1// Copyright 2021 Google LLC. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5// Code generated file. DO NOT EDIT. 6 7// Package iam provides access to the Identity and Access Management (IAM) API. 8// 9// For product documentation, see: https://cloud.google.com/iam/ 10// 11// Creating a client 12// 13// Usage example: 14// 15// import "google.golang.org/api/iam/v1" 16// ... 17// ctx := context.Background() 18// iamService, err := iam.NewService(ctx) 19// 20// In this example, Google Application Default Credentials are used for authentication. 21// 22// For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials. 23// 24// Other authentication options 25// 26// To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey: 27// 28// iamService, err := iam.NewService(ctx, option.WithAPIKey("AIza...")) 29// 30// To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource: 31// 32// config := &oauth2.Config{...} 33// // ... 34// token, err := config.Exchange(ctx, ...) 35// iamService, err := iam.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token))) 36// 37// See https://godoc.org/google.golang.org/api/option/ for details on options. 38package iam // import "google.golang.org/api/iam/v1" 39 40import ( 41 "bytes" 42 "context" 43 "encoding/json" 44 "errors" 45 "fmt" 46 "io" 47 "net/http" 48 "net/url" 49 "strconv" 50 "strings" 51 52 googleapi "google.golang.org/api/googleapi" 53 gensupport "google.golang.org/api/internal/gensupport" 54 option "google.golang.org/api/option" 55 internaloption "google.golang.org/api/option/internaloption" 56 htransport "google.golang.org/api/transport/http" 57) 58 59// Always reference these packages, just in case the auto-generated code 60// below doesn't. 61var _ = bytes.NewBuffer 62var _ = strconv.Itoa 63var _ = fmt.Sprintf 64var _ = json.NewDecoder 65var _ = io.Copy 66var _ = url.Parse 67var _ = gensupport.MarshalJSON 68var _ = googleapi.Version 69var _ = errors.New 70var _ = strings.Replace 71var _ = context.Canceled 72var _ = internaloption.WithDefaultEndpoint 73 74const apiId = "iam:v1" 75const apiName = "iam" 76const apiVersion = "v1" 77const basePath = "https://iam.googleapis.com/" 78const mtlsBasePath = "https://iam.mtls.googleapis.com/" 79 80// OAuth2 scopes used by this API. 81const ( 82 // See, edit, configure, and delete your Google Cloud data and see the 83 // email address for your Google Account. 84 CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform" 85) 86 87// NewService creates a new Service. 88func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) { 89 scopesOption := option.WithScopes( 90 "https://www.googleapis.com/auth/cloud-platform", 91 ) 92 // NOTE: prepend, so we don't override user-specified scopes. 93 opts = append([]option.ClientOption{scopesOption}, opts...) 94 opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) 95 opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) 96 client, endpoint, err := htransport.NewClient(ctx, opts...) 97 if err != nil { 98 return nil, err 99 } 100 s, err := New(client) 101 if err != nil { 102 return nil, err 103 } 104 if endpoint != "" { 105 s.BasePath = endpoint 106 } 107 return s, nil 108} 109 110// New creates a new Service. It uses the provided http.Client for requests. 111// 112// Deprecated: please use NewService instead. 113// To provide a custom HTTP client, use option.WithHTTPClient. 114// If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead. 115func New(client *http.Client) (*Service, error) { 116 if client == nil { 117 return nil, errors.New("client is nil") 118 } 119 s := &Service{client: client, BasePath: basePath} 120 s.IamPolicies = NewIamPoliciesService(s) 121 s.Organizations = NewOrganizationsService(s) 122 s.Permissions = NewPermissionsService(s) 123 s.Projects = NewProjectsService(s) 124 s.Roles = NewRolesService(s) 125 return s, nil 126} 127 128type Service struct { 129 client *http.Client 130 BasePath string // API endpoint base URL 131 UserAgent string // optional additional User-Agent fragment 132 133 IamPolicies *IamPoliciesService 134 135 Organizations *OrganizationsService 136 137 Permissions *PermissionsService 138 139 Projects *ProjectsService 140 141 Roles *RolesService 142} 143 144func (s *Service) userAgent() string { 145 if s.UserAgent == "" { 146 return googleapi.UserAgent 147 } 148 return googleapi.UserAgent + " " + s.UserAgent 149} 150 151func NewIamPoliciesService(s *Service) *IamPoliciesService { 152 rs := &IamPoliciesService{s: s} 153 return rs 154} 155 156type IamPoliciesService struct { 157 s *Service 158} 159 160func NewOrganizationsService(s *Service) *OrganizationsService { 161 rs := &OrganizationsService{s: s} 162 rs.Roles = NewOrganizationsRolesService(s) 163 return rs 164} 165 166type OrganizationsService struct { 167 s *Service 168 169 Roles *OrganizationsRolesService 170} 171 172func NewOrganizationsRolesService(s *Service) *OrganizationsRolesService { 173 rs := &OrganizationsRolesService{s: s} 174 return rs 175} 176 177type OrganizationsRolesService struct { 178 s *Service 179} 180 181func NewPermissionsService(s *Service) *PermissionsService { 182 rs := &PermissionsService{s: s} 183 return rs 184} 185 186type PermissionsService struct { 187 s *Service 188} 189 190func NewProjectsService(s *Service) *ProjectsService { 191 rs := &ProjectsService{s: s} 192 rs.Locations = NewProjectsLocationsService(s) 193 rs.Roles = NewProjectsRolesService(s) 194 rs.ServiceAccounts = NewProjectsServiceAccountsService(s) 195 return rs 196} 197 198type ProjectsService struct { 199 s *Service 200 201 Locations *ProjectsLocationsService 202 203 Roles *ProjectsRolesService 204 205 ServiceAccounts *ProjectsServiceAccountsService 206} 207 208func NewProjectsLocationsService(s *Service) *ProjectsLocationsService { 209 rs := &ProjectsLocationsService{s: s} 210 rs.WorkloadIdentityPools = NewProjectsLocationsWorkloadIdentityPoolsService(s) 211 return rs 212} 213 214type ProjectsLocationsService struct { 215 s *Service 216 217 WorkloadIdentityPools *ProjectsLocationsWorkloadIdentityPoolsService 218} 219 220func NewProjectsLocationsWorkloadIdentityPoolsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsService { 221 rs := &ProjectsLocationsWorkloadIdentityPoolsService{s: s} 222 rs.Operations = NewProjectsLocationsWorkloadIdentityPoolsOperationsService(s) 223 rs.Providers = NewProjectsLocationsWorkloadIdentityPoolsProvidersService(s) 224 return rs 225} 226 227type ProjectsLocationsWorkloadIdentityPoolsService struct { 228 s *Service 229 230 Operations *ProjectsLocationsWorkloadIdentityPoolsOperationsService 231 232 Providers *ProjectsLocationsWorkloadIdentityPoolsProvidersService 233} 234 235func NewProjectsLocationsWorkloadIdentityPoolsOperationsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsOperationsService { 236 rs := &ProjectsLocationsWorkloadIdentityPoolsOperationsService{s: s} 237 return rs 238} 239 240type ProjectsLocationsWorkloadIdentityPoolsOperationsService struct { 241 s *Service 242} 243 244func NewProjectsLocationsWorkloadIdentityPoolsProvidersService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsProvidersService { 245 rs := &ProjectsLocationsWorkloadIdentityPoolsProvidersService{s: s} 246 rs.Operations = NewProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService(s) 247 return rs 248} 249 250type ProjectsLocationsWorkloadIdentityPoolsProvidersService struct { 251 s *Service 252 253 Operations *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService 254} 255 256func NewProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService { 257 rs := &ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService{s: s} 258 return rs 259} 260 261type ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService struct { 262 s *Service 263} 264 265func NewProjectsRolesService(s *Service) *ProjectsRolesService { 266 rs := &ProjectsRolesService{s: s} 267 return rs 268} 269 270type ProjectsRolesService struct { 271 s *Service 272} 273 274func NewProjectsServiceAccountsService(s *Service) *ProjectsServiceAccountsService { 275 rs := &ProjectsServiceAccountsService{s: s} 276 rs.Keys = NewProjectsServiceAccountsKeysService(s) 277 return rs 278} 279 280type ProjectsServiceAccountsService struct { 281 s *Service 282 283 Keys *ProjectsServiceAccountsKeysService 284} 285 286func NewProjectsServiceAccountsKeysService(s *Service) *ProjectsServiceAccountsKeysService { 287 rs := &ProjectsServiceAccountsKeysService{s: s} 288 return rs 289} 290 291type ProjectsServiceAccountsKeysService struct { 292 s *Service 293} 294 295func NewRolesService(s *Service) *RolesService { 296 rs := &RolesService{s: s} 297 return rs 298} 299 300type RolesService struct { 301 s *Service 302} 303 304// AdminAuditData: Audit log information specific to Cloud IAM admin 305// APIs. This message is serialized as an `Any` type in the 306// `ServiceData` message of an `AuditLog` message. 307type AdminAuditData struct { 308 // PermissionDelta: The permission_delta when when creating or updating 309 // a Role. 310 PermissionDelta *PermissionDelta `json:"permissionDelta,omitempty"` 311 312 // ForceSendFields is a list of field names (e.g. "PermissionDelta") to 313 // unconditionally include in API requests. By default, fields with 314 // empty or default values are omitted from API requests. However, any 315 // non-pointer, non-interface field appearing in ForceSendFields will be 316 // sent to the server regardless of whether the field is empty or not. 317 // This may be used to include empty fields in Patch requests. 318 ForceSendFields []string `json:"-"` 319 320 // NullFields is a list of field names (e.g. "PermissionDelta") to 321 // include in API requests with the JSON null value. By default, fields 322 // with empty values are omitted from API requests. However, any field 323 // with an empty value appearing in NullFields will be sent to the 324 // server as null. It is an error if a field in this list has a 325 // non-empty value. This may be used to include null fields in Patch 326 // requests. 327 NullFields []string `json:"-"` 328} 329 330func (s *AdminAuditData) MarshalJSON() ([]byte, error) { 331 type NoMethod AdminAuditData 332 raw := NoMethod(*s) 333 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 334} 335 336// AuditConfig: Specifies the audit configuration for a service. The 337// configuration determines which permission types are logged, and what 338// identities, if any, are exempted from logging. An AuditConfig must 339// have one or more AuditLogConfigs. If there are AuditConfigs for both 340// `allServices` and a specific service, the union of the two 341// AuditConfigs is used for that service: the log_types specified in 342// each AuditConfig are enabled, and the exempted_members in each 343// AuditLogConfig are exempted. Example Policy with multiple 344// AuditConfigs: { "audit_configs": [ { "service": "allServices", 345// "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": 346// [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { 347// "log_type": "ADMIN_READ" } ] }, { "service": 348// "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": 349// "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ 350// "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy 351// enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts 352// jose@example.com from DATA_READ logging, and aliya@example.com from 353// DATA_WRITE logging. 354type AuditConfig struct { 355 // AuditLogConfigs: The configuration for logging of each type of 356 // permission. 357 AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"` 358 359 // Service: Specifies a service that will be enabled for audit logging. 360 // For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 361 // `allServices` is a special value that covers all services. 362 Service string `json:"service,omitempty"` 363 364 // ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to 365 // unconditionally include in API requests. By default, fields with 366 // empty or default values are omitted from API requests. However, any 367 // non-pointer, non-interface field appearing in ForceSendFields will be 368 // sent to the server regardless of whether the field is empty or not. 369 // This may be used to include empty fields in Patch requests. 370 ForceSendFields []string `json:"-"` 371 372 // NullFields is a list of field names (e.g. "AuditLogConfigs") to 373 // include in API requests with the JSON null value. By default, fields 374 // with empty values are omitted from API requests. However, any field 375 // with an empty value appearing in NullFields will be sent to the 376 // server as null. It is an error if a field in this list has a 377 // non-empty value. This may be used to include null fields in Patch 378 // requests. 379 NullFields []string `json:"-"` 380} 381 382func (s *AuditConfig) MarshalJSON() ([]byte, error) { 383 type NoMethod AuditConfig 384 raw := NoMethod(*s) 385 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 386} 387 388// AuditData: Audit log information specific to Cloud IAM. This message 389// is serialized as an `Any` type in the `ServiceData` message of an 390// `AuditLog` message. 391type AuditData struct { 392 // PolicyDelta: Policy delta between the original policy and the newly 393 // set policy. 394 PolicyDelta *PolicyDelta `json:"policyDelta,omitempty"` 395 396 // ForceSendFields is a list of field names (e.g. "PolicyDelta") to 397 // unconditionally include in API requests. By default, fields with 398 // empty or default values are omitted from API requests. However, any 399 // non-pointer, non-interface field appearing in ForceSendFields will be 400 // sent to the server regardless of whether the field is empty or not. 401 // This may be used to include empty fields in Patch requests. 402 ForceSendFields []string `json:"-"` 403 404 // NullFields is a list of field names (e.g. "PolicyDelta") to include 405 // in API requests with the JSON null value. By default, fields with 406 // empty values are omitted from API requests. However, any field with 407 // an empty value appearing in NullFields will be sent to the server as 408 // null. It is an error if a field in this list has a non-empty value. 409 // This may be used to include null fields in Patch requests. 410 NullFields []string `json:"-"` 411} 412 413func (s *AuditData) MarshalJSON() ([]byte, error) { 414 type NoMethod AuditData 415 raw := NoMethod(*s) 416 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 417} 418 419// AuditLogConfig: Provides the configuration for logging a type of 420// permissions. Example: { "audit_log_configs": [ { "log_type": 421// "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { 422// "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 423// 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ 424// logging. 425type AuditLogConfig struct { 426 // ExemptedMembers: Specifies the identities that do not cause logging 427 // for this type of permission. Follows the same format of 428 // Binding.members. 429 ExemptedMembers []string `json:"exemptedMembers,omitempty"` 430 431 // LogType: The log type that this config enables. 432 // 433 // Possible values: 434 // "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this. 435 // "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy 436 // "DATA_WRITE" - Data writes. Example: CloudSQL Users create 437 // "DATA_READ" - Data reads. Example: CloudSQL Users list 438 LogType string `json:"logType,omitempty"` 439 440 // ForceSendFields is a list of field names (e.g. "ExemptedMembers") to 441 // unconditionally include in API requests. By default, fields with 442 // empty or default values are omitted from API requests. However, any 443 // non-pointer, non-interface field appearing in ForceSendFields will be 444 // sent to the server regardless of whether the field is empty or not. 445 // This may be used to include empty fields in Patch requests. 446 ForceSendFields []string `json:"-"` 447 448 // NullFields is a list of field names (e.g. "ExemptedMembers") to 449 // include in API requests with the JSON null value. By default, fields 450 // with empty values are omitted from API requests. However, any field 451 // with an empty value appearing in NullFields will be sent to the 452 // server as null. It is an error if a field in this list has a 453 // non-empty value. This may be used to include null fields in Patch 454 // requests. 455 NullFields []string `json:"-"` 456} 457 458func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { 459 type NoMethod AuditLogConfig 460 raw := NoMethod(*s) 461 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 462} 463 464// AuditableService: Contains information about an auditable service. 465type AuditableService struct { 466 // Name: Public name of the service. For example, the service name for 467 // Cloud IAM is 'iam.googleapis.com'. 468 Name string `json:"name,omitempty"` 469 470 // ForceSendFields is a list of field names (e.g. "Name") to 471 // unconditionally include in API requests. By default, fields with 472 // empty or default values are omitted from API requests. However, any 473 // non-pointer, non-interface field appearing in ForceSendFields will be 474 // sent to the server regardless of whether the field is empty or not. 475 // This may be used to include empty fields in Patch requests. 476 ForceSendFields []string `json:"-"` 477 478 // NullFields is a list of field names (e.g. "Name") to include in API 479 // requests with the JSON null value. By default, fields with empty 480 // values are omitted from API requests. However, any field with an 481 // empty value appearing in NullFields will be sent to the server as 482 // null. It is an error if a field in this list has a non-empty value. 483 // This may be used to include null fields in Patch requests. 484 NullFields []string `json:"-"` 485} 486 487func (s *AuditableService) MarshalJSON() ([]byte, error) { 488 type NoMethod AuditableService 489 raw := NoMethod(*s) 490 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 491} 492 493// Aws: Represents an Amazon Web Services identity provider. 494type Aws struct { 495 // AccountId: Required. The AWS account ID. 496 AccountId string `json:"accountId,omitempty"` 497 498 // ForceSendFields is a list of field names (e.g. "AccountId") to 499 // unconditionally include in API requests. By default, fields with 500 // empty or default values are omitted from API requests. However, any 501 // non-pointer, non-interface field appearing in ForceSendFields will be 502 // sent to the server regardless of whether the field is empty or not. 503 // This may be used to include empty fields in Patch requests. 504 ForceSendFields []string `json:"-"` 505 506 // NullFields is a list of field names (e.g. "AccountId") to include in 507 // API requests with the JSON null value. By default, fields with empty 508 // values are omitted from API requests. However, any field with an 509 // empty value appearing in NullFields will be sent to the server as 510 // null. It is an error if a field in this list has a non-empty value. 511 // This may be used to include null fields in Patch requests. 512 NullFields []string `json:"-"` 513} 514 515func (s *Aws) MarshalJSON() ([]byte, error) { 516 type NoMethod Aws 517 raw := NoMethod(*s) 518 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 519} 520 521// Binding: Associates `members` with a `role`. 522type Binding struct { 523 // Condition: The condition that is associated with this binding. If the 524 // condition evaluates to `true`, then this binding applies to the 525 // current request. If the condition evaluates to `false`, then this 526 // binding does not apply to the current request. However, a different 527 // role binding might grant the same role to one or more of the members 528 // in this binding. To learn which resources support conditions in their 529 // IAM policies, see the IAM documentation 530 // (https://cloud.google.com/iam/help/conditions/resource-policies). 531 Condition *Expr `json:"condition,omitempty"` 532 533 // Members: Specifies the identities requesting access for a Cloud 534 // Platform resource. `members` can have the following values: * 535 // `allUsers`: A special identifier that represents anyone who is on the 536 // internet; with or without a Google account. * 537 // `allAuthenticatedUsers`: A special identifier that represents anyone 538 // who is authenticated with a Google account or a service account. * 539 // `user:{emailid}`: An email address that represents a specific Google 540 // account. For example, `alice@example.com` . * 541 // `serviceAccount:{emailid}`: An email address that represents a 542 // service account. For example, 543 // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An 544 // email address that represents a Google group. For example, 545 // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An 546 // email address (plus unique identifier) representing a user that has 547 // been recently deleted. For example, 548 // `alice@example.com?uid=123456789012345678901`. If the user is 549 // recovered, this value reverts to `user:{emailid}` and the recovered 550 // user retains the role in the binding. * 551 // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address 552 // (plus unique identifier) representing a service account that has been 553 // recently deleted. For example, 554 // `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. 555 // If the service account is undeleted, this value reverts to 556 // `serviceAccount:{emailid}` and the undeleted service account retains 557 // the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: 558 // An email address (plus unique identifier) representing a Google group 559 // that has been recently deleted. For example, 560 // `admins@example.com?uid=123456789012345678901`. If the group is 561 // recovered, this value reverts to `group:{emailid}` and the recovered 562 // group retains the role in the binding. * `domain:{domain}`: The G 563 // Suite domain (primary) that represents all the users of that domain. 564 // For example, `google.com` or `example.com`. 565 Members []string `json:"members,omitempty"` 566 567 // Role: Role that is assigned to `members`. For example, 568 // `roles/viewer`, `roles/editor`, or `roles/owner`. 569 Role string `json:"role,omitempty"` 570 571 // ForceSendFields is a list of field names (e.g. "Condition") to 572 // unconditionally include in API requests. By default, fields with 573 // empty or default values are omitted from API requests. However, any 574 // non-pointer, non-interface field appearing in ForceSendFields will be 575 // sent to the server regardless of whether the field is empty or not. 576 // This may be used to include empty fields in Patch requests. 577 ForceSendFields []string `json:"-"` 578 579 // NullFields is a list of field names (e.g. "Condition") to include in 580 // API requests with the JSON null value. By default, fields with empty 581 // values are omitted from API requests. However, any field with an 582 // empty value appearing in NullFields will be sent to the server as 583 // null. It is an error if a field in this list has a non-empty value. 584 // This may be used to include null fields in Patch requests. 585 NullFields []string `json:"-"` 586} 587 588func (s *Binding) MarshalJSON() ([]byte, error) { 589 type NoMethod Binding 590 raw := NoMethod(*s) 591 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 592} 593 594// BindingDelta: One delta entry for Binding. Each individual change 595// (only one member in each entry) to a binding will be a separate 596// entry. 597type BindingDelta struct { 598 // Action: The action that was performed on a Binding. Required 599 // 600 // Possible values: 601 // "ACTION_UNSPECIFIED" - Unspecified. 602 // "ADD" - Addition of a Binding. 603 // "REMOVE" - Removal of a Binding. 604 Action string `json:"action,omitempty"` 605 606 // Condition: The condition that is associated with this binding. 607 Condition *Expr `json:"condition,omitempty"` 608 609 // Member: A single identity requesting access for a Cloud Platform 610 // resource. Follows the same format of Binding.members. Required 611 Member string `json:"member,omitempty"` 612 613 // Role: Role that is assigned to `members`. For example, 614 // `roles/viewer`, `roles/editor`, or `roles/owner`. Required 615 Role string `json:"role,omitempty"` 616 617 // ForceSendFields is a list of field names (e.g. "Action") to 618 // unconditionally include in API requests. By default, fields with 619 // empty or default values are omitted from API requests. However, any 620 // non-pointer, non-interface field appearing in ForceSendFields will be 621 // sent to the server regardless of whether the field is empty or not. 622 // This may be used to include empty fields in Patch requests. 623 ForceSendFields []string `json:"-"` 624 625 // NullFields is a list of field names (e.g. "Action") to include in API 626 // requests with the JSON null value. By default, fields with empty 627 // values are omitted from API requests. However, any field with an 628 // empty value appearing in NullFields will be sent to the server as 629 // null. It is an error if a field in this list has a non-empty value. 630 // This may be used to include null fields in Patch requests. 631 NullFields []string `json:"-"` 632} 633 634func (s *BindingDelta) MarshalJSON() ([]byte, error) { 635 type NoMethod BindingDelta 636 raw := NoMethod(*s) 637 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 638} 639 640// CreateRoleRequest: The request to create a new role. 641type CreateRoleRequest struct { 642 // Role: The Role resource to create. 643 Role *Role `json:"role,omitempty"` 644 645 // RoleId: The role ID to use for this role. A role ID may contain 646 // alphanumeric characters, underscores (`_`), and periods (`.`). It 647 // must contain a minimum of 3 characters and a maximum of 64 648 // characters. 649 RoleId string `json:"roleId,omitempty"` 650 651 // ForceSendFields is a list of field names (e.g. "Role") to 652 // unconditionally include in API requests. By default, fields with 653 // empty or default values are omitted from API requests. However, any 654 // non-pointer, non-interface field appearing in ForceSendFields will be 655 // sent to the server regardless of whether the field is empty or not. 656 // This may be used to include empty fields in Patch requests. 657 ForceSendFields []string `json:"-"` 658 659 // NullFields is a list of field names (e.g. "Role") to include in API 660 // requests with the JSON null value. By default, fields with empty 661 // values are omitted from API requests. However, any field with an 662 // empty value appearing in NullFields will be sent to the server as 663 // null. It is an error if a field in this list has a non-empty value. 664 // This may be used to include null fields in Patch requests. 665 NullFields []string `json:"-"` 666} 667 668func (s *CreateRoleRequest) MarshalJSON() ([]byte, error) { 669 type NoMethod CreateRoleRequest 670 raw := NoMethod(*s) 671 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 672} 673 674// CreateServiceAccountKeyRequest: The service account key create 675// request. 676type CreateServiceAccountKeyRequest struct { 677 // KeyAlgorithm: Which type of key and algorithm to use for the key. The 678 // default is currently a 2K RSA key. However this may change in the 679 // future. 680 // 681 // Possible values: 682 // "KEY_ALG_UNSPECIFIED" - An unspecified key algorithm. 683 // "KEY_ALG_RSA_1024" - 1k RSA Key. 684 // "KEY_ALG_RSA_2048" - 2k RSA Key. 685 KeyAlgorithm string `json:"keyAlgorithm,omitempty"` 686 687 // PrivateKeyType: The output format of the private key. The default 688 // value is `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google 689 // Credentials File format. 690 // 691 // Possible values: 692 // "TYPE_UNSPECIFIED" - Unspecified. Equivalent to 693 // `TYPE_GOOGLE_CREDENTIALS_FILE`. 694 // "TYPE_PKCS12_FILE" - PKCS12 format. The password for the PKCS12 695 // file is `notasecret`. For more information, see 696 // https://tools.ietf.org/html/rfc7292. 697 // "TYPE_GOOGLE_CREDENTIALS_FILE" - Google Credentials File format. 698 PrivateKeyType string `json:"privateKeyType,omitempty"` 699 700 // ForceSendFields is a list of field names (e.g. "KeyAlgorithm") to 701 // unconditionally include in API requests. By default, fields with 702 // empty or default values are omitted from API requests. However, any 703 // non-pointer, non-interface field appearing in ForceSendFields will be 704 // sent to the server regardless of whether the field is empty or not. 705 // This may be used to include empty fields in Patch requests. 706 ForceSendFields []string `json:"-"` 707 708 // NullFields is a list of field names (e.g. "KeyAlgorithm") to include 709 // in API requests with the JSON null value. By default, fields with 710 // empty values are omitted from API requests. However, any field with 711 // an empty value appearing in NullFields will be sent to the server as 712 // null. It is an error if a field in this list has a non-empty value. 713 // This may be used to include null fields in Patch requests. 714 NullFields []string `json:"-"` 715} 716 717func (s *CreateServiceAccountKeyRequest) MarshalJSON() ([]byte, error) { 718 type NoMethod CreateServiceAccountKeyRequest 719 raw := NoMethod(*s) 720 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 721} 722 723// CreateServiceAccountRequest: The service account create request. 724type CreateServiceAccountRequest struct { 725 // AccountId: Required. The account id that is used to generate the 726 // service account email address and a stable unique id. It is unique 727 // within a project, must be 6-30 characters long, and match the regular 728 // expression `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035. 729 AccountId string `json:"accountId,omitempty"` 730 731 // ServiceAccount: The ServiceAccount resource to create. Currently, 732 // only the following values are user assignable: `display_name` and 733 // `description`. 734 ServiceAccount *ServiceAccount `json:"serviceAccount,omitempty"` 735 736 // ForceSendFields is a list of field names (e.g. "AccountId") to 737 // unconditionally include in API requests. By default, fields with 738 // empty or default values are omitted from API requests. However, any 739 // non-pointer, non-interface field appearing in ForceSendFields will be 740 // sent to the server regardless of whether the field is empty or not. 741 // This may be used to include empty fields in Patch requests. 742 ForceSendFields []string `json:"-"` 743 744 // NullFields is a list of field names (e.g. "AccountId") to include in 745 // API requests with the JSON null value. By default, fields with empty 746 // values are omitted from API requests. However, any field with an 747 // empty value appearing in NullFields will be sent to the server as 748 // null. It is an error if a field in this list has a non-empty value. 749 // This may be used to include null fields in Patch requests. 750 NullFields []string `json:"-"` 751} 752 753func (s *CreateServiceAccountRequest) MarshalJSON() ([]byte, error) { 754 type NoMethod CreateServiceAccountRequest 755 raw := NoMethod(*s) 756 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 757} 758 759// DisableServiceAccountKeyRequest: The service account key disable 760// request. 761type DisableServiceAccountKeyRequest struct { 762} 763 764// DisableServiceAccountRequest: The service account disable request. 765type DisableServiceAccountRequest struct { 766} 767 768// Empty: A generic empty message that you can re-use to avoid defining 769// duplicated empty messages in your APIs. A typical example is to use 770// it as the request or the response type of an API method. For 771// instance: service Foo { rpc Bar(google.protobuf.Empty) returns 772// (google.protobuf.Empty); } The JSON representation for `Empty` is 773// empty JSON object `{}`. 774type Empty struct { 775 // ServerResponse contains the HTTP response code and headers from the 776 // server. 777 googleapi.ServerResponse `json:"-"` 778} 779 780// EnableServiceAccountKeyRequest: The service account key enable 781// request. 782type EnableServiceAccountKeyRequest struct { 783} 784 785// EnableServiceAccountRequest: The service account enable request. 786type EnableServiceAccountRequest struct { 787} 788 789// Expr: Represents a textual expression in the Common Expression 790// Language (CEL) syntax. CEL is a C-like expression language. The 791// syntax and semantics of CEL are documented at 792// https://github.com/google/cel-spec. Example (Comparison): title: 793// "Summary size limit" description: "Determines if a summary is less 794// than 100 chars" expression: "document.summary.size() < 100" Example 795// (Equality): title: "Requestor is owner" description: "Determines if 796// requestor is the document owner" expression: "document.owner == 797// request.auth.claims.email" Example (Logic): title: "Public documents" 798// description: "Determine whether the document should be publicly 799// visible" expression: "document.type != 'private' && document.type != 800// 'internal'" Example (Data Manipulation): title: "Notification string" 801// description: "Create a notification string with a timestamp." 802// expression: "'New message received at ' + 803// string(document.create_time)" The exact variables and functions that 804// may be referenced within an expression are determined by the service 805// that evaluates it. See the service documentation for additional 806// information. 807type Expr struct { 808 // Description: Optional. Description of the expression. This is a 809 // longer text which describes the expression, e.g. when hovered over it 810 // in a UI. 811 Description string `json:"description,omitempty"` 812 813 // Expression: Textual representation of an expression in Common 814 // Expression Language syntax. 815 Expression string `json:"expression,omitempty"` 816 817 // Location: Optional. String indicating the location of the expression 818 // for error reporting, e.g. a file name and a position in the file. 819 Location string `json:"location,omitempty"` 820 821 // Title: Optional. Title for the expression, i.e. a short string 822 // describing its purpose. This can be used e.g. in UIs which allow to 823 // enter the expression. 824 Title string `json:"title,omitempty"` 825 826 // ForceSendFields is a list of field names (e.g. "Description") to 827 // unconditionally include in API requests. By default, fields with 828 // empty or default values are omitted from API requests. However, any 829 // non-pointer, non-interface field appearing in ForceSendFields will be 830 // sent to the server regardless of whether the field is empty or not. 831 // This may be used to include empty fields in Patch requests. 832 ForceSendFields []string `json:"-"` 833 834 // NullFields is a list of field names (e.g. "Description") to include 835 // in API requests with the JSON null value. By default, fields with 836 // empty values are omitted from API requests. However, any field with 837 // an empty value appearing in NullFields will be sent to the server as 838 // null. It is an error if a field in this list has a non-empty value. 839 // This may be used to include null fields in Patch requests. 840 NullFields []string `json:"-"` 841} 842 843func (s *Expr) MarshalJSON() ([]byte, error) { 844 type NoMethod Expr 845 raw := NoMethod(*s) 846 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 847} 848 849// LintPolicyRequest: The request to lint a Cloud IAM policy object. 850type LintPolicyRequest struct { 851 // Condition: google.iam.v1.Binding.condition object to be linted. 852 Condition *Expr `json:"condition,omitempty"` 853 854 // FullResourceName: The full resource name of the policy this lint 855 // request is about. The name follows the Google Cloud Platform (GCP) 856 // resource format. For example, a GCP project with ID `my-project` will 857 // be named `//cloudresourcemanager.googleapis.com/projects/my-project`. 858 // The resource name is not used to read the policy instance from the 859 // Cloud IAM database. The candidate policy for lint has to be provided 860 // in the same request object. 861 FullResourceName string `json:"fullResourceName,omitempty"` 862 863 // ForceSendFields is a list of field names (e.g. "Condition") to 864 // unconditionally include in API requests. By default, fields with 865 // empty or default values are omitted from API requests. However, any 866 // non-pointer, non-interface field appearing in ForceSendFields will be 867 // sent to the server regardless of whether the field is empty or not. 868 // This may be used to include empty fields in Patch requests. 869 ForceSendFields []string `json:"-"` 870 871 // NullFields is a list of field names (e.g. "Condition") to include in 872 // API requests with the JSON null value. By default, fields with empty 873 // values are omitted from API requests. However, any field with an 874 // empty value appearing in NullFields will be sent to the server as 875 // null. It is an error if a field in this list has a non-empty value. 876 // This may be used to include null fields in Patch requests. 877 NullFields []string `json:"-"` 878} 879 880func (s *LintPolicyRequest) MarshalJSON() ([]byte, error) { 881 type NoMethod LintPolicyRequest 882 raw := NoMethod(*s) 883 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 884} 885 886// LintPolicyResponse: The response of a lint operation. An empty 887// response indicates the operation was able to fully execute and no 888// lint issue was found. 889type LintPolicyResponse struct { 890 // LintResults: List of lint results sorted by `severity` in descending 891 // order. 892 LintResults []*LintResult `json:"lintResults,omitempty"` 893 894 // ServerResponse contains the HTTP response code and headers from the 895 // server. 896 googleapi.ServerResponse `json:"-"` 897 898 // ForceSendFields is a list of field names (e.g. "LintResults") to 899 // unconditionally include in API requests. By default, fields with 900 // empty or default values are omitted from API requests. However, any 901 // non-pointer, non-interface field appearing in ForceSendFields will be 902 // sent to the server regardless of whether the field is empty or not. 903 // This may be used to include empty fields in Patch requests. 904 ForceSendFields []string `json:"-"` 905 906 // NullFields is a list of field names (e.g. "LintResults") to include 907 // in API requests with the JSON null value. By default, fields with 908 // empty values are omitted from API requests. However, any field with 909 // an empty value appearing in NullFields will be sent to the server as 910 // null. It is an error if a field in this list has a non-empty value. 911 // This may be used to include null fields in Patch requests. 912 NullFields []string `json:"-"` 913} 914 915func (s *LintPolicyResponse) MarshalJSON() ([]byte, error) { 916 type NoMethod LintPolicyResponse 917 raw := NoMethod(*s) 918 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 919} 920 921// LintResult: Structured response of a single validation unit. 922type LintResult struct { 923 // DebugMessage: Human readable debug message associated with the issue. 924 DebugMessage string `json:"debugMessage,omitempty"` 925 926 // FieldName: The name of the field for which this lint result is about. 927 // For nested messages `field_name` consists of names of the embedded 928 // fields separated by period character. The top-level qualifier is the 929 // input object to lint in the request. For example, the `field_name` 930 // value `condition.expression` identifies a lint result for the 931 // `expression` field of the provided condition. 932 FieldName string `json:"fieldName,omitempty"` 933 934 // Level: The validation unit level. 935 // 936 // Possible values: 937 // "LEVEL_UNSPECIFIED" - Level is unspecified. 938 // "CONDITION" - A validation unit which operates on an individual 939 // condition within a binding. 940 Level string `json:"level,omitempty"` 941 942 // LocationOffset: 0-based character position of problematic construct 943 // within the object identified by `field_name`. Currently, this is 944 // populated only for condition expression. 945 LocationOffset int64 `json:"locationOffset,omitempty"` 946 947 // Severity: The validation unit severity. 948 // 949 // Possible values: 950 // "SEVERITY_UNSPECIFIED" - Severity is unspecified. 951 // "ERROR" - A validation unit returns an error only for critical 952 // issues. If an attempt is made to set the problematic policy without 953 // rectifying the critical issue, it causes the `setPolicy` operation to 954 // fail. 955 // "WARNING" - Any issue which is severe enough but does not cause an 956 // error. For example, suspicious constructs in the input object will 957 // not necessarily fail `setPolicy`, but there is a high likelihood that 958 // they won't behave as expected during policy evaluation in 959 // `checkPolicy`. This includes the following common scenarios: - 960 // Unsatisfiable condition: Expired timestamp in date/time condition. - 961 // Ineffective condition: Condition on a pair which is granted 962 // unconditionally in another binding of the same policy. 963 // "NOTICE" - Reserved for the issues that are not severe as 964 // `ERROR`/`WARNING`, but need special handling. For instance, messages 965 // about skipped validation units are issued as `NOTICE`. 966 // "INFO" - Any informative statement which is not severe enough to 967 // raise `ERROR`/`WARNING`/`NOTICE`, like auto-correction 968 // recommendations on the input content. Note that current version of 969 // the linter does not utilize `INFO`. 970 // "DEPRECATED" - Deprecated severity level. 971 Severity string `json:"severity,omitempty"` 972 973 // ValidationUnitName: The validation unit name, for instance 974 // "lintValidationUnits/ConditionComplexityCheck". 975 ValidationUnitName string `json:"validationUnitName,omitempty"` 976 977 // ForceSendFields is a list of field names (e.g. "DebugMessage") to 978 // unconditionally include in API requests. By default, fields with 979 // empty or default values are omitted from API requests. However, any 980 // non-pointer, non-interface field appearing in ForceSendFields will be 981 // sent to the server regardless of whether the field is empty or not. 982 // This may be used to include empty fields in Patch requests. 983 ForceSendFields []string `json:"-"` 984 985 // NullFields is a list of field names (e.g. "DebugMessage") to include 986 // in API requests with the JSON null value. By default, fields with 987 // empty values are omitted from API requests. However, any field with 988 // an empty value appearing in NullFields will be sent to the server as 989 // null. It is an error if a field in this list has a non-empty value. 990 // This may be used to include null fields in Patch requests. 991 NullFields []string `json:"-"` 992} 993 994func (s *LintResult) MarshalJSON() ([]byte, error) { 995 type NoMethod LintResult 996 raw := NoMethod(*s) 997 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 998} 999 1000// ListRolesResponse: The response containing the roles defined under a 1001// resource. 1002type ListRolesResponse struct { 1003 // NextPageToken: To retrieve the next page of results, set 1004 // `ListRolesRequest.page_token` to this value. 1005 NextPageToken string `json:"nextPageToken,omitempty"` 1006 1007 // Roles: The Roles defined on this resource. 1008 Roles []*Role `json:"roles,omitempty"` 1009 1010 // ServerResponse contains the HTTP response code and headers from the 1011 // server. 1012 googleapi.ServerResponse `json:"-"` 1013 1014 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1015 // unconditionally include in API requests. By default, fields with 1016 // empty or default values are omitted from API requests. However, any 1017 // non-pointer, non-interface field appearing in ForceSendFields will be 1018 // sent to the server regardless of whether the field is empty or not. 1019 // This may be used to include empty fields in Patch requests. 1020 ForceSendFields []string `json:"-"` 1021 1022 // NullFields is a list of field names (e.g. "NextPageToken") to include 1023 // in API requests with the JSON null value. By default, fields with 1024 // empty values are omitted from API requests. However, any field with 1025 // an empty value appearing in NullFields will be sent to the server as 1026 // null. It is an error if a field in this list has a non-empty value. 1027 // This may be used to include null fields in Patch requests. 1028 NullFields []string `json:"-"` 1029} 1030 1031func (s *ListRolesResponse) MarshalJSON() ([]byte, error) { 1032 type NoMethod ListRolesResponse 1033 raw := NoMethod(*s) 1034 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1035} 1036 1037// ListServiceAccountKeysResponse: The service account keys list 1038// response. 1039type ListServiceAccountKeysResponse struct { 1040 // Keys: The public keys for the service account. 1041 Keys []*ServiceAccountKey `json:"keys,omitempty"` 1042 1043 // ServerResponse contains the HTTP response code and headers from the 1044 // server. 1045 googleapi.ServerResponse `json:"-"` 1046 1047 // ForceSendFields is a list of field names (e.g. "Keys") to 1048 // unconditionally include in API requests. By default, fields with 1049 // empty or default values are omitted from API requests. However, any 1050 // non-pointer, non-interface field appearing in ForceSendFields will be 1051 // sent to the server regardless of whether the field is empty or not. 1052 // This may be used to include empty fields in Patch requests. 1053 ForceSendFields []string `json:"-"` 1054 1055 // NullFields is a list of field names (e.g. "Keys") to include in API 1056 // requests with the JSON null value. By default, fields with empty 1057 // values are omitted from API requests. However, any field with an 1058 // empty value appearing in NullFields will be sent to the server as 1059 // null. It is an error if a field in this list has a non-empty value. 1060 // This may be used to include null fields in Patch requests. 1061 NullFields []string `json:"-"` 1062} 1063 1064func (s *ListServiceAccountKeysResponse) MarshalJSON() ([]byte, error) { 1065 type NoMethod ListServiceAccountKeysResponse 1066 raw := NoMethod(*s) 1067 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1068} 1069 1070// ListServiceAccountsResponse: The service account list response. 1071type ListServiceAccountsResponse struct { 1072 // Accounts: The list of matching service accounts. 1073 Accounts []*ServiceAccount `json:"accounts,omitempty"` 1074 1075 // NextPageToken: To retrieve the next page of results, set 1076 // ListServiceAccountsRequest.page_token to this value. 1077 NextPageToken string `json:"nextPageToken,omitempty"` 1078 1079 // ServerResponse contains the HTTP response code and headers from the 1080 // server. 1081 googleapi.ServerResponse `json:"-"` 1082 1083 // ForceSendFields is a list of field names (e.g. "Accounts") to 1084 // unconditionally include in API requests. By default, fields with 1085 // empty or default values are omitted from API requests. However, any 1086 // non-pointer, non-interface field appearing in ForceSendFields will be 1087 // sent to the server regardless of whether the field is empty or not. 1088 // This may be used to include empty fields in Patch requests. 1089 ForceSendFields []string `json:"-"` 1090 1091 // NullFields is a list of field names (e.g. "Accounts") to include in 1092 // API requests with the JSON null value. By default, fields with empty 1093 // values are omitted from API requests. However, any field with an 1094 // empty value appearing in NullFields will be sent to the server as 1095 // null. It is an error if a field in this list has a non-empty value. 1096 // This may be used to include null fields in Patch requests. 1097 NullFields []string `json:"-"` 1098} 1099 1100func (s *ListServiceAccountsResponse) MarshalJSON() ([]byte, error) { 1101 type NoMethod ListServiceAccountsResponse 1102 raw := NoMethod(*s) 1103 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1104} 1105 1106// ListWorkloadIdentityPoolProvidersResponse: Response message for 1107// ListWorkloadIdentityPoolProviders. 1108type ListWorkloadIdentityPoolProvidersResponse struct { 1109 // NextPageToken: A token, which can be sent as `page_token` to retrieve 1110 // the next page. If this field is omitted, there are no subsequent 1111 // pages. 1112 NextPageToken string `json:"nextPageToken,omitempty"` 1113 1114 // WorkloadIdentityPoolProviders: A list of providers. 1115 WorkloadIdentityPoolProviders []*WorkloadIdentityPoolProvider `json:"workloadIdentityPoolProviders,omitempty"` 1116 1117 // ServerResponse contains the HTTP response code and headers from the 1118 // server. 1119 googleapi.ServerResponse `json:"-"` 1120 1121 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1122 // unconditionally include in API requests. By default, fields with 1123 // empty or default values are omitted from API requests. However, any 1124 // non-pointer, non-interface field appearing in ForceSendFields will be 1125 // sent to the server regardless of whether the field is empty or not. 1126 // This may be used to include empty fields in Patch requests. 1127 ForceSendFields []string `json:"-"` 1128 1129 // NullFields is a list of field names (e.g. "NextPageToken") to include 1130 // in API requests with the JSON null value. By default, fields with 1131 // empty values are omitted from API requests. However, any field with 1132 // an empty value appearing in NullFields will be sent to the server as 1133 // null. It is an error if a field in this list has a non-empty value. 1134 // This may be used to include null fields in Patch requests. 1135 NullFields []string `json:"-"` 1136} 1137 1138func (s *ListWorkloadIdentityPoolProvidersResponse) MarshalJSON() ([]byte, error) { 1139 type NoMethod ListWorkloadIdentityPoolProvidersResponse 1140 raw := NoMethod(*s) 1141 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1142} 1143 1144// ListWorkloadIdentityPoolsResponse: Response message for 1145// ListWorkloadIdentityPools. 1146type ListWorkloadIdentityPoolsResponse struct { 1147 // NextPageToken: A token, which can be sent as `page_token` to retrieve 1148 // the next page. If this field is omitted, there are no subsequent 1149 // pages. 1150 NextPageToken string `json:"nextPageToken,omitempty"` 1151 1152 // WorkloadIdentityPools: A list of pools. 1153 WorkloadIdentityPools []*WorkloadIdentityPool `json:"workloadIdentityPools,omitempty"` 1154 1155 // ServerResponse contains the HTTP response code and headers from the 1156 // server. 1157 googleapi.ServerResponse `json:"-"` 1158 1159 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1160 // unconditionally include in API requests. By default, fields with 1161 // empty or default values are omitted from API requests. However, any 1162 // non-pointer, non-interface field appearing in ForceSendFields will be 1163 // sent to the server regardless of whether the field is empty or not. 1164 // This may be used to include empty fields in Patch requests. 1165 ForceSendFields []string `json:"-"` 1166 1167 // NullFields is a list of field names (e.g. "NextPageToken") to include 1168 // in API requests with the JSON null value. By default, fields with 1169 // empty values are omitted from API requests. However, any field with 1170 // an empty value appearing in NullFields will be sent to the server as 1171 // null. It is an error if a field in this list has a non-empty value. 1172 // This may be used to include null fields in Patch requests. 1173 NullFields []string `json:"-"` 1174} 1175 1176func (s *ListWorkloadIdentityPoolsResponse) MarshalJSON() ([]byte, error) { 1177 type NoMethod ListWorkloadIdentityPoolsResponse 1178 raw := NoMethod(*s) 1179 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1180} 1181 1182// Oidc: Represents an OpenId Connect 1.0 identity provider. 1183type Oidc struct { 1184 // AllowedAudiences: Acceptable values for the `aud` field (audience) in 1185 // the OIDC token. Token exchange requests are rejected if the token 1186 // audience does not match one of the configured values. Each audience 1187 // may be at most 256 characters. A maximum of 10 audiences may be 1188 // configured. If this list is empty, the OIDC token audience must be 1189 // equal to the full canonical resource name of the 1190 // WorkloadIdentityPoolProvider, with or without the HTTPS prefix. For 1191 // example: ``` 1192 // //iam.googleapis.com/projects//locations//workloadIdentityPools//provi 1193 // ders/ 1194 // https://iam.googleapis.com/projects//locations//workloadIdentityPools//providers/ 1195 // ``` 1196 AllowedAudiences []string `json:"allowedAudiences,omitempty"` 1197 1198 // IssuerUri: Required. The OIDC issuer URL. Must be an HTTPS endpoint. 1199 IssuerUri string `json:"issuerUri,omitempty"` 1200 1201 // ForceSendFields is a list of field names (e.g. "AllowedAudiences") to 1202 // unconditionally include in API requests. By default, fields with 1203 // empty or default values are omitted from API requests. However, any 1204 // non-pointer, non-interface field appearing in ForceSendFields will be 1205 // sent to the server regardless of whether the field is empty or not. 1206 // This may be used to include empty fields in Patch requests. 1207 ForceSendFields []string `json:"-"` 1208 1209 // NullFields is a list of field names (e.g. "AllowedAudiences") to 1210 // include in API requests with the JSON null value. By default, fields 1211 // with empty values are omitted from API requests. However, any field 1212 // with an empty value appearing in NullFields will be sent to the 1213 // server as null. It is an error if a field in this list has a 1214 // non-empty value. This may be used to include null fields in Patch 1215 // requests. 1216 NullFields []string `json:"-"` 1217} 1218 1219func (s *Oidc) MarshalJSON() ([]byte, error) { 1220 type NoMethod Oidc 1221 raw := NoMethod(*s) 1222 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1223} 1224 1225// Operation: This resource represents a long-running operation that is 1226// the result of a network API call. 1227type Operation struct { 1228 // Done: If the value is `false`, it means the operation is still in 1229 // progress. If `true`, the operation is completed, and either `error` 1230 // or `response` is available. 1231 Done bool `json:"done,omitempty"` 1232 1233 // Error: The error result of the operation in case of failure or 1234 // cancellation. 1235 Error *Status `json:"error,omitempty"` 1236 1237 // Metadata: Service-specific metadata associated with the operation. It 1238 // typically contains progress information and common metadata such as 1239 // create time. Some services might not provide such metadata. Any 1240 // method that returns a long-running operation should document the 1241 // metadata type, if any. 1242 Metadata googleapi.RawMessage `json:"metadata,omitempty"` 1243 1244 // Name: The server-assigned name, which is only unique within the same 1245 // service that originally returns it. If you use the default HTTP 1246 // mapping, the `name` should be a resource name ending with 1247 // `operations/{unique_id}`. 1248 Name string `json:"name,omitempty"` 1249 1250 // Response: The normal response of the operation in case of success. If 1251 // the original method returns no data on success, such as `Delete`, the 1252 // response is `google.protobuf.Empty`. If the original method is 1253 // standard `Get`/`Create`/`Update`, the response should be the 1254 // resource. For other methods, the response should have the type 1255 // `XxxResponse`, where `Xxx` is the original method name. For example, 1256 // if the original method name is `TakeSnapshot()`, the inferred 1257 // response type is `TakeSnapshotResponse`. 1258 Response googleapi.RawMessage `json:"response,omitempty"` 1259 1260 // ServerResponse contains the HTTP response code and headers from the 1261 // server. 1262 googleapi.ServerResponse `json:"-"` 1263 1264 // ForceSendFields is a list of field names (e.g. "Done") to 1265 // unconditionally include in API requests. By default, fields with 1266 // empty or default values are omitted from API requests. However, any 1267 // non-pointer, non-interface field appearing in ForceSendFields will be 1268 // sent to the server regardless of whether the field is empty or not. 1269 // This may be used to include empty fields in Patch requests. 1270 ForceSendFields []string `json:"-"` 1271 1272 // NullFields is a list of field names (e.g. "Done") to include in API 1273 // requests with the JSON null value. By default, fields with empty 1274 // values are omitted from API requests. However, any field with an 1275 // empty value appearing in NullFields will be sent to the server as 1276 // null. It is an error if a field in this list has a non-empty value. 1277 // This may be used to include null fields in Patch requests. 1278 NullFields []string `json:"-"` 1279} 1280 1281func (s *Operation) MarshalJSON() ([]byte, error) { 1282 type NoMethod Operation 1283 raw := NoMethod(*s) 1284 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1285} 1286 1287// PatchServiceAccountRequest: The request for PatchServiceAccount. You 1288// can patch only the `display_name` and `description` fields. You must 1289// use the `update_mask` field to specify which of these fields you want 1290// to patch. Only the fields specified in the request are guaranteed to 1291// be returned in the response. Other fields may be empty in the 1292// response. 1293type PatchServiceAccountRequest struct { 1294 ServiceAccount *ServiceAccount `json:"serviceAccount,omitempty"` 1295 1296 UpdateMask string `json:"updateMask,omitempty"` 1297 1298 // ForceSendFields is a list of field names (e.g. "ServiceAccount") to 1299 // unconditionally include in API requests. By default, fields with 1300 // empty or default values are omitted from API requests. However, any 1301 // non-pointer, non-interface field appearing in ForceSendFields will be 1302 // sent to the server regardless of whether the field is empty or not. 1303 // This may be used to include empty fields in Patch requests. 1304 ForceSendFields []string `json:"-"` 1305 1306 // NullFields is a list of field names (e.g. "ServiceAccount") to 1307 // include in API requests with the JSON null value. By default, fields 1308 // with empty values are omitted from API requests. However, any field 1309 // with an empty value appearing in NullFields will be sent to the 1310 // server as null. It is an error if a field in this list has a 1311 // non-empty value. This may be used to include null fields in Patch 1312 // requests. 1313 NullFields []string `json:"-"` 1314} 1315 1316func (s *PatchServiceAccountRequest) MarshalJSON() ([]byte, error) { 1317 type NoMethod PatchServiceAccountRequest 1318 raw := NoMethod(*s) 1319 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1320} 1321 1322// Permission: A permission which can be included by a role. 1323type Permission struct { 1324 // ApiDisabled: The service API associated with the permission is not 1325 // enabled. 1326 ApiDisabled bool `json:"apiDisabled,omitempty"` 1327 1328 // CustomRolesSupportLevel: The current custom role support level. 1329 // 1330 // Possible values: 1331 // "SUPPORTED" - Default state. Permission is fully supported for 1332 // custom role use. 1333 // "TESTING" - Permission is being tested to check custom role 1334 // compatibility. 1335 // "NOT_SUPPORTED" - Permission is not supported for custom role use. 1336 CustomRolesSupportLevel string `json:"customRolesSupportLevel,omitempty"` 1337 1338 // Description: A brief description of what this Permission is used for. 1339 // This permission can ONLY be used in predefined roles. 1340 Description string `json:"description,omitempty"` 1341 1342 // Name: The name of this Permission. 1343 Name string `json:"name,omitempty"` 1344 1345 OnlyInPredefinedRoles bool `json:"onlyInPredefinedRoles,omitempty"` 1346 1347 // PrimaryPermission: The preferred name for this permission. If 1348 // present, then this permission is an alias of, and equivalent to, the 1349 // listed primary_permission. 1350 PrimaryPermission string `json:"primaryPermission,omitempty"` 1351 1352 // Stage: The current launch stage of the permission. 1353 // 1354 // Possible values: 1355 // "ALPHA" - The permission is currently in an alpha phase. 1356 // "BETA" - The permission is currently in a beta phase. 1357 // "GA" - The permission is generally available. 1358 // "DEPRECATED" - The permission is being deprecated. 1359 Stage string `json:"stage,omitempty"` 1360 1361 // Title: The title of this Permission. 1362 Title string `json:"title,omitempty"` 1363 1364 // ForceSendFields is a list of field names (e.g. "ApiDisabled") to 1365 // unconditionally include in API requests. By default, fields with 1366 // empty or default values are omitted from API requests. However, any 1367 // non-pointer, non-interface field appearing in ForceSendFields will be 1368 // sent to the server regardless of whether the field is empty or not. 1369 // This may be used to include empty fields in Patch requests. 1370 ForceSendFields []string `json:"-"` 1371 1372 // NullFields is a list of field names (e.g. "ApiDisabled") to include 1373 // in API requests with the JSON null value. By default, fields with 1374 // empty values are omitted from API requests. However, any field with 1375 // an empty value appearing in NullFields will be sent to the server as 1376 // null. It is an error if a field in this list has a non-empty value. 1377 // This may be used to include null fields in Patch requests. 1378 NullFields []string `json:"-"` 1379} 1380 1381func (s *Permission) MarshalJSON() ([]byte, error) { 1382 type NoMethod Permission 1383 raw := NoMethod(*s) 1384 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1385} 1386 1387// PermissionDelta: A PermissionDelta message to record the 1388// added_permissions and removed_permissions inside a role. 1389type PermissionDelta struct { 1390 // AddedPermissions: Added permissions. 1391 AddedPermissions []string `json:"addedPermissions,omitempty"` 1392 1393 // RemovedPermissions: Removed permissions. 1394 RemovedPermissions []string `json:"removedPermissions,omitempty"` 1395 1396 // ForceSendFields is a list of field names (e.g. "AddedPermissions") to 1397 // unconditionally include in API requests. By default, fields with 1398 // empty or default values are omitted from API requests. However, any 1399 // non-pointer, non-interface field appearing in ForceSendFields will be 1400 // sent to the server regardless of whether the field is empty or not. 1401 // This may be used to include empty fields in Patch requests. 1402 ForceSendFields []string `json:"-"` 1403 1404 // NullFields is a list of field names (e.g. "AddedPermissions") to 1405 // include in API requests with the JSON null value. By default, fields 1406 // with empty values are omitted from API requests. However, any field 1407 // with an empty value appearing in NullFields will be sent to the 1408 // server as null. It is an error if a field in this list has a 1409 // non-empty value. This may be used to include null fields in Patch 1410 // requests. 1411 NullFields []string `json:"-"` 1412} 1413 1414func (s *PermissionDelta) MarshalJSON() ([]byte, error) { 1415 type NoMethod PermissionDelta 1416 raw := NoMethod(*s) 1417 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1418} 1419 1420// Policy: An Identity and Access Management (IAM) policy, which 1421// specifies access controls for Google Cloud resources. A `Policy` is a 1422// collection of `bindings`. A `binding` binds one or more `members` to 1423// a single `role`. Members can be user accounts, service accounts, 1424// Google groups, and domains (such as G Suite). A `role` is a named 1425// list of permissions; each `role` can be an IAM predefined role or a 1426// user-created custom role. For some types of Google Cloud resources, a 1427// `binding` can also specify a `condition`, which is a logical 1428// expression that allows access to a resource only if the expression 1429// evaluates to `true`. A condition can add constraints based on 1430// attributes of the request, the resource, or both. To learn which 1431// resources support conditions in their IAM policies, see the IAM 1432// documentation 1433// (https://cloud.google.com/iam/help/conditions/resource-policies). 1434// **JSON example:** { "bindings": [ { "role": 1435// "roles/resourcemanager.organizationAdmin", "members": [ 1436// "user:mike@example.com", "group:admins@example.com", 1437// "domain:google.com", 1438// "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { 1439// "role": "roles/resourcemanager.organizationViewer", "members": [ 1440// "user:eve@example.com" ], "condition": { "title": "expirable access", 1441// "description": "Does not grant access after Sep 2020", "expression": 1442// "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], 1443// "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - 1444// members: - user:mike@example.com - group:admins@example.com - 1445// domain:google.com - 1446// serviceAccount:my-project-id@appspot.gserviceaccount.com role: 1447// roles/resourcemanager.organizationAdmin - members: - 1448// user:eve@example.com role: roles/resourcemanager.organizationViewer 1449// condition: title: expirable access description: Does not grant access 1450// after Sep 2020 expression: request.time < 1451// timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 1452// For a description of IAM and its features, see the IAM documentation 1453// (https://cloud.google.com/iam/docs/). 1454type Policy struct { 1455 // AuditConfigs: Specifies cloud audit logging configuration for this 1456 // policy. 1457 AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"` 1458 1459 // Bindings: Associates a list of `members` to a `role`. Optionally, may 1460 // specify a `condition` that determines how and when the `bindings` are 1461 // applied. Each of the `bindings` must contain at least one member. 1462 Bindings []*Binding `json:"bindings,omitempty"` 1463 1464 // Etag: `etag` is used for optimistic concurrency control as a way to 1465 // help prevent simultaneous updates of a policy from overwriting each 1466 // other. It is strongly suggested that systems make use of the `etag` 1467 // in the read-modify-write cycle to perform policy updates in order to 1468 // avoid race conditions: An `etag` is returned in the response to 1469 // `getIamPolicy`, and systems are expected to put that etag in the 1470 // request to `setIamPolicy` to ensure that their change will be applied 1471 // to the same version of the policy. **Important:** If you use IAM 1472 // Conditions, you must include the `etag` field whenever you call 1473 // `setIamPolicy`. If you omit this field, then IAM allows you to 1474 // overwrite a version `3` policy with a version `1` policy, and all of 1475 // the conditions in the version `3` policy are lost. 1476 Etag string `json:"etag,omitempty"` 1477 1478 // Version: Specifies the format of the policy. Valid values are `0`, 1479 // `1`, and `3`. Requests that specify an invalid value are rejected. 1480 // Any operation that affects conditional role bindings must specify 1481 // version `3`. This requirement applies to the following operations: * 1482 // Getting a policy that includes a conditional role binding * Adding a 1483 // conditional role binding to a policy * Changing a conditional role 1484 // binding in a policy * Removing any role binding, with or without a 1485 // condition, from a policy that includes conditions **Important:** If 1486 // you use IAM Conditions, you must include the `etag` field whenever 1487 // you call `setIamPolicy`. If you omit this field, then IAM allows you 1488 // to overwrite a version `3` policy with a version `1` policy, and all 1489 // of the conditions in the version `3` policy are lost. If a policy 1490 // does not include any conditions, operations on that policy may 1491 // specify any valid version or leave the field unset. To learn which 1492 // resources support conditions in their IAM policies, see the IAM 1493 // documentation 1494 // (https://cloud.google.com/iam/help/conditions/resource-policies). 1495 Version int64 `json:"version,omitempty"` 1496 1497 // ServerResponse contains the HTTP response code and headers from the 1498 // server. 1499 googleapi.ServerResponse `json:"-"` 1500 1501 // ForceSendFields is a list of field names (e.g. "AuditConfigs") to 1502 // unconditionally include in API requests. By default, fields with 1503 // empty or default values are omitted from API requests. However, any 1504 // non-pointer, non-interface field appearing in ForceSendFields will be 1505 // sent to the server regardless of whether the field is empty or not. 1506 // This may be used to include empty fields in Patch requests. 1507 ForceSendFields []string `json:"-"` 1508 1509 // NullFields is a list of field names (e.g. "AuditConfigs") to include 1510 // in API requests with the JSON null value. By default, fields with 1511 // empty values are omitted from API requests. However, any field with 1512 // an empty value appearing in NullFields will be sent to the server as 1513 // null. It is an error if a field in this list has a non-empty value. 1514 // This may be used to include null fields in Patch requests. 1515 NullFields []string `json:"-"` 1516} 1517 1518func (s *Policy) MarshalJSON() ([]byte, error) { 1519 type NoMethod Policy 1520 raw := NoMethod(*s) 1521 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1522} 1523 1524// PolicyDelta: The difference delta between two policies. 1525type PolicyDelta struct { 1526 // BindingDeltas: The delta for Bindings between two policies. 1527 BindingDeltas []*BindingDelta `json:"bindingDeltas,omitempty"` 1528 1529 // ForceSendFields is a list of field names (e.g. "BindingDeltas") to 1530 // unconditionally include in API requests. By default, fields with 1531 // empty or default values are omitted from API requests. However, any 1532 // non-pointer, non-interface field appearing in ForceSendFields will be 1533 // sent to the server regardless of whether the field is empty or not. 1534 // This may be used to include empty fields in Patch requests. 1535 ForceSendFields []string `json:"-"` 1536 1537 // NullFields is a list of field names (e.g. "BindingDeltas") to include 1538 // in API requests with the JSON null value. By default, fields with 1539 // empty values are omitted from API requests. However, any field with 1540 // an empty value appearing in NullFields will be sent to the server as 1541 // null. It is an error if a field in this list has a non-empty value. 1542 // This may be used to include null fields in Patch requests. 1543 NullFields []string `json:"-"` 1544} 1545 1546func (s *PolicyDelta) MarshalJSON() ([]byte, error) { 1547 type NoMethod PolicyDelta 1548 raw := NoMethod(*s) 1549 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1550} 1551 1552// QueryAuditableServicesRequest: A request to get the list of auditable 1553// services for a resource. 1554type QueryAuditableServicesRequest struct { 1555 // FullResourceName: Required. The full resource name to query from the 1556 // list of auditable services. The name follows the Google Cloud 1557 // Platform resource format. For example, a Cloud Platform project with 1558 // id `my-project` will be named 1559 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1560 FullResourceName string `json:"fullResourceName,omitempty"` 1561 1562 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1563 // unconditionally include in API requests. By default, fields with 1564 // empty or default values are omitted from API requests. However, any 1565 // non-pointer, non-interface field appearing in ForceSendFields will be 1566 // sent to the server regardless of whether the field is empty or not. 1567 // This may be used to include empty fields in Patch requests. 1568 ForceSendFields []string `json:"-"` 1569 1570 // NullFields is a list of field names (e.g. "FullResourceName") to 1571 // include in API requests with the JSON null value. By default, fields 1572 // with empty values are omitted from API requests. However, any field 1573 // with an empty value appearing in NullFields will be sent to the 1574 // server as null. It is an error if a field in this list has a 1575 // non-empty value. This may be used to include null fields in Patch 1576 // requests. 1577 NullFields []string `json:"-"` 1578} 1579 1580func (s *QueryAuditableServicesRequest) MarshalJSON() ([]byte, error) { 1581 type NoMethod QueryAuditableServicesRequest 1582 raw := NoMethod(*s) 1583 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1584} 1585 1586// QueryAuditableServicesResponse: A response containing a list of 1587// auditable services for a resource. 1588type QueryAuditableServicesResponse struct { 1589 // Services: The auditable services for a resource. 1590 Services []*AuditableService `json:"services,omitempty"` 1591 1592 // ServerResponse contains the HTTP response code and headers from the 1593 // server. 1594 googleapi.ServerResponse `json:"-"` 1595 1596 // ForceSendFields is a list of field names (e.g. "Services") to 1597 // unconditionally include in API requests. By default, fields with 1598 // empty or default values are omitted from API requests. However, any 1599 // non-pointer, non-interface field appearing in ForceSendFields will be 1600 // sent to the server regardless of whether the field is empty or not. 1601 // This may be used to include empty fields in Patch requests. 1602 ForceSendFields []string `json:"-"` 1603 1604 // NullFields is a list of field names (e.g. "Services") to include in 1605 // API requests with the JSON null value. By default, fields with empty 1606 // values are omitted from API requests. However, any field with an 1607 // empty value appearing in NullFields will be sent to the server as 1608 // null. It is an error if a field in this list has a non-empty value. 1609 // This may be used to include null fields in Patch requests. 1610 NullFields []string `json:"-"` 1611} 1612 1613func (s *QueryAuditableServicesResponse) MarshalJSON() ([]byte, error) { 1614 type NoMethod QueryAuditableServicesResponse 1615 raw := NoMethod(*s) 1616 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1617} 1618 1619// QueryGrantableRolesRequest: The grantable role query request. 1620type QueryGrantableRolesRequest struct { 1621 // FullResourceName: Required. The full resource name to query from the 1622 // list of grantable roles. The name follows the Google Cloud Platform 1623 // resource format. For example, a Cloud Platform project with id 1624 // `my-project` will be named 1625 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1626 FullResourceName string `json:"fullResourceName,omitempty"` 1627 1628 // PageSize: Optional limit on the number of roles to include in the 1629 // response. The default is 300, and the maximum is 1,000. 1630 PageSize int64 `json:"pageSize,omitempty"` 1631 1632 // PageToken: Optional pagination token returned in an earlier 1633 // QueryGrantableRolesResponse. 1634 PageToken string `json:"pageToken,omitempty"` 1635 1636 // Possible values: 1637 // "BASIC" - Omits the `included_permissions` field. This is the 1638 // default value. 1639 // "FULL" - Returns all fields. 1640 View string `json:"view,omitempty"` 1641 1642 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1643 // unconditionally include in API requests. By default, fields with 1644 // empty or default values are omitted from API requests. However, any 1645 // non-pointer, non-interface field appearing in ForceSendFields will be 1646 // sent to the server regardless of whether the field is empty or not. 1647 // This may be used to include empty fields in Patch requests. 1648 ForceSendFields []string `json:"-"` 1649 1650 // NullFields is a list of field names (e.g. "FullResourceName") to 1651 // include in API requests with the JSON null value. By default, fields 1652 // with empty values are omitted from API requests. However, any field 1653 // with an empty value appearing in NullFields will be sent to the 1654 // server as null. It is an error if a field in this list has a 1655 // non-empty value. This may be used to include null fields in Patch 1656 // requests. 1657 NullFields []string `json:"-"` 1658} 1659 1660func (s *QueryGrantableRolesRequest) MarshalJSON() ([]byte, error) { 1661 type NoMethod QueryGrantableRolesRequest 1662 raw := NoMethod(*s) 1663 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1664} 1665 1666// QueryGrantableRolesResponse: The grantable role query response. 1667type QueryGrantableRolesResponse struct { 1668 // NextPageToken: To retrieve the next page of results, set 1669 // `QueryGrantableRolesRequest.page_token` to this value. 1670 NextPageToken string `json:"nextPageToken,omitempty"` 1671 1672 // Roles: The list of matching roles. 1673 Roles []*Role `json:"roles,omitempty"` 1674 1675 // ServerResponse contains the HTTP response code and headers from the 1676 // server. 1677 googleapi.ServerResponse `json:"-"` 1678 1679 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1680 // unconditionally include in API requests. By default, fields with 1681 // empty or default values are omitted from API requests. However, any 1682 // non-pointer, non-interface field appearing in ForceSendFields will be 1683 // sent to the server regardless of whether the field is empty or not. 1684 // This may be used to include empty fields in Patch requests. 1685 ForceSendFields []string `json:"-"` 1686 1687 // NullFields is a list of field names (e.g. "NextPageToken") to include 1688 // in API requests with the JSON null value. By default, fields with 1689 // empty values are omitted from API requests. However, any field with 1690 // an empty value appearing in NullFields will be sent to the server as 1691 // null. It is an error if a field in this list has a non-empty value. 1692 // This may be used to include null fields in Patch requests. 1693 NullFields []string `json:"-"` 1694} 1695 1696func (s *QueryGrantableRolesResponse) MarshalJSON() ([]byte, error) { 1697 type NoMethod QueryGrantableRolesResponse 1698 raw := NoMethod(*s) 1699 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1700} 1701 1702// QueryTestablePermissionsRequest: A request to get permissions which 1703// can be tested on a resource. 1704type QueryTestablePermissionsRequest struct { 1705 // FullResourceName: Required. The full resource name to query from the 1706 // list of testable permissions. The name follows the Google Cloud 1707 // Platform resource format. For example, a Cloud Platform project with 1708 // id `my-project` will be named 1709 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1710 FullResourceName string `json:"fullResourceName,omitempty"` 1711 1712 // PageSize: Optional limit on the number of permissions to include in 1713 // the response. The default is 100, and the maximum is 1,000. 1714 PageSize int64 `json:"pageSize,omitempty"` 1715 1716 // PageToken: Optional pagination token returned in an earlier 1717 // QueryTestablePermissionsRequest. 1718 PageToken string `json:"pageToken,omitempty"` 1719 1720 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1721 // unconditionally include in API requests. By default, fields with 1722 // empty or default values are omitted from API requests. However, any 1723 // non-pointer, non-interface field appearing in ForceSendFields will be 1724 // sent to the server regardless of whether the field is empty or not. 1725 // This may be used to include empty fields in Patch requests. 1726 ForceSendFields []string `json:"-"` 1727 1728 // NullFields is a list of field names (e.g. "FullResourceName") to 1729 // include in API requests with the JSON null value. By default, fields 1730 // with empty values are omitted from API requests. However, any field 1731 // with an empty value appearing in NullFields will be sent to the 1732 // server as null. It is an error if a field in this list has a 1733 // non-empty value. This may be used to include null fields in Patch 1734 // requests. 1735 NullFields []string `json:"-"` 1736} 1737 1738func (s *QueryTestablePermissionsRequest) MarshalJSON() ([]byte, error) { 1739 type NoMethod QueryTestablePermissionsRequest 1740 raw := NoMethod(*s) 1741 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1742} 1743 1744// QueryTestablePermissionsResponse: The response containing permissions 1745// which can be tested on a resource. 1746type QueryTestablePermissionsResponse struct { 1747 // NextPageToken: To retrieve the next page of results, set 1748 // `QueryTestableRolesRequest.page_token` to this value. 1749 NextPageToken string `json:"nextPageToken,omitempty"` 1750 1751 // Permissions: The Permissions testable on the requested resource. 1752 Permissions []*Permission `json:"permissions,omitempty"` 1753 1754 // ServerResponse contains the HTTP response code and headers from the 1755 // server. 1756 googleapi.ServerResponse `json:"-"` 1757 1758 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1759 // unconditionally include in API requests. By default, fields with 1760 // empty or default values are omitted from API requests. However, any 1761 // non-pointer, non-interface field appearing in ForceSendFields will be 1762 // sent to the server regardless of whether the field is empty or not. 1763 // This may be used to include empty fields in Patch requests. 1764 ForceSendFields []string `json:"-"` 1765 1766 // NullFields is a list of field names (e.g. "NextPageToken") to include 1767 // in API requests with the JSON null value. By default, fields with 1768 // empty values are omitted from API requests. However, any field with 1769 // an empty value appearing in NullFields will be sent to the server as 1770 // null. It is an error if a field in this list has a non-empty value. 1771 // This may be used to include null fields in Patch requests. 1772 NullFields []string `json:"-"` 1773} 1774 1775func (s *QueryTestablePermissionsResponse) MarshalJSON() ([]byte, error) { 1776 type NoMethod QueryTestablePermissionsResponse 1777 raw := NoMethod(*s) 1778 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1779} 1780 1781// Role: A role in the Identity and Access Management API. 1782type Role struct { 1783 // Deleted: The current deleted state of the role. This field is read 1784 // only. It will be ignored in calls to CreateRole and UpdateRole. 1785 Deleted bool `json:"deleted,omitempty"` 1786 1787 // Description: Optional. A human-readable description for the role. 1788 Description string `json:"description,omitempty"` 1789 1790 // Etag: Used to perform a consistent read-modify-write. 1791 Etag string `json:"etag,omitempty"` 1792 1793 // IncludedPermissions: The names of the permissions this role grants 1794 // when bound in an IAM policy. 1795 IncludedPermissions []string `json:"includedPermissions,omitempty"` 1796 1797 // Name: The name of the role. When Role is used in CreateRole, the role 1798 // name must not be set. When Role is used in output and other input 1799 // such as UpdateRole, the role name is the complete path, e.g., 1800 // roles/logging.viewer for predefined roles and 1801 // organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom 1802 // roles. 1803 Name string `json:"name,omitempty"` 1804 1805 // Stage: The current launch stage of the role. If the `ALPHA` launch 1806 // stage has been selected for a role, the `stage` field will not be 1807 // included in the returned definition for the role. 1808 // 1809 // Possible values: 1810 // "ALPHA" - The user has indicated this role is currently in an Alpha 1811 // phase. If this launch stage is selected, the `stage` field will not 1812 // be included when requesting the definition for a given role. 1813 // "BETA" - The user has indicated this role is currently in a Beta 1814 // phase. 1815 // "GA" - The user has indicated this role is generally available. 1816 // "DEPRECATED" - The user has indicated this role is being 1817 // deprecated. 1818 // "DISABLED" - This role is disabled and will not contribute 1819 // permissions to any members it is granted to in policies. 1820 // "EAP" - The user has indicated this role is currently in an EAP 1821 // phase. 1822 Stage string `json:"stage,omitempty"` 1823 1824 // Title: Optional. A human-readable title for the role. Typically this 1825 // is limited to 100 UTF-8 bytes. 1826 Title string `json:"title,omitempty"` 1827 1828 // ServerResponse contains the HTTP response code and headers from the 1829 // server. 1830 googleapi.ServerResponse `json:"-"` 1831 1832 // ForceSendFields is a list of field names (e.g. "Deleted") to 1833 // unconditionally include in API requests. By default, fields with 1834 // empty or default values are omitted from API requests. However, any 1835 // non-pointer, non-interface field appearing in ForceSendFields will be 1836 // sent to the server regardless of whether the field is empty or not. 1837 // This may be used to include empty fields in Patch requests. 1838 ForceSendFields []string `json:"-"` 1839 1840 // NullFields is a list of field names (e.g. "Deleted") to include in 1841 // API requests with the JSON null value. By default, fields with empty 1842 // values are omitted from API requests. However, any field with an 1843 // empty value appearing in NullFields will be sent to the server as 1844 // null. It is an error if a field in this list has a non-empty value. 1845 // This may be used to include null fields in Patch requests. 1846 NullFields []string `json:"-"` 1847} 1848 1849func (s *Role) MarshalJSON() ([]byte, error) { 1850 type NoMethod Role 1851 raw := NoMethod(*s) 1852 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1853} 1854 1855// ServiceAccount: An IAM service account. A service account is an 1856// account for an application or a virtual machine (VM) instance, not a 1857// person. You can use a service account to call Google APIs. To learn 1858// more, read the overview of service accounts 1859// (https://cloud.google.com/iam/help/service-accounts/overview). When 1860// you create a service account, you specify the project ID that owns 1861// the service account, as well as a name that must be unique within the 1862// project. IAM uses these values to create an email address that 1863// identifies the service account. 1864type ServiceAccount struct { 1865 // Description: Optional. A user-specified, human-readable description 1866 // of the service account. The maximum length is 256 UTF-8 bytes. 1867 Description string `json:"description,omitempty"` 1868 1869 // Disabled: Output only. Whether the service account is disabled. 1870 Disabled bool `json:"disabled,omitempty"` 1871 1872 // DisplayName: Optional. A user-specified, human-readable name for the 1873 // service account. The maximum length is 100 UTF-8 bytes. 1874 DisplayName string `json:"displayName,omitempty"` 1875 1876 // Email: Output only. The email address of the service account. 1877 Email string `json:"email,omitempty"` 1878 1879 // Etag: Deprecated. Do not use. 1880 Etag string `json:"etag,omitempty"` 1881 1882 // Name: The resource name of the service account. Use one of the 1883 // following formats: * 1884 // `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * 1885 // `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an 1886 // alternative, you can use the `-` wildcard character instead of the 1887 // project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * 1888 // `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using 1889 // the `-` wildcard character, because it can cause response messages to 1890 // contain misleading error codes. For example, if you try to get the 1891 // service account `projects/-/serviceAccounts/fake@example.com`, which 1892 // does not exist, the response contains an HTTP `403 Forbidden` error 1893 // instead of a `404 Not Found` error. 1894 Name string `json:"name,omitempty"` 1895 1896 // Oauth2ClientId: Output only. The OAuth 2.0 client ID for the service 1897 // account. 1898 Oauth2ClientId string `json:"oauth2ClientId,omitempty"` 1899 1900 // ProjectId: Output only. The ID of the project that owns the service 1901 // account. 1902 ProjectId string `json:"projectId,omitempty"` 1903 1904 // UniqueId: Output only. The unique, stable numeric ID for the service 1905 // account. Each service account retains its unique ID even if you 1906 // delete the service account. For example, if you delete a service 1907 // account, then create a new service account with the same name, the 1908 // new service account has a different unique ID than the deleted 1909 // service account. 1910 UniqueId string `json:"uniqueId,omitempty"` 1911 1912 // ServerResponse contains the HTTP response code and headers from the 1913 // server. 1914 googleapi.ServerResponse `json:"-"` 1915 1916 // ForceSendFields is a list of field names (e.g. "Description") to 1917 // unconditionally include in API requests. By default, fields with 1918 // empty or default values are omitted from API requests. However, any 1919 // non-pointer, non-interface field appearing in ForceSendFields will be 1920 // sent to the server regardless of whether the field is empty or not. 1921 // This may be used to include empty fields in Patch requests. 1922 ForceSendFields []string `json:"-"` 1923 1924 // NullFields is a list of field names (e.g. "Description") to include 1925 // in API requests with the JSON null value. By default, fields with 1926 // empty values are omitted from API requests. However, any field with 1927 // an empty value appearing in NullFields will be sent to the server as 1928 // null. It is an error if a field in this list has a non-empty value. 1929 // This may be used to include null fields in Patch requests. 1930 NullFields []string `json:"-"` 1931} 1932 1933func (s *ServiceAccount) MarshalJSON() ([]byte, error) { 1934 type NoMethod ServiceAccount 1935 raw := NoMethod(*s) 1936 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1937} 1938 1939// ServiceAccountKey: Represents a service account key. A service 1940// account has two sets of key-pairs: user-managed, and system-managed. 1941// User-managed key-pairs can be created and deleted by users. Users are 1942// responsible for rotating these keys periodically to ensure security 1943// of their service accounts. Users retain the private key of these 1944// key-pairs, and Google retains ONLY the public key. System-managed 1945// keys are automatically rotated by Google, and are used for signing 1946// for a maximum of two weeks. The rotation process is probabilistic, 1947// and usage of the new key will gradually ramp up and down over the 1948// key's lifetime. If you cache the public key set for a service 1949// account, we recommend that you update the cache every 15 minutes. 1950// User-managed keys can be added and removed at any time, so it is 1951// important to update the cache frequently. For Google-managed keys, 1952// Google will publish a key at least 6 hours before it is first used 1953// for signing and will keep publishing it for at least 6 hours after it 1954// was last used for signing. Public keys for all service accounts are 1955// also published at the OAuth2 Service Account API. 1956type ServiceAccountKey struct { 1957 // Disabled: The key status. 1958 Disabled bool `json:"disabled,omitempty"` 1959 1960 // KeyAlgorithm: Specifies the algorithm (and possibly key size) for the 1961 // key. 1962 // 1963 // Possible values: 1964 // "KEY_ALG_UNSPECIFIED" - An unspecified key algorithm. 1965 // "KEY_ALG_RSA_1024" - 1k RSA Key. 1966 // "KEY_ALG_RSA_2048" - 2k RSA Key. 1967 KeyAlgorithm string `json:"keyAlgorithm,omitempty"` 1968 1969 // KeyOrigin: The key origin. 1970 // 1971 // Possible values: 1972 // "ORIGIN_UNSPECIFIED" - Unspecified key origin. 1973 // "USER_PROVIDED" - Key is provided by user. 1974 // "GOOGLE_PROVIDED" - Key is provided by Google. 1975 KeyOrigin string `json:"keyOrigin,omitempty"` 1976 1977 // KeyType: The key type. 1978 // 1979 // Possible values: 1980 // "KEY_TYPE_UNSPECIFIED" - Unspecified key type. The presence of this 1981 // in the message will immediately result in an error. 1982 // "USER_MANAGED" - User-managed keys (managed and rotated by the 1983 // user). 1984 // "SYSTEM_MANAGED" - System-managed keys (managed and rotated by 1985 // Google). 1986 KeyType string `json:"keyType,omitempty"` 1987 1988 // Name: The resource name of the service account key in the following 1989 // format `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. 1990 Name string `json:"name,omitempty"` 1991 1992 // PrivateKeyData: The private key data. Only provided in 1993 // `CreateServiceAccountKey` responses. Make sure to keep the private 1994 // key data secure because it allows for the assertion of the service 1995 // account identity. When base64 decoded, the private key data can be 1996 // used to authenticate with Google API client libraries and with gcloud 1997 // auth activate-service-account. 1998 PrivateKeyData string `json:"privateKeyData,omitempty"` 1999 2000 // PrivateKeyType: The output format for the private key. Only provided 2001 // in `CreateServiceAccountKey` responses, not in `GetServiceAccountKey` 2002 // or `ListServiceAccountKey` responses. Google never exposes 2003 // system-managed private keys, and never retains user-managed private 2004 // keys. 2005 // 2006 // Possible values: 2007 // "TYPE_UNSPECIFIED" - Unspecified. Equivalent to 2008 // `TYPE_GOOGLE_CREDENTIALS_FILE`. 2009 // "TYPE_PKCS12_FILE" - PKCS12 format. The password for the PKCS12 2010 // file is `notasecret`. For more information, see 2011 // https://tools.ietf.org/html/rfc7292. 2012 // "TYPE_GOOGLE_CREDENTIALS_FILE" - Google Credentials File format. 2013 PrivateKeyType string `json:"privateKeyType,omitempty"` 2014 2015 // PublicKeyData: The public key data. Only provided in 2016 // `GetServiceAccountKey` responses. 2017 PublicKeyData string `json:"publicKeyData,omitempty"` 2018 2019 // ValidAfterTime: The key can be used after this timestamp. 2020 ValidAfterTime string `json:"validAfterTime,omitempty"` 2021 2022 // ValidBeforeTime: The key can be used before this timestamp. For 2023 // system-managed key pairs, this timestamp is the end time for the 2024 // private key signing operation. The public key could still be used for 2025 // verification for a few hours after this time. 2026 ValidBeforeTime string `json:"validBeforeTime,omitempty"` 2027 2028 // ServerResponse contains the HTTP response code and headers from the 2029 // server. 2030 googleapi.ServerResponse `json:"-"` 2031 2032 // ForceSendFields is a list of field names (e.g. "Disabled") to 2033 // unconditionally include in API requests. By default, fields with 2034 // empty or default values are omitted from API requests. However, any 2035 // non-pointer, non-interface field appearing in ForceSendFields will be 2036 // sent to the server regardless of whether the field is empty or not. 2037 // This may be used to include empty fields in Patch requests. 2038 ForceSendFields []string `json:"-"` 2039 2040 // NullFields is a list of field names (e.g. "Disabled") to include in 2041 // API requests with the JSON null value. By default, fields with empty 2042 // values are omitted from API requests. However, any field with an 2043 // empty value appearing in NullFields will be sent to the server as 2044 // null. It is an error if a field in this list has a non-empty value. 2045 // This may be used to include null fields in Patch requests. 2046 NullFields []string `json:"-"` 2047} 2048 2049func (s *ServiceAccountKey) MarshalJSON() ([]byte, error) { 2050 type NoMethod ServiceAccountKey 2051 raw := NoMethod(*s) 2052 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2053} 2054 2055// SetIamPolicyRequest: Request message for `SetIamPolicy` method. 2056type SetIamPolicyRequest struct { 2057 // Policy: REQUIRED: The complete policy to be applied to the 2058 // `resource`. The size of the policy is limited to a few 10s of KB. An 2059 // empty policy is a valid policy but certain Cloud Platform services 2060 // (such as Projects) might reject them. 2061 Policy *Policy `json:"policy,omitempty"` 2062 2063 // UpdateMask: OPTIONAL: A FieldMask specifying which fields of the 2064 // policy to modify. Only the fields in the mask will be modified. If no 2065 // mask is provided, the following default mask is used: `paths: 2066 // "bindings, etag" 2067 UpdateMask string `json:"updateMask,omitempty"` 2068 2069 // ForceSendFields is a list of field names (e.g. "Policy") to 2070 // unconditionally include in API requests. By default, fields with 2071 // empty or default values are omitted from API requests. However, any 2072 // non-pointer, non-interface field appearing in ForceSendFields will be 2073 // sent to the server regardless of whether the field is empty or not. 2074 // This may be used to include empty fields in Patch requests. 2075 ForceSendFields []string `json:"-"` 2076 2077 // NullFields is a list of field names (e.g. "Policy") to include in API 2078 // requests with the JSON null value. By default, fields with empty 2079 // values are omitted from API requests. However, any field with an 2080 // empty value appearing in NullFields will be sent to the server as 2081 // null. It is an error if a field in this list has a non-empty value. 2082 // This may be used to include null fields in Patch requests. 2083 NullFields []string `json:"-"` 2084} 2085 2086func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) { 2087 type NoMethod SetIamPolicyRequest 2088 raw := NoMethod(*s) 2089 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2090} 2091 2092// SignBlobRequest: Deprecated. Migrate to Service Account Credentials 2093// API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2094// service account sign blob request. 2095type SignBlobRequest struct { 2096 // BytesToSign: Required. Deprecated. Migrate to Service Account 2097 // Credentials API 2098 // (https://cloud.google.com/iam/help/credentials/migrate-api). The 2099 // bytes to sign. 2100 BytesToSign string `json:"bytesToSign,omitempty"` 2101 2102 // ForceSendFields is a list of field names (e.g. "BytesToSign") to 2103 // unconditionally include in API requests. By default, fields with 2104 // empty or default values are omitted from API requests. However, any 2105 // non-pointer, non-interface field appearing in ForceSendFields will be 2106 // sent to the server regardless of whether the field is empty or not. 2107 // This may be used to include empty fields in Patch requests. 2108 ForceSendFields []string `json:"-"` 2109 2110 // NullFields is a list of field names (e.g. "BytesToSign") to include 2111 // in API requests with the JSON null value. By default, fields with 2112 // empty values are omitted from API requests. However, any field with 2113 // an empty value appearing in NullFields will be sent to the server as 2114 // null. It is an error if a field in this list has a non-empty value. 2115 // This may be used to include null fields in Patch requests. 2116 NullFields []string `json:"-"` 2117} 2118 2119func (s *SignBlobRequest) MarshalJSON() ([]byte, error) { 2120 type NoMethod SignBlobRequest 2121 raw := NoMethod(*s) 2122 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2123} 2124 2125// SignBlobResponse: Deprecated. Migrate to Service Account Credentials 2126// API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2127// service account sign blob response. 2128type SignBlobResponse struct { 2129 // KeyId: Deprecated. Migrate to Service Account Credentials API 2130 // (https://cloud.google.com/iam/help/credentials/migrate-api). The id 2131 // of the key used to sign the blob. 2132 KeyId string `json:"keyId,omitempty"` 2133 2134 // Signature: Deprecated. Migrate to Service Account Credentials API 2135 // (https://cloud.google.com/iam/help/credentials/migrate-api). The 2136 // signed blob. 2137 Signature string `json:"signature,omitempty"` 2138 2139 // ServerResponse contains the HTTP response code and headers from the 2140 // server. 2141 googleapi.ServerResponse `json:"-"` 2142 2143 // ForceSendFields is a list of field names (e.g. "KeyId") to 2144 // unconditionally include in API requests. By default, fields with 2145 // empty or default values are omitted from API requests. However, any 2146 // non-pointer, non-interface field appearing in ForceSendFields will be 2147 // sent to the server regardless of whether the field is empty or not. 2148 // This may be used to include empty fields in Patch requests. 2149 ForceSendFields []string `json:"-"` 2150 2151 // NullFields is a list of field names (e.g. "KeyId") to include in API 2152 // requests with the JSON null value. By default, fields with empty 2153 // values are omitted from API requests. However, any field with an 2154 // empty value appearing in NullFields will be sent to the server as 2155 // null. It is an error if a field in this list has a non-empty value. 2156 // This may be used to include null fields in Patch requests. 2157 NullFields []string `json:"-"` 2158} 2159 2160func (s *SignBlobResponse) MarshalJSON() ([]byte, error) { 2161 type NoMethod SignBlobResponse 2162 raw := NoMethod(*s) 2163 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2164} 2165 2166// SignJwtRequest: Deprecated. Migrate to Service Account Credentials 2167// API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2168// service account sign JWT request. 2169type SignJwtRequest struct { 2170 // Payload: Required. Deprecated. Migrate to Service Account Credentials 2171 // API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2172 // JWT payload to sign. Must be a serialized JSON object that contains a 2173 // JWT Claims Set. For example: `{"sub": "user@example.com", "iat": 2174 // 313435}` If the JWT Claims Set contains an expiration time (`exp`) 2175 // claim, it must be an integer timestamp that is not in the past and no 2176 // more than 12 hours in the future. If the JWT Claims Set does not 2177 // contain an expiration time (`exp`) claim, this claim is added 2178 // automatically, with a timestamp that is 1 hour in the future. 2179 Payload string `json:"payload,omitempty"` 2180 2181 // ForceSendFields is a list of field names (e.g. "Payload") to 2182 // unconditionally include in API requests. By default, fields with 2183 // empty or default values are omitted from API requests. However, any 2184 // non-pointer, non-interface field appearing in ForceSendFields will be 2185 // sent to the server regardless of whether the field is empty or not. 2186 // This may be used to include empty fields in Patch requests. 2187 ForceSendFields []string `json:"-"` 2188 2189 // NullFields is a list of field names (e.g. "Payload") to include in 2190 // API requests with the JSON null value. By default, fields with empty 2191 // values are omitted from API requests. However, any field with an 2192 // empty value appearing in NullFields will be sent to the server as 2193 // null. It is an error if a field in this list has a non-empty value. 2194 // This may be used to include null fields in Patch requests. 2195 NullFields []string `json:"-"` 2196} 2197 2198func (s *SignJwtRequest) MarshalJSON() ([]byte, error) { 2199 type NoMethod SignJwtRequest 2200 raw := NoMethod(*s) 2201 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2202} 2203 2204// SignJwtResponse: Deprecated. Migrate to Service Account Credentials 2205// API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2206// service account sign JWT response. 2207type SignJwtResponse struct { 2208 // KeyId: Deprecated. Migrate to Service Account Credentials API 2209 // (https://cloud.google.com/iam/help/credentials/migrate-api). The id 2210 // of the key used to sign the JWT. 2211 KeyId string `json:"keyId,omitempty"` 2212 2213 // SignedJwt: Deprecated. Migrate to Service Account Credentials API 2214 // (https://cloud.google.com/iam/help/credentials/migrate-api). The 2215 // signed JWT. 2216 SignedJwt string `json:"signedJwt,omitempty"` 2217 2218 // ServerResponse contains the HTTP response code and headers from the 2219 // server. 2220 googleapi.ServerResponse `json:"-"` 2221 2222 // ForceSendFields is a list of field names (e.g. "KeyId") to 2223 // unconditionally include in API requests. By default, fields with 2224 // empty or default values are omitted from API requests. However, any 2225 // non-pointer, non-interface field appearing in ForceSendFields will be 2226 // sent to the server regardless of whether the field is empty or not. 2227 // This may be used to include empty fields in Patch requests. 2228 ForceSendFields []string `json:"-"` 2229 2230 // NullFields is a list of field names (e.g. "KeyId") to include in API 2231 // requests with the JSON null value. By default, fields with empty 2232 // values are omitted from API requests. However, any field with an 2233 // empty value appearing in NullFields will be sent to the server as 2234 // null. It is an error if a field in this list has a non-empty value. 2235 // This may be used to include null fields in Patch requests. 2236 NullFields []string `json:"-"` 2237} 2238 2239func (s *SignJwtResponse) MarshalJSON() ([]byte, error) { 2240 type NoMethod SignJwtResponse 2241 raw := NoMethod(*s) 2242 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2243} 2244 2245// Status: The `Status` type defines a logical error model that is 2246// suitable for different programming environments, including REST APIs 2247// and RPC APIs. It is used by gRPC (https://github.com/grpc). Each 2248// `Status` message contains three pieces of data: error code, error 2249// message, and error details. You can find out more about this error 2250// model and how to work with it in the API Design Guide 2251// (https://cloud.google.com/apis/design/errors). 2252type Status struct { 2253 // Code: The status code, which should be an enum value of 2254 // google.rpc.Code. 2255 Code int64 `json:"code,omitempty"` 2256 2257 // Details: A list of messages that carry the error details. There is a 2258 // common set of message types for APIs to use. 2259 Details []googleapi.RawMessage `json:"details,omitempty"` 2260 2261 // Message: A developer-facing error message, which should be in 2262 // English. Any user-facing error message should be localized and sent 2263 // in the google.rpc.Status.details field, or localized by the client. 2264 Message string `json:"message,omitempty"` 2265 2266 // ForceSendFields is a list of field names (e.g. "Code") to 2267 // unconditionally include in API requests. By default, fields with 2268 // empty or default values are omitted from API requests. However, any 2269 // non-pointer, non-interface field appearing in ForceSendFields will be 2270 // sent to the server regardless of whether the field is empty or not. 2271 // This may be used to include empty fields in Patch requests. 2272 ForceSendFields []string `json:"-"` 2273 2274 // NullFields is a list of field names (e.g. "Code") to include in API 2275 // requests with the JSON null value. By default, fields with empty 2276 // values are omitted from API requests. However, any field with an 2277 // empty value appearing in NullFields will be sent to the server as 2278 // null. It is an error if a field in this list has a non-empty value. 2279 // This may be used to include null fields in Patch requests. 2280 NullFields []string `json:"-"` 2281} 2282 2283func (s *Status) MarshalJSON() ([]byte, error) { 2284 type NoMethod Status 2285 raw := NoMethod(*s) 2286 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2287} 2288 2289// TestIamPermissionsRequest: Request message for `TestIamPermissions` 2290// method. 2291type TestIamPermissionsRequest struct { 2292 // Permissions: The set of permissions to check for the `resource`. 2293 // Permissions with wildcards (such as '*' or 'storage.*') are not 2294 // allowed. For more information see IAM Overview 2295 // (https://cloud.google.com/iam/docs/overview#permissions). 2296 Permissions []string `json:"permissions,omitempty"` 2297 2298 // ForceSendFields is a list of field names (e.g. "Permissions") to 2299 // unconditionally include in API requests. By default, fields with 2300 // empty or default values are omitted from API requests. However, any 2301 // non-pointer, non-interface field appearing in ForceSendFields will be 2302 // sent to the server regardless of whether the field is empty or not. 2303 // This may be used to include empty fields in Patch requests. 2304 ForceSendFields []string `json:"-"` 2305 2306 // NullFields is a list of field names (e.g. "Permissions") to include 2307 // in API requests with the JSON null value. By default, fields with 2308 // empty values are omitted from API requests. However, any field with 2309 // an empty value appearing in NullFields will be sent to the server as 2310 // null. It is an error if a field in this list has a non-empty value. 2311 // This may be used to include null fields in Patch requests. 2312 NullFields []string `json:"-"` 2313} 2314 2315func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error) { 2316 type NoMethod TestIamPermissionsRequest 2317 raw := NoMethod(*s) 2318 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2319} 2320 2321// TestIamPermissionsResponse: Response message for `TestIamPermissions` 2322// method. 2323type TestIamPermissionsResponse struct { 2324 // Permissions: A subset of `TestPermissionsRequest.permissions` that 2325 // the caller is allowed. 2326 Permissions []string `json:"permissions,omitempty"` 2327 2328 // ServerResponse contains the HTTP response code and headers from the 2329 // server. 2330 googleapi.ServerResponse `json:"-"` 2331 2332 // ForceSendFields is a list of field names (e.g. "Permissions") to 2333 // unconditionally include in API requests. By default, fields with 2334 // empty or default values are omitted from API requests. However, any 2335 // non-pointer, non-interface field appearing in ForceSendFields will be 2336 // sent to the server regardless of whether the field is empty or not. 2337 // This may be used to include empty fields in Patch requests. 2338 ForceSendFields []string `json:"-"` 2339 2340 // NullFields is a list of field names (e.g. "Permissions") to include 2341 // in API requests with the JSON null value. By default, fields with 2342 // empty values are omitted from API requests. However, any field with 2343 // an empty value appearing in NullFields will be sent to the server as 2344 // null. It is an error if a field in this list has a non-empty value. 2345 // This may be used to include null fields in Patch requests. 2346 NullFields []string `json:"-"` 2347} 2348 2349func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) { 2350 type NoMethod TestIamPermissionsResponse 2351 raw := NoMethod(*s) 2352 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2353} 2354 2355// UndeleteRoleRequest: The request to undelete an existing role. 2356type UndeleteRoleRequest struct { 2357 // Etag: Used to perform a consistent read-modify-write. 2358 Etag string `json:"etag,omitempty"` 2359 2360 // ForceSendFields is a list of field names (e.g. "Etag") to 2361 // unconditionally include in API requests. By default, fields with 2362 // empty or default values are omitted from API requests. However, any 2363 // non-pointer, non-interface field appearing in ForceSendFields will be 2364 // sent to the server regardless of whether the field is empty or not. 2365 // This may be used to include empty fields in Patch requests. 2366 ForceSendFields []string `json:"-"` 2367 2368 // NullFields is a list of field names (e.g. "Etag") to include in API 2369 // requests with the JSON null value. By default, fields with empty 2370 // values are omitted from API requests. However, any field with an 2371 // empty value appearing in NullFields will be sent to the server as 2372 // null. It is an error if a field in this list has a non-empty value. 2373 // This may be used to include null fields in Patch requests. 2374 NullFields []string `json:"-"` 2375} 2376 2377func (s *UndeleteRoleRequest) MarshalJSON() ([]byte, error) { 2378 type NoMethod UndeleteRoleRequest 2379 raw := NoMethod(*s) 2380 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2381} 2382 2383// UndeleteServiceAccountRequest: The service account undelete request. 2384type UndeleteServiceAccountRequest struct { 2385} 2386 2387type UndeleteServiceAccountResponse struct { 2388 // RestoredAccount: Metadata for the restored service account. 2389 RestoredAccount *ServiceAccount `json:"restoredAccount,omitempty"` 2390 2391 // ServerResponse contains the HTTP response code and headers from the 2392 // server. 2393 googleapi.ServerResponse `json:"-"` 2394 2395 // ForceSendFields is a list of field names (e.g. "RestoredAccount") to 2396 // unconditionally include in API requests. By default, fields with 2397 // empty or default values are omitted from API requests. However, any 2398 // non-pointer, non-interface field appearing in ForceSendFields will be 2399 // sent to the server regardless of whether the field is empty or not. 2400 // This may be used to include empty fields in Patch requests. 2401 ForceSendFields []string `json:"-"` 2402 2403 // NullFields is a list of field names (e.g. "RestoredAccount") to 2404 // include in API requests with the JSON null value. By default, fields 2405 // with empty values are omitted from API requests. However, any field 2406 // with an empty value appearing in NullFields will be sent to the 2407 // server as null. It is an error if a field in this list has a 2408 // non-empty value. This may be used to include null fields in Patch 2409 // requests. 2410 NullFields []string `json:"-"` 2411} 2412 2413func (s *UndeleteServiceAccountResponse) MarshalJSON() ([]byte, error) { 2414 type NoMethod UndeleteServiceAccountResponse 2415 raw := NoMethod(*s) 2416 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2417} 2418 2419// UndeleteWorkloadIdentityPoolProviderRequest: Request message for 2420// UndeleteWorkloadIdentityPoolProvider. 2421type UndeleteWorkloadIdentityPoolProviderRequest struct { 2422} 2423 2424// UndeleteWorkloadIdentityPoolRequest: Request message for 2425// UndeleteWorkloadIdentityPool. 2426type UndeleteWorkloadIdentityPoolRequest struct { 2427} 2428 2429// UploadServiceAccountKeyRequest: The service account key upload 2430// request. 2431type UploadServiceAccountKeyRequest struct { 2432 // PublicKeyData: A field that allows clients to upload their own public 2433 // key. If set, use this public key data to create a service account key 2434 // for given service account. Please note, the expected format for this 2435 // field is X509_PEM. 2436 PublicKeyData string `json:"publicKeyData,omitempty"` 2437 2438 // ForceSendFields is a list of field names (e.g. "PublicKeyData") to 2439 // unconditionally include in API requests. By default, fields with 2440 // empty or default values are omitted from API requests. However, any 2441 // non-pointer, non-interface field appearing in ForceSendFields will be 2442 // sent to the server regardless of whether the field is empty or not. 2443 // This may be used to include empty fields in Patch requests. 2444 ForceSendFields []string `json:"-"` 2445 2446 // NullFields is a list of field names (e.g. "PublicKeyData") to include 2447 // in API requests with the JSON null value. By default, fields with 2448 // empty values are omitted from API requests. However, any field with 2449 // an empty value appearing in NullFields will be sent to the server as 2450 // null. It is an error if a field in this list has a non-empty value. 2451 // This may be used to include null fields in Patch requests. 2452 NullFields []string `json:"-"` 2453} 2454 2455func (s *UploadServiceAccountKeyRequest) MarshalJSON() ([]byte, error) { 2456 type NoMethod UploadServiceAccountKeyRequest 2457 raw := NoMethod(*s) 2458 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2459} 2460 2461// WorkloadIdentityPool: Represents a collection of external workload 2462// identities. You can define IAM policies to grant these identities 2463// access to Google Cloud resources. 2464type WorkloadIdentityPool struct { 2465 // Description: A description of the pool. Cannot exceed 256 characters. 2466 Description string `json:"description,omitempty"` 2467 2468 // Disabled: Whether the pool is disabled. You cannot use a disabled 2469 // pool to exchange tokens, or use existing tokens to access resources. 2470 // If the pool is re-enabled, existing tokens grant access again. 2471 Disabled bool `json:"disabled,omitempty"` 2472 2473 // DisplayName: A display name for the pool. Cannot exceed 32 2474 // characters. 2475 DisplayName string `json:"displayName,omitempty"` 2476 2477 // Name: Output only. The resource name of the pool. 2478 Name string `json:"name,omitempty"` 2479 2480 // State: Output only. The state of the pool. 2481 // 2482 // Possible values: 2483 // "STATE_UNSPECIFIED" - State unspecified. 2484 // "ACTIVE" - The pool is active, and may be used in Google Cloud 2485 // policies. 2486 // "DELETED" - The pool is soft-deleted. Soft-deleted pools are 2487 // permanently deleted after approximately 30 days. You can restore a 2488 // soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot 2489 // reuse the ID of a soft-deleted pool until it is permanently deleted. 2490 // While a pool is deleted, you cannot use it to exchange tokens, or use 2491 // existing tokens to access resources. If the pool is undeleted, 2492 // existing tokens grant access again. 2493 State string `json:"state,omitempty"` 2494 2495 // ServerResponse contains the HTTP response code and headers from the 2496 // server. 2497 googleapi.ServerResponse `json:"-"` 2498 2499 // ForceSendFields is a list of field names (e.g. "Description") to 2500 // unconditionally include in API requests. By default, fields with 2501 // empty or default values are omitted from API requests. However, any 2502 // non-pointer, non-interface field appearing in ForceSendFields will be 2503 // sent to the server regardless of whether the field is empty or not. 2504 // This may be used to include empty fields in Patch requests. 2505 ForceSendFields []string `json:"-"` 2506 2507 // NullFields is a list of field names (e.g. "Description") to include 2508 // in API requests with the JSON null value. By default, fields with 2509 // empty values are omitted from API requests. However, any field with 2510 // an empty value appearing in NullFields will be sent to the server as 2511 // null. It is an error if a field in this list has a non-empty value. 2512 // This may be used to include null fields in Patch requests. 2513 NullFields []string `json:"-"` 2514} 2515 2516func (s *WorkloadIdentityPool) MarshalJSON() ([]byte, error) { 2517 type NoMethod WorkloadIdentityPool 2518 raw := NoMethod(*s) 2519 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2520} 2521 2522// WorkloadIdentityPoolProvider: A configuration for an external 2523// identity provider. 2524type WorkloadIdentityPoolProvider struct { 2525 // AttributeCondition: A Common Expression Language 2526 // (https://opensource.google/projects/cel) expression, in plain text, 2527 // to restrict what otherwise valid authentication credentials issued by 2528 // the provider should not be accepted. The expression must output a 2529 // boolean representing whether to allow the federation. The following 2530 // keywords may be referenced in the expressions: * `assertion`: JSON 2531 // representing the authentication credential issued by the provider. * 2532 // `google`: The Google attributes mapped from the assertion in the 2533 // `attribute_mappings`. * `attribute`: The custom attributes mapped 2534 // from the assertion in the `attribute_mappings`. The maximum length of 2535 // the attribute condition expression is 4096 characters. If 2536 // unspecified, all valid authentication credential are accepted. The 2537 // following example shows how to only allow credentials with a mapped 2538 // `google.groups` value of `admins`: ``` "'admins' in google.groups" 2539 // ``` 2540 AttributeCondition string `json:"attributeCondition,omitempty"` 2541 2542 // AttributeMapping: Maps attributes from authentication credentials 2543 // issued by an external identity provider to Google Cloud attributes, 2544 // such as `subject` and `segment`. Each key must be a string specifying 2545 // the Google Cloud IAM attribute to map to. The following keys are 2546 // supported: * `google.subject`: The principal IAM is authenticating. 2547 // You can reference this value in IAM bindings. This is also the 2548 // subject that appears in Cloud Logging logs. Cannot exceed 127 2549 // characters. * `google.groups`: Groups the external identity belongs 2550 // to. You can grant groups access to resources using an IAM 2551 // `principalSet` binding; access applies to all members of the group. 2552 // You can also provide custom attributes by specifying 2553 // `attribute.{custom_attribute}`, where `{custom_attribute}` is the 2554 // name of the custom attribute to be mapped. You can define a maximum 2555 // of 50 custom attributes. The maximum length of a mapped attribute key 2556 // is 100 characters, and the key may only contain the characters 2557 // [a-z0-9_]. You can reference these attributes in IAM policies to 2558 // define fine-grained access for a workload to Google Cloud resources. 2559 // For example: * `google.subject`: 2560 // `principal://iam.googleapis.com/projects/{project}/locations/{location 2561 // }/workloadIdentityPools/{pool}/subject/{value}` * `google.groups`: 2562 // `principalSet://iam.googleapis.com/projects/{project}/locations/{locat 2563 // ion}/workloadIdentityPools/{pool}/group/{value}` * 2564 // `attribute.{custom_attribute}`: 2565 // `principalSet://iam.googleapis.com/projects/{project}/locations/{locat 2566 // ion}/workloadIdentityPools/{pool}/attribute.{custom_attribute}/{value} 2567 // ` Each value must be a [Common Expression Language] 2568 // (https://opensource.google/projects/cel) function that maps an 2569 // identity provider credential to the normalized attribute specified by 2570 // the corresponding map key. You can use the `assertion` keyword in the 2571 // expression to access a JSON representation of the authentication 2572 // credential issued by the provider. The maximum length of an attribute 2573 // mapping expression is 2048 characters. When evaluated, the total size 2574 // of all mapped attributes must not exceed 8KB. For AWS providers, if 2575 // no attribute mapping is defined, the following default mapping 2576 // applies: ``` { "google.subject":"assertion.arn", 2577 // "attribute.aws_role": "assertion.arn.contains('assumed-role')" " ? 2578 // assertion.arn.extract('{account_arn}assumed-role/')" " + 2579 // 'assumed-role/'" " + 2580 // assertion.arn.extract('assumed-role/{role_name}/')" " : 2581 // assertion.arn", } ``` If any custom attribute mappings are defined, 2582 // they must include a mapping to the `google.subject` attribute. For 2583 // OIDC providers, you must supply a custom mapping, which must include 2584 // the `google.subject` attribute. For example, the following maps the 2585 // `sub` claim of the incoming credential to the `subject` attribute on 2586 // a Google token: ``` {"google.subject": "assertion.sub"} ``` 2587 AttributeMapping map[string]string `json:"attributeMapping,omitempty"` 2588 2589 // Aws: An Amazon Web Services identity provider. 2590 Aws *Aws `json:"aws,omitempty"` 2591 2592 // Description: A description for the provider. Cannot exceed 256 2593 // characters. 2594 Description string `json:"description,omitempty"` 2595 2596 // Disabled: Whether the provider is disabled. You cannot use a disabled 2597 // provider to exchange tokens. However, existing tokens still grant 2598 // access. 2599 Disabled bool `json:"disabled,omitempty"` 2600 2601 // DisplayName: A display name for the provider. Cannot exceed 32 2602 // characters. 2603 DisplayName string `json:"displayName,omitempty"` 2604 2605 // Name: Output only. The resource name of the provider. 2606 Name string `json:"name,omitempty"` 2607 2608 // Oidc: An OpenId Connect 1.0 identity provider. 2609 Oidc *Oidc `json:"oidc,omitempty"` 2610 2611 // State: Output only. The state of the provider. 2612 // 2613 // Possible values: 2614 // "STATE_UNSPECIFIED" - State unspecified. 2615 // "ACTIVE" - The provider is active, and may be used to validate 2616 // authentication credentials. 2617 // "DELETED" - The provider is soft-deleted. Soft-deleted providers 2618 // are permanently deleted after approximately 30 days. You can restore 2619 // a soft-deleted provider using UndeleteWorkloadIdentityPoolProvider. 2620 // You cannot reuse the ID of a soft-deleted provider until it is 2621 // permanently deleted. 2622 State string `json:"state,omitempty"` 2623 2624 // ServerResponse contains the HTTP response code and headers from the 2625 // server. 2626 googleapi.ServerResponse `json:"-"` 2627 2628 // ForceSendFields is a list of field names (e.g. "AttributeCondition") 2629 // to unconditionally include in API requests. By default, fields with 2630 // empty or default values are omitted from API requests. However, any 2631 // non-pointer, non-interface field appearing in ForceSendFields will be 2632 // sent to the server regardless of whether the field is empty or not. 2633 // This may be used to include empty fields in Patch requests. 2634 ForceSendFields []string `json:"-"` 2635 2636 // NullFields is a list of field names (e.g. "AttributeCondition") to 2637 // include in API requests with the JSON null value. By default, fields 2638 // with empty values are omitted from API requests. However, any field 2639 // with an empty value appearing in NullFields will be sent to the 2640 // server as null. It is an error if a field in this list has a 2641 // non-empty value. This may be used to include null fields in Patch 2642 // requests. 2643 NullFields []string `json:"-"` 2644} 2645 2646func (s *WorkloadIdentityPoolProvider) MarshalJSON() ([]byte, error) { 2647 type NoMethod WorkloadIdentityPoolProvider 2648 raw := NoMethod(*s) 2649 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2650} 2651 2652// method id "iam.iamPolicies.lintPolicy": 2653 2654type IamPoliciesLintPolicyCall struct { 2655 s *Service 2656 lintpolicyrequest *LintPolicyRequest 2657 urlParams_ gensupport.URLParams 2658 ctx_ context.Context 2659 header_ http.Header 2660} 2661 2662// LintPolicy: Lints, or validates, an IAM policy. Currently checks the 2663// google.iam.v1.Binding.condition field, which contains a condition 2664// expression for a role binding. Successful calls to this method always 2665// return an HTTP `200 OK` status code, even if the linter detects an 2666// issue in the IAM policy. 2667func (r *IamPoliciesService) LintPolicy(lintpolicyrequest *LintPolicyRequest) *IamPoliciesLintPolicyCall { 2668 c := &IamPoliciesLintPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2669 c.lintpolicyrequest = lintpolicyrequest 2670 return c 2671} 2672 2673// Fields allows partial responses to be retrieved. See 2674// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2675// for more information. 2676func (c *IamPoliciesLintPolicyCall) Fields(s ...googleapi.Field) *IamPoliciesLintPolicyCall { 2677 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2678 return c 2679} 2680 2681// Context sets the context to be used in this call's Do method. Any 2682// pending HTTP request will be aborted if the provided context is 2683// canceled. 2684func (c *IamPoliciesLintPolicyCall) Context(ctx context.Context) *IamPoliciesLintPolicyCall { 2685 c.ctx_ = ctx 2686 return c 2687} 2688 2689// Header returns an http.Header that can be modified by the caller to 2690// add HTTP headers to the request. 2691func (c *IamPoliciesLintPolicyCall) Header() http.Header { 2692 if c.header_ == nil { 2693 c.header_ = make(http.Header) 2694 } 2695 return c.header_ 2696} 2697 2698func (c *IamPoliciesLintPolicyCall) doRequest(alt string) (*http.Response, error) { 2699 reqHeaders := make(http.Header) 2700 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 2701 for k, v := range c.header_ { 2702 reqHeaders[k] = v 2703 } 2704 reqHeaders.Set("User-Agent", c.s.userAgent()) 2705 var body io.Reader = nil 2706 body, err := googleapi.WithoutDataWrapper.JSONReader(c.lintpolicyrequest) 2707 if err != nil { 2708 return nil, err 2709 } 2710 reqHeaders.Set("Content-Type", "application/json") 2711 c.urlParams_.Set("alt", alt) 2712 c.urlParams_.Set("prettyPrint", "false") 2713 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/iamPolicies:lintPolicy") 2714 urls += "?" + c.urlParams_.Encode() 2715 req, err := http.NewRequest("POST", urls, body) 2716 if err != nil { 2717 return nil, err 2718 } 2719 req.Header = reqHeaders 2720 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2721} 2722 2723// Do executes the "iam.iamPolicies.lintPolicy" call. 2724// Exactly one of *LintPolicyResponse or error will be non-nil. Any 2725// non-2xx status code is an error. Response headers are in either 2726// *LintPolicyResponse.ServerResponse.Header or (if a response was 2727// returned at all) in error.(*googleapi.Error).Header. Use 2728// googleapi.IsNotModified to check whether the returned error was 2729// because http.StatusNotModified was returned. 2730func (c *IamPoliciesLintPolicyCall) Do(opts ...googleapi.CallOption) (*LintPolicyResponse, error) { 2731 gensupport.SetOptions(c.urlParams_, opts...) 2732 res, err := c.doRequest("json") 2733 if res != nil && res.StatusCode == http.StatusNotModified { 2734 if res.Body != nil { 2735 res.Body.Close() 2736 } 2737 return nil, &googleapi.Error{ 2738 Code: res.StatusCode, 2739 Header: res.Header, 2740 } 2741 } 2742 if err != nil { 2743 return nil, err 2744 } 2745 defer googleapi.CloseBody(res) 2746 if err := googleapi.CheckResponse(res); err != nil { 2747 return nil, err 2748 } 2749 ret := &LintPolicyResponse{ 2750 ServerResponse: googleapi.ServerResponse{ 2751 Header: res.Header, 2752 HTTPStatusCode: res.StatusCode, 2753 }, 2754 } 2755 target := &ret 2756 if err := gensupport.DecodeResponse(target, res); err != nil { 2757 return nil, err 2758 } 2759 return ret, nil 2760 // { 2761 // "description": "Lints, or validates, an IAM policy. Currently checks the google.iam.v1.Binding.condition field, which contains a condition expression for a role binding. Successful calls to this method always return an HTTP `200 OK` status code, even if the linter detects an issue in the IAM policy.", 2762 // "flatPath": "v1/iamPolicies:lintPolicy", 2763 // "httpMethod": "POST", 2764 // "id": "iam.iamPolicies.lintPolicy", 2765 // "parameterOrder": [], 2766 // "parameters": {}, 2767 // "path": "v1/iamPolicies:lintPolicy", 2768 // "request": { 2769 // "$ref": "LintPolicyRequest" 2770 // }, 2771 // "response": { 2772 // "$ref": "LintPolicyResponse" 2773 // }, 2774 // "scopes": [ 2775 // "https://www.googleapis.com/auth/cloud-platform" 2776 // ] 2777 // } 2778 2779} 2780 2781// method id "iam.iamPolicies.queryAuditableServices": 2782 2783type IamPoliciesQueryAuditableServicesCall struct { 2784 s *Service 2785 queryauditableservicesrequest *QueryAuditableServicesRequest 2786 urlParams_ gensupport.URLParams 2787 ctx_ context.Context 2788 header_ http.Header 2789} 2790 2791// QueryAuditableServices: Returns a list of services that allow you to 2792// opt into audit logs that are not generated by default. To learn more 2793// about audit logs, see the Logging documentation 2794// (https://cloud.google.com/logging/docs/audit). 2795func (r *IamPoliciesService) QueryAuditableServices(queryauditableservicesrequest *QueryAuditableServicesRequest) *IamPoliciesQueryAuditableServicesCall { 2796 c := &IamPoliciesQueryAuditableServicesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2797 c.queryauditableservicesrequest = queryauditableservicesrequest 2798 return c 2799} 2800 2801// Fields allows partial responses to be retrieved. See 2802// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2803// for more information. 2804func (c *IamPoliciesQueryAuditableServicesCall) Fields(s ...googleapi.Field) *IamPoliciesQueryAuditableServicesCall { 2805 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2806 return c 2807} 2808 2809// Context sets the context to be used in this call's Do method. Any 2810// pending HTTP request will be aborted if the provided context is 2811// canceled. 2812func (c *IamPoliciesQueryAuditableServicesCall) Context(ctx context.Context) *IamPoliciesQueryAuditableServicesCall { 2813 c.ctx_ = ctx 2814 return c 2815} 2816 2817// Header returns an http.Header that can be modified by the caller to 2818// add HTTP headers to the request. 2819func (c *IamPoliciesQueryAuditableServicesCall) Header() http.Header { 2820 if c.header_ == nil { 2821 c.header_ = make(http.Header) 2822 } 2823 return c.header_ 2824} 2825 2826func (c *IamPoliciesQueryAuditableServicesCall) doRequest(alt string) (*http.Response, error) { 2827 reqHeaders := make(http.Header) 2828 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 2829 for k, v := range c.header_ { 2830 reqHeaders[k] = v 2831 } 2832 reqHeaders.Set("User-Agent", c.s.userAgent()) 2833 var body io.Reader = nil 2834 body, err := googleapi.WithoutDataWrapper.JSONReader(c.queryauditableservicesrequest) 2835 if err != nil { 2836 return nil, err 2837 } 2838 reqHeaders.Set("Content-Type", "application/json") 2839 c.urlParams_.Set("alt", alt) 2840 c.urlParams_.Set("prettyPrint", "false") 2841 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/iamPolicies:queryAuditableServices") 2842 urls += "?" + c.urlParams_.Encode() 2843 req, err := http.NewRequest("POST", urls, body) 2844 if err != nil { 2845 return nil, err 2846 } 2847 req.Header = reqHeaders 2848 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2849} 2850 2851// Do executes the "iam.iamPolicies.queryAuditableServices" call. 2852// Exactly one of *QueryAuditableServicesResponse or error will be 2853// non-nil. Any non-2xx status code is an error. Response headers are in 2854// either *QueryAuditableServicesResponse.ServerResponse.Header or (if a 2855// response was returned at all) in error.(*googleapi.Error).Header. Use 2856// googleapi.IsNotModified to check whether the returned error was 2857// because http.StatusNotModified was returned. 2858func (c *IamPoliciesQueryAuditableServicesCall) Do(opts ...googleapi.CallOption) (*QueryAuditableServicesResponse, error) { 2859 gensupport.SetOptions(c.urlParams_, opts...) 2860 res, err := c.doRequest("json") 2861 if res != nil && res.StatusCode == http.StatusNotModified { 2862 if res.Body != nil { 2863 res.Body.Close() 2864 } 2865 return nil, &googleapi.Error{ 2866 Code: res.StatusCode, 2867 Header: res.Header, 2868 } 2869 } 2870 if err != nil { 2871 return nil, err 2872 } 2873 defer googleapi.CloseBody(res) 2874 if err := googleapi.CheckResponse(res); err != nil { 2875 return nil, err 2876 } 2877 ret := &QueryAuditableServicesResponse{ 2878 ServerResponse: googleapi.ServerResponse{ 2879 Header: res.Header, 2880 HTTPStatusCode: res.StatusCode, 2881 }, 2882 } 2883 target := &ret 2884 if err := gensupport.DecodeResponse(target, res); err != nil { 2885 return nil, err 2886 } 2887 return ret, nil 2888 // { 2889 // "description": "Returns a list of services that allow you to opt into audit logs that are not generated by default. To learn more about audit logs, see the [Logging documentation](https://cloud.google.com/logging/docs/audit).", 2890 // "flatPath": "v1/iamPolicies:queryAuditableServices", 2891 // "httpMethod": "POST", 2892 // "id": "iam.iamPolicies.queryAuditableServices", 2893 // "parameterOrder": [], 2894 // "parameters": {}, 2895 // "path": "v1/iamPolicies:queryAuditableServices", 2896 // "request": { 2897 // "$ref": "QueryAuditableServicesRequest" 2898 // }, 2899 // "response": { 2900 // "$ref": "QueryAuditableServicesResponse" 2901 // }, 2902 // "scopes": [ 2903 // "https://www.googleapis.com/auth/cloud-platform" 2904 // ] 2905 // } 2906 2907} 2908 2909// method id "iam.organizations.roles.create": 2910 2911type OrganizationsRolesCreateCall struct { 2912 s *Service 2913 parent string 2914 createrolerequest *CreateRoleRequest 2915 urlParams_ gensupport.URLParams 2916 ctx_ context.Context 2917 header_ http.Header 2918} 2919 2920// Create: Creates a new custom Role. 2921// 2922// - parent: The `parent` parameter's value depends on the target 2923// resource for the request, namely `projects` 2924// (/iam/reference/rest/v1/projects.roles) or `organizations` 2925// (/iam/reference/rest/v1/organizations.roles). Each resource type's 2926// `parent` value format is described below: * 2927// `projects.roles.create()` 2928// (/iam/reference/rest/v1/projects.roles/create): 2929// `projects/{PROJECT_ID}`. This method creates project-level custom 2930// roles (/iam/docs/understanding-custom-roles). Example request URL: 2931// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 2932// `organizations.roles.create()` 2933// (/iam/reference/rest/v1/organizations.roles/create): 2934// `organizations/{ORGANIZATION_ID}`. This method creates 2935// organization-level custom roles 2936// (/iam/docs/understanding-custom-roles). Example request URL: 2937// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 2938// ` Note: Wildcard (*) values are invalid; you must specify a 2939// complete project ID or organization ID. 2940func (r *OrganizationsRolesService) Create(parent string, createrolerequest *CreateRoleRequest) *OrganizationsRolesCreateCall { 2941 c := &OrganizationsRolesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2942 c.parent = parent 2943 c.createrolerequest = createrolerequest 2944 return c 2945} 2946 2947// Fields allows partial responses to be retrieved. See 2948// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2949// for more information. 2950func (c *OrganizationsRolesCreateCall) Fields(s ...googleapi.Field) *OrganizationsRolesCreateCall { 2951 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2952 return c 2953} 2954 2955// Context sets the context to be used in this call's Do method. Any 2956// pending HTTP request will be aborted if the provided context is 2957// canceled. 2958func (c *OrganizationsRolesCreateCall) Context(ctx context.Context) *OrganizationsRolesCreateCall { 2959 c.ctx_ = ctx 2960 return c 2961} 2962 2963// Header returns an http.Header that can be modified by the caller to 2964// add HTTP headers to the request. 2965func (c *OrganizationsRolesCreateCall) Header() http.Header { 2966 if c.header_ == nil { 2967 c.header_ = make(http.Header) 2968 } 2969 return c.header_ 2970} 2971 2972func (c *OrganizationsRolesCreateCall) doRequest(alt string) (*http.Response, error) { 2973 reqHeaders := make(http.Header) 2974 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 2975 for k, v := range c.header_ { 2976 reqHeaders[k] = v 2977 } 2978 reqHeaders.Set("User-Agent", c.s.userAgent()) 2979 var body io.Reader = nil 2980 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createrolerequest) 2981 if err != nil { 2982 return nil, err 2983 } 2984 reqHeaders.Set("Content-Type", "application/json") 2985 c.urlParams_.Set("alt", alt) 2986 c.urlParams_.Set("prettyPrint", "false") 2987 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 2988 urls += "?" + c.urlParams_.Encode() 2989 req, err := http.NewRequest("POST", urls, body) 2990 if err != nil { 2991 return nil, err 2992 } 2993 req.Header = reqHeaders 2994 googleapi.Expand(req.URL, map[string]string{ 2995 "parent": c.parent, 2996 }) 2997 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2998} 2999 3000// Do executes the "iam.organizations.roles.create" call. 3001// Exactly one of *Role or error will be non-nil. Any non-2xx status 3002// code is an error. Response headers are in either 3003// *Role.ServerResponse.Header or (if a response was returned at all) in 3004// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3005// whether the returned error was because http.StatusNotModified was 3006// returned. 3007func (c *OrganizationsRolesCreateCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3008 gensupport.SetOptions(c.urlParams_, opts...) 3009 res, err := c.doRequest("json") 3010 if res != nil && res.StatusCode == http.StatusNotModified { 3011 if res.Body != nil { 3012 res.Body.Close() 3013 } 3014 return nil, &googleapi.Error{ 3015 Code: res.StatusCode, 3016 Header: res.Header, 3017 } 3018 } 3019 if err != nil { 3020 return nil, err 3021 } 3022 defer googleapi.CloseBody(res) 3023 if err := googleapi.CheckResponse(res); err != nil { 3024 return nil, err 3025 } 3026 ret := &Role{ 3027 ServerResponse: googleapi.ServerResponse{ 3028 Header: res.Header, 3029 HTTPStatusCode: res.StatusCode, 3030 }, 3031 } 3032 target := &ret 3033 if err := gensupport.DecodeResponse(target, res); err != nil { 3034 return nil, err 3035 } 3036 return ret, nil 3037 // { 3038 // "description": "Creates a new custom Role.", 3039 // "flatPath": "v1/organizations/{organizationsId}/roles", 3040 // "httpMethod": "POST", 3041 // "id": "iam.organizations.roles.create", 3042 // "parameterOrder": [ 3043 // "parent" 3044 // ], 3045 // "parameters": { 3046 // "parent": { 3047 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`projects.roles.create()`](/iam/reference/rest/v1/projects.roles/create): `projects/{PROJECT_ID}`. This method creates project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.create()`](/iam/reference/rest/v1/organizations.roles/create): `organizations/{ORGANIZATION_ID}`. This method creates organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3048 // "location": "path", 3049 // "pattern": "^organizations/[^/]+$", 3050 // "required": true, 3051 // "type": "string" 3052 // } 3053 // }, 3054 // "path": "v1/{+parent}/roles", 3055 // "request": { 3056 // "$ref": "CreateRoleRequest" 3057 // }, 3058 // "response": { 3059 // "$ref": "Role" 3060 // }, 3061 // "scopes": [ 3062 // "https://www.googleapis.com/auth/cloud-platform" 3063 // ] 3064 // } 3065 3066} 3067 3068// method id "iam.organizations.roles.delete": 3069 3070type OrganizationsRolesDeleteCall struct { 3071 s *Service 3072 name string 3073 urlParams_ gensupport.URLParams 3074 ctx_ context.Context 3075 header_ http.Header 3076} 3077 3078// Delete: Deletes a custom Role. When you delete a custom role, the 3079// following changes occur immediately: * You cannot bind a member to 3080// the custom role in an IAM Policy. * Existing bindings to the custom 3081// role are not changed, but they have no effect. * By default, the 3082// response from ListRoles does not include the custom role. You have 7 3083// days to undelete the custom role. After 7 days, the following changes 3084// occur: * The custom role is permanently deleted and cannot be 3085// recovered. * If an IAM policy contains a binding to the custom role, 3086// the binding is permanently removed. 3087// 3088// - name: The `name` parameter's value depends on the target resource 3089// for the request, namely `projects` 3090// (/iam/reference/rest/v1/projects.roles) or `organizations` 3091// (/iam/reference/rest/v1/organizations.roles). Each resource type's 3092// `name` value format is described below: * `projects.roles.delete()` 3093// (/iam/reference/rest/v1/projects.roles/delete): 3094// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes 3095// only custom roles (/iam/docs/understanding-custom-roles) that have 3096// been created at the project level. Example request URL: 3097// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 3098// OLE_ID}` * `organizations.roles.delete()` 3099// (/iam/reference/rest/v1/organizations.roles/delete): 3100// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 3101// method deletes only custom roles 3102// (/iam/docs/understanding-custom-roles) that have been created at 3103// the organization level. Example request URL: 3104// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 3105// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 3106// specify a complete project ID or organization ID. 3107func (r *OrganizationsRolesService) Delete(name string) *OrganizationsRolesDeleteCall { 3108 c := &OrganizationsRolesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3109 c.name = name 3110 return c 3111} 3112 3113// Etag sets the optional parameter "etag": Used to perform a consistent 3114// read-modify-write. 3115func (c *OrganizationsRolesDeleteCall) Etag(etag string) *OrganizationsRolesDeleteCall { 3116 c.urlParams_.Set("etag", etag) 3117 return c 3118} 3119 3120// Fields allows partial responses to be retrieved. See 3121// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3122// for more information. 3123func (c *OrganizationsRolesDeleteCall) Fields(s ...googleapi.Field) *OrganizationsRolesDeleteCall { 3124 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3125 return c 3126} 3127 3128// Context sets the context to be used in this call's Do method. Any 3129// pending HTTP request will be aborted if the provided context is 3130// canceled. 3131func (c *OrganizationsRolesDeleteCall) Context(ctx context.Context) *OrganizationsRolesDeleteCall { 3132 c.ctx_ = ctx 3133 return c 3134} 3135 3136// Header returns an http.Header that can be modified by the caller to 3137// add HTTP headers to the request. 3138func (c *OrganizationsRolesDeleteCall) Header() http.Header { 3139 if c.header_ == nil { 3140 c.header_ = make(http.Header) 3141 } 3142 return c.header_ 3143} 3144 3145func (c *OrganizationsRolesDeleteCall) doRequest(alt string) (*http.Response, error) { 3146 reqHeaders := make(http.Header) 3147 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 3148 for k, v := range c.header_ { 3149 reqHeaders[k] = v 3150 } 3151 reqHeaders.Set("User-Agent", c.s.userAgent()) 3152 var body io.Reader = nil 3153 c.urlParams_.Set("alt", alt) 3154 c.urlParams_.Set("prettyPrint", "false") 3155 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3156 urls += "?" + c.urlParams_.Encode() 3157 req, err := http.NewRequest("DELETE", urls, body) 3158 if err != nil { 3159 return nil, err 3160 } 3161 req.Header = reqHeaders 3162 googleapi.Expand(req.URL, map[string]string{ 3163 "name": c.name, 3164 }) 3165 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3166} 3167 3168// Do executes the "iam.organizations.roles.delete" call. 3169// Exactly one of *Role or error will be non-nil. Any non-2xx status 3170// code is an error. Response headers are in either 3171// *Role.ServerResponse.Header or (if a response was returned at all) in 3172// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3173// whether the returned error was because http.StatusNotModified was 3174// returned. 3175func (c *OrganizationsRolesDeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3176 gensupport.SetOptions(c.urlParams_, opts...) 3177 res, err := c.doRequest("json") 3178 if res != nil && res.StatusCode == http.StatusNotModified { 3179 if res.Body != nil { 3180 res.Body.Close() 3181 } 3182 return nil, &googleapi.Error{ 3183 Code: res.StatusCode, 3184 Header: res.Header, 3185 } 3186 } 3187 if err != nil { 3188 return nil, err 3189 } 3190 defer googleapi.CloseBody(res) 3191 if err := googleapi.CheckResponse(res); err != nil { 3192 return nil, err 3193 } 3194 ret := &Role{ 3195 ServerResponse: googleapi.ServerResponse{ 3196 Header: res.Header, 3197 HTTPStatusCode: res.StatusCode, 3198 }, 3199 } 3200 target := &ret 3201 if err := gensupport.DecodeResponse(target, res); err != nil { 3202 return nil, err 3203 } 3204 return ret, nil 3205 // { 3206 // "description": "Deletes a custom Role. When you delete a custom role, the following changes occur immediately: * You cannot bind a member to the custom role in an IAM Policy. * Existing bindings to the custom role are not changed, but they have no effect. * By default, the response from ListRoles does not include the custom role. You have 7 days to undelete the custom role. After 7 days, the following changes occur: * The custom role is permanently deleted and cannot be recovered. * If an IAM policy contains a binding to the custom role, the binding is permanently removed.", 3207 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 3208 // "httpMethod": "DELETE", 3209 // "id": "iam.organizations.roles.delete", 3210 // "parameterOrder": [ 3211 // "name" 3212 // ], 3213 // "parameters": { 3214 // "etag": { 3215 // "description": "Used to perform a consistent read-modify-write.", 3216 // "format": "byte", 3217 // "location": "query", 3218 // "type": "string" 3219 // }, 3220 // "name": { 3221 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.delete()`](/iam/reference/rest/v1/projects.roles/delete): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.delete()`](/iam/reference/rest/v1/organizations.roles/delete): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3222 // "location": "path", 3223 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3224 // "required": true, 3225 // "type": "string" 3226 // } 3227 // }, 3228 // "path": "v1/{+name}", 3229 // "response": { 3230 // "$ref": "Role" 3231 // }, 3232 // "scopes": [ 3233 // "https://www.googleapis.com/auth/cloud-platform" 3234 // ] 3235 // } 3236 3237} 3238 3239// method id "iam.organizations.roles.get": 3240 3241type OrganizationsRolesGetCall struct { 3242 s *Service 3243 name string 3244 urlParams_ gensupport.URLParams 3245 ifNoneMatch_ string 3246 ctx_ context.Context 3247 header_ http.Header 3248} 3249 3250// Get: Gets the definition of a Role. 3251// 3252// - name: The `name` parameter's value depends on the target resource 3253// for the request, namely `roles` (/iam/reference/rest/v1/roles), 3254// `projects` (/iam/reference/rest/v1/projects.roles), or 3255// `organizations` (/iam/reference/rest/v1/organizations.roles). Each 3256// resource type's `name` value format is described below: * 3257// `roles.get()` (/iam/reference/rest/v1/roles/get): 3258// `roles/{ROLE_NAME}`. This method returns results from all 3259// predefined roles (/iam/docs/understanding-roles#predefined_roles) 3260// in Cloud IAM. Example request URL: 3261// `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * 3262// `projects.roles.get()` (/iam/reference/rest/v1/projects.roles/get): 3263// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns 3264// only custom roles (/iam/docs/understanding-custom-roles) that have 3265// been created at the project level. Example request URL: 3266// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 3267// OLE_ID}` * `organizations.roles.get()` 3268// (/iam/reference/rest/v1/organizations.roles/get): 3269// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 3270// method returns only custom roles 3271// (/iam/docs/understanding-custom-roles) that have been created at 3272// the organization level. Example request URL: 3273// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 3274// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 3275// specify a complete project ID or organization ID. 3276func (r *OrganizationsRolesService) Get(name string) *OrganizationsRolesGetCall { 3277 c := &OrganizationsRolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3278 c.name = name 3279 return c 3280} 3281 3282// Fields allows partial responses to be retrieved. See 3283// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3284// for more information. 3285func (c *OrganizationsRolesGetCall) Fields(s ...googleapi.Field) *OrganizationsRolesGetCall { 3286 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3287 return c 3288} 3289 3290// IfNoneMatch sets the optional parameter which makes the operation 3291// fail if the object's ETag matches the given value. This is useful for 3292// getting updates only after the object has changed since the last 3293// request. Use googleapi.IsNotModified to check whether the response 3294// error from Do is the result of In-None-Match. 3295func (c *OrganizationsRolesGetCall) IfNoneMatch(entityTag string) *OrganizationsRolesGetCall { 3296 c.ifNoneMatch_ = entityTag 3297 return c 3298} 3299 3300// Context sets the context to be used in this call's Do method. Any 3301// pending HTTP request will be aborted if the provided context is 3302// canceled. 3303func (c *OrganizationsRolesGetCall) Context(ctx context.Context) *OrganizationsRolesGetCall { 3304 c.ctx_ = ctx 3305 return c 3306} 3307 3308// Header returns an http.Header that can be modified by the caller to 3309// add HTTP headers to the request. 3310func (c *OrganizationsRolesGetCall) Header() http.Header { 3311 if c.header_ == nil { 3312 c.header_ = make(http.Header) 3313 } 3314 return c.header_ 3315} 3316 3317func (c *OrganizationsRolesGetCall) doRequest(alt string) (*http.Response, error) { 3318 reqHeaders := make(http.Header) 3319 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 3320 for k, v := range c.header_ { 3321 reqHeaders[k] = v 3322 } 3323 reqHeaders.Set("User-Agent", c.s.userAgent()) 3324 if c.ifNoneMatch_ != "" { 3325 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3326 } 3327 var body io.Reader = nil 3328 c.urlParams_.Set("alt", alt) 3329 c.urlParams_.Set("prettyPrint", "false") 3330 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3331 urls += "?" + c.urlParams_.Encode() 3332 req, err := http.NewRequest("GET", urls, body) 3333 if err != nil { 3334 return nil, err 3335 } 3336 req.Header = reqHeaders 3337 googleapi.Expand(req.URL, map[string]string{ 3338 "name": c.name, 3339 }) 3340 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3341} 3342 3343// Do executes the "iam.organizations.roles.get" call. 3344// Exactly one of *Role or error will be non-nil. Any non-2xx status 3345// code is an error. Response headers are in either 3346// *Role.ServerResponse.Header or (if a response was returned at all) in 3347// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3348// whether the returned error was because http.StatusNotModified was 3349// returned. 3350func (c *OrganizationsRolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3351 gensupport.SetOptions(c.urlParams_, opts...) 3352 res, err := c.doRequest("json") 3353 if res != nil && res.StatusCode == http.StatusNotModified { 3354 if res.Body != nil { 3355 res.Body.Close() 3356 } 3357 return nil, &googleapi.Error{ 3358 Code: res.StatusCode, 3359 Header: res.Header, 3360 } 3361 } 3362 if err != nil { 3363 return nil, err 3364 } 3365 defer googleapi.CloseBody(res) 3366 if err := googleapi.CheckResponse(res); err != nil { 3367 return nil, err 3368 } 3369 ret := &Role{ 3370 ServerResponse: googleapi.ServerResponse{ 3371 Header: res.Header, 3372 HTTPStatusCode: res.StatusCode, 3373 }, 3374 } 3375 target := &ret 3376 if err := gensupport.DecodeResponse(target, res); err != nil { 3377 return nil, err 3378 } 3379 return ret, nil 3380 // { 3381 // "description": "Gets the definition of a Role.", 3382 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 3383 // "httpMethod": "GET", 3384 // "id": "iam.organizations.roles.get", 3385 // "parameterOrder": [ 3386 // "name" 3387 // ], 3388 // "parameters": { 3389 // "name": { 3390 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`. This method returns results from all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3391 // "location": "path", 3392 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3393 // "required": true, 3394 // "type": "string" 3395 // } 3396 // }, 3397 // "path": "v1/{+name}", 3398 // "response": { 3399 // "$ref": "Role" 3400 // }, 3401 // "scopes": [ 3402 // "https://www.googleapis.com/auth/cloud-platform" 3403 // ] 3404 // } 3405 3406} 3407 3408// method id "iam.organizations.roles.list": 3409 3410type OrganizationsRolesListCall struct { 3411 s *Service 3412 parent string 3413 urlParams_ gensupport.URLParams 3414 ifNoneMatch_ string 3415 ctx_ context.Context 3416 header_ http.Header 3417} 3418 3419// List: Lists every predefined Role that IAM supports, or every custom 3420// role that is defined for an organization or project. 3421// 3422// - parent: The `parent` parameter's value depends on the target 3423// resource for the request, namely `roles` 3424// (/iam/reference/rest/v1/roles), `projects` 3425// (/iam/reference/rest/v1/projects.roles), or `organizations` 3426// (/iam/reference/rest/v1/organizations.roles). Each resource type's 3427// `parent` value format is described below: * `roles.list()` 3428// (/iam/reference/rest/v1/roles/list): An empty string. This method 3429// doesn't require a resource; it simply returns all predefined roles 3430// (/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. 3431// Example request URL: `https://iam.googleapis.com/v1/roles` * 3432// `projects.roles.list()` 3433// (/iam/reference/rest/v1/projects.roles/list): 3434// `projects/{PROJECT_ID}`. This method lists all project-level custom 3435// roles (/iam/docs/understanding-custom-roles). Example request URL: 3436// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 3437// `organizations.roles.list()` 3438// (/iam/reference/rest/v1/organizations.roles/list): 3439// `organizations/{ORGANIZATION_ID}`. This method lists all 3440// organization-level custom roles 3441// (/iam/docs/understanding-custom-roles). Example request URL: 3442// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 3443// ` Note: Wildcard (*) values are invalid; you must specify a 3444// complete project ID or organization ID. 3445func (r *OrganizationsRolesService) List(parent string) *OrganizationsRolesListCall { 3446 c := &OrganizationsRolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3447 c.parent = parent 3448 return c 3449} 3450 3451// PageSize sets the optional parameter "pageSize": Optional limit on 3452// the number of roles to include in the response. The default is 300, 3453// and the maximum is 1,000. 3454func (c *OrganizationsRolesListCall) PageSize(pageSize int64) *OrganizationsRolesListCall { 3455 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 3456 return c 3457} 3458 3459// PageToken sets the optional parameter "pageToken": Optional 3460// pagination token returned in an earlier ListRolesResponse. 3461func (c *OrganizationsRolesListCall) PageToken(pageToken string) *OrganizationsRolesListCall { 3462 c.urlParams_.Set("pageToken", pageToken) 3463 return c 3464} 3465 3466// ShowDeleted sets the optional parameter "showDeleted": Include Roles 3467// that have been deleted. 3468func (c *OrganizationsRolesListCall) ShowDeleted(showDeleted bool) *OrganizationsRolesListCall { 3469 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 3470 return c 3471} 3472 3473// View sets the optional parameter "view": Optional view for the 3474// returned Role objects. When `FULL` is specified, the 3475// `includedPermissions` field is returned, which includes a list of all 3476// permissions in the role. The default value is `BASIC`, which does not 3477// return the `includedPermissions` field. 3478// 3479// Possible values: 3480// "BASIC" - Omits the `included_permissions` field. This is the 3481// default value. 3482// "FULL" - Returns all fields. 3483func (c *OrganizationsRolesListCall) View(view string) *OrganizationsRolesListCall { 3484 c.urlParams_.Set("view", view) 3485 return c 3486} 3487 3488// Fields allows partial responses to be retrieved. See 3489// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3490// for more information. 3491func (c *OrganizationsRolesListCall) Fields(s ...googleapi.Field) *OrganizationsRolesListCall { 3492 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3493 return c 3494} 3495 3496// IfNoneMatch sets the optional parameter which makes the operation 3497// fail if the object's ETag matches the given value. This is useful for 3498// getting updates only after the object has changed since the last 3499// request. Use googleapi.IsNotModified to check whether the response 3500// error from Do is the result of In-None-Match. 3501func (c *OrganizationsRolesListCall) IfNoneMatch(entityTag string) *OrganizationsRolesListCall { 3502 c.ifNoneMatch_ = entityTag 3503 return c 3504} 3505 3506// Context sets the context to be used in this call's Do method. Any 3507// pending HTTP request will be aborted if the provided context is 3508// canceled. 3509func (c *OrganizationsRolesListCall) Context(ctx context.Context) *OrganizationsRolesListCall { 3510 c.ctx_ = ctx 3511 return c 3512} 3513 3514// Header returns an http.Header that can be modified by the caller to 3515// add HTTP headers to the request. 3516func (c *OrganizationsRolesListCall) Header() http.Header { 3517 if c.header_ == nil { 3518 c.header_ = make(http.Header) 3519 } 3520 return c.header_ 3521} 3522 3523func (c *OrganizationsRolesListCall) doRequest(alt string) (*http.Response, error) { 3524 reqHeaders := make(http.Header) 3525 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 3526 for k, v := range c.header_ { 3527 reqHeaders[k] = v 3528 } 3529 reqHeaders.Set("User-Agent", c.s.userAgent()) 3530 if c.ifNoneMatch_ != "" { 3531 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3532 } 3533 var body io.Reader = nil 3534 c.urlParams_.Set("alt", alt) 3535 c.urlParams_.Set("prettyPrint", "false") 3536 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 3537 urls += "?" + c.urlParams_.Encode() 3538 req, err := http.NewRequest("GET", urls, body) 3539 if err != nil { 3540 return nil, err 3541 } 3542 req.Header = reqHeaders 3543 googleapi.Expand(req.URL, map[string]string{ 3544 "parent": c.parent, 3545 }) 3546 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3547} 3548 3549// Do executes the "iam.organizations.roles.list" call. 3550// Exactly one of *ListRolesResponse or error will be non-nil. Any 3551// non-2xx status code is an error. Response headers are in either 3552// *ListRolesResponse.ServerResponse.Header or (if a response was 3553// returned at all) in error.(*googleapi.Error).Header. Use 3554// googleapi.IsNotModified to check whether the returned error was 3555// because http.StatusNotModified was returned. 3556func (c *OrganizationsRolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 3557 gensupport.SetOptions(c.urlParams_, opts...) 3558 res, err := c.doRequest("json") 3559 if res != nil && res.StatusCode == http.StatusNotModified { 3560 if res.Body != nil { 3561 res.Body.Close() 3562 } 3563 return nil, &googleapi.Error{ 3564 Code: res.StatusCode, 3565 Header: res.Header, 3566 } 3567 } 3568 if err != nil { 3569 return nil, err 3570 } 3571 defer googleapi.CloseBody(res) 3572 if err := googleapi.CheckResponse(res); err != nil { 3573 return nil, err 3574 } 3575 ret := &ListRolesResponse{ 3576 ServerResponse: googleapi.ServerResponse{ 3577 Header: res.Header, 3578 HTTPStatusCode: res.StatusCode, 3579 }, 3580 } 3581 target := &ret 3582 if err := gensupport.DecodeResponse(target, res); err != nil { 3583 return nil, err 3584 } 3585 return ret, nil 3586 // { 3587 // "description": "Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.", 3588 // "flatPath": "v1/organizations/{organizationsId}/roles", 3589 // "httpMethod": "GET", 3590 // "id": "iam.organizations.roles.list", 3591 // "parameterOrder": [ 3592 // "parent" 3593 // ], 3594 // "parameters": { 3595 // "pageSize": { 3596 // "description": "Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000.", 3597 // "format": "int32", 3598 // "location": "query", 3599 // "type": "integer" 3600 // }, 3601 // "pageToken": { 3602 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 3603 // "location": "query", 3604 // "type": "string" 3605 // }, 3606 // "parent": { 3607 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string. This method doesn't require a resource; it simply returns all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles` * [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list): `projects/{PROJECT_ID}`. This method lists all project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list): `organizations/{ORGANIZATION_ID}`. This method lists all organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3608 // "location": "path", 3609 // "pattern": "^organizations/[^/]+$", 3610 // "required": true, 3611 // "type": "string" 3612 // }, 3613 // "showDeleted": { 3614 // "description": "Include Roles that have been deleted.", 3615 // "location": "query", 3616 // "type": "boolean" 3617 // }, 3618 // "view": { 3619 // "description": "Optional view for the returned Role objects. When `FULL` is specified, the `includedPermissions` field is returned, which includes a list of all permissions in the role. The default value is `BASIC`, which does not return the `includedPermissions` field.", 3620 // "enum": [ 3621 // "BASIC", 3622 // "FULL" 3623 // ], 3624 // "enumDescriptions": [ 3625 // "Omits the `included_permissions` field. This is the default value.", 3626 // "Returns all fields." 3627 // ], 3628 // "location": "query", 3629 // "type": "string" 3630 // } 3631 // }, 3632 // "path": "v1/{+parent}/roles", 3633 // "response": { 3634 // "$ref": "ListRolesResponse" 3635 // }, 3636 // "scopes": [ 3637 // "https://www.googleapis.com/auth/cloud-platform" 3638 // ] 3639 // } 3640 3641} 3642 3643// Pages invokes f for each page of results. 3644// A non-nil error returned from f will halt the iteration. 3645// The provided context supersedes any context provided to the Context method. 3646func (c *OrganizationsRolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 3647 c.ctx_ = ctx 3648 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 3649 for { 3650 x, err := c.Do() 3651 if err != nil { 3652 return err 3653 } 3654 if err := f(x); err != nil { 3655 return err 3656 } 3657 if x.NextPageToken == "" { 3658 return nil 3659 } 3660 c.PageToken(x.NextPageToken) 3661 } 3662} 3663 3664// method id "iam.organizations.roles.patch": 3665 3666type OrganizationsRolesPatchCall struct { 3667 s *Service 3668 name string 3669 role *Role 3670 urlParams_ gensupport.URLParams 3671 ctx_ context.Context 3672 header_ http.Header 3673} 3674 3675// Patch: Updates the definition of a custom Role. 3676// 3677// - name: The `name` parameter's value depends on the target resource 3678// for the request, namely `projects` 3679// (/iam/reference/rest/v1/projects.roles) or `organizations` 3680// (/iam/reference/rest/v1/organizations.roles). Each resource type's 3681// `name` value format is described below: * `projects.roles.patch()` 3682// (/iam/reference/rest/v1/projects.roles/patch): 3683// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates 3684// only custom roles (/iam/docs/understanding-custom-roles) that have 3685// been created at the project level. Example request URL: 3686// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 3687// OLE_ID}` * `organizations.roles.patch()` 3688// (/iam/reference/rest/v1/organizations.roles/patch): 3689// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 3690// method updates only custom roles 3691// (/iam/docs/understanding-custom-roles) that have been created at 3692// the organization level. Example request URL: 3693// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 3694// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 3695// specify a complete project ID or organization ID. 3696func (r *OrganizationsRolesService) Patch(name string, role *Role) *OrganizationsRolesPatchCall { 3697 c := &OrganizationsRolesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3698 c.name = name 3699 c.role = role 3700 return c 3701} 3702 3703// UpdateMask sets the optional parameter "updateMask": A mask 3704// describing which fields in the Role have changed. 3705func (c *OrganizationsRolesPatchCall) UpdateMask(updateMask string) *OrganizationsRolesPatchCall { 3706 c.urlParams_.Set("updateMask", updateMask) 3707 return c 3708} 3709 3710// Fields allows partial responses to be retrieved. See 3711// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3712// for more information. 3713func (c *OrganizationsRolesPatchCall) Fields(s ...googleapi.Field) *OrganizationsRolesPatchCall { 3714 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3715 return c 3716} 3717 3718// Context sets the context to be used in this call's Do method. Any 3719// pending HTTP request will be aborted if the provided context is 3720// canceled. 3721func (c *OrganizationsRolesPatchCall) Context(ctx context.Context) *OrganizationsRolesPatchCall { 3722 c.ctx_ = ctx 3723 return c 3724} 3725 3726// Header returns an http.Header that can be modified by the caller to 3727// add HTTP headers to the request. 3728func (c *OrganizationsRolesPatchCall) Header() http.Header { 3729 if c.header_ == nil { 3730 c.header_ = make(http.Header) 3731 } 3732 return c.header_ 3733} 3734 3735func (c *OrganizationsRolesPatchCall) doRequest(alt string) (*http.Response, error) { 3736 reqHeaders := make(http.Header) 3737 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 3738 for k, v := range c.header_ { 3739 reqHeaders[k] = v 3740 } 3741 reqHeaders.Set("User-Agent", c.s.userAgent()) 3742 var body io.Reader = nil 3743 body, err := googleapi.WithoutDataWrapper.JSONReader(c.role) 3744 if err != nil { 3745 return nil, err 3746 } 3747 reqHeaders.Set("Content-Type", "application/json") 3748 c.urlParams_.Set("alt", alt) 3749 c.urlParams_.Set("prettyPrint", "false") 3750 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3751 urls += "?" + c.urlParams_.Encode() 3752 req, err := http.NewRequest("PATCH", urls, body) 3753 if err != nil { 3754 return nil, err 3755 } 3756 req.Header = reqHeaders 3757 googleapi.Expand(req.URL, map[string]string{ 3758 "name": c.name, 3759 }) 3760 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3761} 3762 3763// Do executes the "iam.organizations.roles.patch" call. 3764// Exactly one of *Role or error will be non-nil. Any non-2xx status 3765// code is an error. Response headers are in either 3766// *Role.ServerResponse.Header or (if a response was returned at all) in 3767// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3768// whether the returned error was because http.StatusNotModified was 3769// returned. 3770func (c *OrganizationsRolesPatchCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3771 gensupport.SetOptions(c.urlParams_, opts...) 3772 res, err := c.doRequest("json") 3773 if res != nil && res.StatusCode == http.StatusNotModified { 3774 if res.Body != nil { 3775 res.Body.Close() 3776 } 3777 return nil, &googleapi.Error{ 3778 Code: res.StatusCode, 3779 Header: res.Header, 3780 } 3781 } 3782 if err != nil { 3783 return nil, err 3784 } 3785 defer googleapi.CloseBody(res) 3786 if err := googleapi.CheckResponse(res); err != nil { 3787 return nil, err 3788 } 3789 ret := &Role{ 3790 ServerResponse: googleapi.ServerResponse{ 3791 Header: res.Header, 3792 HTTPStatusCode: res.StatusCode, 3793 }, 3794 } 3795 target := &ret 3796 if err := gensupport.DecodeResponse(target, res); err != nil { 3797 return nil, err 3798 } 3799 return ret, nil 3800 // { 3801 // "description": "Updates the definition of a custom Role.", 3802 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 3803 // "httpMethod": "PATCH", 3804 // "id": "iam.organizations.roles.patch", 3805 // "parameterOrder": [ 3806 // "name" 3807 // ], 3808 // "parameters": { 3809 // "name": { 3810 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.patch()`](/iam/reference/rest/v1/projects.roles/patch): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.patch()`](/iam/reference/rest/v1/organizations.roles/patch): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3811 // "location": "path", 3812 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3813 // "required": true, 3814 // "type": "string" 3815 // }, 3816 // "updateMask": { 3817 // "description": "A mask describing which fields in the Role have changed.", 3818 // "format": "google-fieldmask", 3819 // "location": "query", 3820 // "type": "string" 3821 // } 3822 // }, 3823 // "path": "v1/{+name}", 3824 // "request": { 3825 // "$ref": "Role" 3826 // }, 3827 // "response": { 3828 // "$ref": "Role" 3829 // }, 3830 // "scopes": [ 3831 // "https://www.googleapis.com/auth/cloud-platform" 3832 // ] 3833 // } 3834 3835} 3836 3837// method id "iam.organizations.roles.undelete": 3838 3839type OrganizationsRolesUndeleteCall struct { 3840 s *Service 3841 name string 3842 undeleterolerequest *UndeleteRoleRequest 3843 urlParams_ gensupport.URLParams 3844 ctx_ context.Context 3845 header_ http.Header 3846} 3847 3848// Undelete: Undeletes a custom Role. 3849// 3850// - name: The `name` parameter's value depends on the target resource 3851// for the request, namely `projects` 3852// (/iam/reference/rest/v1/projects.roles) or `organizations` 3853// (/iam/reference/rest/v1/organizations.roles). Each resource type's 3854// `name` value format is described below: * 3855// `projects.roles.undelete()` 3856// (/iam/reference/rest/v1/projects.roles/undelete): 3857// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method 3858// undeletes only custom roles (/iam/docs/understanding-custom-roles) 3859// that have been created at the project level. Example request URL: 3860// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 3861// OLE_ID}` * `organizations.roles.undelete()` 3862// (/iam/reference/rest/v1/organizations.roles/undelete): 3863// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 3864// method undeletes only custom roles 3865// (/iam/docs/understanding-custom-roles) that have been created at 3866// the organization level. Example request URL: 3867// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 3868// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 3869// specify a complete project ID or organization ID. 3870func (r *OrganizationsRolesService) Undelete(name string, undeleterolerequest *UndeleteRoleRequest) *OrganizationsRolesUndeleteCall { 3871 c := &OrganizationsRolesUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3872 c.name = name 3873 c.undeleterolerequest = undeleterolerequest 3874 return c 3875} 3876 3877// Fields allows partial responses to be retrieved. See 3878// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3879// for more information. 3880func (c *OrganizationsRolesUndeleteCall) Fields(s ...googleapi.Field) *OrganizationsRolesUndeleteCall { 3881 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3882 return c 3883} 3884 3885// Context sets the context to be used in this call's Do method. Any 3886// pending HTTP request will be aborted if the provided context is 3887// canceled. 3888func (c *OrganizationsRolesUndeleteCall) Context(ctx context.Context) *OrganizationsRolesUndeleteCall { 3889 c.ctx_ = ctx 3890 return c 3891} 3892 3893// Header returns an http.Header that can be modified by the caller to 3894// add HTTP headers to the request. 3895func (c *OrganizationsRolesUndeleteCall) Header() http.Header { 3896 if c.header_ == nil { 3897 c.header_ = make(http.Header) 3898 } 3899 return c.header_ 3900} 3901 3902func (c *OrganizationsRolesUndeleteCall) doRequest(alt string) (*http.Response, error) { 3903 reqHeaders := make(http.Header) 3904 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 3905 for k, v := range c.header_ { 3906 reqHeaders[k] = v 3907 } 3908 reqHeaders.Set("User-Agent", c.s.userAgent()) 3909 var body io.Reader = nil 3910 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleterolerequest) 3911 if err != nil { 3912 return nil, err 3913 } 3914 reqHeaders.Set("Content-Type", "application/json") 3915 c.urlParams_.Set("alt", alt) 3916 c.urlParams_.Set("prettyPrint", "false") 3917 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 3918 urls += "?" + c.urlParams_.Encode() 3919 req, err := http.NewRequest("POST", urls, body) 3920 if err != nil { 3921 return nil, err 3922 } 3923 req.Header = reqHeaders 3924 googleapi.Expand(req.URL, map[string]string{ 3925 "name": c.name, 3926 }) 3927 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3928} 3929 3930// Do executes the "iam.organizations.roles.undelete" call. 3931// Exactly one of *Role or error will be non-nil. Any non-2xx status 3932// code is an error. Response headers are in either 3933// *Role.ServerResponse.Header or (if a response was returned at all) in 3934// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3935// whether the returned error was because http.StatusNotModified was 3936// returned. 3937func (c *OrganizationsRolesUndeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3938 gensupport.SetOptions(c.urlParams_, opts...) 3939 res, err := c.doRequest("json") 3940 if res != nil && res.StatusCode == http.StatusNotModified { 3941 if res.Body != nil { 3942 res.Body.Close() 3943 } 3944 return nil, &googleapi.Error{ 3945 Code: res.StatusCode, 3946 Header: res.Header, 3947 } 3948 } 3949 if err != nil { 3950 return nil, err 3951 } 3952 defer googleapi.CloseBody(res) 3953 if err := googleapi.CheckResponse(res); err != nil { 3954 return nil, err 3955 } 3956 ret := &Role{ 3957 ServerResponse: googleapi.ServerResponse{ 3958 Header: res.Header, 3959 HTTPStatusCode: res.StatusCode, 3960 }, 3961 } 3962 target := &ret 3963 if err := gensupport.DecodeResponse(target, res); err != nil { 3964 return nil, err 3965 } 3966 return ret, nil 3967 // { 3968 // "description": "Undeletes a custom Role.", 3969 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}:undelete", 3970 // "httpMethod": "POST", 3971 // "id": "iam.organizations.roles.undelete", 3972 // "parameterOrder": [ 3973 // "name" 3974 // ], 3975 // "parameters": { 3976 // "name": { 3977 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.undelete()`](/iam/reference/rest/v1/projects.roles/undelete): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.undelete()`](/iam/reference/rest/v1/organizations.roles/undelete): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3978 // "location": "path", 3979 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3980 // "required": true, 3981 // "type": "string" 3982 // } 3983 // }, 3984 // "path": "v1/{+name}:undelete", 3985 // "request": { 3986 // "$ref": "UndeleteRoleRequest" 3987 // }, 3988 // "response": { 3989 // "$ref": "Role" 3990 // }, 3991 // "scopes": [ 3992 // "https://www.googleapis.com/auth/cloud-platform" 3993 // ] 3994 // } 3995 3996} 3997 3998// method id "iam.permissions.queryTestablePermissions": 3999 4000type PermissionsQueryTestablePermissionsCall struct { 4001 s *Service 4002 querytestablepermissionsrequest *QueryTestablePermissionsRequest 4003 urlParams_ gensupport.URLParams 4004 ctx_ context.Context 4005 header_ http.Header 4006} 4007 4008// QueryTestablePermissions: Lists every permission that you can test on 4009// a resource. A permission is testable if you can check whether a 4010// member has that permission on the resource. 4011func (r *PermissionsService) QueryTestablePermissions(querytestablepermissionsrequest *QueryTestablePermissionsRequest) *PermissionsQueryTestablePermissionsCall { 4012 c := &PermissionsQueryTestablePermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4013 c.querytestablepermissionsrequest = querytestablepermissionsrequest 4014 return c 4015} 4016 4017// Fields allows partial responses to be retrieved. See 4018// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4019// for more information. 4020func (c *PermissionsQueryTestablePermissionsCall) Fields(s ...googleapi.Field) *PermissionsQueryTestablePermissionsCall { 4021 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4022 return c 4023} 4024 4025// Context sets the context to be used in this call's Do method. Any 4026// pending HTTP request will be aborted if the provided context is 4027// canceled. 4028func (c *PermissionsQueryTestablePermissionsCall) Context(ctx context.Context) *PermissionsQueryTestablePermissionsCall { 4029 c.ctx_ = ctx 4030 return c 4031} 4032 4033// Header returns an http.Header that can be modified by the caller to 4034// add HTTP headers to the request. 4035func (c *PermissionsQueryTestablePermissionsCall) Header() http.Header { 4036 if c.header_ == nil { 4037 c.header_ = make(http.Header) 4038 } 4039 return c.header_ 4040} 4041 4042func (c *PermissionsQueryTestablePermissionsCall) doRequest(alt string) (*http.Response, error) { 4043 reqHeaders := make(http.Header) 4044 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 4045 for k, v := range c.header_ { 4046 reqHeaders[k] = v 4047 } 4048 reqHeaders.Set("User-Agent", c.s.userAgent()) 4049 var body io.Reader = nil 4050 body, err := googleapi.WithoutDataWrapper.JSONReader(c.querytestablepermissionsrequest) 4051 if err != nil { 4052 return nil, err 4053 } 4054 reqHeaders.Set("Content-Type", "application/json") 4055 c.urlParams_.Set("alt", alt) 4056 c.urlParams_.Set("prettyPrint", "false") 4057 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/permissions:queryTestablePermissions") 4058 urls += "?" + c.urlParams_.Encode() 4059 req, err := http.NewRequest("POST", urls, body) 4060 if err != nil { 4061 return nil, err 4062 } 4063 req.Header = reqHeaders 4064 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4065} 4066 4067// Do executes the "iam.permissions.queryTestablePermissions" call. 4068// Exactly one of *QueryTestablePermissionsResponse or error will be 4069// non-nil. Any non-2xx status code is an error. Response headers are in 4070// either *QueryTestablePermissionsResponse.ServerResponse.Header or (if 4071// a response was returned at all) in error.(*googleapi.Error).Header. 4072// Use googleapi.IsNotModified to check whether the returned error was 4073// because http.StatusNotModified was returned. 4074func (c *PermissionsQueryTestablePermissionsCall) Do(opts ...googleapi.CallOption) (*QueryTestablePermissionsResponse, error) { 4075 gensupport.SetOptions(c.urlParams_, opts...) 4076 res, err := c.doRequest("json") 4077 if res != nil && res.StatusCode == http.StatusNotModified { 4078 if res.Body != nil { 4079 res.Body.Close() 4080 } 4081 return nil, &googleapi.Error{ 4082 Code: res.StatusCode, 4083 Header: res.Header, 4084 } 4085 } 4086 if err != nil { 4087 return nil, err 4088 } 4089 defer googleapi.CloseBody(res) 4090 if err := googleapi.CheckResponse(res); err != nil { 4091 return nil, err 4092 } 4093 ret := &QueryTestablePermissionsResponse{ 4094 ServerResponse: googleapi.ServerResponse{ 4095 Header: res.Header, 4096 HTTPStatusCode: res.StatusCode, 4097 }, 4098 } 4099 target := &ret 4100 if err := gensupport.DecodeResponse(target, res); err != nil { 4101 return nil, err 4102 } 4103 return ret, nil 4104 // { 4105 // "description": "Lists every permission that you can test on a resource. A permission is testable if you can check whether a member has that permission on the resource.", 4106 // "flatPath": "v1/permissions:queryTestablePermissions", 4107 // "httpMethod": "POST", 4108 // "id": "iam.permissions.queryTestablePermissions", 4109 // "parameterOrder": [], 4110 // "parameters": {}, 4111 // "path": "v1/permissions:queryTestablePermissions", 4112 // "request": { 4113 // "$ref": "QueryTestablePermissionsRequest" 4114 // }, 4115 // "response": { 4116 // "$ref": "QueryTestablePermissionsResponse" 4117 // }, 4118 // "scopes": [ 4119 // "https://www.googleapis.com/auth/cloud-platform" 4120 // ] 4121 // } 4122 4123} 4124 4125// Pages invokes f for each page of results. 4126// A non-nil error returned from f will halt the iteration. 4127// The provided context supersedes any context provided to the Context method. 4128func (c *PermissionsQueryTestablePermissionsCall) Pages(ctx context.Context, f func(*QueryTestablePermissionsResponse) error) error { 4129 c.ctx_ = ctx 4130 defer func(pt string) { c.querytestablepermissionsrequest.PageToken = pt }(c.querytestablepermissionsrequest.PageToken) // reset paging to original point 4131 for { 4132 x, err := c.Do() 4133 if err != nil { 4134 return err 4135 } 4136 if err := f(x); err != nil { 4137 return err 4138 } 4139 if x.NextPageToken == "" { 4140 return nil 4141 } 4142 c.querytestablepermissionsrequest.PageToken = x.NextPageToken 4143 } 4144} 4145 4146// method id "iam.projects.locations.workloadIdentityPools.create": 4147 4148type ProjectsLocationsWorkloadIdentityPoolsCreateCall struct { 4149 s *Service 4150 parent string 4151 workloadidentitypool *WorkloadIdentityPool 4152 urlParams_ gensupport.URLParams 4153 ctx_ context.Context 4154 header_ http.Header 4155} 4156 4157// Create: Creates a new WorkloadIdentityPool. You cannot reuse the name 4158// of a deleted pool until 30 days after deletion. 4159// 4160// - parent: The parent resource to create the pool in. The only 4161// supported location is `global`. 4162func (r *ProjectsLocationsWorkloadIdentityPoolsService) Create(parent string, workloadidentitypool *WorkloadIdentityPool) *ProjectsLocationsWorkloadIdentityPoolsCreateCall { 4163 c := &ProjectsLocationsWorkloadIdentityPoolsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4164 c.parent = parent 4165 c.workloadidentitypool = workloadidentitypool 4166 return c 4167} 4168 4169// WorkloadIdentityPoolId sets the optional parameter 4170// "workloadIdentityPoolId": Required. The ID to use for the pool, which 4171// becomes the final component of the resource name. This value should 4172// be 4-32 characters, and may contain the characters [a-z0-9-]. The 4173// prefix `gcp-` is reserved for use by Google, and may not be 4174// specified. 4175func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) WorkloadIdentityPoolId(workloadIdentityPoolId string) *ProjectsLocationsWorkloadIdentityPoolsCreateCall { 4176 c.urlParams_.Set("workloadIdentityPoolId", workloadIdentityPoolId) 4177 return c 4178} 4179 4180// Fields allows partial responses to be retrieved. See 4181// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4182// for more information. 4183func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsCreateCall { 4184 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4185 return c 4186} 4187 4188// Context sets the context to be used in this call's Do method. Any 4189// pending HTTP request will be aborted if the provided context is 4190// canceled. 4191func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsCreateCall { 4192 c.ctx_ = ctx 4193 return c 4194} 4195 4196// Header returns an http.Header that can be modified by the caller to 4197// add HTTP headers to the request. 4198func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Header() http.Header { 4199 if c.header_ == nil { 4200 c.header_ = make(http.Header) 4201 } 4202 return c.header_ 4203} 4204 4205func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) doRequest(alt string) (*http.Response, error) { 4206 reqHeaders := make(http.Header) 4207 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 4208 for k, v := range c.header_ { 4209 reqHeaders[k] = v 4210 } 4211 reqHeaders.Set("User-Agent", c.s.userAgent()) 4212 var body io.Reader = nil 4213 body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypool) 4214 if err != nil { 4215 return nil, err 4216 } 4217 reqHeaders.Set("Content-Type", "application/json") 4218 c.urlParams_.Set("alt", alt) 4219 c.urlParams_.Set("prettyPrint", "false") 4220 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/workloadIdentityPools") 4221 urls += "?" + c.urlParams_.Encode() 4222 req, err := http.NewRequest("POST", urls, body) 4223 if err != nil { 4224 return nil, err 4225 } 4226 req.Header = reqHeaders 4227 googleapi.Expand(req.URL, map[string]string{ 4228 "parent": c.parent, 4229 }) 4230 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4231} 4232 4233// Do executes the "iam.projects.locations.workloadIdentityPools.create" call. 4234// Exactly one of *Operation or error will be non-nil. Any non-2xx 4235// status code is an error. Response headers are in either 4236// *Operation.ServerResponse.Header or (if a response was returned at 4237// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 4238// to check whether the returned error was because 4239// http.StatusNotModified was returned. 4240func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 4241 gensupport.SetOptions(c.urlParams_, opts...) 4242 res, err := c.doRequest("json") 4243 if res != nil && res.StatusCode == http.StatusNotModified { 4244 if res.Body != nil { 4245 res.Body.Close() 4246 } 4247 return nil, &googleapi.Error{ 4248 Code: res.StatusCode, 4249 Header: res.Header, 4250 } 4251 } 4252 if err != nil { 4253 return nil, err 4254 } 4255 defer googleapi.CloseBody(res) 4256 if err := googleapi.CheckResponse(res); err != nil { 4257 return nil, err 4258 } 4259 ret := &Operation{ 4260 ServerResponse: googleapi.ServerResponse{ 4261 Header: res.Header, 4262 HTTPStatusCode: res.StatusCode, 4263 }, 4264 } 4265 target := &ret 4266 if err := gensupport.DecodeResponse(target, res); err != nil { 4267 return nil, err 4268 } 4269 return ret, nil 4270 // { 4271 // "description": "Creates a new WorkloadIdentityPool. You cannot reuse the name of a deleted pool until 30 days after deletion.", 4272 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools", 4273 // "httpMethod": "POST", 4274 // "id": "iam.projects.locations.workloadIdentityPools.create", 4275 // "parameterOrder": [ 4276 // "parent" 4277 // ], 4278 // "parameters": { 4279 // "parent": { 4280 // "description": "Required. The parent resource to create the pool in. The only supported location is `global`.", 4281 // "location": "path", 4282 // "pattern": "^projects/[^/]+/locations/[^/]+$", 4283 // "required": true, 4284 // "type": "string" 4285 // }, 4286 // "workloadIdentityPoolId": { 4287 // "description": "Required. The ID to use for the pool, which becomes the final component of the resource name. This value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix `gcp-` is reserved for use by Google, and may not be specified.", 4288 // "location": "query", 4289 // "type": "string" 4290 // } 4291 // }, 4292 // "path": "v1/{+parent}/workloadIdentityPools", 4293 // "request": { 4294 // "$ref": "WorkloadIdentityPool" 4295 // }, 4296 // "response": { 4297 // "$ref": "Operation" 4298 // }, 4299 // "scopes": [ 4300 // "https://www.googleapis.com/auth/cloud-platform" 4301 // ] 4302 // } 4303 4304} 4305 4306// method id "iam.projects.locations.workloadIdentityPools.delete": 4307 4308type ProjectsLocationsWorkloadIdentityPoolsDeleteCall struct { 4309 s *Service 4310 name string 4311 urlParams_ gensupport.URLParams 4312 ctx_ context.Context 4313 header_ http.Header 4314} 4315 4316// Delete: Deletes a WorkloadIdentityPool. You cannot use a deleted pool 4317// to exchange external credentials for Google Cloud credentials. 4318// However, deletion does not revoke credentials that have already been 4319// issued. Credentials issued for a deleted pool do not grant access to 4320// resources. If the pool is undeleted, and the credentials are not 4321// expired, they grant access again. You can undelete a pool for 30 4322// days. After 30 days, deletion is permanent. You cannot update deleted 4323// pools. However, you can view and list them. 4324// 4325// - name: The name of the pool to delete. 4326func (r *ProjectsLocationsWorkloadIdentityPoolsService) Delete(name string) *ProjectsLocationsWorkloadIdentityPoolsDeleteCall { 4327 c := &ProjectsLocationsWorkloadIdentityPoolsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4328 c.name = name 4329 return c 4330} 4331 4332// Fields allows partial responses to be retrieved. See 4333// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4334// for more information. 4335func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsDeleteCall { 4336 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4337 return c 4338} 4339 4340// Context sets the context to be used in this call's Do method. Any 4341// pending HTTP request will be aborted if the provided context is 4342// canceled. 4343func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsDeleteCall { 4344 c.ctx_ = ctx 4345 return c 4346} 4347 4348// Header returns an http.Header that can be modified by the caller to 4349// add HTTP headers to the request. 4350func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Header() http.Header { 4351 if c.header_ == nil { 4352 c.header_ = make(http.Header) 4353 } 4354 return c.header_ 4355} 4356 4357func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) doRequest(alt string) (*http.Response, error) { 4358 reqHeaders := make(http.Header) 4359 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 4360 for k, v := range c.header_ { 4361 reqHeaders[k] = v 4362 } 4363 reqHeaders.Set("User-Agent", c.s.userAgent()) 4364 var body io.Reader = nil 4365 c.urlParams_.Set("alt", alt) 4366 c.urlParams_.Set("prettyPrint", "false") 4367 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4368 urls += "?" + c.urlParams_.Encode() 4369 req, err := http.NewRequest("DELETE", urls, body) 4370 if err != nil { 4371 return nil, err 4372 } 4373 req.Header = reqHeaders 4374 googleapi.Expand(req.URL, map[string]string{ 4375 "name": c.name, 4376 }) 4377 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4378} 4379 4380// Do executes the "iam.projects.locations.workloadIdentityPools.delete" call. 4381// Exactly one of *Operation or error will be non-nil. Any non-2xx 4382// status code is an error. Response headers are in either 4383// *Operation.ServerResponse.Header or (if a response was returned at 4384// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 4385// to check whether the returned error was because 4386// http.StatusNotModified was returned. 4387func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 4388 gensupport.SetOptions(c.urlParams_, opts...) 4389 res, err := c.doRequest("json") 4390 if res != nil && res.StatusCode == http.StatusNotModified { 4391 if res.Body != nil { 4392 res.Body.Close() 4393 } 4394 return nil, &googleapi.Error{ 4395 Code: res.StatusCode, 4396 Header: res.Header, 4397 } 4398 } 4399 if err != nil { 4400 return nil, err 4401 } 4402 defer googleapi.CloseBody(res) 4403 if err := googleapi.CheckResponse(res); err != nil { 4404 return nil, err 4405 } 4406 ret := &Operation{ 4407 ServerResponse: googleapi.ServerResponse{ 4408 Header: res.Header, 4409 HTTPStatusCode: res.StatusCode, 4410 }, 4411 } 4412 target := &ret 4413 if err := gensupport.DecodeResponse(target, res); err != nil { 4414 return nil, err 4415 } 4416 return ret, nil 4417 // { 4418 // "description": "Deletes a WorkloadIdentityPool. You cannot use a deleted pool to exchange external credentials for Google Cloud credentials. However, deletion does not revoke credentials that have already been issued. Credentials issued for a deleted pool do not grant access to resources. If the pool is undeleted, and the credentials are not expired, they grant access again. You can undelete a pool for 30 days. After 30 days, deletion is permanent. You cannot update deleted pools. However, you can view and list them.", 4419 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}", 4420 // "httpMethod": "DELETE", 4421 // "id": "iam.projects.locations.workloadIdentityPools.delete", 4422 // "parameterOrder": [ 4423 // "name" 4424 // ], 4425 // "parameters": { 4426 // "name": { 4427 // "description": "Required. The name of the pool to delete.", 4428 // "location": "path", 4429 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 4430 // "required": true, 4431 // "type": "string" 4432 // } 4433 // }, 4434 // "path": "v1/{+name}", 4435 // "response": { 4436 // "$ref": "Operation" 4437 // }, 4438 // "scopes": [ 4439 // "https://www.googleapis.com/auth/cloud-platform" 4440 // ] 4441 // } 4442 4443} 4444 4445// method id "iam.projects.locations.workloadIdentityPools.get": 4446 4447type ProjectsLocationsWorkloadIdentityPoolsGetCall struct { 4448 s *Service 4449 name string 4450 urlParams_ gensupport.URLParams 4451 ifNoneMatch_ string 4452 ctx_ context.Context 4453 header_ http.Header 4454} 4455 4456// Get: Gets an individual WorkloadIdentityPool. 4457// 4458// - name: The name of the pool to retrieve. 4459func (r *ProjectsLocationsWorkloadIdentityPoolsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsGetCall { 4460 c := &ProjectsLocationsWorkloadIdentityPoolsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4461 c.name = name 4462 return c 4463} 4464 4465// Fields allows partial responses to be retrieved. See 4466// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4467// for more information. 4468func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsGetCall { 4469 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4470 return c 4471} 4472 4473// IfNoneMatch sets the optional parameter which makes the operation 4474// fail if the object's ETag matches the given value. This is useful for 4475// getting updates only after the object has changed since the last 4476// request. Use googleapi.IsNotModified to check whether the response 4477// error from Do is the result of In-None-Match. 4478func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsGetCall { 4479 c.ifNoneMatch_ = entityTag 4480 return c 4481} 4482 4483// Context sets the context to be used in this call's Do method. Any 4484// pending HTTP request will be aborted if the provided context is 4485// canceled. 4486func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsGetCall { 4487 c.ctx_ = ctx 4488 return c 4489} 4490 4491// Header returns an http.Header that can be modified by the caller to 4492// add HTTP headers to the request. 4493func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Header() http.Header { 4494 if c.header_ == nil { 4495 c.header_ = make(http.Header) 4496 } 4497 return c.header_ 4498} 4499 4500func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) doRequest(alt string) (*http.Response, error) { 4501 reqHeaders := make(http.Header) 4502 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 4503 for k, v := range c.header_ { 4504 reqHeaders[k] = v 4505 } 4506 reqHeaders.Set("User-Agent", c.s.userAgent()) 4507 if c.ifNoneMatch_ != "" { 4508 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 4509 } 4510 var body io.Reader = nil 4511 c.urlParams_.Set("alt", alt) 4512 c.urlParams_.Set("prettyPrint", "false") 4513 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4514 urls += "?" + c.urlParams_.Encode() 4515 req, err := http.NewRequest("GET", urls, body) 4516 if err != nil { 4517 return nil, err 4518 } 4519 req.Header = reqHeaders 4520 googleapi.Expand(req.URL, map[string]string{ 4521 "name": c.name, 4522 }) 4523 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4524} 4525 4526// Do executes the "iam.projects.locations.workloadIdentityPools.get" call. 4527// Exactly one of *WorkloadIdentityPool or error will be non-nil. Any 4528// non-2xx status code is an error. Response headers are in either 4529// *WorkloadIdentityPool.ServerResponse.Header or (if a response was 4530// returned at all) in error.(*googleapi.Error).Header. Use 4531// googleapi.IsNotModified to check whether the returned error was 4532// because http.StatusNotModified was returned. 4533func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Do(opts ...googleapi.CallOption) (*WorkloadIdentityPool, error) { 4534 gensupport.SetOptions(c.urlParams_, opts...) 4535 res, err := c.doRequest("json") 4536 if res != nil && res.StatusCode == http.StatusNotModified { 4537 if res.Body != nil { 4538 res.Body.Close() 4539 } 4540 return nil, &googleapi.Error{ 4541 Code: res.StatusCode, 4542 Header: res.Header, 4543 } 4544 } 4545 if err != nil { 4546 return nil, err 4547 } 4548 defer googleapi.CloseBody(res) 4549 if err := googleapi.CheckResponse(res); err != nil { 4550 return nil, err 4551 } 4552 ret := &WorkloadIdentityPool{ 4553 ServerResponse: googleapi.ServerResponse{ 4554 Header: res.Header, 4555 HTTPStatusCode: res.StatusCode, 4556 }, 4557 } 4558 target := &ret 4559 if err := gensupport.DecodeResponse(target, res); err != nil { 4560 return nil, err 4561 } 4562 return ret, nil 4563 // { 4564 // "description": "Gets an individual WorkloadIdentityPool.", 4565 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}", 4566 // "httpMethod": "GET", 4567 // "id": "iam.projects.locations.workloadIdentityPools.get", 4568 // "parameterOrder": [ 4569 // "name" 4570 // ], 4571 // "parameters": { 4572 // "name": { 4573 // "description": "Required. The name of the pool to retrieve.", 4574 // "location": "path", 4575 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 4576 // "required": true, 4577 // "type": "string" 4578 // } 4579 // }, 4580 // "path": "v1/{+name}", 4581 // "response": { 4582 // "$ref": "WorkloadIdentityPool" 4583 // }, 4584 // "scopes": [ 4585 // "https://www.googleapis.com/auth/cloud-platform" 4586 // ] 4587 // } 4588 4589} 4590 4591// method id "iam.projects.locations.workloadIdentityPools.list": 4592 4593type ProjectsLocationsWorkloadIdentityPoolsListCall struct { 4594 s *Service 4595 parent string 4596 urlParams_ gensupport.URLParams 4597 ifNoneMatch_ string 4598 ctx_ context.Context 4599 header_ http.Header 4600} 4601 4602// List: Lists all non-deleted WorkloadIdentityPools in a project. If 4603// `show_deleted` is set to `true`, then deleted pools are also listed. 4604// 4605// - parent: The parent resource to list pools for. 4606func (r *ProjectsLocationsWorkloadIdentityPoolsService) List(parent string) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4607 c := &ProjectsLocationsWorkloadIdentityPoolsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4608 c.parent = parent 4609 return c 4610} 4611 4612// PageSize sets the optional parameter "pageSize": The maximum number 4613// of pools to return. If unspecified, at most 50 pools are returned. 4614// The maximum value is 1000; values above are 1000 truncated to 1000. 4615func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) PageSize(pageSize int64) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4616 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 4617 return c 4618} 4619 4620// PageToken sets the optional parameter "pageToken": A page token, 4621// received from a previous `ListWorkloadIdentityPools` call. Provide 4622// this to retrieve the subsequent page. 4623func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) PageToken(pageToken string) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4624 c.urlParams_.Set("pageToken", pageToken) 4625 return c 4626} 4627 4628// ShowDeleted sets the optional parameter "showDeleted": Whether to 4629// return soft-deleted pools. 4630func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) ShowDeleted(showDeleted bool) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4631 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 4632 return c 4633} 4634 4635// Fields allows partial responses to be retrieved. See 4636// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4637// for more information. 4638func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4639 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4640 return c 4641} 4642 4643// IfNoneMatch sets the optional parameter which makes the operation 4644// fail if the object's ETag matches the given value. This is useful for 4645// getting updates only after the object has changed since the last 4646// request. Use googleapi.IsNotModified to check whether the response 4647// error from Do is the result of In-None-Match. 4648func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4649 c.ifNoneMatch_ = entityTag 4650 return c 4651} 4652 4653// Context sets the context to be used in this call's Do method. Any 4654// pending HTTP request will be aborted if the provided context is 4655// canceled. 4656func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4657 c.ctx_ = ctx 4658 return c 4659} 4660 4661// Header returns an http.Header that can be modified by the caller to 4662// add HTTP headers to the request. 4663func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Header() http.Header { 4664 if c.header_ == nil { 4665 c.header_ = make(http.Header) 4666 } 4667 return c.header_ 4668} 4669 4670func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) doRequest(alt string) (*http.Response, error) { 4671 reqHeaders := make(http.Header) 4672 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 4673 for k, v := range c.header_ { 4674 reqHeaders[k] = v 4675 } 4676 reqHeaders.Set("User-Agent", c.s.userAgent()) 4677 if c.ifNoneMatch_ != "" { 4678 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 4679 } 4680 var body io.Reader = nil 4681 c.urlParams_.Set("alt", alt) 4682 c.urlParams_.Set("prettyPrint", "false") 4683 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/workloadIdentityPools") 4684 urls += "?" + c.urlParams_.Encode() 4685 req, err := http.NewRequest("GET", urls, body) 4686 if err != nil { 4687 return nil, err 4688 } 4689 req.Header = reqHeaders 4690 googleapi.Expand(req.URL, map[string]string{ 4691 "parent": c.parent, 4692 }) 4693 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4694} 4695 4696// Do executes the "iam.projects.locations.workloadIdentityPools.list" call. 4697// Exactly one of *ListWorkloadIdentityPoolsResponse or error will be 4698// non-nil. Any non-2xx status code is an error. Response headers are in 4699// either *ListWorkloadIdentityPoolsResponse.ServerResponse.Header or 4700// (if a response was returned at all) in 4701// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 4702// whether the returned error was because http.StatusNotModified was 4703// returned. 4704func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Do(opts ...googleapi.CallOption) (*ListWorkloadIdentityPoolsResponse, error) { 4705 gensupport.SetOptions(c.urlParams_, opts...) 4706 res, err := c.doRequest("json") 4707 if res != nil && res.StatusCode == http.StatusNotModified { 4708 if res.Body != nil { 4709 res.Body.Close() 4710 } 4711 return nil, &googleapi.Error{ 4712 Code: res.StatusCode, 4713 Header: res.Header, 4714 } 4715 } 4716 if err != nil { 4717 return nil, err 4718 } 4719 defer googleapi.CloseBody(res) 4720 if err := googleapi.CheckResponse(res); err != nil { 4721 return nil, err 4722 } 4723 ret := &ListWorkloadIdentityPoolsResponse{ 4724 ServerResponse: googleapi.ServerResponse{ 4725 Header: res.Header, 4726 HTTPStatusCode: res.StatusCode, 4727 }, 4728 } 4729 target := &ret 4730 if err := gensupport.DecodeResponse(target, res); err != nil { 4731 return nil, err 4732 } 4733 return ret, nil 4734 // { 4735 // "description": "Lists all non-deleted WorkloadIdentityPools in a project. If `show_deleted` is set to `true`, then deleted pools are also listed.", 4736 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools", 4737 // "httpMethod": "GET", 4738 // "id": "iam.projects.locations.workloadIdentityPools.list", 4739 // "parameterOrder": [ 4740 // "parent" 4741 // ], 4742 // "parameters": { 4743 // "pageSize": { 4744 // "description": "The maximum number of pools to return. If unspecified, at most 50 pools are returned. The maximum value is 1000; values above are 1000 truncated to 1000.", 4745 // "format": "int32", 4746 // "location": "query", 4747 // "type": "integer" 4748 // }, 4749 // "pageToken": { 4750 // "description": "A page token, received from a previous `ListWorkloadIdentityPools` call. Provide this to retrieve the subsequent page.", 4751 // "location": "query", 4752 // "type": "string" 4753 // }, 4754 // "parent": { 4755 // "description": "Required. The parent resource to list pools for.", 4756 // "location": "path", 4757 // "pattern": "^projects/[^/]+/locations/[^/]+$", 4758 // "required": true, 4759 // "type": "string" 4760 // }, 4761 // "showDeleted": { 4762 // "description": "Whether to return soft-deleted pools.", 4763 // "location": "query", 4764 // "type": "boolean" 4765 // } 4766 // }, 4767 // "path": "v1/{+parent}/workloadIdentityPools", 4768 // "response": { 4769 // "$ref": "ListWorkloadIdentityPoolsResponse" 4770 // }, 4771 // "scopes": [ 4772 // "https://www.googleapis.com/auth/cloud-platform" 4773 // ] 4774 // } 4775 4776} 4777 4778// Pages invokes f for each page of results. 4779// A non-nil error returned from f will halt the iteration. 4780// The provided context supersedes any context provided to the Context method. 4781func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Pages(ctx context.Context, f func(*ListWorkloadIdentityPoolsResponse) error) error { 4782 c.ctx_ = ctx 4783 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 4784 for { 4785 x, err := c.Do() 4786 if err != nil { 4787 return err 4788 } 4789 if err := f(x); err != nil { 4790 return err 4791 } 4792 if x.NextPageToken == "" { 4793 return nil 4794 } 4795 c.PageToken(x.NextPageToken) 4796 } 4797} 4798 4799// method id "iam.projects.locations.workloadIdentityPools.patch": 4800 4801type ProjectsLocationsWorkloadIdentityPoolsPatchCall struct { 4802 s *Service 4803 name string 4804 workloadidentitypool *WorkloadIdentityPool 4805 urlParams_ gensupport.URLParams 4806 ctx_ context.Context 4807 header_ http.Header 4808} 4809 4810// Patch: Updates an existing WorkloadIdentityPool. 4811// 4812// - name: Output only. The resource name of the pool. 4813func (r *ProjectsLocationsWorkloadIdentityPoolsService) Patch(name string, workloadidentitypool *WorkloadIdentityPool) *ProjectsLocationsWorkloadIdentityPoolsPatchCall { 4814 c := &ProjectsLocationsWorkloadIdentityPoolsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4815 c.name = name 4816 c.workloadidentitypool = workloadidentitypool 4817 return c 4818} 4819 4820// UpdateMask sets the optional parameter "updateMask": Required. The 4821// list of fields to update. 4822func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) UpdateMask(updateMask string) *ProjectsLocationsWorkloadIdentityPoolsPatchCall { 4823 c.urlParams_.Set("updateMask", updateMask) 4824 return c 4825} 4826 4827// Fields allows partial responses to be retrieved. See 4828// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4829// for more information. 4830func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsPatchCall { 4831 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4832 return c 4833} 4834 4835// Context sets the context to be used in this call's Do method. Any 4836// pending HTTP request will be aborted if the provided context is 4837// canceled. 4838func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsPatchCall { 4839 c.ctx_ = ctx 4840 return c 4841} 4842 4843// Header returns an http.Header that can be modified by the caller to 4844// add HTTP headers to the request. 4845func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Header() http.Header { 4846 if c.header_ == nil { 4847 c.header_ = make(http.Header) 4848 } 4849 return c.header_ 4850} 4851 4852func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) doRequest(alt string) (*http.Response, error) { 4853 reqHeaders := make(http.Header) 4854 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 4855 for k, v := range c.header_ { 4856 reqHeaders[k] = v 4857 } 4858 reqHeaders.Set("User-Agent", c.s.userAgent()) 4859 var body io.Reader = nil 4860 body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypool) 4861 if err != nil { 4862 return nil, err 4863 } 4864 reqHeaders.Set("Content-Type", "application/json") 4865 c.urlParams_.Set("alt", alt) 4866 c.urlParams_.Set("prettyPrint", "false") 4867 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4868 urls += "?" + c.urlParams_.Encode() 4869 req, err := http.NewRequest("PATCH", urls, body) 4870 if err != nil { 4871 return nil, err 4872 } 4873 req.Header = reqHeaders 4874 googleapi.Expand(req.URL, map[string]string{ 4875 "name": c.name, 4876 }) 4877 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4878} 4879 4880// Do executes the "iam.projects.locations.workloadIdentityPools.patch" call. 4881// Exactly one of *Operation or error will be non-nil. Any non-2xx 4882// status code is an error. Response headers are in either 4883// *Operation.ServerResponse.Header or (if a response was returned at 4884// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 4885// to check whether the returned error was because 4886// http.StatusNotModified was returned. 4887func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 4888 gensupport.SetOptions(c.urlParams_, opts...) 4889 res, err := c.doRequest("json") 4890 if res != nil && res.StatusCode == http.StatusNotModified { 4891 if res.Body != nil { 4892 res.Body.Close() 4893 } 4894 return nil, &googleapi.Error{ 4895 Code: res.StatusCode, 4896 Header: res.Header, 4897 } 4898 } 4899 if err != nil { 4900 return nil, err 4901 } 4902 defer googleapi.CloseBody(res) 4903 if err := googleapi.CheckResponse(res); err != nil { 4904 return nil, err 4905 } 4906 ret := &Operation{ 4907 ServerResponse: googleapi.ServerResponse{ 4908 Header: res.Header, 4909 HTTPStatusCode: res.StatusCode, 4910 }, 4911 } 4912 target := &ret 4913 if err := gensupport.DecodeResponse(target, res); err != nil { 4914 return nil, err 4915 } 4916 return ret, nil 4917 // { 4918 // "description": "Updates an existing WorkloadIdentityPool.", 4919 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}", 4920 // "httpMethod": "PATCH", 4921 // "id": "iam.projects.locations.workloadIdentityPools.patch", 4922 // "parameterOrder": [ 4923 // "name" 4924 // ], 4925 // "parameters": { 4926 // "name": { 4927 // "description": "Output only. The resource name of the pool.", 4928 // "location": "path", 4929 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 4930 // "required": true, 4931 // "type": "string" 4932 // }, 4933 // "updateMask": { 4934 // "description": "Required. The list of fields to update.", 4935 // "format": "google-fieldmask", 4936 // "location": "query", 4937 // "type": "string" 4938 // } 4939 // }, 4940 // "path": "v1/{+name}", 4941 // "request": { 4942 // "$ref": "WorkloadIdentityPool" 4943 // }, 4944 // "response": { 4945 // "$ref": "Operation" 4946 // }, 4947 // "scopes": [ 4948 // "https://www.googleapis.com/auth/cloud-platform" 4949 // ] 4950 // } 4951 4952} 4953 4954// method id "iam.projects.locations.workloadIdentityPools.undelete": 4955 4956type ProjectsLocationsWorkloadIdentityPoolsUndeleteCall struct { 4957 s *Service 4958 name string 4959 undeleteworkloadidentitypoolrequest *UndeleteWorkloadIdentityPoolRequest 4960 urlParams_ gensupport.URLParams 4961 ctx_ context.Context 4962 header_ http.Header 4963} 4964 4965// Undelete: Undeletes a WorkloadIdentityPool, as long as it was deleted 4966// fewer than 30 days ago. 4967// 4968// - name: The name of the pool to undelete. 4969func (r *ProjectsLocationsWorkloadIdentityPoolsService) Undelete(name string, undeleteworkloadidentitypoolrequest *UndeleteWorkloadIdentityPoolRequest) *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall { 4970 c := &ProjectsLocationsWorkloadIdentityPoolsUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4971 c.name = name 4972 c.undeleteworkloadidentitypoolrequest = undeleteworkloadidentitypoolrequest 4973 return c 4974} 4975 4976// Fields allows partial responses to be retrieved. See 4977// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4978// for more information. 4979func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall { 4980 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4981 return c 4982} 4983 4984// Context sets the context to be used in this call's Do method. Any 4985// pending HTTP request will be aborted if the provided context is 4986// canceled. 4987func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall { 4988 c.ctx_ = ctx 4989 return c 4990} 4991 4992// Header returns an http.Header that can be modified by the caller to 4993// add HTTP headers to the request. 4994func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Header() http.Header { 4995 if c.header_ == nil { 4996 c.header_ = make(http.Header) 4997 } 4998 return c.header_ 4999} 5000 5001func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) doRequest(alt string) (*http.Response, error) { 5002 reqHeaders := make(http.Header) 5003 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 5004 for k, v := range c.header_ { 5005 reqHeaders[k] = v 5006 } 5007 reqHeaders.Set("User-Agent", c.s.userAgent()) 5008 var body io.Reader = nil 5009 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteworkloadidentitypoolrequest) 5010 if err != nil { 5011 return nil, err 5012 } 5013 reqHeaders.Set("Content-Type", "application/json") 5014 c.urlParams_.Set("alt", alt) 5015 c.urlParams_.Set("prettyPrint", "false") 5016 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 5017 urls += "?" + c.urlParams_.Encode() 5018 req, err := http.NewRequest("POST", urls, body) 5019 if err != nil { 5020 return nil, err 5021 } 5022 req.Header = reqHeaders 5023 googleapi.Expand(req.URL, map[string]string{ 5024 "name": c.name, 5025 }) 5026 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5027} 5028 5029// Do executes the "iam.projects.locations.workloadIdentityPools.undelete" call. 5030// Exactly one of *Operation or error will be non-nil. Any non-2xx 5031// status code is an error. Response headers are in either 5032// *Operation.ServerResponse.Header or (if a response was returned at 5033// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5034// to check whether the returned error was because 5035// http.StatusNotModified was returned. 5036func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 5037 gensupport.SetOptions(c.urlParams_, opts...) 5038 res, err := c.doRequest("json") 5039 if res != nil && res.StatusCode == http.StatusNotModified { 5040 if res.Body != nil { 5041 res.Body.Close() 5042 } 5043 return nil, &googleapi.Error{ 5044 Code: res.StatusCode, 5045 Header: res.Header, 5046 } 5047 } 5048 if err != nil { 5049 return nil, err 5050 } 5051 defer googleapi.CloseBody(res) 5052 if err := googleapi.CheckResponse(res); err != nil { 5053 return nil, err 5054 } 5055 ret := &Operation{ 5056 ServerResponse: googleapi.ServerResponse{ 5057 Header: res.Header, 5058 HTTPStatusCode: res.StatusCode, 5059 }, 5060 } 5061 target := &ret 5062 if err := gensupport.DecodeResponse(target, res); err != nil { 5063 return nil, err 5064 } 5065 return ret, nil 5066 // { 5067 // "description": "Undeletes a WorkloadIdentityPool, as long as it was deleted fewer than 30 days ago.", 5068 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}:undelete", 5069 // "httpMethod": "POST", 5070 // "id": "iam.projects.locations.workloadIdentityPools.undelete", 5071 // "parameterOrder": [ 5072 // "name" 5073 // ], 5074 // "parameters": { 5075 // "name": { 5076 // "description": "Required. The name of the pool to undelete.", 5077 // "location": "path", 5078 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 5079 // "required": true, 5080 // "type": "string" 5081 // } 5082 // }, 5083 // "path": "v1/{+name}:undelete", 5084 // "request": { 5085 // "$ref": "UndeleteWorkloadIdentityPoolRequest" 5086 // }, 5087 // "response": { 5088 // "$ref": "Operation" 5089 // }, 5090 // "scopes": [ 5091 // "https://www.googleapis.com/auth/cloud-platform" 5092 // ] 5093 // } 5094 5095} 5096 5097// method id "iam.projects.locations.workloadIdentityPools.operations.get": 5098 5099type ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall struct { 5100 s *Service 5101 name string 5102 urlParams_ gensupport.URLParams 5103 ifNoneMatch_ string 5104 ctx_ context.Context 5105 header_ http.Header 5106} 5107 5108// Get: Gets the latest state of a long-running operation. Clients can 5109// use this method to poll the operation result at intervals as 5110// recommended by the API service. 5111// 5112// - name: The name of the operation resource. 5113func (r *ProjectsLocationsWorkloadIdentityPoolsOperationsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall { 5114 c := &ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5115 c.name = name 5116 return c 5117} 5118 5119// Fields allows partial responses to be retrieved. See 5120// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5121// for more information. 5122func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall { 5123 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5124 return c 5125} 5126 5127// IfNoneMatch sets the optional parameter which makes the operation 5128// fail if the object's ETag matches the given value. This is useful for 5129// getting updates only after the object has changed since the last 5130// request. Use googleapi.IsNotModified to check whether the response 5131// error from Do is the result of In-None-Match. 5132func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall { 5133 c.ifNoneMatch_ = entityTag 5134 return c 5135} 5136 5137// Context sets the context to be used in this call's Do method. Any 5138// pending HTTP request will be aborted if the provided context is 5139// canceled. 5140func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall { 5141 c.ctx_ = ctx 5142 return c 5143} 5144 5145// Header returns an http.Header that can be modified by the caller to 5146// add HTTP headers to the request. 5147func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Header() http.Header { 5148 if c.header_ == nil { 5149 c.header_ = make(http.Header) 5150 } 5151 return c.header_ 5152} 5153 5154func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) doRequest(alt string) (*http.Response, error) { 5155 reqHeaders := make(http.Header) 5156 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 5157 for k, v := range c.header_ { 5158 reqHeaders[k] = v 5159 } 5160 reqHeaders.Set("User-Agent", c.s.userAgent()) 5161 if c.ifNoneMatch_ != "" { 5162 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5163 } 5164 var body io.Reader = nil 5165 c.urlParams_.Set("alt", alt) 5166 c.urlParams_.Set("prettyPrint", "false") 5167 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5168 urls += "?" + c.urlParams_.Encode() 5169 req, err := http.NewRequest("GET", urls, body) 5170 if err != nil { 5171 return nil, err 5172 } 5173 req.Header = reqHeaders 5174 googleapi.Expand(req.URL, map[string]string{ 5175 "name": c.name, 5176 }) 5177 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5178} 5179 5180// Do executes the "iam.projects.locations.workloadIdentityPools.operations.get" call. 5181// Exactly one of *Operation or error will be non-nil. Any non-2xx 5182// status code is an error. Response headers are in either 5183// *Operation.ServerResponse.Header or (if a response was returned at 5184// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5185// to check whether the returned error was because 5186// http.StatusNotModified was returned. 5187func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 5188 gensupport.SetOptions(c.urlParams_, opts...) 5189 res, err := c.doRequest("json") 5190 if res != nil && res.StatusCode == http.StatusNotModified { 5191 if res.Body != nil { 5192 res.Body.Close() 5193 } 5194 return nil, &googleapi.Error{ 5195 Code: res.StatusCode, 5196 Header: res.Header, 5197 } 5198 } 5199 if err != nil { 5200 return nil, err 5201 } 5202 defer googleapi.CloseBody(res) 5203 if err := googleapi.CheckResponse(res); err != nil { 5204 return nil, err 5205 } 5206 ret := &Operation{ 5207 ServerResponse: googleapi.ServerResponse{ 5208 Header: res.Header, 5209 HTTPStatusCode: res.StatusCode, 5210 }, 5211 } 5212 target := &ret 5213 if err := gensupport.DecodeResponse(target, res); err != nil { 5214 return nil, err 5215 } 5216 return ret, nil 5217 // { 5218 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 5219 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/operations/{operationsId}", 5220 // "httpMethod": "GET", 5221 // "id": "iam.projects.locations.workloadIdentityPools.operations.get", 5222 // "parameterOrder": [ 5223 // "name" 5224 // ], 5225 // "parameters": { 5226 // "name": { 5227 // "description": "The name of the operation resource.", 5228 // "location": "path", 5229 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/operations/[^/]+$", 5230 // "required": true, 5231 // "type": "string" 5232 // } 5233 // }, 5234 // "path": "v1/{+name}", 5235 // "response": { 5236 // "$ref": "Operation" 5237 // }, 5238 // "scopes": [ 5239 // "https://www.googleapis.com/auth/cloud-platform" 5240 // ] 5241 // } 5242 5243} 5244 5245// method id "iam.projects.locations.workloadIdentityPools.providers.create": 5246 5247type ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall struct { 5248 s *Service 5249 parent string 5250 workloadidentitypoolprovider *WorkloadIdentityPoolProvider 5251 urlParams_ gensupport.URLParams 5252 ctx_ context.Context 5253 header_ http.Header 5254} 5255 5256// Create: Creates a new WorkloadIdentityPoolProvider in a 5257// WorkloadIdentityPool. You cannot reuse the name of a deleted provider 5258// until 30 days after deletion. 5259// 5260// - parent: The pool to create this provider in. 5261func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Create(parent string, workloadidentitypoolprovider *WorkloadIdentityPoolProvider) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall { 5262 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5263 c.parent = parent 5264 c.workloadidentitypoolprovider = workloadidentitypoolprovider 5265 return c 5266} 5267 5268// WorkloadIdentityPoolProviderId sets the optional parameter 5269// "workloadIdentityPoolProviderId": Required. The ID for the provider, 5270// which becomes the final component of the resource name. This value 5271// must be 4-32 characters, and may contain the characters [a-z0-9-]. 5272// The prefix `gcp-` is reserved for use by Google, and may not be 5273// specified. 5274func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) WorkloadIdentityPoolProviderId(workloadIdentityPoolProviderId string) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall { 5275 c.urlParams_.Set("workloadIdentityPoolProviderId", workloadIdentityPoolProviderId) 5276 return c 5277} 5278 5279// Fields allows partial responses to be retrieved. See 5280// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5281// for more information. 5282func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall { 5283 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5284 return c 5285} 5286 5287// Context sets the context to be used in this call's Do method. Any 5288// pending HTTP request will be aborted if the provided context is 5289// canceled. 5290func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall { 5291 c.ctx_ = ctx 5292 return c 5293} 5294 5295// Header returns an http.Header that can be modified by the caller to 5296// add HTTP headers to the request. 5297func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Header() http.Header { 5298 if c.header_ == nil { 5299 c.header_ = make(http.Header) 5300 } 5301 return c.header_ 5302} 5303 5304func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) doRequest(alt string) (*http.Response, error) { 5305 reqHeaders := make(http.Header) 5306 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 5307 for k, v := range c.header_ { 5308 reqHeaders[k] = v 5309 } 5310 reqHeaders.Set("User-Agent", c.s.userAgent()) 5311 var body io.Reader = nil 5312 body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypoolprovider) 5313 if err != nil { 5314 return nil, err 5315 } 5316 reqHeaders.Set("Content-Type", "application/json") 5317 c.urlParams_.Set("alt", alt) 5318 c.urlParams_.Set("prettyPrint", "false") 5319 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/providers") 5320 urls += "?" + c.urlParams_.Encode() 5321 req, err := http.NewRequest("POST", urls, body) 5322 if err != nil { 5323 return nil, err 5324 } 5325 req.Header = reqHeaders 5326 googleapi.Expand(req.URL, map[string]string{ 5327 "parent": c.parent, 5328 }) 5329 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5330} 5331 5332// Do executes the "iam.projects.locations.workloadIdentityPools.providers.create" call. 5333// Exactly one of *Operation or error will be non-nil. Any non-2xx 5334// status code is an error. Response headers are in either 5335// *Operation.ServerResponse.Header or (if a response was returned at 5336// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5337// to check whether the returned error was because 5338// http.StatusNotModified was returned. 5339func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 5340 gensupport.SetOptions(c.urlParams_, opts...) 5341 res, err := c.doRequest("json") 5342 if res != nil && res.StatusCode == http.StatusNotModified { 5343 if res.Body != nil { 5344 res.Body.Close() 5345 } 5346 return nil, &googleapi.Error{ 5347 Code: res.StatusCode, 5348 Header: res.Header, 5349 } 5350 } 5351 if err != nil { 5352 return nil, err 5353 } 5354 defer googleapi.CloseBody(res) 5355 if err := googleapi.CheckResponse(res); err != nil { 5356 return nil, err 5357 } 5358 ret := &Operation{ 5359 ServerResponse: googleapi.ServerResponse{ 5360 Header: res.Header, 5361 HTTPStatusCode: res.StatusCode, 5362 }, 5363 } 5364 target := &ret 5365 if err := gensupport.DecodeResponse(target, res); err != nil { 5366 return nil, err 5367 } 5368 return ret, nil 5369 // { 5370 // "description": "Creates a new WorkloadIdentityPoolProvider in a WorkloadIdentityPool. You cannot reuse the name of a deleted provider until 30 days after deletion.", 5371 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers", 5372 // "httpMethod": "POST", 5373 // "id": "iam.projects.locations.workloadIdentityPools.providers.create", 5374 // "parameterOrder": [ 5375 // "parent" 5376 // ], 5377 // "parameters": { 5378 // "parent": { 5379 // "description": "Required. The pool to create this provider in.", 5380 // "location": "path", 5381 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 5382 // "required": true, 5383 // "type": "string" 5384 // }, 5385 // "workloadIdentityPoolProviderId": { 5386 // "description": "Required. The ID for the provider, which becomes the final component of the resource name. This value must be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix `gcp-` is reserved for use by Google, and may not be specified.", 5387 // "location": "query", 5388 // "type": "string" 5389 // } 5390 // }, 5391 // "path": "v1/{+parent}/providers", 5392 // "request": { 5393 // "$ref": "WorkloadIdentityPoolProvider" 5394 // }, 5395 // "response": { 5396 // "$ref": "Operation" 5397 // }, 5398 // "scopes": [ 5399 // "https://www.googleapis.com/auth/cloud-platform" 5400 // ] 5401 // } 5402 5403} 5404 5405// method id "iam.projects.locations.workloadIdentityPools.providers.delete": 5406 5407type ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall struct { 5408 s *Service 5409 name string 5410 urlParams_ gensupport.URLParams 5411 ctx_ context.Context 5412 header_ http.Header 5413} 5414 5415// Delete: Deletes a WorkloadIdentityPoolProvider. Deleting a provider 5416// does not revoke credentials that have already been issued; they 5417// continue to grant access. You can undelete a provider for 30 days. 5418// After 30 days, deletion is permanent. You cannot update deleted 5419// providers. However, you can view and list them. 5420// 5421// - name: The name of the provider to delete. 5422func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Delete(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall { 5423 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5424 c.name = name 5425 return c 5426} 5427 5428// Fields allows partial responses to be retrieved. See 5429// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5430// for more information. 5431func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall { 5432 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5433 return c 5434} 5435 5436// Context sets the context to be used in this call's Do method. Any 5437// pending HTTP request will be aborted if the provided context is 5438// canceled. 5439func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall { 5440 c.ctx_ = ctx 5441 return c 5442} 5443 5444// Header returns an http.Header that can be modified by the caller to 5445// add HTTP headers to the request. 5446func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Header() http.Header { 5447 if c.header_ == nil { 5448 c.header_ = make(http.Header) 5449 } 5450 return c.header_ 5451} 5452 5453func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) doRequest(alt string) (*http.Response, error) { 5454 reqHeaders := make(http.Header) 5455 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 5456 for k, v := range c.header_ { 5457 reqHeaders[k] = v 5458 } 5459 reqHeaders.Set("User-Agent", c.s.userAgent()) 5460 var body io.Reader = nil 5461 c.urlParams_.Set("alt", alt) 5462 c.urlParams_.Set("prettyPrint", "false") 5463 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5464 urls += "?" + c.urlParams_.Encode() 5465 req, err := http.NewRequest("DELETE", urls, body) 5466 if err != nil { 5467 return nil, err 5468 } 5469 req.Header = reqHeaders 5470 googleapi.Expand(req.URL, map[string]string{ 5471 "name": c.name, 5472 }) 5473 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5474} 5475 5476// Do executes the "iam.projects.locations.workloadIdentityPools.providers.delete" call. 5477// Exactly one of *Operation or error will be non-nil. Any non-2xx 5478// status code is an error. Response headers are in either 5479// *Operation.ServerResponse.Header or (if a response was returned at 5480// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5481// to check whether the returned error was because 5482// http.StatusNotModified was returned. 5483func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 5484 gensupport.SetOptions(c.urlParams_, opts...) 5485 res, err := c.doRequest("json") 5486 if res != nil && res.StatusCode == http.StatusNotModified { 5487 if res.Body != nil { 5488 res.Body.Close() 5489 } 5490 return nil, &googleapi.Error{ 5491 Code: res.StatusCode, 5492 Header: res.Header, 5493 } 5494 } 5495 if err != nil { 5496 return nil, err 5497 } 5498 defer googleapi.CloseBody(res) 5499 if err := googleapi.CheckResponse(res); err != nil { 5500 return nil, err 5501 } 5502 ret := &Operation{ 5503 ServerResponse: googleapi.ServerResponse{ 5504 Header: res.Header, 5505 HTTPStatusCode: res.StatusCode, 5506 }, 5507 } 5508 target := &ret 5509 if err := gensupport.DecodeResponse(target, res); err != nil { 5510 return nil, err 5511 } 5512 return ret, nil 5513 // { 5514 // "description": "Deletes a WorkloadIdentityPoolProvider. Deleting a provider does not revoke credentials that have already been issued; they continue to grant access. You can undelete a provider for 30 days. After 30 days, deletion is permanent. You cannot update deleted providers. However, you can view and list them.", 5515 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}", 5516 // "httpMethod": "DELETE", 5517 // "id": "iam.projects.locations.workloadIdentityPools.providers.delete", 5518 // "parameterOrder": [ 5519 // "name" 5520 // ], 5521 // "parameters": { 5522 // "name": { 5523 // "description": "Required. The name of the provider to delete.", 5524 // "location": "path", 5525 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+$", 5526 // "required": true, 5527 // "type": "string" 5528 // } 5529 // }, 5530 // "path": "v1/{+name}", 5531 // "response": { 5532 // "$ref": "Operation" 5533 // }, 5534 // "scopes": [ 5535 // "https://www.googleapis.com/auth/cloud-platform" 5536 // ] 5537 // } 5538 5539} 5540 5541// method id "iam.projects.locations.workloadIdentityPools.providers.get": 5542 5543type ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall struct { 5544 s *Service 5545 name string 5546 urlParams_ gensupport.URLParams 5547 ifNoneMatch_ string 5548 ctx_ context.Context 5549 header_ http.Header 5550} 5551 5552// Get: Gets an individual WorkloadIdentityPoolProvider. 5553// 5554// - name: The name of the provider to retrieve. 5555func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall { 5556 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5557 c.name = name 5558 return c 5559} 5560 5561// Fields allows partial responses to be retrieved. See 5562// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5563// for more information. 5564func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall { 5565 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5566 return c 5567} 5568 5569// IfNoneMatch sets the optional parameter which makes the operation 5570// fail if the object's ETag matches the given value. This is useful for 5571// getting updates only after the object has changed since the last 5572// request. Use googleapi.IsNotModified to check whether the response 5573// error from Do is the result of In-None-Match. 5574func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall { 5575 c.ifNoneMatch_ = entityTag 5576 return c 5577} 5578 5579// Context sets the context to be used in this call's Do method. Any 5580// pending HTTP request will be aborted if the provided context is 5581// canceled. 5582func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall { 5583 c.ctx_ = ctx 5584 return c 5585} 5586 5587// Header returns an http.Header that can be modified by the caller to 5588// add HTTP headers to the request. 5589func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Header() http.Header { 5590 if c.header_ == nil { 5591 c.header_ = make(http.Header) 5592 } 5593 return c.header_ 5594} 5595 5596func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) doRequest(alt string) (*http.Response, error) { 5597 reqHeaders := make(http.Header) 5598 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 5599 for k, v := range c.header_ { 5600 reqHeaders[k] = v 5601 } 5602 reqHeaders.Set("User-Agent", c.s.userAgent()) 5603 if c.ifNoneMatch_ != "" { 5604 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5605 } 5606 var body io.Reader = nil 5607 c.urlParams_.Set("alt", alt) 5608 c.urlParams_.Set("prettyPrint", "false") 5609 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5610 urls += "?" + c.urlParams_.Encode() 5611 req, err := http.NewRequest("GET", urls, body) 5612 if err != nil { 5613 return nil, err 5614 } 5615 req.Header = reqHeaders 5616 googleapi.Expand(req.URL, map[string]string{ 5617 "name": c.name, 5618 }) 5619 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5620} 5621 5622// Do executes the "iam.projects.locations.workloadIdentityPools.providers.get" call. 5623// Exactly one of *WorkloadIdentityPoolProvider or error will be 5624// non-nil. Any non-2xx status code is an error. Response headers are in 5625// either *WorkloadIdentityPoolProvider.ServerResponse.Header or (if a 5626// response was returned at all) in error.(*googleapi.Error).Header. Use 5627// googleapi.IsNotModified to check whether the returned error was 5628// because http.StatusNotModified was returned. 5629func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Do(opts ...googleapi.CallOption) (*WorkloadIdentityPoolProvider, error) { 5630 gensupport.SetOptions(c.urlParams_, opts...) 5631 res, err := c.doRequest("json") 5632 if res != nil && res.StatusCode == http.StatusNotModified { 5633 if res.Body != nil { 5634 res.Body.Close() 5635 } 5636 return nil, &googleapi.Error{ 5637 Code: res.StatusCode, 5638 Header: res.Header, 5639 } 5640 } 5641 if err != nil { 5642 return nil, err 5643 } 5644 defer googleapi.CloseBody(res) 5645 if err := googleapi.CheckResponse(res); err != nil { 5646 return nil, err 5647 } 5648 ret := &WorkloadIdentityPoolProvider{ 5649 ServerResponse: googleapi.ServerResponse{ 5650 Header: res.Header, 5651 HTTPStatusCode: res.StatusCode, 5652 }, 5653 } 5654 target := &ret 5655 if err := gensupport.DecodeResponse(target, res); err != nil { 5656 return nil, err 5657 } 5658 return ret, nil 5659 // { 5660 // "description": "Gets an individual WorkloadIdentityPoolProvider.", 5661 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}", 5662 // "httpMethod": "GET", 5663 // "id": "iam.projects.locations.workloadIdentityPools.providers.get", 5664 // "parameterOrder": [ 5665 // "name" 5666 // ], 5667 // "parameters": { 5668 // "name": { 5669 // "description": "Required. The name of the provider to retrieve.", 5670 // "location": "path", 5671 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+$", 5672 // "required": true, 5673 // "type": "string" 5674 // } 5675 // }, 5676 // "path": "v1/{+name}", 5677 // "response": { 5678 // "$ref": "WorkloadIdentityPoolProvider" 5679 // }, 5680 // "scopes": [ 5681 // "https://www.googleapis.com/auth/cloud-platform" 5682 // ] 5683 // } 5684 5685} 5686 5687// method id "iam.projects.locations.workloadIdentityPools.providers.list": 5688 5689type ProjectsLocationsWorkloadIdentityPoolsProvidersListCall struct { 5690 s *Service 5691 parent string 5692 urlParams_ gensupport.URLParams 5693 ifNoneMatch_ string 5694 ctx_ context.Context 5695 header_ http.Header 5696} 5697 5698// List: Lists all non-deleted WorkloadIdentityPoolProviders in a 5699// WorkloadIdentityPool. If `show_deleted` is set to `true`, then 5700// deleted providers are also listed. 5701// 5702// - parent: The pool to list providers for. 5703func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) List(parent string) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 5704 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5705 c.parent = parent 5706 return c 5707} 5708 5709// PageSize sets the optional parameter "pageSize": The maximum number 5710// of providers to return. If unspecified, at most 50 providers are 5711// returned. The maximum value is 100; values above 100 are truncated to 5712// 100. 5713func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) PageSize(pageSize int64) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 5714 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 5715 return c 5716} 5717 5718// PageToken sets the optional parameter "pageToken": A page token, 5719// received from a previous `ListWorkloadIdentityPoolProviders` call. 5720// Provide this to retrieve the subsequent page. 5721func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) PageToken(pageToken string) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 5722 c.urlParams_.Set("pageToken", pageToken) 5723 return c 5724} 5725 5726// ShowDeleted sets the optional parameter "showDeleted": Whether to 5727// return soft-deleted providers. 5728func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) ShowDeleted(showDeleted bool) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 5729 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 5730 return c 5731} 5732 5733// Fields allows partial responses to be retrieved. See 5734// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5735// for more information. 5736func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 5737 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5738 return c 5739} 5740 5741// IfNoneMatch sets the optional parameter which makes the operation 5742// fail if the object's ETag matches the given value. This is useful for 5743// getting updates only after the object has changed since the last 5744// request. Use googleapi.IsNotModified to check whether the response 5745// error from Do is the result of In-None-Match. 5746func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 5747 c.ifNoneMatch_ = entityTag 5748 return c 5749} 5750 5751// Context sets the context to be used in this call's Do method. Any 5752// pending HTTP request will be aborted if the provided context is 5753// canceled. 5754func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 5755 c.ctx_ = ctx 5756 return c 5757} 5758 5759// Header returns an http.Header that can be modified by the caller to 5760// add HTTP headers to the request. 5761func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Header() http.Header { 5762 if c.header_ == nil { 5763 c.header_ = make(http.Header) 5764 } 5765 return c.header_ 5766} 5767 5768func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) doRequest(alt string) (*http.Response, error) { 5769 reqHeaders := make(http.Header) 5770 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 5771 for k, v := range c.header_ { 5772 reqHeaders[k] = v 5773 } 5774 reqHeaders.Set("User-Agent", c.s.userAgent()) 5775 if c.ifNoneMatch_ != "" { 5776 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5777 } 5778 var body io.Reader = nil 5779 c.urlParams_.Set("alt", alt) 5780 c.urlParams_.Set("prettyPrint", "false") 5781 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/providers") 5782 urls += "?" + c.urlParams_.Encode() 5783 req, err := http.NewRequest("GET", urls, body) 5784 if err != nil { 5785 return nil, err 5786 } 5787 req.Header = reqHeaders 5788 googleapi.Expand(req.URL, map[string]string{ 5789 "parent": c.parent, 5790 }) 5791 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5792} 5793 5794// Do executes the "iam.projects.locations.workloadIdentityPools.providers.list" call. 5795// Exactly one of *ListWorkloadIdentityPoolProvidersResponse or error 5796// will be non-nil. Any non-2xx status code is an error. Response 5797// headers are in either 5798// *ListWorkloadIdentityPoolProvidersResponse.ServerResponse.Header or 5799// (if a response was returned at all) in 5800// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 5801// whether the returned error was because http.StatusNotModified was 5802// returned. 5803func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Do(opts ...googleapi.CallOption) (*ListWorkloadIdentityPoolProvidersResponse, error) { 5804 gensupport.SetOptions(c.urlParams_, opts...) 5805 res, err := c.doRequest("json") 5806 if res != nil && res.StatusCode == http.StatusNotModified { 5807 if res.Body != nil { 5808 res.Body.Close() 5809 } 5810 return nil, &googleapi.Error{ 5811 Code: res.StatusCode, 5812 Header: res.Header, 5813 } 5814 } 5815 if err != nil { 5816 return nil, err 5817 } 5818 defer googleapi.CloseBody(res) 5819 if err := googleapi.CheckResponse(res); err != nil { 5820 return nil, err 5821 } 5822 ret := &ListWorkloadIdentityPoolProvidersResponse{ 5823 ServerResponse: googleapi.ServerResponse{ 5824 Header: res.Header, 5825 HTTPStatusCode: res.StatusCode, 5826 }, 5827 } 5828 target := &ret 5829 if err := gensupport.DecodeResponse(target, res); err != nil { 5830 return nil, err 5831 } 5832 return ret, nil 5833 // { 5834 // "description": "Lists all non-deleted WorkloadIdentityPoolProviders in a WorkloadIdentityPool. If `show_deleted` is set to `true`, then deleted providers are also listed.", 5835 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers", 5836 // "httpMethod": "GET", 5837 // "id": "iam.projects.locations.workloadIdentityPools.providers.list", 5838 // "parameterOrder": [ 5839 // "parent" 5840 // ], 5841 // "parameters": { 5842 // "pageSize": { 5843 // "description": "The maximum number of providers to return. If unspecified, at most 50 providers are returned. The maximum value is 100; values above 100 are truncated to 100.", 5844 // "format": "int32", 5845 // "location": "query", 5846 // "type": "integer" 5847 // }, 5848 // "pageToken": { 5849 // "description": "A page token, received from a previous `ListWorkloadIdentityPoolProviders` call. Provide this to retrieve the subsequent page.", 5850 // "location": "query", 5851 // "type": "string" 5852 // }, 5853 // "parent": { 5854 // "description": "Required. The pool to list providers for.", 5855 // "location": "path", 5856 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 5857 // "required": true, 5858 // "type": "string" 5859 // }, 5860 // "showDeleted": { 5861 // "description": "Whether to return soft-deleted providers.", 5862 // "location": "query", 5863 // "type": "boolean" 5864 // } 5865 // }, 5866 // "path": "v1/{+parent}/providers", 5867 // "response": { 5868 // "$ref": "ListWorkloadIdentityPoolProvidersResponse" 5869 // }, 5870 // "scopes": [ 5871 // "https://www.googleapis.com/auth/cloud-platform" 5872 // ] 5873 // } 5874 5875} 5876 5877// Pages invokes f for each page of results. 5878// A non-nil error returned from f will halt the iteration. 5879// The provided context supersedes any context provided to the Context method. 5880func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Pages(ctx context.Context, f func(*ListWorkloadIdentityPoolProvidersResponse) error) error { 5881 c.ctx_ = ctx 5882 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 5883 for { 5884 x, err := c.Do() 5885 if err != nil { 5886 return err 5887 } 5888 if err := f(x); err != nil { 5889 return err 5890 } 5891 if x.NextPageToken == "" { 5892 return nil 5893 } 5894 c.PageToken(x.NextPageToken) 5895 } 5896} 5897 5898// method id "iam.projects.locations.workloadIdentityPools.providers.patch": 5899 5900type ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall struct { 5901 s *Service 5902 name string 5903 workloadidentitypoolprovider *WorkloadIdentityPoolProvider 5904 urlParams_ gensupport.URLParams 5905 ctx_ context.Context 5906 header_ http.Header 5907} 5908 5909// Patch: Updates an existing WorkloadIdentityPoolProvider. 5910// 5911// - name: Output only. The resource name of the provider. 5912func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Patch(name string, workloadidentitypoolprovider *WorkloadIdentityPoolProvider) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall { 5913 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5914 c.name = name 5915 c.workloadidentitypoolprovider = workloadidentitypoolprovider 5916 return c 5917} 5918 5919// UpdateMask sets the optional parameter "updateMask": Required. The 5920// list of fields to update. 5921func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) UpdateMask(updateMask string) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall { 5922 c.urlParams_.Set("updateMask", updateMask) 5923 return c 5924} 5925 5926// Fields allows partial responses to be retrieved. See 5927// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5928// for more information. 5929func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall { 5930 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5931 return c 5932} 5933 5934// Context sets the context to be used in this call's Do method. Any 5935// pending HTTP request will be aborted if the provided context is 5936// canceled. 5937func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall { 5938 c.ctx_ = ctx 5939 return c 5940} 5941 5942// Header returns an http.Header that can be modified by the caller to 5943// add HTTP headers to the request. 5944func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Header() http.Header { 5945 if c.header_ == nil { 5946 c.header_ = make(http.Header) 5947 } 5948 return c.header_ 5949} 5950 5951func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) doRequest(alt string) (*http.Response, error) { 5952 reqHeaders := make(http.Header) 5953 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 5954 for k, v := range c.header_ { 5955 reqHeaders[k] = v 5956 } 5957 reqHeaders.Set("User-Agent", c.s.userAgent()) 5958 var body io.Reader = nil 5959 body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypoolprovider) 5960 if err != nil { 5961 return nil, err 5962 } 5963 reqHeaders.Set("Content-Type", "application/json") 5964 c.urlParams_.Set("alt", alt) 5965 c.urlParams_.Set("prettyPrint", "false") 5966 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5967 urls += "?" + c.urlParams_.Encode() 5968 req, err := http.NewRequest("PATCH", urls, body) 5969 if err != nil { 5970 return nil, err 5971 } 5972 req.Header = reqHeaders 5973 googleapi.Expand(req.URL, map[string]string{ 5974 "name": c.name, 5975 }) 5976 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5977} 5978 5979// Do executes the "iam.projects.locations.workloadIdentityPools.providers.patch" call. 5980// Exactly one of *Operation or error will be non-nil. Any non-2xx 5981// status code is an error. Response headers are in either 5982// *Operation.ServerResponse.Header or (if a response was returned at 5983// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5984// to check whether the returned error was because 5985// http.StatusNotModified was returned. 5986func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 5987 gensupport.SetOptions(c.urlParams_, opts...) 5988 res, err := c.doRequest("json") 5989 if res != nil && res.StatusCode == http.StatusNotModified { 5990 if res.Body != nil { 5991 res.Body.Close() 5992 } 5993 return nil, &googleapi.Error{ 5994 Code: res.StatusCode, 5995 Header: res.Header, 5996 } 5997 } 5998 if err != nil { 5999 return nil, err 6000 } 6001 defer googleapi.CloseBody(res) 6002 if err := googleapi.CheckResponse(res); err != nil { 6003 return nil, err 6004 } 6005 ret := &Operation{ 6006 ServerResponse: googleapi.ServerResponse{ 6007 Header: res.Header, 6008 HTTPStatusCode: res.StatusCode, 6009 }, 6010 } 6011 target := &ret 6012 if err := gensupport.DecodeResponse(target, res); err != nil { 6013 return nil, err 6014 } 6015 return ret, nil 6016 // { 6017 // "description": "Updates an existing WorkloadIdentityPoolProvider.", 6018 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}", 6019 // "httpMethod": "PATCH", 6020 // "id": "iam.projects.locations.workloadIdentityPools.providers.patch", 6021 // "parameterOrder": [ 6022 // "name" 6023 // ], 6024 // "parameters": { 6025 // "name": { 6026 // "description": "Output only. The resource name of the provider.", 6027 // "location": "path", 6028 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+$", 6029 // "required": true, 6030 // "type": "string" 6031 // }, 6032 // "updateMask": { 6033 // "description": "Required. The list of fields to update.", 6034 // "format": "google-fieldmask", 6035 // "location": "query", 6036 // "type": "string" 6037 // } 6038 // }, 6039 // "path": "v1/{+name}", 6040 // "request": { 6041 // "$ref": "WorkloadIdentityPoolProvider" 6042 // }, 6043 // "response": { 6044 // "$ref": "Operation" 6045 // }, 6046 // "scopes": [ 6047 // "https://www.googleapis.com/auth/cloud-platform" 6048 // ] 6049 // } 6050 6051} 6052 6053// method id "iam.projects.locations.workloadIdentityPools.providers.undelete": 6054 6055type ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall struct { 6056 s *Service 6057 name string 6058 undeleteworkloadidentitypoolproviderrequest *UndeleteWorkloadIdentityPoolProviderRequest 6059 urlParams_ gensupport.URLParams 6060 ctx_ context.Context 6061 header_ http.Header 6062} 6063 6064// Undelete: Undeletes a WorkloadIdentityPoolProvider, as long as it was 6065// deleted fewer than 30 days ago. 6066// 6067// - name: The name of the provider to undelete. 6068func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Undelete(name string, undeleteworkloadidentitypoolproviderrequest *UndeleteWorkloadIdentityPoolProviderRequest) *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall { 6069 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6070 c.name = name 6071 c.undeleteworkloadidentitypoolproviderrequest = undeleteworkloadidentitypoolproviderrequest 6072 return c 6073} 6074 6075// Fields allows partial responses to be retrieved. See 6076// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6077// for more information. 6078func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall { 6079 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6080 return c 6081} 6082 6083// Context sets the context to be used in this call's Do method. Any 6084// pending HTTP request will be aborted if the provided context is 6085// canceled. 6086func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall { 6087 c.ctx_ = ctx 6088 return c 6089} 6090 6091// Header returns an http.Header that can be modified by the caller to 6092// add HTTP headers to the request. 6093func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Header() http.Header { 6094 if c.header_ == nil { 6095 c.header_ = make(http.Header) 6096 } 6097 return c.header_ 6098} 6099 6100func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) doRequest(alt string) (*http.Response, error) { 6101 reqHeaders := make(http.Header) 6102 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 6103 for k, v := range c.header_ { 6104 reqHeaders[k] = v 6105 } 6106 reqHeaders.Set("User-Agent", c.s.userAgent()) 6107 var body io.Reader = nil 6108 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteworkloadidentitypoolproviderrequest) 6109 if err != nil { 6110 return nil, err 6111 } 6112 reqHeaders.Set("Content-Type", "application/json") 6113 c.urlParams_.Set("alt", alt) 6114 c.urlParams_.Set("prettyPrint", "false") 6115 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 6116 urls += "?" + c.urlParams_.Encode() 6117 req, err := http.NewRequest("POST", urls, body) 6118 if err != nil { 6119 return nil, err 6120 } 6121 req.Header = reqHeaders 6122 googleapi.Expand(req.URL, map[string]string{ 6123 "name": c.name, 6124 }) 6125 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6126} 6127 6128// Do executes the "iam.projects.locations.workloadIdentityPools.providers.undelete" call. 6129// Exactly one of *Operation or error will be non-nil. Any non-2xx 6130// status code is an error. Response headers are in either 6131// *Operation.ServerResponse.Header or (if a response was returned at 6132// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 6133// to check whether the returned error was because 6134// http.StatusNotModified was returned. 6135func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 6136 gensupport.SetOptions(c.urlParams_, opts...) 6137 res, err := c.doRequest("json") 6138 if res != nil && res.StatusCode == http.StatusNotModified { 6139 if res.Body != nil { 6140 res.Body.Close() 6141 } 6142 return nil, &googleapi.Error{ 6143 Code: res.StatusCode, 6144 Header: res.Header, 6145 } 6146 } 6147 if err != nil { 6148 return nil, err 6149 } 6150 defer googleapi.CloseBody(res) 6151 if err := googleapi.CheckResponse(res); err != nil { 6152 return nil, err 6153 } 6154 ret := &Operation{ 6155 ServerResponse: googleapi.ServerResponse{ 6156 Header: res.Header, 6157 HTTPStatusCode: res.StatusCode, 6158 }, 6159 } 6160 target := &ret 6161 if err := gensupport.DecodeResponse(target, res); err != nil { 6162 return nil, err 6163 } 6164 return ret, nil 6165 // { 6166 // "description": "Undeletes a WorkloadIdentityPoolProvider, as long as it was deleted fewer than 30 days ago.", 6167 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}:undelete", 6168 // "httpMethod": "POST", 6169 // "id": "iam.projects.locations.workloadIdentityPools.providers.undelete", 6170 // "parameterOrder": [ 6171 // "name" 6172 // ], 6173 // "parameters": { 6174 // "name": { 6175 // "description": "Required. The name of the provider to undelete.", 6176 // "location": "path", 6177 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+$", 6178 // "required": true, 6179 // "type": "string" 6180 // } 6181 // }, 6182 // "path": "v1/{+name}:undelete", 6183 // "request": { 6184 // "$ref": "UndeleteWorkloadIdentityPoolProviderRequest" 6185 // }, 6186 // "response": { 6187 // "$ref": "Operation" 6188 // }, 6189 // "scopes": [ 6190 // "https://www.googleapis.com/auth/cloud-platform" 6191 // ] 6192 // } 6193 6194} 6195 6196// method id "iam.projects.locations.workloadIdentityPools.providers.operations.get": 6197 6198type ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall struct { 6199 s *Service 6200 name string 6201 urlParams_ gensupport.URLParams 6202 ifNoneMatch_ string 6203 ctx_ context.Context 6204 header_ http.Header 6205} 6206 6207// Get: Gets the latest state of a long-running operation. Clients can 6208// use this method to poll the operation result at intervals as 6209// recommended by the API service. 6210// 6211// - name: The name of the operation resource. 6212func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall { 6213 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6214 c.name = name 6215 return c 6216} 6217 6218// Fields allows partial responses to be retrieved. See 6219// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6220// for more information. 6221func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall { 6222 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6223 return c 6224} 6225 6226// IfNoneMatch sets the optional parameter which makes the operation 6227// fail if the object's ETag matches the given value. This is useful for 6228// getting updates only after the object has changed since the last 6229// request. Use googleapi.IsNotModified to check whether the response 6230// error from Do is the result of In-None-Match. 6231func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall { 6232 c.ifNoneMatch_ = entityTag 6233 return c 6234} 6235 6236// Context sets the context to be used in this call's Do method. Any 6237// pending HTTP request will be aborted if the provided context is 6238// canceled. 6239func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall { 6240 c.ctx_ = ctx 6241 return c 6242} 6243 6244// Header returns an http.Header that can be modified by the caller to 6245// add HTTP headers to the request. 6246func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Header() http.Header { 6247 if c.header_ == nil { 6248 c.header_ = make(http.Header) 6249 } 6250 return c.header_ 6251} 6252 6253func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) doRequest(alt string) (*http.Response, error) { 6254 reqHeaders := make(http.Header) 6255 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 6256 for k, v := range c.header_ { 6257 reqHeaders[k] = v 6258 } 6259 reqHeaders.Set("User-Agent", c.s.userAgent()) 6260 if c.ifNoneMatch_ != "" { 6261 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6262 } 6263 var body io.Reader = nil 6264 c.urlParams_.Set("alt", alt) 6265 c.urlParams_.Set("prettyPrint", "false") 6266 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6267 urls += "?" + c.urlParams_.Encode() 6268 req, err := http.NewRequest("GET", urls, body) 6269 if err != nil { 6270 return nil, err 6271 } 6272 req.Header = reqHeaders 6273 googleapi.Expand(req.URL, map[string]string{ 6274 "name": c.name, 6275 }) 6276 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6277} 6278 6279// Do executes the "iam.projects.locations.workloadIdentityPools.providers.operations.get" call. 6280// Exactly one of *Operation or error will be non-nil. Any non-2xx 6281// status code is an error. Response headers are in either 6282// *Operation.ServerResponse.Header or (if a response was returned at 6283// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 6284// to check whether the returned error was because 6285// http.StatusNotModified was returned. 6286func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 6287 gensupport.SetOptions(c.urlParams_, opts...) 6288 res, err := c.doRequest("json") 6289 if res != nil && res.StatusCode == http.StatusNotModified { 6290 if res.Body != nil { 6291 res.Body.Close() 6292 } 6293 return nil, &googleapi.Error{ 6294 Code: res.StatusCode, 6295 Header: res.Header, 6296 } 6297 } 6298 if err != nil { 6299 return nil, err 6300 } 6301 defer googleapi.CloseBody(res) 6302 if err := googleapi.CheckResponse(res); err != nil { 6303 return nil, err 6304 } 6305 ret := &Operation{ 6306 ServerResponse: googleapi.ServerResponse{ 6307 Header: res.Header, 6308 HTTPStatusCode: res.StatusCode, 6309 }, 6310 } 6311 target := &ret 6312 if err := gensupport.DecodeResponse(target, res); err != nil { 6313 return nil, err 6314 } 6315 return ret, nil 6316 // { 6317 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 6318 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}/operations/{operationsId}", 6319 // "httpMethod": "GET", 6320 // "id": "iam.projects.locations.workloadIdentityPools.providers.operations.get", 6321 // "parameterOrder": [ 6322 // "name" 6323 // ], 6324 // "parameters": { 6325 // "name": { 6326 // "description": "The name of the operation resource.", 6327 // "location": "path", 6328 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+/operations/[^/]+$", 6329 // "required": true, 6330 // "type": "string" 6331 // } 6332 // }, 6333 // "path": "v1/{+name}", 6334 // "response": { 6335 // "$ref": "Operation" 6336 // }, 6337 // "scopes": [ 6338 // "https://www.googleapis.com/auth/cloud-platform" 6339 // ] 6340 // } 6341 6342} 6343 6344// method id "iam.projects.roles.create": 6345 6346type ProjectsRolesCreateCall struct { 6347 s *Service 6348 parent string 6349 createrolerequest *CreateRoleRequest 6350 urlParams_ gensupport.URLParams 6351 ctx_ context.Context 6352 header_ http.Header 6353} 6354 6355// Create: Creates a new custom Role. 6356// 6357// - parent: The `parent` parameter's value depends on the target 6358// resource for the request, namely `projects` 6359// (/iam/reference/rest/v1/projects.roles) or `organizations` 6360// (/iam/reference/rest/v1/organizations.roles). Each resource type's 6361// `parent` value format is described below: * 6362// `projects.roles.create()` 6363// (/iam/reference/rest/v1/projects.roles/create): 6364// `projects/{PROJECT_ID}`. This method creates project-level custom 6365// roles (/iam/docs/understanding-custom-roles). Example request URL: 6366// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 6367// `organizations.roles.create()` 6368// (/iam/reference/rest/v1/organizations.roles/create): 6369// `organizations/{ORGANIZATION_ID}`. This method creates 6370// organization-level custom roles 6371// (/iam/docs/understanding-custom-roles). Example request URL: 6372// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 6373// ` Note: Wildcard (*) values are invalid; you must specify a 6374// complete project ID or organization ID. 6375func (r *ProjectsRolesService) Create(parent string, createrolerequest *CreateRoleRequest) *ProjectsRolesCreateCall { 6376 c := &ProjectsRolesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6377 c.parent = parent 6378 c.createrolerequest = createrolerequest 6379 return c 6380} 6381 6382// Fields allows partial responses to be retrieved. See 6383// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6384// for more information. 6385func (c *ProjectsRolesCreateCall) Fields(s ...googleapi.Field) *ProjectsRolesCreateCall { 6386 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6387 return c 6388} 6389 6390// Context sets the context to be used in this call's Do method. Any 6391// pending HTTP request will be aborted if the provided context is 6392// canceled. 6393func (c *ProjectsRolesCreateCall) Context(ctx context.Context) *ProjectsRolesCreateCall { 6394 c.ctx_ = ctx 6395 return c 6396} 6397 6398// Header returns an http.Header that can be modified by the caller to 6399// add HTTP headers to the request. 6400func (c *ProjectsRolesCreateCall) Header() http.Header { 6401 if c.header_ == nil { 6402 c.header_ = make(http.Header) 6403 } 6404 return c.header_ 6405} 6406 6407func (c *ProjectsRolesCreateCall) doRequest(alt string) (*http.Response, error) { 6408 reqHeaders := make(http.Header) 6409 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 6410 for k, v := range c.header_ { 6411 reqHeaders[k] = v 6412 } 6413 reqHeaders.Set("User-Agent", c.s.userAgent()) 6414 var body io.Reader = nil 6415 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createrolerequest) 6416 if err != nil { 6417 return nil, err 6418 } 6419 reqHeaders.Set("Content-Type", "application/json") 6420 c.urlParams_.Set("alt", alt) 6421 c.urlParams_.Set("prettyPrint", "false") 6422 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 6423 urls += "?" + c.urlParams_.Encode() 6424 req, err := http.NewRequest("POST", urls, body) 6425 if err != nil { 6426 return nil, err 6427 } 6428 req.Header = reqHeaders 6429 googleapi.Expand(req.URL, map[string]string{ 6430 "parent": c.parent, 6431 }) 6432 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6433} 6434 6435// Do executes the "iam.projects.roles.create" call. 6436// Exactly one of *Role or error will be non-nil. Any non-2xx status 6437// code is an error. Response headers are in either 6438// *Role.ServerResponse.Header or (if a response was returned at all) in 6439// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6440// whether the returned error was because http.StatusNotModified was 6441// returned. 6442func (c *ProjectsRolesCreateCall) Do(opts ...googleapi.CallOption) (*Role, error) { 6443 gensupport.SetOptions(c.urlParams_, opts...) 6444 res, err := c.doRequest("json") 6445 if res != nil && res.StatusCode == http.StatusNotModified { 6446 if res.Body != nil { 6447 res.Body.Close() 6448 } 6449 return nil, &googleapi.Error{ 6450 Code: res.StatusCode, 6451 Header: res.Header, 6452 } 6453 } 6454 if err != nil { 6455 return nil, err 6456 } 6457 defer googleapi.CloseBody(res) 6458 if err := googleapi.CheckResponse(res); err != nil { 6459 return nil, err 6460 } 6461 ret := &Role{ 6462 ServerResponse: googleapi.ServerResponse{ 6463 Header: res.Header, 6464 HTTPStatusCode: res.StatusCode, 6465 }, 6466 } 6467 target := &ret 6468 if err := gensupport.DecodeResponse(target, res); err != nil { 6469 return nil, err 6470 } 6471 return ret, nil 6472 // { 6473 // "description": "Creates a new custom Role.", 6474 // "flatPath": "v1/projects/{projectsId}/roles", 6475 // "httpMethod": "POST", 6476 // "id": "iam.projects.roles.create", 6477 // "parameterOrder": [ 6478 // "parent" 6479 // ], 6480 // "parameters": { 6481 // "parent": { 6482 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`projects.roles.create()`](/iam/reference/rest/v1/projects.roles/create): `projects/{PROJECT_ID}`. This method creates project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.create()`](/iam/reference/rest/v1/organizations.roles/create): `organizations/{ORGANIZATION_ID}`. This method creates organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 6483 // "location": "path", 6484 // "pattern": "^projects/[^/]+$", 6485 // "required": true, 6486 // "type": "string" 6487 // } 6488 // }, 6489 // "path": "v1/{+parent}/roles", 6490 // "request": { 6491 // "$ref": "CreateRoleRequest" 6492 // }, 6493 // "response": { 6494 // "$ref": "Role" 6495 // }, 6496 // "scopes": [ 6497 // "https://www.googleapis.com/auth/cloud-platform" 6498 // ] 6499 // } 6500 6501} 6502 6503// method id "iam.projects.roles.delete": 6504 6505type ProjectsRolesDeleteCall struct { 6506 s *Service 6507 name string 6508 urlParams_ gensupport.URLParams 6509 ctx_ context.Context 6510 header_ http.Header 6511} 6512 6513// Delete: Deletes a custom Role. When you delete a custom role, the 6514// following changes occur immediately: * You cannot bind a member to 6515// the custom role in an IAM Policy. * Existing bindings to the custom 6516// role are not changed, but they have no effect. * By default, the 6517// response from ListRoles does not include the custom role. You have 7 6518// days to undelete the custom role. After 7 days, the following changes 6519// occur: * The custom role is permanently deleted and cannot be 6520// recovered. * If an IAM policy contains a binding to the custom role, 6521// the binding is permanently removed. 6522// 6523// - name: The `name` parameter's value depends on the target resource 6524// for the request, namely `projects` 6525// (/iam/reference/rest/v1/projects.roles) or `organizations` 6526// (/iam/reference/rest/v1/organizations.roles). Each resource type's 6527// `name` value format is described below: * `projects.roles.delete()` 6528// (/iam/reference/rest/v1/projects.roles/delete): 6529// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes 6530// only custom roles (/iam/docs/understanding-custom-roles) that have 6531// been created at the project level. Example request URL: 6532// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 6533// OLE_ID}` * `organizations.roles.delete()` 6534// (/iam/reference/rest/v1/organizations.roles/delete): 6535// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 6536// method deletes only custom roles 6537// (/iam/docs/understanding-custom-roles) that have been created at 6538// the organization level. Example request URL: 6539// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 6540// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 6541// specify a complete project ID or organization ID. 6542func (r *ProjectsRolesService) Delete(name string) *ProjectsRolesDeleteCall { 6543 c := &ProjectsRolesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6544 c.name = name 6545 return c 6546} 6547 6548// Etag sets the optional parameter "etag": Used to perform a consistent 6549// read-modify-write. 6550func (c *ProjectsRolesDeleteCall) Etag(etag string) *ProjectsRolesDeleteCall { 6551 c.urlParams_.Set("etag", etag) 6552 return c 6553} 6554 6555// Fields allows partial responses to be retrieved. See 6556// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6557// for more information. 6558func (c *ProjectsRolesDeleteCall) Fields(s ...googleapi.Field) *ProjectsRolesDeleteCall { 6559 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6560 return c 6561} 6562 6563// Context sets the context to be used in this call's Do method. Any 6564// pending HTTP request will be aborted if the provided context is 6565// canceled. 6566func (c *ProjectsRolesDeleteCall) Context(ctx context.Context) *ProjectsRolesDeleteCall { 6567 c.ctx_ = ctx 6568 return c 6569} 6570 6571// Header returns an http.Header that can be modified by the caller to 6572// add HTTP headers to the request. 6573func (c *ProjectsRolesDeleteCall) Header() http.Header { 6574 if c.header_ == nil { 6575 c.header_ = make(http.Header) 6576 } 6577 return c.header_ 6578} 6579 6580func (c *ProjectsRolesDeleteCall) doRequest(alt string) (*http.Response, error) { 6581 reqHeaders := make(http.Header) 6582 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 6583 for k, v := range c.header_ { 6584 reqHeaders[k] = v 6585 } 6586 reqHeaders.Set("User-Agent", c.s.userAgent()) 6587 var body io.Reader = nil 6588 c.urlParams_.Set("alt", alt) 6589 c.urlParams_.Set("prettyPrint", "false") 6590 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6591 urls += "?" + c.urlParams_.Encode() 6592 req, err := http.NewRequest("DELETE", urls, body) 6593 if err != nil { 6594 return nil, err 6595 } 6596 req.Header = reqHeaders 6597 googleapi.Expand(req.URL, map[string]string{ 6598 "name": c.name, 6599 }) 6600 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6601} 6602 6603// Do executes the "iam.projects.roles.delete" call. 6604// Exactly one of *Role or error will be non-nil. Any non-2xx status 6605// code is an error. Response headers are in either 6606// *Role.ServerResponse.Header or (if a response was returned at all) in 6607// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6608// whether the returned error was because http.StatusNotModified was 6609// returned. 6610func (c *ProjectsRolesDeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 6611 gensupport.SetOptions(c.urlParams_, opts...) 6612 res, err := c.doRequest("json") 6613 if res != nil && res.StatusCode == http.StatusNotModified { 6614 if res.Body != nil { 6615 res.Body.Close() 6616 } 6617 return nil, &googleapi.Error{ 6618 Code: res.StatusCode, 6619 Header: res.Header, 6620 } 6621 } 6622 if err != nil { 6623 return nil, err 6624 } 6625 defer googleapi.CloseBody(res) 6626 if err := googleapi.CheckResponse(res); err != nil { 6627 return nil, err 6628 } 6629 ret := &Role{ 6630 ServerResponse: googleapi.ServerResponse{ 6631 Header: res.Header, 6632 HTTPStatusCode: res.StatusCode, 6633 }, 6634 } 6635 target := &ret 6636 if err := gensupport.DecodeResponse(target, res); err != nil { 6637 return nil, err 6638 } 6639 return ret, nil 6640 // { 6641 // "description": "Deletes a custom Role. When you delete a custom role, the following changes occur immediately: * You cannot bind a member to the custom role in an IAM Policy. * Existing bindings to the custom role are not changed, but they have no effect. * By default, the response from ListRoles does not include the custom role. You have 7 days to undelete the custom role. After 7 days, the following changes occur: * The custom role is permanently deleted and cannot be recovered. * If an IAM policy contains a binding to the custom role, the binding is permanently removed.", 6642 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 6643 // "httpMethod": "DELETE", 6644 // "id": "iam.projects.roles.delete", 6645 // "parameterOrder": [ 6646 // "name" 6647 // ], 6648 // "parameters": { 6649 // "etag": { 6650 // "description": "Used to perform a consistent read-modify-write.", 6651 // "format": "byte", 6652 // "location": "query", 6653 // "type": "string" 6654 // }, 6655 // "name": { 6656 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.delete()`](/iam/reference/rest/v1/projects.roles/delete): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.delete()`](/iam/reference/rest/v1/organizations.roles/delete): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 6657 // "location": "path", 6658 // "pattern": "^projects/[^/]+/roles/[^/]+$", 6659 // "required": true, 6660 // "type": "string" 6661 // } 6662 // }, 6663 // "path": "v1/{+name}", 6664 // "response": { 6665 // "$ref": "Role" 6666 // }, 6667 // "scopes": [ 6668 // "https://www.googleapis.com/auth/cloud-platform" 6669 // ] 6670 // } 6671 6672} 6673 6674// method id "iam.projects.roles.get": 6675 6676type ProjectsRolesGetCall struct { 6677 s *Service 6678 name string 6679 urlParams_ gensupport.URLParams 6680 ifNoneMatch_ string 6681 ctx_ context.Context 6682 header_ http.Header 6683} 6684 6685// Get: Gets the definition of a Role. 6686// 6687// - name: The `name` parameter's value depends on the target resource 6688// for the request, namely `roles` (/iam/reference/rest/v1/roles), 6689// `projects` (/iam/reference/rest/v1/projects.roles), or 6690// `organizations` (/iam/reference/rest/v1/organizations.roles). Each 6691// resource type's `name` value format is described below: * 6692// `roles.get()` (/iam/reference/rest/v1/roles/get): 6693// `roles/{ROLE_NAME}`. This method returns results from all 6694// predefined roles (/iam/docs/understanding-roles#predefined_roles) 6695// in Cloud IAM. Example request URL: 6696// `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * 6697// `projects.roles.get()` (/iam/reference/rest/v1/projects.roles/get): 6698// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns 6699// only custom roles (/iam/docs/understanding-custom-roles) that have 6700// been created at the project level. Example request URL: 6701// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 6702// OLE_ID}` * `organizations.roles.get()` 6703// (/iam/reference/rest/v1/organizations.roles/get): 6704// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 6705// method returns only custom roles 6706// (/iam/docs/understanding-custom-roles) that have been created at 6707// the organization level. Example request URL: 6708// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 6709// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 6710// specify a complete project ID or organization ID. 6711func (r *ProjectsRolesService) Get(name string) *ProjectsRolesGetCall { 6712 c := &ProjectsRolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6713 c.name = name 6714 return c 6715} 6716 6717// Fields allows partial responses to be retrieved. See 6718// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6719// for more information. 6720func (c *ProjectsRolesGetCall) Fields(s ...googleapi.Field) *ProjectsRolesGetCall { 6721 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6722 return c 6723} 6724 6725// IfNoneMatch sets the optional parameter which makes the operation 6726// fail if the object's ETag matches the given value. This is useful for 6727// getting updates only after the object has changed since the last 6728// request. Use googleapi.IsNotModified to check whether the response 6729// error from Do is the result of In-None-Match. 6730func (c *ProjectsRolesGetCall) IfNoneMatch(entityTag string) *ProjectsRolesGetCall { 6731 c.ifNoneMatch_ = entityTag 6732 return c 6733} 6734 6735// Context sets the context to be used in this call's Do method. Any 6736// pending HTTP request will be aborted if the provided context is 6737// canceled. 6738func (c *ProjectsRolesGetCall) Context(ctx context.Context) *ProjectsRolesGetCall { 6739 c.ctx_ = ctx 6740 return c 6741} 6742 6743// Header returns an http.Header that can be modified by the caller to 6744// add HTTP headers to the request. 6745func (c *ProjectsRolesGetCall) Header() http.Header { 6746 if c.header_ == nil { 6747 c.header_ = make(http.Header) 6748 } 6749 return c.header_ 6750} 6751 6752func (c *ProjectsRolesGetCall) doRequest(alt string) (*http.Response, error) { 6753 reqHeaders := make(http.Header) 6754 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 6755 for k, v := range c.header_ { 6756 reqHeaders[k] = v 6757 } 6758 reqHeaders.Set("User-Agent", c.s.userAgent()) 6759 if c.ifNoneMatch_ != "" { 6760 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6761 } 6762 var body io.Reader = nil 6763 c.urlParams_.Set("alt", alt) 6764 c.urlParams_.Set("prettyPrint", "false") 6765 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6766 urls += "?" + c.urlParams_.Encode() 6767 req, err := http.NewRequest("GET", urls, body) 6768 if err != nil { 6769 return nil, err 6770 } 6771 req.Header = reqHeaders 6772 googleapi.Expand(req.URL, map[string]string{ 6773 "name": c.name, 6774 }) 6775 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6776} 6777 6778// Do executes the "iam.projects.roles.get" call. 6779// Exactly one of *Role or error will be non-nil. Any non-2xx status 6780// code is an error. Response headers are in either 6781// *Role.ServerResponse.Header or (if a response was returned at all) in 6782// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6783// whether the returned error was because http.StatusNotModified was 6784// returned. 6785func (c *ProjectsRolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 6786 gensupport.SetOptions(c.urlParams_, opts...) 6787 res, err := c.doRequest("json") 6788 if res != nil && res.StatusCode == http.StatusNotModified { 6789 if res.Body != nil { 6790 res.Body.Close() 6791 } 6792 return nil, &googleapi.Error{ 6793 Code: res.StatusCode, 6794 Header: res.Header, 6795 } 6796 } 6797 if err != nil { 6798 return nil, err 6799 } 6800 defer googleapi.CloseBody(res) 6801 if err := googleapi.CheckResponse(res); err != nil { 6802 return nil, err 6803 } 6804 ret := &Role{ 6805 ServerResponse: googleapi.ServerResponse{ 6806 Header: res.Header, 6807 HTTPStatusCode: res.StatusCode, 6808 }, 6809 } 6810 target := &ret 6811 if err := gensupport.DecodeResponse(target, res); err != nil { 6812 return nil, err 6813 } 6814 return ret, nil 6815 // { 6816 // "description": "Gets the definition of a Role.", 6817 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 6818 // "httpMethod": "GET", 6819 // "id": "iam.projects.roles.get", 6820 // "parameterOrder": [ 6821 // "name" 6822 // ], 6823 // "parameters": { 6824 // "name": { 6825 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`. This method returns results from all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 6826 // "location": "path", 6827 // "pattern": "^projects/[^/]+/roles/[^/]+$", 6828 // "required": true, 6829 // "type": "string" 6830 // } 6831 // }, 6832 // "path": "v1/{+name}", 6833 // "response": { 6834 // "$ref": "Role" 6835 // }, 6836 // "scopes": [ 6837 // "https://www.googleapis.com/auth/cloud-platform" 6838 // ] 6839 // } 6840 6841} 6842 6843// method id "iam.projects.roles.list": 6844 6845type ProjectsRolesListCall struct { 6846 s *Service 6847 parent string 6848 urlParams_ gensupport.URLParams 6849 ifNoneMatch_ string 6850 ctx_ context.Context 6851 header_ http.Header 6852} 6853 6854// List: Lists every predefined Role that IAM supports, or every custom 6855// role that is defined for an organization or project. 6856// 6857// - parent: The `parent` parameter's value depends on the target 6858// resource for the request, namely `roles` 6859// (/iam/reference/rest/v1/roles), `projects` 6860// (/iam/reference/rest/v1/projects.roles), or `organizations` 6861// (/iam/reference/rest/v1/organizations.roles). Each resource type's 6862// `parent` value format is described below: * `roles.list()` 6863// (/iam/reference/rest/v1/roles/list): An empty string. This method 6864// doesn't require a resource; it simply returns all predefined roles 6865// (/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. 6866// Example request URL: `https://iam.googleapis.com/v1/roles` * 6867// `projects.roles.list()` 6868// (/iam/reference/rest/v1/projects.roles/list): 6869// `projects/{PROJECT_ID}`. This method lists all project-level custom 6870// roles (/iam/docs/understanding-custom-roles). Example request URL: 6871// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 6872// `organizations.roles.list()` 6873// (/iam/reference/rest/v1/organizations.roles/list): 6874// `organizations/{ORGANIZATION_ID}`. This method lists all 6875// organization-level custom roles 6876// (/iam/docs/understanding-custom-roles). Example request URL: 6877// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 6878// ` Note: Wildcard (*) values are invalid; you must specify a 6879// complete project ID or organization ID. 6880func (r *ProjectsRolesService) List(parent string) *ProjectsRolesListCall { 6881 c := &ProjectsRolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6882 c.parent = parent 6883 return c 6884} 6885 6886// PageSize sets the optional parameter "pageSize": Optional limit on 6887// the number of roles to include in the response. The default is 300, 6888// and the maximum is 1,000. 6889func (c *ProjectsRolesListCall) PageSize(pageSize int64) *ProjectsRolesListCall { 6890 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 6891 return c 6892} 6893 6894// PageToken sets the optional parameter "pageToken": Optional 6895// pagination token returned in an earlier ListRolesResponse. 6896func (c *ProjectsRolesListCall) PageToken(pageToken string) *ProjectsRolesListCall { 6897 c.urlParams_.Set("pageToken", pageToken) 6898 return c 6899} 6900 6901// ShowDeleted sets the optional parameter "showDeleted": Include Roles 6902// that have been deleted. 6903func (c *ProjectsRolesListCall) ShowDeleted(showDeleted bool) *ProjectsRolesListCall { 6904 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 6905 return c 6906} 6907 6908// View sets the optional parameter "view": Optional view for the 6909// returned Role objects. When `FULL` is specified, the 6910// `includedPermissions` field is returned, which includes a list of all 6911// permissions in the role. The default value is `BASIC`, which does not 6912// return the `includedPermissions` field. 6913// 6914// Possible values: 6915// "BASIC" - Omits the `included_permissions` field. This is the 6916// default value. 6917// "FULL" - Returns all fields. 6918func (c *ProjectsRolesListCall) View(view string) *ProjectsRolesListCall { 6919 c.urlParams_.Set("view", view) 6920 return c 6921} 6922 6923// Fields allows partial responses to be retrieved. See 6924// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6925// for more information. 6926func (c *ProjectsRolesListCall) Fields(s ...googleapi.Field) *ProjectsRolesListCall { 6927 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6928 return c 6929} 6930 6931// IfNoneMatch sets the optional parameter which makes the operation 6932// fail if the object's ETag matches the given value. This is useful for 6933// getting updates only after the object has changed since the last 6934// request. Use googleapi.IsNotModified to check whether the response 6935// error from Do is the result of In-None-Match. 6936func (c *ProjectsRolesListCall) IfNoneMatch(entityTag string) *ProjectsRolesListCall { 6937 c.ifNoneMatch_ = entityTag 6938 return c 6939} 6940 6941// Context sets the context to be used in this call's Do method. Any 6942// pending HTTP request will be aborted if the provided context is 6943// canceled. 6944func (c *ProjectsRolesListCall) Context(ctx context.Context) *ProjectsRolesListCall { 6945 c.ctx_ = ctx 6946 return c 6947} 6948 6949// Header returns an http.Header that can be modified by the caller to 6950// add HTTP headers to the request. 6951func (c *ProjectsRolesListCall) Header() http.Header { 6952 if c.header_ == nil { 6953 c.header_ = make(http.Header) 6954 } 6955 return c.header_ 6956} 6957 6958func (c *ProjectsRolesListCall) doRequest(alt string) (*http.Response, error) { 6959 reqHeaders := make(http.Header) 6960 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 6961 for k, v := range c.header_ { 6962 reqHeaders[k] = v 6963 } 6964 reqHeaders.Set("User-Agent", c.s.userAgent()) 6965 if c.ifNoneMatch_ != "" { 6966 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6967 } 6968 var body io.Reader = nil 6969 c.urlParams_.Set("alt", alt) 6970 c.urlParams_.Set("prettyPrint", "false") 6971 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 6972 urls += "?" + c.urlParams_.Encode() 6973 req, err := http.NewRequest("GET", urls, body) 6974 if err != nil { 6975 return nil, err 6976 } 6977 req.Header = reqHeaders 6978 googleapi.Expand(req.URL, map[string]string{ 6979 "parent": c.parent, 6980 }) 6981 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6982} 6983 6984// Do executes the "iam.projects.roles.list" call. 6985// Exactly one of *ListRolesResponse or error will be non-nil. Any 6986// non-2xx status code is an error. Response headers are in either 6987// *ListRolesResponse.ServerResponse.Header or (if a response was 6988// returned at all) in error.(*googleapi.Error).Header. Use 6989// googleapi.IsNotModified to check whether the returned error was 6990// because http.StatusNotModified was returned. 6991func (c *ProjectsRolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 6992 gensupport.SetOptions(c.urlParams_, opts...) 6993 res, err := c.doRequest("json") 6994 if res != nil && res.StatusCode == http.StatusNotModified { 6995 if res.Body != nil { 6996 res.Body.Close() 6997 } 6998 return nil, &googleapi.Error{ 6999 Code: res.StatusCode, 7000 Header: res.Header, 7001 } 7002 } 7003 if err != nil { 7004 return nil, err 7005 } 7006 defer googleapi.CloseBody(res) 7007 if err := googleapi.CheckResponse(res); err != nil { 7008 return nil, err 7009 } 7010 ret := &ListRolesResponse{ 7011 ServerResponse: googleapi.ServerResponse{ 7012 Header: res.Header, 7013 HTTPStatusCode: res.StatusCode, 7014 }, 7015 } 7016 target := &ret 7017 if err := gensupport.DecodeResponse(target, res); err != nil { 7018 return nil, err 7019 } 7020 return ret, nil 7021 // { 7022 // "description": "Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.", 7023 // "flatPath": "v1/projects/{projectsId}/roles", 7024 // "httpMethod": "GET", 7025 // "id": "iam.projects.roles.list", 7026 // "parameterOrder": [ 7027 // "parent" 7028 // ], 7029 // "parameters": { 7030 // "pageSize": { 7031 // "description": "Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000.", 7032 // "format": "int32", 7033 // "location": "query", 7034 // "type": "integer" 7035 // }, 7036 // "pageToken": { 7037 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 7038 // "location": "query", 7039 // "type": "string" 7040 // }, 7041 // "parent": { 7042 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string. This method doesn't require a resource; it simply returns all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles` * [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list): `projects/{PROJECT_ID}`. This method lists all project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list): `organizations/{ORGANIZATION_ID}`. This method lists all organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 7043 // "location": "path", 7044 // "pattern": "^projects/[^/]+$", 7045 // "required": true, 7046 // "type": "string" 7047 // }, 7048 // "showDeleted": { 7049 // "description": "Include Roles that have been deleted.", 7050 // "location": "query", 7051 // "type": "boolean" 7052 // }, 7053 // "view": { 7054 // "description": "Optional view for the returned Role objects. When `FULL` is specified, the `includedPermissions` field is returned, which includes a list of all permissions in the role. The default value is `BASIC`, which does not return the `includedPermissions` field.", 7055 // "enum": [ 7056 // "BASIC", 7057 // "FULL" 7058 // ], 7059 // "enumDescriptions": [ 7060 // "Omits the `included_permissions` field. This is the default value.", 7061 // "Returns all fields." 7062 // ], 7063 // "location": "query", 7064 // "type": "string" 7065 // } 7066 // }, 7067 // "path": "v1/{+parent}/roles", 7068 // "response": { 7069 // "$ref": "ListRolesResponse" 7070 // }, 7071 // "scopes": [ 7072 // "https://www.googleapis.com/auth/cloud-platform" 7073 // ] 7074 // } 7075 7076} 7077 7078// Pages invokes f for each page of results. 7079// A non-nil error returned from f will halt the iteration. 7080// The provided context supersedes any context provided to the Context method. 7081func (c *ProjectsRolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 7082 c.ctx_ = ctx 7083 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 7084 for { 7085 x, err := c.Do() 7086 if err != nil { 7087 return err 7088 } 7089 if err := f(x); err != nil { 7090 return err 7091 } 7092 if x.NextPageToken == "" { 7093 return nil 7094 } 7095 c.PageToken(x.NextPageToken) 7096 } 7097} 7098 7099// method id "iam.projects.roles.patch": 7100 7101type ProjectsRolesPatchCall struct { 7102 s *Service 7103 name string 7104 role *Role 7105 urlParams_ gensupport.URLParams 7106 ctx_ context.Context 7107 header_ http.Header 7108} 7109 7110// Patch: Updates the definition of a custom Role. 7111// 7112// - name: The `name` parameter's value depends on the target resource 7113// for the request, namely `projects` 7114// (/iam/reference/rest/v1/projects.roles) or `organizations` 7115// (/iam/reference/rest/v1/organizations.roles). Each resource type's 7116// `name` value format is described below: * `projects.roles.patch()` 7117// (/iam/reference/rest/v1/projects.roles/patch): 7118// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates 7119// only custom roles (/iam/docs/understanding-custom-roles) that have 7120// been created at the project level. Example request URL: 7121// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 7122// OLE_ID}` * `organizations.roles.patch()` 7123// (/iam/reference/rest/v1/organizations.roles/patch): 7124// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 7125// method updates only custom roles 7126// (/iam/docs/understanding-custom-roles) that have been created at 7127// the organization level. Example request URL: 7128// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 7129// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 7130// specify a complete project ID or organization ID. 7131func (r *ProjectsRolesService) Patch(name string, role *Role) *ProjectsRolesPatchCall { 7132 c := &ProjectsRolesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7133 c.name = name 7134 c.role = role 7135 return c 7136} 7137 7138// UpdateMask sets the optional parameter "updateMask": A mask 7139// describing which fields in the Role have changed. 7140func (c *ProjectsRolesPatchCall) UpdateMask(updateMask string) *ProjectsRolesPatchCall { 7141 c.urlParams_.Set("updateMask", updateMask) 7142 return c 7143} 7144 7145// Fields allows partial responses to be retrieved. See 7146// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7147// for more information. 7148func (c *ProjectsRolesPatchCall) Fields(s ...googleapi.Field) *ProjectsRolesPatchCall { 7149 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7150 return c 7151} 7152 7153// Context sets the context to be used in this call's Do method. Any 7154// pending HTTP request will be aborted if the provided context is 7155// canceled. 7156func (c *ProjectsRolesPatchCall) Context(ctx context.Context) *ProjectsRolesPatchCall { 7157 c.ctx_ = ctx 7158 return c 7159} 7160 7161// Header returns an http.Header that can be modified by the caller to 7162// add HTTP headers to the request. 7163func (c *ProjectsRolesPatchCall) Header() http.Header { 7164 if c.header_ == nil { 7165 c.header_ = make(http.Header) 7166 } 7167 return c.header_ 7168} 7169 7170func (c *ProjectsRolesPatchCall) doRequest(alt string) (*http.Response, error) { 7171 reqHeaders := make(http.Header) 7172 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 7173 for k, v := range c.header_ { 7174 reqHeaders[k] = v 7175 } 7176 reqHeaders.Set("User-Agent", c.s.userAgent()) 7177 var body io.Reader = nil 7178 body, err := googleapi.WithoutDataWrapper.JSONReader(c.role) 7179 if err != nil { 7180 return nil, err 7181 } 7182 reqHeaders.Set("Content-Type", "application/json") 7183 c.urlParams_.Set("alt", alt) 7184 c.urlParams_.Set("prettyPrint", "false") 7185 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 7186 urls += "?" + c.urlParams_.Encode() 7187 req, err := http.NewRequest("PATCH", urls, body) 7188 if err != nil { 7189 return nil, err 7190 } 7191 req.Header = reqHeaders 7192 googleapi.Expand(req.URL, map[string]string{ 7193 "name": c.name, 7194 }) 7195 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7196} 7197 7198// Do executes the "iam.projects.roles.patch" call. 7199// Exactly one of *Role or error will be non-nil. Any non-2xx status 7200// code is an error. Response headers are in either 7201// *Role.ServerResponse.Header or (if a response was returned at all) in 7202// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 7203// whether the returned error was because http.StatusNotModified was 7204// returned. 7205func (c *ProjectsRolesPatchCall) Do(opts ...googleapi.CallOption) (*Role, error) { 7206 gensupport.SetOptions(c.urlParams_, opts...) 7207 res, err := c.doRequest("json") 7208 if res != nil && res.StatusCode == http.StatusNotModified { 7209 if res.Body != nil { 7210 res.Body.Close() 7211 } 7212 return nil, &googleapi.Error{ 7213 Code: res.StatusCode, 7214 Header: res.Header, 7215 } 7216 } 7217 if err != nil { 7218 return nil, err 7219 } 7220 defer googleapi.CloseBody(res) 7221 if err := googleapi.CheckResponse(res); err != nil { 7222 return nil, err 7223 } 7224 ret := &Role{ 7225 ServerResponse: googleapi.ServerResponse{ 7226 Header: res.Header, 7227 HTTPStatusCode: res.StatusCode, 7228 }, 7229 } 7230 target := &ret 7231 if err := gensupport.DecodeResponse(target, res); err != nil { 7232 return nil, err 7233 } 7234 return ret, nil 7235 // { 7236 // "description": "Updates the definition of a custom Role.", 7237 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 7238 // "httpMethod": "PATCH", 7239 // "id": "iam.projects.roles.patch", 7240 // "parameterOrder": [ 7241 // "name" 7242 // ], 7243 // "parameters": { 7244 // "name": { 7245 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.patch()`](/iam/reference/rest/v1/projects.roles/patch): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.patch()`](/iam/reference/rest/v1/organizations.roles/patch): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 7246 // "location": "path", 7247 // "pattern": "^projects/[^/]+/roles/[^/]+$", 7248 // "required": true, 7249 // "type": "string" 7250 // }, 7251 // "updateMask": { 7252 // "description": "A mask describing which fields in the Role have changed.", 7253 // "format": "google-fieldmask", 7254 // "location": "query", 7255 // "type": "string" 7256 // } 7257 // }, 7258 // "path": "v1/{+name}", 7259 // "request": { 7260 // "$ref": "Role" 7261 // }, 7262 // "response": { 7263 // "$ref": "Role" 7264 // }, 7265 // "scopes": [ 7266 // "https://www.googleapis.com/auth/cloud-platform" 7267 // ] 7268 // } 7269 7270} 7271 7272// method id "iam.projects.roles.undelete": 7273 7274type ProjectsRolesUndeleteCall struct { 7275 s *Service 7276 name string 7277 undeleterolerequest *UndeleteRoleRequest 7278 urlParams_ gensupport.URLParams 7279 ctx_ context.Context 7280 header_ http.Header 7281} 7282 7283// Undelete: Undeletes a custom Role. 7284// 7285// - name: The `name` parameter's value depends on the target resource 7286// for the request, namely `projects` 7287// (/iam/reference/rest/v1/projects.roles) or `organizations` 7288// (/iam/reference/rest/v1/organizations.roles). Each resource type's 7289// `name` value format is described below: * 7290// `projects.roles.undelete()` 7291// (/iam/reference/rest/v1/projects.roles/undelete): 7292// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method 7293// undeletes only custom roles (/iam/docs/understanding-custom-roles) 7294// that have been created at the project level. Example request URL: 7295// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 7296// OLE_ID}` * `organizations.roles.undelete()` 7297// (/iam/reference/rest/v1/organizations.roles/undelete): 7298// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 7299// method undeletes only custom roles 7300// (/iam/docs/understanding-custom-roles) that have been created at 7301// the organization level. Example request URL: 7302// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 7303// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 7304// specify a complete project ID or organization ID. 7305func (r *ProjectsRolesService) Undelete(name string, undeleterolerequest *UndeleteRoleRequest) *ProjectsRolesUndeleteCall { 7306 c := &ProjectsRolesUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7307 c.name = name 7308 c.undeleterolerequest = undeleterolerequest 7309 return c 7310} 7311 7312// Fields allows partial responses to be retrieved. See 7313// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7314// for more information. 7315func (c *ProjectsRolesUndeleteCall) Fields(s ...googleapi.Field) *ProjectsRolesUndeleteCall { 7316 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7317 return c 7318} 7319 7320// Context sets the context to be used in this call's Do method. Any 7321// pending HTTP request will be aborted if the provided context is 7322// canceled. 7323func (c *ProjectsRolesUndeleteCall) Context(ctx context.Context) *ProjectsRolesUndeleteCall { 7324 c.ctx_ = ctx 7325 return c 7326} 7327 7328// Header returns an http.Header that can be modified by the caller to 7329// add HTTP headers to the request. 7330func (c *ProjectsRolesUndeleteCall) Header() http.Header { 7331 if c.header_ == nil { 7332 c.header_ = make(http.Header) 7333 } 7334 return c.header_ 7335} 7336 7337func (c *ProjectsRolesUndeleteCall) doRequest(alt string) (*http.Response, error) { 7338 reqHeaders := make(http.Header) 7339 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 7340 for k, v := range c.header_ { 7341 reqHeaders[k] = v 7342 } 7343 reqHeaders.Set("User-Agent", c.s.userAgent()) 7344 var body io.Reader = nil 7345 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleterolerequest) 7346 if err != nil { 7347 return nil, err 7348 } 7349 reqHeaders.Set("Content-Type", "application/json") 7350 c.urlParams_.Set("alt", alt) 7351 c.urlParams_.Set("prettyPrint", "false") 7352 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 7353 urls += "?" + c.urlParams_.Encode() 7354 req, err := http.NewRequest("POST", urls, body) 7355 if err != nil { 7356 return nil, err 7357 } 7358 req.Header = reqHeaders 7359 googleapi.Expand(req.URL, map[string]string{ 7360 "name": c.name, 7361 }) 7362 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7363} 7364 7365// Do executes the "iam.projects.roles.undelete" call. 7366// Exactly one of *Role or error will be non-nil. Any non-2xx status 7367// code is an error. Response headers are in either 7368// *Role.ServerResponse.Header or (if a response was returned at all) in 7369// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 7370// whether the returned error was because http.StatusNotModified was 7371// returned. 7372func (c *ProjectsRolesUndeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 7373 gensupport.SetOptions(c.urlParams_, opts...) 7374 res, err := c.doRequest("json") 7375 if res != nil && res.StatusCode == http.StatusNotModified { 7376 if res.Body != nil { 7377 res.Body.Close() 7378 } 7379 return nil, &googleapi.Error{ 7380 Code: res.StatusCode, 7381 Header: res.Header, 7382 } 7383 } 7384 if err != nil { 7385 return nil, err 7386 } 7387 defer googleapi.CloseBody(res) 7388 if err := googleapi.CheckResponse(res); err != nil { 7389 return nil, err 7390 } 7391 ret := &Role{ 7392 ServerResponse: googleapi.ServerResponse{ 7393 Header: res.Header, 7394 HTTPStatusCode: res.StatusCode, 7395 }, 7396 } 7397 target := &ret 7398 if err := gensupport.DecodeResponse(target, res); err != nil { 7399 return nil, err 7400 } 7401 return ret, nil 7402 // { 7403 // "description": "Undeletes a custom Role.", 7404 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}:undelete", 7405 // "httpMethod": "POST", 7406 // "id": "iam.projects.roles.undelete", 7407 // "parameterOrder": [ 7408 // "name" 7409 // ], 7410 // "parameters": { 7411 // "name": { 7412 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.undelete()`](/iam/reference/rest/v1/projects.roles/undelete): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.undelete()`](/iam/reference/rest/v1/organizations.roles/undelete): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 7413 // "location": "path", 7414 // "pattern": "^projects/[^/]+/roles/[^/]+$", 7415 // "required": true, 7416 // "type": "string" 7417 // } 7418 // }, 7419 // "path": "v1/{+name}:undelete", 7420 // "request": { 7421 // "$ref": "UndeleteRoleRequest" 7422 // }, 7423 // "response": { 7424 // "$ref": "Role" 7425 // }, 7426 // "scopes": [ 7427 // "https://www.googleapis.com/auth/cloud-platform" 7428 // ] 7429 // } 7430 7431} 7432 7433// method id "iam.projects.serviceAccounts.create": 7434 7435type ProjectsServiceAccountsCreateCall struct { 7436 s *Service 7437 name string 7438 createserviceaccountrequest *CreateServiceAccountRequest 7439 urlParams_ gensupport.URLParams 7440 ctx_ context.Context 7441 header_ http.Header 7442} 7443 7444// Create: Creates a ServiceAccount. 7445// 7446// - name: The resource name of the project associated with the service 7447// accounts, such as `projects/my-project-123`. 7448func (r *ProjectsServiceAccountsService) Create(name string, createserviceaccountrequest *CreateServiceAccountRequest) *ProjectsServiceAccountsCreateCall { 7449 c := &ProjectsServiceAccountsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7450 c.name = name 7451 c.createserviceaccountrequest = createserviceaccountrequest 7452 return c 7453} 7454 7455// Fields allows partial responses to be retrieved. See 7456// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7457// for more information. 7458func (c *ProjectsServiceAccountsCreateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsCreateCall { 7459 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7460 return c 7461} 7462 7463// Context sets the context to be used in this call's Do method. Any 7464// pending HTTP request will be aborted if the provided context is 7465// canceled. 7466func (c *ProjectsServiceAccountsCreateCall) Context(ctx context.Context) *ProjectsServiceAccountsCreateCall { 7467 c.ctx_ = ctx 7468 return c 7469} 7470 7471// Header returns an http.Header that can be modified by the caller to 7472// add HTTP headers to the request. 7473func (c *ProjectsServiceAccountsCreateCall) Header() http.Header { 7474 if c.header_ == nil { 7475 c.header_ = make(http.Header) 7476 } 7477 return c.header_ 7478} 7479 7480func (c *ProjectsServiceAccountsCreateCall) doRequest(alt string) (*http.Response, error) { 7481 reqHeaders := make(http.Header) 7482 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 7483 for k, v := range c.header_ { 7484 reqHeaders[k] = v 7485 } 7486 reqHeaders.Set("User-Agent", c.s.userAgent()) 7487 var body io.Reader = nil 7488 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createserviceaccountrequest) 7489 if err != nil { 7490 return nil, err 7491 } 7492 reqHeaders.Set("Content-Type", "application/json") 7493 c.urlParams_.Set("alt", alt) 7494 c.urlParams_.Set("prettyPrint", "false") 7495 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/serviceAccounts") 7496 urls += "?" + c.urlParams_.Encode() 7497 req, err := http.NewRequest("POST", urls, body) 7498 if err != nil { 7499 return nil, err 7500 } 7501 req.Header = reqHeaders 7502 googleapi.Expand(req.URL, map[string]string{ 7503 "name": c.name, 7504 }) 7505 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7506} 7507 7508// Do executes the "iam.projects.serviceAccounts.create" call. 7509// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 7510// status code is an error. Response headers are in either 7511// *ServiceAccount.ServerResponse.Header or (if a response was returned 7512// at all) in error.(*googleapi.Error).Header. Use 7513// googleapi.IsNotModified to check whether the returned error was 7514// because http.StatusNotModified was returned. 7515func (c *ProjectsServiceAccountsCreateCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 7516 gensupport.SetOptions(c.urlParams_, opts...) 7517 res, err := c.doRequest("json") 7518 if res != nil && res.StatusCode == http.StatusNotModified { 7519 if res.Body != nil { 7520 res.Body.Close() 7521 } 7522 return nil, &googleapi.Error{ 7523 Code: res.StatusCode, 7524 Header: res.Header, 7525 } 7526 } 7527 if err != nil { 7528 return nil, err 7529 } 7530 defer googleapi.CloseBody(res) 7531 if err := googleapi.CheckResponse(res); err != nil { 7532 return nil, err 7533 } 7534 ret := &ServiceAccount{ 7535 ServerResponse: googleapi.ServerResponse{ 7536 Header: res.Header, 7537 HTTPStatusCode: res.StatusCode, 7538 }, 7539 } 7540 target := &ret 7541 if err := gensupport.DecodeResponse(target, res); err != nil { 7542 return nil, err 7543 } 7544 return ret, nil 7545 // { 7546 // "description": "Creates a ServiceAccount.", 7547 // "flatPath": "v1/projects/{projectsId}/serviceAccounts", 7548 // "httpMethod": "POST", 7549 // "id": "iam.projects.serviceAccounts.create", 7550 // "parameterOrder": [ 7551 // "name" 7552 // ], 7553 // "parameters": { 7554 // "name": { 7555 // "description": "Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.", 7556 // "location": "path", 7557 // "pattern": "^projects/[^/]+$", 7558 // "required": true, 7559 // "type": "string" 7560 // } 7561 // }, 7562 // "path": "v1/{+name}/serviceAccounts", 7563 // "request": { 7564 // "$ref": "CreateServiceAccountRequest" 7565 // }, 7566 // "response": { 7567 // "$ref": "ServiceAccount" 7568 // }, 7569 // "scopes": [ 7570 // "https://www.googleapis.com/auth/cloud-platform" 7571 // ] 7572 // } 7573 7574} 7575 7576// method id "iam.projects.serviceAccounts.delete": 7577 7578type ProjectsServiceAccountsDeleteCall struct { 7579 s *Service 7580 name string 7581 urlParams_ gensupport.URLParams 7582 ctx_ context.Context 7583 header_ http.Header 7584} 7585 7586// Delete: Deletes a ServiceAccount. **Warning:** After you delete a 7587// service account, you might not be able to undelete it. If you know 7588// that you need to re-enable the service account in the future, use 7589// DisableServiceAccount instead. If you delete a service account, IAM 7590// permanently removes the service account 30 days later. Google Cloud 7591// cannot recover the service account after it is permanently removed, 7592// even if you file a support request. To help avoid unplanned outages, 7593// we recommend that you disable the service account before you delete 7594// it. Use DisableServiceAccount to disable the service account, then 7595// wait at least 24 hours and watch for unintended consequences. If 7596// there are no unintended consequences, you can delete the service 7597// account. 7598// 7599// - name: The resource name of the service account in the following 7600// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 7601// `-` as a wildcard for the `PROJECT_ID` will infer the project from 7602// the account. The `ACCOUNT` value can be the `email` address or the 7603// `unique_id` of the service account. 7604func (r *ProjectsServiceAccountsService) Delete(name string) *ProjectsServiceAccountsDeleteCall { 7605 c := &ProjectsServiceAccountsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7606 c.name = name 7607 return c 7608} 7609 7610// Fields allows partial responses to be retrieved. See 7611// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7612// for more information. 7613func (c *ProjectsServiceAccountsDeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsDeleteCall { 7614 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7615 return c 7616} 7617 7618// Context sets the context to be used in this call's Do method. Any 7619// pending HTTP request will be aborted if the provided context is 7620// canceled. 7621func (c *ProjectsServiceAccountsDeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsDeleteCall { 7622 c.ctx_ = ctx 7623 return c 7624} 7625 7626// Header returns an http.Header that can be modified by the caller to 7627// add HTTP headers to the request. 7628func (c *ProjectsServiceAccountsDeleteCall) Header() http.Header { 7629 if c.header_ == nil { 7630 c.header_ = make(http.Header) 7631 } 7632 return c.header_ 7633} 7634 7635func (c *ProjectsServiceAccountsDeleteCall) doRequest(alt string) (*http.Response, error) { 7636 reqHeaders := make(http.Header) 7637 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 7638 for k, v := range c.header_ { 7639 reqHeaders[k] = v 7640 } 7641 reqHeaders.Set("User-Agent", c.s.userAgent()) 7642 var body io.Reader = nil 7643 c.urlParams_.Set("alt", alt) 7644 c.urlParams_.Set("prettyPrint", "false") 7645 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 7646 urls += "?" + c.urlParams_.Encode() 7647 req, err := http.NewRequest("DELETE", urls, body) 7648 if err != nil { 7649 return nil, err 7650 } 7651 req.Header = reqHeaders 7652 googleapi.Expand(req.URL, map[string]string{ 7653 "name": c.name, 7654 }) 7655 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7656} 7657 7658// Do executes the "iam.projects.serviceAccounts.delete" call. 7659// Exactly one of *Empty or error will be non-nil. Any non-2xx status 7660// code is an error. Response headers are in either 7661// *Empty.ServerResponse.Header or (if a response was returned at all) 7662// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 7663// check whether the returned error was because http.StatusNotModified 7664// was returned. 7665func (c *ProjectsServiceAccountsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 7666 gensupport.SetOptions(c.urlParams_, opts...) 7667 res, err := c.doRequest("json") 7668 if res != nil && res.StatusCode == http.StatusNotModified { 7669 if res.Body != nil { 7670 res.Body.Close() 7671 } 7672 return nil, &googleapi.Error{ 7673 Code: res.StatusCode, 7674 Header: res.Header, 7675 } 7676 } 7677 if err != nil { 7678 return nil, err 7679 } 7680 defer googleapi.CloseBody(res) 7681 if err := googleapi.CheckResponse(res); err != nil { 7682 return nil, err 7683 } 7684 ret := &Empty{ 7685 ServerResponse: googleapi.ServerResponse{ 7686 Header: res.Header, 7687 HTTPStatusCode: res.StatusCode, 7688 }, 7689 } 7690 target := &ret 7691 if err := gensupport.DecodeResponse(target, res); err != nil { 7692 return nil, err 7693 } 7694 return ret, nil 7695 // { 7696 // "description": "Deletes a ServiceAccount. **Warning:** After you delete a service account, you might not be able to undelete it. If you know that you need to re-enable the service account in the future, use DisableServiceAccount instead. If you delete a service account, IAM permanently removes the service account 30 days later. Google Cloud cannot recover the service account after it is permanently removed, even if you file a support request. To help avoid unplanned outages, we recommend that you disable the service account before you delete it. Use DisableServiceAccount to disable the service account, then wait at least 24 hours and watch for unintended consequences. If there are no unintended consequences, you can delete the service account.", 7697 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 7698 // "httpMethod": "DELETE", 7699 // "id": "iam.projects.serviceAccounts.delete", 7700 // "parameterOrder": [ 7701 // "name" 7702 // ], 7703 // "parameters": { 7704 // "name": { 7705 // "description": "Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 7706 // "location": "path", 7707 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 7708 // "required": true, 7709 // "type": "string" 7710 // } 7711 // }, 7712 // "path": "v1/{+name}", 7713 // "response": { 7714 // "$ref": "Empty" 7715 // }, 7716 // "scopes": [ 7717 // "https://www.googleapis.com/auth/cloud-platform" 7718 // ] 7719 // } 7720 7721} 7722 7723// method id "iam.projects.serviceAccounts.disable": 7724 7725type ProjectsServiceAccountsDisableCall struct { 7726 s *Service 7727 name string 7728 disableserviceaccountrequest *DisableServiceAccountRequest 7729 urlParams_ gensupport.URLParams 7730 ctx_ context.Context 7731 header_ http.Header 7732} 7733 7734// Disable: Disables a ServiceAccount immediately. If an application 7735// uses the service account to authenticate, that application can no 7736// longer call Google APIs or access Google Cloud resources. Existing 7737// access tokens for the service account are rejected, and requests for 7738// new access tokens will fail. To re-enable the service account, use 7739// EnableServiceAccount. After you re-enable the service account, its 7740// existing access tokens will be accepted, and you can request new 7741// access tokens. To help avoid unplanned outages, we recommend that you 7742// disable the service account before you delete it. Use this method to 7743// disable the service account, then wait at least 24 hours and watch 7744// for unintended consequences. If there are no unintended consequences, 7745// you can delete the service account with DeleteServiceAccount. 7746// 7747// - name: The resource name of the service account in the following 7748// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 7749// `-` as a wildcard for the `PROJECT_ID` will infer the project from 7750// the account. The `ACCOUNT` value can be the `email` address or the 7751// `unique_id` of the service account. 7752func (r *ProjectsServiceAccountsService) Disable(name string, disableserviceaccountrequest *DisableServiceAccountRequest) *ProjectsServiceAccountsDisableCall { 7753 c := &ProjectsServiceAccountsDisableCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7754 c.name = name 7755 c.disableserviceaccountrequest = disableserviceaccountrequest 7756 return c 7757} 7758 7759// Fields allows partial responses to be retrieved. See 7760// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7761// for more information. 7762func (c *ProjectsServiceAccountsDisableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsDisableCall { 7763 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7764 return c 7765} 7766 7767// Context sets the context to be used in this call's Do method. Any 7768// pending HTTP request will be aborted if the provided context is 7769// canceled. 7770func (c *ProjectsServiceAccountsDisableCall) Context(ctx context.Context) *ProjectsServiceAccountsDisableCall { 7771 c.ctx_ = ctx 7772 return c 7773} 7774 7775// Header returns an http.Header that can be modified by the caller to 7776// add HTTP headers to the request. 7777func (c *ProjectsServiceAccountsDisableCall) Header() http.Header { 7778 if c.header_ == nil { 7779 c.header_ = make(http.Header) 7780 } 7781 return c.header_ 7782} 7783 7784func (c *ProjectsServiceAccountsDisableCall) doRequest(alt string) (*http.Response, error) { 7785 reqHeaders := make(http.Header) 7786 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 7787 for k, v := range c.header_ { 7788 reqHeaders[k] = v 7789 } 7790 reqHeaders.Set("User-Agent", c.s.userAgent()) 7791 var body io.Reader = nil 7792 body, err := googleapi.WithoutDataWrapper.JSONReader(c.disableserviceaccountrequest) 7793 if err != nil { 7794 return nil, err 7795 } 7796 reqHeaders.Set("Content-Type", "application/json") 7797 c.urlParams_.Set("alt", alt) 7798 c.urlParams_.Set("prettyPrint", "false") 7799 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:disable") 7800 urls += "?" + c.urlParams_.Encode() 7801 req, err := http.NewRequest("POST", urls, body) 7802 if err != nil { 7803 return nil, err 7804 } 7805 req.Header = reqHeaders 7806 googleapi.Expand(req.URL, map[string]string{ 7807 "name": c.name, 7808 }) 7809 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7810} 7811 7812// Do executes the "iam.projects.serviceAccounts.disable" call. 7813// Exactly one of *Empty or error will be non-nil. Any non-2xx status 7814// code is an error. Response headers are in either 7815// *Empty.ServerResponse.Header or (if a response was returned at all) 7816// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 7817// check whether the returned error was because http.StatusNotModified 7818// was returned. 7819func (c *ProjectsServiceAccountsDisableCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 7820 gensupport.SetOptions(c.urlParams_, opts...) 7821 res, err := c.doRequest("json") 7822 if res != nil && res.StatusCode == http.StatusNotModified { 7823 if res.Body != nil { 7824 res.Body.Close() 7825 } 7826 return nil, &googleapi.Error{ 7827 Code: res.StatusCode, 7828 Header: res.Header, 7829 } 7830 } 7831 if err != nil { 7832 return nil, err 7833 } 7834 defer googleapi.CloseBody(res) 7835 if err := googleapi.CheckResponse(res); err != nil { 7836 return nil, err 7837 } 7838 ret := &Empty{ 7839 ServerResponse: googleapi.ServerResponse{ 7840 Header: res.Header, 7841 HTTPStatusCode: res.StatusCode, 7842 }, 7843 } 7844 target := &ret 7845 if err := gensupport.DecodeResponse(target, res); err != nil { 7846 return nil, err 7847 } 7848 return ret, nil 7849 // { 7850 // "description": "Disables a ServiceAccount immediately. If an application uses the service account to authenticate, that application can no longer call Google APIs or access Google Cloud resources. Existing access tokens for the service account are rejected, and requests for new access tokens will fail. To re-enable the service account, use EnableServiceAccount. After you re-enable the service account, its existing access tokens will be accepted, and you can request new access tokens. To help avoid unplanned outages, we recommend that you disable the service account before you delete it. Use this method to disable the service account, then wait at least 24 hours and watch for unintended consequences. If there are no unintended consequences, you can delete the service account with DeleteServiceAccount.", 7851 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:disable", 7852 // "httpMethod": "POST", 7853 // "id": "iam.projects.serviceAccounts.disable", 7854 // "parameterOrder": [ 7855 // "name" 7856 // ], 7857 // "parameters": { 7858 // "name": { 7859 // "description": "The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 7860 // "location": "path", 7861 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 7862 // "required": true, 7863 // "type": "string" 7864 // } 7865 // }, 7866 // "path": "v1/{+name}:disable", 7867 // "request": { 7868 // "$ref": "DisableServiceAccountRequest" 7869 // }, 7870 // "response": { 7871 // "$ref": "Empty" 7872 // }, 7873 // "scopes": [ 7874 // "https://www.googleapis.com/auth/cloud-platform" 7875 // ] 7876 // } 7877 7878} 7879 7880// method id "iam.projects.serviceAccounts.enable": 7881 7882type ProjectsServiceAccountsEnableCall struct { 7883 s *Service 7884 name string 7885 enableserviceaccountrequest *EnableServiceAccountRequest 7886 urlParams_ gensupport.URLParams 7887 ctx_ context.Context 7888 header_ http.Header 7889} 7890 7891// Enable: Enables a ServiceAccount that was disabled by 7892// DisableServiceAccount. If the service account is already enabled, 7893// then this method has no effect. If the service account was disabled 7894// by other means—for example, if Google disabled the service account 7895// because it was compromised—you cannot use this method to enable the 7896// service account. 7897// 7898// - name: The resource name of the service account in the following 7899// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 7900// `-` as a wildcard for the `PROJECT_ID` will infer the project from 7901// the account. The `ACCOUNT` value can be the `email` address or the 7902// `unique_id` of the service account. 7903func (r *ProjectsServiceAccountsService) Enable(name string, enableserviceaccountrequest *EnableServiceAccountRequest) *ProjectsServiceAccountsEnableCall { 7904 c := &ProjectsServiceAccountsEnableCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7905 c.name = name 7906 c.enableserviceaccountrequest = enableserviceaccountrequest 7907 return c 7908} 7909 7910// Fields allows partial responses to be retrieved. See 7911// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7912// for more information. 7913func (c *ProjectsServiceAccountsEnableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsEnableCall { 7914 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7915 return c 7916} 7917 7918// Context sets the context to be used in this call's Do method. Any 7919// pending HTTP request will be aborted if the provided context is 7920// canceled. 7921func (c *ProjectsServiceAccountsEnableCall) Context(ctx context.Context) *ProjectsServiceAccountsEnableCall { 7922 c.ctx_ = ctx 7923 return c 7924} 7925 7926// Header returns an http.Header that can be modified by the caller to 7927// add HTTP headers to the request. 7928func (c *ProjectsServiceAccountsEnableCall) Header() http.Header { 7929 if c.header_ == nil { 7930 c.header_ = make(http.Header) 7931 } 7932 return c.header_ 7933} 7934 7935func (c *ProjectsServiceAccountsEnableCall) doRequest(alt string) (*http.Response, error) { 7936 reqHeaders := make(http.Header) 7937 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 7938 for k, v := range c.header_ { 7939 reqHeaders[k] = v 7940 } 7941 reqHeaders.Set("User-Agent", c.s.userAgent()) 7942 var body io.Reader = nil 7943 body, err := googleapi.WithoutDataWrapper.JSONReader(c.enableserviceaccountrequest) 7944 if err != nil { 7945 return nil, err 7946 } 7947 reqHeaders.Set("Content-Type", "application/json") 7948 c.urlParams_.Set("alt", alt) 7949 c.urlParams_.Set("prettyPrint", "false") 7950 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:enable") 7951 urls += "?" + c.urlParams_.Encode() 7952 req, err := http.NewRequest("POST", urls, body) 7953 if err != nil { 7954 return nil, err 7955 } 7956 req.Header = reqHeaders 7957 googleapi.Expand(req.URL, map[string]string{ 7958 "name": c.name, 7959 }) 7960 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7961} 7962 7963// Do executes the "iam.projects.serviceAccounts.enable" call. 7964// Exactly one of *Empty or error will be non-nil. Any non-2xx status 7965// code is an error. Response headers are in either 7966// *Empty.ServerResponse.Header or (if a response was returned at all) 7967// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 7968// check whether the returned error was because http.StatusNotModified 7969// was returned. 7970func (c *ProjectsServiceAccountsEnableCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 7971 gensupport.SetOptions(c.urlParams_, opts...) 7972 res, err := c.doRequest("json") 7973 if res != nil && res.StatusCode == http.StatusNotModified { 7974 if res.Body != nil { 7975 res.Body.Close() 7976 } 7977 return nil, &googleapi.Error{ 7978 Code: res.StatusCode, 7979 Header: res.Header, 7980 } 7981 } 7982 if err != nil { 7983 return nil, err 7984 } 7985 defer googleapi.CloseBody(res) 7986 if err := googleapi.CheckResponse(res); err != nil { 7987 return nil, err 7988 } 7989 ret := &Empty{ 7990 ServerResponse: googleapi.ServerResponse{ 7991 Header: res.Header, 7992 HTTPStatusCode: res.StatusCode, 7993 }, 7994 } 7995 target := &ret 7996 if err := gensupport.DecodeResponse(target, res); err != nil { 7997 return nil, err 7998 } 7999 return ret, nil 8000 // { 8001 // "description": "Enables a ServiceAccount that was disabled by DisableServiceAccount. If the service account is already enabled, then this method has no effect. If the service account was disabled by other means—for example, if Google disabled the service account because it was compromised—you cannot use this method to enable the service account.", 8002 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:enable", 8003 // "httpMethod": "POST", 8004 // "id": "iam.projects.serviceAccounts.enable", 8005 // "parameterOrder": [ 8006 // "name" 8007 // ], 8008 // "parameters": { 8009 // "name": { 8010 // "description": "The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 8011 // "location": "path", 8012 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8013 // "required": true, 8014 // "type": "string" 8015 // } 8016 // }, 8017 // "path": "v1/{+name}:enable", 8018 // "request": { 8019 // "$ref": "EnableServiceAccountRequest" 8020 // }, 8021 // "response": { 8022 // "$ref": "Empty" 8023 // }, 8024 // "scopes": [ 8025 // "https://www.googleapis.com/auth/cloud-platform" 8026 // ] 8027 // } 8028 8029} 8030 8031// method id "iam.projects.serviceAccounts.get": 8032 8033type ProjectsServiceAccountsGetCall struct { 8034 s *Service 8035 name string 8036 urlParams_ gensupport.URLParams 8037 ifNoneMatch_ string 8038 ctx_ context.Context 8039 header_ http.Header 8040} 8041 8042// Get: Gets a ServiceAccount. 8043// 8044// - name: The resource name of the service account in the following 8045// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 8046// `-` as a wildcard for the `PROJECT_ID` will infer the project from 8047// the account. The `ACCOUNT` value can be the `email` address or the 8048// `unique_id` of the service account. 8049func (r *ProjectsServiceAccountsService) Get(name string) *ProjectsServiceAccountsGetCall { 8050 c := &ProjectsServiceAccountsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8051 c.name = name 8052 return c 8053} 8054 8055// Fields allows partial responses to be retrieved. See 8056// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8057// for more information. 8058func (c *ProjectsServiceAccountsGetCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGetCall { 8059 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8060 return c 8061} 8062 8063// IfNoneMatch sets the optional parameter which makes the operation 8064// fail if the object's ETag matches the given value. This is useful for 8065// getting updates only after the object has changed since the last 8066// request. Use googleapi.IsNotModified to check whether the response 8067// error from Do is the result of In-None-Match. 8068func (c *ProjectsServiceAccountsGetCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsGetCall { 8069 c.ifNoneMatch_ = entityTag 8070 return c 8071} 8072 8073// Context sets the context to be used in this call's Do method. Any 8074// pending HTTP request will be aborted if the provided context is 8075// canceled. 8076func (c *ProjectsServiceAccountsGetCall) Context(ctx context.Context) *ProjectsServiceAccountsGetCall { 8077 c.ctx_ = ctx 8078 return c 8079} 8080 8081// Header returns an http.Header that can be modified by the caller to 8082// add HTTP headers to the request. 8083func (c *ProjectsServiceAccountsGetCall) Header() http.Header { 8084 if c.header_ == nil { 8085 c.header_ = make(http.Header) 8086 } 8087 return c.header_ 8088} 8089 8090func (c *ProjectsServiceAccountsGetCall) doRequest(alt string) (*http.Response, error) { 8091 reqHeaders := make(http.Header) 8092 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 8093 for k, v := range c.header_ { 8094 reqHeaders[k] = v 8095 } 8096 reqHeaders.Set("User-Agent", c.s.userAgent()) 8097 if c.ifNoneMatch_ != "" { 8098 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 8099 } 8100 var body io.Reader = nil 8101 c.urlParams_.Set("alt", alt) 8102 c.urlParams_.Set("prettyPrint", "false") 8103 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 8104 urls += "?" + c.urlParams_.Encode() 8105 req, err := http.NewRequest("GET", urls, body) 8106 if err != nil { 8107 return nil, err 8108 } 8109 req.Header = reqHeaders 8110 googleapi.Expand(req.URL, map[string]string{ 8111 "name": c.name, 8112 }) 8113 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8114} 8115 8116// Do executes the "iam.projects.serviceAccounts.get" call. 8117// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 8118// status code is an error. Response headers are in either 8119// *ServiceAccount.ServerResponse.Header or (if a response was returned 8120// at all) in error.(*googleapi.Error).Header. Use 8121// googleapi.IsNotModified to check whether the returned error was 8122// because http.StatusNotModified was returned. 8123func (c *ProjectsServiceAccountsGetCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 8124 gensupport.SetOptions(c.urlParams_, opts...) 8125 res, err := c.doRequest("json") 8126 if res != nil && res.StatusCode == http.StatusNotModified { 8127 if res.Body != nil { 8128 res.Body.Close() 8129 } 8130 return nil, &googleapi.Error{ 8131 Code: res.StatusCode, 8132 Header: res.Header, 8133 } 8134 } 8135 if err != nil { 8136 return nil, err 8137 } 8138 defer googleapi.CloseBody(res) 8139 if err := googleapi.CheckResponse(res); err != nil { 8140 return nil, err 8141 } 8142 ret := &ServiceAccount{ 8143 ServerResponse: googleapi.ServerResponse{ 8144 Header: res.Header, 8145 HTTPStatusCode: res.StatusCode, 8146 }, 8147 } 8148 target := &ret 8149 if err := gensupport.DecodeResponse(target, res); err != nil { 8150 return nil, err 8151 } 8152 return ret, nil 8153 // { 8154 // "description": "Gets a ServiceAccount.", 8155 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 8156 // "httpMethod": "GET", 8157 // "id": "iam.projects.serviceAccounts.get", 8158 // "parameterOrder": [ 8159 // "name" 8160 // ], 8161 // "parameters": { 8162 // "name": { 8163 // "description": "Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 8164 // "location": "path", 8165 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8166 // "required": true, 8167 // "type": "string" 8168 // } 8169 // }, 8170 // "path": "v1/{+name}", 8171 // "response": { 8172 // "$ref": "ServiceAccount" 8173 // }, 8174 // "scopes": [ 8175 // "https://www.googleapis.com/auth/cloud-platform" 8176 // ] 8177 // } 8178 8179} 8180 8181// method id "iam.projects.serviceAccounts.getIamPolicy": 8182 8183type ProjectsServiceAccountsGetIamPolicyCall struct { 8184 s *Service 8185 resource string 8186 urlParams_ gensupport.URLParams 8187 ctx_ context.Context 8188 header_ http.Header 8189} 8190 8191// GetIamPolicy: Gets the IAM policy that is attached to a 8192// ServiceAccount. This IAM policy specifies which members have access 8193// to the service account. This method does not tell you whether the 8194// service account has been granted any roles on other resources. To 8195// check whether a service account has role grants on a resource, use 8196// the `getIamPolicy` method for that resource. For example, to view the 8197// role grants for a project, call the Resource Manager API's 8198// `projects.getIamPolicy` 8199// (https://cloud.google.com/resource-manager/reference/rest/v1/projects/getIamPolicy) 8200// method. 8201// 8202// - resource: REQUIRED: The resource for which the policy is being 8203// requested. See the operation documentation for the appropriate 8204// value for this field. 8205func (r *ProjectsServiceAccountsService) GetIamPolicy(resource string) *ProjectsServiceAccountsGetIamPolicyCall { 8206 c := &ProjectsServiceAccountsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8207 c.resource = resource 8208 return c 8209} 8210 8211// OptionsRequestedPolicyVersion sets the optional parameter 8212// "options.requestedPolicyVersion": The policy format version to be 8213// returned. Valid values are 0, 1, and 3. Requests specifying an 8214// invalid value will be rejected. Requests for policies with any 8215// conditional bindings must specify version 3. Policies without any 8216// conditional bindings may specify any valid value or leave the field 8217// unset. To learn which resources support conditions in their IAM 8218// policies, see the IAM documentation 8219// (https://cloud.google.com/iam/help/conditions/resource-policies). 8220func (c *ProjectsServiceAccountsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsServiceAccountsGetIamPolicyCall { 8221 c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) 8222 return c 8223} 8224 8225// Fields allows partial responses to be retrieved. See 8226// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8227// for more information. 8228func (c *ProjectsServiceAccountsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGetIamPolicyCall { 8229 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8230 return c 8231} 8232 8233// Context sets the context to be used in this call's Do method. Any 8234// pending HTTP request will be aborted if the provided context is 8235// canceled. 8236func (c *ProjectsServiceAccountsGetIamPolicyCall) Context(ctx context.Context) *ProjectsServiceAccountsGetIamPolicyCall { 8237 c.ctx_ = ctx 8238 return c 8239} 8240 8241// Header returns an http.Header that can be modified by the caller to 8242// add HTTP headers to the request. 8243func (c *ProjectsServiceAccountsGetIamPolicyCall) Header() http.Header { 8244 if c.header_ == nil { 8245 c.header_ = make(http.Header) 8246 } 8247 return c.header_ 8248} 8249 8250func (c *ProjectsServiceAccountsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { 8251 reqHeaders := make(http.Header) 8252 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 8253 for k, v := range c.header_ { 8254 reqHeaders[k] = v 8255 } 8256 reqHeaders.Set("User-Agent", c.s.userAgent()) 8257 var body io.Reader = nil 8258 c.urlParams_.Set("alt", alt) 8259 c.urlParams_.Set("prettyPrint", "false") 8260 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy") 8261 urls += "?" + c.urlParams_.Encode() 8262 req, err := http.NewRequest("POST", urls, body) 8263 if err != nil { 8264 return nil, err 8265 } 8266 req.Header = reqHeaders 8267 googleapi.Expand(req.URL, map[string]string{ 8268 "resource": c.resource, 8269 }) 8270 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8271} 8272 8273// Do executes the "iam.projects.serviceAccounts.getIamPolicy" call. 8274// Exactly one of *Policy or error will be non-nil. Any non-2xx status 8275// code is an error. Response headers are in either 8276// *Policy.ServerResponse.Header or (if a response was returned at all) 8277// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 8278// check whether the returned error was because http.StatusNotModified 8279// was returned. 8280func (c *ProjectsServiceAccountsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { 8281 gensupport.SetOptions(c.urlParams_, opts...) 8282 res, err := c.doRequest("json") 8283 if res != nil && res.StatusCode == http.StatusNotModified { 8284 if res.Body != nil { 8285 res.Body.Close() 8286 } 8287 return nil, &googleapi.Error{ 8288 Code: res.StatusCode, 8289 Header: res.Header, 8290 } 8291 } 8292 if err != nil { 8293 return nil, err 8294 } 8295 defer googleapi.CloseBody(res) 8296 if err := googleapi.CheckResponse(res); err != nil { 8297 return nil, err 8298 } 8299 ret := &Policy{ 8300 ServerResponse: googleapi.ServerResponse{ 8301 Header: res.Header, 8302 HTTPStatusCode: res.StatusCode, 8303 }, 8304 } 8305 target := &ret 8306 if err := gensupport.DecodeResponse(target, res); err != nil { 8307 return nil, err 8308 } 8309 return ret, nil 8310 // { 8311 // "description": "Gets the IAM policy that is attached to a ServiceAccount. This IAM policy specifies which members have access to the service account. This method does not tell you whether the service account has been granted any roles on other resources. To check whether a service account has role grants on a resource, use the `getIamPolicy` method for that resource. For example, to view the role grants for a project, call the Resource Manager API's [`projects.getIamPolicy`](https://cloud.google.com/resource-manager/reference/rest/v1/projects/getIamPolicy) method.", 8312 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:getIamPolicy", 8313 // "httpMethod": "POST", 8314 // "id": "iam.projects.serviceAccounts.getIamPolicy", 8315 // "parameterOrder": [ 8316 // "resource" 8317 // ], 8318 // "parameters": { 8319 // "options.requestedPolicyVersion": { 8320 // "description": "Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", 8321 // "format": "int32", 8322 // "location": "query", 8323 // "type": "integer" 8324 // }, 8325 // "resource": { 8326 // "description": "REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.", 8327 // "location": "path", 8328 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8329 // "required": true, 8330 // "type": "string" 8331 // } 8332 // }, 8333 // "path": "v1/{+resource}:getIamPolicy", 8334 // "response": { 8335 // "$ref": "Policy" 8336 // }, 8337 // "scopes": [ 8338 // "https://www.googleapis.com/auth/cloud-platform" 8339 // ] 8340 // } 8341 8342} 8343 8344// method id "iam.projects.serviceAccounts.list": 8345 8346type ProjectsServiceAccountsListCall struct { 8347 s *Service 8348 name string 8349 urlParams_ gensupport.URLParams 8350 ifNoneMatch_ string 8351 ctx_ context.Context 8352 header_ http.Header 8353} 8354 8355// List: Lists every ServiceAccount that belongs to a specific project. 8356// 8357// - name: The resource name of the project associated with the service 8358// accounts, such as `projects/my-project-123`. 8359func (r *ProjectsServiceAccountsService) List(name string) *ProjectsServiceAccountsListCall { 8360 c := &ProjectsServiceAccountsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8361 c.name = name 8362 return c 8363} 8364 8365// PageSize sets the optional parameter "pageSize": Optional limit on 8366// the number of service accounts to include in the response. Further 8367// accounts can subsequently be obtained by including the 8368// ListServiceAccountsResponse.next_page_token in a subsequent request. 8369// The default is 20, and the maximum is 100. 8370func (c *ProjectsServiceAccountsListCall) PageSize(pageSize int64) *ProjectsServiceAccountsListCall { 8371 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 8372 return c 8373} 8374 8375// PageToken sets the optional parameter "pageToken": Optional 8376// pagination token returned in an earlier 8377// ListServiceAccountsResponse.next_page_token. 8378func (c *ProjectsServiceAccountsListCall) PageToken(pageToken string) *ProjectsServiceAccountsListCall { 8379 c.urlParams_.Set("pageToken", pageToken) 8380 return c 8381} 8382 8383// Fields allows partial responses to be retrieved. See 8384// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8385// for more information. 8386func (c *ProjectsServiceAccountsListCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsListCall { 8387 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8388 return c 8389} 8390 8391// IfNoneMatch sets the optional parameter which makes the operation 8392// fail if the object's ETag matches the given value. This is useful for 8393// getting updates only after the object has changed since the last 8394// request. Use googleapi.IsNotModified to check whether the response 8395// error from Do is the result of In-None-Match. 8396func (c *ProjectsServiceAccountsListCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsListCall { 8397 c.ifNoneMatch_ = entityTag 8398 return c 8399} 8400 8401// Context sets the context to be used in this call's Do method. Any 8402// pending HTTP request will be aborted if the provided context is 8403// canceled. 8404func (c *ProjectsServiceAccountsListCall) Context(ctx context.Context) *ProjectsServiceAccountsListCall { 8405 c.ctx_ = ctx 8406 return c 8407} 8408 8409// Header returns an http.Header that can be modified by the caller to 8410// add HTTP headers to the request. 8411func (c *ProjectsServiceAccountsListCall) Header() http.Header { 8412 if c.header_ == nil { 8413 c.header_ = make(http.Header) 8414 } 8415 return c.header_ 8416} 8417 8418func (c *ProjectsServiceAccountsListCall) doRequest(alt string) (*http.Response, error) { 8419 reqHeaders := make(http.Header) 8420 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 8421 for k, v := range c.header_ { 8422 reqHeaders[k] = v 8423 } 8424 reqHeaders.Set("User-Agent", c.s.userAgent()) 8425 if c.ifNoneMatch_ != "" { 8426 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 8427 } 8428 var body io.Reader = nil 8429 c.urlParams_.Set("alt", alt) 8430 c.urlParams_.Set("prettyPrint", "false") 8431 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/serviceAccounts") 8432 urls += "?" + c.urlParams_.Encode() 8433 req, err := http.NewRequest("GET", urls, body) 8434 if err != nil { 8435 return nil, err 8436 } 8437 req.Header = reqHeaders 8438 googleapi.Expand(req.URL, map[string]string{ 8439 "name": c.name, 8440 }) 8441 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8442} 8443 8444// Do executes the "iam.projects.serviceAccounts.list" call. 8445// Exactly one of *ListServiceAccountsResponse or error will be non-nil. 8446// Any non-2xx status code is an error. Response headers are in either 8447// *ListServiceAccountsResponse.ServerResponse.Header or (if a response 8448// was returned at all) in error.(*googleapi.Error).Header. Use 8449// googleapi.IsNotModified to check whether the returned error was 8450// because http.StatusNotModified was returned. 8451func (c *ProjectsServiceAccountsListCall) Do(opts ...googleapi.CallOption) (*ListServiceAccountsResponse, error) { 8452 gensupport.SetOptions(c.urlParams_, opts...) 8453 res, err := c.doRequest("json") 8454 if res != nil && res.StatusCode == http.StatusNotModified { 8455 if res.Body != nil { 8456 res.Body.Close() 8457 } 8458 return nil, &googleapi.Error{ 8459 Code: res.StatusCode, 8460 Header: res.Header, 8461 } 8462 } 8463 if err != nil { 8464 return nil, err 8465 } 8466 defer googleapi.CloseBody(res) 8467 if err := googleapi.CheckResponse(res); err != nil { 8468 return nil, err 8469 } 8470 ret := &ListServiceAccountsResponse{ 8471 ServerResponse: googleapi.ServerResponse{ 8472 Header: res.Header, 8473 HTTPStatusCode: res.StatusCode, 8474 }, 8475 } 8476 target := &ret 8477 if err := gensupport.DecodeResponse(target, res); err != nil { 8478 return nil, err 8479 } 8480 return ret, nil 8481 // { 8482 // "description": "Lists every ServiceAccount that belongs to a specific project.", 8483 // "flatPath": "v1/projects/{projectsId}/serviceAccounts", 8484 // "httpMethod": "GET", 8485 // "id": "iam.projects.serviceAccounts.list", 8486 // "parameterOrder": [ 8487 // "name" 8488 // ], 8489 // "parameters": { 8490 // "name": { 8491 // "description": "Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.", 8492 // "location": "path", 8493 // "pattern": "^projects/[^/]+$", 8494 // "required": true, 8495 // "type": "string" 8496 // }, 8497 // "pageSize": { 8498 // "description": "Optional limit on the number of service accounts to include in the response. Further accounts can subsequently be obtained by including the ListServiceAccountsResponse.next_page_token in a subsequent request. The default is 20, and the maximum is 100.", 8499 // "format": "int32", 8500 // "location": "query", 8501 // "type": "integer" 8502 // }, 8503 // "pageToken": { 8504 // "description": "Optional pagination token returned in an earlier ListServiceAccountsResponse.next_page_token.", 8505 // "location": "query", 8506 // "type": "string" 8507 // } 8508 // }, 8509 // "path": "v1/{+name}/serviceAccounts", 8510 // "response": { 8511 // "$ref": "ListServiceAccountsResponse" 8512 // }, 8513 // "scopes": [ 8514 // "https://www.googleapis.com/auth/cloud-platform" 8515 // ] 8516 // } 8517 8518} 8519 8520// Pages invokes f for each page of results. 8521// A non-nil error returned from f will halt the iteration. 8522// The provided context supersedes any context provided to the Context method. 8523func (c *ProjectsServiceAccountsListCall) Pages(ctx context.Context, f func(*ListServiceAccountsResponse) error) error { 8524 c.ctx_ = ctx 8525 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 8526 for { 8527 x, err := c.Do() 8528 if err != nil { 8529 return err 8530 } 8531 if err := f(x); err != nil { 8532 return err 8533 } 8534 if x.NextPageToken == "" { 8535 return nil 8536 } 8537 c.PageToken(x.NextPageToken) 8538 } 8539} 8540 8541// method id "iam.projects.serviceAccounts.patch": 8542 8543type ProjectsServiceAccountsPatchCall struct { 8544 s *Service 8545 name string 8546 patchserviceaccountrequest *PatchServiceAccountRequest 8547 urlParams_ gensupport.URLParams 8548 ctx_ context.Context 8549 header_ http.Header 8550} 8551 8552// Patch: Patches a ServiceAccount. 8553// 8554// - name: The resource name of the service account. Use one of the 8555// following formats: * 8556// `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * 8557// `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an 8558// alternative, you can use the `-` wildcard character instead of the 8559// project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * 8560// `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using 8561// the `-` wildcard character, because it can cause response messages 8562// to contain misleading error codes. For example, if you try to get 8563// the service account `projects/-/serviceAccounts/fake@example.com`, 8564// which does not exist, the response contains an HTTP `403 Forbidden` 8565// error instead of a `404 Not Found` error. 8566func (r *ProjectsServiceAccountsService) Patch(name string, patchserviceaccountrequest *PatchServiceAccountRequest) *ProjectsServiceAccountsPatchCall { 8567 c := &ProjectsServiceAccountsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8568 c.name = name 8569 c.patchserviceaccountrequest = patchserviceaccountrequest 8570 return c 8571} 8572 8573// Fields allows partial responses to be retrieved. See 8574// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8575// for more information. 8576func (c *ProjectsServiceAccountsPatchCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsPatchCall { 8577 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8578 return c 8579} 8580 8581// Context sets the context to be used in this call's Do method. Any 8582// pending HTTP request will be aborted if the provided context is 8583// canceled. 8584func (c *ProjectsServiceAccountsPatchCall) Context(ctx context.Context) *ProjectsServiceAccountsPatchCall { 8585 c.ctx_ = ctx 8586 return c 8587} 8588 8589// Header returns an http.Header that can be modified by the caller to 8590// add HTTP headers to the request. 8591func (c *ProjectsServiceAccountsPatchCall) Header() http.Header { 8592 if c.header_ == nil { 8593 c.header_ = make(http.Header) 8594 } 8595 return c.header_ 8596} 8597 8598func (c *ProjectsServiceAccountsPatchCall) doRequest(alt string) (*http.Response, error) { 8599 reqHeaders := make(http.Header) 8600 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 8601 for k, v := range c.header_ { 8602 reqHeaders[k] = v 8603 } 8604 reqHeaders.Set("User-Agent", c.s.userAgent()) 8605 var body io.Reader = nil 8606 body, err := googleapi.WithoutDataWrapper.JSONReader(c.patchserviceaccountrequest) 8607 if err != nil { 8608 return nil, err 8609 } 8610 reqHeaders.Set("Content-Type", "application/json") 8611 c.urlParams_.Set("alt", alt) 8612 c.urlParams_.Set("prettyPrint", "false") 8613 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 8614 urls += "?" + c.urlParams_.Encode() 8615 req, err := http.NewRequest("PATCH", urls, body) 8616 if err != nil { 8617 return nil, err 8618 } 8619 req.Header = reqHeaders 8620 googleapi.Expand(req.URL, map[string]string{ 8621 "name": c.name, 8622 }) 8623 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8624} 8625 8626// Do executes the "iam.projects.serviceAccounts.patch" call. 8627// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 8628// status code is an error. Response headers are in either 8629// *ServiceAccount.ServerResponse.Header or (if a response was returned 8630// at all) in error.(*googleapi.Error).Header. Use 8631// googleapi.IsNotModified to check whether the returned error was 8632// because http.StatusNotModified was returned. 8633func (c *ProjectsServiceAccountsPatchCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 8634 gensupport.SetOptions(c.urlParams_, opts...) 8635 res, err := c.doRequest("json") 8636 if res != nil && res.StatusCode == http.StatusNotModified { 8637 if res.Body != nil { 8638 res.Body.Close() 8639 } 8640 return nil, &googleapi.Error{ 8641 Code: res.StatusCode, 8642 Header: res.Header, 8643 } 8644 } 8645 if err != nil { 8646 return nil, err 8647 } 8648 defer googleapi.CloseBody(res) 8649 if err := googleapi.CheckResponse(res); err != nil { 8650 return nil, err 8651 } 8652 ret := &ServiceAccount{ 8653 ServerResponse: googleapi.ServerResponse{ 8654 Header: res.Header, 8655 HTTPStatusCode: res.StatusCode, 8656 }, 8657 } 8658 target := &ret 8659 if err := gensupport.DecodeResponse(target, res); err != nil { 8660 return nil, err 8661 } 8662 return ret, nil 8663 // { 8664 // "description": "Patches a ServiceAccount.", 8665 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 8666 // "httpMethod": "PATCH", 8667 // "id": "iam.projects.serviceAccounts.patch", 8668 // "parameterOrder": [ 8669 // "name" 8670 // ], 8671 // "parameters": { 8672 // "name": { 8673 // "description": "The resource name of the service account. Use one of the following formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you can use the `-` wildcard character instead of the project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the `-` wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to get the service account `projects/-/serviceAccounts/fake@example.com`, which does not exist, the response contains an HTTP `403 Forbidden` error instead of a `404 Not Found` error.", 8674 // "location": "path", 8675 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8676 // "required": true, 8677 // "type": "string" 8678 // } 8679 // }, 8680 // "path": "v1/{+name}", 8681 // "request": { 8682 // "$ref": "PatchServiceAccountRequest" 8683 // }, 8684 // "response": { 8685 // "$ref": "ServiceAccount" 8686 // }, 8687 // "scopes": [ 8688 // "https://www.googleapis.com/auth/cloud-platform" 8689 // ] 8690 // } 8691 8692} 8693 8694// method id "iam.projects.serviceAccounts.setIamPolicy": 8695 8696type ProjectsServiceAccountsSetIamPolicyCall struct { 8697 s *Service 8698 resource string 8699 setiampolicyrequest *SetIamPolicyRequest 8700 urlParams_ gensupport.URLParams 8701 ctx_ context.Context 8702 header_ http.Header 8703} 8704 8705// SetIamPolicy: Sets the IAM policy that is attached to a 8706// ServiceAccount. Use this method to grant or revoke access to the 8707// service account. For example, you could grant a member the ability to 8708// impersonate the service account. This method does not enable the 8709// service account to access other resources. To grant roles to a 8710// service account on a resource, follow these steps: 1. Call the 8711// resource's `getIamPolicy` method to get its current IAM policy. 2. 8712// Edit the policy so that it binds the service account to an IAM role 8713// for the resource. 3. Call the resource's `setIamPolicy` method to 8714// update its IAM policy. For detailed instructions, see Granting roles 8715// to a service account for specific resources 8716// (https://cloud.google.com/iam/help/service-accounts/granting-access-to-service-accounts). 8717// 8718// - resource: REQUIRED: The resource for which the policy is being 8719// specified. See the operation documentation for the appropriate 8720// value for this field. 8721func (r *ProjectsServiceAccountsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsServiceAccountsSetIamPolicyCall { 8722 c := &ProjectsServiceAccountsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8723 c.resource = resource 8724 c.setiampolicyrequest = setiampolicyrequest 8725 return c 8726} 8727 8728// Fields allows partial responses to be retrieved. See 8729// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8730// for more information. 8731func (c *ProjectsServiceAccountsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSetIamPolicyCall { 8732 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8733 return c 8734} 8735 8736// Context sets the context to be used in this call's Do method. Any 8737// pending HTTP request will be aborted if the provided context is 8738// canceled. 8739func (c *ProjectsServiceAccountsSetIamPolicyCall) Context(ctx context.Context) *ProjectsServiceAccountsSetIamPolicyCall { 8740 c.ctx_ = ctx 8741 return c 8742} 8743 8744// Header returns an http.Header that can be modified by the caller to 8745// add HTTP headers to the request. 8746func (c *ProjectsServiceAccountsSetIamPolicyCall) Header() http.Header { 8747 if c.header_ == nil { 8748 c.header_ = make(http.Header) 8749 } 8750 return c.header_ 8751} 8752 8753func (c *ProjectsServiceAccountsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { 8754 reqHeaders := make(http.Header) 8755 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 8756 for k, v := range c.header_ { 8757 reqHeaders[k] = v 8758 } 8759 reqHeaders.Set("User-Agent", c.s.userAgent()) 8760 var body io.Reader = nil 8761 body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) 8762 if err != nil { 8763 return nil, err 8764 } 8765 reqHeaders.Set("Content-Type", "application/json") 8766 c.urlParams_.Set("alt", alt) 8767 c.urlParams_.Set("prettyPrint", "false") 8768 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy") 8769 urls += "?" + c.urlParams_.Encode() 8770 req, err := http.NewRequest("POST", urls, body) 8771 if err != nil { 8772 return nil, err 8773 } 8774 req.Header = reqHeaders 8775 googleapi.Expand(req.URL, map[string]string{ 8776 "resource": c.resource, 8777 }) 8778 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8779} 8780 8781// Do executes the "iam.projects.serviceAccounts.setIamPolicy" call. 8782// Exactly one of *Policy or error will be non-nil. Any non-2xx status 8783// code is an error. Response headers are in either 8784// *Policy.ServerResponse.Header or (if a response was returned at all) 8785// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 8786// check whether the returned error was because http.StatusNotModified 8787// was returned. 8788func (c *ProjectsServiceAccountsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { 8789 gensupport.SetOptions(c.urlParams_, opts...) 8790 res, err := c.doRequest("json") 8791 if res != nil && res.StatusCode == http.StatusNotModified { 8792 if res.Body != nil { 8793 res.Body.Close() 8794 } 8795 return nil, &googleapi.Error{ 8796 Code: res.StatusCode, 8797 Header: res.Header, 8798 } 8799 } 8800 if err != nil { 8801 return nil, err 8802 } 8803 defer googleapi.CloseBody(res) 8804 if err := googleapi.CheckResponse(res); err != nil { 8805 return nil, err 8806 } 8807 ret := &Policy{ 8808 ServerResponse: googleapi.ServerResponse{ 8809 Header: res.Header, 8810 HTTPStatusCode: res.StatusCode, 8811 }, 8812 } 8813 target := &ret 8814 if err := gensupport.DecodeResponse(target, res); err != nil { 8815 return nil, err 8816 } 8817 return ret, nil 8818 // { 8819 // "description": "Sets the IAM policy that is attached to a ServiceAccount. Use this method to grant or revoke access to the service account. For example, you could grant a member the ability to impersonate the service account. This method does not enable the service account to access other resources. To grant roles to a service account on a resource, follow these steps: 1. Call the resource's `getIamPolicy` method to get its current IAM policy. 2. Edit the policy so that it binds the service account to an IAM role for the resource. 3. Call the resource's `setIamPolicy` method to update its IAM policy. For detailed instructions, see [Granting roles to a service account for specific resources](https://cloud.google.com/iam/help/service-accounts/granting-access-to-service-accounts).", 8820 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:setIamPolicy", 8821 // "httpMethod": "POST", 8822 // "id": "iam.projects.serviceAccounts.setIamPolicy", 8823 // "parameterOrder": [ 8824 // "resource" 8825 // ], 8826 // "parameters": { 8827 // "resource": { 8828 // "description": "REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.", 8829 // "location": "path", 8830 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8831 // "required": true, 8832 // "type": "string" 8833 // } 8834 // }, 8835 // "path": "v1/{+resource}:setIamPolicy", 8836 // "request": { 8837 // "$ref": "SetIamPolicyRequest" 8838 // }, 8839 // "response": { 8840 // "$ref": "Policy" 8841 // }, 8842 // "scopes": [ 8843 // "https://www.googleapis.com/auth/cloud-platform" 8844 // ] 8845 // } 8846 8847} 8848 8849// method id "iam.projects.serviceAccounts.signBlob": 8850 8851type ProjectsServiceAccountsSignBlobCall struct { 8852 s *Service 8853 name string 8854 signblobrequest *SignBlobRequest 8855 urlParams_ gensupport.URLParams 8856 ctx_ context.Context 8857 header_ http.Header 8858} 8859 8860// SignBlob: **Note:** This method is deprecated. Use the `signBlob` 8861// (https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signBlob) 8862// method in the IAM Service Account Credentials API instead. If you 8863// currently use this method, see the migration guide 8864// (https://cloud.google.com/iam/help/credentials/migrate-api) for 8865// instructions. Signs a blob using the system-managed private key for a 8866// ServiceAccount. 8867// 8868// - name: Deprecated. Migrate to Service Account Credentials API 8869// (https://cloud.google.com/iam/help/credentials/migrate-api). The 8870// resource name of the service account in the following format: 8871// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a 8872// wildcard for the `PROJECT_ID` will infer the project from the 8873// account. The `ACCOUNT` value can be the `email` address or the 8874// `unique_id` of the service account. 8875func (r *ProjectsServiceAccountsService) SignBlob(name string, signblobrequest *SignBlobRequest) *ProjectsServiceAccountsSignBlobCall { 8876 c := &ProjectsServiceAccountsSignBlobCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8877 c.name = name 8878 c.signblobrequest = signblobrequest 8879 return c 8880} 8881 8882// Fields allows partial responses to be retrieved. See 8883// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8884// for more information. 8885func (c *ProjectsServiceAccountsSignBlobCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignBlobCall { 8886 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8887 return c 8888} 8889 8890// Context sets the context to be used in this call's Do method. Any 8891// pending HTTP request will be aborted if the provided context is 8892// canceled. 8893func (c *ProjectsServiceAccountsSignBlobCall) Context(ctx context.Context) *ProjectsServiceAccountsSignBlobCall { 8894 c.ctx_ = ctx 8895 return c 8896} 8897 8898// Header returns an http.Header that can be modified by the caller to 8899// add HTTP headers to the request. 8900func (c *ProjectsServiceAccountsSignBlobCall) Header() http.Header { 8901 if c.header_ == nil { 8902 c.header_ = make(http.Header) 8903 } 8904 return c.header_ 8905} 8906 8907func (c *ProjectsServiceAccountsSignBlobCall) doRequest(alt string) (*http.Response, error) { 8908 reqHeaders := make(http.Header) 8909 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 8910 for k, v := range c.header_ { 8911 reqHeaders[k] = v 8912 } 8913 reqHeaders.Set("User-Agent", c.s.userAgent()) 8914 var body io.Reader = nil 8915 body, err := googleapi.WithoutDataWrapper.JSONReader(c.signblobrequest) 8916 if err != nil { 8917 return nil, err 8918 } 8919 reqHeaders.Set("Content-Type", "application/json") 8920 c.urlParams_.Set("alt", alt) 8921 c.urlParams_.Set("prettyPrint", "false") 8922 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:signBlob") 8923 urls += "?" + c.urlParams_.Encode() 8924 req, err := http.NewRequest("POST", urls, body) 8925 if err != nil { 8926 return nil, err 8927 } 8928 req.Header = reqHeaders 8929 googleapi.Expand(req.URL, map[string]string{ 8930 "name": c.name, 8931 }) 8932 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8933} 8934 8935// Do executes the "iam.projects.serviceAccounts.signBlob" call. 8936// Exactly one of *SignBlobResponse or error will be non-nil. Any 8937// non-2xx status code is an error. Response headers are in either 8938// *SignBlobResponse.ServerResponse.Header or (if a response was 8939// returned at all) in error.(*googleapi.Error).Header. Use 8940// googleapi.IsNotModified to check whether the returned error was 8941// because http.StatusNotModified was returned. 8942func (c *ProjectsServiceAccountsSignBlobCall) Do(opts ...googleapi.CallOption) (*SignBlobResponse, error) { 8943 gensupport.SetOptions(c.urlParams_, opts...) 8944 res, err := c.doRequest("json") 8945 if res != nil && res.StatusCode == http.StatusNotModified { 8946 if res.Body != nil { 8947 res.Body.Close() 8948 } 8949 return nil, &googleapi.Error{ 8950 Code: res.StatusCode, 8951 Header: res.Header, 8952 } 8953 } 8954 if err != nil { 8955 return nil, err 8956 } 8957 defer googleapi.CloseBody(res) 8958 if err := googleapi.CheckResponse(res); err != nil { 8959 return nil, err 8960 } 8961 ret := &SignBlobResponse{ 8962 ServerResponse: googleapi.ServerResponse{ 8963 Header: res.Header, 8964 HTTPStatusCode: res.StatusCode, 8965 }, 8966 } 8967 target := &ret 8968 if err := gensupport.DecodeResponse(target, res); err != nil { 8969 return nil, err 8970 } 8971 return ret, nil 8972 // { 8973 // "description": "**Note:** This method is deprecated. Use the [`signBlob`](https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signBlob) method in the IAM Service Account Credentials API instead. If you currently use this method, see the [migration guide](https://cloud.google.com/iam/help/credentials/migrate-api) for instructions. Signs a blob using the system-managed private key for a ServiceAccount.", 8974 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signBlob", 8975 // "httpMethod": "POST", 8976 // "id": "iam.projects.serviceAccounts.signBlob", 8977 // "parameterOrder": [ 8978 // "name" 8979 // ], 8980 // "parameters": { 8981 // "name": { 8982 // "description": "Required. Deprecated. [Migrate to Service Account Credentials API](https://cloud.google.com/iam/help/credentials/migrate-api). The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 8983 // "location": "path", 8984 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8985 // "required": true, 8986 // "type": "string" 8987 // } 8988 // }, 8989 // "path": "v1/{+name}:signBlob", 8990 // "request": { 8991 // "$ref": "SignBlobRequest" 8992 // }, 8993 // "response": { 8994 // "$ref": "SignBlobResponse" 8995 // }, 8996 // "scopes": [ 8997 // "https://www.googleapis.com/auth/cloud-platform" 8998 // ] 8999 // } 9000 9001} 9002 9003// method id "iam.projects.serviceAccounts.signJwt": 9004 9005type ProjectsServiceAccountsSignJwtCall struct { 9006 s *Service 9007 name string 9008 signjwtrequest *SignJwtRequest 9009 urlParams_ gensupport.URLParams 9010 ctx_ context.Context 9011 header_ http.Header 9012} 9013 9014// SignJwt: **Note:** This method is deprecated. Use the `signJwt` 9015// (https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signJwt) 9016// method in the IAM Service Account Credentials API instead. If you 9017// currently use this method, see the migration guide 9018// (https://cloud.google.com/iam/help/credentials/migrate-api) for 9019// instructions. Signs a JSON Web Token (JWT) using the system-managed 9020// private key for a ServiceAccount. 9021// 9022// - name: Deprecated. Migrate to Service Account Credentials API 9023// (https://cloud.google.com/iam/help/credentials/migrate-api). The 9024// resource name of the service account in the following format: 9025// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a 9026// wildcard for the `PROJECT_ID` will infer the project from the 9027// account. The `ACCOUNT` value can be the `email` address or the 9028// `unique_id` of the service account. 9029func (r *ProjectsServiceAccountsService) SignJwt(name string, signjwtrequest *SignJwtRequest) *ProjectsServiceAccountsSignJwtCall { 9030 c := &ProjectsServiceAccountsSignJwtCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9031 c.name = name 9032 c.signjwtrequest = signjwtrequest 9033 return c 9034} 9035 9036// Fields allows partial responses to be retrieved. See 9037// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9038// for more information. 9039func (c *ProjectsServiceAccountsSignJwtCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignJwtCall { 9040 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9041 return c 9042} 9043 9044// Context sets the context to be used in this call's Do method. Any 9045// pending HTTP request will be aborted if the provided context is 9046// canceled. 9047func (c *ProjectsServiceAccountsSignJwtCall) Context(ctx context.Context) *ProjectsServiceAccountsSignJwtCall { 9048 c.ctx_ = ctx 9049 return c 9050} 9051 9052// Header returns an http.Header that can be modified by the caller to 9053// add HTTP headers to the request. 9054func (c *ProjectsServiceAccountsSignJwtCall) Header() http.Header { 9055 if c.header_ == nil { 9056 c.header_ = make(http.Header) 9057 } 9058 return c.header_ 9059} 9060 9061func (c *ProjectsServiceAccountsSignJwtCall) doRequest(alt string) (*http.Response, error) { 9062 reqHeaders := make(http.Header) 9063 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 9064 for k, v := range c.header_ { 9065 reqHeaders[k] = v 9066 } 9067 reqHeaders.Set("User-Agent", c.s.userAgent()) 9068 var body io.Reader = nil 9069 body, err := googleapi.WithoutDataWrapper.JSONReader(c.signjwtrequest) 9070 if err != nil { 9071 return nil, err 9072 } 9073 reqHeaders.Set("Content-Type", "application/json") 9074 c.urlParams_.Set("alt", alt) 9075 c.urlParams_.Set("prettyPrint", "false") 9076 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:signJwt") 9077 urls += "?" + c.urlParams_.Encode() 9078 req, err := http.NewRequest("POST", urls, body) 9079 if err != nil { 9080 return nil, err 9081 } 9082 req.Header = reqHeaders 9083 googleapi.Expand(req.URL, map[string]string{ 9084 "name": c.name, 9085 }) 9086 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9087} 9088 9089// Do executes the "iam.projects.serviceAccounts.signJwt" call. 9090// Exactly one of *SignJwtResponse or error will be non-nil. Any non-2xx 9091// status code is an error. Response headers are in either 9092// *SignJwtResponse.ServerResponse.Header or (if a response was returned 9093// at all) in error.(*googleapi.Error).Header. Use 9094// googleapi.IsNotModified to check whether the returned error was 9095// because http.StatusNotModified was returned. 9096func (c *ProjectsServiceAccountsSignJwtCall) Do(opts ...googleapi.CallOption) (*SignJwtResponse, error) { 9097 gensupport.SetOptions(c.urlParams_, opts...) 9098 res, err := c.doRequest("json") 9099 if res != nil && res.StatusCode == http.StatusNotModified { 9100 if res.Body != nil { 9101 res.Body.Close() 9102 } 9103 return nil, &googleapi.Error{ 9104 Code: res.StatusCode, 9105 Header: res.Header, 9106 } 9107 } 9108 if err != nil { 9109 return nil, err 9110 } 9111 defer googleapi.CloseBody(res) 9112 if err := googleapi.CheckResponse(res); err != nil { 9113 return nil, err 9114 } 9115 ret := &SignJwtResponse{ 9116 ServerResponse: googleapi.ServerResponse{ 9117 Header: res.Header, 9118 HTTPStatusCode: res.StatusCode, 9119 }, 9120 } 9121 target := &ret 9122 if err := gensupport.DecodeResponse(target, res); err != nil { 9123 return nil, err 9124 } 9125 return ret, nil 9126 // { 9127 // "description": "**Note:** This method is deprecated. Use the [`signJwt`](https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signJwt) method in the IAM Service Account Credentials API instead. If you currently use this method, see the [migration guide](https://cloud.google.com/iam/help/credentials/migrate-api) for instructions. Signs a JSON Web Token (JWT) using the system-managed private key for a ServiceAccount.", 9128 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signJwt", 9129 // "httpMethod": "POST", 9130 // "id": "iam.projects.serviceAccounts.signJwt", 9131 // "parameterOrder": [ 9132 // "name" 9133 // ], 9134 // "parameters": { 9135 // "name": { 9136 // "description": "Required. Deprecated. [Migrate to Service Account Credentials API](https://cloud.google.com/iam/help/credentials/migrate-api). The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 9137 // "location": "path", 9138 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9139 // "required": true, 9140 // "type": "string" 9141 // } 9142 // }, 9143 // "path": "v1/{+name}:signJwt", 9144 // "request": { 9145 // "$ref": "SignJwtRequest" 9146 // }, 9147 // "response": { 9148 // "$ref": "SignJwtResponse" 9149 // }, 9150 // "scopes": [ 9151 // "https://www.googleapis.com/auth/cloud-platform" 9152 // ] 9153 // } 9154 9155} 9156 9157// method id "iam.projects.serviceAccounts.testIamPermissions": 9158 9159type ProjectsServiceAccountsTestIamPermissionsCall struct { 9160 s *Service 9161 resource string 9162 testiampermissionsrequest *TestIamPermissionsRequest 9163 urlParams_ gensupport.URLParams 9164 ctx_ context.Context 9165 header_ http.Header 9166} 9167 9168// TestIamPermissions: Tests whether the caller has the specified 9169// permissions on a ServiceAccount. 9170// 9171// - resource: REQUIRED: The resource for which the policy detail is 9172// being requested. See the operation documentation for the 9173// appropriate value for this field. 9174func (r *ProjectsServiceAccountsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsServiceAccountsTestIamPermissionsCall { 9175 c := &ProjectsServiceAccountsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9176 c.resource = resource 9177 c.testiampermissionsrequest = testiampermissionsrequest 9178 return c 9179} 9180 9181// Fields allows partial responses to be retrieved. See 9182// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9183// for more information. 9184func (c *ProjectsServiceAccountsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsTestIamPermissionsCall { 9185 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9186 return c 9187} 9188 9189// Context sets the context to be used in this call's Do method. Any 9190// pending HTTP request will be aborted if the provided context is 9191// canceled. 9192func (c *ProjectsServiceAccountsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsServiceAccountsTestIamPermissionsCall { 9193 c.ctx_ = ctx 9194 return c 9195} 9196 9197// Header returns an http.Header that can be modified by the caller to 9198// add HTTP headers to the request. 9199func (c *ProjectsServiceAccountsTestIamPermissionsCall) Header() http.Header { 9200 if c.header_ == nil { 9201 c.header_ = make(http.Header) 9202 } 9203 return c.header_ 9204} 9205 9206func (c *ProjectsServiceAccountsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { 9207 reqHeaders := make(http.Header) 9208 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 9209 for k, v := range c.header_ { 9210 reqHeaders[k] = v 9211 } 9212 reqHeaders.Set("User-Agent", c.s.userAgent()) 9213 var body io.Reader = nil 9214 body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) 9215 if err != nil { 9216 return nil, err 9217 } 9218 reqHeaders.Set("Content-Type", "application/json") 9219 c.urlParams_.Set("alt", alt) 9220 c.urlParams_.Set("prettyPrint", "false") 9221 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions") 9222 urls += "?" + c.urlParams_.Encode() 9223 req, err := http.NewRequest("POST", urls, body) 9224 if err != nil { 9225 return nil, err 9226 } 9227 req.Header = reqHeaders 9228 googleapi.Expand(req.URL, map[string]string{ 9229 "resource": c.resource, 9230 }) 9231 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9232} 9233 9234// Do executes the "iam.projects.serviceAccounts.testIamPermissions" call. 9235// Exactly one of *TestIamPermissionsResponse or error will be non-nil. 9236// Any non-2xx status code is an error. Response headers are in either 9237// *TestIamPermissionsResponse.ServerResponse.Header or (if a response 9238// was returned at all) in error.(*googleapi.Error).Header. Use 9239// googleapi.IsNotModified to check whether the returned error was 9240// because http.StatusNotModified was returned. 9241func (c *ProjectsServiceAccountsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { 9242 gensupport.SetOptions(c.urlParams_, opts...) 9243 res, err := c.doRequest("json") 9244 if res != nil && res.StatusCode == http.StatusNotModified { 9245 if res.Body != nil { 9246 res.Body.Close() 9247 } 9248 return nil, &googleapi.Error{ 9249 Code: res.StatusCode, 9250 Header: res.Header, 9251 } 9252 } 9253 if err != nil { 9254 return nil, err 9255 } 9256 defer googleapi.CloseBody(res) 9257 if err := googleapi.CheckResponse(res); err != nil { 9258 return nil, err 9259 } 9260 ret := &TestIamPermissionsResponse{ 9261 ServerResponse: googleapi.ServerResponse{ 9262 Header: res.Header, 9263 HTTPStatusCode: res.StatusCode, 9264 }, 9265 } 9266 target := &ret 9267 if err := gensupport.DecodeResponse(target, res); err != nil { 9268 return nil, err 9269 } 9270 return ret, nil 9271 // { 9272 // "description": "Tests whether the caller has the specified permissions on a ServiceAccount.", 9273 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:testIamPermissions", 9274 // "httpMethod": "POST", 9275 // "id": "iam.projects.serviceAccounts.testIamPermissions", 9276 // "parameterOrder": [ 9277 // "resource" 9278 // ], 9279 // "parameters": { 9280 // "resource": { 9281 // "description": "REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.", 9282 // "location": "path", 9283 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9284 // "required": true, 9285 // "type": "string" 9286 // } 9287 // }, 9288 // "path": "v1/{+resource}:testIamPermissions", 9289 // "request": { 9290 // "$ref": "TestIamPermissionsRequest" 9291 // }, 9292 // "response": { 9293 // "$ref": "TestIamPermissionsResponse" 9294 // }, 9295 // "scopes": [ 9296 // "https://www.googleapis.com/auth/cloud-platform" 9297 // ] 9298 // } 9299 9300} 9301 9302// method id "iam.projects.serviceAccounts.undelete": 9303 9304type ProjectsServiceAccountsUndeleteCall struct { 9305 s *Service 9306 name string 9307 undeleteserviceaccountrequest *UndeleteServiceAccountRequest 9308 urlParams_ gensupport.URLParams 9309 ctx_ context.Context 9310 header_ http.Header 9311} 9312 9313// Undelete: Restores a deleted ServiceAccount. **Important:** It is not 9314// always possible to restore a deleted service account. Use this method 9315// only as a last resort. After you delete a service account, IAM 9316// permanently removes the service account 30 days later. There is no 9317// way to restore a deleted service account that has been permanently 9318// removed. 9319// 9320// - name: The resource name of the service account in the following 9321// format: 9322// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT_UNIQUE_ID}`. Using 9323// `-` as a wildcard for the `PROJECT_ID` will infer the project from 9324// the account. 9325func (r *ProjectsServiceAccountsService) Undelete(name string, undeleteserviceaccountrequest *UndeleteServiceAccountRequest) *ProjectsServiceAccountsUndeleteCall { 9326 c := &ProjectsServiceAccountsUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9327 c.name = name 9328 c.undeleteserviceaccountrequest = undeleteserviceaccountrequest 9329 return c 9330} 9331 9332// Fields allows partial responses to be retrieved. See 9333// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9334// for more information. 9335func (c *ProjectsServiceAccountsUndeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsUndeleteCall { 9336 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9337 return c 9338} 9339 9340// Context sets the context to be used in this call's Do method. Any 9341// pending HTTP request will be aborted if the provided context is 9342// canceled. 9343func (c *ProjectsServiceAccountsUndeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsUndeleteCall { 9344 c.ctx_ = ctx 9345 return c 9346} 9347 9348// Header returns an http.Header that can be modified by the caller to 9349// add HTTP headers to the request. 9350func (c *ProjectsServiceAccountsUndeleteCall) Header() http.Header { 9351 if c.header_ == nil { 9352 c.header_ = make(http.Header) 9353 } 9354 return c.header_ 9355} 9356 9357func (c *ProjectsServiceAccountsUndeleteCall) doRequest(alt string) (*http.Response, error) { 9358 reqHeaders := make(http.Header) 9359 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 9360 for k, v := range c.header_ { 9361 reqHeaders[k] = v 9362 } 9363 reqHeaders.Set("User-Agent", c.s.userAgent()) 9364 var body io.Reader = nil 9365 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteserviceaccountrequest) 9366 if err != nil { 9367 return nil, err 9368 } 9369 reqHeaders.Set("Content-Type", "application/json") 9370 c.urlParams_.Set("alt", alt) 9371 c.urlParams_.Set("prettyPrint", "false") 9372 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 9373 urls += "?" + c.urlParams_.Encode() 9374 req, err := http.NewRequest("POST", urls, body) 9375 if err != nil { 9376 return nil, err 9377 } 9378 req.Header = reqHeaders 9379 googleapi.Expand(req.URL, map[string]string{ 9380 "name": c.name, 9381 }) 9382 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9383} 9384 9385// Do executes the "iam.projects.serviceAccounts.undelete" call. 9386// Exactly one of *UndeleteServiceAccountResponse or error will be 9387// non-nil. Any non-2xx status code is an error. Response headers are in 9388// either *UndeleteServiceAccountResponse.ServerResponse.Header or (if a 9389// response was returned at all) in error.(*googleapi.Error).Header. Use 9390// googleapi.IsNotModified to check whether the returned error was 9391// because http.StatusNotModified was returned. 9392func (c *ProjectsServiceAccountsUndeleteCall) Do(opts ...googleapi.CallOption) (*UndeleteServiceAccountResponse, error) { 9393 gensupport.SetOptions(c.urlParams_, opts...) 9394 res, err := c.doRequest("json") 9395 if res != nil && res.StatusCode == http.StatusNotModified { 9396 if res.Body != nil { 9397 res.Body.Close() 9398 } 9399 return nil, &googleapi.Error{ 9400 Code: res.StatusCode, 9401 Header: res.Header, 9402 } 9403 } 9404 if err != nil { 9405 return nil, err 9406 } 9407 defer googleapi.CloseBody(res) 9408 if err := googleapi.CheckResponse(res); err != nil { 9409 return nil, err 9410 } 9411 ret := &UndeleteServiceAccountResponse{ 9412 ServerResponse: googleapi.ServerResponse{ 9413 Header: res.Header, 9414 HTTPStatusCode: res.StatusCode, 9415 }, 9416 } 9417 target := &ret 9418 if err := gensupport.DecodeResponse(target, res); err != nil { 9419 return nil, err 9420 } 9421 return ret, nil 9422 // { 9423 // "description": "Restores a deleted ServiceAccount. **Important:** It is not always possible to restore a deleted service account. Use this method only as a last resort. After you delete a service account, IAM permanently removes the service account 30 days later. There is no way to restore a deleted service account that has been permanently removed.", 9424 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:undelete", 9425 // "httpMethod": "POST", 9426 // "id": "iam.projects.serviceAccounts.undelete", 9427 // "parameterOrder": [ 9428 // "name" 9429 // ], 9430 // "parameters": { 9431 // "name": { 9432 // "description": "The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT_UNIQUE_ID}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account.", 9433 // "location": "path", 9434 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9435 // "required": true, 9436 // "type": "string" 9437 // } 9438 // }, 9439 // "path": "v1/{+name}:undelete", 9440 // "request": { 9441 // "$ref": "UndeleteServiceAccountRequest" 9442 // }, 9443 // "response": { 9444 // "$ref": "UndeleteServiceAccountResponse" 9445 // }, 9446 // "scopes": [ 9447 // "https://www.googleapis.com/auth/cloud-platform" 9448 // ] 9449 // } 9450 9451} 9452 9453// method id "iam.projects.serviceAccounts.update": 9454 9455type ProjectsServiceAccountsUpdateCall struct { 9456 s *Service 9457 name string 9458 serviceaccount *ServiceAccount 9459 urlParams_ gensupport.URLParams 9460 ctx_ context.Context 9461 header_ http.Header 9462} 9463 9464// Update: **Note:** We are in the process of deprecating this method. 9465// Use PatchServiceAccount instead. Updates a ServiceAccount. You can 9466// update only the `display_name` and `description` fields. 9467// 9468// - name: The resource name of the service account. Use one of the 9469// following formats: * 9470// `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * 9471// `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an 9472// alternative, you can use the `-` wildcard character instead of the 9473// project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * 9474// `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using 9475// the `-` wildcard character, because it can cause response messages 9476// to contain misleading error codes. For example, if you try to get 9477// the service account `projects/-/serviceAccounts/fake@example.com`, 9478// which does not exist, the response contains an HTTP `403 Forbidden` 9479// error instead of a `404 Not Found` error. 9480func (r *ProjectsServiceAccountsService) Update(name string, serviceaccount *ServiceAccount) *ProjectsServiceAccountsUpdateCall { 9481 c := &ProjectsServiceAccountsUpdateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9482 c.name = name 9483 c.serviceaccount = serviceaccount 9484 return c 9485} 9486 9487// Fields allows partial responses to be retrieved. See 9488// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9489// for more information. 9490func (c *ProjectsServiceAccountsUpdateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsUpdateCall { 9491 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9492 return c 9493} 9494 9495// Context sets the context to be used in this call's Do method. Any 9496// pending HTTP request will be aborted if the provided context is 9497// canceled. 9498func (c *ProjectsServiceAccountsUpdateCall) Context(ctx context.Context) *ProjectsServiceAccountsUpdateCall { 9499 c.ctx_ = ctx 9500 return c 9501} 9502 9503// Header returns an http.Header that can be modified by the caller to 9504// add HTTP headers to the request. 9505func (c *ProjectsServiceAccountsUpdateCall) Header() http.Header { 9506 if c.header_ == nil { 9507 c.header_ = make(http.Header) 9508 } 9509 return c.header_ 9510} 9511 9512func (c *ProjectsServiceAccountsUpdateCall) doRequest(alt string) (*http.Response, error) { 9513 reqHeaders := make(http.Header) 9514 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 9515 for k, v := range c.header_ { 9516 reqHeaders[k] = v 9517 } 9518 reqHeaders.Set("User-Agent", c.s.userAgent()) 9519 var body io.Reader = nil 9520 body, err := googleapi.WithoutDataWrapper.JSONReader(c.serviceaccount) 9521 if err != nil { 9522 return nil, err 9523 } 9524 reqHeaders.Set("Content-Type", "application/json") 9525 c.urlParams_.Set("alt", alt) 9526 c.urlParams_.Set("prettyPrint", "false") 9527 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 9528 urls += "?" + c.urlParams_.Encode() 9529 req, err := http.NewRequest("PUT", urls, body) 9530 if err != nil { 9531 return nil, err 9532 } 9533 req.Header = reqHeaders 9534 googleapi.Expand(req.URL, map[string]string{ 9535 "name": c.name, 9536 }) 9537 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9538} 9539 9540// Do executes the "iam.projects.serviceAccounts.update" call. 9541// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 9542// status code is an error. Response headers are in either 9543// *ServiceAccount.ServerResponse.Header or (if a response was returned 9544// at all) in error.(*googleapi.Error).Header. Use 9545// googleapi.IsNotModified to check whether the returned error was 9546// because http.StatusNotModified was returned. 9547func (c *ProjectsServiceAccountsUpdateCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 9548 gensupport.SetOptions(c.urlParams_, opts...) 9549 res, err := c.doRequest("json") 9550 if res != nil && res.StatusCode == http.StatusNotModified { 9551 if res.Body != nil { 9552 res.Body.Close() 9553 } 9554 return nil, &googleapi.Error{ 9555 Code: res.StatusCode, 9556 Header: res.Header, 9557 } 9558 } 9559 if err != nil { 9560 return nil, err 9561 } 9562 defer googleapi.CloseBody(res) 9563 if err := googleapi.CheckResponse(res); err != nil { 9564 return nil, err 9565 } 9566 ret := &ServiceAccount{ 9567 ServerResponse: googleapi.ServerResponse{ 9568 Header: res.Header, 9569 HTTPStatusCode: res.StatusCode, 9570 }, 9571 } 9572 target := &ret 9573 if err := gensupport.DecodeResponse(target, res); err != nil { 9574 return nil, err 9575 } 9576 return ret, nil 9577 // { 9578 // "description": "**Note:** We are in the process of deprecating this method. Use PatchServiceAccount instead. Updates a ServiceAccount. You can update only the `display_name` and `description` fields.", 9579 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 9580 // "httpMethod": "PUT", 9581 // "id": "iam.projects.serviceAccounts.update", 9582 // "parameterOrder": [ 9583 // "name" 9584 // ], 9585 // "parameters": { 9586 // "name": { 9587 // "description": "The resource name of the service account. Use one of the following formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you can use the `-` wildcard character instead of the project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the `-` wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to get the service account `projects/-/serviceAccounts/fake@example.com`, which does not exist, the response contains an HTTP `403 Forbidden` error instead of a `404 Not Found` error.", 9588 // "location": "path", 9589 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9590 // "required": true, 9591 // "type": "string" 9592 // } 9593 // }, 9594 // "path": "v1/{+name}", 9595 // "request": { 9596 // "$ref": "ServiceAccount" 9597 // }, 9598 // "response": { 9599 // "$ref": "ServiceAccount" 9600 // }, 9601 // "scopes": [ 9602 // "https://www.googleapis.com/auth/cloud-platform" 9603 // ] 9604 // } 9605 9606} 9607 9608// method id "iam.projects.serviceAccounts.keys.create": 9609 9610type ProjectsServiceAccountsKeysCreateCall struct { 9611 s *Service 9612 name string 9613 createserviceaccountkeyrequest *CreateServiceAccountKeyRequest 9614 urlParams_ gensupport.URLParams 9615 ctx_ context.Context 9616 header_ http.Header 9617} 9618 9619// Create: Creates a ServiceAccountKey. 9620// 9621// - name: The resource name of the service account in the following 9622// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 9623// `-` as a wildcard for the `PROJECT_ID` will infer the project from 9624// the account. The `ACCOUNT` value can be the `email` address or the 9625// `unique_id` of the service account. 9626func (r *ProjectsServiceAccountsKeysService) Create(name string, createserviceaccountkeyrequest *CreateServiceAccountKeyRequest) *ProjectsServiceAccountsKeysCreateCall { 9627 c := &ProjectsServiceAccountsKeysCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9628 c.name = name 9629 c.createserviceaccountkeyrequest = createserviceaccountkeyrequest 9630 return c 9631} 9632 9633// Fields allows partial responses to be retrieved. See 9634// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9635// for more information. 9636func (c *ProjectsServiceAccountsKeysCreateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysCreateCall { 9637 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9638 return c 9639} 9640 9641// Context sets the context to be used in this call's Do method. Any 9642// pending HTTP request will be aborted if the provided context is 9643// canceled. 9644func (c *ProjectsServiceAccountsKeysCreateCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysCreateCall { 9645 c.ctx_ = ctx 9646 return c 9647} 9648 9649// Header returns an http.Header that can be modified by the caller to 9650// add HTTP headers to the request. 9651func (c *ProjectsServiceAccountsKeysCreateCall) Header() http.Header { 9652 if c.header_ == nil { 9653 c.header_ = make(http.Header) 9654 } 9655 return c.header_ 9656} 9657 9658func (c *ProjectsServiceAccountsKeysCreateCall) doRequest(alt string) (*http.Response, error) { 9659 reqHeaders := make(http.Header) 9660 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 9661 for k, v := range c.header_ { 9662 reqHeaders[k] = v 9663 } 9664 reqHeaders.Set("User-Agent", c.s.userAgent()) 9665 var body io.Reader = nil 9666 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createserviceaccountkeyrequest) 9667 if err != nil { 9668 return nil, err 9669 } 9670 reqHeaders.Set("Content-Type", "application/json") 9671 c.urlParams_.Set("alt", alt) 9672 c.urlParams_.Set("prettyPrint", "false") 9673 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys") 9674 urls += "?" + c.urlParams_.Encode() 9675 req, err := http.NewRequest("POST", urls, body) 9676 if err != nil { 9677 return nil, err 9678 } 9679 req.Header = reqHeaders 9680 googleapi.Expand(req.URL, map[string]string{ 9681 "name": c.name, 9682 }) 9683 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9684} 9685 9686// Do executes the "iam.projects.serviceAccounts.keys.create" call. 9687// Exactly one of *ServiceAccountKey or error will be non-nil. Any 9688// non-2xx status code is an error. Response headers are in either 9689// *ServiceAccountKey.ServerResponse.Header or (if a response was 9690// returned at all) in error.(*googleapi.Error).Header. Use 9691// googleapi.IsNotModified to check whether the returned error was 9692// because http.StatusNotModified was returned. 9693func (c *ProjectsServiceAccountsKeysCreateCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 9694 gensupport.SetOptions(c.urlParams_, opts...) 9695 res, err := c.doRequest("json") 9696 if res != nil && res.StatusCode == http.StatusNotModified { 9697 if res.Body != nil { 9698 res.Body.Close() 9699 } 9700 return nil, &googleapi.Error{ 9701 Code: res.StatusCode, 9702 Header: res.Header, 9703 } 9704 } 9705 if err != nil { 9706 return nil, err 9707 } 9708 defer googleapi.CloseBody(res) 9709 if err := googleapi.CheckResponse(res); err != nil { 9710 return nil, err 9711 } 9712 ret := &ServiceAccountKey{ 9713 ServerResponse: googleapi.ServerResponse{ 9714 Header: res.Header, 9715 HTTPStatusCode: res.StatusCode, 9716 }, 9717 } 9718 target := &ret 9719 if err := gensupport.DecodeResponse(target, res); err != nil { 9720 return nil, err 9721 } 9722 return ret, nil 9723 // { 9724 // "description": "Creates a ServiceAccountKey.", 9725 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys", 9726 // "httpMethod": "POST", 9727 // "id": "iam.projects.serviceAccounts.keys.create", 9728 // "parameterOrder": [ 9729 // "name" 9730 // ], 9731 // "parameters": { 9732 // "name": { 9733 // "description": "Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 9734 // "location": "path", 9735 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9736 // "required": true, 9737 // "type": "string" 9738 // } 9739 // }, 9740 // "path": "v1/{+name}/keys", 9741 // "request": { 9742 // "$ref": "CreateServiceAccountKeyRequest" 9743 // }, 9744 // "response": { 9745 // "$ref": "ServiceAccountKey" 9746 // }, 9747 // "scopes": [ 9748 // "https://www.googleapis.com/auth/cloud-platform" 9749 // ] 9750 // } 9751 9752} 9753 9754// method id "iam.projects.serviceAccounts.keys.delete": 9755 9756type ProjectsServiceAccountsKeysDeleteCall struct { 9757 s *Service 9758 name string 9759 urlParams_ gensupport.URLParams 9760 ctx_ context.Context 9761 header_ http.Header 9762} 9763 9764// Delete: Deletes a ServiceAccountKey. Deleting a service account key 9765// does not revoke short-lived credentials that have been issued based 9766// on the service account key. 9767// 9768// - name: The resource name of the service account key in the following 9769// format: 9770// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using 9771// `-` as a wildcard for the `PROJECT_ID` will infer the project from 9772// the account. The `ACCOUNT` value can be the `email` address or the 9773// `unique_id` of the service account. 9774func (r *ProjectsServiceAccountsKeysService) Delete(name string) *ProjectsServiceAccountsKeysDeleteCall { 9775 c := &ProjectsServiceAccountsKeysDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9776 c.name = name 9777 return c 9778} 9779 9780// Fields allows partial responses to be retrieved. See 9781// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9782// for more information. 9783func (c *ProjectsServiceAccountsKeysDeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysDeleteCall { 9784 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9785 return c 9786} 9787 9788// Context sets the context to be used in this call's Do method. Any 9789// pending HTTP request will be aborted if the provided context is 9790// canceled. 9791func (c *ProjectsServiceAccountsKeysDeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysDeleteCall { 9792 c.ctx_ = ctx 9793 return c 9794} 9795 9796// Header returns an http.Header that can be modified by the caller to 9797// add HTTP headers to the request. 9798func (c *ProjectsServiceAccountsKeysDeleteCall) Header() http.Header { 9799 if c.header_ == nil { 9800 c.header_ = make(http.Header) 9801 } 9802 return c.header_ 9803} 9804 9805func (c *ProjectsServiceAccountsKeysDeleteCall) doRequest(alt string) (*http.Response, error) { 9806 reqHeaders := make(http.Header) 9807 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 9808 for k, v := range c.header_ { 9809 reqHeaders[k] = v 9810 } 9811 reqHeaders.Set("User-Agent", c.s.userAgent()) 9812 var body io.Reader = nil 9813 c.urlParams_.Set("alt", alt) 9814 c.urlParams_.Set("prettyPrint", "false") 9815 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 9816 urls += "?" + c.urlParams_.Encode() 9817 req, err := http.NewRequest("DELETE", urls, body) 9818 if err != nil { 9819 return nil, err 9820 } 9821 req.Header = reqHeaders 9822 googleapi.Expand(req.URL, map[string]string{ 9823 "name": c.name, 9824 }) 9825 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9826} 9827 9828// Do executes the "iam.projects.serviceAccounts.keys.delete" call. 9829// Exactly one of *Empty or error will be non-nil. Any non-2xx status 9830// code is an error. Response headers are in either 9831// *Empty.ServerResponse.Header or (if a response was returned at all) 9832// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 9833// check whether the returned error was because http.StatusNotModified 9834// was returned. 9835func (c *ProjectsServiceAccountsKeysDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 9836 gensupport.SetOptions(c.urlParams_, opts...) 9837 res, err := c.doRequest("json") 9838 if res != nil && res.StatusCode == http.StatusNotModified { 9839 if res.Body != nil { 9840 res.Body.Close() 9841 } 9842 return nil, &googleapi.Error{ 9843 Code: res.StatusCode, 9844 Header: res.Header, 9845 } 9846 } 9847 if err != nil { 9848 return nil, err 9849 } 9850 defer googleapi.CloseBody(res) 9851 if err := googleapi.CheckResponse(res); err != nil { 9852 return nil, err 9853 } 9854 ret := &Empty{ 9855 ServerResponse: googleapi.ServerResponse{ 9856 Header: res.Header, 9857 HTTPStatusCode: res.StatusCode, 9858 }, 9859 } 9860 target := &ret 9861 if err := gensupport.DecodeResponse(target, res); err != nil { 9862 return nil, err 9863 } 9864 return ret, nil 9865 // { 9866 // "description": "Deletes a ServiceAccountKey. Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.", 9867 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}", 9868 // "httpMethod": "DELETE", 9869 // "id": "iam.projects.serviceAccounts.keys.delete", 9870 // "parameterOrder": [ 9871 // "name" 9872 // ], 9873 // "parameters": { 9874 // "name": { 9875 // "description": "Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 9876 // "location": "path", 9877 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$", 9878 // "required": true, 9879 // "type": "string" 9880 // } 9881 // }, 9882 // "path": "v1/{+name}", 9883 // "response": { 9884 // "$ref": "Empty" 9885 // }, 9886 // "scopes": [ 9887 // "https://www.googleapis.com/auth/cloud-platform" 9888 // ] 9889 // } 9890 9891} 9892 9893// method id "iam.projects.serviceAccounts.keys.disable": 9894 9895type ProjectsServiceAccountsKeysDisableCall struct { 9896 s *Service 9897 name string 9898 disableserviceaccountkeyrequest *DisableServiceAccountKeyRequest 9899 urlParams_ gensupport.URLParams 9900 ctx_ context.Context 9901 header_ http.Header 9902} 9903 9904// Disable: Disable a ServiceAccountKey. A disabled service account key 9905// can be enabled through EnableServiceAccountKey. The API is currently 9906// in preview phase. 9907// 9908// - name: The resource name of the service account key in the following 9909// format: 9910// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using 9911// `-` as a wildcard for the `PROJECT_ID` will infer the project from 9912// the account. The `ACCOUNT` value can be the `email` address or the 9913// `unique_id` of the service account. 9914func (r *ProjectsServiceAccountsKeysService) Disable(name string, disableserviceaccountkeyrequest *DisableServiceAccountKeyRequest) *ProjectsServiceAccountsKeysDisableCall { 9915 c := &ProjectsServiceAccountsKeysDisableCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9916 c.name = name 9917 c.disableserviceaccountkeyrequest = disableserviceaccountkeyrequest 9918 return c 9919} 9920 9921// Fields allows partial responses to be retrieved. See 9922// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9923// for more information. 9924func (c *ProjectsServiceAccountsKeysDisableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysDisableCall { 9925 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9926 return c 9927} 9928 9929// Context sets the context to be used in this call's Do method. Any 9930// pending HTTP request will be aborted if the provided context is 9931// canceled. 9932func (c *ProjectsServiceAccountsKeysDisableCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysDisableCall { 9933 c.ctx_ = ctx 9934 return c 9935} 9936 9937// Header returns an http.Header that can be modified by the caller to 9938// add HTTP headers to the request. 9939func (c *ProjectsServiceAccountsKeysDisableCall) Header() http.Header { 9940 if c.header_ == nil { 9941 c.header_ = make(http.Header) 9942 } 9943 return c.header_ 9944} 9945 9946func (c *ProjectsServiceAccountsKeysDisableCall) doRequest(alt string) (*http.Response, error) { 9947 reqHeaders := make(http.Header) 9948 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 9949 for k, v := range c.header_ { 9950 reqHeaders[k] = v 9951 } 9952 reqHeaders.Set("User-Agent", c.s.userAgent()) 9953 var body io.Reader = nil 9954 body, err := googleapi.WithoutDataWrapper.JSONReader(c.disableserviceaccountkeyrequest) 9955 if err != nil { 9956 return nil, err 9957 } 9958 reqHeaders.Set("Content-Type", "application/json") 9959 c.urlParams_.Set("alt", alt) 9960 c.urlParams_.Set("prettyPrint", "false") 9961 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:disable") 9962 urls += "?" + c.urlParams_.Encode() 9963 req, err := http.NewRequest("POST", urls, body) 9964 if err != nil { 9965 return nil, err 9966 } 9967 req.Header = reqHeaders 9968 googleapi.Expand(req.URL, map[string]string{ 9969 "name": c.name, 9970 }) 9971 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9972} 9973 9974// Do executes the "iam.projects.serviceAccounts.keys.disable" call. 9975// Exactly one of *Empty or error will be non-nil. Any non-2xx status 9976// code is an error. Response headers are in either 9977// *Empty.ServerResponse.Header or (if a response was returned at all) 9978// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 9979// check whether the returned error was because http.StatusNotModified 9980// was returned. 9981func (c *ProjectsServiceAccountsKeysDisableCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 9982 gensupport.SetOptions(c.urlParams_, opts...) 9983 res, err := c.doRequest("json") 9984 if res != nil && res.StatusCode == http.StatusNotModified { 9985 if res.Body != nil { 9986 res.Body.Close() 9987 } 9988 return nil, &googleapi.Error{ 9989 Code: res.StatusCode, 9990 Header: res.Header, 9991 } 9992 } 9993 if err != nil { 9994 return nil, err 9995 } 9996 defer googleapi.CloseBody(res) 9997 if err := googleapi.CheckResponse(res); err != nil { 9998 return nil, err 9999 } 10000 ret := &Empty{ 10001 ServerResponse: googleapi.ServerResponse{ 10002 Header: res.Header, 10003 HTTPStatusCode: res.StatusCode, 10004 }, 10005 } 10006 target := &ret 10007 if err := gensupport.DecodeResponse(target, res); err != nil { 10008 return nil, err 10009 } 10010 return ret, nil 10011 // { 10012 // "description": "Disable a ServiceAccountKey. A disabled service account key can be enabled through EnableServiceAccountKey. The API is currently in preview phase.", 10013 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}:disable", 10014 // "httpMethod": "POST", 10015 // "id": "iam.projects.serviceAccounts.keys.disable", 10016 // "parameterOrder": [ 10017 // "name" 10018 // ], 10019 // "parameters": { 10020 // "name": { 10021 // "description": "Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 10022 // "location": "path", 10023 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$", 10024 // "required": true, 10025 // "type": "string" 10026 // } 10027 // }, 10028 // "path": "v1/{+name}:disable", 10029 // "request": { 10030 // "$ref": "DisableServiceAccountKeyRequest" 10031 // }, 10032 // "response": { 10033 // "$ref": "Empty" 10034 // }, 10035 // "scopes": [ 10036 // "https://www.googleapis.com/auth/cloud-platform" 10037 // ] 10038 // } 10039 10040} 10041 10042// method id "iam.projects.serviceAccounts.keys.enable": 10043 10044type ProjectsServiceAccountsKeysEnableCall struct { 10045 s *Service 10046 name string 10047 enableserviceaccountkeyrequest *EnableServiceAccountKeyRequest 10048 urlParams_ gensupport.URLParams 10049 ctx_ context.Context 10050 header_ http.Header 10051} 10052 10053// Enable: Enable a ServiceAccountKey. The API is currently in preview 10054// phase. 10055// 10056// - name: The resource name of the service account key in the following 10057// format: 10058// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using 10059// `-` as a wildcard for the `PROJECT_ID` will infer the project from 10060// the account. The `ACCOUNT` value can be the `email` address or the 10061// `unique_id` of the service account. 10062func (r *ProjectsServiceAccountsKeysService) Enable(name string, enableserviceaccountkeyrequest *EnableServiceAccountKeyRequest) *ProjectsServiceAccountsKeysEnableCall { 10063 c := &ProjectsServiceAccountsKeysEnableCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10064 c.name = name 10065 c.enableserviceaccountkeyrequest = enableserviceaccountkeyrequest 10066 return c 10067} 10068 10069// Fields allows partial responses to be retrieved. See 10070// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10071// for more information. 10072func (c *ProjectsServiceAccountsKeysEnableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysEnableCall { 10073 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10074 return c 10075} 10076 10077// Context sets the context to be used in this call's Do method. Any 10078// pending HTTP request will be aborted if the provided context is 10079// canceled. 10080func (c *ProjectsServiceAccountsKeysEnableCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysEnableCall { 10081 c.ctx_ = ctx 10082 return c 10083} 10084 10085// Header returns an http.Header that can be modified by the caller to 10086// add HTTP headers to the request. 10087func (c *ProjectsServiceAccountsKeysEnableCall) Header() http.Header { 10088 if c.header_ == nil { 10089 c.header_ = make(http.Header) 10090 } 10091 return c.header_ 10092} 10093 10094func (c *ProjectsServiceAccountsKeysEnableCall) doRequest(alt string) (*http.Response, error) { 10095 reqHeaders := make(http.Header) 10096 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 10097 for k, v := range c.header_ { 10098 reqHeaders[k] = v 10099 } 10100 reqHeaders.Set("User-Agent", c.s.userAgent()) 10101 var body io.Reader = nil 10102 body, err := googleapi.WithoutDataWrapper.JSONReader(c.enableserviceaccountkeyrequest) 10103 if err != nil { 10104 return nil, err 10105 } 10106 reqHeaders.Set("Content-Type", "application/json") 10107 c.urlParams_.Set("alt", alt) 10108 c.urlParams_.Set("prettyPrint", "false") 10109 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:enable") 10110 urls += "?" + c.urlParams_.Encode() 10111 req, err := http.NewRequest("POST", urls, body) 10112 if err != nil { 10113 return nil, err 10114 } 10115 req.Header = reqHeaders 10116 googleapi.Expand(req.URL, map[string]string{ 10117 "name": c.name, 10118 }) 10119 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10120} 10121 10122// Do executes the "iam.projects.serviceAccounts.keys.enable" call. 10123// Exactly one of *Empty or error will be non-nil. Any non-2xx status 10124// code is an error. Response headers are in either 10125// *Empty.ServerResponse.Header or (if a response was returned at all) 10126// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 10127// check whether the returned error was because http.StatusNotModified 10128// was returned. 10129func (c *ProjectsServiceAccountsKeysEnableCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 10130 gensupport.SetOptions(c.urlParams_, opts...) 10131 res, err := c.doRequest("json") 10132 if res != nil && res.StatusCode == http.StatusNotModified { 10133 if res.Body != nil { 10134 res.Body.Close() 10135 } 10136 return nil, &googleapi.Error{ 10137 Code: res.StatusCode, 10138 Header: res.Header, 10139 } 10140 } 10141 if err != nil { 10142 return nil, err 10143 } 10144 defer googleapi.CloseBody(res) 10145 if err := googleapi.CheckResponse(res); err != nil { 10146 return nil, err 10147 } 10148 ret := &Empty{ 10149 ServerResponse: googleapi.ServerResponse{ 10150 Header: res.Header, 10151 HTTPStatusCode: res.StatusCode, 10152 }, 10153 } 10154 target := &ret 10155 if err := gensupport.DecodeResponse(target, res); err != nil { 10156 return nil, err 10157 } 10158 return ret, nil 10159 // { 10160 // "description": "Enable a ServiceAccountKey. The API is currently in preview phase.", 10161 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}:enable", 10162 // "httpMethod": "POST", 10163 // "id": "iam.projects.serviceAccounts.keys.enable", 10164 // "parameterOrder": [ 10165 // "name" 10166 // ], 10167 // "parameters": { 10168 // "name": { 10169 // "description": "Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 10170 // "location": "path", 10171 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$", 10172 // "required": true, 10173 // "type": "string" 10174 // } 10175 // }, 10176 // "path": "v1/{+name}:enable", 10177 // "request": { 10178 // "$ref": "EnableServiceAccountKeyRequest" 10179 // }, 10180 // "response": { 10181 // "$ref": "Empty" 10182 // }, 10183 // "scopes": [ 10184 // "https://www.googleapis.com/auth/cloud-platform" 10185 // ] 10186 // } 10187 10188} 10189 10190// method id "iam.projects.serviceAccounts.keys.get": 10191 10192type ProjectsServiceAccountsKeysGetCall struct { 10193 s *Service 10194 name string 10195 urlParams_ gensupport.URLParams 10196 ifNoneMatch_ string 10197 ctx_ context.Context 10198 header_ http.Header 10199} 10200 10201// Get: Gets a ServiceAccountKey. 10202// 10203// - name: The resource name of the service account key in the following 10204// format: 10205// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using 10206// `-` as a wildcard for the `PROJECT_ID` will infer the project from 10207// the account. The `ACCOUNT` value can be the `email` address or the 10208// `unique_id` of the service account. 10209func (r *ProjectsServiceAccountsKeysService) Get(name string) *ProjectsServiceAccountsKeysGetCall { 10210 c := &ProjectsServiceAccountsKeysGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10211 c.name = name 10212 return c 10213} 10214 10215// PublicKeyType sets the optional parameter "publicKeyType": The output 10216// format of the public key requested. X509_PEM is the default output 10217// format. 10218// 10219// Possible values: 10220// "TYPE_NONE" - Unspecified. Returns nothing here. 10221// "TYPE_X509_PEM_FILE" - X509 PEM format. 10222// "TYPE_RAW_PUBLIC_KEY" - Raw public key. 10223func (c *ProjectsServiceAccountsKeysGetCall) PublicKeyType(publicKeyType string) *ProjectsServiceAccountsKeysGetCall { 10224 c.urlParams_.Set("publicKeyType", publicKeyType) 10225 return c 10226} 10227 10228// Fields allows partial responses to be retrieved. See 10229// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10230// for more information. 10231func (c *ProjectsServiceAccountsKeysGetCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysGetCall { 10232 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10233 return c 10234} 10235 10236// IfNoneMatch sets the optional parameter which makes the operation 10237// fail if the object's ETag matches the given value. This is useful for 10238// getting updates only after the object has changed since the last 10239// request. Use googleapi.IsNotModified to check whether the response 10240// error from Do is the result of In-None-Match. 10241func (c *ProjectsServiceAccountsKeysGetCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsKeysGetCall { 10242 c.ifNoneMatch_ = entityTag 10243 return c 10244} 10245 10246// Context sets the context to be used in this call's Do method. Any 10247// pending HTTP request will be aborted if the provided context is 10248// canceled. 10249func (c *ProjectsServiceAccountsKeysGetCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysGetCall { 10250 c.ctx_ = ctx 10251 return c 10252} 10253 10254// Header returns an http.Header that can be modified by the caller to 10255// add HTTP headers to the request. 10256func (c *ProjectsServiceAccountsKeysGetCall) Header() http.Header { 10257 if c.header_ == nil { 10258 c.header_ = make(http.Header) 10259 } 10260 return c.header_ 10261} 10262 10263func (c *ProjectsServiceAccountsKeysGetCall) doRequest(alt string) (*http.Response, error) { 10264 reqHeaders := make(http.Header) 10265 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 10266 for k, v := range c.header_ { 10267 reqHeaders[k] = v 10268 } 10269 reqHeaders.Set("User-Agent", c.s.userAgent()) 10270 if c.ifNoneMatch_ != "" { 10271 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 10272 } 10273 var body io.Reader = nil 10274 c.urlParams_.Set("alt", alt) 10275 c.urlParams_.Set("prettyPrint", "false") 10276 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 10277 urls += "?" + c.urlParams_.Encode() 10278 req, err := http.NewRequest("GET", urls, body) 10279 if err != nil { 10280 return nil, err 10281 } 10282 req.Header = reqHeaders 10283 googleapi.Expand(req.URL, map[string]string{ 10284 "name": c.name, 10285 }) 10286 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10287} 10288 10289// Do executes the "iam.projects.serviceAccounts.keys.get" call. 10290// Exactly one of *ServiceAccountKey or error will be non-nil. Any 10291// non-2xx status code is an error. Response headers are in either 10292// *ServiceAccountKey.ServerResponse.Header or (if a response was 10293// returned at all) in error.(*googleapi.Error).Header. Use 10294// googleapi.IsNotModified to check whether the returned error was 10295// because http.StatusNotModified was returned. 10296func (c *ProjectsServiceAccountsKeysGetCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 10297 gensupport.SetOptions(c.urlParams_, opts...) 10298 res, err := c.doRequest("json") 10299 if res != nil && res.StatusCode == http.StatusNotModified { 10300 if res.Body != nil { 10301 res.Body.Close() 10302 } 10303 return nil, &googleapi.Error{ 10304 Code: res.StatusCode, 10305 Header: res.Header, 10306 } 10307 } 10308 if err != nil { 10309 return nil, err 10310 } 10311 defer googleapi.CloseBody(res) 10312 if err := googleapi.CheckResponse(res); err != nil { 10313 return nil, err 10314 } 10315 ret := &ServiceAccountKey{ 10316 ServerResponse: googleapi.ServerResponse{ 10317 Header: res.Header, 10318 HTTPStatusCode: res.StatusCode, 10319 }, 10320 } 10321 target := &ret 10322 if err := gensupport.DecodeResponse(target, res); err != nil { 10323 return nil, err 10324 } 10325 return ret, nil 10326 // { 10327 // "description": "Gets a ServiceAccountKey.", 10328 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}", 10329 // "httpMethod": "GET", 10330 // "id": "iam.projects.serviceAccounts.keys.get", 10331 // "parameterOrder": [ 10332 // "name" 10333 // ], 10334 // "parameters": { 10335 // "name": { 10336 // "description": "Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 10337 // "location": "path", 10338 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$", 10339 // "required": true, 10340 // "type": "string" 10341 // }, 10342 // "publicKeyType": { 10343 // "description": "The output format of the public key requested. X509_PEM is the default output format.", 10344 // "enum": [ 10345 // "TYPE_NONE", 10346 // "TYPE_X509_PEM_FILE", 10347 // "TYPE_RAW_PUBLIC_KEY" 10348 // ], 10349 // "enumDescriptions": [ 10350 // "Unspecified. Returns nothing here.", 10351 // "X509 PEM format.", 10352 // "Raw public key." 10353 // ], 10354 // "location": "query", 10355 // "type": "string" 10356 // } 10357 // }, 10358 // "path": "v1/{+name}", 10359 // "response": { 10360 // "$ref": "ServiceAccountKey" 10361 // }, 10362 // "scopes": [ 10363 // "https://www.googleapis.com/auth/cloud-platform" 10364 // ] 10365 // } 10366 10367} 10368 10369// method id "iam.projects.serviceAccounts.keys.list": 10370 10371type ProjectsServiceAccountsKeysListCall struct { 10372 s *Service 10373 name string 10374 urlParams_ gensupport.URLParams 10375 ifNoneMatch_ string 10376 ctx_ context.Context 10377 header_ http.Header 10378} 10379 10380// List: Lists every ServiceAccountKey for a service account. 10381// 10382// - name: The resource name of the service account in the following 10383// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 10384// `-` as a wildcard for the `PROJECT_ID`, will infer the project from 10385// the account. The `ACCOUNT` value can be the `email` address or the 10386// `unique_id` of the service account. 10387func (r *ProjectsServiceAccountsKeysService) List(name string) *ProjectsServiceAccountsKeysListCall { 10388 c := &ProjectsServiceAccountsKeysListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10389 c.name = name 10390 return c 10391} 10392 10393// KeyTypes sets the optional parameter "keyTypes": Filters the types of 10394// keys the user wants to include in the list response. Duplicate key 10395// types are not allowed. If no key type is provided, all keys are 10396// returned. 10397// 10398// Possible values: 10399// "KEY_TYPE_UNSPECIFIED" - Unspecified key type. The presence of this 10400// in the message will immediately result in an error. 10401// "USER_MANAGED" - User-managed keys (managed and rotated by the 10402// user). 10403// "SYSTEM_MANAGED" - System-managed keys (managed and rotated by 10404// Google). 10405func (c *ProjectsServiceAccountsKeysListCall) KeyTypes(keyTypes ...string) *ProjectsServiceAccountsKeysListCall { 10406 c.urlParams_.SetMulti("keyTypes", append([]string{}, keyTypes...)) 10407 return c 10408} 10409 10410// Fields allows partial responses to be retrieved. See 10411// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10412// for more information. 10413func (c *ProjectsServiceAccountsKeysListCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysListCall { 10414 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10415 return c 10416} 10417 10418// IfNoneMatch sets the optional parameter which makes the operation 10419// fail if the object's ETag matches the given value. This is useful for 10420// getting updates only after the object has changed since the last 10421// request. Use googleapi.IsNotModified to check whether the response 10422// error from Do is the result of In-None-Match. 10423func (c *ProjectsServiceAccountsKeysListCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsKeysListCall { 10424 c.ifNoneMatch_ = entityTag 10425 return c 10426} 10427 10428// Context sets the context to be used in this call's Do method. Any 10429// pending HTTP request will be aborted if the provided context is 10430// canceled. 10431func (c *ProjectsServiceAccountsKeysListCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysListCall { 10432 c.ctx_ = ctx 10433 return c 10434} 10435 10436// Header returns an http.Header that can be modified by the caller to 10437// add HTTP headers to the request. 10438func (c *ProjectsServiceAccountsKeysListCall) Header() http.Header { 10439 if c.header_ == nil { 10440 c.header_ = make(http.Header) 10441 } 10442 return c.header_ 10443} 10444 10445func (c *ProjectsServiceAccountsKeysListCall) doRequest(alt string) (*http.Response, error) { 10446 reqHeaders := make(http.Header) 10447 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 10448 for k, v := range c.header_ { 10449 reqHeaders[k] = v 10450 } 10451 reqHeaders.Set("User-Agent", c.s.userAgent()) 10452 if c.ifNoneMatch_ != "" { 10453 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 10454 } 10455 var body io.Reader = nil 10456 c.urlParams_.Set("alt", alt) 10457 c.urlParams_.Set("prettyPrint", "false") 10458 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys") 10459 urls += "?" + c.urlParams_.Encode() 10460 req, err := http.NewRequest("GET", urls, body) 10461 if err != nil { 10462 return nil, err 10463 } 10464 req.Header = reqHeaders 10465 googleapi.Expand(req.URL, map[string]string{ 10466 "name": c.name, 10467 }) 10468 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10469} 10470 10471// Do executes the "iam.projects.serviceAccounts.keys.list" call. 10472// Exactly one of *ListServiceAccountKeysResponse or error will be 10473// non-nil. Any non-2xx status code is an error. Response headers are in 10474// either *ListServiceAccountKeysResponse.ServerResponse.Header or (if a 10475// response was returned at all) in error.(*googleapi.Error).Header. Use 10476// googleapi.IsNotModified to check whether the returned error was 10477// because http.StatusNotModified was returned. 10478func (c *ProjectsServiceAccountsKeysListCall) Do(opts ...googleapi.CallOption) (*ListServiceAccountKeysResponse, error) { 10479 gensupport.SetOptions(c.urlParams_, opts...) 10480 res, err := c.doRequest("json") 10481 if res != nil && res.StatusCode == http.StatusNotModified { 10482 if res.Body != nil { 10483 res.Body.Close() 10484 } 10485 return nil, &googleapi.Error{ 10486 Code: res.StatusCode, 10487 Header: res.Header, 10488 } 10489 } 10490 if err != nil { 10491 return nil, err 10492 } 10493 defer googleapi.CloseBody(res) 10494 if err := googleapi.CheckResponse(res); err != nil { 10495 return nil, err 10496 } 10497 ret := &ListServiceAccountKeysResponse{ 10498 ServerResponse: googleapi.ServerResponse{ 10499 Header: res.Header, 10500 HTTPStatusCode: res.StatusCode, 10501 }, 10502 } 10503 target := &ret 10504 if err := gensupport.DecodeResponse(target, res); err != nil { 10505 return nil, err 10506 } 10507 return ret, nil 10508 // { 10509 // "description": "Lists every ServiceAccountKey for a service account.", 10510 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys", 10511 // "httpMethod": "GET", 10512 // "id": "iam.projects.serviceAccounts.keys.list", 10513 // "parameterOrder": [ 10514 // "name" 10515 // ], 10516 // "parameters": { 10517 // "keyTypes": { 10518 // "description": "Filters the types of keys the user wants to include in the list response. Duplicate key types are not allowed. If no key type is provided, all keys are returned.", 10519 // "enum": [ 10520 // "KEY_TYPE_UNSPECIFIED", 10521 // "USER_MANAGED", 10522 // "SYSTEM_MANAGED" 10523 // ], 10524 // "enumDescriptions": [ 10525 // "Unspecified key type. The presence of this in the message will immediately result in an error.", 10526 // "User-managed keys (managed and rotated by the user).", 10527 // "System-managed keys (managed and rotated by Google)." 10528 // ], 10529 // "location": "query", 10530 // "repeated": true, 10531 // "type": "string" 10532 // }, 10533 // "name": { 10534 // "description": "Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID`, will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 10535 // "location": "path", 10536 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 10537 // "required": true, 10538 // "type": "string" 10539 // } 10540 // }, 10541 // "path": "v1/{+name}/keys", 10542 // "response": { 10543 // "$ref": "ListServiceAccountKeysResponse" 10544 // }, 10545 // "scopes": [ 10546 // "https://www.googleapis.com/auth/cloud-platform" 10547 // ] 10548 // } 10549 10550} 10551 10552// method id "iam.projects.serviceAccounts.keys.upload": 10553 10554type ProjectsServiceAccountsKeysUploadCall struct { 10555 s *Service 10556 name string 10557 uploadserviceaccountkeyrequest *UploadServiceAccountKeyRequest 10558 urlParams_ gensupport.URLParams 10559 ctx_ context.Context 10560 header_ http.Header 10561} 10562 10563// Upload: Creates a ServiceAccountKey, using a public key that you 10564// provide. 10565// 10566// - name: The resource name of the service account in the following 10567// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 10568// `-` as a wildcard for the `PROJECT_ID` will infer the project from 10569// the account. The `ACCOUNT` value can be the `email` address or the 10570// `unique_id` of the service account. 10571func (r *ProjectsServiceAccountsKeysService) Upload(name string, uploadserviceaccountkeyrequest *UploadServiceAccountKeyRequest) *ProjectsServiceAccountsKeysUploadCall { 10572 c := &ProjectsServiceAccountsKeysUploadCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10573 c.name = name 10574 c.uploadserviceaccountkeyrequest = uploadserviceaccountkeyrequest 10575 return c 10576} 10577 10578// Fields allows partial responses to be retrieved. See 10579// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10580// for more information. 10581func (c *ProjectsServiceAccountsKeysUploadCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysUploadCall { 10582 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10583 return c 10584} 10585 10586// Context sets the context to be used in this call's Do method. Any 10587// pending HTTP request will be aborted if the provided context is 10588// canceled. 10589func (c *ProjectsServiceAccountsKeysUploadCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysUploadCall { 10590 c.ctx_ = ctx 10591 return c 10592} 10593 10594// Header returns an http.Header that can be modified by the caller to 10595// add HTTP headers to the request. 10596func (c *ProjectsServiceAccountsKeysUploadCall) Header() http.Header { 10597 if c.header_ == nil { 10598 c.header_ = make(http.Header) 10599 } 10600 return c.header_ 10601} 10602 10603func (c *ProjectsServiceAccountsKeysUploadCall) doRequest(alt string) (*http.Response, error) { 10604 reqHeaders := make(http.Header) 10605 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 10606 for k, v := range c.header_ { 10607 reqHeaders[k] = v 10608 } 10609 reqHeaders.Set("User-Agent", c.s.userAgent()) 10610 var body io.Reader = nil 10611 body, err := googleapi.WithoutDataWrapper.JSONReader(c.uploadserviceaccountkeyrequest) 10612 if err != nil { 10613 return nil, err 10614 } 10615 reqHeaders.Set("Content-Type", "application/json") 10616 c.urlParams_.Set("alt", alt) 10617 c.urlParams_.Set("prettyPrint", "false") 10618 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys:upload") 10619 urls += "?" + c.urlParams_.Encode() 10620 req, err := http.NewRequest("POST", urls, body) 10621 if err != nil { 10622 return nil, err 10623 } 10624 req.Header = reqHeaders 10625 googleapi.Expand(req.URL, map[string]string{ 10626 "name": c.name, 10627 }) 10628 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10629} 10630 10631// Do executes the "iam.projects.serviceAccounts.keys.upload" call. 10632// Exactly one of *ServiceAccountKey or error will be non-nil. Any 10633// non-2xx status code is an error. Response headers are in either 10634// *ServiceAccountKey.ServerResponse.Header or (if a response was 10635// returned at all) in error.(*googleapi.Error).Header. Use 10636// googleapi.IsNotModified to check whether the returned error was 10637// because http.StatusNotModified was returned. 10638func (c *ProjectsServiceAccountsKeysUploadCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 10639 gensupport.SetOptions(c.urlParams_, opts...) 10640 res, err := c.doRequest("json") 10641 if res != nil && res.StatusCode == http.StatusNotModified { 10642 if res.Body != nil { 10643 res.Body.Close() 10644 } 10645 return nil, &googleapi.Error{ 10646 Code: res.StatusCode, 10647 Header: res.Header, 10648 } 10649 } 10650 if err != nil { 10651 return nil, err 10652 } 10653 defer googleapi.CloseBody(res) 10654 if err := googleapi.CheckResponse(res); err != nil { 10655 return nil, err 10656 } 10657 ret := &ServiceAccountKey{ 10658 ServerResponse: googleapi.ServerResponse{ 10659 Header: res.Header, 10660 HTTPStatusCode: res.StatusCode, 10661 }, 10662 } 10663 target := &ret 10664 if err := gensupport.DecodeResponse(target, res); err != nil { 10665 return nil, err 10666 } 10667 return ret, nil 10668 // { 10669 // "description": "Creates a ServiceAccountKey, using a public key that you provide.", 10670 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys:upload", 10671 // "httpMethod": "POST", 10672 // "id": "iam.projects.serviceAccounts.keys.upload", 10673 // "parameterOrder": [ 10674 // "name" 10675 // ], 10676 // "parameters": { 10677 // "name": { 10678 // "description": "The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 10679 // "location": "path", 10680 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 10681 // "required": true, 10682 // "type": "string" 10683 // } 10684 // }, 10685 // "path": "v1/{+name}/keys:upload", 10686 // "request": { 10687 // "$ref": "UploadServiceAccountKeyRequest" 10688 // }, 10689 // "response": { 10690 // "$ref": "ServiceAccountKey" 10691 // }, 10692 // "scopes": [ 10693 // "https://www.googleapis.com/auth/cloud-platform" 10694 // ] 10695 // } 10696 10697} 10698 10699// method id "iam.roles.get": 10700 10701type RolesGetCall struct { 10702 s *Service 10703 name string 10704 urlParams_ gensupport.URLParams 10705 ifNoneMatch_ string 10706 ctx_ context.Context 10707 header_ http.Header 10708} 10709 10710// Get: Gets the definition of a Role. 10711// 10712// - name: The `name` parameter's value depends on the target resource 10713// for the request, namely `roles` (/iam/reference/rest/v1/roles), 10714// `projects` (/iam/reference/rest/v1/projects.roles), or 10715// `organizations` (/iam/reference/rest/v1/organizations.roles). Each 10716// resource type's `name` value format is described below: * 10717// `roles.get()` (/iam/reference/rest/v1/roles/get): 10718// `roles/{ROLE_NAME}`. This method returns results from all 10719// predefined roles (/iam/docs/understanding-roles#predefined_roles) 10720// in Cloud IAM. Example request URL: 10721// `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * 10722// `projects.roles.get()` (/iam/reference/rest/v1/projects.roles/get): 10723// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns 10724// only custom roles (/iam/docs/understanding-custom-roles) that have 10725// been created at the project level. Example request URL: 10726// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 10727// OLE_ID}` * `organizations.roles.get()` 10728// (/iam/reference/rest/v1/organizations.roles/get): 10729// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 10730// method returns only custom roles 10731// (/iam/docs/understanding-custom-roles) that have been created at 10732// the organization level. Example request URL: 10733// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 10734// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 10735// specify a complete project ID or organization ID. 10736func (r *RolesService) Get(name string) *RolesGetCall { 10737 c := &RolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10738 c.name = name 10739 return c 10740} 10741 10742// Fields allows partial responses to be retrieved. See 10743// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10744// for more information. 10745func (c *RolesGetCall) Fields(s ...googleapi.Field) *RolesGetCall { 10746 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10747 return c 10748} 10749 10750// IfNoneMatch sets the optional parameter which makes the operation 10751// fail if the object's ETag matches the given value. This is useful for 10752// getting updates only after the object has changed since the last 10753// request. Use googleapi.IsNotModified to check whether the response 10754// error from Do is the result of In-None-Match. 10755func (c *RolesGetCall) IfNoneMatch(entityTag string) *RolesGetCall { 10756 c.ifNoneMatch_ = entityTag 10757 return c 10758} 10759 10760// Context sets the context to be used in this call's Do method. Any 10761// pending HTTP request will be aborted if the provided context is 10762// canceled. 10763func (c *RolesGetCall) Context(ctx context.Context) *RolesGetCall { 10764 c.ctx_ = ctx 10765 return c 10766} 10767 10768// Header returns an http.Header that can be modified by the caller to 10769// add HTTP headers to the request. 10770func (c *RolesGetCall) Header() http.Header { 10771 if c.header_ == nil { 10772 c.header_ = make(http.Header) 10773 } 10774 return c.header_ 10775} 10776 10777func (c *RolesGetCall) doRequest(alt string) (*http.Response, error) { 10778 reqHeaders := make(http.Header) 10779 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 10780 for k, v := range c.header_ { 10781 reqHeaders[k] = v 10782 } 10783 reqHeaders.Set("User-Agent", c.s.userAgent()) 10784 if c.ifNoneMatch_ != "" { 10785 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 10786 } 10787 var body io.Reader = nil 10788 c.urlParams_.Set("alt", alt) 10789 c.urlParams_.Set("prettyPrint", "false") 10790 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 10791 urls += "?" + c.urlParams_.Encode() 10792 req, err := http.NewRequest("GET", urls, body) 10793 if err != nil { 10794 return nil, err 10795 } 10796 req.Header = reqHeaders 10797 googleapi.Expand(req.URL, map[string]string{ 10798 "name": c.name, 10799 }) 10800 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10801} 10802 10803// Do executes the "iam.roles.get" call. 10804// Exactly one of *Role or error will be non-nil. Any non-2xx status 10805// code is an error. Response headers are in either 10806// *Role.ServerResponse.Header or (if a response was returned at all) in 10807// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 10808// whether the returned error was because http.StatusNotModified was 10809// returned. 10810func (c *RolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 10811 gensupport.SetOptions(c.urlParams_, opts...) 10812 res, err := c.doRequest("json") 10813 if res != nil && res.StatusCode == http.StatusNotModified { 10814 if res.Body != nil { 10815 res.Body.Close() 10816 } 10817 return nil, &googleapi.Error{ 10818 Code: res.StatusCode, 10819 Header: res.Header, 10820 } 10821 } 10822 if err != nil { 10823 return nil, err 10824 } 10825 defer googleapi.CloseBody(res) 10826 if err := googleapi.CheckResponse(res); err != nil { 10827 return nil, err 10828 } 10829 ret := &Role{ 10830 ServerResponse: googleapi.ServerResponse{ 10831 Header: res.Header, 10832 HTTPStatusCode: res.StatusCode, 10833 }, 10834 } 10835 target := &ret 10836 if err := gensupport.DecodeResponse(target, res); err != nil { 10837 return nil, err 10838 } 10839 return ret, nil 10840 // { 10841 // "description": "Gets the definition of a Role.", 10842 // "flatPath": "v1/roles/{rolesId}", 10843 // "httpMethod": "GET", 10844 // "id": "iam.roles.get", 10845 // "parameterOrder": [ 10846 // "name" 10847 // ], 10848 // "parameters": { 10849 // "name": { 10850 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`. This method returns results from all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 10851 // "location": "path", 10852 // "pattern": "^roles/[^/]+$", 10853 // "required": true, 10854 // "type": "string" 10855 // } 10856 // }, 10857 // "path": "v1/{+name}", 10858 // "response": { 10859 // "$ref": "Role" 10860 // }, 10861 // "scopes": [ 10862 // "https://www.googleapis.com/auth/cloud-platform" 10863 // ] 10864 // } 10865 10866} 10867 10868// method id "iam.roles.list": 10869 10870type RolesListCall struct { 10871 s *Service 10872 urlParams_ gensupport.URLParams 10873 ifNoneMatch_ string 10874 ctx_ context.Context 10875 header_ http.Header 10876} 10877 10878// List: Lists every predefined Role that IAM supports, or every custom 10879// role that is defined for an organization or project. 10880func (r *RolesService) List() *RolesListCall { 10881 c := &RolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10882 return c 10883} 10884 10885// PageSize sets the optional parameter "pageSize": Optional limit on 10886// the number of roles to include in the response. The default is 300, 10887// and the maximum is 1,000. 10888func (c *RolesListCall) PageSize(pageSize int64) *RolesListCall { 10889 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 10890 return c 10891} 10892 10893// PageToken sets the optional parameter "pageToken": Optional 10894// pagination token returned in an earlier ListRolesResponse. 10895func (c *RolesListCall) PageToken(pageToken string) *RolesListCall { 10896 c.urlParams_.Set("pageToken", pageToken) 10897 return c 10898} 10899 10900// Parent sets the optional parameter "parent": The `parent` parameter's 10901// value depends on the target resource for the request, namely `roles` 10902// (/iam/reference/rest/v1/roles), `projects` 10903// (/iam/reference/rest/v1/projects.roles), or `organizations` 10904// (/iam/reference/rest/v1/organizations.roles). Each resource type's 10905// `parent` value format is described below: * `roles.list()` 10906// (/iam/reference/rest/v1/roles/list): An empty string. This method 10907// doesn't require a resource; it simply returns all predefined roles 10908// (/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. 10909// Example request URL: `https://iam.googleapis.com/v1/roles` * 10910// `projects.roles.list()` (/iam/reference/rest/v1/projects.roles/list): 10911// `projects/{PROJECT_ID}`. This method lists all project-level custom 10912// roles (/iam/docs/understanding-custom-roles). Example request URL: 10913// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 10914// `organizations.roles.list()` 10915// (/iam/reference/rest/v1/organizations.roles/list): 10916// `organizations/{ORGANIZATION_ID}`. This method lists all 10917// organization-level custom roles 10918// (/iam/docs/understanding-custom-roles). Example request URL: 10919// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` 10920// Note: Wildcard (*) values are invalid; you must specify a complete 10921// project ID or organization ID. 10922func (c *RolesListCall) Parent(parent string) *RolesListCall { 10923 c.urlParams_.Set("parent", parent) 10924 return c 10925} 10926 10927// ShowDeleted sets the optional parameter "showDeleted": Include Roles 10928// that have been deleted. 10929func (c *RolesListCall) ShowDeleted(showDeleted bool) *RolesListCall { 10930 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 10931 return c 10932} 10933 10934// View sets the optional parameter "view": Optional view for the 10935// returned Role objects. When `FULL` is specified, the 10936// `includedPermissions` field is returned, which includes a list of all 10937// permissions in the role. The default value is `BASIC`, which does not 10938// return the `includedPermissions` field. 10939// 10940// Possible values: 10941// "BASIC" - Omits the `included_permissions` field. This is the 10942// default value. 10943// "FULL" - Returns all fields. 10944func (c *RolesListCall) View(view string) *RolesListCall { 10945 c.urlParams_.Set("view", view) 10946 return c 10947} 10948 10949// Fields allows partial responses to be retrieved. See 10950// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10951// for more information. 10952func (c *RolesListCall) Fields(s ...googleapi.Field) *RolesListCall { 10953 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10954 return c 10955} 10956 10957// IfNoneMatch sets the optional parameter which makes the operation 10958// fail if the object's ETag matches the given value. This is useful for 10959// getting updates only after the object has changed since the last 10960// request. Use googleapi.IsNotModified to check whether the response 10961// error from Do is the result of In-None-Match. 10962func (c *RolesListCall) IfNoneMatch(entityTag string) *RolesListCall { 10963 c.ifNoneMatch_ = entityTag 10964 return c 10965} 10966 10967// Context sets the context to be used in this call's Do method. Any 10968// pending HTTP request will be aborted if the provided context is 10969// canceled. 10970func (c *RolesListCall) Context(ctx context.Context) *RolesListCall { 10971 c.ctx_ = ctx 10972 return c 10973} 10974 10975// Header returns an http.Header that can be modified by the caller to 10976// add HTTP headers to the request. 10977func (c *RolesListCall) Header() http.Header { 10978 if c.header_ == nil { 10979 c.header_ = make(http.Header) 10980 } 10981 return c.header_ 10982} 10983 10984func (c *RolesListCall) doRequest(alt string) (*http.Response, error) { 10985 reqHeaders := make(http.Header) 10986 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 10987 for k, v := range c.header_ { 10988 reqHeaders[k] = v 10989 } 10990 reqHeaders.Set("User-Agent", c.s.userAgent()) 10991 if c.ifNoneMatch_ != "" { 10992 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 10993 } 10994 var body io.Reader = nil 10995 c.urlParams_.Set("alt", alt) 10996 c.urlParams_.Set("prettyPrint", "false") 10997 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/roles") 10998 urls += "?" + c.urlParams_.Encode() 10999 req, err := http.NewRequest("GET", urls, body) 11000 if err != nil { 11001 return nil, err 11002 } 11003 req.Header = reqHeaders 11004 return gensupport.SendRequest(c.ctx_, c.s.client, req) 11005} 11006 11007// Do executes the "iam.roles.list" call. 11008// Exactly one of *ListRolesResponse or error will be non-nil. Any 11009// non-2xx status code is an error. Response headers are in either 11010// *ListRolesResponse.ServerResponse.Header or (if a response was 11011// returned at all) in error.(*googleapi.Error).Header. Use 11012// googleapi.IsNotModified to check whether the returned error was 11013// because http.StatusNotModified was returned. 11014func (c *RolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 11015 gensupport.SetOptions(c.urlParams_, opts...) 11016 res, err := c.doRequest("json") 11017 if res != nil && res.StatusCode == http.StatusNotModified { 11018 if res.Body != nil { 11019 res.Body.Close() 11020 } 11021 return nil, &googleapi.Error{ 11022 Code: res.StatusCode, 11023 Header: res.Header, 11024 } 11025 } 11026 if err != nil { 11027 return nil, err 11028 } 11029 defer googleapi.CloseBody(res) 11030 if err := googleapi.CheckResponse(res); err != nil { 11031 return nil, err 11032 } 11033 ret := &ListRolesResponse{ 11034 ServerResponse: googleapi.ServerResponse{ 11035 Header: res.Header, 11036 HTTPStatusCode: res.StatusCode, 11037 }, 11038 } 11039 target := &ret 11040 if err := gensupport.DecodeResponse(target, res); err != nil { 11041 return nil, err 11042 } 11043 return ret, nil 11044 // { 11045 // "description": "Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.", 11046 // "flatPath": "v1/roles", 11047 // "httpMethod": "GET", 11048 // "id": "iam.roles.list", 11049 // "parameterOrder": [], 11050 // "parameters": { 11051 // "pageSize": { 11052 // "description": "Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000.", 11053 // "format": "int32", 11054 // "location": "query", 11055 // "type": "integer" 11056 // }, 11057 // "pageToken": { 11058 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 11059 // "location": "query", 11060 // "type": "string" 11061 // }, 11062 // "parent": { 11063 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string. This method doesn't require a resource; it simply returns all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles` * [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list): `projects/{PROJECT_ID}`. This method lists all project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list): `organizations/{ORGANIZATION_ID}`. This method lists all organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 11064 // "location": "query", 11065 // "type": "string" 11066 // }, 11067 // "showDeleted": { 11068 // "description": "Include Roles that have been deleted.", 11069 // "location": "query", 11070 // "type": "boolean" 11071 // }, 11072 // "view": { 11073 // "description": "Optional view for the returned Role objects. When `FULL` is specified, the `includedPermissions` field is returned, which includes a list of all permissions in the role. The default value is `BASIC`, which does not return the `includedPermissions` field.", 11074 // "enum": [ 11075 // "BASIC", 11076 // "FULL" 11077 // ], 11078 // "enumDescriptions": [ 11079 // "Omits the `included_permissions` field. This is the default value.", 11080 // "Returns all fields." 11081 // ], 11082 // "location": "query", 11083 // "type": "string" 11084 // } 11085 // }, 11086 // "path": "v1/roles", 11087 // "response": { 11088 // "$ref": "ListRolesResponse" 11089 // }, 11090 // "scopes": [ 11091 // "https://www.googleapis.com/auth/cloud-platform" 11092 // ] 11093 // } 11094 11095} 11096 11097// Pages invokes f for each page of results. 11098// A non-nil error returned from f will halt the iteration. 11099// The provided context supersedes any context provided to the Context method. 11100func (c *RolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 11101 c.ctx_ = ctx 11102 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 11103 for { 11104 x, err := c.Do() 11105 if err != nil { 11106 return err 11107 } 11108 if err := f(x); err != nil { 11109 return err 11110 } 11111 if x.NextPageToken == "" { 11112 return nil 11113 } 11114 c.PageToken(x.NextPageToken) 11115 } 11116} 11117 11118// method id "iam.roles.queryGrantableRoles": 11119 11120type RolesQueryGrantableRolesCall struct { 11121 s *Service 11122 querygrantablerolesrequest *QueryGrantableRolesRequest 11123 urlParams_ gensupport.URLParams 11124 ctx_ context.Context 11125 header_ http.Header 11126} 11127 11128// QueryGrantableRoles: Lists roles that can be granted on a Google 11129// Cloud resource. A role is grantable if the IAM policy for the 11130// resource can contain bindings to the role. 11131func (r *RolesService) QueryGrantableRoles(querygrantablerolesrequest *QueryGrantableRolesRequest) *RolesQueryGrantableRolesCall { 11132 c := &RolesQueryGrantableRolesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 11133 c.querygrantablerolesrequest = querygrantablerolesrequest 11134 return c 11135} 11136 11137// Fields allows partial responses to be retrieved. See 11138// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 11139// for more information. 11140func (c *RolesQueryGrantableRolesCall) Fields(s ...googleapi.Field) *RolesQueryGrantableRolesCall { 11141 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 11142 return c 11143} 11144 11145// Context sets the context to be used in this call's Do method. Any 11146// pending HTTP request will be aborted if the provided context is 11147// canceled. 11148func (c *RolesQueryGrantableRolesCall) Context(ctx context.Context) *RolesQueryGrantableRolesCall { 11149 c.ctx_ = ctx 11150 return c 11151} 11152 11153// Header returns an http.Header that can be modified by the caller to 11154// add HTTP headers to the request. 11155func (c *RolesQueryGrantableRolesCall) Header() http.Header { 11156 if c.header_ == nil { 11157 c.header_ = make(http.Header) 11158 } 11159 return c.header_ 11160} 11161 11162func (c *RolesQueryGrantableRolesCall) doRequest(alt string) (*http.Response, error) { 11163 reqHeaders := make(http.Header) 11164 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 11165 for k, v := range c.header_ { 11166 reqHeaders[k] = v 11167 } 11168 reqHeaders.Set("User-Agent", c.s.userAgent()) 11169 var body io.Reader = nil 11170 body, err := googleapi.WithoutDataWrapper.JSONReader(c.querygrantablerolesrequest) 11171 if err != nil { 11172 return nil, err 11173 } 11174 reqHeaders.Set("Content-Type", "application/json") 11175 c.urlParams_.Set("alt", alt) 11176 c.urlParams_.Set("prettyPrint", "false") 11177 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/roles:queryGrantableRoles") 11178 urls += "?" + c.urlParams_.Encode() 11179 req, err := http.NewRequest("POST", urls, body) 11180 if err != nil { 11181 return nil, err 11182 } 11183 req.Header = reqHeaders 11184 return gensupport.SendRequest(c.ctx_, c.s.client, req) 11185} 11186 11187// Do executes the "iam.roles.queryGrantableRoles" call. 11188// Exactly one of *QueryGrantableRolesResponse or error will be non-nil. 11189// Any non-2xx status code is an error. Response headers are in either 11190// *QueryGrantableRolesResponse.ServerResponse.Header or (if a response 11191// was returned at all) in error.(*googleapi.Error).Header. Use 11192// googleapi.IsNotModified to check whether the returned error was 11193// because http.StatusNotModified was returned. 11194func (c *RolesQueryGrantableRolesCall) Do(opts ...googleapi.CallOption) (*QueryGrantableRolesResponse, error) { 11195 gensupport.SetOptions(c.urlParams_, opts...) 11196 res, err := c.doRequest("json") 11197 if res != nil && res.StatusCode == http.StatusNotModified { 11198 if res.Body != nil { 11199 res.Body.Close() 11200 } 11201 return nil, &googleapi.Error{ 11202 Code: res.StatusCode, 11203 Header: res.Header, 11204 } 11205 } 11206 if err != nil { 11207 return nil, err 11208 } 11209 defer googleapi.CloseBody(res) 11210 if err := googleapi.CheckResponse(res); err != nil { 11211 return nil, err 11212 } 11213 ret := &QueryGrantableRolesResponse{ 11214 ServerResponse: googleapi.ServerResponse{ 11215 Header: res.Header, 11216 HTTPStatusCode: res.StatusCode, 11217 }, 11218 } 11219 target := &ret 11220 if err := gensupport.DecodeResponse(target, res); err != nil { 11221 return nil, err 11222 } 11223 return ret, nil 11224 // { 11225 // "description": "Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role.", 11226 // "flatPath": "v1/roles:queryGrantableRoles", 11227 // "httpMethod": "POST", 11228 // "id": "iam.roles.queryGrantableRoles", 11229 // "parameterOrder": [], 11230 // "parameters": {}, 11231 // "path": "v1/roles:queryGrantableRoles", 11232 // "request": { 11233 // "$ref": "QueryGrantableRolesRequest" 11234 // }, 11235 // "response": { 11236 // "$ref": "QueryGrantableRolesResponse" 11237 // }, 11238 // "scopes": [ 11239 // "https://www.googleapis.com/auth/cloud-platform" 11240 // ] 11241 // } 11242 11243} 11244 11245// Pages invokes f for each page of results. 11246// A non-nil error returned from f will halt the iteration. 11247// The provided context supersedes any context provided to the Context method. 11248func (c *RolesQueryGrantableRolesCall) Pages(ctx context.Context, f func(*QueryGrantableRolesResponse) error) error { 11249 c.ctx_ = ctx 11250 defer func(pt string) { c.querygrantablerolesrequest.PageToken = pt }(c.querygrantablerolesrequest.PageToken) // reset paging to original point 11251 for { 11252 x, err := c.Do() 11253 if err != nil { 11254 return err 11255 } 11256 if err := f(x); err != nil { 11257 return err 11258 } 11259 if x.NextPageToken == "" { 11260 return nil 11261 } 11262 c.querygrantablerolesrequest.PageToken = x.NextPageToken 11263 } 11264} 11265