1// Copyright 2021 Google LLC. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5// Code generated file. DO NOT EDIT. 6 7// Package iam provides access to the Identity and Access Management (IAM) API. 8// 9// For product documentation, see: https://cloud.google.com/iam/ 10// 11// Creating a client 12// 13// Usage example: 14// 15// import "google.golang.org/api/iam/v1" 16// ... 17// ctx := context.Background() 18// iamService, err := iam.NewService(ctx) 19// 20// In this example, Google Application Default Credentials are used for authentication. 21// 22// For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials. 23// 24// Other authentication options 25// 26// To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey: 27// 28// iamService, err := iam.NewService(ctx, option.WithAPIKey("AIza...")) 29// 30// To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource: 31// 32// config := &oauth2.Config{...} 33// // ... 34// token, err := config.Exchange(ctx, ...) 35// iamService, err := iam.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token))) 36// 37// See https://godoc.org/google.golang.org/api/option/ for details on options. 38package iam // import "google.golang.org/api/iam/v1" 39 40import ( 41 "bytes" 42 "context" 43 "encoding/json" 44 "errors" 45 "fmt" 46 "io" 47 "net/http" 48 "net/url" 49 "strconv" 50 "strings" 51 52 googleapi "google.golang.org/api/googleapi" 53 gensupport "google.golang.org/api/internal/gensupport" 54 option "google.golang.org/api/option" 55 internaloption "google.golang.org/api/option/internaloption" 56 htransport "google.golang.org/api/transport/http" 57) 58 59// Always reference these packages, just in case the auto-generated code 60// below doesn't. 61var _ = bytes.NewBuffer 62var _ = strconv.Itoa 63var _ = fmt.Sprintf 64var _ = json.NewDecoder 65var _ = io.Copy 66var _ = url.Parse 67var _ = gensupport.MarshalJSON 68var _ = googleapi.Version 69var _ = errors.New 70var _ = strings.Replace 71var _ = context.Canceled 72var _ = internaloption.WithDefaultEndpoint 73 74const apiId = "iam:v1" 75const apiName = "iam" 76const apiVersion = "v1" 77const basePath = "https://iam.googleapis.com/" 78const mtlsBasePath = "https://iam.mtls.googleapis.com/" 79 80// OAuth2 scopes used by this API. 81const ( 82 // See, edit, configure, and delete your Google Cloud Platform data 83 CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform" 84) 85 86// NewService creates a new Service. 87func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) { 88 scopesOption := option.WithScopes( 89 "https://www.googleapis.com/auth/cloud-platform", 90 ) 91 // NOTE: prepend, so we don't override user-specified scopes. 92 opts = append([]option.ClientOption{scopesOption}, opts...) 93 opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) 94 opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) 95 client, endpoint, err := htransport.NewClient(ctx, opts...) 96 if err != nil { 97 return nil, err 98 } 99 s, err := New(client) 100 if err != nil { 101 return nil, err 102 } 103 if endpoint != "" { 104 s.BasePath = endpoint 105 } 106 return s, nil 107} 108 109// New creates a new Service. It uses the provided http.Client for requests. 110// 111// Deprecated: please use NewService instead. 112// To provide a custom HTTP client, use option.WithHTTPClient. 113// If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead. 114func New(client *http.Client) (*Service, error) { 115 if client == nil { 116 return nil, errors.New("client is nil") 117 } 118 s := &Service{client: client, BasePath: basePath} 119 s.IamPolicies = NewIamPoliciesService(s) 120 s.Organizations = NewOrganizationsService(s) 121 s.Permissions = NewPermissionsService(s) 122 s.Projects = NewProjectsService(s) 123 s.Roles = NewRolesService(s) 124 return s, nil 125} 126 127type Service struct { 128 client *http.Client 129 BasePath string // API endpoint base URL 130 UserAgent string // optional additional User-Agent fragment 131 132 IamPolicies *IamPoliciesService 133 134 Organizations *OrganizationsService 135 136 Permissions *PermissionsService 137 138 Projects *ProjectsService 139 140 Roles *RolesService 141} 142 143func (s *Service) userAgent() string { 144 if s.UserAgent == "" { 145 return googleapi.UserAgent 146 } 147 return googleapi.UserAgent + " " + s.UserAgent 148} 149 150func NewIamPoliciesService(s *Service) *IamPoliciesService { 151 rs := &IamPoliciesService{s: s} 152 return rs 153} 154 155type IamPoliciesService struct { 156 s *Service 157} 158 159func NewOrganizationsService(s *Service) *OrganizationsService { 160 rs := &OrganizationsService{s: s} 161 rs.Roles = NewOrganizationsRolesService(s) 162 return rs 163} 164 165type OrganizationsService struct { 166 s *Service 167 168 Roles *OrganizationsRolesService 169} 170 171func NewOrganizationsRolesService(s *Service) *OrganizationsRolesService { 172 rs := &OrganizationsRolesService{s: s} 173 return rs 174} 175 176type OrganizationsRolesService struct { 177 s *Service 178} 179 180func NewPermissionsService(s *Service) *PermissionsService { 181 rs := &PermissionsService{s: s} 182 return rs 183} 184 185type PermissionsService struct { 186 s *Service 187} 188 189func NewProjectsService(s *Service) *ProjectsService { 190 rs := &ProjectsService{s: s} 191 rs.Locations = NewProjectsLocationsService(s) 192 rs.Roles = NewProjectsRolesService(s) 193 rs.ServiceAccounts = NewProjectsServiceAccountsService(s) 194 return rs 195} 196 197type ProjectsService struct { 198 s *Service 199 200 Locations *ProjectsLocationsService 201 202 Roles *ProjectsRolesService 203 204 ServiceAccounts *ProjectsServiceAccountsService 205} 206 207func NewProjectsLocationsService(s *Service) *ProjectsLocationsService { 208 rs := &ProjectsLocationsService{s: s} 209 rs.WorkloadIdentityPools = NewProjectsLocationsWorkloadIdentityPoolsService(s) 210 return rs 211} 212 213type ProjectsLocationsService struct { 214 s *Service 215 216 WorkloadIdentityPools *ProjectsLocationsWorkloadIdentityPoolsService 217} 218 219func NewProjectsLocationsWorkloadIdentityPoolsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsService { 220 rs := &ProjectsLocationsWorkloadIdentityPoolsService{s: s} 221 rs.Operations = NewProjectsLocationsWorkloadIdentityPoolsOperationsService(s) 222 rs.Providers = NewProjectsLocationsWorkloadIdentityPoolsProvidersService(s) 223 return rs 224} 225 226type ProjectsLocationsWorkloadIdentityPoolsService struct { 227 s *Service 228 229 Operations *ProjectsLocationsWorkloadIdentityPoolsOperationsService 230 231 Providers *ProjectsLocationsWorkloadIdentityPoolsProvidersService 232} 233 234func NewProjectsLocationsWorkloadIdentityPoolsOperationsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsOperationsService { 235 rs := &ProjectsLocationsWorkloadIdentityPoolsOperationsService{s: s} 236 return rs 237} 238 239type ProjectsLocationsWorkloadIdentityPoolsOperationsService struct { 240 s *Service 241} 242 243func NewProjectsLocationsWorkloadIdentityPoolsProvidersService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsProvidersService { 244 rs := &ProjectsLocationsWorkloadIdentityPoolsProvidersService{s: s} 245 rs.Operations = NewProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService(s) 246 return rs 247} 248 249type ProjectsLocationsWorkloadIdentityPoolsProvidersService struct { 250 s *Service 251 252 Operations *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService 253} 254 255func NewProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService { 256 rs := &ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService{s: s} 257 return rs 258} 259 260type ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService struct { 261 s *Service 262} 263 264func NewProjectsRolesService(s *Service) *ProjectsRolesService { 265 rs := &ProjectsRolesService{s: s} 266 return rs 267} 268 269type ProjectsRolesService struct { 270 s *Service 271} 272 273func NewProjectsServiceAccountsService(s *Service) *ProjectsServiceAccountsService { 274 rs := &ProjectsServiceAccountsService{s: s} 275 rs.Keys = NewProjectsServiceAccountsKeysService(s) 276 return rs 277} 278 279type ProjectsServiceAccountsService struct { 280 s *Service 281 282 Keys *ProjectsServiceAccountsKeysService 283} 284 285func NewProjectsServiceAccountsKeysService(s *Service) *ProjectsServiceAccountsKeysService { 286 rs := &ProjectsServiceAccountsKeysService{s: s} 287 return rs 288} 289 290type ProjectsServiceAccountsKeysService struct { 291 s *Service 292} 293 294func NewRolesService(s *Service) *RolesService { 295 rs := &RolesService{s: s} 296 return rs 297} 298 299type RolesService struct { 300 s *Service 301} 302 303// AdminAuditData: Audit log information specific to Cloud IAM admin 304// APIs. This message is serialized as an `Any` type in the 305// `ServiceData` message of an `AuditLog` message. 306type AdminAuditData struct { 307 // PermissionDelta: The permission_delta when when creating or updating 308 // a Role. 309 PermissionDelta *PermissionDelta `json:"permissionDelta,omitempty"` 310 311 // ForceSendFields is a list of field names (e.g. "PermissionDelta") to 312 // unconditionally include in API requests. By default, fields with 313 // empty or default values are omitted from API requests. However, any 314 // non-pointer, non-interface field appearing in ForceSendFields will be 315 // sent to the server regardless of whether the field is empty or not. 316 // This may be used to include empty fields in Patch requests. 317 ForceSendFields []string `json:"-"` 318 319 // NullFields is a list of field names (e.g. "PermissionDelta") to 320 // include in API requests with the JSON null value. By default, fields 321 // with empty values are omitted from API requests. However, any field 322 // with an empty value appearing in NullFields will be sent to the 323 // server as null. It is an error if a field in this list has a 324 // non-empty value. This may be used to include null fields in Patch 325 // requests. 326 NullFields []string `json:"-"` 327} 328 329func (s *AdminAuditData) MarshalJSON() ([]byte, error) { 330 type NoMethod AdminAuditData 331 raw := NoMethod(*s) 332 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 333} 334 335// AuditConfig: Specifies the audit configuration for a service. The 336// configuration determines which permission types are logged, and what 337// identities, if any, are exempted from logging. An AuditConfig must 338// have one or more AuditLogConfigs. If there are AuditConfigs for both 339// `allServices` and a specific service, the union of the two 340// AuditConfigs is used for that service: the log_types specified in 341// each AuditConfig are enabled, and the exempted_members in each 342// AuditLogConfig are exempted. Example Policy with multiple 343// AuditConfigs: { "audit_configs": [ { "service": "allServices", 344// "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": 345// [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { 346// "log_type": "ADMIN_READ" } ] }, { "service": 347// "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": 348// "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ 349// "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy 350// enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts 351// jose@example.com from DATA_READ logging, and aliya@example.com from 352// DATA_WRITE logging. 353type AuditConfig struct { 354 // AuditLogConfigs: The configuration for logging of each type of 355 // permission. 356 AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"` 357 358 // Service: Specifies a service that will be enabled for audit logging. 359 // For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 360 // `allServices` is a special value that covers all services. 361 Service string `json:"service,omitempty"` 362 363 // ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to 364 // unconditionally include in API requests. By default, fields with 365 // empty or default values are omitted from API requests. However, any 366 // non-pointer, non-interface field appearing in ForceSendFields will be 367 // sent to the server regardless of whether the field is empty or not. 368 // This may be used to include empty fields in Patch requests. 369 ForceSendFields []string `json:"-"` 370 371 // NullFields is a list of field names (e.g. "AuditLogConfigs") to 372 // include in API requests with the JSON null value. By default, fields 373 // with empty values are omitted from API requests. However, any field 374 // with an empty value appearing in NullFields will be sent to the 375 // server as null. It is an error if a field in this list has a 376 // non-empty value. This may be used to include null fields in Patch 377 // requests. 378 NullFields []string `json:"-"` 379} 380 381func (s *AuditConfig) MarshalJSON() ([]byte, error) { 382 type NoMethod AuditConfig 383 raw := NoMethod(*s) 384 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 385} 386 387// AuditData: Audit log information specific to Cloud IAM. This message 388// is serialized as an `Any` type in the `ServiceData` message of an 389// `AuditLog` message. 390type AuditData struct { 391 // PolicyDelta: Policy delta between the original policy and the newly 392 // set policy. 393 PolicyDelta *PolicyDelta `json:"policyDelta,omitempty"` 394 395 // ForceSendFields is a list of field names (e.g. "PolicyDelta") to 396 // unconditionally include in API requests. By default, fields with 397 // empty or default values are omitted from API requests. However, any 398 // non-pointer, non-interface field appearing in ForceSendFields will be 399 // sent to the server regardless of whether the field is empty or not. 400 // This may be used to include empty fields in Patch requests. 401 ForceSendFields []string `json:"-"` 402 403 // NullFields is a list of field names (e.g. "PolicyDelta") to include 404 // in API requests with the JSON null value. By default, fields with 405 // empty values are omitted from API requests. However, any field with 406 // an empty value appearing in NullFields will be sent to the server as 407 // null. It is an error if a field in this list has a non-empty value. 408 // This may be used to include null fields in Patch requests. 409 NullFields []string `json:"-"` 410} 411 412func (s *AuditData) MarshalJSON() ([]byte, error) { 413 type NoMethod AuditData 414 raw := NoMethod(*s) 415 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 416} 417 418// AuditLogConfig: Provides the configuration for logging a type of 419// permissions. Example: { "audit_log_configs": [ { "log_type": 420// "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { 421// "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 422// 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ 423// logging. 424type AuditLogConfig struct { 425 // ExemptedMembers: Specifies the identities that do not cause logging 426 // for this type of permission. Follows the same format of 427 // Binding.members. 428 ExemptedMembers []string `json:"exemptedMembers,omitempty"` 429 430 // LogType: The log type that this config enables. 431 // 432 // Possible values: 433 // "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this. 434 // "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy 435 // "DATA_WRITE" - Data writes. Example: CloudSQL Users create 436 // "DATA_READ" - Data reads. Example: CloudSQL Users list 437 LogType string `json:"logType,omitempty"` 438 439 // ForceSendFields is a list of field names (e.g. "ExemptedMembers") to 440 // unconditionally include in API requests. By default, fields with 441 // empty or default values are omitted from API requests. However, any 442 // non-pointer, non-interface field appearing in ForceSendFields will be 443 // sent to the server regardless of whether the field is empty or not. 444 // This may be used to include empty fields in Patch requests. 445 ForceSendFields []string `json:"-"` 446 447 // NullFields is a list of field names (e.g. "ExemptedMembers") to 448 // include in API requests with the JSON null value. By default, fields 449 // with empty values are omitted from API requests. However, any field 450 // with an empty value appearing in NullFields will be sent to the 451 // server as null. It is an error if a field in this list has a 452 // non-empty value. This may be used to include null fields in Patch 453 // requests. 454 NullFields []string `json:"-"` 455} 456 457func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { 458 type NoMethod AuditLogConfig 459 raw := NoMethod(*s) 460 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 461} 462 463// AuditableService: Contains information about an auditable service. 464type AuditableService struct { 465 // Name: Public name of the service. For example, the service name for 466 // Cloud IAM is 'iam.googleapis.com'. 467 Name string `json:"name,omitempty"` 468 469 // ForceSendFields is a list of field names (e.g. "Name") to 470 // unconditionally include in API requests. By default, fields with 471 // empty or default values are omitted from API requests. However, any 472 // non-pointer, non-interface field appearing in ForceSendFields will be 473 // sent to the server regardless of whether the field is empty or not. 474 // This may be used to include empty fields in Patch requests. 475 ForceSendFields []string `json:"-"` 476 477 // NullFields is a list of field names (e.g. "Name") to include in API 478 // requests with the JSON null value. By default, fields with empty 479 // values are omitted from API requests. However, any field with an 480 // empty value appearing in NullFields will be sent to the server as 481 // null. It is an error if a field in this list has a non-empty value. 482 // This may be used to include null fields in Patch requests. 483 NullFields []string `json:"-"` 484} 485 486func (s *AuditableService) MarshalJSON() ([]byte, error) { 487 type NoMethod AuditableService 488 raw := NoMethod(*s) 489 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 490} 491 492// Aws: Represents an Amazon Web Services identity provider. 493type Aws struct { 494 // AccountId: Required. The AWS account ID. 495 AccountId string `json:"accountId,omitempty"` 496 497 // ForceSendFields is a list of field names (e.g. "AccountId") to 498 // unconditionally include in API requests. By default, fields with 499 // empty or default values are omitted from API requests. However, any 500 // non-pointer, non-interface field appearing in ForceSendFields will be 501 // sent to the server regardless of whether the field is empty or not. 502 // This may be used to include empty fields in Patch requests. 503 ForceSendFields []string `json:"-"` 504 505 // NullFields is a list of field names (e.g. "AccountId") to include in 506 // API requests with the JSON null value. By default, fields with empty 507 // values are omitted from API requests. However, any field with an 508 // empty value appearing in NullFields will be sent to the server as 509 // null. It is an error if a field in this list has a non-empty value. 510 // This may be used to include null fields in Patch requests. 511 NullFields []string `json:"-"` 512} 513 514func (s *Aws) MarshalJSON() ([]byte, error) { 515 type NoMethod Aws 516 raw := NoMethod(*s) 517 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 518} 519 520// Binding: Associates `members` with a `role`. 521type Binding struct { 522 // Condition: The condition that is associated with this binding. If the 523 // condition evaluates to `true`, then this binding applies to the 524 // current request. If the condition evaluates to `false`, then this 525 // binding does not apply to the current request. However, a different 526 // role binding might grant the same role to one or more of the members 527 // in this binding. To learn which resources support conditions in their 528 // IAM policies, see the IAM documentation 529 // (https://cloud.google.com/iam/help/conditions/resource-policies). 530 Condition *Expr `json:"condition,omitempty"` 531 532 // Members: Specifies the identities requesting access for a Cloud 533 // Platform resource. `members` can have the following values: * 534 // `allUsers`: A special identifier that represents anyone who is on the 535 // internet; with or without a Google account. * 536 // `allAuthenticatedUsers`: A special identifier that represents anyone 537 // who is authenticated with a Google account or a service account. * 538 // `user:{emailid}`: An email address that represents a specific Google 539 // account. For example, `alice@example.com` . * 540 // `serviceAccount:{emailid}`: An email address that represents a 541 // service account. For example, 542 // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An 543 // email address that represents a Google group. For example, 544 // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An 545 // email address (plus unique identifier) representing a user that has 546 // been recently deleted. For example, 547 // `alice@example.com?uid=123456789012345678901`. If the user is 548 // recovered, this value reverts to `user:{emailid}` and the recovered 549 // user retains the role in the binding. * 550 // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address 551 // (plus unique identifier) representing a service account that has been 552 // recently deleted. For example, 553 // `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. 554 // If the service account is undeleted, this value reverts to 555 // `serviceAccount:{emailid}` and the undeleted service account retains 556 // the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: 557 // An email address (plus unique identifier) representing a Google group 558 // that has been recently deleted. For example, 559 // `admins@example.com?uid=123456789012345678901`. If the group is 560 // recovered, this value reverts to `group:{emailid}` and the recovered 561 // group retains the role in the binding. * `domain:{domain}`: The G 562 // Suite domain (primary) that represents all the users of that domain. 563 // For example, `google.com` or `example.com`. 564 Members []string `json:"members,omitempty"` 565 566 // Role: Role that is assigned to `members`. For example, 567 // `roles/viewer`, `roles/editor`, or `roles/owner`. 568 Role string `json:"role,omitempty"` 569 570 // ForceSendFields is a list of field names (e.g. "Condition") to 571 // unconditionally include in API requests. By default, fields with 572 // empty or default values are omitted from API requests. However, any 573 // non-pointer, non-interface field appearing in ForceSendFields will be 574 // sent to the server regardless of whether the field is empty or not. 575 // This may be used to include empty fields in Patch requests. 576 ForceSendFields []string `json:"-"` 577 578 // NullFields is a list of field names (e.g. "Condition") to include in 579 // API requests with the JSON null value. By default, fields with empty 580 // values are omitted from API requests. However, any field with an 581 // empty value appearing in NullFields will be sent to the server as 582 // null. It is an error if a field in this list has a non-empty value. 583 // This may be used to include null fields in Patch requests. 584 NullFields []string `json:"-"` 585} 586 587func (s *Binding) MarshalJSON() ([]byte, error) { 588 type NoMethod Binding 589 raw := NoMethod(*s) 590 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 591} 592 593// BindingDelta: One delta entry for Binding. Each individual change 594// (only one member in each entry) to a binding will be a separate 595// entry. 596type BindingDelta struct { 597 // Action: The action that was performed on a Binding. Required 598 // 599 // Possible values: 600 // "ACTION_UNSPECIFIED" - Unspecified. 601 // "ADD" - Addition of a Binding. 602 // "REMOVE" - Removal of a Binding. 603 Action string `json:"action,omitempty"` 604 605 // Condition: The condition that is associated with this binding. 606 Condition *Expr `json:"condition,omitempty"` 607 608 // Member: A single identity requesting access for a Cloud Platform 609 // resource. Follows the same format of Binding.members. Required 610 Member string `json:"member,omitempty"` 611 612 // Role: Role that is assigned to `members`. For example, 613 // `roles/viewer`, `roles/editor`, or `roles/owner`. Required 614 Role string `json:"role,omitempty"` 615 616 // ForceSendFields is a list of field names (e.g. "Action") to 617 // unconditionally include in API requests. By default, fields with 618 // empty or default values are omitted from API requests. However, any 619 // non-pointer, non-interface field appearing in ForceSendFields will be 620 // sent to the server regardless of whether the field is empty or not. 621 // This may be used to include empty fields in Patch requests. 622 ForceSendFields []string `json:"-"` 623 624 // NullFields is a list of field names (e.g. "Action") to include in API 625 // requests with the JSON null value. By default, fields with empty 626 // values are omitted from API requests. However, any field with an 627 // empty value appearing in NullFields will be sent to the server as 628 // null. It is an error if a field in this list has a non-empty value. 629 // This may be used to include null fields in Patch requests. 630 NullFields []string `json:"-"` 631} 632 633func (s *BindingDelta) MarshalJSON() ([]byte, error) { 634 type NoMethod BindingDelta 635 raw := NoMethod(*s) 636 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 637} 638 639// CreateRoleRequest: The request to create a new role. 640type CreateRoleRequest struct { 641 // Role: The Role resource to create. 642 Role *Role `json:"role,omitempty"` 643 644 // RoleId: The role ID to use for this role. A role ID may contain 645 // alphanumeric characters, underscores (`_`), and periods (`.`). It 646 // must contain a minimum of 3 characters and a maximum of 64 647 // characters. 648 RoleId string `json:"roleId,omitempty"` 649 650 // ForceSendFields is a list of field names (e.g. "Role") to 651 // unconditionally include in API requests. By default, fields with 652 // empty or default values are omitted from API requests. However, any 653 // non-pointer, non-interface field appearing in ForceSendFields will be 654 // sent to the server regardless of whether the field is empty or not. 655 // This may be used to include empty fields in Patch requests. 656 ForceSendFields []string `json:"-"` 657 658 // NullFields is a list of field names (e.g. "Role") to include in API 659 // requests with the JSON null value. By default, fields with empty 660 // values are omitted from API requests. However, any field with an 661 // empty value appearing in NullFields will be sent to the server as 662 // null. It is an error if a field in this list has a non-empty value. 663 // This may be used to include null fields in Patch requests. 664 NullFields []string `json:"-"` 665} 666 667func (s *CreateRoleRequest) MarshalJSON() ([]byte, error) { 668 type NoMethod CreateRoleRequest 669 raw := NoMethod(*s) 670 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 671} 672 673// CreateServiceAccountKeyRequest: The service account key create 674// request. 675type CreateServiceAccountKeyRequest struct { 676 // KeyAlgorithm: Which type of key and algorithm to use for the key. The 677 // default is currently a 2K RSA key. However this may change in the 678 // future. 679 // 680 // Possible values: 681 // "KEY_ALG_UNSPECIFIED" - An unspecified key algorithm. 682 // "KEY_ALG_RSA_1024" - 1k RSA Key. 683 // "KEY_ALG_RSA_2048" - 2k RSA Key. 684 KeyAlgorithm string `json:"keyAlgorithm,omitempty"` 685 686 // PrivateKeyType: The output format of the private key. The default 687 // value is `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google 688 // Credentials File format. 689 // 690 // Possible values: 691 // "TYPE_UNSPECIFIED" - Unspecified. Equivalent to 692 // `TYPE_GOOGLE_CREDENTIALS_FILE`. 693 // "TYPE_PKCS12_FILE" - PKCS12 format. The password for the PKCS12 694 // file is `notasecret`. For more information, see 695 // https://tools.ietf.org/html/rfc7292. 696 // "TYPE_GOOGLE_CREDENTIALS_FILE" - Google Credentials File format. 697 PrivateKeyType string `json:"privateKeyType,omitempty"` 698 699 // ForceSendFields is a list of field names (e.g. "KeyAlgorithm") to 700 // unconditionally include in API requests. By default, fields with 701 // empty or default values are omitted from API requests. However, any 702 // non-pointer, non-interface field appearing in ForceSendFields will be 703 // sent to the server regardless of whether the field is empty or not. 704 // This may be used to include empty fields in Patch requests. 705 ForceSendFields []string `json:"-"` 706 707 // NullFields is a list of field names (e.g. "KeyAlgorithm") to include 708 // in API requests with the JSON null value. By default, fields with 709 // empty values are omitted from API requests. However, any field with 710 // an empty value appearing in NullFields will be sent to the server as 711 // null. It is an error if a field in this list has a non-empty value. 712 // This may be used to include null fields in Patch requests. 713 NullFields []string `json:"-"` 714} 715 716func (s *CreateServiceAccountKeyRequest) MarshalJSON() ([]byte, error) { 717 type NoMethod CreateServiceAccountKeyRequest 718 raw := NoMethod(*s) 719 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 720} 721 722// CreateServiceAccountRequest: The service account create request. 723type CreateServiceAccountRequest struct { 724 // AccountId: Required. The account id that is used to generate the 725 // service account email address and a stable unique id. It is unique 726 // within a project, must be 6-30 characters long, and match the regular 727 // expression `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035. 728 AccountId string `json:"accountId,omitempty"` 729 730 // ServiceAccount: The ServiceAccount resource to create. Currently, 731 // only the following values are user assignable: `display_name` and 732 // `description`. 733 ServiceAccount *ServiceAccount `json:"serviceAccount,omitempty"` 734 735 // ForceSendFields is a list of field names (e.g. "AccountId") to 736 // unconditionally include in API requests. By default, fields with 737 // empty or default values are omitted from API requests. However, any 738 // non-pointer, non-interface field appearing in ForceSendFields will be 739 // sent to the server regardless of whether the field is empty or not. 740 // This may be used to include empty fields in Patch requests. 741 ForceSendFields []string `json:"-"` 742 743 // NullFields is a list of field names (e.g. "AccountId") to include in 744 // API requests with the JSON null value. By default, fields with empty 745 // values are omitted from API requests. However, any field with an 746 // empty value appearing in NullFields will be sent to the server as 747 // null. It is an error if a field in this list has a non-empty value. 748 // This may be used to include null fields in Patch requests. 749 NullFields []string `json:"-"` 750} 751 752func (s *CreateServiceAccountRequest) MarshalJSON() ([]byte, error) { 753 type NoMethod CreateServiceAccountRequest 754 raw := NoMethod(*s) 755 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 756} 757 758// DisableServiceAccountRequest: The service account disable request. 759type DisableServiceAccountRequest struct { 760} 761 762// Empty: A generic empty message that you can re-use to avoid defining 763// duplicated empty messages in your APIs. A typical example is to use 764// it as the request or the response type of an API method. For 765// instance: service Foo { rpc Bar(google.protobuf.Empty) returns 766// (google.protobuf.Empty); } The JSON representation for `Empty` is 767// empty JSON object `{}`. 768type Empty struct { 769 // ServerResponse contains the HTTP response code and headers from the 770 // server. 771 googleapi.ServerResponse `json:"-"` 772} 773 774// EnableServiceAccountRequest: The service account enable request. 775type EnableServiceAccountRequest struct { 776} 777 778// Expr: Represents a textual expression in the Common Expression 779// Language (CEL) syntax. CEL is a C-like expression language. The 780// syntax and semantics of CEL are documented at 781// https://github.com/google/cel-spec. Example (Comparison): title: 782// "Summary size limit" description: "Determines if a summary is less 783// than 100 chars" expression: "document.summary.size() < 100" Example 784// (Equality): title: "Requestor is owner" description: "Determines if 785// requestor is the document owner" expression: "document.owner == 786// request.auth.claims.email" Example (Logic): title: "Public documents" 787// description: "Determine whether the document should be publicly 788// visible" expression: "document.type != 'private' && document.type != 789// 'internal'" Example (Data Manipulation): title: "Notification string" 790// description: "Create a notification string with a timestamp." 791// expression: "'New message received at ' + 792// string(document.create_time)" The exact variables and functions that 793// may be referenced within an expression are determined by the service 794// that evaluates it. See the service documentation for additional 795// information. 796type Expr struct { 797 // Description: Optional. Description of the expression. This is a 798 // longer text which describes the expression, e.g. when hovered over it 799 // in a UI. 800 Description string `json:"description,omitempty"` 801 802 // Expression: Textual representation of an expression in Common 803 // Expression Language syntax. 804 Expression string `json:"expression,omitempty"` 805 806 // Location: Optional. String indicating the location of the expression 807 // for error reporting, e.g. a file name and a position in the file. 808 Location string `json:"location,omitempty"` 809 810 // Title: Optional. Title for the expression, i.e. a short string 811 // describing its purpose. This can be used e.g. in UIs which allow to 812 // enter the expression. 813 Title string `json:"title,omitempty"` 814 815 // ForceSendFields is a list of field names (e.g. "Description") to 816 // unconditionally include in API requests. By default, fields with 817 // empty or default values are omitted from API requests. However, any 818 // non-pointer, non-interface field appearing in ForceSendFields will be 819 // sent to the server regardless of whether the field is empty or not. 820 // This may be used to include empty fields in Patch requests. 821 ForceSendFields []string `json:"-"` 822 823 // NullFields is a list of field names (e.g. "Description") to include 824 // in API requests with the JSON null value. By default, fields with 825 // empty values are omitted from API requests. However, any field with 826 // an empty value appearing in NullFields will be sent to the server as 827 // null. It is an error if a field in this list has a non-empty value. 828 // This may be used to include null fields in Patch requests. 829 NullFields []string `json:"-"` 830} 831 832func (s *Expr) MarshalJSON() ([]byte, error) { 833 type NoMethod Expr 834 raw := NoMethod(*s) 835 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 836} 837 838// LintPolicyRequest: The request to lint a Cloud IAM policy object. 839type LintPolicyRequest struct { 840 // Condition: google.iam.v1.Binding.condition object to be linted. 841 Condition *Expr `json:"condition,omitempty"` 842 843 // FullResourceName: The full resource name of the policy this lint 844 // request is about. The name follows the Google Cloud Platform (GCP) 845 // resource format. For example, a GCP project with ID `my-project` will 846 // be named `//cloudresourcemanager.googleapis.com/projects/my-project`. 847 // The resource name is not used to read the policy instance from the 848 // Cloud IAM database. The candidate policy for lint has to be provided 849 // in the same request object. 850 FullResourceName string `json:"fullResourceName,omitempty"` 851 852 // ForceSendFields is a list of field names (e.g. "Condition") to 853 // unconditionally include in API requests. By default, fields with 854 // empty or default values are omitted from API requests. However, any 855 // non-pointer, non-interface field appearing in ForceSendFields will be 856 // sent to the server regardless of whether the field is empty or not. 857 // This may be used to include empty fields in Patch requests. 858 ForceSendFields []string `json:"-"` 859 860 // NullFields is a list of field names (e.g. "Condition") to include in 861 // API requests with the JSON null value. By default, fields with empty 862 // values are omitted from API requests. However, any field with an 863 // empty value appearing in NullFields will be sent to the server as 864 // null. It is an error if a field in this list has a non-empty value. 865 // This may be used to include null fields in Patch requests. 866 NullFields []string `json:"-"` 867} 868 869func (s *LintPolicyRequest) MarshalJSON() ([]byte, error) { 870 type NoMethod LintPolicyRequest 871 raw := NoMethod(*s) 872 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 873} 874 875// LintPolicyResponse: The response of a lint operation. An empty 876// response indicates the operation was able to fully execute and no 877// lint issue was found. 878type LintPolicyResponse struct { 879 // LintResults: List of lint results sorted by `severity` in descending 880 // order. 881 LintResults []*LintResult `json:"lintResults,omitempty"` 882 883 // ServerResponse contains the HTTP response code and headers from the 884 // server. 885 googleapi.ServerResponse `json:"-"` 886 887 // ForceSendFields is a list of field names (e.g. "LintResults") to 888 // unconditionally include in API requests. By default, fields with 889 // empty or default values are omitted from API requests. However, any 890 // non-pointer, non-interface field appearing in ForceSendFields will be 891 // sent to the server regardless of whether the field is empty or not. 892 // This may be used to include empty fields in Patch requests. 893 ForceSendFields []string `json:"-"` 894 895 // NullFields is a list of field names (e.g. "LintResults") to include 896 // in API requests with the JSON null value. By default, fields with 897 // empty values are omitted from API requests. However, any field with 898 // an empty value appearing in NullFields will be sent to the server as 899 // null. It is an error if a field in this list has a non-empty value. 900 // This may be used to include null fields in Patch requests. 901 NullFields []string `json:"-"` 902} 903 904func (s *LintPolicyResponse) MarshalJSON() ([]byte, error) { 905 type NoMethod LintPolicyResponse 906 raw := NoMethod(*s) 907 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 908} 909 910// LintResult: Structured response of a single validation unit. 911type LintResult struct { 912 // DebugMessage: Human readable debug message associated with the issue. 913 DebugMessage string `json:"debugMessage,omitempty"` 914 915 // FieldName: The name of the field for which this lint result is about. 916 // For nested messages `field_name` consists of names of the embedded 917 // fields separated by period character. The top-level qualifier is the 918 // input object to lint in the request. For example, the `field_name` 919 // value `condition.expression` identifies a lint result for the 920 // `expression` field of the provided condition. 921 FieldName string `json:"fieldName,omitempty"` 922 923 // Level: The validation unit level. 924 // 925 // Possible values: 926 // "LEVEL_UNSPECIFIED" - Level is unspecified. 927 // "CONDITION" - A validation unit which operates on an individual 928 // condition within a binding. 929 Level string `json:"level,omitempty"` 930 931 // LocationOffset: 0-based character position of problematic construct 932 // within the object identified by `field_name`. Currently, this is 933 // populated only for condition expression. 934 LocationOffset int64 `json:"locationOffset,omitempty"` 935 936 // Severity: The validation unit severity. 937 // 938 // Possible values: 939 // "SEVERITY_UNSPECIFIED" - Severity is unspecified. 940 // "ERROR" - A validation unit returns an error only for critical 941 // issues. If an attempt is made to set the problematic policy without 942 // rectifying the critical issue, it causes the `setPolicy` operation to 943 // fail. 944 // "WARNING" - Any issue which is severe enough but does not cause an 945 // error. For example, suspicious constructs in the input object will 946 // not necessarily fail `setPolicy`, but there is a high likelihood that 947 // they won't behave as expected during policy evaluation in 948 // `checkPolicy`. This includes the following common scenarios: - 949 // Unsatisfiable condition: Expired timestamp in date/time condition. - 950 // Ineffective condition: Condition on a pair which is granted 951 // unconditionally in another binding of the same policy. 952 // "NOTICE" - Reserved for the issues that are not severe as 953 // `ERROR`/`WARNING`, but need special handling. For instance, messages 954 // about skipped validation units are issued as `NOTICE`. 955 // "INFO" - Any informative statement which is not severe enough to 956 // raise `ERROR`/`WARNING`/`NOTICE`, like auto-correction 957 // recommendations on the input content. Note that current version of 958 // the linter does not utilize `INFO`. 959 // "DEPRECATED" - Deprecated severity level. 960 Severity string `json:"severity,omitempty"` 961 962 // ValidationUnitName: The validation unit name, for instance 963 // "lintValidationUnits/ConditionComplexityCheck". 964 ValidationUnitName string `json:"validationUnitName,omitempty"` 965 966 // ForceSendFields is a list of field names (e.g. "DebugMessage") to 967 // unconditionally include in API requests. By default, fields with 968 // empty or default values are omitted from API requests. However, any 969 // non-pointer, non-interface field appearing in ForceSendFields will be 970 // sent to the server regardless of whether the field is empty or not. 971 // This may be used to include empty fields in Patch requests. 972 ForceSendFields []string `json:"-"` 973 974 // NullFields is a list of field names (e.g. "DebugMessage") to include 975 // in API requests with the JSON null value. By default, fields with 976 // empty values are omitted from API requests. However, any field with 977 // an empty value appearing in NullFields will be sent to the server as 978 // null. It is an error if a field in this list has a non-empty value. 979 // This may be used to include null fields in Patch requests. 980 NullFields []string `json:"-"` 981} 982 983func (s *LintResult) MarshalJSON() ([]byte, error) { 984 type NoMethod LintResult 985 raw := NoMethod(*s) 986 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 987} 988 989// ListRolesResponse: The response containing the roles defined under a 990// resource. 991type ListRolesResponse struct { 992 // NextPageToken: To retrieve the next page of results, set 993 // `ListRolesRequest.page_token` to this value. 994 NextPageToken string `json:"nextPageToken,omitempty"` 995 996 // Roles: The Roles defined on this resource. 997 Roles []*Role `json:"roles,omitempty"` 998 999 // ServerResponse contains the HTTP response code and headers from the 1000 // server. 1001 googleapi.ServerResponse `json:"-"` 1002 1003 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1004 // unconditionally include in API requests. By default, fields with 1005 // empty or default values are omitted from API requests. However, any 1006 // non-pointer, non-interface field appearing in ForceSendFields will be 1007 // sent to the server regardless of whether the field is empty or not. 1008 // This may be used to include empty fields in Patch requests. 1009 ForceSendFields []string `json:"-"` 1010 1011 // NullFields is a list of field names (e.g. "NextPageToken") to include 1012 // in API requests with the JSON null value. By default, fields with 1013 // empty values are omitted from API requests. However, any field with 1014 // an empty value appearing in NullFields will be sent to the server as 1015 // null. It is an error if a field in this list has a non-empty value. 1016 // This may be used to include null fields in Patch requests. 1017 NullFields []string `json:"-"` 1018} 1019 1020func (s *ListRolesResponse) MarshalJSON() ([]byte, error) { 1021 type NoMethod ListRolesResponse 1022 raw := NoMethod(*s) 1023 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1024} 1025 1026// ListServiceAccountKeysResponse: The service account keys list 1027// response. 1028type ListServiceAccountKeysResponse struct { 1029 // Keys: The public keys for the service account. 1030 Keys []*ServiceAccountKey `json:"keys,omitempty"` 1031 1032 // ServerResponse contains the HTTP response code and headers from the 1033 // server. 1034 googleapi.ServerResponse `json:"-"` 1035 1036 // ForceSendFields is a list of field names (e.g. "Keys") to 1037 // unconditionally include in API requests. By default, fields with 1038 // empty or default values are omitted from API requests. However, any 1039 // non-pointer, non-interface field appearing in ForceSendFields will be 1040 // sent to the server regardless of whether the field is empty or not. 1041 // This may be used to include empty fields in Patch requests. 1042 ForceSendFields []string `json:"-"` 1043 1044 // NullFields is a list of field names (e.g. "Keys") to include in API 1045 // requests with the JSON null value. By default, fields with empty 1046 // values are omitted from API requests. However, any field with an 1047 // empty value appearing in NullFields will be sent to the server as 1048 // null. It is an error if a field in this list has a non-empty value. 1049 // This may be used to include null fields in Patch requests. 1050 NullFields []string `json:"-"` 1051} 1052 1053func (s *ListServiceAccountKeysResponse) MarshalJSON() ([]byte, error) { 1054 type NoMethod ListServiceAccountKeysResponse 1055 raw := NoMethod(*s) 1056 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1057} 1058 1059// ListServiceAccountsResponse: The service account list response. 1060type ListServiceAccountsResponse struct { 1061 // Accounts: The list of matching service accounts. 1062 Accounts []*ServiceAccount `json:"accounts,omitempty"` 1063 1064 // NextPageToken: To retrieve the next page of results, set 1065 // ListServiceAccountsRequest.page_token to this value. 1066 NextPageToken string `json:"nextPageToken,omitempty"` 1067 1068 // ServerResponse contains the HTTP response code and headers from the 1069 // server. 1070 googleapi.ServerResponse `json:"-"` 1071 1072 // ForceSendFields is a list of field names (e.g. "Accounts") to 1073 // unconditionally include in API requests. By default, fields with 1074 // empty or default values are omitted from API requests. However, any 1075 // non-pointer, non-interface field appearing in ForceSendFields will be 1076 // sent to the server regardless of whether the field is empty or not. 1077 // This may be used to include empty fields in Patch requests. 1078 ForceSendFields []string `json:"-"` 1079 1080 // NullFields is a list of field names (e.g. "Accounts") to include in 1081 // API requests with the JSON null value. By default, fields with empty 1082 // values are omitted from API requests. However, any field with an 1083 // empty value appearing in NullFields will be sent to the server as 1084 // null. It is an error if a field in this list has a non-empty value. 1085 // This may be used to include null fields in Patch requests. 1086 NullFields []string `json:"-"` 1087} 1088 1089func (s *ListServiceAccountsResponse) MarshalJSON() ([]byte, error) { 1090 type NoMethod ListServiceAccountsResponse 1091 raw := NoMethod(*s) 1092 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1093} 1094 1095// ListWorkloadIdentityPoolProvidersResponse: Response message for 1096// ListWorkloadIdentityPoolProviders. 1097type ListWorkloadIdentityPoolProvidersResponse struct { 1098 // NextPageToken: A token, which can be sent as `page_token` to retrieve 1099 // the next page. If this field is omitted, there are no subsequent 1100 // pages. 1101 NextPageToken string `json:"nextPageToken,omitempty"` 1102 1103 // WorkloadIdentityPoolProviders: A list of providers. 1104 WorkloadIdentityPoolProviders []*WorkloadIdentityPoolProvider `json:"workloadIdentityPoolProviders,omitempty"` 1105 1106 // ServerResponse contains the HTTP response code and headers from the 1107 // server. 1108 googleapi.ServerResponse `json:"-"` 1109 1110 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1111 // unconditionally include in API requests. By default, fields with 1112 // empty or default values are omitted from API requests. However, any 1113 // non-pointer, non-interface field appearing in ForceSendFields will be 1114 // sent to the server regardless of whether the field is empty or not. 1115 // This may be used to include empty fields in Patch requests. 1116 ForceSendFields []string `json:"-"` 1117 1118 // NullFields is a list of field names (e.g. "NextPageToken") to include 1119 // in API requests with the JSON null value. By default, fields with 1120 // empty values are omitted from API requests. However, any field with 1121 // an empty value appearing in NullFields will be sent to the server as 1122 // null. It is an error if a field in this list has a non-empty value. 1123 // This may be used to include null fields in Patch requests. 1124 NullFields []string `json:"-"` 1125} 1126 1127func (s *ListWorkloadIdentityPoolProvidersResponse) MarshalJSON() ([]byte, error) { 1128 type NoMethod ListWorkloadIdentityPoolProvidersResponse 1129 raw := NoMethod(*s) 1130 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1131} 1132 1133// ListWorkloadIdentityPoolsResponse: Response message for 1134// ListWorkloadIdentityPools. 1135type ListWorkloadIdentityPoolsResponse struct { 1136 // NextPageToken: A token, which can be sent as `page_token` to retrieve 1137 // the next page. If this field is omitted, there are no subsequent 1138 // pages. 1139 NextPageToken string `json:"nextPageToken,omitempty"` 1140 1141 // WorkloadIdentityPools: A list of pools. 1142 WorkloadIdentityPools []*WorkloadIdentityPool `json:"workloadIdentityPools,omitempty"` 1143 1144 // ServerResponse contains the HTTP response code and headers from the 1145 // server. 1146 googleapi.ServerResponse `json:"-"` 1147 1148 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1149 // unconditionally include in API requests. By default, fields with 1150 // empty or default values are omitted from API requests. However, any 1151 // non-pointer, non-interface field appearing in ForceSendFields will be 1152 // sent to the server regardless of whether the field is empty or not. 1153 // This may be used to include empty fields in Patch requests. 1154 ForceSendFields []string `json:"-"` 1155 1156 // NullFields is a list of field names (e.g. "NextPageToken") to include 1157 // in API requests with the JSON null value. By default, fields with 1158 // empty values are omitted from API requests. However, any field with 1159 // an empty value appearing in NullFields will be sent to the server as 1160 // null. It is an error if a field in this list has a non-empty value. 1161 // This may be used to include null fields in Patch requests. 1162 NullFields []string `json:"-"` 1163} 1164 1165func (s *ListWorkloadIdentityPoolsResponse) MarshalJSON() ([]byte, error) { 1166 type NoMethod ListWorkloadIdentityPoolsResponse 1167 raw := NoMethod(*s) 1168 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1169} 1170 1171// Oidc: Represents an OpenId Connect 1.0 identity provider. 1172type Oidc struct { 1173 // AllowedAudiences: Acceptable values for the `aud` field (audience) in 1174 // the OIDC token. Token exchange requests are rejected if the token 1175 // audience does not match one of the configured values. Each audience 1176 // may be at most 256 characters. A maximum of 10 audiences may be 1177 // configured. If this list is empty, the OIDC token audience must be 1178 // equal to the full canonical resource name of the 1179 // WorkloadIdentityPoolProvider, with or without the HTTPS prefix. For 1180 // example: ``` 1181 // //iam.googleapis.com/projects//locations//workloadIdentityPools//provi 1182 // ders/ 1183 // https://iam.googleapis.com/projects//locations//workloadIdentityPools//providers/ 1184 // ``` 1185 AllowedAudiences []string `json:"allowedAudiences,omitempty"` 1186 1187 // IssuerUri: Required. The OIDC issuer URL. Must be an HTTPS endpoint. 1188 IssuerUri string `json:"issuerUri,omitempty"` 1189 1190 // ForceSendFields is a list of field names (e.g. "AllowedAudiences") to 1191 // unconditionally include in API requests. By default, fields with 1192 // empty or default values are omitted from API requests. However, any 1193 // non-pointer, non-interface field appearing in ForceSendFields will be 1194 // sent to the server regardless of whether the field is empty or not. 1195 // This may be used to include empty fields in Patch requests. 1196 ForceSendFields []string `json:"-"` 1197 1198 // NullFields is a list of field names (e.g. "AllowedAudiences") to 1199 // include in API requests with the JSON null value. By default, fields 1200 // with empty values are omitted from API requests. However, any field 1201 // with an empty value appearing in NullFields will be sent to the 1202 // server as null. It is an error if a field in this list has a 1203 // non-empty value. This may be used to include null fields in Patch 1204 // requests. 1205 NullFields []string `json:"-"` 1206} 1207 1208func (s *Oidc) MarshalJSON() ([]byte, error) { 1209 type NoMethod Oidc 1210 raw := NoMethod(*s) 1211 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1212} 1213 1214// Operation: This resource represents a long-running operation that is 1215// the result of a network API call. 1216type Operation struct { 1217 // Done: If the value is `false`, it means the operation is still in 1218 // progress. If `true`, the operation is completed, and either `error` 1219 // or `response` is available. 1220 Done bool `json:"done,omitempty"` 1221 1222 // Error: The error result of the operation in case of failure or 1223 // cancellation. 1224 Error *Status `json:"error,omitempty"` 1225 1226 // Metadata: Service-specific metadata associated with the operation. It 1227 // typically contains progress information and common metadata such as 1228 // create time. Some services might not provide such metadata. Any 1229 // method that returns a long-running operation should document the 1230 // metadata type, if any. 1231 Metadata googleapi.RawMessage `json:"metadata,omitempty"` 1232 1233 // Name: The server-assigned name, which is only unique within the same 1234 // service that originally returns it. If you use the default HTTP 1235 // mapping, the `name` should be a resource name ending with 1236 // `operations/{unique_id}`. 1237 Name string `json:"name,omitempty"` 1238 1239 // Response: The normal response of the operation in case of success. If 1240 // the original method returns no data on success, such as `Delete`, the 1241 // response is `google.protobuf.Empty`. If the original method is 1242 // standard `Get`/`Create`/`Update`, the response should be the 1243 // resource. For other methods, the response should have the type 1244 // `XxxResponse`, where `Xxx` is the original method name. For example, 1245 // if the original method name is `TakeSnapshot()`, the inferred 1246 // response type is `TakeSnapshotResponse`. 1247 Response googleapi.RawMessage `json:"response,omitempty"` 1248 1249 // ServerResponse contains the HTTP response code and headers from the 1250 // server. 1251 googleapi.ServerResponse `json:"-"` 1252 1253 // ForceSendFields is a list of field names (e.g. "Done") to 1254 // unconditionally include in API requests. By default, fields with 1255 // empty or default values are omitted from API requests. However, any 1256 // non-pointer, non-interface field appearing in ForceSendFields will be 1257 // sent to the server regardless of whether the field is empty or not. 1258 // This may be used to include empty fields in Patch requests. 1259 ForceSendFields []string `json:"-"` 1260 1261 // NullFields is a list of field names (e.g. "Done") to include in API 1262 // requests with the JSON null value. By default, fields with empty 1263 // values are omitted from API requests. However, any field with an 1264 // empty value appearing in NullFields will be sent to the server as 1265 // null. It is an error if a field in this list has a non-empty value. 1266 // This may be used to include null fields in Patch requests. 1267 NullFields []string `json:"-"` 1268} 1269 1270func (s *Operation) MarshalJSON() ([]byte, error) { 1271 type NoMethod Operation 1272 raw := NoMethod(*s) 1273 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1274} 1275 1276// PatchServiceAccountRequest: The request for PatchServiceAccount. You 1277// can patch only the `display_name` and `description` fields. You must 1278// use the `update_mask` field to specify which of these fields you want 1279// to patch. Only the fields specified in the request are guaranteed to 1280// be returned in the response. Other fields may be empty in the 1281// response. 1282type PatchServiceAccountRequest struct { 1283 ServiceAccount *ServiceAccount `json:"serviceAccount,omitempty"` 1284 1285 UpdateMask string `json:"updateMask,omitempty"` 1286 1287 // ForceSendFields is a list of field names (e.g. "ServiceAccount") to 1288 // unconditionally include in API requests. By default, fields with 1289 // empty or default values are omitted from API requests. However, any 1290 // non-pointer, non-interface field appearing in ForceSendFields will be 1291 // sent to the server regardless of whether the field is empty or not. 1292 // This may be used to include empty fields in Patch requests. 1293 ForceSendFields []string `json:"-"` 1294 1295 // NullFields is a list of field names (e.g. "ServiceAccount") to 1296 // include in API requests with the JSON null value. By default, fields 1297 // with empty values are omitted from API requests. However, any field 1298 // with an empty value appearing in NullFields will be sent to the 1299 // server as null. It is an error if a field in this list has a 1300 // non-empty value. This may be used to include null fields in Patch 1301 // requests. 1302 NullFields []string `json:"-"` 1303} 1304 1305func (s *PatchServiceAccountRequest) MarshalJSON() ([]byte, error) { 1306 type NoMethod PatchServiceAccountRequest 1307 raw := NoMethod(*s) 1308 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1309} 1310 1311// Permission: A permission which can be included by a role. 1312type Permission struct { 1313 // ApiDisabled: The service API associated with the permission is not 1314 // enabled. 1315 ApiDisabled bool `json:"apiDisabled,omitempty"` 1316 1317 // CustomRolesSupportLevel: The current custom role support level. 1318 // 1319 // Possible values: 1320 // "SUPPORTED" - Default state. Permission is fully supported for 1321 // custom role use. 1322 // "TESTING" - Permission is being tested to check custom role 1323 // compatibility. 1324 // "NOT_SUPPORTED" - Permission is not supported for custom role use. 1325 CustomRolesSupportLevel string `json:"customRolesSupportLevel,omitempty"` 1326 1327 // Description: A brief description of what this Permission is used for. 1328 // This permission can ONLY be used in predefined roles. 1329 Description string `json:"description,omitempty"` 1330 1331 // Name: The name of this Permission. 1332 Name string `json:"name,omitempty"` 1333 1334 OnlyInPredefinedRoles bool `json:"onlyInPredefinedRoles,omitempty"` 1335 1336 // PrimaryPermission: The preferred name for this permission. If 1337 // present, then this permission is an alias of, and equivalent to, the 1338 // listed primary_permission. 1339 PrimaryPermission string `json:"primaryPermission,omitempty"` 1340 1341 // Stage: The current launch stage of the permission. 1342 // 1343 // Possible values: 1344 // "ALPHA" - The permission is currently in an alpha phase. 1345 // "BETA" - The permission is currently in a beta phase. 1346 // "GA" - The permission is generally available. 1347 // "DEPRECATED" - The permission is being deprecated. 1348 Stage string `json:"stage,omitempty"` 1349 1350 // Title: The title of this Permission. 1351 Title string `json:"title,omitempty"` 1352 1353 // ForceSendFields is a list of field names (e.g. "ApiDisabled") to 1354 // unconditionally include in API requests. By default, fields with 1355 // empty or default values are omitted from API requests. However, any 1356 // non-pointer, non-interface field appearing in ForceSendFields will be 1357 // sent to the server regardless of whether the field is empty or not. 1358 // This may be used to include empty fields in Patch requests. 1359 ForceSendFields []string `json:"-"` 1360 1361 // NullFields is a list of field names (e.g. "ApiDisabled") to include 1362 // in API requests with the JSON null value. By default, fields with 1363 // empty values are omitted from API requests. However, any field with 1364 // an empty value appearing in NullFields will be sent to the server as 1365 // null. It is an error if a field in this list has a non-empty value. 1366 // This may be used to include null fields in Patch requests. 1367 NullFields []string `json:"-"` 1368} 1369 1370func (s *Permission) MarshalJSON() ([]byte, error) { 1371 type NoMethod Permission 1372 raw := NoMethod(*s) 1373 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1374} 1375 1376// PermissionDelta: A PermissionDelta message to record the 1377// added_permissions and removed_permissions inside a role. 1378type PermissionDelta struct { 1379 // AddedPermissions: Added permissions. 1380 AddedPermissions []string `json:"addedPermissions,omitempty"` 1381 1382 // RemovedPermissions: Removed permissions. 1383 RemovedPermissions []string `json:"removedPermissions,omitempty"` 1384 1385 // ForceSendFields is a list of field names (e.g. "AddedPermissions") to 1386 // unconditionally include in API requests. By default, fields with 1387 // empty or default values are omitted from API requests. However, any 1388 // non-pointer, non-interface field appearing in ForceSendFields will be 1389 // sent to the server regardless of whether the field is empty or not. 1390 // This may be used to include empty fields in Patch requests. 1391 ForceSendFields []string `json:"-"` 1392 1393 // NullFields is a list of field names (e.g. "AddedPermissions") to 1394 // include in API requests with the JSON null value. By default, fields 1395 // with empty values are omitted from API requests. However, any field 1396 // with an empty value appearing in NullFields will be sent to the 1397 // server as null. It is an error if a field in this list has a 1398 // non-empty value. This may be used to include null fields in Patch 1399 // requests. 1400 NullFields []string `json:"-"` 1401} 1402 1403func (s *PermissionDelta) MarshalJSON() ([]byte, error) { 1404 type NoMethod PermissionDelta 1405 raw := NoMethod(*s) 1406 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1407} 1408 1409// Policy: An Identity and Access Management (IAM) policy, which 1410// specifies access controls for Google Cloud resources. A `Policy` is a 1411// collection of `bindings`. A `binding` binds one or more `members` to 1412// a single `role`. Members can be user accounts, service accounts, 1413// Google groups, and domains (such as G Suite). A `role` is a named 1414// list of permissions; each `role` can be an IAM predefined role or a 1415// user-created custom role. For some types of Google Cloud resources, a 1416// `binding` can also specify a `condition`, which is a logical 1417// expression that allows access to a resource only if the expression 1418// evaluates to `true`. A condition can add constraints based on 1419// attributes of the request, the resource, or both. To learn which 1420// resources support conditions in their IAM policies, see the IAM 1421// documentation 1422// (https://cloud.google.com/iam/help/conditions/resource-policies). 1423// **JSON example:** { "bindings": [ { "role": 1424// "roles/resourcemanager.organizationAdmin", "members": [ 1425// "user:mike@example.com", "group:admins@example.com", 1426// "domain:google.com", 1427// "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { 1428// "role": "roles/resourcemanager.organizationViewer", "members": [ 1429// "user:eve@example.com" ], "condition": { "title": "expirable access", 1430// "description": "Does not grant access after Sep 2020", "expression": 1431// "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], 1432// "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - 1433// members: - user:mike@example.com - group:admins@example.com - 1434// domain:google.com - 1435// serviceAccount:my-project-id@appspot.gserviceaccount.com role: 1436// roles/resourcemanager.organizationAdmin - members: - 1437// user:eve@example.com role: roles/resourcemanager.organizationViewer 1438// condition: title: expirable access description: Does not grant access 1439// after Sep 2020 expression: request.time < 1440// timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 1441// 3 For a description of IAM and its features, see the IAM 1442// documentation (https://cloud.google.com/iam/docs/). 1443type Policy struct { 1444 // AuditConfigs: Specifies cloud audit logging configuration for this 1445 // policy. 1446 AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"` 1447 1448 // Bindings: Associates a list of `members` to a `role`. Optionally, may 1449 // specify a `condition` that determines how and when the `bindings` are 1450 // applied. Each of the `bindings` must contain at least one member. 1451 Bindings []*Binding `json:"bindings,omitempty"` 1452 1453 // Etag: `etag` is used for optimistic concurrency control as a way to 1454 // help prevent simultaneous updates of a policy from overwriting each 1455 // other. It is strongly suggested that systems make use of the `etag` 1456 // in the read-modify-write cycle to perform policy updates in order to 1457 // avoid race conditions: An `etag` is returned in the response to 1458 // `getIamPolicy`, and systems are expected to put that etag in the 1459 // request to `setIamPolicy` to ensure that their change will be applied 1460 // to the same version of the policy. **Important:** If you use IAM 1461 // Conditions, you must include the `etag` field whenever you call 1462 // `setIamPolicy`. If you omit this field, then IAM allows you to 1463 // overwrite a version `3` policy with a version `1` policy, and all of 1464 // the conditions in the version `3` policy are lost. 1465 Etag string `json:"etag,omitempty"` 1466 1467 // Version: Specifies the format of the policy. Valid values are `0`, 1468 // `1`, and `3`. Requests that specify an invalid value are rejected. 1469 // Any operation that affects conditional role bindings must specify 1470 // version `3`. This requirement applies to the following operations: * 1471 // Getting a policy that includes a conditional role binding * Adding a 1472 // conditional role binding to a policy * Changing a conditional role 1473 // binding in a policy * Removing any role binding, with or without a 1474 // condition, from a policy that includes conditions **Important:** If 1475 // you use IAM Conditions, you must include the `etag` field whenever 1476 // you call `setIamPolicy`. If you omit this field, then IAM allows you 1477 // to overwrite a version `3` policy with a version `1` policy, and all 1478 // of the conditions in the version `3` policy are lost. If a policy 1479 // does not include any conditions, operations on that policy may 1480 // specify any valid version or leave the field unset. To learn which 1481 // resources support conditions in their IAM policies, see the IAM 1482 // documentation 1483 // (https://cloud.google.com/iam/help/conditions/resource-policies). 1484 Version int64 `json:"version,omitempty"` 1485 1486 // ServerResponse contains the HTTP response code and headers from the 1487 // server. 1488 googleapi.ServerResponse `json:"-"` 1489 1490 // ForceSendFields is a list of field names (e.g. "AuditConfigs") to 1491 // unconditionally include in API requests. By default, fields with 1492 // empty or default values are omitted from API requests. However, any 1493 // non-pointer, non-interface field appearing in ForceSendFields will be 1494 // sent to the server regardless of whether the field is empty or not. 1495 // This may be used to include empty fields in Patch requests. 1496 ForceSendFields []string `json:"-"` 1497 1498 // NullFields is a list of field names (e.g. "AuditConfigs") to include 1499 // in API requests with the JSON null value. By default, fields with 1500 // empty values are omitted from API requests. However, any field with 1501 // an empty value appearing in NullFields will be sent to the server as 1502 // null. It is an error if a field in this list has a non-empty value. 1503 // This may be used to include null fields in Patch requests. 1504 NullFields []string `json:"-"` 1505} 1506 1507func (s *Policy) MarshalJSON() ([]byte, error) { 1508 type NoMethod Policy 1509 raw := NoMethod(*s) 1510 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1511} 1512 1513// PolicyDelta: The difference delta between two policies. 1514type PolicyDelta struct { 1515 // BindingDeltas: The delta for Bindings between two policies. 1516 BindingDeltas []*BindingDelta `json:"bindingDeltas,omitempty"` 1517 1518 // ForceSendFields is a list of field names (e.g. "BindingDeltas") to 1519 // unconditionally include in API requests. By default, fields with 1520 // empty or default values are omitted from API requests. However, any 1521 // non-pointer, non-interface field appearing in ForceSendFields will be 1522 // sent to the server regardless of whether the field is empty or not. 1523 // This may be used to include empty fields in Patch requests. 1524 ForceSendFields []string `json:"-"` 1525 1526 // NullFields is a list of field names (e.g. "BindingDeltas") to include 1527 // in API requests with the JSON null value. By default, fields with 1528 // empty values are omitted from API requests. However, any field with 1529 // an empty value appearing in NullFields will be sent to the server as 1530 // null. It is an error if a field in this list has a non-empty value. 1531 // This may be used to include null fields in Patch requests. 1532 NullFields []string `json:"-"` 1533} 1534 1535func (s *PolicyDelta) MarshalJSON() ([]byte, error) { 1536 type NoMethod PolicyDelta 1537 raw := NoMethod(*s) 1538 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1539} 1540 1541// PolicyOperationMetadata: Metadata for long-running Policy operations. 1542type PolicyOperationMetadata struct { 1543 // CreateTime: Timestamp when the google.longrunning.Operation was 1544 // created. 1545 CreateTime string `json:"createTime,omitempty"` 1546 1547 // ForceSendFields is a list of field names (e.g. "CreateTime") to 1548 // unconditionally include in API requests. By default, fields with 1549 // empty or default values are omitted from API requests. However, any 1550 // non-pointer, non-interface field appearing in ForceSendFields will be 1551 // sent to the server regardless of whether the field is empty or not. 1552 // This may be used to include empty fields in Patch requests. 1553 ForceSendFields []string `json:"-"` 1554 1555 // NullFields is a list of field names (e.g. "CreateTime") to include in 1556 // API requests with the JSON null value. By default, fields with empty 1557 // values are omitted from API requests. However, any field with an 1558 // empty value appearing in NullFields will be sent to the server as 1559 // null. It is an error if a field in this list has a non-empty value. 1560 // This may be used to include null fields in Patch requests. 1561 NullFields []string `json:"-"` 1562} 1563 1564func (s *PolicyOperationMetadata) MarshalJSON() ([]byte, error) { 1565 type NoMethod PolicyOperationMetadata 1566 raw := NoMethod(*s) 1567 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1568} 1569 1570// QueryAuditableServicesRequest: A request to get the list of auditable 1571// services for a resource. 1572type QueryAuditableServicesRequest struct { 1573 // FullResourceName: Required. The full resource name to query from the 1574 // list of auditable services. The name follows the Google Cloud 1575 // Platform resource format. For example, a Cloud Platform project with 1576 // id `my-project` will be named 1577 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1578 FullResourceName string `json:"fullResourceName,omitempty"` 1579 1580 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1581 // unconditionally include in API requests. By default, fields with 1582 // empty or default values are omitted from API requests. However, any 1583 // non-pointer, non-interface field appearing in ForceSendFields will be 1584 // sent to the server regardless of whether the field is empty or not. 1585 // This may be used to include empty fields in Patch requests. 1586 ForceSendFields []string `json:"-"` 1587 1588 // NullFields is a list of field names (e.g. "FullResourceName") to 1589 // include in API requests with the JSON null value. By default, fields 1590 // with empty values are omitted from API requests. However, any field 1591 // with an empty value appearing in NullFields will be sent to the 1592 // server as null. It is an error if a field in this list has a 1593 // non-empty value. This may be used to include null fields in Patch 1594 // requests. 1595 NullFields []string `json:"-"` 1596} 1597 1598func (s *QueryAuditableServicesRequest) MarshalJSON() ([]byte, error) { 1599 type NoMethod QueryAuditableServicesRequest 1600 raw := NoMethod(*s) 1601 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1602} 1603 1604// QueryAuditableServicesResponse: A response containing a list of 1605// auditable services for a resource. 1606type QueryAuditableServicesResponse struct { 1607 // Services: The auditable services for a resource. 1608 Services []*AuditableService `json:"services,omitempty"` 1609 1610 // ServerResponse contains the HTTP response code and headers from the 1611 // server. 1612 googleapi.ServerResponse `json:"-"` 1613 1614 // ForceSendFields is a list of field names (e.g. "Services") to 1615 // unconditionally include in API requests. By default, fields with 1616 // empty or default values are omitted from API requests. However, any 1617 // non-pointer, non-interface field appearing in ForceSendFields will be 1618 // sent to the server regardless of whether the field is empty or not. 1619 // This may be used to include empty fields in Patch requests. 1620 ForceSendFields []string `json:"-"` 1621 1622 // NullFields is a list of field names (e.g. "Services") to include in 1623 // API requests with the JSON null value. By default, fields with empty 1624 // values are omitted from API requests. However, any field with an 1625 // empty value appearing in NullFields will be sent to the server as 1626 // null. It is an error if a field in this list has a non-empty value. 1627 // This may be used to include null fields in Patch requests. 1628 NullFields []string `json:"-"` 1629} 1630 1631func (s *QueryAuditableServicesResponse) MarshalJSON() ([]byte, error) { 1632 type NoMethod QueryAuditableServicesResponse 1633 raw := NoMethod(*s) 1634 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1635} 1636 1637// QueryGrantableRolesRequest: The grantable role query request. 1638type QueryGrantableRolesRequest struct { 1639 // FullResourceName: Required. The full resource name to query from the 1640 // list of grantable roles. The name follows the Google Cloud Platform 1641 // resource format. For example, a Cloud Platform project with id 1642 // `my-project` will be named 1643 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1644 FullResourceName string `json:"fullResourceName,omitempty"` 1645 1646 // PageSize: Optional limit on the number of roles to include in the 1647 // response. The default is 300, and the maximum is 1,000. 1648 PageSize int64 `json:"pageSize,omitempty"` 1649 1650 // PageToken: Optional pagination token returned in an earlier 1651 // QueryGrantableRolesResponse. 1652 PageToken string `json:"pageToken,omitempty"` 1653 1654 // Possible values: 1655 // "BASIC" - Omits the `included_permissions` field. This is the 1656 // default value. 1657 // "FULL" - Returns all fields. 1658 View string `json:"view,omitempty"` 1659 1660 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1661 // unconditionally include in API requests. By default, fields with 1662 // empty or default values are omitted from API requests. However, any 1663 // non-pointer, non-interface field appearing in ForceSendFields will be 1664 // sent to the server regardless of whether the field is empty or not. 1665 // This may be used to include empty fields in Patch requests. 1666 ForceSendFields []string `json:"-"` 1667 1668 // NullFields is a list of field names (e.g. "FullResourceName") to 1669 // include in API requests with the JSON null value. By default, fields 1670 // with empty values are omitted from API requests. However, any field 1671 // with an empty value appearing in NullFields will be sent to the 1672 // server as null. It is an error if a field in this list has a 1673 // non-empty value. This may be used to include null fields in Patch 1674 // requests. 1675 NullFields []string `json:"-"` 1676} 1677 1678func (s *QueryGrantableRolesRequest) MarshalJSON() ([]byte, error) { 1679 type NoMethod QueryGrantableRolesRequest 1680 raw := NoMethod(*s) 1681 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1682} 1683 1684// QueryGrantableRolesResponse: The grantable role query response. 1685type QueryGrantableRolesResponse struct { 1686 // NextPageToken: To retrieve the next page of results, set 1687 // `QueryGrantableRolesRequest.page_token` to this value. 1688 NextPageToken string `json:"nextPageToken,omitempty"` 1689 1690 // Roles: The list of matching roles. 1691 Roles []*Role `json:"roles,omitempty"` 1692 1693 // ServerResponse contains the HTTP response code and headers from the 1694 // server. 1695 googleapi.ServerResponse `json:"-"` 1696 1697 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1698 // unconditionally include in API requests. By default, fields with 1699 // empty or default values are omitted from API requests. However, any 1700 // non-pointer, non-interface field appearing in ForceSendFields will be 1701 // sent to the server regardless of whether the field is empty or not. 1702 // This may be used to include empty fields in Patch requests. 1703 ForceSendFields []string `json:"-"` 1704 1705 // NullFields is a list of field names (e.g. "NextPageToken") to include 1706 // in API requests with the JSON null value. By default, fields with 1707 // empty values are omitted from API requests. However, any field with 1708 // an empty value appearing in NullFields will be sent to the server as 1709 // null. It is an error if a field in this list has a non-empty value. 1710 // This may be used to include null fields in Patch requests. 1711 NullFields []string `json:"-"` 1712} 1713 1714func (s *QueryGrantableRolesResponse) MarshalJSON() ([]byte, error) { 1715 type NoMethod QueryGrantableRolesResponse 1716 raw := NoMethod(*s) 1717 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1718} 1719 1720// QueryTestablePermissionsRequest: A request to get permissions which 1721// can be tested on a resource. 1722type QueryTestablePermissionsRequest struct { 1723 // FullResourceName: Required. The full resource name to query from the 1724 // list of testable permissions. The name follows the Google Cloud 1725 // Platform resource format. For example, a Cloud Platform project with 1726 // id `my-project` will be named 1727 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1728 FullResourceName string `json:"fullResourceName,omitempty"` 1729 1730 // PageSize: Optional limit on the number of permissions to include in 1731 // the response. The default is 100, and the maximum is 1,000. 1732 PageSize int64 `json:"pageSize,omitempty"` 1733 1734 // PageToken: Optional pagination token returned in an earlier 1735 // QueryTestablePermissionsRequest. 1736 PageToken string `json:"pageToken,omitempty"` 1737 1738 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1739 // unconditionally include in API requests. By default, fields with 1740 // empty or default values are omitted from API requests. However, any 1741 // non-pointer, non-interface field appearing in ForceSendFields will be 1742 // sent to the server regardless of whether the field is empty or not. 1743 // This may be used to include empty fields in Patch requests. 1744 ForceSendFields []string `json:"-"` 1745 1746 // NullFields is a list of field names (e.g. "FullResourceName") to 1747 // include in API requests with the JSON null value. By default, fields 1748 // with empty values are omitted from API requests. However, any field 1749 // with an empty value appearing in NullFields will be sent to the 1750 // server as null. It is an error if a field in this list has a 1751 // non-empty value. This may be used to include null fields in Patch 1752 // requests. 1753 NullFields []string `json:"-"` 1754} 1755 1756func (s *QueryTestablePermissionsRequest) MarshalJSON() ([]byte, error) { 1757 type NoMethod QueryTestablePermissionsRequest 1758 raw := NoMethod(*s) 1759 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1760} 1761 1762// QueryTestablePermissionsResponse: The response containing permissions 1763// which can be tested on a resource. 1764type QueryTestablePermissionsResponse struct { 1765 // NextPageToken: To retrieve the next page of results, set 1766 // `QueryTestableRolesRequest.page_token` to this value. 1767 NextPageToken string `json:"nextPageToken,omitempty"` 1768 1769 // Permissions: The Permissions testable on the requested resource. 1770 Permissions []*Permission `json:"permissions,omitempty"` 1771 1772 // ServerResponse contains the HTTP response code and headers from the 1773 // server. 1774 googleapi.ServerResponse `json:"-"` 1775 1776 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1777 // unconditionally include in API requests. By default, fields with 1778 // empty or default values are omitted from API requests. However, any 1779 // non-pointer, non-interface field appearing in ForceSendFields will be 1780 // sent to the server regardless of whether the field is empty or not. 1781 // This may be used to include empty fields in Patch requests. 1782 ForceSendFields []string `json:"-"` 1783 1784 // NullFields is a list of field names (e.g. "NextPageToken") to include 1785 // in API requests with the JSON null value. By default, fields with 1786 // empty values are omitted from API requests. However, any field with 1787 // an empty value appearing in NullFields will be sent to the server as 1788 // null. It is an error if a field in this list has a non-empty value. 1789 // This may be used to include null fields in Patch requests. 1790 NullFields []string `json:"-"` 1791} 1792 1793func (s *QueryTestablePermissionsResponse) MarshalJSON() ([]byte, error) { 1794 type NoMethod QueryTestablePermissionsResponse 1795 raw := NoMethod(*s) 1796 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1797} 1798 1799// Role: A role in the Identity and Access Management API. 1800type Role struct { 1801 // Deleted: The current deleted state of the role. This field is read 1802 // only. It will be ignored in calls to CreateRole and UpdateRole. 1803 Deleted bool `json:"deleted,omitempty"` 1804 1805 // Description: Optional. A human-readable description for the role. 1806 Description string `json:"description,omitempty"` 1807 1808 // Etag: Used to perform a consistent read-modify-write. 1809 Etag string `json:"etag,omitempty"` 1810 1811 // IncludedPermissions: The names of the permissions this role grants 1812 // when bound in an IAM policy. 1813 IncludedPermissions []string `json:"includedPermissions,omitempty"` 1814 1815 // Name: The name of the role. When Role is used in CreateRole, the role 1816 // name must not be set. When Role is used in output and other input 1817 // such as UpdateRole, the role name is the complete path, e.g., 1818 // roles/logging.viewer for predefined roles and 1819 // organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom 1820 // roles. 1821 Name string `json:"name,omitempty"` 1822 1823 // Stage: The current launch stage of the role. If the `ALPHA` launch 1824 // stage has been selected for a role, the `stage` field will not be 1825 // included in the returned definition for the role. 1826 // 1827 // Possible values: 1828 // "ALPHA" - The user has indicated this role is currently in an Alpha 1829 // phase. If this launch stage is selected, the `stage` field will not 1830 // be included when requesting the definition for a given role. 1831 // "BETA" - The user has indicated this role is currently in a Beta 1832 // phase. 1833 // "GA" - The user has indicated this role is generally available. 1834 // "DEPRECATED" - The user has indicated this role is being 1835 // deprecated. 1836 // "DISABLED" - This role is disabled and will not contribute 1837 // permissions to any members it is granted to in policies. 1838 // "EAP" - The user has indicated this role is currently in an EAP 1839 // phase. 1840 Stage string `json:"stage,omitempty"` 1841 1842 // Title: Optional. A human-readable title for the role. Typically this 1843 // is limited to 100 UTF-8 bytes. 1844 Title string `json:"title,omitempty"` 1845 1846 // ServerResponse contains the HTTP response code and headers from the 1847 // server. 1848 googleapi.ServerResponse `json:"-"` 1849 1850 // ForceSendFields is a list of field names (e.g. "Deleted") to 1851 // unconditionally include in API requests. By default, fields with 1852 // empty or default values are omitted from API requests. However, any 1853 // non-pointer, non-interface field appearing in ForceSendFields will be 1854 // sent to the server regardless of whether the field is empty or not. 1855 // This may be used to include empty fields in Patch requests. 1856 ForceSendFields []string `json:"-"` 1857 1858 // NullFields is a list of field names (e.g. "Deleted") to include in 1859 // API requests with the JSON null value. By default, fields with empty 1860 // values are omitted from API requests. However, any field with an 1861 // empty value appearing in NullFields will be sent to the server as 1862 // null. It is an error if a field in this list has a non-empty value. 1863 // This may be used to include null fields in Patch requests. 1864 NullFields []string `json:"-"` 1865} 1866 1867func (s *Role) MarshalJSON() ([]byte, error) { 1868 type NoMethod Role 1869 raw := NoMethod(*s) 1870 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1871} 1872 1873// ServiceAccount: An IAM service account. A service account is an 1874// account for an application or a virtual machine (VM) instance, not a 1875// person. You can use a service account to call Google APIs. To learn 1876// more, read the overview of service accounts 1877// (https://cloud.google.com/iam/help/service-accounts/overview). When 1878// you create a service account, you specify the project ID that owns 1879// the service account, as well as a name that must be unique within the 1880// project. IAM uses these values to create an email address that 1881// identifies the service account. 1882type ServiceAccount struct { 1883 // Description: Optional. A user-specified, human-readable description 1884 // of the service account. The maximum length is 256 UTF-8 bytes. 1885 Description string `json:"description,omitempty"` 1886 1887 // Disabled: Output only. Whether the service account is disabled. 1888 Disabled bool `json:"disabled,omitempty"` 1889 1890 // DisplayName: Optional. A user-specified, human-readable name for the 1891 // service account. The maximum length is 100 UTF-8 bytes. 1892 DisplayName string `json:"displayName,omitempty"` 1893 1894 // Email: Output only. The email address of the service account. 1895 Email string `json:"email,omitempty"` 1896 1897 // Etag: Deprecated. Do not use. 1898 Etag string `json:"etag,omitempty"` 1899 1900 // Name: The resource name of the service account. Use one of the 1901 // following formats: * 1902 // `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * 1903 // `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an 1904 // alternative, you can use the `-` wildcard character instead of the 1905 // project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * 1906 // `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using 1907 // the `-` wildcard character, because it can cause response messages to 1908 // contain misleading error codes. For example, if you try to get the 1909 // service account `projects/-/serviceAccounts/fake@example.com`, which 1910 // does not exist, the response contains an HTTP `403 Forbidden` error 1911 // instead of a `404 Not Found` error. 1912 Name string `json:"name,omitempty"` 1913 1914 // Oauth2ClientId: Output only. The OAuth 2.0 client ID for the service 1915 // account. 1916 Oauth2ClientId string `json:"oauth2ClientId,omitempty"` 1917 1918 // ProjectId: Output only. The ID of the project that owns the service 1919 // account. 1920 ProjectId string `json:"projectId,omitempty"` 1921 1922 // UniqueId: Output only. The unique, stable numeric ID for the service 1923 // account. Each service account retains its unique ID even if you 1924 // delete the service account. For example, if you delete a service 1925 // account, then create a new service account with the same name, the 1926 // new service account has a different unique ID than the deleted 1927 // service account. 1928 UniqueId string `json:"uniqueId,omitempty"` 1929 1930 // ServerResponse contains the HTTP response code and headers from the 1931 // server. 1932 googleapi.ServerResponse `json:"-"` 1933 1934 // ForceSendFields is a list of field names (e.g. "Description") to 1935 // unconditionally include in API requests. By default, fields with 1936 // empty or default values are omitted from API requests. However, any 1937 // non-pointer, non-interface field appearing in ForceSendFields will be 1938 // sent to the server regardless of whether the field is empty or not. 1939 // This may be used to include empty fields in Patch requests. 1940 ForceSendFields []string `json:"-"` 1941 1942 // NullFields is a list of field names (e.g. "Description") to include 1943 // in API requests with the JSON null value. By default, fields with 1944 // empty values are omitted from API requests. However, any field with 1945 // an empty value appearing in NullFields will be sent to the server as 1946 // null. It is an error if a field in this list has a non-empty value. 1947 // This may be used to include null fields in Patch requests. 1948 NullFields []string `json:"-"` 1949} 1950 1951func (s *ServiceAccount) MarshalJSON() ([]byte, error) { 1952 type NoMethod ServiceAccount 1953 raw := NoMethod(*s) 1954 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1955} 1956 1957// ServiceAccountKey: Represents a service account key. A service 1958// account has two sets of key-pairs: user-managed, and system-managed. 1959// User-managed key-pairs can be created and deleted by users. Users are 1960// responsible for rotating these keys periodically to ensure security 1961// of their service accounts. Users retain the private key of these 1962// key-pairs, and Google retains ONLY the public key. System-managed 1963// keys are automatically rotated by Google, and are used for signing 1964// for a maximum of two weeks. The rotation process is probabilistic, 1965// and usage of the new key will gradually ramp up and down over the 1966// key's lifetime. If you cache the public key set for a service 1967// account, we recommend that you update the cache every 15 minutes. 1968// User-managed keys can be added and removed at any time, so it is 1969// important to update the cache frequently. For Google-managed keys, 1970// Google will publish a key at least 6 hours before it is first used 1971// for signing and will keep publishing it for at least 6 hours after it 1972// was last used for signing. Public keys for all service accounts are 1973// also published at the OAuth2 Service Account API. 1974type ServiceAccountKey struct { 1975 // KeyAlgorithm: Specifies the algorithm (and possibly key size) for the 1976 // key. 1977 // 1978 // Possible values: 1979 // "KEY_ALG_UNSPECIFIED" - An unspecified key algorithm. 1980 // "KEY_ALG_RSA_1024" - 1k RSA Key. 1981 // "KEY_ALG_RSA_2048" - 2k RSA Key. 1982 KeyAlgorithm string `json:"keyAlgorithm,omitempty"` 1983 1984 // KeyOrigin: The key origin. 1985 // 1986 // Possible values: 1987 // "ORIGIN_UNSPECIFIED" - Unspecified key origin. 1988 // "USER_PROVIDED" - Key is provided by user. 1989 // "GOOGLE_PROVIDED" - Key is provided by Google. 1990 KeyOrigin string `json:"keyOrigin,omitempty"` 1991 1992 // KeyType: The key type. 1993 // 1994 // Possible values: 1995 // "KEY_TYPE_UNSPECIFIED" - Unspecified key type. The presence of this 1996 // in the message will immediately result in an error. 1997 // "USER_MANAGED" - User-managed keys (managed and rotated by the 1998 // user). 1999 // "SYSTEM_MANAGED" - System-managed keys (managed and rotated by 2000 // Google). 2001 KeyType string `json:"keyType,omitempty"` 2002 2003 // Name: The resource name of the service account key in the following 2004 // format `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. 2005 Name string `json:"name,omitempty"` 2006 2007 // PrivateKeyData: The private key data. Only provided in 2008 // `CreateServiceAccountKey` responses. Make sure to keep the private 2009 // key data secure because it allows for the assertion of the service 2010 // account identity. When base64 decoded, the private key data can be 2011 // used to authenticate with Google API client libraries and with gcloud 2012 // auth activate-service-account. 2013 PrivateKeyData string `json:"privateKeyData,omitempty"` 2014 2015 // PrivateKeyType: The output format for the private key. Only provided 2016 // in `CreateServiceAccountKey` responses, not in `GetServiceAccountKey` 2017 // or `ListServiceAccountKey` responses. Google never exposes 2018 // system-managed private keys, and never retains user-managed private 2019 // keys. 2020 // 2021 // Possible values: 2022 // "TYPE_UNSPECIFIED" - Unspecified. Equivalent to 2023 // `TYPE_GOOGLE_CREDENTIALS_FILE`. 2024 // "TYPE_PKCS12_FILE" - PKCS12 format. The password for the PKCS12 2025 // file is `notasecret`. For more information, see 2026 // https://tools.ietf.org/html/rfc7292. 2027 // "TYPE_GOOGLE_CREDENTIALS_FILE" - Google Credentials File format. 2028 PrivateKeyType string `json:"privateKeyType,omitempty"` 2029 2030 // PublicKeyData: The public key data. Only provided in 2031 // `GetServiceAccountKey` responses. 2032 PublicKeyData string `json:"publicKeyData,omitempty"` 2033 2034 // ValidAfterTime: The key can be used after this timestamp. 2035 ValidAfterTime string `json:"validAfterTime,omitempty"` 2036 2037 // ValidBeforeTime: The key can be used before this timestamp. For 2038 // system-managed key pairs, this timestamp is the end time for the 2039 // private key signing operation. The public key could still be used for 2040 // verification for a few hours after this time. 2041 ValidBeforeTime string `json:"validBeforeTime,omitempty"` 2042 2043 // ServerResponse contains the HTTP response code and headers from the 2044 // server. 2045 googleapi.ServerResponse `json:"-"` 2046 2047 // ForceSendFields is a list of field names (e.g. "KeyAlgorithm") to 2048 // unconditionally include in API requests. By default, fields with 2049 // empty or default values are omitted from API requests. However, any 2050 // non-pointer, non-interface field appearing in ForceSendFields will be 2051 // sent to the server regardless of whether the field is empty or not. 2052 // This may be used to include empty fields in Patch requests. 2053 ForceSendFields []string `json:"-"` 2054 2055 // NullFields is a list of field names (e.g. "KeyAlgorithm") to include 2056 // in API requests with the JSON null value. By default, fields with 2057 // empty values are omitted from API requests. However, any field with 2058 // an empty value appearing in NullFields will be sent to the server as 2059 // null. It is an error if a field in this list has a non-empty value. 2060 // This may be used to include null fields in Patch requests. 2061 NullFields []string `json:"-"` 2062} 2063 2064func (s *ServiceAccountKey) MarshalJSON() ([]byte, error) { 2065 type NoMethod ServiceAccountKey 2066 raw := NoMethod(*s) 2067 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2068} 2069 2070// SetIamPolicyRequest: Request message for `SetIamPolicy` method. 2071type SetIamPolicyRequest struct { 2072 // Policy: REQUIRED: The complete policy to be applied to the 2073 // `resource`. The size of the policy is limited to a few 10s of KB. An 2074 // empty policy is a valid policy but certain Cloud Platform services 2075 // (such as Projects) might reject them. 2076 Policy *Policy `json:"policy,omitempty"` 2077 2078 // UpdateMask: OPTIONAL: A FieldMask specifying which fields of the 2079 // policy to modify. Only the fields in the mask will be modified. If no 2080 // mask is provided, the following default mask is used: `paths: 2081 // "bindings, etag" 2082 UpdateMask string `json:"updateMask,omitempty"` 2083 2084 // ForceSendFields is a list of field names (e.g. "Policy") to 2085 // unconditionally include in API requests. By default, fields with 2086 // empty or default values are omitted from API requests. However, any 2087 // non-pointer, non-interface field appearing in ForceSendFields will be 2088 // sent to the server regardless of whether the field is empty or not. 2089 // This may be used to include empty fields in Patch requests. 2090 ForceSendFields []string `json:"-"` 2091 2092 // NullFields is a list of field names (e.g. "Policy") to include in API 2093 // requests with the JSON null value. By default, fields with empty 2094 // values are omitted from API requests. However, any field with an 2095 // empty value appearing in NullFields will be sent to the server as 2096 // null. It is an error if a field in this list has a non-empty value. 2097 // This may be used to include null fields in Patch requests. 2098 NullFields []string `json:"-"` 2099} 2100 2101func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) { 2102 type NoMethod SetIamPolicyRequest 2103 raw := NoMethod(*s) 2104 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2105} 2106 2107// SignBlobRequest: Deprecated. Migrate to Service Account Credentials 2108// API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2109// service account sign blob request. 2110type SignBlobRequest struct { 2111 // BytesToSign: Required. Deprecated. Migrate to Service Account 2112 // Credentials API 2113 // (https://cloud.google.com/iam/help/credentials/migrate-api). The 2114 // bytes to sign. 2115 BytesToSign string `json:"bytesToSign,omitempty"` 2116 2117 // ForceSendFields is a list of field names (e.g. "BytesToSign") to 2118 // unconditionally include in API requests. By default, fields with 2119 // empty or default values are omitted from API requests. However, any 2120 // non-pointer, non-interface field appearing in ForceSendFields will be 2121 // sent to the server regardless of whether the field is empty or not. 2122 // This may be used to include empty fields in Patch requests. 2123 ForceSendFields []string `json:"-"` 2124 2125 // NullFields is a list of field names (e.g. "BytesToSign") to include 2126 // in API requests with the JSON null value. By default, fields with 2127 // empty values are omitted from API requests. However, any field with 2128 // an empty value appearing in NullFields will be sent to the server as 2129 // null. It is an error if a field in this list has a non-empty value. 2130 // This may be used to include null fields in Patch requests. 2131 NullFields []string `json:"-"` 2132} 2133 2134func (s *SignBlobRequest) MarshalJSON() ([]byte, error) { 2135 type NoMethod SignBlobRequest 2136 raw := NoMethod(*s) 2137 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2138} 2139 2140// SignBlobResponse: Deprecated. Migrate to Service Account Credentials 2141// API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2142// service account sign blob response. 2143type SignBlobResponse struct { 2144 // KeyId: Deprecated. Migrate to Service Account Credentials API 2145 // (https://cloud.google.com/iam/help/credentials/migrate-api). The id 2146 // of the key used to sign the blob. 2147 KeyId string `json:"keyId,omitempty"` 2148 2149 // Signature: Deprecated. Migrate to Service Account Credentials API 2150 // (https://cloud.google.com/iam/help/credentials/migrate-api). The 2151 // signed blob. 2152 Signature string `json:"signature,omitempty"` 2153 2154 // ServerResponse contains the HTTP response code and headers from the 2155 // server. 2156 googleapi.ServerResponse `json:"-"` 2157 2158 // ForceSendFields is a list of field names (e.g. "KeyId") to 2159 // unconditionally include in API requests. By default, fields with 2160 // empty or default values are omitted from API requests. However, any 2161 // non-pointer, non-interface field appearing in ForceSendFields will be 2162 // sent to the server regardless of whether the field is empty or not. 2163 // This may be used to include empty fields in Patch requests. 2164 ForceSendFields []string `json:"-"` 2165 2166 // NullFields is a list of field names (e.g. "KeyId") to include in API 2167 // requests with the JSON null value. By default, fields with empty 2168 // values are omitted from API requests. However, any field with an 2169 // empty value appearing in NullFields will be sent to the server as 2170 // null. It is an error if a field in this list has a non-empty value. 2171 // This may be used to include null fields in Patch requests. 2172 NullFields []string `json:"-"` 2173} 2174 2175func (s *SignBlobResponse) MarshalJSON() ([]byte, error) { 2176 type NoMethod SignBlobResponse 2177 raw := NoMethod(*s) 2178 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2179} 2180 2181// SignJwtRequest: Deprecated. Migrate to Service Account Credentials 2182// API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2183// service account sign JWT request. 2184type SignJwtRequest struct { 2185 // Payload: Required. Deprecated. Migrate to Service Account Credentials 2186 // API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2187 // JWT payload to sign. Must be a serialized JSON object that contains a 2188 // JWT Claims Set. For example: `{"sub": "user@example.com", "iat": 2189 // 313435}` If the JWT Claims Set contains an expiration time (`exp`) 2190 // claim, it must be an integer timestamp that is not in the past and no 2191 // more than 12 hours in the future. If the JWT Claims Set does not 2192 // contain an expiration time (`exp`) claim, this claim is added 2193 // automatically, with a timestamp that is 1 hour in the future. 2194 Payload string `json:"payload,omitempty"` 2195 2196 // ForceSendFields is a list of field names (e.g. "Payload") to 2197 // unconditionally include in API requests. By default, fields with 2198 // empty or default values are omitted from API requests. However, any 2199 // non-pointer, non-interface field appearing in ForceSendFields will be 2200 // sent to the server regardless of whether the field is empty or not. 2201 // This may be used to include empty fields in Patch requests. 2202 ForceSendFields []string `json:"-"` 2203 2204 // NullFields is a list of field names (e.g. "Payload") to include in 2205 // API requests with the JSON null value. By default, fields with empty 2206 // values are omitted from API requests. However, any field with an 2207 // empty value appearing in NullFields will be sent to the server as 2208 // null. It is an error if a field in this list has a non-empty value. 2209 // This may be used to include null fields in Patch requests. 2210 NullFields []string `json:"-"` 2211} 2212 2213func (s *SignJwtRequest) MarshalJSON() ([]byte, error) { 2214 type NoMethod SignJwtRequest 2215 raw := NoMethod(*s) 2216 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2217} 2218 2219// SignJwtResponse: Deprecated. Migrate to Service Account Credentials 2220// API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2221// service account sign JWT response. 2222type SignJwtResponse struct { 2223 // KeyId: Deprecated. Migrate to Service Account Credentials API 2224 // (https://cloud.google.com/iam/help/credentials/migrate-api). The id 2225 // of the key used to sign the JWT. 2226 KeyId string `json:"keyId,omitempty"` 2227 2228 // SignedJwt: Deprecated. Migrate to Service Account Credentials API 2229 // (https://cloud.google.com/iam/help/credentials/migrate-api). The 2230 // signed JWT. 2231 SignedJwt string `json:"signedJwt,omitempty"` 2232 2233 // ServerResponse contains the HTTP response code and headers from the 2234 // server. 2235 googleapi.ServerResponse `json:"-"` 2236 2237 // ForceSendFields is a list of field names (e.g. "KeyId") to 2238 // unconditionally include in API requests. By default, fields with 2239 // empty or default values are omitted from API requests. However, any 2240 // non-pointer, non-interface field appearing in ForceSendFields will be 2241 // sent to the server regardless of whether the field is empty or not. 2242 // This may be used to include empty fields in Patch requests. 2243 ForceSendFields []string `json:"-"` 2244 2245 // NullFields is a list of field names (e.g. "KeyId") to include in API 2246 // requests with the JSON null value. By default, fields with empty 2247 // values are omitted from API requests. However, any field with an 2248 // empty value appearing in NullFields will be sent to the server as 2249 // null. It is an error if a field in this list has a non-empty value. 2250 // This may be used to include null fields in Patch requests. 2251 NullFields []string `json:"-"` 2252} 2253 2254func (s *SignJwtResponse) MarshalJSON() ([]byte, error) { 2255 type NoMethod SignJwtResponse 2256 raw := NoMethod(*s) 2257 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2258} 2259 2260// Status: The `Status` type defines a logical error model that is 2261// suitable for different programming environments, including REST APIs 2262// and RPC APIs. It is used by gRPC (https://github.com/grpc). Each 2263// `Status` message contains three pieces of data: error code, error 2264// message, and error details. You can find out more about this error 2265// model and how to work with it in the API Design Guide 2266// (https://cloud.google.com/apis/design/errors). 2267type Status struct { 2268 // Code: The status code, which should be an enum value of 2269 // google.rpc.Code. 2270 Code int64 `json:"code,omitempty"` 2271 2272 // Details: A list of messages that carry the error details. There is a 2273 // common set of message types for APIs to use. 2274 Details []googleapi.RawMessage `json:"details,omitempty"` 2275 2276 // Message: A developer-facing error message, which should be in 2277 // English. Any user-facing error message should be localized and sent 2278 // in the google.rpc.Status.details field, or localized by the client. 2279 Message string `json:"message,omitempty"` 2280 2281 // ForceSendFields is a list of field names (e.g. "Code") to 2282 // unconditionally include in API requests. By default, fields with 2283 // empty or default values are omitted from API requests. However, any 2284 // non-pointer, non-interface field appearing in ForceSendFields will be 2285 // sent to the server regardless of whether the field is empty or not. 2286 // This may be used to include empty fields in Patch requests. 2287 ForceSendFields []string `json:"-"` 2288 2289 // NullFields is a list of field names (e.g. "Code") to include in API 2290 // requests with the JSON null value. By default, fields with empty 2291 // values are omitted from API requests. However, any field with an 2292 // empty value appearing in NullFields will be sent to the server as 2293 // null. It is an error if a field in this list has a non-empty value. 2294 // This may be used to include null fields in Patch requests. 2295 NullFields []string `json:"-"` 2296} 2297 2298func (s *Status) MarshalJSON() ([]byte, error) { 2299 type NoMethod Status 2300 raw := NoMethod(*s) 2301 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2302} 2303 2304// TestIamPermissionsRequest: Request message for `TestIamPermissions` 2305// method. 2306type TestIamPermissionsRequest struct { 2307 // Permissions: The set of permissions to check for the `resource`. 2308 // Permissions with wildcards (such as '*' or 'storage.*') are not 2309 // allowed. For more information see IAM Overview 2310 // (https://cloud.google.com/iam/docs/overview#permissions). 2311 Permissions []string `json:"permissions,omitempty"` 2312 2313 // ForceSendFields is a list of field names (e.g. "Permissions") to 2314 // unconditionally include in API requests. By default, fields with 2315 // empty or default values are omitted from API requests. However, any 2316 // non-pointer, non-interface field appearing in ForceSendFields will be 2317 // sent to the server regardless of whether the field is empty or not. 2318 // This may be used to include empty fields in Patch requests. 2319 ForceSendFields []string `json:"-"` 2320 2321 // NullFields is a list of field names (e.g. "Permissions") to include 2322 // in API requests with the JSON null value. By default, fields with 2323 // empty values are omitted from API requests. However, any field with 2324 // an empty value appearing in NullFields will be sent to the server as 2325 // null. It is an error if a field in this list has a non-empty value. 2326 // This may be used to include null fields in Patch requests. 2327 NullFields []string `json:"-"` 2328} 2329 2330func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error) { 2331 type NoMethod TestIamPermissionsRequest 2332 raw := NoMethod(*s) 2333 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2334} 2335 2336// TestIamPermissionsResponse: Response message for `TestIamPermissions` 2337// method. 2338type TestIamPermissionsResponse struct { 2339 // Permissions: A subset of `TestPermissionsRequest.permissions` that 2340 // the caller is allowed. 2341 Permissions []string `json:"permissions,omitempty"` 2342 2343 // ServerResponse contains the HTTP response code and headers from the 2344 // server. 2345 googleapi.ServerResponse `json:"-"` 2346 2347 // ForceSendFields is a list of field names (e.g. "Permissions") to 2348 // unconditionally include in API requests. By default, fields with 2349 // empty or default values are omitted from API requests. However, any 2350 // non-pointer, non-interface field appearing in ForceSendFields will be 2351 // sent to the server regardless of whether the field is empty or not. 2352 // This may be used to include empty fields in Patch requests. 2353 ForceSendFields []string `json:"-"` 2354 2355 // NullFields is a list of field names (e.g. "Permissions") to include 2356 // in API requests with the JSON null value. By default, fields with 2357 // empty values are omitted from API requests. However, any field with 2358 // an empty value appearing in NullFields will be sent to the server as 2359 // null. It is an error if a field in this list has a non-empty value. 2360 // This may be used to include null fields in Patch requests. 2361 NullFields []string `json:"-"` 2362} 2363 2364func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) { 2365 type NoMethod TestIamPermissionsResponse 2366 raw := NoMethod(*s) 2367 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2368} 2369 2370// UndeleteRoleRequest: The request to undelete an existing role. 2371type UndeleteRoleRequest struct { 2372 // Etag: Used to perform a consistent read-modify-write. 2373 Etag string `json:"etag,omitempty"` 2374 2375 // ForceSendFields is a list of field names (e.g. "Etag") to 2376 // unconditionally include in API requests. By default, fields with 2377 // empty or default values are omitted from API requests. However, any 2378 // non-pointer, non-interface field appearing in ForceSendFields will be 2379 // sent to the server regardless of whether the field is empty or not. 2380 // This may be used to include empty fields in Patch requests. 2381 ForceSendFields []string `json:"-"` 2382 2383 // NullFields is a list of field names (e.g. "Etag") to include in API 2384 // requests with the JSON null value. By default, fields with empty 2385 // values are omitted from API requests. However, any field with an 2386 // empty value appearing in NullFields will be sent to the server as 2387 // null. It is an error if a field in this list has a non-empty value. 2388 // This may be used to include null fields in Patch requests. 2389 NullFields []string `json:"-"` 2390} 2391 2392func (s *UndeleteRoleRequest) MarshalJSON() ([]byte, error) { 2393 type NoMethod UndeleteRoleRequest 2394 raw := NoMethod(*s) 2395 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2396} 2397 2398// UndeleteServiceAccountRequest: The service account undelete request. 2399type UndeleteServiceAccountRequest struct { 2400} 2401 2402type UndeleteServiceAccountResponse struct { 2403 // RestoredAccount: Metadata for the restored service account. 2404 RestoredAccount *ServiceAccount `json:"restoredAccount,omitempty"` 2405 2406 // ServerResponse contains the HTTP response code and headers from the 2407 // server. 2408 googleapi.ServerResponse `json:"-"` 2409 2410 // ForceSendFields is a list of field names (e.g. "RestoredAccount") to 2411 // unconditionally include in API requests. By default, fields with 2412 // empty or default values are omitted from API requests. However, any 2413 // non-pointer, non-interface field appearing in ForceSendFields will be 2414 // sent to the server regardless of whether the field is empty or not. 2415 // This may be used to include empty fields in Patch requests. 2416 ForceSendFields []string `json:"-"` 2417 2418 // NullFields is a list of field names (e.g. "RestoredAccount") to 2419 // include in API requests with the JSON null value. By default, fields 2420 // with empty values are omitted from API requests. However, any field 2421 // with an empty value appearing in NullFields will be sent to the 2422 // server as null. It is an error if a field in this list has a 2423 // non-empty value. This may be used to include null fields in Patch 2424 // requests. 2425 NullFields []string `json:"-"` 2426} 2427 2428func (s *UndeleteServiceAccountResponse) MarshalJSON() ([]byte, error) { 2429 type NoMethod UndeleteServiceAccountResponse 2430 raw := NoMethod(*s) 2431 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2432} 2433 2434// UndeleteWorkloadIdentityPoolProviderRequest: Request message for 2435// UndeleteWorkloadIdentityPoolProvider. 2436type UndeleteWorkloadIdentityPoolProviderRequest struct { 2437} 2438 2439// UndeleteWorkloadIdentityPoolRequest: Request message for 2440// UndeleteWorkloadIdentityPool. 2441type UndeleteWorkloadIdentityPoolRequest struct { 2442} 2443 2444// UploadServiceAccountKeyRequest: The service account key upload 2445// request. 2446type UploadServiceAccountKeyRequest struct { 2447 // PublicKeyData: A field that allows clients to upload their own public 2448 // key. If set, use this public key data to create a service account key 2449 // for given service account. Please note, the expected format for this 2450 // field is X509_PEM. 2451 PublicKeyData string `json:"publicKeyData,omitempty"` 2452 2453 // ForceSendFields is a list of field names (e.g. "PublicKeyData") to 2454 // unconditionally include in API requests. By default, fields with 2455 // empty or default values are omitted from API requests. However, any 2456 // non-pointer, non-interface field appearing in ForceSendFields will be 2457 // sent to the server regardless of whether the field is empty or not. 2458 // This may be used to include empty fields in Patch requests. 2459 ForceSendFields []string `json:"-"` 2460 2461 // NullFields is a list of field names (e.g. "PublicKeyData") to include 2462 // in API requests with the JSON null value. By default, fields with 2463 // empty values are omitted from API requests. However, any field with 2464 // an empty value appearing in NullFields will be sent to the server as 2465 // null. It is an error if a field in this list has a non-empty value. 2466 // This may be used to include null fields in Patch requests. 2467 NullFields []string `json:"-"` 2468} 2469 2470func (s *UploadServiceAccountKeyRequest) MarshalJSON() ([]byte, error) { 2471 type NoMethod UploadServiceAccountKeyRequest 2472 raw := NoMethod(*s) 2473 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2474} 2475 2476// WorkloadIdentityPool: Represents a collection of external workload 2477// identities. You can define IAM policies to grant these identities 2478// access to Google Cloud resources. 2479type WorkloadIdentityPool struct { 2480 // Description: A description of the pool. Cannot exceed 256 characters. 2481 Description string `json:"description,omitempty"` 2482 2483 // Disabled: Whether the pool is disabled. You cannot use a disabled 2484 // pool to exchange tokens, or use existing tokens to access resources. 2485 // If the pool is re-enabled, existing tokens grant access again. 2486 Disabled bool `json:"disabled,omitempty"` 2487 2488 // DisplayName: A display name for the pool. Cannot exceed 32 2489 // characters. 2490 DisplayName string `json:"displayName,omitempty"` 2491 2492 // Name: Output only. The resource name of the pool. 2493 Name string `json:"name,omitempty"` 2494 2495 // State: Output only. The state of the pool. 2496 // 2497 // Possible values: 2498 // "STATE_UNSPECIFIED" - State unspecified. 2499 // "ACTIVE" - The pool is active, and may be used in Google Cloud 2500 // policies. 2501 // "DELETED" - The pool is soft-deleted. Soft-deleted pools are 2502 // permanently deleted after approximately 30 days. You can restore a 2503 // soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot 2504 // reuse the ID of a soft-deleted pool until it is permanently deleted. 2505 // While a pool is deleted, you cannot use it to exchange tokens, or use 2506 // existing tokens to access resources. If the pool is undeleted, 2507 // existing tokens grant access again. 2508 State string `json:"state,omitempty"` 2509 2510 // ServerResponse contains the HTTP response code and headers from the 2511 // server. 2512 googleapi.ServerResponse `json:"-"` 2513 2514 // ForceSendFields is a list of field names (e.g. "Description") to 2515 // unconditionally include in API requests. By default, fields with 2516 // empty or default values are omitted from API requests. However, any 2517 // non-pointer, non-interface field appearing in ForceSendFields will be 2518 // sent to the server regardless of whether the field is empty or not. 2519 // This may be used to include empty fields in Patch requests. 2520 ForceSendFields []string `json:"-"` 2521 2522 // NullFields is a list of field names (e.g. "Description") to include 2523 // in API requests with the JSON null value. By default, fields with 2524 // empty values are omitted from API requests. However, any field with 2525 // an empty value appearing in NullFields will be sent to the server as 2526 // null. It is an error if a field in this list has a non-empty value. 2527 // This may be used to include null fields in Patch requests. 2528 NullFields []string `json:"-"` 2529} 2530 2531func (s *WorkloadIdentityPool) MarshalJSON() ([]byte, error) { 2532 type NoMethod WorkloadIdentityPool 2533 raw := NoMethod(*s) 2534 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2535} 2536 2537// WorkloadIdentityPoolProvider: A configuration for an external 2538// identity provider. 2539type WorkloadIdentityPoolProvider struct { 2540 // AttributeCondition: A Common Expression Language 2541 // (https://opensource.google/projects/cel) expression, in plain text, 2542 // to restrict what otherwise valid authentication credentials issued by 2543 // the provider should not be accepted. The expression must output a 2544 // boolean representing whether to allow the federation. The following 2545 // keywords may be referenced in the expressions: * `assertion`: JSON 2546 // representing the authentication credential issued by the provider. * 2547 // `google`: The Google attributes mapped from the assertion in the 2548 // `attribute_mappings`. * `attribute`: The custom attributes mapped 2549 // from the assertion in the `attribute_mappings`. The maximum length of 2550 // the attribute condition expression is 4096 characters. If 2551 // unspecified, all valid authentication credential are accepted. The 2552 // following example shows how to only allow credentials with a mapped 2553 // `google.groups` value of `admins`: ``` "'admins' in google.groups" 2554 // ``` 2555 AttributeCondition string `json:"attributeCondition,omitempty"` 2556 2557 // AttributeMapping: Maps attributes from authentication credentials 2558 // issued by an external identity provider to Google Cloud attributes, 2559 // such as `subject` and `segment`. Each key must be a string specifying 2560 // the Google Cloud IAM attribute to map to. The following keys are 2561 // supported: * `google.subject`: The principal IAM is authenticating. 2562 // You can reference this value in IAM bindings. This is also the 2563 // subject that appears in Cloud Logging logs. Cannot exceed 127 2564 // characters. * `google.groups`: Groups the external identity belongs 2565 // to. You can grant groups access to resources using an IAM 2566 // `principalSet` binding; access applies to all members of the group. 2567 // You can also provide custom attributes by specifying 2568 // `attribute.{custom_attribute}`, where `{custom_attribute}` is the 2569 // name of the custom attribute to be mapped. You can define a maximum 2570 // of 50 custom attributes. The maximum length of a mapped attribute key 2571 // is 100 characters, and the key may only contain the characters 2572 // [a-z0-9_]. You can reference these attributes in IAM policies to 2573 // define fine-grained access for a workload to Google Cloud resources. 2574 // For example: * `google.subject`: 2575 // `principal://iam.googleapis.com/projects/{project}/locations/{location 2576 // }/workloadIdentityPools/{pool}/subject/{value}` * `google.groups`: 2577 // `principalSet://iam.googleapis.com/projects/{project}/locations/{locat 2578 // ion}/workloadIdentityPools/{pool}/group/{value}` * 2579 // `attribute.{custom_attribute}`: 2580 // `principalSet://iam.googleapis.com/projects/{project}/locations/{locat 2581 // ion}/workloadIdentityPools/{pool}/attribute.{custom_attribute}/{value} 2582 // ` Each value must be a [Common Expression Language] 2583 // (https://opensource.google/projects/cel) function that maps an 2584 // identity provider credential to the normalized attribute specified by 2585 // the corresponding map key. You can use the `assertion` keyword in the 2586 // expression to access a JSON representation of the authentication 2587 // credential issued by the provider. The maximum length of an attribute 2588 // mapping expression is 2048 characters. When evaluated, the total size 2589 // of all mapped attributes must not exceed 8KB. For AWS providers, if 2590 // no attribute mapping is defined, the following default mapping 2591 // applies: ``` { "google.subject":"assertion.arn", 2592 // "attribute.aws_role": "assertion.arn.contains('assumed-role')" " ? 2593 // assertion.arn.extract('{account_arn}assumed-role/')" " + 2594 // 'assumed-role/'" " + 2595 // assertion.arn.extract('assumed-role/{role_name}/')" " : 2596 // assertion.arn", } ``` If any custom attribute mappings are defined, 2597 // they must include a mapping to the `google.subject` attribute. For 2598 // OIDC providers, you must supply a custom mapping, which must include 2599 // the `google.subject` attribute. For example, the following maps the 2600 // `sub` claim of the incoming credential to the `subject` attribute on 2601 // a Google token: ``` {"google.subject": "assertion.sub"} ``` 2602 AttributeMapping map[string]string `json:"attributeMapping,omitempty"` 2603 2604 // Aws: An Amazon Web Services identity provider. 2605 Aws *Aws `json:"aws,omitempty"` 2606 2607 // Description: A description for the provider. Cannot exceed 256 2608 // characters. 2609 Description string `json:"description,omitempty"` 2610 2611 // Disabled: Whether the provider is disabled. You cannot use a disabled 2612 // provider to exchange tokens. However, existing tokens still grant 2613 // access. 2614 Disabled bool `json:"disabled,omitempty"` 2615 2616 // DisplayName: A display name for the provider. Cannot exceed 32 2617 // characters. 2618 DisplayName string `json:"displayName,omitempty"` 2619 2620 // Name: Output only. The resource name of the provider. 2621 Name string `json:"name,omitempty"` 2622 2623 // Oidc: An OpenId Connect 1.0 identity provider. 2624 Oidc *Oidc `json:"oidc,omitempty"` 2625 2626 // State: Output only. The state of the provider. 2627 // 2628 // Possible values: 2629 // "STATE_UNSPECIFIED" - State unspecified. 2630 // "ACTIVE" - The provider is active, and may be used to validate 2631 // authentication credentials. 2632 // "DELETED" - The provider is soft-deleted. Soft-deleted providers 2633 // are permanently deleted after approximately 30 days. You can restore 2634 // a soft-deleted provider using UndeleteWorkloadIdentityPoolProvider. 2635 // You cannot reuse the ID of a soft-deleted provider until it is 2636 // permanently deleted. 2637 State string `json:"state,omitempty"` 2638 2639 // ServerResponse contains the HTTP response code and headers from the 2640 // server. 2641 googleapi.ServerResponse `json:"-"` 2642 2643 // ForceSendFields is a list of field names (e.g. "AttributeCondition") 2644 // to unconditionally include in API requests. By default, fields with 2645 // empty or default values are omitted from API requests. However, any 2646 // non-pointer, non-interface field appearing in ForceSendFields will be 2647 // sent to the server regardless of whether the field is empty or not. 2648 // This may be used to include empty fields in Patch requests. 2649 ForceSendFields []string `json:"-"` 2650 2651 // NullFields is a list of field names (e.g. "AttributeCondition") to 2652 // include in API requests with the JSON null value. By default, fields 2653 // with empty values are omitted from API requests. However, any field 2654 // with an empty value appearing in NullFields will be sent to the 2655 // server as null. It is an error if a field in this list has a 2656 // non-empty value. This may be used to include null fields in Patch 2657 // requests. 2658 NullFields []string `json:"-"` 2659} 2660 2661func (s *WorkloadIdentityPoolProvider) MarshalJSON() ([]byte, error) { 2662 type NoMethod WorkloadIdentityPoolProvider 2663 raw := NoMethod(*s) 2664 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2665} 2666 2667// method id "iam.iamPolicies.lintPolicy": 2668 2669type IamPoliciesLintPolicyCall struct { 2670 s *Service 2671 lintpolicyrequest *LintPolicyRequest 2672 urlParams_ gensupport.URLParams 2673 ctx_ context.Context 2674 header_ http.Header 2675} 2676 2677// LintPolicy: Lints, or validates, an IAM policy. Currently checks the 2678// google.iam.v1.Binding.condition field, which contains a condition 2679// expression for a role binding. Successful calls to this method always 2680// return an HTTP `200 OK` status code, even if the linter detects an 2681// issue in the IAM policy. 2682func (r *IamPoliciesService) LintPolicy(lintpolicyrequest *LintPolicyRequest) *IamPoliciesLintPolicyCall { 2683 c := &IamPoliciesLintPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2684 c.lintpolicyrequest = lintpolicyrequest 2685 return c 2686} 2687 2688// Fields allows partial responses to be retrieved. See 2689// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2690// for more information. 2691func (c *IamPoliciesLintPolicyCall) Fields(s ...googleapi.Field) *IamPoliciesLintPolicyCall { 2692 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2693 return c 2694} 2695 2696// Context sets the context to be used in this call's Do method. Any 2697// pending HTTP request will be aborted if the provided context is 2698// canceled. 2699func (c *IamPoliciesLintPolicyCall) Context(ctx context.Context) *IamPoliciesLintPolicyCall { 2700 c.ctx_ = ctx 2701 return c 2702} 2703 2704// Header returns an http.Header that can be modified by the caller to 2705// add HTTP headers to the request. 2706func (c *IamPoliciesLintPolicyCall) Header() http.Header { 2707 if c.header_ == nil { 2708 c.header_ = make(http.Header) 2709 } 2710 return c.header_ 2711} 2712 2713func (c *IamPoliciesLintPolicyCall) doRequest(alt string) (*http.Response, error) { 2714 reqHeaders := make(http.Header) 2715 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 2716 for k, v := range c.header_ { 2717 reqHeaders[k] = v 2718 } 2719 reqHeaders.Set("User-Agent", c.s.userAgent()) 2720 var body io.Reader = nil 2721 body, err := googleapi.WithoutDataWrapper.JSONReader(c.lintpolicyrequest) 2722 if err != nil { 2723 return nil, err 2724 } 2725 reqHeaders.Set("Content-Type", "application/json") 2726 c.urlParams_.Set("alt", alt) 2727 c.urlParams_.Set("prettyPrint", "false") 2728 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/iamPolicies:lintPolicy") 2729 urls += "?" + c.urlParams_.Encode() 2730 req, err := http.NewRequest("POST", urls, body) 2731 if err != nil { 2732 return nil, err 2733 } 2734 req.Header = reqHeaders 2735 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2736} 2737 2738// Do executes the "iam.iamPolicies.lintPolicy" call. 2739// Exactly one of *LintPolicyResponse or error will be non-nil. Any 2740// non-2xx status code is an error. Response headers are in either 2741// *LintPolicyResponse.ServerResponse.Header or (if a response was 2742// returned at all) in error.(*googleapi.Error).Header. Use 2743// googleapi.IsNotModified to check whether the returned error was 2744// because http.StatusNotModified was returned. 2745func (c *IamPoliciesLintPolicyCall) Do(opts ...googleapi.CallOption) (*LintPolicyResponse, error) { 2746 gensupport.SetOptions(c.urlParams_, opts...) 2747 res, err := c.doRequest("json") 2748 if res != nil && res.StatusCode == http.StatusNotModified { 2749 if res.Body != nil { 2750 res.Body.Close() 2751 } 2752 return nil, &googleapi.Error{ 2753 Code: res.StatusCode, 2754 Header: res.Header, 2755 } 2756 } 2757 if err != nil { 2758 return nil, err 2759 } 2760 defer googleapi.CloseBody(res) 2761 if err := googleapi.CheckResponse(res); err != nil { 2762 return nil, err 2763 } 2764 ret := &LintPolicyResponse{ 2765 ServerResponse: googleapi.ServerResponse{ 2766 Header: res.Header, 2767 HTTPStatusCode: res.StatusCode, 2768 }, 2769 } 2770 target := &ret 2771 if err := gensupport.DecodeResponse(target, res); err != nil { 2772 return nil, err 2773 } 2774 return ret, nil 2775 // { 2776 // "description": "Lints, or validates, an IAM policy. Currently checks the google.iam.v1.Binding.condition field, which contains a condition expression for a role binding. Successful calls to this method always return an HTTP `200 OK` status code, even if the linter detects an issue in the IAM policy.", 2777 // "flatPath": "v1/iamPolicies:lintPolicy", 2778 // "httpMethod": "POST", 2779 // "id": "iam.iamPolicies.lintPolicy", 2780 // "parameterOrder": [], 2781 // "parameters": {}, 2782 // "path": "v1/iamPolicies:lintPolicy", 2783 // "request": { 2784 // "$ref": "LintPolicyRequest" 2785 // }, 2786 // "response": { 2787 // "$ref": "LintPolicyResponse" 2788 // }, 2789 // "scopes": [ 2790 // "https://www.googleapis.com/auth/cloud-platform" 2791 // ] 2792 // } 2793 2794} 2795 2796// method id "iam.iamPolicies.queryAuditableServices": 2797 2798type IamPoliciesQueryAuditableServicesCall struct { 2799 s *Service 2800 queryauditableservicesrequest *QueryAuditableServicesRequest 2801 urlParams_ gensupport.URLParams 2802 ctx_ context.Context 2803 header_ http.Header 2804} 2805 2806// QueryAuditableServices: Returns a list of services that allow you to 2807// opt into audit logs that are not generated by default. To learn more 2808// about audit logs, see the Logging documentation 2809// (https://cloud.google.com/logging/docs/audit). 2810func (r *IamPoliciesService) QueryAuditableServices(queryauditableservicesrequest *QueryAuditableServicesRequest) *IamPoliciesQueryAuditableServicesCall { 2811 c := &IamPoliciesQueryAuditableServicesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2812 c.queryauditableservicesrequest = queryauditableservicesrequest 2813 return c 2814} 2815 2816// Fields allows partial responses to be retrieved. See 2817// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2818// for more information. 2819func (c *IamPoliciesQueryAuditableServicesCall) Fields(s ...googleapi.Field) *IamPoliciesQueryAuditableServicesCall { 2820 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2821 return c 2822} 2823 2824// Context sets the context to be used in this call's Do method. Any 2825// pending HTTP request will be aborted if the provided context is 2826// canceled. 2827func (c *IamPoliciesQueryAuditableServicesCall) Context(ctx context.Context) *IamPoliciesQueryAuditableServicesCall { 2828 c.ctx_ = ctx 2829 return c 2830} 2831 2832// Header returns an http.Header that can be modified by the caller to 2833// add HTTP headers to the request. 2834func (c *IamPoliciesQueryAuditableServicesCall) Header() http.Header { 2835 if c.header_ == nil { 2836 c.header_ = make(http.Header) 2837 } 2838 return c.header_ 2839} 2840 2841func (c *IamPoliciesQueryAuditableServicesCall) doRequest(alt string) (*http.Response, error) { 2842 reqHeaders := make(http.Header) 2843 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 2844 for k, v := range c.header_ { 2845 reqHeaders[k] = v 2846 } 2847 reqHeaders.Set("User-Agent", c.s.userAgent()) 2848 var body io.Reader = nil 2849 body, err := googleapi.WithoutDataWrapper.JSONReader(c.queryauditableservicesrequest) 2850 if err != nil { 2851 return nil, err 2852 } 2853 reqHeaders.Set("Content-Type", "application/json") 2854 c.urlParams_.Set("alt", alt) 2855 c.urlParams_.Set("prettyPrint", "false") 2856 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/iamPolicies:queryAuditableServices") 2857 urls += "?" + c.urlParams_.Encode() 2858 req, err := http.NewRequest("POST", urls, body) 2859 if err != nil { 2860 return nil, err 2861 } 2862 req.Header = reqHeaders 2863 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2864} 2865 2866// Do executes the "iam.iamPolicies.queryAuditableServices" call. 2867// Exactly one of *QueryAuditableServicesResponse or error will be 2868// non-nil. Any non-2xx status code is an error. Response headers are in 2869// either *QueryAuditableServicesResponse.ServerResponse.Header or (if a 2870// response was returned at all) in error.(*googleapi.Error).Header. Use 2871// googleapi.IsNotModified to check whether the returned error was 2872// because http.StatusNotModified was returned. 2873func (c *IamPoliciesQueryAuditableServicesCall) Do(opts ...googleapi.CallOption) (*QueryAuditableServicesResponse, error) { 2874 gensupport.SetOptions(c.urlParams_, opts...) 2875 res, err := c.doRequest("json") 2876 if res != nil && res.StatusCode == http.StatusNotModified { 2877 if res.Body != nil { 2878 res.Body.Close() 2879 } 2880 return nil, &googleapi.Error{ 2881 Code: res.StatusCode, 2882 Header: res.Header, 2883 } 2884 } 2885 if err != nil { 2886 return nil, err 2887 } 2888 defer googleapi.CloseBody(res) 2889 if err := googleapi.CheckResponse(res); err != nil { 2890 return nil, err 2891 } 2892 ret := &QueryAuditableServicesResponse{ 2893 ServerResponse: googleapi.ServerResponse{ 2894 Header: res.Header, 2895 HTTPStatusCode: res.StatusCode, 2896 }, 2897 } 2898 target := &ret 2899 if err := gensupport.DecodeResponse(target, res); err != nil { 2900 return nil, err 2901 } 2902 return ret, nil 2903 // { 2904 // "description": "Returns a list of services that allow you to opt into audit logs that are not generated by default. To learn more about audit logs, see the [Logging documentation](https://cloud.google.com/logging/docs/audit).", 2905 // "flatPath": "v1/iamPolicies:queryAuditableServices", 2906 // "httpMethod": "POST", 2907 // "id": "iam.iamPolicies.queryAuditableServices", 2908 // "parameterOrder": [], 2909 // "parameters": {}, 2910 // "path": "v1/iamPolicies:queryAuditableServices", 2911 // "request": { 2912 // "$ref": "QueryAuditableServicesRequest" 2913 // }, 2914 // "response": { 2915 // "$ref": "QueryAuditableServicesResponse" 2916 // }, 2917 // "scopes": [ 2918 // "https://www.googleapis.com/auth/cloud-platform" 2919 // ] 2920 // } 2921 2922} 2923 2924// method id "iam.organizations.roles.create": 2925 2926type OrganizationsRolesCreateCall struct { 2927 s *Service 2928 parent string 2929 createrolerequest *CreateRoleRequest 2930 urlParams_ gensupport.URLParams 2931 ctx_ context.Context 2932 header_ http.Header 2933} 2934 2935// Create: Creates a new custom Role. 2936// 2937// - parent: The `parent` parameter's value depends on the target 2938// resource for the request, namely `projects` 2939// (/iam/reference/rest/v1/projects.roles) or `organizations` 2940// (/iam/reference/rest/v1/organizations.roles). Each resource type's 2941// `parent` value format is described below: * 2942// `projects.roles.create()` 2943// (/iam/reference/rest/v1/projects.roles/create): 2944// `projects/{PROJECT_ID}`. This method creates project-level custom 2945// roles (/iam/docs/understanding-custom-roles). Example request URL: 2946// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 2947// `organizations.roles.create()` 2948// (/iam/reference/rest/v1/organizations.roles/create): 2949// `organizations/{ORGANIZATION_ID}`. This method creates 2950// organization-level custom roles 2951// (/iam/docs/understanding-custom-roles). Example request URL: 2952// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 2953// ` Note: Wildcard (*) values are invalid; you must specify a 2954// complete project ID or organization ID. 2955func (r *OrganizationsRolesService) Create(parent string, createrolerequest *CreateRoleRequest) *OrganizationsRolesCreateCall { 2956 c := &OrganizationsRolesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2957 c.parent = parent 2958 c.createrolerequest = createrolerequest 2959 return c 2960} 2961 2962// Fields allows partial responses to be retrieved. See 2963// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2964// for more information. 2965func (c *OrganizationsRolesCreateCall) Fields(s ...googleapi.Field) *OrganizationsRolesCreateCall { 2966 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2967 return c 2968} 2969 2970// Context sets the context to be used in this call's Do method. Any 2971// pending HTTP request will be aborted if the provided context is 2972// canceled. 2973func (c *OrganizationsRolesCreateCall) Context(ctx context.Context) *OrganizationsRolesCreateCall { 2974 c.ctx_ = ctx 2975 return c 2976} 2977 2978// Header returns an http.Header that can be modified by the caller to 2979// add HTTP headers to the request. 2980func (c *OrganizationsRolesCreateCall) Header() http.Header { 2981 if c.header_ == nil { 2982 c.header_ = make(http.Header) 2983 } 2984 return c.header_ 2985} 2986 2987func (c *OrganizationsRolesCreateCall) doRequest(alt string) (*http.Response, error) { 2988 reqHeaders := make(http.Header) 2989 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 2990 for k, v := range c.header_ { 2991 reqHeaders[k] = v 2992 } 2993 reqHeaders.Set("User-Agent", c.s.userAgent()) 2994 var body io.Reader = nil 2995 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createrolerequest) 2996 if err != nil { 2997 return nil, err 2998 } 2999 reqHeaders.Set("Content-Type", "application/json") 3000 c.urlParams_.Set("alt", alt) 3001 c.urlParams_.Set("prettyPrint", "false") 3002 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 3003 urls += "?" + c.urlParams_.Encode() 3004 req, err := http.NewRequest("POST", urls, body) 3005 if err != nil { 3006 return nil, err 3007 } 3008 req.Header = reqHeaders 3009 googleapi.Expand(req.URL, map[string]string{ 3010 "parent": c.parent, 3011 }) 3012 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3013} 3014 3015// Do executes the "iam.organizations.roles.create" call. 3016// Exactly one of *Role or error will be non-nil. Any non-2xx status 3017// code is an error. Response headers are in either 3018// *Role.ServerResponse.Header or (if a response was returned at all) in 3019// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3020// whether the returned error was because http.StatusNotModified was 3021// returned. 3022func (c *OrganizationsRolesCreateCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3023 gensupport.SetOptions(c.urlParams_, opts...) 3024 res, err := c.doRequest("json") 3025 if res != nil && res.StatusCode == http.StatusNotModified { 3026 if res.Body != nil { 3027 res.Body.Close() 3028 } 3029 return nil, &googleapi.Error{ 3030 Code: res.StatusCode, 3031 Header: res.Header, 3032 } 3033 } 3034 if err != nil { 3035 return nil, err 3036 } 3037 defer googleapi.CloseBody(res) 3038 if err := googleapi.CheckResponse(res); err != nil { 3039 return nil, err 3040 } 3041 ret := &Role{ 3042 ServerResponse: googleapi.ServerResponse{ 3043 Header: res.Header, 3044 HTTPStatusCode: res.StatusCode, 3045 }, 3046 } 3047 target := &ret 3048 if err := gensupport.DecodeResponse(target, res); err != nil { 3049 return nil, err 3050 } 3051 return ret, nil 3052 // { 3053 // "description": "Creates a new custom Role.", 3054 // "flatPath": "v1/organizations/{organizationsId}/roles", 3055 // "httpMethod": "POST", 3056 // "id": "iam.organizations.roles.create", 3057 // "parameterOrder": [ 3058 // "parent" 3059 // ], 3060 // "parameters": { 3061 // "parent": { 3062 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`projects.roles.create()`](/iam/reference/rest/v1/projects.roles/create): `projects/{PROJECT_ID}`. This method creates project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.create()`](/iam/reference/rest/v1/organizations.roles/create): `organizations/{ORGANIZATION_ID}`. This method creates organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3063 // "location": "path", 3064 // "pattern": "^organizations/[^/]+$", 3065 // "required": true, 3066 // "type": "string" 3067 // } 3068 // }, 3069 // "path": "v1/{+parent}/roles", 3070 // "request": { 3071 // "$ref": "CreateRoleRequest" 3072 // }, 3073 // "response": { 3074 // "$ref": "Role" 3075 // }, 3076 // "scopes": [ 3077 // "https://www.googleapis.com/auth/cloud-platform" 3078 // ] 3079 // } 3080 3081} 3082 3083// method id "iam.organizations.roles.delete": 3084 3085type OrganizationsRolesDeleteCall struct { 3086 s *Service 3087 name string 3088 urlParams_ gensupport.URLParams 3089 ctx_ context.Context 3090 header_ http.Header 3091} 3092 3093// Delete: Deletes a custom Role. When you delete a custom role, the 3094// following changes occur immediately: * You cannot bind a member to 3095// the custom role in an IAM Policy. * Existing bindings to the custom 3096// role are not changed, but they have no effect. * By default, the 3097// response from ListRoles does not include the custom role. You have 7 3098// days to undelete the custom role. After 7 days, the following changes 3099// occur: * The custom role is permanently deleted and cannot be 3100// recovered. * If an IAM policy contains a binding to the custom role, 3101// the binding is permanently removed. 3102// 3103// - name: The `name` parameter's value depends on the target resource 3104// for the request, namely `projects` 3105// (/iam/reference/rest/v1/projects.roles) or `organizations` 3106// (/iam/reference/rest/v1/organizations.roles). Each resource type's 3107// `name` value format is described below: * `projects.roles.delete()` 3108// (/iam/reference/rest/v1/projects.roles/delete): 3109// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes 3110// only custom roles (/iam/docs/understanding-custom-roles) that have 3111// been created at the project level. Example request URL: 3112// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 3113// OLE_ID}` * `organizations.roles.delete()` 3114// (/iam/reference/rest/v1/organizations.roles/delete): 3115// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 3116// method deletes only custom roles 3117// (/iam/docs/understanding-custom-roles) that have been created at 3118// the organization level. Example request URL: 3119// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 3120// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 3121// specify a complete project ID or organization ID. 3122func (r *OrganizationsRolesService) Delete(name string) *OrganizationsRolesDeleteCall { 3123 c := &OrganizationsRolesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3124 c.name = name 3125 return c 3126} 3127 3128// Etag sets the optional parameter "etag": Used to perform a consistent 3129// read-modify-write. 3130func (c *OrganizationsRolesDeleteCall) Etag(etag string) *OrganizationsRolesDeleteCall { 3131 c.urlParams_.Set("etag", etag) 3132 return c 3133} 3134 3135// Fields allows partial responses to be retrieved. See 3136// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3137// for more information. 3138func (c *OrganizationsRolesDeleteCall) Fields(s ...googleapi.Field) *OrganizationsRolesDeleteCall { 3139 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3140 return c 3141} 3142 3143// Context sets the context to be used in this call's Do method. Any 3144// pending HTTP request will be aborted if the provided context is 3145// canceled. 3146func (c *OrganizationsRolesDeleteCall) Context(ctx context.Context) *OrganizationsRolesDeleteCall { 3147 c.ctx_ = ctx 3148 return c 3149} 3150 3151// Header returns an http.Header that can be modified by the caller to 3152// add HTTP headers to the request. 3153func (c *OrganizationsRolesDeleteCall) Header() http.Header { 3154 if c.header_ == nil { 3155 c.header_ = make(http.Header) 3156 } 3157 return c.header_ 3158} 3159 3160func (c *OrganizationsRolesDeleteCall) doRequest(alt string) (*http.Response, error) { 3161 reqHeaders := make(http.Header) 3162 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 3163 for k, v := range c.header_ { 3164 reqHeaders[k] = v 3165 } 3166 reqHeaders.Set("User-Agent", c.s.userAgent()) 3167 var body io.Reader = nil 3168 c.urlParams_.Set("alt", alt) 3169 c.urlParams_.Set("prettyPrint", "false") 3170 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3171 urls += "?" + c.urlParams_.Encode() 3172 req, err := http.NewRequest("DELETE", urls, body) 3173 if err != nil { 3174 return nil, err 3175 } 3176 req.Header = reqHeaders 3177 googleapi.Expand(req.URL, map[string]string{ 3178 "name": c.name, 3179 }) 3180 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3181} 3182 3183// Do executes the "iam.organizations.roles.delete" call. 3184// Exactly one of *Role or error will be non-nil. Any non-2xx status 3185// code is an error. Response headers are in either 3186// *Role.ServerResponse.Header or (if a response was returned at all) in 3187// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3188// whether the returned error was because http.StatusNotModified was 3189// returned. 3190func (c *OrganizationsRolesDeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3191 gensupport.SetOptions(c.urlParams_, opts...) 3192 res, err := c.doRequest("json") 3193 if res != nil && res.StatusCode == http.StatusNotModified { 3194 if res.Body != nil { 3195 res.Body.Close() 3196 } 3197 return nil, &googleapi.Error{ 3198 Code: res.StatusCode, 3199 Header: res.Header, 3200 } 3201 } 3202 if err != nil { 3203 return nil, err 3204 } 3205 defer googleapi.CloseBody(res) 3206 if err := googleapi.CheckResponse(res); err != nil { 3207 return nil, err 3208 } 3209 ret := &Role{ 3210 ServerResponse: googleapi.ServerResponse{ 3211 Header: res.Header, 3212 HTTPStatusCode: res.StatusCode, 3213 }, 3214 } 3215 target := &ret 3216 if err := gensupport.DecodeResponse(target, res); err != nil { 3217 return nil, err 3218 } 3219 return ret, nil 3220 // { 3221 // "description": "Deletes a custom Role. When you delete a custom role, the following changes occur immediately: * You cannot bind a member to the custom role in an IAM Policy. * Existing bindings to the custom role are not changed, but they have no effect. * By default, the response from ListRoles does not include the custom role. You have 7 days to undelete the custom role. After 7 days, the following changes occur: * The custom role is permanently deleted and cannot be recovered. * If an IAM policy contains a binding to the custom role, the binding is permanently removed.", 3222 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 3223 // "httpMethod": "DELETE", 3224 // "id": "iam.organizations.roles.delete", 3225 // "parameterOrder": [ 3226 // "name" 3227 // ], 3228 // "parameters": { 3229 // "etag": { 3230 // "description": "Used to perform a consistent read-modify-write.", 3231 // "format": "byte", 3232 // "location": "query", 3233 // "type": "string" 3234 // }, 3235 // "name": { 3236 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.delete()`](/iam/reference/rest/v1/projects.roles/delete): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.delete()`](/iam/reference/rest/v1/organizations.roles/delete): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3237 // "location": "path", 3238 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3239 // "required": true, 3240 // "type": "string" 3241 // } 3242 // }, 3243 // "path": "v1/{+name}", 3244 // "response": { 3245 // "$ref": "Role" 3246 // }, 3247 // "scopes": [ 3248 // "https://www.googleapis.com/auth/cloud-platform" 3249 // ] 3250 // } 3251 3252} 3253 3254// method id "iam.organizations.roles.get": 3255 3256type OrganizationsRolesGetCall struct { 3257 s *Service 3258 name string 3259 urlParams_ gensupport.URLParams 3260 ifNoneMatch_ string 3261 ctx_ context.Context 3262 header_ http.Header 3263} 3264 3265// Get: Gets the definition of a Role. 3266// 3267// - name: The `name` parameter's value depends on the target resource 3268// for the request, namely `roles` (/iam/reference/rest/v1/roles), 3269// `projects` (/iam/reference/rest/v1/projects.roles), or 3270// `organizations` (/iam/reference/rest/v1/organizations.roles). Each 3271// resource type's `name` value format is described below: * 3272// `roles.get()` (/iam/reference/rest/v1/roles/get): 3273// `roles/{ROLE_NAME}`. This method returns results from all 3274// predefined roles (/iam/docs/understanding-roles#predefined_roles) 3275// in Cloud IAM. Example request URL: 3276// `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * 3277// `projects.roles.get()` (/iam/reference/rest/v1/projects.roles/get): 3278// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns 3279// only custom roles (/iam/docs/understanding-custom-roles) that have 3280// been created at the project level. Example request URL: 3281// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 3282// OLE_ID}` * `organizations.roles.get()` 3283// (/iam/reference/rest/v1/organizations.roles/get): 3284// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 3285// method returns only custom roles 3286// (/iam/docs/understanding-custom-roles) that have been created at 3287// the organization level. Example request URL: 3288// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 3289// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 3290// specify a complete project ID or organization ID. 3291func (r *OrganizationsRolesService) Get(name string) *OrganizationsRolesGetCall { 3292 c := &OrganizationsRolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3293 c.name = name 3294 return c 3295} 3296 3297// Fields allows partial responses to be retrieved. See 3298// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3299// for more information. 3300func (c *OrganizationsRolesGetCall) Fields(s ...googleapi.Field) *OrganizationsRolesGetCall { 3301 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3302 return c 3303} 3304 3305// IfNoneMatch sets the optional parameter which makes the operation 3306// fail if the object's ETag matches the given value. This is useful for 3307// getting updates only after the object has changed since the last 3308// request. Use googleapi.IsNotModified to check whether the response 3309// error from Do is the result of In-None-Match. 3310func (c *OrganizationsRolesGetCall) IfNoneMatch(entityTag string) *OrganizationsRolesGetCall { 3311 c.ifNoneMatch_ = entityTag 3312 return c 3313} 3314 3315// Context sets the context to be used in this call's Do method. Any 3316// pending HTTP request will be aborted if the provided context is 3317// canceled. 3318func (c *OrganizationsRolesGetCall) Context(ctx context.Context) *OrganizationsRolesGetCall { 3319 c.ctx_ = ctx 3320 return c 3321} 3322 3323// Header returns an http.Header that can be modified by the caller to 3324// add HTTP headers to the request. 3325func (c *OrganizationsRolesGetCall) Header() http.Header { 3326 if c.header_ == nil { 3327 c.header_ = make(http.Header) 3328 } 3329 return c.header_ 3330} 3331 3332func (c *OrganizationsRolesGetCall) doRequest(alt string) (*http.Response, error) { 3333 reqHeaders := make(http.Header) 3334 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 3335 for k, v := range c.header_ { 3336 reqHeaders[k] = v 3337 } 3338 reqHeaders.Set("User-Agent", c.s.userAgent()) 3339 if c.ifNoneMatch_ != "" { 3340 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3341 } 3342 var body io.Reader = nil 3343 c.urlParams_.Set("alt", alt) 3344 c.urlParams_.Set("prettyPrint", "false") 3345 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3346 urls += "?" + c.urlParams_.Encode() 3347 req, err := http.NewRequest("GET", urls, body) 3348 if err != nil { 3349 return nil, err 3350 } 3351 req.Header = reqHeaders 3352 googleapi.Expand(req.URL, map[string]string{ 3353 "name": c.name, 3354 }) 3355 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3356} 3357 3358// Do executes the "iam.organizations.roles.get" call. 3359// Exactly one of *Role or error will be non-nil. Any non-2xx status 3360// code is an error. Response headers are in either 3361// *Role.ServerResponse.Header or (if a response was returned at all) in 3362// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3363// whether the returned error was because http.StatusNotModified was 3364// returned. 3365func (c *OrganizationsRolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3366 gensupport.SetOptions(c.urlParams_, opts...) 3367 res, err := c.doRequest("json") 3368 if res != nil && res.StatusCode == http.StatusNotModified { 3369 if res.Body != nil { 3370 res.Body.Close() 3371 } 3372 return nil, &googleapi.Error{ 3373 Code: res.StatusCode, 3374 Header: res.Header, 3375 } 3376 } 3377 if err != nil { 3378 return nil, err 3379 } 3380 defer googleapi.CloseBody(res) 3381 if err := googleapi.CheckResponse(res); err != nil { 3382 return nil, err 3383 } 3384 ret := &Role{ 3385 ServerResponse: googleapi.ServerResponse{ 3386 Header: res.Header, 3387 HTTPStatusCode: res.StatusCode, 3388 }, 3389 } 3390 target := &ret 3391 if err := gensupport.DecodeResponse(target, res); err != nil { 3392 return nil, err 3393 } 3394 return ret, nil 3395 // { 3396 // "description": "Gets the definition of a Role.", 3397 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 3398 // "httpMethod": "GET", 3399 // "id": "iam.organizations.roles.get", 3400 // "parameterOrder": [ 3401 // "name" 3402 // ], 3403 // "parameters": { 3404 // "name": { 3405 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`. This method returns results from all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3406 // "location": "path", 3407 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3408 // "required": true, 3409 // "type": "string" 3410 // } 3411 // }, 3412 // "path": "v1/{+name}", 3413 // "response": { 3414 // "$ref": "Role" 3415 // }, 3416 // "scopes": [ 3417 // "https://www.googleapis.com/auth/cloud-platform" 3418 // ] 3419 // } 3420 3421} 3422 3423// method id "iam.organizations.roles.list": 3424 3425type OrganizationsRolesListCall struct { 3426 s *Service 3427 parent string 3428 urlParams_ gensupport.URLParams 3429 ifNoneMatch_ string 3430 ctx_ context.Context 3431 header_ http.Header 3432} 3433 3434// List: Lists every predefined Role that IAM supports, or every custom 3435// role that is defined for an organization or project. 3436// 3437// - parent: The `parent` parameter's value depends on the target 3438// resource for the request, namely `roles` 3439// (/iam/reference/rest/v1/roles), `projects` 3440// (/iam/reference/rest/v1/projects.roles), or `organizations` 3441// (/iam/reference/rest/v1/organizations.roles). Each resource type's 3442// `parent` value format is described below: * `roles.list()` 3443// (/iam/reference/rest/v1/roles/list): An empty string. This method 3444// doesn't require a resource; it simply returns all predefined roles 3445// (/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. 3446// Example request URL: `https://iam.googleapis.com/v1/roles` * 3447// `projects.roles.list()` 3448// (/iam/reference/rest/v1/projects.roles/list): 3449// `projects/{PROJECT_ID}`. This method lists all project-level custom 3450// roles (/iam/docs/understanding-custom-roles). Example request URL: 3451// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 3452// `organizations.roles.list()` 3453// (/iam/reference/rest/v1/organizations.roles/list): 3454// `organizations/{ORGANIZATION_ID}`. This method lists all 3455// organization-level custom roles 3456// (/iam/docs/understanding-custom-roles). Example request URL: 3457// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 3458// ` Note: Wildcard (*) values are invalid; you must specify a 3459// complete project ID or organization ID. 3460func (r *OrganizationsRolesService) List(parent string) *OrganizationsRolesListCall { 3461 c := &OrganizationsRolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3462 c.parent = parent 3463 return c 3464} 3465 3466// PageSize sets the optional parameter "pageSize": Optional limit on 3467// the number of roles to include in the response. The default is 300, 3468// and the maximum is 1,000. 3469func (c *OrganizationsRolesListCall) PageSize(pageSize int64) *OrganizationsRolesListCall { 3470 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 3471 return c 3472} 3473 3474// PageToken sets the optional parameter "pageToken": Optional 3475// pagination token returned in an earlier ListRolesResponse. 3476func (c *OrganizationsRolesListCall) PageToken(pageToken string) *OrganizationsRolesListCall { 3477 c.urlParams_.Set("pageToken", pageToken) 3478 return c 3479} 3480 3481// ShowDeleted sets the optional parameter "showDeleted": Include Roles 3482// that have been deleted. 3483func (c *OrganizationsRolesListCall) ShowDeleted(showDeleted bool) *OrganizationsRolesListCall { 3484 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 3485 return c 3486} 3487 3488// View sets the optional parameter "view": Optional view for the 3489// returned Role objects. When `FULL` is specified, the 3490// `includedPermissions` field is returned, which includes a list of all 3491// permissions in the role. The default value is `BASIC`, which does not 3492// return the `includedPermissions` field. 3493// 3494// Possible values: 3495// "BASIC" - Omits the `included_permissions` field. This is the 3496// default value. 3497// "FULL" - Returns all fields. 3498func (c *OrganizationsRolesListCall) View(view string) *OrganizationsRolesListCall { 3499 c.urlParams_.Set("view", view) 3500 return c 3501} 3502 3503// Fields allows partial responses to be retrieved. See 3504// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3505// for more information. 3506func (c *OrganizationsRolesListCall) Fields(s ...googleapi.Field) *OrganizationsRolesListCall { 3507 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3508 return c 3509} 3510 3511// IfNoneMatch sets the optional parameter which makes the operation 3512// fail if the object's ETag matches the given value. This is useful for 3513// getting updates only after the object has changed since the last 3514// request. Use googleapi.IsNotModified to check whether the response 3515// error from Do is the result of In-None-Match. 3516func (c *OrganizationsRolesListCall) IfNoneMatch(entityTag string) *OrganizationsRolesListCall { 3517 c.ifNoneMatch_ = entityTag 3518 return c 3519} 3520 3521// Context sets the context to be used in this call's Do method. Any 3522// pending HTTP request will be aborted if the provided context is 3523// canceled. 3524func (c *OrganizationsRolesListCall) Context(ctx context.Context) *OrganizationsRolesListCall { 3525 c.ctx_ = ctx 3526 return c 3527} 3528 3529// Header returns an http.Header that can be modified by the caller to 3530// add HTTP headers to the request. 3531func (c *OrganizationsRolesListCall) Header() http.Header { 3532 if c.header_ == nil { 3533 c.header_ = make(http.Header) 3534 } 3535 return c.header_ 3536} 3537 3538func (c *OrganizationsRolesListCall) doRequest(alt string) (*http.Response, error) { 3539 reqHeaders := make(http.Header) 3540 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 3541 for k, v := range c.header_ { 3542 reqHeaders[k] = v 3543 } 3544 reqHeaders.Set("User-Agent", c.s.userAgent()) 3545 if c.ifNoneMatch_ != "" { 3546 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3547 } 3548 var body io.Reader = nil 3549 c.urlParams_.Set("alt", alt) 3550 c.urlParams_.Set("prettyPrint", "false") 3551 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 3552 urls += "?" + c.urlParams_.Encode() 3553 req, err := http.NewRequest("GET", urls, body) 3554 if err != nil { 3555 return nil, err 3556 } 3557 req.Header = reqHeaders 3558 googleapi.Expand(req.URL, map[string]string{ 3559 "parent": c.parent, 3560 }) 3561 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3562} 3563 3564// Do executes the "iam.organizations.roles.list" call. 3565// Exactly one of *ListRolesResponse or error will be non-nil. Any 3566// non-2xx status code is an error. Response headers are in either 3567// *ListRolesResponse.ServerResponse.Header or (if a response was 3568// returned at all) in error.(*googleapi.Error).Header. Use 3569// googleapi.IsNotModified to check whether the returned error was 3570// because http.StatusNotModified was returned. 3571func (c *OrganizationsRolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 3572 gensupport.SetOptions(c.urlParams_, opts...) 3573 res, err := c.doRequest("json") 3574 if res != nil && res.StatusCode == http.StatusNotModified { 3575 if res.Body != nil { 3576 res.Body.Close() 3577 } 3578 return nil, &googleapi.Error{ 3579 Code: res.StatusCode, 3580 Header: res.Header, 3581 } 3582 } 3583 if err != nil { 3584 return nil, err 3585 } 3586 defer googleapi.CloseBody(res) 3587 if err := googleapi.CheckResponse(res); err != nil { 3588 return nil, err 3589 } 3590 ret := &ListRolesResponse{ 3591 ServerResponse: googleapi.ServerResponse{ 3592 Header: res.Header, 3593 HTTPStatusCode: res.StatusCode, 3594 }, 3595 } 3596 target := &ret 3597 if err := gensupport.DecodeResponse(target, res); err != nil { 3598 return nil, err 3599 } 3600 return ret, nil 3601 // { 3602 // "description": "Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.", 3603 // "flatPath": "v1/organizations/{organizationsId}/roles", 3604 // "httpMethod": "GET", 3605 // "id": "iam.organizations.roles.list", 3606 // "parameterOrder": [ 3607 // "parent" 3608 // ], 3609 // "parameters": { 3610 // "pageSize": { 3611 // "description": "Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000.", 3612 // "format": "int32", 3613 // "location": "query", 3614 // "type": "integer" 3615 // }, 3616 // "pageToken": { 3617 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 3618 // "location": "query", 3619 // "type": "string" 3620 // }, 3621 // "parent": { 3622 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string. This method doesn't require a resource; it simply returns all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles` * [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list): `projects/{PROJECT_ID}`. This method lists all project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list): `organizations/{ORGANIZATION_ID}`. This method lists all organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3623 // "location": "path", 3624 // "pattern": "^organizations/[^/]+$", 3625 // "required": true, 3626 // "type": "string" 3627 // }, 3628 // "showDeleted": { 3629 // "description": "Include Roles that have been deleted.", 3630 // "location": "query", 3631 // "type": "boolean" 3632 // }, 3633 // "view": { 3634 // "description": "Optional view for the returned Role objects. When `FULL` is specified, the `includedPermissions` field is returned, which includes a list of all permissions in the role. The default value is `BASIC`, which does not return the `includedPermissions` field.", 3635 // "enum": [ 3636 // "BASIC", 3637 // "FULL" 3638 // ], 3639 // "enumDescriptions": [ 3640 // "Omits the `included_permissions` field. This is the default value.", 3641 // "Returns all fields." 3642 // ], 3643 // "location": "query", 3644 // "type": "string" 3645 // } 3646 // }, 3647 // "path": "v1/{+parent}/roles", 3648 // "response": { 3649 // "$ref": "ListRolesResponse" 3650 // }, 3651 // "scopes": [ 3652 // "https://www.googleapis.com/auth/cloud-platform" 3653 // ] 3654 // } 3655 3656} 3657 3658// Pages invokes f for each page of results. 3659// A non-nil error returned from f will halt the iteration. 3660// The provided context supersedes any context provided to the Context method. 3661func (c *OrganizationsRolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 3662 c.ctx_ = ctx 3663 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 3664 for { 3665 x, err := c.Do() 3666 if err != nil { 3667 return err 3668 } 3669 if err := f(x); err != nil { 3670 return err 3671 } 3672 if x.NextPageToken == "" { 3673 return nil 3674 } 3675 c.PageToken(x.NextPageToken) 3676 } 3677} 3678 3679// method id "iam.organizations.roles.patch": 3680 3681type OrganizationsRolesPatchCall struct { 3682 s *Service 3683 name string 3684 role *Role 3685 urlParams_ gensupport.URLParams 3686 ctx_ context.Context 3687 header_ http.Header 3688} 3689 3690// Patch: Updates the definition of a custom Role. 3691// 3692// - name: The `name` parameter's value depends on the target resource 3693// for the request, namely `projects` 3694// (/iam/reference/rest/v1/projects.roles) or `organizations` 3695// (/iam/reference/rest/v1/organizations.roles). Each resource type's 3696// `name` value format is described below: * `projects.roles.patch()` 3697// (/iam/reference/rest/v1/projects.roles/patch): 3698// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates 3699// only custom roles (/iam/docs/understanding-custom-roles) that have 3700// been created at the project level. Example request URL: 3701// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 3702// OLE_ID}` * `organizations.roles.patch()` 3703// (/iam/reference/rest/v1/organizations.roles/patch): 3704// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 3705// method updates only custom roles 3706// (/iam/docs/understanding-custom-roles) that have been created at 3707// the organization level. Example request URL: 3708// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 3709// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 3710// specify a complete project ID or organization ID. 3711func (r *OrganizationsRolesService) Patch(name string, role *Role) *OrganizationsRolesPatchCall { 3712 c := &OrganizationsRolesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3713 c.name = name 3714 c.role = role 3715 return c 3716} 3717 3718// UpdateMask sets the optional parameter "updateMask": A mask 3719// describing which fields in the Role have changed. 3720func (c *OrganizationsRolesPatchCall) UpdateMask(updateMask string) *OrganizationsRolesPatchCall { 3721 c.urlParams_.Set("updateMask", updateMask) 3722 return c 3723} 3724 3725// Fields allows partial responses to be retrieved. See 3726// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3727// for more information. 3728func (c *OrganizationsRolesPatchCall) Fields(s ...googleapi.Field) *OrganizationsRolesPatchCall { 3729 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3730 return c 3731} 3732 3733// Context sets the context to be used in this call's Do method. Any 3734// pending HTTP request will be aborted if the provided context is 3735// canceled. 3736func (c *OrganizationsRolesPatchCall) Context(ctx context.Context) *OrganizationsRolesPatchCall { 3737 c.ctx_ = ctx 3738 return c 3739} 3740 3741// Header returns an http.Header that can be modified by the caller to 3742// add HTTP headers to the request. 3743func (c *OrganizationsRolesPatchCall) Header() http.Header { 3744 if c.header_ == nil { 3745 c.header_ = make(http.Header) 3746 } 3747 return c.header_ 3748} 3749 3750func (c *OrganizationsRolesPatchCall) doRequest(alt string) (*http.Response, error) { 3751 reqHeaders := make(http.Header) 3752 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 3753 for k, v := range c.header_ { 3754 reqHeaders[k] = v 3755 } 3756 reqHeaders.Set("User-Agent", c.s.userAgent()) 3757 var body io.Reader = nil 3758 body, err := googleapi.WithoutDataWrapper.JSONReader(c.role) 3759 if err != nil { 3760 return nil, err 3761 } 3762 reqHeaders.Set("Content-Type", "application/json") 3763 c.urlParams_.Set("alt", alt) 3764 c.urlParams_.Set("prettyPrint", "false") 3765 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3766 urls += "?" + c.urlParams_.Encode() 3767 req, err := http.NewRequest("PATCH", urls, body) 3768 if err != nil { 3769 return nil, err 3770 } 3771 req.Header = reqHeaders 3772 googleapi.Expand(req.URL, map[string]string{ 3773 "name": c.name, 3774 }) 3775 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3776} 3777 3778// Do executes the "iam.organizations.roles.patch" call. 3779// Exactly one of *Role or error will be non-nil. Any non-2xx status 3780// code is an error. Response headers are in either 3781// *Role.ServerResponse.Header or (if a response was returned at all) in 3782// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3783// whether the returned error was because http.StatusNotModified was 3784// returned. 3785func (c *OrganizationsRolesPatchCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3786 gensupport.SetOptions(c.urlParams_, opts...) 3787 res, err := c.doRequest("json") 3788 if res != nil && res.StatusCode == http.StatusNotModified { 3789 if res.Body != nil { 3790 res.Body.Close() 3791 } 3792 return nil, &googleapi.Error{ 3793 Code: res.StatusCode, 3794 Header: res.Header, 3795 } 3796 } 3797 if err != nil { 3798 return nil, err 3799 } 3800 defer googleapi.CloseBody(res) 3801 if err := googleapi.CheckResponse(res); err != nil { 3802 return nil, err 3803 } 3804 ret := &Role{ 3805 ServerResponse: googleapi.ServerResponse{ 3806 Header: res.Header, 3807 HTTPStatusCode: res.StatusCode, 3808 }, 3809 } 3810 target := &ret 3811 if err := gensupport.DecodeResponse(target, res); err != nil { 3812 return nil, err 3813 } 3814 return ret, nil 3815 // { 3816 // "description": "Updates the definition of a custom Role.", 3817 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 3818 // "httpMethod": "PATCH", 3819 // "id": "iam.organizations.roles.patch", 3820 // "parameterOrder": [ 3821 // "name" 3822 // ], 3823 // "parameters": { 3824 // "name": { 3825 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.patch()`](/iam/reference/rest/v1/projects.roles/patch): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.patch()`](/iam/reference/rest/v1/organizations.roles/patch): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3826 // "location": "path", 3827 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3828 // "required": true, 3829 // "type": "string" 3830 // }, 3831 // "updateMask": { 3832 // "description": "A mask describing which fields in the Role have changed.", 3833 // "format": "google-fieldmask", 3834 // "location": "query", 3835 // "type": "string" 3836 // } 3837 // }, 3838 // "path": "v1/{+name}", 3839 // "request": { 3840 // "$ref": "Role" 3841 // }, 3842 // "response": { 3843 // "$ref": "Role" 3844 // }, 3845 // "scopes": [ 3846 // "https://www.googleapis.com/auth/cloud-platform" 3847 // ] 3848 // } 3849 3850} 3851 3852// method id "iam.organizations.roles.undelete": 3853 3854type OrganizationsRolesUndeleteCall struct { 3855 s *Service 3856 name string 3857 undeleterolerequest *UndeleteRoleRequest 3858 urlParams_ gensupport.URLParams 3859 ctx_ context.Context 3860 header_ http.Header 3861} 3862 3863// Undelete: Undeletes a custom Role. 3864// 3865// - name: The `name` parameter's value depends on the target resource 3866// for the request, namely `projects` 3867// (/iam/reference/rest/v1/projects.roles) or `organizations` 3868// (/iam/reference/rest/v1/organizations.roles). Each resource type's 3869// `name` value format is described below: * 3870// `projects.roles.undelete()` 3871// (/iam/reference/rest/v1/projects.roles/undelete): 3872// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method 3873// undeletes only custom roles (/iam/docs/understanding-custom-roles) 3874// that have been created at the project level. Example request URL: 3875// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 3876// OLE_ID}` * `organizations.roles.undelete()` 3877// (/iam/reference/rest/v1/organizations.roles/undelete): 3878// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 3879// method undeletes only custom roles 3880// (/iam/docs/understanding-custom-roles) that have been created at 3881// the organization level. Example request URL: 3882// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 3883// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 3884// specify a complete project ID or organization ID. 3885func (r *OrganizationsRolesService) Undelete(name string, undeleterolerequest *UndeleteRoleRequest) *OrganizationsRolesUndeleteCall { 3886 c := &OrganizationsRolesUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3887 c.name = name 3888 c.undeleterolerequest = undeleterolerequest 3889 return c 3890} 3891 3892// Fields allows partial responses to be retrieved. See 3893// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3894// for more information. 3895func (c *OrganizationsRolesUndeleteCall) Fields(s ...googleapi.Field) *OrganizationsRolesUndeleteCall { 3896 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3897 return c 3898} 3899 3900// Context sets the context to be used in this call's Do method. Any 3901// pending HTTP request will be aborted if the provided context is 3902// canceled. 3903func (c *OrganizationsRolesUndeleteCall) Context(ctx context.Context) *OrganizationsRolesUndeleteCall { 3904 c.ctx_ = ctx 3905 return c 3906} 3907 3908// Header returns an http.Header that can be modified by the caller to 3909// add HTTP headers to the request. 3910func (c *OrganizationsRolesUndeleteCall) Header() http.Header { 3911 if c.header_ == nil { 3912 c.header_ = make(http.Header) 3913 } 3914 return c.header_ 3915} 3916 3917func (c *OrganizationsRolesUndeleteCall) doRequest(alt string) (*http.Response, error) { 3918 reqHeaders := make(http.Header) 3919 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 3920 for k, v := range c.header_ { 3921 reqHeaders[k] = v 3922 } 3923 reqHeaders.Set("User-Agent", c.s.userAgent()) 3924 var body io.Reader = nil 3925 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleterolerequest) 3926 if err != nil { 3927 return nil, err 3928 } 3929 reqHeaders.Set("Content-Type", "application/json") 3930 c.urlParams_.Set("alt", alt) 3931 c.urlParams_.Set("prettyPrint", "false") 3932 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 3933 urls += "?" + c.urlParams_.Encode() 3934 req, err := http.NewRequest("POST", urls, body) 3935 if err != nil { 3936 return nil, err 3937 } 3938 req.Header = reqHeaders 3939 googleapi.Expand(req.URL, map[string]string{ 3940 "name": c.name, 3941 }) 3942 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3943} 3944 3945// Do executes the "iam.organizations.roles.undelete" call. 3946// Exactly one of *Role or error will be non-nil. Any non-2xx status 3947// code is an error. Response headers are in either 3948// *Role.ServerResponse.Header or (if a response was returned at all) in 3949// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3950// whether the returned error was because http.StatusNotModified was 3951// returned. 3952func (c *OrganizationsRolesUndeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3953 gensupport.SetOptions(c.urlParams_, opts...) 3954 res, err := c.doRequest("json") 3955 if res != nil && res.StatusCode == http.StatusNotModified { 3956 if res.Body != nil { 3957 res.Body.Close() 3958 } 3959 return nil, &googleapi.Error{ 3960 Code: res.StatusCode, 3961 Header: res.Header, 3962 } 3963 } 3964 if err != nil { 3965 return nil, err 3966 } 3967 defer googleapi.CloseBody(res) 3968 if err := googleapi.CheckResponse(res); err != nil { 3969 return nil, err 3970 } 3971 ret := &Role{ 3972 ServerResponse: googleapi.ServerResponse{ 3973 Header: res.Header, 3974 HTTPStatusCode: res.StatusCode, 3975 }, 3976 } 3977 target := &ret 3978 if err := gensupport.DecodeResponse(target, res); err != nil { 3979 return nil, err 3980 } 3981 return ret, nil 3982 // { 3983 // "description": "Undeletes a custom Role.", 3984 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}:undelete", 3985 // "httpMethod": "POST", 3986 // "id": "iam.organizations.roles.undelete", 3987 // "parameterOrder": [ 3988 // "name" 3989 // ], 3990 // "parameters": { 3991 // "name": { 3992 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.undelete()`](/iam/reference/rest/v1/projects.roles/undelete): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.undelete()`](/iam/reference/rest/v1/organizations.roles/undelete): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3993 // "location": "path", 3994 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3995 // "required": true, 3996 // "type": "string" 3997 // } 3998 // }, 3999 // "path": "v1/{+name}:undelete", 4000 // "request": { 4001 // "$ref": "UndeleteRoleRequest" 4002 // }, 4003 // "response": { 4004 // "$ref": "Role" 4005 // }, 4006 // "scopes": [ 4007 // "https://www.googleapis.com/auth/cloud-platform" 4008 // ] 4009 // } 4010 4011} 4012 4013// method id "iam.permissions.queryTestablePermissions": 4014 4015type PermissionsQueryTestablePermissionsCall struct { 4016 s *Service 4017 querytestablepermissionsrequest *QueryTestablePermissionsRequest 4018 urlParams_ gensupport.URLParams 4019 ctx_ context.Context 4020 header_ http.Header 4021} 4022 4023// QueryTestablePermissions: Lists every permission that you can test on 4024// a resource. A permission is testable if you can check whether a 4025// member has that permission on the resource. 4026func (r *PermissionsService) QueryTestablePermissions(querytestablepermissionsrequest *QueryTestablePermissionsRequest) *PermissionsQueryTestablePermissionsCall { 4027 c := &PermissionsQueryTestablePermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4028 c.querytestablepermissionsrequest = querytestablepermissionsrequest 4029 return c 4030} 4031 4032// Fields allows partial responses to be retrieved. See 4033// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4034// for more information. 4035func (c *PermissionsQueryTestablePermissionsCall) Fields(s ...googleapi.Field) *PermissionsQueryTestablePermissionsCall { 4036 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4037 return c 4038} 4039 4040// Context sets the context to be used in this call's Do method. Any 4041// pending HTTP request will be aborted if the provided context is 4042// canceled. 4043func (c *PermissionsQueryTestablePermissionsCall) Context(ctx context.Context) *PermissionsQueryTestablePermissionsCall { 4044 c.ctx_ = ctx 4045 return c 4046} 4047 4048// Header returns an http.Header that can be modified by the caller to 4049// add HTTP headers to the request. 4050func (c *PermissionsQueryTestablePermissionsCall) Header() http.Header { 4051 if c.header_ == nil { 4052 c.header_ = make(http.Header) 4053 } 4054 return c.header_ 4055} 4056 4057func (c *PermissionsQueryTestablePermissionsCall) doRequest(alt string) (*http.Response, error) { 4058 reqHeaders := make(http.Header) 4059 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 4060 for k, v := range c.header_ { 4061 reqHeaders[k] = v 4062 } 4063 reqHeaders.Set("User-Agent", c.s.userAgent()) 4064 var body io.Reader = nil 4065 body, err := googleapi.WithoutDataWrapper.JSONReader(c.querytestablepermissionsrequest) 4066 if err != nil { 4067 return nil, err 4068 } 4069 reqHeaders.Set("Content-Type", "application/json") 4070 c.urlParams_.Set("alt", alt) 4071 c.urlParams_.Set("prettyPrint", "false") 4072 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/permissions:queryTestablePermissions") 4073 urls += "?" + c.urlParams_.Encode() 4074 req, err := http.NewRequest("POST", urls, body) 4075 if err != nil { 4076 return nil, err 4077 } 4078 req.Header = reqHeaders 4079 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4080} 4081 4082// Do executes the "iam.permissions.queryTestablePermissions" call. 4083// Exactly one of *QueryTestablePermissionsResponse or error will be 4084// non-nil. Any non-2xx status code is an error. Response headers are in 4085// either *QueryTestablePermissionsResponse.ServerResponse.Header or (if 4086// a response was returned at all) in error.(*googleapi.Error).Header. 4087// Use googleapi.IsNotModified to check whether the returned error was 4088// because http.StatusNotModified was returned. 4089func (c *PermissionsQueryTestablePermissionsCall) Do(opts ...googleapi.CallOption) (*QueryTestablePermissionsResponse, error) { 4090 gensupport.SetOptions(c.urlParams_, opts...) 4091 res, err := c.doRequest("json") 4092 if res != nil && res.StatusCode == http.StatusNotModified { 4093 if res.Body != nil { 4094 res.Body.Close() 4095 } 4096 return nil, &googleapi.Error{ 4097 Code: res.StatusCode, 4098 Header: res.Header, 4099 } 4100 } 4101 if err != nil { 4102 return nil, err 4103 } 4104 defer googleapi.CloseBody(res) 4105 if err := googleapi.CheckResponse(res); err != nil { 4106 return nil, err 4107 } 4108 ret := &QueryTestablePermissionsResponse{ 4109 ServerResponse: googleapi.ServerResponse{ 4110 Header: res.Header, 4111 HTTPStatusCode: res.StatusCode, 4112 }, 4113 } 4114 target := &ret 4115 if err := gensupport.DecodeResponse(target, res); err != nil { 4116 return nil, err 4117 } 4118 return ret, nil 4119 // { 4120 // "description": "Lists every permission that you can test on a resource. A permission is testable if you can check whether a member has that permission on the resource.", 4121 // "flatPath": "v1/permissions:queryTestablePermissions", 4122 // "httpMethod": "POST", 4123 // "id": "iam.permissions.queryTestablePermissions", 4124 // "parameterOrder": [], 4125 // "parameters": {}, 4126 // "path": "v1/permissions:queryTestablePermissions", 4127 // "request": { 4128 // "$ref": "QueryTestablePermissionsRequest" 4129 // }, 4130 // "response": { 4131 // "$ref": "QueryTestablePermissionsResponse" 4132 // }, 4133 // "scopes": [ 4134 // "https://www.googleapis.com/auth/cloud-platform" 4135 // ] 4136 // } 4137 4138} 4139 4140// Pages invokes f for each page of results. 4141// A non-nil error returned from f will halt the iteration. 4142// The provided context supersedes any context provided to the Context method. 4143func (c *PermissionsQueryTestablePermissionsCall) Pages(ctx context.Context, f func(*QueryTestablePermissionsResponse) error) error { 4144 c.ctx_ = ctx 4145 defer func(pt string) { c.querytestablepermissionsrequest.PageToken = pt }(c.querytestablepermissionsrequest.PageToken) // reset paging to original point 4146 for { 4147 x, err := c.Do() 4148 if err != nil { 4149 return err 4150 } 4151 if err := f(x); err != nil { 4152 return err 4153 } 4154 if x.NextPageToken == "" { 4155 return nil 4156 } 4157 c.querytestablepermissionsrequest.PageToken = x.NextPageToken 4158 } 4159} 4160 4161// method id "iam.projects.locations.workloadIdentityPools.create": 4162 4163type ProjectsLocationsWorkloadIdentityPoolsCreateCall struct { 4164 s *Service 4165 parent string 4166 workloadidentitypool *WorkloadIdentityPool 4167 urlParams_ gensupport.URLParams 4168 ctx_ context.Context 4169 header_ http.Header 4170} 4171 4172// Create: Creates a new WorkloadIdentityPool. You cannot reuse the name 4173// of a deleted pool until 30 days after deletion. 4174// 4175// - parent: The parent resource to create the pool in. The only 4176// supported location is `global`. 4177func (r *ProjectsLocationsWorkloadIdentityPoolsService) Create(parent string, workloadidentitypool *WorkloadIdentityPool) *ProjectsLocationsWorkloadIdentityPoolsCreateCall { 4178 c := &ProjectsLocationsWorkloadIdentityPoolsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4179 c.parent = parent 4180 c.workloadidentitypool = workloadidentitypool 4181 return c 4182} 4183 4184// WorkloadIdentityPoolId sets the optional parameter 4185// "workloadIdentityPoolId": Required. The ID to use for the pool, which 4186// becomes the final component of the resource name. This value should 4187// be 4-32 characters, and may contain the characters [a-z0-9-]. The 4188// prefix `gcp-` is reserved for use by Google, and may not be 4189// specified. 4190func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) WorkloadIdentityPoolId(workloadIdentityPoolId string) *ProjectsLocationsWorkloadIdentityPoolsCreateCall { 4191 c.urlParams_.Set("workloadIdentityPoolId", workloadIdentityPoolId) 4192 return c 4193} 4194 4195// Fields allows partial responses to be retrieved. See 4196// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4197// for more information. 4198func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsCreateCall { 4199 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4200 return c 4201} 4202 4203// Context sets the context to be used in this call's Do method. Any 4204// pending HTTP request will be aborted if the provided context is 4205// canceled. 4206func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsCreateCall { 4207 c.ctx_ = ctx 4208 return c 4209} 4210 4211// Header returns an http.Header that can be modified by the caller to 4212// add HTTP headers to the request. 4213func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Header() http.Header { 4214 if c.header_ == nil { 4215 c.header_ = make(http.Header) 4216 } 4217 return c.header_ 4218} 4219 4220func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) doRequest(alt string) (*http.Response, error) { 4221 reqHeaders := make(http.Header) 4222 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 4223 for k, v := range c.header_ { 4224 reqHeaders[k] = v 4225 } 4226 reqHeaders.Set("User-Agent", c.s.userAgent()) 4227 var body io.Reader = nil 4228 body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypool) 4229 if err != nil { 4230 return nil, err 4231 } 4232 reqHeaders.Set("Content-Type", "application/json") 4233 c.urlParams_.Set("alt", alt) 4234 c.urlParams_.Set("prettyPrint", "false") 4235 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/workloadIdentityPools") 4236 urls += "?" + c.urlParams_.Encode() 4237 req, err := http.NewRequest("POST", urls, body) 4238 if err != nil { 4239 return nil, err 4240 } 4241 req.Header = reqHeaders 4242 googleapi.Expand(req.URL, map[string]string{ 4243 "parent": c.parent, 4244 }) 4245 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4246} 4247 4248// Do executes the "iam.projects.locations.workloadIdentityPools.create" call. 4249// Exactly one of *Operation or error will be non-nil. Any non-2xx 4250// status code is an error. Response headers are in either 4251// *Operation.ServerResponse.Header or (if a response was returned at 4252// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 4253// to check whether the returned error was because 4254// http.StatusNotModified was returned. 4255func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 4256 gensupport.SetOptions(c.urlParams_, opts...) 4257 res, err := c.doRequest("json") 4258 if res != nil && res.StatusCode == http.StatusNotModified { 4259 if res.Body != nil { 4260 res.Body.Close() 4261 } 4262 return nil, &googleapi.Error{ 4263 Code: res.StatusCode, 4264 Header: res.Header, 4265 } 4266 } 4267 if err != nil { 4268 return nil, err 4269 } 4270 defer googleapi.CloseBody(res) 4271 if err := googleapi.CheckResponse(res); err != nil { 4272 return nil, err 4273 } 4274 ret := &Operation{ 4275 ServerResponse: googleapi.ServerResponse{ 4276 Header: res.Header, 4277 HTTPStatusCode: res.StatusCode, 4278 }, 4279 } 4280 target := &ret 4281 if err := gensupport.DecodeResponse(target, res); err != nil { 4282 return nil, err 4283 } 4284 return ret, nil 4285 // { 4286 // "description": "Creates a new WorkloadIdentityPool. You cannot reuse the name of a deleted pool until 30 days after deletion.", 4287 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools", 4288 // "httpMethod": "POST", 4289 // "id": "iam.projects.locations.workloadIdentityPools.create", 4290 // "parameterOrder": [ 4291 // "parent" 4292 // ], 4293 // "parameters": { 4294 // "parent": { 4295 // "description": "Required. The parent resource to create the pool in. The only supported location is `global`.", 4296 // "location": "path", 4297 // "pattern": "^projects/[^/]+/locations/[^/]+$", 4298 // "required": true, 4299 // "type": "string" 4300 // }, 4301 // "workloadIdentityPoolId": { 4302 // "description": "Required. The ID to use for the pool, which becomes the final component of the resource name. This value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix `gcp-` is reserved for use by Google, and may not be specified.", 4303 // "location": "query", 4304 // "type": "string" 4305 // } 4306 // }, 4307 // "path": "v1/{+parent}/workloadIdentityPools", 4308 // "request": { 4309 // "$ref": "WorkloadIdentityPool" 4310 // }, 4311 // "response": { 4312 // "$ref": "Operation" 4313 // }, 4314 // "scopes": [ 4315 // "https://www.googleapis.com/auth/cloud-platform" 4316 // ] 4317 // } 4318 4319} 4320 4321// method id "iam.projects.locations.workloadIdentityPools.delete": 4322 4323type ProjectsLocationsWorkloadIdentityPoolsDeleteCall struct { 4324 s *Service 4325 name string 4326 urlParams_ gensupport.URLParams 4327 ctx_ context.Context 4328 header_ http.Header 4329} 4330 4331// Delete: Deletes a WorkloadIdentityPool. You cannot use a deleted pool 4332// to exchange external credentials for Google Cloud credentials. 4333// However, deletion does not revoke credentials that have already been 4334// issued. Credentials issued for a deleted pool do not grant access to 4335// resources. If the pool is undeleted, and the credentials are not 4336// expired, they grant access again. You can undelete a pool for 30 4337// days. After 30 days, deletion is permanent. You cannot update deleted 4338// pools. However, you can view and list them. 4339// 4340// - name: The name of the pool to delete. 4341func (r *ProjectsLocationsWorkloadIdentityPoolsService) Delete(name string) *ProjectsLocationsWorkloadIdentityPoolsDeleteCall { 4342 c := &ProjectsLocationsWorkloadIdentityPoolsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4343 c.name = name 4344 return c 4345} 4346 4347// Fields allows partial responses to be retrieved. See 4348// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4349// for more information. 4350func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsDeleteCall { 4351 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4352 return c 4353} 4354 4355// Context sets the context to be used in this call's Do method. Any 4356// pending HTTP request will be aborted if the provided context is 4357// canceled. 4358func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsDeleteCall { 4359 c.ctx_ = ctx 4360 return c 4361} 4362 4363// Header returns an http.Header that can be modified by the caller to 4364// add HTTP headers to the request. 4365func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Header() http.Header { 4366 if c.header_ == nil { 4367 c.header_ = make(http.Header) 4368 } 4369 return c.header_ 4370} 4371 4372func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) doRequest(alt string) (*http.Response, error) { 4373 reqHeaders := make(http.Header) 4374 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 4375 for k, v := range c.header_ { 4376 reqHeaders[k] = v 4377 } 4378 reqHeaders.Set("User-Agent", c.s.userAgent()) 4379 var body io.Reader = nil 4380 c.urlParams_.Set("alt", alt) 4381 c.urlParams_.Set("prettyPrint", "false") 4382 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4383 urls += "?" + c.urlParams_.Encode() 4384 req, err := http.NewRequest("DELETE", urls, body) 4385 if err != nil { 4386 return nil, err 4387 } 4388 req.Header = reqHeaders 4389 googleapi.Expand(req.URL, map[string]string{ 4390 "name": c.name, 4391 }) 4392 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4393} 4394 4395// Do executes the "iam.projects.locations.workloadIdentityPools.delete" call. 4396// Exactly one of *Operation or error will be non-nil. Any non-2xx 4397// status code is an error. Response headers are in either 4398// *Operation.ServerResponse.Header or (if a response was returned at 4399// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 4400// to check whether the returned error was because 4401// http.StatusNotModified was returned. 4402func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 4403 gensupport.SetOptions(c.urlParams_, opts...) 4404 res, err := c.doRequest("json") 4405 if res != nil && res.StatusCode == http.StatusNotModified { 4406 if res.Body != nil { 4407 res.Body.Close() 4408 } 4409 return nil, &googleapi.Error{ 4410 Code: res.StatusCode, 4411 Header: res.Header, 4412 } 4413 } 4414 if err != nil { 4415 return nil, err 4416 } 4417 defer googleapi.CloseBody(res) 4418 if err := googleapi.CheckResponse(res); err != nil { 4419 return nil, err 4420 } 4421 ret := &Operation{ 4422 ServerResponse: googleapi.ServerResponse{ 4423 Header: res.Header, 4424 HTTPStatusCode: res.StatusCode, 4425 }, 4426 } 4427 target := &ret 4428 if err := gensupport.DecodeResponse(target, res); err != nil { 4429 return nil, err 4430 } 4431 return ret, nil 4432 // { 4433 // "description": "Deletes a WorkloadIdentityPool. You cannot use a deleted pool to exchange external credentials for Google Cloud credentials. However, deletion does not revoke credentials that have already been issued. Credentials issued for a deleted pool do not grant access to resources. If the pool is undeleted, and the credentials are not expired, they grant access again. You can undelete a pool for 30 days. After 30 days, deletion is permanent. You cannot update deleted pools. However, you can view and list them.", 4434 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}", 4435 // "httpMethod": "DELETE", 4436 // "id": "iam.projects.locations.workloadIdentityPools.delete", 4437 // "parameterOrder": [ 4438 // "name" 4439 // ], 4440 // "parameters": { 4441 // "name": { 4442 // "description": "Required. The name of the pool to delete.", 4443 // "location": "path", 4444 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 4445 // "required": true, 4446 // "type": "string" 4447 // } 4448 // }, 4449 // "path": "v1/{+name}", 4450 // "response": { 4451 // "$ref": "Operation" 4452 // }, 4453 // "scopes": [ 4454 // "https://www.googleapis.com/auth/cloud-platform" 4455 // ] 4456 // } 4457 4458} 4459 4460// method id "iam.projects.locations.workloadIdentityPools.get": 4461 4462type ProjectsLocationsWorkloadIdentityPoolsGetCall struct { 4463 s *Service 4464 name string 4465 urlParams_ gensupport.URLParams 4466 ifNoneMatch_ string 4467 ctx_ context.Context 4468 header_ http.Header 4469} 4470 4471// Get: Gets an individual WorkloadIdentityPool. 4472// 4473// - name: The name of the pool to retrieve. 4474func (r *ProjectsLocationsWorkloadIdentityPoolsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsGetCall { 4475 c := &ProjectsLocationsWorkloadIdentityPoolsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4476 c.name = name 4477 return c 4478} 4479 4480// Fields allows partial responses to be retrieved. See 4481// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4482// for more information. 4483func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsGetCall { 4484 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4485 return c 4486} 4487 4488// IfNoneMatch sets the optional parameter which makes the operation 4489// fail if the object's ETag matches the given value. This is useful for 4490// getting updates only after the object has changed since the last 4491// request. Use googleapi.IsNotModified to check whether the response 4492// error from Do is the result of In-None-Match. 4493func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsGetCall { 4494 c.ifNoneMatch_ = entityTag 4495 return c 4496} 4497 4498// Context sets the context to be used in this call's Do method. Any 4499// pending HTTP request will be aborted if the provided context is 4500// canceled. 4501func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsGetCall { 4502 c.ctx_ = ctx 4503 return c 4504} 4505 4506// Header returns an http.Header that can be modified by the caller to 4507// add HTTP headers to the request. 4508func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Header() http.Header { 4509 if c.header_ == nil { 4510 c.header_ = make(http.Header) 4511 } 4512 return c.header_ 4513} 4514 4515func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) doRequest(alt string) (*http.Response, error) { 4516 reqHeaders := make(http.Header) 4517 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 4518 for k, v := range c.header_ { 4519 reqHeaders[k] = v 4520 } 4521 reqHeaders.Set("User-Agent", c.s.userAgent()) 4522 if c.ifNoneMatch_ != "" { 4523 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 4524 } 4525 var body io.Reader = nil 4526 c.urlParams_.Set("alt", alt) 4527 c.urlParams_.Set("prettyPrint", "false") 4528 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4529 urls += "?" + c.urlParams_.Encode() 4530 req, err := http.NewRequest("GET", urls, body) 4531 if err != nil { 4532 return nil, err 4533 } 4534 req.Header = reqHeaders 4535 googleapi.Expand(req.URL, map[string]string{ 4536 "name": c.name, 4537 }) 4538 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4539} 4540 4541// Do executes the "iam.projects.locations.workloadIdentityPools.get" call. 4542// Exactly one of *WorkloadIdentityPool or error will be non-nil. Any 4543// non-2xx status code is an error. Response headers are in either 4544// *WorkloadIdentityPool.ServerResponse.Header or (if a response was 4545// returned at all) in error.(*googleapi.Error).Header. Use 4546// googleapi.IsNotModified to check whether the returned error was 4547// because http.StatusNotModified was returned. 4548func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Do(opts ...googleapi.CallOption) (*WorkloadIdentityPool, error) { 4549 gensupport.SetOptions(c.urlParams_, opts...) 4550 res, err := c.doRequest("json") 4551 if res != nil && res.StatusCode == http.StatusNotModified { 4552 if res.Body != nil { 4553 res.Body.Close() 4554 } 4555 return nil, &googleapi.Error{ 4556 Code: res.StatusCode, 4557 Header: res.Header, 4558 } 4559 } 4560 if err != nil { 4561 return nil, err 4562 } 4563 defer googleapi.CloseBody(res) 4564 if err := googleapi.CheckResponse(res); err != nil { 4565 return nil, err 4566 } 4567 ret := &WorkloadIdentityPool{ 4568 ServerResponse: googleapi.ServerResponse{ 4569 Header: res.Header, 4570 HTTPStatusCode: res.StatusCode, 4571 }, 4572 } 4573 target := &ret 4574 if err := gensupport.DecodeResponse(target, res); err != nil { 4575 return nil, err 4576 } 4577 return ret, nil 4578 // { 4579 // "description": "Gets an individual WorkloadIdentityPool.", 4580 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}", 4581 // "httpMethod": "GET", 4582 // "id": "iam.projects.locations.workloadIdentityPools.get", 4583 // "parameterOrder": [ 4584 // "name" 4585 // ], 4586 // "parameters": { 4587 // "name": { 4588 // "description": "Required. The name of the pool to retrieve.", 4589 // "location": "path", 4590 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 4591 // "required": true, 4592 // "type": "string" 4593 // } 4594 // }, 4595 // "path": "v1/{+name}", 4596 // "response": { 4597 // "$ref": "WorkloadIdentityPool" 4598 // }, 4599 // "scopes": [ 4600 // "https://www.googleapis.com/auth/cloud-platform" 4601 // ] 4602 // } 4603 4604} 4605 4606// method id "iam.projects.locations.workloadIdentityPools.list": 4607 4608type ProjectsLocationsWorkloadIdentityPoolsListCall struct { 4609 s *Service 4610 parent string 4611 urlParams_ gensupport.URLParams 4612 ifNoneMatch_ string 4613 ctx_ context.Context 4614 header_ http.Header 4615} 4616 4617// List: Lists all non-deleted WorkloadIdentityPools in a project. If 4618// `show_deleted` is set to `true`, then deleted pools are also listed. 4619// 4620// - parent: The parent resource to list pools for. 4621func (r *ProjectsLocationsWorkloadIdentityPoolsService) List(parent string) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4622 c := &ProjectsLocationsWorkloadIdentityPoolsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4623 c.parent = parent 4624 return c 4625} 4626 4627// PageSize sets the optional parameter "pageSize": The maximum number 4628// of pools to return. If unspecified, at most 50 pools are returned. 4629// The maximum value is 1000; values above are 1000 truncated to 1000. 4630func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) PageSize(pageSize int64) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4631 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 4632 return c 4633} 4634 4635// PageToken sets the optional parameter "pageToken": A page token, 4636// received from a previous `ListWorkloadIdentityPools` call. Provide 4637// this to retrieve the subsequent page. 4638func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) PageToken(pageToken string) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4639 c.urlParams_.Set("pageToken", pageToken) 4640 return c 4641} 4642 4643// ShowDeleted sets the optional parameter "showDeleted": Whether to 4644// return soft-deleted pools. 4645func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) ShowDeleted(showDeleted bool) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4646 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 4647 return c 4648} 4649 4650// Fields allows partial responses to be retrieved. See 4651// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4652// for more information. 4653func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4654 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4655 return c 4656} 4657 4658// IfNoneMatch sets the optional parameter which makes the operation 4659// fail if the object's ETag matches the given value. This is useful for 4660// getting updates only after the object has changed since the last 4661// request. Use googleapi.IsNotModified to check whether the response 4662// error from Do is the result of In-None-Match. 4663func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4664 c.ifNoneMatch_ = entityTag 4665 return c 4666} 4667 4668// Context sets the context to be used in this call's Do method. Any 4669// pending HTTP request will be aborted if the provided context is 4670// canceled. 4671func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4672 c.ctx_ = ctx 4673 return c 4674} 4675 4676// Header returns an http.Header that can be modified by the caller to 4677// add HTTP headers to the request. 4678func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Header() http.Header { 4679 if c.header_ == nil { 4680 c.header_ = make(http.Header) 4681 } 4682 return c.header_ 4683} 4684 4685func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) doRequest(alt string) (*http.Response, error) { 4686 reqHeaders := make(http.Header) 4687 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 4688 for k, v := range c.header_ { 4689 reqHeaders[k] = v 4690 } 4691 reqHeaders.Set("User-Agent", c.s.userAgent()) 4692 if c.ifNoneMatch_ != "" { 4693 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 4694 } 4695 var body io.Reader = nil 4696 c.urlParams_.Set("alt", alt) 4697 c.urlParams_.Set("prettyPrint", "false") 4698 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/workloadIdentityPools") 4699 urls += "?" + c.urlParams_.Encode() 4700 req, err := http.NewRequest("GET", urls, body) 4701 if err != nil { 4702 return nil, err 4703 } 4704 req.Header = reqHeaders 4705 googleapi.Expand(req.URL, map[string]string{ 4706 "parent": c.parent, 4707 }) 4708 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4709} 4710 4711// Do executes the "iam.projects.locations.workloadIdentityPools.list" call. 4712// Exactly one of *ListWorkloadIdentityPoolsResponse or error will be 4713// non-nil. Any non-2xx status code is an error. Response headers are in 4714// either *ListWorkloadIdentityPoolsResponse.ServerResponse.Header or 4715// (if a response was returned at all) in 4716// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 4717// whether the returned error was because http.StatusNotModified was 4718// returned. 4719func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Do(opts ...googleapi.CallOption) (*ListWorkloadIdentityPoolsResponse, error) { 4720 gensupport.SetOptions(c.urlParams_, opts...) 4721 res, err := c.doRequest("json") 4722 if res != nil && res.StatusCode == http.StatusNotModified { 4723 if res.Body != nil { 4724 res.Body.Close() 4725 } 4726 return nil, &googleapi.Error{ 4727 Code: res.StatusCode, 4728 Header: res.Header, 4729 } 4730 } 4731 if err != nil { 4732 return nil, err 4733 } 4734 defer googleapi.CloseBody(res) 4735 if err := googleapi.CheckResponse(res); err != nil { 4736 return nil, err 4737 } 4738 ret := &ListWorkloadIdentityPoolsResponse{ 4739 ServerResponse: googleapi.ServerResponse{ 4740 Header: res.Header, 4741 HTTPStatusCode: res.StatusCode, 4742 }, 4743 } 4744 target := &ret 4745 if err := gensupport.DecodeResponse(target, res); err != nil { 4746 return nil, err 4747 } 4748 return ret, nil 4749 // { 4750 // "description": "Lists all non-deleted WorkloadIdentityPools in a project. If `show_deleted` is set to `true`, then deleted pools are also listed.", 4751 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools", 4752 // "httpMethod": "GET", 4753 // "id": "iam.projects.locations.workloadIdentityPools.list", 4754 // "parameterOrder": [ 4755 // "parent" 4756 // ], 4757 // "parameters": { 4758 // "pageSize": { 4759 // "description": "The maximum number of pools to return. If unspecified, at most 50 pools are returned. The maximum value is 1000; values above are 1000 truncated to 1000.", 4760 // "format": "int32", 4761 // "location": "query", 4762 // "type": "integer" 4763 // }, 4764 // "pageToken": { 4765 // "description": "A page token, received from a previous `ListWorkloadIdentityPools` call. Provide this to retrieve the subsequent page.", 4766 // "location": "query", 4767 // "type": "string" 4768 // }, 4769 // "parent": { 4770 // "description": "Required. The parent resource to list pools for.", 4771 // "location": "path", 4772 // "pattern": "^projects/[^/]+/locations/[^/]+$", 4773 // "required": true, 4774 // "type": "string" 4775 // }, 4776 // "showDeleted": { 4777 // "description": "Whether to return soft-deleted pools.", 4778 // "location": "query", 4779 // "type": "boolean" 4780 // } 4781 // }, 4782 // "path": "v1/{+parent}/workloadIdentityPools", 4783 // "response": { 4784 // "$ref": "ListWorkloadIdentityPoolsResponse" 4785 // }, 4786 // "scopes": [ 4787 // "https://www.googleapis.com/auth/cloud-platform" 4788 // ] 4789 // } 4790 4791} 4792 4793// Pages invokes f for each page of results. 4794// A non-nil error returned from f will halt the iteration. 4795// The provided context supersedes any context provided to the Context method. 4796func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Pages(ctx context.Context, f func(*ListWorkloadIdentityPoolsResponse) error) error { 4797 c.ctx_ = ctx 4798 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 4799 for { 4800 x, err := c.Do() 4801 if err != nil { 4802 return err 4803 } 4804 if err := f(x); err != nil { 4805 return err 4806 } 4807 if x.NextPageToken == "" { 4808 return nil 4809 } 4810 c.PageToken(x.NextPageToken) 4811 } 4812} 4813 4814// method id "iam.projects.locations.workloadIdentityPools.patch": 4815 4816type ProjectsLocationsWorkloadIdentityPoolsPatchCall struct { 4817 s *Service 4818 name string 4819 workloadidentitypool *WorkloadIdentityPool 4820 urlParams_ gensupport.URLParams 4821 ctx_ context.Context 4822 header_ http.Header 4823} 4824 4825// Patch: Updates an existing WorkloadIdentityPool. 4826// 4827// - name: Output only. The resource name of the pool. 4828func (r *ProjectsLocationsWorkloadIdentityPoolsService) Patch(name string, workloadidentitypool *WorkloadIdentityPool) *ProjectsLocationsWorkloadIdentityPoolsPatchCall { 4829 c := &ProjectsLocationsWorkloadIdentityPoolsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4830 c.name = name 4831 c.workloadidentitypool = workloadidentitypool 4832 return c 4833} 4834 4835// UpdateMask sets the optional parameter "updateMask": Required. The 4836// list of fields update. 4837func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) UpdateMask(updateMask string) *ProjectsLocationsWorkloadIdentityPoolsPatchCall { 4838 c.urlParams_.Set("updateMask", updateMask) 4839 return c 4840} 4841 4842// Fields allows partial responses to be retrieved. See 4843// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4844// for more information. 4845func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsPatchCall { 4846 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4847 return c 4848} 4849 4850// Context sets the context to be used in this call's Do method. Any 4851// pending HTTP request will be aborted if the provided context is 4852// canceled. 4853func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsPatchCall { 4854 c.ctx_ = ctx 4855 return c 4856} 4857 4858// Header returns an http.Header that can be modified by the caller to 4859// add HTTP headers to the request. 4860func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Header() http.Header { 4861 if c.header_ == nil { 4862 c.header_ = make(http.Header) 4863 } 4864 return c.header_ 4865} 4866 4867func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) doRequest(alt string) (*http.Response, error) { 4868 reqHeaders := make(http.Header) 4869 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 4870 for k, v := range c.header_ { 4871 reqHeaders[k] = v 4872 } 4873 reqHeaders.Set("User-Agent", c.s.userAgent()) 4874 var body io.Reader = nil 4875 body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypool) 4876 if err != nil { 4877 return nil, err 4878 } 4879 reqHeaders.Set("Content-Type", "application/json") 4880 c.urlParams_.Set("alt", alt) 4881 c.urlParams_.Set("prettyPrint", "false") 4882 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4883 urls += "?" + c.urlParams_.Encode() 4884 req, err := http.NewRequest("PATCH", urls, body) 4885 if err != nil { 4886 return nil, err 4887 } 4888 req.Header = reqHeaders 4889 googleapi.Expand(req.URL, map[string]string{ 4890 "name": c.name, 4891 }) 4892 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4893} 4894 4895// Do executes the "iam.projects.locations.workloadIdentityPools.patch" call. 4896// Exactly one of *Operation or error will be non-nil. Any non-2xx 4897// status code is an error. Response headers are in either 4898// *Operation.ServerResponse.Header or (if a response was returned at 4899// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 4900// to check whether the returned error was because 4901// http.StatusNotModified was returned. 4902func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 4903 gensupport.SetOptions(c.urlParams_, opts...) 4904 res, err := c.doRequest("json") 4905 if res != nil && res.StatusCode == http.StatusNotModified { 4906 if res.Body != nil { 4907 res.Body.Close() 4908 } 4909 return nil, &googleapi.Error{ 4910 Code: res.StatusCode, 4911 Header: res.Header, 4912 } 4913 } 4914 if err != nil { 4915 return nil, err 4916 } 4917 defer googleapi.CloseBody(res) 4918 if err := googleapi.CheckResponse(res); err != nil { 4919 return nil, err 4920 } 4921 ret := &Operation{ 4922 ServerResponse: googleapi.ServerResponse{ 4923 Header: res.Header, 4924 HTTPStatusCode: res.StatusCode, 4925 }, 4926 } 4927 target := &ret 4928 if err := gensupport.DecodeResponse(target, res); err != nil { 4929 return nil, err 4930 } 4931 return ret, nil 4932 // { 4933 // "description": "Updates an existing WorkloadIdentityPool.", 4934 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}", 4935 // "httpMethod": "PATCH", 4936 // "id": "iam.projects.locations.workloadIdentityPools.patch", 4937 // "parameterOrder": [ 4938 // "name" 4939 // ], 4940 // "parameters": { 4941 // "name": { 4942 // "description": "Output only. The resource name of the pool.", 4943 // "location": "path", 4944 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 4945 // "required": true, 4946 // "type": "string" 4947 // }, 4948 // "updateMask": { 4949 // "description": "Required. The list of fields update.", 4950 // "format": "google-fieldmask", 4951 // "location": "query", 4952 // "type": "string" 4953 // } 4954 // }, 4955 // "path": "v1/{+name}", 4956 // "request": { 4957 // "$ref": "WorkloadIdentityPool" 4958 // }, 4959 // "response": { 4960 // "$ref": "Operation" 4961 // }, 4962 // "scopes": [ 4963 // "https://www.googleapis.com/auth/cloud-platform" 4964 // ] 4965 // } 4966 4967} 4968 4969// method id "iam.projects.locations.workloadIdentityPools.undelete": 4970 4971type ProjectsLocationsWorkloadIdentityPoolsUndeleteCall struct { 4972 s *Service 4973 name string 4974 undeleteworkloadidentitypoolrequest *UndeleteWorkloadIdentityPoolRequest 4975 urlParams_ gensupport.URLParams 4976 ctx_ context.Context 4977 header_ http.Header 4978} 4979 4980// Undelete: Undeletes a WorkloadIdentityPool, as long as it was deleted 4981// fewer than 30 days ago. 4982// 4983// - name: The name of the pool to undelete. 4984func (r *ProjectsLocationsWorkloadIdentityPoolsService) Undelete(name string, undeleteworkloadidentitypoolrequest *UndeleteWorkloadIdentityPoolRequest) *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall { 4985 c := &ProjectsLocationsWorkloadIdentityPoolsUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4986 c.name = name 4987 c.undeleteworkloadidentitypoolrequest = undeleteworkloadidentitypoolrequest 4988 return c 4989} 4990 4991// Fields allows partial responses to be retrieved. See 4992// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4993// for more information. 4994func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall { 4995 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4996 return c 4997} 4998 4999// Context sets the context to be used in this call's Do method. Any 5000// pending HTTP request will be aborted if the provided context is 5001// canceled. 5002func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall { 5003 c.ctx_ = ctx 5004 return c 5005} 5006 5007// Header returns an http.Header that can be modified by the caller to 5008// add HTTP headers to the request. 5009func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Header() http.Header { 5010 if c.header_ == nil { 5011 c.header_ = make(http.Header) 5012 } 5013 return c.header_ 5014} 5015 5016func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) doRequest(alt string) (*http.Response, error) { 5017 reqHeaders := make(http.Header) 5018 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 5019 for k, v := range c.header_ { 5020 reqHeaders[k] = v 5021 } 5022 reqHeaders.Set("User-Agent", c.s.userAgent()) 5023 var body io.Reader = nil 5024 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteworkloadidentitypoolrequest) 5025 if err != nil { 5026 return nil, err 5027 } 5028 reqHeaders.Set("Content-Type", "application/json") 5029 c.urlParams_.Set("alt", alt) 5030 c.urlParams_.Set("prettyPrint", "false") 5031 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 5032 urls += "?" + c.urlParams_.Encode() 5033 req, err := http.NewRequest("POST", urls, body) 5034 if err != nil { 5035 return nil, err 5036 } 5037 req.Header = reqHeaders 5038 googleapi.Expand(req.URL, map[string]string{ 5039 "name": c.name, 5040 }) 5041 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5042} 5043 5044// Do executes the "iam.projects.locations.workloadIdentityPools.undelete" call. 5045// Exactly one of *Operation or error will be non-nil. Any non-2xx 5046// status code is an error. Response headers are in either 5047// *Operation.ServerResponse.Header or (if a response was returned at 5048// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5049// to check whether the returned error was because 5050// http.StatusNotModified was returned. 5051func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 5052 gensupport.SetOptions(c.urlParams_, opts...) 5053 res, err := c.doRequest("json") 5054 if res != nil && res.StatusCode == http.StatusNotModified { 5055 if res.Body != nil { 5056 res.Body.Close() 5057 } 5058 return nil, &googleapi.Error{ 5059 Code: res.StatusCode, 5060 Header: res.Header, 5061 } 5062 } 5063 if err != nil { 5064 return nil, err 5065 } 5066 defer googleapi.CloseBody(res) 5067 if err := googleapi.CheckResponse(res); err != nil { 5068 return nil, err 5069 } 5070 ret := &Operation{ 5071 ServerResponse: googleapi.ServerResponse{ 5072 Header: res.Header, 5073 HTTPStatusCode: res.StatusCode, 5074 }, 5075 } 5076 target := &ret 5077 if err := gensupport.DecodeResponse(target, res); err != nil { 5078 return nil, err 5079 } 5080 return ret, nil 5081 // { 5082 // "description": "Undeletes a WorkloadIdentityPool, as long as it was deleted fewer than 30 days ago.", 5083 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}:undelete", 5084 // "httpMethod": "POST", 5085 // "id": "iam.projects.locations.workloadIdentityPools.undelete", 5086 // "parameterOrder": [ 5087 // "name" 5088 // ], 5089 // "parameters": { 5090 // "name": { 5091 // "description": "Required. The name of the pool to undelete.", 5092 // "location": "path", 5093 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 5094 // "required": true, 5095 // "type": "string" 5096 // } 5097 // }, 5098 // "path": "v1/{+name}:undelete", 5099 // "request": { 5100 // "$ref": "UndeleteWorkloadIdentityPoolRequest" 5101 // }, 5102 // "response": { 5103 // "$ref": "Operation" 5104 // }, 5105 // "scopes": [ 5106 // "https://www.googleapis.com/auth/cloud-platform" 5107 // ] 5108 // } 5109 5110} 5111 5112// method id "iam.projects.locations.workloadIdentityPools.operations.get": 5113 5114type ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall struct { 5115 s *Service 5116 name string 5117 urlParams_ gensupport.URLParams 5118 ifNoneMatch_ string 5119 ctx_ context.Context 5120 header_ http.Header 5121} 5122 5123// Get: Gets the latest state of a long-running operation. Clients can 5124// use this method to poll the operation result at intervals as 5125// recommended by the API service. 5126// 5127// - name: The name of the operation resource. 5128func (r *ProjectsLocationsWorkloadIdentityPoolsOperationsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall { 5129 c := &ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5130 c.name = name 5131 return c 5132} 5133 5134// Fields allows partial responses to be retrieved. See 5135// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5136// for more information. 5137func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall { 5138 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5139 return c 5140} 5141 5142// IfNoneMatch sets the optional parameter which makes the operation 5143// fail if the object's ETag matches the given value. This is useful for 5144// getting updates only after the object has changed since the last 5145// request. Use googleapi.IsNotModified to check whether the response 5146// error from Do is the result of In-None-Match. 5147func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall { 5148 c.ifNoneMatch_ = entityTag 5149 return c 5150} 5151 5152// Context sets the context to be used in this call's Do method. Any 5153// pending HTTP request will be aborted if the provided context is 5154// canceled. 5155func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall { 5156 c.ctx_ = ctx 5157 return c 5158} 5159 5160// Header returns an http.Header that can be modified by the caller to 5161// add HTTP headers to the request. 5162func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Header() http.Header { 5163 if c.header_ == nil { 5164 c.header_ = make(http.Header) 5165 } 5166 return c.header_ 5167} 5168 5169func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) doRequest(alt string) (*http.Response, error) { 5170 reqHeaders := make(http.Header) 5171 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 5172 for k, v := range c.header_ { 5173 reqHeaders[k] = v 5174 } 5175 reqHeaders.Set("User-Agent", c.s.userAgent()) 5176 if c.ifNoneMatch_ != "" { 5177 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5178 } 5179 var body io.Reader = nil 5180 c.urlParams_.Set("alt", alt) 5181 c.urlParams_.Set("prettyPrint", "false") 5182 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5183 urls += "?" + c.urlParams_.Encode() 5184 req, err := http.NewRequest("GET", urls, body) 5185 if err != nil { 5186 return nil, err 5187 } 5188 req.Header = reqHeaders 5189 googleapi.Expand(req.URL, map[string]string{ 5190 "name": c.name, 5191 }) 5192 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5193} 5194 5195// Do executes the "iam.projects.locations.workloadIdentityPools.operations.get" call. 5196// Exactly one of *Operation or error will be non-nil. Any non-2xx 5197// status code is an error. Response headers are in either 5198// *Operation.ServerResponse.Header or (if a response was returned at 5199// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5200// to check whether the returned error was because 5201// http.StatusNotModified was returned. 5202func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 5203 gensupport.SetOptions(c.urlParams_, opts...) 5204 res, err := c.doRequest("json") 5205 if res != nil && res.StatusCode == http.StatusNotModified { 5206 if res.Body != nil { 5207 res.Body.Close() 5208 } 5209 return nil, &googleapi.Error{ 5210 Code: res.StatusCode, 5211 Header: res.Header, 5212 } 5213 } 5214 if err != nil { 5215 return nil, err 5216 } 5217 defer googleapi.CloseBody(res) 5218 if err := googleapi.CheckResponse(res); err != nil { 5219 return nil, err 5220 } 5221 ret := &Operation{ 5222 ServerResponse: googleapi.ServerResponse{ 5223 Header: res.Header, 5224 HTTPStatusCode: res.StatusCode, 5225 }, 5226 } 5227 target := &ret 5228 if err := gensupport.DecodeResponse(target, res); err != nil { 5229 return nil, err 5230 } 5231 return ret, nil 5232 // { 5233 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 5234 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/operations/{operationsId}", 5235 // "httpMethod": "GET", 5236 // "id": "iam.projects.locations.workloadIdentityPools.operations.get", 5237 // "parameterOrder": [ 5238 // "name" 5239 // ], 5240 // "parameters": { 5241 // "name": { 5242 // "description": "The name of the operation resource.", 5243 // "location": "path", 5244 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/operations/[^/]+$", 5245 // "required": true, 5246 // "type": "string" 5247 // } 5248 // }, 5249 // "path": "v1/{+name}", 5250 // "response": { 5251 // "$ref": "Operation" 5252 // }, 5253 // "scopes": [ 5254 // "https://www.googleapis.com/auth/cloud-platform" 5255 // ] 5256 // } 5257 5258} 5259 5260// method id "iam.projects.locations.workloadIdentityPools.providers.create": 5261 5262type ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall struct { 5263 s *Service 5264 parent string 5265 workloadidentitypoolprovider *WorkloadIdentityPoolProvider 5266 urlParams_ gensupport.URLParams 5267 ctx_ context.Context 5268 header_ http.Header 5269} 5270 5271// Create: Creates a new WorkloadIdentityPoolProvider in a 5272// WorkloadIdentityPool. You cannot reuse the name of a deleted provider 5273// until 30 days after deletion. 5274// 5275// - parent: The pool to create this provider in. 5276func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Create(parent string, workloadidentitypoolprovider *WorkloadIdentityPoolProvider) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall { 5277 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5278 c.parent = parent 5279 c.workloadidentitypoolprovider = workloadidentitypoolprovider 5280 return c 5281} 5282 5283// WorkloadIdentityPoolProviderId sets the optional parameter 5284// "workloadIdentityPoolProviderId": Required. The ID for the provider, 5285// which becomes the final component of the resource name. This value 5286// must be 4-32 characters, and may contain the characters [a-z0-9-]. 5287// The prefix `gcp-` is reserved for use by Google, and may not be 5288// specified. 5289func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) WorkloadIdentityPoolProviderId(workloadIdentityPoolProviderId string) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall { 5290 c.urlParams_.Set("workloadIdentityPoolProviderId", workloadIdentityPoolProviderId) 5291 return c 5292} 5293 5294// Fields allows partial responses to be retrieved. See 5295// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5296// for more information. 5297func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall { 5298 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5299 return c 5300} 5301 5302// Context sets the context to be used in this call's Do method. Any 5303// pending HTTP request will be aborted if the provided context is 5304// canceled. 5305func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall { 5306 c.ctx_ = ctx 5307 return c 5308} 5309 5310// Header returns an http.Header that can be modified by the caller to 5311// add HTTP headers to the request. 5312func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Header() http.Header { 5313 if c.header_ == nil { 5314 c.header_ = make(http.Header) 5315 } 5316 return c.header_ 5317} 5318 5319func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) doRequest(alt string) (*http.Response, error) { 5320 reqHeaders := make(http.Header) 5321 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 5322 for k, v := range c.header_ { 5323 reqHeaders[k] = v 5324 } 5325 reqHeaders.Set("User-Agent", c.s.userAgent()) 5326 var body io.Reader = nil 5327 body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypoolprovider) 5328 if err != nil { 5329 return nil, err 5330 } 5331 reqHeaders.Set("Content-Type", "application/json") 5332 c.urlParams_.Set("alt", alt) 5333 c.urlParams_.Set("prettyPrint", "false") 5334 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/providers") 5335 urls += "?" + c.urlParams_.Encode() 5336 req, err := http.NewRequest("POST", urls, body) 5337 if err != nil { 5338 return nil, err 5339 } 5340 req.Header = reqHeaders 5341 googleapi.Expand(req.URL, map[string]string{ 5342 "parent": c.parent, 5343 }) 5344 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5345} 5346 5347// Do executes the "iam.projects.locations.workloadIdentityPools.providers.create" call. 5348// Exactly one of *Operation or error will be non-nil. Any non-2xx 5349// status code is an error. Response headers are in either 5350// *Operation.ServerResponse.Header or (if a response was returned at 5351// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5352// to check whether the returned error was because 5353// http.StatusNotModified was returned. 5354func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 5355 gensupport.SetOptions(c.urlParams_, opts...) 5356 res, err := c.doRequest("json") 5357 if res != nil && res.StatusCode == http.StatusNotModified { 5358 if res.Body != nil { 5359 res.Body.Close() 5360 } 5361 return nil, &googleapi.Error{ 5362 Code: res.StatusCode, 5363 Header: res.Header, 5364 } 5365 } 5366 if err != nil { 5367 return nil, err 5368 } 5369 defer googleapi.CloseBody(res) 5370 if err := googleapi.CheckResponse(res); err != nil { 5371 return nil, err 5372 } 5373 ret := &Operation{ 5374 ServerResponse: googleapi.ServerResponse{ 5375 Header: res.Header, 5376 HTTPStatusCode: res.StatusCode, 5377 }, 5378 } 5379 target := &ret 5380 if err := gensupport.DecodeResponse(target, res); err != nil { 5381 return nil, err 5382 } 5383 return ret, nil 5384 // { 5385 // "description": "Creates a new WorkloadIdentityPoolProvider in a WorkloadIdentityPool. You cannot reuse the name of a deleted provider until 30 days after deletion.", 5386 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers", 5387 // "httpMethod": "POST", 5388 // "id": "iam.projects.locations.workloadIdentityPools.providers.create", 5389 // "parameterOrder": [ 5390 // "parent" 5391 // ], 5392 // "parameters": { 5393 // "parent": { 5394 // "description": "Required. The pool to create this provider in.", 5395 // "location": "path", 5396 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 5397 // "required": true, 5398 // "type": "string" 5399 // }, 5400 // "workloadIdentityPoolProviderId": { 5401 // "description": "Required. The ID for the provider, which becomes the final component of the resource name. This value must be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix `gcp-` is reserved for use by Google, and may not be specified.", 5402 // "location": "query", 5403 // "type": "string" 5404 // } 5405 // }, 5406 // "path": "v1/{+parent}/providers", 5407 // "request": { 5408 // "$ref": "WorkloadIdentityPoolProvider" 5409 // }, 5410 // "response": { 5411 // "$ref": "Operation" 5412 // }, 5413 // "scopes": [ 5414 // "https://www.googleapis.com/auth/cloud-platform" 5415 // ] 5416 // } 5417 5418} 5419 5420// method id "iam.projects.locations.workloadIdentityPools.providers.delete": 5421 5422type ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall struct { 5423 s *Service 5424 name string 5425 urlParams_ gensupport.URLParams 5426 ctx_ context.Context 5427 header_ http.Header 5428} 5429 5430// Delete: Deletes a WorkloadIdentityPoolProvider. Deleting a provider 5431// does not revoke credentials that have already been issued; they 5432// continue to grant access. You can undelete a provider for 30 days. 5433// After 30 days, deletion is permanent. You cannot update deleted 5434// providers. However, you can view and list them. 5435// 5436// - name: The name of the provider to delete. 5437func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Delete(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall { 5438 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5439 c.name = name 5440 return c 5441} 5442 5443// Fields allows partial responses to be retrieved. See 5444// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5445// for more information. 5446func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall { 5447 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5448 return c 5449} 5450 5451// Context sets the context to be used in this call's Do method. Any 5452// pending HTTP request will be aborted if the provided context is 5453// canceled. 5454func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall { 5455 c.ctx_ = ctx 5456 return c 5457} 5458 5459// Header returns an http.Header that can be modified by the caller to 5460// add HTTP headers to the request. 5461func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Header() http.Header { 5462 if c.header_ == nil { 5463 c.header_ = make(http.Header) 5464 } 5465 return c.header_ 5466} 5467 5468func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) doRequest(alt string) (*http.Response, error) { 5469 reqHeaders := make(http.Header) 5470 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 5471 for k, v := range c.header_ { 5472 reqHeaders[k] = v 5473 } 5474 reqHeaders.Set("User-Agent", c.s.userAgent()) 5475 var body io.Reader = nil 5476 c.urlParams_.Set("alt", alt) 5477 c.urlParams_.Set("prettyPrint", "false") 5478 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5479 urls += "?" + c.urlParams_.Encode() 5480 req, err := http.NewRequest("DELETE", urls, body) 5481 if err != nil { 5482 return nil, err 5483 } 5484 req.Header = reqHeaders 5485 googleapi.Expand(req.URL, map[string]string{ 5486 "name": c.name, 5487 }) 5488 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5489} 5490 5491// Do executes the "iam.projects.locations.workloadIdentityPools.providers.delete" call. 5492// Exactly one of *Operation or error will be non-nil. Any non-2xx 5493// status code is an error. Response headers are in either 5494// *Operation.ServerResponse.Header or (if a response was returned at 5495// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5496// to check whether the returned error was because 5497// http.StatusNotModified was returned. 5498func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 5499 gensupport.SetOptions(c.urlParams_, opts...) 5500 res, err := c.doRequest("json") 5501 if res != nil && res.StatusCode == http.StatusNotModified { 5502 if res.Body != nil { 5503 res.Body.Close() 5504 } 5505 return nil, &googleapi.Error{ 5506 Code: res.StatusCode, 5507 Header: res.Header, 5508 } 5509 } 5510 if err != nil { 5511 return nil, err 5512 } 5513 defer googleapi.CloseBody(res) 5514 if err := googleapi.CheckResponse(res); err != nil { 5515 return nil, err 5516 } 5517 ret := &Operation{ 5518 ServerResponse: googleapi.ServerResponse{ 5519 Header: res.Header, 5520 HTTPStatusCode: res.StatusCode, 5521 }, 5522 } 5523 target := &ret 5524 if err := gensupport.DecodeResponse(target, res); err != nil { 5525 return nil, err 5526 } 5527 return ret, nil 5528 // { 5529 // "description": "Deletes a WorkloadIdentityPoolProvider. Deleting a provider does not revoke credentials that have already been issued; they continue to grant access. You can undelete a provider for 30 days. After 30 days, deletion is permanent. You cannot update deleted providers. However, you can view and list them.", 5530 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}", 5531 // "httpMethod": "DELETE", 5532 // "id": "iam.projects.locations.workloadIdentityPools.providers.delete", 5533 // "parameterOrder": [ 5534 // "name" 5535 // ], 5536 // "parameters": { 5537 // "name": { 5538 // "description": "Required. The name of the provider to delete.", 5539 // "location": "path", 5540 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+$", 5541 // "required": true, 5542 // "type": "string" 5543 // } 5544 // }, 5545 // "path": "v1/{+name}", 5546 // "response": { 5547 // "$ref": "Operation" 5548 // }, 5549 // "scopes": [ 5550 // "https://www.googleapis.com/auth/cloud-platform" 5551 // ] 5552 // } 5553 5554} 5555 5556// method id "iam.projects.locations.workloadIdentityPools.providers.get": 5557 5558type ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall struct { 5559 s *Service 5560 name string 5561 urlParams_ gensupport.URLParams 5562 ifNoneMatch_ string 5563 ctx_ context.Context 5564 header_ http.Header 5565} 5566 5567// Get: Gets an individual WorkloadIdentityPoolProvider. 5568// 5569// - name: The name of the provider to retrieve. 5570func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall { 5571 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5572 c.name = name 5573 return c 5574} 5575 5576// Fields allows partial responses to be retrieved. See 5577// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5578// for more information. 5579func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall { 5580 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5581 return c 5582} 5583 5584// IfNoneMatch sets the optional parameter which makes the operation 5585// fail if the object's ETag matches the given value. This is useful for 5586// getting updates only after the object has changed since the last 5587// request. Use googleapi.IsNotModified to check whether the response 5588// error from Do is the result of In-None-Match. 5589func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall { 5590 c.ifNoneMatch_ = entityTag 5591 return c 5592} 5593 5594// Context sets the context to be used in this call's Do method. Any 5595// pending HTTP request will be aborted if the provided context is 5596// canceled. 5597func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall { 5598 c.ctx_ = ctx 5599 return c 5600} 5601 5602// Header returns an http.Header that can be modified by the caller to 5603// add HTTP headers to the request. 5604func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Header() http.Header { 5605 if c.header_ == nil { 5606 c.header_ = make(http.Header) 5607 } 5608 return c.header_ 5609} 5610 5611func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) doRequest(alt string) (*http.Response, error) { 5612 reqHeaders := make(http.Header) 5613 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 5614 for k, v := range c.header_ { 5615 reqHeaders[k] = v 5616 } 5617 reqHeaders.Set("User-Agent", c.s.userAgent()) 5618 if c.ifNoneMatch_ != "" { 5619 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5620 } 5621 var body io.Reader = nil 5622 c.urlParams_.Set("alt", alt) 5623 c.urlParams_.Set("prettyPrint", "false") 5624 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5625 urls += "?" + c.urlParams_.Encode() 5626 req, err := http.NewRequest("GET", urls, body) 5627 if err != nil { 5628 return nil, err 5629 } 5630 req.Header = reqHeaders 5631 googleapi.Expand(req.URL, map[string]string{ 5632 "name": c.name, 5633 }) 5634 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5635} 5636 5637// Do executes the "iam.projects.locations.workloadIdentityPools.providers.get" call. 5638// Exactly one of *WorkloadIdentityPoolProvider or error will be 5639// non-nil. Any non-2xx status code is an error. Response headers are in 5640// either *WorkloadIdentityPoolProvider.ServerResponse.Header or (if a 5641// response was returned at all) in error.(*googleapi.Error).Header. Use 5642// googleapi.IsNotModified to check whether the returned error was 5643// because http.StatusNotModified was returned. 5644func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Do(opts ...googleapi.CallOption) (*WorkloadIdentityPoolProvider, error) { 5645 gensupport.SetOptions(c.urlParams_, opts...) 5646 res, err := c.doRequest("json") 5647 if res != nil && res.StatusCode == http.StatusNotModified { 5648 if res.Body != nil { 5649 res.Body.Close() 5650 } 5651 return nil, &googleapi.Error{ 5652 Code: res.StatusCode, 5653 Header: res.Header, 5654 } 5655 } 5656 if err != nil { 5657 return nil, err 5658 } 5659 defer googleapi.CloseBody(res) 5660 if err := googleapi.CheckResponse(res); err != nil { 5661 return nil, err 5662 } 5663 ret := &WorkloadIdentityPoolProvider{ 5664 ServerResponse: googleapi.ServerResponse{ 5665 Header: res.Header, 5666 HTTPStatusCode: res.StatusCode, 5667 }, 5668 } 5669 target := &ret 5670 if err := gensupport.DecodeResponse(target, res); err != nil { 5671 return nil, err 5672 } 5673 return ret, nil 5674 // { 5675 // "description": "Gets an individual WorkloadIdentityPoolProvider.", 5676 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}", 5677 // "httpMethod": "GET", 5678 // "id": "iam.projects.locations.workloadIdentityPools.providers.get", 5679 // "parameterOrder": [ 5680 // "name" 5681 // ], 5682 // "parameters": { 5683 // "name": { 5684 // "description": "Required. The name of the provider to retrieve.", 5685 // "location": "path", 5686 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+$", 5687 // "required": true, 5688 // "type": "string" 5689 // } 5690 // }, 5691 // "path": "v1/{+name}", 5692 // "response": { 5693 // "$ref": "WorkloadIdentityPoolProvider" 5694 // }, 5695 // "scopes": [ 5696 // "https://www.googleapis.com/auth/cloud-platform" 5697 // ] 5698 // } 5699 5700} 5701 5702// method id "iam.projects.locations.workloadIdentityPools.providers.list": 5703 5704type ProjectsLocationsWorkloadIdentityPoolsProvidersListCall struct { 5705 s *Service 5706 parent string 5707 urlParams_ gensupport.URLParams 5708 ifNoneMatch_ string 5709 ctx_ context.Context 5710 header_ http.Header 5711} 5712 5713// List: Lists all non-deleted WorkloadIdentityPoolProviders in a 5714// WorkloadIdentityPool. If `show_deleted` is set to `true`, then 5715// deleted providers are also listed. 5716// 5717// - parent: The pool to list providers for. 5718func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) List(parent string) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 5719 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5720 c.parent = parent 5721 return c 5722} 5723 5724// PageSize sets the optional parameter "pageSize": The maximum number 5725// of providers to return. If unspecified, at most 50 providers are 5726// returned. The maximum value is 100; values above 100 are truncated to 5727// 100. 5728func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) PageSize(pageSize int64) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 5729 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 5730 return c 5731} 5732 5733// PageToken sets the optional parameter "pageToken": A page token, 5734// received from a previous `ListWorkloadIdentityPoolProviders` call. 5735// Provide this to retrieve the subsequent page. 5736func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) PageToken(pageToken string) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 5737 c.urlParams_.Set("pageToken", pageToken) 5738 return c 5739} 5740 5741// ShowDeleted sets the optional parameter "showDeleted": Whether to 5742// return soft-deleted providers. 5743func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) ShowDeleted(showDeleted bool) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 5744 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 5745 return c 5746} 5747 5748// Fields allows partial responses to be retrieved. See 5749// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5750// for more information. 5751func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 5752 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5753 return c 5754} 5755 5756// IfNoneMatch sets the optional parameter which makes the operation 5757// fail if the object's ETag matches the given value. This is useful for 5758// getting updates only after the object has changed since the last 5759// request. Use googleapi.IsNotModified to check whether the response 5760// error from Do is the result of In-None-Match. 5761func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 5762 c.ifNoneMatch_ = entityTag 5763 return c 5764} 5765 5766// Context sets the context to be used in this call's Do method. Any 5767// pending HTTP request will be aborted if the provided context is 5768// canceled. 5769func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 5770 c.ctx_ = ctx 5771 return c 5772} 5773 5774// Header returns an http.Header that can be modified by the caller to 5775// add HTTP headers to the request. 5776func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Header() http.Header { 5777 if c.header_ == nil { 5778 c.header_ = make(http.Header) 5779 } 5780 return c.header_ 5781} 5782 5783func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) doRequest(alt string) (*http.Response, error) { 5784 reqHeaders := make(http.Header) 5785 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 5786 for k, v := range c.header_ { 5787 reqHeaders[k] = v 5788 } 5789 reqHeaders.Set("User-Agent", c.s.userAgent()) 5790 if c.ifNoneMatch_ != "" { 5791 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5792 } 5793 var body io.Reader = nil 5794 c.urlParams_.Set("alt", alt) 5795 c.urlParams_.Set("prettyPrint", "false") 5796 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/providers") 5797 urls += "?" + c.urlParams_.Encode() 5798 req, err := http.NewRequest("GET", urls, body) 5799 if err != nil { 5800 return nil, err 5801 } 5802 req.Header = reqHeaders 5803 googleapi.Expand(req.URL, map[string]string{ 5804 "parent": c.parent, 5805 }) 5806 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5807} 5808 5809// Do executes the "iam.projects.locations.workloadIdentityPools.providers.list" call. 5810// Exactly one of *ListWorkloadIdentityPoolProvidersResponse or error 5811// will be non-nil. Any non-2xx status code is an error. Response 5812// headers are in either 5813// *ListWorkloadIdentityPoolProvidersResponse.ServerResponse.Header or 5814// (if a response was returned at all) in 5815// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 5816// whether the returned error was because http.StatusNotModified was 5817// returned. 5818func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Do(opts ...googleapi.CallOption) (*ListWorkloadIdentityPoolProvidersResponse, error) { 5819 gensupport.SetOptions(c.urlParams_, opts...) 5820 res, err := c.doRequest("json") 5821 if res != nil && res.StatusCode == http.StatusNotModified { 5822 if res.Body != nil { 5823 res.Body.Close() 5824 } 5825 return nil, &googleapi.Error{ 5826 Code: res.StatusCode, 5827 Header: res.Header, 5828 } 5829 } 5830 if err != nil { 5831 return nil, err 5832 } 5833 defer googleapi.CloseBody(res) 5834 if err := googleapi.CheckResponse(res); err != nil { 5835 return nil, err 5836 } 5837 ret := &ListWorkloadIdentityPoolProvidersResponse{ 5838 ServerResponse: googleapi.ServerResponse{ 5839 Header: res.Header, 5840 HTTPStatusCode: res.StatusCode, 5841 }, 5842 } 5843 target := &ret 5844 if err := gensupport.DecodeResponse(target, res); err != nil { 5845 return nil, err 5846 } 5847 return ret, nil 5848 // { 5849 // "description": "Lists all non-deleted WorkloadIdentityPoolProviders in a WorkloadIdentityPool. If `show_deleted` is set to `true`, then deleted providers are also listed.", 5850 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers", 5851 // "httpMethod": "GET", 5852 // "id": "iam.projects.locations.workloadIdentityPools.providers.list", 5853 // "parameterOrder": [ 5854 // "parent" 5855 // ], 5856 // "parameters": { 5857 // "pageSize": { 5858 // "description": "The maximum number of providers to return. If unspecified, at most 50 providers are returned. The maximum value is 100; values above 100 are truncated to 100.", 5859 // "format": "int32", 5860 // "location": "query", 5861 // "type": "integer" 5862 // }, 5863 // "pageToken": { 5864 // "description": "A page token, received from a previous `ListWorkloadIdentityPoolProviders` call. Provide this to retrieve the subsequent page.", 5865 // "location": "query", 5866 // "type": "string" 5867 // }, 5868 // "parent": { 5869 // "description": "Required. The pool to list providers for.", 5870 // "location": "path", 5871 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 5872 // "required": true, 5873 // "type": "string" 5874 // }, 5875 // "showDeleted": { 5876 // "description": "Whether to return soft-deleted providers.", 5877 // "location": "query", 5878 // "type": "boolean" 5879 // } 5880 // }, 5881 // "path": "v1/{+parent}/providers", 5882 // "response": { 5883 // "$ref": "ListWorkloadIdentityPoolProvidersResponse" 5884 // }, 5885 // "scopes": [ 5886 // "https://www.googleapis.com/auth/cloud-platform" 5887 // ] 5888 // } 5889 5890} 5891 5892// Pages invokes f for each page of results. 5893// A non-nil error returned from f will halt the iteration. 5894// The provided context supersedes any context provided to the Context method. 5895func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Pages(ctx context.Context, f func(*ListWorkloadIdentityPoolProvidersResponse) error) error { 5896 c.ctx_ = ctx 5897 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 5898 for { 5899 x, err := c.Do() 5900 if err != nil { 5901 return err 5902 } 5903 if err := f(x); err != nil { 5904 return err 5905 } 5906 if x.NextPageToken == "" { 5907 return nil 5908 } 5909 c.PageToken(x.NextPageToken) 5910 } 5911} 5912 5913// method id "iam.projects.locations.workloadIdentityPools.providers.patch": 5914 5915type ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall struct { 5916 s *Service 5917 name string 5918 workloadidentitypoolprovider *WorkloadIdentityPoolProvider 5919 urlParams_ gensupport.URLParams 5920 ctx_ context.Context 5921 header_ http.Header 5922} 5923 5924// Patch: Updates an existing WorkloadIdentityPoolProvider. 5925// 5926// - name: Output only. The resource name of the provider. 5927func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Patch(name string, workloadidentitypoolprovider *WorkloadIdentityPoolProvider) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall { 5928 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5929 c.name = name 5930 c.workloadidentitypoolprovider = workloadidentitypoolprovider 5931 return c 5932} 5933 5934// UpdateMask sets the optional parameter "updateMask": Required. The 5935// list of fields to update. 5936func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) UpdateMask(updateMask string) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall { 5937 c.urlParams_.Set("updateMask", updateMask) 5938 return c 5939} 5940 5941// Fields allows partial responses to be retrieved. See 5942// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5943// for more information. 5944func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall { 5945 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5946 return c 5947} 5948 5949// Context sets the context to be used in this call's Do method. Any 5950// pending HTTP request will be aborted if the provided context is 5951// canceled. 5952func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall { 5953 c.ctx_ = ctx 5954 return c 5955} 5956 5957// Header returns an http.Header that can be modified by the caller to 5958// add HTTP headers to the request. 5959func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Header() http.Header { 5960 if c.header_ == nil { 5961 c.header_ = make(http.Header) 5962 } 5963 return c.header_ 5964} 5965 5966func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) doRequest(alt string) (*http.Response, error) { 5967 reqHeaders := make(http.Header) 5968 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 5969 for k, v := range c.header_ { 5970 reqHeaders[k] = v 5971 } 5972 reqHeaders.Set("User-Agent", c.s.userAgent()) 5973 var body io.Reader = nil 5974 body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypoolprovider) 5975 if err != nil { 5976 return nil, err 5977 } 5978 reqHeaders.Set("Content-Type", "application/json") 5979 c.urlParams_.Set("alt", alt) 5980 c.urlParams_.Set("prettyPrint", "false") 5981 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5982 urls += "?" + c.urlParams_.Encode() 5983 req, err := http.NewRequest("PATCH", urls, body) 5984 if err != nil { 5985 return nil, err 5986 } 5987 req.Header = reqHeaders 5988 googleapi.Expand(req.URL, map[string]string{ 5989 "name": c.name, 5990 }) 5991 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5992} 5993 5994// Do executes the "iam.projects.locations.workloadIdentityPools.providers.patch" call. 5995// Exactly one of *Operation or error will be non-nil. Any non-2xx 5996// status code is an error. Response headers are in either 5997// *Operation.ServerResponse.Header or (if a response was returned at 5998// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5999// to check whether the returned error was because 6000// http.StatusNotModified was returned. 6001func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 6002 gensupport.SetOptions(c.urlParams_, opts...) 6003 res, err := c.doRequest("json") 6004 if res != nil && res.StatusCode == http.StatusNotModified { 6005 if res.Body != nil { 6006 res.Body.Close() 6007 } 6008 return nil, &googleapi.Error{ 6009 Code: res.StatusCode, 6010 Header: res.Header, 6011 } 6012 } 6013 if err != nil { 6014 return nil, err 6015 } 6016 defer googleapi.CloseBody(res) 6017 if err := googleapi.CheckResponse(res); err != nil { 6018 return nil, err 6019 } 6020 ret := &Operation{ 6021 ServerResponse: googleapi.ServerResponse{ 6022 Header: res.Header, 6023 HTTPStatusCode: res.StatusCode, 6024 }, 6025 } 6026 target := &ret 6027 if err := gensupport.DecodeResponse(target, res); err != nil { 6028 return nil, err 6029 } 6030 return ret, nil 6031 // { 6032 // "description": "Updates an existing WorkloadIdentityPoolProvider.", 6033 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}", 6034 // "httpMethod": "PATCH", 6035 // "id": "iam.projects.locations.workloadIdentityPools.providers.patch", 6036 // "parameterOrder": [ 6037 // "name" 6038 // ], 6039 // "parameters": { 6040 // "name": { 6041 // "description": "Output only. The resource name of the provider.", 6042 // "location": "path", 6043 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+$", 6044 // "required": true, 6045 // "type": "string" 6046 // }, 6047 // "updateMask": { 6048 // "description": "Required. The list of fields to update.", 6049 // "format": "google-fieldmask", 6050 // "location": "query", 6051 // "type": "string" 6052 // } 6053 // }, 6054 // "path": "v1/{+name}", 6055 // "request": { 6056 // "$ref": "WorkloadIdentityPoolProvider" 6057 // }, 6058 // "response": { 6059 // "$ref": "Operation" 6060 // }, 6061 // "scopes": [ 6062 // "https://www.googleapis.com/auth/cloud-platform" 6063 // ] 6064 // } 6065 6066} 6067 6068// method id "iam.projects.locations.workloadIdentityPools.providers.undelete": 6069 6070type ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall struct { 6071 s *Service 6072 name string 6073 undeleteworkloadidentitypoolproviderrequest *UndeleteWorkloadIdentityPoolProviderRequest 6074 urlParams_ gensupport.URLParams 6075 ctx_ context.Context 6076 header_ http.Header 6077} 6078 6079// Undelete: Undeletes a WorkloadIdentityPoolProvider, as long as it was 6080// deleted fewer than 30 days ago. 6081// 6082// - name: The name of the provider to undelete. 6083func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Undelete(name string, undeleteworkloadidentitypoolproviderrequest *UndeleteWorkloadIdentityPoolProviderRequest) *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall { 6084 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6085 c.name = name 6086 c.undeleteworkloadidentitypoolproviderrequest = undeleteworkloadidentitypoolproviderrequest 6087 return c 6088} 6089 6090// Fields allows partial responses to be retrieved. See 6091// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6092// for more information. 6093func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall { 6094 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6095 return c 6096} 6097 6098// Context sets the context to be used in this call's Do method. Any 6099// pending HTTP request will be aborted if the provided context is 6100// canceled. 6101func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall { 6102 c.ctx_ = ctx 6103 return c 6104} 6105 6106// Header returns an http.Header that can be modified by the caller to 6107// add HTTP headers to the request. 6108func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Header() http.Header { 6109 if c.header_ == nil { 6110 c.header_ = make(http.Header) 6111 } 6112 return c.header_ 6113} 6114 6115func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) doRequest(alt string) (*http.Response, error) { 6116 reqHeaders := make(http.Header) 6117 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 6118 for k, v := range c.header_ { 6119 reqHeaders[k] = v 6120 } 6121 reqHeaders.Set("User-Agent", c.s.userAgent()) 6122 var body io.Reader = nil 6123 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteworkloadidentitypoolproviderrequest) 6124 if err != nil { 6125 return nil, err 6126 } 6127 reqHeaders.Set("Content-Type", "application/json") 6128 c.urlParams_.Set("alt", alt) 6129 c.urlParams_.Set("prettyPrint", "false") 6130 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 6131 urls += "?" + c.urlParams_.Encode() 6132 req, err := http.NewRequest("POST", urls, body) 6133 if err != nil { 6134 return nil, err 6135 } 6136 req.Header = reqHeaders 6137 googleapi.Expand(req.URL, map[string]string{ 6138 "name": c.name, 6139 }) 6140 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6141} 6142 6143// Do executes the "iam.projects.locations.workloadIdentityPools.providers.undelete" call. 6144// Exactly one of *Operation or error will be non-nil. Any non-2xx 6145// status code is an error. Response headers are in either 6146// *Operation.ServerResponse.Header or (if a response was returned at 6147// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 6148// to check whether the returned error was because 6149// http.StatusNotModified was returned. 6150func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 6151 gensupport.SetOptions(c.urlParams_, opts...) 6152 res, err := c.doRequest("json") 6153 if res != nil && res.StatusCode == http.StatusNotModified { 6154 if res.Body != nil { 6155 res.Body.Close() 6156 } 6157 return nil, &googleapi.Error{ 6158 Code: res.StatusCode, 6159 Header: res.Header, 6160 } 6161 } 6162 if err != nil { 6163 return nil, err 6164 } 6165 defer googleapi.CloseBody(res) 6166 if err := googleapi.CheckResponse(res); err != nil { 6167 return nil, err 6168 } 6169 ret := &Operation{ 6170 ServerResponse: googleapi.ServerResponse{ 6171 Header: res.Header, 6172 HTTPStatusCode: res.StatusCode, 6173 }, 6174 } 6175 target := &ret 6176 if err := gensupport.DecodeResponse(target, res); err != nil { 6177 return nil, err 6178 } 6179 return ret, nil 6180 // { 6181 // "description": "Undeletes a WorkloadIdentityPoolProvider, as long as it was deleted fewer than 30 days ago.", 6182 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}:undelete", 6183 // "httpMethod": "POST", 6184 // "id": "iam.projects.locations.workloadIdentityPools.providers.undelete", 6185 // "parameterOrder": [ 6186 // "name" 6187 // ], 6188 // "parameters": { 6189 // "name": { 6190 // "description": "Required. The name of the provider to undelete.", 6191 // "location": "path", 6192 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+$", 6193 // "required": true, 6194 // "type": "string" 6195 // } 6196 // }, 6197 // "path": "v1/{+name}:undelete", 6198 // "request": { 6199 // "$ref": "UndeleteWorkloadIdentityPoolProviderRequest" 6200 // }, 6201 // "response": { 6202 // "$ref": "Operation" 6203 // }, 6204 // "scopes": [ 6205 // "https://www.googleapis.com/auth/cloud-platform" 6206 // ] 6207 // } 6208 6209} 6210 6211// method id "iam.projects.locations.workloadIdentityPools.providers.operations.get": 6212 6213type ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall struct { 6214 s *Service 6215 name string 6216 urlParams_ gensupport.URLParams 6217 ifNoneMatch_ string 6218 ctx_ context.Context 6219 header_ http.Header 6220} 6221 6222// Get: Gets the latest state of a long-running operation. Clients can 6223// use this method to poll the operation result at intervals as 6224// recommended by the API service. 6225// 6226// - name: The name of the operation resource. 6227func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall { 6228 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6229 c.name = name 6230 return c 6231} 6232 6233// Fields allows partial responses to be retrieved. See 6234// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6235// for more information. 6236func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall { 6237 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6238 return c 6239} 6240 6241// IfNoneMatch sets the optional parameter which makes the operation 6242// fail if the object's ETag matches the given value. This is useful for 6243// getting updates only after the object has changed since the last 6244// request. Use googleapi.IsNotModified to check whether the response 6245// error from Do is the result of In-None-Match. 6246func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall { 6247 c.ifNoneMatch_ = entityTag 6248 return c 6249} 6250 6251// Context sets the context to be used in this call's Do method. Any 6252// pending HTTP request will be aborted if the provided context is 6253// canceled. 6254func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall { 6255 c.ctx_ = ctx 6256 return c 6257} 6258 6259// Header returns an http.Header that can be modified by the caller to 6260// add HTTP headers to the request. 6261func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Header() http.Header { 6262 if c.header_ == nil { 6263 c.header_ = make(http.Header) 6264 } 6265 return c.header_ 6266} 6267 6268func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) doRequest(alt string) (*http.Response, error) { 6269 reqHeaders := make(http.Header) 6270 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 6271 for k, v := range c.header_ { 6272 reqHeaders[k] = v 6273 } 6274 reqHeaders.Set("User-Agent", c.s.userAgent()) 6275 if c.ifNoneMatch_ != "" { 6276 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6277 } 6278 var body io.Reader = nil 6279 c.urlParams_.Set("alt", alt) 6280 c.urlParams_.Set("prettyPrint", "false") 6281 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6282 urls += "?" + c.urlParams_.Encode() 6283 req, err := http.NewRequest("GET", urls, body) 6284 if err != nil { 6285 return nil, err 6286 } 6287 req.Header = reqHeaders 6288 googleapi.Expand(req.URL, map[string]string{ 6289 "name": c.name, 6290 }) 6291 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6292} 6293 6294// Do executes the "iam.projects.locations.workloadIdentityPools.providers.operations.get" call. 6295// Exactly one of *Operation or error will be non-nil. Any non-2xx 6296// status code is an error. Response headers are in either 6297// *Operation.ServerResponse.Header or (if a response was returned at 6298// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 6299// to check whether the returned error was because 6300// http.StatusNotModified was returned. 6301func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 6302 gensupport.SetOptions(c.urlParams_, opts...) 6303 res, err := c.doRequest("json") 6304 if res != nil && res.StatusCode == http.StatusNotModified { 6305 if res.Body != nil { 6306 res.Body.Close() 6307 } 6308 return nil, &googleapi.Error{ 6309 Code: res.StatusCode, 6310 Header: res.Header, 6311 } 6312 } 6313 if err != nil { 6314 return nil, err 6315 } 6316 defer googleapi.CloseBody(res) 6317 if err := googleapi.CheckResponse(res); err != nil { 6318 return nil, err 6319 } 6320 ret := &Operation{ 6321 ServerResponse: googleapi.ServerResponse{ 6322 Header: res.Header, 6323 HTTPStatusCode: res.StatusCode, 6324 }, 6325 } 6326 target := &ret 6327 if err := gensupport.DecodeResponse(target, res); err != nil { 6328 return nil, err 6329 } 6330 return ret, nil 6331 // { 6332 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 6333 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}/operations/{operationsId}", 6334 // "httpMethod": "GET", 6335 // "id": "iam.projects.locations.workloadIdentityPools.providers.operations.get", 6336 // "parameterOrder": [ 6337 // "name" 6338 // ], 6339 // "parameters": { 6340 // "name": { 6341 // "description": "The name of the operation resource.", 6342 // "location": "path", 6343 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+/operations/[^/]+$", 6344 // "required": true, 6345 // "type": "string" 6346 // } 6347 // }, 6348 // "path": "v1/{+name}", 6349 // "response": { 6350 // "$ref": "Operation" 6351 // }, 6352 // "scopes": [ 6353 // "https://www.googleapis.com/auth/cloud-platform" 6354 // ] 6355 // } 6356 6357} 6358 6359// method id "iam.projects.roles.create": 6360 6361type ProjectsRolesCreateCall struct { 6362 s *Service 6363 parent string 6364 createrolerequest *CreateRoleRequest 6365 urlParams_ gensupport.URLParams 6366 ctx_ context.Context 6367 header_ http.Header 6368} 6369 6370// Create: Creates a new custom Role. 6371// 6372// - parent: The `parent` parameter's value depends on the target 6373// resource for the request, namely `projects` 6374// (/iam/reference/rest/v1/projects.roles) or `organizations` 6375// (/iam/reference/rest/v1/organizations.roles). Each resource type's 6376// `parent` value format is described below: * 6377// `projects.roles.create()` 6378// (/iam/reference/rest/v1/projects.roles/create): 6379// `projects/{PROJECT_ID}`. This method creates project-level custom 6380// roles (/iam/docs/understanding-custom-roles). Example request URL: 6381// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 6382// `organizations.roles.create()` 6383// (/iam/reference/rest/v1/organizations.roles/create): 6384// `organizations/{ORGANIZATION_ID}`. This method creates 6385// organization-level custom roles 6386// (/iam/docs/understanding-custom-roles). Example request URL: 6387// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 6388// ` Note: Wildcard (*) values are invalid; you must specify a 6389// complete project ID or organization ID. 6390func (r *ProjectsRolesService) Create(parent string, createrolerequest *CreateRoleRequest) *ProjectsRolesCreateCall { 6391 c := &ProjectsRolesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6392 c.parent = parent 6393 c.createrolerequest = createrolerequest 6394 return c 6395} 6396 6397// Fields allows partial responses to be retrieved. See 6398// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6399// for more information. 6400func (c *ProjectsRolesCreateCall) Fields(s ...googleapi.Field) *ProjectsRolesCreateCall { 6401 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6402 return c 6403} 6404 6405// Context sets the context to be used in this call's Do method. Any 6406// pending HTTP request will be aborted if the provided context is 6407// canceled. 6408func (c *ProjectsRolesCreateCall) Context(ctx context.Context) *ProjectsRolesCreateCall { 6409 c.ctx_ = ctx 6410 return c 6411} 6412 6413// Header returns an http.Header that can be modified by the caller to 6414// add HTTP headers to the request. 6415func (c *ProjectsRolesCreateCall) Header() http.Header { 6416 if c.header_ == nil { 6417 c.header_ = make(http.Header) 6418 } 6419 return c.header_ 6420} 6421 6422func (c *ProjectsRolesCreateCall) doRequest(alt string) (*http.Response, error) { 6423 reqHeaders := make(http.Header) 6424 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 6425 for k, v := range c.header_ { 6426 reqHeaders[k] = v 6427 } 6428 reqHeaders.Set("User-Agent", c.s.userAgent()) 6429 var body io.Reader = nil 6430 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createrolerequest) 6431 if err != nil { 6432 return nil, err 6433 } 6434 reqHeaders.Set("Content-Type", "application/json") 6435 c.urlParams_.Set("alt", alt) 6436 c.urlParams_.Set("prettyPrint", "false") 6437 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 6438 urls += "?" + c.urlParams_.Encode() 6439 req, err := http.NewRequest("POST", urls, body) 6440 if err != nil { 6441 return nil, err 6442 } 6443 req.Header = reqHeaders 6444 googleapi.Expand(req.URL, map[string]string{ 6445 "parent": c.parent, 6446 }) 6447 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6448} 6449 6450// Do executes the "iam.projects.roles.create" call. 6451// Exactly one of *Role or error will be non-nil. Any non-2xx status 6452// code is an error. Response headers are in either 6453// *Role.ServerResponse.Header or (if a response was returned at all) in 6454// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6455// whether the returned error was because http.StatusNotModified was 6456// returned. 6457func (c *ProjectsRolesCreateCall) Do(opts ...googleapi.CallOption) (*Role, error) { 6458 gensupport.SetOptions(c.urlParams_, opts...) 6459 res, err := c.doRequest("json") 6460 if res != nil && res.StatusCode == http.StatusNotModified { 6461 if res.Body != nil { 6462 res.Body.Close() 6463 } 6464 return nil, &googleapi.Error{ 6465 Code: res.StatusCode, 6466 Header: res.Header, 6467 } 6468 } 6469 if err != nil { 6470 return nil, err 6471 } 6472 defer googleapi.CloseBody(res) 6473 if err := googleapi.CheckResponse(res); err != nil { 6474 return nil, err 6475 } 6476 ret := &Role{ 6477 ServerResponse: googleapi.ServerResponse{ 6478 Header: res.Header, 6479 HTTPStatusCode: res.StatusCode, 6480 }, 6481 } 6482 target := &ret 6483 if err := gensupport.DecodeResponse(target, res); err != nil { 6484 return nil, err 6485 } 6486 return ret, nil 6487 // { 6488 // "description": "Creates a new custom Role.", 6489 // "flatPath": "v1/projects/{projectsId}/roles", 6490 // "httpMethod": "POST", 6491 // "id": "iam.projects.roles.create", 6492 // "parameterOrder": [ 6493 // "parent" 6494 // ], 6495 // "parameters": { 6496 // "parent": { 6497 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`projects.roles.create()`](/iam/reference/rest/v1/projects.roles/create): `projects/{PROJECT_ID}`. This method creates project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.create()`](/iam/reference/rest/v1/organizations.roles/create): `organizations/{ORGANIZATION_ID}`. This method creates organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 6498 // "location": "path", 6499 // "pattern": "^projects/[^/]+$", 6500 // "required": true, 6501 // "type": "string" 6502 // } 6503 // }, 6504 // "path": "v1/{+parent}/roles", 6505 // "request": { 6506 // "$ref": "CreateRoleRequest" 6507 // }, 6508 // "response": { 6509 // "$ref": "Role" 6510 // }, 6511 // "scopes": [ 6512 // "https://www.googleapis.com/auth/cloud-platform" 6513 // ] 6514 // } 6515 6516} 6517 6518// method id "iam.projects.roles.delete": 6519 6520type ProjectsRolesDeleteCall struct { 6521 s *Service 6522 name string 6523 urlParams_ gensupport.URLParams 6524 ctx_ context.Context 6525 header_ http.Header 6526} 6527 6528// Delete: Deletes a custom Role. When you delete a custom role, the 6529// following changes occur immediately: * You cannot bind a member to 6530// the custom role in an IAM Policy. * Existing bindings to the custom 6531// role are not changed, but they have no effect. * By default, the 6532// response from ListRoles does not include the custom role. You have 7 6533// days to undelete the custom role. After 7 days, the following changes 6534// occur: * The custom role is permanently deleted and cannot be 6535// recovered. * If an IAM policy contains a binding to the custom role, 6536// the binding is permanently removed. 6537// 6538// - name: The `name` parameter's value depends on the target resource 6539// for the request, namely `projects` 6540// (/iam/reference/rest/v1/projects.roles) or `organizations` 6541// (/iam/reference/rest/v1/organizations.roles). Each resource type's 6542// `name` value format is described below: * `projects.roles.delete()` 6543// (/iam/reference/rest/v1/projects.roles/delete): 6544// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes 6545// only custom roles (/iam/docs/understanding-custom-roles) that have 6546// been created at the project level. Example request URL: 6547// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 6548// OLE_ID}` * `organizations.roles.delete()` 6549// (/iam/reference/rest/v1/organizations.roles/delete): 6550// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 6551// method deletes only custom roles 6552// (/iam/docs/understanding-custom-roles) that have been created at 6553// the organization level. Example request URL: 6554// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 6555// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 6556// specify a complete project ID or organization ID. 6557func (r *ProjectsRolesService) Delete(name string) *ProjectsRolesDeleteCall { 6558 c := &ProjectsRolesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6559 c.name = name 6560 return c 6561} 6562 6563// Etag sets the optional parameter "etag": Used to perform a consistent 6564// read-modify-write. 6565func (c *ProjectsRolesDeleteCall) Etag(etag string) *ProjectsRolesDeleteCall { 6566 c.urlParams_.Set("etag", etag) 6567 return c 6568} 6569 6570// Fields allows partial responses to be retrieved. See 6571// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6572// for more information. 6573func (c *ProjectsRolesDeleteCall) Fields(s ...googleapi.Field) *ProjectsRolesDeleteCall { 6574 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6575 return c 6576} 6577 6578// Context sets the context to be used in this call's Do method. Any 6579// pending HTTP request will be aborted if the provided context is 6580// canceled. 6581func (c *ProjectsRolesDeleteCall) Context(ctx context.Context) *ProjectsRolesDeleteCall { 6582 c.ctx_ = ctx 6583 return c 6584} 6585 6586// Header returns an http.Header that can be modified by the caller to 6587// add HTTP headers to the request. 6588func (c *ProjectsRolesDeleteCall) Header() http.Header { 6589 if c.header_ == nil { 6590 c.header_ = make(http.Header) 6591 } 6592 return c.header_ 6593} 6594 6595func (c *ProjectsRolesDeleteCall) doRequest(alt string) (*http.Response, error) { 6596 reqHeaders := make(http.Header) 6597 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 6598 for k, v := range c.header_ { 6599 reqHeaders[k] = v 6600 } 6601 reqHeaders.Set("User-Agent", c.s.userAgent()) 6602 var body io.Reader = nil 6603 c.urlParams_.Set("alt", alt) 6604 c.urlParams_.Set("prettyPrint", "false") 6605 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6606 urls += "?" + c.urlParams_.Encode() 6607 req, err := http.NewRequest("DELETE", urls, body) 6608 if err != nil { 6609 return nil, err 6610 } 6611 req.Header = reqHeaders 6612 googleapi.Expand(req.URL, map[string]string{ 6613 "name": c.name, 6614 }) 6615 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6616} 6617 6618// Do executes the "iam.projects.roles.delete" call. 6619// Exactly one of *Role or error will be non-nil. Any non-2xx status 6620// code is an error. Response headers are in either 6621// *Role.ServerResponse.Header or (if a response was returned at all) in 6622// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6623// whether the returned error was because http.StatusNotModified was 6624// returned. 6625func (c *ProjectsRolesDeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 6626 gensupport.SetOptions(c.urlParams_, opts...) 6627 res, err := c.doRequest("json") 6628 if res != nil && res.StatusCode == http.StatusNotModified { 6629 if res.Body != nil { 6630 res.Body.Close() 6631 } 6632 return nil, &googleapi.Error{ 6633 Code: res.StatusCode, 6634 Header: res.Header, 6635 } 6636 } 6637 if err != nil { 6638 return nil, err 6639 } 6640 defer googleapi.CloseBody(res) 6641 if err := googleapi.CheckResponse(res); err != nil { 6642 return nil, err 6643 } 6644 ret := &Role{ 6645 ServerResponse: googleapi.ServerResponse{ 6646 Header: res.Header, 6647 HTTPStatusCode: res.StatusCode, 6648 }, 6649 } 6650 target := &ret 6651 if err := gensupport.DecodeResponse(target, res); err != nil { 6652 return nil, err 6653 } 6654 return ret, nil 6655 // { 6656 // "description": "Deletes a custom Role. When you delete a custom role, the following changes occur immediately: * You cannot bind a member to the custom role in an IAM Policy. * Existing bindings to the custom role are not changed, but they have no effect. * By default, the response from ListRoles does not include the custom role. You have 7 days to undelete the custom role. After 7 days, the following changes occur: * The custom role is permanently deleted and cannot be recovered. * If an IAM policy contains a binding to the custom role, the binding is permanently removed.", 6657 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 6658 // "httpMethod": "DELETE", 6659 // "id": "iam.projects.roles.delete", 6660 // "parameterOrder": [ 6661 // "name" 6662 // ], 6663 // "parameters": { 6664 // "etag": { 6665 // "description": "Used to perform a consistent read-modify-write.", 6666 // "format": "byte", 6667 // "location": "query", 6668 // "type": "string" 6669 // }, 6670 // "name": { 6671 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.delete()`](/iam/reference/rest/v1/projects.roles/delete): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.delete()`](/iam/reference/rest/v1/organizations.roles/delete): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 6672 // "location": "path", 6673 // "pattern": "^projects/[^/]+/roles/[^/]+$", 6674 // "required": true, 6675 // "type": "string" 6676 // } 6677 // }, 6678 // "path": "v1/{+name}", 6679 // "response": { 6680 // "$ref": "Role" 6681 // }, 6682 // "scopes": [ 6683 // "https://www.googleapis.com/auth/cloud-platform" 6684 // ] 6685 // } 6686 6687} 6688 6689// method id "iam.projects.roles.get": 6690 6691type ProjectsRolesGetCall struct { 6692 s *Service 6693 name string 6694 urlParams_ gensupport.URLParams 6695 ifNoneMatch_ string 6696 ctx_ context.Context 6697 header_ http.Header 6698} 6699 6700// Get: Gets the definition of a Role. 6701// 6702// - name: The `name` parameter's value depends on the target resource 6703// for the request, namely `roles` (/iam/reference/rest/v1/roles), 6704// `projects` (/iam/reference/rest/v1/projects.roles), or 6705// `organizations` (/iam/reference/rest/v1/organizations.roles). Each 6706// resource type's `name` value format is described below: * 6707// `roles.get()` (/iam/reference/rest/v1/roles/get): 6708// `roles/{ROLE_NAME}`. This method returns results from all 6709// predefined roles (/iam/docs/understanding-roles#predefined_roles) 6710// in Cloud IAM. Example request URL: 6711// `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * 6712// `projects.roles.get()` (/iam/reference/rest/v1/projects.roles/get): 6713// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns 6714// only custom roles (/iam/docs/understanding-custom-roles) that have 6715// been created at the project level. Example request URL: 6716// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 6717// OLE_ID}` * `organizations.roles.get()` 6718// (/iam/reference/rest/v1/organizations.roles/get): 6719// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 6720// method returns only custom roles 6721// (/iam/docs/understanding-custom-roles) that have been created at 6722// the organization level. Example request URL: 6723// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 6724// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 6725// specify a complete project ID or organization ID. 6726func (r *ProjectsRolesService) Get(name string) *ProjectsRolesGetCall { 6727 c := &ProjectsRolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6728 c.name = name 6729 return c 6730} 6731 6732// Fields allows partial responses to be retrieved. See 6733// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6734// for more information. 6735func (c *ProjectsRolesGetCall) Fields(s ...googleapi.Field) *ProjectsRolesGetCall { 6736 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6737 return c 6738} 6739 6740// IfNoneMatch sets the optional parameter which makes the operation 6741// fail if the object's ETag matches the given value. This is useful for 6742// getting updates only after the object has changed since the last 6743// request. Use googleapi.IsNotModified to check whether the response 6744// error from Do is the result of In-None-Match. 6745func (c *ProjectsRolesGetCall) IfNoneMatch(entityTag string) *ProjectsRolesGetCall { 6746 c.ifNoneMatch_ = entityTag 6747 return c 6748} 6749 6750// Context sets the context to be used in this call's Do method. Any 6751// pending HTTP request will be aborted if the provided context is 6752// canceled. 6753func (c *ProjectsRolesGetCall) Context(ctx context.Context) *ProjectsRolesGetCall { 6754 c.ctx_ = ctx 6755 return c 6756} 6757 6758// Header returns an http.Header that can be modified by the caller to 6759// add HTTP headers to the request. 6760func (c *ProjectsRolesGetCall) Header() http.Header { 6761 if c.header_ == nil { 6762 c.header_ = make(http.Header) 6763 } 6764 return c.header_ 6765} 6766 6767func (c *ProjectsRolesGetCall) doRequest(alt string) (*http.Response, error) { 6768 reqHeaders := make(http.Header) 6769 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 6770 for k, v := range c.header_ { 6771 reqHeaders[k] = v 6772 } 6773 reqHeaders.Set("User-Agent", c.s.userAgent()) 6774 if c.ifNoneMatch_ != "" { 6775 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6776 } 6777 var body io.Reader = nil 6778 c.urlParams_.Set("alt", alt) 6779 c.urlParams_.Set("prettyPrint", "false") 6780 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6781 urls += "?" + c.urlParams_.Encode() 6782 req, err := http.NewRequest("GET", urls, body) 6783 if err != nil { 6784 return nil, err 6785 } 6786 req.Header = reqHeaders 6787 googleapi.Expand(req.URL, map[string]string{ 6788 "name": c.name, 6789 }) 6790 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6791} 6792 6793// Do executes the "iam.projects.roles.get" call. 6794// Exactly one of *Role or error will be non-nil. Any non-2xx status 6795// code is an error. Response headers are in either 6796// *Role.ServerResponse.Header or (if a response was returned at all) in 6797// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6798// whether the returned error was because http.StatusNotModified was 6799// returned. 6800func (c *ProjectsRolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 6801 gensupport.SetOptions(c.urlParams_, opts...) 6802 res, err := c.doRequest("json") 6803 if res != nil && res.StatusCode == http.StatusNotModified { 6804 if res.Body != nil { 6805 res.Body.Close() 6806 } 6807 return nil, &googleapi.Error{ 6808 Code: res.StatusCode, 6809 Header: res.Header, 6810 } 6811 } 6812 if err != nil { 6813 return nil, err 6814 } 6815 defer googleapi.CloseBody(res) 6816 if err := googleapi.CheckResponse(res); err != nil { 6817 return nil, err 6818 } 6819 ret := &Role{ 6820 ServerResponse: googleapi.ServerResponse{ 6821 Header: res.Header, 6822 HTTPStatusCode: res.StatusCode, 6823 }, 6824 } 6825 target := &ret 6826 if err := gensupport.DecodeResponse(target, res); err != nil { 6827 return nil, err 6828 } 6829 return ret, nil 6830 // { 6831 // "description": "Gets the definition of a Role.", 6832 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 6833 // "httpMethod": "GET", 6834 // "id": "iam.projects.roles.get", 6835 // "parameterOrder": [ 6836 // "name" 6837 // ], 6838 // "parameters": { 6839 // "name": { 6840 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`. This method returns results from all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 6841 // "location": "path", 6842 // "pattern": "^projects/[^/]+/roles/[^/]+$", 6843 // "required": true, 6844 // "type": "string" 6845 // } 6846 // }, 6847 // "path": "v1/{+name}", 6848 // "response": { 6849 // "$ref": "Role" 6850 // }, 6851 // "scopes": [ 6852 // "https://www.googleapis.com/auth/cloud-platform" 6853 // ] 6854 // } 6855 6856} 6857 6858// method id "iam.projects.roles.list": 6859 6860type ProjectsRolesListCall struct { 6861 s *Service 6862 parent string 6863 urlParams_ gensupport.URLParams 6864 ifNoneMatch_ string 6865 ctx_ context.Context 6866 header_ http.Header 6867} 6868 6869// List: Lists every predefined Role that IAM supports, or every custom 6870// role that is defined for an organization or project. 6871// 6872// - parent: The `parent` parameter's value depends on the target 6873// resource for the request, namely `roles` 6874// (/iam/reference/rest/v1/roles), `projects` 6875// (/iam/reference/rest/v1/projects.roles), or `organizations` 6876// (/iam/reference/rest/v1/organizations.roles). Each resource type's 6877// `parent` value format is described below: * `roles.list()` 6878// (/iam/reference/rest/v1/roles/list): An empty string. This method 6879// doesn't require a resource; it simply returns all predefined roles 6880// (/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. 6881// Example request URL: `https://iam.googleapis.com/v1/roles` * 6882// `projects.roles.list()` 6883// (/iam/reference/rest/v1/projects.roles/list): 6884// `projects/{PROJECT_ID}`. This method lists all project-level custom 6885// roles (/iam/docs/understanding-custom-roles). Example request URL: 6886// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 6887// `organizations.roles.list()` 6888// (/iam/reference/rest/v1/organizations.roles/list): 6889// `organizations/{ORGANIZATION_ID}`. This method lists all 6890// organization-level custom roles 6891// (/iam/docs/understanding-custom-roles). Example request URL: 6892// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 6893// ` Note: Wildcard (*) values are invalid; you must specify a 6894// complete project ID or organization ID. 6895func (r *ProjectsRolesService) List(parent string) *ProjectsRolesListCall { 6896 c := &ProjectsRolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6897 c.parent = parent 6898 return c 6899} 6900 6901// PageSize sets the optional parameter "pageSize": Optional limit on 6902// the number of roles to include in the response. The default is 300, 6903// and the maximum is 1,000. 6904func (c *ProjectsRolesListCall) PageSize(pageSize int64) *ProjectsRolesListCall { 6905 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 6906 return c 6907} 6908 6909// PageToken sets the optional parameter "pageToken": Optional 6910// pagination token returned in an earlier ListRolesResponse. 6911func (c *ProjectsRolesListCall) PageToken(pageToken string) *ProjectsRolesListCall { 6912 c.urlParams_.Set("pageToken", pageToken) 6913 return c 6914} 6915 6916// ShowDeleted sets the optional parameter "showDeleted": Include Roles 6917// that have been deleted. 6918func (c *ProjectsRolesListCall) ShowDeleted(showDeleted bool) *ProjectsRolesListCall { 6919 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 6920 return c 6921} 6922 6923// View sets the optional parameter "view": Optional view for the 6924// returned Role objects. When `FULL` is specified, the 6925// `includedPermissions` field is returned, which includes a list of all 6926// permissions in the role. The default value is `BASIC`, which does not 6927// return the `includedPermissions` field. 6928// 6929// Possible values: 6930// "BASIC" - Omits the `included_permissions` field. This is the 6931// default value. 6932// "FULL" - Returns all fields. 6933func (c *ProjectsRolesListCall) View(view string) *ProjectsRolesListCall { 6934 c.urlParams_.Set("view", view) 6935 return c 6936} 6937 6938// Fields allows partial responses to be retrieved. See 6939// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6940// for more information. 6941func (c *ProjectsRolesListCall) Fields(s ...googleapi.Field) *ProjectsRolesListCall { 6942 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6943 return c 6944} 6945 6946// IfNoneMatch sets the optional parameter which makes the operation 6947// fail if the object's ETag matches the given value. This is useful for 6948// getting updates only after the object has changed since the last 6949// request. Use googleapi.IsNotModified to check whether the response 6950// error from Do is the result of In-None-Match. 6951func (c *ProjectsRolesListCall) IfNoneMatch(entityTag string) *ProjectsRolesListCall { 6952 c.ifNoneMatch_ = entityTag 6953 return c 6954} 6955 6956// Context sets the context to be used in this call's Do method. Any 6957// pending HTTP request will be aborted if the provided context is 6958// canceled. 6959func (c *ProjectsRolesListCall) Context(ctx context.Context) *ProjectsRolesListCall { 6960 c.ctx_ = ctx 6961 return c 6962} 6963 6964// Header returns an http.Header that can be modified by the caller to 6965// add HTTP headers to the request. 6966func (c *ProjectsRolesListCall) Header() http.Header { 6967 if c.header_ == nil { 6968 c.header_ = make(http.Header) 6969 } 6970 return c.header_ 6971} 6972 6973func (c *ProjectsRolesListCall) doRequest(alt string) (*http.Response, error) { 6974 reqHeaders := make(http.Header) 6975 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 6976 for k, v := range c.header_ { 6977 reqHeaders[k] = v 6978 } 6979 reqHeaders.Set("User-Agent", c.s.userAgent()) 6980 if c.ifNoneMatch_ != "" { 6981 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6982 } 6983 var body io.Reader = nil 6984 c.urlParams_.Set("alt", alt) 6985 c.urlParams_.Set("prettyPrint", "false") 6986 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 6987 urls += "?" + c.urlParams_.Encode() 6988 req, err := http.NewRequest("GET", urls, body) 6989 if err != nil { 6990 return nil, err 6991 } 6992 req.Header = reqHeaders 6993 googleapi.Expand(req.URL, map[string]string{ 6994 "parent": c.parent, 6995 }) 6996 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6997} 6998 6999// Do executes the "iam.projects.roles.list" call. 7000// Exactly one of *ListRolesResponse or error will be non-nil. Any 7001// non-2xx status code is an error. Response headers are in either 7002// *ListRolesResponse.ServerResponse.Header or (if a response was 7003// returned at all) in error.(*googleapi.Error).Header. Use 7004// googleapi.IsNotModified to check whether the returned error was 7005// because http.StatusNotModified was returned. 7006func (c *ProjectsRolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 7007 gensupport.SetOptions(c.urlParams_, opts...) 7008 res, err := c.doRequest("json") 7009 if res != nil && res.StatusCode == http.StatusNotModified { 7010 if res.Body != nil { 7011 res.Body.Close() 7012 } 7013 return nil, &googleapi.Error{ 7014 Code: res.StatusCode, 7015 Header: res.Header, 7016 } 7017 } 7018 if err != nil { 7019 return nil, err 7020 } 7021 defer googleapi.CloseBody(res) 7022 if err := googleapi.CheckResponse(res); err != nil { 7023 return nil, err 7024 } 7025 ret := &ListRolesResponse{ 7026 ServerResponse: googleapi.ServerResponse{ 7027 Header: res.Header, 7028 HTTPStatusCode: res.StatusCode, 7029 }, 7030 } 7031 target := &ret 7032 if err := gensupport.DecodeResponse(target, res); err != nil { 7033 return nil, err 7034 } 7035 return ret, nil 7036 // { 7037 // "description": "Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.", 7038 // "flatPath": "v1/projects/{projectsId}/roles", 7039 // "httpMethod": "GET", 7040 // "id": "iam.projects.roles.list", 7041 // "parameterOrder": [ 7042 // "parent" 7043 // ], 7044 // "parameters": { 7045 // "pageSize": { 7046 // "description": "Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000.", 7047 // "format": "int32", 7048 // "location": "query", 7049 // "type": "integer" 7050 // }, 7051 // "pageToken": { 7052 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 7053 // "location": "query", 7054 // "type": "string" 7055 // }, 7056 // "parent": { 7057 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string. This method doesn't require a resource; it simply returns all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles` * [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list): `projects/{PROJECT_ID}`. This method lists all project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list): `organizations/{ORGANIZATION_ID}`. This method lists all organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 7058 // "location": "path", 7059 // "pattern": "^projects/[^/]+$", 7060 // "required": true, 7061 // "type": "string" 7062 // }, 7063 // "showDeleted": { 7064 // "description": "Include Roles that have been deleted.", 7065 // "location": "query", 7066 // "type": "boolean" 7067 // }, 7068 // "view": { 7069 // "description": "Optional view for the returned Role objects. When `FULL` is specified, the `includedPermissions` field is returned, which includes a list of all permissions in the role. The default value is `BASIC`, which does not return the `includedPermissions` field.", 7070 // "enum": [ 7071 // "BASIC", 7072 // "FULL" 7073 // ], 7074 // "enumDescriptions": [ 7075 // "Omits the `included_permissions` field. This is the default value.", 7076 // "Returns all fields." 7077 // ], 7078 // "location": "query", 7079 // "type": "string" 7080 // } 7081 // }, 7082 // "path": "v1/{+parent}/roles", 7083 // "response": { 7084 // "$ref": "ListRolesResponse" 7085 // }, 7086 // "scopes": [ 7087 // "https://www.googleapis.com/auth/cloud-platform" 7088 // ] 7089 // } 7090 7091} 7092 7093// Pages invokes f for each page of results. 7094// A non-nil error returned from f will halt the iteration. 7095// The provided context supersedes any context provided to the Context method. 7096func (c *ProjectsRolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 7097 c.ctx_ = ctx 7098 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 7099 for { 7100 x, err := c.Do() 7101 if err != nil { 7102 return err 7103 } 7104 if err := f(x); err != nil { 7105 return err 7106 } 7107 if x.NextPageToken == "" { 7108 return nil 7109 } 7110 c.PageToken(x.NextPageToken) 7111 } 7112} 7113 7114// method id "iam.projects.roles.patch": 7115 7116type ProjectsRolesPatchCall struct { 7117 s *Service 7118 name string 7119 role *Role 7120 urlParams_ gensupport.URLParams 7121 ctx_ context.Context 7122 header_ http.Header 7123} 7124 7125// Patch: Updates the definition of a custom Role. 7126// 7127// - name: The `name` parameter's value depends on the target resource 7128// for the request, namely `projects` 7129// (/iam/reference/rest/v1/projects.roles) or `organizations` 7130// (/iam/reference/rest/v1/organizations.roles). Each resource type's 7131// `name` value format is described below: * `projects.roles.patch()` 7132// (/iam/reference/rest/v1/projects.roles/patch): 7133// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates 7134// only custom roles (/iam/docs/understanding-custom-roles) that have 7135// been created at the project level. Example request URL: 7136// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 7137// OLE_ID}` * `organizations.roles.patch()` 7138// (/iam/reference/rest/v1/organizations.roles/patch): 7139// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 7140// method updates only custom roles 7141// (/iam/docs/understanding-custom-roles) that have been created at 7142// the organization level. Example request URL: 7143// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 7144// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 7145// specify a complete project ID or organization ID. 7146func (r *ProjectsRolesService) Patch(name string, role *Role) *ProjectsRolesPatchCall { 7147 c := &ProjectsRolesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7148 c.name = name 7149 c.role = role 7150 return c 7151} 7152 7153// UpdateMask sets the optional parameter "updateMask": A mask 7154// describing which fields in the Role have changed. 7155func (c *ProjectsRolesPatchCall) UpdateMask(updateMask string) *ProjectsRolesPatchCall { 7156 c.urlParams_.Set("updateMask", updateMask) 7157 return c 7158} 7159 7160// Fields allows partial responses to be retrieved. See 7161// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7162// for more information. 7163func (c *ProjectsRolesPatchCall) Fields(s ...googleapi.Field) *ProjectsRolesPatchCall { 7164 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7165 return c 7166} 7167 7168// Context sets the context to be used in this call's Do method. Any 7169// pending HTTP request will be aborted if the provided context is 7170// canceled. 7171func (c *ProjectsRolesPatchCall) Context(ctx context.Context) *ProjectsRolesPatchCall { 7172 c.ctx_ = ctx 7173 return c 7174} 7175 7176// Header returns an http.Header that can be modified by the caller to 7177// add HTTP headers to the request. 7178func (c *ProjectsRolesPatchCall) Header() http.Header { 7179 if c.header_ == nil { 7180 c.header_ = make(http.Header) 7181 } 7182 return c.header_ 7183} 7184 7185func (c *ProjectsRolesPatchCall) doRequest(alt string) (*http.Response, error) { 7186 reqHeaders := make(http.Header) 7187 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 7188 for k, v := range c.header_ { 7189 reqHeaders[k] = v 7190 } 7191 reqHeaders.Set("User-Agent", c.s.userAgent()) 7192 var body io.Reader = nil 7193 body, err := googleapi.WithoutDataWrapper.JSONReader(c.role) 7194 if err != nil { 7195 return nil, err 7196 } 7197 reqHeaders.Set("Content-Type", "application/json") 7198 c.urlParams_.Set("alt", alt) 7199 c.urlParams_.Set("prettyPrint", "false") 7200 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 7201 urls += "?" + c.urlParams_.Encode() 7202 req, err := http.NewRequest("PATCH", urls, body) 7203 if err != nil { 7204 return nil, err 7205 } 7206 req.Header = reqHeaders 7207 googleapi.Expand(req.URL, map[string]string{ 7208 "name": c.name, 7209 }) 7210 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7211} 7212 7213// Do executes the "iam.projects.roles.patch" call. 7214// Exactly one of *Role or error will be non-nil. Any non-2xx status 7215// code is an error. Response headers are in either 7216// *Role.ServerResponse.Header or (if a response was returned at all) in 7217// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 7218// whether the returned error was because http.StatusNotModified was 7219// returned. 7220func (c *ProjectsRolesPatchCall) Do(opts ...googleapi.CallOption) (*Role, error) { 7221 gensupport.SetOptions(c.urlParams_, opts...) 7222 res, err := c.doRequest("json") 7223 if res != nil && res.StatusCode == http.StatusNotModified { 7224 if res.Body != nil { 7225 res.Body.Close() 7226 } 7227 return nil, &googleapi.Error{ 7228 Code: res.StatusCode, 7229 Header: res.Header, 7230 } 7231 } 7232 if err != nil { 7233 return nil, err 7234 } 7235 defer googleapi.CloseBody(res) 7236 if err := googleapi.CheckResponse(res); err != nil { 7237 return nil, err 7238 } 7239 ret := &Role{ 7240 ServerResponse: googleapi.ServerResponse{ 7241 Header: res.Header, 7242 HTTPStatusCode: res.StatusCode, 7243 }, 7244 } 7245 target := &ret 7246 if err := gensupport.DecodeResponse(target, res); err != nil { 7247 return nil, err 7248 } 7249 return ret, nil 7250 // { 7251 // "description": "Updates the definition of a custom Role.", 7252 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 7253 // "httpMethod": "PATCH", 7254 // "id": "iam.projects.roles.patch", 7255 // "parameterOrder": [ 7256 // "name" 7257 // ], 7258 // "parameters": { 7259 // "name": { 7260 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.patch()`](/iam/reference/rest/v1/projects.roles/patch): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.patch()`](/iam/reference/rest/v1/organizations.roles/patch): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 7261 // "location": "path", 7262 // "pattern": "^projects/[^/]+/roles/[^/]+$", 7263 // "required": true, 7264 // "type": "string" 7265 // }, 7266 // "updateMask": { 7267 // "description": "A mask describing which fields in the Role have changed.", 7268 // "format": "google-fieldmask", 7269 // "location": "query", 7270 // "type": "string" 7271 // } 7272 // }, 7273 // "path": "v1/{+name}", 7274 // "request": { 7275 // "$ref": "Role" 7276 // }, 7277 // "response": { 7278 // "$ref": "Role" 7279 // }, 7280 // "scopes": [ 7281 // "https://www.googleapis.com/auth/cloud-platform" 7282 // ] 7283 // } 7284 7285} 7286 7287// method id "iam.projects.roles.undelete": 7288 7289type ProjectsRolesUndeleteCall struct { 7290 s *Service 7291 name string 7292 undeleterolerequest *UndeleteRoleRequest 7293 urlParams_ gensupport.URLParams 7294 ctx_ context.Context 7295 header_ http.Header 7296} 7297 7298// Undelete: Undeletes a custom Role. 7299// 7300// - name: The `name` parameter's value depends on the target resource 7301// for the request, namely `projects` 7302// (/iam/reference/rest/v1/projects.roles) or `organizations` 7303// (/iam/reference/rest/v1/organizations.roles). Each resource type's 7304// `name` value format is described below: * 7305// `projects.roles.undelete()` 7306// (/iam/reference/rest/v1/projects.roles/undelete): 7307// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method 7308// undeletes only custom roles (/iam/docs/understanding-custom-roles) 7309// that have been created at the project level. Example request URL: 7310// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 7311// OLE_ID}` * `organizations.roles.undelete()` 7312// (/iam/reference/rest/v1/organizations.roles/undelete): 7313// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 7314// method undeletes only custom roles 7315// (/iam/docs/understanding-custom-roles) that have been created at 7316// the organization level. Example request URL: 7317// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 7318// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 7319// specify a complete project ID or organization ID. 7320func (r *ProjectsRolesService) Undelete(name string, undeleterolerequest *UndeleteRoleRequest) *ProjectsRolesUndeleteCall { 7321 c := &ProjectsRolesUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7322 c.name = name 7323 c.undeleterolerequest = undeleterolerequest 7324 return c 7325} 7326 7327// Fields allows partial responses to be retrieved. See 7328// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7329// for more information. 7330func (c *ProjectsRolesUndeleteCall) Fields(s ...googleapi.Field) *ProjectsRolesUndeleteCall { 7331 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7332 return c 7333} 7334 7335// Context sets the context to be used in this call's Do method. Any 7336// pending HTTP request will be aborted if the provided context is 7337// canceled. 7338func (c *ProjectsRolesUndeleteCall) Context(ctx context.Context) *ProjectsRolesUndeleteCall { 7339 c.ctx_ = ctx 7340 return c 7341} 7342 7343// Header returns an http.Header that can be modified by the caller to 7344// add HTTP headers to the request. 7345func (c *ProjectsRolesUndeleteCall) Header() http.Header { 7346 if c.header_ == nil { 7347 c.header_ = make(http.Header) 7348 } 7349 return c.header_ 7350} 7351 7352func (c *ProjectsRolesUndeleteCall) doRequest(alt string) (*http.Response, error) { 7353 reqHeaders := make(http.Header) 7354 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 7355 for k, v := range c.header_ { 7356 reqHeaders[k] = v 7357 } 7358 reqHeaders.Set("User-Agent", c.s.userAgent()) 7359 var body io.Reader = nil 7360 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleterolerequest) 7361 if err != nil { 7362 return nil, err 7363 } 7364 reqHeaders.Set("Content-Type", "application/json") 7365 c.urlParams_.Set("alt", alt) 7366 c.urlParams_.Set("prettyPrint", "false") 7367 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 7368 urls += "?" + c.urlParams_.Encode() 7369 req, err := http.NewRequest("POST", urls, body) 7370 if err != nil { 7371 return nil, err 7372 } 7373 req.Header = reqHeaders 7374 googleapi.Expand(req.URL, map[string]string{ 7375 "name": c.name, 7376 }) 7377 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7378} 7379 7380// Do executes the "iam.projects.roles.undelete" call. 7381// Exactly one of *Role or error will be non-nil. Any non-2xx status 7382// code is an error. Response headers are in either 7383// *Role.ServerResponse.Header or (if a response was returned at all) in 7384// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 7385// whether the returned error was because http.StatusNotModified was 7386// returned. 7387func (c *ProjectsRolesUndeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 7388 gensupport.SetOptions(c.urlParams_, opts...) 7389 res, err := c.doRequest("json") 7390 if res != nil && res.StatusCode == http.StatusNotModified { 7391 if res.Body != nil { 7392 res.Body.Close() 7393 } 7394 return nil, &googleapi.Error{ 7395 Code: res.StatusCode, 7396 Header: res.Header, 7397 } 7398 } 7399 if err != nil { 7400 return nil, err 7401 } 7402 defer googleapi.CloseBody(res) 7403 if err := googleapi.CheckResponse(res); err != nil { 7404 return nil, err 7405 } 7406 ret := &Role{ 7407 ServerResponse: googleapi.ServerResponse{ 7408 Header: res.Header, 7409 HTTPStatusCode: res.StatusCode, 7410 }, 7411 } 7412 target := &ret 7413 if err := gensupport.DecodeResponse(target, res); err != nil { 7414 return nil, err 7415 } 7416 return ret, nil 7417 // { 7418 // "description": "Undeletes a custom Role.", 7419 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}:undelete", 7420 // "httpMethod": "POST", 7421 // "id": "iam.projects.roles.undelete", 7422 // "parameterOrder": [ 7423 // "name" 7424 // ], 7425 // "parameters": { 7426 // "name": { 7427 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.undelete()`](/iam/reference/rest/v1/projects.roles/undelete): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.undelete()`](/iam/reference/rest/v1/organizations.roles/undelete): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 7428 // "location": "path", 7429 // "pattern": "^projects/[^/]+/roles/[^/]+$", 7430 // "required": true, 7431 // "type": "string" 7432 // } 7433 // }, 7434 // "path": "v1/{+name}:undelete", 7435 // "request": { 7436 // "$ref": "UndeleteRoleRequest" 7437 // }, 7438 // "response": { 7439 // "$ref": "Role" 7440 // }, 7441 // "scopes": [ 7442 // "https://www.googleapis.com/auth/cloud-platform" 7443 // ] 7444 // } 7445 7446} 7447 7448// method id "iam.projects.serviceAccounts.create": 7449 7450type ProjectsServiceAccountsCreateCall struct { 7451 s *Service 7452 name string 7453 createserviceaccountrequest *CreateServiceAccountRequest 7454 urlParams_ gensupport.URLParams 7455 ctx_ context.Context 7456 header_ http.Header 7457} 7458 7459// Create: Creates a ServiceAccount. 7460// 7461// - name: The resource name of the project associated with the service 7462// accounts, such as `projects/my-project-123`. 7463func (r *ProjectsServiceAccountsService) Create(name string, createserviceaccountrequest *CreateServiceAccountRequest) *ProjectsServiceAccountsCreateCall { 7464 c := &ProjectsServiceAccountsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7465 c.name = name 7466 c.createserviceaccountrequest = createserviceaccountrequest 7467 return c 7468} 7469 7470// Fields allows partial responses to be retrieved. See 7471// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7472// for more information. 7473func (c *ProjectsServiceAccountsCreateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsCreateCall { 7474 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7475 return c 7476} 7477 7478// Context sets the context to be used in this call's Do method. Any 7479// pending HTTP request will be aborted if the provided context is 7480// canceled. 7481func (c *ProjectsServiceAccountsCreateCall) Context(ctx context.Context) *ProjectsServiceAccountsCreateCall { 7482 c.ctx_ = ctx 7483 return c 7484} 7485 7486// Header returns an http.Header that can be modified by the caller to 7487// add HTTP headers to the request. 7488func (c *ProjectsServiceAccountsCreateCall) Header() http.Header { 7489 if c.header_ == nil { 7490 c.header_ = make(http.Header) 7491 } 7492 return c.header_ 7493} 7494 7495func (c *ProjectsServiceAccountsCreateCall) doRequest(alt string) (*http.Response, error) { 7496 reqHeaders := make(http.Header) 7497 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 7498 for k, v := range c.header_ { 7499 reqHeaders[k] = v 7500 } 7501 reqHeaders.Set("User-Agent", c.s.userAgent()) 7502 var body io.Reader = nil 7503 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createserviceaccountrequest) 7504 if err != nil { 7505 return nil, err 7506 } 7507 reqHeaders.Set("Content-Type", "application/json") 7508 c.urlParams_.Set("alt", alt) 7509 c.urlParams_.Set("prettyPrint", "false") 7510 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/serviceAccounts") 7511 urls += "?" + c.urlParams_.Encode() 7512 req, err := http.NewRequest("POST", urls, body) 7513 if err != nil { 7514 return nil, err 7515 } 7516 req.Header = reqHeaders 7517 googleapi.Expand(req.URL, map[string]string{ 7518 "name": c.name, 7519 }) 7520 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7521} 7522 7523// Do executes the "iam.projects.serviceAccounts.create" call. 7524// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 7525// status code is an error. Response headers are in either 7526// *ServiceAccount.ServerResponse.Header or (if a response was returned 7527// at all) in error.(*googleapi.Error).Header. Use 7528// googleapi.IsNotModified to check whether the returned error was 7529// because http.StatusNotModified was returned. 7530func (c *ProjectsServiceAccountsCreateCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 7531 gensupport.SetOptions(c.urlParams_, opts...) 7532 res, err := c.doRequest("json") 7533 if res != nil && res.StatusCode == http.StatusNotModified { 7534 if res.Body != nil { 7535 res.Body.Close() 7536 } 7537 return nil, &googleapi.Error{ 7538 Code: res.StatusCode, 7539 Header: res.Header, 7540 } 7541 } 7542 if err != nil { 7543 return nil, err 7544 } 7545 defer googleapi.CloseBody(res) 7546 if err := googleapi.CheckResponse(res); err != nil { 7547 return nil, err 7548 } 7549 ret := &ServiceAccount{ 7550 ServerResponse: googleapi.ServerResponse{ 7551 Header: res.Header, 7552 HTTPStatusCode: res.StatusCode, 7553 }, 7554 } 7555 target := &ret 7556 if err := gensupport.DecodeResponse(target, res); err != nil { 7557 return nil, err 7558 } 7559 return ret, nil 7560 // { 7561 // "description": "Creates a ServiceAccount.", 7562 // "flatPath": "v1/projects/{projectsId}/serviceAccounts", 7563 // "httpMethod": "POST", 7564 // "id": "iam.projects.serviceAccounts.create", 7565 // "parameterOrder": [ 7566 // "name" 7567 // ], 7568 // "parameters": { 7569 // "name": { 7570 // "description": "Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.", 7571 // "location": "path", 7572 // "pattern": "^projects/[^/]+$", 7573 // "required": true, 7574 // "type": "string" 7575 // } 7576 // }, 7577 // "path": "v1/{+name}/serviceAccounts", 7578 // "request": { 7579 // "$ref": "CreateServiceAccountRequest" 7580 // }, 7581 // "response": { 7582 // "$ref": "ServiceAccount" 7583 // }, 7584 // "scopes": [ 7585 // "https://www.googleapis.com/auth/cloud-platform" 7586 // ] 7587 // } 7588 7589} 7590 7591// method id "iam.projects.serviceAccounts.delete": 7592 7593type ProjectsServiceAccountsDeleteCall struct { 7594 s *Service 7595 name string 7596 urlParams_ gensupport.URLParams 7597 ctx_ context.Context 7598 header_ http.Header 7599} 7600 7601// Delete: Deletes a ServiceAccount. **Warning:** After you delete a 7602// service account, you might not be able to undelete it. If you know 7603// that you need to re-enable the service account in the future, use 7604// DisableServiceAccount instead. If you delete a service account, IAM 7605// permanently removes the service account 30 days later. Google Cloud 7606// cannot recover the service account after it is permanently removed, 7607// even if you file a support request. To help avoid unplanned outages, 7608// we recommend that you disable the service account before you delete 7609// it. Use DisableServiceAccount to disable the service account, then 7610// wait at least 24 hours and watch for unintended consequences. If 7611// there are no unintended consequences, you can delete the service 7612// account. 7613// 7614// - name: The resource name of the service account in the following 7615// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 7616// `-` as a wildcard for the `PROJECT_ID` will infer the project from 7617// the account. The `ACCOUNT` value can be the `email` address or the 7618// `unique_id` of the service account. 7619func (r *ProjectsServiceAccountsService) Delete(name string) *ProjectsServiceAccountsDeleteCall { 7620 c := &ProjectsServiceAccountsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7621 c.name = name 7622 return c 7623} 7624 7625// Fields allows partial responses to be retrieved. See 7626// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7627// for more information. 7628func (c *ProjectsServiceAccountsDeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsDeleteCall { 7629 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7630 return c 7631} 7632 7633// Context sets the context to be used in this call's Do method. Any 7634// pending HTTP request will be aborted if the provided context is 7635// canceled. 7636func (c *ProjectsServiceAccountsDeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsDeleteCall { 7637 c.ctx_ = ctx 7638 return c 7639} 7640 7641// Header returns an http.Header that can be modified by the caller to 7642// add HTTP headers to the request. 7643func (c *ProjectsServiceAccountsDeleteCall) Header() http.Header { 7644 if c.header_ == nil { 7645 c.header_ = make(http.Header) 7646 } 7647 return c.header_ 7648} 7649 7650func (c *ProjectsServiceAccountsDeleteCall) doRequest(alt string) (*http.Response, error) { 7651 reqHeaders := make(http.Header) 7652 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 7653 for k, v := range c.header_ { 7654 reqHeaders[k] = v 7655 } 7656 reqHeaders.Set("User-Agent", c.s.userAgent()) 7657 var body io.Reader = nil 7658 c.urlParams_.Set("alt", alt) 7659 c.urlParams_.Set("prettyPrint", "false") 7660 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 7661 urls += "?" + c.urlParams_.Encode() 7662 req, err := http.NewRequest("DELETE", urls, body) 7663 if err != nil { 7664 return nil, err 7665 } 7666 req.Header = reqHeaders 7667 googleapi.Expand(req.URL, map[string]string{ 7668 "name": c.name, 7669 }) 7670 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7671} 7672 7673// Do executes the "iam.projects.serviceAccounts.delete" call. 7674// Exactly one of *Empty or error will be non-nil. Any non-2xx status 7675// code is an error. Response headers are in either 7676// *Empty.ServerResponse.Header or (if a response was returned at all) 7677// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 7678// check whether the returned error was because http.StatusNotModified 7679// was returned. 7680func (c *ProjectsServiceAccountsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 7681 gensupport.SetOptions(c.urlParams_, opts...) 7682 res, err := c.doRequest("json") 7683 if res != nil && res.StatusCode == http.StatusNotModified { 7684 if res.Body != nil { 7685 res.Body.Close() 7686 } 7687 return nil, &googleapi.Error{ 7688 Code: res.StatusCode, 7689 Header: res.Header, 7690 } 7691 } 7692 if err != nil { 7693 return nil, err 7694 } 7695 defer googleapi.CloseBody(res) 7696 if err := googleapi.CheckResponse(res); err != nil { 7697 return nil, err 7698 } 7699 ret := &Empty{ 7700 ServerResponse: googleapi.ServerResponse{ 7701 Header: res.Header, 7702 HTTPStatusCode: res.StatusCode, 7703 }, 7704 } 7705 target := &ret 7706 if err := gensupport.DecodeResponse(target, res); err != nil { 7707 return nil, err 7708 } 7709 return ret, nil 7710 // { 7711 // "description": "Deletes a ServiceAccount. **Warning:** After you delete a service account, you might not be able to undelete it. If you know that you need to re-enable the service account in the future, use DisableServiceAccount instead. If you delete a service account, IAM permanently removes the service account 30 days later. Google Cloud cannot recover the service account after it is permanently removed, even if you file a support request. To help avoid unplanned outages, we recommend that you disable the service account before you delete it. Use DisableServiceAccount to disable the service account, then wait at least 24 hours and watch for unintended consequences. If there are no unintended consequences, you can delete the service account.", 7712 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 7713 // "httpMethod": "DELETE", 7714 // "id": "iam.projects.serviceAccounts.delete", 7715 // "parameterOrder": [ 7716 // "name" 7717 // ], 7718 // "parameters": { 7719 // "name": { 7720 // "description": "Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 7721 // "location": "path", 7722 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 7723 // "required": true, 7724 // "type": "string" 7725 // } 7726 // }, 7727 // "path": "v1/{+name}", 7728 // "response": { 7729 // "$ref": "Empty" 7730 // }, 7731 // "scopes": [ 7732 // "https://www.googleapis.com/auth/cloud-platform" 7733 // ] 7734 // } 7735 7736} 7737 7738// method id "iam.projects.serviceAccounts.disable": 7739 7740type ProjectsServiceAccountsDisableCall struct { 7741 s *Service 7742 name string 7743 disableserviceaccountrequest *DisableServiceAccountRequest 7744 urlParams_ gensupport.URLParams 7745 ctx_ context.Context 7746 header_ http.Header 7747} 7748 7749// Disable: Disables a ServiceAccount immediately. If an application 7750// uses the service account to authenticate, that application can no 7751// longer call Google APIs or access Google Cloud resources. Existing 7752// access tokens for the service account are rejected, and requests for 7753// new access tokens will fail. To re-enable the service account, use 7754// EnableServiceAccount. After you re-enable the service account, its 7755// existing access tokens will be accepted, and you can request new 7756// access tokens. To help avoid unplanned outages, we recommend that you 7757// disable the service account before you delete it. Use this method to 7758// disable the service account, then wait at least 24 hours and watch 7759// for unintended consequences. If there are no unintended consequences, 7760// you can delete the service account with DeleteServiceAccount. 7761// 7762// - name: The resource name of the service account in the following 7763// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 7764// `-` as a wildcard for the `PROJECT_ID` will infer the project from 7765// the account. The `ACCOUNT` value can be the `email` address or the 7766// `unique_id` of the service account. 7767func (r *ProjectsServiceAccountsService) Disable(name string, disableserviceaccountrequest *DisableServiceAccountRequest) *ProjectsServiceAccountsDisableCall { 7768 c := &ProjectsServiceAccountsDisableCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7769 c.name = name 7770 c.disableserviceaccountrequest = disableserviceaccountrequest 7771 return c 7772} 7773 7774// Fields allows partial responses to be retrieved. See 7775// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7776// for more information. 7777func (c *ProjectsServiceAccountsDisableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsDisableCall { 7778 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7779 return c 7780} 7781 7782// Context sets the context to be used in this call's Do method. Any 7783// pending HTTP request will be aborted if the provided context is 7784// canceled. 7785func (c *ProjectsServiceAccountsDisableCall) Context(ctx context.Context) *ProjectsServiceAccountsDisableCall { 7786 c.ctx_ = ctx 7787 return c 7788} 7789 7790// Header returns an http.Header that can be modified by the caller to 7791// add HTTP headers to the request. 7792func (c *ProjectsServiceAccountsDisableCall) Header() http.Header { 7793 if c.header_ == nil { 7794 c.header_ = make(http.Header) 7795 } 7796 return c.header_ 7797} 7798 7799func (c *ProjectsServiceAccountsDisableCall) doRequest(alt string) (*http.Response, error) { 7800 reqHeaders := make(http.Header) 7801 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 7802 for k, v := range c.header_ { 7803 reqHeaders[k] = v 7804 } 7805 reqHeaders.Set("User-Agent", c.s.userAgent()) 7806 var body io.Reader = nil 7807 body, err := googleapi.WithoutDataWrapper.JSONReader(c.disableserviceaccountrequest) 7808 if err != nil { 7809 return nil, err 7810 } 7811 reqHeaders.Set("Content-Type", "application/json") 7812 c.urlParams_.Set("alt", alt) 7813 c.urlParams_.Set("prettyPrint", "false") 7814 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:disable") 7815 urls += "?" + c.urlParams_.Encode() 7816 req, err := http.NewRequest("POST", urls, body) 7817 if err != nil { 7818 return nil, err 7819 } 7820 req.Header = reqHeaders 7821 googleapi.Expand(req.URL, map[string]string{ 7822 "name": c.name, 7823 }) 7824 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7825} 7826 7827// Do executes the "iam.projects.serviceAccounts.disable" call. 7828// Exactly one of *Empty or error will be non-nil. Any non-2xx status 7829// code is an error. Response headers are in either 7830// *Empty.ServerResponse.Header or (if a response was returned at all) 7831// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 7832// check whether the returned error was because http.StatusNotModified 7833// was returned. 7834func (c *ProjectsServiceAccountsDisableCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 7835 gensupport.SetOptions(c.urlParams_, opts...) 7836 res, err := c.doRequest("json") 7837 if res != nil && res.StatusCode == http.StatusNotModified { 7838 if res.Body != nil { 7839 res.Body.Close() 7840 } 7841 return nil, &googleapi.Error{ 7842 Code: res.StatusCode, 7843 Header: res.Header, 7844 } 7845 } 7846 if err != nil { 7847 return nil, err 7848 } 7849 defer googleapi.CloseBody(res) 7850 if err := googleapi.CheckResponse(res); err != nil { 7851 return nil, err 7852 } 7853 ret := &Empty{ 7854 ServerResponse: googleapi.ServerResponse{ 7855 Header: res.Header, 7856 HTTPStatusCode: res.StatusCode, 7857 }, 7858 } 7859 target := &ret 7860 if err := gensupport.DecodeResponse(target, res); err != nil { 7861 return nil, err 7862 } 7863 return ret, nil 7864 // { 7865 // "description": "Disables a ServiceAccount immediately. If an application uses the service account to authenticate, that application can no longer call Google APIs or access Google Cloud resources. Existing access tokens for the service account are rejected, and requests for new access tokens will fail. To re-enable the service account, use EnableServiceAccount. After you re-enable the service account, its existing access tokens will be accepted, and you can request new access tokens. To help avoid unplanned outages, we recommend that you disable the service account before you delete it. Use this method to disable the service account, then wait at least 24 hours and watch for unintended consequences. If there are no unintended consequences, you can delete the service account with DeleteServiceAccount.", 7866 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:disable", 7867 // "httpMethod": "POST", 7868 // "id": "iam.projects.serviceAccounts.disable", 7869 // "parameterOrder": [ 7870 // "name" 7871 // ], 7872 // "parameters": { 7873 // "name": { 7874 // "description": "The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 7875 // "location": "path", 7876 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 7877 // "required": true, 7878 // "type": "string" 7879 // } 7880 // }, 7881 // "path": "v1/{+name}:disable", 7882 // "request": { 7883 // "$ref": "DisableServiceAccountRequest" 7884 // }, 7885 // "response": { 7886 // "$ref": "Empty" 7887 // }, 7888 // "scopes": [ 7889 // "https://www.googleapis.com/auth/cloud-platform" 7890 // ] 7891 // } 7892 7893} 7894 7895// method id "iam.projects.serviceAccounts.enable": 7896 7897type ProjectsServiceAccountsEnableCall struct { 7898 s *Service 7899 name string 7900 enableserviceaccountrequest *EnableServiceAccountRequest 7901 urlParams_ gensupport.URLParams 7902 ctx_ context.Context 7903 header_ http.Header 7904} 7905 7906// Enable: Enables a ServiceAccount that was disabled by 7907// DisableServiceAccount. If the service account is already enabled, 7908// then this method has no effect. If the service account was disabled 7909// by other means—for example, if Google disabled the service account 7910// because it was compromised—you cannot use this method to enable the 7911// service account. 7912// 7913// - name: The resource name of the service account in the following 7914// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 7915// `-` as a wildcard for the `PROJECT_ID` will infer the project from 7916// the account. The `ACCOUNT` value can be the `email` address or the 7917// `unique_id` of the service account. 7918func (r *ProjectsServiceAccountsService) Enable(name string, enableserviceaccountrequest *EnableServiceAccountRequest) *ProjectsServiceAccountsEnableCall { 7919 c := &ProjectsServiceAccountsEnableCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7920 c.name = name 7921 c.enableserviceaccountrequest = enableserviceaccountrequest 7922 return c 7923} 7924 7925// Fields allows partial responses to be retrieved. See 7926// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7927// for more information. 7928func (c *ProjectsServiceAccountsEnableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsEnableCall { 7929 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7930 return c 7931} 7932 7933// Context sets the context to be used in this call's Do method. Any 7934// pending HTTP request will be aborted if the provided context is 7935// canceled. 7936func (c *ProjectsServiceAccountsEnableCall) Context(ctx context.Context) *ProjectsServiceAccountsEnableCall { 7937 c.ctx_ = ctx 7938 return c 7939} 7940 7941// Header returns an http.Header that can be modified by the caller to 7942// add HTTP headers to the request. 7943func (c *ProjectsServiceAccountsEnableCall) Header() http.Header { 7944 if c.header_ == nil { 7945 c.header_ = make(http.Header) 7946 } 7947 return c.header_ 7948} 7949 7950func (c *ProjectsServiceAccountsEnableCall) doRequest(alt string) (*http.Response, error) { 7951 reqHeaders := make(http.Header) 7952 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 7953 for k, v := range c.header_ { 7954 reqHeaders[k] = v 7955 } 7956 reqHeaders.Set("User-Agent", c.s.userAgent()) 7957 var body io.Reader = nil 7958 body, err := googleapi.WithoutDataWrapper.JSONReader(c.enableserviceaccountrequest) 7959 if err != nil { 7960 return nil, err 7961 } 7962 reqHeaders.Set("Content-Type", "application/json") 7963 c.urlParams_.Set("alt", alt) 7964 c.urlParams_.Set("prettyPrint", "false") 7965 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:enable") 7966 urls += "?" + c.urlParams_.Encode() 7967 req, err := http.NewRequest("POST", urls, body) 7968 if err != nil { 7969 return nil, err 7970 } 7971 req.Header = reqHeaders 7972 googleapi.Expand(req.URL, map[string]string{ 7973 "name": c.name, 7974 }) 7975 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7976} 7977 7978// Do executes the "iam.projects.serviceAccounts.enable" call. 7979// Exactly one of *Empty or error will be non-nil. Any non-2xx status 7980// code is an error. Response headers are in either 7981// *Empty.ServerResponse.Header or (if a response was returned at all) 7982// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 7983// check whether the returned error was because http.StatusNotModified 7984// was returned. 7985func (c *ProjectsServiceAccountsEnableCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 7986 gensupport.SetOptions(c.urlParams_, opts...) 7987 res, err := c.doRequest("json") 7988 if res != nil && res.StatusCode == http.StatusNotModified { 7989 if res.Body != nil { 7990 res.Body.Close() 7991 } 7992 return nil, &googleapi.Error{ 7993 Code: res.StatusCode, 7994 Header: res.Header, 7995 } 7996 } 7997 if err != nil { 7998 return nil, err 7999 } 8000 defer googleapi.CloseBody(res) 8001 if err := googleapi.CheckResponse(res); err != nil { 8002 return nil, err 8003 } 8004 ret := &Empty{ 8005 ServerResponse: googleapi.ServerResponse{ 8006 Header: res.Header, 8007 HTTPStatusCode: res.StatusCode, 8008 }, 8009 } 8010 target := &ret 8011 if err := gensupport.DecodeResponse(target, res); err != nil { 8012 return nil, err 8013 } 8014 return ret, nil 8015 // { 8016 // "description": "Enables a ServiceAccount that was disabled by DisableServiceAccount. If the service account is already enabled, then this method has no effect. If the service account was disabled by other means—for example, if Google disabled the service account because it was compromised—you cannot use this method to enable the service account.", 8017 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:enable", 8018 // "httpMethod": "POST", 8019 // "id": "iam.projects.serviceAccounts.enable", 8020 // "parameterOrder": [ 8021 // "name" 8022 // ], 8023 // "parameters": { 8024 // "name": { 8025 // "description": "The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 8026 // "location": "path", 8027 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8028 // "required": true, 8029 // "type": "string" 8030 // } 8031 // }, 8032 // "path": "v1/{+name}:enable", 8033 // "request": { 8034 // "$ref": "EnableServiceAccountRequest" 8035 // }, 8036 // "response": { 8037 // "$ref": "Empty" 8038 // }, 8039 // "scopes": [ 8040 // "https://www.googleapis.com/auth/cloud-platform" 8041 // ] 8042 // } 8043 8044} 8045 8046// method id "iam.projects.serviceAccounts.get": 8047 8048type ProjectsServiceAccountsGetCall struct { 8049 s *Service 8050 name string 8051 urlParams_ gensupport.URLParams 8052 ifNoneMatch_ string 8053 ctx_ context.Context 8054 header_ http.Header 8055} 8056 8057// Get: Gets a ServiceAccount. 8058// 8059// - name: The resource name of the service account in the following 8060// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 8061// `-` as a wildcard for the `PROJECT_ID` will infer the project from 8062// the account. The `ACCOUNT` value can be the `email` address or the 8063// `unique_id` of the service account. 8064func (r *ProjectsServiceAccountsService) Get(name string) *ProjectsServiceAccountsGetCall { 8065 c := &ProjectsServiceAccountsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8066 c.name = name 8067 return c 8068} 8069 8070// Fields allows partial responses to be retrieved. See 8071// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8072// for more information. 8073func (c *ProjectsServiceAccountsGetCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGetCall { 8074 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8075 return c 8076} 8077 8078// IfNoneMatch sets the optional parameter which makes the operation 8079// fail if the object's ETag matches the given value. This is useful for 8080// getting updates only after the object has changed since the last 8081// request. Use googleapi.IsNotModified to check whether the response 8082// error from Do is the result of In-None-Match. 8083func (c *ProjectsServiceAccountsGetCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsGetCall { 8084 c.ifNoneMatch_ = entityTag 8085 return c 8086} 8087 8088// Context sets the context to be used in this call's Do method. Any 8089// pending HTTP request will be aborted if the provided context is 8090// canceled. 8091func (c *ProjectsServiceAccountsGetCall) Context(ctx context.Context) *ProjectsServiceAccountsGetCall { 8092 c.ctx_ = ctx 8093 return c 8094} 8095 8096// Header returns an http.Header that can be modified by the caller to 8097// add HTTP headers to the request. 8098func (c *ProjectsServiceAccountsGetCall) Header() http.Header { 8099 if c.header_ == nil { 8100 c.header_ = make(http.Header) 8101 } 8102 return c.header_ 8103} 8104 8105func (c *ProjectsServiceAccountsGetCall) doRequest(alt string) (*http.Response, error) { 8106 reqHeaders := make(http.Header) 8107 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 8108 for k, v := range c.header_ { 8109 reqHeaders[k] = v 8110 } 8111 reqHeaders.Set("User-Agent", c.s.userAgent()) 8112 if c.ifNoneMatch_ != "" { 8113 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 8114 } 8115 var body io.Reader = nil 8116 c.urlParams_.Set("alt", alt) 8117 c.urlParams_.Set("prettyPrint", "false") 8118 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 8119 urls += "?" + c.urlParams_.Encode() 8120 req, err := http.NewRequest("GET", urls, body) 8121 if err != nil { 8122 return nil, err 8123 } 8124 req.Header = reqHeaders 8125 googleapi.Expand(req.URL, map[string]string{ 8126 "name": c.name, 8127 }) 8128 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8129} 8130 8131// Do executes the "iam.projects.serviceAccounts.get" call. 8132// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 8133// status code is an error. Response headers are in either 8134// *ServiceAccount.ServerResponse.Header or (if a response was returned 8135// at all) in error.(*googleapi.Error).Header. Use 8136// googleapi.IsNotModified to check whether the returned error was 8137// because http.StatusNotModified was returned. 8138func (c *ProjectsServiceAccountsGetCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 8139 gensupport.SetOptions(c.urlParams_, opts...) 8140 res, err := c.doRequest("json") 8141 if res != nil && res.StatusCode == http.StatusNotModified { 8142 if res.Body != nil { 8143 res.Body.Close() 8144 } 8145 return nil, &googleapi.Error{ 8146 Code: res.StatusCode, 8147 Header: res.Header, 8148 } 8149 } 8150 if err != nil { 8151 return nil, err 8152 } 8153 defer googleapi.CloseBody(res) 8154 if err := googleapi.CheckResponse(res); err != nil { 8155 return nil, err 8156 } 8157 ret := &ServiceAccount{ 8158 ServerResponse: googleapi.ServerResponse{ 8159 Header: res.Header, 8160 HTTPStatusCode: res.StatusCode, 8161 }, 8162 } 8163 target := &ret 8164 if err := gensupport.DecodeResponse(target, res); err != nil { 8165 return nil, err 8166 } 8167 return ret, nil 8168 // { 8169 // "description": "Gets a ServiceAccount.", 8170 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 8171 // "httpMethod": "GET", 8172 // "id": "iam.projects.serviceAccounts.get", 8173 // "parameterOrder": [ 8174 // "name" 8175 // ], 8176 // "parameters": { 8177 // "name": { 8178 // "description": "Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 8179 // "location": "path", 8180 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8181 // "required": true, 8182 // "type": "string" 8183 // } 8184 // }, 8185 // "path": "v1/{+name}", 8186 // "response": { 8187 // "$ref": "ServiceAccount" 8188 // }, 8189 // "scopes": [ 8190 // "https://www.googleapis.com/auth/cloud-platform" 8191 // ] 8192 // } 8193 8194} 8195 8196// method id "iam.projects.serviceAccounts.getIamPolicy": 8197 8198type ProjectsServiceAccountsGetIamPolicyCall struct { 8199 s *Service 8200 resource string 8201 urlParams_ gensupport.URLParams 8202 ctx_ context.Context 8203 header_ http.Header 8204} 8205 8206// GetIamPolicy: Gets the IAM policy that is attached to a 8207// ServiceAccount. This IAM policy specifies which members have access 8208// to the service account. This method does not tell you whether the 8209// service account has been granted any roles on other resources. To 8210// check whether a service account has role grants on a resource, use 8211// the `getIamPolicy` method for that resource. For example, to view the 8212// role grants for a project, call the Resource Manager API's 8213// `projects.getIamPolicy` 8214// (https://cloud.google.com/resource-manager/reference/rest/v1/projects/getIamPolicy) 8215// method. 8216// 8217// - resource: REQUIRED: The resource for which the policy is being 8218// requested. See the operation documentation for the appropriate 8219// value for this field. 8220func (r *ProjectsServiceAccountsService) GetIamPolicy(resource string) *ProjectsServiceAccountsGetIamPolicyCall { 8221 c := &ProjectsServiceAccountsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8222 c.resource = resource 8223 return c 8224} 8225 8226// OptionsRequestedPolicyVersion sets the optional parameter 8227// "options.requestedPolicyVersion": The policy format version to be 8228// returned. Valid values are 0, 1, and 3. Requests specifying an 8229// invalid value will be rejected. Requests for policies with any 8230// conditional bindings must specify version 3. Policies without any 8231// conditional bindings may specify any valid value or leave the field 8232// unset. To learn which resources support conditions in their IAM 8233// policies, see the IAM documentation 8234// (https://cloud.google.com/iam/help/conditions/resource-policies). 8235func (c *ProjectsServiceAccountsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsServiceAccountsGetIamPolicyCall { 8236 c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) 8237 return c 8238} 8239 8240// Fields allows partial responses to be retrieved. See 8241// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8242// for more information. 8243func (c *ProjectsServiceAccountsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGetIamPolicyCall { 8244 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8245 return c 8246} 8247 8248// Context sets the context to be used in this call's Do method. Any 8249// pending HTTP request will be aborted if the provided context is 8250// canceled. 8251func (c *ProjectsServiceAccountsGetIamPolicyCall) Context(ctx context.Context) *ProjectsServiceAccountsGetIamPolicyCall { 8252 c.ctx_ = ctx 8253 return c 8254} 8255 8256// Header returns an http.Header that can be modified by the caller to 8257// add HTTP headers to the request. 8258func (c *ProjectsServiceAccountsGetIamPolicyCall) Header() http.Header { 8259 if c.header_ == nil { 8260 c.header_ = make(http.Header) 8261 } 8262 return c.header_ 8263} 8264 8265func (c *ProjectsServiceAccountsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { 8266 reqHeaders := make(http.Header) 8267 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 8268 for k, v := range c.header_ { 8269 reqHeaders[k] = v 8270 } 8271 reqHeaders.Set("User-Agent", c.s.userAgent()) 8272 var body io.Reader = nil 8273 c.urlParams_.Set("alt", alt) 8274 c.urlParams_.Set("prettyPrint", "false") 8275 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy") 8276 urls += "?" + c.urlParams_.Encode() 8277 req, err := http.NewRequest("POST", urls, body) 8278 if err != nil { 8279 return nil, err 8280 } 8281 req.Header = reqHeaders 8282 googleapi.Expand(req.URL, map[string]string{ 8283 "resource": c.resource, 8284 }) 8285 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8286} 8287 8288// Do executes the "iam.projects.serviceAccounts.getIamPolicy" call. 8289// Exactly one of *Policy or error will be non-nil. Any non-2xx status 8290// code is an error. Response headers are in either 8291// *Policy.ServerResponse.Header or (if a response was returned at all) 8292// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 8293// check whether the returned error was because http.StatusNotModified 8294// was returned. 8295func (c *ProjectsServiceAccountsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { 8296 gensupport.SetOptions(c.urlParams_, opts...) 8297 res, err := c.doRequest("json") 8298 if res != nil && res.StatusCode == http.StatusNotModified { 8299 if res.Body != nil { 8300 res.Body.Close() 8301 } 8302 return nil, &googleapi.Error{ 8303 Code: res.StatusCode, 8304 Header: res.Header, 8305 } 8306 } 8307 if err != nil { 8308 return nil, err 8309 } 8310 defer googleapi.CloseBody(res) 8311 if err := googleapi.CheckResponse(res); err != nil { 8312 return nil, err 8313 } 8314 ret := &Policy{ 8315 ServerResponse: googleapi.ServerResponse{ 8316 Header: res.Header, 8317 HTTPStatusCode: res.StatusCode, 8318 }, 8319 } 8320 target := &ret 8321 if err := gensupport.DecodeResponse(target, res); err != nil { 8322 return nil, err 8323 } 8324 return ret, nil 8325 // { 8326 // "description": "Gets the IAM policy that is attached to a ServiceAccount. This IAM policy specifies which members have access to the service account. This method does not tell you whether the service account has been granted any roles on other resources. To check whether a service account has role grants on a resource, use the `getIamPolicy` method for that resource. For example, to view the role grants for a project, call the Resource Manager API's [`projects.getIamPolicy`](https://cloud.google.com/resource-manager/reference/rest/v1/projects/getIamPolicy) method.", 8327 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:getIamPolicy", 8328 // "httpMethod": "POST", 8329 // "id": "iam.projects.serviceAccounts.getIamPolicy", 8330 // "parameterOrder": [ 8331 // "resource" 8332 // ], 8333 // "parameters": { 8334 // "options.requestedPolicyVersion": { 8335 // "description": "Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", 8336 // "format": "int32", 8337 // "location": "query", 8338 // "type": "integer" 8339 // }, 8340 // "resource": { 8341 // "description": "REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.", 8342 // "location": "path", 8343 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8344 // "required": true, 8345 // "type": "string" 8346 // } 8347 // }, 8348 // "path": "v1/{+resource}:getIamPolicy", 8349 // "response": { 8350 // "$ref": "Policy" 8351 // }, 8352 // "scopes": [ 8353 // "https://www.googleapis.com/auth/cloud-platform" 8354 // ] 8355 // } 8356 8357} 8358 8359// method id "iam.projects.serviceAccounts.list": 8360 8361type ProjectsServiceAccountsListCall struct { 8362 s *Service 8363 name string 8364 urlParams_ gensupport.URLParams 8365 ifNoneMatch_ string 8366 ctx_ context.Context 8367 header_ http.Header 8368} 8369 8370// List: Lists every ServiceAccount that belongs to a specific project. 8371// 8372// - name: The resource name of the project associated with the service 8373// accounts, such as `projects/my-project-123`. 8374func (r *ProjectsServiceAccountsService) List(name string) *ProjectsServiceAccountsListCall { 8375 c := &ProjectsServiceAccountsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8376 c.name = name 8377 return c 8378} 8379 8380// PageSize sets the optional parameter "pageSize": Optional limit on 8381// the number of service accounts to include in the response. Further 8382// accounts can subsequently be obtained by including the 8383// ListServiceAccountsResponse.next_page_token in a subsequent request. 8384// The default is 20, and the maximum is 100. 8385func (c *ProjectsServiceAccountsListCall) PageSize(pageSize int64) *ProjectsServiceAccountsListCall { 8386 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 8387 return c 8388} 8389 8390// PageToken sets the optional parameter "pageToken": Optional 8391// pagination token returned in an earlier 8392// ListServiceAccountsResponse.next_page_token. 8393func (c *ProjectsServiceAccountsListCall) PageToken(pageToken string) *ProjectsServiceAccountsListCall { 8394 c.urlParams_.Set("pageToken", pageToken) 8395 return c 8396} 8397 8398// Fields allows partial responses to be retrieved. See 8399// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8400// for more information. 8401func (c *ProjectsServiceAccountsListCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsListCall { 8402 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8403 return c 8404} 8405 8406// IfNoneMatch sets the optional parameter which makes the operation 8407// fail if the object's ETag matches the given value. This is useful for 8408// getting updates only after the object has changed since the last 8409// request. Use googleapi.IsNotModified to check whether the response 8410// error from Do is the result of In-None-Match. 8411func (c *ProjectsServiceAccountsListCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsListCall { 8412 c.ifNoneMatch_ = entityTag 8413 return c 8414} 8415 8416// Context sets the context to be used in this call's Do method. Any 8417// pending HTTP request will be aborted if the provided context is 8418// canceled. 8419func (c *ProjectsServiceAccountsListCall) Context(ctx context.Context) *ProjectsServiceAccountsListCall { 8420 c.ctx_ = ctx 8421 return c 8422} 8423 8424// Header returns an http.Header that can be modified by the caller to 8425// add HTTP headers to the request. 8426func (c *ProjectsServiceAccountsListCall) Header() http.Header { 8427 if c.header_ == nil { 8428 c.header_ = make(http.Header) 8429 } 8430 return c.header_ 8431} 8432 8433func (c *ProjectsServiceAccountsListCall) doRequest(alt string) (*http.Response, error) { 8434 reqHeaders := make(http.Header) 8435 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 8436 for k, v := range c.header_ { 8437 reqHeaders[k] = v 8438 } 8439 reqHeaders.Set("User-Agent", c.s.userAgent()) 8440 if c.ifNoneMatch_ != "" { 8441 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 8442 } 8443 var body io.Reader = nil 8444 c.urlParams_.Set("alt", alt) 8445 c.urlParams_.Set("prettyPrint", "false") 8446 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/serviceAccounts") 8447 urls += "?" + c.urlParams_.Encode() 8448 req, err := http.NewRequest("GET", urls, body) 8449 if err != nil { 8450 return nil, err 8451 } 8452 req.Header = reqHeaders 8453 googleapi.Expand(req.URL, map[string]string{ 8454 "name": c.name, 8455 }) 8456 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8457} 8458 8459// Do executes the "iam.projects.serviceAccounts.list" call. 8460// Exactly one of *ListServiceAccountsResponse or error will be non-nil. 8461// Any non-2xx status code is an error. Response headers are in either 8462// *ListServiceAccountsResponse.ServerResponse.Header or (if a response 8463// was returned at all) in error.(*googleapi.Error).Header. Use 8464// googleapi.IsNotModified to check whether the returned error was 8465// because http.StatusNotModified was returned. 8466func (c *ProjectsServiceAccountsListCall) Do(opts ...googleapi.CallOption) (*ListServiceAccountsResponse, error) { 8467 gensupport.SetOptions(c.urlParams_, opts...) 8468 res, err := c.doRequest("json") 8469 if res != nil && res.StatusCode == http.StatusNotModified { 8470 if res.Body != nil { 8471 res.Body.Close() 8472 } 8473 return nil, &googleapi.Error{ 8474 Code: res.StatusCode, 8475 Header: res.Header, 8476 } 8477 } 8478 if err != nil { 8479 return nil, err 8480 } 8481 defer googleapi.CloseBody(res) 8482 if err := googleapi.CheckResponse(res); err != nil { 8483 return nil, err 8484 } 8485 ret := &ListServiceAccountsResponse{ 8486 ServerResponse: googleapi.ServerResponse{ 8487 Header: res.Header, 8488 HTTPStatusCode: res.StatusCode, 8489 }, 8490 } 8491 target := &ret 8492 if err := gensupport.DecodeResponse(target, res); err != nil { 8493 return nil, err 8494 } 8495 return ret, nil 8496 // { 8497 // "description": "Lists every ServiceAccount that belongs to a specific project.", 8498 // "flatPath": "v1/projects/{projectsId}/serviceAccounts", 8499 // "httpMethod": "GET", 8500 // "id": "iam.projects.serviceAccounts.list", 8501 // "parameterOrder": [ 8502 // "name" 8503 // ], 8504 // "parameters": { 8505 // "name": { 8506 // "description": "Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.", 8507 // "location": "path", 8508 // "pattern": "^projects/[^/]+$", 8509 // "required": true, 8510 // "type": "string" 8511 // }, 8512 // "pageSize": { 8513 // "description": "Optional limit on the number of service accounts to include in the response. Further accounts can subsequently be obtained by including the ListServiceAccountsResponse.next_page_token in a subsequent request. The default is 20, and the maximum is 100.", 8514 // "format": "int32", 8515 // "location": "query", 8516 // "type": "integer" 8517 // }, 8518 // "pageToken": { 8519 // "description": "Optional pagination token returned in an earlier ListServiceAccountsResponse.next_page_token.", 8520 // "location": "query", 8521 // "type": "string" 8522 // } 8523 // }, 8524 // "path": "v1/{+name}/serviceAccounts", 8525 // "response": { 8526 // "$ref": "ListServiceAccountsResponse" 8527 // }, 8528 // "scopes": [ 8529 // "https://www.googleapis.com/auth/cloud-platform" 8530 // ] 8531 // } 8532 8533} 8534 8535// Pages invokes f for each page of results. 8536// A non-nil error returned from f will halt the iteration. 8537// The provided context supersedes any context provided to the Context method. 8538func (c *ProjectsServiceAccountsListCall) Pages(ctx context.Context, f func(*ListServiceAccountsResponse) error) error { 8539 c.ctx_ = ctx 8540 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 8541 for { 8542 x, err := c.Do() 8543 if err != nil { 8544 return err 8545 } 8546 if err := f(x); err != nil { 8547 return err 8548 } 8549 if x.NextPageToken == "" { 8550 return nil 8551 } 8552 c.PageToken(x.NextPageToken) 8553 } 8554} 8555 8556// method id "iam.projects.serviceAccounts.patch": 8557 8558type ProjectsServiceAccountsPatchCall struct { 8559 s *Service 8560 name string 8561 patchserviceaccountrequest *PatchServiceAccountRequest 8562 urlParams_ gensupport.URLParams 8563 ctx_ context.Context 8564 header_ http.Header 8565} 8566 8567// Patch: Patches a ServiceAccount. 8568// 8569// - name: The resource name of the service account. Use one of the 8570// following formats: * 8571// `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * 8572// `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an 8573// alternative, you can use the `-` wildcard character instead of the 8574// project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * 8575// `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using 8576// the `-` wildcard character, because it can cause response messages 8577// to contain misleading error codes. For example, if you try to get 8578// the service account `projects/-/serviceAccounts/fake@example.com`, 8579// which does not exist, the response contains an HTTP `403 Forbidden` 8580// error instead of a `404 Not Found` error. 8581func (r *ProjectsServiceAccountsService) Patch(name string, patchserviceaccountrequest *PatchServiceAccountRequest) *ProjectsServiceAccountsPatchCall { 8582 c := &ProjectsServiceAccountsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8583 c.name = name 8584 c.patchserviceaccountrequest = patchserviceaccountrequest 8585 return c 8586} 8587 8588// Fields allows partial responses to be retrieved. See 8589// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8590// for more information. 8591func (c *ProjectsServiceAccountsPatchCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsPatchCall { 8592 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8593 return c 8594} 8595 8596// Context sets the context to be used in this call's Do method. Any 8597// pending HTTP request will be aborted if the provided context is 8598// canceled. 8599func (c *ProjectsServiceAccountsPatchCall) Context(ctx context.Context) *ProjectsServiceAccountsPatchCall { 8600 c.ctx_ = ctx 8601 return c 8602} 8603 8604// Header returns an http.Header that can be modified by the caller to 8605// add HTTP headers to the request. 8606func (c *ProjectsServiceAccountsPatchCall) Header() http.Header { 8607 if c.header_ == nil { 8608 c.header_ = make(http.Header) 8609 } 8610 return c.header_ 8611} 8612 8613func (c *ProjectsServiceAccountsPatchCall) doRequest(alt string) (*http.Response, error) { 8614 reqHeaders := make(http.Header) 8615 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 8616 for k, v := range c.header_ { 8617 reqHeaders[k] = v 8618 } 8619 reqHeaders.Set("User-Agent", c.s.userAgent()) 8620 var body io.Reader = nil 8621 body, err := googleapi.WithoutDataWrapper.JSONReader(c.patchserviceaccountrequest) 8622 if err != nil { 8623 return nil, err 8624 } 8625 reqHeaders.Set("Content-Type", "application/json") 8626 c.urlParams_.Set("alt", alt) 8627 c.urlParams_.Set("prettyPrint", "false") 8628 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 8629 urls += "?" + c.urlParams_.Encode() 8630 req, err := http.NewRequest("PATCH", urls, body) 8631 if err != nil { 8632 return nil, err 8633 } 8634 req.Header = reqHeaders 8635 googleapi.Expand(req.URL, map[string]string{ 8636 "name": c.name, 8637 }) 8638 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8639} 8640 8641// Do executes the "iam.projects.serviceAccounts.patch" call. 8642// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 8643// status code is an error. Response headers are in either 8644// *ServiceAccount.ServerResponse.Header or (if a response was returned 8645// at all) in error.(*googleapi.Error).Header. Use 8646// googleapi.IsNotModified to check whether the returned error was 8647// because http.StatusNotModified was returned. 8648func (c *ProjectsServiceAccountsPatchCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 8649 gensupport.SetOptions(c.urlParams_, opts...) 8650 res, err := c.doRequest("json") 8651 if res != nil && res.StatusCode == http.StatusNotModified { 8652 if res.Body != nil { 8653 res.Body.Close() 8654 } 8655 return nil, &googleapi.Error{ 8656 Code: res.StatusCode, 8657 Header: res.Header, 8658 } 8659 } 8660 if err != nil { 8661 return nil, err 8662 } 8663 defer googleapi.CloseBody(res) 8664 if err := googleapi.CheckResponse(res); err != nil { 8665 return nil, err 8666 } 8667 ret := &ServiceAccount{ 8668 ServerResponse: googleapi.ServerResponse{ 8669 Header: res.Header, 8670 HTTPStatusCode: res.StatusCode, 8671 }, 8672 } 8673 target := &ret 8674 if err := gensupport.DecodeResponse(target, res); err != nil { 8675 return nil, err 8676 } 8677 return ret, nil 8678 // { 8679 // "description": "Patches a ServiceAccount.", 8680 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 8681 // "httpMethod": "PATCH", 8682 // "id": "iam.projects.serviceAccounts.patch", 8683 // "parameterOrder": [ 8684 // "name" 8685 // ], 8686 // "parameters": { 8687 // "name": { 8688 // "description": "The resource name of the service account. Use one of the following formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you can use the `-` wildcard character instead of the project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the `-` wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to get the service account `projects/-/serviceAccounts/fake@example.com`, which does not exist, the response contains an HTTP `403 Forbidden` error instead of a `404 Not Found` error.", 8689 // "location": "path", 8690 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8691 // "required": true, 8692 // "type": "string" 8693 // } 8694 // }, 8695 // "path": "v1/{+name}", 8696 // "request": { 8697 // "$ref": "PatchServiceAccountRequest" 8698 // }, 8699 // "response": { 8700 // "$ref": "ServiceAccount" 8701 // }, 8702 // "scopes": [ 8703 // "https://www.googleapis.com/auth/cloud-platform" 8704 // ] 8705 // } 8706 8707} 8708 8709// method id "iam.projects.serviceAccounts.setIamPolicy": 8710 8711type ProjectsServiceAccountsSetIamPolicyCall struct { 8712 s *Service 8713 resource string 8714 setiampolicyrequest *SetIamPolicyRequest 8715 urlParams_ gensupport.URLParams 8716 ctx_ context.Context 8717 header_ http.Header 8718} 8719 8720// SetIamPolicy: Sets the IAM policy that is attached to a 8721// ServiceAccount. Use this method to grant or revoke access to the 8722// service account. For example, you could grant a member the ability to 8723// impersonate the service account. This method does not enable the 8724// service account to access other resources. To grant roles to a 8725// service account on a resource, follow these steps: 1. Call the 8726// resource's `getIamPolicy` method to get its current IAM policy. 2. 8727// Edit the policy so that it binds the service account to an IAM role 8728// for the resource. 3. Call the resource's `setIamPolicy` method to 8729// update its IAM policy. For detailed instructions, see Granting roles 8730// to a service account for specific resources 8731// (https://cloud.google.com/iam/help/service-accounts/granting-access-to-service-accounts). 8732// 8733// - resource: REQUIRED: The resource for which the policy is being 8734// specified. See the operation documentation for the appropriate 8735// value for this field. 8736func (r *ProjectsServiceAccountsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsServiceAccountsSetIamPolicyCall { 8737 c := &ProjectsServiceAccountsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8738 c.resource = resource 8739 c.setiampolicyrequest = setiampolicyrequest 8740 return c 8741} 8742 8743// Fields allows partial responses to be retrieved. See 8744// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8745// for more information. 8746func (c *ProjectsServiceAccountsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSetIamPolicyCall { 8747 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8748 return c 8749} 8750 8751// Context sets the context to be used in this call's Do method. Any 8752// pending HTTP request will be aborted if the provided context is 8753// canceled. 8754func (c *ProjectsServiceAccountsSetIamPolicyCall) Context(ctx context.Context) *ProjectsServiceAccountsSetIamPolicyCall { 8755 c.ctx_ = ctx 8756 return c 8757} 8758 8759// Header returns an http.Header that can be modified by the caller to 8760// add HTTP headers to the request. 8761func (c *ProjectsServiceAccountsSetIamPolicyCall) Header() http.Header { 8762 if c.header_ == nil { 8763 c.header_ = make(http.Header) 8764 } 8765 return c.header_ 8766} 8767 8768func (c *ProjectsServiceAccountsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { 8769 reqHeaders := make(http.Header) 8770 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 8771 for k, v := range c.header_ { 8772 reqHeaders[k] = v 8773 } 8774 reqHeaders.Set("User-Agent", c.s.userAgent()) 8775 var body io.Reader = nil 8776 body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) 8777 if err != nil { 8778 return nil, err 8779 } 8780 reqHeaders.Set("Content-Type", "application/json") 8781 c.urlParams_.Set("alt", alt) 8782 c.urlParams_.Set("prettyPrint", "false") 8783 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy") 8784 urls += "?" + c.urlParams_.Encode() 8785 req, err := http.NewRequest("POST", urls, body) 8786 if err != nil { 8787 return nil, err 8788 } 8789 req.Header = reqHeaders 8790 googleapi.Expand(req.URL, map[string]string{ 8791 "resource": c.resource, 8792 }) 8793 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8794} 8795 8796// Do executes the "iam.projects.serviceAccounts.setIamPolicy" call. 8797// Exactly one of *Policy or error will be non-nil. Any non-2xx status 8798// code is an error. Response headers are in either 8799// *Policy.ServerResponse.Header or (if a response was returned at all) 8800// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 8801// check whether the returned error was because http.StatusNotModified 8802// was returned. 8803func (c *ProjectsServiceAccountsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { 8804 gensupport.SetOptions(c.urlParams_, opts...) 8805 res, err := c.doRequest("json") 8806 if res != nil && res.StatusCode == http.StatusNotModified { 8807 if res.Body != nil { 8808 res.Body.Close() 8809 } 8810 return nil, &googleapi.Error{ 8811 Code: res.StatusCode, 8812 Header: res.Header, 8813 } 8814 } 8815 if err != nil { 8816 return nil, err 8817 } 8818 defer googleapi.CloseBody(res) 8819 if err := googleapi.CheckResponse(res); err != nil { 8820 return nil, err 8821 } 8822 ret := &Policy{ 8823 ServerResponse: googleapi.ServerResponse{ 8824 Header: res.Header, 8825 HTTPStatusCode: res.StatusCode, 8826 }, 8827 } 8828 target := &ret 8829 if err := gensupport.DecodeResponse(target, res); err != nil { 8830 return nil, err 8831 } 8832 return ret, nil 8833 // { 8834 // "description": "Sets the IAM policy that is attached to a ServiceAccount. Use this method to grant or revoke access to the service account. For example, you could grant a member the ability to impersonate the service account. This method does not enable the service account to access other resources. To grant roles to a service account on a resource, follow these steps: 1. Call the resource's `getIamPolicy` method to get its current IAM policy. 2. Edit the policy so that it binds the service account to an IAM role for the resource. 3. Call the resource's `setIamPolicy` method to update its IAM policy. For detailed instructions, see [Granting roles to a service account for specific resources](https://cloud.google.com/iam/help/service-accounts/granting-access-to-service-accounts).", 8835 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:setIamPolicy", 8836 // "httpMethod": "POST", 8837 // "id": "iam.projects.serviceAccounts.setIamPolicy", 8838 // "parameterOrder": [ 8839 // "resource" 8840 // ], 8841 // "parameters": { 8842 // "resource": { 8843 // "description": "REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.", 8844 // "location": "path", 8845 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8846 // "required": true, 8847 // "type": "string" 8848 // } 8849 // }, 8850 // "path": "v1/{+resource}:setIamPolicy", 8851 // "request": { 8852 // "$ref": "SetIamPolicyRequest" 8853 // }, 8854 // "response": { 8855 // "$ref": "Policy" 8856 // }, 8857 // "scopes": [ 8858 // "https://www.googleapis.com/auth/cloud-platform" 8859 // ] 8860 // } 8861 8862} 8863 8864// method id "iam.projects.serviceAccounts.signBlob": 8865 8866type ProjectsServiceAccountsSignBlobCall struct { 8867 s *Service 8868 name string 8869 signblobrequest *SignBlobRequest 8870 urlParams_ gensupport.URLParams 8871 ctx_ context.Context 8872 header_ http.Header 8873} 8874 8875// SignBlob: **Note:** This method is deprecated. Use the `signBlob` 8876// (https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signBlob) 8877// method in the IAM Service Account Credentials API instead. If you 8878// currently use this method, see the migration guide 8879// (https://cloud.google.com/iam/help/credentials/migrate-api) for 8880// instructions. Signs a blob using the system-managed private key for a 8881// ServiceAccount. 8882// 8883// - name: Deprecated. Migrate to Service Account Credentials API 8884// (https://cloud.google.com/iam/help/credentials/migrate-api). The 8885// resource name of the service account in the following format: 8886// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a 8887// wildcard for the `PROJECT_ID` will infer the project from the 8888// account. The `ACCOUNT` value can be the `email` address or the 8889// `unique_id` of the service account. 8890func (r *ProjectsServiceAccountsService) SignBlob(name string, signblobrequest *SignBlobRequest) *ProjectsServiceAccountsSignBlobCall { 8891 c := &ProjectsServiceAccountsSignBlobCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8892 c.name = name 8893 c.signblobrequest = signblobrequest 8894 return c 8895} 8896 8897// Fields allows partial responses to be retrieved. See 8898// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8899// for more information. 8900func (c *ProjectsServiceAccountsSignBlobCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignBlobCall { 8901 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8902 return c 8903} 8904 8905// Context sets the context to be used in this call's Do method. Any 8906// pending HTTP request will be aborted if the provided context is 8907// canceled. 8908func (c *ProjectsServiceAccountsSignBlobCall) Context(ctx context.Context) *ProjectsServiceAccountsSignBlobCall { 8909 c.ctx_ = ctx 8910 return c 8911} 8912 8913// Header returns an http.Header that can be modified by the caller to 8914// add HTTP headers to the request. 8915func (c *ProjectsServiceAccountsSignBlobCall) Header() http.Header { 8916 if c.header_ == nil { 8917 c.header_ = make(http.Header) 8918 } 8919 return c.header_ 8920} 8921 8922func (c *ProjectsServiceAccountsSignBlobCall) doRequest(alt string) (*http.Response, error) { 8923 reqHeaders := make(http.Header) 8924 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 8925 for k, v := range c.header_ { 8926 reqHeaders[k] = v 8927 } 8928 reqHeaders.Set("User-Agent", c.s.userAgent()) 8929 var body io.Reader = nil 8930 body, err := googleapi.WithoutDataWrapper.JSONReader(c.signblobrequest) 8931 if err != nil { 8932 return nil, err 8933 } 8934 reqHeaders.Set("Content-Type", "application/json") 8935 c.urlParams_.Set("alt", alt) 8936 c.urlParams_.Set("prettyPrint", "false") 8937 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:signBlob") 8938 urls += "?" + c.urlParams_.Encode() 8939 req, err := http.NewRequest("POST", urls, body) 8940 if err != nil { 8941 return nil, err 8942 } 8943 req.Header = reqHeaders 8944 googleapi.Expand(req.URL, map[string]string{ 8945 "name": c.name, 8946 }) 8947 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8948} 8949 8950// Do executes the "iam.projects.serviceAccounts.signBlob" call. 8951// Exactly one of *SignBlobResponse or error will be non-nil. Any 8952// non-2xx status code is an error. Response headers are in either 8953// *SignBlobResponse.ServerResponse.Header or (if a response was 8954// returned at all) in error.(*googleapi.Error).Header. Use 8955// googleapi.IsNotModified to check whether the returned error was 8956// because http.StatusNotModified was returned. 8957func (c *ProjectsServiceAccountsSignBlobCall) Do(opts ...googleapi.CallOption) (*SignBlobResponse, error) { 8958 gensupport.SetOptions(c.urlParams_, opts...) 8959 res, err := c.doRequest("json") 8960 if res != nil && res.StatusCode == http.StatusNotModified { 8961 if res.Body != nil { 8962 res.Body.Close() 8963 } 8964 return nil, &googleapi.Error{ 8965 Code: res.StatusCode, 8966 Header: res.Header, 8967 } 8968 } 8969 if err != nil { 8970 return nil, err 8971 } 8972 defer googleapi.CloseBody(res) 8973 if err := googleapi.CheckResponse(res); err != nil { 8974 return nil, err 8975 } 8976 ret := &SignBlobResponse{ 8977 ServerResponse: googleapi.ServerResponse{ 8978 Header: res.Header, 8979 HTTPStatusCode: res.StatusCode, 8980 }, 8981 } 8982 target := &ret 8983 if err := gensupport.DecodeResponse(target, res); err != nil { 8984 return nil, err 8985 } 8986 return ret, nil 8987 // { 8988 // "description": "**Note:** This method is deprecated. Use the [`signBlob`](https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signBlob) method in the IAM Service Account Credentials API instead. If you currently use this method, see the [migration guide](https://cloud.google.com/iam/help/credentials/migrate-api) for instructions. Signs a blob using the system-managed private key for a ServiceAccount.", 8989 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signBlob", 8990 // "httpMethod": "POST", 8991 // "id": "iam.projects.serviceAccounts.signBlob", 8992 // "parameterOrder": [ 8993 // "name" 8994 // ], 8995 // "parameters": { 8996 // "name": { 8997 // "description": "Required. Deprecated. [Migrate to Service Account Credentials API](https://cloud.google.com/iam/help/credentials/migrate-api). The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 8998 // "location": "path", 8999 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9000 // "required": true, 9001 // "type": "string" 9002 // } 9003 // }, 9004 // "path": "v1/{+name}:signBlob", 9005 // "request": { 9006 // "$ref": "SignBlobRequest" 9007 // }, 9008 // "response": { 9009 // "$ref": "SignBlobResponse" 9010 // }, 9011 // "scopes": [ 9012 // "https://www.googleapis.com/auth/cloud-platform" 9013 // ] 9014 // } 9015 9016} 9017 9018// method id "iam.projects.serviceAccounts.signJwt": 9019 9020type ProjectsServiceAccountsSignJwtCall struct { 9021 s *Service 9022 name string 9023 signjwtrequest *SignJwtRequest 9024 urlParams_ gensupport.URLParams 9025 ctx_ context.Context 9026 header_ http.Header 9027} 9028 9029// SignJwt: **Note:** This method is deprecated. Use the `signJwt` 9030// (https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signJwt) 9031// method in the IAM Service Account Credentials API instead. If you 9032// currently use this method, see the migration guide 9033// (https://cloud.google.com/iam/help/credentials/migrate-api) for 9034// instructions. Signs a JSON Web Token (JWT) using the system-managed 9035// private key for a ServiceAccount. 9036// 9037// - name: Deprecated. Migrate to Service Account Credentials API 9038// (https://cloud.google.com/iam/help/credentials/migrate-api). The 9039// resource name of the service account in the following format: 9040// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a 9041// wildcard for the `PROJECT_ID` will infer the project from the 9042// account. The `ACCOUNT` value can be the `email` address or the 9043// `unique_id` of the service account. 9044func (r *ProjectsServiceAccountsService) SignJwt(name string, signjwtrequest *SignJwtRequest) *ProjectsServiceAccountsSignJwtCall { 9045 c := &ProjectsServiceAccountsSignJwtCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9046 c.name = name 9047 c.signjwtrequest = signjwtrequest 9048 return c 9049} 9050 9051// Fields allows partial responses to be retrieved. See 9052// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9053// for more information. 9054func (c *ProjectsServiceAccountsSignJwtCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignJwtCall { 9055 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9056 return c 9057} 9058 9059// Context sets the context to be used in this call's Do method. Any 9060// pending HTTP request will be aborted if the provided context is 9061// canceled. 9062func (c *ProjectsServiceAccountsSignJwtCall) Context(ctx context.Context) *ProjectsServiceAccountsSignJwtCall { 9063 c.ctx_ = ctx 9064 return c 9065} 9066 9067// Header returns an http.Header that can be modified by the caller to 9068// add HTTP headers to the request. 9069func (c *ProjectsServiceAccountsSignJwtCall) Header() http.Header { 9070 if c.header_ == nil { 9071 c.header_ = make(http.Header) 9072 } 9073 return c.header_ 9074} 9075 9076func (c *ProjectsServiceAccountsSignJwtCall) doRequest(alt string) (*http.Response, error) { 9077 reqHeaders := make(http.Header) 9078 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 9079 for k, v := range c.header_ { 9080 reqHeaders[k] = v 9081 } 9082 reqHeaders.Set("User-Agent", c.s.userAgent()) 9083 var body io.Reader = nil 9084 body, err := googleapi.WithoutDataWrapper.JSONReader(c.signjwtrequest) 9085 if err != nil { 9086 return nil, err 9087 } 9088 reqHeaders.Set("Content-Type", "application/json") 9089 c.urlParams_.Set("alt", alt) 9090 c.urlParams_.Set("prettyPrint", "false") 9091 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:signJwt") 9092 urls += "?" + c.urlParams_.Encode() 9093 req, err := http.NewRequest("POST", urls, body) 9094 if err != nil { 9095 return nil, err 9096 } 9097 req.Header = reqHeaders 9098 googleapi.Expand(req.URL, map[string]string{ 9099 "name": c.name, 9100 }) 9101 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9102} 9103 9104// Do executes the "iam.projects.serviceAccounts.signJwt" call. 9105// Exactly one of *SignJwtResponse or error will be non-nil. Any non-2xx 9106// status code is an error. Response headers are in either 9107// *SignJwtResponse.ServerResponse.Header or (if a response was returned 9108// at all) in error.(*googleapi.Error).Header. Use 9109// googleapi.IsNotModified to check whether the returned error was 9110// because http.StatusNotModified was returned. 9111func (c *ProjectsServiceAccountsSignJwtCall) Do(opts ...googleapi.CallOption) (*SignJwtResponse, error) { 9112 gensupport.SetOptions(c.urlParams_, opts...) 9113 res, err := c.doRequest("json") 9114 if res != nil && res.StatusCode == http.StatusNotModified { 9115 if res.Body != nil { 9116 res.Body.Close() 9117 } 9118 return nil, &googleapi.Error{ 9119 Code: res.StatusCode, 9120 Header: res.Header, 9121 } 9122 } 9123 if err != nil { 9124 return nil, err 9125 } 9126 defer googleapi.CloseBody(res) 9127 if err := googleapi.CheckResponse(res); err != nil { 9128 return nil, err 9129 } 9130 ret := &SignJwtResponse{ 9131 ServerResponse: googleapi.ServerResponse{ 9132 Header: res.Header, 9133 HTTPStatusCode: res.StatusCode, 9134 }, 9135 } 9136 target := &ret 9137 if err := gensupport.DecodeResponse(target, res); err != nil { 9138 return nil, err 9139 } 9140 return ret, nil 9141 // { 9142 // "description": "**Note:** This method is deprecated. Use the [`signJwt`](https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signJwt) method in the IAM Service Account Credentials API instead. If you currently use this method, see the [migration guide](https://cloud.google.com/iam/help/credentials/migrate-api) for instructions. Signs a JSON Web Token (JWT) using the system-managed private key for a ServiceAccount.", 9143 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signJwt", 9144 // "httpMethod": "POST", 9145 // "id": "iam.projects.serviceAccounts.signJwt", 9146 // "parameterOrder": [ 9147 // "name" 9148 // ], 9149 // "parameters": { 9150 // "name": { 9151 // "description": "Required. Deprecated. [Migrate to Service Account Credentials API](https://cloud.google.com/iam/help/credentials/migrate-api). The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 9152 // "location": "path", 9153 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9154 // "required": true, 9155 // "type": "string" 9156 // } 9157 // }, 9158 // "path": "v1/{+name}:signJwt", 9159 // "request": { 9160 // "$ref": "SignJwtRequest" 9161 // }, 9162 // "response": { 9163 // "$ref": "SignJwtResponse" 9164 // }, 9165 // "scopes": [ 9166 // "https://www.googleapis.com/auth/cloud-platform" 9167 // ] 9168 // } 9169 9170} 9171 9172// method id "iam.projects.serviceAccounts.testIamPermissions": 9173 9174type ProjectsServiceAccountsTestIamPermissionsCall struct { 9175 s *Service 9176 resource string 9177 testiampermissionsrequest *TestIamPermissionsRequest 9178 urlParams_ gensupport.URLParams 9179 ctx_ context.Context 9180 header_ http.Header 9181} 9182 9183// TestIamPermissions: Tests whether the caller has the specified 9184// permissions on a ServiceAccount. 9185// 9186// - resource: REQUIRED: The resource for which the policy detail is 9187// being requested. See the operation documentation for the 9188// appropriate value for this field. 9189func (r *ProjectsServiceAccountsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsServiceAccountsTestIamPermissionsCall { 9190 c := &ProjectsServiceAccountsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9191 c.resource = resource 9192 c.testiampermissionsrequest = testiampermissionsrequest 9193 return c 9194} 9195 9196// Fields allows partial responses to be retrieved. See 9197// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9198// for more information. 9199func (c *ProjectsServiceAccountsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsTestIamPermissionsCall { 9200 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9201 return c 9202} 9203 9204// Context sets the context to be used in this call's Do method. Any 9205// pending HTTP request will be aborted if the provided context is 9206// canceled. 9207func (c *ProjectsServiceAccountsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsServiceAccountsTestIamPermissionsCall { 9208 c.ctx_ = ctx 9209 return c 9210} 9211 9212// Header returns an http.Header that can be modified by the caller to 9213// add HTTP headers to the request. 9214func (c *ProjectsServiceAccountsTestIamPermissionsCall) Header() http.Header { 9215 if c.header_ == nil { 9216 c.header_ = make(http.Header) 9217 } 9218 return c.header_ 9219} 9220 9221func (c *ProjectsServiceAccountsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { 9222 reqHeaders := make(http.Header) 9223 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 9224 for k, v := range c.header_ { 9225 reqHeaders[k] = v 9226 } 9227 reqHeaders.Set("User-Agent", c.s.userAgent()) 9228 var body io.Reader = nil 9229 body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) 9230 if err != nil { 9231 return nil, err 9232 } 9233 reqHeaders.Set("Content-Type", "application/json") 9234 c.urlParams_.Set("alt", alt) 9235 c.urlParams_.Set("prettyPrint", "false") 9236 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions") 9237 urls += "?" + c.urlParams_.Encode() 9238 req, err := http.NewRequest("POST", urls, body) 9239 if err != nil { 9240 return nil, err 9241 } 9242 req.Header = reqHeaders 9243 googleapi.Expand(req.URL, map[string]string{ 9244 "resource": c.resource, 9245 }) 9246 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9247} 9248 9249// Do executes the "iam.projects.serviceAccounts.testIamPermissions" call. 9250// Exactly one of *TestIamPermissionsResponse or error will be non-nil. 9251// Any non-2xx status code is an error. Response headers are in either 9252// *TestIamPermissionsResponse.ServerResponse.Header or (if a response 9253// was returned at all) in error.(*googleapi.Error).Header. Use 9254// googleapi.IsNotModified to check whether the returned error was 9255// because http.StatusNotModified was returned. 9256func (c *ProjectsServiceAccountsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { 9257 gensupport.SetOptions(c.urlParams_, opts...) 9258 res, err := c.doRequest("json") 9259 if res != nil && res.StatusCode == http.StatusNotModified { 9260 if res.Body != nil { 9261 res.Body.Close() 9262 } 9263 return nil, &googleapi.Error{ 9264 Code: res.StatusCode, 9265 Header: res.Header, 9266 } 9267 } 9268 if err != nil { 9269 return nil, err 9270 } 9271 defer googleapi.CloseBody(res) 9272 if err := googleapi.CheckResponse(res); err != nil { 9273 return nil, err 9274 } 9275 ret := &TestIamPermissionsResponse{ 9276 ServerResponse: googleapi.ServerResponse{ 9277 Header: res.Header, 9278 HTTPStatusCode: res.StatusCode, 9279 }, 9280 } 9281 target := &ret 9282 if err := gensupport.DecodeResponse(target, res); err != nil { 9283 return nil, err 9284 } 9285 return ret, nil 9286 // { 9287 // "description": "Tests whether the caller has the specified permissions on a ServiceAccount.", 9288 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:testIamPermissions", 9289 // "httpMethod": "POST", 9290 // "id": "iam.projects.serviceAccounts.testIamPermissions", 9291 // "parameterOrder": [ 9292 // "resource" 9293 // ], 9294 // "parameters": { 9295 // "resource": { 9296 // "description": "REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.", 9297 // "location": "path", 9298 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9299 // "required": true, 9300 // "type": "string" 9301 // } 9302 // }, 9303 // "path": "v1/{+resource}:testIamPermissions", 9304 // "request": { 9305 // "$ref": "TestIamPermissionsRequest" 9306 // }, 9307 // "response": { 9308 // "$ref": "TestIamPermissionsResponse" 9309 // }, 9310 // "scopes": [ 9311 // "https://www.googleapis.com/auth/cloud-platform" 9312 // ] 9313 // } 9314 9315} 9316 9317// method id "iam.projects.serviceAccounts.undelete": 9318 9319type ProjectsServiceAccountsUndeleteCall struct { 9320 s *Service 9321 name string 9322 undeleteserviceaccountrequest *UndeleteServiceAccountRequest 9323 urlParams_ gensupport.URLParams 9324 ctx_ context.Context 9325 header_ http.Header 9326} 9327 9328// Undelete: Restores a deleted ServiceAccount. **Important:** It is not 9329// always possible to restore a deleted service account. Use this method 9330// only as a last resort. After you delete a service account, IAM 9331// permanently removes the service account 30 days later. There is no 9332// way to restore a deleted service account that has been permanently 9333// removed. 9334// 9335// - name: The resource name of the service account in the following 9336// format: 9337// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT_UNIQUE_ID}`. Using 9338// `-` as a wildcard for the `PROJECT_ID` will infer the project from 9339// the account. 9340func (r *ProjectsServiceAccountsService) Undelete(name string, undeleteserviceaccountrequest *UndeleteServiceAccountRequest) *ProjectsServiceAccountsUndeleteCall { 9341 c := &ProjectsServiceAccountsUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9342 c.name = name 9343 c.undeleteserviceaccountrequest = undeleteserviceaccountrequest 9344 return c 9345} 9346 9347// Fields allows partial responses to be retrieved. See 9348// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9349// for more information. 9350func (c *ProjectsServiceAccountsUndeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsUndeleteCall { 9351 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9352 return c 9353} 9354 9355// Context sets the context to be used in this call's Do method. Any 9356// pending HTTP request will be aborted if the provided context is 9357// canceled. 9358func (c *ProjectsServiceAccountsUndeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsUndeleteCall { 9359 c.ctx_ = ctx 9360 return c 9361} 9362 9363// Header returns an http.Header that can be modified by the caller to 9364// add HTTP headers to the request. 9365func (c *ProjectsServiceAccountsUndeleteCall) Header() http.Header { 9366 if c.header_ == nil { 9367 c.header_ = make(http.Header) 9368 } 9369 return c.header_ 9370} 9371 9372func (c *ProjectsServiceAccountsUndeleteCall) doRequest(alt string) (*http.Response, error) { 9373 reqHeaders := make(http.Header) 9374 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 9375 for k, v := range c.header_ { 9376 reqHeaders[k] = v 9377 } 9378 reqHeaders.Set("User-Agent", c.s.userAgent()) 9379 var body io.Reader = nil 9380 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteserviceaccountrequest) 9381 if err != nil { 9382 return nil, err 9383 } 9384 reqHeaders.Set("Content-Type", "application/json") 9385 c.urlParams_.Set("alt", alt) 9386 c.urlParams_.Set("prettyPrint", "false") 9387 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 9388 urls += "?" + c.urlParams_.Encode() 9389 req, err := http.NewRequest("POST", urls, body) 9390 if err != nil { 9391 return nil, err 9392 } 9393 req.Header = reqHeaders 9394 googleapi.Expand(req.URL, map[string]string{ 9395 "name": c.name, 9396 }) 9397 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9398} 9399 9400// Do executes the "iam.projects.serviceAccounts.undelete" call. 9401// Exactly one of *UndeleteServiceAccountResponse or error will be 9402// non-nil. Any non-2xx status code is an error. Response headers are in 9403// either *UndeleteServiceAccountResponse.ServerResponse.Header or (if a 9404// response was returned at all) in error.(*googleapi.Error).Header. Use 9405// googleapi.IsNotModified to check whether the returned error was 9406// because http.StatusNotModified was returned. 9407func (c *ProjectsServiceAccountsUndeleteCall) Do(opts ...googleapi.CallOption) (*UndeleteServiceAccountResponse, error) { 9408 gensupport.SetOptions(c.urlParams_, opts...) 9409 res, err := c.doRequest("json") 9410 if res != nil && res.StatusCode == http.StatusNotModified { 9411 if res.Body != nil { 9412 res.Body.Close() 9413 } 9414 return nil, &googleapi.Error{ 9415 Code: res.StatusCode, 9416 Header: res.Header, 9417 } 9418 } 9419 if err != nil { 9420 return nil, err 9421 } 9422 defer googleapi.CloseBody(res) 9423 if err := googleapi.CheckResponse(res); err != nil { 9424 return nil, err 9425 } 9426 ret := &UndeleteServiceAccountResponse{ 9427 ServerResponse: googleapi.ServerResponse{ 9428 Header: res.Header, 9429 HTTPStatusCode: res.StatusCode, 9430 }, 9431 } 9432 target := &ret 9433 if err := gensupport.DecodeResponse(target, res); err != nil { 9434 return nil, err 9435 } 9436 return ret, nil 9437 // { 9438 // "description": "Restores a deleted ServiceAccount. **Important:** It is not always possible to restore a deleted service account. Use this method only as a last resort. After you delete a service account, IAM permanently removes the service account 30 days later. There is no way to restore a deleted service account that has been permanently removed.", 9439 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:undelete", 9440 // "httpMethod": "POST", 9441 // "id": "iam.projects.serviceAccounts.undelete", 9442 // "parameterOrder": [ 9443 // "name" 9444 // ], 9445 // "parameters": { 9446 // "name": { 9447 // "description": "The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT_UNIQUE_ID}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account.", 9448 // "location": "path", 9449 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9450 // "required": true, 9451 // "type": "string" 9452 // } 9453 // }, 9454 // "path": "v1/{+name}:undelete", 9455 // "request": { 9456 // "$ref": "UndeleteServiceAccountRequest" 9457 // }, 9458 // "response": { 9459 // "$ref": "UndeleteServiceAccountResponse" 9460 // }, 9461 // "scopes": [ 9462 // "https://www.googleapis.com/auth/cloud-platform" 9463 // ] 9464 // } 9465 9466} 9467 9468// method id "iam.projects.serviceAccounts.update": 9469 9470type ProjectsServiceAccountsUpdateCall struct { 9471 s *Service 9472 name string 9473 serviceaccount *ServiceAccount 9474 urlParams_ gensupport.URLParams 9475 ctx_ context.Context 9476 header_ http.Header 9477} 9478 9479// Update: **Note:** We are in the process of deprecating this method. 9480// Use PatchServiceAccount instead. Updates a ServiceAccount. You can 9481// update only the `display_name` and `description` fields. 9482// 9483// - name: The resource name of the service account. Use one of the 9484// following formats: * 9485// `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * 9486// `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an 9487// alternative, you can use the `-` wildcard character instead of the 9488// project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * 9489// `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using 9490// the `-` wildcard character, because it can cause response messages 9491// to contain misleading error codes. For example, if you try to get 9492// the service account `projects/-/serviceAccounts/fake@example.com`, 9493// which does not exist, the response contains an HTTP `403 Forbidden` 9494// error instead of a `404 Not Found` error. 9495func (r *ProjectsServiceAccountsService) Update(name string, serviceaccount *ServiceAccount) *ProjectsServiceAccountsUpdateCall { 9496 c := &ProjectsServiceAccountsUpdateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9497 c.name = name 9498 c.serviceaccount = serviceaccount 9499 return c 9500} 9501 9502// Fields allows partial responses to be retrieved. See 9503// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9504// for more information. 9505func (c *ProjectsServiceAccountsUpdateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsUpdateCall { 9506 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9507 return c 9508} 9509 9510// Context sets the context to be used in this call's Do method. Any 9511// pending HTTP request will be aborted if the provided context is 9512// canceled. 9513func (c *ProjectsServiceAccountsUpdateCall) Context(ctx context.Context) *ProjectsServiceAccountsUpdateCall { 9514 c.ctx_ = ctx 9515 return c 9516} 9517 9518// Header returns an http.Header that can be modified by the caller to 9519// add HTTP headers to the request. 9520func (c *ProjectsServiceAccountsUpdateCall) Header() http.Header { 9521 if c.header_ == nil { 9522 c.header_ = make(http.Header) 9523 } 9524 return c.header_ 9525} 9526 9527func (c *ProjectsServiceAccountsUpdateCall) doRequest(alt string) (*http.Response, error) { 9528 reqHeaders := make(http.Header) 9529 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 9530 for k, v := range c.header_ { 9531 reqHeaders[k] = v 9532 } 9533 reqHeaders.Set("User-Agent", c.s.userAgent()) 9534 var body io.Reader = nil 9535 body, err := googleapi.WithoutDataWrapper.JSONReader(c.serviceaccount) 9536 if err != nil { 9537 return nil, err 9538 } 9539 reqHeaders.Set("Content-Type", "application/json") 9540 c.urlParams_.Set("alt", alt) 9541 c.urlParams_.Set("prettyPrint", "false") 9542 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 9543 urls += "?" + c.urlParams_.Encode() 9544 req, err := http.NewRequest("PUT", urls, body) 9545 if err != nil { 9546 return nil, err 9547 } 9548 req.Header = reqHeaders 9549 googleapi.Expand(req.URL, map[string]string{ 9550 "name": c.name, 9551 }) 9552 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9553} 9554 9555// Do executes the "iam.projects.serviceAccounts.update" call. 9556// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 9557// status code is an error. Response headers are in either 9558// *ServiceAccount.ServerResponse.Header or (if a response was returned 9559// at all) in error.(*googleapi.Error).Header. Use 9560// googleapi.IsNotModified to check whether the returned error was 9561// because http.StatusNotModified was returned. 9562func (c *ProjectsServiceAccountsUpdateCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 9563 gensupport.SetOptions(c.urlParams_, opts...) 9564 res, err := c.doRequest("json") 9565 if res != nil && res.StatusCode == http.StatusNotModified { 9566 if res.Body != nil { 9567 res.Body.Close() 9568 } 9569 return nil, &googleapi.Error{ 9570 Code: res.StatusCode, 9571 Header: res.Header, 9572 } 9573 } 9574 if err != nil { 9575 return nil, err 9576 } 9577 defer googleapi.CloseBody(res) 9578 if err := googleapi.CheckResponse(res); err != nil { 9579 return nil, err 9580 } 9581 ret := &ServiceAccount{ 9582 ServerResponse: googleapi.ServerResponse{ 9583 Header: res.Header, 9584 HTTPStatusCode: res.StatusCode, 9585 }, 9586 } 9587 target := &ret 9588 if err := gensupport.DecodeResponse(target, res); err != nil { 9589 return nil, err 9590 } 9591 return ret, nil 9592 // { 9593 // "description": "**Note:** We are in the process of deprecating this method. Use PatchServiceAccount instead. Updates a ServiceAccount. You can update only the `display_name` and `description` fields.", 9594 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 9595 // "httpMethod": "PUT", 9596 // "id": "iam.projects.serviceAccounts.update", 9597 // "parameterOrder": [ 9598 // "name" 9599 // ], 9600 // "parameters": { 9601 // "name": { 9602 // "description": "The resource name of the service account. Use one of the following formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you can use the `-` wildcard character instead of the project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the `-` wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to get the service account `projects/-/serviceAccounts/fake@example.com`, which does not exist, the response contains an HTTP `403 Forbidden` error instead of a `404 Not Found` error.", 9603 // "location": "path", 9604 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9605 // "required": true, 9606 // "type": "string" 9607 // } 9608 // }, 9609 // "path": "v1/{+name}", 9610 // "request": { 9611 // "$ref": "ServiceAccount" 9612 // }, 9613 // "response": { 9614 // "$ref": "ServiceAccount" 9615 // }, 9616 // "scopes": [ 9617 // "https://www.googleapis.com/auth/cloud-platform" 9618 // ] 9619 // } 9620 9621} 9622 9623// method id "iam.projects.serviceAccounts.keys.create": 9624 9625type ProjectsServiceAccountsKeysCreateCall struct { 9626 s *Service 9627 name string 9628 createserviceaccountkeyrequest *CreateServiceAccountKeyRequest 9629 urlParams_ gensupport.URLParams 9630 ctx_ context.Context 9631 header_ http.Header 9632} 9633 9634// Create: Creates a ServiceAccountKey. 9635// 9636// - name: The resource name of the service account in the following 9637// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 9638// `-` as a wildcard for the `PROJECT_ID` will infer the project from 9639// the account. The `ACCOUNT` value can be the `email` address or the 9640// `unique_id` of the service account. 9641func (r *ProjectsServiceAccountsKeysService) Create(name string, createserviceaccountkeyrequest *CreateServiceAccountKeyRequest) *ProjectsServiceAccountsKeysCreateCall { 9642 c := &ProjectsServiceAccountsKeysCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9643 c.name = name 9644 c.createserviceaccountkeyrequest = createserviceaccountkeyrequest 9645 return c 9646} 9647 9648// Fields allows partial responses to be retrieved. See 9649// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9650// for more information. 9651func (c *ProjectsServiceAccountsKeysCreateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysCreateCall { 9652 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9653 return c 9654} 9655 9656// Context sets the context to be used in this call's Do method. Any 9657// pending HTTP request will be aborted if the provided context is 9658// canceled. 9659func (c *ProjectsServiceAccountsKeysCreateCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysCreateCall { 9660 c.ctx_ = ctx 9661 return c 9662} 9663 9664// Header returns an http.Header that can be modified by the caller to 9665// add HTTP headers to the request. 9666func (c *ProjectsServiceAccountsKeysCreateCall) Header() http.Header { 9667 if c.header_ == nil { 9668 c.header_ = make(http.Header) 9669 } 9670 return c.header_ 9671} 9672 9673func (c *ProjectsServiceAccountsKeysCreateCall) doRequest(alt string) (*http.Response, error) { 9674 reqHeaders := make(http.Header) 9675 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 9676 for k, v := range c.header_ { 9677 reqHeaders[k] = v 9678 } 9679 reqHeaders.Set("User-Agent", c.s.userAgent()) 9680 var body io.Reader = nil 9681 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createserviceaccountkeyrequest) 9682 if err != nil { 9683 return nil, err 9684 } 9685 reqHeaders.Set("Content-Type", "application/json") 9686 c.urlParams_.Set("alt", alt) 9687 c.urlParams_.Set("prettyPrint", "false") 9688 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys") 9689 urls += "?" + c.urlParams_.Encode() 9690 req, err := http.NewRequest("POST", urls, body) 9691 if err != nil { 9692 return nil, err 9693 } 9694 req.Header = reqHeaders 9695 googleapi.Expand(req.URL, map[string]string{ 9696 "name": c.name, 9697 }) 9698 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9699} 9700 9701// Do executes the "iam.projects.serviceAccounts.keys.create" call. 9702// Exactly one of *ServiceAccountKey or error will be non-nil. Any 9703// non-2xx status code is an error. Response headers are in either 9704// *ServiceAccountKey.ServerResponse.Header or (if a response was 9705// returned at all) in error.(*googleapi.Error).Header. Use 9706// googleapi.IsNotModified to check whether the returned error was 9707// because http.StatusNotModified was returned. 9708func (c *ProjectsServiceAccountsKeysCreateCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 9709 gensupport.SetOptions(c.urlParams_, opts...) 9710 res, err := c.doRequest("json") 9711 if res != nil && res.StatusCode == http.StatusNotModified { 9712 if res.Body != nil { 9713 res.Body.Close() 9714 } 9715 return nil, &googleapi.Error{ 9716 Code: res.StatusCode, 9717 Header: res.Header, 9718 } 9719 } 9720 if err != nil { 9721 return nil, err 9722 } 9723 defer googleapi.CloseBody(res) 9724 if err := googleapi.CheckResponse(res); err != nil { 9725 return nil, err 9726 } 9727 ret := &ServiceAccountKey{ 9728 ServerResponse: googleapi.ServerResponse{ 9729 Header: res.Header, 9730 HTTPStatusCode: res.StatusCode, 9731 }, 9732 } 9733 target := &ret 9734 if err := gensupport.DecodeResponse(target, res); err != nil { 9735 return nil, err 9736 } 9737 return ret, nil 9738 // { 9739 // "description": "Creates a ServiceAccountKey.", 9740 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys", 9741 // "httpMethod": "POST", 9742 // "id": "iam.projects.serviceAccounts.keys.create", 9743 // "parameterOrder": [ 9744 // "name" 9745 // ], 9746 // "parameters": { 9747 // "name": { 9748 // "description": "Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 9749 // "location": "path", 9750 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9751 // "required": true, 9752 // "type": "string" 9753 // } 9754 // }, 9755 // "path": "v1/{+name}/keys", 9756 // "request": { 9757 // "$ref": "CreateServiceAccountKeyRequest" 9758 // }, 9759 // "response": { 9760 // "$ref": "ServiceAccountKey" 9761 // }, 9762 // "scopes": [ 9763 // "https://www.googleapis.com/auth/cloud-platform" 9764 // ] 9765 // } 9766 9767} 9768 9769// method id "iam.projects.serviceAccounts.keys.delete": 9770 9771type ProjectsServiceAccountsKeysDeleteCall struct { 9772 s *Service 9773 name string 9774 urlParams_ gensupport.URLParams 9775 ctx_ context.Context 9776 header_ http.Header 9777} 9778 9779// Delete: Deletes a ServiceAccountKey. Deleting a service account key 9780// does not revoke short-lived credentials that have been issued based 9781// on the service account key. 9782// 9783// - name: The resource name of the service account key in the following 9784// format: 9785// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using 9786// `-` as a wildcard for the `PROJECT_ID` will infer the project from 9787// the account. The `ACCOUNT` value can be the `email` address or the 9788// `unique_id` of the service account. 9789func (r *ProjectsServiceAccountsKeysService) Delete(name string) *ProjectsServiceAccountsKeysDeleteCall { 9790 c := &ProjectsServiceAccountsKeysDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9791 c.name = name 9792 return c 9793} 9794 9795// Fields allows partial responses to be retrieved. See 9796// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9797// for more information. 9798func (c *ProjectsServiceAccountsKeysDeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysDeleteCall { 9799 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9800 return c 9801} 9802 9803// Context sets the context to be used in this call's Do method. Any 9804// pending HTTP request will be aborted if the provided context is 9805// canceled. 9806func (c *ProjectsServiceAccountsKeysDeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysDeleteCall { 9807 c.ctx_ = ctx 9808 return c 9809} 9810 9811// Header returns an http.Header that can be modified by the caller to 9812// add HTTP headers to the request. 9813func (c *ProjectsServiceAccountsKeysDeleteCall) Header() http.Header { 9814 if c.header_ == nil { 9815 c.header_ = make(http.Header) 9816 } 9817 return c.header_ 9818} 9819 9820func (c *ProjectsServiceAccountsKeysDeleteCall) doRequest(alt string) (*http.Response, error) { 9821 reqHeaders := make(http.Header) 9822 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 9823 for k, v := range c.header_ { 9824 reqHeaders[k] = v 9825 } 9826 reqHeaders.Set("User-Agent", c.s.userAgent()) 9827 var body io.Reader = nil 9828 c.urlParams_.Set("alt", alt) 9829 c.urlParams_.Set("prettyPrint", "false") 9830 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 9831 urls += "?" + c.urlParams_.Encode() 9832 req, err := http.NewRequest("DELETE", urls, body) 9833 if err != nil { 9834 return nil, err 9835 } 9836 req.Header = reqHeaders 9837 googleapi.Expand(req.URL, map[string]string{ 9838 "name": c.name, 9839 }) 9840 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9841} 9842 9843// Do executes the "iam.projects.serviceAccounts.keys.delete" call. 9844// Exactly one of *Empty or error will be non-nil. Any non-2xx status 9845// code is an error. Response headers are in either 9846// *Empty.ServerResponse.Header or (if a response was returned at all) 9847// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 9848// check whether the returned error was because http.StatusNotModified 9849// was returned. 9850func (c *ProjectsServiceAccountsKeysDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 9851 gensupport.SetOptions(c.urlParams_, opts...) 9852 res, err := c.doRequest("json") 9853 if res != nil && res.StatusCode == http.StatusNotModified { 9854 if res.Body != nil { 9855 res.Body.Close() 9856 } 9857 return nil, &googleapi.Error{ 9858 Code: res.StatusCode, 9859 Header: res.Header, 9860 } 9861 } 9862 if err != nil { 9863 return nil, err 9864 } 9865 defer googleapi.CloseBody(res) 9866 if err := googleapi.CheckResponse(res); err != nil { 9867 return nil, err 9868 } 9869 ret := &Empty{ 9870 ServerResponse: googleapi.ServerResponse{ 9871 Header: res.Header, 9872 HTTPStatusCode: res.StatusCode, 9873 }, 9874 } 9875 target := &ret 9876 if err := gensupport.DecodeResponse(target, res); err != nil { 9877 return nil, err 9878 } 9879 return ret, nil 9880 // { 9881 // "description": "Deletes a ServiceAccountKey. Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.", 9882 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}", 9883 // "httpMethod": "DELETE", 9884 // "id": "iam.projects.serviceAccounts.keys.delete", 9885 // "parameterOrder": [ 9886 // "name" 9887 // ], 9888 // "parameters": { 9889 // "name": { 9890 // "description": "Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 9891 // "location": "path", 9892 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$", 9893 // "required": true, 9894 // "type": "string" 9895 // } 9896 // }, 9897 // "path": "v1/{+name}", 9898 // "response": { 9899 // "$ref": "Empty" 9900 // }, 9901 // "scopes": [ 9902 // "https://www.googleapis.com/auth/cloud-platform" 9903 // ] 9904 // } 9905 9906} 9907 9908// method id "iam.projects.serviceAccounts.keys.get": 9909 9910type ProjectsServiceAccountsKeysGetCall struct { 9911 s *Service 9912 name string 9913 urlParams_ gensupport.URLParams 9914 ifNoneMatch_ string 9915 ctx_ context.Context 9916 header_ http.Header 9917} 9918 9919// Get: Gets a ServiceAccountKey. 9920// 9921// - name: The resource name of the service account key in the following 9922// format: 9923// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using 9924// `-` as a wildcard for the `PROJECT_ID` will infer the project from 9925// the account. The `ACCOUNT` value can be the `email` address or the 9926// `unique_id` of the service account. 9927func (r *ProjectsServiceAccountsKeysService) Get(name string) *ProjectsServiceAccountsKeysGetCall { 9928 c := &ProjectsServiceAccountsKeysGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9929 c.name = name 9930 return c 9931} 9932 9933// PublicKeyType sets the optional parameter "publicKeyType": The output 9934// format of the public key requested. X509_PEM is the default output 9935// format. 9936// 9937// Possible values: 9938// "TYPE_NONE" - Unspecified. Returns nothing here. 9939// "TYPE_X509_PEM_FILE" - X509 PEM format. 9940// "TYPE_RAW_PUBLIC_KEY" - Raw public key. 9941func (c *ProjectsServiceAccountsKeysGetCall) PublicKeyType(publicKeyType string) *ProjectsServiceAccountsKeysGetCall { 9942 c.urlParams_.Set("publicKeyType", publicKeyType) 9943 return c 9944} 9945 9946// Fields allows partial responses to be retrieved. See 9947// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9948// for more information. 9949func (c *ProjectsServiceAccountsKeysGetCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysGetCall { 9950 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9951 return c 9952} 9953 9954// IfNoneMatch sets the optional parameter which makes the operation 9955// fail if the object's ETag matches the given value. This is useful for 9956// getting updates only after the object has changed since the last 9957// request. Use googleapi.IsNotModified to check whether the response 9958// error from Do is the result of In-None-Match. 9959func (c *ProjectsServiceAccountsKeysGetCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsKeysGetCall { 9960 c.ifNoneMatch_ = entityTag 9961 return c 9962} 9963 9964// Context sets the context to be used in this call's Do method. Any 9965// pending HTTP request will be aborted if the provided context is 9966// canceled. 9967func (c *ProjectsServiceAccountsKeysGetCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysGetCall { 9968 c.ctx_ = ctx 9969 return c 9970} 9971 9972// Header returns an http.Header that can be modified by the caller to 9973// add HTTP headers to the request. 9974func (c *ProjectsServiceAccountsKeysGetCall) Header() http.Header { 9975 if c.header_ == nil { 9976 c.header_ = make(http.Header) 9977 } 9978 return c.header_ 9979} 9980 9981func (c *ProjectsServiceAccountsKeysGetCall) doRequest(alt string) (*http.Response, error) { 9982 reqHeaders := make(http.Header) 9983 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 9984 for k, v := range c.header_ { 9985 reqHeaders[k] = v 9986 } 9987 reqHeaders.Set("User-Agent", c.s.userAgent()) 9988 if c.ifNoneMatch_ != "" { 9989 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 9990 } 9991 var body io.Reader = nil 9992 c.urlParams_.Set("alt", alt) 9993 c.urlParams_.Set("prettyPrint", "false") 9994 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 9995 urls += "?" + c.urlParams_.Encode() 9996 req, err := http.NewRequest("GET", urls, body) 9997 if err != nil { 9998 return nil, err 9999 } 10000 req.Header = reqHeaders 10001 googleapi.Expand(req.URL, map[string]string{ 10002 "name": c.name, 10003 }) 10004 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10005} 10006 10007// Do executes the "iam.projects.serviceAccounts.keys.get" call. 10008// Exactly one of *ServiceAccountKey or error will be non-nil. Any 10009// non-2xx status code is an error. Response headers are in either 10010// *ServiceAccountKey.ServerResponse.Header or (if a response was 10011// returned at all) in error.(*googleapi.Error).Header. Use 10012// googleapi.IsNotModified to check whether the returned error was 10013// because http.StatusNotModified was returned. 10014func (c *ProjectsServiceAccountsKeysGetCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 10015 gensupport.SetOptions(c.urlParams_, opts...) 10016 res, err := c.doRequest("json") 10017 if res != nil && res.StatusCode == http.StatusNotModified { 10018 if res.Body != nil { 10019 res.Body.Close() 10020 } 10021 return nil, &googleapi.Error{ 10022 Code: res.StatusCode, 10023 Header: res.Header, 10024 } 10025 } 10026 if err != nil { 10027 return nil, err 10028 } 10029 defer googleapi.CloseBody(res) 10030 if err := googleapi.CheckResponse(res); err != nil { 10031 return nil, err 10032 } 10033 ret := &ServiceAccountKey{ 10034 ServerResponse: googleapi.ServerResponse{ 10035 Header: res.Header, 10036 HTTPStatusCode: res.StatusCode, 10037 }, 10038 } 10039 target := &ret 10040 if err := gensupport.DecodeResponse(target, res); err != nil { 10041 return nil, err 10042 } 10043 return ret, nil 10044 // { 10045 // "description": "Gets a ServiceAccountKey.", 10046 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}", 10047 // "httpMethod": "GET", 10048 // "id": "iam.projects.serviceAccounts.keys.get", 10049 // "parameterOrder": [ 10050 // "name" 10051 // ], 10052 // "parameters": { 10053 // "name": { 10054 // "description": "Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 10055 // "location": "path", 10056 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$", 10057 // "required": true, 10058 // "type": "string" 10059 // }, 10060 // "publicKeyType": { 10061 // "description": "The output format of the public key requested. X509_PEM is the default output format.", 10062 // "enum": [ 10063 // "TYPE_NONE", 10064 // "TYPE_X509_PEM_FILE", 10065 // "TYPE_RAW_PUBLIC_KEY" 10066 // ], 10067 // "enumDescriptions": [ 10068 // "Unspecified. Returns nothing here.", 10069 // "X509 PEM format.", 10070 // "Raw public key." 10071 // ], 10072 // "location": "query", 10073 // "type": "string" 10074 // } 10075 // }, 10076 // "path": "v1/{+name}", 10077 // "response": { 10078 // "$ref": "ServiceAccountKey" 10079 // }, 10080 // "scopes": [ 10081 // "https://www.googleapis.com/auth/cloud-platform" 10082 // ] 10083 // } 10084 10085} 10086 10087// method id "iam.projects.serviceAccounts.keys.list": 10088 10089type ProjectsServiceAccountsKeysListCall struct { 10090 s *Service 10091 name string 10092 urlParams_ gensupport.URLParams 10093 ifNoneMatch_ string 10094 ctx_ context.Context 10095 header_ http.Header 10096} 10097 10098// List: Lists every ServiceAccountKey for a service account. 10099// 10100// - name: The resource name of the service account in the following 10101// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 10102// `-` as a wildcard for the `PROJECT_ID`, will infer the project from 10103// the account. The `ACCOUNT` value can be the `email` address or the 10104// `unique_id` of the service account. 10105func (r *ProjectsServiceAccountsKeysService) List(name string) *ProjectsServiceAccountsKeysListCall { 10106 c := &ProjectsServiceAccountsKeysListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10107 c.name = name 10108 return c 10109} 10110 10111// KeyTypes sets the optional parameter "keyTypes": Filters the types of 10112// keys the user wants to include in the list response. Duplicate key 10113// types are not allowed. If no key type is provided, all keys are 10114// returned. 10115// 10116// Possible values: 10117// "KEY_TYPE_UNSPECIFIED" - Unspecified key type. The presence of this 10118// in the message will immediately result in an error. 10119// "USER_MANAGED" - User-managed keys (managed and rotated by the 10120// user). 10121// "SYSTEM_MANAGED" - System-managed keys (managed and rotated by 10122// Google). 10123func (c *ProjectsServiceAccountsKeysListCall) KeyTypes(keyTypes ...string) *ProjectsServiceAccountsKeysListCall { 10124 c.urlParams_.SetMulti("keyTypes", append([]string{}, keyTypes...)) 10125 return c 10126} 10127 10128// Fields allows partial responses to be retrieved. See 10129// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10130// for more information. 10131func (c *ProjectsServiceAccountsKeysListCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysListCall { 10132 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10133 return c 10134} 10135 10136// IfNoneMatch sets the optional parameter which makes the operation 10137// fail if the object's ETag matches the given value. This is useful for 10138// getting updates only after the object has changed since the last 10139// request. Use googleapi.IsNotModified to check whether the response 10140// error from Do is the result of In-None-Match. 10141func (c *ProjectsServiceAccountsKeysListCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsKeysListCall { 10142 c.ifNoneMatch_ = entityTag 10143 return c 10144} 10145 10146// Context sets the context to be used in this call's Do method. Any 10147// pending HTTP request will be aborted if the provided context is 10148// canceled. 10149func (c *ProjectsServiceAccountsKeysListCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysListCall { 10150 c.ctx_ = ctx 10151 return c 10152} 10153 10154// Header returns an http.Header that can be modified by the caller to 10155// add HTTP headers to the request. 10156func (c *ProjectsServiceAccountsKeysListCall) Header() http.Header { 10157 if c.header_ == nil { 10158 c.header_ = make(http.Header) 10159 } 10160 return c.header_ 10161} 10162 10163func (c *ProjectsServiceAccountsKeysListCall) doRequest(alt string) (*http.Response, error) { 10164 reqHeaders := make(http.Header) 10165 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 10166 for k, v := range c.header_ { 10167 reqHeaders[k] = v 10168 } 10169 reqHeaders.Set("User-Agent", c.s.userAgent()) 10170 if c.ifNoneMatch_ != "" { 10171 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 10172 } 10173 var body io.Reader = nil 10174 c.urlParams_.Set("alt", alt) 10175 c.urlParams_.Set("prettyPrint", "false") 10176 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys") 10177 urls += "?" + c.urlParams_.Encode() 10178 req, err := http.NewRequest("GET", urls, body) 10179 if err != nil { 10180 return nil, err 10181 } 10182 req.Header = reqHeaders 10183 googleapi.Expand(req.URL, map[string]string{ 10184 "name": c.name, 10185 }) 10186 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10187} 10188 10189// Do executes the "iam.projects.serviceAccounts.keys.list" call. 10190// Exactly one of *ListServiceAccountKeysResponse or error will be 10191// non-nil. Any non-2xx status code is an error. Response headers are in 10192// either *ListServiceAccountKeysResponse.ServerResponse.Header or (if a 10193// response was returned at all) in error.(*googleapi.Error).Header. Use 10194// googleapi.IsNotModified to check whether the returned error was 10195// because http.StatusNotModified was returned. 10196func (c *ProjectsServiceAccountsKeysListCall) Do(opts ...googleapi.CallOption) (*ListServiceAccountKeysResponse, error) { 10197 gensupport.SetOptions(c.urlParams_, opts...) 10198 res, err := c.doRequest("json") 10199 if res != nil && res.StatusCode == http.StatusNotModified { 10200 if res.Body != nil { 10201 res.Body.Close() 10202 } 10203 return nil, &googleapi.Error{ 10204 Code: res.StatusCode, 10205 Header: res.Header, 10206 } 10207 } 10208 if err != nil { 10209 return nil, err 10210 } 10211 defer googleapi.CloseBody(res) 10212 if err := googleapi.CheckResponse(res); err != nil { 10213 return nil, err 10214 } 10215 ret := &ListServiceAccountKeysResponse{ 10216 ServerResponse: googleapi.ServerResponse{ 10217 Header: res.Header, 10218 HTTPStatusCode: res.StatusCode, 10219 }, 10220 } 10221 target := &ret 10222 if err := gensupport.DecodeResponse(target, res); err != nil { 10223 return nil, err 10224 } 10225 return ret, nil 10226 // { 10227 // "description": "Lists every ServiceAccountKey for a service account.", 10228 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys", 10229 // "httpMethod": "GET", 10230 // "id": "iam.projects.serviceAccounts.keys.list", 10231 // "parameterOrder": [ 10232 // "name" 10233 // ], 10234 // "parameters": { 10235 // "keyTypes": { 10236 // "description": "Filters the types of keys the user wants to include in the list response. Duplicate key types are not allowed. If no key type is provided, all keys are returned.", 10237 // "enum": [ 10238 // "KEY_TYPE_UNSPECIFIED", 10239 // "USER_MANAGED", 10240 // "SYSTEM_MANAGED" 10241 // ], 10242 // "enumDescriptions": [ 10243 // "Unspecified key type. The presence of this in the message will immediately result in an error.", 10244 // "User-managed keys (managed and rotated by the user).", 10245 // "System-managed keys (managed and rotated by Google)." 10246 // ], 10247 // "location": "query", 10248 // "repeated": true, 10249 // "type": "string" 10250 // }, 10251 // "name": { 10252 // "description": "Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID`, will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 10253 // "location": "path", 10254 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 10255 // "required": true, 10256 // "type": "string" 10257 // } 10258 // }, 10259 // "path": "v1/{+name}/keys", 10260 // "response": { 10261 // "$ref": "ListServiceAccountKeysResponse" 10262 // }, 10263 // "scopes": [ 10264 // "https://www.googleapis.com/auth/cloud-platform" 10265 // ] 10266 // } 10267 10268} 10269 10270// method id "iam.projects.serviceAccounts.keys.upload": 10271 10272type ProjectsServiceAccountsKeysUploadCall struct { 10273 s *Service 10274 name string 10275 uploadserviceaccountkeyrequest *UploadServiceAccountKeyRequest 10276 urlParams_ gensupport.URLParams 10277 ctx_ context.Context 10278 header_ http.Header 10279} 10280 10281// Upload: Creates a ServiceAccountKey, using a public key that you 10282// provide. 10283// 10284// - name: The resource name of the service account in the following 10285// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 10286// `-` as a wildcard for the `PROJECT_ID` will infer the project from 10287// the account. The `ACCOUNT` value can be the `email` address or the 10288// `unique_id` of the service account. 10289func (r *ProjectsServiceAccountsKeysService) Upload(name string, uploadserviceaccountkeyrequest *UploadServiceAccountKeyRequest) *ProjectsServiceAccountsKeysUploadCall { 10290 c := &ProjectsServiceAccountsKeysUploadCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10291 c.name = name 10292 c.uploadserviceaccountkeyrequest = uploadserviceaccountkeyrequest 10293 return c 10294} 10295 10296// Fields allows partial responses to be retrieved. See 10297// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10298// for more information. 10299func (c *ProjectsServiceAccountsKeysUploadCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysUploadCall { 10300 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10301 return c 10302} 10303 10304// Context sets the context to be used in this call's Do method. Any 10305// pending HTTP request will be aborted if the provided context is 10306// canceled. 10307func (c *ProjectsServiceAccountsKeysUploadCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysUploadCall { 10308 c.ctx_ = ctx 10309 return c 10310} 10311 10312// Header returns an http.Header that can be modified by the caller to 10313// add HTTP headers to the request. 10314func (c *ProjectsServiceAccountsKeysUploadCall) Header() http.Header { 10315 if c.header_ == nil { 10316 c.header_ = make(http.Header) 10317 } 10318 return c.header_ 10319} 10320 10321func (c *ProjectsServiceAccountsKeysUploadCall) doRequest(alt string) (*http.Response, error) { 10322 reqHeaders := make(http.Header) 10323 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 10324 for k, v := range c.header_ { 10325 reqHeaders[k] = v 10326 } 10327 reqHeaders.Set("User-Agent", c.s.userAgent()) 10328 var body io.Reader = nil 10329 body, err := googleapi.WithoutDataWrapper.JSONReader(c.uploadserviceaccountkeyrequest) 10330 if err != nil { 10331 return nil, err 10332 } 10333 reqHeaders.Set("Content-Type", "application/json") 10334 c.urlParams_.Set("alt", alt) 10335 c.urlParams_.Set("prettyPrint", "false") 10336 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys:upload") 10337 urls += "?" + c.urlParams_.Encode() 10338 req, err := http.NewRequest("POST", urls, body) 10339 if err != nil { 10340 return nil, err 10341 } 10342 req.Header = reqHeaders 10343 googleapi.Expand(req.URL, map[string]string{ 10344 "name": c.name, 10345 }) 10346 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10347} 10348 10349// Do executes the "iam.projects.serviceAccounts.keys.upload" call. 10350// Exactly one of *ServiceAccountKey or error will be non-nil. Any 10351// non-2xx status code is an error. Response headers are in either 10352// *ServiceAccountKey.ServerResponse.Header or (if a response was 10353// returned at all) in error.(*googleapi.Error).Header. Use 10354// googleapi.IsNotModified to check whether the returned error was 10355// because http.StatusNotModified was returned. 10356func (c *ProjectsServiceAccountsKeysUploadCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 10357 gensupport.SetOptions(c.urlParams_, opts...) 10358 res, err := c.doRequest("json") 10359 if res != nil && res.StatusCode == http.StatusNotModified { 10360 if res.Body != nil { 10361 res.Body.Close() 10362 } 10363 return nil, &googleapi.Error{ 10364 Code: res.StatusCode, 10365 Header: res.Header, 10366 } 10367 } 10368 if err != nil { 10369 return nil, err 10370 } 10371 defer googleapi.CloseBody(res) 10372 if err := googleapi.CheckResponse(res); err != nil { 10373 return nil, err 10374 } 10375 ret := &ServiceAccountKey{ 10376 ServerResponse: googleapi.ServerResponse{ 10377 Header: res.Header, 10378 HTTPStatusCode: res.StatusCode, 10379 }, 10380 } 10381 target := &ret 10382 if err := gensupport.DecodeResponse(target, res); err != nil { 10383 return nil, err 10384 } 10385 return ret, nil 10386 // { 10387 // "description": "Creates a ServiceAccountKey, using a public key that you provide.", 10388 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys:upload", 10389 // "httpMethod": "POST", 10390 // "id": "iam.projects.serviceAccounts.keys.upload", 10391 // "parameterOrder": [ 10392 // "name" 10393 // ], 10394 // "parameters": { 10395 // "name": { 10396 // "description": "The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 10397 // "location": "path", 10398 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 10399 // "required": true, 10400 // "type": "string" 10401 // } 10402 // }, 10403 // "path": "v1/{+name}/keys:upload", 10404 // "request": { 10405 // "$ref": "UploadServiceAccountKeyRequest" 10406 // }, 10407 // "response": { 10408 // "$ref": "ServiceAccountKey" 10409 // }, 10410 // "scopes": [ 10411 // "https://www.googleapis.com/auth/cloud-platform" 10412 // ] 10413 // } 10414 10415} 10416 10417// method id "iam.roles.get": 10418 10419type RolesGetCall struct { 10420 s *Service 10421 name string 10422 urlParams_ gensupport.URLParams 10423 ifNoneMatch_ string 10424 ctx_ context.Context 10425 header_ http.Header 10426} 10427 10428// Get: Gets the definition of a Role. 10429// 10430// - name: The `name` parameter's value depends on the target resource 10431// for the request, namely `roles` (/iam/reference/rest/v1/roles), 10432// `projects` (/iam/reference/rest/v1/projects.roles), or 10433// `organizations` (/iam/reference/rest/v1/organizations.roles). Each 10434// resource type's `name` value format is described below: * 10435// `roles.get()` (/iam/reference/rest/v1/roles/get): 10436// `roles/{ROLE_NAME}`. This method returns results from all 10437// predefined roles (/iam/docs/understanding-roles#predefined_roles) 10438// in Cloud IAM. Example request URL: 10439// `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * 10440// `projects.roles.get()` (/iam/reference/rest/v1/projects.roles/get): 10441// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns 10442// only custom roles (/iam/docs/understanding-custom-roles) that have 10443// been created at the project level. Example request URL: 10444// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 10445// OLE_ID}` * `organizations.roles.get()` 10446// (/iam/reference/rest/v1/organizations.roles/get): 10447// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 10448// method returns only custom roles 10449// (/iam/docs/understanding-custom-roles) that have been created at 10450// the organization level. Example request URL: 10451// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 10452// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 10453// specify a complete project ID or organization ID. 10454func (r *RolesService) Get(name string) *RolesGetCall { 10455 c := &RolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10456 c.name = name 10457 return c 10458} 10459 10460// Fields allows partial responses to be retrieved. See 10461// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10462// for more information. 10463func (c *RolesGetCall) Fields(s ...googleapi.Field) *RolesGetCall { 10464 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10465 return c 10466} 10467 10468// IfNoneMatch sets the optional parameter which makes the operation 10469// fail if the object's ETag matches the given value. This is useful for 10470// getting updates only after the object has changed since the last 10471// request. Use googleapi.IsNotModified to check whether the response 10472// error from Do is the result of In-None-Match. 10473func (c *RolesGetCall) IfNoneMatch(entityTag string) *RolesGetCall { 10474 c.ifNoneMatch_ = entityTag 10475 return c 10476} 10477 10478// Context sets the context to be used in this call's Do method. Any 10479// pending HTTP request will be aborted if the provided context is 10480// canceled. 10481func (c *RolesGetCall) Context(ctx context.Context) *RolesGetCall { 10482 c.ctx_ = ctx 10483 return c 10484} 10485 10486// Header returns an http.Header that can be modified by the caller to 10487// add HTTP headers to the request. 10488func (c *RolesGetCall) Header() http.Header { 10489 if c.header_ == nil { 10490 c.header_ = make(http.Header) 10491 } 10492 return c.header_ 10493} 10494 10495func (c *RolesGetCall) doRequest(alt string) (*http.Response, error) { 10496 reqHeaders := make(http.Header) 10497 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 10498 for k, v := range c.header_ { 10499 reqHeaders[k] = v 10500 } 10501 reqHeaders.Set("User-Agent", c.s.userAgent()) 10502 if c.ifNoneMatch_ != "" { 10503 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 10504 } 10505 var body io.Reader = nil 10506 c.urlParams_.Set("alt", alt) 10507 c.urlParams_.Set("prettyPrint", "false") 10508 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 10509 urls += "?" + c.urlParams_.Encode() 10510 req, err := http.NewRequest("GET", urls, body) 10511 if err != nil { 10512 return nil, err 10513 } 10514 req.Header = reqHeaders 10515 googleapi.Expand(req.URL, map[string]string{ 10516 "name": c.name, 10517 }) 10518 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10519} 10520 10521// Do executes the "iam.roles.get" call. 10522// Exactly one of *Role or error will be non-nil. Any non-2xx status 10523// code is an error. Response headers are in either 10524// *Role.ServerResponse.Header or (if a response was returned at all) in 10525// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 10526// whether the returned error was because http.StatusNotModified was 10527// returned. 10528func (c *RolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 10529 gensupport.SetOptions(c.urlParams_, opts...) 10530 res, err := c.doRequest("json") 10531 if res != nil && res.StatusCode == http.StatusNotModified { 10532 if res.Body != nil { 10533 res.Body.Close() 10534 } 10535 return nil, &googleapi.Error{ 10536 Code: res.StatusCode, 10537 Header: res.Header, 10538 } 10539 } 10540 if err != nil { 10541 return nil, err 10542 } 10543 defer googleapi.CloseBody(res) 10544 if err := googleapi.CheckResponse(res); err != nil { 10545 return nil, err 10546 } 10547 ret := &Role{ 10548 ServerResponse: googleapi.ServerResponse{ 10549 Header: res.Header, 10550 HTTPStatusCode: res.StatusCode, 10551 }, 10552 } 10553 target := &ret 10554 if err := gensupport.DecodeResponse(target, res); err != nil { 10555 return nil, err 10556 } 10557 return ret, nil 10558 // { 10559 // "description": "Gets the definition of a Role.", 10560 // "flatPath": "v1/roles/{rolesId}", 10561 // "httpMethod": "GET", 10562 // "id": "iam.roles.get", 10563 // "parameterOrder": [ 10564 // "name" 10565 // ], 10566 // "parameters": { 10567 // "name": { 10568 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`. This method returns results from all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 10569 // "location": "path", 10570 // "pattern": "^roles/[^/]+$", 10571 // "required": true, 10572 // "type": "string" 10573 // } 10574 // }, 10575 // "path": "v1/{+name}", 10576 // "response": { 10577 // "$ref": "Role" 10578 // }, 10579 // "scopes": [ 10580 // "https://www.googleapis.com/auth/cloud-platform" 10581 // ] 10582 // } 10583 10584} 10585 10586// method id "iam.roles.list": 10587 10588type RolesListCall struct { 10589 s *Service 10590 urlParams_ gensupport.URLParams 10591 ifNoneMatch_ string 10592 ctx_ context.Context 10593 header_ http.Header 10594} 10595 10596// List: Lists every predefined Role that IAM supports, or every custom 10597// role that is defined for an organization or project. 10598func (r *RolesService) List() *RolesListCall { 10599 c := &RolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10600 return c 10601} 10602 10603// PageSize sets the optional parameter "pageSize": Optional limit on 10604// the number of roles to include in the response. The default is 300, 10605// and the maximum is 1,000. 10606func (c *RolesListCall) PageSize(pageSize int64) *RolesListCall { 10607 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 10608 return c 10609} 10610 10611// PageToken sets the optional parameter "pageToken": Optional 10612// pagination token returned in an earlier ListRolesResponse. 10613func (c *RolesListCall) PageToken(pageToken string) *RolesListCall { 10614 c.urlParams_.Set("pageToken", pageToken) 10615 return c 10616} 10617 10618// Parent sets the optional parameter "parent": The `parent` parameter's 10619// value depends on the target resource for the request, namely `roles` 10620// (/iam/reference/rest/v1/roles), `projects` 10621// (/iam/reference/rest/v1/projects.roles), or `organizations` 10622// (/iam/reference/rest/v1/organizations.roles). Each resource type's 10623// `parent` value format is described below: * `roles.list()` 10624// (/iam/reference/rest/v1/roles/list): An empty string. This method 10625// doesn't require a resource; it simply returns all predefined roles 10626// (/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. 10627// Example request URL: `https://iam.googleapis.com/v1/roles` * 10628// `projects.roles.list()` (/iam/reference/rest/v1/projects.roles/list): 10629// `projects/{PROJECT_ID}`. This method lists all project-level custom 10630// roles (/iam/docs/understanding-custom-roles). Example request URL: 10631// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 10632// `organizations.roles.list()` 10633// (/iam/reference/rest/v1/organizations.roles/list): 10634// `organizations/{ORGANIZATION_ID}`. This method lists all 10635// organization-level custom roles 10636// (/iam/docs/understanding-custom-roles). Example request URL: 10637// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` 10638// Note: Wildcard (*) values are invalid; you must specify a complete 10639// project ID or organization ID. 10640func (c *RolesListCall) Parent(parent string) *RolesListCall { 10641 c.urlParams_.Set("parent", parent) 10642 return c 10643} 10644 10645// ShowDeleted sets the optional parameter "showDeleted": Include Roles 10646// that have been deleted. 10647func (c *RolesListCall) ShowDeleted(showDeleted bool) *RolesListCall { 10648 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 10649 return c 10650} 10651 10652// View sets the optional parameter "view": Optional view for the 10653// returned Role objects. When `FULL` is specified, the 10654// `includedPermissions` field is returned, which includes a list of all 10655// permissions in the role. The default value is `BASIC`, which does not 10656// return the `includedPermissions` field. 10657// 10658// Possible values: 10659// "BASIC" - Omits the `included_permissions` field. This is the 10660// default value. 10661// "FULL" - Returns all fields. 10662func (c *RolesListCall) View(view string) *RolesListCall { 10663 c.urlParams_.Set("view", view) 10664 return c 10665} 10666 10667// Fields allows partial responses to be retrieved. See 10668// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10669// for more information. 10670func (c *RolesListCall) Fields(s ...googleapi.Field) *RolesListCall { 10671 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10672 return c 10673} 10674 10675// IfNoneMatch sets the optional parameter which makes the operation 10676// fail if the object's ETag matches the given value. This is useful for 10677// getting updates only after the object has changed since the last 10678// request. Use googleapi.IsNotModified to check whether the response 10679// error from Do is the result of In-None-Match. 10680func (c *RolesListCall) IfNoneMatch(entityTag string) *RolesListCall { 10681 c.ifNoneMatch_ = entityTag 10682 return c 10683} 10684 10685// Context sets the context to be used in this call's Do method. Any 10686// pending HTTP request will be aborted if the provided context is 10687// canceled. 10688func (c *RolesListCall) Context(ctx context.Context) *RolesListCall { 10689 c.ctx_ = ctx 10690 return c 10691} 10692 10693// Header returns an http.Header that can be modified by the caller to 10694// add HTTP headers to the request. 10695func (c *RolesListCall) Header() http.Header { 10696 if c.header_ == nil { 10697 c.header_ = make(http.Header) 10698 } 10699 return c.header_ 10700} 10701 10702func (c *RolesListCall) doRequest(alt string) (*http.Response, error) { 10703 reqHeaders := make(http.Header) 10704 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 10705 for k, v := range c.header_ { 10706 reqHeaders[k] = v 10707 } 10708 reqHeaders.Set("User-Agent", c.s.userAgent()) 10709 if c.ifNoneMatch_ != "" { 10710 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 10711 } 10712 var body io.Reader = nil 10713 c.urlParams_.Set("alt", alt) 10714 c.urlParams_.Set("prettyPrint", "false") 10715 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/roles") 10716 urls += "?" + c.urlParams_.Encode() 10717 req, err := http.NewRequest("GET", urls, body) 10718 if err != nil { 10719 return nil, err 10720 } 10721 req.Header = reqHeaders 10722 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10723} 10724 10725// Do executes the "iam.roles.list" call. 10726// Exactly one of *ListRolesResponse or error will be non-nil. Any 10727// non-2xx status code is an error. Response headers are in either 10728// *ListRolesResponse.ServerResponse.Header or (if a response was 10729// returned at all) in error.(*googleapi.Error).Header. Use 10730// googleapi.IsNotModified to check whether the returned error was 10731// because http.StatusNotModified was returned. 10732func (c *RolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 10733 gensupport.SetOptions(c.urlParams_, opts...) 10734 res, err := c.doRequest("json") 10735 if res != nil && res.StatusCode == http.StatusNotModified { 10736 if res.Body != nil { 10737 res.Body.Close() 10738 } 10739 return nil, &googleapi.Error{ 10740 Code: res.StatusCode, 10741 Header: res.Header, 10742 } 10743 } 10744 if err != nil { 10745 return nil, err 10746 } 10747 defer googleapi.CloseBody(res) 10748 if err := googleapi.CheckResponse(res); err != nil { 10749 return nil, err 10750 } 10751 ret := &ListRolesResponse{ 10752 ServerResponse: googleapi.ServerResponse{ 10753 Header: res.Header, 10754 HTTPStatusCode: res.StatusCode, 10755 }, 10756 } 10757 target := &ret 10758 if err := gensupport.DecodeResponse(target, res); err != nil { 10759 return nil, err 10760 } 10761 return ret, nil 10762 // { 10763 // "description": "Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.", 10764 // "flatPath": "v1/roles", 10765 // "httpMethod": "GET", 10766 // "id": "iam.roles.list", 10767 // "parameterOrder": [], 10768 // "parameters": { 10769 // "pageSize": { 10770 // "description": "Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000.", 10771 // "format": "int32", 10772 // "location": "query", 10773 // "type": "integer" 10774 // }, 10775 // "pageToken": { 10776 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 10777 // "location": "query", 10778 // "type": "string" 10779 // }, 10780 // "parent": { 10781 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string. This method doesn't require a resource; it simply returns all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles` * [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list): `projects/{PROJECT_ID}`. This method lists all project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list): `organizations/{ORGANIZATION_ID}`. This method lists all organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 10782 // "location": "query", 10783 // "type": "string" 10784 // }, 10785 // "showDeleted": { 10786 // "description": "Include Roles that have been deleted.", 10787 // "location": "query", 10788 // "type": "boolean" 10789 // }, 10790 // "view": { 10791 // "description": "Optional view for the returned Role objects. When `FULL` is specified, the `includedPermissions` field is returned, which includes a list of all permissions in the role. The default value is `BASIC`, which does not return the `includedPermissions` field.", 10792 // "enum": [ 10793 // "BASIC", 10794 // "FULL" 10795 // ], 10796 // "enumDescriptions": [ 10797 // "Omits the `included_permissions` field. This is the default value.", 10798 // "Returns all fields." 10799 // ], 10800 // "location": "query", 10801 // "type": "string" 10802 // } 10803 // }, 10804 // "path": "v1/roles", 10805 // "response": { 10806 // "$ref": "ListRolesResponse" 10807 // }, 10808 // "scopes": [ 10809 // "https://www.googleapis.com/auth/cloud-platform" 10810 // ] 10811 // } 10812 10813} 10814 10815// Pages invokes f for each page of results. 10816// A non-nil error returned from f will halt the iteration. 10817// The provided context supersedes any context provided to the Context method. 10818func (c *RolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 10819 c.ctx_ = ctx 10820 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 10821 for { 10822 x, err := c.Do() 10823 if err != nil { 10824 return err 10825 } 10826 if err := f(x); err != nil { 10827 return err 10828 } 10829 if x.NextPageToken == "" { 10830 return nil 10831 } 10832 c.PageToken(x.NextPageToken) 10833 } 10834} 10835 10836// method id "iam.roles.queryGrantableRoles": 10837 10838type RolesQueryGrantableRolesCall struct { 10839 s *Service 10840 querygrantablerolesrequest *QueryGrantableRolesRequest 10841 urlParams_ gensupport.URLParams 10842 ctx_ context.Context 10843 header_ http.Header 10844} 10845 10846// QueryGrantableRoles: Lists roles that can be granted on a Google 10847// Cloud resource. A role is grantable if the IAM policy for the 10848// resource can contain bindings to the role. 10849func (r *RolesService) QueryGrantableRoles(querygrantablerolesrequest *QueryGrantableRolesRequest) *RolesQueryGrantableRolesCall { 10850 c := &RolesQueryGrantableRolesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10851 c.querygrantablerolesrequest = querygrantablerolesrequest 10852 return c 10853} 10854 10855// Fields allows partial responses to be retrieved. See 10856// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10857// for more information. 10858func (c *RolesQueryGrantableRolesCall) Fields(s ...googleapi.Field) *RolesQueryGrantableRolesCall { 10859 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10860 return c 10861} 10862 10863// Context sets the context to be used in this call's Do method. Any 10864// pending HTTP request will be aborted if the provided context is 10865// canceled. 10866func (c *RolesQueryGrantableRolesCall) Context(ctx context.Context) *RolesQueryGrantableRolesCall { 10867 c.ctx_ = ctx 10868 return c 10869} 10870 10871// Header returns an http.Header that can be modified by the caller to 10872// add HTTP headers to the request. 10873func (c *RolesQueryGrantableRolesCall) Header() http.Header { 10874 if c.header_ == nil { 10875 c.header_ = make(http.Header) 10876 } 10877 return c.header_ 10878} 10879 10880func (c *RolesQueryGrantableRolesCall) doRequest(alt string) (*http.Response, error) { 10881 reqHeaders := make(http.Header) 10882 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210812") 10883 for k, v := range c.header_ { 10884 reqHeaders[k] = v 10885 } 10886 reqHeaders.Set("User-Agent", c.s.userAgent()) 10887 var body io.Reader = nil 10888 body, err := googleapi.WithoutDataWrapper.JSONReader(c.querygrantablerolesrequest) 10889 if err != nil { 10890 return nil, err 10891 } 10892 reqHeaders.Set("Content-Type", "application/json") 10893 c.urlParams_.Set("alt", alt) 10894 c.urlParams_.Set("prettyPrint", "false") 10895 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/roles:queryGrantableRoles") 10896 urls += "?" + c.urlParams_.Encode() 10897 req, err := http.NewRequest("POST", urls, body) 10898 if err != nil { 10899 return nil, err 10900 } 10901 req.Header = reqHeaders 10902 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10903} 10904 10905// Do executes the "iam.roles.queryGrantableRoles" call. 10906// Exactly one of *QueryGrantableRolesResponse or error will be non-nil. 10907// Any non-2xx status code is an error. Response headers are in either 10908// *QueryGrantableRolesResponse.ServerResponse.Header or (if a response 10909// was returned at all) in error.(*googleapi.Error).Header. Use 10910// googleapi.IsNotModified to check whether the returned error was 10911// because http.StatusNotModified was returned. 10912func (c *RolesQueryGrantableRolesCall) Do(opts ...googleapi.CallOption) (*QueryGrantableRolesResponse, error) { 10913 gensupport.SetOptions(c.urlParams_, opts...) 10914 res, err := c.doRequest("json") 10915 if res != nil && res.StatusCode == http.StatusNotModified { 10916 if res.Body != nil { 10917 res.Body.Close() 10918 } 10919 return nil, &googleapi.Error{ 10920 Code: res.StatusCode, 10921 Header: res.Header, 10922 } 10923 } 10924 if err != nil { 10925 return nil, err 10926 } 10927 defer googleapi.CloseBody(res) 10928 if err := googleapi.CheckResponse(res); err != nil { 10929 return nil, err 10930 } 10931 ret := &QueryGrantableRolesResponse{ 10932 ServerResponse: googleapi.ServerResponse{ 10933 Header: res.Header, 10934 HTTPStatusCode: res.StatusCode, 10935 }, 10936 } 10937 target := &ret 10938 if err := gensupport.DecodeResponse(target, res); err != nil { 10939 return nil, err 10940 } 10941 return ret, nil 10942 // { 10943 // "description": "Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role.", 10944 // "flatPath": "v1/roles:queryGrantableRoles", 10945 // "httpMethod": "POST", 10946 // "id": "iam.roles.queryGrantableRoles", 10947 // "parameterOrder": [], 10948 // "parameters": {}, 10949 // "path": "v1/roles:queryGrantableRoles", 10950 // "request": { 10951 // "$ref": "QueryGrantableRolesRequest" 10952 // }, 10953 // "response": { 10954 // "$ref": "QueryGrantableRolesResponse" 10955 // }, 10956 // "scopes": [ 10957 // "https://www.googleapis.com/auth/cloud-platform" 10958 // ] 10959 // } 10960 10961} 10962 10963// Pages invokes f for each page of results. 10964// A non-nil error returned from f will halt the iteration. 10965// The provided context supersedes any context provided to the Context method. 10966func (c *RolesQueryGrantableRolesCall) Pages(ctx context.Context, f func(*QueryGrantableRolesResponse) error) error { 10967 c.ctx_ = ctx 10968 defer func(pt string) { c.querygrantablerolesrequest.PageToken = pt }(c.querygrantablerolesrequest.PageToken) // reset paging to original point 10969 for { 10970 x, err := c.Do() 10971 if err != nil { 10972 return err 10973 } 10974 if err := f(x); err != nil { 10975 return err 10976 } 10977 if x.NextPageToken == "" { 10978 return nil 10979 } 10980 c.querygrantablerolesrequest.PageToken = x.NextPageToken 10981 } 10982} 10983