roles.
	Format *string `json:"format,omitempty"`

	// The state of the policy.
	// * `active` - returns active policies
	// * `deleted` - returns non-active policies.
	State *string `json:"state,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

ListPoliciesOptions : The ListPolicies options.

func (*ListPoliciesOptions) SetAcceptLanguage 

func (_options *ListPoliciesOptions) SetAcceptLanguage(acceptLanguage string) *ListPoliciesOptions

SetAcceptLanguage : Allow user to set AcceptLanguage

func (*ListPoliciesOptions) SetAccessGroupID 

func (_options *ListPoliciesOptions) SetAccessGroupID(accessGroupID string) *ListPoliciesOptions

SetAccessGroupID : Allow user to set AccessGroupID

func (*ListPoliciesOptions) SetAccountID 

func (_options *ListPoliciesOptions) SetAccountID(accountID string) *ListPoliciesOptions

SetAccountID : Allow user to set AccountID

func (*ListPoliciesOptions) SetFormat added in v0.17.2 

func (_options *ListPoliciesOptions) SetFormat(format string) *ListPoliciesOptions

SetFormat : Allow user to set Format

func (*ListPoliciesOptions) SetHeaders 

func (options *ListPoliciesOptions) SetHeaders(param map[string]string) *ListPoliciesOptions

SetHeaders : Allow user to set Headers

func (*ListPoliciesOptions) SetIamID 

func (_options *ListPoliciesOptions) SetIamID(iamID string) *ListPoliciesOptions

SetIamID : Allow user to set IamID

func (*ListPoliciesOptions) SetServiceType 

func (_options *ListPoliciesOptions) SetServiceType(serviceType string) *ListPoliciesOptions

SetServiceType : Allow user to set ServiceType

func (*ListPoliciesOptions) SetSort added in v0.17.2 

func (_options *ListPoliciesOptions) SetSort(sort string) *ListPoliciesOptions

SetSort : Allow user to set Sort

func (*ListPoliciesOptions) SetState added in v0.18.5 

func (_options *ListPoliciesOptions) SetState(state string) *ListPoliciesOptions

SetState : Allow user to set State

func (*ListPoliciesOptions) SetTagName added in v0.17.15 

func (_options *ListPoliciesOptions) SetTagName(tagName string) *ListPoliciesOptions

SetTagName : Allow user to set TagName

func (*ListPoliciesOptions) SetTagValue added in v0.17.15 

func (_options *ListPoliciesOptions) SetTagValue(tagValue string) *ListPoliciesOptions

SetTagValue : Allow user to set TagValue

func (*ListPoliciesOptions) SetType 

func (_options *ListPoliciesOptions) SetType(typeVar string) *ListPoliciesOptions

SetType : Allow user to set Type

type ListRolesOptions 

type ListRolesOptions struct {
	// Language code for translations
	// * `default` - English
	// * `de` -  German (Standard)
	// * `en` - English
	// * `es` - Spanish (Spain)
	// * `fr` - French (Standard)
	// * `it` - Italian (Standard)
	// * `ja` - Japanese
	// * `ko` - Korean
	// * `pt-br` - Portuguese (Brazil)
	// * `zh-cn` - Chinese (Simplified, PRC)
	// * `zh-tw` - (Chinese, Taiwan).
	AcceptLanguage *string `json:"Accept-Language,omitempty"`

	// Optional account GUID in which the roles belong to.
	AccountID *string `json:"account_id,omitempty"`

	// Optional name of IAM enabled service.
	ServiceName *string `json:"service_name,omitempty"`

	// Optional name of source IAM enabled service.
	SourceServiceName *string `json:"source_service_name,omitempty"`

	// Optional Policy Type.
	PolicyType *string `json:"policy_type,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

ListRolesOptions : The ListRoles options.

func (*ListRolesOptions) SetAcceptLanguage 

func (_options *ListRolesOptions) SetAcceptLanguage(acceptLanguage string) *ListRolesOptions

SetAcceptLanguage : Allow user to set AcceptLanguage

func (*ListRolesOptions) SetAccountID 

func (_options *ListRolesOptions) SetAccountID(accountID string) *ListRolesOptions

SetAccountID : Allow user to set AccountID

func (*ListRolesOptions) SetHeaders 

func (options *ListRolesOptions) SetHeaders(param map[string]string) *ListRolesOptions

SetHeaders : Allow user to set Headers

func (*ListRolesOptions) SetPolicyType added in v0.22.0 

func (_options *ListRolesOptions) SetPolicyType(policyType string) *ListRolesOptions

SetPolicyType : Allow user to set PolicyType

func (*ListRolesOptions) SetServiceName 

func (_options *ListRolesOptions) SetServiceName(serviceName string) *ListRolesOptions

SetServiceName : Allow user to set ServiceName

func (*ListRolesOptions) SetSourceServiceName added in v0.22.0 

func (_options *ListRolesOptions) SetSourceServiceName(sourceServiceName string) *ListRolesOptions

SetSourceServiceName : Allow user to set SourceServiceName

type PatchPolicyOptions added in v0.18.5 

type PatchPolicyOptions struct {
	// The policy ID.
	PolicyID *string `json:"policy_id" validate:"required,ne="`

	// The revision number for updating a policy and must match the ETag value of the existing policy. The Etag can be
	// retrieved using the GET /v1/policies/{policy_id} API and looking at the ETag response header.
	IfMatch *string `json:"If-Match" validate:"required"`

	// The policy state.
	State *string `json:"state,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

PatchPolicyOptions : The PatchPolicy options.

func (*PatchPolicyOptions) SetHeaders added in v0.18.5 

func (options *PatchPolicyOptions) SetHeaders(param map[string]string) *PatchPolicyOptions

SetHeaders : Allow user to set Headers

func (*PatchPolicyOptions) SetIfMatch added in v0.18.5 

func (_options *PatchPolicyOptions) SetIfMatch(ifMatch string) *PatchPolicyOptions

SetIfMatch : Allow user to set IfMatch

func (*PatchPolicyOptions) SetPolicyID added in v0.18.5 

func (_options *PatchPolicyOptions) SetPolicyID(policyID string) *PatchPolicyOptions

SetPolicyID : Allow user to set PolicyID

func (*PatchPolicyOptions) SetState added in v0.18.5 

func (_options *PatchPolicyOptions) SetState(state string) *PatchPolicyOptions

SetState : Allow user to set State

type Policy 

type Policy struct {
	// The policy ID.
	ID *string `json:"id,omitempty"`

	// The policy type; either 'access' or 'authorization'.
	Type *string `json:"type,omitempty"`

	// Customer-defined description.
	Description *string `json:"description,omitempty"`

	// The subjects associated with a policy.
	Subjects []PolicySubject `json:"subjects,omitempty"`

	// A set of role cloud resource names (CRNs) granted by the policy.
	Roles []PolicyRole `json:"roles,omitempty"`

	// The resources associated with a policy.
	Resources []PolicyResource `json:"resources,omitempty"`

	// The href link back to the policy.
	Href *string `json:"href,omitempty"`

	// The UTC timestamp when the policy was created.
	CreatedAt *strfmt.DateTime `json:"created_at,omitempty"`

	// The iam ID of the entity that created the policy.
	CreatedByID *string `json:"created_by_id,omitempty"`

	// The UTC timestamp when the policy was last modified.
	LastModifiedAt *strfmt.DateTime `json:"last_modified_at,omitempty"`

	// The iam ID of the entity that last modified the policy.
	LastModifiedByID *string `json:"last_modified_by_id,omitempty"`

	// The policy state.
	State *string `json:"state,omitempty"`
}

Policy : The core set of properties associated with a policy.

type PolicyList 

type PolicyList struct {
	// List of policies.
	Policies []Policy `json:"policies,omitempty"`
}

PolicyList : A collection of policies.

type PolicyResource 

type PolicyResource struct {
	// List of resource attributes.
	Attributes []ResourceAttribute `json:"attributes,omitempty"`

	// List of access management tags.
	Tags []ResourceTag `json:"tags,omitempty"`
}

PolicyResource : The attributes of the resource. Note that only one resource is allowed in a policy.

type PolicyRole 

type PolicyRole struct {
	// The role Cloud Resource Name (CRN) granted by the policy. Example CRN: 'crn:v1:bluemix:public:iam::::role:Editor'.
	RoleID *string `json:"role_id" validate:"required"`

	// The display name of the role.
	DisplayName *string `json:"display_name,omitempty"`

	// The description of the role.
	Description *string `json:"description,omitempty"`
}

PolicyRole : A role associated with a policy.

type PolicySubject 

type PolicySubject struct {
	// List of subject attributes.
	Attributes []SubjectAttribute `json:"attributes,omitempty"`
}

PolicySubject : The subject attribute values that must match in order for this policy to apply in a permission decision.

type ResourceAttribute 

type ResourceAttribute struct {
	// The name of an attribute.
	Name *string `json:"name" validate:"required"`

	// The value of an attribute.
	Value *string `json:"value" validate:"required"`

	// The operator of an attribute.
	Operator *string `json:"operator,omitempty"`
}

ResourceAttribute : An attribute associated with a resource.

type ResourceTag added in v0.17.15 

type ResourceTag struct {
	// The name of an access management tag.
	Name *string `json:"name" validate:"required"`

	// The value of an access management tag.
	Value *string `json:"value" validate:"required"`

	// The operator of an access management tag.
	Operator *string `json:"operator,omitempty"`
}

ResourceTag : A tag associated with a resource.

type Role 

type Role struct {
	// The display name of the role that is shown in the console.
	DisplayName *string `json:"display_name,omitempty"`

	// The description of the role.
	Description *string `json:"description,omitempty"`

	// The actions of the role. Please refer to [IAM roles and
	// actions](https://cloud.ibm.com/docs/account?topic=account-iam-service-roles-actions).
	Actions []string `json:"actions,omitempty"`

	// The role Cloud Resource Name (CRN). Example CRN:
	// 'crn:v1:ibmcloud:public:iam-access-management::a/exampleAccountId::customRole:ExampleRoleName'.
	CRN *string `json:"crn,omitempty"`
}

Role : A role resource.

type RoleList 

type RoleList struct {
	// List of custom roles.
	CustomRoles []CustomRole `json:"custom_roles,omitempty"`

	// List of service roles.
	ServiceRoles []Role `json:"service_roles,omitempty"`

	// List of system roles.
	SystemRoles []Role `json:"system_roles,omitempty"`
}

RoleList : A collection of roles returned by the 'list roles' operation.

type SubjectAttribute 

type SubjectAttribute struct {
	// The name of an attribute.
	Name *string `json:"name" validate:"required"`

	// The value of an attribute.
	Value *string `json:"value" validate:"required"`
}

SubjectAttribute : An attribute associated with a subject.

type UpdatePolicyOptions 

type UpdatePolicyOptions struct {
	// The policy ID.
	PolicyID *string `json:"policy_id" validate:"required,ne="`

	// The revision number for updating a policy and must match the ETag value of the existing policy. The Etag can be
	// retrieved using the GET /v1/policies/{policy_id} API and looking at the ETag response header.
	IfMatch *string `json:"If-Match" validate:"required"`

	// The policy type; either 'access' or 'authorization'.
	Type *string `json:"type" validate:"required"`

	// The subjects associated with a policy.
	Subjects []PolicySubject `json:"subjects" validate:"required"`

	// A set of role cloud resource names (CRNs) granted by the policy.
	Roles []PolicyRole `json:"roles" validate:"required"`

	// The resources associated with a policy.
	Resources []PolicyResource `json:"resources" validate:"required"`

	// Customer-defined description.
	Description *string `json:"description,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

UpdatePolicyOptions : The UpdatePolicy options.

func (*UpdatePolicyOptions) SetDescription added in v0.17.2 

func (_options *UpdatePolicyOptions) SetDescription(description string) *UpdatePolicyOptions

SetDescription : Allow user to set Description

func (*UpdatePolicyOptions) SetHeaders 

func (options *UpdatePolicyOptions) SetHeaders(param map[string]string) *UpdatePolicyOptions

SetHeaders : Allow user to set Headers

func (*UpdatePolicyOptions) SetIfMatch 

func (_options *UpdatePolicyOptions) SetIfMatch(ifMatch string) *UpdatePolicyOptions

SetIfMatch : Allow user to set IfMatch

func (*UpdatePolicyOptions) SetPolicyID 

func (_options *UpdatePolicyOptions) SetPolicyID(policyID string) *UpdatePolicyOptions

SetPolicyID : Allow user to set PolicyID

func (*UpdatePolicyOptions) SetResources 

func (_options *UpdatePolicyOptions) SetResources(resources []PolicyResource) *UpdatePolicyOptions

SetResources : Allow user to set Resources

func (*UpdatePolicyOptions) SetRoles 

func (_options *UpdatePolicyOptions) SetRoles(roles []PolicyRole) *UpdatePolicyOptions

SetRoles : Allow user to set Roles

func (*UpdatePolicyOptions) SetSubjects 

func (_options *UpdatePolicyOptions) SetSubjects(subjects []PolicySubject) *UpdatePolicyOptions

SetSubjects : Allow user to set Subjects

func (*UpdatePolicyOptions) SetType 

func (_options *UpdatePolicyOptions) SetType(typeVar string) *UpdatePolicyOptions

SetType : Allow user to set Type

type UpdateRoleOptions 

type UpdateRoleOptions struct {
	// The role ID.
	RoleID *string `json:"role_id" validate:"required,ne="`

	// The revision number for updating a role and must match the ETag value of the existing role. The Etag can be
	// retrieved using the GET /v2/roles/{role_id} API and looking at the ETag response header.
	IfMatch *string `json:"If-Match" validate:"required"`

	// The display name of the role that is shown in the console.
	DisplayName *string `json:"display_name,omitempty"`

	// The description of the role.
	Description *string `json:"description,omitempty"`

	// The actions of the role. Please refer to [IAM roles and
	// actions](https://cloud.ibm.com/docs/account?topic=account-iam-service-roles-actions).
	Actions []string `json:"actions,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

UpdateRoleOptions : The UpdateRole options.

func (*UpdateRoleOptions) SetActions 

func (_options *UpdateRoleOptions) SetActions(actions []string) *UpdateRoleOptions

SetActions : Allow user to set Actions

func (*UpdateRoleOptions) SetDescription 

func (_options *UpdateRoleOptions) SetDescription(description string) *UpdateRoleOptions

SetDescription : Allow user to set Description

func (*UpdateRoleOptions) SetDisplayName 

func (_options *UpdateRoleOptions) SetDisplayName(displayName string) *UpdateRoleOptions

SetDisplayName : Allow user to set DisplayName

func (*UpdateRoleOptions) SetHeaders 

func (options *UpdateRoleOptions) SetHeaders(param map[string]string) *UpdateRoleOptions

SetHeaders : Allow user to set Headers

func (*UpdateRoleOptions) SetIfMatch 

func (_options *UpdateRoleOptions) SetIfMatch(ifMatch string) *UpdateRoleOptions

SetIfMatch : Allow user to set IfMatch

func (*UpdateRoleOptions) SetRoleID 

func (_options *UpdateRoleOptions) SetRoleID(roleID string) *UpdateRoleOptions

SetRoleID : Allow user to set RoleID

type V2CreatePolicyOptions added in v0.30.0 

type V2CreatePolicyOptions struct {
	// The policy type; either 'access' or 'authorization'.
	Type *string `json:"type" validate:"required"`

	// Specifies the type of access granted by the policy.
	Control *V2PolicyBaseControl `json:"control" validate:"required"`

	// Customer-defined description.
	Description *string `json:"description,omitempty"`

	// The subject attributes associated with a policy.
	Subject *V2PolicyBaseSubject `json:"subject,omitempty"`

	// The resource attributes associated with a policy.
	Resource *V2PolicyBaseResource `json:"resource,omitempty"`

	// Indicates pattern of rule.
	Pattern *string `json:"pattern,omitempty"`

	// Additional access conditions associated with a policy.
	Rule V2PolicyBaseRuleIntf `json:"rule,omitempty"`

	// Language code for translations
	// * `default` - English
	// * `de` -  German (Standard)
	// * `en` - English
	// * `es` - Spanish (Spain)
	// * `fr` - French (Standard)
	// * `it` - Italian (Standard)
	// * `ja` - Japanese
	// * `ko` - Korean
	// * `pt-br` - Portuguese (Brazil)
	// * `zh-cn` - Chinese (Simplified, PRC)
	// * `zh-tw` - (Chinese, Taiwan).
	AcceptLanguage *string `json:"Accept-Language,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

V2CreatePolicyOptions : The V2CreatePolicy options.

func (*V2CreatePolicyOptions) SetAcceptLanguage added in v0.30.0 

func (_options *V2CreatePolicyOptions) SetAcceptLanguage(acceptLanguage string) *V2CreatePolicyOptions

SetAcceptLanguage : Allow user to set AcceptLanguage

func (*V2CreatePolicyOptions) SetControl added in v0.30.0 

func (_options *V2CreatePolicyOptions) SetControl(control *V2PolicyBaseControl) *V2CreatePolicyOptions

SetControl : Allow user to set Control

func (*V2CreatePolicyOptions) SetDescription added in v0.30.0 

func (_options *V2CreatePolicyOptions) SetDescription(description string) *V2CreatePolicyOptions

SetDescription : Allow user to set Description

func (*V2CreatePolicyOptions) SetHeaders added in v0.30.0 

func (options *V2CreatePolicyOptions) SetHeaders(param map[string]string) *V2CreatePolicyOptions

SetHeaders : Allow user to set Headers

func (*V2CreatePolicyOptions) SetPattern added in v0.30.0 

func (_options *V2CreatePolicyOptions) SetPattern(pattern string) *V2CreatePolicyOptions

SetPattern : Allow user to set Pattern

func (*V2CreatePolicyOptions) SetResource added in v0.30.0 

func (_options *V2CreatePolicyOptions) SetResource(resource *V2PolicyBaseResource) *V2CreatePolicyOptions

SetResource : Allow user to set Resource

func (*V2CreatePolicyOptions) SetRule added in v0.30.0 

func (_options *V2CreatePolicyOptions) SetRule(rule V2PolicyBaseRuleIntf) *V2CreatePolicyOptions

SetRule : Allow user to set Rule

func (*V2CreatePolicyOptions) SetSubject added in v0.30.0 

func (_options *V2CreatePolicyOptions) SetSubject(subject *V2PolicyBaseSubject) *V2CreatePolicyOptions

SetSubject : Allow user to set Subject

func (*V2CreatePolicyOptions) SetType added in v0.30.0 

func (_options *V2CreatePolicyOptions) SetType(typeVar string) *V2CreatePolicyOptions

SetType : Allow user to set Type

type V2DeletePolicyOptions added in v0.30.0 

type V2DeletePolicyOptions struct {
	// The policy ID.
	PolicyID *string `json:"policy_id" validate:"required,ne="`

	// Allows users to set headers on API requests
	Headers map[string]string
}

V2DeletePolicyOptions : The V2DeletePolicy options.

func (*V2DeletePolicyOptions) SetHeaders added in v0.30.0 

func (options *V2DeletePolicyOptions) SetHeaders(param map[string]string) *V2DeletePolicyOptions

SetHeaders : Allow user to set Headers

func (*V2DeletePolicyOptions) SetPolicyID added in v0.30.0 

func (_options *V2DeletePolicyOptions) SetPolicyID(policyID string) *V2DeletePolicyOptions

SetPolicyID : Allow user to set PolicyID

type V2GetPolicyOptions added in v0.30.0 

type V2GetPolicyOptions struct {
	// The policy ID.
	PolicyID *string `json:"policy_id" validate:"required,ne="`

	// Allows users to set headers on API requests
	Headers map[string]string
}

V2GetPolicyOptions : The V2GetPolicy options.

func (*V2GetPolicyOptions) SetHeaders added in v0.30.0 

func (options *V2GetPolicyOptions) SetHeaders(param map[string]string) *V2GetPolicyOptions

SetHeaders : Allow user to set Headers

func (*V2GetPolicyOptions) SetPolicyID added in v0.30.0 

func (_options *V2GetPolicyOptions) SetPolicyID(policyID string) *V2GetPolicyOptions

SetPolicyID : Allow user to set PolicyID

type V2ListPoliciesOptions added in v0.30.0 

type V2ListPoliciesOptions struct {
	// The account GUID in which the policies belong to.
	AccountID *string `json:"account_id" validate:"required"`

	// Language code for translations
	// * `default` - English
	// * `de` -  German (Standard)
	// * `en` - English
	// * `es` - Spanish (Spain)
	// * `fr` - French (Standard)
	// * `it` - Italian (Standard)
	// * `ja` - Japanese
	// * `ko` - Korean
	// * `pt-br` - Portuguese (Brazil)
	// * `zh-cn` - Chinese (Simplified, PRC)
	// * `zh-tw` - (Chinese, Taiwan).
	AcceptLanguage *string `json:"Accept-Language,omitempty"`

	// Optional IAM ID used to identify the subject.
	IamID *string `json:"iam_id,omitempty"`

	// Optional access group id.
	AccessGroupID *string `json:"access_group_id,omitempty"`

	// Optional type of policy.
	Type *string `json:"type,omitempty"`

	// Optional type of service.
	ServiceType *string `json:"service_type,omitempty"`

	// Optional name of service.
	ServiceName *string `json:"service_name,omitempty"`

	// Optional ID of service group.
	ServiceGroupID *string `json:"service_group_id,omitempty"`

	// Include additional data per policy returned
	// * `include_last_permit` - returns details of when the policy last granted a permit decision and the number of times
	// it has done so
	// * `display` - returns the list of all actions included in each of the policy roles and translations for all relevant
	// fields.
	Format *string `json:"format,omitempty"`

	// The state of the policy.
	// * `active` - returns active policies
	// * `deleted` - returns non-active policies.
	State *string `json:"state,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

V2ListPoliciesOptions : The V2ListPolicies options.

func (*V2ListPoliciesOptions) SetAcceptLanguage added in v0.30.0 

func (_options *V2ListPoliciesOptions) SetAcceptLanguage(acceptLanguage string) *V2ListPoliciesOptions

SetAcceptLanguage : Allow user to set AcceptLanguage

func (*V2ListPoliciesOptions) SetAccessGroupID added in v0.30.0 

func (_options *V2ListPoliciesOptions) SetAccessGroupID(accessGroupID string) *V2ListPoliciesOptions

SetAccessGroupID : Allow user to set AccessGroupID

func (*V2ListPoliciesOptions) SetAccountID added in v0.30.0 

func (_options *V2ListPoliciesOptions) SetAccountID(accountID string) *V2ListPoliciesOptions

SetAccountID : Allow user to set AccountID

func (*V2ListPoliciesOptions) SetFormat added in v0.30.0 

func (_options *V2ListPoliciesOptions) SetFormat(format string) *V2ListPoliciesOptions

SetFormat : Allow user to set Format

func (*V2ListPoliciesOptions) SetHeaders added in v0.30.0 

func (options *V2ListPoliciesOptions) SetHeaders(param map[string]string) *V2ListPoliciesOptions

SetHeaders : Allow user to set Headers

func (*V2ListPoliciesOptions) SetIamID added in v0.30.0 

func (_options *V2ListPoliciesOptions) SetIamID(iamID string) *V2ListPoliciesOptions

SetIamID : Allow user to set IamID

func (*V2ListPoliciesOptions) SetServiceGroupID added in v0.30.0 

func (_options *V2ListPoliciesOptions) SetServiceGroupID(serviceGroupID string) *V2ListPoliciesOptions

SetServiceGroupID : Allow user to set ServiceGroupID

func (*V2ListPoliciesOptions) SetServiceName added in v0.30.0 

func (_options *V2ListPoliciesOptions) SetServiceName(serviceName string) *V2ListPoliciesOptions

SetServiceName : Allow user to set ServiceName

func (*V2ListPoliciesOptions) SetServiceType added in v0.30.0 

func (_options *V2ListPoliciesOptions) SetServiceType(serviceType string) *V2ListPoliciesOptions

SetServiceType : Allow user to set ServiceType

func (*V2ListPoliciesOptions) SetState added in v0.30.0 

func (_options *V2ListPoliciesOptions) SetState(state string) *V2ListPoliciesOptions

SetState : Allow user to set State

func (*V2ListPoliciesOptions) SetType added in v0.30.0 

func (_options *V2ListPoliciesOptions) SetType(typeVar string) *V2ListPoliciesOptions

SetType : Allow user to set Type

type V2Policy added in v0.30.0 

type V2Policy struct {
	// The policy ID.
	ID *string `json:"id,omitempty"`

	// The policy type; either 'access' or 'authorization'.
	Type *string `json:"type" validate:"required"`

	// Customer-defined description.
	Description *string `json:"description,omitempty"`

	// The subject attributes associated with a policy.
	Subject *V2PolicyBaseSubject `json:"subject,omitempty"`

	// Specifies the type of access granted by the policy.
	Control *V2PolicyBaseControl `json:"control" validate:"required"`

	// The resource attributes associated with a policy.
	Resource *V2PolicyBaseResource `json:"resource,omitempty"`

	// Indicates pattern of rule.
	Pattern *string `json:"pattern,omitempty"`

	// Additional access conditions associated with a policy.
	Rule V2PolicyBaseRuleIntf `json:"rule,omitempty"`

	// The href link back to the policy.
	Href *string `json:"href,omitempty"`

	// The UTC timestamp when the policy was created.
	CreatedAt *strfmt.DateTime `json:"created_at,omitempty"`

	// The iam ID of the entity that created the policy.
	CreatedByID *string `json:"created_by_id,omitempty"`

	// The UTC timestamp when the policy was last modified.
	LastModifiedAt *strfmt.DateTime `json:"last_modified_at,omitempty"`

	// The iam ID of the entity that last modified the policy.
	LastModifiedByID *string `json:"last_modified_by_id,omitempty"`

	// The policy state.
	State *string `json:"state,omitempty"`
}

V2Policy : The core set of properties associated with a policy.

type V2PolicyAttribute added in v0.30.0 

type V2PolicyAttribute struct {
	// The name of an attribute.
	Key *string `json:"key" validate:"required"`

	// The operator of an attribute.
	Operator *string `json:"operator" validate:"required"`

	// The value of an attribute; can be array, boolean, string, or integer.
	Value interface{} `json:"value" validate:"required"`
}

V2PolicyAttribute : Resource/subject attribute associated with policy attributes.

type V2PolicyBaseControl added in v0.30.0 

type V2PolicyBaseControl struct {
	// Permission granted by the policy.
	Grant *V2PolicyBaseControlGrant `json:"grant" validate:"required"`
}

V2PolicyBaseControl : Specifies the type of access granted by the policy.

type V2PolicyBaseControlGrant added in v0.30.0 

type V2PolicyBaseControlGrant struct {
	// A set of role cloud resource names (CRNs) granted by the policy.
	Roles []PolicyRole `json:"roles" validate:"required"`
}

V2PolicyBaseControlGrant : Permission granted by the policy.

type V2PolicyBaseResource added in v0.30.0 

type V2PolicyBaseResource struct {
	// List of resource attributes associated with policy/.
	Attributes []V2PolicyAttribute `json:"attributes,omitempty"`
}

V2PolicyBaseResource : The resource attributes associated with a policy.

type V2PolicyBaseRule added in v0.30.0 

type V2PolicyBaseRule struct {
	// The name of an attribute.
	Key *string `json:"key,omitempty"`

	// The operator of an attribute.
	Operator *string `json:"operator,omitempty"`

	// The value of an attribute; can be array, boolean, string, or integer.
	Value interface{} `json:"value,omitempty"`

	// List of conditions to associated with a policy. Note that conditions can be nested up to 2 levels.
	Conditions []V2PolicyAttribute `json:"conditions,omitempty"`
}

V2PolicyBaseRule : Additional access conditions associated with a policy. Models which "extend" this model: - V2PolicyBaseRuleV2PolicyAttribute - V2PolicyBaseRuleV2RuleWithConditions

type V2PolicyBaseRuleIntf added in v0.30.0 

type V2PolicyBaseRuleIntf interface {
	// contains filtered or unexported methods
}

type V2PolicyBaseRuleV2PolicyAttribute added in v0.30.0 

type V2PolicyBaseRuleV2PolicyAttribute struct {
	// The name of an attribute.
	Key *string `json:"key" validate:"required"`

	// The operator of an attribute.
	Operator *string `json:"operator" validate:"required"`

	// The value of an attribute; can be array, boolean, string, or integer.
	Value interface{} `json:"value" validate:"required"`
}

V2PolicyBaseRuleV2PolicyAttribute : Resource/subject attribute associated with policy attributes. This model "extends" V2PolicyBaseRule

type V2PolicyBaseRuleV2RuleWithConditions added in v0.30.0 

type V2PolicyBaseRuleV2RuleWithConditions struct {
	// Operator to evalute conditions.
	Operator *string `json:"operator" validate:"required"`

	// List of conditions to associated with a policy. Note that conditions can be nested up to 2 levels.
	Conditions []V2PolicyAttribute `json:"conditions" validate:"required"`
}

V2PolicyBaseRuleV2RuleWithConditions : Policy rule that has 2 to 10 conditions. This model "extends" V2PolicyBaseRule

type V2PolicyBaseSubject added in v0.30.0 

type V2PolicyBaseSubject struct {
	// List of subject attributes associated with policy/.
	Attributes []V2PolicyAttribute `json:"attributes,omitempty"`
}

V2PolicyBaseSubject : The subject attributes associated with a policy.

type V2PolicyList added in v0.30.0 

type V2PolicyList struct {
	// List of policies.
	Policies []V2Policy `json:"policies,omitempty"`
}

V2PolicyList : A collection of policies.

type V2UpdatePolicyOptions added in v0.30.0 

type V2UpdatePolicyOptions struct {
	// The policy ID.
	PolicyID *string `json:"policy_id" validate:"required,ne="`

	// The revision number for updating a policy and must match the ETag value of the existing policy. The Etag can be
	// retrieved using the GET /v1/policies/{policy_id} API and looking at the ETag response header.
	IfMatch *string `json:"If-Match" validate:"required"`

	// The policy type; either 'access' or 'authorization'.
	Type *string `json:"type" validate:"required"`

	// Specifies the type of access granted by the policy.
	Control *V2PolicyBaseControl `json:"control" validate:"required"`

	// Customer-defined description.
	Description *string `json:"description,omitempty"`

	// The subject attributes associated with a policy.
	Subject *V2PolicyBaseSubject `json:"subject,omitempty"`

	// The resource attributes associated with a policy.
	Resource *V2PolicyBaseResource `json:"resource,omitempty"`

	// Indicates pattern of rule.
	Pattern *string `json:"pattern,omitempty"`

	// Additional access conditions associated with a policy.
	Rule V2PolicyBaseRuleIntf `json:"rule,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

V2UpdatePolicyOptions : The V2UpdatePolicy options.

func (*V2UpdatePolicyOptions) SetControl added in v0.30.0 

func (_options *V2UpdatePolicyOptions) SetControl(control *V2PolicyBaseControl) *V2UpdatePolicyOptions

SetControl : Allow user to set Control

func (*V2UpdatePolicyOptions) SetDescription added in v0.30.0 

func (_options *V2UpdatePolicyOptions) SetDescription(description string) *V2UpdatePolicyOptions

SetDescription : Allow user to set Description

func (*V2UpdatePolicyOptions) SetHeaders added in v0.30.0 

func (options *V2UpdatePolicyOptions) SetHeaders(param map[string]string) *V2UpdatePolicyOptions

SetHeaders : Allow user to set Headers

func (*V2UpdatePolicyOptions) SetIfMatch added in v0.30.0 

func (_options *V2UpdatePolicyOptions) SetIfMatch(ifMatch string) *V2UpdatePolicyOptions

SetIfMatch : Allow user to set IfMatch

func (*V2UpdatePolicyOptions) SetPattern added in v0.30.0 

func (_options *V2UpdatePolicyOptions) SetPattern(pattern string) *V2UpdatePolicyOptions

SetPattern : Allow user to set Pattern

func (*V2UpdatePolicyOptions) SetPolicyID added in v0.30.0 

func (_options *V2UpdatePolicyOptions) SetPolicyID(policyID string) *V2UpdatePolicyOptions

SetPolicyID : Allow user to set PolicyID

func (*V2UpdatePolicyOptions) SetResource added in v0.30.0 

func (_options *V2UpdatePolicyOptions) SetResource(resource *V2PolicyBaseResource) *V2UpdatePolicyOptions

SetResource : Allow user to set Resource

func (*V2UpdatePolicyOptions) SetRule added in v0.30.0 

func (_options *V2UpdatePolicyOptions) SetRule(rule V2PolicyBaseRuleIntf) *V2UpdatePolicyOptions

SetRule : Allow user to set Rule

func (*V2UpdatePolicyOptions) SetSubject added in v0.30.0 

func (_options *V2UpdatePolicyOptions) SetSubject(subject *V2PolicyBaseSubject) *V2UpdatePolicyOptions

SetSubject : Allow user to set Subject

func (*V2UpdatePolicyOptions) SetType added in v0.30.0 

func (_options *V2UpdatePolicyOptions) SetType(typeVar string) *V2UpdatePolicyOptions

SetType : Allow user to set Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.