accesscontextmanager

package
v0.18.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 24, 2020 License: BSD-3-Clause Imports: 15 Imported by: 0

Documentation

Overview

Package accesscontextmanager provides access to the Access Context Manager API.

For product documentation, see: https://cloud.google.com/access-context-manager/docs/reference/rest/

Creating a client

Usage example:

import "google.golang.org/api/accesscontextmanager/v1beta"
...
ctx := context.Background()
accesscontextmanagerService, err := accesscontextmanager.NewService(ctx)

In this example, Google Application Default Credentials are used for authentication.

For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.

Other authentication options

To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey:

accesscontextmanagerService, err := accesscontextmanager.NewService(ctx, option.WithAPIKey("AIza..."))

To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource:

config := &oauth2.Config{...}
// ...
token, err := config.Exchange(ctx, ...)
accesscontextmanagerService, err := accesscontextmanager.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))

See https://godoc.org/google.golang.org/api/option/ for details on options.

Index

Constants

View Source
const (
	// View and manage your data across Google Cloud Platform services
	CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
)

OAuth2 scopes used by this API.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessLevel

type AccessLevel struct {
	// Basic: A `BasicLevel` composed of `Conditions`.
	Basic *BasicLevel `json:"basic,omitempty"`

	// CreateTime: Output only. Time the `AccessLevel` was created in UTC.
	CreateTime string `json:"createTime,omitempty"`

	// Custom: A `CustomLevel` written in the Common Expression Language.
	Custom *CustomLevel `json:"custom,omitempty"`

	// Description: Description of the `AccessLevel` and its use. Does not
	// affect behavior.
	Description string `json:"description,omitempty"`

	// Name: Required. Resource name for the Access Level. The `short_name`
	// component
	// must begin with a letter and only include alphanumeric and '_'.
	// Format:
	// `accessPolicies/{policy_id}/accessLevels/{short_name}`
	Name string `json:"name,omitempty"`

	// Title: Human readable title. Must be unique within the Policy.
	Title string `json:"title,omitempty"`

	// UpdateTime: Output only. Time the `AccessLevel` was updated in UTC.
	UpdateTime string `json:"updateTime,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "Basic") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Basic") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

AccessLevel: An `AccessLevel` is a label that can be applied to requests to Google Cloud services, along with a list of requirements necessary for the label to be applied.

func (*AccessLevel) MarshalJSON

func (s *AccessLevel) MarshalJSON() ([]byte, error)

type AccessPoliciesAccessLevelsCreateCall

type AccessPoliciesAccessLevelsCreateCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesAccessLevelsCreateCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesAccessLevelsCreateCall) Do

Do executes the "accesscontextmanager.accessPolicies.accessLevels.create" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesAccessLevelsCreateCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesAccessLevelsCreateCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type AccessPoliciesAccessLevelsDeleteCall

type AccessPoliciesAccessLevelsDeleteCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesAccessLevelsDeleteCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesAccessLevelsDeleteCall) Do

Do executes the "accesscontextmanager.accessPolicies.accessLevels.delete" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesAccessLevelsDeleteCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesAccessLevelsDeleteCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type AccessPoliciesAccessLevelsGetCall

type AccessPoliciesAccessLevelsGetCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesAccessLevelsGetCall) AccessLevelFormat

func (c *AccessPoliciesAccessLevelsGetCall) AccessLevelFormat(accessLevelFormat string) *AccessPoliciesAccessLevelsGetCall

AccessLevelFormat sets the optional parameter "accessLevelFormat": Whether to return `BasicLevels` in the Cloud Common Expression Language rather than as `BasicLevels`. Defaults to AS_DEFINED, where Access Levels are returned as `BasicLevels` or `CustomLevels` based on how they were created. If set to CEL, all Access Levels are returned as `CustomLevels`. In the CEL case, `BasicLevels` are translated to equivalent `CustomLevels`.

Possible values:

"LEVEL_FORMAT_UNSPECIFIED"
"AS_DEFINED"
"CEL"

func (*AccessPoliciesAccessLevelsGetCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesAccessLevelsGetCall) Do

Do executes the "accesscontextmanager.accessPolicies.accessLevels.get" call. Exactly one of *AccessLevel or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *AccessLevel.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesAccessLevelsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesAccessLevelsGetCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesAccessLevelsGetCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type AccessPoliciesAccessLevelsListCall

type AccessPoliciesAccessLevelsListCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesAccessLevelsListCall) AccessLevelFormat

func (c *AccessPoliciesAccessLevelsListCall) AccessLevelFormat(accessLevelFormat string) *AccessPoliciesAccessLevelsListCall

AccessLevelFormat sets the optional parameter "accessLevelFormat": Whether to return `BasicLevels` in the Cloud Common Expression language, as `CustomLevels`, rather than as `BasicLevels`. Defaults to returning `AccessLevels` in the format they were defined.

Possible values:

"LEVEL_FORMAT_UNSPECIFIED"
"AS_DEFINED"
"CEL"

func (*AccessPoliciesAccessLevelsListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesAccessLevelsListCall) Do

Do executes the "accesscontextmanager.accessPolicies.accessLevels.list" call. Exactly one of *ListAccessLevelsResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListAccessLevelsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesAccessLevelsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesAccessLevelsListCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesAccessLevelsListCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

func (*AccessPoliciesAccessLevelsListCall) PageSize

PageSize sets the optional parameter "pageSize": Number of Access Levels to include in the list. Default 100.

func (*AccessPoliciesAccessLevelsListCall) PageToken

PageToken sets the optional parameter "pageToken": Next page token for the next batch of Access Level instances. Defaults to the first page of results.

func (*AccessPoliciesAccessLevelsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type AccessPoliciesAccessLevelsPatchCall

type AccessPoliciesAccessLevelsPatchCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesAccessLevelsPatchCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesAccessLevelsPatchCall) Do

Do executes the "accesscontextmanager.accessPolicies.accessLevels.patch" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesAccessLevelsPatchCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesAccessLevelsPatchCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesAccessLevelsPatchCall) UpdateMask

UpdateMask sets the optional parameter "updateMask": Required. Mask to control which fields get updated. Must be non-empty.

type AccessPoliciesAccessLevelsService

type AccessPoliciesAccessLevelsService struct {
	// contains filtered or unexported fields
}

func NewAccessPoliciesAccessLevelsService

func NewAccessPoliciesAccessLevelsService(s *Service) *AccessPoliciesAccessLevelsService

func (*AccessPoliciesAccessLevelsService) Create

Create: Create an Access Level. The longrunning operation from this RPC will have a successful status once the Access Level has propagated to long-lasting storage. Access Levels containing errors will result in an error response for the first error encountered.

func (*AccessPoliciesAccessLevelsService) Delete

Delete: Delete an Access Level by resource name. The longrunning operation from this RPC will have a successful status once the Access Level has been removed from long-lasting storage.

func (*AccessPoliciesAccessLevelsService) Get

Get: Get an Access Level by resource name.

func (*AccessPoliciesAccessLevelsService) List

List: List all Access Levels for an access policy.

func (*AccessPoliciesAccessLevelsService) Patch

Patch: Update an Access Level. The longrunning operation from this RPC will have a successful status once the changes to the Access Level have propagated to long-lasting storage. Access Levels containing errors will result in an error response for the first error encountered.

type AccessPoliciesCreateCall

type AccessPoliciesCreateCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesCreateCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesCreateCall) Do

Do executes the "accesscontextmanager.accessPolicies.create" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesCreateCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesCreateCall) Header

func (c *AccessPoliciesCreateCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type AccessPoliciesDeleteCall

type AccessPoliciesDeleteCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesDeleteCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesDeleteCall) Do

Do executes the "accesscontextmanager.accessPolicies.delete" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesDeleteCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesDeleteCall) Header

func (c *AccessPoliciesDeleteCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type AccessPoliciesGetCall

type AccessPoliciesGetCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesGetCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesGetCall) Do

Do executes the "accesscontextmanager.accessPolicies.get" call. Exactly one of *AccessPolicy or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *AccessPolicy.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesGetCall) Header

func (c *AccessPoliciesGetCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesGetCall) IfNoneMatch

func (c *AccessPoliciesGetCall) IfNoneMatch(entityTag string) *AccessPoliciesGetCall

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type AccessPoliciesListCall

type AccessPoliciesListCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesListCall) Do

Do executes the "accesscontextmanager.accessPolicies.list" call. Exactly one of *ListAccessPoliciesResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListAccessPoliciesResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesListCall) Header

func (c *AccessPoliciesListCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesListCall) IfNoneMatch

func (c *AccessPoliciesListCall) IfNoneMatch(entityTag string) *AccessPoliciesListCall

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

func (*AccessPoliciesListCall) PageSize

func (c *AccessPoliciesListCall) PageSize(pageSize int64) *AccessPoliciesListCall

PageSize sets the optional parameter "pageSize": Number of AccessPolicy instances to include in the list. Default 100.

func (*AccessPoliciesListCall) PageToken

func (c *AccessPoliciesListCall) PageToken(pageToken string) *AccessPoliciesListCall

PageToken sets the optional parameter "pageToken": Next page token for the next batch of AccessPolicy instances. Defaults to the first page of results.

func (*AccessPoliciesListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

func (*AccessPoliciesListCall) Parent

Parent sets the optional parameter "parent": Required. Resource name for the container to list AccessPolicy instances from.

Format: `organizations/{org_id}`

type AccessPoliciesPatchCall

type AccessPoliciesPatchCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesPatchCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesPatchCall) Do

Do executes the "accesscontextmanager.accessPolicies.patch" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesPatchCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesPatchCall) Header

func (c *AccessPoliciesPatchCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesPatchCall) UpdateMask

func (c *AccessPoliciesPatchCall) UpdateMask(updateMask string) *AccessPoliciesPatchCall

UpdateMask sets the optional parameter "updateMask": Required. Mask to control which fields get updated. Must be non-empty.

type AccessPoliciesService

type AccessPoliciesService struct {
	AccessLevels *AccessPoliciesAccessLevelsService

	ServicePerimeters *AccessPoliciesServicePerimetersService
	// contains filtered or unexported fields
}

func NewAccessPoliciesService

func NewAccessPoliciesService(s *Service) *AccessPoliciesService

func (*AccessPoliciesService) Create

Create: Create an `AccessPolicy`. Fails if this organization already has a `AccessPolicy`. The longrunning Operation will have a successful status once the `AccessPolicy` has propagated to long-lasting storage. Syntactic and basic semantic errors will be returned in `metadata` as a BadRequest proto.

func (*AccessPoliciesService) Delete

Delete: Delete an AccessPolicy by resource name. The longrunning Operation will have a successful status once the AccessPolicy has been removed from long-lasting storage.

func (*AccessPoliciesService) Get

Get: Get an AccessPolicy by name.

func (*AccessPoliciesService) List

List: List all AccessPolicies under a container.

func (*AccessPoliciesService) Patch

func (r *AccessPoliciesService) Patch(name string, accesspolicy *AccessPolicy) *AccessPoliciesPatchCall

Patch: Update an AccessPolicy. The longrunning Operation from this RPC will have a successful status once the changes to the AccessPolicy have propagated to long-lasting storage. Syntactic and basic semantic errors will be returned in `metadata` as a BadRequest proto.

type AccessPoliciesServicePerimetersCreateCall

type AccessPoliciesServicePerimetersCreateCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesServicePerimetersCreateCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesServicePerimetersCreateCall) Do

Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.create" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesServicePerimetersCreateCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesServicePerimetersCreateCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type AccessPoliciesServicePerimetersDeleteCall

type AccessPoliciesServicePerimetersDeleteCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesServicePerimetersDeleteCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesServicePerimetersDeleteCall) Do

Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.delete" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesServicePerimetersDeleteCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesServicePerimetersDeleteCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type AccessPoliciesServicePerimetersGetCall

type AccessPoliciesServicePerimetersGetCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesServicePerimetersGetCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesServicePerimetersGetCall) Do

Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.get" call. Exactly one of *ServicePerimeter or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ServicePerimeter.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesServicePerimetersGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesServicePerimetersGetCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesServicePerimetersGetCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type AccessPoliciesServicePerimetersListCall

type AccessPoliciesServicePerimetersListCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesServicePerimetersListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesServicePerimetersListCall) Do

Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.list" call. Exactly one of *ListServicePerimetersResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListServicePerimetersResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesServicePerimetersListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesServicePerimetersListCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesServicePerimetersListCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

func (*AccessPoliciesServicePerimetersListCall) PageSize

PageSize sets the optional parameter "pageSize": Number of Service Perimeters to include in the list. Default 100.

func (*AccessPoliciesServicePerimetersListCall) PageToken

PageToken sets the optional parameter "pageToken": Next page token for the next batch of Service Perimeter instances. Defaults to the first page of results.

func (*AccessPoliciesServicePerimetersListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type AccessPoliciesServicePerimetersPatchCall

type AccessPoliciesServicePerimetersPatchCall struct {
	// contains filtered or unexported fields
}

func (*AccessPoliciesServicePerimetersPatchCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*AccessPoliciesServicePerimetersPatchCall) Do

Do executes the "accesscontextmanager.accessPolicies.servicePerimeters.patch" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*AccessPoliciesServicePerimetersPatchCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*AccessPoliciesServicePerimetersPatchCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*AccessPoliciesServicePerimetersPatchCall) UpdateMask

UpdateMask sets the optional parameter "updateMask": Required. Mask to control which fields get updated. Must be non-empty.

type AccessPoliciesServicePerimetersService

type AccessPoliciesServicePerimetersService struct {
	// contains filtered or unexported fields
}

func NewAccessPoliciesServicePerimetersService

func NewAccessPoliciesServicePerimetersService(s *Service) *AccessPoliciesServicePerimetersService

func (*AccessPoliciesServicePerimetersService) Create

Create: Create an Service Perimeter. The longrunning operation from this RPC will have a successful status once the Service Perimeter has propagated to long-lasting storage. Service Perimeters containing errors will result in an error response for the first error encountered.

func (*AccessPoliciesServicePerimetersService) Delete

Delete: Delete an Service Perimeter by resource name. The longrunning operation from this RPC will have a successful status once the Service Perimeter has been removed from long-lasting storage.

func (*AccessPoliciesServicePerimetersService) Get

Get: Get an Service Perimeter by resource name.

func (*AccessPoliciesServicePerimetersService) List

List: List all Service Perimeters for an access policy.

func (*AccessPoliciesServicePerimetersService) Patch

Patch: Update an Service Perimeter. The longrunning operation from this RPC will have a successful status once the changes to the Service Perimeter have propagated to long-lasting storage. Service Perimeter containing errors will result in an error response for the first error encountered.

type AccessPolicy

type AccessPolicy struct {
	// CreateTime: Output only. Time the `AccessPolicy` was created in UTC.
	CreateTime string `json:"createTime,omitempty"`

	// Name: Output only. Resource name of the `AccessPolicy`.
	// Format:
	// `accessPolicies/{policy_id}`
	Name string `json:"name,omitempty"`

	// Parent: Required. The parent of this `AccessPolicy` in the Cloud
	// Resource
	// Hierarchy. Currently immutable once created.
	// Format:
	// `organizations/{organization_id}`
	Parent string `json:"parent,omitempty"`

	// Title: Required. Human readable title. Does not affect behavior.
	Title string `json:"title,omitempty"`

	// UpdateTime: Output only. Time the `AccessPolicy` was updated in UTC.
	UpdateTime string `json:"updateTime,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "CreateTime") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "CreateTime") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

AccessPolicy: `AccessPolicy` is a container for `AccessLevels` (which define the necessary attributes to use Google Cloud services) and `ServicePerimeters` (which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization.

func (*AccessPolicy) MarshalJSON

func (s *AccessPolicy) MarshalJSON() ([]byte, error)

type BasicLevel

type BasicLevel struct {
	// CombiningFunction: How the `conditions` list should be combined to
	// determine if a request is
	// granted this `AccessLevel`. If AND is used, each `Condition`
	// in
	// `conditions` must be satisfied for the `AccessLevel` to be applied.
	// If OR
	// is used, at least one `Condition` in `conditions` must be satisfied
	// for the
	// `AccessLevel` to be applied. Default behavior is AND.
	//
	// Possible values:
	//   "AND" - All `Conditions` must be true for the `BasicLevel` to be
	// true.
	//   "OR" - If at least one `Condition` is true, then the `BasicLevel`
	// is true.
	CombiningFunction string `json:"combiningFunction,omitempty"`

	// Conditions: Required. A list of requirements for the `AccessLevel` to
	// be granted.
	Conditions []*Condition `json:"conditions,omitempty"`

	// ForceSendFields is a list of field names (e.g. "CombiningFunction")
	// to unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "CombiningFunction") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

BasicLevel: `BasicLevel` is an `AccessLevel` using a set of recommended features.

func (*BasicLevel) MarshalJSON

func (s *BasicLevel) MarshalJSON() ([]byte, error)

type Condition

type Condition struct {
	// DevicePolicy: Device specific restrictions, all restrictions must
	// hold for the
	// Condition to be true. If not specified, all devices are allowed.
	DevicePolicy *DevicePolicy `json:"devicePolicy,omitempty"`

	// IpSubnetworks: CIDR block IP subnetwork specification. May be IPv4 or
	// IPv6. Note that for
	// a CIDR IP address block, the specified IP address portion must be
	// properly
	// truncated (i.e. all the host bits must be zero) or the input is
	// considered
	// malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24"
	// is
	// not. Similarly, for IPv6, "2001:db8::/32" is accepted
	// whereas
	// "2001:db8::1/32" is not. The originating IP of a request must be in
	// one of
	// the listed subnets in order for this Condition to be true. If empty,
	// all IP
	// addresses are allowed.
	IpSubnetworks []string `json:"ipSubnetworks,omitempty"`

	// Members: The request must be made by one of the provided user or
	// service
	// accounts. Groups are not
	// supported.
	// Syntax:
	// `user:{emailid}`
	// `serviceAccount:{emailid}`
	// If not specified, a request may come from any user.
	Members []string `json:"members,omitempty"`

	// Negate: Whether to negate the Condition. If true, the Condition
	// becomes a NAND over
	// its non-empty fields, each field must be false for the Condition
	// overall to
	// be satisfied. Defaults to false.
	Negate bool `json:"negate,omitempty"`

	// Regions: The request must originate from one of the provided
	// countries/regions.
	// Must be valid ISO 3166-1 alpha-2 codes.
	Regions []string `json:"regions,omitempty"`

	// RequiredAccessLevels: A list of other access levels defined in the
	// same `Policy`, referenced by
	// resource name. Referencing an `AccessLevel` which does not exist is
	// an
	// error. All access levels listed must be granted for the Condition
	// to be true.
	// Example:
	// "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"
	RequiredAccessLevels []string `json:"requiredAccessLevels,omitempty"`

	// ForceSendFields is a list of field names (e.g. "DevicePolicy") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "DevicePolicy") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Condition: A condition necessary for an `AccessLevel` to be granted. The Condition is an AND over its fields. So a Condition is true if: 1) the request IP is from one of the listed subnetworks AND 2) the originating device complies with the listed device policy AND 3) all listed access levels are granted AND 4) the request was sent at a time allowed by the DateTimeRestriction.

func (*Condition) MarshalJSON

func (s *Condition) MarshalJSON() ([]byte, error)

type CustomLevel added in v0.16.0

type CustomLevel struct {
	// Expr: Required. A Cloud CEL expression evaluating to a boolean.
	Expr *Expr `json:"expr,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Expr") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Expr") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

CustomLevel: `CustomLevel` is an `AccessLevel` using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec

func (*CustomLevel) MarshalJSON added in v0.16.0

func (s *CustomLevel) MarshalJSON() ([]byte, error)

type DevicePolicy

type DevicePolicy struct {
	// AllowedDeviceManagementLevels: Allowed device management levels, an
	// empty list allows all management
	// levels.
	//
	// Possible values:
	//   "MANAGEMENT_UNSPECIFIED" - The device's management level is not
	// specified or not known.
	//   "NONE" - The device is not managed.
	//   "BASIC" - Basic management is enabled, which is generally limited
	// to monitoring and
	// wiping the corporate account.
	//   "COMPLETE" - Complete device management. This includes more
	// thorough monitoring and the
	// ability to directly manage the device (such as remote wiping). This
	// can be
	// enabled through the Android Enterprise Platform.
	AllowedDeviceManagementLevels []string `json:"allowedDeviceManagementLevels,omitempty"`

	// AllowedEncryptionStatuses: Allowed encryptions statuses, an empty
	// list allows all statuses.
	//
	// Possible values:
	//   "ENCRYPTION_UNSPECIFIED" - The encryption status of the device is
	// not specified or not known.
	//   "ENCRYPTION_UNSUPPORTED" - The device does not support encryption.
	//   "UNENCRYPTED" - The device supports encryption, but is currently
	// unencrypted.
	//   "ENCRYPTED" - The device is encrypted.
	AllowedEncryptionStatuses []string `json:"allowedEncryptionStatuses,omitempty"`

	// OsConstraints: Allowed OS versions, an empty list allows all types
	// and all versions.
	OsConstraints []*OsConstraint `json:"osConstraints,omitempty"`

	// RequireAdminApproval: Whether the device needs to be approved by the
	// customer admin.
	RequireAdminApproval bool `json:"requireAdminApproval,omitempty"`

	// RequireCorpOwned: Whether the device needs to be corp owned.
	RequireCorpOwned bool `json:"requireCorpOwned,omitempty"`

	// RequireScreenlock: Whether or not screenlock is required for the
	// DevicePolicy to be true.
	// Defaults to `false`.
	RequireScreenlock bool `json:"requireScreenlock,omitempty"`

	// ForceSendFields is a list of field names (e.g.
	// "AllowedDeviceManagementLevels") to unconditionally include in API
	// requests. By default, fields with empty values are omitted from API
	// requests. However, any non-pointer, non-interface field appearing in
	// ForceSendFields will be sent to the server regardless of whether the
	// field is empty or not. This may be used to include empty fields in
	// Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g.
	// "AllowedDeviceManagementLevels") to include in API requests with the
	// JSON null value. By default, fields with empty values are omitted
	// from API requests. However, any field with an empty value appearing
	// in NullFields will be sent to the server as null. It is an error if a
	// field in this list has a non-empty value. This may be used to include
	// null fields in Patch requests.
	NullFields []string `json:"-"`
}

DevicePolicy: `DevicePolicy` specifies device specific restrictions necessary to acquire a given access level. A `DevicePolicy` specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. `DevicePolicy` acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.

func (*DevicePolicy) MarshalJSON

func (s *DevicePolicy) MarshalJSON() ([]byte, error)

type Expr added in v0.16.0

type Expr struct {
	// Description: Optional. Description of the expression. This is a
	// longer text which
	// describes the expression, e.g. when hovered over it in a UI.
	Description string `json:"description,omitempty"`

	// Expression: Textual representation of an expression in Common
	// Expression Language
	// syntax.
	Expression string `json:"expression,omitempty"`

	// Location: Optional. String indicating the location of the expression
	// for error
	// reporting, e.g. a file name and a position in the file.
	Location string `json:"location,omitempty"`

	// Title: Optional. Title for the expression, i.e. a short string
	// describing
	// its purpose. This can be used e.g. in UIs which allow to enter
	// the
	// expression.
	Title string `json:"title,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Description") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Description") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Expr: Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec.

Example (Comparison):

title: "Summary size limit"
description: "Determines if a summary is less than 100 chars"
expression: "document.summary.size() < 100"

Example (Equality):

title: "Requestor is owner"
description: "Determines if requestor is the document owner"
expression: "document.owner ==

request.auth.claims.email"

Example (Logic):

title: "Public documents"
description: "Determine whether the document should be publicly

visible"

expression: "document.type != 'private' && document.type !=

'internal'"

Example (Data Manipulation):

title: "Notification string"
description: "Create a notification string with a timestamp."
expression: "'New message received at ' +

string(document.create_time)"

The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (*Expr) MarshalJSON added in v0.16.0

func (s *Expr) MarshalJSON() ([]byte, error)

type ListAccessLevelsResponse

type ListAccessLevelsResponse struct {
	// AccessLevels: List of the Access Level instances.
	AccessLevels []*AccessLevel `json:"accessLevels,omitempty"`

	// NextPageToken: The pagination token to retrieve the next page of
	// results. If the value is
	// empty, no further results remain.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "AccessLevels") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "AccessLevels") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ListAccessLevelsResponse: A response to `ListAccessLevelsRequest`.

func (*ListAccessLevelsResponse) MarshalJSON

func (s *ListAccessLevelsResponse) MarshalJSON() ([]byte, error)

type ListAccessPoliciesResponse

type ListAccessPoliciesResponse struct {
	// AccessPolicies: List of the AccessPolicy instances.
	AccessPolicies []*AccessPolicy `json:"accessPolicies,omitempty"`

	// NextPageToken: The pagination token to retrieve the next page of
	// results. If the value is
	// empty, no further results remain.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "AccessPolicies") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "AccessPolicies") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

ListAccessPoliciesResponse: A response to `ListAccessPoliciesRequest`.

func (*ListAccessPoliciesResponse) MarshalJSON

func (s *ListAccessPoliciesResponse) MarshalJSON() ([]byte, error)

type ListServicePerimetersResponse

type ListServicePerimetersResponse struct {
	// NextPageToken: The pagination token to retrieve the next page of
	// results. If the value is
	// empty, no further results remain.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServicePerimeters: List of the Service Perimeter instances.
	ServicePerimeters []*ServicePerimeter `json:"servicePerimeters,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "NextPageToken") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ListServicePerimetersResponse: A response to `ListServicePerimetersRequest`.

func (*ListServicePerimetersResponse) MarshalJSON

func (s *ListServicePerimetersResponse) MarshalJSON() ([]byte, error)

type Operation

type Operation struct {
	// Done: If the value is `false`, it means the operation is still in
	// progress.
	// If `true`, the operation is completed, and either `error` or
	// `response` is
	// available.
	Done bool `json:"done,omitempty"`

	// Error: The error result of the operation in case of failure or
	// cancellation.
	Error *Status `json:"error,omitempty"`

	// Metadata: Service-specific metadata associated with the operation.
	// It typically
	// contains progress information and common metadata such as create
	// time.
	// Some services might not provide such metadata.  Any method that
	// returns a
	// long-running operation should document the metadata type, if any.
	Metadata googleapi.RawMessage `json:"metadata,omitempty"`

	// Name: The server-assigned name, which is only unique within the same
	// service that
	// originally returns it. If you use the default HTTP mapping,
	// the
	// `name` should be a resource name ending with
	// `operations/{unique_id}`.
	Name string `json:"name,omitempty"`

	// Response: The normal response of the operation in case of success.
	// If the original
	// method returns no data on success, such as `Delete`, the response
	// is
	// `google.protobuf.Empty`.  If the original method is
	// standard
	// `Get`/`Create`/`Update`, the response should be the resource.  For
	// other
	// methods, the response should have the type `XxxResponse`, where
	// `Xxx`
	// is the original method name.  For example, if the original method
	// name
	// is `TakeSnapshot()`, the inferred response type
	// is
	// `TakeSnapshotResponse`.
	Response googleapi.RawMessage `json:"response,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "Done") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Done") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Operation: This resource represents a long-running operation that is the result of a network API call.

func (*Operation) MarshalJSON

func (s *Operation) MarshalJSON() ([]byte, error)

type OperationsGetCall

type OperationsGetCall struct {
	// contains filtered or unexported fields
}

func (*OperationsGetCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*OperationsGetCall) Do

Do executes the "accesscontextmanager.operations.get" call. Exactly one of *Operation or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Operation.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*OperationsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*OperationsGetCall) Header

func (c *OperationsGetCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*OperationsGetCall) IfNoneMatch

func (c *OperationsGetCall) IfNoneMatch(entityTag string) *OperationsGetCall

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type OperationsService

type OperationsService struct {
	// contains filtered or unexported fields
}

func NewOperationsService

func NewOperationsService(s *Service) *OperationsService

func (*OperationsService) Get

Get: Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

type OsConstraint

type OsConstraint struct {
	// MinimumVersion: The minimum allowed OS version. If not set, any
	// version of this OS
	// satisfies the constraint. Format: "major.minor.patch".
	// Examples: "10.5.301", "9.2.1".
	MinimumVersion string `json:"minimumVersion,omitempty"`

	// OsType: Required. The allowed OS type.
	//
	// Possible values:
	//   "OS_UNSPECIFIED" - The operating system of the device is not
	// specified or not known.
	//   "DESKTOP_MAC" - A desktop Mac operating system.
	//   "DESKTOP_WINDOWS" - A desktop Windows operating system.
	//   "DESKTOP_LINUX" - A desktop Linux operating system.
	//   "DESKTOP_CHROME_OS" - A desktop ChromeOS operating system.
	//   "ANDROID" - An Android operating system.
	//   "IOS" - An iOS operating system.
	OsType string `json:"osType,omitempty"`

	// RequireVerifiedChromeOs: Only allows requests from devices with a
	// verified Chrome OS.
	// Verifications includes requirements that the device is
	// enterprise-managed,
	// conformant to domain policies, and the caller has permission to
	// call
	// the API targeted by the request.
	RequireVerifiedChromeOs bool `json:"requireVerifiedChromeOs,omitempty"`

	// ForceSendFields is a list of field names (e.g. "MinimumVersion") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "MinimumVersion") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

OsConstraint: A restriction on the OS type and version of devices making requests.

func (*OsConstraint) MarshalJSON

func (s *OsConstraint) MarshalJSON() ([]byte, error)

type Service

type Service struct {
	BasePath  string // API endpoint base URL
	UserAgent string // optional additional User-Agent fragment

	AccessPolicies *AccessPoliciesService

	Operations *OperationsService
	// contains filtered or unexported fields
}

func New deprecated

func New(client *http.Client) (*Service, error)

New creates a new Service. It uses the provided http.Client for requests.

Deprecated: please use NewService instead. To provide a custom HTTP client, use option.WithHTTPClient. If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.

func NewService added in v0.3.0

func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error)

NewService creates a new Service.

type ServicePerimeter

type ServicePerimeter struct {
	// CreateTime: Output only. Time the `ServicePerimeter` was created in
	// UTC.
	CreateTime string `json:"createTime,omitempty"`

	// Description: Description of the `ServicePerimeter` and its use. Does
	// not affect
	// behavior.
	Description string `json:"description,omitempty"`

	// Name: Required. Resource name for the ServicePerimeter.  The
	// `short_name`
	// component must begin with a letter and only include alphanumeric and
	// '_'.
	// Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
	Name string `json:"name,omitempty"`

	// PerimeterType: Perimeter type indicator. A single project is
	// allowed to be a member of single regular perimeter, but multiple
	// service
	// perimeter bridges. A project cannot be a included in a perimeter
	// bridge
	// without being included in regular perimeter. For perimeter
	// bridges,
	// restricted/unrestricted service lists as well as access lists must
	// be
	// empty.
	//
	// Possible values:
	//   "PERIMETER_TYPE_REGULAR" - Regular Perimeter.
	//   "PERIMETER_TYPE_BRIDGE" - Perimeter Bridge.
	PerimeterType string `json:"perimeterType,omitempty"`

	// Status: Current ServicePerimeter configuration. Specifies sets of
	// resources,
	// restricted/unrestricted services and access levels that determine
	// perimeter
	// content and boundaries.
	Status *ServicePerimeterConfig `json:"status,omitempty"`

	// Title: Human readable title. Must be unique within the Policy.
	Title string `json:"title,omitempty"`

	// UpdateTime: Output only. Time the `ServicePerimeter` was updated in
	// UTC.
	UpdateTime string `json:"updateTime,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "CreateTime") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "CreateTime") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ServicePerimeter: `ServicePerimeter` describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the `ServicePerimeter`. If a request with a source within this `ServicePerimeter` has a target outside of the `ServicePerimeter`, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google Cloud project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as members, a single Google Cloud project may belong to multiple Service Perimeter Bridges.

func (*ServicePerimeter) MarshalJSON

func (s *ServicePerimeter) MarshalJSON() ([]byte, error)

type ServicePerimeterConfig

type ServicePerimeterConfig struct {
	// AccessLevels: A list of `AccessLevel` resource names that allow
	// resources within the
	// `ServicePerimeter` to be accessed from the internet. `AccessLevels`
	// listed
	// must be in the same policy as this `ServicePerimeter`. Referencing
	// a
	// nonexistent `AccessLevel` is a syntax error. If no `AccessLevel`
	// names are
	// listed, resources within the perimeter can only be accessed via
	// Google
	// Cloud calls with request origins within the perimeter.
	// Example:
	// "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL".
	// For Service Perimeter Bridge, must be empty.
	AccessLevels []string `json:"accessLevels,omitempty"`

	// Resources: A list of Google Cloud resources that are inside of the
	// service perimeter.
	// Currently only projects are allowed. Format:
	// `projects/{project_number}`
	Resources []string `json:"resources,omitempty"`

	// RestrictedServices: Google Cloud services that are subject to the
	// Service Perimeter
	// restrictions. Must contain a list of services. For example,
	// if
	// `storage.googleapis.com` is specified, access to the storage
	// buckets
	// inside the perimeter must meet the perimeter's access restrictions.
	RestrictedServices []string `json:"restrictedServices,omitempty"`

	// UnrestrictedServices: Google Cloud services that are not subject to
	// the Service Perimeter
	// restrictions. Deprecated. Must be set to a single wildcard "*".
	//
	// The wildcard means that unless explicitly specified
	// by
	// "restricted_services" list, any service is treated as unrestricted.
	UnrestrictedServices []string `json:"unrestrictedServices,omitempty"`

	// VpcAccessibleServices: Beta. Configuration for within Perimeter
	// allowed APIs.
	VpcAccessibleServices *VpcAccessibleServices `json:"vpcAccessibleServices,omitempty"`

	// VpcServiceRestriction: Alpha. Configuration for within Perimeter
	// allowed APIs.
	// Deprecated. The field had been renamed to vpc_accessible_services
	VpcServiceRestriction *VpcServiceRestriction `json:"vpcServiceRestriction,omitempty"`

	// ForceSendFields is a list of field names (e.g. "AccessLevels") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "AccessLevels") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ServicePerimeterConfig: `ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.

func (*ServicePerimeterConfig) MarshalJSON

func (s *ServicePerimeterConfig) MarshalJSON() ([]byte, error)

type Status

type Status struct {
	// Code: The status code, which should be an enum value of
	// google.rpc.Code.
	Code int64 `json:"code,omitempty"`

	// Details: A list of messages that carry the error details.  There is a
	// common set of
	// message types for APIs to use.
	Details []googleapi.RawMessage `json:"details,omitempty"`

	// Message: A developer-facing error message, which should be in
	// English. Any
	// user-facing error message should be localized and sent in
	// the
	// google.rpc.Status.details field, or localized by the client.
	Message string `json:"message,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Code") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Code") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Status: The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details.

You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).

func (*Status) MarshalJSON

func (s *Status) MarshalJSON() ([]byte, error)

type VpcAccessibleServices added in v0.16.0

type VpcAccessibleServices struct {
	// AllowedServices: The list of APIs usable within the Service
	// Perimeter. Must be empty
	// unless 'enable_restriction' is True.
	AllowedServices []string `json:"allowedServices,omitempty"`

	// EnableRestriction: Whether to restrict API calls within the Service
	// Perimeter to the list of
	// APIs specified in 'allowed_services'.
	EnableRestriction bool `json:"enableRestriction,omitempty"`

	// ForceSendFields is a list of field names (e.g. "AllowedServices") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "AllowedServices") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

VpcAccessibleServices: Specifies how APIs are allowed to communicate within the Service Perimeter.

func (*VpcAccessibleServices) MarshalJSON added in v0.16.0

func (s *VpcAccessibleServices) MarshalJSON() ([]byte, error)

type VpcServiceRestriction added in v0.7.0

type VpcServiceRestriction struct {
	// AllowedServices: The list of APIs usable within the Service
	// Perimeter. Must be empty
	// unless 'enable_restriction' is True.
	AllowedServices []string `json:"allowedServices,omitempty"`

	// EnableRestriction: Whether to restrict API calls within the Service
	// Perimeter to the list of
	// APIs specified in 'allowed_services'.
	EnableRestriction bool `json:"enableRestriction,omitempty"`

	// ForceSendFields is a list of field names (e.g. "AllowedServices") to
	// unconditionally include in API requests. By default, fields with
	// empty values are omitted from API requests. However, any non-pointer,
	// non-interface field appearing in ForceSendFields will be sent to the
	// server regardless of whether the field is empty or not. This may be
	// used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "AllowedServices") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

VpcServiceRestriction: Alpha. Specifies how APIs are allowed to communicate within the Service Perimeter. This message is DEPRECATED and had been renamed to VpcAccessibleServices

func (*VpcServiceRestriction) MarshalJSON added in v0.7.0

func (s *VpcServiceRestriction) MarshalJSON() ([]byte, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL