iampolicymanagementv1

package
v0.32.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 1, 2023 License: Apache-2.0 Imports: 9 Imported by: 22

Documentation

Overview

Package iampolicymanagementv1 : Operations and models for the IamPolicyManagementV1 service

Index

Constants

View Source
const (
	CreateV2PolicyOptionsTypeAccessConst        = "access"
	CreateV2PolicyOptionsTypeAuthorizationConst = "authorization"
)

Constants associated with the CreateV2PolicyOptions.Type property. The policy type; either 'access' or 'authorization'.

View Source
const (
	GetV2PolicyOptionsFormatDisplayConst           = "display"
	GetV2PolicyOptionsFormatIncludeLastPermitConst = "include_last_permit"
)

Constants associated with the GetV2PolicyOptions.Format property. Include additional data for policy returned * `include_last_permit` - returns details of when the policy last granted a permit decision and the number of times it has done so * `display` - returns the list of all actions included in each of the policy roles and translations for all relevant fields.

View Source
const (
	ListPoliciesOptionsTypeAccessConst        = "access"
	ListPoliciesOptionsTypeAuthorizationConst = "authorization"
)

Constants associated with the ListPoliciesOptions.Type property. Optional type of policy.

View Source
const (
	ListPoliciesOptionsServiceTypePlatformServiceConst = "platform_service"
	ListPoliciesOptionsServiceTypeServiceConst         = "service"
)

Constants associated with the ListPoliciesOptions.ServiceType property. Optional type of service.

View Source
const (
	ListPoliciesOptionsSortCreatedAtConst        = "created_at"
	ListPoliciesOptionsSortCreatedByIDConst      = "created_by_id"
	ListPoliciesOptionsSortHrefConst             = "href"
	ListPoliciesOptionsSortIDConst               = "id"
	ListPoliciesOptionsSortLastModifiedAtConst   = "last_modified_at"
	ListPoliciesOptionsSortLastModifiedByIDConst = "last_modified_by_id"
	ListPoliciesOptionsSortStateConst            = "state"
	ListPoliciesOptionsSortTypeConst             = "type"
)

Constants associated with the ListPoliciesOptions.Sort property. Optional top level policy field to sort results. Ascending sort is default. Descending sort available by prepending '-' to field. Example '-last_modified_at'.

View Source
const (
	ListPoliciesOptionsFormatDisplayConst           = "display"
	ListPoliciesOptionsFormatIncludeLastPermitConst = "include_last_permit"
)

Constants associated with the ListPoliciesOptions.Format property. Include additional data per policy returned * `include_last_permit` - returns details of when the policy last granted a permit decision and the number of times it has done so * `display` - returns the list of all actions included in each of the policy roles.

View Source
const (
	ListPoliciesOptionsStateActiveConst  = "active"
	ListPoliciesOptionsStateDeletedConst = "deleted"
)

Constants associated with the ListPoliciesOptions.State property. The state of the policy. * `active` - returns active policies * `deleted` - returns non-active policies.

View Source
const (
	ListV2PoliciesOptionsTypeAccessConst        = "access"
	ListV2PoliciesOptionsTypeAuthorizationConst = "authorization"
)

Constants associated with the ListV2PoliciesOptions.Type property. Optional type of policy.

View Source
const (
	ListV2PoliciesOptionsServiceTypePlatformServiceConst = "platform_service"
	ListV2PoliciesOptionsServiceTypeServiceConst         = "service"
)

Constants associated with the ListV2PoliciesOptions.ServiceType property. Optional type of service.

View Source
const (
	ListV2PoliciesOptionsFormatDisplayConst           = "display"
	ListV2PoliciesOptionsFormatIncludeLastPermitConst = "include_last_permit"
)

Constants associated with the ListV2PoliciesOptions.Format property. Include additional data per policy returned * `include_last_permit` - returns details of when the policy last granted a permit decision and the number of times it has done so * `display` - returns the list of all actions included in each of the policy roles and translations for all relevant fields.

View Source
const (
	ListV2PoliciesOptionsStateActiveConst  = "active"
	ListV2PoliciesOptionsStateDeletedConst = "deleted"
)

Constants associated with the ListV2PoliciesOptions.State property. The state of the policy. * `active` - returns active policies * `deleted` - returns non-active policies.

View Source
const (
	ReplaceV2PolicyOptionsTypeAccessConst        = "access"
	ReplaceV2PolicyOptionsTypeAuthorizationConst = "authorization"
)

Constants associated with the ReplaceV2PolicyOptions.Type property. The policy type; either 'access' or 'authorization'.

View Source
const (
	RuleAttributeOperatorDatetimegreaterthanConst         = "dateTimeGreaterThan"
	RuleAttributeOperatorDatetimegreaterthanorequalsConst = "dateTimeGreaterThanOrEquals"
	RuleAttributeOperatorDatetimelessthanConst            = "dateTimeLessThan"
	RuleAttributeOperatorDatetimelessthanorequalsConst    = "dateTimeLessThanOrEquals"
	RuleAttributeOperatorDayofweekanyofConst              = "dayOfWeekAnyOf"
	RuleAttributeOperatorDayofweekequalsConst             = "dayOfWeekEquals"
	RuleAttributeOperatorTimegreaterthanConst             = "timeGreaterThan"
	RuleAttributeOperatorTimegreaterthanorequalsConst     = "timeGreaterThanOrEquals"
	RuleAttributeOperatorTimelessthanConst                = "timeLessThan"
	RuleAttributeOperatorTimelessthanorequalsConst        = "timeLessThanOrEquals"
)

Constants associated with the RuleAttribute.Operator property. The operator of an attribute.

View Source
const (
	UpdatePolicyStateOptionsStateActiveConst  = "active"
	UpdatePolicyStateOptionsStateDeletedConst = "deleted"
)

Constants associated with the UpdatePolicyStateOptions.State property. The policy state.

View Source
const (
	V2PolicyTypeAccessConst        = "access"
	V2PolicyTypeAuthorizationConst = "authorization"
)

Constants associated with the V2Policy.Type property. The policy type; either 'access' or 'authorization'.

View Source
const (
	V2PolicyStateActiveConst  = "active"
	V2PolicyStateDeletedConst = "deleted"
)

Constants associated with the V2Policy.State property. The policy state, either 'deleted' or 'active'.

View Source
const (
	V2PolicyResourceAttributeOperatorStringequalsConst = "stringEquals"
	V2PolicyResourceAttributeOperatorStringexistsConst = "stringExists"
	V2PolicyResourceAttributeOperatorStringmatchConst  = "stringMatch"
)

Constants associated with the V2PolicyResourceAttribute.Operator property. The operator of an attribute.

View Source
const (
	V2PolicyResourceTagOperatorStringequalsConst = "stringEquals"
	V2PolicyResourceTagOperatorStringmatchConst  = "stringMatch"
)

Constants associated with the V2PolicyResourceTag.Operator property. The operator of an access management tag.

View Source
const (
	V2PolicyRuleOperatorDatetimegreaterthanConst         = "dateTimeGreaterThan"
	V2PolicyRuleOperatorDatetimegreaterthanorequalsConst = "dateTimeGreaterThanOrEquals"
	V2PolicyRuleOperatorDatetimelessthanConst            = "dateTimeLessThan"
	V2PolicyRuleOperatorDatetimelessthanorequalsConst    = "dateTimeLessThanOrEquals"
	V2PolicyRuleOperatorDayofweekanyofConst              = "dayOfWeekAnyOf"
	V2PolicyRuleOperatorDayofweekequalsConst             = "dayOfWeekEquals"
	V2PolicyRuleOperatorTimegreaterthanConst             = "timeGreaterThan"
	V2PolicyRuleOperatorTimegreaterthanorequalsConst     = "timeGreaterThanOrEquals"
	V2PolicyRuleOperatorTimelessthanConst                = "timeLessThan"
	V2PolicyRuleOperatorTimelessthanorequalsConst        = "timeLessThanOrEquals"
)

Constants associated with the V2PolicyRule.Operator property. The operator of an attribute.

View Source
const (
	PolicyStateActiveConst  = "active"
	PolicyStateDeletedConst = "deleted"
)

Constants associated with the Policy.State property. The policy state.

View Source
const (
	V2PolicyRuleRuleAttributeOperatorDatetimegreaterthanConst         = "dateTimeGreaterThan"
	V2PolicyRuleRuleAttributeOperatorDatetimegreaterthanorequalsConst = "dateTimeGreaterThanOrEquals"
	V2PolicyRuleRuleAttributeOperatorDatetimelessthanConst            = "dateTimeLessThan"
	V2PolicyRuleRuleAttributeOperatorDatetimelessthanorequalsConst    = "dateTimeLessThanOrEquals"
	V2PolicyRuleRuleAttributeOperatorDayofweekanyofConst              = "dayOfWeekAnyOf"
	V2PolicyRuleRuleAttributeOperatorDayofweekequalsConst             = "dayOfWeekEquals"
	V2PolicyRuleRuleAttributeOperatorTimegreaterthanConst             = "timeGreaterThan"
	V2PolicyRuleRuleAttributeOperatorTimegreaterthanorequalsConst     = "timeGreaterThanOrEquals"
	V2PolicyRuleRuleAttributeOperatorTimelessthanConst                = "timeLessThan"
	V2PolicyRuleRuleAttributeOperatorTimelessthanorequalsConst        = "timeLessThanOrEquals"
)

Constants associated with the V2PolicyRuleRuleAttribute.Operator property. The operator of an attribute.

View Source
const (
	V2PolicyRuleRuleWithConditionsOperatorAndConst = "and"
	V2PolicyRuleRuleWithConditionsOperatorOrConst  = "or"
)

Constants associated with the V2PolicyRuleRuleWithConditions.Operator property. Operator to evaluate conditions.

View Source
const DefaultServiceName = "iam_policy_management"

DefaultServiceName is the default key used to find external configuration information.

View Source
const DefaultServiceURL = "https://iam.cloud.ibm.com"

DefaultServiceURL is the default URL to make service requests to.

View Source
const (
	V2PolicySubjectAttributeOperatorStringequalsConst = "stringEquals"
)

Constants associated with the V2PolicySubjectAttribute.Operator property. The operator of an attribute.

Variables

This section is empty.

Functions

func GetServiceURLForRegion added in v0.17.2

func GetServiceURLForRegion(region string) (string, error)

GetServiceURLForRegion returns the service URL to be used for the specified region

func UnmarshalControl added in v0.31.4

func UnmarshalControl(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalControl unmarshals an instance of Control from the specified map of raw messages.

func UnmarshalControlResponse added in v0.31.4

func UnmarshalControlResponse(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalControlResponse unmarshals an instance of ControlResponse from the specified map of raw messages.

func UnmarshalControlResponseControl added in v0.31.4

func UnmarshalControlResponseControl(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalControlResponseControl unmarshals an instance of ControlResponseControl from the specified map of raw messages.

func UnmarshalControlResponseControlWithEnrichedRoles added in v0.31.5

func UnmarshalControlResponseControlWithEnrichedRoles(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalControlResponseControlWithEnrichedRoles unmarshals an instance of ControlResponseControlWithEnrichedRoles from the specified map of raw messages.

func UnmarshalCustomRole

func UnmarshalCustomRole(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalCustomRole unmarshals an instance of CustomRole from the specified map of raw messages.

func UnmarshalEnrichedRoles added in v0.31.5

func UnmarshalEnrichedRoles(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalEnrichedRoles unmarshals an instance of EnrichedRoles from the specified map of raw messages.

func UnmarshalGrant added in v0.31.5

func UnmarshalGrant(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalGrant unmarshals an instance of Grant from the specified map of raw messages.

func UnmarshalGrantWithEnrichedRoles added in v0.31.5

func UnmarshalGrantWithEnrichedRoles(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalGrantWithEnrichedRoles unmarshals an instance of GrantWithEnrichedRoles from the specified map of raw messages.

func UnmarshalPolicy

func UnmarshalPolicy(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalPolicy unmarshals an instance of Policy from the specified map of raw messages.

func UnmarshalPolicyList

func UnmarshalPolicyList(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalPolicyList unmarshals an instance of PolicyList from the specified map of raw messages.

func UnmarshalPolicyResource

func UnmarshalPolicyResource(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalPolicyResource unmarshals an instance of PolicyResource from the specified map of raw messages.

func UnmarshalPolicyRole

func UnmarshalPolicyRole(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalPolicyRole unmarshals an instance of PolicyRole from the specified map of raw messages.

func UnmarshalPolicySubject

func UnmarshalPolicySubject(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalPolicySubject unmarshals an instance of PolicySubject from the specified map of raw messages.

func UnmarshalResourceAttribute

func UnmarshalResourceAttribute(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalResourceAttribute unmarshals an instance of ResourceAttribute from the specified map of raw messages.

func UnmarshalResourceTag added in v0.17.15

func UnmarshalResourceTag(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalResourceTag unmarshals an instance of ResourceTag from the specified map of raw messages.

func UnmarshalRole

func UnmarshalRole(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalRole unmarshals an instance of Role from the specified map of raw messages.

func UnmarshalRoleAction added in v0.31.4

func UnmarshalRoleAction(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalRoleAction unmarshals an instance of RoleAction from the specified map of raw messages.

func UnmarshalRoleList

func UnmarshalRoleList(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalRoleList unmarshals an instance of RoleList from the specified map of raw messages.

func UnmarshalRoles added in v0.31.5

func UnmarshalRoles(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalRoles unmarshals an instance of Roles from the specified map of raw messages.

func UnmarshalRuleAttribute added in v0.31.4

func UnmarshalRuleAttribute(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalRuleAttribute unmarshals an instance of RuleAttribute from the specified map of raw messages.

func UnmarshalSubjectAttribute

func UnmarshalSubjectAttribute(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalSubjectAttribute unmarshals an instance of SubjectAttribute from the specified map of raw messages.

func UnmarshalV2Policy added in v0.30.0

func UnmarshalV2Policy(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2Policy unmarshals an instance of V2Policy from the specified map of raw messages.

func UnmarshalV2PolicyCollection added in v0.31.4

func UnmarshalV2PolicyCollection(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyCollection unmarshals an instance of V2PolicyCollection from the specified map of raw messages.

func UnmarshalV2PolicyResource added in v0.31.4

func UnmarshalV2PolicyResource(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyResource unmarshals an instance of V2PolicyResource from the specified map of raw messages.

func UnmarshalV2PolicyResourceAttribute added in v0.31.4

func UnmarshalV2PolicyResourceAttribute(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyResourceAttribute unmarshals an instance of V2PolicyResourceAttribute from the specified map of raw messages.

func UnmarshalV2PolicyResourceTag added in v0.31.4

func UnmarshalV2PolicyResourceTag(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyResourceTag unmarshals an instance of V2PolicyResourceTag from the specified map of raw messages.

func UnmarshalV2PolicyRule added in v0.31.4

func UnmarshalV2PolicyRule(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyRule unmarshals an instance of V2PolicyRule from the specified map of raw messages.

func UnmarshalV2PolicyRuleRuleAttribute added in v0.31.4

func UnmarshalV2PolicyRuleRuleAttribute(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyRuleRuleAttribute unmarshals an instance of V2PolicyRuleRuleAttribute from the specified map of raw messages.

func UnmarshalV2PolicyRuleRuleWithConditions added in v0.31.4

func UnmarshalV2PolicyRuleRuleWithConditions(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicyRuleRuleWithConditions unmarshals an instance of V2PolicyRuleRuleWithConditions from the specified map of raw messages.

func UnmarshalV2PolicySubject added in v0.31.4

func UnmarshalV2PolicySubject(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicySubject unmarshals an instance of V2PolicySubject from the specified map of raw messages.

func UnmarshalV2PolicySubjectAttribute added in v0.31.4

func UnmarshalV2PolicySubjectAttribute(m map[string]json.RawMessage, result interface{}) (err error)

UnmarshalV2PolicySubjectAttribute unmarshals an instance of V2PolicySubjectAttribute from the specified map of raw messages.

Types

type Control added in v0.31.4

type Control struct {
	// Permission granted by the policy.
	Grant *Grant `json:"grant" validate:"required"`
}

Control : Specifies the type of access granted by the policy.

type ControlResponse added in v0.31.4

type ControlResponse struct {
	// Permission granted by the policy.
	Grant *Grant `json:"grant,omitempty"`
}

ControlResponse : ControlResponse struct Models which "extend" this model: - ControlResponseControl - ControlResponseControlWithEnrichedRoles

type ControlResponseControl added in v0.31.4

type ControlResponseControl struct {
	// Permission granted by the policy.
	Grant *Grant `json:"grant" validate:"required"`
}

ControlResponseControl : Specifies the type of access granted by the policy. This model "extends" ControlResponse

type ControlResponseControlWithEnrichedRoles added in v0.31.5

type ControlResponseControlWithEnrichedRoles struct {
	// Permission granted by the policy with translated roles and additional role information.
	Grant *GrantWithEnrichedRoles `json:"grant" validate:"required"`
}

ControlResponseControlWithEnrichedRoles : Specifies the type of access granted by the policy with additional role information. This model "extends" ControlResponse

type ControlResponseIntf added in v0.31.4

type ControlResponseIntf interface {
	// contains filtered or unexported methods
}

type CreatePolicyOptions

type CreatePolicyOptions struct {
	// The policy type; either 'access' or 'authorization'.
	Type *string `json:"type" validate:"required"`

	// The subjects associated with a policy.
	Subjects []PolicySubject `json:"subjects" validate:"required"`

	// A set of role cloud resource names (CRNs) granted by the policy.
	Roles []PolicyRole `json:"roles" validate:"required"`

	// The resources associated with a policy.
	Resources []PolicyResource `json:"resources" validate:"required"`

	// Customer-defined description.
	Description *string `json:"description,omitempty"`

	// Language code for translations
	// * `default` - English
	// * `de` -  German (Standard)
	// * `en` - English
	// * `es` - Spanish (Spain)
	// * `fr` - French (Standard)
	// * `it` - Italian (Standard)
	// * `ja` - Japanese
	// * `ko` - Korean
	// * `pt-br` - Portuguese (Brazil)
	// * `zh-cn` - Chinese (Simplified, PRC)
	// * `zh-tw` - (Chinese, Taiwan).
	AcceptLanguage *string `json:"Accept-Language,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

CreatePolicyOptions : The CreatePolicy options.

func (*CreatePolicyOptions) SetAcceptLanguage

func (_options *CreatePolicyOptions) SetAcceptLanguage(acceptLanguage string) *CreatePolicyOptions

SetAcceptLanguage : Allow user to set AcceptLanguage

func (*CreatePolicyOptions) SetDescription added in v0.17.2

func (_options *CreatePolicyOptions) SetDescription(description string) *CreatePolicyOptions

SetDescription : Allow user to set Description

func (*CreatePolicyOptions) SetHeaders

func (options *CreatePolicyOptions) SetHeaders(param map[string]string) *CreatePolicyOptions

SetHeaders : Allow user to set Headers

func (*CreatePolicyOptions) SetResources

func (_options *CreatePolicyOptions) SetResources(resources []PolicyResource) *CreatePolicyOptions

SetResources : Allow user to set Resources

func (*CreatePolicyOptions) SetRoles

func (_options *CreatePolicyOptions) SetRoles(roles []PolicyRole) *CreatePolicyOptions

SetRoles : Allow user to set Roles

func (*CreatePolicyOptions) SetSubjects

func (_options *CreatePolicyOptions) SetSubjects(subjects []PolicySubject) *CreatePolicyOptions

SetSubjects : Allow user to set Subjects

func (*CreatePolicyOptions) SetType

func (_options *CreatePolicyOptions) SetType(typeVar string) *CreatePolicyOptions

SetType : Allow user to set Type

type CreateRoleOptions

type CreateRoleOptions struct {
	// The display name of the role that is shown in the console.
	DisplayName *string `json:"display_name" validate:"required"`

	// The actions of the role. For more information, see [IAM roles and
	// actions](https://cloud.ibm.com/docs/account?topic=account-iam-service-roles-actions).
	Actions []string `json:"actions" validate:"required"`

	// The name of the role that is used in the CRN. Can only be alphanumeric and has to be capitalized.
	Name *string `json:"name" validate:"required"`

	// The account GUID.
	AccountID *string `json:"account_id" validate:"required"`

	// The service name.
	ServiceName *string `json:"service_name" validate:"required"`

	// The description of the role.
	Description *string `json:"description,omitempty"`

	// Language code for translations
	// * `default` - English
	// * `de` -  German (Standard)
	// * `en` - English
	// * `es` - Spanish (Spain)
	// * `fr` - French (Standard)
	// * `it` - Italian (Standard)
	// * `ja` - Japanese
	// * `ko` - Korean
	// * `pt-br` - Portuguese (Brazil)
	// * `zh-cn` - Chinese (Simplified, PRC)
	// * `zh-tw` - (Chinese, Taiwan).
	AcceptLanguage *string `json:"Accept-Language,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

CreateRoleOptions : The CreateRole options.

func (*CreateRoleOptions) SetAcceptLanguage

func (_options *CreateRoleOptions) SetAcceptLanguage(acceptLanguage string) *CreateRoleOptions

SetAcceptLanguage : Allow user to set AcceptLanguage

func (*CreateRoleOptions) SetAccountID

func (_options *CreateRoleOptions) SetAccountID(accountID string) *CreateRoleOptions

SetAccountID : Allow user to set AccountID

func (*CreateRoleOptions) SetActions

func (_options *CreateRoleOptions) SetActions(actions []string) *CreateRoleOptions

SetActions : Allow user to set Actions

func (*CreateRoleOptions) SetDescription

func (_options *CreateRoleOptions) SetDescription(description string) *CreateRoleOptions

SetDescription : Allow user to set Description

func (*CreateRoleOptions) SetDisplayName

func (_options *CreateRoleOptions) SetDisplayName(displayName string) *CreateRoleOptions

SetDisplayName : Allow user to set DisplayName

func (*CreateRoleOptions) SetHeaders

func (options *CreateRoleOptions) SetHeaders(param map[string]string) *CreateRoleOptions

SetHeaders : Allow user to set Headers

func (*CreateRoleOptions) SetName

func (_options *CreateRoleOptions) SetName(name string) *CreateRoleOptions

SetName : Allow user to set Name

func (*CreateRoleOptions) SetServiceName

func (_options *CreateRoleOptions) SetServiceName(serviceName string) *CreateRoleOptions

SetServiceName : Allow user to set ServiceName

type CreateV2PolicyOptions added in v0.31.4

type CreateV2PolicyOptions struct {
	// Specifies the type of access granted by the policy.
	Control *Control `json:"control" validate:"required"`

	// The policy type; either 'access' or 'authorization'.
	Type *string `json:"type" validate:"required"`

	// Allows the customer to use their own words to record the purpose/context related to a policy.
	Description *string `json:"description,omitempty"`

	// The subject attributes for whom the policy grants access.
	Subject *V2PolicySubject `json:"subject,omitempty"`

	// The resource attributes to which the policy grants access.
	Resource *V2PolicyResource `json:"resource,omitempty"`

	// Indicates pattern of rule, either 'time-based-conditions:once', 'time-based-conditions:weekly:all-day', or
	// 'time-based-conditions:weekly:custom-hours'.
	Pattern *string `json:"pattern,omitempty"`

	// Additional access conditions associated with the policy.
	Rule V2PolicyRuleIntf `json:"rule,omitempty"`

	// Language code for translations
	// * `default` - English
	// * `de` -  German (Standard)
	// * `en` - English
	// * `es` - Spanish (Spain)
	// * `fr` - French (Standard)
	// * `it` - Italian (Standard)
	// * `ja` - Japanese
	// * `ko` - Korean
	// * `pt-br` - Portuguese (Brazil)
	// * `zh-cn` - Chinese (Simplified, PRC)
	// * `zh-tw` - (Chinese, Taiwan).
	AcceptLanguage *string `json:"Accept-Language,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

CreateV2PolicyOptions : The CreateV2Policy options.

func (*CreateV2PolicyOptions) SetAcceptLanguage added in v0.31.4

func (_options *CreateV2PolicyOptions) SetAcceptLanguage(acceptLanguage string) *CreateV2PolicyOptions

SetAcceptLanguage : Allow user to set AcceptLanguage

func (*CreateV2PolicyOptions) SetControl added in v0.31.4

func (_options *CreateV2PolicyOptions) SetControl(control *Control) *CreateV2PolicyOptions

SetControl : Allow user to set Control

func (*CreateV2PolicyOptions) SetDescription added in v0.31.4

func (_options *CreateV2PolicyOptions) SetDescription(description string) *CreateV2PolicyOptions

SetDescription : Allow user to set Description

func (*CreateV2PolicyOptions) SetHeaders added in v0.31.4

func (options *CreateV2PolicyOptions) SetHeaders(param map[string]string) *CreateV2PolicyOptions

SetHeaders : Allow user to set Headers

func (*CreateV2PolicyOptions) SetPattern added in v0.31.4

func (_options *CreateV2PolicyOptions) SetPattern(pattern string) *CreateV2PolicyOptions

SetPattern : Allow user to set Pattern

func (*CreateV2PolicyOptions) SetResource added in v0.31.4

func (_options *CreateV2PolicyOptions) SetResource(resource *V2PolicyResource) *CreateV2PolicyOptions

SetResource : Allow user to set Resource

func (*CreateV2PolicyOptions) SetRule added in v0.31.4

SetRule : Allow user to set Rule

func (*CreateV2PolicyOptions) SetSubject added in v0.31.4

func (_options *CreateV2PolicyOptions) SetSubject(subject *V2PolicySubject) *CreateV2PolicyOptions

SetSubject : Allow user to set Subject

func (*CreateV2PolicyOptions) SetType added in v0.31.4

func (_options *CreateV2PolicyOptions) SetType(typeVar string) *CreateV2PolicyOptions

SetType : Allow user to set Type

type CustomRole

type CustomRole struct {
	// The role ID. Composed of hexadecimal characters.
	ID *string `json:"id,omitempty"`

	// The display name of the role that is shown in the console.
	DisplayName *string `json:"display_name" validate:"required"`

	// The description of the role.
	Description *string `json:"description,omitempty"`

	// The actions of the role. For more information, see [IAM roles and
	// actions](https://cloud.ibm.com/docs/account?topic=account-iam-service-roles-actions).
	Actions []string `json:"actions" validate:"required"`

	// The role Cloud Resource Name (CRN). Example CRN:
	// 'crn:v1:ibmcloud:public:iam-access-management::a/exampleAccountId::customRole:ExampleRoleName'.
	CRN *string `json:"crn,omitempty"`

	// The name of the role that is used in the CRN. Can only be alphanumeric and has to be capitalized.
	Name *string `json:"name" validate:"required"`

	// The account GUID.
	AccountID *string `json:"account_id" validate:"required"`

	// The service name.
	ServiceName *string `json:"service_name" validate:"required"`

	// The UTC timestamp when the role was created.
	CreatedAt *strfmt.DateTime `json:"created_at,omitempty"`

	// The iam ID of the entity that created the role.
	CreatedByID *string `json:"created_by_id,omitempty"`

	// The UTC timestamp when the role was last modified.
	LastModifiedAt *strfmt.DateTime `json:"last_modified_at,omitempty"`

	// The iam ID of the entity that last modified the policy.
	LastModifiedByID *string `json:"last_modified_by_id,omitempty"`

	// The href link back to the role.
	Href *string `json:"href,omitempty"`
}

CustomRole : An additional set of properties associated with a role.

type DeletePolicyOptions

type DeletePolicyOptions struct {
	// The policy ID.
	PolicyID *string `json:"policy_id" validate:"required,ne="`

	// Allows users to set headers on API requests
	Headers map[string]string
}

DeletePolicyOptions : The DeletePolicy options.

func (*DeletePolicyOptions) SetHeaders

func (options *DeletePolicyOptions) SetHeaders(param map[string]string) *DeletePolicyOptions

SetHeaders : Allow user to set Headers

func (*DeletePolicyOptions) SetPolicyID

func (_options *DeletePolicyOptions) SetPolicyID(policyID string) *DeletePolicyOptions

SetPolicyID : Allow user to set PolicyID

type DeleteRoleOptions

type DeleteRoleOptions struct {
	// The role ID.
	RoleID *string `json:"role_id" validate:"required,ne="`

	// Allows users to set headers on API requests
	Headers map[string]string
}

DeleteRoleOptions : The DeleteRole options.

func (*DeleteRoleOptions) SetHeaders

func (options *DeleteRoleOptions) SetHeaders(param map[string]string) *DeleteRoleOptions

SetHeaders : Allow user to set Headers

func (*DeleteRoleOptions) SetRoleID

func (_options *DeleteRoleOptions) SetRoleID(roleID string) *DeleteRoleOptions

SetRoleID : Allow user to set RoleID

type DeleteV2PolicyOptions added in v0.31.4

type DeleteV2PolicyOptions struct {
	// The policy ID.
	ID *string `json:"id" validate:"required,ne="`

	// Allows users to set headers on API requests
	Headers map[string]string
}

DeleteV2PolicyOptions : The DeleteV2Policy options.

func (*DeleteV2PolicyOptions) SetHeaders added in v0.31.4

func (options *DeleteV2PolicyOptions) SetHeaders(param map[string]string) *DeleteV2PolicyOptions

SetHeaders : Allow user to set Headers

func (*DeleteV2PolicyOptions) SetID added in v0.31.4

func (_options *DeleteV2PolicyOptions) SetID(id string) *DeleteV2PolicyOptions

SetID : Allow user to set ID

type EnrichedRoles added in v0.31.5

type EnrichedRoles struct {
	// The role Cloud Resource Name (CRN) granted by the policy. Example CRN: 'crn:v1:bluemix:public:iam::::role:Editor'.
	RoleID *string `json:"role_id" validate:"required"`

	// The service defined (or user defined if a custom role) display name of the role.
	DisplayName *string `json:"display_name,omitempty"`

	// The service defined (or user defined if a custom role) description of the role.
	Description *string `json:"description,omitempty"`

	// The actions of the role. For more information, see [IAM roles and
	// actions](https://cloud.ibm.com/docs/account?topic=account-iam-service-roles-actions).
	Actions []RoleAction `json:"actions" validate:"required"`
}

EnrichedRoles : A role associated with a policy with additional information (display_name, description, actions) when `format=display`.

type GetPolicyOptions

type GetPolicyOptions struct {
	// The policy ID.
	PolicyID *string `json:"policy_id" validate:"required,ne="`

	// Allows users to set headers on API requests
	Headers map[string]string
}

GetPolicyOptions : The GetPolicy options.

func (*GetPolicyOptions) SetHeaders

func (options *GetPolicyOptions) SetHeaders(param map[string]string) *GetPolicyOptions

SetHeaders : Allow user to set Headers

func (*GetPolicyOptions) SetPolicyID

func (_options *GetPolicyOptions) SetPolicyID(policyID string) *GetPolicyOptions

SetPolicyID : Allow user to set PolicyID

type GetRoleOptions

type GetRoleOptions struct {
	// The role ID.
	RoleID *string `json:"role_id" validate:"required,ne="`

	// Allows users to set headers on API requests
	Headers map[string]string
}

GetRoleOptions : The GetRole options.

func (*GetRoleOptions) SetHeaders

func (options *GetRoleOptions) SetHeaders(param map[string]string) *GetRoleOptions

SetHeaders : Allow user to set Headers

func (*GetRoleOptions) SetRoleID

func (_options *GetRoleOptions) SetRoleID(roleID string) *GetRoleOptions

SetRoleID : Allow user to set RoleID

type GetV2PolicyOptions added in v0.31.4

type GetV2PolicyOptions struct {
	// The policy ID.
	ID *string `json:"id" validate:"required,ne="`

	// Include additional data for policy returned
	// * `include_last_permit` - returns details of when the policy last granted a permit decision and the number of times
	// it has done so
	// * `display` - returns the list of all actions included in each of the policy roles and translations for all relevant
	// fields.
	Format *string `json:"format,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

GetV2PolicyOptions : The GetV2Policy options.

func (*GetV2PolicyOptions) SetFormat added in v0.31.5

func (_options *GetV2PolicyOptions) SetFormat(format string) *GetV2PolicyOptions

SetFormat : Allow user to set Format

func (*GetV2PolicyOptions) SetHeaders added in v0.31.4

func (options *GetV2PolicyOptions) SetHeaders(param map[string]string) *GetV2PolicyOptions

SetHeaders : Allow user to set Headers

func (*GetV2PolicyOptions) SetID added in v0.31.4

func (_options *GetV2PolicyOptions) SetID(id string) *GetV2PolicyOptions

SetID : Allow user to set ID

type Grant added in v0.31.5

type Grant struct {
	// A set of role cloud resource names (CRNs) granted by the policy.
	Roles []Roles `json:"roles" validate:"required"`
}

Grant : Permission granted by the policy.

type GrantWithEnrichedRoles added in v0.31.5

type GrantWithEnrichedRoles struct {
	// A set of roles granted by the policy.
	Roles []EnrichedRoles `json:"roles" validate:"required"`
}

GrantWithEnrichedRoles : Permission granted by the policy with translated roles and additional role information.

type IamPolicyManagementV1

type IamPolicyManagementV1 struct {
	Service *core.BaseService
}

IamPolicyManagementV1 : IAM Policy Management API

API Version: 1.0.1

func NewIamPolicyManagementV1

func NewIamPolicyManagementV1(options *IamPolicyManagementV1Options) (service *IamPolicyManagementV1, err error)

NewIamPolicyManagementV1 : constructs an instance of IamPolicyManagementV1 with passed in options.

func NewIamPolicyManagementV1UsingExternalConfig

func NewIamPolicyManagementV1UsingExternalConfig(options *IamPolicyManagementV1Options) (iamPolicyManagement *IamPolicyManagementV1, err error)

NewIamPolicyManagementV1UsingExternalConfig : constructs an instance of IamPolicyManagementV1 with passed in options and external configuration.

func (*IamPolicyManagementV1) Clone added in v0.17.2

func (iamPolicyManagement *IamPolicyManagementV1) Clone() *IamPolicyManagementV1

Clone makes a copy of "iamPolicyManagement" suitable for processing requests.

func (*IamPolicyManagementV1) CreatePolicy

func (iamPolicyManagement *IamPolicyManagementV1) CreatePolicy(createPolicyOptions *CreatePolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

CreatePolicy : Create a policy Creates a policy to grant access between a subject and a resource. There are two types of policies: **access** and **authorization**. A policy administrator might want to create an access policy which grants access to a user, service-id, or an access group. They might also want to create an authorization policy and setup access between services.

### Access

To create an access policy, use **`"type": "access"`** in the body. The possible subject attributes are **`iam_id`** and **`access_group_id`**. Use the **`iam_id`** subject attribute for assigning access for a user or service-id. Use the **`access_group_id`** subject attribute for assigning access for an access group. Assign roles that are supported by the service or platform roles. For more information, see [IAM roles and actions](/docs/account?topic=account-iam-service-roles-actions). Use only the resource attributes supported by the service. To view a service's or the platform's supported attributes, check the [documentation](/docs?tab=all-docs). The policy resource must include either the **`serviceType`**, **`serviceName`**, **`resourceGroupId`** or **`service_group_id`** attribute and the **`accountId`** attribute. The IAM Services group (`IAM`) is a subset of account management services that includes the IAM platform services IAM Identity, IAM Access Management, IAM Users Management, IAM Groups, and future IAM services. If the subject is a locked service-id, the request will fail.

### Authorization

Authorization policies are supported by services on a case by case basis. Refer to service documentation to verify their support of authorization policies. To create an authorization policy, use **`"type": "authorization"`** in the body. The subject attributes must match the supported authorization subjects of the resource. Multiple subject attributes might be provided. The following attributes are supported:

serviceName, serviceInstance, region, resourceType, resource, accountId Assign roles that are supported by the

service or platform roles. For more information, see [IAM roles and actions](/docs/account?topic=account-iam-service-roles-actions). The user must also have the same level of access or greater to the target resource in order to grant the role. Use only the resource attributes supported by the service. To view a service's or the platform's supported attributes, check the [documentation](/docs?tab=all-docs). Both the policy subject and the policy resource must include the **`serviceName`** and **`accountId`** attributes.

### Attribute Operators

Currently, only the `stringEquals` and the `stringMatch` operators are available. Resource attributes may support one or both operators. For more information, see [Assigning access by using wildcard policies](https://cloud.ibm.com/docs/account?topic=account-wildcard).

### Attribute Validations

Policy attribute values must be between 1 and 1,000 characters in length. If location related attributes like geography, country, metro, region, satellite, and locationvalues are supported by the service, they are validated against Global Catalog locations.

func (*IamPolicyManagementV1) CreatePolicyWithContext added in v0.12.2

func (iamPolicyManagement *IamPolicyManagementV1) CreatePolicyWithContext(ctx context.Context, createPolicyOptions *CreatePolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

CreatePolicyWithContext is an alternate form of the CreatePolicy method which supports a Context parameter

func (*IamPolicyManagementV1) CreateRole

func (iamPolicyManagement *IamPolicyManagementV1) CreateRole(createRoleOptions *CreateRoleOptions) (result *CustomRole, response *core.DetailedResponse, err error)

CreateRole : Create a role Creates a custom role for a specific service within the account. An account owner or a user assigned the Administrator role on the Role management service can create a custom role. Any number of actions for a single service can be mapped to the new role, but there must be at least one service-defined action to successfully create the new role.

func (*IamPolicyManagementV1) CreateRoleWithContext added in v0.12.2

func (iamPolicyManagement *IamPolicyManagementV1) CreateRoleWithContext(ctx context.Context, createRoleOptions *CreateRoleOptions) (result *CustomRole, response *core.DetailedResponse, err error)

CreateRoleWithContext is an alternate form of the CreateRole method which supports a Context parameter

func (*IamPolicyManagementV1) CreateV2Policy added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) CreateV2Policy(createV2PolicyOptions *CreateV2PolicyOptions) (result *V2Policy, response *core.DetailedResponse, err error)

CreateV2Policy : Create a policy Creates a policy to grant access between a subject and a resource. Currently, there is one type of a v2/policy: **access**. A policy administrator might want to create an access policy that grants access to a user, service-id, or an access group.

### Access

To create an access policy, use **`"type": "access"`** in the body. The supported subject attributes are **`iam_id`** and **`access_group_id`**. Use the **`iam_id`** subject attribute to assign access to a user or service-id. Use the **`access_group_id`** subject attribute to assign access to an access group. Assign roles that are supported by the service or platform roles. For more information, see [IAM roles and actions](/docs/account?topic=account-iam-service-roles-actions). Use only the resource attributes supported by the service. To view a service's or the platform's supported attributes, check the [documentation](/docs?tab=all-docs). The policy resource must include either the **`serviceType`**, **`serviceName`**, **`resourceGroupId`** or **`service_group_id`** attribute and the **`accountId`** attribute. In the rule field, you can specify a single condition by using **`key`**, **`value`**, and condition **`operator`**, or a set of **`conditions`** with a combination **`operator`**. The possible combination operators are **`and`** and **`or`**. Combine conditions to specify a time-based restriction (e.g., access only during business hours, during the Monday-Friday work week). For example, a policy can grant access Monday-Friday, 9:00am-5:00pm using the following rule: ```json

"rule": {
  "operator": "and",
  "conditions": [{
    "key": "{{environment.attributes.day_of_week}}",
    "operator": "dayOfWeekAnyOf",
    "value": ["1+00:00", "2+00:00", "3+00:00", "4+00:00", "5+00:00"]
  },
    "key": "{{environment.attributes.current_time}}",
    "operator": "timeGreaterThanOrEquals",
    "value": "09:00:00+00:00"
  },
    "key": "{{environment.attributes.current_time}}",
    "operator": "timeLessThanOrEquals",
    "value": "17:00:00+00:00"
  }]
}

``` You can use the following operators in the **`key`** and **`value`** pair: ```

'timeLessThan', 'timeLessThanOrEquals', 'timeGreaterThan', 'timeGreaterThanOrEquals',
'dateTimeLessThan', 'dateTimeLessThanOrEquals', 'dateTimeGreaterThan', 'dateTimeGreaterThanOrEquals',
'dayOfWeekEquals', 'dayOfWeekAnyOf',

```

The pattern field that matches the rule is required when rule is provided. For the business hour rule example above, the **`pattern`** is **`"time-based-conditions:weekly"`**. For more information, see [Time-based conditions operators](https://cloud.ibm.com/docs/account?topic=account-iam-condition-properties&interface=ui#policy-condition-properties) and [Limiting access with time-based conditions](https://cloud.ibm.com/docs/account?topic=account-iam-time-based&interface=ui). If the subject is a locked service-id, the request will fail.

### Attribute Operators

Currently, only the `stringEquals`, `stringMatch`, and `stringEquals` operators are available. For more information, see [Assigning access by using wildcard policies](https://cloud.ibm.com/docs/account?topic=account-wildcard).

### Attribute Validations

Policy attribute values must be between 1 and 1,000 characters in length. If location related attributes like geography, country, metro, region, satellite, and locationvalues are supported by the service, they are validated against Global Catalog locations.

func (*IamPolicyManagementV1) CreateV2PolicyWithContext added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) CreateV2PolicyWithContext(ctx context.Context, createV2PolicyOptions *CreateV2PolicyOptions) (result *V2Policy, response *core.DetailedResponse, err error)

CreateV2PolicyWithContext is an alternate form of the CreateV2Policy method which supports a Context parameter

func (*IamPolicyManagementV1) DeletePolicy

func (iamPolicyManagement *IamPolicyManagementV1) DeletePolicy(deletePolicyOptions *DeletePolicyOptions) (response *core.DetailedResponse, err error)

DeletePolicy : Delete a policy by ID Delete a policy by providing a policy ID. A policy cannot be deleted if the subject ID contains a locked service ID. If the subject of the policy is a locked service-id, the request will fail.

func (*IamPolicyManagementV1) DeletePolicyWithContext added in v0.12.2

func (iamPolicyManagement *IamPolicyManagementV1) DeletePolicyWithContext(ctx context.Context, deletePolicyOptions *DeletePolicyOptions) (response *core.DetailedResponse, err error)

DeletePolicyWithContext is an alternate form of the DeletePolicy method which supports a Context parameter

func (*IamPolicyManagementV1) DeleteRole

func (iamPolicyManagement *IamPolicyManagementV1) DeleteRole(deleteRoleOptions *DeleteRoleOptions) (response *core.DetailedResponse, err error)

DeleteRole : Delete a role by ID Delete a role by providing a role ID.

func (*IamPolicyManagementV1) DeleteRoleWithContext added in v0.12.2

func (iamPolicyManagement *IamPolicyManagementV1) DeleteRoleWithContext(ctx context.Context, deleteRoleOptions *DeleteRoleOptions) (response *core.DetailedResponse, err error)

DeleteRoleWithContext is an alternate form of the DeleteRole method which supports a Context parameter

func (*IamPolicyManagementV1) DeleteV2Policy added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) DeleteV2Policy(deleteV2PolicyOptions *DeleteV2PolicyOptions) (response *core.DetailedResponse, err error)

DeleteV2Policy : Delete a policy by ID Delete a policy by providing a policy ID. A policy cannot be deleted if the subject ID contains a locked service ID. If the subject of the policy is a locked service-id, the request will fail.

func (*IamPolicyManagementV1) DeleteV2PolicyWithContext added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) DeleteV2PolicyWithContext(ctx context.Context, deleteV2PolicyOptions *DeleteV2PolicyOptions) (response *core.DetailedResponse, err error)

DeleteV2PolicyWithContext is an alternate form of the DeleteV2Policy method which supports a Context parameter

func (*IamPolicyManagementV1) DisableRetries added in v0.12.2

func (iamPolicyManagement *IamPolicyManagementV1) DisableRetries()

DisableRetries disables automatic retries for requests invoked for this service instance.

func (*IamPolicyManagementV1) EnableRetries added in v0.12.2

func (iamPolicyManagement *IamPolicyManagementV1) EnableRetries(maxRetries int, maxRetryInterval time.Duration)

EnableRetries enables automatic retries for requests invoked for this service instance. If either parameter is specified as 0, then a default value is used instead.

func (*IamPolicyManagementV1) GetEnableGzipCompression added in v0.12.2

func (iamPolicyManagement *IamPolicyManagementV1) GetEnableGzipCompression() bool

GetEnableGzipCompression returns the service's EnableGzipCompression field

func (*IamPolicyManagementV1) GetPolicy

func (iamPolicyManagement *IamPolicyManagementV1) GetPolicy(getPolicyOptions *GetPolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

GetPolicy : Retrieve a policy by ID Retrieve a policy by providing a policy ID.

func (*IamPolicyManagementV1) GetPolicyWithContext added in v0.12.2

func (iamPolicyManagement *IamPolicyManagementV1) GetPolicyWithContext(ctx context.Context, getPolicyOptions *GetPolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

GetPolicyWithContext is an alternate form of the GetPolicy method which supports a Context parameter

func (*IamPolicyManagementV1) GetRole

func (iamPolicyManagement *IamPolicyManagementV1) GetRole(getRoleOptions *GetRoleOptions) (result *CustomRole, response *core.DetailedResponse, err error)

GetRole : Retrieve a role by ID Retrieve a role by providing a role ID.

func (*IamPolicyManagementV1) GetRoleWithContext added in v0.12.2

func (iamPolicyManagement *IamPolicyManagementV1) GetRoleWithContext(ctx context.Context, getRoleOptions *GetRoleOptions) (result *CustomRole, response *core.DetailedResponse, err error)

GetRoleWithContext is an alternate form of the GetRole method which supports a Context parameter

func (*IamPolicyManagementV1) GetServiceURL added in v0.12.2

func (iamPolicyManagement *IamPolicyManagementV1) GetServiceURL() string

GetServiceURL returns the service URL

func (*IamPolicyManagementV1) GetV2Policy added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) GetV2Policy(getV2PolicyOptions *GetV2PolicyOptions) (result *V2Policy, response *core.DetailedResponse, err error)

GetV2Policy : Retrieve a policy by ID Retrieve a policy by providing a policy ID.

func (*IamPolicyManagementV1) GetV2PolicyWithContext added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) GetV2PolicyWithContext(ctx context.Context, getV2PolicyOptions *GetV2PolicyOptions) (result *V2Policy, response *core.DetailedResponse, err error)

GetV2PolicyWithContext is an alternate form of the GetV2Policy method which supports a Context parameter

func (*IamPolicyManagementV1) ListPolicies

func (iamPolicyManagement *IamPolicyManagementV1) ListPolicies(listPoliciesOptions *ListPoliciesOptions) (result *PolicyList, response *core.DetailedResponse, err error)

ListPolicies : Get policies by attributes Get policies and filter by attributes. While managing policies, you might want to retrieve policies in the account and filter by attribute values. This can be done through query parameters. The following attributes are supported: account_id, iam_id, access_group_id, type, service_type, sort, format and state. account_id is a required query parameter. Only policies that have the specified attributes and that the caller has read access to are returned. If the caller does not have read access to any policies an empty array is returned.

func (*IamPolicyManagementV1) ListPoliciesWithContext added in v0.12.2

func (iamPolicyManagement *IamPolicyManagementV1) ListPoliciesWithContext(ctx context.Context, listPoliciesOptions *ListPoliciesOptions) (result *PolicyList, response *core.DetailedResponse, err error)

ListPoliciesWithContext is an alternate form of the ListPolicies method which supports a Context parameter

func (*IamPolicyManagementV1) ListRoles

func (iamPolicyManagement *IamPolicyManagementV1) ListRoles(listRolesOptions *ListRolesOptions) (result *RoleList, response *core.DetailedResponse, err error)

ListRoles : Get roles by filters Get roles based on the filters. While managing roles, you may want to retrieve roles and filter by usages. This can be done through query parameters. Currently, we only support the following attributes: account_id, service_name, source_service_name and policy_type. Only roles that match the filter and that the caller has read access to are returned. If the caller does not have read access to any roles an empty array is returned.

func (*IamPolicyManagementV1) ListRolesWithContext added in v0.12.2

func (iamPolicyManagement *IamPolicyManagementV1) ListRolesWithContext(ctx context.Context, listRolesOptions *ListRolesOptions) (result *RoleList, response *core.DetailedResponse, err error)

ListRolesWithContext is an alternate form of the ListRoles method which supports a Context parameter

func (*IamPolicyManagementV1) ListV2Policies added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) ListV2Policies(listV2PoliciesOptions *ListV2PoliciesOptions) (result *V2PolicyCollection, response *core.DetailedResponse, err error)

ListV2Policies : Get policies by attributes Get policies and filter by attributes. While managing policies, you might want to retrieve policies in the account and filter by attribute values. This can be done through query parameters. The following attributes are supported: account_id, iam_id, access_group_id, type, service_type, sort, format and state. account_id is a required query parameter. Only policies that have the specified attributes and that the caller has read access to are returned. If the caller does not have read access to any policies an empty array is returned.

func (*IamPolicyManagementV1) ListV2PoliciesWithContext added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) ListV2PoliciesWithContext(ctx context.Context, listV2PoliciesOptions *ListV2PoliciesOptions) (result *V2PolicyCollection, response *core.DetailedResponse, err error)

ListV2PoliciesWithContext is an alternate form of the ListV2Policies method which supports a Context parameter

func (*IamPolicyManagementV1) NewControl added in v0.31.4

func (*IamPolicyManagementV1) NewControl(grant *Grant) (_model *Control, err error)

NewControl : Instantiate Control (Generic Model Constructor)

func (*IamPolicyManagementV1) NewCreatePolicyOptions

func (*IamPolicyManagementV1) NewCreatePolicyOptions(typeVar string, subjects []PolicySubject, roles []PolicyRole, resources []PolicyResource) *CreatePolicyOptions

NewCreatePolicyOptions : Instantiate CreatePolicyOptions

func (*IamPolicyManagementV1) NewCreateRoleOptions

func (*IamPolicyManagementV1) NewCreateRoleOptions(displayName string, actions []string, name string, accountID string, serviceName string) *CreateRoleOptions

NewCreateRoleOptions : Instantiate CreateRoleOptions

func (*IamPolicyManagementV1) NewCreateV2PolicyOptions added in v0.31.4

func (*IamPolicyManagementV1) NewCreateV2PolicyOptions(control *Control, typeVar string) *CreateV2PolicyOptions

NewCreateV2PolicyOptions : Instantiate CreateV2PolicyOptions

func (*IamPolicyManagementV1) NewDeletePolicyOptions

func (*IamPolicyManagementV1) NewDeletePolicyOptions(policyID string) *DeletePolicyOptions

NewDeletePolicyOptions : Instantiate DeletePolicyOptions

func (*IamPolicyManagementV1) NewDeleteRoleOptions

func (*IamPolicyManagementV1) NewDeleteRoleOptions(roleID string) *DeleteRoleOptions

NewDeleteRoleOptions : Instantiate DeleteRoleOptions

func (*IamPolicyManagementV1) NewDeleteV2PolicyOptions added in v0.31.4

func (*IamPolicyManagementV1) NewDeleteV2PolicyOptions(id string) *DeleteV2PolicyOptions

NewDeleteV2PolicyOptions : Instantiate DeleteV2PolicyOptions

func (*IamPolicyManagementV1) NewGetPolicyOptions

func (*IamPolicyManagementV1) NewGetPolicyOptions(policyID string) *GetPolicyOptions

NewGetPolicyOptions : Instantiate GetPolicyOptions

func (*IamPolicyManagementV1) NewGetRoleOptions

func (*IamPolicyManagementV1) NewGetRoleOptions(roleID string) *GetRoleOptions

NewGetRoleOptions : Instantiate GetRoleOptions

func (*IamPolicyManagementV1) NewGetV2PolicyOptions added in v0.31.4

func (*IamPolicyManagementV1) NewGetV2PolicyOptions(id string) *GetV2PolicyOptions

NewGetV2PolicyOptions : Instantiate GetV2PolicyOptions

func (*IamPolicyManagementV1) NewGrant added in v0.31.5

func (*IamPolicyManagementV1) NewGrant(roles []Roles) (_model *Grant, err error)

NewGrant : Instantiate Grant (Generic Model Constructor)

func (*IamPolicyManagementV1) NewListPoliciesOptions

func (*IamPolicyManagementV1) NewListPoliciesOptions(accountID string) *ListPoliciesOptions

NewListPoliciesOptions : Instantiate ListPoliciesOptions

func (*IamPolicyManagementV1) NewListRolesOptions

func (*IamPolicyManagementV1) NewListRolesOptions() *ListRolesOptions

NewListRolesOptions : Instantiate ListRolesOptions

func (*IamPolicyManagementV1) NewListV2PoliciesOptions added in v0.31.4

func (*IamPolicyManagementV1) NewListV2PoliciesOptions(accountID string) *ListV2PoliciesOptions

NewListV2PoliciesOptions : Instantiate ListV2PoliciesOptions

func (*IamPolicyManagementV1) NewPolicyRole

func (*IamPolicyManagementV1) NewPolicyRole(roleID string) (_model *PolicyRole, err error)

NewPolicyRole : Instantiate PolicyRole (Generic Model Constructor)

func (*IamPolicyManagementV1) NewReplacePolicyOptions added in v0.31.4

func (*IamPolicyManagementV1) NewReplacePolicyOptions(policyID string, ifMatch string, typeVar string, subjects []PolicySubject, roles []PolicyRole, resources []PolicyResource) *ReplacePolicyOptions

NewReplacePolicyOptions : Instantiate ReplacePolicyOptions

func (*IamPolicyManagementV1) NewReplaceRoleOptions added in v0.31.4

func (*IamPolicyManagementV1) NewReplaceRoleOptions(roleID string, ifMatch string, displayName string, actions []string) *ReplaceRoleOptions

NewReplaceRoleOptions : Instantiate ReplaceRoleOptions

func (*IamPolicyManagementV1) NewReplaceV2PolicyOptions added in v0.31.4

func (*IamPolicyManagementV1) NewReplaceV2PolicyOptions(id string, ifMatch string, control *Control, typeVar string) *ReplaceV2PolicyOptions

NewReplaceV2PolicyOptions : Instantiate ReplaceV2PolicyOptions

func (*IamPolicyManagementV1) NewResourceAttribute

func (*IamPolicyManagementV1) NewResourceAttribute(name string, value string) (_model *ResourceAttribute, err error)

NewResourceAttribute : Instantiate ResourceAttribute (Generic Model Constructor)

func (*IamPolicyManagementV1) NewResourceTag added in v0.17.15

func (*IamPolicyManagementV1) NewResourceTag(name string, value string) (_model *ResourceTag, err error)

NewResourceTag : Instantiate ResourceTag (Generic Model Constructor)

func (*IamPolicyManagementV1) NewRole added in v0.31.4

func (*IamPolicyManagementV1) NewRole(displayName string, actions []string) (_model *Role, err error)

NewRole : Instantiate Role (Generic Model Constructor)

func (*IamPolicyManagementV1) NewRoles added in v0.31.5

func (*IamPolicyManagementV1) NewRoles(roleID string) (_model *Roles, err error)

NewRoles : Instantiate Roles (Generic Model Constructor)

func (*IamPolicyManagementV1) NewRuleAttribute added in v0.31.4

func (*IamPolicyManagementV1) NewRuleAttribute(key string, operator string, value interface{}) (_model *RuleAttribute, err error)

NewRuleAttribute : Instantiate RuleAttribute (Generic Model Constructor)

func (*IamPolicyManagementV1) NewSubjectAttribute

func (*IamPolicyManagementV1) NewSubjectAttribute(name string, value string) (_model *SubjectAttribute, err error)

NewSubjectAttribute : Instantiate SubjectAttribute (Generic Model Constructor)

func (*IamPolicyManagementV1) NewUpdatePolicyStateOptions added in v0.31.4

func (*IamPolicyManagementV1) NewUpdatePolicyStateOptions(policyID string, ifMatch string) *UpdatePolicyStateOptions

NewUpdatePolicyStateOptions : Instantiate UpdatePolicyStateOptions

func (*IamPolicyManagementV1) NewV2PolicyResource added in v0.31.4

func (*IamPolicyManagementV1) NewV2PolicyResource(attributes []V2PolicyResourceAttribute) (_model *V2PolicyResource, err error)

NewV2PolicyResource : Instantiate V2PolicyResource (Generic Model Constructor)

func (*IamPolicyManagementV1) NewV2PolicyResourceAttribute added in v0.31.4

func (*IamPolicyManagementV1) NewV2PolicyResourceAttribute(key string, operator string, value interface{}) (_model *V2PolicyResourceAttribute, err error)

NewV2PolicyResourceAttribute : Instantiate V2PolicyResourceAttribute (Generic Model Constructor)

func (*IamPolicyManagementV1) NewV2PolicyResourceTag added in v0.31.4

func (*IamPolicyManagementV1) NewV2PolicyResourceTag(key string, value string, operator string) (_model *V2PolicyResourceTag, err error)

NewV2PolicyResourceTag : Instantiate V2PolicyResourceTag (Generic Model Constructor)

func (*IamPolicyManagementV1) NewV2PolicyRuleRuleAttribute added in v0.31.4

func (*IamPolicyManagementV1) NewV2PolicyRuleRuleAttribute(key string, operator string, value interface{}) (_model *V2PolicyRuleRuleAttribute, err error)

NewV2PolicyRuleRuleAttribute : Instantiate V2PolicyRuleRuleAttribute (Generic Model Constructor)

func (*IamPolicyManagementV1) NewV2PolicyRuleRuleWithConditions added in v0.31.4

func (*IamPolicyManagementV1) NewV2PolicyRuleRuleWithConditions(operator string, conditions []RuleAttribute) (_model *V2PolicyRuleRuleWithConditions, err error)

NewV2PolicyRuleRuleWithConditions : Instantiate V2PolicyRuleRuleWithConditions (Generic Model Constructor)

func (*IamPolicyManagementV1) NewV2PolicySubject added in v0.31.4

func (*IamPolicyManagementV1) NewV2PolicySubject(attributes []V2PolicySubjectAttribute) (_model *V2PolicySubject, err error)

NewV2PolicySubject : Instantiate V2PolicySubject (Generic Model Constructor)

func (*IamPolicyManagementV1) NewV2PolicySubjectAttribute added in v0.31.4

func (*IamPolicyManagementV1) NewV2PolicySubjectAttribute(key string, operator string, value string) (_model *V2PolicySubjectAttribute, err error)

NewV2PolicySubjectAttribute : Instantiate V2PolicySubjectAttribute (Generic Model Constructor)

func (*IamPolicyManagementV1) ReplacePolicy added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) ReplacePolicy(replacePolicyOptions *ReplacePolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

ReplacePolicy : Update a policy Update a policy to grant access between a subject and a resource. A policy administrator might want to update an existing policy. The policy type cannot be changed (You cannot change an access policy to an authorization policy).

### Access

To update an access policy, use **`"type": "access"`** in the body. The possible subject attributes are **`iam_id`** and **`access_group_id`**. Use the **`iam_id`** subject attribute for assigning access for a user or service-id. Use the **`access_group_id`** subject attribute for assigning access for an access group. Assign roles that are supported by the service or platform roles. For more information, see [IAM roles and actions](/docs/account?topic=account-iam-service-roles-actions). Use only the resource attributes supported by the service. To view a service's or the platform's supported attributes, check the [documentation](/docs?tab=all-docs). The policy resource must include either the **`serviceType`**, **`serviceName`**, or **`resourceGroupId`** attribute and the **`accountId`** attribute.` If the subject is a locked service-id, the request will fail.

### Authorization

To update an authorization policy, use **`"type": "authorization"`** in the body. The subject attributes must match the supported authorization subjects of the resource. Multiple subject attributes might be provided. The following attributes are supported:

serviceName, serviceInstance, region, resourceType, resource, accountId Assign roles that are supported by the

service or platform roles. For more information, see [IAM roles and actions](/docs/account?topic=account-iam-service-roles-actions). The user must also have the same level of access or greater to the target resource in order to grant the role. Use only the resource attributes supported by the service. To view a service's or the platform's supported attributes, check the [documentation](/docs?tab=all-docs). Both the policy subject and the policy resource must include the **`serviceName`** and **`accountId`** attributes.

### Attribute Operators

Currently, only the `stringEquals` and the `stringMatch` operators are available. Resource attributes might support one or both operators. For more information, see [Assigning access by using wildcard policies](https://cloud.ibm.com/docs/account?topic=account-wildcard).

### Attribute Validations

Policy attribute values must be between 1 and 1,000 characters in length. If location related attributes like geography, country, metro, region, satellite, and locationvalues are supported by the service, they are validated against Global Catalog locations.

func (*IamPolicyManagementV1) ReplacePolicyWithContext added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) ReplacePolicyWithContext(ctx context.Context, replacePolicyOptions *ReplacePolicyOptions) (result *Policy, response *core.DetailedResponse, err error)

ReplacePolicyWithContext is an alternate form of the ReplacePolicy method which supports a Context parameter

func (*IamPolicyManagementV1) ReplaceRole added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) ReplaceRole(replaceRoleOptions *ReplaceRoleOptions) (result *CustomRole, response *core.DetailedResponse, err error)

ReplaceRole : Update a role Update a custom role. A role administrator might want to update an existing role by updating the display name, description, or the actions that are mapped to the role. The name, account_id, and service_name can't be changed.

func (*IamPolicyManagementV1) ReplaceRoleWithContext added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) ReplaceRoleWithContext(ctx context.Context, replaceRoleOptions *ReplaceRoleOptions) (result *CustomRole, response *core.DetailedResponse, err error)

ReplaceRoleWithContext is an alternate form of the ReplaceRole method which supports a Context parameter

func (*IamPolicyManagementV1) ReplaceV2Policy added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) ReplaceV2Policy(replaceV2PolicyOptions *ReplaceV2PolicyOptions) (result *V2Policy, response *core.DetailedResponse, err error)

ReplaceV2Policy : Update a policy Update a policy to grant access between a subject and a resource. A policy administrator might want to update an existing policy.

### Access

To create an access policy, use **`"type": "access"`** in the body. The supported subject attributes are **`iam_id`** and **`access_group_id`**. Use the **`iam_id`** subject attribute to assign access to a user or service-id. Use the **`access_group_id`** subject attribute to assign access to an access group. Assign roles that are supported by the service or platform roles. For more information, see [IAM roles and actions](/docs/account?topic=account-iam-service-roles-actions). Use only the resource attributes supported by the service. To view a service's or the platform's supported attributes, check the [documentation](/docs?tab=all-docs). The policy resource must include either the **`serviceType`**, **`serviceName`**, **`resourceGroupId`** or **`service_group_id`** attribute and the **`accountId`** attribute. In the rule field, you can specify a single condition by using **`key`**, **`value`**, and condition **`operator`**, or a set of **`conditions`** with a combination **`operator`**. The possible combination operators are **`and`** and **`or`**. Combine conditions to specify a time-based restriction (e.g., access only during business hours, during the Monday-Friday work week). For example, a policy can grant access Monday-Friday, 9:00am-5:00pm using the following rule: ```json

"rule": {
  "operator": "and",
  "conditions": [{
    "key": "{{environment.attributes.day_of_week}}",
    "operator": "dayOfWeekAnyOf",
    "value": ["1+00:00", "2+00:00", "3+00:00", "4+00:00", "5+00:00"]
  },
    "key": "{{environment.attributes.current_time}}",
    "operator": "timeGreaterThanOrEquals",
    "value": "09:00:00+00:00"
  },
    "key": "{{environment.attributes.current_time}}",
    "operator": "timeLessThanOrEquals",
    "value": "17:00:00+00:00"
  }]
}

``` You can use the following operators in the **`key`**, **`value`** pair: ```

'timeLessThan', 'timeLessThanOrEquals', 'timeGreaterThan', 'timeGreaterThanOrEquals',
'dateTimeLessThan', 'dateTimeLessThanOrEquals', 'dateTimeGreaterThan', 'dateTimeGreaterThanOrEquals',
'dayOfWeekEquals', 'dayOfWeekAnyOf',

``` The pattern field that matches the rule is required when rule is provided. For the business hour rule example above, the **`pattern`** is **`"time-based-conditions:weekly"`**. For more information, see [Time-based conditions operators](https://cloud.ibm.com/docs/account?topic=account-iam-condition-properties&interface=ui#policy-condition-properties) and [Limiting access with time-based conditions](https://cloud.ibm.com/docs/account?topic=account-iam-time-based&interface=ui). ### Attribute Operators

Currently, only the `stringEquals`, `stringMatch`, and `stringEquals` operators are available. For more information, see [Assigning access by using wildcard policies](https://cloud.ibm.com/docs/account?topic=account-wildcard).

### Attribute Validations

Policy attribute values must be between 1 and 1,000 characters in length. If location related attributes like geography, country, metro, region, satellite, and locationvalues are supported by the service, they are validated against Global Catalog locations.

func (*IamPolicyManagementV1) ReplaceV2PolicyWithContext added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) ReplaceV2PolicyWithContext(ctx context.Context, replaceV2PolicyOptions *ReplaceV2PolicyOptions) (result *V2Policy, response *core.DetailedResponse, err error)

ReplaceV2PolicyWithContext is an alternate form of the ReplaceV2Policy method which supports a Context parameter

func (*IamPolicyManagementV1) SetDefaultHeaders added in v0.12.2

func (iamPolicyManagement *IamPolicyManagementV1) SetDefaultHeaders(headers http.Header)

SetDefaultHeaders sets HTTP headers to be sent in every request

func (*IamPolicyManagementV1) SetEnableGzipCompression added in v0.12.2

func (iamPolicyManagement *IamPolicyManagementV1) SetEnableGzipCompression(enableGzip bool)

SetEnableGzipCompression sets the service's EnableGzipCompression field

func (*IamPolicyManagementV1) SetServiceURL

func (iamPolicyManagement *IamPolicyManagementV1) SetServiceURL(url string) error

SetServiceURL sets the service URL

func (*IamPolicyManagementV1) UpdatePolicyState added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) UpdatePolicyState(updatePolicyStateOptions *UpdatePolicyStateOptions) (result *Policy, response *core.DetailedResponse, err error)

UpdatePolicyState : Restore a deleted policy by ID Restore a policy that has recently been deleted. A policy administrator might want to restore a deleted policy. To restore a policy, use **`"state": "active"`** in the body.

func (*IamPolicyManagementV1) UpdatePolicyStateWithContext added in v0.31.4

func (iamPolicyManagement *IamPolicyManagementV1) UpdatePolicyStateWithContext(ctx context.Context, updatePolicyStateOptions *UpdatePolicyStateOptions) (result *Policy, response *core.DetailedResponse, err error)

UpdatePolicyStateWithContext is an alternate form of the UpdatePolicyState method which supports a Context parameter

type IamPolicyManagementV1Options

type IamPolicyManagementV1Options struct {
	ServiceName   string
	URL           string
	Authenticator core.Authenticator
}

IamPolicyManagementV1Options : Service options

type ListPoliciesOptions

type ListPoliciesOptions struct {
	// The account GUID that the policies belong to.
	AccountID *string `json:"account_id" validate:"required"`

	// Language code for translations
	// * `default` - English
	// * `de` -  German (Standard)
	// * `en` - English
	// * `es` - Spanish (Spain)
	// * `fr` - French (Standard)
	// * `it` - Italian (Standard)
	// * `ja` - Japanese
	// * `ko` - Korean
	// * `pt-br` - Portuguese (Brazil)
	// * `zh-cn` - Chinese (Simplified, PRC)
	// * `zh-tw` - (Chinese, Taiwan).
	AcceptLanguage *string `json:"Accept-Language,omitempty"`

	// Optional IAM ID used to identify the subject.
	IamID *string `json:"iam_id,omitempty"`

	// Optional access group id.
	AccessGroupID *string `json:"access_group_id,omitempty"`

	// Optional type of policy.
	Type *string `json:"type,omitempty"`

	// Optional type of service.
	ServiceType *string `json:"service_type,omitempty"`

	// Optional name of the access tag in the policy.
	TagName *string `json:"tag_name,omitempty"`

	// Optional value of the access tag in the policy.
	TagValue *string `json:"tag_value,omitempty"`

	// Optional top level policy field to sort results. Ascending sort is default. Descending sort available by prepending
	// '-' to field. Example '-last_modified_at'.
	Sort *string `json:"sort,omitempty"`

	// Include additional data per policy returned
	// * `include_last_permit` - returns details of when the policy last granted a permit decision and the number of times
	// it has done so
	// * `display` - returns the list of all actions included in each of the policy roles.
	Format *string `json:"format,omitempty"`

	// The state of the policy.
	// * `active` - returns active policies
	// * `deleted` - returns non-active policies.
	State *string `json:"state,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

ListPoliciesOptions : The ListPolicies options.

func (*ListPoliciesOptions) SetAcceptLanguage

func (_options *ListPoliciesOptions) SetAcceptLanguage(acceptLanguage string) *ListPoliciesOptions

SetAcceptLanguage : Allow user to set AcceptLanguage

func (*ListPoliciesOptions) SetAccessGroupID

func (_options *ListPoliciesOptions) SetAccessGroupID(accessGroupID string) *ListPoliciesOptions

SetAccessGroupID : Allow user to set AccessGroupID

func (*ListPoliciesOptions) SetAccountID

func (_options *ListPoliciesOptions) SetAccountID(accountID string) *ListPoliciesOptions

SetAccountID : Allow user to set AccountID

func (*ListPoliciesOptions) SetFormat added in v0.17.2

func (_options *ListPoliciesOptions) SetFormat(format string) *ListPoliciesOptions

SetFormat : Allow user to set Format

func (*ListPoliciesOptions) SetHeaders

func (options *ListPoliciesOptions) SetHeaders(param map[string]string) *ListPoliciesOptions

SetHeaders : Allow user to set Headers

func (*ListPoliciesOptions) SetIamID

func (_options *ListPoliciesOptions) SetIamID(iamID string) *ListPoliciesOptions

SetIamID : Allow user to set IamID

func (*ListPoliciesOptions) SetServiceType

func (_options *ListPoliciesOptions) SetServiceType(serviceType string) *ListPoliciesOptions

SetServiceType : Allow user to set ServiceType

func (*ListPoliciesOptions) SetSort added in v0.17.2

func (_options *ListPoliciesOptions) SetSort(sort string) *ListPoliciesOptions

SetSort : Allow user to set Sort

func (*ListPoliciesOptions) SetState added in v0.18.5

func (_options *ListPoliciesOptions) SetState(state string) *ListPoliciesOptions

SetState : Allow user to set State

func (*ListPoliciesOptions) SetTagName added in v0.17.15

func (_options *ListPoliciesOptions) SetTagName(tagName string) *ListPoliciesOptions

SetTagName : Allow user to set TagName

func (*ListPoliciesOptions) SetTagValue added in v0.17.15

func (_options *ListPoliciesOptions) SetTagValue(tagValue string) *ListPoliciesOptions

SetTagValue : Allow user to set TagValue

func (*ListPoliciesOptions) SetType

func (_options *ListPoliciesOptions) SetType(typeVar string) *ListPoliciesOptions

SetType : Allow user to set Type

type ListRolesOptions

type ListRolesOptions struct {
	// Language code for translations
	// * `default` - English
	// * `de` -  German (Standard)
	// * `en` - English
	// * `es` - Spanish (Spain)
	// * `fr` - French (Standard)
	// * `it` - Italian (Standard)
	// * `ja` - Japanese
	// * `ko` - Korean
	// * `pt-br` - Portuguese (Brazil)
	// * `zh-cn` - Chinese (Simplified, PRC)
	// * `zh-tw` - (Chinese, Taiwan).
	AcceptLanguage *string `json:"Accept-Language,omitempty"`

	// Optional account GUID in which the roles belong to.
	AccountID *string `json:"account_id,omitempty"`

	// Optional name of IAM enabled service.
	ServiceName *string `json:"service_name,omitempty"`

	// Optional name of source IAM enabled service.
	SourceServiceName *string `json:"source_service_name,omitempty"`

	// Optional Policy Type.
	PolicyType *string `json:"policy_type,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

ListRolesOptions : The ListRoles options.

func (*ListRolesOptions) SetAcceptLanguage

func (_options *ListRolesOptions) SetAcceptLanguage(acceptLanguage string) *ListRolesOptions

SetAcceptLanguage : Allow user to set AcceptLanguage

func (*ListRolesOptions) SetAccountID

func (_options *ListRolesOptions) SetAccountID(accountID string) *ListRolesOptions

SetAccountID : Allow user to set AccountID

func (*ListRolesOptions) SetHeaders

func (options *ListRolesOptions) SetHeaders(param map[string]string) *ListRolesOptions

SetHeaders : Allow user to set Headers

func (*ListRolesOptions) SetPolicyType added in v0.22.0

func (_options *ListRolesOptions) SetPolicyType(policyType string) *ListRolesOptions

SetPolicyType : Allow user to set PolicyType

func (*ListRolesOptions) SetServiceName

func (_options *ListRolesOptions) SetServiceName(serviceName string) *ListRolesOptions

SetServiceName : Allow user to set ServiceName

func (*ListRolesOptions) SetSourceServiceName added in v0.22.0

func (_options *ListRolesOptions) SetSourceServiceName(sourceServiceName string) *ListRolesOptions

SetSourceServiceName : Allow user to set SourceServiceName

type ListV2PoliciesOptions added in v0.31.4

type ListV2PoliciesOptions struct {
	// The account GUID in which the policies belong to.
	AccountID *string `json:"account_id" validate:"required"`

	// Language code for translations
	// * `default` - English
	// * `de` -  German (Standard)
	// * `en` - English
	// * `es` - Spanish (Spain)
	// * `fr` - French (Standard)
	// * `it` - Italian (Standard)
	// * `ja` - Japanese
	// * `ko` - Korean
	// * `pt-br` - Portuguese (Brazil)
	// * `zh-cn` - Chinese (Simplified, PRC)
	// * `zh-tw` - (Chinese, Taiwan).
	AcceptLanguage *string `json:"Accept-Language,omitempty"`

	// Optional IAM ID used to identify the subject.
	IamID *string `json:"iam_id,omitempty"`

	// Optional access group id.
	AccessGroupID *string `json:"access_group_id,omitempty"`

	// Optional type of policy.
	Type *string `json:"type,omitempty"`

	// Optional type of service.
	ServiceType *string `json:"service_type,omitempty"`

	// Optional name of service.
	ServiceName *string `json:"service_name,omitempty"`

	// Optional ID of service group.
	ServiceGroupID *string `json:"service_group_id,omitempty"`

	// Optional top level policy field to sort results. Ascending sort is default. Descending sort available by prepending
	// '-' to field, for example, '-last_modified_at'. Note that last permit information is only included when
	// 'format=include_last_permit', for example, "format=include_last_permit&sort=last_permit_at" Example fields that can
	// be sorted on:
	//   - 'id'
	//   - 'type'
	//   - 'href'
	//   - 'created_at'
	//   - 'created_by_id'
	//   - 'last_modified_at'
	//   - 'last_modified_by_id'
	//   - 'state'
	//   - 'last_permit_at'
	//   - 'last_permit_frequency'.
	Sort *string `json:"sort,omitempty"`

	// Include additional data per policy returned
	// * `include_last_permit` - returns details of when the policy last granted a permit decision and the number of times
	// it has done so
	// * `display` - returns the list of all actions included in each of the policy roles and translations for all relevant
	// fields.
	Format *string `json:"format,omitempty"`

	// The state of the policy.
	// * `active` - returns active policies
	// * `deleted` - returns non-active policies.
	State *string `json:"state,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

ListV2PoliciesOptions : The ListV2Policies options.

func (*ListV2PoliciesOptions) SetAcceptLanguage added in v0.31.4

func (_options *ListV2PoliciesOptions) SetAcceptLanguage(acceptLanguage string) *ListV2PoliciesOptions

SetAcceptLanguage : Allow user to set AcceptLanguage

func (*ListV2PoliciesOptions) SetAccessGroupID added in v0.31.4

func (_options *ListV2PoliciesOptions) SetAccessGroupID(accessGroupID string) *ListV2PoliciesOptions

SetAccessGroupID : Allow user to set AccessGroupID

func (*ListV2PoliciesOptions) SetAccountID added in v0.31.4

func (_options *ListV2PoliciesOptions) SetAccountID(accountID string) *ListV2PoliciesOptions

SetAccountID : Allow user to set AccountID

func (*ListV2PoliciesOptions) SetFormat added in v0.31.4

func (_options *ListV2PoliciesOptions) SetFormat(format string) *ListV2PoliciesOptions

SetFormat : Allow user to set Format

func (*ListV2PoliciesOptions) SetHeaders added in v0.31.4

func (options *ListV2PoliciesOptions) SetHeaders(param map[string]string) *ListV2PoliciesOptions

SetHeaders : Allow user to set Headers

func (*ListV2PoliciesOptions) SetIamID added in v0.31.4

func (_options *ListV2PoliciesOptions) SetIamID(iamID string) *ListV2PoliciesOptions

SetIamID : Allow user to set IamID

func (*ListV2PoliciesOptions) SetServiceGroupID added in v0.31.4

func (_options *ListV2PoliciesOptions) SetServiceGroupID(serviceGroupID string) *ListV2PoliciesOptions

SetServiceGroupID : Allow user to set ServiceGroupID

func (*ListV2PoliciesOptions) SetServiceName added in v0.31.4

func (_options *ListV2PoliciesOptions) SetServiceName(serviceName string) *ListV2PoliciesOptions

SetServiceName : Allow user to set ServiceName

func (*ListV2PoliciesOptions) SetServiceType added in v0.31.4

func (_options *ListV2PoliciesOptions) SetServiceType(serviceType string) *ListV2PoliciesOptions

SetServiceType : Allow user to set ServiceType

func (*ListV2PoliciesOptions) SetSort added in v0.32.1

func (_options *ListV2PoliciesOptions) SetSort(sort string) *ListV2PoliciesOptions

SetSort : Allow user to set Sort

func (*ListV2PoliciesOptions) SetState added in v0.31.4

func (_options *ListV2PoliciesOptions) SetState(state string) *ListV2PoliciesOptions

SetState : Allow user to set State

func (*ListV2PoliciesOptions) SetType added in v0.31.4

func (_options *ListV2PoliciesOptions) SetType(typeVar string) *ListV2PoliciesOptions

SetType : Allow user to set Type

type Policy

type Policy struct {
	// The policy ID.
	ID *string `json:"id,omitempty"`

	// The policy type; either 'access' or 'authorization'.
	Type *string `json:"type" validate:"required"`

	// Customer-defined description.
	Description *string `json:"description,omitempty"`

	// The subjects associated with a policy.
	Subjects []PolicySubject `json:"subjects" validate:"required"`

	// A set of role cloud resource names (CRNs) granted by the policy.
	Roles []PolicyRole `json:"roles" validate:"required"`

	// The resources associated with a policy.
	Resources []PolicyResource `json:"resources" validate:"required"`

	// The href link back to the policy.
	Href *string `json:"href,omitempty"`

	// The UTC timestamp when the policy was created.
	CreatedAt *strfmt.DateTime `json:"created_at,omitempty"`

	// The iam ID of the entity that created the policy.
	CreatedByID *string `json:"created_by_id,omitempty"`

	// The UTC timestamp when the policy was last modified.
	LastModifiedAt *strfmt.DateTime `json:"last_modified_at,omitempty"`

	// The iam ID of the entity that last modified the policy.
	LastModifiedByID *string `json:"last_modified_by_id,omitempty"`

	// The policy state.
	State *string `json:"state,omitempty"`
}

Policy : The core set of properties associated with a policy.

type PolicyList

type PolicyList struct {
	// List of policies.
	Policies []Policy `json:"policies,omitempty"`
}

PolicyList : A collection of policies.

type PolicyResource

type PolicyResource struct {
	// List of resource attributes.
	Attributes []ResourceAttribute `json:"attributes,omitempty"`

	// List of access management tags.
	Tags []ResourceTag `json:"tags,omitempty"`
}

PolicyResource : The attributes of the resource. Note that only one resource is allowed in a policy.

type PolicyRole

type PolicyRole struct {
	// The role Cloud Resource Name (CRN) granted by the policy. Example CRN: 'crn:v1:bluemix:public:iam::::role:Editor'.
	RoleID *string `json:"role_id" validate:"required"`

	// The display name of the role.
	DisplayName *string `json:"display_name,omitempty"`

	// The description of the role.
	Description *string `json:"description,omitempty"`
}

PolicyRole : A role associated with a policy.

type PolicySubject

type PolicySubject struct {
	// List of subject attributes.
	Attributes []SubjectAttribute `json:"attributes,omitempty"`
}

PolicySubject : The subject attribute values that must match in order for this policy to apply in a permission decision.

type ReplacePolicyOptions added in v0.31.4

type ReplacePolicyOptions struct {
	// The policy ID.
	PolicyID *string `json:"policy_id" validate:"required,ne="`

	// The revision number for updating a policy and must match the ETag value of the existing policy. The Etag can be
	// retrieved using the GET /v1/policies/{policy_id} API and looking at the ETag response header.
	IfMatch *string `json:"If-Match" validate:"required"`

	// The policy type; either 'access' or 'authorization'.
	Type *string `json:"type" validate:"required"`

	// The subjects associated with a policy.
	Subjects []PolicySubject `json:"subjects" validate:"required"`

	// A set of role cloud resource names (CRNs) granted by the policy.
	Roles []PolicyRole `json:"roles" validate:"required"`

	// The resources associated with a policy.
	Resources []PolicyResource `json:"resources" validate:"required"`

	// Customer-defined description.
	Description *string `json:"description,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

ReplacePolicyOptions : The ReplacePolicy options.

func (*ReplacePolicyOptions) SetDescription added in v0.31.4

func (_options *ReplacePolicyOptions) SetDescription(description string) *ReplacePolicyOptions

SetDescription : Allow user to set Description

func (*ReplacePolicyOptions) SetHeaders added in v0.31.4

func (options *ReplacePolicyOptions) SetHeaders(param map[string]string) *ReplacePolicyOptions

SetHeaders : Allow user to set Headers

func (*ReplacePolicyOptions) SetIfMatch added in v0.31.4

func (_options *ReplacePolicyOptions) SetIfMatch(ifMatch string) *ReplacePolicyOptions

SetIfMatch : Allow user to set IfMatch

func (*ReplacePolicyOptions) SetPolicyID added in v0.31.4

func (_options *ReplacePolicyOptions) SetPolicyID(policyID string) *ReplacePolicyOptions

SetPolicyID : Allow user to set PolicyID

func (*ReplacePolicyOptions) SetResources added in v0.31.4

func (_options *ReplacePolicyOptions) SetResources(resources []PolicyResource) *ReplacePolicyOptions

SetResources : Allow user to set Resources

func (*ReplacePolicyOptions) SetRoles added in v0.31.4

func (_options *ReplacePolicyOptions) SetRoles(roles []PolicyRole) *ReplacePolicyOptions

SetRoles : Allow user to set Roles

func (*ReplacePolicyOptions) SetSubjects added in v0.31.4

func (_options *ReplacePolicyOptions) SetSubjects(subjects []PolicySubject) *ReplacePolicyOptions

SetSubjects : Allow user to set Subjects

func (*ReplacePolicyOptions) SetType added in v0.31.4

func (_options *ReplacePolicyOptions) SetType(typeVar string) *ReplacePolicyOptions

SetType : Allow user to set Type

type ReplaceRoleOptions added in v0.31.4

type ReplaceRoleOptions struct {
	// The role ID.
	RoleID *string `json:"role_id" validate:"required,ne="`

	// The revision number for updating a role and must match the ETag value of the existing role. The Etag can be
	// retrieved using the GET /v2/roles/{role_id} API and looking at the ETag response header.
	IfMatch *string `json:"If-Match" validate:"required"`

	// The display name of the role that is shown in the console.
	DisplayName *string `json:"display_name" validate:"required"`

	// The actions of the role. For more information, see [IAM roles and
	// actions](https://cloud.ibm.com/docs/account?topic=account-iam-service-roles-actions).
	Actions []string `json:"actions" validate:"required"`

	// The description of the role.
	Description *string `json:"description,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

ReplaceRoleOptions : The ReplaceRole options.

func (*ReplaceRoleOptions) SetActions added in v0.31.4

func (_options *ReplaceRoleOptions) SetActions(actions []string) *ReplaceRoleOptions

SetActions : Allow user to set Actions

func (*ReplaceRoleOptions) SetDescription added in v0.31.4

func (_options *ReplaceRoleOptions) SetDescription(description string) *ReplaceRoleOptions

SetDescription : Allow user to set Description

func (*ReplaceRoleOptions) SetDisplayName added in v0.31.4

func (_options *ReplaceRoleOptions) SetDisplayName(displayName string) *ReplaceRoleOptions

SetDisplayName : Allow user to set DisplayName

func (*ReplaceRoleOptions) SetHeaders added in v0.31.4

func (options *ReplaceRoleOptions) SetHeaders(param map[string]string) *ReplaceRoleOptions

SetHeaders : Allow user to set Headers

func (*ReplaceRoleOptions) SetIfMatch added in v0.31.4

func (_options *ReplaceRoleOptions) SetIfMatch(ifMatch string) *ReplaceRoleOptions

SetIfMatch : Allow user to set IfMatch

func (*ReplaceRoleOptions) SetRoleID added in v0.31.4

func (_options *ReplaceRoleOptions) SetRoleID(roleID string) *ReplaceRoleOptions

SetRoleID : Allow user to set RoleID

type ReplaceV2PolicyOptions added in v0.31.4

type ReplaceV2PolicyOptions struct {
	// The policy ID.
	ID *string `json:"id" validate:"required,ne="`

	// The revision number for updating a policy and must match the ETag value of the existing policy. The Etag can be
	// retrieved using the GET /v2/policies/{id} API and looking at the ETag response header.
	IfMatch *string `json:"If-Match" validate:"required"`

	// Specifies the type of access granted by the policy.
	Control *Control `json:"control" validate:"required"`

	// The policy type; either 'access' or 'authorization'.
	Type *string `json:"type" validate:"required"`

	// Allows the customer to use their own words to record the purpose/context related to a policy.
	Description *string `json:"description,omitempty"`

	// The subject attributes for whom the policy grants access.
	Subject *V2PolicySubject `json:"subject,omitempty"`

	// The resource attributes to which the policy grants access.
	Resource *V2PolicyResource `json:"resource,omitempty"`

	// Indicates pattern of rule, either 'time-based-conditions:once', 'time-based-conditions:weekly:all-day', or
	// 'time-based-conditions:weekly:custom-hours'.
	Pattern *string `json:"pattern,omitempty"`

	// Additional access conditions associated with the policy.
	Rule V2PolicyRuleIntf `json:"rule,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

ReplaceV2PolicyOptions : The ReplaceV2Policy options.

func (*ReplaceV2PolicyOptions) SetControl added in v0.31.4

func (_options *ReplaceV2PolicyOptions) SetControl(control *Control) *ReplaceV2PolicyOptions

SetControl : Allow user to set Control

func (*ReplaceV2PolicyOptions) SetDescription added in v0.31.4

func (_options *ReplaceV2PolicyOptions) SetDescription(description string) *ReplaceV2PolicyOptions

SetDescription : Allow user to set Description

func (*ReplaceV2PolicyOptions) SetHeaders added in v0.31.4

func (options *ReplaceV2PolicyOptions) SetHeaders(param map[string]string) *ReplaceV2PolicyOptions

SetHeaders : Allow user to set Headers

func (*ReplaceV2PolicyOptions) SetID added in v0.31.4

SetID : Allow user to set ID

func (*ReplaceV2PolicyOptions) SetIfMatch added in v0.31.4

func (_options *ReplaceV2PolicyOptions) SetIfMatch(ifMatch string) *ReplaceV2PolicyOptions

SetIfMatch : Allow user to set IfMatch

func (*ReplaceV2PolicyOptions) SetPattern added in v0.31.4

func (_options *ReplaceV2PolicyOptions) SetPattern(pattern string) *ReplaceV2PolicyOptions

SetPattern : Allow user to set Pattern

func (*ReplaceV2PolicyOptions) SetResource added in v0.31.4

func (_options *ReplaceV2PolicyOptions) SetResource(resource *V2PolicyResource) *ReplaceV2PolicyOptions

SetResource : Allow user to set Resource

func (*ReplaceV2PolicyOptions) SetRule added in v0.31.4

SetRule : Allow user to set Rule

func (*ReplaceV2PolicyOptions) SetSubject added in v0.31.4

func (_options *ReplaceV2PolicyOptions) SetSubject(subject *V2PolicySubject) *ReplaceV2PolicyOptions

SetSubject : Allow user to set Subject

func (*ReplaceV2PolicyOptions) SetType added in v0.31.4

func (_options *ReplaceV2PolicyOptions) SetType(typeVar string) *ReplaceV2PolicyOptions

SetType : Allow user to set Type

type ResourceAttribute

type ResourceAttribute struct {
	// The name of an attribute.
	Name *string `json:"name" validate:"required"`

	// The value of an attribute.
	Value *string `json:"value" validate:"required"`

	// The operator of an attribute.
	Operator *string `json:"operator,omitempty"`
}

ResourceAttribute : An attribute associated with a resource.

type ResourceTag added in v0.17.15

type ResourceTag struct {
	// The name of an access management tag.
	Name *string `json:"name" validate:"required"`

	// The value of an access management tag.
	Value *string `json:"value" validate:"required"`

	// The operator of an access management tag.
	Operator *string `json:"operator,omitempty"`
}

ResourceTag : A tag associated with a resource.

type Role

type Role struct {
	// The display name of the role that is shown in the console.
	DisplayName *string `json:"display_name" validate:"required"`

	// The description of the role.
	Description *string `json:"description,omitempty"`

	// The actions of the role. For more information, see [IAM roles and
	// actions](https://cloud.ibm.com/docs/account?topic=account-iam-service-roles-actions).
	Actions []string `json:"actions" validate:"required"`

	// The role Cloud Resource Name (CRN). Example CRN:
	// 'crn:v1:ibmcloud:public:iam-access-management::a/exampleAccountId::customRole:ExampleRoleName'.
	CRN *string `json:"crn,omitempty"`
}

Role : A role resource.

type RoleAction added in v0.31.4

type RoleAction struct {
	// Unique identifier for action with structure service.resource.action e.g., cbr.rule.read.
	ID *string `json:"id" validate:"required"`

	// Service defined display name for action.
	DisplayName *string `json:"display_name" validate:"required"`

	// Service defined description for action.
	Description *string `json:"description" validate:"required"`
}

RoleAction : An action that can be performed by the policy subject when assigned role.

type RoleList

type RoleList struct {
	// List of custom roles.
	CustomRoles []CustomRole `json:"custom_roles,omitempty"`

	// List of service roles.
	ServiceRoles []Role `json:"service_roles,omitempty"`

	// List of system roles.
	SystemRoles []Role `json:"system_roles,omitempty"`
}

RoleList : A collection of roles returned by the 'list roles' operation.

type Roles added in v0.31.5

type Roles struct {
	// The role Cloud Resource Name (CRN) granted by the policy. Example CRN: 'crn:v1:bluemix:public:iam::::role:Editor'.
	RoleID *string `json:"role_id" validate:"required"`
}

Roles : A role associated with a policy.

type RuleAttribute added in v0.31.4

type RuleAttribute struct {
	// The name of an attribute.
	Key *string `json:"key" validate:"required"`

	// The operator of an attribute.
	Operator *string `json:"operator" validate:"required"`

	// The value of a rule or resource attribute; can be boolean or string for resource attribute. Can be string or an
	// array of strings (e.g., array of days to permit access) for rule attribute.
	Value interface{} `json:"value" validate:"required"`
}

RuleAttribute : Rule that specifies additional access granted (e.g., time-based condition).

type SubjectAttribute

type SubjectAttribute struct {
	// The name of an attribute.
	Name *string `json:"name" validate:"required"`

	// The value of an attribute.
	Value *string `json:"value" validate:"required"`
}

SubjectAttribute : An attribute associated with a subject.

type UpdatePolicyStateOptions added in v0.31.4

type UpdatePolicyStateOptions struct {
	// The policy ID.
	PolicyID *string `json:"policy_id" validate:"required,ne="`

	// The revision number for updating a policy and must match the ETag value of the existing policy. The Etag can be
	// retrieved using the GET /v1/policies/{policy_id} API and looking at the ETag response header.
	IfMatch *string `json:"If-Match" validate:"required"`

	// The policy state.
	State *string `json:"state,omitempty"`

	// Allows users to set headers on API requests
	Headers map[string]string
}

UpdatePolicyStateOptions : The UpdatePolicyState options.

func (*UpdatePolicyStateOptions) SetHeaders added in v0.31.4

func (options *UpdatePolicyStateOptions) SetHeaders(param map[string]string) *UpdatePolicyStateOptions

SetHeaders : Allow user to set Headers

func (*UpdatePolicyStateOptions) SetIfMatch added in v0.31.4

func (_options *UpdatePolicyStateOptions) SetIfMatch(ifMatch string) *UpdatePolicyStateOptions

SetIfMatch : Allow user to set IfMatch

func (*UpdatePolicyStateOptions) SetPolicyID added in v0.31.4

func (_options *UpdatePolicyStateOptions) SetPolicyID(policyID string) *UpdatePolicyStateOptions

SetPolicyID : Allow user to set PolicyID

func (*UpdatePolicyStateOptions) SetState added in v0.31.4

func (_options *UpdatePolicyStateOptions) SetState(state string) *UpdatePolicyStateOptions

SetState : Allow user to set State

type V2Policy added in v0.30.0

type V2Policy struct {
	// The policy type; either 'access' or 'authorization'.
	Type *string `json:"type" validate:"required"`

	// Allows the customer to use their own words to record the purpose/context related to a policy.
	Description *string `json:"description,omitempty"`

	// The subject attributes for whom the policy grants access.
	Subject *V2PolicySubject `json:"subject,omitempty"`

	// The resource attributes to which the policy grants access.
	Resource *V2PolicyResource `json:"resource,omitempty"`

	// Indicates pattern of rule, either 'time-based-conditions:once', 'time-based-conditions:weekly:all-day', or
	// 'time-based-conditions:weekly:custom-hours'.
	Pattern *string `json:"pattern,omitempty"`

	// Additional access conditions associated with the policy.
	Rule V2PolicyRuleIntf `json:"rule,omitempty"`

	// The policy ID.
	ID *string `json:"id,omitempty"`

	// The href URL that links to the policies API by policy ID.
	Href *string `json:"href,omitempty"`

	Control ControlResponseIntf `json:"control" validate:"required"`

	// The UTC timestamp when the policy was created.
	CreatedAt *strfmt.DateTime `json:"created_at,omitempty"`

	// The iam ID of the entity that created the policy.
	CreatedByID *string `json:"created_by_id,omitempty"`

	// The UTC timestamp when the policy was last modified.
	LastModifiedAt *strfmt.DateTime `json:"last_modified_at,omitempty"`

	// The iam ID of the entity that last modified the policy.
	LastModifiedByID *string `json:"last_modified_by_id,omitempty"`

	// The policy state, either 'deleted' or 'active'.
	State *string `json:"state" validate:"required"`

	// The optional last permit time of policy, when passing query parameter format=include_last_permit.
	LastPermitAt *string `json:"last_permit_at,omitempty"`

	// The optional count of times that policy has provided a permit, when passing query parameter
	// format=include_last_permit.
	LastPermitFrequency *int64 `json:"last_permit_frequency,omitempty"`
}

V2Policy : The core set of properties associated with the policy.

type V2PolicyCollection added in v0.31.4

type V2PolicyCollection struct {
	// List of policies.
	Policies []V2Policy `json:"policies,omitempty"`
}

V2PolicyCollection : A collection of policies.

type V2PolicyResource added in v0.31.4

type V2PolicyResource struct {
	// List of resource attributes to which the policy grants access.
	Attributes []V2PolicyResourceAttribute `json:"attributes" validate:"required"`

	// Optional list of resource tags to which the policy grants access.
	Tags []V2PolicyResourceTag `json:"tags,omitempty"`
}

V2PolicyResource : The resource attributes to which the policy grants access.

type V2PolicyResourceAttribute added in v0.31.4

type V2PolicyResourceAttribute struct {
	// The name of a resource attribute.
	Key *string `json:"key" validate:"required"`

	// The operator of an attribute.
	Operator *string `json:"operator" validate:"required"`

	// The value of a rule or resource attribute; can be boolean or string for resource attribute. Can be string or an
	// array of strings (e.g., array of days to permit access) for rule attribute.
	Value interface{} `json:"value" validate:"required"`
}

V2PolicyResourceAttribute : Resource attribute to which the policy grants access.

type V2PolicyResourceTag added in v0.31.4

type V2PolicyResourceTag struct {
	// The name of an access management tag.
	Key *string `json:"key" validate:"required"`

	// The value of an access management tag.
	Value *string `json:"value" validate:"required"`

	// The operator of an access management tag.
	Operator *string `json:"operator" validate:"required"`
}

V2PolicyResourceTag : A tag associated with a resource.

type V2PolicyRule added in v0.31.4

type V2PolicyRule struct {
	// The name of an attribute.
	Key *string `json:"key,omitempty"`

	// The operator of an attribute.
	Operator *string `json:"operator,omitempty"`

	// The value of a rule or resource attribute; can be boolean or string for resource attribute. Can be string or an
	// array of strings (e.g., array of days to permit access) for rule attribute.
	Value interface{} `json:"value,omitempty"`

	// List of conditions associated with a policy, e.g., time-based conditions that grant access over a certain time
	// period.
	Conditions []RuleAttribute `json:"conditions,omitempty"`
}

V2PolicyRule : Additional access conditions associated with the policy. Models which "extend" this model: - V2PolicyRuleRuleAttribute - V2PolicyRuleRuleWithConditions

type V2PolicyRuleIntf added in v0.31.4

type V2PolicyRuleIntf interface {
	// contains filtered or unexported methods
}

type V2PolicyRuleRuleAttribute added in v0.31.4

type V2PolicyRuleRuleAttribute struct {
	// The name of an attribute.
	Key *string `json:"key" validate:"required"`

	// The operator of an attribute.
	Operator *string `json:"operator" validate:"required"`

	// The value of a rule or resource attribute; can be boolean or string for resource attribute. Can be string or an
	// array of strings (e.g., array of days to permit access) for rule attribute.
	Value interface{} `json:"value" validate:"required"`
}

V2PolicyRuleRuleAttribute : Rule that specifies additional access granted (e.g., time-based condition). This model "extends" V2PolicyRule

type V2PolicyRuleRuleWithConditions added in v0.31.4

type V2PolicyRuleRuleWithConditions struct {
	// Operator to evaluate conditions.
	Operator *string `json:"operator" validate:"required"`

	// List of conditions associated with a policy, e.g., time-based conditions that grant access over a certain time
	// period.
	Conditions []RuleAttribute `json:"conditions" validate:"required"`
}

V2PolicyRuleRuleWithConditions : Rule that specifies additional access granted (e.g., time-based condition) accross multiple conditions. This model "extends" V2PolicyRule

type V2PolicySubject added in v0.31.4

type V2PolicySubject struct {
	// List of subject attributes associated with policy/.
	Attributes []V2PolicySubjectAttribute `json:"attributes" validate:"required"`
}

V2PolicySubject : The subject attributes for whom the policy grants access.

type V2PolicySubjectAttribute added in v0.31.4

type V2PolicySubjectAttribute struct {
	// The name of a subject attribute, e.g., iam_id, access_group_id.
	Key *string `json:"key" validate:"required"`

	// The operator of an attribute.
	Operator *string `json:"operator" validate:"required"`

	// The value of the ID of the subject, e.g., service ID, access group ID, IAM ID.
	Value *string `json:"value" validate:"required"`
}

V2PolicySubjectAttribute : Subject attribute for whom the policy grants access.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL