iam

package
v0.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 2, 2024 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Overview

Package iam is a reverse proxy.

It translates gRPC into RESTful JSON APIs.

Index

Constants

View Source 
const (
	IAMPolicy_SetIamPolicy_FullMethodName       = "/google.iam.v1.IAMPolicy/SetIamPolicy"
	IAMPolicy_GetIamPolicy_FullMethodName       = "/google.iam.v1.IAMPolicy/GetIamPolicy"
	IAMPolicy_TestIamPermissions_FullMethodName = "/google.iam.v1.IAMPolicy/TestIamPermissions"
)

Variables

View Source 
var (
	BindingDelta_Action_name = map[int32]string{
		0: "ACTION_UNSPECIFIED",
		1: "ADD",
		2: "REMOVE",
	}
	BindingDelta_Action_value = map[string]int32{
		"ACTION_UNSPECIFIED": 0,
		"ADD":                1,
		"REMOVE":             2,
	}
)

Enum value maps for BindingDelta_Action.

View Source 
var (
	AuditConfigDelta_Action_name = map[int32]string{
		0: "ACTION_UNSPECIFIED",
		1: "ADD",
		2: "REMOVE",
	}
	AuditConfigDelta_Action_value = map[string]int32{
		"ACTION_UNSPECIFIED": 0,
		"ADD":                1,
		"REMOVE":             2,
	}
)

Enum value maps for AuditConfigDelta_Action.

View Source 
var File_google_iam_v1_iam_policy_proto protoreflect.FileDescriptor
View Source 
var File_google_iam_v1_options_proto protoreflect.FileDescriptor
View Source 
var File_google_iam_v1_policy_proto protoreflect.FileDescriptor
View Source 
var IAMPolicy_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "google.iam.v1.IAMPolicy",
	HandlerType: (*IAMPolicyServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "SetIamPolicy",
			Handler:    _IAMPolicy_SetIamPolicy_Handler,
		},
		{
			MethodName: "GetIamPolicy",
			Handler:    _IAMPolicy_GetIamPolicy_Handler,
		},
		{
			MethodName: "TestIamPermissions",
			Handler:    _IAMPolicy_TestIamPermissions_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "google/iam/v1/iam_policy.proto",
}

IAMPolicy_ServiceDesc is the grpc.ServiceDesc for IAMPolicy service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

Functions

func RegisterIAMPolicyHandler 

func RegisterIAMPolicyHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error

RegisterIAMPolicyHandler registers the http handlers for service IAMPolicy to "mux". The handlers forward requests to the grpc endpoint over "conn".

func RegisterIAMPolicyHandlerClient 

func RegisterIAMPolicyHandlerClient(ctx context.Context, mux *runtime.ServeMux, client IAMPolicyClient) error

RegisterIAMPolicyHandlerClient registers the http handlers for service IAMPolicy to "mux". The handlers forward requests to the grpc endpoint over the given implementation of "IAMPolicyClient". Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "IAMPolicyClient" doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in "IAMPolicyClient" to call the correct interceptors. This client ignores the HTTP middlewares.

func RegisterIAMPolicyHandlerFromEndpoint 

func RegisterIAMPolicyHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error)

RegisterIAMPolicyHandlerFromEndpoint is same as RegisterIAMPolicyHandler but automatically dials to "endpoint" and closes the connection when "ctx" gets done.

func RegisterIAMPolicyHandlerServer 

func RegisterIAMPolicyHandlerServer(ctx context.Context, mux *runtime.ServeMux, server IAMPolicyServer) error

RegisterIAMPolicyHandlerServer registers the http handlers for service IAMPolicy to "mux". UnaryRPC :call IAMPolicyServer directly. StreamingRPC :currently unsupported pending https://github.com/grpc/grpc-go/issues/906. Note that using this registration option will cause many gRPC library features to stop working. Consider using RegisterIAMPolicyHandlerFromEndpoint instead. GRPC interceptors will not work for this type of registration. To use interceptors, you must use the "runtime.WithMiddlewares" option in the "runtime.NewServeMux" call.

func RegisterIAMPolicyServer 

func RegisterIAMPolicyServer(s grpc.ServiceRegistrar, srv IAMPolicyServer)

Types

type AuditConfigDelta 

type AuditConfigDelta struct {

	// The action that was performed on an audit configuration in a policy.
	// Required
	Action AuditConfigDelta_Action `protobuf:"varint,1,opt,name=action,proto3,enum=google.iam.v1.AuditConfigDelta_Action" json:"action,omitempty"`
	// Specifies a service that was configured for Cloud Audit Logging.
	// For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
	// `allServices` is a special value that covers all services.
	// Required
	Service string `protobuf:"bytes,2,opt,name=service,proto3" json:"service,omitempty"`
	// A single identity that is exempted from "data access" audit
	// logging for the `service` specified above.
	// Follows the same format of Binding.members.
	ExemptedMember string `protobuf:"bytes,3,opt,name=exempted_member,json=exemptedMember,proto3" json:"exempted_member,omitempty"`
	// Specifies the log_type that was be enabled. ADMIN_ACTIVITY is always
	// enabled, and cannot be configured.
	// Required
	LogType string `protobuf:"bytes,4,opt,name=log_type,json=logType,proto3" json:"log_type,omitempty"`
	// contains filtered or unexported fields
}

One delta entry for AuditConfig. Each individual change (only one exempted_member in each entry) to a AuditConfig will be a separate entry.

func (*AuditConfigDelta) Descriptor deprecated 

func (*AuditConfigDelta) Descriptor() ([]byte, []int)

Deprecated: Use AuditConfigDelta.ProtoReflect.Descriptor instead.

func (*AuditConfigDelta) GetAction 

func (x *AuditConfigDelta) GetAction() AuditConfigDelta_Action

func (*AuditConfigDelta) GetExemptedMember 

func (x *AuditConfigDelta) GetExemptedMember() string

func (*AuditConfigDelta) GetLogType 

func (x *AuditConfigDelta) GetLogType() string

func (*AuditConfigDelta) GetService 

func (x *AuditConfigDelta) GetService() string

func (*AuditConfigDelta) ProtoMessage 

func (*AuditConfigDelta) ProtoMessage()

func (*AuditConfigDelta) ProtoReflect 

func (x *AuditConfigDelta) ProtoReflect() protoreflect.Message

func (*AuditConfigDelta) Reset 

func (x *AuditConfigDelta) Reset()

func (*AuditConfigDelta) String 

func (x *AuditConfigDelta) String() string

type AuditConfigDelta_Action 

type AuditConfigDelta_Action int32

The type of action performed on an audit configuration in a policy. 

const (
	// Unspecified.
	AuditConfigDelta_ACTION_UNSPECIFIED AuditConfigDelta_Action = 0
	// Addition of an audit configuration.
	AuditConfigDelta_ADD AuditConfigDelta_Action = 1
	// Removal of an audit configuration.
	AuditConfigDelta_REMOVE AuditConfigDelta_Action = 2
)

func (AuditConfigDelta_Action) Descriptor 

func (AuditConfigDelta_Action) Descriptor() protoreflect.EnumDescriptor

func (AuditConfigDelta_Action) Enum 

func (x AuditConfigDelta_Action) Enum() *AuditConfigDelta_Action

func (AuditConfigDelta_Action) EnumDescriptor deprecated 

func (AuditConfigDelta_Action) EnumDescriptor() ([]byte, []int)

Deprecated: Use AuditConfigDelta_Action.Descriptor instead.

func (AuditConfigDelta_Action) Number 

func (x AuditConfigDelta_Action) Number() protoreflect.EnumNumber

func (AuditConfigDelta_Action) String 

func (x AuditConfigDelta_Action) String() string

func (AuditConfigDelta_Action) Type 

func (AuditConfigDelta_Action) Type() protoreflect.EnumType

type Binding 

type Binding struct {

	// Role that is assigned to `members`.
	// For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role string `protobuf:"bytes,1,opt,name=role,proto3" json:"role,omitempty"`
	// Specifies the identities requesting access for a Cloud Platform resource.
	// `members` can have the following values:
	//
	//   - `allUsers`: A special identifier that represents anyone who is
	//     on the internet; with or without a Google account.
	//
	//   - `allAuthenticatedUsers`: A special identifier that represents anyone
	//     who is authenticated with a Google account or a service account.
	//
	//   - `user:{emailid}`: An email address that represents a specific Google
	//     account. For example, `alice@example.com` .
	//
	//   - `serviceAccount:{emailid}`: An email address that represents a service
	//     account. For example, `my-other-app@appspot.gserviceaccount.com`.
	//
	//   - `group:{emailid}`: An email address that represents a Google group.
	//     For example, `admins@example.com`.
	//
	//   - `domain:{domain}`: The G Suite domain (primary) that represents all the
	//     users of that domain. For example, `google.com` or `example.com`.
	Members []string `protobuf:"bytes,2,rep,name=members,proto3" json:"members,omitempty"`
	// The condition that is associated with this binding.
	// NOTE: An unsatisfied condition will not allow user access via current
	// binding. Different bindings, including their conditions, are examined
	// independently.
	Condition *expr.Expr `protobuf:"bytes,3,opt,name=condition,proto3" json:"condition,omitempty"`
	// contains filtered or unexported fields
}

Associates `members` with a `role`.

func (*Binding) Descriptor deprecated 

func (*Binding) Descriptor() ([]byte, []int)

Deprecated: Use Binding.ProtoReflect.Descriptor instead.

func (*Binding) GetCondition 

func (x *Binding) GetCondition() *expr.Expr

func (*Binding) GetMembers 

func (x *Binding) GetMembers() []string

func (*Binding) GetRole 

func (x *Binding) GetRole() string

func (*Binding) ProtoMessage 

func (*Binding) ProtoMessage()

func (*Binding) ProtoReflect 

func (x *Binding) ProtoReflect() protoreflect.Message

func (*Binding) Reset 

func (x *Binding) Reset()

func (*Binding) String 

func (x *Binding) String() string

type BindingDelta 

type BindingDelta struct {

	// The action that was performed on a Binding.
	// Required
	Action BindingDelta_Action `protobuf:"varint,1,opt,name=action,proto3,enum=google.iam.v1.BindingDelta_Action" json:"action,omitempty"`
	// Role that is assigned to `members`.
	// For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	// Required
	Role string `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"`
	// A single identity requesting access for a Cloud Platform resource.
	// Follows the same format of Binding.members.
	// Required
	Member string `protobuf:"bytes,3,opt,name=member,proto3" json:"member,omitempty"`
	// The condition that is associated with this binding.
	Condition *expr.Expr `protobuf:"bytes,4,opt,name=condition,proto3" json:"condition,omitempty"`
	// contains filtered or unexported fields
}

One delta entry for Binding. Each individual change (only one member in each entry) to a binding will be a separate entry.

func (*BindingDelta) Descriptor deprecated 

func (*BindingDelta) Descriptor() ([]byte, []int)

Deprecated: Use BindingDelta.ProtoReflect.Descriptor instead.

func (*BindingDelta) GetAction 

func (x *BindingDelta) GetAction() BindingDelta_Action

func (*BindingDelta) GetCondition 

func (x *BindingDelta) GetCondition() *expr.Expr

func (*BindingDelta) GetMember 

func (x *BindingDelta) GetMember() string

func (*BindingDelta) GetRole 

func (x *BindingDelta) GetRole() string

func (*BindingDelta) ProtoMessage 

func (*BindingDelta) ProtoMessage()

func (*BindingDelta) ProtoReflect 

func (x *BindingDelta) ProtoReflect() protoreflect.Message

func (*BindingDelta) Reset 

func (x *BindingDelta) Reset()

func (*BindingDelta) String 

func (x *BindingDelta) String() string

type BindingDelta_Action 

type BindingDelta_Action int32

The type of action performed on a Binding in a policy. 

const (
	// Unspecified.
	BindingDelta_ACTION_UNSPECIFIED BindingDelta_Action = 0
	// Addition of a Binding.
	BindingDelta_ADD BindingDelta_Action = 1
	// Removal of a Binding.
	BindingDelta_REMOVE BindingDelta_Action = 2
)

func (BindingDelta_Action) Descriptor 

func (BindingDelta_Action) Descriptor() protoreflect.EnumDescriptor

func (BindingDelta_Action) Enum 

func (x BindingDelta_Action) Enum() *BindingDelta_Action

func (BindingDelta_Action) EnumDescriptor deprecated 

func (BindingDelta_Action) EnumDescriptor() ([]byte, []int)

Deprecated: Use BindingDelta_Action.Descriptor instead.

func (BindingDelta_Action) Number 

func (x BindingDelta_Action) Number() protoreflect.EnumNumber

func (BindingDelta_Action) String 

func (x BindingDelta_Action) String() string

func (BindingDelta_Action) Type 

func (BindingDelta_Action) Type() protoreflect.EnumType

type GetIamPolicyRequest 

type GetIamPolicyRequest struct {

	// REQUIRED: The resource for which the policy is being requested.
	// See the operation documentation for the appropriate value for this field.
	Resource string `protobuf:"bytes,1,opt,name=resource,proto3" json:"resource,omitempty"`
	// OPTIONAL: A `GetPolicyOptions` object for specifying options to
	// `GetIamPolicy`. This field is only used by Cloud IAM.
	Options *GetPolicyOptions `protobuf:"bytes,2,opt,name=options,proto3" json:"options,omitempty"`
	// contains filtered or unexported fields
}

Request message for `GetIamPolicy` method.

func (*GetIamPolicyRequest) Descriptor deprecated 

func (*GetIamPolicyRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetIamPolicyRequest.ProtoReflect.Descriptor instead.

func (*GetIamPolicyRequest) GetOptions 

func (x *GetIamPolicyRequest) GetOptions() *GetPolicyOptions

func (*GetIamPolicyRequest) GetResource 

func (x *GetIamPolicyRequest) GetResource() string

func (*GetIamPolicyRequest) ProtoMessage 

func (*GetIamPolicyRequest) ProtoMessage()

func (*GetIamPolicyRequest) ProtoReflect 

func (x *GetIamPolicyRequest) ProtoReflect() protoreflect.Message

func (*GetIamPolicyRequest) Reset 

func (x *GetIamPolicyRequest) Reset()

func (*GetIamPolicyRequest) String 

func (x *GetIamPolicyRequest) String() string

type GetPolicyOptions 

type GetPolicyOptions struct {

	// Optional. The policy format version to be returned.
	//
	// Valid values are 0, 1, and 3. Requests specifying an invalid value will be
	// rejected.
	//
	// Requests for policies with any conditional bindings must specify version 3.
	// Policies without any conditional bindings may specify any valid value or
	// leave the field unset.
	RequestedPolicyVersion int32 `` /* 130-byte string literal not displayed */
	// contains filtered or unexported fields
}

Encapsulates settings provided to GetIamPolicy.

func (*GetPolicyOptions) Descriptor deprecated 

func (*GetPolicyOptions) Descriptor() ([]byte, []int)

Deprecated: Use GetPolicyOptions.ProtoReflect.Descriptor instead.

func (*GetPolicyOptions) GetRequestedPolicyVersion 

func (x *GetPolicyOptions) GetRequestedPolicyVersion() int32

func (*GetPolicyOptions) ProtoMessage 

func (*GetPolicyOptions) ProtoMessage()

func (*GetPolicyOptions) ProtoReflect 

func (x *GetPolicyOptions) ProtoReflect() protoreflect.Message

func (*GetPolicyOptions) Reset 

func (x *GetPolicyOptions) Reset()

func (*GetPolicyOptions) String 

func (x *GetPolicyOptions) String() string

type IAMPolicyClient 

type IAMPolicyClient interface {
	// Sets the access control policy on the specified resource. Replaces any
	// existing policy.
	SetIamPolicy(ctx context.Context, in *SetIamPolicyRequest, opts ...grpc.CallOption) (*Policy, error)
	// Gets the access control policy for a resource.
	// Returns an empty policy if the resource exists and does not have a policy
	// set.
	GetIamPolicy(ctx context.Context, in *GetIamPolicyRequest, opts ...grpc.CallOption) (*Policy, error)
	// Returns permissions that a caller has on the specified resource.
	// If the resource does not exist, this will return an empty set of
	// permissions, not a NOT_FOUND error.
	//
	// Note: This operation is designed to be used for building permission-aware
	// UIs and command-line tools, not for authorization checking. This operation
	// may "fail open" without warning.
	TestIamPermissions(ctx context.Context, in *TestIamPermissionsRequest, opts ...grpc.CallOption) (*TestIamPermissionsResponse, error)
}

IAMPolicyClient is the client API for IAMPolicy service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

## API Overview

Manages Identity and Access Management (IAM) policies.

Any implementation of an API that offers access control features implements the google.iam.v1.IAMPolicy interface.

## Data model

Access control is applied when a principal (user or service account), takes some action on a resource exposed by a service. Resources, identified by URI-like names, are the unit of access control specification. Service implementations can choose the granularity of access control and the supported permissions for their resources. For example one database service may allow access control to be specified only at the Table level, whereas another might allow access control to also be specified at the Column level.

## Policy Structure

See google.iam.v1.Policy

This is intentionally not a CRUD style API because access control policies are created and deleted implicitly with the resources to which they are attached.

func NewIAMPolicyClient 

func NewIAMPolicyClient(cc grpc.ClientConnInterface) IAMPolicyClient

type IAMPolicyServer 

type IAMPolicyServer interface {
	// Sets the access control policy on the specified resource. Replaces any
	// existing policy.
	SetIamPolicy(context.Context, *SetIamPolicyRequest) (*Policy, error)
	// Gets the access control policy for a resource.
	// Returns an empty policy if the resource exists and does not have a policy
	// set.
	GetIamPolicy(context.Context, *GetIamPolicyRequest) (*Policy, error)
	// Returns permissions that a caller has on the specified resource.
	// If the resource does not exist, this will return an empty set of
	// permissions, not a NOT_FOUND error.
	//
	// Note: This operation is designed to be used for building permission-aware
	// UIs and command-line tools, not for authorization checking. This operation
	// may "fail open" without warning.
	TestIamPermissions(context.Context, *TestIamPermissionsRequest) (*TestIamPermissionsResponse, error)
	// contains filtered or unexported methods
}

IAMPolicyServer is the server API for IAMPolicy service. All implementations must embed UnimplementedIAMPolicyServer for forward compatibility.

## API Overview

Manages Identity and Access Management (IAM) policies.

Any implementation of an API that offers access control features implements the google.iam.v1.IAMPolicy interface.

## Data model

Access control is applied when a principal (user or service account), takes some action on a resource exposed by a service. Resources, identified by URI-like names, are the unit of access control specification. Service implementations can choose the granularity of access control and the supported permissions for their resources. For example one database service may allow access control to be specified only at the Table level, whereas another might allow access control to also be specified at the Column level.

## Policy Structure

See google.iam.v1.Policy

This is intentionally not a CRUD style API because access control policies are created and deleted implicitly with the resources to which they are attached.

type Policy 

type Policy struct {

	// Specifies the format of the policy.
	//
	// Valid values are 0, 1, and 3. Requests specifying an invalid value will be
	// rejected.
	//
	// Operations affecting conditional bindings must specify version 3. This can
	// be either setting a conditional policy, modifying a conditional binding,
	// or removing a binding (conditional or unconditional) from the stored
	// conditional policy.
	// Operations on non-conditional policies may specify any valid value or
	// leave the field unset.
	//
	// If no etag is provided in the call to `setIamPolicy`, version compliance
	// checks against the stored policy is skipped.
	Version int32 `protobuf:"varint,1,opt,name=version,proto3" json:"version,omitempty"`
	// Associates a list of `members` to a `role`. Optionally may specify a
	// `condition` that determines when binding is in effect.
	// `bindings` with no members will result in an error.
	Bindings []*Binding `protobuf:"bytes,4,rep,name=bindings,proto3" json:"bindings,omitempty"`
	// `etag` is used for optimistic concurrency control as a way to help
	// prevent simultaneous updates of a policy from overwriting each other.
	// It is strongly suggested that systems make use of the `etag` in the
	// read-modify-write cycle to perform policy updates in order to avoid race
	// conditions: An `etag` is returned in the response to `getIamPolicy`, and
	// systems are expected to put that etag in the request to `setIamPolicy` to
	// ensure that their change will be applied to the same version of the policy.
	//
	// If no `etag` is provided in the call to `setIamPolicy`, then the existing
	// policy is overwritten. Due to blind-set semantics of an etag-less policy,
	// 'setIamPolicy' will not fail even if the incoming policy version does not
	// meet the requirements for modifying the stored policy.
	Etag []byte `protobuf:"bytes,3,opt,name=etag,proto3" json:"etag,omitempty"`
	// contains filtered or unexported fields
}

Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources.

A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions (defined by IAM or configured by users). A `binding` can optionally specify a `condition`, which is a logic expression that further constrains the role binding based on attributes about the request and/or target resource.

**JSON Example** 

{
  "bindings": [
    {
      "role": "roles/resourcemanager.organizationAdmin",
      "members": [
        "user:mike@example.com",
        "group:admins@example.com",
        "domain:google.com",
        "serviceAccount:my-project-id@appspot.gserviceaccount.com"
      ]
    },
    {
      "role": "roles/resourcemanager.organizationViewer",
      "members": ["user:eve@example.com"],
      "condition": {
        "title": "expirable access",
        "description": "Does not grant access after Sep 2020",
        "expression": "request.time <
        timestamp('2020-10-01T00:00:00.000Z')",
      }
    }
  ]
}

**YAML Example** 

bindings:
- members:
  - user:mike@example.com
  - group:admins@example.com
  - domain:google.com
  - serviceAccount:my-project-id@appspot.gserviceaccount.com
  role: roles/resourcemanager.organizationAdmin
- members:
  - user:eve@example.com
  role: roles/resourcemanager.organizationViewer
  condition:
    title: expirable access
    description: Does not grant access after Sep 2020
    expression: request.time < timestamp('2020-10-01T00:00:00.000Z')

For a description of IAM and its features, see the [IAM developer's guide](https://cloud.google.com/iam/docs).

func (*Policy) Descriptor deprecated 

func (*Policy) Descriptor() ([]byte, []int)

Deprecated: Use Policy.ProtoReflect.Descriptor instead.

func (*Policy) GetBindings 

func (x *Policy) GetBindings() []*Binding

func (*Policy) GetEtag 

func (x *Policy) GetEtag() []byte

func (*Policy) GetVersion 

func (x *Policy) GetVersion() int32

func (*Policy) ProtoMessage 

func (*Policy) ProtoMessage()

func (*Policy) ProtoReflect 

func (x *Policy) ProtoReflect() protoreflect.Message

func (*Policy) Reset 

func (x *Policy) Reset()

func (*Policy) String 

func (x *Policy) String() string

type PolicyDelta 

type PolicyDelta struct {

	// The delta for Bindings between two policies.
	BindingDeltas []*BindingDelta `protobuf:"bytes,1,rep,name=binding_deltas,json=bindingDeltas,proto3" json:"binding_deltas,omitempty"`
	// The delta for AuditConfigs between two policies.
	AuditConfigDeltas []*AuditConfigDelta `protobuf:"bytes,2,rep,name=audit_config_deltas,json=auditConfigDeltas,proto3" json:"audit_config_deltas,omitempty"`
	// contains filtered or unexported fields
}

The difference delta between two policies.

func (*PolicyDelta) Descriptor deprecated 

func (*PolicyDelta) Descriptor() ([]byte, []int)

Deprecated: Use PolicyDelta.ProtoReflect.Descriptor instead.

func (*PolicyDelta) GetAuditConfigDeltas 

func (x *PolicyDelta) GetAuditConfigDeltas() []*AuditConfigDelta

func (*PolicyDelta) GetBindingDeltas 

func (x *PolicyDelta) GetBindingDeltas() []*BindingDelta

func (*PolicyDelta) ProtoMessage 

func (*PolicyDelta) ProtoMessage()

func (*PolicyDelta) ProtoReflect 

func (x *PolicyDelta) ProtoReflect() protoreflect.Message

func (*PolicyDelta) Reset 

func (x *PolicyDelta) Reset()

func (*PolicyDelta) String 

func (x *PolicyDelta) String() string

type SetIamPolicyRequest 

type SetIamPolicyRequest struct {

	// REQUIRED: The resource for which the policy is being specified.
	// See the operation documentation for the appropriate value for this field.
	Resource string `protobuf:"bytes,1,opt,name=resource,proto3" json:"resource,omitempty"`
	// REQUIRED: The complete policy to be applied to the `resource`. The size of
	// the policy is limited to a few 10s of KB. An empty policy is a
	// valid policy but certain Cloud Platform services (such as Projects)
	// might reject them.
	Policy *Policy `protobuf:"bytes,2,opt,name=policy,proto3" json:"policy,omitempty"`
	// contains filtered or unexported fields
}

Request message for `SetIamPolicy` method.

func (*SetIamPolicyRequest) Descriptor deprecated 

func (*SetIamPolicyRequest) Descriptor() ([]byte, []int)

Deprecated: Use SetIamPolicyRequest.ProtoReflect.Descriptor instead.

func (*SetIamPolicyRequest) GetPolicy 

func (x *SetIamPolicyRequest) GetPolicy() *Policy

func (*SetIamPolicyRequest) GetResource 

func (x *SetIamPolicyRequest) GetResource() string

func (*SetIamPolicyRequest) ProtoMessage 

func (*SetIamPolicyRequest) ProtoMessage()

func (*SetIamPolicyRequest) ProtoReflect 

func (x *SetIamPolicyRequest) ProtoReflect() protoreflect.Message

func (*SetIamPolicyRequest) Reset 

func (x *SetIamPolicyRequest) Reset()

func (*SetIamPolicyRequest) String 

func (x *SetIamPolicyRequest) String() string

type TestIamPermissionsRequest 

type TestIamPermissionsRequest struct {

	// REQUIRED: The resource for which the policy detail is being requested.
	// See the operation documentation for the appropriate value for this field.
	Resource string `protobuf:"bytes,1,opt,name=resource,proto3" json:"resource,omitempty"`
	// The set of permissions to check for the `resource`. Permissions with
	// wildcards (such as '*' or 'storage.*') are not allowed. For more
	// information see
	// [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
	Permissions []string `protobuf:"bytes,2,rep,name=permissions,proto3" json:"permissions,omitempty"`
	// contains filtered or unexported fields
}

Request message for `TestIamPermissions` method.

func (*TestIamPermissionsRequest) Descriptor deprecated 

func (*TestIamPermissionsRequest) Descriptor() ([]byte, []int)

Deprecated: Use TestIamPermissionsRequest.ProtoReflect.Descriptor instead.

func (*TestIamPermissionsRequest) GetPermissions 

func (x *TestIamPermissionsRequest) GetPermissions() []string

func (*TestIamPermissionsRequest) GetResource 

func (x *TestIamPermissionsRequest) GetResource() string

func (*TestIamPermissionsRequest) ProtoMessage 

func (*TestIamPermissionsRequest) ProtoMessage()

func (*TestIamPermissionsRequest) ProtoReflect 

func (x *TestIamPermissionsRequest) ProtoReflect() protoreflect.Message

func (*TestIamPermissionsRequest) Reset 

func (x *TestIamPermissionsRequest) Reset()

func (*TestIamPermissionsRequest) String 

func (x *TestIamPermissionsRequest) String() string

type TestIamPermissionsResponse 

type TestIamPermissionsResponse struct {

	// A subset of `TestPermissionsRequest.permissions` that the caller is
	// allowed.
	Permissions []string `protobuf:"bytes,1,rep,name=permissions,proto3" json:"permissions,omitempty"`
	// contains filtered or unexported fields
}

Response message for `TestIamPermissions` method.

func (*TestIamPermissionsResponse) Descriptor deprecated 

func (*TestIamPermissionsResponse) Descriptor() ([]byte, []int)

Deprecated: Use TestIamPermissionsResponse.ProtoReflect.Descriptor instead.

func (*TestIamPermissionsResponse) GetPermissions 

func (x *TestIamPermissionsResponse) GetPermissions() []string

func (*TestIamPermissionsResponse) ProtoMessage 

func (*TestIamPermissionsResponse) ProtoMessage()

func (*TestIamPermissionsResponse) ProtoReflect 

func (x *TestIamPermissionsResponse) ProtoReflect() protoreflect.Message

func (*TestIamPermissionsResponse) Reset 

func (x *TestIamPermissionsResponse) Reset()

func (*TestIamPermissionsResponse) String 

func (x *TestIamPermissionsResponse) String() string

type UnimplementedIAMPolicyServer 

type UnimplementedIAMPolicyServer struct{}

UnimplementedIAMPolicyServer must be embedded to have forward compatible implementations.

NOTE: this should be embedded by value instead of pointer to avoid a nil pointer dereference when methods are called.

func (UnimplementedIAMPolicyServer) GetIamPolicy 

func (UnimplementedIAMPolicyServer) GetIamPolicy(context.Context, *GetIamPolicyRequest) (*Policy, error)

func (UnimplementedIAMPolicyServer) SetIamPolicy 

func (UnimplementedIAMPolicyServer) SetIamPolicy(context.Context, *SetIamPolicyRequest) (*Policy, error)

func (UnimplementedIAMPolicyServer) TestIamPermissions 

func (UnimplementedIAMPolicyServer) TestIamPermissions(context.Context, *TestIamPermissionsRequest) (*TestIamPermissionsResponse, error)

type UnsafeIAMPolicyServer 

type UnsafeIAMPolicyServer interface {
	// contains filtered or unexported methods
}

UnsafeIAMPolicyServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to IAMPolicyServer will result in compilation errors.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.