admin

package
v0.0.0-...-2a72893 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 26, 2018 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ListServiceAccountKeysRequest_KeyType_name = map[int32]string{
	0: "KEY_TYPE_UNSPECIFIED",
	1: "USER_MANAGED",
	2: "SYSTEM_MANAGED",
}
View Source 
var ListServiceAccountKeysRequest_KeyType_value = map[string]int32{
	"KEY_TYPE_UNSPECIFIED": 0,
	"USER_MANAGED":         1,
	"SYSTEM_MANAGED":       2,
}
View Source 
var Permission_CustomRolesSupportLevel_name = map[int32]string{
	0: "SUPPORTED",
	1: "TESTING",
	2: "NOT_SUPPORTED",
}
View Source 
var Permission_CustomRolesSupportLevel_value = map[string]int32{
	"SUPPORTED":     0,
	"TESTING":       1,
	"NOT_SUPPORTED": 2,
}
View Source 
var Permission_PermissionLaunchStage_name = map[int32]string{
	0: "ALPHA",
	1: "BETA",
	2: "GA",
	3: "DEPRECATED",
}
View Source 
var Permission_PermissionLaunchStage_value = map[string]int32{
	"ALPHA":      0,
	"BETA":       1,
	"GA":         2,
	"DEPRECATED": 3,
}
View Source 
var RoleView_name = map[int32]string{
	0: "BASIC",
	1: "FULL",
}
View Source 
var RoleView_value = map[string]int32{
	"BASIC": 0,
	"FULL":  1,
}
View Source 
var Role_RoleLaunchStage_name = map[int32]string{
	0: "ALPHA",
	1: "BETA",
	2: "GA",
	4: "DEPRECATED",
	5: "DISABLED",
	6: "EAP",
}
View Source 
var Role_RoleLaunchStage_value = map[string]int32{
	"ALPHA":      0,
	"BETA":       1,
	"GA":         2,
	"DEPRECATED": 4,
	"DISABLED":   5,
	"EAP":        6,
}
View Source 
var ServiceAccountKeyAlgorithm_name = map[int32]string{
	0: "KEY_ALG_UNSPECIFIED",
	1: "KEY_ALG_RSA_1024",
	2: "KEY_ALG_RSA_2048",
}
View Source 
var ServiceAccountKeyAlgorithm_value = map[string]int32{
	"KEY_ALG_UNSPECIFIED": 0,
	"KEY_ALG_RSA_1024":    1,
	"KEY_ALG_RSA_2048":    2,
}
View Source 
var ServiceAccountPrivateKeyType_name = map[int32]string{
	0: "TYPE_UNSPECIFIED",
	1: "TYPE_PKCS12_FILE",
	2: "TYPE_GOOGLE_CREDENTIALS_FILE",
}
View Source 
var ServiceAccountPrivateKeyType_value = map[string]int32{
	"TYPE_UNSPECIFIED":             0,
	"TYPE_PKCS12_FILE":             1,
	"TYPE_GOOGLE_CREDENTIALS_FILE": 2,
}
View Source 
var ServiceAccountPublicKeyType_name = map[int32]string{
	0: "TYPE_NONE",
	1: "TYPE_X509_PEM_FILE",
	2: "TYPE_RAW_PUBLIC_KEY",
}
View Source 
var ServiceAccountPublicKeyType_value = map[string]int32{
	"TYPE_NONE":           0,
	"TYPE_X509_PEM_FILE":  1,
	"TYPE_RAW_PUBLIC_KEY": 2,
}

Functions

func RegisterIAMServer 

func RegisterIAMServer(s *grpc.Server, srv IAMServer)

Types

type CreateRoleRequest 

type CreateRoleRequest struct {
	// The resource name of the parent resource in one of the following formats:
	// `organizations/{ORGANIZATION_ID}`
	// `projects/{PROJECT_ID}`
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// The role id to use for this role.
	RoleId string `protobuf:"bytes,2,opt,name=role_id,json=roleId,proto3" json:"role_id,omitempty"`
	// The Role resource to create.
	Role                 *Role    `protobuf:"bytes,3,opt,name=role,proto3" json:"role,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The request to create a new role.

func (*CreateRoleRequest) Descriptor 

func (*CreateRoleRequest) Descriptor() ([]byte, []int)

func (*CreateRoleRequest) GetParent 

func (m *CreateRoleRequest) GetParent() string

func (*CreateRoleRequest) GetRole 

func (m *CreateRoleRequest) GetRole() *Role

func (*CreateRoleRequest) GetRoleId 

func (m *CreateRoleRequest) GetRoleId() string

func (*CreateRoleRequest) ProtoMessage 

func (*CreateRoleRequest) ProtoMessage()

func (*CreateRoleRequest) Reset 

func (m *CreateRoleRequest) Reset()

func (*CreateRoleRequest) String 

func (m *CreateRoleRequest) String() string

func (*CreateRoleRequest) XXX_DiscardUnknown 

func (m *CreateRoleRequest) XXX_DiscardUnknown()

func (*CreateRoleRequest) XXX_Marshal 

func (m *CreateRoleRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*CreateRoleRequest) XXX_Merge 

func (dst *CreateRoleRequest) XXX_Merge(src proto.Message)

func (*CreateRoleRequest) XXX_Size 

func (m *CreateRoleRequest) XXX_Size() int

func (*CreateRoleRequest) XXX_Unmarshal 

func (m *CreateRoleRequest) XXX_Unmarshal(b []byte) error

type CreateServiceAccountKeyRequest 

type CreateServiceAccountKeyRequest struct {
	// The resource name of the service account in the following format:
	// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.
	// Using `-` as a wildcard for the project will infer the project from
	// the account. The `account` value can be the `email` address or the
	// `unique_id` of the service account.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// The output format of the private key. `GOOGLE_CREDENTIALS_FILE` is the
	// default output format.
	PrivateKeyType ServiceAccountPrivateKeyType `` /* 160-byte string literal not displayed */
	// Which type of key and algorithm to use for the key.
	// The default is currently a 2K RSA key.  However this may change in the
	// future.
	KeyAlgorithm         ServiceAccountKeyAlgorithm `` /* 150-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}                   `json:"-"`
	XXX_unrecognized     []byte                     `json:"-"`
	XXX_sizecache        int32                      `json:"-"`
}

The service account key create request.

func (*CreateServiceAccountKeyRequest) Descriptor 

func (*CreateServiceAccountKeyRequest) Descriptor() ([]byte, []int)

func (*CreateServiceAccountKeyRequest) GetKeyAlgorithm 

func (m *CreateServiceAccountKeyRequest) GetKeyAlgorithm() ServiceAccountKeyAlgorithm

func (*CreateServiceAccountKeyRequest) GetName 

func (m *CreateServiceAccountKeyRequest) GetName() string

func (*CreateServiceAccountKeyRequest) GetPrivateKeyType 

func (m *CreateServiceAccountKeyRequest) GetPrivateKeyType() ServiceAccountPrivateKeyType

func (*CreateServiceAccountKeyRequest) ProtoMessage 

func (*CreateServiceAccountKeyRequest) ProtoMessage()

func (*CreateServiceAccountKeyRequest) Reset 

func (m *CreateServiceAccountKeyRequest) Reset()

func (*CreateServiceAccountKeyRequest) String 

func (m *CreateServiceAccountKeyRequest) String() string

func (*CreateServiceAccountKeyRequest) XXX_DiscardUnknown 

func (m *CreateServiceAccountKeyRequest) XXX_DiscardUnknown()

func (*CreateServiceAccountKeyRequest) XXX_Marshal 

func (m *CreateServiceAccountKeyRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*CreateServiceAccountKeyRequest) XXX_Merge 

func (dst *CreateServiceAccountKeyRequest) XXX_Merge(src proto.Message)

func (*CreateServiceAccountKeyRequest) XXX_Size 

func (m *CreateServiceAccountKeyRequest) XXX_Size() int

func (*CreateServiceAccountKeyRequest) XXX_Unmarshal 

func (m *CreateServiceAccountKeyRequest) XXX_Unmarshal(b []byte) error

type CreateServiceAccountRequest 

type CreateServiceAccountRequest struct {
	// Required. The resource name of the project associated with the service
	// accounts, such as `projects/my-project-123`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Required. The account id that is used to generate the service account
	// email address and a stable unique id. It is unique within a project,
	// must be 6-30 characters long, and match the regular expression
	// `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035.
	AccountId string `protobuf:"bytes,2,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"`
	// The [ServiceAccount][google.iam.admin.v1.ServiceAccount] resource to create.
	// Currently, only the following values are user assignable:
	// `display_name` .
	ServiceAccount       *ServiceAccount `protobuf:"bytes,3,opt,name=service_account,json=serviceAccount,proto3" json:"service_account,omitempty"`
	XXX_NoUnkeyedLiteral struct{}        `json:"-"`
	XXX_unrecognized     []byte          `json:"-"`
	XXX_sizecache        int32           `json:"-"`
}

The service account create request.

func (*CreateServiceAccountRequest) Descriptor 

func (*CreateServiceAccountRequest) Descriptor() ([]byte, []int)

func (*CreateServiceAccountRequest) GetAccountId 

func (m *CreateServiceAccountRequest) GetAccountId() string

func (*CreateServiceAccountRequest) GetName 

func (m *CreateServiceAccountRequest) GetName() string

func (*CreateServiceAccountRequest) GetServiceAccount 

func (m *CreateServiceAccountRequest) GetServiceAccount() *ServiceAccount

func (*CreateServiceAccountRequest) ProtoMessage 

func (*CreateServiceAccountRequest) ProtoMessage()

func (*CreateServiceAccountRequest) Reset 

func (m *CreateServiceAccountRequest) Reset()

func (*CreateServiceAccountRequest) String 

func (m *CreateServiceAccountRequest) String() string

func (*CreateServiceAccountRequest) XXX_DiscardUnknown 

func (m *CreateServiceAccountRequest) XXX_DiscardUnknown()

func (*CreateServiceAccountRequest) XXX_Marshal 

func (m *CreateServiceAccountRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*CreateServiceAccountRequest) XXX_Merge 

func (dst *CreateServiceAccountRequest) XXX_Merge(src proto.Message)

func (*CreateServiceAccountRequest) XXX_Size 

func (m *CreateServiceAccountRequest) XXX_Size() int

func (*CreateServiceAccountRequest) XXX_Unmarshal 

func (m *CreateServiceAccountRequest) XXX_Unmarshal(b []byte) error

type DeleteRoleRequest 

type DeleteRoleRequest struct {
	// The resource name of the role in one of the following formats:
	// `organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME}`
	// `projects/{PROJECT_ID}/roles/{ROLE_NAME}`
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Used to perform a consistent read-modify-write.
	Etag                 []byte   `protobuf:"bytes,2,opt,name=etag,proto3" json:"etag,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The request to delete an existing role.

func (*DeleteRoleRequest) Descriptor 

func (*DeleteRoleRequest) Descriptor() ([]byte, []int)

func (*DeleteRoleRequest) GetEtag 

func (m *DeleteRoleRequest) GetEtag() []byte

func (*DeleteRoleRequest) GetName 

func (m *DeleteRoleRequest) GetName() string

func (*DeleteRoleRequest) ProtoMessage 

func (*DeleteRoleRequest) ProtoMessage()

func (*DeleteRoleRequest) Reset 

func (m *DeleteRoleRequest) Reset()

func (*DeleteRoleRequest) String 

func (m *DeleteRoleRequest) String() string

func (*DeleteRoleRequest) XXX_DiscardUnknown 

func (m *DeleteRoleRequest) XXX_DiscardUnknown()

func (*DeleteRoleRequest) XXX_Marshal 

func (m *DeleteRoleRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*DeleteRoleRequest) XXX_Merge 

func (dst *DeleteRoleRequest) XXX_Merge(src proto.Message)

func (*DeleteRoleRequest) XXX_Size 

func (m *DeleteRoleRequest) XXX_Size() int

func (*DeleteRoleRequest) XXX_Unmarshal 

func (m *DeleteRoleRequest) XXX_Unmarshal(b []byte) error

type DeleteServiceAccountKeyRequest 

type DeleteServiceAccountKeyRequest struct {
	// The resource name of the service account key in the following format:
	// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}/keys/{key}`.
	// Using `-` as a wildcard for the project will infer the project from
	// the account. The `account` value can be the `email` address or the
	// `unique_id` of the service account.
	Name                 string   `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The service account key delete request.

func (*DeleteServiceAccountKeyRequest) Descriptor 

func (*DeleteServiceAccountKeyRequest) Descriptor() ([]byte, []int)

func (*DeleteServiceAccountKeyRequest) GetName 

func (m *DeleteServiceAccountKeyRequest) GetName() string

func (*DeleteServiceAccountKeyRequest) ProtoMessage 

func (*DeleteServiceAccountKeyRequest) ProtoMessage()

func (*DeleteServiceAccountKeyRequest) Reset 

func (m *DeleteServiceAccountKeyRequest) Reset()

func (*DeleteServiceAccountKeyRequest) String 

func (m *DeleteServiceAccountKeyRequest) String() string

func (*DeleteServiceAccountKeyRequest) XXX_DiscardUnknown 

func (m *DeleteServiceAccountKeyRequest) XXX_DiscardUnknown()

func (*DeleteServiceAccountKeyRequest) XXX_Marshal 

func (m *DeleteServiceAccountKeyRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*DeleteServiceAccountKeyRequest) XXX_Merge 

func (dst *DeleteServiceAccountKeyRequest) XXX_Merge(src proto.Message)

func (*DeleteServiceAccountKeyRequest) XXX_Size 

func (m *DeleteServiceAccountKeyRequest) XXX_Size() int

func (*DeleteServiceAccountKeyRequest) XXX_Unmarshal 

func (m *DeleteServiceAccountKeyRequest) XXX_Unmarshal(b []byte) error

type DeleteServiceAccountRequest 

type DeleteServiceAccountRequest struct {
	// The resource name of the service account in the following format:
	// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.
	// Using `-` as a wildcard for the project will infer the project from
	// the account. The `account` value can be the `email` address or the
	// `unique_id` of the service account.
	Name                 string   `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The service account delete request.

func (*DeleteServiceAccountRequest) Descriptor 

func (*DeleteServiceAccountRequest) Descriptor() ([]byte, []int)

func (*DeleteServiceAccountRequest) GetName 

func (m *DeleteServiceAccountRequest) GetName() string

func (*DeleteServiceAccountRequest) ProtoMessage 

func (*DeleteServiceAccountRequest) ProtoMessage()

func (*DeleteServiceAccountRequest) Reset 

func (m *DeleteServiceAccountRequest) Reset()

func (*DeleteServiceAccountRequest) String 

func (m *DeleteServiceAccountRequest) String() string

func (*DeleteServiceAccountRequest) XXX_DiscardUnknown 

func (m *DeleteServiceAccountRequest) XXX_DiscardUnknown()

func (*DeleteServiceAccountRequest) XXX_Marshal 

func (m *DeleteServiceAccountRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*DeleteServiceAccountRequest) XXX_Merge 

func (dst *DeleteServiceAccountRequest) XXX_Merge(src proto.Message)

func (*DeleteServiceAccountRequest) XXX_Size 

func (m *DeleteServiceAccountRequest) XXX_Size() int

func (*DeleteServiceAccountRequest) XXX_Unmarshal 

func (m *DeleteServiceAccountRequest) XXX_Unmarshal(b []byte) error

type GetRoleRequest 

type GetRoleRequest struct {
	// The resource name of the role in one of the following formats:
	// `roles/{ROLE_NAME}`
	// `organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME}`
	// `projects/{PROJECT_ID}/roles/{ROLE_NAME}`
	Name                 string   `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The request to get the definition of an existing role.

func (*GetRoleRequest) Descriptor 

func (*GetRoleRequest) Descriptor() ([]byte, []int)

func (*GetRoleRequest) GetName 

func (m *GetRoleRequest) GetName() string

func (*GetRoleRequest) ProtoMessage 

func (*GetRoleRequest) ProtoMessage()

func (*GetRoleRequest) Reset 

func (m *GetRoleRequest) Reset()

func (*GetRoleRequest) String 

func (m *GetRoleRequest) String() string

func (*GetRoleRequest) XXX_DiscardUnknown 

func (m *GetRoleRequest) XXX_DiscardUnknown()

func (*GetRoleRequest) XXX_Marshal 

func (m *GetRoleRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*GetRoleRequest) XXX_Merge 

func (dst *GetRoleRequest) XXX_Merge(src proto.Message)

func (*GetRoleRequest) XXX_Size 

func (m *GetRoleRequest) XXX_Size() int

func (*GetRoleRequest) XXX_Unmarshal 

func (m *GetRoleRequest) XXX_Unmarshal(b []byte) error

type GetServiceAccountKeyRequest 

type GetServiceAccountKeyRequest struct {
	// The resource name of the service account key in the following format:
	// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}/keys/{key}`.
	//
	// Using `-` as a wildcard for the project will infer the project from
	// the account. The `account` value can be the `email` address or the
	// `unique_id` of the service account.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// The output format of the public key requested.
	// X509_PEM is the default output format.
	PublicKeyType        ServiceAccountPublicKeyType `` /* 156-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}                    `json:"-"`
	XXX_unrecognized     []byte                      `json:"-"`
	XXX_sizecache        int32                       `json:"-"`
}

The service account key get by id request.

func (*GetServiceAccountKeyRequest) Descriptor 

func (*GetServiceAccountKeyRequest) Descriptor() ([]byte, []int)

func (*GetServiceAccountKeyRequest) GetName 

func (m *GetServiceAccountKeyRequest) GetName() string

func (*GetServiceAccountKeyRequest) GetPublicKeyType 

func (m *GetServiceAccountKeyRequest) GetPublicKeyType() ServiceAccountPublicKeyType

func (*GetServiceAccountKeyRequest) ProtoMessage 

func (*GetServiceAccountKeyRequest) ProtoMessage()

func (*GetServiceAccountKeyRequest) Reset 

func (m *GetServiceAccountKeyRequest) Reset()

func (*GetServiceAccountKeyRequest) String 

func (m *GetServiceAccountKeyRequest) String() string

func (*GetServiceAccountKeyRequest) XXX_DiscardUnknown 

func (m *GetServiceAccountKeyRequest) XXX_DiscardUnknown()

func (*GetServiceAccountKeyRequest) XXX_Marshal 

func (m *GetServiceAccountKeyRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*GetServiceAccountKeyRequest) XXX_Merge 

func (dst *GetServiceAccountKeyRequest) XXX_Merge(src proto.Message)

func (*GetServiceAccountKeyRequest) XXX_Size 

func (m *GetServiceAccountKeyRequest) XXX_Size() int

func (*GetServiceAccountKeyRequest) XXX_Unmarshal 

func (m *GetServiceAccountKeyRequest) XXX_Unmarshal(b []byte) error

type GetServiceAccountRequest 

type GetServiceAccountRequest struct {
	// The resource name of the service account in the following format:
	// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.
	// Using `-` as a wildcard for the project will infer the project from
	// the account. The `account` value can be the `email` address or the
	// `unique_id` of the service account.
	Name                 string   `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The service account get request.

func (*GetServiceAccountRequest) Descriptor 

func (*GetServiceAccountRequest) Descriptor() ([]byte, []int)

func (*GetServiceAccountRequest) GetName 

func (m *GetServiceAccountRequest) GetName() string

func (*GetServiceAccountRequest) ProtoMessage 

func (*GetServiceAccountRequest) ProtoMessage()

func (*GetServiceAccountRequest) Reset 

func (m *GetServiceAccountRequest) Reset()

func (*GetServiceAccountRequest) String 

func (m *GetServiceAccountRequest) String() string

func (*GetServiceAccountRequest) XXX_DiscardUnknown 

func (m *GetServiceAccountRequest) XXX_DiscardUnknown()

func (*GetServiceAccountRequest) XXX_Marshal 

func (m *GetServiceAccountRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*GetServiceAccountRequest) XXX_Merge 

func (dst *GetServiceAccountRequest) XXX_Merge(src proto.Message)

func (*GetServiceAccountRequest) XXX_Size 

func (m *GetServiceAccountRequest) XXX_Size() int

func (*GetServiceAccountRequest) XXX_Unmarshal 

func (m *GetServiceAccountRequest) XXX_Unmarshal(b []byte) error

type IAMClient 

type IAMClient interface {
	// Lists [ServiceAccounts][google.iam.admin.v1.ServiceAccount] for a project.
	ListServiceAccounts(ctx context.Context, in *ListServiceAccountsRequest, opts ...grpc.CallOption) (*ListServiceAccountsResponse, error)
	// Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
	GetServiceAccount(ctx context.Context, in *GetServiceAccountRequest, opts ...grpc.CallOption) (*ServiceAccount, error)
	// Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount]
	// and returns it.
	CreateServiceAccount(ctx context.Context, in *CreateServiceAccountRequest, opts ...grpc.CallOption) (*ServiceAccount, error)
	// Updates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
	//
	// Currently, only the following fields are updatable:
	// `display_name` .
	// The `etag` is mandatory.
	UpdateServiceAccount(ctx context.Context, in *ServiceAccount, opts ...grpc.CallOption) (*ServiceAccount, error)
	// Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
	DeleteServiceAccount(ctx context.Context, in *DeleteServiceAccountRequest, opts ...grpc.CallOption) (*empty.Empty, error)
	// Lists [ServiceAccountKeys][google.iam.admin.v1.ServiceAccountKey].
	ListServiceAccountKeys(ctx context.Context, in *ListServiceAccountKeysRequest, opts ...grpc.CallOption) (*ListServiceAccountKeysResponse, error)
	// Gets the [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]
	// by key id.
	GetServiceAccountKey(ctx context.Context, in *GetServiceAccountKeyRequest, opts ...grpc.CallOption) (*ServiceAccountKey, error)
	// Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]
	// and returns it.
	CreateServiceAccountKey(ctx context.Context, in *CreateServiceAccountKeyRequest, opts ...grpc.CallOption) (*ServiceAccountKey, error)
	// Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].
	DeleteServiceAccountKey(ctx context.Context, in *DeleteServiceAccountKeyRequest, opts ...grpc.CallOption) (*empty.Empty, error)
	// Signs a blob using a service account's system-managed private key.
	SignBlob(ctx context.Context, in *SignBlobRequest, opts ...grpc.CallOption) (*SignBlobResponse, error)
	// Signs a JWT using a service account's system-managed private key.
	//
	// If no expiry time (`exp`) is provided in the `SignJwtRequest`, IAM sets an
	// an expiry time of one hour by default. If you request an expiry time of
	// more than one hour, the request will fail.
	SignJwt(ctx context.Context, in *SignJwtRequest, opts ...grpc.CallOption) (*SignJwtResponse, error)
	// Returns the IAM access control policy for a
	// [ServiceAccount][google.iam.admin.v1.ServiceAccount].
	GetIamPolicy(ctx context.Context, in *v1.GetIamPolicyRequest, opts ...grpc.CallOption) (*v1.Policy, error)
	// Sets the IAM access control policy for a
	// [ServiceAccount][google.iam.admin.v1.ServiceAccount].
	SetIamPolicy(ctx context.Context, in *v1.SetIamPolicyRequest, opts ...grpc.CallOption) (*v1.Policy, error)
	// Tests the specified permissions against the IAM access control policy
	// for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
	TestIamPermissions(ctx context.Context, in *v1.TestIamPermissionsRequest, opts ...grpc.CallOption) (*v1.TestIamPermissionsResponse, error)
	// Queries roles that can be granted on a particular resource.
	// A role is grantable if it can be used as the role in a binding for a policy
	// for that resource.
	QueryGrantableRoles(ctx context.Context, in *QueryGrantableRolesRequest, opts ...grpc.CallOption) (*QueryGrantableRolesResponse, error)
	// Lists the Roles defined on a resource.
	ListRoles(ctx context.Context, in *ListRolesRequest, opts ...grpc.CallOption) (*ListRolesResponse, error)
	// Gets a Role definition.
	GetRole(ctx context.Context, in *GetRoleRequest, opts ...grpc.CallOption) (*Role, error)
	// Creates a new Role.
	CreateRole(ctx context.Context, in *CreateRoleRequest, opts ...grpc.CallOption) (*Role, error)
	// Updates a Role definition.
	UpdateRole(ctx context.Context, in *UpdateRoleRequest, opts ...grpc.CallOption) (*Role, error)
	// Soft deletes a role. The role is suspended and cannot be used to create new
	// IAM Policy Bindings.
	// The Role will not be included in `ListRoles()` unless `show_deleted` is set
	// in the `ListRolesRequest`. The Role contains the deleted boolean set.
	// Existing Bindings remains, but are inactive. The Role can be undeleted
	// within 7 days. After 7 days the Role is deleted and all Bindings associated
	// with the role are removed.
	DeleteRole(ctx context.Context, in *DeleteRoleRequest, opts ...grpc.CallOption) (*Role, error)
	// Undelete a Role, bringing it back in its previous state.
	UndeleteRole(ctx context.Context, in *UndeleteRoleRequest, opts ...grpc.CallOption) (*Role, error)
	// Lists the permissions testable on a resource.
	// A permission is testable if it can be tested for an identity on a resource.
	QueryTestablePermissions(ctx context.Context, in *QueryTestablePermissionsRequest, opts ...grpc.CallOption) (*QueryTestablePermissionsResponse, error)
}

IAMClient is the client API for IAM service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

func NewIAMClient 

func NewIAMClient(cc *grpc.ClientConn) IAMClient

type IAMServer 

type IAMServer interface {
	// Lists [ServiceAccounts][google.iam.admin.v1.ServiceAccount] for a project.
	ListServiceAccounts(context.Context, *ListServiceAccountsRequest) (*ListServiceAccountsResponse, error)
	// Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
	GetServiceAccount(context.Context, *GetServiceAccountRequest) (*ServiceAccount, error)
	// Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount]
	// and returns it.
	CreateServiceAccount(context.Context, *CreateServiceAccountRequest) (*ServiceAccount, error)
	// Updates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
	//
	// Currently, only the following fields are updatable:
	// `display_name` .
	// The `etag` is mandatory.
	UpdateServiceAccount(context.Context, *ServiceAccount) (*ServiceAccount, error)
	// Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
	DeleteServiceAccount(context.Context, *DeleteServiceAccountRequest) (*empty.Empty, error)
	// Lists [ServiceAccountKeys][google.iam.admin.v1.ServiceAccountKey].
	ListServiceAccountKeys(context.Context, *ListServiceAccountKeysRequest) (*ListServiceAccountKeysResponse, error)
	// Gets the [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]
	// by key id.
	GetServiceAccountKey(context.Context, *GetServiceAccountKeyRequest) (*ServiceAccountKey, error)
	// Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]
	// and returns it.
	CreateServiceAccountKey(context.Context, *CreateServiceAccountKeyRequest) (*ServiceAccountKey, error)
	// Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].
	DeleteServiceAccountKey(context.Context, *DeleteServiceAccountKeyRequest) (*empty.Empty, error)
	// Signs a blob using a service account's system-managed private key.
	SignBlob(context.Context, *SignBlobRequest) (*SignBlobResponse, error)
	// Signs a JWT using a service account's system-managed private key.
	//
	// If no expiry time (`exp`) is provided in the `SignJwtRequest`, IAM sets an
	// an expiry time of one hour by default. If you request an expiry time of
	// more than one hour, the request will fail.
	SignJwt(context.Context, *SignJwtRequest) (*SignJwtResponse, error)
	// Returns the IAM access control policy for a
	// [ServiceAccount][google.iam.admin.v1.ServiceAccount].
	GetIamPolicy(context.Context, *v1.GetIamPolicyRequest) (*v1.Policy, error)
	// Sets the IAM access control policy for a
	// [ServiceAccount][google.iam.admin.v1.ServiceAccount].
	SetIamPolicy(context.Context, *v1.SetIamPolicyRequest) (*v1.Policy, error)
	// Tests the specified permissions against the IAM access control policy
	// for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
	TestIamPermissions(context.Context, *v1.TestIamPermissionsRequest) (*v1.TestIamPermissionsResponse, error)
	// Queries roles that can be granted on a particular resource.
	// A role is grantable if it can be used as the role in a binding for a policy
	// for that resource.
	QueryGrantableRoles(context.Context, *QueryGrantableRolesRequest) (*QueryGrantableRolesResponse, error)
	// Lists the Roles defined on a resource.
	ListRoles(context.Context, *ListRolesRequest) (*ListRolesResponse, error)
	// Gets a Role definition.
	GetRole(context.Context, *GetRoleRequest) (*Role, error)
	// Creates a new Role.
	CreateRole(context.Context, *CreateRoleRequest) (*Role, error)
	// Updates a Role definition.
	UpdateRole(context.Context, *UpdateRoleRequest) (*Role, error)
	// Soft deletes a role. The role is suspended and cannot be used to create new
	// IAM Policy Bindings.
	// The Role will not be included in `ListRoles()` unless `show_deleted` is set
	// in the `ListRolesRequest`. The Role contains the deleted boolean set.
	// Existing Bindings remains, but are inactive. The Role can be undeleted
	// within 7 days. After 7 days the Role is deleted and all Bindings associated
	// with the role are removed.
	DeleteRole(context.Context, *DeleteRoleRequest) (*Role, error)
	// Undelete a Role, bringing it back in its previous state.
	UndeleteRole(context.Context, *UndeleteRoleRequest) (*Role, error)
	// Lists the permissions testable on a resource.
	// A permission is testable if it can be tested for an identity on a resource.
	QueryTestablePermissions(context.Context, *QueryTestablePermissionsRequest) (*QueryTestablePermissionsResponse, error)
}

IAMServer is the server API for IAM service.

type ListRolesRequest 

type ListRolesRequest struct {
	// The resource name of the parent resource in one of the following formats:
	// “ (empty string) -- this refers to curated roles.
	// `organizations/{ORGANIZATION_ID}`
	// `projects/{PROJECT_ID}`
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional limit on the number of roles to include in the response.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional pagination token returned in an earlier ListRolesResponse.
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// Optional view for the returned Role objects.
	View RoleView `protobuf:"varint,4,opt,name=view,proto3,enum=google.iam.admin.v1.RoleView" json:"view,omitempty"`
	// Include Roles that have been deleted.
	ShowDeleted          bool     `protobuf:"varint,6,opt,name=show_deleted,json=showDeleted,proto3" json:"show_deleted,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The request to get all roles defined under a resource.

func (*ListRolesRequest) Descriptor 

func (*ListRolesRequest) Descriptor() ([]byte, []int)

func (*ListRolesRequest) GetPageSize 

func (m *ListRolesRequest) GetPageSize() int32

func (*ListRolesRequest) GetPageToken 

func (m *ListRolesRequest) GetPageToken() string

func (*ListRolesRequest) GetParent 

func (m *ListRolesRequest) GetParent() string

func (*ListRolesRequest) GetShowDeleted 

func (m *ListRolesRequest) GetShowDeleted() bool

func (*ListRolesRequest) GetView 

func (m *ListRolesRequest) GetView() RoleView

func (*ListRolesRequest) ProtoMessage 

func (*ListRolesRequest) ProtoMessage()

func (*ListRolesRequest) Reset 

func (m *ListRolesRequest) Reset()

func (*ListRolesRequest) String 

func (m *ListRolesRequest) String() string

func (*ListRolesRequest) XXX_DiscardUnknown 

func (m *ListRolesRequest) XXX_DiscardUnknown()

func (*ListRolesRequest) XXX_Marshal 

func (m *ListRolesRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ListRolesRequest) XXX_Merge 

func (dst *ListRolesRequest) XXX_Merge(src proto.Message)

func (*ListRolesRequest) XXX_Size 

func (m *ListRolesRequest) XXX_Size() int

func (*ListRolesRequest) XXX_Unmarshal 

func (m *ListRolesRequest) XXX_Unmarshal(b []byte) error

type ListRolesResponse 

type ListRolesResponse struct {
	// The Roles defined on this resource.
	Roles []*Role `protobuf:"bytes,1,rep,name=roles,proto3" json:"roles,omitempty"`
	// To retrieve the next page of results, set
	// `ListRolesRequest.page_token` to this value.
	NextPageToken        string   `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The response containing the roles defined under a resource.

func (*ListRolesResponse) Descriptor 

func (*ListRolesResponse) Descriptor() ([]byte, []int)

func (*ListRolesResponse) GetNextPageToken 

func (m *ListRolesResponse) GetNextPageToken() string

func (*ListRolesResponse) GetRoles 

func (m *ListRolesResponse) GetRoles() []*Role

func (*ListRolesResponse) ProtoMessage 

func (*ListRolesResponse) ProtoMessage()

func (*ListRolesResponse) Reset 

func (m *ListRolesResponse) Reset()

func (*ListRolesResponse) String 

func (m *ListRolesResponse) String() string

func (*ListRolesResponse) XXX_DiscardUnknown 

func (m *ListRolesResponse) XXX_DiscardUnknown()

func (*ListRolesResponse) XXX_Marshal 

func (m *ListRolesResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ListRolesResponse) XXX_Merge 

func (dst *ListRolesResponse) XXX_Merge(src proto.Message)

func (*ListRolesResponse) XXX_Size 

func (m *ListRolesResponse) XXX_Size() int

func (*ListRolesResponse) XXX_Unmarshal 

func (m *ListRolesResponse) XXX_Unmarshal(b []byte) error

type ListServiceAccountKeysRequest 

type ListServiceAccountKeysRequest struct {
	// The resource name of the service account in the following format:
	// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.
	//
	// Using `-` as a wildcard for the project, will infer the project from
	// the account. The `account` value can be the `email` address or the
	// `unique_id` of the service account.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Filters the types of keys the user wants to include in the list
	// response. Duplicate key types are not allowed. If no key type
	// is provided, all keys are returned.
	KeyTypes             []ListServiceAccountKeysRequest_KeyType `` /* 156-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}                                `json:"-"`
	XXX_unrecognized     []byte                                  `json:"-"`
	XXX_sizecache        int32                                   `json:"-"`
}

The service account keys list request.

func (*ListServiceAccountKeysRequest) Descriptor 

func (*ListServiceAccountKeysRequest) Descriptor() ([]byte, []int)

func (*ListServiceAccountKeysRequest) GetKeyTypes 

func (m *ListServiceAccountKeysRequest) GetKeyTypes() []ListServiceAccountKeysRequest_KeyType

func (*ListServiceAccountKeysRequest) GetName 

func (m *ListServiceAccountKeysRequest) GetName() string

func (*ListServiceAccountKeysRequest) ProtoMessage 

func (*ListServiceAccountKeysRequest) ProtoMessage()

func (*ListServiceAccountKeysRequest) Reset 

func (m *ListServiceAccountKeysRequest) Reset()

func (*ListServiceAccountKeysRequest) String 

func (m *ListServiceAccountKeysRequest) String() string

func (*ListServiceAccountKeysRequest) XXX_DiscardUnknown 

func (m *ListServiceAccountKeysRequest) XXX_DiscardUnknown()

func (*ListServiceAccountKeysRequest) XXX_Marshal 

func (m *ListServiceAccountKeysRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ListServiceAccountKeysRequest) XXX_Merge 

func (dst *ListServiceAccountKeysRequest) XXX_Merge(src proto.Message)

func (*ListServiceAccountKeysRequest) XXX_Size 

func (m *ListServiceAccountKeysRequest) XXX_Size() int

func (*ListServiceAccountKeysRequest) XXX_Unmarshal 

func (m *ListServiceAccountKeysRequest) XXX_Unmarshal(b []byte) error

type ListServiceAccountKeysRequest_KeyType 

type ListServiceAccountKeysRequest_KeyType int32

`KeyType` filters to selectively retrieve certain varieties of keys. 

const (
	// Unspecified key type. The presence of this in the
	// message will immediately result in an error.
	ListServiceAccountKeysRequest_KEY_TYPE_UNSPECIFIED ListServiceAccountKeysRequest_KeyType = 0
	// User-managed keys (managed and rotated by the user).
	ListServiceAccountKeysRequest_USER_MANAGED ListServiceAccountKeysRequest_KeyType = 1
	// System-managed keys (managed and rotated by Google).
	ListServiceAccountKeysRequest_SYSTEM_MANAGED ListServiceAccountKeysRequest_KeyType = 2
)

func (ListServiceAccountKeysRequest_KeyType) EnumDescriptor 

func (ListServiceAccountKeysRequest_KeyType) EnumDescriptor() ([]byte, []int)

func (ListServiceAccountKeysRequest_KeyType) String 

func (x ListServiceAccountKeysRequest_KeyType) String() string

type ListServiceAccountKeysResponse 

type ListServiceAccountKeysResponse struct {
	// The public keys for the service account.
	Keys                 []*ServiceAccountKey `protobuf:"bytes,1,rep,name=keys,proto3" json:"keys,omitempty"`
	XXX_NoUnkeyedLiteral struct{}             `json:"-"`
	XXX_unrecognized     []byte               `json:"-"`
	XXX_sizecache        int32                `json:"-"`
}

The service account keys list response.

func (*ListServiceAccountKeysResponse) Descriptor 

func (*ListServiceAccountKeysResponse) Descriptor() ([]byte, []int)

func (*ListServiceAccountKeysResponse) GetKeys 

func (m *ListServiceAccountKeysResponse) GetKeys() []*ServiceAccountKey

func (*ListServiceAccountKeysResponse) ProtoMessage 

func (*ListServiceAccountKeysResponse) ProtoMessage()

func (*ListServiceAccountKeysResponse) Reset 

func (m *ListServiceAccountKeysResponse) Reset()

func (*ListServiceAccountKeysResponse) String 

func (m *ListServiceAccountKeysResponse) String() string

func (*ListServiceAccountKeysResponse) XXX_DiscardUnknown 

func (m *ListServiceAccountKeysResponse) XXX_DiscardUnknown()

func (*ListServiceAccountKeysResponse) XXX_Marshal 

func (m *ListServiceAccountKeysResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ListServiceAccountKeysResponse) XXX_Merge 

func (dst *ListServiceAccountKeysResponse) XXX_Merge(src proto.Message)

func (*ListServiceAccountKeysResponse) XXX_Size 

func (m *ListServiceAccountKeysResponse) XXX_Size() int

func (*ListServiceAccountKeysResponse) XXX_Unmarshal 

func (m *ListServiceAccountKeysResponse) XXX_Unmarshal(b []byte) error

type ListServiceAccountsRequest 

type ListServiceAccountsRequest struct {
	// Required. The resource name of the project associated with the service
	// accounts, such as `projects/my-project-123`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional limit on the number of service accounts to include in the
	// response. Further accounts can subsequently be obtained by including the
	// [ListServiceAccountsResponse.next_page_token][google.iam.admin.v1.ListServiceAccountsResponse.next_page_token]
	// in a subsequent request.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional pagination token returned in an earlier
	// [ListServiceAccountsResponse.next_page_token][google.iam.admin.v1.ListServiceAccountsResponse.next_page_token].
	PageToken            string   `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The service account list request.

func (*ListServiceAccountsRequest) Descriptor 

func (*ListServiceAccountsRequest) Descriptor() ([]byte, []int)

func (*ListServiceAccountsRequest) GetName 

func (m *ListServiceAccountsRequest) GetName() string

func (*ListServiceAccountsRequest) GetPageSize 

func (m *ListServiceAccountsRequest) GetPageSize() int32

func (*ListServiceAccountsRequest) GetPageToken 

func (m *ListServiceAccountsRequest) GetPageToken() string

func (*ListServiceAccountsRequest) ProtoMessage 

func (*ListServiceAccountsRequest) ProtoMessage()

func (*ListServiceAccountsRequest) Reset 

func (m *ListServiceAccountsRequest) Reset()

func (*ListServiceAccountsRequest) String 

func (m *ListServiceAccountsRequest) String() string

func (*ListServiceAccountsRequest) XXX_DiscardUnknown 

func (m *ListServiceAccountsRequest) XXX_DiscardUnknown()

func (*ListServiceAccountsRequest) XXX_Marshal 

func (m *ListServiceAccountsRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ListServiceAccountsRequest) XXX_Merge 

func (dst *ListServiceAccountsRequest) XXX_Merge(src proto.Message)

func (*ListServiceAccountsRequest) XXX_Size 

func (m *ListServiceAccountsRequest) XXX_Size() int

func (*ListServiceAccountsRequest) XXX_Unmarshal 

func (m *ListServiceAccountsRequest) XXX_Unmarshal(b []byte) error

type ListServiceAccountsResponse 

type ListServiceAccountsResponse struct {
	// The list of matching service accounts.
	Accounts []*ServiceAccount `protobuf:"bytes,1,rep,name=accounts,proto3" json:"accounts,omitempty"`
	// To retrieve the next page of results, set
	// [ListServiceAccountsRequest.page_token][google.iam.admin.v1.ListServiceAccountsRequest.page_token]
	// to this value.
	NextPageToken        string   `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The service account list response.

func (*ListServiceAccountsResponse) Descriptor 

func (*ListServiceAccountsResponse) Descriptor() ([]byte, []int)

func (*ListServiceAccountsResponse) GetAccounts 

func (m *ListServiceAccountsResponse) GetAccounts() []*ServiceAccount

func (*ListServiceAccountsResponse) GetNextPageToken 

func (m *ListServiceAccountsResponse) GetNextPageToken() string

func (*ListServiceAccountsResponse) ProtoMessage 

func (*ListServiceAccountsResponse) ProtoMessage()

func (*ListServiceAccountsResponse) Reset 

func (m *ListServiceAccountsResponse) Reset()

func (*ListServiceAccountsResponse) String 

func (m *ListServiceAccountsResponse) String() string

func (*ListServiceAccountsResponse) XXX_DiscardUnknown 

func (m *ListServiceAccountsResponse) XXX_DiscardUnknown()

func (*ListServiceAccountsResponse) XXX_Marshal 

func (m *ListServiceAccountsResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ListServiceAccountsResponse) XXX_Merge 

func (dst *ListServiceAccountsResponse) XXX_Merge(src proto.Message)

func (*ListServiceAccountsResponse) XXX_Size 

func (m *ListServiceAccountsResponse) XXX_Size() int

func (*ListServiceAccountsResponse) XXX_Unmarshal 

func (m *ListServiceAccountsResponse) XXX_Unmarshal(b []byte) error

type Permission 

type Permission struct {
	// The name of this Permission.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// The title of this Permission.
	Title string `protobuf:"bytes,2,opt,name=title,proto3" json:"title,omitempty"`
	// A brief description of what this Permission is used for.
	Description string `protobuf:"bytes,3,opt,name=description,proto3" json:"description,omitempty"`
	// This permission can ONLY be used in predefined roles.
	OnlyInPredefinedRoles bool `` /* 129-byte string literal not displayed */
	// The current launch stage of the permission.
	Stage Permission_PermissionLaunchStage `protobuf:"varint,5,opt,name=stage,proto3,enum=google.iam.admin.v1.Permission_PermissionLaunchStage" json:"stage,omitempty"`
	// The current custom role support level.
	CustomRolesSupportLevel Permission_CustomRolesSupportLevel `` /* 195-byte string literal not displayed */
	XXX_NoUnkeyedLiteral    struct{}                           `json:"-"`
	XXX_unrecognized        []byte                             `json:"-"`
	XXX_sizecache           int32                              `json:"-"`
}

A permission which can be included by a role.

func (*Permission) Descriptor 

func (*Permission) Descriptor() ([]byte, []int)

func (*Permission) GetCustomRolesSupportLevel 

func (m *Permission) GetCustomRolesSupportLevel() Permission_CustomRolesSupportLevel

func (*Permission) GetDescription 

func (m *Permission) GetDescription() string

func (*Permission) GetName 

func (m *Permission) GetName() string

func (*Permission) GetOnlyInPredefinedRoles 

func (m *Permission) GetOnlyInPredefinedRoles() bool

func (*Permission) GetStage 

func (m *Permission) GetStage() Permission_PermissionLaunchStage

func (*Permission) GetTitle 

func (m *Permission) GetTitle() string

func (*Permission) ProtoMessage 

func (*Permission) ProtoMessage()

func (*Permission) Reset 

func (m *Permission) Reset()

func (*Permission) String 

func (m *Permission) String() string

func (*Permission) XXX_DiscardUnknown 

func (m *Permission) XXX_DiscardUnknown()

func (*Permission) XXX_Marshal 

func (m *Permission) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Permission) XXX_Merge 

func (dst *Permission) XXX_Merge(src proto.Message)

func (*Permission) XXX_Size 

func (m *Permission) XXX_Size() int

func (*Permission) XXX_Unmarshal 

func (m *Permission) XXX_Unmarshal(b []byte) error

type Permission_CustomRolesSupportLevel 

type Permission_CustomRolesSupportLevel int32

The state of the permission with regards to custom roles. 

const (
	// Permission is fully supported for custom role use.
	Permission_SUPPORTED Permission_CustomRolesSupportLevel = 0
	// Permission is being tested to check custom role compatibility.
	Permission_TESTING Permission_CustomRolesSupportLevel = 1
	// Permission is not supported for custom role use.
	Permission_NOT_SUPPORTED Permission_CustomRolesSupportLevel = 2
)

func (Permission_CustomRolesSupportLevel) EnumDescriptor 

func (Permission_CustomRolesSupportLevel) EnumDescriptor() ([]byte, []int)

func (Permission_CustomRolesSupportLevel) String 

func (x Permission_CustomRolesSupportLevel) String() string

type Permission_PermissionLaunchStage 

type Permission_PermissionLaunchStage int32

A stage representing a permission's lifecycle phase. 

const (
	// The permission is currently in an alpha phase.
	Permission_ALPHA Permission_PermissionLaunchStage = 0
	// The permission is currently in a beta phase.
	Permission_BETA Permission_PermissionLaunchStage = 1
	// The permission is generally available.
	Permission_GA Permission_PermissionLaunchStage = 2
	// The permission is being deprecated.
	Permission_DEPRECATED Permission_PermissionLaunchStage = 3
)

func (Permission_PermissionLaunchStage) EnumDescriptor 

func (Permission_PermissionLaunchStage) EnumDescriptor() ([]byte, []int)

func (Permission_PermissionLaunchStage) String 

func (x Permission_PermissionLaunchStage) String() string

type QueryGrantableRolesRequest 

type QueryGrantableRolesRequest struct {
	// Required. The full resource name to query from the list of grantable roles.
	//
	// The name follows the Google Cloud Platform resource format.
	// For example, a Cloud Platform project with id `my-project` will be named
	// `//cloudresourcemanager.googleapis.com/projects/my-project`.
	FullResourceName string   `protobuf:"bytes,1,opt,name=full_resource_name,json=fullResourceName,proto3" json:"full_resource_name,omitempty"`
	View             RoleView `protobuf:"varint,2,opt,name=view,proto3,enum=google.iam.admin.v1.RoleView" json:"view,omitempty"`
	// Optional limit on the number of roles to include in the response.
	PageSize int32 `protobuf:"varint,3,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional pagination token returned in an earlier
	// QueryGrantableRolesResponse.
	PageToken            string   `protobuf:"bytes,4,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The grantable role query request.

func (*QueryGrantableRolesRequest) Descriptor 

func (*QueryGrantableRolesRequest) Descriptor() ([]byte, []int)

func (*QueryGrantableRolesRequest) GetFullResourceName 

func (m *QueryGrantableRolesRequest) GetFullResourceName() string

func (*QueryGrantableRolesRequest) GetPageSize 

func (m *QueryGrantableRolesRequest) GetPageSize() int32

func (*QueryGrantableRolesRequest) GetPageToken 

func (m *QueryGrantableRolesRequest) GetPageToken() string

func (*QueryGrantableRolesRequest) GetView 

func (m *QueryGrantableRolesRequest) GetView() RoleView

func (*QueryGrantableRolesRequest) ProtoMessage 

func (*QueryGrantableRolesRequest) ProtoMessage()

func (*QueryGrantableRolesRequest) Reset 

func (m *QueryGrantableRolesRequest) Reset()

func (*QueryGrantableRolesRequest) String 

func (m *QueryGrantableRolesRequest) String() string

func (*QueryGrantableRolesRequest) XXX_DiscardUnknown 

func (m *QueryGrantableRolesRequest) XXX_DiscardUnknown()

func (*QueryGrantableRolesRequest) XXX_Marshal 

func (m *QueryGrantableRolesRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*QueryGrantableRolesRequest) XXX_Merge 

func (dst *QueryGrantableRolesRequest) XXX_Merge(src proto.Message)

func (*QueryGrantableRolesRequest) XXX_Size 

func (m *QueryGrantableRolesRequest) XXX_Size() int

func (*QueryGrantableRolesRequest) XXX_Unmarshal 

func (m *QueryGrantableRolesRequest) XXX_Unmarshal(b []byte) error

type QueryGrantableRolesResponse 

type QueryGrantableRolesResponse struct {
	// The list of matching roles.
	Roles []*Role `protobuf:"bytes,1,rep,name=roles,proto3" json:"roles,omitempty"`
	// To retrieve the next page of results, set
	// `QueryGrantableRolesRequest.page_token` to this value.
	NextPageToken        string   `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The grantable role query response.

func (*QueryGrantableRolesResponse) Descriptor 

func (*QueryGrantableRolesResponse) Descriptor() ([]byte, []int)

func (*QueryGrantableRolesResponse) GetNextPageToken 

func (m *QueryGrantableRolesResponse) GetNextPageToken() string

func (*QueryGrantableRolesResponse) GetRoles 

func (m *QueryGrantableRolesResponse) GetRoles() []*Role

func (*QueryGrantableRolesResponse) ProtoMessage 

func (*QueryGrantableRolesResponse) ProtoMessage()

func (*QueryGrantableRolesResponse) Reset 

func (m *QueryGrantableRolesResponse) Reset()

func (*QueryGrantableRolesResponse) String 

func (m *QueryGrantableRolesResponse) String() string

func (*QueryGrantableRolesResponse) XXX_DiscardUnknown 

func (m *QueryGrantableRolesResponse) XXX_DiscardUnknown()

func (*QueryGrantableRolesResponse) XXX_Marshal 

func (m *QueryGrantableRolesResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*QueryGrantableRolesResponse) XXX_Merge 

func (dst *QueryGrantableRolesResponse) XXX_Merge(src proto.Message)

func (*QueryGrantableRolesResponse) XXX_Size 

func (m *QueryGrantableRolesResponse) XXX_Size() int

func (*QueryGrantableRolesResponse) XXX_Unmarshal 

func (m *QueryGrantableRolesResponse) XXX_Unmarshal(b []byte) error

type QueryTestablePermissionsRequest 

type QueryTestablePermissionsRequest struct {
	// Required. The full resource name to query from the list of testable
	// permissions.
	//
	// The name follows the Google Cloud Platform resource format.
	// For example, a Cloud Platform project with id `my-project` will be named
	// `//cloudresourcemanager.googleapis.com/projects/my-project`.
	FullResourceName string `protobuf:"bytes,1,opt,name=full_resource_name,json=fullResourceName,proto3" json:"full_resource_name,omitempty"`
	// Optional limit on the number of permissions to include in the response.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional pagination token returned in an earlier
	// QueryTestablePermissionsRequest.
	PageToken            string   `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

A request to get permissions which can be tested on a resource.

func (*QueryTestablePermissionsRequest) Descriptor 

func (*QueryTestablePermissionsRequest) Descriptor() ([]byte, []int)

func (*QueryTestablePermissionsRequest) GetFullResourceName 

func (m *QueryTestablePermissionsRequest) GetFullResourceName() string

func (*QueryTestablePermissionsRequest) GetPageSize 

func (m *QueryTestablePermissionsRequest) GetPageSize() int32

func (*QueryTestablePermissionsRequest) GetPageToken 

func (m *QueryTestablePermissionsRequest) GetPageToken() string

func (*QueryTestablePermissionsRequest) ProtoMessage 

func (*QueryTestablePermissionsRequest) ProtoMessage()

func (*QueryTestablePermissionsRequest) Reset 

func (m *QueryTestablePermissionsRequest) Reset()

func (*QueryTestablePermissionsRequest) String 

func (m *QueryTestablePermissionsRequest) String() string

func (*QueryTestablePermissionsRequest) XXX_DiscardUnknown 

func (m *QueryTestablePermissionsRequest) XXX_DiscardUnknown()

func (*QueryTestablePermissionsRequest) XXX_Marshal 

func (m *QueryTestablePermissionsRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*QueryTestablePermissionsRequest) XXX_Merge 

func (dst *QueryTestablePermissionsRequest) XXX_Merge(src proto.Message)

func (*QueryTestablePermissionsRequest) XXX_Size 

func (m *QueryTestablePermissionsRequest) XXX_Size() int

func (*QueryTestablePermissionsRequest) XXX_Unmarshal 

func (m *QueryTestablePermissionsRequest) XXX_Unmarshal(b []byte) error

type QueryTestablePermissionsResponse 

type QueryTestablePermissionsResponse struct {
	// The Permissions testable on the requested resource.
	Permissions []*Permission `protobuf:"bytes,1,rep,name=permissions,proto3" json:"permissions,omitempty"`
	// To retrieve the next page of results, set
	// `QueryTestableRolesRequest.page_token` to this value.
	NextPageToken        string   `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The response containing permissions which can be tested on a resource.

func (*QueryTestablePermissionsResponse) Descriptor 

func (*QueryTestablePermissionsResponse) Descriptor() ([]byte, []int)

func (*QueryTestablePermissionsResponse) GetNextPageToken 

func (m *QueryTestablePermissionsResponse) GetNextPageToken() string

func (*QueryTestablePermissionsResponse) GetPermissions 

func (m *QueryTestablePermissionsResponse) GetPermissions() []*Permission

func (*QueryTestablePermissionsResponse) ProtoMessage 

func (*QueryTestablePermissionsResponse) ProtoMessage()

func (*QueryTestablePermissionsResponse) Reset 

func (m *QueryTestablePermissionsResponse) Reset()

func (*QueryTestablePermissionsResponse) String 

func (m *QueryTestablePermissionsResponse) String() string

func (*QueryTestablePermissionsResponse) XXX_DiscardUnknown 

func (m *QueryTestablePermissionsResponse) XXX_DiscardUnknown()

func (*QueryTestablePermissionsResponse) XXX_Marshal 

func (m *QueryTestablePermissionsResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*QueryTestablePermissionsResponse) XXX_Merge 

func (dst *QueryTestablePermissionsResponse) XXX_Merge(src proto.Message)

func (*QueryTestablePermissionsResponse) XXX_Size 

func (m *QueryTestablePermissionsResponse) XXX_Size() int

func (*QueryTestablePermissionsResponse) XXX_Unmarshal 

func (m *QueryTestablePermissionsResponse) XXX_Unmarshal(b []byte) error

type Role 

type Role struct {
	// The name of the role.
	//
	// When Role is used in CreateRole, the role name must not be set.
	//
	// When Role is used in output and other input such as UpdateRole, the role
	// name is the complete path, e.g., roles/logging.viewer for curated roles
	// and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional.  A human-readable title for the role.  Typically this
	// is limited to 100 UTF-8 bytes.
	Title string `protobuf:"bytes,2,opt,name=title,proto3" json:"title,omitempty"`
	// Optional.  A human-readable description for the role.
	Description string `protobuf:"bytes,3,opt,name=description,proto3" json:"description,omitempty"`
	// The names of the permissions this role grants when bound in an IAM policy.
	IncludedPermissions []string `protobuf:"bytes,7,rep,name=included_permissions,json=includedPermissions,proto3" json:"included_permissions,omitempty"`
	// The current launch stage of the role.
	Stage Role_RoleLaunchStage `protobuf:"varint,8,opt,name=stage,proto3,enum=google.iam.admin.v1.Role_RoleLaunchStage" json:"stage,omitempty"`
	// Used to perform a consistent read-modify-write.
	Etag []byte `protobuf:"bytes,9,opt,name=etag,proto3" json:"etag,omitempty"`
	// The current deleted state of the role. This field is read only.
	// It will be ignored in calls to CreateRole and UpdateRole.
	Deleted              bool     `protobuf:"varint,11,opt,name=deleted,proto3" json:"deleted,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

A role in the Identity and Access Management API.

func (*Role) Descriptor 

func (*Role) Descriptor() ([]byte, []int)

func (*Role) GetDeleted 

func (m *Role) GetDeleted() bool

func (*Role) GetDescription 

func (m *Role) GetDescription() string

func (*Role) GetEtag 

func (m *Role) GetEtag() []byte

func (*Role) GetIncludedPermissions 

func (m *Role) GetIncludedPermissions() []string

func (*Role) GetName 

func (m *Role) GetName() string

func (*Role) GetStage 

func (m *Role) GetStage() Role_RoleLaunchStage

func (*Role) GetTitle 

func (m *Role) GetTitle() string

func (*Role) ProtoMessage 

func (*Role) ProtoMessage()

func (*Role) Reset 

func (m *Role) Reset()

func (*Role) String 

func (m *Role) String() string

func (*Role) XXX_DiscardUnknown 

func (m *Role) XXX_DiscardUnknown()

func (*Role) XXX_Marshal 

func (m *Role) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Role) XXX_Merge 

func (dst *Role) XXX_Merge(src proto.Message)

func (*Role) XXX_Size 

func (m *Role) XXX_Size() int

func (*Role) XXX_Unmarshal 

func (m *Role) XXX_Unmarshal(b []byte) error

type RoleView 

type RoleView int32

A view for Role objects. 

const (
	// Omits the `included_permissions` field.
	// This is the default value.
	RoleView_BASIC RoleView = 0
	// Returns all fields.
	RoleView_FULL RoleView = 1
)

func (RoleView) EnumDescriptor 

func (RoleView) EnumDescriptor() ([]byte, []int)

func (RoleView) String 

func (x RoleView) String() string

type Role_RoleLaunchStage 

type Role_RoleLaunchStage int32

A stage representing a role's lifecycle phase. 

const (
	// The user has indicated this role is currently in an alpha phase.
	Role_ALPHA Role_RoleLaunchStage = 0
	// The user has indicated this role is currently in a beta phase.
	Role_BETA Role_RoleLaunchStage = 1
	// The user has indicated this role is generally available.
	Role_GA Role_RoleLaunchStage = 2
	// The user has indicated this role is being deprecated.
	Role_DEPRECATED Role_RoleLaunchStage = 4
	// This role is disabled and will not contribute permissions to any members
	// it is granted to in policies.
	Role_DISABLED Role_RoleLaunchStage = 5
	// The user has indicated this role is currently in an eap phase.
	Role_EAP Role_RoleLaunchStage = 6
)

func (Role_RoleLaunchStage) EnumDescriptor 

func (Role_RoleLaunchStage) EnumDescriptor() ([]byte, []int)

func (Role_RoleLaunchStage) String 

func (x Role_RoleLaunchStage) String() string

type ServiceAccount 

type ServiceAccount struct {
	// The resource name of the service account in the following format:
	// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.
	//
	// Requests using `-` as a wildcard for the project will infer the project
	// from the `account` and the `account` value can be the `email` address or
	// the `unique_id` of the service account.
	//
	// In responses the resource name will always be in the format
	// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// @OutputOnly The id of the project that owns the service account.
	ProjectId string `protobuf:"bytes,2,opt,name=project_id,json=projectId,proto3" json:"project_id,omitempty"`
	// @OutputOnly The unique and stable id of the service account.
	UniqueId string `protobuf:"bytes,4,opt,name=unique_id,json=uniqueId,proto3" json:"unique_id,omitempty"`
	// @OutputOnly The email address of the service account.
	Email string `protobuf:"bytes,5,opt,name=email,proto3" json:"email,omitempty"`
	// Optional. A user-specified description of the service account.  Must be
	// fewer than 100 UTF-8 bytes.
	DisplayName string `protobuf:"bytes,6,opt,name=display_name,json=displayName,proto3" json:"display_name,omitempty"`
	// Used to perform a consistent read-modify-write.
	Etag []byte `protobuf:"bytes,7,opt,name=etag,proto3" json:"etag,omitempty"`
	// @OutputOnly. The OAuth2 client id for the service account.
	// This is used in conjunction with the OAuth2 clientconfig API to make
	// three legged OAuth2 (3LO) flows to access the data of Google users.
	Oauth2ClientId       string   `protobuf:"bytes,9,opt,name=oauth2_client_id,json=oauth2ClientId,proto3" json:"oauth2_client_id,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

A service account in the Identity and Access Management API.

To create a service account, specify the `project_id` and the `account_id` for the account. The `account_id` is unique within the project, and is used to generate the service account email address and a stable `unique_id`.

If the account already exists, the account's resource name is returned in util::Status's ResourceInfo.resource_name in the format of projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}. The caller can use the name in other methods to access the account.

All other methods can identify the service account using the format `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`. Using `-` as a wildcard for the project will infer the project from the account. The `account` value can be the `email` address or the `unique_id` of the service account.

func (*ServiceAccount) Descriptor 

func (*ServiceAccount) Descriptor() ([]byte, []int)

func (*ServiceAccount) GetDisplayName 

func (m *ServiceAccount) GetDisplayName() string

func (*ServiceAccount) GetEmail 

func (m *ServiceAccount) GetEmail() string

func (*ServiceAccount) GetEtag 

func (m *ServiceAccount) GetEtag() []byte

func (*ServiceAccount) GetName 

func (m *ServiceAccount) GetName() string

func (*ServiceAccount) GetOauth2ClientId 

func (m *ServiceAccount) GetOauth2ClientId() string

func (*ServiceAccount) GetProjectId 

func (m *ServiceAccount) GetProjectId() string

func (*ServiceAccount) GetUniqueId 

func (m *ServiceAccount) GetUniqueId() string

func (*ServiceAccount) ProtoMessage 

func (*ServiceAccount) ProtoMessage()

func (*ServiceAccount) Reset 

func (m *ServiceAccount) Reset()

func (*ServiceAccount) String 

func (m *ServiceAccount) String() string

func (*ServiceAccount) XXX_DiscardUnknown 

func (m *ServiceAccount) XXX_DiscardUnknown()

func (*ServiceAccount) XXX_Marshal 

func (m *ServiceAccount) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ServiceAccount) XXX_Merge 

func (dst *ServiceAccount) XXX_Merge(src proto.Message)

func (*ServiceAccount) XXX_Size 

func (m *ServiceAccount) XXX_Size() int

func (*ServiceAccount) XXX_Unmarshal 

func (m *ServiceAccount) XXX_Unmarshal(b []byte) error

type ServiceAccountKey 

type ServiceAccountKey struct {
	// The resource name of the service account key in the following format
	// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}/keys/{key}`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// The output format for the private key.
	// Only provided in `CreateServiceAccountKey` responses, not
	// in `GetServiceAccountKey` or `ListServiceAccountKey` responses.
	//
	// Google never exposes system-managed private keys, and never retains
	// user-managed private keys.
	PrivateKeyType ServiceAccountPrivateKeyType `` /* 160-byte string literal not displayed */
	// Specifies the algorithm (and possibly key size) for the key.
	KeyAlgorithm ServiceAccountKeyAlgorithm `` /* 150-byte string literal not displayed */
	// The private key data. Only provided in `CreateServiceAccountKey`
	// responses. Make sure to keep the private key data secure because it
	// allows for the assertion of the service account identity.
	// When decoded, the private key data can be used to authenticate with
	// Google API client libraries and with
	// <a href="/sdk/gcloud/reference/auth/activate-service-account">gcloud
	// auth activate-service-account</a>.
	PrivateKeyData []byte `protobuf:"bytes,3,opt,name=private_key_data,json=privateKeyData,proto3" json:"private_key_data,omitempty"`
	// The public key data. Only provided in `GetServiceAccountKey` responses.
	PublicKeyData []byte `protobuf:"bytes,7,opt,name=public_key_data,json=publicKeyData,proto3" json:"public_key_data,omitempty"`
	// The key can be used after this timestamp.
	ValidAfterTime *timestamp.Timestamp `protobuf:"bytes,4,opt,name=valid_after_time,json=validAfterTime,proto3" json:"valid_after_time,omitempty"`
	// The key can be used before this timestamp.
	ValidBeforeTime      *timestamp.Timestamp `protobuf:"bytes,5,opt,name=valid_before_time,json=validBeforeTime,proto3" json:"valid_before_time,omitempty"`
	XXX_NoUnkeyedLiteral struct{}             `json:"-"`
	XXX_unrecognized     []byte               `json:"-"`
	XXX_sizecache        int32                `json:"-"`
}

Represents a service account key.

A service account has two sets of key-pairs: user-managed, and system-managed.

User-managed key-pairs can be created and deleted by users. Users are responsible for rotating these keys periodically to ensure security of their service accounts. Users retain the private key of these key-pairs, and Google retains ONLY the public key.

System-managed key-pairs are managed automatically by Google, and rotated daily without user intervention. The private key never leaves Google's servers to maximize security.

Public keys for all service accounts are also published at the OAuth2 Service Account API.

func (*ServiceAccountKey) Descriptor 

func (*ServiceAccountKey) Descriptor() ([]byte, []int)

func (*ServiceAccountKey) GetKeyAlgorithm 

func (m *ServiceAccountKey) GetKeyAlgorithm() ServiceAccountKeyAlgorithm

func (*ServiceAccountKey) GetName 

func (m *ServiceAccountKey) GetName() string

func (*ServiceAccountKey) GetPrivateKeyData 

func (m *ServiceAccountKey) GetPrivateKeyData() []byte

func (*ServiceAccountKey) GetPrivateKeyType 

func (m *ServiceAccountKey) GetPrivateKeyType() ServiceAccountPrivateKeyType

func (*ServiceAccountKey) GetPublicKeyData 

func (m *ServiceAccountKey) GetPublicKeyData() []byte

func (*ServiceAccountKey) GetValidAfterTime 

func (m *ServiceAccountKey) GetValidAfterTime() *timestamp.Timestamp

func (*ServiceAccountKey) GetValidBeforeTime 

func (m *ServiceAccountKey) GetValidBeforeTime() *timestamp.Timestamp

func (*ServiceAccountKey) ProtoMessage 

func (*ServiceAccountKey) ProtoMessage()

func (*ServiceAccountKey) Reset 

func (m *ServiceAccountKey) Reset()

func (*ServiceAccountKey) String 

func (m *ServiceAccountKey) String() string

func (*ServiceAccountKey) XXX_DiscardUnknown 

func (m *ServiceAccountKey) XXX_DiscardUnknown()

func (*ServiceAccountKey) XXX_Marshal 

func (m *ServiceAccountKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ServiceAccountKey) XXX_Merge 

func (dst *ServiceAccountKey) XXX_Merge(src proto.Message)

func (*ServiceAccountKey) XXX_Size 

func (m *ServiceAccountKey) XXX_Size() int

func (*ServiceAccountKey) XXX_Unmarshal 

func (m *ServiceAccountKey) XXX_Unmarshal(b []byte) error

type ServiceAccountKeyAlgorithm 

type ServiceAccountKeyAlgorithm int32

Supported key algorithms. 

const (
	// An unspecified key algorithm.
	ServiceAccountKeyAlgorithm_KEY_ALG_UNSPECIFIED ServiceAccountKeyAlgorithm = 0
	// 1k RSA Key.
	ServiceAccountKeyAlgorithm_KEY_ALG_RSA_1024 ServiceAccountKeyAlgorithm = 1
	// 2k RSA Key.
	ServiceAccountKeyAlgorithm_KEY_ALG_RSA_2048 ServiceAccountKeyAlgorithm = 2
)

func (ServiceAccountKeyAlgorithm) EnumDescriptor 

func (ServiceAccountKeyAlgorithm) EnumDescriptor() ([]byte, []int)

func (ServiceAccountKeyAlgorithm) String 

func (x ServiceAccountKeyAlgorithm) String() string

type ServiceAccountPrivateKeyType 

type ServiceAccountPrivateKeyType int32

Supported private key output formats. 

const (
	// Unspecified. Equivalent to `TYPE_GOOGLE_CREDENTIALS_FILE`.
	ServiceAccountPrivateKeyType_TYPE_UNSPECIFIED ServiceAccountPrivateKeyType = 0
	// PKCS12 format.
	// The password for the PKCS12 file is `notasecret`.
	// For more information, see https://tools.ietf.org/html/rfc7292.
	ServiceAccountPrivateKeyType_TYPE_PKCS12_FILE ServiceAccountPrivateKeyType = 1
	// Google Credentials File format.
	ServiceAccountPrivateKeyType_TYPE_GOOGLE_CREDENTIALS_FILE ServiceAccountPrivateKeyType = 2
)

func (ServiceAccountPrivateKeyType) EnumDescriptor 

func (ServiceAccountPrivateKeyType) EnumDescriptor() ([]byte, []int)

func (ServiceAccountPrivateKeyType) String 

func (x ServiceAccountPrivateKeyType) String() string

type ServiceAccountPublicKeyType 

type ServiceAccountPublicKeyType int32

Supported public key output formats. 

const (
	// Unspecified. Returns nothing here.
	ServiceAccountPublicKeyType_TYPE_NONE ServiceAccountPublicKeyType = 0
	// X509 PEM format.
	ServiceAccountPublicKeyType_TYPE_X509_PEM_FILE ServiceAccountPublicKeyType = 1
	// Raw public key.
	ServiceAccountPublicKeyType_TYPE_RAW_PUBLIC_KEY ServiceAccountPublicKeyType = 2
)

func (ServiceAccountPublicKeyType) EnumDescriptor 

func (ServiceAccountPublicKeyType) EnumDescriptor() ([]byte, []int)

func (ServiceAccountPublicKeyType) String 

func (x ServiceAccountPublicKeyType) String() string

type SignBlobRequest 

type SignBlobRequest struct {
	// The resource name of the service account in the following format:
	// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.
	// Using `-` as a wildcard for the project will infer the project from
	// the account. The `account` value can be the `email` address or the
	// `unique_id` of the service account.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// The bytes to sign.
	BytesToSign          []byte   `protobuf:"bytes,2,opt,name=bytes_to_sign,json=bytesToSign,proto3" json:"bytes_to_sign,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The service account sign blob request.

func (*SignBlobRequest) Descriptor 

func (*SignBlobRequest) Descriptor() ([]byte, []int)

func (*SignBlobRequest) GetBytesToSign 

func (m *SignBlobRequest) GetBytesToSign() []byte

func (*SignBlobRequest) GetName 

func (m *SignBlobRequest) GetName() string

func (*SignBlobRequest) ProtoMessage 

func (*SignBlobRequest) ProtoMessage()

func (*SignBlobRequest) Reset 

func (m *SignBlobRequest) Reset()

func (*SignBlobRequest) String 

func (m *SignBlobRequest) String() string

func (*SignBlobRequest) XXX_DiscardUnknown 

func (m *SignBlobRequest) XXX_DiscardUnknown()

func (*SignBlobRequest) XXX_Marshal 

func (m *SignBlobRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SignBlobRequest) XXX_Merge 

func (dst *SignBlobRequest) XXX_Merge(src proto.Message)

func (*SignBlobRequest) XXX_Size 

func (m *SignBlobRequest) XXX_Size() int

func (*SignBlobRequest) XXX_Unmarshal 

func (m *SignBlobRequest) XXX_Unmarshal(b []byte) error

type SignBlobResponse 

type SignBlobResponse struct {
	// The id of the key used to sign the blob.
	KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
	// The signed blob.
	Signature            []byte   `protobuf:"bytes,2,opt,name=signature,proto3" json:"signature,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The service account sign blob response.

func (*SignBlobResponse) Descriptor 

func (*SignBlobResponse) Descriptor() ([]byte, []int)

func (*SignBlobResponse) GetKeyId 

func (m *SignBlobResponse) GetKeyId() string

func (*SignBlobResponse) GetSignature 

func (m *SignBlobResponse) GetSignature() []byte

func (*SignBlobResponse) ProtoMessage 

func (*SignBlobResponse) ProtoMessage()

func (*SignBlobResponse) Reset 

func (m *SignBlobResponse) Reset()

func (*SignBlobResponse) String 

func (m *SignBlobResponse) String() string

func (*SignBlobResponse) XXX_DiscardUnknown 

func (m *SignBlobResponse) XXX_DiscardUnknown()

func (*SignBlobResponse) XXX_Marshal 

func (m *SignBlobResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SignBlobResponse) XXX_Merge 

func (dst *SignBlobResponse) XXX_Merge(src proto.Message)

func (*SignBlobResponse) XXX_Size 

func (m *SignBlobResponse) XXX_Size() int

func (*SignBlobResponse) XXX_Unmarshal 

func (m *SignBlobResponse) XXX_Unmarshal(b []byte) error

type SignJwtRequest 

type SignJwtRequest struct {
	// The resource name of the service account in the following format:
	// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.
	// Using `-` as a wildcard for the project will infer the project from
	// the account. The `account` value can be the `email` address or the
	// `unique_id` of the service account.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// The JWT payload to sign, a JSON JWT Claim set.
	Payload              string   `protobuf:"bytes,2,opt,name=payload,proto3" json:"payload,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The service account sign JWT request.

func (*SignJwtRequest) Descriptor 

func (*SignJwtRequest) Descriptor() ([]byte, []int)

func (*SignJwtRequest) GetName 

func (m *SignJwtRequest) GetName() string

func (*SignJwtRequest) GetPayload 

func (m *SignJwtRequest) GetPayload() string

func (*SignJwtRequest) ProtoMessage 

func (*SignJwtRequest) ProtoMessage()

func (*SignJwtRequest) Reset 

func (m *SignJwtRequest) Reset()

func (*SignJwtRequest) String 

func (m *SignJwtRequest) String() string

func (*SignJwtRequest) XXX_DiscardUnknown 

func (m *SignJwtRequest) XXX_DiscardUnknown()

func (*SignJwtRequest) XXX_Marshal 

func (m *SignJwtRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SignJwtRequest) XXX_Merge 

func (dst *SignJwtRequest) XXX_Merge(src proto.Message)

func (*SignJwtRequest) XXX_Size 

func (m *SignJwtRequest) XXX_Size() int

func (*SignJwtRequest) XXX_Unmarshal 

func (m *SignJwtRequest) XXX_Unmarshal(b []byte) error

type SignJwtResponse 

type SignJwtResponse struct {
	// The id of the key used to sign the JWT.
	KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
	// The signed JWT.
	SignedJwt            string   `protobuf:"bytes,2,opt,name=signed_jwt,json=signedJwt,proto3" json:"signed_jwt,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The service account sign JWT response.

func (*SignJwtResponse) Descriptor 

func (*SignJwtResponse) Descriptor() ([]byte, []int)

func (*SignJwtResponse) GetKeyId 

func (m *SignJwtResponse) GetKeyId() string

func (*SignJwtResponse) GetSignedJwt 

func (m *SignJwtResponse) GetSignedJwt() string

func (*SignJwtResponse) ProtoMessage 

func (*SignJwtResponse) ProtoMessage()

func (*SignJwtResponse) Reset 

func (m *SignJwtResponse) Reset()

func (*SignJwtResponse) String 

func (m *SignJwtResponse) String() string

func (*SignJwtResponse) XXX_DiscardUnknown 

func (m *SignJwtResponse) XXX_DiscardUnknown()

func (*SignJwtResponse) XXX_Marshal 

func (m *SignJwtResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SignJwtResponse) XXX_Merge 

func (dst *SignJwtResponse) XXX_Merge(src proto.Message)

func (*SignJwtResponse) XXX_Size 

func (m *SignJwtResponse) XXX_Size() int

func (*SignJwtResponse) XXX_Unmarshal 

func (m *SignJwtResponse) XXX_Unmarshal(b []byte) error

type UndeleteRoleRequest 

type UndeleteRoleRequest struct {
	// The resource name of the role in one of the following formats:
	// `organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME}`
	// `projects/{PROJECT_ID}/roles/{ROLE_NAME}`
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Used to perform a consistent read-modify-write.
	Etag                 []byte   `protobuf:"bytes,2,opt,name=etag,proto3" json:"etag,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

The request to undelete an existing role.

func (*UndeleteRoleRequest) Descriptor 

func (*UndeleteRoleRequest) Descriptor() ([]byte, []int)

func (*UndeleteRoleRequest) GetEtag 

func (m *UndeleteRoleRequest) GetEtag() []byte

func (*UndeleteRoleRequest) GetName 

func (m *UndeleteRoleRequest) GetName() string

func (*UndeleteRoleRequest) ProtoMessage 

func (*UndeleteRoleRequest) ProtoMessage()

func (*UndeleteRoleRequest) Reset 

func (m *UndeleteRoleRequest) Reset()

func (*UndeleteRoleRequest) String 

func (m *UndeleteRoleRequest) String() string

func (*UndeleteRoleRequest) XXX_DiscardUnknown 

func (m *UndeleteRoleRequest) XXX_DiscardUnknown()

func (*UndeleteRoleRequest) XXX_Marshal 

func (m *UndeleteRoleRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*UndeleteRoleRequest) XXX_Merge 

func (dst *UndeleteRoleRequest) XXX_Merge(src proto.Message)

func (*UndeleteRoleRequest) XXX_Size 

func (m *UndeleteRoleRequest) XXX_Size() int

func (*UndeleteRoleRequest) XXX_Unmarshal 

func (m *UndeleteRoleRequest) XXX_Unmarshal(b []byte) error

type UpdateRoleRequest 

type UpdateRoleRequest struct {
	// The resource name of the role in one of the following formats:
	// `roles/{ROLE_NAME}`
	// `organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME}`
	// `projects/{PROJECT_ID}/roles/{ROLE_NAME}`
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// The updated role.
	Role *Role `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"`
	// A mask describing which fields in the Role have changed.
	UpdateMask           *field_mask.FieldMask `protobuf:"bytes,3,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
	XXX_NoUnkeyedLiteral struct{}              `json:"-"`
	XXX_unrecognized     []byte                `json:"-"`
	XXX_sizecache        int32                 `json:"-"`
}

The request to update a role.

func (*UpdateRoleRequest) Descriptor 

func (*UpdateRoleRequest) Descriptor() ([]byte, []int)

func (*UpdateRoleRequest) GetName 

func (m *UpdateRoleRequest) GetName() string

func (*UpdateRoleRequest) GetRole 

func (m *UpdateRoleRequest) GetRole() *Role

func (*UpdateRoleRequest) GetUpdateMask 

func (m *UpdateRoleRequest) GetUpdateMask() *field_mask.FieldMask

func (*UpdateRoleRequest) ProtoMessage 

func (*UpdateRoleRequest) ProtoMessage()

func (*UpdateRoleRequest) Reset 

func (m *UpdateRoleRequest) Reset()

func (*UpdateRoleRequest) String 

func (m *UpdateRoleRequest) String() string

func (*UpdateRoleRequest) XXX_DiscardUnknown 

func (m *UpdateRoleRequest) XXX_DiscardUnknown()

func (*UpdateRoleRequest) XXX_Marshal 

func (m *UpdateRoleRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*UpdateRoleRequest) XXX_Merge 

func (dst *UpdateRoleRequest) XXX_Merge(src proto.Message)

func (*UpdateRoleRequest) XXX_Size 

func (m *UpdateRoleRequest) XXX_Size() int

func (*UpdateRoleRequest) XXX_Unmarshal 

func (m *UpdateRoleRequest) XXX_Unmarshal(b []byte) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.