accesscontextmanager

package
v0.0.0-...-39567f0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 25, 2018 License: BSD-3-Clause Imports: 13 Imported by: 0

Documentation

Overview

Package accesscontextmanager provides access to the Access Context Manager API.

See https://cloud.google.com/access-context-manager/docs/reference/rest/

Usage example:

import "google.golang.org/api/accesscontextmanager/v1beta"
...
accesscontextmanagerService, err := accesscontextmanager.New(oauthHttpClient)

Index

Constants

View Source
const (
	// View and manage your data across Google Cloud Platform services
	CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
)

OAuth2 scopes used by this API.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessLevel

type AccessLevel struct {
	// Basic: A `BasicLevel` composed of `Conditions`.
	Basic *BasicLevel `json:"basic,omitempty"`

	// CreateTime: Output only. Time the `AccessLevel` was created in UTC.
	CreateTime string `json:"createTime,omitempty"`

	// Description: Description of the `AccessLevel` and its use. Does not
	// affect behavior.
	Description string `json:"description,omitempty"`

	// Name: Required. Resource name for the Access Level. The `short_name`
	// component
	// must begin with a letter and only include alphanumeric and '_'.
	// Format:
	// `accessPolicies/{policy_id}/accessLevels/{short_name}`
	Name string `json:"name,omitempty"`

	// Title: Human readable title. Must be unique within the Policy.
	Title string `json:"title,omitempty"`

	// UpdateTime: Output only. Time the `AccessLevel` was updated in UTC.
	UpdateTime string `json:"updateTime,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "Basic") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Basic") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

AccessLevel: An `AccessLevel` is a label that can be applied to requests to GCP services, along with a list of requirements necessary for the label to be applied. `AccessLevels` can be referenced in `AccessZones` and in the `Cloud Org Policy` API.

func (*AccessLevel) MarshalJSON

func (s *AccessLevel) MarshalJSON() ([]byte, error)

type AccessPoliciesAccessLevelsCreateCall

type AccessPoliciesAccessLevelsCreateCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesAccessLevelsCreateCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesAccessLevelsCreateCall) Do

Do executes the "accesscontextmanager.accessPolicies.accessLevels.create" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesAccessLevelsCreateCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesAccessLevelsCreateCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type AccessPoliciesAccessLevelsDeleteCall

type AccessPoliciesAccessLevelsDeleteCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesAccessLevelsDeleteCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesAccessLevelsDeleteCall) Do

Do executes the "accesscontextmanager.accessPolicies.accessLevels.delete" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesAccessLevelsDeleteCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesAccessLevelsDeleteCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type AccessPoliciesAccessLevelsGetCall

type AccessPoliciesAccessLevelsGetCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesAccessLevelsGetCall) AccessLevelFormat

func (c *AccessPoliciesAccessLevelsGetCall) AccessLevelFormat(accessLevelFormat string) *AccessPoliciesAccessLevelsGetCall

AccessLevelFormat sets the optional parameter "accessLevelFormat": Whether to return `BasicLevels` in the Cloud Common Expression Language rather than as `BasicLevels`. Defaults to AS_DEFINED, where Access Levels are returned as `BasicLevels` or `CustomLevels` based on how they were created. If set to CEL, all Access Levels are returned as `CustomLevels`. In the CEL case, `BasicLevels` are translated to equivalent `CustomLevels`.

Possible values:

"LEVEL_FORMAT_UNSPECIFIED"
"AS_DEFINED"
"CEL"

func (*AccessPoliciesAccessLevelsGetCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesAccessLevelsGetCall) Do

Do executes the "accesscontextmanager.accessPolicies.accessLevels.get" call. Exactly one of *AccessLevel or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *AccessLevel.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesAccessLevelsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesAccessLevelsGetCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesAccessLevelsGetCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type AccessPoliciesAccessLevelsListCall

type AccessPoliciesAccessLevelsListCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesAccessLevelsListCall) AccessLevelFormat

func (c *AccessPoliciesAccessLevelsListCall) AccessLevelFormat(accessLevelFormat string) *AccessPoliciesAccessLevelsListCall

AccessLevelFormat sets the optional parameter "accessLevelFormat": Whether to return `BasicLevels` in the Cloud Common Expression language, as `CustomLevels`, rather than as `BasicLevels`. Defaults to returning `AccessLevels` in the format they were defined.

Possible values:

"LEVEL_FORMAT_UNSPECIFIED"
"AS_DEFINED"
"CEL"

func (*AccessPoliciesAccessLevelsListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesAccessLevelsListCall) Do

Do executes the "accesscontextmanager.accessPolicies.accessLevels.list" call. Exactly one of *ListAccessLevelsResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListAccessLevelsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesAccessLevelsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesAccessLevelsListCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesAccessLevelsListCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

func (*AccessPoliciesAccessLevelsListCall) PageSize

PageSize sets the optional parameter "pageSize": Number of Access Levels to include in the list. Default 100.

func (*AccessPoliciesAccessLevelsListCall) PageToken

PageToken sets the optional parameter "pageToken": Next page token for the next batch of Access Level instances. Defaults to the first page of results.

func (*AccessPoliciesAccessLevelsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type AccessPoliciesAccessLevelsPatchCall

type AccessPoliciesAccessLevelsPatchCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesAccessLevelsPatchCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesAccessLevelsPatchCall) Do

Do executes the "accesscontextmanager.accessPolicies.accessLevels.patch" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesAccessLevelsPatchCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesAccessLevelsPatchCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesAccessLevelsPatchCall) UpdateMask

UpdateMask sets the optional parameter "updateMask": Required. Mask to control which fields get updated. Must be non-empty.

type AccessPoliciesAccessLevelsService

type AccessPoliciesAccessLevelsService struct {
	// contains filtered or unexported fields
}

func NewAccessPoliciesAccessLevelsService

func NewAccessPoliciesAccessLevelsService(s *Service) *AccessPoliciesAccessLevelsService

func (*AccessPoliciesAccessLevelsService) Create

Create: Create an Access Level. The longrunning operation from this RPC will have a successful status once the Access Level has propagated to long-lasting storage. Access Levels containing errors will result in an error response for the first error encountered.

func (*AccessPoliciesAccessLevelsService) Delete

Delete: Delete an Access Level by resource name. The longrunning operation from this RPC will have a successful status once the Access Level has been removed from long-lasting storage.

func (*AccessPoliciesAccessLevelsService) Get

Get: Get an Access Level by resource name.

func (*AccessPoliciesAccessLevelsService) List

List: List all Access Levels for an access policy.

func (*AccessPoliciesAccessLevelsService) Patch

Patch: Update an Access Level. The longrunning operation from this RPC will have a successful status once the changes to the Access Level have propagated to long-lasting storage. Access Levels containing errors will result in an error response for the first error encountered.

type AccessPoliciesCreateCall

type AccessPoliciesCreateCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesCreateCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesCreateCall) Do

Do executes the "accesscontextmanager.accessPolicies.create" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesCreateCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesCreateCall) Header

func (c *AccessPoliciesCreateCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type AccessPoliciesDeleteCall

type AccessPoliciesDeleteCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesDeleteCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesDeleteCall) Do

Do executes the "accesscontextmanager.accessPolicies.delete" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesDeleteCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesDeleteCall) Header

func (c *AccessPoliciesDeleteCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type AccessPoliciesGetCall

type AccessPoliciesGetCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesGetCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesGetCall) Do

Do executes the "accesscontextmanager.accessPolicies.get" call. Exactly one of *AccessPolicy or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *AccessPolicy.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesGetCall) Header

func (c *AccessPoliciesGetCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesGetCall) IfNoneMatch

func (c *AccessPoliciesGetCall) IfNoneMatch(entityTag string) *AccessPoliciesGetCall

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type AccessPoliciesListCall

type AccessPoliciesListCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesListCall) Do

Do executes the "accesscontextmanager.accessPolicies.list" call. Exactly one of *ListAccessPoliciesResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListAccessPoliciesResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesListCall) Header

func (c *AccessPoliciesListCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesListCall) IfNoneMatch

func (c *AccessPoliciesListCall) IfNoneMatch(entityTag string) *AccessPoliciesListCall

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

func (*AccessPoliciesListCall) PageSize

func (c *AccessPoliciesListCall) PageSize(pageSize int64) *AccessPoliciesListCall

PageSize sets the optional parameter "pageSize": Number of AccessPolicy instances to include in the list. Default 100.

func (*AccessPoliciesListCall) PageToken

func (c *AccessPoliciesListCall) PageToken(pageToken string) *AccessPoliciesListCall

PageToken sets the optional parameter "pageToken": Next page token for the next batch of AccessPolicy instances. Defaults to the first page of results.

func (*AccessPoliciesListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

func (*AccessPoliciesListCall) Parent

Parent sets the optional parameter "parent": Required. Resource name for the container to list AccessPolicy instances from.

Format: `organizations/{org_id}`

type AccessPoliciesPatchCall

type AccessPoliciesPatchCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesPatchCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesPatchCall) Do

Do executes the "accesscontextmanager.accessPolicies.patch" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesPatchCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesPatchCall) Header

func (c *AccessPoliciesPatchCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesPatchCall) UpdateMask

func (c *AccessPoliciesPatchCall) UpdateMask(updateMask string) *AccessPoliciesPatchCall

UpdateMask sets the optional parameter "updateMask": Required. Mask to control which fields get updated. Must be non-empty.

type AccessPoliciesService

type AccessPoliciesService struct {
	AccessLevels *AccessPoliciesAccessLevelsService

	ServicePerimeters *AccessPoliciesServicePerimetersService
	// contains filtered or unexported fields
}

func NewAccessPoliciesService

func NewAccessPoliciesService(s *Service) *AccessPoliciesService

func (*AccessPoliciesService) Create

Create: Create an `AccessPolicy`. Fails if this organization already has a `AccessPolicy`. The longrunning Operation will have a successful status once the `AccessPolicy` has propagated to long-lasting storage. Syntactic and basic semantic errors will be returned in `metadata` as a BadRequest proto.

func (*AccessPoliciesService) Delete

Delete: Delete an AccessPolicy by resource name. The longrunning Operation will have a successful status once the AccessPolicy has been removed from long-lasting storage.

func (*AccessPoliciesService) Get

Get: Get an AccessPolicy by name.

func (*AccessPoliciesService) List

List: List all AccessPolicies under a container.

func (*AccessPoliciesService) Patch

func (r *AccessPoliciesService) Patch(name string, accesspolicy *AccessPolicy) *AccessPoliciesPatchCall

Patch: Update an AccessPolicy. The longrunning Operation from this RPC will have a successful status once the changes to the AccessPolicy have propagated to long-lasting storage. Syntactic and basic semantic errors will be returned in `metadata` as a BadRequest proto.

type AccessPoliciesServicePerimetersCreateCall

type AccessPoliciesServicePerimetersCreateCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesServicePerimetersCreateCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesServicePerimetersCreateCall) Do

Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.create" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesServicePerimetersCreateCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesServicePerimetersCreateCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type AccessPoliciesServicePerimetersDeleteCall

type AccessPoliciesServicePerimetersDeleteCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesServicePerimetersDeleteCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesServicePerimetersDeleteCall) Do

Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.delete" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesServicePerimetersDeleteCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesServicePerimetersDeleteCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type AccessPoliciesServicePerimetersGetCall

type AccessPoliciesServicePerimetersGetCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesServicePerimetersGetCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesServicePerimetersGetCall) Do

Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.get" call. Exactly one of *ServicePerimeter or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ServicePerimeter.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesServicePerimetersGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesServicePerimetersGetCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesServicePerimetersGetCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type AccessPoliciesServicePerimetersListCall

type AccessPoliciesServicePerimetersListCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesServicePerimetersListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesServicePerimetersListCall) Do

Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.list" call. Exactly one of *ListServicePerimetersResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListServicePerimetersResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesServicePerimetersListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesServicePerimetersListCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesServicePerimetersListCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

func (*AccessPoliciesServicePerimetersListCall) PageSize

PageSize sets the optional parameter "pageSize": Number of Service Perimeters to include in the list. Default 100.

func (*AccessPoliciesServicePerimetersListCall) PageToken

PageToken sets the optional parameter "pageToken": Next page token for the next batch of Service Perimeter instances. Defaults to the first page of results.

func (*AccessPoliciesServicePerimetersListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type AccessPoliciesServicePerimetersPatchCall

type AccessPoliciesServicePerimetersPatchCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesServicePerimetersPatchCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesServicePerimetersPatchCall) Do

Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.patch" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesServicePerimetersPatchCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesServicePerimetersPatchCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesServicePerimetersPatchCall) UpdateMask

UpdateMask sets the optional parameter "updateMask": Required. Mask to control which fields get updated. Must be non-empty.

type AccessPoliciesServicePerimetersService

type AccessPoliciesServicePerimetersService struct {
	// contains filtered or unexported fields
}

func NewAccessPoliciesServicePerimetersService

func NewAccessPoliciesServicePerimetersService(s *Service) *AccessPoliciesServicePerimetersService

func (*AccessPoliciesServicePerimetersService) Create

Create: Create an Service Perimeter. The longrunning operation from this RPC will have a successful status once the Service Perimeter has propagated to long-lasting storage. Service Perimeters containing errors will result in an error response for the first error encountered.

func (*AccessPoliciesServicePerimetersService) Delete

Delete: Delete an Service Perimeter by resource name. The longrunning operation from this RPC will have a successful status once the Service Perimeter has been removed from long-lasting storage.

func (*AccessPoliciesServicePerimetersService) Get

Get: Get an Service Perimeter by resource name.

func (*AccessPoliciesServicePerimetersService) List

List: List all Service Perimeters for an access policy.

func (*AccessPoliciesServicePerimetersService) Patch

Patch: Update an Service Perimeter. The longrunning operation from this RPC will have a successful status once the changes to the Service Perimeter have propagated to long-lasting storage. Service Perimeter containing errors will result in an error response for the first error encountered.

type AccessPolicy

type AccessPolicy struct {
	// CreateTime: Output only. Time the `AccessPolicy` was created in UTC.
	CreateTime string `json:"createTime,omitempty"`

	// Name: Output only. Resource name of the `AccessPolicy`.
	// Format:
	// `accessPolicies/{policy_id}`
	Name string `json:"name,omitempty"`

	// Parent: Required. The parent of this `AccessPolicy` in the Cloud
	// Resource
	// Hierarchy. Currently immutable once created.
	// Format:
	// `organizations/{organization_id}`
	Parent string `json:"parent,omitempty"`

	// Title: Required. Human readable title. Does not affect behavior.
	Title string `json:"title,omitempty"`

	// UpdateTime: Output only. Time the `AccessPolicy` was updated in UTC.
	UpdateTime string `json:"updateTime,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "CreateTime") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "CreateTime") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

AccessPolicy: `AccessPolicy` is a container for `AccessLevels` (which define the necessary attributes to use GCP services) and `ServicePerimeters` (which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization.

func (*AccessPolicy) MarshalJSON

func (s *AccessPolicy) MarshalJSON() ([]byte, error)

type BasicLevel

type BasicLevel struct {
	// CombiningFunction: How the `conditions` list should be combined to
	// determine if a request is
	// granted this `AccessLevel`. If AND is used, each `Condition`
	// in
	// `conditions` must be satisfied for the `AccessLevel` to be applied.
	// If OR
	// is used, at least one `Condition` in `conditions` must be satisfied
	// for the
	// `AccessLevel` to be applied. Default behavior is AND.
	//
	// Possible values:
	//   "AND" - All `Conditions` must be true for the `BasicLevel` to be
	// true.
	//   "OR" - If at least one `Condition` is true, then the `BasicLevel`
	// is true.
	CombiningFunction string `json:"combiningFunction,omitempty"`

	// Conditions: Required. A list of requirements for the `AccessLevel` to
	// be granted.
	Conditions []*Condition `json:"conditions,omitempty"`

	// ForceSendFields is a list of field names (e.g. "CombiningFunction")
	// to unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "CombiningFunction") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

BasicLevel: `BasicLevel` is an `AccessLevel` using a set of recommended features.

func (*BasicLevel) MarshalJSON

func (s *BasicLevel) MarshalJSON() ([]byte, error)

type Condition

type Condition struct {
	// DevicePolicy: Device specific restrictions, all restrictions must
	// hold for the
	// Condition to be true. If not specified, all devices are allowed.
	DevicePolicy *DevicePolicy `json:"devicePolicy,omitempty"`

	// IpSubnetworks: CIDR block IP subnetwork specification. May be IPv4 or
	// IPv6. Note that for
	// a CIDR IP address block, the specified IP address portion must be
	// properly
	// truncated (i.e. all the host bits must be zero) or the input is
	// considered
	// malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24"
	// is
	// not. Similarly, for IPv6, "2001:db8::/32" is accepted
	// whereas
	// "2001:db8::1/32" is not. The originating IP of a request must be in
	// one of
	// the listed subnets in order for this Condition to be true. If empty,
	// all IP
	// addresses are allowed.
	IpSubnetworks []string `json:"ipSubnetworks,omitempty"`

	// Members: The signed-in user originating the request must be a part of
	// one of the
	// provided
	// members.
	// Syntax:
	// `user:{emailid}`
	// `group:{emailid}`
	// `serviceAccount:{e
	// mailid}`
	// If not specified, a request may come from any user (logged in/not
	// logged
	// in, not present in any groups, etc.).
	Members []string `json:"members,omitempty"`

	// Negate: Whether to negate the Condition. If true, the Condition
	// becomes a NAND over
	// its non-empty fields, each field must be false for the Condition
	// overall to
	// be satisfied. Defaults to false.
	Negate bool `json:"negate,omitempty"`

	// RequiredAccessLevels: A list of other access levels defined in the
	// same `Policy`, referenced by
	// resource name. Referencing an `AccessLevel` which does not exist is
	// an
	// error. All access levels listed must be granted for the Condition
	// to be true.
	// Example:
	// "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"
	RequiredAccessLevels []string `json:"requiredAccessLevels,omitempty"`

	// ForceSendFields is a list of field names (e.g. "DevicePolicy") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "DevicePolicy") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Condition: A condition necessary for an `AccessLevel` to be granted. The Condition is an AND over its fields. So a Condition is true if: 1) the request IP is from one of the listed subnetworks AND 2) the originating device complies with the listed device policy AND 3) all listed access levels are granted AND 4) the request was sent at a time allowed by the DateTimeRestriction.

func (*Condition) MarshalJSON

func (s *Condition) MarshalJSON() ([]byte, error)

type DevicePolicy

type DevicePolicy struct {
	// AllowedDeviceManagementLevels: Allowed device management levels, an
	// empty list allows all management
	// levels.
	//
	// Possible values:
	//   "MANAGEMENT_UNSPECIFIED" - The device's management level is not
	// specified or not known.
	//   "NONE" - The device is not managed.
	//   "BASIC" - Basic management is enabled, which is generally limited
	// to monitoring and
	// wiping the corporate account.
	//   "COMPLETE" - Complete device management. This includes more
	// thorough monitoring and the
	// ability to directly manage the device (such as remote wiping). This
	// can be
	// enabled through the Android Enterprise Platform.
	AllowedDeviceManagementLevels []string `json:"allowedDeviceManagementLevels,omitempty"`

	// AllowedEncryptionStatuses: Allowed encryptions statuses, an empty
	// list allows all statuses.
	//
	// Possible values:
	//   "ENCRYPTION_UNSPECIFIED" - The encryption status of the device is
	// not specified or not known.
	//   "ENCRYPTION_UNSUPPORTED" - The device does not support encryption.
	//   "UNENCRYPTED" - The device supports encryption, but is currently
	// unencrypted.
	//   "ENCRYPTED" - The device is encrypted.
	AllowedEncryptionStatuses []string `json:"allowedEncryptionStatuses,omitempty"`

	// OsConstraints: Allowed OS versions, an empty list allows all types
	// and all versions.
	OsConstraints []*OsConstraint `json:"osConstraints,omitempty"`

	// RequireScreenlock: Whether or not screenlock is required for the
	// DevicePolicy to be true.
	// Defaults to `false`.
	RequireScreenlock bool `json:"requireScreenlock,omitempty"`

	// ForceSendFields is a list of field names (e.g.
	// "AllowedDeviceManagementLevels") to unconditionally include in API
	// requests. By default, fields with empty values are omitted from API
	// requests. However, any non-pointer, non-interface field appearing in
	// ForceSendFields will be sent to the server regardless of whether the
	// field is empty or not. This may be used to include empty fields in
	// Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g.
	// "AllowedDeviceManagementLevels") to include in API requests with the
	// JSON null value. By default, fields with empty values are omitted
	// from API requests. However, any field with an empty value appearing
	// in NullFields will be sent to the server as null. It is an error if a
	// field in this list has a non-empty value. This may be used to include
	// null fields in Patch requests.
	NullFields []string `json:"-"`
}

DevicePolicy: `DevicePolicy` specifies device specific restrictions necessary to acquire a given access level. A `DevicePolicy` specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. `DevicePolicy` acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.

func (*DevicePolicy) MarshalJSON

func (s *DevicePolicy) MarshalJSON() ([]byte, error)

type ListAccessLevelsResponse

type ListAccessLevelsResponse struct {
	// AccessLevels: List of the Access Level instances.
	AccessLevels []*AccessLevel `json:"accessLevels,omitempty"`

	// NextPageToken: The pagination token to retrieve the next page of
	// results. If the value is
	// empty, no further results remain.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "AccessLevels") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "AccessLevels") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ListAccessLevelsResponse: A response to `ListAccessLevelsRequest`.

func (*ListAccessLevelsResponse) MarshalJSON

func (s *ListAccessLevelsResponse) MarshalJSON() ([]byte, error)

type ListAccessPoliciesResponse

type ListAccessPoliciesResponse struct {
	// AccessPolicies: List of the AccessPolicy instances.
	AccessPolicies []*AccessPolicy `json:"accessPolicies,omitempty"`

	// NextPageToken: The pagination token to retrieve the next page of
	// results. If the value is
	// empty, no further results remain.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "AccessPolicies") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "AccessPolicies") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

ListAccessPoliciesResponse: A response to `ListAccessPoliciesRequest`.

func (*ListAccessPoliciesResponse) MarshalJSON

func (s *ListAccessPoliciesResponse) MarshalJSON() ([]byte, error)

type ListServicePerimetersResponse

type ListServicePerimetersResponse struct {
	// NextPageToken: The pagination token to retrieve the next page of
	// results. If the value is
	// empty, no further results remain.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServicePerimeters: List of the Service Perimeter instances.
	ServicePerimeters []*ServicePerimeter `json:"servicePerimeters,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "NextPageToken") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ListServicePerimetersResponse: A response to `ListServicePerimetersRequest`.

func (*ListServicePerimetersResponse) MarshalJSON

func (s *ListServicePerimetersResponse) MarshalJSON() ([]byte, error)

type Operation

type Operation struct {
	// Done: If the value is `false`, it means the operation is still in
	// progress.
	// If `true`, the operation is completed, and either `error` or
	// `response` is
	// available.
	Done bool `json:"done,omitempty"`

	// Error: The error result of the operation in case of failure or
	// cancellation.
	Error *Status `json:"error,omitempty"`

	// Metadata: Service-specific metadata associated with the operation.
	// It typically
	// contains progress information and common metadata such as create
	// time.
	// Some services might not provide such metadata.  Any method that
	// returns a
	// long-running operation should document the metadata type, if any.
	Metadata googleapi.RawMessage `json:"metadata,omitempty"`

	// Name: The server-assigned name, which is only unique within the same
	// service that
	// originally returns it. If you use the default HTTP mapping,
	// the
	// `name` should have the format of `operations/some/unique/name`.
	Name string `json:"name,omitempty"`

	// Response: The normal response of the operation in case of success.
	// If the original
	// method returns no data on success, such as `Delete`, the response
	// is
	// `google.protobuf.Empty`.  If the original method is
	// standard
	// `Get`/`Create`/`Update`, the response should be the resource.  For
	// other
	// methods, the response should have the type `XxxResponse`, where
	// `Xxx`
	// is the original method name.  For example, if the original method
	// name
	// is `TakeSnapshot()`, the inferred response type
	// is
	// `TakeSnapshotResponse`.
	Response googleapi.RawMessage `json:"response,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "Done") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Done") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Operation: This resource represents a long-running operation that is the result of a network API call.

func (*Operation) MarshalJSON

func (s *Operation) MarshalJSON() ([]byte, error)

type OperationsGetCall

type OperationsGetCall struct {
	// contains filtered or unexported fields
}

func (*OperationsGetCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*OperationsGetCall) Do

Do executes the "accesscontextmanager.operations.get" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OperationsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*OperationsGetCall) Header

func (c *OperationsGetCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*OperationsGetCall) IfNoneMatch

func (c *OperationsGetCall) IfNoneMatch(entityTag string) *OperationsGetCall

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type OperationsService

type OperationsService struct {
	// contains filtered or unexported fields
}

func NewOperationsService

func NewOperationsService(s *Service) *OperationsService

func (*OperationsService) Get

Get: Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

type OsConstraint

type OsConstraint struct {
	// MinimumVersion: The minimum allowed OS version. If not set, any
	// version of this OS
	// satisfies the constraint. Format: "major.minor.patch".
	// Examples: "10.5.301", "9.2.1".
	MinimumVersion string `json:"minimumVersion,omitempty"`

	// OsType: Required. The allowed OS type.
	//
	// Possible values:
	//   "OS_UNSPECIFIED" - The operating system of the device is not
	// specified or not known.
	//   "DESKTOP_MAC" - A desktop Mac operating system.
	//   "DESKTOP_WINDOWS" - A desktop Windows operating system.
	//   "DESKTOP_LINUX" - A desktop Linux operating system.
	//   "DESKTOP_CHROME_OS" - A desktop ChromeOS operating system.
	//   "ANDROID" - An Android operating system.
	//   "IOS" - An iOS operating system.
	OsType string `json:"osType,omitempty"`

	// ForceSendFields is a list of field names (e.g. "MinimumVersion") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "MinimumVersion") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

OsConstraint: A restriction on the OS type and version of devices making requests.

func (*OsConstraint) MarshalJSON

func (s *OsConstraint) MarshalJSON() ([]byte, error)

type Service

type Service struct {
	BasePath  string // API endpoint base URL
	UserAgent string // optional additional User-Agent fragment

	AccessPolicies *AccessPoliciesService

	Operations *OperationsService
	// contains filtered or unexported fields
}

func New

func New(client *http.Client) (*Service, error)

type ServicePerimeter

type ServicePerimeter struct {
	// CreateTime: Output only. Time the `ServicePerimeter` was created in
	// UTC.
	CreateTime string `json:"createTime,omitempty"`

	// Description: Description of the `ServicePerimeter` and its use. Does
	// not affect
	// behavior.
	Description string `json:"description,omitempty"`

	// Name: Required. Resource name for the ServicePerimeter.  The
	// `short_name`
	// component must begin with a letter and only include alphanumeric and
	// '_'.
	// Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
	Name string `json:"name,omitempty"`

	// PerimeterType: Perimeter type indicator. A single project is
	// allowed to be a member of single regular perimeter, but multiple
	// service
	// perimeter bridges. A project cannot be a included in a perimeter
	// bridge
	// without being included in regular perimeter. For perimeter
	// bridges,
	// restricted/unrestricted service lists as well as access lists must
	// be
	// empty.
	//
	// Possible values:
	//   "PERIMETER_TYPE_REGULAR" - Regular Perimeter.
	//   "PERIMETER_TYPE_BRIDGE" - Perimeter Bridge.
	PerimeterType string `json:"perimeterType,omitempty"`

	// Status: Current ServicePerimeter configuration. Specifies sets of
	// resources,
	// restricted/unrestricted services and access levels that determine
	// perimeter
	// content and boundaries.
	Status *ServicePerimeterConfig `json:"status,omitempty"`

	// Title: Human readable title. Must be unique within the Policy.
	Title string `json:"title,omitempty"`

	// UpdateTime: Output only. Time the `ServicePerimeter` was updated in
	// UTC.
	UpdateTime string `json:"updateTime,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "CreateTime") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "CreateTime") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ServicePerimeter: `ServicePerimeter` describes a set of GCP resources which can freely import and export data amongst themselves, but not export outside of the `ServicePerimeter`. If a request with a source within this `ServicePerimeter` has a target outside of the `ServicePerimeter`, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single GCP project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only GCP projects as members, a single GCP project may belong to multiple Service Perimeter Bridges.

func (*ServicePerimeter) MarshalJSON

func (s *ServicePerimeter) MarshalJSON() ([]byte, error)

type ServicePerimeterConfig

type ServicePerimeterConfig struct {
	// AccessLevels: A list of `AccessLevel` resource names that allow
	// resources within the
	// `ServicePerimeter` to be accessed from the internet. `AccessLevels`
	// listed
	// must be in the same policy as this `ServicePerimeter`. Referencing
	// a
	// nonexistent `AccessLevel` is a syntax error. If no `AccessLevel`
	// names are
	// listed, resources within the perimeter can only be accessed via GCP
	// calls with
	// request origins within the perimeter.
	// Example:
	// "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL".
	// For Service Perimeter Bridge, must be empty.
	AccessLevels []string `json:"accessLevels,omitempty"`

	// Resources: A list of GCP resources that are inside of the service
	// perimeter.
	// Currently only projects are allowed. Format:
	// `projects/{project_number}`
	Resources []string `json:"resources,omitempty"`

	// RestrictedServices: GCP services that are subject to the Service
	// Perimeter restrictions. May
	// contain a list of services or a single wildcard "*". For example,
	// if
	// `storage.googleapis.com` is specified, access to the storage
	// buckets
	// inside the perimeter must meet the perimeter's access
	// restrictions.
	//
	// Wildcard means that unless explicitly specified by
	// "unrestricted_services"
	// list, any service is treated as restricted. One of the
	// fields
	// "restricted_services", "unrestricted_services" must contain a
	// wildcard "*",
	// otherwise the Service Perimeter specification is invalid. It also
	// means
	// that both field being empty is invalid as well. "restricted_services"
	// can
	// be empty if and only if "unrestricted_services" list contains a
	// "*"
	// wildcard.
	RestrictedServices []string `json:"restrictedServices,omitempty"`

	// UnrestrictedServices: GCP services that are not subject to the
	// Service Perimeter restrictions.
	// May contain a list of services or a single wildcard "*". For example,
	// if
	// `logging.googleapis.com` is unrestricted, users can access logs
	// inside the
	// perimeter as if the perimeter doesn't exist, and it also means VMs
	// inside the perimeter
	// can access logs outside the perimeter.
	//
	// The wildcard means that unless explicitly specified
	// by
	// "restricted_services" list, any service is treated as unrestricted.
	// One of
	// the fields "restricted_services", "unrestricted_services" must
	// contain a
	// wildcard "*", otherwise the Service Perimeter specification is
	// invalid. It
	// also means that both field being empty is invalid as
	// well.
	// "unrestricted_services" can be empty if and only if
	// "restricted_services"
	// list contains a "*" wildcard.
	UnrestrictedServices []string `json:"unrestrictedServices,omitempty"`

	// ForceSendFields is a list of field names (e.g. "AccessLevels") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "AccessLevels") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ServicePerimeterConfig: `ServicePerimeterConfig` specifies a set of GCP resources that describe specific Service Perimeter configuration.

func (*ServicePerimeterConfig) MarshalJSON

func (s *ServicePerimeterConfig) MarshalJSON() ([]byte, error)

type Status

type Status struct {
	// Code: The status code, which should be an enum value of
	// google.rpc.Code.
	Code int64 `json:"code,omitempty"`

	// Details: A list of messages that carry the error details.  There is a
	// common set of
	// message types for APIs to use.
	Details []googleapi.RawMessage `json:"details,omitempty"`

	// Message: A developer-facing error message, which should be in
	// English. Any
	// user-facing error message should be localized and sent in
	// the
	// google.rpc.Status.details field, or localized by the client.
	Message string `json:"message,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Code") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Code") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Status: The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). The error model is designed to be:

- Simple to use and understand for most users - Flexible enough to meet unexpected needs

Overview

The `Status` message contains three pieces of data: error code, error message, and error details. The error code should be an enum value of google.rpc.Code, but it may accept additional error codes if needed. The error message should be a developer-facing English message that helps developers *understand* and *resolve* the error. If a localized user-facing error message is needed, put the localized message in the error details or localize it in the client. The optional error details may contain arbitrary information about the error. There is a predefined set of error detail types in the package `google.rpc` that can be used for common error conditions.

Language mapping

The `Status` message is the logical representation of the error model, but it is not necessarily the actual wire format. When the `Status` message is exposed in different client libraries and different wire protocols, it can be mapped differently. For example, it will likely be mapped to some exceptions in Java, but more likely mapped to some error codes in C.

Other uses

The error model and the `Status` message can be used in a variety of environments, either with or without APIs, to provide a consistent developer experience across different environments.

Example uses of this error model include:

- Partial errors. If a service needs to return partial errors to the client,

it may embed the `Status` in the normal response to indicate the

partial

errors.

- Workflow errors. A typical workflow has multiple steps. Each step may

have a `Status` message for error reporting.

- Batch operations. If a client uses batch request and batch response, the

`Status` message should be used directly inside batch response,

one for

each error sub-response.

- Asynchronous operations. If an API call embeds asynchronous operation

results in its response, the status of those operations should

be

represented directly using the `Status` message.

- Logging. If some API errors are stored in logs, the message `Status` could

be used directly after any stripping needed for security/privacy

reasons.

func (*Status) MarshalJSON

func (s *Status) MarshalJSON() ([]byte, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL