1// Copyright 2021 Google LLC. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5// Code generated file. DO NOT EDIT. 6 7// Package cloudasset provides access to the Cloud Asset API. 8// 9// For product documentation, see: https://cloud.google.com/asset-inventory/docs/quickstart 10// 11// Creating a client 12// 13// Usage example: 14// 15// import "google.golang.org/api/cloudasset/v1beta1" 16// ... 17// ctx := context.Background() 18// cloudassetService, err := cloudasset.NewService(ctx) 19// 20// In this example, Google Application Default Credentials are used for authentication. 21// 22// For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials. 23// 24// Other authentication options 25// 26// To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey: 27// 28// cloudassetService, err := cloudasset.NewService(ctx, option.WithAPIKey("AIza...")) 29// 30// To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource: 31// 32// config := &oauth2.Config{...} 33// // ... 34// token, err := config.Exchange(ctx, ...) 35// cloudassetService, err := cloudasset.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token))) 36// 37// See https://godoc.org/google.golang.org/api/option/ for details on options. 38package cloudasset // import "google.golang.org/api/cloudasset/v1beta1" 39 40import ( 41 "bytes" 42 "context" 43 "encoding/json" 44 "errors" 45 "fmt" 46 "io" 47 "net/http" 48 "net/url" 49 "strconv" 50 "strings" 51 52 googleapi "google.golang.org/api/googleapi" 53 gensupport "google.golang.org/api/internal/gensupport" 54 option "google.golang.org/api/option" 55 internaloption "google.golang.org/api/option/internaloption" 56 htransport "google.golang.org/api/transport/http" 57) 58 59// Always reference these packages, just in case the auto-generated code 60// below doesn't. 61var _ = bytes.NewBuffer 62var _ = strconv.Itoa 63var _ = fmt.Sprintf 64var _ = json.NewDecoder 65var _ = io.Copy 66var _ = url.Parse 67var _ = gensupport.MarshalJSON 68var _ = googleapi.Version 69var _ = errors.New 70var _ = strings.Replace 71var _ = context.Canceled 72var _ = internaloption.WithDefaultEndpoint 73 74const apiId = "cloudasset:v1beta1" 75const apiName = "cloudasset" 76const apiVersion = "v1beta1" 77const basePath = "https://cloudasset.googleapis.com/" 78const mtlsBasePath = "https://cloudasset.mtls.googleapis.com/" 79 80// OAuth2 scopes used by this API. 81const ( 82 // See, edit, configure, and delete your Google Cloud Platform data 83 CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform" 84) 85 86// NewService creates a new Service. 87func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) { 88 scopesOption := option.WithScopes( 89 "https://www.googleapis.com/auth/cloud-platform", 90 ) 91 // NOTE: prepend, so we don't override user-specified scopes. 92 opts = append([]option.ClientOption{scopesOption}, opts...) 93 opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) 94 opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) 95 client, endpoint, err := htransport.NewClient(ctx, opts...) 96 if err != nil { 97 return nil, err 98 } 99 s, err := New(client) 100 if err != nil { 101 return nil, err 102 } 103 if endpoint != "" { 104 s.BasePath = endpoint 105 } 106 return s, nil 107} 108 109// New creates a new Service. It uses the provided http.Client for requests. 110// 111// Deprecated: please use NewService instead. 112// To provide a custom HTTP client, use option.WithHTTPClient. 113// If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead. 114func New(client *http.Client) (*Service, error) { 115 if client == nil { 116 return nil, errors.New("client is nil") 117 } 118 s := &Service{client: client, BasePath: basePath} 119 s.Folders = NewFoldersService(s) 120 s.Organizations = NewOrganizationsService(s) 121 s.Projects = NewProjectsService(s) 122 return s, nil 123} 124 125type Service struct { 126 client *http.Client 127 BasePath string // API endpoint base URL 128 UserAgent string // optional additional User-Agent fragment 129 130 Folders *FoldersService 131 132 Organizations *OrganizationsService 133 134 Projects *ProjectsService 135} 136 137func (s *Service) userAgent() string { 138 if s.UserAgent == "" { 139 return googleapi.UserAgent 140 } 141 return googleapi.UserAgent + " " + s.UserAgent 142} 143 144func NewFoldersService(s *Service) *FoldersService { 145 rs := &FoldersService{s: s} 146 rs.Operations = NewFoldersOperationsService(s) 147 return rs 148} 149 150type FoldersService struct { 151 s *Service 152 153 Operations *FoldersOperationsService 154} 155 156func NewFoldersOperationsService(s *Service) *FoldersOperationsService { 157 rs := &FoldersOperationsService{s: s} 158 return rs 159} 160 161type FoldersOperationsService struct { 162 s *Service 163} 164 165func NewOrganizationsService(s *Service) *OrganizationsService { 166 rs := &OrganizationsService{s: s} 167 rs.Operations = NewOrganizationsOperationsService(s) 168 return rs 169} 170 171type OrganizationsService struct { 172 s *Service 173 174 Operations *OrganizationsOperationsService 175} 176 177func NewOrganizationsOperationsService(s *Service) *OrganizationsOperationsService { 178 rs := &OrganizationsOperationsService{s: s} 179 return rs 180} 181 182type OrganizationsOperationsService struct { 183 s *Service 184} 185 186func NewProjectsService(s *Service) *ProjectsService { 187 rs := &ProjectsService{s: s} 188 rs.Operations = NewProjectsOperationsService(s) 189 return rs 190} 191 192type ProjectsService struct { 193 s *Service 194 195 Operations *ProjectsOperationsService 196} 197 198func NewProjectsOperationsService(s *Service) *ProjectsOperationsService { 199 rs := &ProjectsOperationsService{s: s} 200 return rs 201} 202 203type ProjectsOperationsService struct { 204 s *Service 205} 206 207// AnalyzeIamPolicyLongrunningResponse: A response message for 208// AssetService.AnalyzeIamPolicyLongrunning. 209type AnalyzeIamPolicyLongrunningResponse struct { 210} 211 212// Asset: An asset in Google Cloud. An asset can be any resource in the 213// Google Cloud resource hierarchy 214// (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 215// a resource outside the Google Cloud resource hierarchy (such as 216// Google Kubernetes Engine clusters and objects), or a policy (e.g. 217// Cloud IAM policy). See Supported asset types 218// (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 219// for more information. 220type Asset struct { 221 // AccessLevel: Please also refer to the access level user guide 222 // (https://cloud.google.com/access-context-manager/docs/overview#access-levels). 223 AccessLevel *GoogleIdentityAccesscontextmanagerV1AccessLevel `json:"accessLevel,omitempty"` 224 225 // AccessPolicy: Please also refer to the access policy user guide 226 // (https://cloud.google.com/access-context-manager/docs/overview#access-policies). 227 AccessPolicy *GoogleIdentityAccesscontextmanagerV1AccessPolicy `json:"accessPolicy,omitempty"` 228 229 // AssetType: The type of the asset. Example: 230 // `compute.googleapis.com/Disk` See Supported asset types 231 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 232 // for more information. 233 AssetType string `json:"assetType,omitempty"` 234 235 // IamPolicy: A representation of the Cloud IAM policy set on a Google 236 // Cloud resource. There can be a maximum of one Cloud IAM policy set on 237 // any given resource. In addition, Cloud IAM policies inherit their 238 // granted access scope from any policies set on parent resources in the 239 // resource hierarchy. Therefore, the effectively policy is the union of 240 // both the policy set on this resource and each policy set on all of 241 // the resource's ancestry resource levels in the hierarchy. See this 242 // topic (https://cloud.google.com/iam/docs/policies#inheritance) for 243 // more information. 244 IamPolicy *Policy `json:"iamPolicy,omitempty"` 245 246 // Name: The full name of the asset. Example: 247 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 248 // s/instance1` See Resource names 249 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) 250 // for more information. 251 Name string `json:"name,omitempty"` 252 253 // OrgPolicy: A representation of an organization policy 254 // (https://cloud.google.com/resource-manager/docs/organization-policy/overview#organization_policy). 255 // There can be more than one organization policy with different 256 // constraints set on a given resource. 257 OrgPolicy []*GoogleCloudOrgpolicyV1Policy `json:"orgPolicy,omitempty"` 258 259 // Resource: A representation of the resource. 260 Resource *Resource `json:"resource,omitempty"` 261 262 // ServicePerimeter: Please also refer to the service perimeter user 263 // guide (https://cloud.google.com/vpc-service-controls/docs/overview). 264 ServicePerimeter *GoogleIdentityAccesscontextmanagerV1ServicePerimeter `json:"servicePerimeter,omitempty"` 265 266 // ForceSendFields is a list of field names (e.g. "AccessLevel") to 267 // unconditionally include in API requests. By default, fields with 268 // empty values are omitted from API requests. However, any non-pointer, 269 // non-interface field appearing in ForceSendFields will be sent to the 270 // server regardless of whether the field is empty or not. This may be 271 // used to include empty fields in Patch requests. 272 ForceSendFields []string `json:"-"` 273 274 // NullFields is a list of field names (e.g. "AccessLevel") to include 275 // in API requests with the JSON null value. By default, fields with 276 // empty values are omitted from API requests. However, any field with 277 // an empty value appearing in NullFields will be sent to the server as 278 // null. It is an error if a field in this list has a non-empty value. 279 // This may be used to include null fields in Patch requests. 280 NullFields []string `json:"-"` 281} 282 283func (s *Asset) MarshalJSON() ([]byte, error) { 284 type NoMethod Asset 285 raw := NoMethod(*s) 286 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 287} 288 289// AuditConfig: Specifies the audit configuration for a service. The 290// configuration determines which permission types are logged, and what 291// identities, if any, are exempted from logging. An AuditConfig must 292// have one or more AuditLogConfigs. If there are AuditConfigs for both 293// `allServices` and a specific service, the union of the two 294// AuditConfigs is used for that service: the log_types specified in 295// each AuditConfig are enabled, and the exempted_members in each 296// AuditLogConfig are exempted. Example Policy with multiple 297// AuditConfigs: { "audit_configs": [ { "service": "allServices", 298// "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": 299// [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { 300// "log_type": "ADMIN_READ" } ] }, { "service": 301// "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": 302// "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ 303// "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy 304// enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts 305// jose@example.com from DATA_READ logging, and aliya@example.com from 306// DATA_WRITE logging. 307type AuditConfig struct { 308 // AuditLogConfigs: The configuration for logging of each type of 309 // permission. 310 AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"` 311 312 // Service: Specifies a service that will be enabled for audit logging. 313 // For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 314 // `allServices` is a special value that covers all services. 315 Service string `json:"service,omitempty"` 316 317 // ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to 318 // unconditionally include in API requests. By default, fields with 319 // empty values are omitted from API requests. However, any non-pointer, 320 // non-interface field appearing in ForceSendFields will be sent to the 321 // server regardless of whether the field is empty or not. This may be 322 // used to include empty fields in Patch requests. 323 ForceSendFields []string `json:"-"` 324 325 // NullFields is a list of field names (e.g. "AuditLogConfigs") to 326 // include in API requests with the JSON null value. By default, fields 327 // with empty values are omitted from API requests. However, any field 328 // with an empty value appearing in NullFields will be sent to the 329 // server as null. It is an error if a field in this list has a 330 // non-empty value. This may be used to include null fields in Patch 331 // requests. 332 NullFields []string `json:"-"` 333} 334 335func (s *AuditConfig) MarshalJSON() ([]byte, error) { 336 type NoMethod AuditConfig 337 raw := NoMethod(*s) 338 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 339} 340 341// AuditLogConfig: Provides the configuration for logging a type of 342// permissions. Example: { "audit_log_configs": [ { "log_type": 343// "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { 344// "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 345// 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ 346// logging. 347type AuditLogConfig struct { 348 // ExemptedMembers: Specifies the identities that do not cause logging 349 // for this type of permission. Follows the same format of 350 // Binding.members. 351 ExemptedMembers []string `json:"exemptedMembers,omitempty"` 352 353 // LogType: The log type that this config enables. 354 // 355 // Possible values: 356 // "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this. 357 // "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy 358 // "DATA_WRITE" - Data writes. Example: CloudSQL Users create 359 // "DATA_READ" - Data reads. Example: CloudSQL Users list 360 LogType string `json:"logType,omitempty"` 361 362 // ForceSendFields is a list of field names (e.g. "ExemptedMembers") to 363 // unconditionally include in API requests. By default, fields with 364 // empty values are omitted from API requests. However, any non-pointer, 365 // non-interface field appearing in ForceSendFields will be sent to the 366 // server regardless of whether the field is empty or not. This may be 367 // used to include empty fields in Patch requests. 368 ForceSendFields []string `json:"-"` 369 370 // NullFields is a list of field names (e.g. "ExemptedMembers") to 371 // include in API requests with the JSON null value. By default, fields 372 // with empty values are omitted from API requests. However, any field 373 // with an empty value appearing in NullFields will be sent to the 374 // server as null. It is an error if a field in this list has a 375 // non-empty value. This may be used to include null fields in Patch 376 // requests. 377 NullFields []string `json:"-"` 378} 379 380func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { 381 type NoMethod AuditLogConfig 382 raw := NoMethod(*s) 383 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 384} 385 386// BatchGetAssetsHistoryResponse: Batch get assets history response. 387type BatchGetAssetsHistoryResponse struct { 388 // Assets: A list of assets with valid time windows. 389 Assets []*TemporalAsset `json:"assets,omitempty"` 390 391 // ServerResponse contains the HTTP response code and headers from the 392 // server. 393 googleapi.ServerResponse `json:"-"` 394 395 // ForceSendFields is a list of field names (e.g. "Assets") to 396 // unconditionally include in API requests. By default, fields with 397 // empty values are omitted from API requests. However, any non-pointer, 398 // non-interface field appearing in ForceSendFields will be sent to the 399 // server regardless of whether the field is empty or not. This may be 400 // used to include empty fields in Patch requests. 401 ForceSendFields []string `json:"-"` 402 403 // NullFields is a list of field names (e.g. "Assets") to include in API 404 // requests with the JSON null value. By default, fields with empty 405 // values are omitted from API requests. However, any field with an 406 // empty value appearing in NullFields will be sent to the server as 407 // null. It is an error if a field in this list has a non-empty value. 408 // This may be used to include null fields in Patch requests. 409 NullFields []string `json:"-"` 410} 411 412func (s *BatchGetAssetsHistoryResponse) MarshalJSON() ([]byte, error) { 413 type NoMethod BatchGetAssetsHistoryResponse 414 raw := NoMethod(*s) 415 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 416} 417 418// Binding: Associates `members` with a `role`. 419type Binding struct { 420 // Condition: The condition that is associated with this binding. If the 421 // condition evaluates to `true`, then this binding applies to the 422 // current request. If the condition evaluates to `false`, then this 423 // binding does not apply to the current request. However, a different 424 // role binding might grant the same role to one or more of the members 425 // in this binding. To learn which resources support conditions in their 426 // IAM policies, see the IAM documentation 427 // (https://cloud.google.com/iam/help/conditions/resource-policies). 428 Condition *Expr `json:"condition,omitempty"` 429 430 // Members: Specifies the identities requesting access for a Cloud 431 // Platform resource. `members` can have the following values: * 432 // `allUsers`: A special identifier that represents anyone who is on the 433 // internet; with or without a Google account. * 434 // `allAuthenticatedUsers`: A special identifier that represents anyone 435 // who is authenticated with a Google account or a service account. * 436 // `user:{emailid}`: An email address that represents a specific Google 437 // account. For example, `alice@example.com` . * 438 // `serviceAccount:{emailid}`: An email address that represents a 439 // service account. For example, 440 // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An 441 // email address that represents a Google group. For example, 442 // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An 443 // email address (plus unique identifier) representing a user that has 444 // been recently deleted. For example, 445 // `alice@example.com?uid=123456789012345678901`. If the user is 446 // recovered, this value reverts to `user:{emailid}` and the recovered 447 // user retains the role in the binding. * 448 // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address 449 // (plus unique identifier) representing a service account that has been 450 // recently deleted. For example, 451 // `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. 452 // If the service account is undeleted, this value reverts to 453 // `serviceAccount:{emailid}` and the undeleted service account retains 454 // the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: 455 // An email address (plus unique identifier) representing a Google group 456 // that has been recently deleted. For example, 457 // `admins@example.com?uid=123456789012345678901`. If the group is 458 // recovered, this value reverts to `group:{emailid}` and the recovered 459 // group retains the role in the binding. * `domain:{domain}`: The G 460 // Suite domain (primary) that represents all the users of that domain. 461 // For example, `google.com` or `example.com`. 462 Members []string `json:"members,omitempty"` 463 464 // Role: Role that is assigned to `members`. For example, 465 // `roles/viewer`, `roles/editor`, or `roles/owner`. 466 Role string `json:"role,omitempty"` 467 468 // ForceSendFields is a list of field names (e.g. "Condition") to 469 // unconditionally include in API requests. By default, fields with 470 // empty values are omitted from API requests. However, any non-pointer, 471 // non-interface field appearing in ForceSendFields will be sent to the 472 // server regardless of whether the field is empty or not. This may be 473 // used to include empty fields in Patch requests. 474 ForceSendFields []string `json:"-"` 475 476 // NullFields is a list of field names (e.g. "Condition") to include in 477 // API requests with the JSON null value. By default, fields with empty 478 // values are omitted from API requests. However, any field with an 479 // empty value appearing in NullFields will be sent to the server as 480 // null. It is an error if a field in this list has a non-empty value. 481 // This may be used to include null fields in Patch requests. 482 NullFields []string `json:"-"` 483} 484 485func (s *Binding) MarshalJSON() ([]byte, error) { 486 type NoMethod Binding 487 raw := NoMethod(*s) 488 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 489} 490 491// ExportAssetsRequest: Export asset request. 492type ExportAssetsRequest struct { 493 // AssetTypes: A list of asset types of which to take a snapshot for. 494 // For example: "google.compute.Disk". If specified, only matching 495 // assets will be returned. See Introduction to Cloud Asset Inventory 496 // (https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/overview) 497 // for all supported asset types. 498 AssetTypes []string `json:"assetTypes,omitempty"` 499 500 // ContentType: Asset content type. If not specified, no content but the 501 // asset name will be returned. 502 // 503 // Possible values: 504 // "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. 505 // "RESOURCE" - Resource metadata. 506 // "IAM_POLICY" - The actual IAM policy set on a resource. 507 ContentType string `json:"contentType,omitempty"` 508 509 // OutputConfig: Required. Output configuration indicating where the 510 // results will be output to. All results will be in newline delimited 511 // JSON format. 512 OutputConfig *OutputConfig `json:"outputConfig,omitempty"` 513 514 // ReadTime: Timestamp to take an asset snapshot. This can only be set 515 // to a timestamp between 2018-10-02 UTC (inclusive) and the current 516 // time. If not specified, the current time will be used. Due to delays 517 // in resource data collection and indexing, there is a volatile window 518 // during which running the same query may get different results. 519 ReadTime string `json:"readTime,omitempty"` 520 521 // ForceSendFields is a list of field names (e.g. "AssetTypes") to 522 // unconditionally include in API requests. By default, fields with 523 // empty values are omitted from API requests. However, any non-pointer, 524 // non-interface field appearing in ForceSendFields will be sent to the 525 // server regardless of whether the field is empty or not. This may be 526 // used to include empty fields in Patch requests. 527 ForceSendFields []string `json:"-"` 528 529 // NullFields is a list of field names (e.g. "AssetTypes") to include in 530 // API requests with the JSON null value. By default, fields with empty 531 // values are omitted from API requests. However, any field with an 532 // empty value appearing in NullFields will be sent to the server as 533 // null. It is an error if a field in this list has a non-empty value. 534 // This may be used to include null fields in Patch requests. 535 NullFields []string `json:"-"` 536} 537 538func (s *ExportAssetsRequest) MarshalJSON() ([]byte, error) { 539 type NoMethod ExportAssetsRequest 540 raw := NoMethod(*s) 541 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 542} 543 544// Expr: Represents a textual expression in the Common Expression 545// Language (CEL) syntax. CEL is a C-like expression language. The 546// syntax and semantics of CEL are documented at 547// https://github.com/google/cel-spec. Example (Comparison): title: 548// "Summary size limit" description: "Determines if a summary is less 549// than 100 chars" expression: "document.summary.size() < 100" Example 550// (Equality): title: "Requestor is owner" description: "Determines if 551// requestor is the document owner" expression: "document.owner == 552// request.auth.claims.email" Example (Logic): title: "Public documents" 553// description: "Determine whether the document should be publicly 554// visible" expression: "document.type != 'private' && document.type != 555// 'internal'" Example (Data Manipulation): title: "Notification string" 556// description: "Create a notification string with a timestamp." 557// expression: "'New message received at ' + 558// string(document.create_time)" The exact variables and functions that 559// may be referenced within an expression are determined by the service 560// that evaluates it. See the service documentation for additional 561// information. 562type Expr struct { 563 // Description: Optional. Description of the expression. This is a 564 // longer text which describes the expression, e.g. when hovered over it 565 // in a UI. 566 Description string `json:"description,omitempty"` 567 568 // Expression: Textual representation of an expression in Common 569 // Expression Language syntax. 570 Expression string `json:"expression,omitempty"` 571 572 // Location: Optional. String indicating the location of the expression 573 // for error reporting, e.g. a file name and a position in the file. 574 Location string `json:"location,omitempty"` 575 576 // Title: Optional. Title for the expression, i.e. a short string 577 // describing its purpose. This can be used e.g. in UIs which allow to 578 // enter the expression. 579 Title string `json:"title,omitempty"` 580 581 // ForceSendFields is a list of field names (e.g. "Description") to 582 // unconditionally include in API requests. By default, fields with 583 // empty values are omitted from API requests. However, any non-pointer, 584 // non-interface field appearing in ForceSendFields will be sent to the 585 // server regardless of whether the field is empty or not. This may be 586 // used to include empty fields in Patch requests. 587 ForceSendFields []string `json:"-"` 588 589 // NullFields is a list of field names (e.g. "Description") to include 590 // in API requests with the JSON null value. By default, fields with 591 // empty values are omitted from API requests. However, any field with 592 // an empty value appearing in NullFields will be sent to the server as 593 // null. It is an error if a field in this list has a non-empty value. 594 // This may be used to include null fields in Patch requests. 595 NullFields []string `json:"-"` 596} 597 598func (s *Expr) MarshalJSON() ([]byte, error) { 599 type NoMethod Expr 600 raw := NoMethod(*s) 601 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 602} 603 604// GcsDestination: A Cloud Storage location. 605type GcsDestination struct { 606 // Uri: The uri of the Cloud Storage object. It's the same uri that is 607 // used by gsutil. For example: "gs://bucket_name/object_name". See 608 // Viewing and Editing Object Metadata 609 // (https://cloud.google.com/storage/docs/viewing-editing-metadata) for 610 // more information. 611 Uri string `json:"uri,omitempty"` 612 613 // UriPrefix: The uri prefix of all generated Cloud Storage objects. For 614 // example: "gs://bucket_name/object_name_prefix". Each object uri is in 615 // format: "gs://bucket_name/object_name_prefix// and only contains 616 // assets for that type. starts from 0. For example: 617 // "gs://bucket_name/object_name_prefix/google.compute.disk/0" is the 618 // first shard of output objects containing all google.compute.disk 619 // assets. An INVALID_ARGUMENT error will be returned if file with the 620 // same name "gs://bucket_name/object_name_prefix" already exists. 621 UriPrefix string `json:"uriPrefix,omitempty"` 622 623 // ForceSendFields is a list of field names (e.g. "Uri") to 624 // unconditionally include in API requests. By default, fields with 625 // empty values are omitted from API requests. However, any non-pointer, 626 // non-interface field appearing in ForceSendFields will be sent to the 627 // server regardless of whether the field is empty or not. This may be 628 // used to include empty fields in Patch requests. 629 ForceSendFields []string `json:"-"` 630 631 // NullFields is a list of field names (e.g. "Uri") to include in API 632 // requests with the JSON null value. By default, fields with empty 633 // values are omitted from API requests. However, any field with an 634 // empty value appearing in NullFields will be sent to the server as 635 // null. It is an error if a field in this list has a non-empty value. 636 // This may be used to include null fields in Patch requests. 637 NullFields []string `json:"-"` 638} 639 640func (s *GcsDestination) MarshalJSON() ([]byte, error) { 641 type NoMethod GcsDestination 642 raw := NoMethod(*s) 643 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 644} 645 646// GoogleCloudAssetV1p7beta1Asset: An asset in Google Cloud. An asset 647// can be any resource in the Google Cloud resource hierarchy 648// (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 649// a resource outside the Google Cloud resource hierarchy (such as 650// Google Kubernetes Engine clusters and objects), or a policy (e.g. 651// Cloud IAM policy). See Supported asset types 652// (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 653// for more information. 654type GoogleCloudAssetV1p7beta1Asset struct { 655 // AccessLevel: Please also refer to the access level user guide 656 // (https://cloud.google.com/access-context-manager/docs/overview#access-levels). 657 AccessLevel *GoogleIdentityAccesscontextmanagerV1AccessLevel `json:"accessLevel,omitempty"` 658 659 // AccessPolicy: Please also refer to the access policy user guide 660 // (https://cloud.google.com/access-context-manager/docs/overview#access-policies). 661 AccessPolicy *GoogleIdentityAccesscontextmanagerV1AccessPolicy `json:"accessPolicy,omitempty"` 662 663 // Ancestors: The ancestry path of an asset in Google Cloud resource 664 // hierarchy 665 // (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 666 // represented as a list of relative resource names. An ancestry path 667 // starts with the closest ancestor in the hierarchy and ends at root. 668 // If the asset is a project, folder, or organization, the ancestry path 669 // starts from the asset itself. Example: `["projects/123456789", 670 // "folders/5432", "organizations/1234"]` 671 Ancestors []string `json:"ancestors,omitempty"` 672 673 // AssetType: The type of the asset. Example: 674 // `compute.googleapis.com/Disk` See Supported asset types 675 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 676 // for more information. 677 AssetType string `json:"assetType,omitempty"` 678 679 // IamPolicy: A representation of the Cloud IAM policy set on a Google 680 // Cloud resource. There can be a maximum of one Cloud IAM policy set on 681 // any given resource. In addition, Cloud IAM policies inherit their 682 // granted access scope from any policies set on parent resources in the 683 // resource hierarchy. Therefore, the effectively policy is the union of 684 // both the policy set on this resource and each policy set on all of 685 // the resource's ancestry resource levels in the hierarchy. See this 686 // topic (https://cloud.google.com/iam/docs/policies#inheritance) for 687 // more information. 688 IamPolicy *Policy `json:"iamPolicy,omitempty"` 689 690 // Name: The full name of the asset. Example: 691 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 692 // s/instance1` See Resource names 693 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) 694 // for more information. 695 Name string `json:"name,omitempty"` 696 697 // OrgPolicy: A representation of an organization policy 698 // (https://cloud.google.com/resource-manager/docs/organization-policy/overview#organization_policy). 699 // There can be more than one organization policy with different 700 // constraints set on a given resource. 701 OrgPolicy []*GoogleCloudOrgpolicyV1Policy `json:"orgPolicy,omitempty"` 702 703 // RelatedAssets: The related assets of the asset of one relationship 704 // type. One asset only represents one type of relationship. 705 RelatedAssets *GoogleCloudAssetV1p7beta1RelatedAssets `json:"relatedAssets,omitempty"` 706 707 // Resource: A representation of the resource. 708 Resource *GoogleCloudAssetV1p7beta1Resource `json:"resource,omitempty"` 709 710 // ServicePerimeter: Please also refer to the service perimeter user 711 // guide (https://cloud.google.com/vpc-service-controls/docs/overview). 712 ServicePerimeter *GoogleIdentityAccesscontextmanagerV1ServicePerimeter `json:"servicePerimeter,omitempty"` 713 714 // UpdateTime: The last update timestamp of an asset. update_time is 715 // updated when create/update/delete operation is performed. 716 UpdateTime string `json:"updateTime,omitempty"` 717 718 // ForceSendFields is a list of field names (e.g. "AccessLevel") to 719 // unconditionally include in API requests. By default, fields with 720 // empty values are omitted from API requests. However, any non-pointer, 721 // non-interface field appearing in ForceSendFields will be sent to the 722 // server regardless of whether the field is empty or not. This may be 723 // used to include empty fields in Patch requests. 724 ForceSendFields []string `json:"-"` 725 726 // NullFields is a list of field names (e.g. "AccessLevel") to include 727 // in API requests with the JSON null value. By default, fields with 728 // empty values are omitted from API requests. However, any field with 729 // an empty value appearing in NullFields will be sent to the server as 730 // null. It is an error if a field in this list has a non-empty value. 731 // This may be used to include null fields in Patch requests. 732 NullFields []string `json:"-"` 733} 734 735func (s *GoogleCloudAssetV1p7beta1Asset) MarshalJSON() ([]byte, error) { 736 type NoMethod GoogleCloudAssetV1p7beta1Asset 737 raw := NoMethod(*s) 738 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 739} 740 741// GoogleCloudAssetV1p7beta1RelatedAsset: An asset identify in Google 742// Cloud which contains its name, type and ancestors. An asset can be 743// any resource in the Google Cloud resource hierarchy 744// (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 745// a resource outside the Google Cloud resource hierarchy (such as 746// Google Kubernetes Engine clusters and objects), or a policy (e.g. 747// Cloud IAM policy). See Supported asset types 748// (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 749// for more information. 750type GoogleCloudAssetV1p7beta1RelatedAsset struct { 751 // Ancestors: The ancestors of an asset in Google Cloud resource 752 // hierarchy 753 // (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 754 // represented as a list of relative resource names. An ancestry path 755 // starts with the closest ancestor in the hierarchy and ends at root. 756 // Example: `["projects/123456789", "folders/5432", 757 // "organizations/1234"]` 758 Ancestors []string `json:"ancestors,omitempty"` 759 760 // Asset: The full name of the asset. Example: 761 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 762 // s/instance1` See Resource names 763 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) 764 // for more information. 765 Asset string `json:"asset,omitempty"` 766 767 // AssetType: The type of the asset. Example: 768 // `compute.googleapis.com/Disk` See Supported asset types 769 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 770 // for more information. 771 AssetType string `json:"assetType,omitempty"` 772 773 // ForceSendFields is a list of field names (e.g. "Ancestors") to 774 // unconditionally include in API requests. By default, fields with 775 // empty values are omitted from API requests. However, any non-pointer, 776 // non-interface field appearing in ForceSendFields will be sent to the 777 // server regardless of whether the field is empty or not. This may be 778 // used to include empty fields in Patch requests. 779 ForceSendFields []string `json:"-"` 780 781 // NullFields is a list of field names (e.g. "Ancestors") to include in 782 // API requests with the JSON null value. By default, fields with empty 783 // values are omitted from API requests. However, any field with an 784 // empty value appearing in NullFields will be sent to the server as 785 // null. It is an error if a field in this list has a non-empty value. 786 // This may be used to include null fields in Patch requests. 787 NullFields []string `json:"-"` 788} 789 790func (s *GoogleCloudAssetV1p7beta1RelatedAsset) MarshalJSON() ([]byte, error) { 791 type NoMethod GoogleCloudAssetV1p7beta1RelatedAsset 792 raw := NoMethod(*s) 793 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 794} 795 796// GoogleCloudAssetV1p7beta1RelatedAssets: The detailed related assets 797// with the `relationship_type`. 798type GoogleCloudAssetV1p7beta1RelatedAssets struct { 799 // Assets: The peer resources of the relationship. 800 Assets []*GoogleCloudAssetV1p7beta1RelatedAsset `json:"assets,omitempty"` 801 802 // RelationshipAttributes: The detailed relation attributes. 803 RelationshipAttributes *GoogleCloudAssetV1p7beta1RelationshipAttributes `json:"relationshipAttributes,omitempty"` 804 805 // ForceSendFields is a list of field names (e.g. "Assets") to 806 // unconditionally include in API requests. By default, fields with 807 // empty values are omitted from API requests. However, any non-pointer, 808 // non-interface field appearing in ForceSendFields will be sent to the 809 // server regardless of whether the field is empty or not. This may be 810 // used to include empty fields in Patch requests. 811 ForceSendFields []string `json:"-"` 812 813 // NullFields is a list of field names (e.g. "Assets") to include in API 814 // requests with the JSON null value. By default, fields with empty 815 // values are omitted from API requests. However, any field with an 816 // empty value appearing in NullFields will be sent to the server as 817 // null. It is an error if a field in this list has a non-empty value. 818 // This may be used to include null fields in Patch requests. 819 NullFields []string `json:"-"` 820} 821 822func (s *GoogleCloudAssetV1p7beta1RelatedAssets) MarshalJSON() ([]byte, error) { 823 type NoMethod GoogleCloudAssetV1p7beta1RelatedAssets 824 raw := NoMethod(*s) 825 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 826} 827 828// GoogleCloudAssetV1p7beta1RelationshipAttributes: The relationship 829// attributes which include `type`, `source_resource_type`, 830// `target_resource_type` and `action`. 831type GoogleCloudAssetV1p7beta1RelationshipAttributes struct { 832 // Action: The detail of the relationship, e.g. `contains`, `attaches` 833 Action string `json:"action,omitempty"` 834 835 // SourceResourceType: The source asset type. Example: 836 // `compute.googleapis.com/Instance` 837 SourceResourceType string `json:"sourceResourceType,omitempty"` 838 839 // TargetResourceType: The target asset type. Example: 840 // `compute.googleapis.com/Disk` 841 TargetResourceType string `json:"targetResourceType,omitempty"` 842 843 // Type: The unique identifier of the relationship type. Example: 844 // `INSTANCE_TO_INSTANCEGROUP` 845 Type string `json:"type,omitempty"` 846 847 // ForceSendFields is a list of field names (e.g. "Action") to 848 // unconditionally include in API requests. By default, fields with 849 // empty values are omitted from API requests. However, any non-pointer, 850 // non-interface field appearing in ForceSendFields will be sent to the 851 // server regardless of whether the field is empty or not. This may be 852 // used to include empty fields in Patch requests. 853 ForceSendFields []string `json:"-"` 854 855 // NullFields is a list of field names (e.g. "Action") to include in API 856 // requests with the JSON null value. By default, fields with empty 857 // values are omitted from API requests. However, any field with an 858 // empty value appearing in NullFields will be sent to the server as 859 // null. It is an error if a field in this list has a non-empty value. 860 // This may be used to include null fields in Patch requests. 861 NullFields []string `json:"-"` 862} 863 864func (s *GoogleCloudAssetV1p7beta1RelationshipAttributes) MarshalJSON() ([]byte, error) { 865 type NoMethod GoogleCloudAssetV1p7beta1RelationshipAttributes 866 raw := NoMethod(*s) 867 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 868} 869 870// GoogleCloudAssetV1p7beta1Resource: A representation of a Google Cloud 871// resource. 872type GoogleCloudAssetV1p7beta1Resource struct { 873 // Data: The content of the resource, in which some sensitive fields are 874 // removed and may not be present. 875 Data googleapi.RawMessage `json:"data,omitempty"` 876 877 // DiscoveryDocumentUri: The URL of the discovery document containing 878 // the resource's JSON schema. Example: 879 // `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` This 880 // value is unspecified for resources that do not have an API based on a 881 // discovery document, such as Cloud Bigtable. 882 DiscoveryDocumentUri string `json:"discoveryDocumentUri,omitempty"` 883 884 // DiscoveryName: The JSON schema name listed in the discovery document. 885 // Example: `Project` This value is unspecified for resources that do 886 // not have an API based on a discovery document, such as Cloud 887 // Bigtable. 888 DiscoveryName string `json:"discoveryName,omitempty"` 889 890 // Location: The location of the resource in Google Cloud, such as its 891 // zone and region. For more information, see 892 // https://cloud.google.com/about/locations/. 893 Location string `json:"location,omitempty"` 894 895 // Parent: The full name of the immediate parent of this resource. See 896 // Resource Names 897 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) 898 // for more information. For Google Cloud assets, this value is the 899 // parent resource defined in the Cloud IAM policy hierarchy 900 // (https://cloud.google.com/iam/docs/overview#policy_hierarchy). 901 // Example: 902 // `//cloudresourcemanager.googleapis.com/projects/my_project_123` For 903 // third-party assets, this field may be set differently. 904 Parent string `json:"parent,omitempty"` 905 906 // ResourceUrl: The REST URL for accessing the resource. An HTTP `GET` 907 // request using this URL returns the resource itself. Example: 908 // `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-12 909 // 3` This value is unspecified for resources without a REST API. 910 ResourceUrl string `json:"resourceUrl,omitempty"` 911 912 // Version: The API version. Example: `v1` 913 Version string `json:"version,omitempty"` 914 915 // ForceSendFields is a list of field names (e.g. "Data") to 916 // unconditionally include in API requests. By default, fields with 917 // empty values are omitted from API requests. However, any non-pointer, 918 // non-interface field appearing in ForceSendFields will be sent to the 919 // server regardless of whether the field is empty or not. This may be 920 // used to include empty fields in Patch requests. 921 ForceSendFields []string `json:"-"` 922 923 // NullFields is a list of field names (e.g. "Data") to include in API 924 // requests with the JSON null value. By default, fields with empty 925 // values are omitted from API requests. However, any field with an 926 // empty value appearing in NullFields will be sent to the server as 927 // null. It is an error if a field in this list has a non-empty value. 928 // This may be used to include null fields in Patch requests. 929 NullFields []string `json:"-"` 930} 931 932func (s *GoogleCloudAssetV1p7beta1Resource) MarshalJSON() ([]byte, error) { 933 type NoMethod GoogleCloudAssetV1p7beta1Resource 934 raw := NoMethod(*s) 935 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 936} 937 938// GoogleCloudOrgpolicyV1BooleanPolicy: Used in `policy_type` to specify 939// how `boolean_policy` will behave at this resource. 940type GoogleCloudOrgpolicyV1BooleanPolicy struct { 941 // Enforced: If `true`, then the `Policy` is enforced. If `false`, then 942 // any configuration is acceptable. Suppose you have a `Constraint` 943 // `constraints/compute.disableSerialPortAccess` with 944 // `constraint_default` set to `ALLOW`. A `Policy` for that `Constraint` 945 // exhibits the following behavior: - If the `Policy` at this resource 946 // has enforced set to `false`, serial port connection attempts will be 947 // allowed. - If the `Policy` at this resource has enforced set to 948 // `true`, serial port connection attempts will be refused. - If the 949 // `Policy` at this resource is `RestoreDefault`, serial port connection 950 // attempts will be allowed. - If no `Policy` is set at this resource or 951 // anywhere higher in the resource hierarchy, serial port connection 952 // attempts will be allowed. - If no `Policy` is set at this resource, 953 // but one exists higher in the resource hierarchy, the behavior is as 954 // if the`Policy` were set at this resource. The following examples 955 // demonstrate the different possible layerings: Example 1 (nearest 956 // `Constraint` wins): `organizations/foo` has a `Policy` with: 957 // {enforced: false} `projects/bar` has no `Policy` set. The constraint 958 // at `projects/bar` and `organizations/foo` will not be enforced. 959 // Example 2 (enforcement gets replaced): `organizations/foo` has a 960 // `Policy` with: {enforced: false} `projects/bar` has a `Policy` with: 961 // {enforced: true} The constraint at `organizations/foo` is not 962 // enforced. The constraint at `projects/bar` is enforced. Example 3 963 // (RestoreDefault): `organizations/foo` has a `Policy` with: {enforced: 964 // true} `projects/bar` has a `Policy` with: {RestoreDefault: {}} The 965 // constraint at `organizations/foo` is enforced. The constraint at 966 // `projects/bar` is not enforced, because `constraint_default` for the 967 // `Constraint` is `ALLOW`. 968 Enforced bool `json:"enforced,omitempty"` 969 970 // ForceSendFields is a list of field names (e.g. "Enforced") to 971 // unconditionally include in API requests. By default, fields with 972 // empty values are omitted from API requests. However, any non-pointer, 973 // non-interface field appearing in ForceSendFields will be sent to the 974 // server regardless of whether the field is empty or not. This may be 975 // used to include empty fields in Patch requests. 976 ForceSendFields []string `json:"-"` 977 978 // NullFields is a list of field names (e.g. "Enforced") to include in 979 // API requests with the JSON null value. By default, fields with empty 980 // values are omitted from API requests. However, any field with an 981 // empty value appearing in NullFields will be sent to the server as 982 // null. It is an error if a field in this list has a non-empty value. 983 // This may be used to include null fields in Patch requests. 984 NullFields []string `json:"-"` 985} 986 987func (s *GoogleCloudOrgpolicyV1BooleanPolicy) MarshalJSON() ([]byte, error) { 988 type NoMethod GoogleCloudOrgpolicyV1BooleanPolicy 989 raw := NoMethod(*s) 990 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 991} 992 993// GoogleCloudOrgpolicyV1ListPolicy: Used in `policy_type` to specify 994// how `list_policy` behaves at this resource. `ListPolicy` can define 995// specific values and subtrees of Cloud Resource Manager resource 996// hierarchy (`Organizations`, `Folders`, `Projects`) that are allowed 997// or denied by setting the `allowed_values` and `denied_values` fields. 998// This is achieved by using the `under:` and optional `is:` prefixes. 999// The `under:` prefix is used to denote resource subtree values. The 1000// `is:` prefix is used to denote specific values, and is required only 1001// if the value contains a ":". Values prefixed with "is:" are treated 1002// the same as values with no prefix. Ancestry subtrees must be in one 1003// of the following formats: - "projects/", e.g. 1004// "projects/tokyo-rain-123" - "folders/", e.g. "folders/1234" - 1005// "organizations/", e.g. "organizations/1234" The `supports_under` 1006// field of the associated `Constraint` defines whether ancestry 1007// prefixes can be used. You can set `allowed_values` and 1008// `denied_values` in the same `Policy` if `all_values` is 1009// `ALL_VALUES_UNSPECIFIED`. `ALLOW` or `DENY` are used to allow or deny 1010// all values. If `all_values` is set to either `ALLOW` or `DENY`, 1011// `allowed_values` and `denied_values` must be unset. 1012type GoogleCloudOrgpolicyV1ListPolicy struct { 1013 // AllValues: The policy all_values state. 1014 // 1015 // Possible values: 1016 // "ALL_VALUES_UNSPECIFIED" - Indicates that allowed_values or 1017 // denied_values must be set. 1018 // "ALLOW" - A policy with this set allows all values. 1019 // "DENY" - A policy with this set denies all values. 1020 AllValues string `json:"allValues,omitempty"` 1021 1022 // AllowedValues: List of values allowed at this resource. Can only be 1023 // set if `all_values` is set to `ALL_VALUES_UNSPECIFIED`. 1024 AllowedValues []string `json:"allowedValues,omitempty"` 1025 1026 // DeniedValues: List of values denied at this resource. Can only be set 1027 // if `all_values` is set to `ALL_VALUES_UNSPECIFIED`. 1028 DeniedValues []string `json:"deniedValues,omitempty"` 1029 1030 // InheritFromParent: Determines the inheritance behavior for this 1031 // `Policy`. By default, a `ListPolicy` set at a resource supersedes any 1032 // `Policy` set anywhere up the resource hierarchy. However, if 1033 // `inherit_from_parent` is set to `true`, then the values from the 1034 // effective `Policy` of the parent resource are inherited, meaning the 1035 // values set in this `Policy` are added to the values inherited up the 1036 // hierarchy. Setting `Policy` hierarchies that inherit both allowed 1037 // values and denied values isn't recommended in most circumstances to 1038 // keep the configuration simple and understandable. However, it is 1039 // possible to set a `Policy` with `allowed_values` set that inherits a 1040 // `Policy` with `denied_values` set. In this case, the values that are 1041 // allowed must be in `allowed_values` and not present in 1042 // `denied_values`. For example, suppose you have a `Constraint` 1043 // `constraints/serviceuser.services`, which has a `constraint_type` of 1044 // `list_constraint`, and with `constraint_default` set to `ALLOW`. 1045 // Suppose that at the Organization level, a `Policy` is applied that 1046 // restricts the allowed API activations to {`E1`, `E2`}. Then, if a 1047 // `Policy` is applied to a project below the Organization that has 1048 // `inherit_from_parent` set to `false` and field all_values set to 1049 // DENY, then an attempt to activate any API will be denied. The 1050 // following examples demonstrate different possible layerings for 1051 // `projects/bar` parented by `organizations/foo`: Example 1 (no 1052 // inherited values): `organizations/foo` has a `Policy` with values: 1053 // {allowed_values: "E1" allowed_values:"E2"} `projects/bar` has 1054 // `inherit_from_parent` `false` and values: {allowed_values: "E3" 1055 // allowed_values: "E4"} The accepted values at `organizations/foo` are 1056 // `E1`, `E2`. The accepted values at `projects/bar` are `E3`, and `E4`. 1057 // Example 2 (inherited values): `organizations/foo` has a `Policy` with 1058 // values: {allowed_values: "E1" allowed_values:"E2"} `projects/bar` has 1059 // a `Policy` with values: {value: "E3" value: "E4" inherit_from_parent: 1060 // true} The accepted values at `organizations/foo` are `E1`, `E2`. The 1061 // accepted values at `projects/bar` are `E1`, `E2`, `E3`, and `E4`. 1062 // Example 3 (inheriting both allowed and denied values): 1063 // `organizations/foo` has a `Policy` with values: {allowed_values: "E1" 1064 // allowed_values: "E2"} `projects/bar` has a `Policy` with: 1065 // {denied_values: "E1"} The accepted values at `organizations/foo` are 1066 // `E1`, `E2`. The value accepted at `projects/bar` is `E2`. Example 4 1067 // (RestoreDefault): `organizations/foo` has a `Policy` with values: 1068 // {allowed_values: "E1" allowed_values:"E2"} `projects/bar` has a 1069 // `Policy` with values: {RestoreDefault: {}} The accepted values at 1070 // `organizations/foo` are `E1`, `E2`. The accepted values at 1071 // `projects/bar` are either all or none depending on the value of 1072 // `constraint_default` (if `ALLOW`, all; if `DENY`, none). Example 5 1073 // (no policy inherits parent policy): `organizations/foo` has no 1074 // `Policy` set. `projects/bar` has no `Policy` set. The accepted values 1075 // at both levels are either all or none depending on the value of 1076 // `constraint_default` (if `ALLOW`, all; if `DENY`, none). Example 6 1077 // (ListConstraint allowing all): `organizations/foo` has a `Policy` 1078 // with values: {allowed_values: "E1" allowed_values: "E2"} 1079 // `projects/bar` has a `Policy` with: {all: ALLOW} The accepted values 1080 // at `organizations/foo` are `E1`, E2`. Any value is accepted at 1081 // `projects/bar`. Example 7 (ListConstraint allowing none): 1082 // `organizations/foo` has a `Policy` with values: {allowed_values: "E1" 1083 // allowed_values: "E2"} `projects/bar` has a `Policy` with: {all: DENY} 1084 // The accepted values at `organizations/foo` are `E1`, E2`. No value is 1085 // accepted at `projects/bar`. Example 10 (allowed and denied subtrees 1086 // of Resource Manager hierarchy): Given the following resource 1087 // hierarchy O1->{F1, F2}; F1->{P1}; F2->{P2, P3}, `organizations/foo` 1088 // has a `Policy` with values: {allowed_values: 1089 // "under:organizations/O1"} `projects/bar` has a `Policy` with: 1090 // {allowed_values: "under:projects/P3"} {denied_values: 1091 // "under:folders/F2"} The accepted values at `organizations/foo` are 1092 // `organizations/O1`, `folders/F1`, `folders/F2`, `projects/P1`, 1093 // `projects/P2`, `projects/P3`. The accepted values at `projects/bar` 1094 // are `organizations/O1`, `folders/F1`, `projects/P1`. 1095 InheritFromParent bool `json:"inheritFromParent,omitempty"` 1096 1097 // SuggestedValue: Optional. The Google Cloud Console will try to 1098 // default to a configuration that matches the value specified in this 1099 // `Policy`. If `suggested_value` is not set, it will inherit the value 1100 // specified higher in the hierarchy, unless `inherit_from_parent` is 1101 // `false`. 1102 SuggestedValue string `json:"suggestedValue,omitempty"` 1103 1104 // ForceSendFields is a list of field names (e.g. "AllValues") to 1105 // unconditionally include in API requests. By default, fields with 1106 // empty values are omitted from API requests. However, any non-pointer, 1107 // non-interface field appearing in ForceSendFields will be sent to the 1108 // server regardless of whether the field is empty or not. This may be 1109 // used to include empty fields in Patch requests. 1110 ForceSendFields []string `json:"-"` 1111 1112 // NullFields is a list of field names (e.g. "AllValues") to include in 1113 // API requests with the JSON null value. By default, fields with empty 1114 // values are omitted from API requests. However, any field with an 1115 // empty value appearing in NullFields will be sent to the server as 1116 // null. It is an error if a field in this list has a non-empty value. 1117 // This may be used to include null fields in Patch requests. 1118 NullFields []string `json:"-"` 1119} 1120 1121func (s *GoogleCloudOrgpolicyV1ListPolicy) MarshalJSON() ([]byte, error) { 1122 type NoMethod GoogleCloudOrgpolicyV1ListPolicy 1123 raw := NoMethod(*s) 1124 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1125} 1126 1127// GoogleCloudOrgpolicyV1Policy: Defines a Cloud Organization `Policy` 1128// which is used to specify `Constraints` for configurations of Cloud 1129// Platform resources. 1130type GoogleCloudOrgpolicyV1Policy struct { 1131 // BooleanPolicy: For boolean `Constraints`, whether to enforce the 1132 // `Constraint` or not. 1133 BooleanPolicy *GoogleCloudOrgpolicyV1BooleanPolicy `json:"booleanPolicy,omitempty"` 1134 1135 // Constraint: The name of the `Constraint` the `Policy` is configuring, 1136 // for example, `constraints/serviceuser.services`. A list of available 1137 // constraints 1138 // (/resource-manager/docs/organization-policy/org-policy-constraints) 1139 // is available. Immutable after creation. 1140 Constraint string `json:"constraint,omitempty"` 1141 1142 // Etag: An opaque tag indicating the current version of the `Policy`, 1143 // used for concurrency control. When the `Policy` is returned from 1144 // either a `GetPolicy` or a `ListOrgPolicy` request, this `etag` 1145 // indicates the version of the current `Policy` to use when executing a 1146 // read-modify-write loop. When the `Policy` is returned from a 1147 // `GetEffectivePolicy` request, the `etag` will be unset. When the 1148 // `Policy` is used in a `SetOrgPolicy` method, use the `etag` value 1149 // that was returned from a `GetOrgPolicy` request as part of a 1150 // read-modify-write loop for concurrency control. Not setting the 1151 // `etag`in a `SetOrgPolicy` request will result in an unconditional 1152 // write of the `Policy`. 1153 Etag string `json:"etag,omitempty"` 1154 1155 // ListPolicy: List of values either allowed or disallowed. 1156 ListPolicy *GoogleCloudOrgpolicyV1ListPolicy `json:"listPolicy,omitempty"` 1157 1158 // RestoreDefault: Restores the default behavior of the constraint; 1159 // independent of `Constraint` type. 1160 RestoreDefault *GoogleCloudOrgpolicyV1RestoreDefault `json:"restoreDefault,omitempty"` 1161 1162 // UpdateTime: The time stamp the `Policy` was previously updated. This 1163 // is set by the server, not specified by the caller, and represents the 1164 // last time a call to `SetOrgPolicy` was made for that `Policy`. Any 1165 // value set by the client will be ignored. 1166 UpdateTime string `json:"updateTime,omitempty"` 1167 1168 // Version: Version of the `Policy`. Default version is 0; 1169 Version int64 `json:"version,omitempty"` 1170 1171 // ForceSendFields is a list of field names (e.g. "BooleanPolicy") to 1172 // unconditionally include in API requests. By default, fields with 1173 // empty values are omitted from API requests. However, any non-pointer, 1174 // non-interface field appearing in ForceSendFields will be sent to the 1175 // server regardless of whether the field is empty or not. This may be 1176 // used to include empty fields in Patch requests. 1177 ForceSendFields []string `json:"-"` 1178 1179 // NullFields is a list of field names (e.g. "BooleanPolicy") to include 1180 // in API requests with the JSON null value. By default, fields with 1181 // empty values are omitted from API requests. However, any field with 1182 // an empty value appearing in NullFields will be sent to the server as 1183 // null. It is an error if a field in this list has a non-empty value. 1184 // This may be used to include null fields in Patch requests. 1185 NullFields []string `json:"-"` 1186} 1187 1188func (s *GoogleCloudOrgpolicyV1Policy) MarshalJSON() ([]byte, error) { 1189 type NoMethod GoogleCloudOrgpolicyV1Policy 1190 raw := NoMethod(*s) 1191 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1192} 1193 1194// GoogleCloudOrgpolicyV1RestoreDefault: Ignores policies set above this 1195// resource and restores the `constraint_default` enforcement behavior 1196// of the specific `Constraint` at this resource. Suppose that 1197// `constraint_default` is set to `ALLOW` for the `Constraint` 1198// `constraints/serviceuser.services`. Suppose that organization foo.com 1199// sets a `Policy` at their Organization resource node that restricts 1200// the allowed service activations to deny all service activations. They 1201// could then set a `Policy` with the `policy_type` `restore_default` on 1202// several experimental projects, restoring the `constraint_default` 1203// enforcement of the `Constraint` for only those projects, allowing 1204// those projects to have all services activated. 1205type GoogleCloudOrgpolicyV1RestoreDefault struct { 1206} 1207 1208// GoogleIdentityAccesscontextmanagerV1AccessLevel: An `AccessLevel` is 1209// a label that can be applied to requests to Google Cloud services, 1210// along with a list of requirements necessary for the label to be 1211// applied. 1212type GoogleIdentityAccesscontextmanagerV1AccessLevel struct { 1213 // Basic: A `BasicLevel` composed of `Conditions`. 1214 Basic *GoogleIdentityAccesscontextmanagerV1BasicLevel `json:"basic,omitempty"` 1215 1216 // Custom: A `CustomLevel` written in the Common Expression Language. 1217 Custom *GoogleIdentityAccesscontextmanagerV1CustomLevel `json:"custom,omitempty"` 1218 1219 // Description: Description of the `AccessLevel` and its use. Does not 1220 // affect behavior. 1221 Description string `json:"description,omitempty"` 1222 1223 // Name: Required. Resource name for the Access Level. The `short_name` 1224 // component must begin with a letter and only include alphanumeric and 1225 // '_'. Format: `accessPolicies/{policy_id}/accessLevels/{short_name}`. 1226 // The maximum length of the `short_name` component is 50 characters. 1227 Name string `json:"name,omitempty"` 1228 1229 // Title: Human readable title. Must be unique within the Policy. 1230 Title string `json:"title,omitempty"` 1231 1232 // ForceSendFields is a list of field names (e.g. "Basic") to 1233 // unconditionally include in API requests. By default, fields with 1234 // empty values are omitted from API requests. However, any non-pointer, 1235 // non-interface field appearing in ForceSendFields will be sent to the 1236 // server regardless of whether the field is empty or not. This may be 1237 // used to include empty fields in Patch requests. 1238 ForceSendFields []string `json:"-"` 1239 1240 // NullFields is a list of field names (e.g. "Basic") to include in API 1241 // requests with the JSON null value. By default, fields with empty 1242 // values are omitted from API requests. However, any field with an 1243 // empty value appearing in NullFields will be sent to the server as 1244 // null. It is an error if a field in this list has a non-empty value. 1245 // This may be used to include null fields in Patch requests. 1246 NullFields []string `json:"-"` 1247} 1248 1249func (s *GoogleIdentityAccesscontextmanagerV1AccessLevel) MarshalJSON() ([]byte, error) { 1250 type NoMethod GoogleIdentityAccesscontextmanagerV1AccessLevel 1251 raw := NoMethod(*s) 1252 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1253} 1254 1255// GoogleIdentityAccesscontextmanagerV1AccessPolicy: `AccessPolicy` is a 1256// container for `AccessLevels` (which define the necessary attributes 1257// to use Google Cloud services) and `ServicePerimeters` (which define 1258// regions of services able to freely pass data within a perimeter). An 1259// access policy is globally visible within an organization, and the 1260// restrictions it specifies apply to all projects within an 1261// organization. 1262type GoogleIdentityAccesscontextmanagerV1AccessPolicy struct { 1263 // Etag: Output only. An opaque identifier for the current version of 1264 // the `AccessPolicy`. This will always be a strongly validated etag, 1265 // meaning that two Access Polices will be identical if and only if 1266 // their etags are identical. Clients should not expect this to be in 1267 // any specific format. 1268 Etag string `json:"etag,omitempty"` 1269 1270 // Name: Output only. Resource name of the `AccessPolicy`. Format: 1271 // `accessPolicies/{policy_id}` 1272 Name string `json:"name,omitempty"` 1273 1274 // Parent: Required. The parent of this `AccessPolicy` in the Cloud 1275 // Resource Hierarchy. Currently immutable once created. Format: 1276 // `organizations/{organization_id}` 1277 Parent string `json:"parent,omitempty"` 1278 1279 // Title: Required. Human readable title. Does not affect behavior. 1280 Title string `json:"title,omitempty"` 1281 1282 // ForceSendFields is a list of field names (e.g. "Etag") to 1283 // unconditionally include in API requests. By default, fields with 1284 // empty values are omitted from API requests. However, any non-pointer, 1285 // non-interface field appearing in ForceSendFields will be sent to the 1286 // server regardless of whether the field is empty or not. This may be 1287 // used to include empty fields in Patch requests. 1288 ForceSendFields []string `json:"-"` 1289 1290 // NullFields is a list of field names (e.g. "Etag") to include in API 1291 // requests with the JSON null value. By default, fields with empty 1292 // values are omitted from API requests. However, any field with an 1293 // empty value appearing in NullFields will be sent to the server as 1294 // null. It is an error if a field in this list has a non-empty value. 1295 // This may be used to include null fields in Patch requests. 1296 NullFields []string `json:"-"` 1297} 1298 1299func (s *GoogleIdentityAccesscontextmanagerV1AccessPolicy) MarshalJSON() ([]byte, error) { 1300 type NoMethod GoogleIdentityAccesscontextmanagerV1AccessPolicy 1301 raw := NoMethod(*s) 1302 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1303} 1304 1305// GoogleIdentityAccesscontextmanagerV1ApiOperation: Identification for 1306// an API Operation. 1307type GoogleIdentityAccesscontextmanagerV1ApiOperation struct { 1308 // MethodSelectors: API methods or permissions to allow. Method or 1309 // permission must belong to the service specified by `service_name` 1310 // field. A single MethodSelector entry with `*` specified for the 1311 // `method` field will allow all methods AND permissions for the service 1312 // specified in `service_name`. 1313 MethodSelectors []*GoogleIdentityAccesscontextmanagerV1MethodSelector `json:"methodSelectors,omitempty"` 1314 1315 // ServiceName: The name of the API whose methods or permissions the 1316 // IngressPolicy or EgressPolicy want to allow. A single ApiOperation 1317 // with `service_name` field set to `*` will allow all methods AND 1318 // permissions for all services. 1319 ServiceName string `json:"serviceName,omitempty"` 1320 1321 // ForceSendFields is a list of field names (e.g. "MethodSelectors") to 1322 // unconditionally include in API requests. By default, fields with 1323 // empty values are omitted from API requests. However, any non-pointer, 1324 // non-interface field appearing in ForceSendFields will be sent to the 1325 // server regardless of whether the field is empty or not. This may be 1326 // used to include empty fields in Patch requests. 1327 ForceSendFields []string `json:"-"` 1328 1329 // NullFields is a list of field names (e.g. "MethodSelectors") to 1330 // include in API requests with the JSON null value. By default, fields 1331 // with empty values are omitted from API requests. However, any field 1332 // with an empty value appearing in NullFields will be sent to the 1333 // server as null. It is an error if a field in this list has a 1334 // non-empty value. This may be used to include null fields in Patch 1335 // requests. 1336 NullFields []string `json:"-"` 1337} 1338 1339func (s *GoogleIdentityAccesscontextmanagerV1ApiOperation) MarshalJSON() ([]byte, error) { 1340 type NoMethod GoogleIdentityAccesscontextmanagerV1ApiOperation 1341 raw := NoMethod(*s) 1342 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1343} 1344 1345// GoogleIdentityAccesscontextmanagerV1BasicLevel: `BasicLevel` is an 1346// `AccessLevel` using a set of recommended features. 1347type GoogleIdentityAccesscontextmanagerV1BasicLevel struct { 1348 // CombiningFunction: How the `conditions` list should be combined to 1349 // determine if a request is granted this `AccessLevel`. If AND is used, 1350 // each `Condition` in `conditions` must be satisfied for the 1351 // `AccessLevel` to be applied. If OR is used, at least one `Condition` 1352 // in `conditions` must be satisfied for the `AccessLevel` to be 1353 // applied. Default behavior is AND. 1354 // 1355 // Possible values: 1356 // "AND" - All `Conditions` must be true for the `BasicLevel` to be 1357 // true. 1358 // "OR" - If at least one `Condition` is true, then the `BasicLevel` 1359 // is true. 1360 CombiningFunction string `json:"combiningFunction,omitempty"` 1361 1362 // Conditions: Required. A list of requirements for the `AccessLevel` to 1363 // be granted. 1364 Conditions []*GoogleIdentityAccesscontextmanagerV1Condition `json:"conditions,omitempty"` 1365 1366 // ForceSendFields is a list of field names (e.g. "CombiningFunction") 1367 // to unconditionally include in API requests. By default, fields with 1368 // empty values are omitted from API requests. However, any non-pointer, 1369 // non-interface field appearing in ForceSendFields will be sent to the 1370 // server regardless of whether the field is empty or not. This may be 1371 // used to include empty fields in Patch requests. 1372 ForceSendFields []string `json:"-"` 1373 1374 // NullFields is a list of field names (e.g. "CombiningFunction") to 1375 // include in API requests with the JSON null value. By default, fields 1376 // with empty values are omitted from API requests. However, any field 1377 // with an empty value appearing in NullFields will be sent to the 1378 // server as null. It is an error if a field in this list has a 1379 // non-empty value. This may be used to include null fields in Patch 1380 // requests. 1381 NullFields []string `json:"-"` 1382} 1383 1384func (s *GoogleIdentityAccesscontextmanagerV1BasicLevel) MarshalJSON() ([]byte, error) { 1385 type NoMethod GoogleIdentityAccesscontextmanagerV1BasicLevel 1386 raw := NoMethod(*s) 1387 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1388} 1389 1390// GoogleIdentityAccesscontextmanagerV1Condition: A condition necessary 1391// for an `AccessLevel` to be granted. The Condition is an AND over its 1392// fields. So a Condition is true if: 1) the request IP is from one of 1393// the listed subnetworks AND 2) the originating device complies with 1394// the listed device policy AND 3) all listed access levels are granted 1395// AND 4) the request was sent at a time allowed by the 1396// DateTimeRestriction. 1397type GoogleIdentityAccesscontextmanagerV1Condition struct { 1398 // DevicePolicy: Device specific restrictions, all restrictions must 1399 // hold for the Condition to be true. If not specified, all devices are 1400 // allowed. 1401 DevicePolicy *GoogleIdentityAccesscontextmanagerV1DevicePolicy `json:"devicePolicy,omitempty"` 1402 1403 // IpSubnetworks: CIDR block IP subnetwork specification. May be IPv4 or 1404 // IPv6. Note that for a CIDR IP address block, the specified IP address 1405 // portion must be properly truncated (i.e. all the host bits must be 1406 // zero) or the input is considered malformed. For example, 1407 // "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for 1408 // IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. 1409 // The originating IP of a request must be in one of the listed subnets 1410 // in order for this Condition to be true. If empty, all IP addresses 1411 // are allowed. 1412 IpSubnetworks []string `json:"ipSubnetworks,omitempty"` 1413 1414 // Members: The request must be made by one of the provided user or 1415 // service accounts. Groups are not supported. Syntax: `user:{emailid}` 1416 // `serviceAccount:{emailid}` If not specified, a request may come from 1417 // any user. 1418 Members []string `json:"members,omitempty"` 1419 1420 // Negate: Whether to negate the Condition. If true, the Condition 1421 // becomes a NAND over its non-empty fields, each field must be false 1422 // for the Condition overall to be satisfied. Defaults to false. 1423 Negate bool `json:"negate,omitempty"` 1424 1425 // Regions: The request must originate from one of the provided 1426 // countries/regions. Must be valid ISO 3166-1 alpha-2 codes. 1427 Regions []string `json:"regions,omitempty"` 1428 1429 // RequiredAccessLevels: A list of other access levels defined in the 1430 // same `Policy`, referenced by resource name. Referencing an 1431 // `AccessLevel` which does not exist is an error. All access levels 1432 // listed must be granted for the Condition to be true. Example: 1433 // "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME" 1434 RequiredAccessLevels []string `json:"requiredAccessLevels,omitempty"` 1435 1436 // ForceSendFields is a list of field names (e.g. "DevicePolicy") to 1437 // unconditionally include in API requests. By default, fields with 1438 // empty values are omitted from API requests. However, any non-pointer, 1439 // non-interface field appearing in ForceSendFields will be sent to the 1440 // server regardless of whether the field is empty or not. This may be 1441 // used to include empty fields in Patch requests. 1442 ForceSendFields []string `json:"-"` 1443 1444 // NullFields is a list of field names (e.g. "DevicePolicy") to include 1445 // in API requests with the JSON null value. By default, fields with 1446 // empty values are omitted from API requests. However, any field with 1447 // an empty value appearing in NullFields will be sent to the server as 1448 // null. It is an error if a field in this list has a non-empty value. 1449 // This may be used to include null fields in Patch requests. 1450 NullFields []string `json:"-"` 1451} 1452 1453func (s *GoogleIdentityAccesscontextmanagerV1Condition) MarshalJSON() ([]byte, error) { 1454 type NoMethod GoogleIdentityAccesscontextmanagerV1Condition 1455 raw := NoMethod(*s) 1456 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1457} 1458 1459// GoogleIdentityAccesscontextmanagerV1CustomLevel: `CustomLevel` is an 1460// `AccessLevel` using the Cloud Common Expression Language to represent 1461// the necessary conditions for the level to apply to a request. See CEL 1462// spec at: https://github.com/google/cel-spec 1463type GoogleIdentityAccesscontextmanagerV1CustomLevel struct { 1464 // Expr: Required. A Cloud CEL expression evaluating to a boolean. 1465 Expr *Expr `json:"expr,omitempty"` 1466 1467 // ForceSendFields is a list of field names (e.g. "Expr") to 1468 // unconditionally include in API requests. By default, fields with 1469 // empty values are omitted from API requests. However, any non-pointer, 1470 // non-interface field appearing in ForceSendFields will be sent to the 1471 // server regardless of whether the field is empty or not. This may be 1472 // used to include empty fields in Patch requests. 1473 ForceSendFields []string `json:"-"` 1474 1475 // NullFields is a list of field names (e.g. "Expr") to include in API 1476 // requests with the JSON null value. By default, fields with empty 1477 // values are omitted from API requests. However, any field with an 1478 // empty value appearing in NullFields will be sent to the server as 1479 // null. It is an error if a field in this list has a non-empty value. 1480 // This may be used to include null fields in Patch requests. 1481 NullFields []string `json:"-"` 1482} 1483 1484func (s *GoogleIdentityAccesscontextmanagerV1CustomLevel) MarshalJSON() ([]byte, error) { 1485 type NoMethod GoogleIdentityAccesscontextmanagerV1CustomLevel 1486 raw := NoMethod(*s) 1487 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1488} 1489 1490// GoogleIdentityAccesscontextmanagerV1DevicePolicy: `DevicePolicy` 1491// specifies device specific restrictions necessary to acquire a given 1492// access level. A `DevicePolicy` specifies requirements for requests 1493// from devices to be granted access levels, it does not do any 1494// enforcement on the device. `DevicePolicy` acts as an AND over all 1495// specified fields, and each repeated field is an OR over its elements. 1496// Any unset fields are ignored. For example, if the proto is { os_type 1497// : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: 1498// ENCRYPTED}, then the DevicePolicy will be true for requests 1499// originating from encrypted Linux desktops and encrypted Windows 1500// desktops. 1501type GoogleIdentityAccesscontextmanagerV1DevicePolicy struct { 1502 // AllowedDeviceManagementLevels: Allowed device management levels, an 1503 // empty list allows all management levels. 1504 // 1505 // Possible values: 1506 // "MANAGEMENT_UNSPECIFIED" - The device's management level is not 1507 // specified or not known. 1508 // "NONE" - The device is not managed. 1509 // "BASIC" - Basic management is enabled, which is generally limited 1510 // to monitoring and wiping the corporate account. 1511 // "COMPLETE" - Complete device management. This includes more 1512 // thorough monitoring and the ability to directly manage the device 1513 // (such as remote wiping). This can be enabled through the Android 1514 // Enterprise Platform. 1515 AllowedDeviceManagementLevels []string `json:"allowedDeviceManagementLevels,omitempty"` 1516 1517 // AllowedEncryptionStatuses: Allowed encryptions statuses, an empty 1518 // list allows all statuses. 1519 // 1520 // Possible values: 1521 // "ENCRYPTION_UNSPECIFIED" - The encryption status of the device is 1522 // not specified or not known. 1523 // "ENCRYPTION_UNSUPPORTED" - The device does not support encryption. 1524 // "UNENCRYPTED" - The device supports encryption, but is currently 1525 // unencrypted. 1526 // "ENCRYPTED" - The device is encrypted. 1527 AllowedEncryptionStatuses []string `json:"allowedEncryptionStatuses,omitempty"` 1528 1529 // OsConstraints: Allowed OS versions, an empty list allows all types 1530 // and all versions. 1531 OsConstraints []*GoogleIdentityAccesscontextmanagerV1OsConstraint `json:"osConstraints,omitempty"` 1532 1533 // RequireAdminApproval: Whether the device needs to be approved by the 1534 // customer admin. 1535 RequireAdminApproval bool `json:"requireAdminApproval,omitempty"` 1536 1537 // RequireCorpOwned: Whether the device needs to be corp owned. 1538 RequireCorpOwned bool `json:"requireCorpOwned,omitempty"` 1539 1540 // RequireScreenlock: Whether or not screenlock is required for the 1541 // DevicePolicy to be true. Defaults to `false`. 1542 RequireScreenlock bool `json:"requireScreenlock,omitempty"` 1543 1544 // ForceSendFields is a list of field names (e.g. 1545 // "AllowedDeviceManagementLevels") to unconditionally include in API 1546 // requests. By default, fields with empty values are omitted from API 1547 // requests. However, any non-pointer, non-interface field appearing in 1548 // ForceSendFields will be sent to the server regardless of whether the 1549 // field is empty or not. This may be used to include empty fields in 1550 // Patch requests. 1551 ForceSendFields []string `json:"-"` 1552 1553 // NullFields is a list of field names (e.g. 1554 // "AllowedDeviceManagementLevels") to include in API requests with the 1555 // JSON null value. By default, fields with empty values are omitted 1556 // from API requests. However, any field with an empty value appearing 1557 // in NullFields will be sent to the server as null. It is an error if a 1558 // field in this list has a non-empty value. This may be used to include 1559 // null fields in Patch requests. 1560 NullFields []string `json:"-"` 1561} 1562 1563func (s *GoogleIdentityAccesscontextmanagerV1DevicePolicy) MarshalJSON() ([]byte, error) { 1564 type NoMethod GoogleIdentityAccesscontextmanagerV1DevicePolicy 1565 raw := NoMethod(*s) 1566 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1567} 1568 1569// GoogleIdentityAccesscontextmanagerV1EgressFrom: Defines the 1570// conditions under which an EgressPolicy matches a request. Conditions 1571// based on information about the source of the request. Note that if 1572// the destination of the request is protected by a ServicePerimeter, 1573// then that ServicePerimeter must have an IngressPolicy which allows 1574// access in order for this request to succeed. 1575type GoogleIdentityAccesscontextmanagerV1EgressFrom struct { 1576 // Identities: A list of identities that are allowed access through this 1577 // [EgressPolicy]. Should be in the format of email address. The email 1578 // address should represent individual user or service account only. 1579 Identities []string `json:"identities,omitempty"` 1580 1581 // IdentityType: Specifies the type of identities that are allowed 1582 // access to outside the perimeter. If left unspecified, then members of 1583 // `identities` field will be allowed access. 1584 // 1585 // Possible values: 1586 // "IDENTITY_TYPE_UNSPECIFIED" - No blanket identity group specified. 1587 // "ANY_IDENTITY" - Authorize access from all identities outside the 1588 // perimeter. 1589 // "ANY_USER_ACCOUNT" - Authorize access from all human users outside 1590 // the perimeter. 1591 // "ANY_SERVICE_ACCOUNT" - Authorize access from all service accounts 1592 // outside the perimeter. 1593 IdentityType string `json:"identityType,omitempty"` 1594 1595 // ForceSendFields is a list of field names (e.g. "Identities") to 1596 // unconditionally include in API requests. By default, fields with 1597 // empty values are omitted from API requests. However, any non-pointer, 1598 // non-interface field appearing in ForceSendFields will be sent to the 1599 // server regardless of whether the field is empty or not. This may be 1600 // used to include empty fields in Patch requests. 1601 ForceSendFields []string `json:"-"` 1602 1603 // NullFields is a list of field names (e.g. "Identities") to include in 1604 // API requests with the JSON null value. By default, fields with empty 1605 // values are omitted from API requests. However, any field with an 1606 // empty value appearing in NullFields will be sent to the server as 1607 // null. It is an error if a field in this list has a non-empty value. 1608 // This may be used to include null fields in Patch requests. 1609 NullFields []string `json:"-"` 1610} 1611 1612func (s *GoogleIdentityAccesscontextmanagerV1EgressFrom) MarshalJSON() ([]byte, error) { 1613 type NoMethod GoogleIdentityAccesscontextmanagerV1EgressFrom 1614 raw := NoMethod(*s) 1615 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1616} 1617 1618// GoogleIdentityAccesscontextmanagerV1EgressPolicy: Policy for egress 1619// from perimeter. EgressPolicies match requests based on `egress_from` 1620// and `egress_to` stanzas. For an EgressPolicy to match, both 1621// `egress_from` and `egress_to` stanzas must be matched. If an 1622// EgressPolicy matches a request, the request is allowed to span the 1623// ServicePerimeter boundary. For example, an EgressPolicy can be used 1624// to allow VMs on networks within the ServicePerimeter to access a 1625// defined set of projects outside the perimeter in certain contexts 1626// (e.g. to read data from a Cloud Storage bucket or query against a 1627// BigQuery dataset). EgressPolicies are concerned with the *resources* 1628// that a request relates as well as the API services and API actions 1629// being used. They do not related to the direction of data movement. 1630// More detailed documentation for this concept can be found in the 1631// descriptions of EgressFrom and EgressTo. 1632type GoogleIdentityAccesscontextmanagerV1EgressPolicy struct { 1633 // EgressFrom: Defines conditions on the source of a request causing 1634 // this EgressPolicy to apply. 1635 EgressFrom *GoogleIdentityAccesscontextmanagerV1EgressFrom `json:"egressFrom,omitempty"` 1636 1637 // EgressTo: Defines the conditions on the ApiOperation and destination 1638 // resources that cause this EgressPolicy to apply. 1639 EgressTo *GoogleIdentityAccesscontextmanagerV1EgressTo `json:"egressTo,omitempty"` 1640 1641 // ForceSendFields is a list of field names (e.g. "EgressFrom") to 1642 // unconditionally include in API requests. By default, fields with 1643 // empty values are omitted from API requests. However, any non-pointer, 1644 // non-interface field appearing in ForceSendFields will be sent to the 1645 // server regardless of whether the field is empty or not. This may be 1646 // used to include empty fields in Patch requests. 1647 ForceSendFields []string `json:"-"` 1648 1649 // NullFields is a list of field names (e.g. "EgressFrom") to include in 1650 // API requests with the JSON null value. By default, fields with empty 1651 // values are omitted from API requests. However, any field with an 1652 // empty value appearing in NullFields will be sent to the server as 1653 // null. It is an error if a field in this list has a non-empty value. 1654 // This may be used to include null fields in Patch requests. 1655 NullFields []string `json:"-"` 1656} 1657 1658func (s *GoogleIdentityAccesscontextmanagerV1EgressPolicy) MarshalJSON() ([]byte, error) { 1659 type NoMethod GoogleIdentityAccesscontextmanagerV1EgressPolicy 1660 raw := NoMethod(*s) 1661 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1662} 1663 1664// GoogleIdentityAccesscontextmanagerV1EgressTo: Defines the conditions 1665// under which an EgressPolicy matches a request. Conditions are based 1666// on information about the ApiOperation intended to be performed on the 1667// `resources` specified. Note that if the destination of the request is 1668// protected by a ServicePerimeter, then that ServicePerimeter must have 1669// an IngressPolicy which allows access in order for this request to 1670// succeed. 1671type GoogleIdentityAccesscontextmanagerV1EgressTo struct { 1672 // Operations: A list of ApiOperations that this egress rule applies to. 1673 // A request matches if it contains an operation/service in this list. 1674 Operations []*GoogleIdentityAccesscontextmanagerV1ApiOperation `json:"operations,omitempty"` 1675 1676 // Resources: A list of resources, currently only projects in the form 1677 // `projects/`, that match this to stanza. A request matches if it 1678 // contains a resource in this list. If `*` is specified for resources, 1679 // then this EgressTo rule will authorize access to all resources 1680 // outside the perimeter. 1681 Resources []string `json:"resources,omitempty"` 1682 1683 // ForceSendFields is a list of field names (e.g. "Operations") to 1684 // unconditionally include in API requests. By default, fields with 1685 // empty values are omitted from API requests. However, any non-pointer, 1686 // non-interface field appearing in ForceSendFields will be sent to the 1687 // server regardless of whether the field is empty or not. This may be 1688 // used to include empty fields in Patch requests. 1689 ForceSendFields []string `json:"-"` 1690 1691 // NullFields is a list of field names (e.g. "Operations") to include in 1692 // API requests with the JSON null value. By default, fields with empty 1693 // values are omitted from API requests. However, any field with an 1694 // empty value appearing in NullFields will be sent to the server as 1695 // null. It is an error if a field in this list has a non-empty value. 1696 // This may be used to include null fields in Patch requests. 1697 NullFields []string `json:"-"` 1698} 1699 1700func (s *GoogleIdentityAccesscontextmanagerV1EgressTo) MarshalJSON() ([]byte, error) { 1701 type NoMethod GoogleIdentityAccesscontextmanagerV1EgressTo 1702 raw := NoMethod(*s) 1703 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1704} 1705 1706// GoogleIdentityAccesscontextmanagerV1IngressFrom: Defines the 1707// conditions under which an IngressPolicy matches a request. Conditions 1708// are based on information about the source of the request. 1709type GoogleIdentityAccesscontextmanagerV1IngressFrom struct { 1710 // Identities: A list of identities that are allowed access through this 1711 // ingress policy. Should be in the format of email address. The email 1712 // address should represent individual user or service account only. 1713 Identities []string `json:"identities,omitempty"` 1714 1715 // IdentityType: Specifies the type of identities that are allowed 1716 // access from outside the perimeter. If left unspecified, then members 1717 // of `identities` field will be allowed access. 1718 // 1719 // Possible values: 1720 // "IDENTITY_TYPE_UNSPECIFIED" - No blanket identity group specified. 1721 // "ANY_IDENTITY" - Authorize access from all identities outside the 1722 // perimeter. 1723 // "ANY_USER_ACCOUNT" - Authorize access from all human users outside 1724 // the perimeter. 1725 // "ANY_SERVICE_ACCOUNT" - Authorize access from all service accounts 1726 // outside the perimeter. 1727 IdentityType string `json:"identityType,omitempty"` 1728 1729 // Sources: Sources that this IngressPolicy authorizes access from. 1730 Sources []*GoogleIdentityAccesscontextmanagerV1IngressSource `json:"sources,omitempty"` 1731 1732 // ForceSendFields is a list of field names (e.g. "Identities") to 1733 // unconditionally include in API requests. By default, fields with 1734 // empty values are omitted from API requests. However, any non-pointer, 1735 // non-interface field appearing in ForceSendFields will be sent to the 1736 // server regardless of whether the field is empty or not. This may be 1737 // used to include empty fields in Patch requests. 1738 ForceSendFields []string `json:"-"` 1739 1740 // NullFields is a list of field names (e.g. "Identities") to include in 1741 // API requests with the JSON null value. By default, fields with empty 1742 // values are omitted from API requests. However, any field with an 1743 // empty value appearing in NullFields will be sent to the server as 1744 // null. It is an error if a field in this list has a non-empty value. 1745 // This may be used to include null fields in Patch requests. 1746 NullFields []string `json:"-"` 1747} 1748 1749func (s *GoogleIdentityAccesscontextmanagerV1IngressFrom) MarshalJSON() ([]byte, error) { 1750 type NoMethod GoogleIdentityAccesscontextmanagerV1IngressFrom 1751 raw := NoMethod(*s) 1752 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1753} 1754 1755// GoogleIdentityAccesscontextmanagerV1IngressPolicy: Policy for ingress 1756// into ServicePerimeter. IngressPolicies match requests based on 1757// `ingress_from` and `ingress_to` stanzas. For an ingress policy to 1758// match, both the `ingress_from` and `ingress_to` stanzas must be 1759// matched. If an IngressPolicy matches a request, the request is 1760// allowed through the perimeter boundary from outside the perimeter. 1761// For example, access from the internet can be allowed either based on 1762// an AccessLevel or, for traffic hosted on Google Cloud, the project of 1763// the source network. For access from private networks, using the 1764// project of the hosting network is required. Individual ingress 1765// policies can be limited by restricting which services and/or actions 1766// they match using the `ingress_to` field. 1767type GoogleIdentityAccesscontextmanagerV1IngressPolicy struct { 1768 // IngressFrom: Defines the conditions on the source of a request 1769 // causing this IngressPolicy to apply. 1770 IngressFrom *GoogleIdentityAccesscontextmanagerV1IngressFrom `json:"ingressFrom,omitempty"` 1771 1772 // IngressTo: Defines the conditions on the ApiOperation and request 1773 // destination that cause this IngressPolicy to apply. 1774 IngressTo *GoogleIdentityAccesscontextmanagerV1IngressTo `json:"ingressTo,omitempty"` 1775 1776 // ForceSendFields is a list of field names (e.g. "IngressFrom") to 1777 // unconditionally include in API requests. By default, fields with 1778 // empty values are omitted from API requests. However, any non-pointer, 1779 // non-interface field appearing in ForceSendFields will be sent to the 1780 // server regardless of whether the field is empty or not. This may be 1781 // used to include empty fields in Patch requests. 1782 ForceSendFields []string `json:"-"` 1783 1784 // NullFields is a list of field names (e.g. "IngressFrom") to include 1785 // in API requests with the JSON null value. By default, fields with 1786 // empty values are omitted from API requests. However, any field with 1787 // an empty value appearing in NullFields will be sent to the server as 1788 // null. It is an error if a field in this list has a non-empty value. 1789 // This may be used to include null fields in Patch requests. 1790 NullFields []string `json:"-"` 1791} 1792 1793func (s *GoogleIdentityAccesscontextmanagerV1IngressPolicy) MarshalJSON() ([]byte, error) { 1794 type NoMethod GoogleIdentityAccesscontextmanagerV1IngressPolicy 1795 raw := NoMethod(*s) 1796 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1797} 1798 1799// GoogleIdentityAccesscontextmanagerV1IngressSource: The source that 1800// IngressPolicy authorizes access from. 1801type GoogleIdentityAccesscontextmanagerV1IngressSource struct { 1802 // AccessLevel: An AccessLevel resource name that allow resources within 1803 // the ServicePerimeters to be accessed from the internet. AccessLevels 1804 // listed must be in the same policy as this ServicePerimeter. 1805 // Referencing a nonexistent AccessLevel will cause an error. If no 1806 // AccessLevel names are listed, resources within the perimeter can only 1807 // be accessed via Google Cloud calls with request origins within the 1808 // perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. 1809 // If `*` is specified, then all IngressSources will be allowed. 1810 AccessLevel string `json:"accessLevel,omitempty"` 1811 1812 // Resource: A Google Cloud resource that is allowed to ingress the 1813 // perimeter. Requests from these resources will be allowed to access 1814 // perimeter data. Currently only projects are allowed. Format: 1815 // `projects/{project_number}` The project may be in any Google Cloud 1816 // organization, not just the organization that the perimeter is defined 1817 // in. `*` is not allowed, the case of allowing all Google Cloud 1818 // resources only is not supported. 1819 Resource string `json:"resource,omitempty"` 1820 1821 // ForceSendFields is a list of field names (e.g. "AccessLevel") to 1822 // unconditionally include in API requests. By default, fields with 1823 // empty values are omitted from API requests. However, any non-pointer, 1824 // non-interface field appearing in ForceSendFields will be sent to the 1825 // server regardless of whether the field is empty or not. This may be 1826 // used to include empty fields in Patch requests. 1827 ForceSendFields []string `json:"-"` 1828 1829 // NullFields is a list of field names (e.g. "AccessLevel") to include 1830 // in API requests with the JSON null value. By default, fields with 1831 // empty values are omitted from API requests. However, any field with 1832 // an empty value appearing in NullFields will be sent to the server as 1833 // null. It is an error if a field in this list has a non-empty value. 1834 // This may be used to include null fields in Patch requests. 1835 NullFields []string `json:"-"` 1836} 1837 1838func (s *GoogleIdentityAccesscontextmanagerV1IngressSource) MarshalJSON() ([]byte, error) { 1839 type NoMethod GoogleIdentityAccesscontextmanagerV1IngressSource 1840 raw := NoMethod(*s) 1841 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1842} 1843 1844// GoogleIdentityAccesscontextmanagerV1IngressTo: Defines the conditions 1845// under which an IngressPolicy matches a request. Conditions are based 1846// on information about the ApiOperation intended to be performed on the 1847// destination of the request. 1848type GoogleIdentityAccesscontextmanagerV1IngressTo struct { 1849 // Operations: A list of ApiOperations the sources specified in 1850 // corresponding IngressFrom are allowed to perform in this 1851 // ServicePerimeter. 1852 Operations []*GoogleIdentityAccesscontextmanagerV1ApiOperation `json:"operations,omitempty"` 1853 1854 // Resources: A list of resources, currently only projects in the form 1855 // `projects/`, protected by this ServicePerimeter that are allowed to 1856 // be accessed by sources defined in the corresponding IngressFrom. A 1857 // request matches if it contains a resource in this list. If `*` is 1858 // specified for resources, then this IngressTo rule will authorize 1859 // access to all resources inside the perimeter, provided that the 1860 // request also matches the `operations` field. 1861 Resources []string `json:"resources,omitempty"` 1862 1863 // ForceSendFields is a list of field names (e.g. "Operations") to 1864 // unconditionally include in API requests. By default, fields with 1865 // empty values are omitted from API requests. However, any non-pointer, 1866 // non-interface field appearing in ForceSendFields will be sent to the 1867 // server regardless of whether the field is empty or not. This may be 1868 // used to include empty fields in Patch requests. 1869 ForceSendFields []string `json:"-"` 1870 1871 // NullFields is a list of field names (e.g. "Operations") to include in 1872 // API requests with the JSON null value. By default, fields with empty 1873 // values are omitted from API requests. However, any field with an 1874 // empty value appearing in NullFields will be sent to the server as 1875 // null. It is an error if a field in this list has a non-empty value. 1876 // This may be used to include null fields in Patch requests. 1877 NullFields []string `json:"-"` 1878} 1879 1880func (s *GoogleIdentityAccesscontextmanagerV1IngressTo) MarshalJSON() ([]byte, error) { 1881 type NoMethod GoogleIdentityAccesscontextmanagerV1IngressTo 1882 raw := NoMethod(*s) 1883 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1884} 1885 1886// GoogleIdentityAccesscontextmanagerV1MethodSelector: An allowed method 1887// or permission of a service specified in ApiOperation. 1888type GoogleIdentityAccesscontextmanagerV1MethodSelector struct { 1889 // Method: Value for `method` should be a valid method name for the 1890 // corresponding `service_name` in ApiOperation. If `*` used as value 1891 // for `method`, then ALL methods and permissions are allowed. 1892 Method string `json:"method,omitempty"` 1893 1894 // Permission: Value for `permission` should be a valid Cloud IAM 1895 // permission for the corresponding `service_name` in ApiOperation. 1896 Permission string `json:"permission,omitempty"` 1897 1898 // ForceSendFields is a list of field names (e.g. "Method") to 1899 // unconditionally include in API requests. By default, fields with 1900 // empty values are omitted from API requests. However, any non-pointer, 1901 // non-interface field appearing in ForceSendFields will be sent to the 1902 // server regardless of whether the field is empty or not. This may be 1903 // used to include empty fields in Patch requests. 1904 ForceSendFields []string `json:"-"` 1905 1906 // NullFields is a list of field names (e.g. "Method") to include in API 1907 // requests with the JSON null value. By default, fields with empty 1908 // values are omitted from API requests. However, any field with an 1909 // empty value appearing in NullFields will be sent to the server as 1910 // null. It is an error if a field in this list has a non-empty value. 1911 // This may be used to include null fields in Patch requests. 1912 NullFields []string `json:"-"` 1913} 1914 1915func (s *GoogleIdentityAccesscontextmanagerV1MethodSelector) MarshalJSON() ([]byte, error) { 1916 type NoMethod GoogleIdentityAccesscontextmanagerV1MethodSelector 1917 raw := NoMethod(*s) 1918 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1919} 1920 1921// GoogleIdentityAccesscontextmanagerV1OsConstraint: A restriction on 1922// the OS type and version of devices making requests. 1923type GoogleIdentityAccesscontextmanagerV1OsConstraint struct { 1924 // MinimumVersion: The minimum allowed OS version. If not set, any 1925 // version of this OS satisfies the constraint. Format: 1926 // "major.minor.patch". Examples: "10.5.301", "9.2.1". 1927 MinimumVersion string `json:"minimumVersion,omitempty"` 1928 1929 // OsType: Required. The allowed OS type. 1930 // 1931 // Possible values: 1932 // "OS_UNSPECIFIED" - The operating system of the device is not 1933 // specified or not known. 1934 // "DESKTOP_MAC" - A desktop Mac operating system. 1935 // "DESKTOP_WINDOWS" - A desktop Windows operating system. 1936 // "DESKTOP_LINUX" - A desktop Linux operating system. 1937 // "DESKTOP_CHROME_OS" - A desktop ChromeOS operating system. 1938 // "ANDROID" - An Android operating system. 1939 // "IOS" - An iOS operating system. 1940 OsType string `json:"osType,omitempty"` 1941 1942 // RequireVerifiedChromeOs: Only allows requests from devices with a 1943 // verified Chrome OS. Verifications includes requirements that the 1944 // device is enterprise-managed, conformant to domain policies, and the 1945 // caller has permission to call the API targeted by the request. 1946 RequireVerifiedChromeOs bool `json:"requireVerifiedChromeOs,omitempty"` 1947 1948 // ForceSendFields is a list of field names (e.g. "MinimumVersion") to 1949 // unconditionally include in API requests. By default, fields with 1950 // empty values are omitted from API requests. However, any non-pointer, 1951 // non-interface field appearing in ForceSendFields will be sent to the 1952 // server regardless of whether the field is empty or not. This may be 1953 // used to include empty fields in Patch requests. 1954 ForceSendFields []string `json:"-"` 1955 1956 // NullFields is a list of field names (e.g. "MinimumVersion") to 1957 // include in API requests with the JSON null value. By default, fields 1958 // with empty values are omitted from API requests. However, any field 1959 // with an empty value appearing in NullFields will be sent to the 1960 // server as null. It is an error if a field in this list has a 1961 // non-empty value. This may be used to include null fields in Patch 1962 // requests. 1963 NullFields []string `json:"-"` 1964} 1965 1966func (s *GoogleIdentityAccesscontextmanagerV1OsConstraint) MarshalJSON() ([]byte, error) { 1967 type NoMethod GoogleIdentityAccesscontextmanagerV1OsConstraint 1968 raw := NoMethod(*s) 1969 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1970} 1971 1972// GoogleIdentityAccesscontextmanagerV1ServicePerimeter: 1973// `ServicePerimeter` describes a set of Google Cloud resources which 1974// can freely import and export data amongst themselves, but not export 1975// outside of the `ServicePerimeter`. If a request with a source within 1976// this `ServicePerimeter` has a target outside of the 1977// `ServicePerimeter`, the request will be blocked. Otherwise the 1978// request is allowed. There are two types of Service Perimeter - 1979// Regular and Bridge. Regular Service Perimeters cannot overlap, a 1980// single Google Cloud project can only belong to a single regular 1981// Service Perimeter. Service Perimeter Bridges can contain only Google 1982// Cloud projects as members, a single Google Cloud project may belong 1983// to multiple Service Perimeter Bridges. 1984type GoogleIdentityAccesscontextmanagerV1ServicePerimeter struct { 1985 // Description: Description of the `ServicePerimeter` and its use. Does 1986 // not affect behavior. 1987 Description string `json:"description,omitempty"` 1988 1989 // Name: Required. Resource name for the ServicePerimeter. The 1990 // `short_name` component must begin with a letter and only include 1991 // alphanumeric and '_'. Format: 1992 // `accessPolicies/{policy_id}/servicePerimeters/{short_name}` 1993 Name string `json:"name,omitempty"` 1994 1995 // PerimeterType: Perimeter type indicator. A single project is allowed 1996 // to be a member of single regular perimeter, but multiple service 1997 // perimeter bridges. A project cannot be a included in a perimeter 1998 // bridge without being included in regular perimeter. For perimeter 1999 // bridges, the restricted service list as well as access level lists 2000 // must be empty. 2001 // 2002 // Possible values: 2003 // "PERIMETER_TYPE_REGULAR" - Regular Perimeter. 2004 // "PERIMETER_TYPE_BRIDGE" - Perimeter Bridge. 2005 PerimeterType string `json:"perimeterType,omitempty"` 2006 2007 // Spec: Proposed (or dry run) ServicePerimeter configuration. This 2008 // configuration allows to specify and test ServicePerimeter 2009 // configuration without enforcing actual access restrictions. Only 2010 // allowed to be set when the "use_explicit_dry_run_spec" flag is set. 2011 Spec *GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig `json:"spec,omitempty"` 2012 2013 // Status: Current ServicePerimeter configuration. Specifies sets of 2014 // resources, restricted services and access levels that determine 2015 // perimeter content and boundaries. 2016 Status *GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig `json:"status,omitempty"` 2017 2018 // Title: Human readable title. Must be unique within the Policy. 2019 Title string `json:"title,omitempty"` 2020 2021 // UseExplicitDryRunSpec: Use explicit dry run spec flag. Ordinarily, a 2022 // dry-run spec implicitly exists for all Service Perimeters, and that 2023 // spec is identical to the status for those Service Perimeters. When 2024 // this flag is set, it inhibits the generation of the implicit spec, 2025 // thereby allowing the user to explicitly provide a configuration 2026 // ("spec") to use in a dry-run version of the Service Perimeter. This 2027 // allows the user to test changes to the enforced config ("status") 2028 // without actually enforcing them. This testing is done through 2029 // analyzing the differences between currently enforced and suggested 2030 // restrictions. use_explicit_dry_run_spec must bet set to True if any 2031 // of the fields in the spec are set to non-default values. 2032 UseExplicitDryRunSpec bool `json:"useExplicitDryRunSpec,omitempty"` 2033 2034 // ForceSendFields is a list of field names (e.g. "Description") to 2035 // unconditionally include in API requests. By default, fields with 2036 // empty values are omitted from API requests. However, any non-pointer, 2037 // non-interface field appearing in ForceSendFields will be sent to the 2038 // server regardless of whether the field is empty or not. This may be 2039 // used to include empty fields in Patch requests. 2040 ForceSendFields []string `json:"-"` 2041 2042 // NullFields is a list of field names (e.g. "Description") to include 2043 // in API requests with the JSON null value. By default, fields with 2044 // empty values are omitted from API requests. However, any field with 2045 // an empty value appearing in NullFields will be sent to the server as 2046 // null. It is an error if a field in this list has a non-empty value. 2047 // This may be used to include null fields in Patch requests. 2048 NullFields []string `json:"-"` 2049} 2050 2051func (s *GoogleIdentityAccesscontextmanagerV1ServicePerimeter) MarshalJSON() ([]byte, error) { 2052 type NoMethod GoogleIdentityAccesscontextmanagerV1ServicePerimeter 2053 raw := NoMethod(*s) 2054 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2055} 2056 2057// GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig: 2058// `ServicePerimeterConfig` specifies a set of Google Cloud resources 2059// that describe specific Service Perimeter configuration. 2060type GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig struct { 2061 // AccessLevels: A list of `AccessLevel` resource names that allow 2062 // resources within the `ServicePerimeter` to be accessed from the 2063 // internet. `AccessLevels` listed must be in the same policy as this 2064 // `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a 2065 // syntax error. If no `AccessLevel` names are listed, resources within 2066 // the perimeter can only be accessed via Google Cloud calls with 2067 // request origins within the perimeter. Example: 2068 // "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service 2069 // Perimeter Bridge, must be empty. 2070 AccessLevels []string `json:"accessLevels,omitempty"` 2071 2072 // EgressPolicies: List of EgressPolicies to apply to the perimeter. A 2073 // perimeter may have multiple EgressPolicies, each of which is 2074 // evaluated separately. Access is granted if any EgressPolicy grants 2075 // it. Must be empty for a perimeter bridge. 2076 EgressPolicies []*GoogleIdentityAccesscontextmanagerV1EgressPolicy `json:"egressPolicies,omitempty"` 2077 2078 // IngressPolicies: List of IngressPolicies to apply to the perimeter. A 2079 // perimeter may have multiple IngressPolicies, each of which is 2080 // evaluated separately. Access is granted if any Ingress Policy grants 2081 // it. Must be empty for a perimeter bridge. 2082 IngressPolicies []*GoogleIdentityAccesscontextmanagerV1IngressPolicy `json:"ingressPolicies,omitempty"` 2083 2084 // Resources: A list of Google Cloud resources that are inside of the 2085 // service perimeter. Currently only projects are allowed. Format: 2086 // `projects/{project_number}` 2087 Resources []string `json:"resources,omitempty"` 2088 2089 // RestrictedServices: Google Cloud services that are subject to the 2090 // Service Perimeter restrictions. For example, if 2091 // `storage.googleapis.com` is specified, access to the storage buckets 2092 // inside the perimeter must meet the perimeter's access restrictions. 2093 RestrictedServices []string `json:"restrictedServices,omitempty"` 2094 2095 // VpcAccessibleServices: Configuration for APIs allowed within 2096 // Perimeter. 2097 VpcAccessibleServices *GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices `json:"vpcAccessibleServices,omitempty"` 2098 2099 // ForceSendFields is a list of field names (e.g. "AccessLevels") to 2100 // unconditionally include in API requests. By default, fields with 2101 // empty values are omitted from API requests. However, any non-pointer, 2102 // non-interface field appearing in ForceSendFields will be sent to the 2103 // server regardless of whether the field is empty or not. This may be 2104 // used to include empty fields in Patch requests. 2105 ForceSendFields []string `json:"-"` 2106 2107 // NullFields is a list of field names (e.g. "AccessLevels") to include 2108 // in API requests with the JSON null value. By default, fields with 2109 // empty values are omitted from API requests. However, any field with 2110 // an empty value appearing in NullFields will be sent to the server as 2111 // null. It is an error if a field in this list has a non-empty value. 2112 // This may be used to include null fields in Patch requests. 2113 NullFields []string `json:"-"` 2114} 2115 2116func (s *GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig) MarshalJSON() ([]byte, error) { 2117 type NoMethod GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig 2118 raw := NoMethod(*s) 2119 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2120} 2121 2122// GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices: Specifies 2123// how APIs are allowed to communicate within the Service Perimeter. 2124type GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices struct { 2125 // AllowedServices: The list of APIs usable within the Service 2126 // Perimeter. Must be empty unless 'enable_restriction' is True. You can 2127 // specify a list of individual services, as well as include the 2128 // 'RESTRICTED-SERVICES' value, which automatically includes all of the 2129 // services protected by the perimeter. 2130 AllowedServices []string `json:"allowedServices,omitempty"` 2131 2132 // EnableRestriction: Whether to restrict API calls within the Service 2133 // Perimeter to the list of APIs specified in 'allowed_services'. 2134 EnableRestriction bool `json:"enableRestriction,omitempty"` 2135 2136 // ForceSendFields is a list of field names (e.g. "AllowedServices") to 2137 // unconditionally include in API requests. By default, fields with 2138 // empty values are omitted from API requests. However, any non-pointer, 2139 // non-interface field appearing in ForceSendFields will be sent to the 2140 // server regardless of whether the field is empty or not. This may be 2141 // used to include empty fields in Patch requests. 2142 ForceSendFields []string `json:"-"` 2143 2144 // NullFields is a list of field names (e.g. "AllowedServices") to 2145 // include in API requests with the JSON null value. By default, fields 2146 // with empty values are omitted from API requests. However, any field 2147 // with an empty value appearing in NullFields will be sent to the 2148 // server as null. It is an error if a field in this list has a 2149 // non-empty value. This may be used to include null fields in Patch 2150 // requests. 2151 NullFields []string `json:"-"` 2152} 2153 2154func (s *GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices) MarshalJSON() ([]byte, error) { 2155 type NoMethod GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices 2156 raw := NoMethod(*s) 2157 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2158} 2159 2160// Operation: This resource represents a long-running operation that is 2161// the result of a network API call. 2162type Operation struct { 2163 // Done: If the value is `false`, it means the operation is still in 2164 // progress. If `true`, the operation is completed, and either `error` 2165 // or `response` is available. 2166 Done bool `json:"done,omitempty"` 2167 2168 // Error: The error result of the operation in case of failure or 2169 // cancellation. 2170 Error *Status `json:"error,omitempty"` 2171 2172 // Metadata: Service-specific metadata associated with the operation. It 2173 // typically contains progress information and common metadata such as 2174 // create time. Some services might not provide such metadata. Any 2175 // method that returns a long-running operation should document the 2176 // metadata type, if any. 2177 Metadata googleapi.RawMessage `json:"metadata,omitempty"` 2178 2179 // Name: The server-assigned name, which is only unique within the same 2180 // service that originally returns it. If you use the default HTTP 2181 // mapping, the `name` should be a resource name ending with 2182 // `operations/{unique_id}`. 2183 Name string `json:"name,omitempty"` 2184 2185 // Response: The normal response of the operation in case of success. If 2186 // the original method returns no data on success, such as `Delete`, the 2187 // response is `google.protobuf.Empty`. If the original method is 2188 // standard `Get`/`Create`/`Update`, the response should be the 2189 // resource. For other methods, the response should have the type 2190 // `XxxResponse`, where `Xxx` is the original method name. For example, 2191 // if the original method name is `TakeSnapshot()`, the inferred 2192 // response type is `TakeSnapshotResponse`. 2193 Response googleapi.RawMessage `json:"response,omitempty"` 2194 2195 // ServerResponse contains the HTTP response code and headers from the 2196 // server. 2197 googleapi.ServerResponse `json:"-"` 2198 2199 // ForceSendFields is a list of field names (e.g. "Done") to 2200 // unconditionally include in API requests. By default, fields with 2201 // empty values are omitted from API requests. However, any non-pointer, 2202 // non-interface field appearing in ForceSendFields will be sent to the 2203 // server regardless of whether the field is empty or not. This may be 2204 // used to include empty fields in Patch requests. 2205 ForceSendFields []string `json:"-"` 2206 2207 // NullFields is a list of field names (e.g. "Done") to include in API 2208 // requests with the JSON null value. By default, fields with empty 2209 // values are omitted from API requests. However, any field with an 2210 // empty value appearing in NullFields will be sent to the server as 2211 // null. It is an error if a field in this list has a non-empty value. 2212 // This may be used to include null fields in Patch requests. 2213 NullFields []string `json:"-"` 2214} 2215 2216func (s *Operation) MarshalJSON() ([]byte, error) { 2217 type NoMethod Operation 2218 raw := NoMethod(*s) 2219 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2220} 2221 2222// OutputConfig: Output configuration for export assets destination. 2223type OutputConfig struct { 2224 // GcsDestination: Destination on Cloud Storage. 2225 GcsDestination *GcsDestination `json:"gcsDestination,omitempty"` 2226 2227 // ForceSendFields is a list of field names (e.g. "GcsDestination") to 2228 // unconditionally include in API requests. By default, fields with 2229 // empty values are omitted from API requests. However, any non-pointer, 2230 // non-interface field appearing in ForceSendFields will be sent to the 2231 // server regardless of whether the field is empty or not. This may be 2232 // used to include empty fields in Patch requests. 2233 ForceSendFields []string `json:"-"` 2234 2235 // NullFields is a list of field names (e.g. "GcsDestination") to 2236 // include in API requests with the JSON null value. By default, fields 2237 // with empty values are omitted from API requests. However, any field 2238 // with an empty value appearing in NullFields will be sent to the 2239 // server as null. It is an error if a field in this list has a 2240 // non-empty value. This may be used to include null fields in Patch 2241 // requests. 2242 NullFields []string `json:"-"` 2243} 2244 2245func (s *OutputConfig) MarshalJSON() ([]byte, error) { 2246 type NoMethod OutputConfig 2247 raw := NoMethod(*s) 2248 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2249} 2250 2251// Policy: An Identity and Access Management (IAM) policy, which 2252// specifies access controls for Google Cloud resources. A `Policy` is a 2253// collection of `bindings`. A `binding` binds one or more `members` to 2254// a single `role`. Members can be user accounts, service accounts, 2255// Google groups, and domains (such as G Suite). A `role` is a named 2256// list of permissions; each `role` can be an IAM predefined role or a 2257// user-created custom role. For some types of Google Cloud resources, a 2258// `binding` can also specify a `condition`, which is a logical 2259// expression that allows access to a resource only if the expression 2260// evaluates to `true`. A condition can add constraints based on 2261// attributes of the request, the resource, or both. To learn which 2262// resources support conditions in their IAM policies, see the IAM 2263// documentation 2264// (https://cloud.google.com/iam/help/conditions/resource-policies). 2265// **JSON example:** { "bindings": [ { "role": 2266// "roles/resourcemanager.organizationAdmin", "members": [ 2267// "user:mike@example.com", "group:admins@example.com", 2268// "domain:google.com", 2269// "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { 2270// "role": "roles/resourcemanager.organizationViewer", "members": [ 2271// "user:eve@example.com" ], "condition": { "title": "expirable access", 2272// "description": "Does not grant access after Sep 2020", "expression": 2273// "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], 2274// "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - 2275// members: - user:mike@example.com - group:admins@example.com - 2276// domain:google.com - 2277// serviceAccount:my-project-id@appspot.gserviceaccount.com role: 2278// roles/resourcemanager.organizationAdmin - members: - 2279// user:eve@example.com role: roles/resourcemanager.organizationViewer 2280// condition: title: expirable access description: Does not grant access 2281// after Sep 2020 expression: request.time < 2282// timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 2283// 3 For a description of IAM and its features, see the IAM 2284// documentation (https://cloud.google.com/iam/docs/). 2285type Policy struct { 2286 // AuditConfigs: Specifies cloud audit logging configuration for this 2287 // policy. 2288 AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"` 2289 2290 // Bindings: Associates a list of `members` to a `role`. Optionally, may 2291 // specify a `condition` that determines how and when the `bindings` are 2292 // applied. Each of the `bindings` must contain at least one member. 2293 Bindings []*Binding `json:"bindings,omitempty"` 2294 2295 // Etag: `etag` is used for optimistic concurrency control as a way to 2296 // help prevent simultaneous updates of a policy from overwriting each 2297 // other. It is strongly suggested that systems make use of the `etag` 2298 // in the read-modify-write cycle to perform policy updates in order to 2299 // avoid race conditions: An `etag` is returned in the response to 2300 // `getIamPolicy`, and systems are expected to put that etag in the 2301 // request to `setIamPolicy` to ensure that their change will be applied 2302 // to the same version of the policy. **Important:** If you use IAM 2303 // Conditions, you must include the `etag` field whenever you call 2304 // `setIamPolicy`. If you omit this field, then IAM allows you to 2305 // overwrite a version `3` policy with a version `1` policy, and all of 2306 // the conditions in the version `3` policy are lost. 2307 Etag string `json:"etag,omitempty"` 2308 2309 // Version: Specifies the format of the policy. Valid values are `0`, 2310 // `1`, and `3`. Requests that specify an invalid value are rejected. 2311 // Any operation that affects conditional role bindings must specify 2312 // version `3`. This requirement applies to the following operations: * 2313 // Getting a policy that includes a conditional role binding * Adding a 2314 // conditional role binding to a policy * Changing a conditional role 2315 // binding in a policy * Removing any role binding, with or without a 2316 // condition, from a policy that includes conditions **Important:** If 2317 // you use IAM Conditions, you must include the `etag` field whenever 2318 // you call `setIamPolicy`. If you omit this field, then IAM allows you 2319 // to overwrite a version `3` policy with a version `1` policy, and all 2320 // of the conditions in the version `3` policy are lost. If a policy 2321 // does not include any conditions, operations on that policy may 2322 // specify any valid version or leave the field unset. To learn which 2323 // resources support conditions in their IAM policies, see the IAM 2324 // documentation 2325 // (https://cloud.google.com/iam/help/conditions/resource-policies). 2326 Version int64 `json:"version,omitempty"` 2327 2328 // ForceSendFields is a list of field names (e.g. "AuditConfigs") to 2329 // unconditionally include in API requests. By default, fields with 2330 // empty values are omitted from API requests. However, any non-pointer, 2331 // non-interface field appearing in ForceSendFields will be sent to the 2332 // server regardless of whether the field is empty or not. This may be 2333 // used to include empty fields in Patch requests. 2334 ForceSendFields []string `json:"-"` 2335 2336 // NullFields is a list of field names (e.g. "AuditConfigs") to include 2337 // in API requests with the JSON null value. By default, fields with 2338 // empty values are omitted from API requests. However, any field with 2339 // an empty value appearing in NullFields will be sent to the server as 2340 // null. It is an error if a field in this list has a non-empty value. 2341 // This may be used to include null fields in Patch requests. 2342 NullFields []string `json:"-"` 2343} 2344 2345func (s *Policy) MarshalJSON() ([]byte, error) { 2346 type NoMethod Policy 2347 raw := NoMethod(*s) 2348 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2349} 2350 2351// Resource: A representation of a Google Cloud resource. 2352type Resource struct { 2353 // Data: The content of the resource, in which some sensitive fields are 2354 // removed and may not be present. 2355 Data googleapi.RawMessage `json:"data,omitempty"` 2356 2357 // DiscoveryDocumentUri: The URL of the discovery document containing 2358 // the resource's JSON schema. Example: 2359 // `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` This 2360 // value is unspecified for resources that do not have an API based on a 2361 // discovery document, such as Cloud Bigtable. 2362 DiscoveryDocumentUri string `json:"discoveryDocumentUri,omitempty"` 2363 2364 // DiscoveryName: The JSON schema name listed in the discovery document. 2365 // Example: `Project` This value is unspecified for resources that do 2366 // not have an API based on a discovery document, such as Cloud 2367 // Bigtable. 2368 DiscoveryName string `json:"discoveryName,omitempty"` 2369 2370 // Parent: The full name of the immediate parent of this resource. See 2371 // Resource Names 2372 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) 2373 // for more information. For Google Cloud assets, this value is the 2374 // parent resource defined in the Cloud IAM policy hierarchy 2375 // (https://cloud.google.com/iam/docs/overview#policy_hierarchy). 2376 // Example: 2377 // `//cloudresourcemanager.googleapis.com/projects/my_project_123` For 2378 // third-party assets, this field may be set differently. 2379 Parent string `json:"parent,omitempty"` 2380 2381 // ResourceUrl: The REST URL for accessing the resource. An HTTP `GET` 2382 // request using this URL returns the resource itself. Example: 2383 // `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-12 2384 // 3` This value is unspecified for resources without a REST API. 2385 ResourceUrl string `json:"resourceUrl,omitempty"` 2386 2387 // Version: The API version. Example: `v1` 2388 Version string `json:"version,omitempty"` 2389 2390 // ForceSendFields is a list of field names (e.g. "Data") to 2391 // unconditionally include in API requests. By default, fields with 2392 // empty values are omitted from API requests. However, any non-pointer, 2393 // non-interface field appearing in ForceSendFields will be sent to the 2394 // server regardless of whether the field is empty or not. This may be 2395 // used to include empty fields in Patch requests. 2396 ForceSendFields []string `json:"-"` 2397 2398 // NullFields is a list of field names (e.g. "Data") to include in API 2399 // requests with the JSON null value. By default, fields with empty 2400 // values are omitted from API requests. However, any field with an 2401 // empty value appearing in NullFields will be sent to the server as 2402 // null. It is an error if a field in this list has a non-empty value. 2403 // This may be used to include null fields in Patch requests. 2404 NullFields []string `json:"-"` 2405} 2406 2407func (s *Resource) MarshalJSON() ([]byte, error) { 2408 type NoMethod Resource 2409 raw := NoMethod(*s) 2410 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2411} 2412 2413// Status: The `Status` type defines a logical error model that is 2414// suitable for different programming environments, including REST APIs 2415// and RPC APIs. It is used by gRPC (https://github.com/grpc). Each 2416// `Status` message contains three pieces of data: error code, error 2417// message, and error details. You can find out more about this error 2418// model and how to work with it in the API Design Guide 2419// (https://cloud.google.com/apis/design/errors). 2420type Status struct { 2421 // Code: The status code, which should be an enum value of 2422 // google.rpc.Code. 2423 Code int64 `json:"code,omitempty"` 2424 2425 // Details: A list of messages that carry the error details. There is a 2426 // common set of message types for APIs to use. 2427 Details []googleapi.RawMessage `json:"details,omitempty"` 2428 2429 // Message: A developer-facing error message, which should be in 2430 // English. Any user-facing error message should be localized and sent 2431 // in the google.rpc.Status.details field, or localized by the client. 2432 Message string `json:"message,omitempty"` 2433 2434 // ForceSendFields is a list of field names (e.g. "Code") to 2435 // unconditionally include in API requests. By default, fields with 2436 // empty values are omitted from API requests. However, any non-pointer, 2437 // non-interface field appearing in ForceSendFields will be sent to the 2438 // server regardless of whether the field is empty or not. This may be 2439 // used to include empty fields in Patch requests. 2440 ForceSendFields []string `json:"-"` 2441 2442 // NullFields is a list of field names (e.g. "Code") to include in API 2443 // requests with the JSON null value. By default, fields with empty 2444 // values are omitted from API requests. However, any field with an 2445 // empty value appearing in NullFields will be sent to the server as 2446 // null. It is an error if a field in this list has a non-empty value. 2447 // This may be used to include null fields in Patch requests. 2448 NullFields []string `json:"-"` 2449} 2450 2451func (s *Status) MarshalJSON() ([]byte, error) { 2452 type NoMethod Status 2453 raw := NoMethod(*s) 2454 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2455} 2456 2457// TemporalAsset: An asset in Google Cloud and its temporal metadata, 2458// including the time window when it was observed and its status during 2459// that window. 2460type TemporalAsset struct { 2461 // Asset: An asset in Google Cloud. 2462 Asset *Asset `json:"asset,omitempty"` 2463 2464 // Deleted: Whether the asset has been deleted or not. 2465 Deleted bool `json:"deleted,omitempty"` 2466 2467 // Window: The time window when the asset data and state was observed. 2468 Window *TimeWindow `json:"window,omitempty"` 2469 2470 // ForceSendFields is a list of field names (e.g. "Asset") to 2471 // unconditionally include in API requests. By default, fields with 2472 // empty values are omitted from API requests. However, any non-pointer, 2473 // non-interface field appearing in ForceSendFields will be sent to the 2474 // server regardless of whether the field is empty or not. This may be 2475 // used to include empty fields in Patch requests. 2476 ForceSendFields []string `json:"-"` 2477 2478 // NullFields is a list of field names (e.g. "Asset") to include in API 2479 // requests with the JSON null value. By default, fields with empty 2480 // values are omitted from API requests. However, any field with an 2481 // empty value appearing in NullFields will be sent to the server as 2482 // null. It is an error if a field in this list has a non-empty value. 2483 // This may be used to include null fields in Patch requests. 2484 NullFields []string `json:"-"` 2485} 2486 2487func (s *TemporalAsset) MarshalJSON() ([]byte, error) { 2488 type NoMethod TemporalAsset 2489 raw := NoMethod(*s) 2490 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2491} 2492 2493// TimeWindow: A time window specified by its `start_time` and 2494// `end_time`. 2495type TimeWindow struct { 2496 // EndTime: End time of the time window (inclusive). If not specified, 2497 // the current timestamp is used instead. 2498 EndTime string `json:"endTime,omitempty"` 2499 2500 // StartTime: Start time of the time window (exclusive). 2501 StartTime string `json:"startTime,omitempty"` 2502 2503 // ForceSendFields is a list of field names (e.g. "EndTime") to 2504 // unconditionally include in API requests. By default, fields with 2505 // empty values are omitted from API requests. However, any non-pointer, 2506 // non-interface field appearing in ForceSendFields will be sent to the 2507 // server regardless of whether the field is empty or not. This may be 2508 // used to include empty fields in Patch requests. 2509 ForceSendFields []string `json:"-"` 2510 2511 // NullFields is a list of field names (e.g. "EndTime") to include in 2512 // API requests with the JSON null value. By default, fields with empty 2513 // values are omitted from API requests. However, any field with an 2514 // empty value appearing in NullFields will be sent to the server as 2515 // null. It is an error if a field in this list has a non-empty value. 2516 // This may be used to include null fields in Patch requests. 2517 NullFields []string `json:"-"` 2518} 2519 2520func (s *TimeWindow) MarshalJSON() ([]byte, error) { 2521 type NoMethod TimeWindow 2522 raw := NoMethod(*s) 2523 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2524} 2525 2526// method id "cloudasset.folders.exportAssets": 2527 2528type FoldersExportAssetsCall struct { 2529 s *Service 2530 parent string 2531 exportassetsrequest *ExportAssetsRequest 2532 urlParams_ gensupport.URLParams 2533 ctx_ context.Context 2534 header_ http.Header 2535} 2536 2537// ExportAssets: Exports assets with time and resource types to a given 2538// Cloud Storage location. The output format is newline-delimited JSON. 2539// This API implements the google.longrunning.Operation API allowing you 2540// to keep track of the export. We recommend intervals of at least 2 2541// seconds with exponential retry to poll the export operation result. 2542// For regular-size resource parent, the export operation usually 2543// finishes within 5 minutes. 2544// 2545// - parent: The relative name of the root asset. This can only be an 2546// organization number (such as "organizations/123"), a project ID 2547// (such as "projects/my-project-id"), a project number (such as 2548// "projects/12345"), or a folder number (such as "folders/123"). 2549func (r *FoldersService) ExportAssets(parent string, exportassetsrequest *ExportAssetsRequest) *FoldersExportAssetsCall { 2550 c := &FoldersExportAssetsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2551 c.parent = parent 2552 c.exportassetsrequest = exportassetsrequest 2553 return c 2554} 2555 2556// Fields allows partial responses to be retrieved. See 2557// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2558// for more information. 2559func (c *FoldersExportAssetsCall) Fields(s ...googleapi.Field) *FoldersExportAssetsCall { 2560 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2561 return c 2562} 2563 2564// Context sets the context to be used in this call's Do method. Any 2565// pending HTTP request will be aborted if the provided context is 2566// canceled. 2567func (c *FoldersExportAssetsCall) Context(ctx context.Context) *FoldersExportAssetsCall { 2568 c.ctx_ = ctx 2569 return c 2570} 2571 2572// Header returns an http.Header that can be modified by the caller to 2573// add HTTP headers to the request. 2574func (c *FoldersExportAssetsCall) Header() http.Header { 2575 if c.header_ == nil { 2576 c.header_ = make(http.Header) 2577 } 2578 return c.header_ 2579} 2580 2581func (c *FoldersExportAssetsCall) doRequest(alt string) (*http.Response, error) { 2582 reqHeaders := make(http.Header) 2583 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210410") 2584 for k, v := range c.header_ { 2585 reqHeaders[k] = v 2586 } 2587 reqHeaders.Set("User-Agent", c.s.userAgent()) 2588 var body io.Reader = nil 2589 body, err := googleapi.WithoutDataWrapper.JSONReader(c.exportassetsrequest) 2590 if err != nil { 2591 return nil, err 2592 } 2593 reqHeaders.Set("Content-Type", "application/json") 2594 c.urlParams_.Set("alt", alt) 2595 c.urlParams_.Set("prettyPrint", "false") 2596 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}:exportAssets") 2597 urls += "?" + c.urlParams_.Encode() 2598 req, err := http.NewRequest("POST", urls, body) 2599 if err != nil { 2600 return nil, err 2601 } 2602 req.Header = reqHeaders 2603 googleapi.Expand(req.URL, map[string]string{ 2604 "parent": c.parent, 2605 }) 2606 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2607} 2608 2609// Do executes the "cloudasset.folders.exportAssets" call. 2610// Exactly one of *Operation or error will be non-nil. Any non-2xx 2611// status code is an error. Response headers are in either 2612// *Operation.ServerResponse.Header or (if a response was returned at 2613// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 2614// to check whether the returned error was because 2615// http.StatusNotModified was returned. 2616func (c *FoldersExportAssetsCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 2617 gensupport.SetOptions(c.urlParams_, opts...) 2618 res, err := c.doRequest("json") 2619 if res != nil && res.StatusCode == http.StatusNotModified { 2620 if res.Body != nil { 2621 res.Body.Close() 2622 } 2623 return nil, &googleapi.Error{ 2624 Code: res.StatusCode, 2625 Header: res.Header, 2626 } 2627 } 2628 if err != nil { 2629 return nil, err 2630 } 2631 defer googleapi.CloseBody(res) 2632 if err := googleapi.CheckResponse(res); err != nil { 2633 return nil, err 2634 } 2635 ret := &Operation{ 2636 ServerResponse: googleapi.ServerResponse{ 2637 Header: res.Header, 2638 HTTPStatusCode: res.StatusCode, 2639 }, 2640 } 2641 target := &ret 2642 if err := gensupport.DecodeResponse(target, res); err != nil { 2643 return nil, err 2644 } 2645 return ret, nil 2646 // { 2647 // "description": "Exports assets with time and resource types to a given Cloud Storage location. The output format is newline-delimited JSON. This API implements the google.longrunning.Operation API allowing you to keep track of the export. We recommend intervals of at least 2 seconds with exponential retry to poll the export operation result. For regular-size resource parent, the export operation usually finishes within 5 minutes.", 2648 // "flatPath": "v1beta1/folders/{foldersId}:exportAssets", 2649 // "httpMethod": "POST", 2650 // "id": "cloudasset.folders.exportAssets", 2651 // "parameterOrder": [ 2652 // "parent" 2653 // ], 2654 // "parameters": { 2655 // "parent": { 2656 // "description": "Required. The relative name of the root asset. This can only be an organization number (such as \"organizations/123\"), a project ID (such as \"projects/my-project-id\"), a project number (such as \"projects/12345\"), or a folder number (such as \"folders/123\").", 2657 // "location": "path", 2658 // "pattern": "^folders/[^/]+$", 2659 // "required": true, 2660 // "type": "string" 2661 // } 2662 // }, 2663 // "path": "v1beta1/{+parent}:exportAssets", 2664 // "request": { 2665 // "$ref": "ExportAssetsRequest" 2666 // }, 2667 // "response": { 2668 // "$ref": "Operation" 2669 // }, 2670 // "scopes": [ 2671 // "https://www.googleapis.com/auth/cloud-platform" 2672 // ] 2673 // } 2674 2675} 2676 2677// method id "cloudasset.folders.operations.get": 2678 2679type FoldersOperationsGetCall struct { 2680 s *Service 2681 name string 2682 urlParams_ gensupport.URLParams 2683 ifNoneMatch_ string 2684 ctx_ context.Context 2685 header_ http.Header 2686} 2687 2688// Get: Gets the latest state of a long-running operation. Clients can 2689// use this method to poll the operation result at intervals as 2690// recommended by the API service. 2691// 2692// - name: The name of the operation resource. 2693func (r *FoldersOperationsService) Get(name string) *FoldersOperationsGetCall { 2694 c := &FoldersOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2695 c.name = name 2696 return c 2697} 2698 2699// Fields allows partial responses to be retrieved. See 2700// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2701// for more information. 2702func (c *FoldersOperationsGetCall) Fields(s ...googleapi.Field) *FoldersOperationsGetCall { 2703 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2704 return c 2705} 2706 2707// IfNoneMatch sets the optional parameter which makes the operation 2708// fail if the object's ETag matches the given value. This is useful for 2709// getting updates only after the object has changed since the last 2710// request. Use googleapi.IsNotModified to check whether the response 2711// error from Do is the result of In-None-Match. 2712func (c *FoldersOperationsGetCall) IfNoneMatch(entityTag string) *FoldersOperationsGetCall { 2713 c.ifNoneMatch_ = entityTag 2714 return c 2715} 2716 2717// Context sets the context to be used in this call's Do method. Any 2718// pending HTTP request will be aborted if the provided context is 2719// canceled. 2720func (c *FoldersOperationsGetCall) Context(ctx context.Context) *FoldersOperationsGetCall { 2721 c.ctx_ = ctx 2722 return c 2723} 2724 2725// Header returns an http.Header that can be modified by the caller to 2726// add HTTP headers to the request. 2727func (c *FoldersOperationsGetCall) Header() http.Header { 2728 if c.header_ == nil { 2729 c.header_ = make(http.Header) 2730 } 2731 return c.header_ 2732} 2733 2734func (c *FoldersOperationsGetCall) doRequest(alt string) (*http.Response, error) { 2735 reqHeaders := make(http.Header) 2736 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210410") 2737 for k, v := range c.header_ { 2738 reqHeaders[k] = v 2739 } 2740 reqHeaders.Set("User-Agent", c.s.userAgent()) 2741 if c.ifNoneMatch_ != "" { 2742 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 2743 } 2744 var body io.Reader = nil 2745 c.urlParams_.Set("alt", alt) 2746 c.urlParams_.Set("prettyPrint", "false") 2747 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}") 2748 urls += "?" + c.urlParams_.Encode() 2749 req, err := http.NewRequest("GET", urls, body) 2750 if err != nil { 2751 return nil, err 2752 } 2753 req.Header = reqHeaders 2754 googleapi.Expand(req.URL, map[string]string{ 2755 "name": c.name, 2756 }) 2757 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2758} 2759 2760// Do executes the "cloudasset.folders.operations.get" call. 2761// Exactly one of *Operation or error will be non-nil. Any non-2xx 2762// status code is an error. Response headers are in either 2763// *Operation.ServerResponse.Header or (if a response was returned at 2764// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 2765// to check whether the returned error was because 2766// http.StatusNotModified was returned. 2767func (c *FoldersOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 2768 gensupport.SetOptions(c.urlParams_, opts...) 2769 res, err := c.doRequest("json") 2770 if res != nil && res.StatusCode == http.StatusNotModified { 2771 if res.Body != nil { 2772 res.Body.Close() 2773 } 2774 return nil, &googleapi.Error{ 2775 Code: res.StatusCode, 2776 Header: res.Header, 2777 } 2778 } 2779 if err != nil { 2780 return nil, err 2781 } 2782 defer googleapi.CloseBody(res) 2783 if err := googleapi.CheckResponse(res); err != nil { 2784 return nil, err 2785 } 2786 ret := &Operation{ 2787 ServerResponse: googleapi.ServerResponse{ 2788 Header: res.Header, 2789 HTTPStatusCode: res.StatusCode, 2790 }, 2791 } 2792 target := &ret 2793 if err := gensupport.DecodeResponse(target, res); err != nil { 2794 return nil, err 2795 } 2796 return ret, nil 2797 // { 2798 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 2799 // "flatPath": "v1beta1/folders/{foldersId}/operations/{operationsId}/{operationsId1}", 2800 // "httpMethod": "GET", 2801 // "id": "cloudasset.folders.operations.get", 2802 // "parameterOrder": [ 2803 // "name" 2804 // ], 2805 // "parameters": { 2806 // "name": { 2807 // "description": "The name of the operation resource.", 2808 // "location": "path", 2809 // "pattern": "^folders/[^/]+/operations/[^/]+/.*$", 2810 // "required": true, 2811 // "type": "string" 2812 // } 2813 // }, 2814 // "path": "v1beta1/{+name}", 2815 // "response": { 2816 // "$ref": "Operation" 2817 // }, 2818 // "scopes": [ 2819 // "https://www.googleapis.com/auth/cloud-platform" 2820 // ] 2821 // } 2822 2823} 2824 2825// method id "cloudasset.organizations.batchGetAssetsHistory": 2826 2827type OrganizationsBatchGetAssetsHistoryCall struct { 2828 s *Service 2829 parent string 2830 urlParams_ gensupport.URLParams 2831 ifNoneMatch_ string 2832 ctx_ context.Context 2833 header_ http.Header 2834} 2835 2836// BatchGetAssetsHistory: Batch gets the update history of assets that 2837// overlap a time window. For IAM_POLICY content, this API outputs 2838// history when the asset and its attached IAM POLICY both exist. This 2839// can create gaps in the output history. Otherwise, this API outputs 2840// history with asset in both non-delete or deleted status. If a 2841// specified asset does not exist, this API returns an INVALID_ARGUMENT 2842// error. 2843// 2844// - parent: The relative name of the root asset. It can only be an 2845// organization number (such as "organizations/123"), a project ID 2846// (such as "projects/my-project-id")", or a project number (such as 2847// "projects/12345"). 2848func (r *OrganizationsService) BatchGetAssetsHistory(parent string) *OrganizationsBatchGetAssetsHistoryCall { 2849 c := &OrganizationsBatchGetAssetsHistoryCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2850 c.parent = parent 2851 return c 2852} 2853 2854// AssetNames sets the optional parameter "assetNames": A list of the 2855// full names of the assets. For example: 2856// `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 2857// s/instance1`. See Resource Names 2858// (https://cloud.google.com/apis/design/resource_names#full_resource_name) 2859// for more info. The request becomes a no-op if the asset name list is 2860// empty, and the max size of the asset name list is 100 in one request. 2861func (c *OrganizationsBatchGetAssetsHistoryCall) AssetNames(assetNames ...string) *OrganizationsBatchGetAssetsHistoryCall { 2862 c.urlParams_.SetMulti("assetNames", append([]string{}, assetNames...)) 2863 return c 2864} 2865 2866// ContentType sets the optional parameter "contentType": The content 2867// type. 2868// 2869// Possible values: 2870// "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. 2871// "RESOURCE" - Resource metadata. 2872// "IAM_POLICY" - The actual IAM policy set on a resource. 2873func (c *OrganizationsBatchGetAssetsHistoryCall) ContentType(contentType string) *OrganizationsBatchGetAssetsHistoryCall { 2874 c.urlParams_.Set("contentType", contentType) 2875 return c 2876} 2877 2878// ReadTimeWindowEndTime sets the optional parameter 2879// "readTimeWindow.endTime": End time of the time window (inclusive). If 2880// not specified, the current timestamp is used instead. 2881func (c *OrganizationsBatchGetAssetsHistoryCall) ReadTimeWindowEndTime(readTimeWindowEndTime string) *OrganizationsBatchGetAssetsHistoryCall { 2882 c.urlParams_.Set("readTimeWindow.endTime", readTimeWindowEndTime) 2883 return c 2884} 2885 2886// ReadTimeWindowStartTime sets the optional parameter 2887// "readTimeWindow.startTime": Start time of the time window 2888// (exclusive). 2889func (c *OrganizationsBatchGetAssetsHistoryCall) ReadTimeWindowStartTime(readTimeWindowStartTime string) *OrganizationsBatchGetAssetsHistoryCall { 2890 c.urlParams_.Set("readTimeWindow.startTime", readTimeWindowStartTime) 2891 return c 2892} 2893 2894// Fields allows partial responses to be retrieved. See 2895// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2896// for more information. 2897func (c *OrganizationsBatchGetAssetsHistoryCall) Fields(s ...googleapi.Field) *OrganizationsBatchGetAssetsHistoryCall { 2898 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2899 return c 2900} 2901 2902// IfNoneMatch sets the optional parameter which makes the operation 2903// fail if the object's ETag matches the given value. This is useful for 2904// getting updates only after the object has changed since the last 2905// request. Use googleapi.IsNotModified to check whether the response 2906// error from Do is the result of In-None-Match. 2907func (c *OrganizationsBatchGetAssetsHistoryCall) IfNoneMatch(entityTag string) *OrganizationsBatchGetAssetsHistoryCall { 2908 c.ifNoneMatch_ = entityTag 2909 return c 2910} 2911 2912// Context sets the context to be used in this call's Do method. Any 2913// pending HTTP request will be aborted if the provided context is 2914// canceled. 2915func (c *OrganizationsBatchGetAssetsHistoryCall) Context(ctx context.Context) *OrganizationsBatchGetAssetsHistoryCall { 2916 c.ctx_ = ctx 2917 return c 2918} 2919 2920// Header returns an http.Header that can be modified by the caller to 2921// add HTTP headers to the request. 2922func (c *OrganizationsBatchGetAssetsHistoryCall) Header() http.Header { 2923 if c.header_ == nil { 2924 c.header_ = make(http.Header) 2925 } 2926 return c.header_ 2927} 2928 2929func (c *OrganizationsBatchGetAssetsHistoryCall) doRequest(alt string) (*http.Response, error) { 2930 reqHeaders := make(http.Header) 2931 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210410") 2932 for k, v := range c.header_ { 2933 reqHeaders[k] = v 2934 } 2935 reqHeaders.Set("User-Agent", c.s.userAgent()) 2936 if c.ifNoneMatch_ != "" { 2937 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 2938 } 2939 var body io.Reader = nil 2940 c.urlParams_.Set("alt", alt) 2941 c.urlParams_.Set("prettyPrint", "false") 2942 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}:batchGetAssetsHistory") 2943 urls += "?" + c.urlParams_.Encode() 2944 req, err := http.NewRequest("GET", urls, body) 2945 if err != nil { 2946 return nil, err 2947 } 2948 req.Header = reqHeaders 2949 googleapi.Expand(req.URL, map[string]string{ 2950 "parent": c.parent, 2951 }) 2952 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2953} 2954 2955// Do executes the "cloudasset.organizations.batchGetAssetsHistory" call. 2956// Exactly one of *BatchGetAssetsHistoryResponse or error will be 2957// non-nil. Any non-2xx status code is an error. Response headers are in 2958// either *BatchGetAssetsHistoryResponse.ServerResponse.Header or (if a 2959// response was returned at all) in error.(*googleapi.Error).Header. Use 2960// googleapi.IsNotModified to check whether the returned error was 2961// because http.StatusNotModified was returned. 2962func (c *OrganizationsBatchGetAssetsHistoryCall) Do(opts ...googleapi.CallOption) (*BatchGetAssetsHistoryResponse, error) { 2963 gensupport.SetOptions(c.urlParams_, opts...) 2964 res, err := c.doRequest("json") 2965 if res != nil && res.StatusCode == http.StatusNotModified { 2966 if res.Body != nil { 2967 res.Body.Close() 2968 } 2969 return nil, &googleapi.Error{ 2970 Code: res.StatusCode, 2971 Header: res.Header, 2972 } 2973 } 2974 if err != nil { 2975 return nil, err 2976 } 2977 defer googleapi.CloseBody(res) 2978 if err := googleapi.CheckResponse(res); err != nil { 2979 return nil, err 2980 } 2981 ret := &BatchGetAssetsHistoryResponse{ 2982 ServerResponse: googleapi.ServerResponse{ 2983 Header: res.Header, 2984 HTTPStatusCode: res.StatusCode, 2985 }, 2986 } 2987 target := &ret 2988 if err := gensupport.DecodeResponse(target, res); err != nil { 2989 return nil, err 2990 } 2991 return ret, nil 2992 // { 2993 // "description": "Batch gets the update history of assets that overlap a time window. For IAM_POLICY content, this API outputs history when the asset and its attached IAM POLICY both exist. This can create gaps in the output history. Otherwise, this API outputs history with asset in both non-delete or deleted status. If a specified asset does not exist, this API returns an INVALID_ARGUMENT error.", 2994 // "flatPath": "v1beta1/organizations/{organizationsId}:batchGetAssetsHistory", 2995 // "httpMethod": "GET", 2996 // "id": "cloudasset.organizations.batchGetAssetsHistory", 2997 // "parameterOrder": [ 2998 // "parent" 2999 // ], 3000 // "parameters": { 3001 // "assetNames": { 3002 // "description": "A list of the full names of the assets. For example: `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. See [Resource Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) for more info. The request becomes a no-op if the asset name list is empty, and the max size of the asset name list is 100 in one request.", 3003 // "location": "query", 3004 // "repeated": true, 3005 // "type": "string" 3006 // }, 3007 // "contentType": { 3008 // "description": "Optional. The content type.", 3009 // "enum": [ 3010 // "CONTENT_TYPE_UNSPECIFIED", 3011 // "RESOURCE", 3012 // "IAM_POLICY" 3013 // ], 3014 // "enumDescriptions": [ 3015 // "Unspecified content type.", 3016 // "Resource metadata.", 3017 // "The actual IAM policy set on a resource." 3018 // ], 3019 // "location": "query", 3020 // "type": "string" 3021 // }, 3022 // "parent": { 3023 // "description": "Required. The relative name of the root asset. It can only be an organization number (such as \"organizations/123\"), a project ID (such as \"projects/my-project-id\")\", or a project number (such as \"projects/12345\").", 3024 // "location": "path", 3025 // "pattern": "^organizations/[^/]+$", 3026 // "required": true, 3027 // "type": "string" 3028 // }, 3029 // "readTimeWindow.endTime": { 3030 // "description": "End time of the time window (inclusive). If not specified, the current timestamp is used instead.", 3031 // "format": "google-datetime", 3032 // "location": "query", 3033 // "type": "string" 3034 // }, 3035 // "readTimeWindow.startTime": { 3036 // "description": "Start time of the time window (exclusive).", 3037 // "format": "google-datetime", 3038 // "location": "query", 3039 // "type": "string" 3040 // } 3041 // }, 3042 // "path": "v1beta1/{+parent}:batchGetAssetsHistory", 3043 // "response": { 3044 // "$ref": "BatchGetAssetsHistoryResponse" 3045 // }, 3046 // "scopes": [ 3047 // "https://www.googleapis.com/auth/cloud-platform" 3048 // ] 3049 // } 3050 3051} 3052 3053// method id "cloudasset.organizations.exportAssets": 3054 3055type OrganizationsExportAssetsCall struct { 3056 s *Service 3057 parent string 3058 exportassetsrequest *ExportAssetsRequest 3059 urlParams_ gensupport.URLParams 3060 ctx_ context.Context 3061 header_ http.Header 3062} 3063 3064// ExportAssets: Exports assets with time and resource types to a given 3065// Cloud Storage location. The output format is newline-delimited JSON. 3066// This API implements the google.longrunning.Operation API allowing you 3067// to keep track of the export. We recommend intervals of at least 2 3068// seconds with exponential retry to poll the export operation result. 3069// For regular-size resource parent, the export operation usually 3070// finishes within 5 minutes. 3071// 3072// - parent: The relative name of the root asset. This can only be an 3073// organization number (such as "organizations/123"), a project ID 3074// (such as "projects/my-project-id"), a project number (such as 3075// "projects/12345"), or a folder number (such as "folders/123"). 3076func (r *OrganizationsService) ExportAssets(parent string, exportassetsrequest *ExportAssetsRequest) *OrganizationsExportAssetsCall { 3077 c := &OrganizationsExportAssetsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3078 c.parent = parent 3079 c.exportassetsrequest = exportassetsrequest 3080 return c 3081} 3082 3083// Fields allows partial responses to be retrieved. See 3084// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3085// for more information. 3086func (c *OrganizationsExportAssetsCall) Fields(s ...googleapi.Field) *OrganizationsExportAssetsCall { 3087 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3088 return c 3089} 3090 3091// Context sets the context to be used in this call's Do method. Any 3092// pending HTTP request will be aborted if the provided context is 3093// canceled. 3094func (c *OrganizationsExportAssetsCall) Context(ctx context.Context) *OrganizationsExportAssetsCall { 3095 c.ctx_ = ctx 3096 return c 3097} 3098 3099// Header returns an http.Header that can be modified by the caller to 3100// add HTTP headers to the request. 3101func (c *OrganizationsExportAssetsCall) Header() http.Header { 3102 if c.header_ == nil { 3103 c.header_ = make(http.Header) 3104 } 3105 return c.header_ 3106} 3107 3108func (c *OrganizationsExportAssetsCall) doRequest(alt string) (*http.Response, error) { 3109 reqHeaders := make(http.Header) 3110 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210410") 3111 for k, v := range c.header_ { 3112 reqHeaders[k] = v 3113 } 3114 reqHeaders.Set("User-Agent", c.s.userAgent()) 3115 var body io.Reader = nil 3116 body, err := googleapi.WithoutDataWrapper.JSONReader(c.exportassetsrequest) 3117 if err != nil { 3118 return nil, err 3119 } 3120 reqHeaders.Set("Content-Type", "application/json") 3121 c.urlParams_.Set("alt", alt) 3122 c.urlParams_.Set("prettyPrint", "false") 3123 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}:exportAssets") 3124 urls += "?" + c.urlParams_.Encode() 3125 req, err := http.NewRequest("POST", urls, body) 3126 if err != nil { 3127 return nil, err 3128 } 3129 req.Header = reqHeaders 3130 googleapi.Expand(req.URL, map[string]string{ 3131 "parent": c.parent, 3132 }) 3133 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3134} 3135 3136// Do executes the "cloudasset.organizations.exportAssets" call. 3137// Exactly one of *Operation or error will be non-nil. Any non-2xx 3138// status code is an error. Response headers are in either 3139// *Operation.ServerResponse.Header or (if a response was returned at 3140// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 3141// to check whether the returned error was because 3142// http.StatusNotModified was returned. 3143func (c *OrganizationsExportAssetsCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 3144 gensupport.SetOptions(c.urlParams_, opts...) 3145 res, err := c.doRequest("json") 3146 if res != nil && res.StatusCode == http.StatusNotModified { 3147 if res.Body != nil { 3148 res.Body.Close() 3149 } 3150 return nil, &googleapi.Error{ 3151 Code: res.StatusCode, 3152 Header: res.Header, 3153 } 3154 } 3155 if err != nil { 3156 return nil, err 3157 } 3158 defer googleapi.CloseBody(res) 3159 if err := googleapi.CheckResponse(res); err != nil { 3160 return nil, err 3161 } 3162 ret := &Operation{ 3163 ServerResponse: googleapi.ServerResponse{ 3164 Header: res.Header, 3165 HTTPStatusCode: res.StatusCode, 3166 }, 3167 } 3168 target := &ret 3169 if err := gensupport.DecodeResponse(target, res); err != nil { 3170 return nil, err 3171 } 3172 return ret, nil 3173 // { 3174 // "description": "Exports assets with time and resource types to a given Cloud Storage location. The output format is newline-delimited JSON. This API implements the google.longrunning.Operation API allowing you to keep track of the export. We recommend intervals of at least 2 seconds with exponential retry to poll the export operation result. For regular-size resource parent, the export operation usually finishes within 5 minutes.", 3175 // "flatPath": "v1beta1/organizations/{organizationsId}:exportAssets", 3176 // "httpMethod": "POST", 3177 // "id": "cloudasset.organizations.exportAssets", 3178 // "parameterOrder": [ 3179 // "parent" 3180 // ], 3181 // "parameters": { 3182 // "parent": { 3183 // "description": "Required. The relative name of the root asset. This can only be an organization number (such as \"organizations/123\"), a project ID (such as \"projects/my-project-id\"), a project number (such as \"projects/12345\"), or a folder number (such as \"folders/123\").", 3184 // "location": "path", 3185 // "pattern": "^organizations/[^/]+$", 3186 // "required": true, 3187 // "type": "string" 3188 // } 3189 // }, 3190 // "path": "v1beta1/{+parent}:exportAssets", 3191 // "request": { 3192 // "$ref": "ExportAssetsRequest" 3193 // }, 3194 // "response": { 3195 // "$ref": "Operation" 3196 // }, 3197 // "scopes": [ 3198 // "https://www.googleapis.com/auth/cloud-platform" 3199 // ] 3200 // } 3201 3202} 3203 3204// method id "cloudasset.organizations.operations.get": 3205 3206type OrganizationsOperationsGetCall struct { 3207 s *Service 3208 name string 3209 urlParams_ gensupport.URLParams 3210 ifNoneMatch_ string 3211 ctx_ context.Context 3212 header_ http.Header 3213} 3214 3215// Get: Gets the latest state of a long-running operation. Clients can 3216// use this method to poll the operation result at intervals as 3217// recommended by the API service. 3218// 3219// - name: The name of the operation resource. 3220func (r *OrganizationsOperationsService) Get(name string) *OrganizationsOperationsGetCall { 3221 c := &OrganizationsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3222 c.name = name 3223 return c 3224} 3225 3226// Fields allows partial responses to be retrieved. See 3227// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3228// for more information. 3229func (c *OrganizationsOperationsGetCall) Fields(s ...googleapi.Field) *OrganizationsOperationsGetCall { 3230 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3231 return c 3232} 3233 3234// IfNoneMatch sets the optional parameter which makes the operation 3235// fail if the object's ETag matches the given value. This is useful for 3236// getting updates only after the object has changed since the last 3237// request. Use googleapi.IsNotModified to check whether the response 3238// error from Do is the result of In-None-Match. 3239func (c *OrganizationsOperationsGetCall) IfNoneMatch(entityTag string) *OrganizationsOperationsGetCall { 3240 c.ifNoneMatch_ = entityTag 3241 return c 3242} 3243 3244// Context sets the context to be used in this call's Do method. Any 3245// pending HTTP request will be aborted if the provided context is 3246// canceled. 3247func (c *OrganizationsOperationsGetCall) Context(ctx context.Context) *OrganizationsOperationsGetCall { 3248 c.ctx_ = ctx 3249 return c 3250} 3251 3252// Header returns an http.Header that can be modified by the caller to 3253// add HTTP headers to the request. 3254func (c *OrganizationsOperationsGetCall) Header() http.Header { 3255 if c.header_ == nil { 3256 c.header_ = make(http.Header) 3257 } 3258 return c.header_ 3259} 3260 3261func (c *OrganizationsOperationsGetCall) doRequest(alt string) (*http.Response, error) { 3262 reqHeaders := make(http.Header) 3263 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210410") 3264 for k, v := range c.header_ { 3265 reqHeaders[k] = v 3266 } 3267 reqHeaders.Set("User-Agent", c.s.userAgent()) 3268 if c.ifNoneMatch_ != "" { 3269 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3270 } 3271 var body io.Reader = nil 3272 c.urlParams_.Set("alt", alt) 3273 c.urlParams_.Set("prettyPrint", "false") 3274 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}") 3275 urls += "?" + c.urlParams_.Encode() 3276 req, err := http.NewRequest("GET", urls, body) 3277 if err != nil { 3278 return nil, err 3279 } 3280 req.Header = reqHeaders 3281 googleapi.Expand(req.URL, map[string]string{ 3282 "name": c.name, 3283 }) 3284 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3285} 3286 3287// Do executes the "cloudasset.organizations.operations.get" call. 3288// Exactly one of *Operation or error will be non-nil. Any non-2xx 3289// status code is an error. Response headers are in either 3290// *Operation.ServerResponse.Header or (if a response was returned at 3291// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 3292// to check whether the returned error was because 3293// http.StatusNotModified was returned. 3294func (c *OrganizationsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 3295 gensupport.SetOptions(c.urlParams_, opts...) 3296 res, err := c.doRequest("json") 3297 if res != nil && res.StatusCode == http.StatusNotModified { 3298 if res.Body != nil { 3299 res.Body.Close() 3300 } 3301 return nil, &googleapi.Error{ 3302 Code: res.StatusCode, 3303 Header: res.Header, 3304 } 3305 } 3306 if err != nil { 3307 return nil, err 3308 } 3309 defer googleapi.CloseBody(res) 3310 if err := googleapi.CheckResponse(res); err != nil { 3311 return nil, err 3312 } 3313 ret := &Operation{ 3314 ServerResponse: googleapi.ServerResponse{ 3315 Header: res.Header, 3316 HTTPStatusCode: res.StatusCode, 3317 }, 3318 } 3319 target := &ret 3320 if err := gensupport.DecodeResponse(target, res); err != nil { 3321 return nil, err 3322 } 3323 return ret, nil 3324 // { 3325 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 3326 // "flatPath": "v1beta1/organizations/{organizationsId}/operations/{operationsId}/{operationsId1}", 3327 // "httpMethod": "GET", 3328 // "id": "cloudasset.organizations.operations.get", 3329 // "parameterOrder": [ 3330 // "name" 3331 // ], 3332 // "parameters": { 3333 // "name": { 3334 // "description": "The name of the operation resource.", 3335 // "location": "path", 3336 // "pattern": "^organizations/[^/]+/operations/[^/]+/.*$", 3337 // "required": true, 3338 // "type": "string" 3339 // } 3340 // }, 3341 // "path": "v1beta1/{+name}", 3342 // "response": { 3343 // "$ref": "Operation" 3344 // }, 3345 // "scopes": [ 3346 // "https://www.googleapis.com/auth/cloud-platform" 3347 // ] 3348 // } 3349 3350} 3351 3352// method id "cloudasset.projects.batchGetAssetsHistory": 3353 3354type ProjectsBatchGetAssetsHistoryCall struct { 3355 s *Service 3356 parent string 3357 urlParams_ gensupport.URLParams 3358 ifNoneMatch_ string 3359 ctx_ context.Context 3360 header_ http.Header 3361} 3362 3363// BatchGetAssetsHistory: Batch gets the update history of assets that 3364// overlap a time window. For IAM_POLICY content, this API outputs 3365// history when the asset and its attached IAM POLICY both exist. This 3366// can create gaps in the output history. Otherwise, this API outputs 3367// history with asset in both non-delete or deleted status. If a 3368// specified asset does not exist, this API returns an INVALID_ARGUMENT 3369// error. 3370// 3371// - parent: The relative name of the root asset. It can only be an 3372// organization number (such as "organizations/123"), a project ID 3373// (such as "projects/my-project-id")", or a project number (such as 3374// "projects/12345"). 3375func (r *ProjectsService) BatchGetAssetsHistory(parent string) *ProjectsBatchGetAssetsHistoryCall { 3376 c := &ProjectsBatchGetAssetsHistoryCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3377 c.parent = parent 3378 return c 3379} 3380 3381// AssetNames sets the optional parameter "assetNames": A list of the 3382// full names of the assets. For example: 3383// `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 3384// s/instance1`. See Resource Names 3385// (https://cloud.google.com/apis/design/resource_names#full_resource_name) 3386// for more info. The request becomes a no-op if the asset name list is 3387// empty, and the max size of the asset name list is 100 in one request. 3388func (c *ProjectsBatchGetAssetsHistoryCall) AssetNames(assetNames ...string) *ProjectsBatchGetAssetsHistoryCall { 3389 c.urlParams_.SetMulti("assetNames", append([]string{}, assetNames...)) 3390 return c 3391} 3392 3393// ContentType sets the optional parameter "contentType": The content 3394// type. 3395// 3396// Possible values: 3397// "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. 3398// "RESOURCE" - Resource metadata. 3399// "IAM_POLICY" - The actual IAM policy set on a resource. 3400func (c *ProjectsBatchGetAssetsHistoryCall) ContentType(contentType string) *ProjectsBatchGetAssetsHistoryCall { 3401 c.urlParams_.Set("contentType", contentType) 3402 return c 3403} 3404 3405// ReadTimeWindowEndTime sets the optional parameter 3406// "readTimeWindow.endTime": End time of the time window (inclusive). If 3407// not specified, the current timestamp is used instead. 3408func (c *ProjectsBatchGetAssetsHistoryCall) ReadTimeWindowEndTime(readTimeWindowEndTime string) *ProjectsBatchGetAssetsHistoryCall { 3409 c.urlParams_.Set("readTimeWindow.endTime", readTimeWindowEndTime) 3410 return c 3411} 3412 3413// ReadTimeWindowStartTime sets the optional parameter 3414// "readTimeWindow.startTime": Start time of the time window 3415// (exclusive). 3416func (c *ProjectsBatchGetAssetsHistoryCall) ReadTimeWindowStartTime(readTimeWindowStartTime string) *ProjectsBatchGetAssetsHistoryCall { 3417 c.urlParams_.Set("readTimeWindow.startTime", readTimeWindowStartTime) 3418 return c 3419} 3420 3421// Fields allows partial responses to be retrieved. See 3422// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3423// for more information. 3424func (c *ProjectsBatchGetAssetsHistoryCall) Fields(s ...googleapi.Field) *ProjectsBatchGetAssetsHistoryCall { 3425 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3426 return c 3427} 3428 3429// IfNoneMatch sets the optional parameter which makes the operation 3430// fail if the object's ETag matches the given value. This is useful for 3431// getting updates only after the object has changed since the last 3432// request. Use googleapi.IsNotModified to check whether the response 3433// error from Do is the result of In-None-Match. 3434func (c *ProjectsBatchGetAssetsHistoryCall) IfNoneMatch(entityTag string) *ProjectsBatchGetAssetsHistoryCall { 3435 c.ifNoneMatch_ = entityTag 3436 return c 3437} 3438 3439// Context sets the context to be used in this call's Do method. Any 3440// pending HTTP request will be aborted if the provided context is 3441// canceled. 3442func (c *ProjectsBatchGetAssetsHistoryCall) Context(ctx context.Context) *ProjectsBatchGetAssetsHistoryCall { 3443 c.ctx_ = ctx 3444 return c 3445} 3446 3447// Header returns an http.Header that can be modified by the caller to 3448// add HTTP headers to the request. 3449func (c *ProjectsBatchGetAssetsHistoryCall) Header() http.Header { 3450 if c.header_ == nil { 3451 c.header_ = make(http.Header) 3452 } 3453 return c.header_ 3454} 3455 3456func (c *ProjectsBatchGetAssetsHistoryCall) doRequest(alt string) (*http.Response, error) { 3457 reqHeaders := make(http.Header) 3458 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210410") 3459 for k, v := range c.header_ { 3460 reqHeaders[k] = v 3461 } 3462 reqHeaders.Set("User-Agent", c.s.userAgent()) 3463 if c.ifNoneMatch_ != "" { 3464 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3465 } 3466 var body io.Reader = nil 3467 c.urlParams_.Set("alt", alt) 3468 c.urlParams_.Set("prettyPrint", "false") 3469 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}:batchGetAssetsHistory") 3470 urls += "?" + c.urlParams_.Encode() 3471 req, err := http.NewRequest("GET", urls, body) 3472 if err != nil { 3473 return nil, err 3474 } 3475 req.Header = reqHeaders 3476 googleapi.Expand(req.URL, map[string]string{ 3477 "parent": c.parent, 3478 }) 3479 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3480} 3481 3482// Do executes the "cloudasset.projects.batchGetAssetsHistory" call. 3483// Exactly one of *BatchGetAssetsHistoryResponse or error will be 3484// non-nil. Any non-2xx status code is an error. Response headers are in 3485// either *BatchGetAssetsHistoryResponse.ServerResponse.Header or (if a 3486// response was returned at all) in error.(*googleapi.Error).Header. Use 3487// googleapi.IsNotModified to check whether the returned error was 3488// because http.StatusNotModified was returned. 3489func (c *ProjectsBatchGetAssetsHistoryCall) Do(opts ...googleapi.CallOption) (*BatchGetAssetsHistoryResponse, error) { 3490 gensupport.SetOptions(c.urlParams_, opts...) 3491 res, err := c.doRequest("json") 3492 if res != nil && res.StatusCode == http.StatusNotModified { 3493 if res.Body != nil { 3494 res.Body.Close() 3495 } 3496 return nil, &googleapi.Error{ 3497 Code: res.StatusCode, 3498 Header: res.Header, 3499 } 3500 } 3501 if err != nil { 3502 return nil, err 3503 } 3504 defer googleapi.CloseBody(res) 3505 if err := googleapi.CheckResponse(res); err != nil { 3506 return nil, err 3507 } 3508 ret := &BatchGetAssetsHistoryResponse{ 3509 ServerResponse: googleapi.ServerResponse{ 3510 Header: res.Header, 3511 HTTPStatusCode: res.StatusCode, 3512 }, 3513 } 3514 target := &ret 3515 if err := gensupport.DecodeResponse(target, res); err != nil { 3516 return nil, err 3517 } 3518 return ret, nil 3519 // { 3520 // "description": "Batch gets the update history of assets that overlap a time window. For IAM_POLICY content, this API outputs history when the asset and its attached IAM POLICY both exist. This can create gaps in the output history. Otherwise, this API outputs history with asset in both non-delete or deleted status. If a specified asset does not exist, this API returns an INVALID_ARGUMENT error.", 3521 // "flatPath": "v1beta1/projects/{projectsId}:batchGetAssetsHistory", 3522 // "httpMethod": "GET", 3523 // "id": "cloudasset.projects.batchGetAssetsHistory", 3524 // "parameterOrder": [ 3525 // "parent" 3526 // ], 3527 // "parameters": { 3528 // "assetNames": { 3529 // "description": "A list of the full names of the assets. For example: `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. See [Resource Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) for more info. The request becomes a no-op if the asset name list is empty, and the max size of the asset name list is 100 in one request.", 3530 // "location": "query", 3531 // "repeated": true, 3532 // "type": "string" 3533 // }, 3534 // "contentType": { 3535 // "description": "Optional. The content type.", 3536 // "enum": [ 3537 // "CONTENT_TYPE_UNSPECIFIED", 3538 // "RESOURCE", 3539 // "IAM_POLICY" 3540 // ], 3541 // "enumDescriptions": [ 3542 // "Unspecified content type.", 3543 // "Resource metadata.", 3544 // "The actual IAM policy set on a resource." 3545 // ], 3546 // "location": "query", 3547 // "type": "string" 3548 // }, 3549 // "parent": { 3550 // "description": "Required. The relative name of the root asset. It can only be an organization number (such as \"organizations/123\"), a project ID (such as \"projects/my-project-id\")\", or a project number (such as \"projects/12345\").", 3551 // "location": "path", 3552 // "pattern": "^projects/[^/]+$", 3553 // "required": true, 3554 // "type": "string" 3555 // }, 3556 // "readTimeWindow.endTime": { 3557 // "description": "End time of the time window (inclusive). If not specified, the current timestamp is used instead.", 3558 // "format": "google-datetime", 3559 // "location": "query", 3560 // "type": "string" 3561 // }, 3562 // "readTimeWindow.startTime": { 3563 // "description": "Start time of the time window (exclusive).", 3564 // "format": "google-datetime", 3565 // "location": "query", 3566 // "type": "string" 3567 // } 3568 // }, 3569 // "path": "v1beta1/{+parent}:batchGetAssetsHistory", 3570 // "response": { 3571 // "$ref": "BatchGetAssetsHistoryResponse" 3572 // }, 3573 // "scopes": [ 3574 // "https://www.googleapis.com/auth/cloud-platform" 3575 // ] 3576 // } 3577 3578} 3579 3580// method id "cloudasset.projects.exportAssets": 3581 3582type ProjectsExportAssetsCall struct { 3583 s *Service 3584 parent string 3585 exportassetsrequest *ExportAssetsRequest 3586 urlParams_ gensupport.URLParams 3587 ctx_ context.Context 3588 header_ http.Header 3589} 3590 3591// ExportAssets: Exports assets with time and resource types to a given 3592// Cloud Storage location. The output format is newline-delimited JSON. 3593// This API implements the google.longrunning.Operation API allowing you 3594// to keep track of the export. We recommend intervals of at least 2 3595// seconds with exponential retry to poll the export operation result. 3596// For regular-size resource parent, the export operation usually 3597// finishes within 5 minutes. 3598// 3599// - parent: The relative name of the root asset. This can only be an 3600// organization number (such as "organizations/123"), a project ID 3601// (such as "projects/my-project-id"), a project number (such as 3602// "projects/12345"), or a folder number (such as "folders/123"). 3603func (r *ProjectsService) ExportAssets(parent string, exportassetsrequest *ExportAssetsRequest) *ProjectsExportAssetsCall { 3604 c := &ProjectsExportAssetsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3605 c.parent = parent 3606 c.exportassetsrequest = exportassetsrequest 3607 return c 3608} 3609 3610// Fields allows partial responses to be retrieved. See 3611// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3612// for more information. 3613func (c *ProjectsExportAssetsCall) Fields(s ...googleapi.Field) *ProjectsExportAssetsCall { 3614 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3615 return c 3616} 3617 3618// Context sets the context to be used in this call's Do method. Any 3619// pending HTTP request will be aborted if the provided context is 3620// canceled. 3621func (c *ProjectsExportAssetsCall) Context(ctx context.Context) *ProjectsExportAssetsCall { 3622 c.ctx_ = ctx 3623 return c 3624} 3625 3626// Header returns an http.Header that can be modified by the caller to 3627// add HTTP headers to the request. 3628func (c *ProjectsExportAssetsCall) Header() http.Header { 3629 if c.header_ == nil { 3630 c.header_ = make(http.Header) 3631 } 3632 return c.header_ 3633} 3634 3635func (c *ProjectsExportAssetsCall) doRequest(alt string) (*http.Response, error) { 3636 reqHeaders := make(http.Header) 3637 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210410") 3638 for k, v := range c.header_ { 3639 reqHeaders[k] = v 3640 } 3641 reqHeaders.Set("User-Agent", c.s.userAgent()) 3642 var body io.Reader = nil 3643 body, err := googleapi.WithoutDataWrapper.JSONReader(c.exportassetsrequest) 3644 if err != nil { 3645 return nil, err 3646 } 3647 reqHeaders.Set("Content-Type", "application/json") 3648 c.urlParams_.Set("alt", alt) 3649 c.urlParams_.Set("prettyPrint", "false") 3650 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}:exportAssets") 3651 urls += "?" + c.urlParams_.Encode() 3652 req, err := http.NewRequest("POST", urls, body) 3653 if err != nil { 3654 return nil, err 3655 } 3656 req.Header = reqHeaders 3657 googleapi.Expand(req.URL, map[string]string{ 3658 "parent": c.parent, 3659 }) 3660 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3661} 3662 3663// Do executes the "cloudasset.projects.exportAssets" call. 3664// Exactly one of *Operation or error will be non-nil. Any non-2xx 3665// status code is an error. Response headers are in either 3666// *Operation.ServerResponse.Header or (if a response was returned at 3667// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 3668// to check whether the returned error was because 3669// http.StatusNotModified was returned. 3670func (c *ProjectsExportAssetsCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 3671 gensupport.SetOptions(c.urlParams_, opts...) 3672 res, err := c.doRequest("json") 3673 if res != nil && res.StatusCode == http.StatusNotModified { 3674 if res.Body != nil { 3675 res.Body.Close() 3676 } 3677 return nil, &googleapi.Error{ 3678 Code: res.StatusCode, 3679 Header: res.Header, 3680 } 3681 } 3682 if err != nil { 3683 return nil, err 3684 } 3685 defer googleapi.CloseBody(res) 3686 if err := googleapi.CheckResponse(res); err != nil { 3687 return nil, err 3688 } 3689 ret := &Operation{ 3690 ServerResponse: googleapi.ServerResponse{ 3691 Header: res.Header, 3692 HTTPStatusCode: res.StatusCode, 3693 }, 3694 } 3695 target := &ret 3696 if err := gensupport.DecodeResponse(target, res); err != nil { 3697 return nil, err 3698 } 3699 return ret, nil 3700 // { 3701 // "description": "Exports assets with time and resource types to a given Cloud Storage location. The output format is newline-delimited JSON. This API implements the google.longrunning.Operation API allowing you to keep track of the export. We recommend intervals of at least 2 seconds with exponential retry to poll the export operation result. For regular-size resource parent, the export operation usually finishes within 5 minutes.", 3702 // "flatPath": "v1beta1/projects/{projectsId}:exportAssets", 3703 // "httpMethod": "POST", 3704 // "id": "cloudasset.projects.exportAssets", 3705 // "parameterOrder": [ 3706 // "parent" 3707 // ], 3708 // "parameters": { 3709 // "parent": { 3710 // "description": "Required. The relative name of the root asset. This can only be an organization number (such as \"organizations/123\"), a project ID (such as \"projects/my-project-id\"), a project number (such as \"projects/12345\"), or a folder number (such as \"folders/123\").", 3711 // "location": "path", 3712 // "pattern": "^projects/[^/]+$", 3713 // "required": true, 3714 // "type": "string" 3715 // } 3716 // }, 3717 // "path": "v1beta1/{+parent}:exportAssets", 3718 // "request": { 3719 // "$ref": "ExportAssetsRequest" 3720 // }, 3721 // "response": { 3722 // "$ref": "Operation" 3723 // }, 3724 // "scopes": [ 3725 // "https://www.googleapis.com/auth/cloud-platform" 3726 // ] 3727 // } 3728 3729} 3730 3731// method id "cloudasset.projects.operations.get": 3732 3733type ProjectsOperationsGetCall struct { 3734 s *Service 3735 name string 3736 urlParams_ gensupport.URLParams 3737 ifNoneMatch_ string 3738 ctx_ context.Context 3739 header_ http.Header 3740} 3741 3742// Get: Gets the latest state of a long-running operation. Clients can 3743// use this method to poll the operation result at intervals as 3744// recommended by the API service. 3745// 3746// - name: The name of the operation resource. 3747func (r *ProjectsOperationsService) Get(name string) *ProjectsOperationsGetCall { 3748 c := &ProjectsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3749 c.name = name 3750 return c 3751} 3752 3753// Fields allows partial responses to be retrieved. See 3754// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3755// for more information. 3756func (c *ProjectsOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsOperationsGetCall { 3757 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3758 return c 3759} 3760 3761// IfNoneMatch sets the optional parameter which makes the operation 3762// fail if the object's ETag matches the given value. This is useful for 3763// getting updates only after the object has changed since the last 3764// request. Use googleapi.IsNotModified to check whether the response 3765// error from Do is the result of In-None-Match. 3766func (c *ProjectsOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsOperationsGetCall { 3767 c.ifNoneMatch_ = entityTag 3768 return c 3769} 3770 3771// Context sets the context to be used in this call's Do method. Any 3772// pending HTTP request will be aborted if the provided context is 3773// canceled. 3774func (c *ProjectsOperationsGetCall) Context(ctx context.Context) *ProjectsOperationsGetCall { 3775 c.ctx_ = ctx 3776 return c 3777} 3778 3779// Header returns an http.Header that can be modified by the caller to 3780// add HTTP headers to the request. 3781func (c *ProjectsOperationsGetCall) Header() http.Header { 3782 if c.header_ == nil { 3783 c.header_ = make(http.Header) 3784 } 3785 return c.header_ 3786} 3787 3788func (c *ProjectsOperationsGetCall) doRequest(alt string) (*http.Response, error) { 3789 reqHeaders := make(http.Header) 3790 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210410") 3791 for k, v := range c.header_ { 3792 reqHeaders[k] = v 3793 } 3794 reqHeaders.Set("User-Agent", c.s.userAgent()) 3795 if c.ifNoneMatch_ != "" { 3796 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3797 } 3798 var body io.Reader = nil 3799 c.urlParams_.Set("alt", alt) 3800 c.urlParams_.Set("prettyPrint", "false") 3801 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}") 3802 urls += "?" + c.urlParams_.Encode() 3803 req, err := http.NewRequest("GET", urls, body) 3804 if err != nil { 3805 return nil, err 3806 } 3807 req.Header = reqHeaders 3808 googleapi.Expand(req.URL, map[string]string{ 3809 "name": c.name, 3810 }) 3811 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3812} 3813 3814// Do executes the "cloudasset.projects.operations.get" call. 3815// Exactly one of *Operation or error will be non-nil. Any non-2xx 3816// status code is an error. Response headers are in either 3817// *Operation.ServerResponse.Header or (if a response was returned at 3818// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 3819// to check whether the returned error was because 3820// http.StatusNotModified was returned. 3821func (c *ProjectsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 3822 gensupport.SetOptions(c.urlParams_, opts...) 3823 res, err := c.doRequest("json") 3824 if res != nil && res.StatusCode == http.StatusNotModified { 3825 if res.Body != nil { 3826 res.Body.Close() 3827 } 3828 return nil, &googleapi.Error{ 3829 Code: res.StatusCode, 3830 Header: res.Header, 3831 } 3832 } 3833 if err != nil { 3834 return nil, err 3835 } 3836 defer googleapi.CloseBody(res) 3837 if err := googleapi.CheckResponse(res); err != nil { 3838 return nil, err 3839 } 3840 ret := &Operation{ 3841 ServerResponse: googleapi.ServerResponse{ 3842 Header: res.Header, 3843 HTTPStatusCode: res.StatusCode, 3844 }, 3845 } 3846 target := &ret 3847 if err := gensupport.DecodeResponse(target, res); err != nil { 3848 return nil, err 3849 } 3850 return ret, nil 3851 // { 3852 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 3853 // "flatPath": "v1beta1/projects/{projectsId}/operations/{operationsId}/{operationsId1}", 3854 // "httpMethod": "GET", 3855 // "id": "cloudasset.projects.operations.get", 3856 // "parameterOrder": [ 3857 // "name" 3858 // ], 3859 // "parameters": { 3860 // "name": { 3861 // "description": "The name of the operation resource.", 3862 // "location": "path", 3863 // "pattern": "^projects/[^/]+/operations/[^/]+/.*$", 3864 // "required": true, 3865 // "type": "string" 3866 // } 3867 // }, 3868 // "path": "v1beta1/{+name}", 3869 // "response": { 3870 // "$ref": "Operation" 3871 // }, 3872 // "scopes": [ 3873 // "https://www.googleapis.com/auth/cloud-platform" 3874 // ] 3875 // } 3876 3877} 3878