servicecontrol

package
v0.217.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 15, 2025 License: BSD-3-Clause Imports: 18 Imported by: 33

Documentation

Overview

Package servicecontrol provides access to the Service Control API.

For product documentation, see: https://cloud.google.com/service-control/

Library status

These client libraries are officially supported by Google. However, this library is considered complete and is in maintenance mode. This means that we will address critical bugs and security issues but will not add any new features.

When possible, we recommend using our newer [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go) that are still actively being worked and iterated on.

Creating a client

Usage example:

import "google.golang.org/api/servicecontrol/v2"
...
ctx := context.Background()
servicecontrolService, err := servicecontrol.NewService(ctx)

In this example, Google Application Default Credentials are used for authentication. For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.

Other authentication options

By default, all available scopes (see "Constants") are used to authenticate. To restrict scopes, use google.golang.org/api/option.WithScopes:

servicecontrolService, err := servicecontrol.NewService(ctx, option.WithScopes(servicecontrol.ServicecontrolScope))

To use an API key for authentication (note: some APIs do not support API keys), use google.golang.org/api/option.WithAPIKey:

servicecontrolService, err := servicecontrol.NewService(ctx, option.WithAPIKey("AIza..."))

To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow, use google.golang.org/api/option.WithTokenSource:

config := &oauth2.Config{...}
// ...
token, err := config.Exchange(ctx, ...)
servicecontrolService, err := servicecontrol.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))

See google.golang.org/api/option.ClientOption for details on options.

Index

Constants

View Source
const (
	// See, edit, configure, and delete your Google Cloud data and see the email
	// address for your Google Account.
	CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"

	// Manage your Google Service Control data
	ServicecontrolScope = "https://www.googleapis.com/auth/servicecontrol"
)

OAuth2 scopes used by this API.

Variables

This section is empty.

Functions

This section is empty.

Types

type Api

type Api struct {
	// Operation: The API operation name. For gRPC requests, it is the fully
	// qualified API method name, such as "google.pubsub.v1.Publisher.Publish". For
	// OpenAPI requests, it is the `operationId`, such as "getPet".
	Operation string `json:"operation,omitempty"`
	// Protocol: The API protocol used for sending the request, such as "http",
	// "https", "grpc", or "internal".
	Protocol string `json:"protocol,omitempty"`
	// Service: The API service name. It is a logical identifier for a networked
	// API, such as "pubsub.googleapis.com". The naming syntax depends on the API
	// management system being used for handling the request.
	Service string `json:"service,omitempty"`
	// Version: The API version associated with the API operation above, such as
	// "v1" or "v1alpha1".
	Version string `json:"version,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Operation") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Operation") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Api: This message defines attributes associated with API operations, such as a network API request. The terminology is based on the conventions used by Google APIs, Istio, and OpenAPI.

func (Api) MarshalJSON

func (s Api) MarshalJSON() ([]byte, error)

type AttributeContext

type AttributeContext struct {
	// Api: Represents an API operation that is involved to a network activity.
	Api *Api `json:"api,omitempty"`
	// Destination: The destination of a network activity, such as accepting a TCP
	// connection. In a multi hop network activity, the destination represents the
	// receiver of the last hop.
	Destination *Peer `json:"destination,omitempty"`
	// Extensions: Supports extensions for advanced use cases, such as logs and
	// metrics.
	Extensions []googleapi.RawMessage `json:"extensions,omitempty"`
	// Origin: The origin of a network activity. In a multi hop network activity,
	// the origin represents the sender of the first hop. For the first hop, the
	// `source` and the `origin` must have the same content.
	Origin *Peer `json:"origin,omitempty"`
	// Request: Represents a network request, such as an HTTP request.
	Request *Request `json:"request,omitempty"`
	// Resource: Represents a target resource that is involved with a network
	// activity. If multiple resources are involved with an activity, this must be
	// the primary one.
	Resource *Resource `json:"resource,omitempty"`
	// Response: Represents a network response, such as an HTTP response.
	Response *Response `json:"response,omitempty"`
	// Source: The source of a network activity, such as starting a TCP connection.
	// In a multi hop network activity, the source represents the sender of the
	// last hop.
	Source *Peer `json:"source,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Api") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Api") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

AttributeContext: This message defines the standard attribute vocabulary for Google APIs. An attribute is a piece of metadata that describes an activity on a network service. For example, the size of an HTTP request, or the status code of an HTTP response. Each attribute has a type and a name, which is logically defined as a proto message field in `AttributeContext`. The field type becomes the attribute type, and the field path becomes the attribute name. For example, the attribute `source.ip` maps to field `AttributeContext.source.ip`. This message definition is guaranteed not to have any wire breaking change. So you can use it directly for passing attributes across different systems. NOTE: Different system may generate different subset of attributes. Please verify the system specification before relying on an attribute generated a system.

func (AttributeContext) MarshalJSON

func (s AttributeContext) MarshalJSON() ([]byte, error)

type AuditLog

type AuditLog struct {
	// AuthenticationInfo: Authentication information.
	AuthenticationInfo *AuthenticationInfo `json:"authenticationInfo,omitempty"`
	// AuthorizationInfo: Authorization information. If there are multiple
	// resources or permissions involved, then there is one AuthorizationInfo
	// element for each {resource, permission} tuple.
	AuthorizationInfo []*AuthorizationInfo `json:"authorizationInfo,omitempty"`
	// Metadata: Other service-specific data about the request, response, and other
	// information associated with the current audited event.
	Metadata googleapi.RawMessage `json:"metadata,omitempty"`
	// MethodName: The name of the service method or operation. For API calls, this
	// should be the name of the API method. For example,
	// "google.cloud.bigquery.v2.TableService.InsertTable"
	// "google.logging.v2.ConfigServiceV2.CreateSink"
	MethodName string `json:"methodName,omitempty"`
	// NumResponseItems: The number of items returned from a List or Query API
	// method, if applicable.
	NumResponseItems int64 `json:"numResponseItems,omitempty,string"`
	// PolicyViolationInfo: Indicates the policy violations for this request. If
	// the request is denied by the policy, violation information will be logged
	// here.
	PolicyViolationInfo *PolicyViolationInfo `json:"policyViolationInfo,omitempty"`
	// Request: The operation request. This may not include all request parameters,
	// such as those that are too large, privacy-sensitive, or duplicated elsewhere
	// in the log record. It should never include user-generated data, such as file
	// contents. When the JSON object represented here has a proto equivalent, the
	// proto name will be indicated in the `@type` property.
	Request googleapi.RawMessage `json:"request,omitempty"`
	// RequestMetadata: Metadata about the operation.
	RequestMetadata *RequestMetadata `json:"requestMetadata,omitempty"`
	// ResourceLocation: The resource location information.
	ResourceLocation *ResourceLocation `json:"resourceLocation,omitempty"`
	// ResourceName: The resource or collection that is the target of the
	// operation. The name is a scheme-less URI, not including the API service
	// name. For example: "projects/PROJECT_ID/zones/us-central1-a/instances"
	// "projects/PROJECT_ID/datasets/DATASET_ID"
	ResourceName string `json:"resourceName,omitempty"`
	// ResourceOriginalState: The resource's original state before mutation.
	// Present only for operations which have successfully modified the targeted
	// resource(s). In general, this field should contain all changed fields,
	// except those that are already been included in `request`, `response`,
	// `metadata` or `service_data` fields. When the JSON object represented here
	// has a proto equivalent, the proto name will be indicated in the `@type`
	// property.
	ResourceOriginalState googleapi.RawMessage `json:"resourceOriginalState,omitempty"`
	// Response: The operation response. This may not include all response
	// elements, such as those that are too large, privacy-sensitive, or duplicated
	// elsewhere in the log record. It should never include user-generated data,
	// such as file contents. When the JSON object represented here has a proto
	// equivalent, the proto name will be indicated in the `@type` property.
	Response googleapi.RawMessage `json:"response,omitempty"`
	// ServiceData: Deprecated. Use the `metadata` field instead. Other
	// service-specific data about the request, response, and other activities.
	ServiceData googleapi.RawMessage `json:"serviceData,omitempty"`
	// ServiceName: The name of the API service performing the operation. For
	// example, "compute.googleapis.com".
	ServiceName string `json:"serviceName,omitempty"`
	// Status: The status of the overall operation.
	Status *Status `json:"status,omitempty"`
	// ForceSendFields is a list of field names (e.g. "AuthenticationInfo") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "AuthenticationInfo") to include
	// in API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

AuditLog: Common audit log format for Google Cloud Platform API operations.

func (AuditLog) MarshalJSON

func (s AuditLog) MarshalJSON() ([]byte, error)

type Auth

type Auth struct {
	// AccessLevels: A list of access level resource names that allow resources to
	// be accessed by authenticated requester. It is part of Secure GCP processing
	// for the incoming request. An access level string has the format:
	// "//{api_service_name}/accessPolicies/{policy_id}/accessLevels/{short_name}"
	// Example:
	// "//accesscontextmanager.googleapis.com/accessPolicies/MY_POLICY_ID/accessLeve
	// ls/MY_LEVEL"
	AccessLevels []string `json:"accessLevels,omitempty"`
	// Audiences: The intended audience(s) for this authentication information.
	// Reflects the audience (`aud`) claim within a JWT. The audience value(s)
	// depends on the `issuer`, but typically include one or more of the following
	// pieces of information: * The services intended to receive the credential.
	// For example, ["https://pubsub.googleapis.com/",
	// "https://storage.googleapis.com/"]. * A set of service-based scopes. For
	// example, ["https://www.googleapis.com/auth/cloud-platform"]. * The client id
	// of an app, such as the Firebase project id for JWTs from Firebase Auth.
	// Consult the documentation for the credential issuer to determine the
	// information provided.
	Audiences []string `json:"audiences,omitempty"`
	// Claims: Structured claims presented with the credential. JWTs include `{key:
	// value}` pairs for standard and private claims. The following is a subset of
	// the standard required and optional claims that would typically be presented
	// for a Google-based JWT: {'iss': 'accounts.google.com', 'sub':
	// '113289723416554971153', 'aud': ['123456789012', 'pubsub.googleapis.com'],
	// 'azp': '123456789012.apps.googleusercontent.com', 'email':
	// 'jsmith@example.com', 'iat': 1353601026, 'exp': 1353604926} SAML assertions
	// are similarly specified, but with an identity provider dependent structure.
	Claims googleapi.RawMessage `json:"claims,omitempty"`
	// Presenter: The authorized presenter of the credential. Reflects the optional
	// Authorized Presenter (`azp`) claim within a JWT or the OAuth client id. For
	// example, a Google Cloud Platform client id looks as follows:
	// "123456789012.apps.googleusercontent.com".
	Presenter string `json:"presenter,omitempty"`
	// Principal: The authenticated principal. Reflects the issuer (`iss`) and
	// subject (`sub`) claims within a JWT. The issuer and subject should be `/`
	// delimited, with `/` percent-encoded within the subject fragment. For Google
	// accounts, the principal format is: "https://accounts.google.com/{id}"
	Principal string `json:"principal,omitempty"`
	// ForceSendFields is a list of field names (e.g. "AccessLevels") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "AccessLevels") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Auth: This message defines request authentication attributes. Terminology is based on the JSON Web Token (JWT) standard, but the terms also correlate to concepts in other standards.

func (Auth) MarshalJSON

func (s Auth) MarshalJSON() ([]byte, error)

type AuthenticationInfo

type AuthenticationInfo struct {
	// AuthoritySelector: The authority selector specified by the requestor, if
	// any. It is not guaranteed that the principal was allowed to use this
	// authority.
	AuthoritySelector string `json:"authoritySelector,omitempty"`
	// PrincipalEmail: The email address of the authenticated user (or service
	// account on behalf of third party principal) making the request. For third
	// party identity callers, the `principal_subject` field is populated instead
	// of this field. For privacy reasons, the principal email address is sometimes
	// redacted. For more information, see Caller identities in audit logs
	// (https://cloud.google.com/logging/docs/audit#user-id).
	PrincipalEmail string `json:"principalEmail,omitempty"`
	// PrincipalSubject: String representation of identity of requesting party.
	// Populated for both first and third party identities.
	PrincipalSubject string `json:"principalSubject,omitempty"`
	// ServiceAccountDelegationInfo: Identity delegation history of an
	// authenticated service account that makes the request. It contains
	// information on the real authorities that try to access GCP resources by
	// delegating on a service account. When multiple authorities present, they are
	// guaranteed to be sorted based on the original ordering of the identity
	// delegation events.
	ServiceAccountDelegationInfo []*ServiceAccountDelegationInfo `json:"serviceAccountDelegationInfo,omitempty"`
	// ServiceAccountKeyName: The name of the service account key used to create or
	// exchange credentials for authenticating the service account making the
	// request. This is a scheme-less URI full resource name. For example:
	// "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{k
	// ey}"
	ServiceAccountKeyName string `json:"serviceAccountKeyName,omitempty"`
	// ServiceDelegationHistory: Records the history of delegated resource access
	// across Google services.
	ServiceDelegationHistory *ServiceDelegationHistory `json:"serviceDelegationHistory,omitempty"`
	// ThirdPartyPrincipal: The third party identification (if any) of the
	// authenticated user making the request. When the JSON object represented here
	// has a proto equivalent, the proto name will be indicated in the `@type`
	// property.
	ThirdPartyPrincipal googleapi.RawMessage `json:"thirdPartyPrincipal,omitempty"`
	// ForceSendFields is a list of field names (e.g. "AuthoritySelector") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "AuthoritySelector") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

AuthenticationInfo: Authentication information for the operation.

func (AuthenticationInfo) MarshalJSON

func (s AuthenticationInfo) MarshalJSON() ([]byte, error)

type AuthorizationInfo

type AuthorizationInfo struct {
	// Granted: Whether or not authorization for `resource` and `permission` was
	// granted.
	Granted bool `json:"granted,omitempty"`
	// Permission: The required IAM permission.
	Permission string `json:"permission,omitempty"`
	// PermissionType: The type of the permission that was checked. For data access
	// audit logs this corresponds with the permission type that must be enabled in
	// the project/folder/organization IAM policy in order for the log to be
	// written.
	//
	// Possible values:
	//   "PERMISSION_TYPE_UNSPECIFIED" - Default. Should not be used.
	//   "ADMIN_READ" - Permissions that gate reading resource configuration or
	// metadata.
	//   "ADMIN_WRITE" - Permissions that gate modification of resource
	// configuration or metadata.
	//   "DATA_READ" - Permissions that gate reading user-provided data.
	//   "DATA_WRITE" - Permissions that gate writing user-provided data.
	PermissionType string `json:"permissionType,omitempty"`
	// Resource: The resource being accessed, as a REST-style or cloud resource
	// string. For example:
	// bigquery.googleapis.com/projects/PROJECTID/datasets/DATASETID or
	// projects/PROJECTID/datasets/DATASETID
	Resource string `json:"resource,omitempty"`
	// ResourceAttributes: Resource attributes used in IAM condition evaluation.
	// This field contains resource attributes like resource type and resource
	// name. To get the whole view of the attributes used in IAM condition
	// evaluation, the user must also look into
	// `AuditLog.request_metadata.request_attributes`.
	ResourceAttributes *Resource `json:"resourceAttributes,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Granted") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Granted") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

AuthorizationInfo: Authorization information for the operation.

func (AuthorizationInfo) MarshalJSON

func (s AuthorizationInfo) MarshalJSON() ([]byte, error)

type CheckRequest

type CheckRequest struct {
	// Attributes: Describes attributes about the operation being executed by the
	// service.
	Attributes *AttributeContext `json:"attributes,omitempty"`
	// Flags: Optional. Contains a comma-separated list of flags.
	Flags string `json:"flags,omitempty"`
	// Resources: Describes the resources and the policies applied to each
	// resource.
	Resources []*ResourceInfo `json:"resources,omitempty"`
	// ServiceConfigId: Specifies the version of the service configuration that
	// should be used to process the request. Must not be empty. Set this field to
	// 'latest' to specify using the latest configuration.
	ServiceConfigId string `json:"serviceConfigId,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Attributes") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Attributes") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

CheckRequest: Request message for the Check method.

func (CheckRequest) MarshalJSON

func (s CheckRequest) MarshalJSON() ([]byte, error)

type CheckResponse

type CheckResponse struct {
	// DynamicMetadata: Optional response metadata that will be emitted as dynamic
	// metadata to be consumed by the caller of ServiceController. For
	// compatibility with the ext_authz interface.
	DynamicMetadata googleapi.RawMessage `json:"dynamicMetadata,omitempty"`
	// Headers: Returns a set of request contexts generated from the
	// `CheckRequest`.
	Headers map[string]string `json:"headers,omitempty"`
	// Status: Operation is allowed when this field is not set. Any non-'OK' status
	// indicates a denial; google.rpc.Status.details would contain additional
	// details about the denial.
	Status *Status `json:"status,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "DynamicMetadata") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "DynamicMetadata") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

CheckResponse: Response message for the Check method.

func (CheckResponse) MarshalJSON

func (s CheckResponse) MarshalJSON() ([]byte, error)

type FirstPartyPrincipal

type FirstPartyPrincipal struct {
	// PrincipalEmail: The email address of a Google account. .
	PrincipalEmail string `json:"principalEmail,omitempty"`
	// ServiceMetadata: Metadata about the service that uses the service account. .
	ServiceMetadata googleapi.RawMessage `json:"serviceMetadata,omitempty"`
	// ForceSendFields is a list of field names (e.g. "PrincipalEmail") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "PrincipalEmail") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

FirstPartyPrincipal: First party identity principal.

func (FirstPartyPrincipal) MarshalJSON

func (s FirstPartyPrincipal) MarshalJSON() ([]byte, error)

type OrgPolicyViolationInfo added in v0.74.0

type OrgPolicyViolationInfo struct {
	// Payload: Optional. Deprecated. Resource payload that is currently in scope
	// and is subjected to orgpolicy conditions. This payload may be the subset of
	// the actual Resource that may come in the request.
	Payload googleapi.RawMessage `json:"payload,omitempty"`
	// ResourceTags: Optional. Deprecated. Tags referenced on the resource at the
	// time of evaluation.
	ResourceTags map[string]string `json:"resourceTags,omitempty"`
	// ResourceType: Optional. Resource type that the orgpolicy is checked against.
	// Example: compute.googleapis.com/Instance, store.googleapis.com/bucket
	ResourceType string `json:"resourceType,omitempty"`
	// ViolationInfo: Optional. Policy violations
	ViolationInfo []*ViolationInfo `json:"violationInfo,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Payload") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Payload") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

OrgPolicyViolationInfo: Represents OrgPolicy Violation information.

func (OrgPolicyViolationInfo) MarshalJSON added in v0.74.0

func (s OrgPolicyViolationInfo) MarshalJSON() ([]byte, error)

type Peer

type Peer struct {
	// Ip: The IP address of the peer.
	Ip string `json:"ip,omitempty"`
	// Labels: The labels associated with the peer.
	Labels map[string]string `json:"labels,omitempty"`
	// Port: The network port of the peer.
	Port int64 `json:"port,omitempty,string"`
	// Principal: The identity of this peer. Similar to `Request.auth.principal`,
	// but relative to the peer instead of the request. For example, the identity
	// associated with a load balancer that forwarded the request.
	Principal string `json:"principal,omitempty"`
	// RegionCode: The CLDR country/region code associated with the above IP
	// address. If the IP address is private, the `region_code` should reflect the
	// physical location where this peer is running.
	RegionCode string `json:"regionCode,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Ip") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Ip") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Peer: This message defines attributes for a node that handles a network request. The node can be either a service or an application that sends, forwards, or receives the request. Service peers should fill in `principal` and `labels` as appropriate.

func (Peer) MarshalJSON

func (s Peer) MarshalJSON() ([]byte, error)

type PolicyViolationInfo added in v0.74.0

type PolicyViolationInfo struct {
	// OrgPolicyViolationInfo: Indicates the orgpolicy violations for this
	// resource.
	OrgPolicyViolationInfo *OrgPolicyViolationInfo `json:"orgPolicyViolationInfo,omitempty"`
	// ForceSendFields is a list of field names (e.g. "OrgPolicyViolationInfo") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "OrgPolicyViolationInfo") to
	// include in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

PolicyViolationInfo: Information related to policy violations for this request.

func (PolicyViolationInfo) MarshalJSON added in v0.74.0

func (s PolicyViolationInfo) MarshalJSON() ([]byte, error)

type ReportRequest

type ReportRequest struct {
	// Operations: Describes the list of operations to be reported. Each operation
	// is represented as an AttributeContext, and contains all attributes around an
	// API access.
	Operations []*AttributeContext `json:"operations,omitempty"`
	// ServiceConfigId: Specifies the version of the service configuration that
	// should be used to process the request. Must not be empty. Set this field to
	// 'latest' to specify using the latest configuration.
	ServiceConfigId string `json:"serviceConfigId,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Operations") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Operations") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ReportRequest: Request message for the Report method.

func (ReportRequest) MarshalJSON

func (s ReportRequest) MarshalJSON() ([]byte, error)

type ReportResponse

type ReportResponse struct {
	// Extensions: The extension field to store serialized OTel responses. e.g.
	// ExportLogsServiceResponse, ExportMetricsServiceResponse.
	Extensions googleapi.RawMessage `json:"extensions,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "Extensions") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Extensions") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ReportResponse: Response message for the Report method.

func (ReportResponse) MarshalJSON added in v0.173.0

func (s ReportResponse) MarshalJSON() ([]byte, error)

type Request

type Request struct {
	// Auth: The request authentication. May be absent for unauthenticated
	// requests. Derived from the HTTP request `Authorization` header or
	// equivalent.
	Auth *Auth `json:"auth,omitempty"`
	// Headers: The HTTP request headers. If multiple headers share the same key,
	// they must be merged according to the HTTP spec. All header keys must be
	// lowercased, because HTTP header keys are case-insensitive.
	Headers map[string]string `json:"headers,omitempty"`
	// Host: The HTTP request `Host` header value.
	Host string `json:"host,omitempty"`
	// Id: The unique ID for a request, which can be propagated to downstream
	// systems. The ID should have low probability of collision within a single day
	// for a specific service.
	Id string `json:"id,omitempty"`
	// Method: The HTTP request method, such as `GET`, `POST`.
	Method string `json:"method,omitempty"`
	// Path: The HTTP URL path, excluding the query parameters.
	Path string `json:"path,omitempty"`
	// Protocol: The network protocol used with the request, such as "http/1.1",
	// "spdy/3", "h2", "h2c", "webrtc", "tcp", "udp", "quic". See
	// https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids
	// for details.
	Protocol string `json:"protocol,omitempty"`
	// Query: The HTTP URL query in the format of `name1=value1&name2=value2`, as
	// it appears in the first line of the HTTP request. No decoding is performed.
	Query string `json:"query,omitempty"`
	// Reason: A special parameter for request reason. It is used by security
	// systems to associate auditing information with a request.
	Reason string `json:"reason,omitempty"`
	// Scheme: The HTTP URL scheme, such as `http` and `https`.
	Scheme string `json:"scheme,omitempty"`
	// Size: The HTTP request size in bytes. If unknown, it must be -1.
	Size int64 `json:"size,omitempty,string"`
	// Time: The timestamp when the `destination` service receives the last byte of
	// the request.
	Time string `json:"time,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Auth") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Auth") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Request: This message defines attributes for an HTTP request. If the actual request is not an HTTP request, the runtime system should try to map the actual request to an equivalent HTTP request.

func (Request) MarshalJSON

func (s Request) MarshalJSON() ([]byte, error)

type RequestMetadata

type RequestMetadata struct {
	// CallerIp: The IP address of the caller. For a caller from the internet, this
	// will be the public IPv4 or IPv6 address. For calls made from inside Google's
	// internal production network from one GCP service to another, `caller_ip`
	// will be redacted to "private". For a caller from a Compute Engine VM with a
	// external IP address, `caller_ip` will be the VM's external IP address. For a
	// caller from a Compute Engine VM without a external IP address, if the VM is
	// in the same organization (or project) as the accessed resource, `caller_ip`
	// will be the VM's internal IPv4 address, otherwise `caller_ip` will be
	// redacted to "gce-internal-ip". See
	// https://cloud.google.com/compute/docs/vpc/ for more information.
	CallerIp string `json:"callerIp,omitempty"`
	// CallerNetwork: The network of the caller. Set only if the network host
	// project is part of the same GCP organization (or project) as the accessed
	// resource. See https://cloud.google.com/compute/docs/vpc/ for more
	// information. This is a scheme-less URI full resource name. For example:
	// "//compute.googleapis.com/projects/PROJECT_ID/global/networks/NETWORK_ID"
	CallerNetwork string `json:"callerNetwork,omitempty"`
	// CallerSuppliedUserAgent: The user agent of the caller. This information is
	// not authenticated and should be treated accordingly. For example: +
	// `google-api-python-client/1.4.0`: The request was made by the Google API
	// client for Python. + `Cloud SDK Command Line Tool apitools-client/1.0
	// gcloud/0.9.62`: The request was made by the Google Cloud SDK CLI (gcloud). +
	// `AppEngine-Google; (+http://code.google.com/appengine; appid: s~my-project`:
	// The request was made from the `my-project` App Engine app.
	CallerSuppliedUserAgent string `json:"callerSuppliedUserAgent,omitempty"`
	// DestinationAttributes: The destination of a network activity, such as
	// accepting a TCP connection. In a multi hop network activity, the destination
	// represents the receiver of the last hop. Only two fields are used in this
	// message, Peer.port and Peer.ip. These fields are optionally populated by
	// those services utilizing the IAM condition feature.
	DestinationAttributes *Peer `json:"destinationAttributes,omitempty"`
	// RequestAttributes: Request attributes used in IAM condition evaluation. This
	// field contains request attributes like request time and access levels
	// associated with the request. To get the whole view of the attributes used in
	// IAM condition evaluation, the user must also look into
	// `AuditLog.authentication_info.resource_attributes`.
	RequestAttributes *Request `json:"requestAttributes,omitempty"`
	// ForceSendFields is a list of field names (e.g. "CallerIp") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "CallerIp") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

RequestMetadata: Metadata about the request.

func (RequestMetadata) MarshalJSON

func (s RequestMetadata) MarshalJSON() ([]byte, error)

type Resource

type Resource struct {
	// Annotations: Annotations is an unstructured key-value map stored with a
	// resource that may be set by external tools to store and retrieve arbitrary
	// metadata. They are not queryable and should be preserved when modifying
	// objects. More info:
	// https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
	Annotations map[string]string `json:"annotations,omitempty"`
	// CreateTime: Output only. The timestamp when the resource was created. This
	// may be either the time creation was initiated or when it was completed.
	CreateTime string `json:"createTime,omitempty"`
	// DeleteTime: Output only. The timestamp when the resource was deleted. If the
	// resource is not deleted, this must be empty.
	DeleteTime string `json:"deleteTime,omitempty"`
	// DisplayName: Mutable. The display name set by clients. Must be <= 63
	// characters.
	DisplayName string `json:"displayName,omitempty"`
	// Etag: Output only. An opaque value that uniquely identifies a version or
	// generation of a resource. It can be used to confirm that the client and
	// server agree on the ordering of a resource being written.
	Etag string `json:"etag,omitempty"`
	// Labels: The labels or tags on the resource, such as AWS resource tags and
	// Kubernetes resource labels.
	Labels map[string]string `json:"labels,omitempty"`
	// Location: Immutable. The location of the resource. The location encoding is
	// specific to the service provider, and new encoding may be introduced as the
	// service evolves. For Google Cloud products, the encoding is what is used by
	// Google Cloud APIs, such as `us-east1`, `aws-us-east-1`, and `azure-eastus2`.
	// The semantics of `location` is identical to the
	// `cloud.googleapis.com/location` label used by some Google Cloud APIs.
	Location string `json:"location,omitempty"`
	// Name: The stable identifier (name) of a resource on the `service`. A
	// resource can be logically identified as
	// "//{resource.service}/{resource.name}". The differences between a resource
	// name and a URI are: * Resource name is a logical identifier, independent of
	// network protocol and API version. For example,
	// `//pubsub.googleapis.com/projects/123/topics/news-feed`. * URI often
	// includes protocol and version information, so it can be used directly by
	// applications. For example,
	// `https://pubsub.googleapis.com/v1/projects/123/topics/news-feed`. See
	// https://cloud.google.com/apis/design/resource_names for details.
	Name string `json:"name,omitempty"`
	// Service: The name of the service that this resource belongs to, such as
	// `pubsub.googleapis.com`. The service may be different from the DNS hostname
	// that actually serves the request.
	Service string `json:"service,omitempty"`
	// Type: The type of the resource. The syntax is platform-specific because
	// different platforms define their resources differently. For Google APIs, the
	// type format must be "{service}/{kind}", such as
	// "pubsub.googleapis.com/Topic".
	Type string `json:"type,omitempty"`
	// Uid: The unique identifier of the resource. UID is unique in the time and
	// space for this resource within the scope of the service. It is typically
	// generated by the server on successful creation of a resource and must not be
	// changed. UID is used to uniquely identify resources with resource name
	// reuses. This should be a UUID4.
	Uid string `json:"uid,omitempty"`
	// UpdateTime: Output only. The timestamp when the resource was last updated.
	// Any change to the resource made by users must refresh this value. Changes to
	// a resource made by the service should refresh this value.
	UpdateTime string `json:"updateTime,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Annotations") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Annotations") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Resource: This message defines core attributes for a resource. A resource is an addressable (named) entity provided by the destination service. For example, a file stored on a network storage service.

func (Resource) MarshalJSON

func (s Resource) MarshalJSON() ([]byte, error)

type ResourceInfo

type ResourceInfo struct {
	// Container: Optional. The identifier of the container of this resource. For
	// Google Cloud APIs, the resource container must be one of the following
	// formats: - `projects/` - `folders/` - `organizations/` Required for the
	// policy enforcement on the container level (e.g. VPCSC, Location Policy
	// check, Org Policy check).
	Container string `json:"container,omitempty"`
	// Location: Optional. The location of the resource, it must be a valid zone,
	// region or multiregion, for example: "europe-west4",
	// "northamerica-northeast1-a". Required for location policy check.
	Location string `json:"location,omitempty"`
	// Name: The name of the resource referenced in the request.
	Name string `json:"name,omitempty"`
	// Permission: The resource permission needed for this request. The format must
	// be "{service}/{plural}.{verb}".
	Permission string `json:"permission,omitempty"`
	// Type: The resource type in the format of "{service}/{kind}".
	Type string `json:"type,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Container") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Container") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ResourceInfo: Describes a resource referenced in the request.

func (ResourceInfo) MarshalJSON

func (s ResourceInfo) MarshalJSON() ([]byte, error)

type ResourceLocation

type ResourceLocation struct {
	// CurrentLocations: The locations of a resource after the execution of the
	// operation. Requests to create or delete a location based resource must
	// populate the 'current_locations' field and not the 'original_locations'
	// field. For example: "europe-west1-a" "us-east1" "nam3"
	CurrentLocations []string `json:"currentLocations,omitempty"`
	// OriginalLocations: The locations of a resource prior to the execution of the
	// operation. Requests that mutate the resource's location must populate both
	// the 'original_locations' as well as the 'current_locations' fields. For
	// example: "europe-west1-a" "us-east1" "nam3"
	OriginalLocations []string `json:"originalLocations,omitempty"`
	// ForceSendFields is a list of field names (e.g. "CurrentLocations") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "CurrentLocations") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ResourceLocation: Location information about a resource.

func (ResourceLocation) MarshalJSON

func (s ResourceLocation) MarshalJSON() ([]byte, error)

type Response

type Response struct {
	// BackendLatency: The amount of time it takes the backend service to fully
	// respond to a request. Measured from when the destination service starts to
	// send the request to the backend until when the destination service receives
	// the complete response from the backend.
	BackendLatency string `json:"backendLatency,omitempty"`
	// Code: The HTTP response status code, such as `200` and `404`.
	Code int64 `json:"code,omitempty,string"`
	// Headers: The HTTP response headers. If multiple headers share the same key,
	// they must be merged according to HTTP spec. All header keys must be
	// lowercased, because HTTP header keys are case-insensitive.
	Headers map[string]string `json:"headers,omitempty"`
	// Size: The HTTP response size in bytes. If unknown, it must be -1.
	Size int64 `json:"size,omitempty,string"`
	// Time: The timestamp when the `destination` service sends the last byte of
	// the response.
	Time string `json:"time,omitempty"`
	// ForceSendFields is a list of field names (e.g. "BackendLatency") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "BackendLatency") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Response: This message defines attributes for a typical network response. It generally models semantics of an HTTP response.

func (Response) MarshalJSON

func (s Response) MarshalJSON() ([]byte, error)

type Service

type Service struct {
	BasePath  string // API endpoint base URL
	UserAgent string // optional additional User-Agent fragment

	Services *ServicesService
	// contains filtered or unexported fields
}

func New deprecated

func New(client *http.Client) (*Service, error)

New creates a new Service. It uses the provided http.Client for requests.

Deprecated: please use NewService instead. To provide a custom HTTP client, use option.WithHTTPClient. If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.

func NewService

func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error)

NewService creates a new Service.

type ServiceAccountDelegationInfo

type ServiceAccountDelegationInfo struct {
	// FirstPartyPrincipal: First party (Google) identity as the real authority.
	FirstPartyPrincipal *FirstPartyPrincipal `json:"firstPartyPrincipal,omitempty"`
	// PrincipalSubject: A string representing the principal_subject associated
	// with the identity. For most identities, the format will be
	// `principal://iam.googleapis.com/{identity pool name}/subject/{subject)`
	// except for some GKE identities (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD)
	// that are still in the legacy format `serviceAccount:{identity pool
	// name}[{subject}]`
	PrincipalSubject string `json:"principalSubject,omitempty"`
	// ThirdPartyPrincipal: Third party identity as the real authority.
	ThirdPartyPrincipal *ThirdPartyPrincipal `json:"thirdPartyPrincipal,omitempty"`
	// ForceSendFields is a list of field names (e.g. "FirstPartyPrincipal") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "FirstPartyPrincipal") to include
	// in API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ServiceAccountDelegationInfo: Identity delegation history of an authenticated service account.

func (ServiceAccountDelegationInfo) MarshalJSON

func (s ServiceAccountDelegationInfo) MarshalJSON() ([]byte, error)

type ServiceDelegationHistory added in v0.135.0

type ServiceDelegationHistory struct {
	// OriginalPrincipal: The original end user who initiated the request to GCP.
	OriginalPrincipal string `json:"originalPrincipal,omitempty"`
	// ServiceMetadata: Data identifying the service specific jobs or units of work
	// that were involved in a chain of service calls.
	ServiceMetadata []*ServiceMetadata `json:"serviceMetadata,omitempty"`
	// ForceSendFields is a list of field names (e.g. "OriginalPrincipal") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "OriginalPrincipal") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ServiceDelegationHistory: The history of delegation across multiple services as the result of the original user's action. Such as "service A uses its own account to do something for user B". This differs from ServiceAccountDelegationInfo, which only tracks the history of direct token exchanges (impersonation).

func (ServiceDelegationHistory) MarshalJSON added in v0.135.0

func (s ServiceDelegationHistory) MarshalJSON() ([]byte, error)

type ServiceMetadata added in v0.135.0

type ServiceMetadata struct {
	// JobMetadata: Additional metadata provided by service teams to describe
	// service specific job information that was triggered by the original
	// principal.
	JobMetadata googleapi.RawMessage `json:"jobMetadata,omitempty"`
	// PrincipalSubject: A string representing the principal_subject associated
	// with the identity. For most identities, the format will be
	// `principal://iam.googleapis.com/{identity pool name}/subject/{subject)`
	// except for some GKE identities (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD)
	// that are still in the legacy format `serviceAccount:{identity pool
	// name}[{subject}]` If the identity is a Google account (e.g. workspace user
	// account or service account), this will be the email of the prefixed by
	// `serviceAccount:`. For example:
	// `serviceAccount:my-service-account@project-1.iam.gserviceaccount.com`. If
	// the identity is an individual user, the identity will be formatted as:
	// `user:user_ABC@email.com`.
	PrincipalSubject string `json:"principalSubject,omitempty"`
	// ServiceDomain: The service's fully qualified domain name, e.g.
	// "dataproc.googleapis.com".
	ServiceDomain string `json:"serviceDomain,omitempty"`
	// ForceSendFields is a list of field names (e.g. "JobMetadata") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "JobMetadata") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ServiceMetadata: Metadata describing the service and additional service specific information used to identify the job or unit of work at hand.

func (ServiceMetadata) MarshalJSON added in v0.135.0

func (s ServiceMetadata) MarshalJSON() ([]byte, error)

type ServicesCheckCall

type ServicesCheckCall struct {
	// contains filtered or unexported fields
}

func (*ServicesCheckCall) Context

Context sets the context to be used in this call's Do method.

func (*ServicesCheckCall) Do

Do executes the "servicecontrol.services.check" call. Any non-2xx status code is an error. Response headers are in either *CheckResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ServicesCheckCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ServicesCheckCall) Header

func (c *ServicesCheckCall) Header() http.Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type ServicesReportCall

type ServicesReportCall struct {
	// contains filtered or unexported fields
}

func (*ServicesReportCall) Context

Context sets the context to be used in this call's Do method.

func (*ServicesReportCall) Do

Do executes the "servicecontrol.services.report" call. Any non-2xx status code is an error. Response headers are in either *ReportResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ServicesReportCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ServicesReportCall) Header

func (c *ServicesReportCall) Header() http.Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type ServicesService

type ServicesService struct {
	// contains filtered or unexported fields
}

func NewServicesService

func NewServicesService(s *Service) *ServicesService

func (*ServicesService) Check

func (r *ServicesService) Check(serviceName string, checkrequest *CheckRequest) *ServicesCheckCall

Check: Private Preview. This feature is only available for approved services. This method provides admission control for services that are integrated with Service Infrastructure (https://cloud.google.com/service-infrastructure). It checks whether an operation should be allowed based on the service configuration and relevant policies. It must be called before the operation is executed. For more information, see Admission Control (https://cloud.google.com/service-infrastructure/docs/admission-control). NOTE: The admission control has an expected policy propagation delay of 60s. The caller **must** not depend on the most recent policy changes. NOTE: The admission control has a hard limit of 1 referenced resources per call. If an operation refers to more than 1 resources, the caller must call the Check method multiple times. This method requires the `servicemanagement.services.check` permission on the specified service. For more information, see Service Control API Access Control (https://cloud.google.com/service-infrastructure/docs/service-control/access-control).

func (*ServicesService) Report

func (r *ServicesService) Report(serviceName string, reportrequest *ReportRequest) *ServicesReportCall

Report: Private Preview. This feature is only available for approved services. This method provides telemetry reporting for services that are integrated with Service Infrastructure (https://cloud.google.com/service-infrastructure). It reports a list of operations that have occurred on a service. It must be called after the operations have been executed. For more information, see Telemetry Reporting (https://cloud.google.com/service-infrastructure/docs/telemetry-reporting). NOTE: The telemetry reporting has a hard limit of 1000 operations and 1MB per Report call. It is recommended to have no more than 100 operations per call. This method requires the `servicemanagement.services.report` permission on the specified service. For more information, see Service Control API Access Control (https://cloud.google.com/service-infrastructure/docs/service-control/access-control).

type SpanContext

type SpanContext struct {
	// SpanName: The resource name of the span. The format is:
	// projects/[PROJECT_ID_OR_NUMBER]/traces/[TRACE_ID]/spans/[SPAN_ID]
	// `[TRACE_ID]` is a unique identifier for a trace within a project; it is a
	// 32-character hexadecimal encoding of a 16-byte array. `[SPAN_ID]` is a
	// unique identifier for a span within a trace; it is a 16-character
	// hexadecimal encoding of an 8-byte array.
	SpanName string `json:"spanName,omitempty"`
	// ForceSendFields is a list of field names (e.g. "SpanName") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "SpanName") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

SpanContext: The context of a span. This is attached to an Exemplar in Distribution values during aggregation. It contains the name of a span with format: projects/[PROJECT_ID_OR_NUMBER]/traces/[TRACE_ID]/spans/[SPAN_ID]

func (SpanContext) MarshalJSON

func (s SpanContext) MarshalJSON() ([]byte, error)

type Status

type Status struct {
	// Code: The status code, which should be an enum value of google.rpc.Code.
	Code int64 `json:"code,omitempty"`
	// Details: A list of messages that carry the error details. There is a common
	// set of message types for APIs to use.
	Details []googleapi.RawMessage `json:"details,omitempty"`
	// Message: A developer-facing error message, which should be in English. Any
	// user-facing error message should be localized and sent in the
	// google.rpc.Status.details field, or localized by the client.
	Message string `json:"message,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Code") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Code") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Status: The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by gRPC (https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the API Design Guide (https://cloud.google.com/apis/design/errors).

func (Status) MarshalJSON

func (s Status) MarshalJSON() ([]byte, error)

type ThirdPartyPrincipal

type ThirdPartyPrincipal struct {
	// ThirdPartyClaims: Metadata about third party identity.
	ThirdPartyClaims googleapi.RawMessage `json:"thirdPartyClaims,omitempty"`
	// ForceSendFields is a list of field names (e.g. "ThirdPartyClaims") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "ThirdPartyClaims") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ThirdPartyPrincipal: Third party identity principal.

func (ThirdPartyPrincipal) MarshalJSON

func (s ThirdPartyPrincipal) MarshalJSON() ([]byte, error)

type V2HttpRequest added in v0.71.0

type V2HttpRequest struct {
	// CacheFillBytes: The number of HTTP response bytes inserted into cache. Set
	// only when a cache fill was attempted.
	CacheFillBytes int64 `json:"cacheFillBytes,omitempty,string"`
	// CacheHit: Whether or not an entity was served from cache (with or without
	// validation).
	CacheHit bool `json:"cacheHit,omitempty"`
	// CacheLookup: Whether or not a cache lookup was attempted.
	CacheLookup bool `json:"cacheLookup,omitempty"`
	// CacheValidatedWithOriginServer: Whether or not the response was validated
	// with the origin server before being served from cache. This field is only
	// meaningful if `cache_hit` is True.
	CacheValidatedWithOriginServer bool `json:"cacheValidatedWithOriginServer,omitempty"`
	// Latency: The request processing latency on the server, from the time the
	// request was received until the response was sent.
	Latency string `json:"latency,omitempty"`
	// Protocol: Protocol used for the request. Examples: "HTTP/1.1", "HTTP/2",
	// "websocket"
	Protocol string `json:"protocol,omitempty"`
	// Referer: The referer URL of the request, as defined in HTTP/1.1 Header Field
	// Definitions (https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html).
	Referer string `json:"referer,omitempty"`
	// RemoteIp: The IP address (IPv4 or IPv6) of the client that issued the HTTP
	// request. Examples: "192.168.1.1", "FE80::0202:B3FF:FE1E:8329".
	RemoteIp string `json:"remoteIp,omitempty"`
	// RequestMethod: The request method. Examples: "GET", "HEAD", "PUT",
	// "POST".
	RequestMethod string `json:"requestMethod,omitempty"`
	// RequestSize: The size of the HTTP request message in bytes, including the
	// request headers and the request body.
	RequestSize int64 `json:"requestSize,omitempty,string"`
	// RequestUrl: The scheme (http, https), the host name, the path, and the query
	// portion of the URL that was requested. Example:
	// "http://example.com/some/info?color=red".
	RequestUrl string `json:"requestUrl,omitempty"`
	// ResponseSize: The size of the HTTP response message sent back to the client,
	// in bytes, including the response headers and the response body.
	ResponseSize int64 `json:"responseSize,omitempty,string"`
	// ServerIp: The IP address (IPv4 or IPv6) of the origin server that the
	// request was sent to.
	ServerIp string `json:"serverIp,omitempty"`
	// Status: The response code indicating the status of the response. Examples:
	// 200, 404.
	Status int64 `json:"status,omitempty"`
	// UserAgent: The user agent sent by the client. Example: "Mozilla/4.0
	// (compatible; MSIE 6.0; Windows 98; Q312461; .NET CLR 1.0.3705)".
	UserAgent string `json:"userAgent,omitempty"`
	// ForceSendFields is a list of field names (e.g. "CacheFillBytes") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "CacheFillBytes") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

V2HttpRequest: A common proto for logging HTTP requests. Only contains semantics defined by the HTTP specification. Product-specific logging information MUST be defined in a separate message.

func (V2HttpRequest) MarshalJSON added in v0.71.0

func (s V2HttpRequest) MarshalJSON() ([]byte, error)

type V2LogEntry added in v0.71.0

type V2LogEntry struct {
	// HttpRequest: Optional. Information about the HTTP request associated with
	// this log entry, if applicable.
	HttpRequest *V2HttpRequest `json:"httpRequest,omitempty"`
	// InsertId: A unique ID for the log entry used for deduplication. If omitted,
	// the implementation will generate one based on operation_id.
	InsertId string `json:"insertId,omitempty"`
	// Labels: A set of user-defined (key, value) data that provides additional
	// information about the log entry.
	Labels map[string]string `json:"labels,omitempty"`
	// MonitoredResourceLabels: A set of user-defined (key, value) data that
	// provides additional information about the moniotored resource that the log
	// entry belongs to.
	MonitoredResourceLabels map[string]string `json:"monitoredResourceLabels,omitempty"`
	// Name: Required. The log to which this log entry belongs. Examples:
	// "syslog", "book_log".
	Name string `json:"name,omitempty"`
	// Operation: Optional. Information about an operation associated with the log
	// entry, if applicable.
	Operation *V2LogEntryOperation `json:"operation,omitempty"`
	// ProtoPayload: The log entry payload, represented as a protocol buffer that
	// is expressed as a JSON object. The only accepted type currently is AuditLog.
	ProtoPayload googleapi.RawMessage `json:"protoPayload,omitempty"`
	// Severity: The severity of the log entry. The default value is
	// `LogSeverity.DEFAULT`.
	//
	// Possible values:
	//   "DEFAULT" - (0) The log entry has no assigned severity level.
	//   "DEBUG" - (100) Debug or trace information.
	//   "INFO" - (200) Routine information, such as ongoing status or performance.
	//   "NOTICE" - (300) Normal but significant events, such as start up, shut
	// down, or a configuration change.
	//   "WARNING" - (400) Warning events might cause problems.
	//   "ERROR" - (500) Error events are likely to cause problems.
	//   "CRITICAL" - (600) Critical events cause more severe problems or outages.
	//   "ALERT" - (700) A person must take an action immediately.
	//   "EMERGENCY" - (800) One or more systems are unusable.
	Severity string `json:"severity,omitempty"`
	// SourceLocation: Optional. Source code location information associated with
	// the log entry, if any.
	SourceLocation *V2LogEntrySourceLocation `json:"sourceLocation,omitempty"`
	// StructPayload: The log entry payload, represented as a structure that is
	// expressed as a JSON object.
	StructPayload googleapi.RawMessage `json:"structPayload,omitempty"`
	// TextPayload: The log entry payload, represented as a Unicode string (UTF-8).
	TextPayload string `json:"textPayload,omitempty"`
	// Timestamp: The time the event described by the log entry occurred. If
	// omitted, defaults to operation start time.
	Timestamp string `json:"timestamp,omitempty"`
	// Trace: Optional. Resource name of the trace associated with the log entry,
	// if any. If this field contains a relative resource name, you can assume the
	// name is relative to `//tracing.googleapis.com`. Example:
	// `projects/my-projectid/traces/06796866738c859f2f19b7cfb3214824`
	Trace string `json:"trace,omitempty"`
	// ForceSendFields is a list of field names (e.g. "HttpRequest") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "HttpRequest") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

V2LogEntry: An individual log entry.

func (V2LogEntry) MarshalJSON added in v0.71.0

func (s V2LogEntry) MarshalJSON() ([]byte, error)

type V2LogEntryOperation added in v0.71.0

type V2LogEntryOperation struct {
	// First: Optional. Set this to True if this is the first log entry in the
	// operation.
	First bool `json:"first,omitempty"`
	// Id: Optional. An arbitrary operation identifier. Log entries with the same
	// identifier are assumed to be part of the same operation.
	Id string `json:"id,omitempty"`
	// Last: Optional. Set this to True if this is the last log entry in the
	// operation.
	Last bool `json:"last,omitempty"`
	// Producer: Optional. An arbitrary producer identifier. The combination of
	// `id` and `producer` must be globally unique. Examples for `producer`:
	// "MyDivision.MyBigCompany.com", "github.com/MyProject/MyApplication".
	Producer string `json:"producer,omitempty"`
	// ForceSendFields is a list of field names (e.g. "First") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "First") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

V2LogEntryOperation: Additional information about a potentially long-running operation with which a log entry is associated.

func (V2LogEntryOperation) MarshalJSON added in v0.71.0

func (s V2LogEntryOperation) MarshalJSON() ([]byte, error)

type V2LogEntrySourceLocation added in v0.71.0

type V2LogEntrySourceLocation struct {
	// File: Optional. Source file name. Depending on the runtime environment, this
	// might be a simple name or a fully-qualified name.
	File string `json:"file,omitempty"`
	// Function: Optional. Human-readable name of the function or method being
	// invoked, with optional context such as the class or package name. This
	// information may be used in contexts such as the logs viewer, where a file
	// and line number are less meaningful. The format can vary by language. For
	// example: `qual.if.ied.Class.method` (Java), `dir/package.func` (Go),
	// `function` (Python).
	Function string `json:"function,omitempty"`
	// Line: Optional. Line within the source file. 1-based; 0 indicates no line
	// number available.
	Line int64 `json:"line,omitempty,string"`
	// ForceSendFields is a list of field names (e.g. "File") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "File") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

V2LogEntrySourceLocation: Additional information about the source code location that produced the log entry.

func (V2LogEntrySourceLocation) MarshalJSON added in v0.71.0

func (s V2LogEntrySourceLocation) MarshalJSON() ([]byte, error)

type V2ResourceEvent added in v0.178.0

type V2ResourceEvent struct {
	// ContextId: The ESF unique context id of the api request, from which this
	// resource event originated. This field is only needed for CAIS integration
	// via api annotation. See go/cais-lro-delete for more details.
	ContextId int64 `json:"contextId,omitempty,string"`
	// Destinations: The destinations field determines which backend services
	// should handle the event. This should be specified as a comma-delimited
	// string.
	Destinations string `json:"destinations,omitempty"`
	// Parent: The parent resource for the resource.
	Parent *Resource `json:"parent,omitempty"`
	// Path: The api path the resource event was created in. This should match the
	// source of the `payload` field. For direct integrations with Chemist, this
	// should generally be the RESPONSE. go/resource-event-pipeline-type
	//
	// Possible values:
	//   "API_PATH_UNSPECIFIED" - Default value. Do not use.
	//   "REQUEST" - The request path.
	//   "RESPONSE" - The response path.
	Path string `json:"path,omitempty"`
	// Payload: The payload contains metadata associated with the resource event. A
	// ResourceEventPayloadStatus is provided instead if the original payload
	// cannot be returned due to a limitation (e.g. size limit).
	Payload googleapi.RawMessage `json:"payload,omitempty"`
	// Resource: The resource associated with the event.
	Resource *Resource `json:"resource,omitempty"`
	// Type: The resource event type determines how the backend service should
	// process the event.
	//
	// Possible values:
	//   "TYPE_UNSPECIFIED" - The resource event type is unclear. We do not expect
	// any events to fall into this category.
	//   "CREATE" - The resource is created/inserted.
	//   "UPDATE" - The resource is updated.
	//   "DELETE" - The resource is deleted.
	//   "UNDELETE" - The resource is un-deleted.
	Type string `json:"type,omitempty"`
	// ForceSendFields is a list of field names (e.g. "ContextId") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "ContextId") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

V2ResourceEvent: Report v2 extension proto for passing the resource metadata associated with a resource create/update/delete/undelete event from ESF to Chemist. ResourceEvent proto should be serialized into the ReportRequest.operations.extensions.

func (V2ResourceEvent) MarshalJSON added in v0.178.0

func (s V2ResourceEvent) MarshalJSON() ([]byte, error)

type ViolationInfo added in v0.74.0

type ViolationInfo struct {
	// CheckedValue: Optional. Value that is being checked for the policy. This
	// could be in encrypted form (if pii sensitive). This field will only be
	// emitted in LIST_POLICY types
	CheckedValue string `json:"checkedValue,omitempty"`
	// Constraint: Optional. Constraint name
	Constraint string `json:"constraint,omitempty"`
	// ErrorMessage: Optional. Error message that policy is indicating.
	ErrorMessage string `json:"errorMessage,omitempty"`
	// PolicyType: Optional. Indicates the type of the policy.
	//
	// Possible values:
	//   "POLICY_TYPE_UNSPECIFIED" - Default value. This value should not be used.
	//   "BOOLEAN_CONSTRAINT" - Indicates boolean policy constraint
	//   "LIST_CONSTRAINT" - Indicates list policy constraint
	//   "CUSTOM_CONSTRAINT" - Indicates custom policy constraint
	PolicyType string `json:"policyType,omitempty"`
	// ForceSendFields is a list of field names (e.g. "CheckedValue") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "CheckedValue") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ViolationInfo: Provides information about the Policy violation info for this request.

func (ViolationInfo) MarshalJSON added in v0.74.0

func (s ViolationInfo) MarshalJSON() ([]byte, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL