1// Copyright 2020 Google LLC. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5// Code generated file. DO NOT EDIT. 6 7// Package iam provides access to the Identity and Access Management (IAM) API. 8// 9// For product documentation, see: https://cloud.google.com/iam/ 10// 11// Creating a client 12// 13// Usage example: 14// 15// import "google.golang.org/api/iam/v1" 16// ... 17// ctx := context.Background() 18// iamService, err := iam.NewService(ctx) 19// 20// In this example, Google Application Default Credentials are used for authentication. 21// 22// For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials. 23// 24// Other authentication options 25// 26// To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey: 27// 28// iamService, err := iam.NewService(ctx, option.WithAPIKey("AIza...")) 29// 30// To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource: 31// 32// config := &oauth2.Config{...} 33// // ... 34// token, err := config.Exchange(ctx, ...) 35// iamService, err := iam.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token))) 36// 37// See https://godoc.org/google.golang.org/api/option/ for details on options. 38package iam // import "google.golang.org/api/iam/v1" 39 40import ( 41 "bytes" 42 "context" 43 "encoding/json" 44 "errors" 45 "fmt" 46 "io" 47 "net/http" 48 "net/url" 49 "strconv" 50 "strings" 51 52 googleapi "google.golang.org/api/googleapi" 53 gensupport "google.golang.org/api/internal/gensupport" 54 option "google.golang.org/api/option" 55 internaloption "google.golang.org/api/option/internaloption" 56 htransport "google.golang.org/api/transport/http" 57) 58 59// Always reference these packages, just in case the auto-generated code 60// below doesn't. 61var _ = bytes.NewBuffer 62var _ = strconv.Itoa 63var _ = fmt.Sprintf 64var _ = json.NewDecoder 65var _ = io.Copy 66var _ = url.Parse 67var _ = gensupport.MarshalJSON 68var _ = googleapi.Version 69var _ = errors.New 70var _ = strings.Replace 71var _ = context.Canceled 72var _ = internaloption.WithDefaultEndpoint 73 74const apiId = "iam:v1" 75const apiName = "iam" 76const apiVersion = "v1" 77const basePath = "https://iam.googleapis.com/" 78const mtlsBasePath = "https://iam.mtls.googleapis.com/" 79 80// OAuth2 scopes used by this API. 81const ( 82 // View and manage your data across Google Cloud Platform services 83 CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform" 84) 85 86// NewService creates a new Service. 87func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) { 88 scopesOption := option.WithScopes( 89 "https://www.googleapis.com/auth/cloud-platform", 90 ) 91 // NOTE: prepend, so we don't override user-specified scopes. 92 opts = append([]option.ClientOption{scopesOption}, opts...) 93 opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) 94 opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) 95 client, endpoint, err := htransport.NewClient(ctx, opts...) 96 if err != nil { 97 return nil, err 98 } 99 s, err := New(client) 100 if err != nil { 101 return nil, err 102 } 103 if endpoint != "" { 104 s.BasePath = endpoint 105 } 106 return s, nil 107} 108 109// New creates a new Service. It uses the provided http.Client for requests. 110// 111// Deprecated: please use NewService instead. 112// To provide a custom HTTP client, use option.WithHTTPClient. 113// If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead. 114func New(client *http.Client) (*Service, error) { 115 if client == nil { 116 return nil, errors.New("client is nil") 117 } 118 s := &Service{client: client, BasePath: basePath} 119 s.IamPolicies = NewIamPoliciesService(s) 120 s.Organizations = NewOrganizationsService(s) 121 s.Permissions = NewPermissionsService(s) 122 s.Projects = NewProjectsService(s) 123 s.Roles = NewRolesService(s) 124 return s, nil 125} 126 127type Service struct { 128 client *http.Client 129 BasePath string // API endpoint base URL 130 UserAgent string // optional additional User-Agent fragment 131 132 IamPolicies *IamPoliciesService 133 134 Organizations *OrganizationsService 135 136 Permissions *PermissionsService 137 138 Projects *ProjectsService 139 140 Roles *RolesService 141} 142 143func (s *Service) userAgent() string { 144 if s.UserAgent == "" { 145 return googleapi.UserAgent 146 } 147 return googleapi.UserAgent + " " + s.UserAgent 148} 149 150func NewIamPoliciesService(s *Service) *IamPoliciesService { 151 rs := &IamPoliciesService{s: s} 152 return rs 153} 154 155type IamPoliciesService struct { 156 s *Service 157} 158 159func NewOrganizationsService(s *Service) *OrganizationsService { 160 rs := &OrganizationsService{s: s} 161 rs.Roles = NewOrganizationsRolesService(s) 162 return rs 163} 164 165type OrganizationsService struct { 166 s *Service 167 168 Roles *OrganizationsRolesService 169} 170 171func NewOrganizationsRolesService(s *Service) *OrganizationsRolesService { 172 rs := &OrganizationsRolesService{s: s} 173 return rs 174} 175 176type OrganizationsRolesService struct { 177 s *Service 178} 179 180func NewPermissionsService(s *Service) *PermissionsService { 181 rs := &PermissionsService{s: s} 182 return rs 183} 184 185type PermissionsService struct { 186 s *Service 187} 188 189func NewProjectsService(s *Service) *ProjectsService { 190 rs := &ProjectsService{s: s} 191 rs.Roles = NewProjectsRolesService(s) 192 rs.ServiceAccounts = NewProjectsServiceAccountsService(s) 193 return rs 194} 195 196type ProjectsService struct { 197 s *Service 198 199 Roles *ProjectsRolesService 200 201 ServiceAccounts *ProjectsServiceAccountsService 202} 203 204func NewProjectsRolesService(s *Service) *ProjectsRolesService { 205 rs := &ProjectsRolesService{s: s} 206 return rs 207} 208 209type ProjectsRolesService struct { 210 s *Service 211} 212 213func NewProjectsServiceAccountsService(s *Service) *ProjectsServiceAccountsService { 214 rs := &ProjectsServiceAccountsService{s: s} 215 rs.Keys = NewProjectsServiceAccountsKeysService(s) 216 return rs 217} 218 219type ProjectsServiceAccountsService struct { 220 s *Service 221 222 Keys *ProjectsServiceAccountsKeysService 223} 224 225func NewProjectsServiceAccountsKeysService(s *Service) *ProjectsServiceAccountsKeysService { 226 rs := &ProjectsServiceAccountsKeysService{s: s} 227 return rs 228} 229 230type ProjectsServiceAccountsKeysService struct { 231 s *Service 232} 233 234func NewRolesService(s *Service) *RolesService { 235 rs := &RolesService{s: s} 236 return rs 237} 238 239type RolesService struct { 240 s *Service 241} 242 243// AdminAuditData: Audit log information specific to Cloud IAM admin 244// APIs. This message is 245// serialized as an `Any` type in the `ServiceData` message of 246// an 247// `AuditLog` message. 248type AdminAuditData struct { 249 // PermissionDelta: The permission_delta when when creating or updating 250 // a Role. 251 PermissionDelta *PermissionDelta `json:"permissionDelta,omitempty"` 252 253 // ForceSendFields is a list of field names (e.g. "PermissionDelta") to 254 // unconditionally include in API requests. By default, fields with 255 // empty values are omitted from API requests. However, any non-pointer, 256 // non-interface field appearing in ForceSendFields will be sent to the 257 // server regardless of whether the field is empty or not. This may be 258 // used to include empty fields in Patch requests. 259 ForceSendFields []string `json:"-"` 260 261 // NullFields is a list of field names (e.g. "PermissionDelta") to 262 // include in API requests with the JSON null value. By default, fields 263 // with empty values are omitted from API requests. However, any field 264 // with an empty value appearing in NullFields will be sent to the 265 // server as null. It is an error if a field in this list has a 266 // non-empty value. This may be used to include null fields in Patch 267 // requests. 268 NullFields []string `json:"-"` 269} 270 271func (s *AdminAuditData) MarshalJSON() ([]byte, error) { 272 type NoMethod AdminAuditData 273 raw := NoMethod(*s) 274 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 275} 276 277// AuditConfig: Specifies the audit configuration for a service. 278// The configuration determines which permission types are logged, and 279// what 280// identities, if any, are exempted from logging. 281// An AuditConfig must have one or more AuditLogConfigs. 282// 283// If there are AuditConfigs for both `allServices` and a specific 284// service, 285// the union of the two AuditConfigs is used for that service: the 286// log_types 287// specified in each AuditConfig are enabled, and the exempted_members 288// in each 289// AuditLogConfig are exempted. 290// 291// Example Policy with multiple AuditConfigs: 292// 293// { 294// "audit_configs": [ 295// { 296// "service": "allServices", 297// "audit_log_configs": [ 298// { 299// "log_type": "DATA_READ", 300// "exempted_members": [ 301// "user:jose@example.com" 302// ] 303// }, 304// { 305// "log_type": "DATA_WRITE" 306// }, 307// { 308// "log_type": "ADMIN_READ" 309// } 310// ] 311// }, 312// { 313// "service": "sampleservice.googleapis.com", 314// "audit_log_configs": [ 315// { 316// "log_type": "DATA_READ" 317// }, 318// { 319// "log_type": "DATA_WRITE", 320// "exempted_members": [ 321// "user:aliya@example.com" 322// ] 323// } 324// ] 325// } 326// ] 327// } 328// 329// For sampleservice, this policy enables DATA_READ, DATA_WRITE and 330// ADMIN_READ 331// logging. It also exempts jose@example.com from DATA_READ logging, 332// and 333// aliya@example.com from DATA_WRITE logging. 334type AuditConfig struct { 335 // AuditLogConfigs: The configuration for logging of each type of 336 // permission. 337 AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"` 338 339 // Service: Specifies a service that will be enabled for audit 340 // logging. 341 // For example, `storage.googleapis.com`, 342 // `cloudsql.googleapis.com`. 343 // `allServices` is a special value that covers all services. 344 Service string `json:"service,omitempty"` 345 346 // ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to 347 // unconditionally include in API requests. By default, fields with 348 // empty values are omitted from API requests. However, any non-pointer, 349 // non-interface field appearing in ForceSendFields will be sent to the 350 // server regardless of whether the field is empty or not. This may be 351 // used to include empty fields in Patch requests. 352 ForceSendFields []string `json:"-"` 353 354 // NullFields is a list of field names (e.g. "AuditLogConfigs") to 355 // include in API requests with the JSON null value. By default, fields 356 // with empty values are omitted from API requests. However, any field 357 // with an empty value appearing in NullFields will be sent to the 358 // server as null. It is an error if a field in this list has a 359 // non-empty value. This may be used to include null fields in Patch 360 // requests. 361 NullFields []string `json:"-"` 362} 363 364func (s *AuditConfig) MarshalJSON() ([]byte, error) { 365 type NoMethod AuditConfig 366 raw := NoMethod(*s) 367 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 368} 369 370// AuditData: Audit log information specific to Cloud IAM. This message 371// is serialized 372// as an `Any` type in the `ServiceData` message of an 373// `AuditLog` message. 374type AuditData struct { 375 // PolicyDelta: Policy delta between the original policy and the newly 376 // set policy. 377 PolicyDelta *PolicyDelta `json:"policyDelta,omitempty"` 378 379 // ForceSendFields is a list of field names (e.g. "PolicyDelta") to 380 // unconditionally include in API requests. By default, fields with 381 // empty values are omitted from API requests. However, any non-pointer, 382 // non-interface field appearing in ForceSendFields will be sent to the 383 // server regardless of whether the field is empty or not. This may be 384 // used to include empty fields in Patch requests. 385 ForceSendFields []string `json:"-"` 386 387 // NullFields is a list of field names (e.g. "PolicyDelta") to include 388 // in API requests with the JSON null value. By default, fields with 389 // empty values are omitted from API requests. However, any field with 390 // an empty value appearing in NullFields will be sent to the server as 391 // null. It is an error if a field in this list has a non-empty value. 392 // This may be used to include null fields in Patch requests. 393 NullFields []string `json:"-"` 394} 395 396func (s *AuditData) MarshalJSON() ([]byte, error) { 397 type NoMethod AuditData 398 raw := NoMethod(*s) 399 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 400} 401 402// AuditLogConfig: Provides the configuration for logging a type of 403// permissions. 404// Example: 405// 406// { 407// "audit_log_configs": [ 408// { 409// "log_type": "DATA_READ", 410// "exempted_members": [ 411// "user:jose@example.com" 412// ] 413// }, 414// { 415// "log_type": "DATA_WRITE" 416// } 417// ] 418// } 419// 420// This enables 'DATA_READ' and 'DATA_WRITE' logging, while 421// exempting 422// jose@example.com from DATA_READ logging. 423type AuditLogConfig struct { 424 // ExemptedMembers: Specifies the identities that do not cause logging 425 // for this type of 426 // permission. 427 // Follows the same format of Binding.members. 428 ExemptedMembers []string `json:"exemptedMembers,omitempty"` 429 430 // LogType: The log type that this config enables. 431 // 432 // Possible values: 433 // "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this. 434 // "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy 435 // "DATA_WRITE" - Data writes. Example: CloudSQL Users create 436 // "DATA_READ" - Data reads. Example: CloudSQL Users list 437 LogType string `json:"logType,omitempty"` 438 439 // ForceSendFields is a list of field names (e.g. "ExemptedMembers") to 440 // unconditionally include in API requests. By default, fields with 441 // empty values are omitted from API requests. However, any non-pointer, 442 // non-interface field appearing in ForceSendFields will be sent to the 443 // server regardless of whether the field is empty or not. This may be 444 // used to include empty fields in Patch requests. 445 ForceSendFields []string `json:"-"` 446 447 // NullFields is a list of field names (e.g. "ExemptedMembers") to 448 // include in API requests with the JSON null value. By default, fields 449 // with empty values are omitted from API requests. However, any field 450 // with an empty value appearing in NullFields will be sent to the 451 // server as null. It is an error if a field in this list has a 452 // non-empty value. This may be used to include null fields in Patch 453 // requests. 454 NullFields []string `json:"-"` 455} 456 457func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { 458 type NoMethod AuditLogConfig 459 raw := NoMethod(*s) 460 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 461} 462 463// AuditableService: Contains information about an auditable service. 464type AuditableService struct { 465 // Name: Public name of the service. 466 // For example, the service name for Cloud IAM is 'iam.googleapis.com'. 467 Name string `json:"name,omitempty"` 468 469 // ForceSendFields is a list of field names (e.g. "Name") to 470 // unconditionally include in API requests. By default, fields with 471 // empty values are omitted from API requests. However, any non-pointer, 472 // non-interface field appearing in ForceSendFields will be sent to the 473 // server regardless of whether the field is empty or not. This may be 474 // used to include empty fields in Patch requests. 475 ForceSendFields []string `json:"-"` 476 477 // NullFields is a list of field names (e.g. "Name") to include in API 478 // requests with the JSON null value. By default, fields with empty 479 // values are omitted from API requests. However, any field with an 480 // empty value appearing in NullFields will be sent to the server as 481 // null. It is an error if a field in this list has a non-empty value. 482 // This may be used to include null fields in Patch requests. 483 NullFields []string `json:"-"` 484} 485 486func (s *AuditableService) MarshalJSON() ([]byte, error) { 487 type NoMethod AuditableService 488 raw := NoMethod(*s) 489 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 490} 491 492// Binding: Associates `members` with a `role`. 493type Binding struct { 494 // Condition: The condition that is associated with this binding. 495 // 496 // If the condition evaluates to `true`, then this binding applies to 497 // the 498 // current request. 499 // 500 // If the condition evaluates to `false`, then this binding does not 501 // apply to 502 // the current request. However, a different role binding might grant 503 // the same 504 // role to one or more of the members in this binding. 505 // 506 // To learn which resources support conditions in their IAM policies, 507 // see 508 // the 509 // [IAM 510 // documentation](https://cloud.google.com/iam/help/conditions/r 511 // esource-policies). 512 Condition *Expr `json:"condition,omitempty"` 513 514 // Members: Specifies the identities requesting access for a Cloud 515 // Platform resource. 516 // `members` can have the following values: 517 // 518 // * `allUsers`: A special identifier that represents anyone who is 519 // on the internet; with or without a Google account. 520 // 521 // * `allAuthenticatedUsers`: A special identifier that represents 522 // anyone 523 // who is authenticated with a Google account or a service 524 // account. 525 // 526 // * `user:{emailid}`: An email address that represents a specific 527 // Google 528 // account. For example, `alice@example.com` . 529 // 530 // 531 // * `serviceAccount:{emailid}`: An email address that represents a 532 // service 533 // account. For example, 534 // `my-other-app@appspot.gserviceaccount.com`. 535 // 536 // * `group:{emailid}`: An email address that represents a Google 537 // group. 538 // For example, `admins@example.com`. 539 // 540 // * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus 541 // unique 542 // identifier) representing a user that has been recently deleted. 543 // For 544 // example, `alice@example.com?uid=123456789012345678901`. If the 545 // user is 546 // recovered, this value reverts to `user:{emailid}` and the 547 // recovered user 548 // retains the role in the binding. 549 // 550 // * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address 551 // (plus 552 // unique identifier) representing a service account that has been 553 // recently 554 // deleted. For example, 555 // 556 // `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. 557 // 558 // If the service account is undeleted, this value reverts to 559 // `serviceAccount:{emailid}` and the undeleted service account 560 // retains the 561 // role in the binding. 562 // 563 // * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus 564 // unique 565 // identifier) representing a Google group that has been recently 566 // deleted. For example, 567 // `admins@example.com?uid=123456789012345678901`. If 568 // the group is recovered, this value reverts to `group:{emailid}` 569 // and the 570 // recovered group retains the role in the binding. 571 // 572 // 573 // * `domain:{domain}`: The G Suite domain (primary) that represents all 574 // the 575 // users of that domain. For example, `google.com` or 576 // `example.com`. 577 // 578 // 579 Members []string `json:"members,omitempty"` 580 581 // Role: Role that is assigned to `members`. 582 // For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 583 Role string `json:"role,omitempty"` 584 585 // ForceSendFields is a list of field names (e.g. "Condition") to 586 // unconditionally include in API requests. By default, fields with 587 // empty values are omitted from API requests. However, any non-pointer, 588 // non-interface field appearing in ForceSendFields will be sent to the 589 // server regardless of whether the field is empty or not. This may be 590 // used to include empty fields in Patch requests. 591 ForceSendFields []string `json:"-"` 592 593 // NullFields is a list of field names (e.g. "Condition") to include in 594 // API requests with the JSON null value. By default, fields with empty 595 // values are omitted from API requests. However, any field with an 596 // empty value appearing in NullFields will be sent to the server as 597 // null. It is an error if a field in this list has a non-empty value. 598 // This may be used to include null fields in Patch requests. 599 NullFields []string `json:"-"` 600} 601 602func (s *Binding) MarshalJSON() ([]byte, error) { 603 type NoMethod Binding 604 raw := NoMethod(*s) 605 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 606} 607 608// BindingDelta: One delta entry for Binding. Each individual change 609// (only one member in each 610// entry) to a binding will be a separate entry. 611type BindingDelta struct { 612 // Action: The action that was performed on a Binding. 613 // Required 614 // 615 // Possible values: 616 // "ACTION_UNSPECIFIED" - Unspecified. 617 // "ADD" - Addition of a Binding. 618 // "REMOVE" - Removal of a Binding. 619 Action string `json:"action,omitempty"` 620 621 // Condition: The condition that is associated with this binding. 622 Condition *Expr `json:"condition,omitempty"` 623 624 // Member: A single identity requesting access for a Cloud Platform 625 // resource. 626 // Follows the same format of Binding.members. 627 // Required 628 Member string `json:"member,omitempty"` 629 630 // Role: Role that is assigned to `members`. 631 // For example, `roles/viewer`, `roles/editor`, or 632 // `roles/owner`. 633 // Required 634 Role string `json:"role,omitempty"` 635 636 // ForceSendFields is a list of field names (e.g. "Action") to 637 // unconditionally include in API requests. By default, fields with 638 // empty values are omitted from API requests. However, any non-pointer, 639 // non-interface field appearing in ForceSendFields will be sent to the 640 // server regardless of whether the field is empty or not. This may be 641 // used to include empty fields in Patch requests. 642 ForceSendFields []string `json:"-"` 643 644 // NullFields is a list of field names (e.g. "Action") to include in API 645 // requests with the JSON null value. By default, fields with empty 646 // values are omitted from API requests. However, any field with an 647 // empty value appearing in NullFields will be sent to the server as 648 // null. It is an error if a field in this list has a non-empty value. 649 // This may be used to include null fields in Patch requests. 650 NullFields []string `json:"-"` 651} 652 653func (s *BindingDelta) MarshalJSON() ([]byte, error) { 654 type NoMethod BindingDelta 655 raw := NoMethod(*s) 656 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 657} 658 659// CreateRoleRequest: The request to create a new role. 660type CreateRoleRequest struct { 661 // Role: The Role resource to create. 662 Role *Role `json:"role,omitempty"` 663 664 // RoleId: The role ID to use for this role. 665 // 666 // A role ID may contain alphanumeric characters, underscores (`_`), 667 // and 668 // periods (`.`). It must contain a minimum of 3 characters and a 669 // maximum of 670 // 64 characters. 671 RoleId string `json:"roleId,omitempty"` 672 673 // ForceSendFields is a list of field names (e.g. "Role") to 674 // unconditionally include in API requests. By default, fields with 675 // empty values are omitted from API requests. However, any non-pointer, 676 // non-interface field appearing in ForceSendFields will be sent to the 677 // server regardless of whether the field is empty or not. This may be 678 // used to include empty fields in Patch requests. 679 ForceSendFields []string `json:"-"` 680 681 // NullFields is a list of field names (e.g. "Role") to include in API 682 // requests with the JSON null value. By default, fields with empty 683 // values are omitted from API requests. However, any field with an 684 // empty value appearing in NullFields will be sent to the server as 685 // null. It is an error if a field in this list has a non-empty value. 686 // This may be used to include null fields in Patch requests. 687 NullFields []string `json:"-"` 688} 689 690func (s *CreateRoleRequest) MarshalJSON() ([]byte, error) { 691 type NoMethod CreateRoleRequest 692 raw := NoMethod(*s) 693 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 694} 695 696// CreateServiceAccountKeyRequest: The service account key create 697// request. 698type CreateServiceAccountKeyRequest struct { 699 // KeyAlgorithm: Which type of key and algorithm to use for the key. 700 // The default is currently a 2K RSA key. However this may change in 701 // the 702 // future. 703 // 704 // Possible values: 705 // "KEY_ALG_UNSPECIFIED" - An unspecified key algorithm. 706 // "KEY_ALG_RSA_1024" - 1k RSA Key. 707 // "KEY_ALG_RSA_2048" - 2k RSA Key. 708 KeyAlgorithm string `json:"keyAlgorithm,omitempty"` 709 710 // PrivateKeyType: The output format of the private key. The default 711 // value is 712 // `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google Credentials 713 // File 714 // format. 715 // 716 // Possible values: 717 // "TYPE_UNSPECIFIED" - Unspecified. Equivalent to 718 // `TYPE_GOOGLE_CREDENTIALS_FILE`. 719 // "TYPE_PKCS12_FILE" - PKCS12 format. 720 // The password for the PKCS12 file is `notasecret`. 721 // For more information, see https://tools.ietf.org/html/rfc7292. 722 // "TYPE_GOOGLE_CREDENTIALS_FILE" - Google Credentials File format. 723 PrivateKeyType string `json:"privateKeyType,omitempty"` 724 725 // ForceSendFields is a list of field names (e.g. "KeyAlgorithm") to 726 // unconditionally include in API requests. By default, fields with 727 // empty values are omitted from API requests. However, any non-pointer, 728 // non-interface field appearing in ForceSendFields will be sent to the 729 // server regardless of whether the field is empty or not. This may be 730 // used to include empty fields in Patch requests. 731 ForceSendFields []string `json:"-"` 732 733 // NullFields is a list of field names (e.g. "KeyAlgorithm") to include 734 // in API requests with the JSON null value. By default, fields with 735 // empty values are omitted from API requests. However, any field with 736 // an empty value appearing in NullFields will be sent to the server as 737 // null. It is an error if a field in this list has a non-empty value. 738 // This may be used to include null fields in Patch requests. 739 NullFields []string `json:"-"` 740} 741 742func (s *CreateServiceAccountKeyRequest) MarshalJSON() ([]byte, error) { 743 type NoMethod CreateServiceAccountKeyRequest 744 raw := NoMethod(*s) 745 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 746} 747 748// CreateServiceAccountRequest: The service account create request. 749type CreateServiceAccountRequest struct { 750 // AccountId: Required. The account id that is used to generate the 751 // service account 752 // email address and a stable unique id. It is unique within a 753 // project, 754 // must be 6-30 characters long, and match the regular 755 // expression 756 // `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035. 757 AccountId string `json:"accountId,omitempty"` 758 759 // ServiceAccount: The ServiceAccount resource to 760 // create. Currently, only the following values are user 761 // assignable: 762 // `display_name` and `description`. 763 ServiceAccount *ServiceAccount `json:"serviceAccount,omitempty"` 764 765 // ForceSendFields is a list of field names (e.g. "AccountId") to 766 // unconditionally include in API requests. By default, fields with 767 // empty values are omitted from API requests. However, any non-pointer, 768 // non-interface field appearing in ForceSendFields will be sent to the 769 // server regardless of whether the field is empty or not. This may be 770 // used to include empty fields in Patch requests. 771 ForceSendFields []string `json:"-"` 772 773 // NullFields is a list of field names (e.g. "AccountId") to include in 774 // API requests with the JSON null value. By default, fields with empty 775 // values are omitted from API requests. However, any field with an 776 // empty value appearing in NullFields will be sent to the server as 777 // null. It is an error if a field in this list has a non-empty value. 778 // This may be used to include null fields in Patch requests. 779 NullFields []string `json:"-"` 780} 781 782func (s *CreateServiceAccountRequest) MarshalJSON() ([]byte, error) { 783 type NoMethod CreateServiceAccountRequest 784 raw := NoMethod(*s) 785 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 786} 787 788// DisableServiceAccountRequest: The service account disable request. 789type DisableServiceAccountRequest struct { 790} 791 792// Empty: A generic empty message that you can re-use to avoid defining 793// duplicated 794// empty messages in your APIs. A typical example is to use it as the 795// request 796// or the response type of an API method. For instance: 797// 798// service Foo { 799// rpc Bar(google.protobuf.Empty) returns 800// (google.protobuf.Empty); 801// } 802// 803// The JSON representation for `Empty` is empty JSON object `{}`. 804type Empty struct { 805 // ServerResponse contains the HTTP response code and headers from the 806 // server. 807 googleapi.ServerResponse `json:"-"` 808} 809 810// EnableServiceAccountRequest: The service account enable request. 811type EnableServiceAccountRequest struct { 812} 813 814// Expr: Represents a textual expression in the Common Expression 815// Language (CEL) 816// syntax. CEL is a C-like expression language. The syntax and semantics 817// of CEL 818// are documented at https://github.com/google/cel-spec. 819// 820// Example (Comparison): 821// 822// title: "Summary size limit" 823// description: "Determines if a summary is less than 100 chars" 824// expression: "document.summary.size() < 100" 825// 826// Example (Equality): 827// 828// title: "Requestor is owner" 829// description: "Determines if requestor is the document owner" 830// expression: "document.owner == 831// request.auth.claims.email" 832// 833// Example (Logic): 834// 835// title: "Public documents" 836// description: "Determine whether the document should be publicly 837// visible" 838// expression: "document.type != 'private' && document.type != 839// 'internal'" 840// 841// Example (Data Manipulation): 842// 843// title: "Notification string" 844// description: "Create a notification string with a timestamp." 845// expression: "'New message received at ' + 846// string(document.create_time)" 847// 848// The exact variables and functions that may be referenced within an 849// expression 850// are determined by the service that evaluates it. See the 851// service 852// documentation for additional information. 853type Expr struct { 854 // Description: Optional. Description of the expression. This is a 855 // longer text which 856 // describes the expression, e.g. when hovered over it in a UI. 857 Description string `json:"description,omitempty"` 858 859 // Expression: Textual representation of an expression in Common 860 // Expression Language 861 // syntax. 862 Expression string `json:"expression,omitempty"` 863 864 // Location: Optional. String indicating the location of the expression 865 // for error 866 // reporting, e.g. a file name and a position in the file. 867 Location string `json:"location,omitempty"` 868 869 // Title: Optional. Title for the expression, i.e. a short string 870 // describing 871 // its purpose. This can be used e.g. in UIs which allow to enter 872 // the 873 // expression. 874 Title string `json:"title,omitempty"` 875 876 // ForceSendFields is a list of field names (e.g. "Description") to 877 // unconditionally include in API requests. By default, fields with 878 // empty values are omitted from API requests. However, any non-pointer, 879 // non-interface field appearing in ForceSendFields will be sent to the 880 // server regardless of whether the field is empty or not. This may be 881 // used to include empty fields in Patch requests. 882 ForceSendFields []string `json:"-"` 883 884 // NullFields is a list of field names (e.g. "Description") to include 885 // in API requests with the JSON null value. By default, fields with 886 // empty values are omitted from API requests. However, any field with 887 // an empty value appearing in NullFields will be sent to the server as 888 // null. It is an error if a field in this list has a non-empty value. 889 // This may be used to include null fields in Patch requests. 890 NullFields []string `json:"-"` 891} 892 893func (s *Expr) MarshalJSON() ([]byte, error) { 894 type NoMethod Expr 895 raw := NoMethod(*s) 896 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 897} 898 899// LintPolicyRequest: The request to lint a Cloud IAM policy object. 900type LintPolicyRequest struct { 901 // Condition: google.iam.v1.Binding.condition object to be linted. 902 Condition *Expr `json:"condition,omitempty"` 903 904 // FullResourceName: The full resource name of the policy this lint 905 // request is about. 906 // 907 // The name follows the Google Cloud Platform (GCP) resource format. 908 // For example, a GCP project with ID `my-project` will be 909 // named 910 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 911 // 912 // Th 913 // e resource name is not used to read the policy instance from the 914 // Cloud 915 // IAM database. The candidate policy for lint has to be provided in the 916 // same 917 // request object. 918 FullResourceName string `json:"fullResourceName,omitempty"` 919 920 // ForceSendFields is a list of field names (e.g. "Condition") to 921 // unconditionally include in API requests. By default, fields with 922 // empty values are omitted from API requests. However, any non-pointer, 923 // non-interface field appearing in ForceSendFields will be sent to the 924 // server regardless of whether the field is empty or not. This may be 925 // used to include empty fields in Patch requests. 926 ForceSendFields []string `json:"-"` 927 928 // NullFields is a list of field names (e.g. "Condition") to include in 929 // API requests with the JSON null value. By default, fields with empty 930 // values are omitted from API requests. However, any field with an 931 // empty value appearing in NullFields will be sent to the server as 932 // null. It is an error if a field in this list has a non-empty value. 933 // This may be used to include null fields in Patch requests. 934 NullFields []string `json:"-"` 935} 936 937func (s *LintPolicyRequest) MarshalJSON() ([]byte, error) { 938 type NoMethod LintPolicyRequest 939 raw := NoMethod(*s) 940 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 941} 942 943// LintPolicyResponse: The response of a lint operation. An empty 944// response indicates 945// the operation was able to fully execute and no lint issue was found. 946type LintPolicyResponse struct { 947 // LintResults: List of lint results sorted by `severity` in descending 948 // order. 949 LintResults []*LintResult `json:"lintResults,omitempty"` 950 951 // ServerResponse contains the HTTP response code and headers from the 952 // server. 953 googleapi.ServerResponse `json:"-"` 954 955 // ForceSendFields is a list of field names (e.g. "LintResults") to 956 // unconditionally include in API requests. By default, fields with 957 // empty values are omitted from API requests. However, any non-pointer, 958 // non-interface field appearing in ForceSendFields will be sent to the 959 // server regardless of whether the field is empty or not. This may be 960 // used to include empty fields in Patch requests. 961 ForceSendFields []string `json:"-"` 962 963 // NullFields is a list of field names (e.g. "LintResults") to include 964 // in API requests with the JSON null value. By default, fields with 965 // empty values are omitted from API requests. However, any field with 966 // an empty value appearing in NullFields will be sent to the server as 967 // null. It is an error if a field in this list has a non-empty value. 968 // This may be used to include null fields in Patch requests. 969 NullFields []string `json:"-"` 970} 971 972func (s *LintPolicyResponse) MarshalJSON() ([]byte, error) { 973 type NoMethod LintPolicyResponse 974 raw := NoMethod(*s) 975 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 976} 977 978// LintResult: Structured response of a single validation unit. 979type LintResult struct { 980 // DebugMessage: Human readable debug message associated with the issue. 981 DebugMessage string `json:"debugMessage,omitempty"` 982 983 // FieldName: The name of the field for which this lint result is 984 // about. 985 // 986 // For nested messages `field_name` consists of names of the embedded 987 // fields 988 // separated by period character. The top-level qualifier is the input 989 // object 990 // to lint in the request. For example, the `field_name` 991 // value 992 // `condition.expression` identifies a lint result for the `expression` 993 // field 994 // of the provided condition. 995 FieldName string `json:"fieldName,omitempty"` 996 997 // Level: The validation unit level. 998 // 999 // Possible values: 1000 // "LEVEL_UNSPECIFIED" - Level is unspecified. 1001 // "CONDITION" - A validation unit which operates on an individual 1002 // condition within a 1003 // binding. 1004 Level string `json:"level,omitempty"` 1005 1006 // LocationOffset: 0-based character position of problematic construct 1007 // within the object 1008 // identified by `field_name`. Currently, this is populated only for 1009 // condition 1010 // expression. 1011 LocationOffset int64 `json:"locationOffset,omitempty"` 1012 1013 // Severity: The validation unit severity. 1014 // 1015 // Possible values: 1016 // "SEVERITY_UNSPECIFIED" - Severity is unspecified. 1017 // "ERROR" - A validation unit returns an error only for critical 1018 // issues. If an 1019 // attempt is made to set the problematic policy without rectifying 1020 // the 1021 // critical issue, it causes the `setPolicy` operation to fail. 1022 // "WARNING" - Any issue which is severe enough but does not cause an 1023 // error. 1024 // For example, suspicious constructs in the input object will 1025 // not 1026 // necessarily fail `setPolicy`, but there is a high likelihood that 1027 // they 1028 // won't behave as expected during policy evaluation in 1029 // `checkPolicy`. 1030 // This includes the following common scenarios: 1031 // 1032 // - Unsatisfiable condition: Expired timestamp in date/time 1033 // condition. 1034 // - Ineffective condition: Condition on a <member, role> pair which is 1035 // granted unconditionally in another binding of the same policy. 1036 // "NOTICE" - Reserved for the issues that are not severe as 1037 // `ERROR`/`WARNING`, but 1038 // need special handling. For instance, messages about skipped 1039 // validation 1040 // units are issued as `NOTICE`. 1041 // "INFO" - Any informative statement which is not severe enough to 1042 // raise 1043 // `ERROR`/`WARNING`/`NOTICE`, like auto-correction recommendations on 1044 // the 1045 // input content. Note that current version of the linter does not 1046 // utilize 1047 // `INFO`. 1048 // "DEPRECATED" - Deprecated severity level. 1049 Severity string `json:"severity,omitempty"` 1050 1051 // ValidationUnitName: The validation unit name, for 1052 // instance 1053 // "lintValidationUnits/ConditionComplexityCheck". 1054 ValidationUnitName string `json:"validationUnitName,omitempty"` 1055 1056 // ForceSendFields is a list of field names (e.g. "DebugMessage") to 1057 // unconditionally include in API requests. By default, fields with 1058 // empty values are omitted from API requests. However, any non-pointer, 1059 // non-interface field appearing in ForceSendFields will be sent to the 1060 // server regardless of whether the field is empty or not. This may be 1061 // used to include empty fields in Patch requests. 1062 ForceSendFields []string `json:"-"` 1063 1064 // NullFields is a list of field names (e.g. "DebugMessage") to include 1065 // in API requests with the JSON null value. By default, fields with 1066 // empty values are omitted from API requests. However, any field with 1067 // an empty value appearing in NullFields will be sent to the server as 1068 // null. It is an error if a field in this list has a non-empty value. 1069 // This may be used to include null fields in Patch requests. 1070 NullFields []string `json:"-"` 1071} 1072 1073func (s *LintResult) MarshalJSON() ([]byte, error) { 1074 type NoMethod LintResult 1075 raw := NoMethod(*s) 1076 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1077} 1078 1079// ListRolesResponse: The response containing the roles defined under a 1080// resource. 1081type ListRolesResponse struct { 1082 // NextPageToken: To retrieve the next page of results, 1083 // set 1084 // `ListRolesRequest.page_token` to this value. 1085 NextPageToken string `json:"nextPageToken,omitempty"` 1086 1087 // Roles: The Roles defined on this resource. 1088 Roles []*Role `json:"roles,omitempty"` 1089 1090 // ServerResponse contains the HTTP response code and headers from the 1091 // server. 1092 googleapi.ServerResponse `json:"-"` 1093 1094 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1095 // unconditionally include in API requests. By default, fields with 1096 // empty values are omitted from API requests. However, any non-pointer, 1097 // non-interface field appearing in ForceSendFields will be sent to the 1098 // server regardless of whether the field is empty or not. This may be 1099 // used to include empty fields in Patch requests. 1100 ForceSendFields []string `json:"-"` 1101 1102 // NullFields is a list of field names (e.g. "NextPageToken") to include 1103 // in API requests with the JSON null value. By default, fields with 1104 // empty values are omitted from API requests. However, any field with 1105 // an empty value appearing in NullFields will be sent to the server as 1106 // null. It is an error if a field in this list has a non-empty value. 1107 // This may be used to include null fields in Patch requests. 1108 NullFields []string `json:"-"` 1109} 1110 1111func (s *ListRolesResponse) MarshalJSON() ([]byte, error) { 1112 type NoMethod ListRolesResponse 1113 raw := NoMethod(*s) 1114 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1115} 1116 1117// ListServiceAccountKeysResponse: The service account keys list 1118// response. 1119type ListServiceAccountKeysResponse struct { 1120 // Keys: The public keys for the service account. 1121 Keys []*ServiceAccountKey `json:"keys,omitempty"` 1122 1123 // ServerResponse contains the HTTP response code and headers from the 1124 // server. 1125 googleapi.ServerResponse `json:"-"` 1126 1127 // ForceSendFields is a list of field names (e.g. "Keys") to 1128 // unconditionally include in API requests. By default, fields with 1129 // empty values are omitted from API requests. However, any non-pointer, 1130 // non-interface field appearing in ForceSendFields will be sent to the 1131 // server regardless of whether the field is empty or not. This may be 1132 // used to include empty fields in Patch requests. 1133 ForceSendFields []string `json:"-"` 1134 1135 // NullFields is a list of field names (e.g. "Keys") to include in API 1136 // requests with the JSON null value. By default, fields with empty 1137 // values are omitted from API requests. However, any field with an 1138 // empty value appearing in NullFields will be sent to the server as 1139 // null. It is an error if a field in this list has a non-empty value. 1140 // This may be used to include null fields in Patch requests. 1141 NullFields []string `json:"-"` 1142} 1143 1144func (s *ListServiceAccountKeysResponse) MarshalJSON() ([]byte, error) { 1145 type NoMethod ListServiceAccountKeysResponse 1146 raw := NoMethod(*s) 1147 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1148} 1149 1150// ListServiceAccountsResponse: The service account list response. 1151type ListServiceAccountsResponse struct { 1152 // Accounts: The list of matching service accounts. 1153 Accounts []*ServiceAccount `json:"accounts,omitempty"` 1154 1155 // NextPageToken: To retrieve the next page of results, 1156 // set 1157 // ListServiceAccountsRequest.page_token 1158 // to this value. 1159 NextPageToken string `json:"nextPageToken,omitempty"` 1160 1161 // ServerResponse contains the HTTP response code and headers from the 1162 // server. 1163 googleapi.ServerResponse `json:"-"` 1164 1165 // ForceSendFields is a list of field names (e.g. "Accounts") to 1166 // unconditionally include in API requests. By default, fields with 1167 // empty values are omitted from API requests. However, any non-pointer, 1168 // non-interface field appearing in ForceSendFields will be sent to the 1169 // server regardless of whether the field is empty or not. This may be 1170 // used to include empty fields in Patch requests. 1171 ForceSendFields []string `json:"-"` 1172 1173 // NullFields is a list of field names (e.g. "Accounts") to include in 1174 // API requests with the JSON null value. By default, fields with empty 1175 // values are omitted from API requests. However, any field with an 1176 // empty value appearing in NullFields will be sent to the server as 1177 // null. It is an error if a field in this list has a non-empty value. 1178 // This may be used to include null fields in Patch requests. 1179 NullFields []string `json:"-"` 1180} 1181 1182func (s *ListServiceAccountsResponse) MarshalJSON() ([]byte, error) { 1183 type NoMethod ListServiceAccountsResponse 1184 raw := NoMethod(*s) 1185 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1186} 1187 1188// PatchServiceAccountRequest: The request for 1189// PatchServiceAccount. 1190// 1191// You can patch only the `display_name` and `description` fields. You 1192// must use 1193// the `update_mask` field to specify which of these fields you want to 1194// patch. 1195// 1196// Only the fields specified in the request are guaranteed to be 1197// returned in 1198// the response. Other fields may be empty in the response. 1199type PatchServiceAccountRequest struct { 1200 ServiceAccount *ServiceAccount `json:"serviceAccount,omitempty"` 1201 1202 UpdateMask string `json:"updateMask,omitempty"` 1203 1204 // ForceSendFields is a list of field names (e.g. "ServiceAccount") to 1205 // unconditionally include in API requests. By default, fields with 1206 // empty values are omitted from API requests. However, any non-pointer, 1207 // non-interface field appearing in ForceSendFields will be sent to the 1208 // server regardless of whether the field is empty or not. This may be 1209 // used to include empty fields in Patch requests. 1210 ForceSendFields []string `json:"-"` 1211 1212 // NullFields is a list of field names (e.g. "ServiceAccount") to 1213 // include in API requests with the JSON null value. By default, fields 1214 // with empty values are omitted from API requests. However, any field 1215 // with an empty value appearing in NullFields will be sent to the 1216 // server as null. It is an error if a field in this list has a 1217 // non-empty value. This may be used to include null fields in Patch 1218 // requests. 1219 NullFields []string `json:"-"` 1220} 1221 1222func (s *PatchServiceAccountRequest) MarshalJSON() ([]byte, error) { 1223 type NoMethod PatchServiceAccountRequest 1224 raw := NoMethod(*s) 1225 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1226} 1227 1228// Permission: A permission which can be included by a role. 1229type Permission struct { 1230 // ApiDisabled: The service API associated with the permission is not 1231 // enabled. 1232 ApiDisabled bool `json:"apiDisabled,omitempty"` 1233 1234 // CustomRolesSupportLevel: The current custom role support level. 1235 // 1236 // Possible values: 1237 // "SUPPORTED" - Permission is fully supported for custom role use. 1238 // "TESTING" - Permission is being tested to check custom role 1239 // compatibility. 1240 // "NOT_SUPPORTED" - Permission is not supported for custom role use. 1241 CustomRolesSupportLevel string `json:"customRolesSupportLevel,omitempty"` 1242 1243 // Description: A brief description of what this Permission is used 1244 // for. 1245 // This permission can ONLY be used in predefined roles. 1246 Description string `json:"description,omitempty"` 1247 1248 // Name: The name of this Permission. 1249 Name string `json:"name,omitempty"` 1250 1251 OnlyInPredefinedRoles bool `json:"onlyInPredefinedRoles,omitempty"` 1252 1253 // PrimaryPermission: The preferred name for this permission. If 1254 // present, then this permission is 1255 // an alias of, and equivalent to, the listed primary_permission. 1256 PrimaryPermission string `json:"primaryPermission,omitempty"` 1257 1258 // Stage: The current launch stage of the permission. 1259 // 1260 // Possible values: 1261 // "ALPHA" - The permission is currently in an alpha phase. 1262 // "BETA" - The permission is currently in a beta phase. 1263 // "GA" - The permission is generally available. 1264 // "DEPRECATED" - The permission is being deprecated. 1265 Stage string `json:"stage,omitempty"` 1266 1267 // Title: The title of this Permission. 1268 Title string `json:"title,omitempty"` 1269 1270 // ForceSendFields is a list of field names (e.g. "ApiDisabled") to 1271 // unconditionally include in API requests. By default, fields with 1272 // empty values are omitted from API requests. However, any non-pointer, 1273 // non-interface field appearing in ForceSendFields will be sent to the 1274 // server regardless of whether the field is empty or not. This may be 1275 // used to include empty fields in Patch requests. 1276 ForceSendFields []string `json:"-"` 1277 1278 // NullFields is a list of field names (e.g. "ApiDisabled") to include 1279 // in API requests with the JSON null value. By default, fields with 1280 // empty values are omitted from API requests. However, any field with 1281 // an empty value appearing in NullFields will be sent to the server as 1282 // null. It is an error if a field in this list has a non-empty value. 1283 // This may be used to include null fields in Patch requests. 1284 NullFields []string `json:"-"` 1285} 1286 1287func (s *Permission) MarshalJSON() ([]byte, error) { 1288 type NoMethod Permission 1289 raw := NoMethod(*s) 1290 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1291} 1292 1293// PermissionDelta: A PermissionDelta message to record the 1294// added_permissions and 1295// removed_permissions inside a role. 1296type PermissionDelta struct { 1297 // AddedPermissions: Added permissions. 1298 AddedPermissions []string `json:"addedPermissions,omitempty"` 1299 1300 // RemovedPermissions: Removed permissions. 1301 RemovedPermissions []string `json:"removedPermissions,omitempty"` 1302 1303 // ForceSendFields is a list of field names (e.g. "AddedPermissions") to 1304 // unconditionally include in API requests. By default, fields with 1305 // empty values are omitted from API requests. However, any non-pointer, 1306 // non-interface field appearing in ForceSendFields will be sent to the 1307 // server regardless of whether the field is empty or not. This may be 1308 // used to include empty fields in Patch requests. 1309 ForceSendFields []string `json:"-"` 1310 1311 // NullFields is a list of field names (e.g. "AddedPermissions") to 1312 // include in API requests with the JSON null value. By default, fields 1313 // with empty values are omitted from API requests. However, any field 1314 // with an empty value appearing in NullFields will be sent to the 1315 // server as null. It is an error if a field in this list has a 1316 // non-empty value. This may be used to include null fields in Patch 1317 // requests. 1318 NullFields []string `json:"-"` 1319} 1320 1321func (s *PermissionDelta) MarshalJSON() ([]byte, error) { 1322 type NoMethod PermissionDelta 1323 raw := NoMethod(*s) 1324 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1325} 1326 1327// Policy: An Identity and Access Management (IAM) policy, which 1328// specifies access 1329// controls for Google Cloud resources. 1330// 1331// 1332// A `Policy` is a collection of `bindings`. A `binding` binds one or 1333// more 1334// `members` to a single `role`. Members can be user accounts, service 1335// accounts, 1336// Google groups, and domains (such as G Suite). A `role` is a named 1337// list of 1338// permissions; each `role` can be an IAM predefined role or a 1339// user-created 1340// custom role. 1341// 1342// For some types of Google Cloud resources, a `binding` can also 1343// specify a 1344// `condition`, which is a logical expression that allows access to a 1345// resource 1346// only if the expression evaluates to `true`. A condition can add 1347// constraints 1348// based on attributes of the request, the resource, or both. To learn 1349// which 1350// resources support conditions in their IAM policies, see the 1351// [IAM 1352// documentation](https://cloud.google.com/iam/help/conditions/resource-p 1353// olicies). 1354// 1355// **JSON example:** 1356// 1357// { 1358// "bindings": [ 1359// { 1360// "role": "roles/resourcemanager.organizationAdmin", 1361// "members": [ 1362// "user:mike@example.com", 1363// "group:admins@example.com", 1364// "domain:google.com", 1365// 1366// "serviceAccount:my-project-id@appspot.gserviceaccount.com" 1367// ] 1368// }, 1369// { 1370// "role": "roles/resourcemanager.organizationViewer", 1371// "members": [ 1372// "user:eve@example.com" 1373// ], 1374// "condition": { 1375// "title": "expirable access", 1376// "description": "Does not grant access after Sep 2020", 1377// "expression": "request.time < 1378// timestamp('2020-10-01T00:00:00.000Z')", 1379// } 1380// } 1381// ], 1382// "etag": "BwWWja0YfJA=", 1383// "version": 3 1384// } 1385// 1386// **YAML example:** 1387// 1388// bindings: 1389// - members: 1390// - user:mike@example.com 1391// - group:admins@example.com 1392// - domain:google.com 1393// - serviceAccount:my-project-id@appspot.gserviceaccount.com 1394// role: roles/resourcemanager.organizationAdmin 1395// - members: 1396// - user:eve@example.com 1397// role: roles/resourcemanager.organizationViewer 1398// condition: 1399// title: expirable access 1400// description: Does not grant access after Sep 2020 1401// expression: request.time < 1402// timestamp('2020-10-01T00:00:00.000Z') 1403// - etag: BwWWja0YfJA= 1404// - version: 3 1405// 1406// For a description of IAM and its features, see the 1407// [IAM documentation](https://cloud.google.com/iam/docs/). 1408type Policy struct { 1409 // AuditConfigs: Specifies cloud audit logging configuration for this 1410 // policy. 1411 AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"` 1412 1413 // Bindings: Associates a list of `members` to a `role`. Optionally, may 1414 // specify a 1415 // `condition` that determines how and when the `bindings` are applied. 1416 // Each 1417 // of the `bindings` must contain at least one member. 1418 Bindings []*Binding `json:"bindings,omitempty"` 1419 1420 // Etag: `etag` is used for optimistic concurrency control as a way to 1421 // help 1422 // prevent simultaneous updates of a policy from overwriting each 1423 // other. 1424 // It is strongly suggested that systems make use of the `etag` in 1425 // the 1426 // read-modify-write cycle to perform policy updates in order to avoid 1427 // race 1428 // conditions: An `etag` is returned in the response to `getIamPolicy`, 1429 // and 1430 // systems are expected to put that etag in the request to 1431 // `setIamPolicy` to 1432 // ensure that their change will be applied to the same version of the 1433 // policy. 1434 // 1435 // **Important:** If you use IAM Conditions, you must include the `etag` 1436 // field 1437 // whenever you call `setIamPolicy`. If you omit this field, then IAM 1438 // allows 1439 // you to overwrite a version `3` policy with a version `1` policy, and 1440 // all of 1441 // the conditions in the version `3` policy are lost. 1442 Etag string `json:"etag,omitempty"` 1443 1444 // Version: Specifies the format of the policy. 1445 // 1446 // Valid values are `0`, `1`, and `3`. Requests that specify an invalid 1447 // value 1448 // are rejected. 1449 // 1450 // Any operation that affects conditional role bindings must specify 1451 // version 1452 // `3`. This requirement applies to the following operations: 1453 // 1454 // * Getting a policy that includes a conditional role binding 1455 // * Adding a conditional role binding to a policy 1456 // * Changing a conditional role binding in a policy 1457 // * Removing any role binding, with or without a condition, from a 1458 // policy 1459 // that includes conditions 1460 // 1461 // **Important:** If you use IAM Conditions, you must include the `etag` 1462 // field 1463 // whenever you call `setIamPolicy`. If you omit this field, then IAM 1464 // allows 1465 // you to overwrite a version `3` policy with a version `1` policy, and 1466 // all of 1467 // the conditions in the version `3` policy are lost. 1468 // 1469 // If a policy does not include any conditions, operations on that 1470 // policy may 1471 // specify any valid version or leave the field unset. 1472 // 1473 // To learn which resources support conditions in their IAM policies, 1474 // see the 1475 // [IAM 1476 // documentation](https://cloud.google.com/iam/help/conditions/resource-p 1477 // olicies). 1478 Version int64 `json:"version,omitempty"` 1479 1480 // ServerResponse contains the HTTP response code and headers from the 1481 // server. 1482 googleapi.ServerResponse `json:"-"` 1483 1484 // ForceSendFields is a list of field names (e.g. "AuditConfigs") to 1485 // unconditionally include in API requests. By default, fields with 1486 // empty values are omitted from API requests. However, any non-pointer, 1487 // non-interface field appearing in ForceSendFields will be sent to the 1488 // server regardless of whether the field is empty or not. This may be 1489 // used to include empty fields in Patch requests. 1490 ForceSendFields []string `json:"-"` 1491 1492 // NullFields is a list of field names (e.g. "AuditConfigs") to include 1493 // in API requests with the JSON null value. By default, fields with 1494 // empty values are omitted from API requests. However, any field with 1495 // an empty value appearing in NullFields will be sent to the server as 1496 // null. It is an error if a field in this list has a non-empty value. 1497 // This may be used to include null fields in Patch requests. 1498 NullFields []string `json:"-"` 1499} 1500 1501func (s *Policy) MarshalJSON() ([]byte, error) { 1502 type NoMethod Policy 1503 raw := NoMethod(*s) 1504 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1505} 1506 1507// PolicyDelta: The difference delta between two policies. 1508type PolicyDelta struct { 1509 // BindingDeltas: The delta for Bindings between two policies. 1510 BindingDeltas []*BindingDelta `json:"bindingDeltas,omitempty"` 1511 1512 // ForceSendFields is a list of field names (e.g. "BindingDeltas") to 1513 // unconditionally include in API requests. By default, fields with 1514 // empty values are omitted from API requests. However, any non-pointer, 1515 // non-interface field appearing in ForceSendFields will be sent to the 1516 // server regardless of whether the field is empty or not. This may be 1517 // used to include empty fields in Patch requests. 1518 ForceSendFields []string `json:"-"` 1519 1520 // NullFields is a list of field names (e.g. "BindingDeltas") to include 1521 // in API requests with the JSON null value. By default, fields with 1522 // empty values are omitted from API requests. However, any field with 1523 // an empty value appearing in NullFields will be sent to the server as 1524 // null. It is an error if a field in this list has a non-empty value. 1525 // This may be used to include null fields in Patch requests. 1526 NullFields []string `json:"-"` 1527} 1528 1529func (s *PolicyDelta) MarshalJSON() ([]byte, error) { 1530 type NoMethod PolicyDelta 1531 raw := NoMethod(*s) 1532 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1533} 1534 1535// QueryAuditableServicesRequest: A request to get the list of auditable 1536// services for a resource. 1537type QueryAuditableServicesRequest struct { 1538 // FullResourceName: Required. The full resource name to query from the 1539 // list of auditable 1540 // services. 1541 // 1542 // The name follows the Google Cloud Platform resource format. 1543 // For example, a Cloud Platform project with id `my-project` will be 1544 // named 1545 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1546 FullResourceName string `json:"fullResourceName,omitempty"` 1547 1548 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1549 // unconditionally include in API requests. By default, fields with 1550 // empty values are omitted from API requests. However, any non-pointer, 1551 // non-interface field appearing in ForceSendFields will be sent to the 1552 // server regardless of whether the field is empty or not. This may be 1553 // used to include empty fields in Patch requests. 1554 ForceSendFields []string `json:"-"` 1555 1556 // NullFields is a list of field names (e.g. "FullResourceName") to 1557 // include in API requests with the JSON null value. By default, fields 1558 // with empty values are omitted from API requests. However, any field 1559 // with an empty value appearing in NullFields will be sent to the 1560 // server as null. It is an error if a field in this list has a 1561 // non-empty value. This may be used to include null fields in Patch 1562 // requests. 1563 NullFields []string `json:"-"` 1564} 1565 1566func (s *QueryAuditableServicesRequest) MarshalJSON() ([]byte, error) { 1567 type NoMethod QueryAuditableServicesRequest 1568 raw := NoMethod(*s) 1569 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1570} 1571 1572// QueryAuditableServicesResponse: A response containing a list of 1573// auditable services for a resource. 1574type QueryAuditableServicesResponse struct { 1575 // Services: The auditable services for a resource. 1576 Services []*AuditableService `json:"services,omitempty"` 1577 1578 // ServerResponse contains the HTTP response code and headers from the 1579 // server. 1580 googleapi.ServerResponse `json:"-"` 1581 1582 // ForceSendFields is a list of field names (e.g. "Services") to 1583 // unconditionally include in API requests. By default, fields with 1584 // empty values are omitted from API requests. However, any non-pointer, 1585 // non-interface field appearing in ForceSendFields will be sent to the 1586 // server regardless of whether the field is empty or not. This may be 1587 // used to include empty fields in Patch requests. 1588 ForceSendFields []string `json:"-"` 1589 1590 // NullFields is a list of field names (e.g. "Services") to include in 1591 // API requests with the JSON null value. By default, fields with empty 1592 // values are omitted from API requests. However, any field with an 1593 // empty value appearing in NullFields will be sent to the server as 1594 // null. It is an error if a field in this list has a non-empty value. 1595 // This may be used to include null fields in Patch requests. 1596 NullFields []string `json:"-"` 1597} 1598 1599func (s *QueryAuditableServicesResponse) MarshalJSON() ([]byte, error) { 1600 type NoMethod QueryAuditableServicesResponse 1601 raw := NoMethod(*s) 1602 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1603} 1604 1605// QueryGrantableRolesRequest: The grantable role query request. 1606type QueryGrantableRolesRequest struct { 1607 // FullResourceName: Required. The full resource name to query from the 1608 // list of grantable roles. 1609 // 1610 // The name follows the Google Cloud Platform resource format. 1611 // For example, a Cloud Platform project with id `my-project` will be 1612 // named 1613 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1614 FullResourceName string `json:"fullResourceName,omitempty"` 1615 1616 // PageSize: Optional limit on the number of roles to include in the 1617 // response. 1618 // 1619 // The default is 300, and the maximum is 1,000. 1620 PageSize int64 `json:"pageSize,omitempty"` 1621 1622 // PageToken: Optional pagination token returned in an 1623 // earlier 1624 // QueryGrantableRolesResponse. 1625 PageToken string `json:"pageToken,omitempty"` 1626 1627 // Possible values: 1628 // "BASIC" - Omits the `included_permissions` field. 1629 // This is the default value. 1630 // "FULL" - Returns all fields. 1631 View string `json:"view,omitempty"` 1632 1633 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1634 // unconditionally include in API requests. By default, fields with 1635 // empty values are omitted from API requests. However, any non-pointer, 1636 // non-interface field appearing in ForceSendFields will be sent to the 1637 // server regardless of whether the field is empty or not. This may be 1638 // used to include empty fields in Patch requests. 1639 ForceSendFields []string `json:"-"` 1640 1641 // NullFields is a list of field names (e.g. "FullResourceName") to 1642 // include in API requests with the JSON null value. By default, fields 1643 // with empty values are omitted from API requests. However, any field 1644 // with an empty value appearing in NullFields will be sent to the 1645 // server as null. It is an error if a field in this list has a 1646 // non-empty value. This may be used to include null fields in Patch 1647 // requests. 1648 NullFields []string `json:"-"` 1649} 1650 1651func (s *QueryGrantableRolesRequest) MarshalJSON() ([]byte, error) { 1652 type NoMethod QueryGrantableRolesRequest 1653 raw := NoMethod(*s) 1654 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1655} 1656 1657// QueryGrantableRolesResponse: The grantable role query response. 1658type QueryGrantableRolesResponse struct { 1659 // NextPageToken: To retrieve the next page of results, 1660 // set 1661 // `QueryGrantableRolesRequest.page_token` to this value. 1662 NextPageToken string `json:"nextPageToken,omitempty"` 1663 1664 // Roles: The list of matching roles. 1665 Roles []*Role `json:"roles,omitempty"` 1666 1667 // ServerResponse contains the HTTP response code and headers from the 1668 // server. 1669 googleapi.ServerResponse `json:"-"` 1670 1671 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1672 // unconditionally include in API requests. By default, fields with 1673 // empty values are omitted from API requests. However, any non-pointer, 1674 // non-interface field appearing in ForceSendFields will be sent to the 1675 // server regardless of whether the field is empty or not. This may be 1676 // used to include empty fields in Patch requests. 1677 ForceSendFields []string `json:"-"` 1678 1679 // NullFields is a list of field names (e.g. "NextPageToken") to include 1680 // in API requests with the JSON null value. By default, fields with 1681 // empty values are omitted from API requests. However, any field with 1682 // an empty value appearing in NullFields will be sent to the server as 1683 // null. It is an error if a field in this list has a non-empty value. 1684 // This may be used to include null fields in Patch requests. 1685 NullFields []string `json:"-"` 1686} 1687 1688func (s *QueryGrantableRolesResponse) MarshalJSON() ([]byte, error) { 1689 type NoMethod QueryGrantableRolesResponse 1690 raw := NoMethod(*s) 1691 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1692} 1693 1694// QueryTestablePermissionsRequest: A request to get permissions which 1695// can be tested on a resource. 1696type QueryTestablePermissionsRequest struct { 1697 // FullResourceName: Required. The full resource name to query from the 1698 // list of testable 1699 // permissions. 1700 // 1701 // The name follows the Google Cloud Platform resource format. 1702 // For example, a Cloud Platform project with id `my-project` will be 1703 // named 1704 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1705 FullResourceName string `json:"fullResourceName,omitempty"` 1706 1707 // PageSize: Optional limit on the number of permissions to include in 1708 // the response. 1709 // 1710 // The default is 100, and the maximum is 1,000. 1711 PageSize int64 `json:"pageSize,omitempty"` 1712 1713 // PageToken: Optional pagination token returned in an 1714 // earlier 1715 // QueryTestablePermissionsRequest. 1716 PageToken string `json:"pageToken,omitempty"` 1717 1718 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1719 // unconditionally include in API requests. By default, fields with 1720 // empty values are omitted from API requests. However, any non-pointer, 1721 // non-interface field appearing in ForceSendFields will be sent to the 1722 // server regardless of whether the field is empty or not. This may be 1723 // used to include empty fields in Patch requests. 1724 ForceSendFields []string `json:"-"` 1725 1726 // NullFields is a list of field names (e.g. "FullResourceName") to 1727 // include in API requests with the JSON null value. By default, fields 1728 // with empty values are omitted from API requests. However, any field 1729 // with an empty value appearing in NullFields will be sent to the 1730 // server as null. It is an error if a field in this list has a 1731 // non-empty value. This may be used to include null fields in Patch 1732 // requests. 1733 NullFields []string `json:"-"` 1734} 1735 1736func (s *QueryTestablePermissionsRequest) MarshalJSON() ([]byte, error) { 1737 type NoMethod QueryTestablePermissionsRequest 1738 raw := NoMethod(*s) 1739 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1740} 1741 1742// QueryTestablePermissionsResponse: The response containing permissions 1743// which can be tested on a resource. 1744type QueryTestablePermissionsResponse struct { 1745 // NextPageToken: To retrieve the next page of results, 1746 // set 1747 // `QueryTestableRolesRequest.page_token` to this value. 1748 NextPageToken string `json:"nextPageToken,omitempty"` 1749 1750 // Permissions: The Permissions testable on the requested resource. 1751 Permissions []*Permission `json:"permissions,omitempty"` 1752 1753 // ServerResponse contains the HTTP response code and headers from the 1754 // server. 1755 googleapi.ServerResponse `json:"-"` 1756 1757 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1758 // unconditionally include in API requests. By default, fields with 1759 // empty values are omitted from API requests. However, any non-pointer, 1760 // non-interface field appearing in ForceSendFields will be sent to the 1761 // server regardless of whether the field is empty or not. This may be 1762 // used to include empty fields in Patch requests. 1763 ForceSendFields []string `json:"-"` 1764 1765 // NullFields is a list of field names (e.g. "NextPageToken") to include 1766 // in API requests with the JSON null value. By default, fields with 1767 // empty values are omitted from API requests. However, any field with 1768 // an empty value appearing in NullFields will be sent to the server as 1769 // null. It is an error if a field in this list has a non-empty value. 1770 // This may be used to include null fields in Patch requests. 1771 NullFields []string `json:"-"` 1772} 1773 1774func (s *QueryTestablePermissionsResponse) MarshalJSON() ([]byte, error) { 1775 type NoMethod QueryTestablePermissionsResponse 1776 raw := NoMethod(*s) 1777 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1778} 1779 1780// Role: A role in the Identity and Access Management API. 1781type Role struct { 1782 // Deleted: The current deleted state of the role. This field is read 1783 // only. 1784 // It will be ignored in calls to CreateRole and UpdateRole. 1785 Deleted bool `json:"deleted,omitempty"` 1786 1787 // Description: Optional. A human-readable description for the role. 1788 Description string `json:"description,omitempty"` 1789 1790 // Etag: Used to perform a consistent read-modify-write. 1791 Etag string `json:"etag,omitempty"` 1792 1793 // IncludedPermissions: The names of the permissions this role grants 1794 // when bound in an IAM policy. 1795 IncludedPermissions []string `json:"includedPermissions,omitempty"` 1796 1797 // Name: The name of the role. 1798 // 1799 // When Role is used in CreateRole, the role name must not be set. 1800 // 1801 // When Role is used in output and other input such as UpdateRole, the 1802 // role 1803 // name is the complete path, e.g., roles/logging.viewer for predefined 1804 // roles 1805 // and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom 1806 // roles. 1807 Name string `json:"name,omitempty"` 1808 1809 // Stage: The current launch stage of the role. If the `ALPHA` launch 1810 // stage has been 1811 // selected for a role, the `stage` field will not be included in 1812 // the 1813 // returned definition for the role. 1814 // 1815 // Possible values: 1816 // "ALPHA" - The user has indicated this role is currently in an Alpha 1817 // phase. If this 1818 // launch stage is selected, the `stage` field will not be included 1819 // when 1820 // requesting the definition for a given role. 1821 // "BETA" - The user has indicated this role is currently in a Beta 1822 // phase. 1823 // "GA" - The user has indicated this role is generally available. 1824 // "DEPRECATED" - The user has indicated this role is being 1825 // deprecated. 1826 // "DISABLED" - This role is disabled and will not contribute 1827 // permissions to any members 1828 // it is granted to in policies. 1829 // "EAP" - The user has indicated this role is currently in an EAP 1830 // phase. 1831 Stage string `json:"stage,omitempty"` 1832 1833 // Title: Optional. A human-readable title for the role. Typically 1834 // this 1835 // is limited to 100 UTF-8 bytes. 1836 Title string `json:"title,omitempty"` 1837 1838 // ServerResponse contains the HTTP response code and headers from the 1839 // server. 1840 googleapi.ServerResponse `json:"-"` 1841 1842 // ForceSendFields is a list of field names (e.g. "Deleted") to 1843 // unconditionally include in API requests. By default, fields with 1844 // empty values are omitted from API requests. However, any non-pointer, 1845 // non-interface field appearing in ForceSendFields will be sent to the 1846 // server regardless of whether the field is empty or not. This may be 1847 // used to include empty fields in Patch requests. 1848 ForceSendFields []string `json:"-"` 1849 1850 // NullFields is a list of field names (e.g. "Deleted") to include in 1851 // API requests with the JSON null value. By default, fields with empty 1852 // values are omitted from API requests. However, any field with an 1853 // empty value appearing in NullFields will be sent to the server as 1854 // null. It is an error if a field in this list has a non-empty value. 1855 // This may be used to include null fields in Patch requests. 1856 NullFields []string `json:"-"` 1857} 1858 1859func (s *Role) MarshalJSON() ([]byte, error) { 1860 type NoMethod Role 1861 raw := NoMethod(*s) 1862 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1863} 1864 1865// ServiceAccount: An IAM service account. 1866// 1867// A service account is an account for an application or a virtual 1868// machine (VM) 1869// instance, not a person. You can use a service account to call Google 1870// APIs. To 1871// learn more, read the [overview of 1872// service 1873// accounts](https://cloud.google.com/iam/help/service-accounts/o 1874// verview). 1875// 1876// When you create a service account, you specify the project ID that 1877// owns the 1878// service account, as well as a name that must be unique within the 1879// project. 1880// IAM uses these values to create an email address that identifies the 1881// service 1882// account. 1883type ServiceAccount struct { 1884 // Description: Optional. A user-specified, human-readable description 1885 // of the service account. The 1886 // maximum length is 256 UTF-8 bytes. 1887 Description string `json:"description,omitempty"` 1888 1889 // Disabled: Output only. Whether the service account is disabled. 1890 Disabled bool `json:"disabled,omitempty"` 1891 1892 // DisplayName: Optional. A user-specified, human-readable name for the 1893 // service account. The maximum 1894 // length is 100 UTF-8 bytes. 1895 DisplayName string `json:"displayName,omitempty"` 1896 1897 // Email: Output only. The email address of the service account. 1898 Email string `json:"email,omitempty"` 1899 1900 // Etag: Deprecated. Do not use. 1901 Etag string `json:"etag,omitempty"` 1902 1903 // Name: The resource name of the service account. 1904 // 1905 // Use one of the following formats: 1906 // 1907 // * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` 1908 // * `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` 1909 // 1910 // As an alternative, you can use the `-` wildcard character instead of 1911 // the 1912 // project ID: 1913 // 1914 // * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` 1915 // * `projects/-/serviceAccounts/{UNIQUE_ID}` 1916 // 1917 // When possible, avoid using the `-` wildcard character, because it can 1918 // cause 1919 // response messages to contain misleading error codes. For example, if 1920 // you 1921 // try to get the service 1922 // account 1923 // `projects/-/serviceAccounts/fake@example.com`, which does not exist, 1924 // the 1925 // response contains an HTTP `403 Forbidden` error instead of a `404 1926 // Not 1927 // Found` error. 1928 Name string `json:"name,omitempty"` 1929 1930 // Oauth2ClientId: Output only. The OAuth 2.0 client ID for the service 1931 // account. 1932 Oauth2ClientId string `json:"oauth2ClientId,omitempty"` 1933 1934 // ProjectId: Output only. The ID of the project that owns the service 1935 // account. 1936 ProjectId string `json:"projectId,omitempty"` 1937 1938 // UniqueId: Output only. The unique, stable numeric ID for the service 1939 // account. 1940 // 1941 // Each service account retains its unique ID even if you delete the 1942 // service 1943 // account. For example, if you delete a service account, then create a 1944 // new 1945 // service account with the same name, the new service account has a 1946 // different 1947 // unique ID than the deleted service account. 1948 UniqueId string `json:"uniqueId,omitempty"` 1949 1950 // ServerResponse contains the HTTP response code and headers from the 1951 // server. 1952 googleapi.ServerResponse `json:"-"` 1953 1954 // ForceSendFields is a list of field names (e.g. "Description") to 1955 // unconditionally include in API requests. By default, fields with 1956 // empty values are omitted from API requests. However, any non-pointer, 1957 // non-interface field appearing in ForceSendFields will be sent to the 1958 // server regardless of whether the field is empty or not. This may be 1959 // used to include empty fields in Patch requests. 1960 ForceSendFields []string `json:"-"` 1961 1962 // NullFields is a list of field names (e.g. "Description") to include 1963 // in API requests with the JSON null value. By default, fields with 1964 // empty values are omitted from API requests. However, any field with 1965 // an empty value appearing in NullFields will be sent to the server as 1966 // null. It is an error if a field in this list has a non-empty value. 1967 // This may be used to include null fields in Patch requests. 1968 NullFields []string `json:"-"` 1969} 1970 1971func (s *ServiceAccount) MarshalJSON() ([]byte, error) { 1972 type NoMethod ServiceAccount 1973 raw := NoMethod(*s) 1974 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1975} 1976 1977// ServiceAccountKey: Represents a service account key. 1978// 1979// A service account has two sets of key-pairs: user-managed, 1980// and 1981// system-managed. 1982// 1983// User-managed key-pairs can be created and deleted by users. Users 1984// are 1985// responsible for rotating these keys periodically to ensure security 1986// of 1987// their service accounts. Users retain the private key of these 1988// key-pairs, 1989// and Google retains ONLY the public key. 1990// 1991// System-managed keys are automatically rotated by Google, and are used 1992// for 1993// signing for a maximum of two weeks. The rotation process is 1994// probabilistic, 1995// and usage of the new key will gradually ramp up and down over the 1996// key's 1997// lifetime. We recommend caching the public key set for a service 1998// account for 1999// no more than 24 hours to ensure you have access to the latest 2000// keys. 2001// 2002// Public keys for all service accounts are also published at the 2003// OAuth2 2004// Service Account API. 2005type ServiceAccountKey struct { 2006 // KeyAlgorithm: Specifies the algorithm (and possibly key size) for the 2007 // key. 2008 // 2009 // Possible values: 2010 // "KEY_ALG_UNSPECIFIED" - An unspecified key algorithm. 2011 // "KEY_ALG_RSA_1024" - 1k RSA Key. 2012 // "KEY_ALG_RSA_2048" - 2k RSA Key. 2013 KeyAlgorithm string `json:"keyAlgorithm,omitempty"` 2014 2015 // KeyOrigin: The key origin. 2016 // 2017 // Possible values: 2018 // "ORIGIN_UNSPECIFIED" - Unspecified key origin. 2019 // "USER_PROVIDED" - Key is provided by user. 2020 // "GOOGLE_PROVIDED" - Key is provided by Google. 2021 KeyOrigin string `json:"keyOrigin,omitempty"` 2022 2023 // KeyType: The key type. 2024 // 2025 // Possible values: 2026 // "KEY_TYPE_UNSPECIFIED" - Unspecified key type. The presence of this 2027 // in the 2028 // message will immediately result in an error. 2029 // "USER_MANAGED" - User-managed keys (managed and rotated by the 2030 // user). 2031 // "SYSTEM_MANAGED" - System-managed keys (managed and rotated by 2032 // Google). 2033 KeyType string `json:"keyType,omitempty"` 2034 2035 // Name: The resource name of the service account key in the following 2036 // format 2037 // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. 2038 Name string `json:"name,omitempty"` 2039 2040 // PrivateKeyData: The private key data. Only provided in 2041 // `CreateServiceAccountKey` 2042 // responses. Make sure to keep the private key data secure because 2043 // it 2044 // allows for the assertion of the service account identity. 2045 // When base64 decoded, the private key data can be used to authenticate 2046 // with 2047 // Google API client libraries and with 2048 // <a 2049 // href="/sdk/gcloud/reference/auth/activate-service-account">gcloud 2050 // auth 2051 // activate-service-account</a>. 2052 PrivateKeyData string `json:"privateKeyData,omitempty"` 2053 2054 // PrivateKeyType: The output format for the private key. 2055 // Only provided in `CreateServiceAccountKey` responses, not 2056 // in `GetServiceAccountKey` or `ListServiceAccountKey` 2057 // responses. 2058 // 2059 // Google never exposes system-managed private keys, and never 2060 // retains 2061 // user-managed private keys. 2062 // 2063 // Possible values: 2064 // "TYPE_UNSPECIFIED" - Unspecified. Equivalent to 2065 // `TYPE_GOOGLE_CREDENTIALS_FILE`. 2066 // "TYPE_PKCS12_FILE" - PKCS12 format. 2067 // The password for the PKCS12 file is `notasecret`. 2068 // For more information, see https://tools.ietf.org/html/rfc7292. 2069 // "TYPE_GOOGLE_CREDENTIALS_FILE" - Google Credentials File format. 2070 PrivateKeyType string `json:"privateKeyType,omitempty"` 2071 2072 // PublicKeyData: The public key data. Only provided in 2073 // `GetServiceAccountKey` responses. 2074 PublicKeyData string `json:"publicKeyData,omitempty"` 2075 2076 // ValidAfterTime: The key can be used after this timestamp. 2077 ValidAfterTime string `json:"validAfterTime,omitempty"` 2078 2079 // ValidBeforeTime: The key can be used before this timestamp. 2080 // For system-managed key pairs, this timestamp is the end time for 2081 // the 2082 // private key signing operation. The public key could still be used 2083 // for verification for a few hours after this time. 2084 ValidBeforeTime string `json:"validBeforeTime,omitempty"` 2085 2086 // ServerResponse contains the HTTP response code and headers from the 2087 // server. 2088 googleapi.ServerResponse `json:"-"` 2089 2090 // ForceSendFields is a list of field names (e.g. "KeyAlgorithm") to 2091 // unconditionally include in API requests. By default, fields with 2092 // empty values are omitted from API requests. However, any non-pointer, 2093 // non-interface field appearing in ForceSendFields will be sent to the 2094 // server regardless of whether the field is empty or not. This may be 2095 // used to include empty fields in Patch requests. 2096 ForceSendFields []string `json:"-"` 2097 2098 // NullFields is a list of field names (e.g. "KeyAlgorithm") to include 2099 // in API requests with the JSON null value. By default, fields with 2100 // empty values are omitted from API requests. However, any field with 2101 // an empty value appearing in NullFields will be sent to the server as 2102 // null. It is an error if a field in this list has a non-empty value. 2103 // This may be used to include null fields in Patch requests. 2104 NullFields []string `json:"-"` 2105} 2106 2107func (s *ServiceAccountKey) MarshalJSON() ([]byte, error) { 2108 type NoMethod ServiceAccountKey 2109 raw := NoMethod(*s) 2110 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2111} 2112 2113// SetIamPolicyRequest: Request message for `SetIamPolicy` method. 2114type SetIamPolicyRequest struct { 2115 // Policy: REQUIRED: The complete policy to be applied to the 2116 // `resource`. The size of 2117 // the policy is limited to a few 10s of KB. An empty policy is a 2118 // valid policy but certain Cloud Platform services (such as 2119 // Projects) 2120 // might reject them. 2121 Policy *Policy `json:"policy,omitempty"` 2122 2123 // UpdateMask: OPTIONAL: A FieldMask specifying which fields of the 2124 // policy to modify. Only 2125 // the fields in the mask will be modified. If no mask is provided, 2126 // the 2127 // following default mask is used: 2128 // 2129 // `paths: "bindings, etag" 2130 UpdateMask string `json:"updateMask,omitempty"` 2131 2132 // ForceSendFields is a list of field names (e.g. "Policy") to 2133 // unconditionally include in API requests. By default, fields with 2134 // empty values are omitted from API requests. However, any non-pointer, 2135 // non-interface field appearing in ForceSendFields will be sent to the 2136 // server regardless of whether the field is empty or not. This may be 2137 // used to include empty fields in Patch requests. 2138 ForceSendFields []string `json:"-"` 2139 2140 // NullFields is a list of field names (e.g. "Policy") to include in API 2141 // requests with the JSON null value. By default, fields with empty 2142 // values are omitted from API requests. However, any field with an 2143 // empty value appearing in NullFields will be sent to the server as 2144 // null. It is an error if a field in this list has a non-empty value. 2145 // This may be used to include null fields in Patch requests. 2146 NullFields []string `json:"-"` 2147} 2148 2149func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) { 2150 type NoMethod SetIamPolicyRequest 2151 raw := NoMethod(*s) 2152 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2153} 2154 2155// SignBlobRequest: The service account sign blob request. 2156type SignBlobRequest struct { 2157 // BytesToSign: Required. The bytes to sign. 2158 BytesToSign string `json:"bytesToSign,omitempty"` 2159 2160 // ForceSendFields is a list of field names (e.g. "BytesToSign") to 2161 // unconditionally include in API requests. By default, fields with 2162 // empty values are omitted from API requests. However, any non-pointer, 2163 // non-interface field appearing in ForceSendFields will be sent to the 2164 // server regardless of whether the field is empty or not. This may be 2165 // used to include empty fields in Patch requests. 2166 ForceSendFields []string `json:"-"` 2167 2168 // NullFields is a list of field names (e.g. "BytesToSign") to include 2169 // in API requests with the JSON null value. By default, fields with 2170 // empty values are omitted from API requests. However, any field with 2171 // an empty value appearing in NullFields will be sent to the server as 2172 // null. It is an error if a field in this list has a non-empty value. 2173 // This may be used to include null fields in Patch requests. 2174 NullFields []string `json:"-"` 2175} 2176 2177func (s *SignBlobRequest) MarshalJSON() ([]byte, error) { 2178 type NoMethod SignBlobRequest 2179 raw := NoMethod(*s) 2180 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2181} 2182 2183// SignBlobResponse: The service account sign blob response. 2184type SignBlobResponse struct { 2185 // KeyId: The id of the key used to sign the blob. 2186 KeyId string `json:"keyId,omitempty"` 2187 2188 // Signature: The signed blob. 2189 Signature string `json:"signature,omitempty"` 2190 2191 // ServerResponse contains the HTTP response code and headers from the 2192 // server. 2193 googleapi.ServerResponse `json:"-"` 2194 2195 // ForceSendFields is a list of field names (e.g. "KeyId") to 2196 // unconditionally include in API requests. By default, fields with 2197 // empty values are omitted from API requests. However, any non-pointer, 2198 // non-interface field appearing in ForceSendFields will be sent to the 2199 // server regardless of whether the field is empty or not. This may be 2200 // used to include empty fields in Patch requests. 2201 ForceSendFields []string `json:"-"` 2202 2203 // NullFields is a list of field names (e.g. "KeyId") to include in API 2204 // requests with the JSON null value. By default, fields with empty 2205 // values are omitted from API requests. However, any field with an 2206 // empty value appearing in NullFields will be sent to the server as 2207 // null. It is an error if a field in this list has a non-empty value. 2208 // This may be used to include null fields in Patch requests. 2209 NullFields []string `json:"-"` 2210} 2211 2212func (s *SignBlobResponse) MarshalJSON() ([]byte, error) { 2213 type NoMethod SignBlobResponse 2214 raw := NoMethod(*s) 2215 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2216} 2217 2218// SignJwtRequest: The service account sign JWT request. 2219type SignJwtRequest struct { 2220 // Payload: Required. The JWT payload to sign. Must be a serialized JSON 2221 // object that contains a 2222 // JWT Claims Set. For example: `{"sub": "user@example.com", "iat": 2223 // 313435}` 2224 // 2225 // If the JWT Claims Set contains an expiration time (`exp`) claim, it 2226 // must be 2227 // an integer timestamp that is not in the past and no more than 1 hour 2228 // in the 2229 // future. 2230 // 2231 // If the JWT Claims Set does not contain an expiration time (`exp`) 2232 // claim, 2233 // this claim is added automatically, with a timestamp that is 1 hour in 2234 // the 2235 // future. 2236 Payload string `json:"payload,omitempty"` 2237 2238 // ForceSendFields is a list of field names (e.g. "Payload") to 2239 // unconditionally include in API requests. By default, fields with 2240 // empty values are omitted from API requests. However, any non-pointer, 2241 // non-interface field appearing in ForceSendFields will be sent to the 2242 // server regardless of whether the field is empty or not. This may be 2243 // used to include empty fields in Patch requests. 2244 ForceSendFields []string `json:"-"` 2245 2246 // NullFields is a list of field names (e.g. "Payload") to include in 2247 // API requests with the JSON null value. By default, fields with empty 2248 // values are omitted from API requests. However, any field with an 2249 // empty value appearing in NullFields will be sent to the server as 2250 // null. It is an error if a field in this list has a non-empty value. 2251 // This may be used to include null fields in Patch requests. 2252 NullFields []string `json:"-"` 2253} 2254 2255func (s *SignJwtRequest) MarshalJSON() ([]byte, error) { 2256 type NoMethod SignJwtRequest 2257 raw := NoMethod(*s) 2258 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2259} 2260 2261// SignJwtResponse: The service account sign JWT response. 2262type SignJwtResponse struct { 2263 // KeyId: The id of the key used to sign the JWT. 2264 KeyId string `json:"keyId,omitempty"` 2265 2266 // SignedJwt: The signed JWT. 2267 SignedJwt string `json:"signedJwt,omitempty"` 2268 2269 // ServerResponse contains the HTTP response code and headers from the 2270 // server. 2271 googleapi.ServerResponse `json:"-"` 2272 2273 // ForceSendFields is a list of field names (e.g. "KeyId") to 2274 // unconditionally include in API requests. By default, fields with 2275 // empty values are omitted from API requests. However, any non-pointer, 2276 // non-interface field appearing in ForceSendFields will be sent to the 2277 // server regardless of whether the field is empty or not. This may be 2278 // used to include empty fields in Patch requests. 2279 ForceSendFields []string `json:"-"` 2280 2281 // NullFields is a list of field names (e.g. "KeyId") to include in API 2282 // requests with the JSON null value. By default, fields with empty 2283 // values are omitted from API requests. However, any field with an 2284 // empty value appearing in NullFields will be sent to the server as 2285 // null. It is an error if a field in this list has a non-empty value. 2286 // This may be used to include null fields in Patch requests. 2287 NullFields []string `json:"-"` 2288} 2289 2290func (s *SignJwtResponse) MarshalJSON() ([]byte, error) { 2291 type NoMethod SignJwtResponse 2292 raw := NoMethod(*s) 2293 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2294} 2295 2296// TestIamPermissionsRequest: Request message for `TestIamPermissions` 2297// method. 2298type TestIamPermissionsRequest struct { 2299 // Permissions: The set of permissions to check for the `resource`. 2300 // Permissions with 2301 // wildcards (such as '*' or 'storage.*') are not allowed. For 2302 // more 2303 // information see 2304 // [IAM 2305 // Overview](https://cloud.google.com/iam/docs/overview#permissions). 2306 Permissions []string `json:"permissions,omitempty"` 2307 2308 // ForceSendFields is a list of field names (e.g. "Permissions") to 2309 // unconditionally include in API requests. By default, fields with 2310 // empty values are omitted from API requests. However, any non-pointer, 2311 // non-interface field appearing in ForceSendFields will be sent to the 2312 // server regardless of whether the field is empty or not. This may be 2313 // used to include empty fields in Patch requests. 2314 ForceSendFields []string `json:"-"` 2315 2316 // NullFields is a list of field names (e.g. "Permissions") to include 2317 // in API requests with the JSON null value. By default, fields with 2318 // empty values are omitted from API requests. However, any field with 2319 // an empty value appearing in NullFields will be sent to the server as 2320 // null. It is an error if a field in this list has a non-empty value. 2321 // This may be used to include null fields in Patch requests. 2322 NullFields []string `json:"-"` 2323} 2324 2325func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error) { 2326 type NoMethod TestIamPermissionsRequest 2327 raw := NoMethod(*s) 2328 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2329} 2330 2331// TestIamPermissionsResponse: Response message for `TestIamPermissions` 2332// method. 2333type TestIamPermissionsResponse struct { 2334 // Permissions: A subset of `TestPermissionsRequest.permissions` that 2335 // the caller is 2336 // allowed. 2337 Permissions []string `json:"permissions,omitempty"` 2338 2339 // ServerResponse contains the HTTP response code and headers from the 2340 // server. 2341 googleapi.ServerResponse `json:"-"` 2342 2343 // ForceSendFields is a list of field names (e.g. "Permissions") to 2344 // unconditionally include in API requests. By default, fields with 2345 // empty values are omitted from API requests. However, any non-pointer, 2346 // non-interface field appearing in ForceSendFields will be sent to the 2347 // server regardless of whether the field is empty or not. This may be 2348 // used to include empty fields in Patch requests. 2349 ForceSendFields []string `json:"-"` 2350 2351 // NullFields is a list of field names (e.g. "Permissions") to include 2352 // in API requests with the JSON null value. By default, fields with 2353 // empty values are omitted from API requests. However, any field with 2354 // an empty value appearing in NullFields will be sent to the server as 2355 // null. It is an error if a field in this list has a non-empty value. 2356 // This may be used to include null fields in Patch requests. 2357 NullFields []string `json:"-"` 2358} 2359 2360func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) { 2361 type NoMethod TestIamPermissionsResponse 2362 raw := NoMethod(*s) 2363 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2364} 2365 2366// UndeleteRoleRequest: The request to undelete an existing role. 2367type UndeleteRoleRequest struct { 2368 // Etag: Used to perform a consistent read-modify-write. 2369 Etag string `json:"etag,omitempty"` 2370 2371 // ForceSendFields is a list of field names (e.g. "Etag") to 2372 // unconditionally include in API requests. By default, fields with 2373 // empty values are omitted from API requests. However, any non-pointer, 2374 // non-interface field appearing in ForceSendFields will be sent to the 2375 // server regardless of whether the field is empty or not. This may be 2376 // used to include empty fields in Patch requests. 2377 ForceSendFields []string `json:"-"` 2378 2379 // NullFields is a list of field names (e.g. "Etag") to include in API 2380 // requests with the JSON null value. By default, fields with empty 2381 // values are omitted from API requests. However, any field with an 2382 // empty value appearing in NullFields will be sent to the server as 2383 // null. It is an error if a field in this list has a non-empty value. 2384 // This may be used to include null fields in Patch requests. 2385 NullFields []string `json:"-"` 2386} 2387 2388func (s *UndeleteRoleRequest) MarshalJSON() ([]byte, error) { 2389 type NoMethod UndeleteRoleRequest 2390 raw := NoMethod(*s) 2391 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2392} 2393 2394// UndeleteServiceAccountRequest: The service account undelete request. 2395type UndeleteServiceAccountRequest struct { 2396} 2397 2398type UndeleteServiceAccountResponse struct { 2399 // RestoredAccount: Metadata for the restored service account. 2400 RestoredAccount *ServiceAccount `json:"restoredAccount,omitempty"` 2401 2402 // ServerResponse contains the HTTP response code and headers from the 2403 // server. 2404 googleapi.ServerResponse `json:"-"` 2405 2406 // ForceSendFields is a list of field names (e.g. "RestoredAccount") to 2407 // unconditionally include in API requests. By default, fields with 2408 // empty values are omitted from API requests. However, any non-pointer, 2409 // non-interface field appearing in ForceSendFields will be sent to the 2410 // server regardless of whether the field is empty or not. This may be 2411 // used to include empty fields in Patch requests. 2412 ForceSendFields []string `json:"-"` 2413 2414 // NullFields is a list of field names (e.g. "RestoredAccount") to 2415 // include in API requests with the JSON null value. By default, fields 2416 // with empty values are omitted from API requests. However, any field 2417 // with an empty value appearing in NullFields will be sent to the 2418 // server as null. It is an error if a field in this list has a 2419 // non-empty value. This may be used to include null fields in Patch 2420 // requests. 2421 NullFields []string `json:"-"` 2422} 2423 2424func (s *UndeleteServiceAccountResponse) MarshalJSON() ([]byte, error) { 2425 type NoMethod UndeleteServiceAccountResponse 2426 raw := NoMethod(*s) 2427 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2428} 2429 2430// UploadServiceAccountKeyRequest: The service account key upload 2431// request. 2432type UploadServiceAccountKeyRequest struct { 2433 // PublicKeyData: A field that allows clients to upload their own public 2434 // key. If set, 2435 // use this public key data to create a service account key for 2436 // given 2437 // service account. 2438 // Please note, the expected format for this field is X509_PEM. 2439 PublicKeyData string `json:"publicKeyData,omitempty"` 2440 2441 // ForceSendFields is a list of field names (e.g. "PublicKeyData") to 2442 // unconditionally include in API requests. By default, fields with 2443 // empty values are omitted from API requests. However, any non-pointer, 2444 // non-interface field appearing in ForceSendFields will be sent to the 2445 // server regardless of whether the field is empty or not. This may be 2446 // used to include empty fields in Patch requests. 2447 ForceSendFields []string `json:"-"` 2448 2449 // NullFields is a list of field names (e.g. "PublicKeyData") to include 2450 // in API requests with the JSON null value. By default, fields with 2451 // empty values are omitted from API requests. However, any field with 2452 // an empty value appearing in NullFields will be sent to the server as 2453 // null. It is an error if a field in this list has a non-empty value. 2454 // This may be used to include null fields in Patch requests. 2455 NullFields []string `json:"-"` 2456} 2457 2458func (s *UploadServiceAccountKeyRequest) MarshalJSON() ([]byte, error) { 2459 type NoMethod UploadServiceAccountKeyRequest 2460 raw := NoMethod(*s) 2461 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2462} 2463 2464// method id "iam.iamPolicies.lintPolicy": 2465 2466type IamPoliciesLintPolicyCall struct { 2467 s *Service 2468 lintpolicyrequest *LintPolicyRequest 2469 urlParams_ gensupport.URLParams 2470 ctx_ context.Context 2471 header_ http.Header 2472} 2473 2474// LintPolicy: Lints, or validates, an IAM policy. Currently checks 2475// the 2476// google.iam.v1.Binding.condition field, which contains a 2477// condition 2478// expression for a role binding. 2479// 2480// Successful calls to this method always return an HTTP `200 OK` status 2481// code, 2482// even if the linter detects an issue in the IAM policy. 2483func (r *IamPoliciesService) LintPolicy(lintpolicyrequest *LintPolicyRequest) *IamPoliciesLintPolicyCall { 2484 c := &IamPoliciesLintPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2485 c.lintpolicyrequest = lintpolicyrequest 2486 return c 2487} 2488 2489// Fields allows partial responses to be retrieved. See 2490// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2491// for more information. 2492func (c *IamPoliciesLintPolicyCall) Fields(s ...googleapi.Field) *IamPoliciesLintPolicyCall { 2493 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2494 return c 2495} 2496 2497// Context sets the context to be used in this call's Do method. Any 2498// pending HTTP request will be aborted if the provided context is 2499// canceled. 2500func (c *IamPoliciesLintPolicyCall) Context(ctx context.Context) *IamPoliciesLintPolicyCall { 2501 c.ctx_ = ctx 2502 return c 2503} 2504 2505// Header returns an http.Header that can be modified by the caller to 2506// add HTTP headers to the request. 2507func (c *IamPoliciesLintPolicyCall) Header() http.Header { 2508 if c.header_ == nil { 2509 c.header_ = make(http.Header) 2510 } 2511 return c.header_ 2512} 2513 2514func (c *IamPoliciesLintPolicyCall) doRequest(alt string) (*http.Response, error) { 2515 reqHeaders := make(http.Header) 2516 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 2517 for k, v := range c.header_ { 2518 reqHeaders[k] = v 2519 } 2520 reqHeaders.Set("User-Agent", c.s.userAgent()) 2521 var body io.Reader = nil 2522 body, err := googleapi.WithoutDataWrapper.JSONReader(c.lintpolicyrequest) 2523 if err != nil { 2524 return nil, err 2525 } 2526 reqHeaders.Set("Content-Type", "application/json") 2527 c.urlParams_.Set("alt", alt) 2528 c.urlParams_.Set("prettyPrint", "false") 2529 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/iamPolicies:lintPolicy") 2530 urls += "?" + c.urlParams_.Encode() 2531 req, err := http.NewRequest("POST", urls, body) 2532 if err != nil { 2533 return nil, err 2534 } 2535 req.Header = reqHeaders 2536 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2537} 2538 2539// Do executes the "iam.iamPolicies.lintPolicy" call. 2540// Exactly one of *LintPolicyResponse or error will be non-nil. Any 2541// non-2xx status code is an error. Response headers are in either 2542// *LintPolicyResponse.ServerResponse.Header or (if a response was 2543// returned at all) in error.(*googleapi.Error).Header. Use 2544// googleapi.IsNotModified to check whether the returned error was 2545// because http.StatusNotModified was returned. 2546func (c *IamPoliciesLintPolicyCall) Do(opts ...googleapi.CallOption) (*LintPolicyResponse, error) { 2547 gensupport.SetOptions(c.urlParams_, opts...) 2548 res, err := c.doRequest("json") 2549 if res != nil && res.StatusCode == http.StatusNotModified { 2550 if res.Body != nil { 2551 res.Body.Close() 2552 } 2553 return nil, &googleapi.Error{ 2554 Code: res.StatusCode, 2555 Header: res.Header, 2556 } 2557 } 2558 if err != nil { 2559 return nil, err 2560 } 2561 defer googleapi.CloseBody(res) 2562 if err := googleapi.CheckResponse(res); err != nil { 2563 return nil, err 2564 } 2565 ret := &LintPolicyResponse{ 2566 ServerResponse: googleapi.ServerResponse{ 2567 Header: res.Header, 2568 HTTPStatusCode: res.StatusCode, 2569 }, 2570 } 2571 target := &ret 2572 if err := gensupport.DecodeResponse(target, res); err != nil { 2573 return nil, err 2574 } 2575 return ret, nil 2576 // { 2577 // "description": "Lints, or validates, an IAM policy. Currently checks the\ngoogle.iam.v1.Binding.condition field, which contains a condition\nexpression for a role binding.\n\nSuccessful calls to this method always return an HTTP `200 OK` status code,\neven if the linter detects an issue in the IAM policy.", 2578 // "flatPath": "v1/iamPolicies:lintPolicy", 2579 // "httpMethod": "POST", 2580 // "id": "iam.iamPolicies.lintPolicy", 2581 // "parameterOrder": [], 2582 // "parameters": {}, 2583 // "path": "v1/iamPolicies:lintPolicy", 2584 // "request": { 2585 // "$ref": "LintPolicyRequest" 2586 // }, 2587 // "response": { 2588 // "$ref": "LintPolicyResponse" 2589 // }, 2590 // "scopes": [ 2591 // "https://www.googleapis.com/auth/cloud-platform" 2592 // ] 2593 // } 2594 2595} 2596 2597// method id "iam.iamPolicies.queryAuditableServices": 2598 2599type IamPoliciesQueryAuditableServicesCall struct { 2600 s *Service 2601 queryauditableservicesrequest *QueryAuditableServicesRequest 2602 urlParams_ gensupport.URLParams 2603 ctx_ context.Context 2604 header_ http.Header 2605} 2606 2607// QueryAuditableServices: Returns a list of services that allow you to 2608// opt into audit logs that are 2609// not generated by default. 2610// 2611// To learn more about audit logs, see the 2612// [Logging 2613// documentation](https://cloud.google.com/logging/docs/audit). 2614func (r *IamPoliciesService) QueryAuditableServices(queryauditableservicesrequest *QueryAuditableServicesRequest) *IamPoliciesQueryAuditableServicesCall { 2615 c := &IamPoliciesQueryAuditableServicesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2616 c.queryauditableservicesrequest = queryauditableservicesrequest 2617 return c 2618} 2619 2620// Fields allows partial responses to be retrieved. See 2621// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2622// for more information. 2623func (c *IamPoliciesQueryAuditableServicesCall) Fields(s ...googleapi.Field) *IamPoliciesQueryAuditableServicesCall { 2624 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2625 return c 2626} 2627 2628// Context sets the context to be used in this call's Do method. Any 2629// pending HTTP request will be aborted if the provided context is 2630// canceled. 2631func (c *IamPoliciesQueryAuditableServicesCall) Context(ctx context.Context) *IamPoliciesQueryAuditableServicesCall { 2632 c.ctx_ = ctx 2633 return c 2634} 2635 2636// Header returns an http.Header that can be modified by the caller to 2637// add HTTP headers to the request. 2638func (c *IamPoliciesQueryAuditableServicesCall) Header() http.Header { 2639 if c.header_ == nil { 2640 c.header_ = make(http.Header) 2641 } 2642 return c.header_ 2643} 2644 2645func (c *IamPoliciesQueryAuditableServicesCall) doRequest(alt string) (*http.Response, error) { 2646 reqHeaders := make(http.Header) 2647 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 2648 for k, v := range c.header_ { 2649 reqHeaders[k] = v 2650 } 2651 reqHeaders.Set("User-Agent", c.s.userAgent()) 2652 var body io.Reader = nil 2653 body, err := googleapi.WithoutDataWrapper.JSONReader(c.queryauditableservicesrequest) 2654 if err != nil { 2655 return nil, err 2656 } 2657 reqHeaders.Set("Content-Type", "application/json") 2658 c.urlParams_.Set("alt", alt) 2659 c.urlParams_.Set("prettyPrint", "false") 2660 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/iamPolicies:queryAuditableServices") 2661 urls += "?" + c.urlParams_.Encode() 2662 req, err := http.NewRequest("POST", urls, body) 2663 if err != nil { 2664 return nil, err 2665 } 2666 req.Header = reqHeaders 2667 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2668} 2669 2670// Do executes the "iam.iamPolicies.queryAuditableServices" call. 2671// Exactly one of *QueryAuditableServicesResponse or error will be 2672// non-nil. Any non-2xx status code is an error. Response headers are in 2673// either *QueryAuditableServicesResponse.ServerResponse.Header or (if a 2674// response was returned at all) in error.(*googleapi.Error).Header. Use 2675// googleapi.IsNotModified to check whether the returned error was 2676// because http.StatusNotModified was returned. 2677func (c *IamPoliciesQueryAuditableServicesCall) Do(opts ...googleapi.CallOption) (*QueryAuditableServicesResponse, error) { 2678 gensupport.SetOptions(c.urlParams_, opts...) 2679 res, err := c.doRequest("json") 2680 if res != nil && res.StatusCode == http.StatusNotModified { 2681 if res.Body != nil { 2682 res.Body.Close() 2683 } 2684 return nil, &googleapi.Error{ 2685 Code: res.StatusCode, 2686 Header: res.Header, 2687 } 2688 } 2689 if err != nil { 2690 return nil, err 2691 } 2692 defer googleapi.CloseBody(res) 2693 if err := googleapi.CheckResponse(res); err != nil { 2694 return nil, err 2695 } 2696 ret := &QueryAuditableServicesResponse{ 2697 ServerResponse: googleapi.ServerResponse{ 2698 Header: res.Header, 2699 HTTPStatusCode: res.StatusCode, 2700 }, 2701 } 2702 target := &ret 2703 if err := gensupport.DecodeResponse(target, res); err != nil { 2704 return nil, err 2705 } 2706 return ret, nil 2707 // { 2708 // "description": "Returns a list of services that allow you to opt into audit logs that are\nnot generated by default.\n\nTo learn more about audit logs, see the [Logging\ndocumentation](https://cloud.google.com/logging/docs/audit).", 2709 // "flatPath": "v1/iamPolicies:queryAuditableServices", 2710 // "httpMethod": "POST", 2711 // "id": "iam.iamPolicies.queryAuditableServices", 2712 // "parameterOrder": [], 2713 // "parameters": {}, 2714 // "path": "v1/iamPolicies:queryAuditableServices", 2715 // "request": { 2716 // "$ref": "QueryAuditableServicesRequest" 2717 // }, 2718 // "response": { 2719 // "$ref": "QueryAuditableServicesResponse" 2720 // }, 2721 // "scopes": [ 2722 // "https://www.googleapis.com/auth/cloud-platform" 2723 // ] 2724 // } 2725 2726} 2727 2728// method id "iam.organizations.roles.create": 2729 2730type OrganizationsRolesCreateCall struct { 2731 s *Service 2732 parent string 2733 createrolerequest *CreateRoleRequest 2734 urlParams_ gensupport.URLParams 2735 ctx_ context.Context 2736 header_ http.Header 2737} 2738 2739// Create: Creates a new custom Role. 2740func (r *OrganizationsRolesService) Create(parent string, createrolerequest *CreateRoleRequest) *OrganizationsRolesCreateCall { 2741 c := &OrganizationsRolesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2742 c.parent = parent 2743 c.createrolerequest = createrolerequest 2744 return c 2745} 2746 2747// Fields allows partial responses to be retrieved. See 2748// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2749// for more information. 2750func (c *OrganizationsRolesCreateCall) Fields(s ...googleapi.Field) *OrganizationsRolesCreateCall { 2751 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2752 return c 2753} 2754 2755// Context sets the context to be used in this call's Do method. Any 2756// pending HTTP request will be aborted if the provided context is 2757// canceled. 2758func (c *OrganizationsRolesCreateCall) Context(ctx context.Context) *OrganizationsRolesCreateCall { 2759 c.ctx_ = ctx 2760 return c 2761} 2762 2763// Header returns an http.Header that can be modified by the caller to 2764// add HTTP headers to the request. 2765func (c *OrganizationsRolesCreateCall) Header() http.Header { 2766 if c.header_ == nil { 2767 c.header_ = make(http.Header) 2768 } 2769 return c.header_ 2770} 2771 2772func (c *OrganizationsRolesCreateCall) doRequest(alt string) (*http.Response, error) { 2773 reqHeaders := make(http.Header) 2774 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 2775 for k, v := range c.header_ { 2776 reqHeaders[k] = v 2777 } 2778 reqHeaders.Set("User-Agent", c.s.userAgent()) 2779 var body io.Reader = nil 2780 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createrolerequest) 2781 if err != nil { 2782 return nil, err 2783 } 2784 reqHeaders.Set("Content-Type", "application/json") 2785 c.urlParams_.Set("alt", alt) 2786 c.urlParams_.Set("prettyPrint", "false") 2787 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 2788 urls += "?" + c.urlParams_.Encode() 2789 req, err := http.NewRequest("POST", urls, body) 2790 if err != nil { 2791 return nil, err 2792 } 2793 req.Header = reqHeaders 2794 googleapi.Expand(req.URL, map[string]string{ 2795 "parent": c.parent, 2796 }) 2797 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2798} 2799 2800// Do executes the "iam.organizations.roles.create" call. 2801// Exactly one of *Role or error will be non-nil. Any non-2xx status 2802// code is an error. Response headers are in either 2803// *Role.ServerResponse.Header or (if a response was returned at all) in 2804// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 2805// whether the returned error was because http.StatusNotModified was 2806// returned. 2807func (c *OrganizationsRolesCreateCall) Do(opts ...googleapi.CallOption) (*Role, error) { 2808 gensupport.SetOptions(c.urlParams_, opts...) 2809 res, err := c.doRequest("json") 2810 if res != nil && res.StatusCode == http.StatusNotModified { 2811 if res.Body != nil { 2812 res.Body.Close() 2813 } 2814 return nil, &googleapi.Error{ 2815 Code: res.StatusCode, 2816 Header: res.Header, 2817 } 2818 } 2819 if err != nil { 2820 return nil, err 2821 } 2822 defer googleapi.CloseBody(res) 2823 if err := googleapi.CheckResponse(res); err != nil { 2824 return nil, err 2825 } 2826 ret := &Role{ 2827 ServerResponse: googleapi.ServerResponse{ 2828 Header: res.Header, 2829 HTTPStatusCode: res.StatusCode, 2830 }, 2831 } 2832 target := &ret 2833 if err := gensupport.DecodeResponse(target, res); err != nil { 2834 return nil, err 2835 } 2836 return ret, nil 2837 // { 2838 // "description": "Creates a new custom Role.", 2839 // "flatPath": "v1/organizations/{organizationsId}/roles", 2840 // "httpMethod": "POST", 2841 // "id": "iam.organizations.roles.create", 2842 // "parameterOrder": [ 2843 // "parent" 2844 // ], 2845 // "parameters": { 2846 // "parent": { 2847 // "description": "The `parent` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `parent` value format is described below:\n\n* [`projects.roles.create()`](/iam/reference/rest/v1/projects.roles/create):\n `projects/{PROJECT_ID}`. This method creates project-level\n [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles`\n\n* [`organizations.roles.create()`](/iam/reference/rest/v1/organizations.roles/create):\n `organizations/{ORGANIZATION_ID}`. This method creates organization-level\n [custom roles](/iam/docs/understanding-custom-roles). Example request\n URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 2848 // "location": "path", 2849 // "pattern": "^organizations/[^/]+$", 2850 // "required": true, 2851 // "type": "string" 2852 // } 2853 // }, 2854 // "path": "v1/{+parent}/roles", 2855 // "request": { 2856 // "$ref": "CreateRoleRequest" 2857 // }, 2858 // "response": { 2859 // "$ref": "Role" 2860 // }, 2861 // "scopes": [ 2862 // "https://www.googleapis.com/auth/cloud-platform" 2863 // ] 2864 // } 2865 2866} 2867 2868// method id "iam.organizations.roles.delete": 2869 2870type OrganizationsRolesDeleteCall struct { 2871 s *Service 2872 name string 2873 urlParams_ gensupport.URLParams 2874 ctx_ context.Context 2875 header_ http.Header 2876} 2877 2878// Delete: Deletes a custom Role. 2879// 2880// When you delete a custom role, the following changes occur 2881// immediately: 2882// 2883// * You cannot bind a member to the custom role in an IAM 2884// Policy. 2885// * Existing bindings to the custom role are not changed, but they have 2886// no 2887// effect. 2888// * By default, the response from ListRoles does not include the 2889// custom 2890// role. 2891// 2892// You have 7 days to undelete the custom role. After 7 days, the 2893// following 2894// changes occur: 2895// 2896// * The custom role is permanently deleted and cannot be recovered. 2897// * If an IAM policy contains a binding to the custom role, the binding 2898// is 2899// permanently removed. 2900func (r *OrganizationsRolesService) Delete(name string) *OrganizationsRolesDeleteCall { 2901 c := &OrganizationsRolesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2902 c.name = name 2903 return c 2904} 2905 2906// Etag sets the optional parameter "etag": Used to perform a consistent 2907// read-modify-write. 2908func (c *OrganizationsRolesDeleteCall) Etag(etag string) *OrganizationsRolesDeleteCall { 2909 c.urlParams_.Set("etag", etag) 2910 return c 2911} 2912 2913// Fields allows partial responses to be retrieved. See 2914// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2915// for more information. 2916func (c *OrganizationsRolesDeleteCall) Fields(s ...googleapi.Field) *OrganizationsRolesDeleteCall { 2917 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2918 return c 2919} 2920 2921// Context sets the context to be used in this call's Do method. Any 2922// pending HTTP request will be aborted if the provided context is 2923// canceled. 2924func (c *OrganizationsRolesDeleteCall) Context(ctx context.Context) *OrganizationsRolesDeleteCall { 2925 c.ctx_ = ctx 2926 return c 2927} 2928 2929// Header returns an http.Header that can be modified by the caller to 2930// add HTTP headers to the request. 2931func (c *OrganizationsRolesDeleteCall) Header() http.Header { 2932 if c.header_ == nil { 2933 c.header_ = make(http.Header) 2934 } 2935 return c.header_ 2936} 2937 2938func (c *OrganizationsRolesDeleteCall) doRequest(alt string) (*http.Response, error) { 2939 reqHeaders := make(http.Header) 2940 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 2941 for k, v := range c.header_ { 2942 reqHeaders[k] = v 2943 } 2944 reqHeaders.Set("User-Agent", c.s.userAgent()) 2945 var body io.Reader = nil 2946 c.urlParams_.Set("alt", alt) 2947 c.urlParams_.Set("prettyPrint", "false") 2948 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 2949 urls += "?" + c.urlParams_.Encode() 2950 req, err := http.NewRequest("DELETE", urls, body) 2951 if err != nil { 2952 return nil, err 2953 } 2954 req.Header = reqHeaders 2955 googleapi.Expand(req.URL, map[string]string{ 2956 "name": c.name, 2957 }) 2958 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2959} 2960 2961// Do executes the "iam.organizations.roles.delete" call. 2962// Exactly one of *Role or error will be non-nil. Any non-2xx status 2963// code is an error. Response headers are in either 2964// *Role.ServerResponse.Header or (if a response was returned at all) in 2965// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 2966// whether the returned error was because http.StatusNotModified was 2967// returned. 2968func (c *OrganizationsRolesDeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 2969 gensupport.SetOptions(c.urlParams_, opts...) 2970 res, err := c.doRequest("json") 2971 if res != nil && res.StatusCode == http.StatusNotModified { 2972 if res.Body != nil { 2973 res.Body.Close() 2974 } 2975 return nil, &googleapi.Error{ 2976 Code: res.StatusCode, 2977 Header: res.Header, 2978 } 2979 } 2980 if err != nil { 2981 return nil, err 2982 } 2983 defer googleapi.CloseBody(res) 2984 if err := googleapi.CheckResponse(res); err != nil { 2985 return nil, err 2986 } 2987 ret := &Role{ 2988 ServerResponse: googleapi.ServerResponse{ 2989 Header: res.Header, 2990 HTTPStatusCode: res.StatusCode, 2991 }, 2992 } 2993 target := &ret 2994 if err := gensupport.DecodeResponse(target, res); err != nil { 2995 return nil, err 2996 } 2997 return ret, nil 2998 // { 2999 // "description": "Deletes a custom Role.\n\nWhen you delete a custom role, the following changes occur immediately:\n\n* You cannot bind a member to the custom role in an IAM\nPolicy.\n* Existing bindings to the custom role are not changed, but they have no\neffect.\n* By default, the response from ListRoles does not include the custom\nrole.\n\nYou have 7 days to undelete the custom role. After 7 days, the following\nchanges occur:\n\n* The custom role is permanently deleted and cannot be recovered.\n* If an IAM policy contains a binding to the custom role, the binding is\npermanently removed.", 3000 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 3001 // "httpMethod": "DELETE", 3002 // "id": "iam.organizations.roles.delete", 3003 // "parameterOrder": [ 3004 // "name" 3005 // ], 3006 // "parameters": { 3007 // "etag": { 3008 // "description": "Used to perform a consistent read-modify-write.", 3009 // "format": "byte", 3010 // "location": "query", 3011 // "type": "string" 3012 // }, 3013 // "name": { 3014 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`projects.roles.delete()`](/iam/reference/rest/v1/projects.roles/delete):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only\n [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.delete()`](/iam/reference/rest/v1/organizations.roles/delete):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n deletes only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 3015 // "location": "path", 3016 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3017 // "required": true, 3018 // "type": "string" 3019 // } 3020 // }, 3021 // "path": "v1/{+name}", 3022 // "response": { 3023 // "$ref": "Role" 3024 // }, 3025 // "scopes": [ 3026 // "https://www.googleapis.com/auth/cloud-platform" 3027 // ] 3028 // } 3029 3030} 3031 3032// method id "iam.organizations.roles.get": 3033 3034type OrganizationsRolesGetCall struct { 3035 s *Service 3036 name string 3037 urlParams_ gensupport.URLParams 3038 ifNoneMatch_ string 3039 ctx_ context.Context 3040 header_ http.Header 3041} 3042 3043// Get: Gets the definition of a Role. 3044func (r *OrganizationsRolesService) Get(name string) *OrganizationsRolesGetCall { 3045 c := &OrganizationsRolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3046 c.name = name 3047 return c 3048} 3049 3050// Fields allows partial responses to be retrieved. See 3051// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3052// for more information. 3053func (c *OrganizationsRolesGetCall) Fields(s ...googleapi.Field) *OrganizationsRolesGetCall { 3054 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3055 return c 3056} 3057 3058// IfNoneMatch sets the optional parameter which makes the operation 3059// fail if the object's ETag matches the given value. This is useful for 3060// getting updates only after the object has changed since the last 3061// request. Use googleapi.IsNotModified to check whether the response 3062// error from Do is the result of In-None-Match. 3063func (c *OrganizationsRolesGetCall) IfNoneMatch(entityTag string) *OrganizationsRolesGetCall { 3064 c.ifNoneMatch_ = entityTag 3065 return c 3066} 3067 3068// Context sets the context to be used in this call's Do method. Any 3069// pending HTTP request will be aborted if the provided context is 3070// canceled. 3071func (c *OrganizationsRolesGetCall) Context(ctx context.Context) *OrganizationsRolesGetCall { 3072 c.ctx_ = ctx 3073 return c 3074} 3075 3076// Header returns an http.Header that can be modified by the caller to 3077// add HTTP headers to the request. 3078func (c *OrganizationsRolesGetCall) Header() http.Header { 3079 if c.header_ == nil { 3080 c.header_ = make(http.Header) 3081 } 3082 return c.header_ 3083} 3084 3085func (c *OrganizationsRolesGetCall) doRequest(alt string) (*http.Response, error) { 3086 reqHeaders := make(http.Header) 3087 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 3088 for k, v := range c.header_ { 3089 reqHeaders[k] = v 3090 } 3091 reqHeaders.Set("User-Agent", c.s.userAgent()) 3092 if c.ifNoneMatch_ != "" { 3093 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3094 } 3095 var body io.Reader = nil 3096 c.urlParams_.Set("alt", alt) 3097 c.urlParams_.Set("prettyPrint", "false") 3098 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3099 urls += "?" + c.urlParams_.Encode() 3100 req, err := http.NewRequest("GET", urls, body) 3101 if err != nil { 3102 return nil, err 3103 } 3104 req.Header = reqHeaders 3105 googleapi.Expand(req.URL, map[string]string{ 3106 "name": c.name, 3107 }) 3108 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3109} 3110 3111// Do executes the "iam.organizations.roles.get" call. 3112// Exactly one of *Role or error will be non-nil. Any non-2xx status 3113// code is an error. Response headers are in either 3114// *Role.ServerResponse.Header or (if a response was returned at all) in 3115// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3116// whether the returned error was because http.StatusNotModified was 3117// returned. 3118func (c *OrganizationsRolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3119 gensupport.SetOptions(c.urlParams_, opts...) 3120 res, err := c.doRequest("json") 3121 if res != nil && res.StatusCode == http.StatusNotModified { 3122 if res.Body != nil { 3123 res.Body.Close() 3124 } 3125 return nil, &googleapi.Error{ 3126 Code: res.StatusCode, 3127 Header: res.Header, 3128 } 3129 } 3130 if err != nil { 3131 return nil, err 3132 } 3133 defer googleapi.CloseBody(res) 3134 if err := googleapi.CheckResponse(res); err != nil { 3135 return nil, err 3136 } 3137 ret := &Role{ 3138 ServerResponse: googleapi.ServerResponse{ 3139 Header: res.Header, 3140 HTTPStatusCode: res.StatusCode, 3141 }, 3142 } 3143 target := &ret 3144 if err := gensupport.DecodeResponse(target, res); err != nil { 3145 return nil, err 3146 } 3147 return ret, nil 3148 // { 3149 // "description": "Gets the definition of a Role.", 3150 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 3151 // "httpMethod": "GET", 3152 // "id": "iam.organizations.roles.get", 3153 // "parameterOrder": [ 3154 // "name" 3155 // ], 3156 // "parameters": { 3157 // "name": { 3158 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`roles`](/iam/reference/rest/v1/roles),\n[`projects`](/iam/reference/rest/v1/projects.roles), or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`.\n This method returns results from all\n [predefined roles](/iam/docs/understanding-roles#predefined_roles) in\n Cloud IAM. Example request URL:\n `https://iam.googleapis.com/v1/roles/{ROLE_NAME}`\n\n* [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only\n [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n returns only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 3159 // "location": "path", 3160 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3161 // "required": true, 3162 // "type": "string" 3163 // } 3164 // }, 3165 // "path": "v1/{+name}", 3166 // "response": { 3167 // "$ref": "Role" 3168 // }, 3169 // "scopes": [ 3170 // "https://www.googleapis.com/auth/cloud-platform" 3171 // ] 3172 // } 3173 3174} 3175 3176// method id "iam.organizations.roles.list": 3177 3178type OrganizationsRolesListCall struct { 3179 s *Service 3180 parent string 3181 urlParams_ gensupport.URLParams 3182 ifNoneMatch_ string 3183 ctx_ context.Context 3184 header_ http.Header 3185} 3186 3187// List: Lists every predefined Role that IAM supports, or every custom 3188// role 3189// that is defined for an organization or project. 3190func (r *OrganizationsRolesService) List(parent string) *OrganizationsRolesListCall { 3191 c := &OrganizationsRolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3192 c.parent = parent 3193 return c 3194} 3195 3196// PageSize sets the optional parameter "pageSize": Optional limit on 3197// the number of roles to include in the response. 3198// 3199// The default is 300, and the maximum is 1,000. 3200func (c *OrganizationsRolesListCall) PageSize(pageSize int64) *OrganizationsRolesListCall { 3201 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 3202 return c 3203} 3204 3205// PageToken sets the optional parameter "pageToken": Optional 3206// pagination token returned in an earlier ListRolesResponse. 3207func (c *OrganizationsRolesListCall) PageToken(pageToken string) *OrganizationsRolesListCall { 3208 c.urlParams_.Set("pageToken", pageToken) 3209 return c 3210} 3211 3212// ShowDeleted sets the optional parameter "showDeleted": Include Roles 3213// that have been deleted. 3214func (c *OrganizationsRolesListCall) ShowDeleted(showDeleted bool) *OrganizationsRolesListCall { 3215 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 3216 return c 3217} 3218 3219// View sets the optional parameter "view": Optional view for the 3220// returned Role objects. When `FULL` is specified, 3221// the `includedPermissions` field is returned, which includes a list of 3222// all 3223// permissions in the role. The default value is `BASIC`, which does 3224// not 3225// return the `includedPermissions` field. 3226// 3227// Possible values: 3228// "BASIC" 3229// "FULL" 3230func (c *OrganizationsRolesListCall) View(view string) *OrganizationsRolesListCall { 3231 c.urlParams_.Set("view", view) 3232 return c 3233} 3234 3235// Fields allows partial responses to be retrieved. See 3236// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3237// for more information. 3238func (c *OrganizationsRolesListCall) Fields(s ...googleapi.Field) *OrganizationsRolesListCall { 3239 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3240 return c 3241} 3242 3243// IfNoneMatch sets the optional parameter which makes the operation 3244// fail if the object's ETag matches the given value. This is useful for 3245// getting updates only after the object has changed since the last 3246// request. Use googleapi.IsNotModified to check whether the response 3247// error from Do is the result of In-None-Match. 3248func (c *OrganizationsRolesListCall) IfNoneMatch(entityTag string) *OrganizationsRolesListCall { 3249 c.ifNoneMatch_ = entityTag 3250 return c 3251} 3252 3253// Context sets the context to be used in this call's Do method. Any 3254// pending HTTP request will be aborted if the provided context is 3255// canceled. 3256func (c *OrganizationsRolesListCall) Context(ctx context.Context) *OrganizationsRolesListCall { 3257 c.ctx_ = ctx 3258 return c 3259} 3260 3261// Header returns an http.Header that can be modified by the caller to 3262// add HTTP headers to the request. 3263func (c *OrganizationsRolesListCall) Header() http.Header { 3264 if c.header_ == nil { 3265 c.header_ = make(http.Header) 3266 } 3267 return c.header_ 3268} 3269 3270func (c *OrganizationsRolesListCall) doRequest(alt string) (*http.Response, error) { 3271 reqHeaders := make(http.Header) 3272 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 3273 for k, v := range c.header_ { 3274 reqHeaders[k] = v 3275 } 3276 reqHeaders.Set("User-Agent", c.s.userAgent()) 3277 if c.ifNoneMatch_ != "" { 3278 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3279 } 3280 var body io.Reader = nil 3281 c.urlParams_.Set("alt", alt) 3282 c.urlParams_.Set("prettyPrint", "false") 3283 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 3284 urls += "?" + c.urlParams_.Encode() 3285 req, err := http.NewRequest("GET", urls, body) 3286 if err != nil { 3287 return nil, err 3288 } 3289 req.Header = reqHeaders 3290 googleapi.Expand(req.URL, map[string]string{ 3291 "parent": c.parent, 3292 }) 3293 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3294} 3295 3296// Do executes the "iam.organizations.roles.list" call. 3297// Exactly one of *ListRolesResponse or error will be non-nil. Any 3298// non-2xx status code is an error. Response headers are in either 3299// *ListRolesResponse.ServerResponse.Header or (if a response was 3300// returned at all) in error.(*googleapi.Error).Header. Use 3301// googleapi.IsNotModified to check whether the returned error was 3302// because http.StatusNotModified was returned. 3303func (c *OrganizationsRolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 3304 gensupport.SetOptions(c.urlParams_, opts...) 3305 res, err := c.doRequest("json") 3306 if res != nil && res.StatusCode == http.StatusNotModified { 3307 if res.Body != nil { 3308 res.Body.Close() 3309 } 3310 return nil, &googleapi.Error{ 3311 Code: res.StatusCode, 3312 Header: res.Header, 3313 } 3314 } 3315 if err != nil { 3316 return nil, err 3317 } 3318 defer googleapi.CloseBody(res) 3319 if err := googleapi.CheckResponse(res); err != nil { 3320 return nil, err 3321 } 3322 ret := &ListRolesResponse{ 3323 ServerResponse: googleapi.ServerResponse{ 3324 Header: res.Header, 3325 HTTPStatusCode: res.StatusCode, 3326 }, 3327 } 3328 target := &ret 3329 if err := gensupport.DecodeResponse(target, res); err != nil { 3330 return nil, err 3331 } 3332 return ret, nil 3333 // { 3334 // "description": "Lists every predefined Role that IAM supports, or every custom role\nthat is defined for an organization or project.", 3335 // "flatPath": "v1/organizations/{organizationsId}/roles", 3336 // "httpMethod": "GET", 3337 // "id": "iam.organizations.roles.list", 3338 // "parameterOrder": [ 3339 // "parent" 3340 // ], 3341 // "parameters": { 3342 // "pageSize": { 3343 // "description": "Optional limit on the number of roles to include in the response.\n\nThe default is 300, and the maximum is 1,000.", 3344 // "format": "int32", 3345 // "location": "query", 3346 // "type": "integer" 3347 // }, 3348 // "pageToken": { 3349 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 3350 // "location": "query", 3351 // "type": "string" 3352 // }, 3353 // "parent": { 3354 // "description": "The `parent` parameter's value depends on the target resource for the\nrequest, namely\n[`roles`](/iam/reference/rest/v1/roles),\n[`projects`](/iam/reference/rest/v1/projects.roles), or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `parent` value format is described below:\n\n* [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string.\n This method doesn't require a resource; it simply returns all\n [predefined roles](/iam/docs/understanding-roles#predefined_roles) in\n Cloud IAM. Example request URL:\n `https://iam.googleapis.com/v1/roles`\n\n* [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list):\n `projects/{PROJECT_ID}`. This method lists all project-level\n [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles`\n\n* [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list):\n `organizations/{ORGANIZATION_ID}`. This method lists all\n organization-level [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 3355 // "location": "path", 3356 // "pattern": "^organizations/[^/]+$", 3357 // "required": true, 3358 // "type": "string" 3359 // }, 3360 // "showDeleted": { 3361 // "description": "Include Roles that have been deleted.", 3362 // "location": "query", 3363 // "type": "boolean" 3364 // }, 3365 // "view": { 3366 // "description": "Optional view for the returned Role objects. When `FULL` is specified,\nthe `includedPermissions` field is returned, which includes a list of all\npermissions in the role. The default value is `BASIC`, which does not\nreturn the `includedPermissions` field.", 3367 // "enum": [ 3368 // "BASIC", 3369 // "FULL" 3370 // ], 3371 // "location": "query", 3372 // "type": "string" 3373 // } 3374 // }, 3375 // "path": "v1/{+parent}/roles", 3376 // "response": { 3377 // "$ref": "ListRolesResponse" 3378 // }, 3379 // "scopes": [ 3380 // "https://www.googleapis.com/auth/cloud-platform" 3381 // ] 3382 // } 3383 3384} 3385 3386// Pages invokes f for each page of results. 3387// A non-nil error returned from f will halt the iteration. 3388// The provided context supersedes any context provided to the Context method. 3389func (c *OrganizationsRolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 3390 c.ctx_ = ctx 3391 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 3392 for { 3393 x, err := c.Do() 3394 if err != nil { 3395 return err 3396 } 3397 if err := f(x); err != nil { 3398 return err 3399 } 3400 if x.NextPageToken == "" { 3401 return nil 3402 } 3403 c.PageToken(x.NextPageToken) 3404 } 3405} 3406 3407// method id "iam.organizations.roles.patch": 3408 3409type OrganizationsRolesPatchCall struct { 3410 s *Service 3411 name string 3412 role *Role 3413 urlParams_ gensupport.URLParams 3414 ctx_ context.Context 3415 header_ http.Header 3416} 3417 3418// Patch: Updates the definition of a custom Role. 3419func (r *OrganizationsRolesService) Patch(name string, role *Role) *OrganizationsRolesPatchCall { 3420 c := &OrganizationsRolesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3421 c.name = name 3422 c.role = role 3423 return c 3424} 3425 3426// UpdateMask sets the optional parameter "updateMask": A mask 3427// describing which fields in the Role have changed. 3428func (c *OrganizationsRolesPatchCall) UpdateMask(updateMask string) *OrganizationsRolesPatchCall { 3429 c.urlParams_.Set("updateMask", updateMask) 3430 return c 3431} 3432 3433// Fields allows partial responses to be retrieved. See 3434// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3435// for more information. 3436func (c *OrganizationsRolesPatchCall) Fields(s ...googleapi.Field) *OrganizationsRolesPatchCall { 3437 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3438 return c 3439} 3440 3441// Context sets the context to be used in this call's Do method. Any 3442// pending HTTP request will be aborted if the provided context is 3443// canceled. 3444func (c *OrganizationsRolesPatchCall) Context(ctx context.Context) *OrganizationsRolesPatchCall { 3445 c.ctx_ = ctx 3446 return c 3447} 3448 3449// Header returns an http.Header that can be modified by the caller to 3450// add HTTP headers to the request. 3451func (c *OrganizationsRolesPatchCall) Header() http.Header { 3452 if c.header_ == nil { 3453 c.header_ = make(http.Header) 3454 } 3455 return c.header_ 3456} 3457 3458func (c *OrganizationsRolesPatchCall) doRequest(alt string) (*http.Response, error) { 3459 reqHeaders := make(http.Header) 3460 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 3461 for k, v := range c.header_ { 3462 reqHeaders[k] = v 3463 } 3464 reqHeaders.Set("User-Agent", c.s.userAgent()) 3465 var body io.Reader = nil 3466 body, err := googleapi.WithoutDataWrapper.JSONReader(c.role) 3467 if err != nil { 3468 return nil, err 3469 } 3470 reqHeaders.Set("Content-Type", "application/json") 3471 c.urlParams_.Set("alt", alt) 3472 c.urlParams_.Set("prettyPrint", "false") 3473 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3474 urls += "?" + c.urlParams_.Encode() 3475 req, err := http.NewRequest("PATCH", urls, body) 3476 if err != nil { 3477 return nil, err 3478 } 3479 req.Header = reqHeaders 3480 googleapi.Expand(req.URL, map[string]string{ 3481 "name": c.name, 3482 }) 3483 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3484} 3485 3486// Do executes the "iam.organizations.roles.patch" call. 3487// Exactly one of *Role or error will be non-nil. Any non-2xx status 3488// code is an error. Response headers are in either 3489// *Role.ServerResponse.Header or (if a response was returned at all) in 3490// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3491// whether the returned error was because http.StatusNotModified was 3492// returned. 3493func (c *OrganizationsRolesPatchCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3494 gensupport.SetOptions(c.urlParams_, opts...) 3495 res, err := c.doRequest("json") 3496 if res != nil && res.StatusCode == http.StatusNotModified { 3497 if res.Body != nil { 3498 res.Body.Close() 3499 } 3500 return nil, &googleapi.Error{ 3501 Code: res.StatusCode, 3502 Header: res.Header, 3503 } 3504 } 3505 if err != nil { 3506 return nil, err 3507 } 3508 defer googleapi.CloseBody(res) 3509 if err := googleapi.CheckResponse(res); err != nil { 3510 return nil, err 3511 } 3512 ret := &Role{ 3513 ServerResponse: googleapi.ServerResponse{ 3514 Header: res.Header, 3515 HTTPStatusCode: res.StatusCode, 3516 }, 3517 } 3518 target := &ret 3519 if err := gensupport.DecodeResponse(target, res); err != nil { 3520 return nil, err 3521 } 3522 return ret, nil 3523 // { 3524 // "description": "Updates the definition of a custom Role.", 3525 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 3526 // "httpMethod": "PATCH", 3527 // "id": "iam.organizations.roles.patch", 3528 // "parameterOrder": [ 3529 // "name" 3530 // ], 3531 // "parameters": { 3532 // "name": { 3533 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`projects.roles.patch()`](/iam/reference/rest/v1/projects.roles/patch):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only\n [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.patch()`](/iam/reference/rest/v1/organizations.roles/patch):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n updates only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 3534 // "location": "path", 3535 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3536 // "required": true, 3537 // "type": "string" 3538 // }, 3539 // "updateMask": { 3540 // "description": "A mask describing which fields in the Role have changed.", 3541 // "format": "google-fieldmask", 3542 // "location": "query", 3543 // "type": "string" 3544 // } 3545 // }, 3546 // "path": "v1/{+name}", 3547 // "request": { 3548 // "$ref": "Role" 3549 // }, 3550 // "response": { 3551 // "$ref": "Role" 3552 // }, 3553 // "scopes": [ 3554 // "https://www.googleapis.com/auth/cloud-platform" 3555 // ] 3556 // } 3557 3558} 3559 3560// method id "iam.organizations.roles.undelete": 3561 3562type OrganizationsRolesUndeleteCall struct { 3563 s *Service 3564 name string 3565 undeleterolerequest *UndeleteRoleRequest 3566 urlParams_ gensupport.URLParams 3567 ctx_ context.Context 3568 header_ http.Header 3569} 3570 3571// Undelete: Undeletes a custom Role. 3572func (r *OrganizationsRolesService) Undelete(name string, undeleterolerequest *UndeleteRoleRequest) *OrganizationsRolesUndeleteCall { 3573 c := &OrganizationsRolesUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3574 c.name = name 3575 c.undeleterolerequest = undeleterolerequest 3576 return c 3577} 3578 3579// Fields allows partial responses to be retrieved. See 3580// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3581// for more information. 3582func (c *OrganizationsRolesUndeleteCall) Fields(s ...googleapi.Field) *OrganizationsRolesUndeleteCall { 3583 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3584 return c 3585} 3586 3587// Context sets the context to be used in this call's Do method. Any 3588// pending HTTP request will be aborted if the provided context is 3589// canceled. 3590func (c *OrganizationsRolesUndeleteCall) Context(ctx context.Context) *OrganizationsRolesUndeleteCall { 3591 c.ctx_ = ctx 3592 return c 3593} 3594 3595// Header returns an http.Header that can be modified by the caller to 3596// add HTTP headers to the request. 3597func (c *OrganizationsRolesUndeleteCall) Header() http.Header { 3598 if c.header_ == nil { 3599 c.header_ = make(http.Header) 3600 } 3601 return c.header_ 3602} 3603 3604func (c *OrganizationsRolesUndeleteCall) doRequest(alt string) (*http.Response, error) { 3605 reqHeaders := make(http.Header) 3606 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 3607 for k, v := range c.header_ { 3608 reqHeaders[k] = v 3609 } 3610 reqHeaders.Set("User-Agent", c.s.userAgent()) 3611 var body io.Reader = nil 3612 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleterolerequest) 3613 if err != nil { 3614 return nil, err 3615 } 3616 reqHeaders.Set("Content-Type", "application/json") 3617 c.urlParams_.Set("alt", alt) 3618 c.urlParams_.Set("prettyPrint", "false") 3619 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 3620 urls += "?" + c.urlParams_.Encode() 3621 req, err := http.NewRequest("POST", urls, body) 3622 if err != nil { 3623 return nil, err 3624 } 3625 req.Header = reqHeaders 3626 googleapi.Expand(req.URL, map[string]string{ 3627 "name": c.name, 3628 }) 3629 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3630} 3631 3632// Do executes the "iam.organizations.roles.undelete" call. 3633// Exactly one of *Role or error will be non-nil. Any non-2xx status 3634// code is an error. Response headers are in either 3635// *Role.ServerResponse.Header or (if a response was returned at all) in 3636// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3637// whether the returned error was because http.StatusNotModified was 3638// returned. 3639func (c *OrganizationsRolesUndeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3640 gensupport.SetOptions(c.urlParams_, opts...) 3641 res, err := c.doRequest("json") 3642 if res != nil && res.StatusCode == http.StatusNotModified { 3643 if res.Body != nil { 3644 res.Body.Close() 3645 } 3646 return nil, &googleapi.Error{ 3647 Code: res.StatusCode, 3648 Header: res.Header, 3649 } 3650 } 3651 if err != nil { 3652 return nil, err 3653 } 3654 defer googleapi.CloseBody(res) 3655 if err := googleapi.CheckResponse(res); err != nil { 3656 return nil, err 3657 } 3658 ret := &Role{ 3659 ServerResponse: googleapi.ServerResponse{ 3660 Header: res.Header, 3661 HTTPStatusCode: res.StatusCode, 3662 }, 3663 } 3664 target := &ret 3665 if err := gensupport.DecodeResponse(target, res); err != nil { 3666 return nil, err 3667 } 3668 return ret, nil 3669 // { 3670 // "description": "Undeletes a custom Role.", 3671 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}:undelete", 3672 // "httpMethod": "POST", 3673 // "id": "iam.organizations.roles.undelete", 3674 // "parameterOrder": [ 3675 // "name" 3676 // ], 3677 // "parameters": { 3678 // "name": { 3679 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`projects.roles.undelete()`](/iam/reference/rest/v1/projects.roles/undelete):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes\n only [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.undelete()`](/iam/reference/rest/v1/organizations.roles/undelete):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n undeletes only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 3680 // "location": "path", 3681 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3682 // "required": true, 3683 // "type": "string" 3684 // } 3685 // }, 3686 // "path": "v1/{+name}:undelete", 3687 // "request": { 3688 // "$ref": "UndeleteRoleRequest" 3689 // }, 3690 // "response": { 3691 // "$ref": "Role" 3692 // }, 3693 // "scopes": [ 3694 // "https://www.googleapis.com/auth/cloud-platform" 3695 // ] 3696 // } 3697 3698} 3699 3700// method id "iam.permissions.queryTestablePermissions": 3701 3702type PermissionsQueryTestablePermissionsCall struct { 3703 s *Service 3704 querytestablepermissionsrequest *QueryTestablePermissionsRequest 3705 urlParams_ gensupport.URLParams 3706 ctx_ context.Context 3707 header_ http.Header 3708} 3709 3710// QueryTestablePermissions: Lists every permission that you can test on 3711// a resource. A permission is 3712// testable if you can check whether a member has that permission on 3713// the 3714// resource. 3715func (r *PermissionsService) QueryTestablePermissions(querytestablepermissionsrequest *QueryTestablePermissionsRequest) *PermissionsQueryTestablePermissionsCall { 3716 c := &PermissionsQueryTestablePermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3717 c.querytestablepermissionsrequest = querytestablepermissionsrequest 3718 return c 3719} 3720 3721// Fields allows partial responses to be retrieved. See 3722// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3723// for more information. 3724func (c *PermissionsQueryTestablePermissionsCall) Fields(s ...googleapi.Field) *PermissionsQueryTestablePermissionsCall { 3725 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3726 return c 3727} 3728 3729// Context sets the context to be used in this call's Do method. Any 3730// pending HTTP request will be aborted if the provided context is 3731// canceled. 3732func (c *PermissionsQueryTestablePermissionsCall) Context(ctx context.Context) *PermissionsQueryTestablePermissionsCall { 3733 c.ctx_ = ctx 3734 return c 3735} 3736 3737// Header returns an http.Header that can be modified by the caller to 3738// add HTTP headers to the request. 3739func (c *PermissionsQueryTestablePermissionsCall) Header() http.Header { 3740 if c.header_ == nil { 3741 c.header_ = make(http.Header) 3742 } 3743 return c.header_ 3744} 3745 3746func (c *PermissionsQueryTestablePermissionsCall) doRequest(alt string) (*http.Response, error) { 3747 reqHeaders := make(http.Header) 3748 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 3749 for k, v := range c.header_ { 3750 reqHeaders[k] = v 3751 } 3752 reqHeaders.Set("User-Agent", c.s.userAgent()) 3753 var body io.Reader = nil 3754 body, err := googleapi.WithoutDataWrapper.JSONReader(c.querytestablepermissionsrequest) 3755 if err != nil { 3756 return nil, err 3757 } 3758 reqHeaders.Set("Content-Type", "application/json") 3759 c.urlParams_.Set("alt", alt) 3760 c.urlParams_.Set("prettyPrint", "false") 3761 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/permissions:queryTestablePermissions") 3762 urls += "?" + c.urlParams_.Encode() 3763 req, err := http.NewRequest("POST", urls, body) 3764 if err != nil { 3765 return nil, err 3766 } 3767 req.Header = reqHeaders 3768 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3769} 3770 3771// Do executes the "iam.permissions.queryTestablePermissions" call. 3772// Exactly one of *QueryTestablePermissionsResponse or error will be 3773// non-nil. Any non-2xx status code is an error. Response headers are in 3774// either *QueryTestablePermissionsResponse.ServerResponse.Header or (if 3775// a response was returned at all) in error.(*googleapi.Error).Header. 3776// Use googleapi.IsNotModified to check whether the returned error was 3777// because http.StatusNotModified was returned. 3778func (c *PermissionsQueryTestablePermissionsCall) Do(opts ...googleapi.CallOption) (*QueryTestablePermissionsResponse, error) { 3779 gensupport.SetOptions(c.urlParams_, opts...) 3780 res, err := c.doRequest("json") 3781 if res != nil && res.StatusCode == http.StatusNotModified { 3782 if res.Body != nil { 3783 res.Body.Close() 3784 } 3785 return nil, &googleapi.Error{ 3786 Code: res.StatusCode, 3787 Header: res.Header, 3788 } 3789 } 3790 if err != nil { 3791 return nil, err 3792 } 3793 defer googleapi.CloseBody(res) 3794 if err := googleapi.CheckResponse(res); err != nil { 3795 return nil, err 3796 } 3797 ret := &QueryTestablePermissionsResponse{ 3798 ServerResponse: googleapi.ServerResponse{ 3799 Header: res.Header, 3800 HTTPStatusCode: res.StatusCode, 3801 }, 3802 } 3803 target := &ret 3804 if err := gensupport.DecodeResponse(target, res); err != nil { 3805 return nil, err 3806 } 3807 return ret, nil 3808 // { 3809 // "description": "Lists every permission that you can test on a resource. A permission is\ntestable if you can check whether a member has that permission on the\nresource.", 3810 // "flatPath": "v1/permissions:queryTestablePermissions", 3811 // "httpMethod": "POST", 3812 // "id": "iam.permissions.queryTestablePermissions", 3813 // "parameterOrder": [], 3814 // "parameters": {}, 3815 // "path": "v1/permissions:queryTestablePermissions", 3816 // "request": { 3817 // "$ref": "QueryTestablePermissionsRequest" 3818 // }, 3819 // "response": { 3820 // "$ref": "QueryTestablePermissionsResponse" 3821 // }, 3822 // "scopes": [ 3823 // "https://www.googleapis.com/auth/cloud-platform" 3824 // ] 3825 // } 3826 3827} 3828 3829// Pages invokes f for each page of results. 3830// A non-nil error returned from f will halt the iteration. 3831// The provided context supersedes any context provided to the Context method. 3832func (c *PermissionsQueryTestablePermissionsCall) Pages(ctx context.Context, f func(*QueryTestablePermissionsResponse) error) error { 3833 c.ctx_ = ctx 3834 defer func(pt string) { c.querytestablepermissionsrequest.PageToken = pt }(c.querytestablepermissionsrequest.PageToken) // reset paging to original point 3835 for { 3836 x, err := c.Do() 3837 if err != nil { 3838 return err 3839 } 3840 if err := f(x); err != nil { 3841 return err 3842 } 3843 if x.NextPageToken == "" { 3844 return nil 3845 } 3846 c.querytestablepermissionsrequest.PageToken = x.NextPageToken 3847 } 3848} 3849 3850// method id "iam.projects.roles.create": 3851 3852type ProjectsRolesCreateCall struct { 3853 s *Service 3854 parent string 3855 createrolerequest *CreateRoleRequest 3856 urlParams_ gensupport.URLParams 3857 ctx_ context.Context 3858 header_ http.Header 3859} 3860 3861// Create: Creates a new custom Role. 3862func (r *ProjectsRolesService) Create(parent string, createrolerequest *CreateRoleRequest) *ProjectsRolesCreateCall { 3863 c := &ProjectsRolesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3864 c.parent = parent 3865 c.createrolerequest = createrolerequest 3866 return c 3867} 3868 3869// Fields allows partial responses to be retrieved. See 3870// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3871// for more information. 3872func (c *ProjectsRolesCreateCall) Fields(s ...googleapi.Field) *ProjectsRolesCreateCall { 3873 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3874 return c 3875} 3876 3877// Context sets the context to be used in this call's Do method. Any 3878// pending HTTP request will be aborted if the provided context is 3879// canceled. 3880func (c *ProjectsRolesCreateCall) Context(ctx context.Context) *ProjectsRolesCreateCall { 3881 c.ctx_ = ctx 3882 return c 3883} 3884 3885// Header returns an http.Header that can be modified by the caller to 3886// add HTTP headers to the request. 3887func (c *ProjectsRolesCreateCall) Header() http.Header { 3888 if c.header_ == nil { 3889 c.header_ = make(http.Header) 3890 } 3891 return c.header_ 3892} 3893 3894func (c *ProjectsRolesCreateCall) doRequest(alt string) (*http.Response, error) { 3895 reqHeaders := make(http.Header) 3896 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 3897 for k, v := range c.header_ { 3898 reqHeaders[k] = v 3899 } 3900 reqHeaders.Set("User-Agent", c.s.userAgent()) 3901 var body io.Reader = nil 3902 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createrolerequest) 3903 if err != nil { 3904 return nil, err 3905 } 3906 reqHeaders.Set("Content-Type", "application/json") 3907 c.urlParams_.Set("alt", alt) 3908 c.urlParams_.Set("prettyPrint", "false") 3909 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 3910 urls += "?" + c.urlParams_.Encode() 3911 req, err := http.NewRequest("POST", urls, body) 3912 if err != nil { 3913 return nil, err 3914 } 3915 req.Header = reqHeaders 3916 googleapi.Expand(req.URL, map[string]string{ 3917 "parent": c.parent, 3918 }) 3919 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3920} 3921 3922// Do executes the "iam.projects.roles.create" call. 3923// Exactly one of *Role or error will be non-nil. Any non-2xx status 3924// code is an error. Response headers are in either 3925// *Role.ServerResponse.Header or (if a response was returned at all) in 3926// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3927// whether the returned error was because http.StatusNotModified was 3928// returned. 3929func (c *ProjectsRolesCreateCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3930 gensupport.SetOptions(c.urlParams_, opts...) 3931 res, err := c.doRequest("json") 3932 if res != nil && res.StatusCode == http.StatusNotModified { 3933 if res.Body != nil { 3934 res.Body.Close() 3935 } 3936 return nil, &googleapi.Error{ 3937 Code: res.StatusCode, 3938 Header: res.Header, 3939 } 3940 } 3941 if err != nil { 3942 return nil, err 3943 } 3944 defer googleapi.CloseBody(res) 3945 if err := googleapi.CheckResponse(res); err != nil { 3946 return nil, err 3947 } 3948 ret := &Role{ 3949 ServerResponse: googleapi.ServerResponse{ 3950 Header: res.Header, 3951 HTTPStatusCode: res.StatusCode, 3952 }, 3953 } 3954 target := &ret 3955 if err := gensupport.DecodeResponse(target, res); err != nil { 3956 return nil, err 3957 } 3958 return ret, nil 3959 // { 3960 // "description": "Creates a new custom Role.", 3961 // "flatPath": "v1/projects/{projectsId}/roles", 3962 // "httpMethod": "POST", 3963 // "id": "iam.projects.roles.create", 3964 // "parameterOrder": [ 3965 // "parent" 3966 // ], 3967 // "parameters": { 3968 // "parent": { 3969 // "description": "The `parent` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `parent` value format is described below:\n\n* [`projects.roles.create()`](/iam/reference/rest/v1/projects.roles/create):\n `projects/{PROJECT_ID}`. This method creates project-level\n [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles`\n\n* [`organizations.roles.create()`](/iam/reference/rest/v1/organizations.roles/create):\n `organizations/{ORGANIZATION_ID}`. This method creates organization-level\n [custom roles](/iam/docs/understanding-custom-roles). Example request\n URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 3970 // "location": "path", 3971 // "pattern": "^projects/[^/]+$", 3972 // "required": true, 3973 // "type": "string" 3974 // } 3975 // }, 3976 // "path": "v1/{+parent}/roles", 3977 // "request": { 3978 // "$ref": "CreateRoleRequest" 3979 // }, 3980 // "response": { 3981 // "$ref": "Role" 3982 // }, 3983 // "scopes": [ 3984 // "https://www.googleapis.com/auth/cloud-platform" 3985 // ] 3986 // } 3987 3988} 3989 3990// method id "iam.projects.roles.delete": 3991 3992type ProjectsRolesDeleteCall struct { 3993 s *Service 3994 name string 3995 urlParams_ gensupport.URLParams 3996 ctx_ context.Context 3997 header_ http.Header 3998} 3999 4000// Delete: Deletes a custom Role. 4001// 4002// When you delete a custom role, the following changes occur 4003// immediately: 4004// 4005// * You cannot bind a member to the custom role in an IAM 4006// Policy. 4007// * Existing bindings to the custom role are not changed, but they have 4008// no 4009// effect. 4010// * By default, the response from ListRoles does not include the 4011// custom 4012// role. 4013// 4014// You have 7 days to undelete the custom role. After 7 days, the 4015// following 4016// changes occur: 4017// 4018// * The custom role is permanently deleted and cannot be recovered. 4019// * If an IAM policy contains a binding to the custom role, the binding 4020// is 4021// permanently removed. 4022func (r *ProjectsRolesService) Delete(name string) *ProjectsRolesDeleteCall { 4023 c := &ProjectsRolesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4024 c.name = name 4025 return c 4026} 4027 4028// Etag sets the optional parameter "etag": Used to perform a consistent 4029// read-modify-write. 4030func (c *ProjectsRolesDeleteCall) Etag(etag string) *ProjectsRolesDeleteCall { 4031 c.urlParams_.Set("etag", etag) 4032 return c 4033} 4034 4035// Fields allows partial responses to be retrieved. See 4036// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4037// for more information. 4038func (c *ProjectsRolesDeleteCall) Fields(s ...googleapi.Field) *ProjectsRolesDeleteCall { 4039 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4040 return c 4041} 4042 4043// Context sets the context to be used in this call's Do method. Any 4044// pending HTTP request will be aborted if the provided context is 4045// canceled. 4046func (c *ProjectsRolesDeleteCall) Context(ctx context.Context) *ProjectsRolesDeleteCall { 4047 c.ctx_ = ctx 4048 return c 4049} 4050 4051// Header returns an http.Header that can be modified by the caller to 4052// add HTTP headers to the request. 4053func (c *ProjectsRolesDeleteCall) Header() http.Header { 4054 if c.header_ == nil { 4055 c.header_ = make(http.Header) 4056 } 4057 return c.header_ 4058} 4059 4060func (c *ProjectsRolesDeleteCall) doRequest(alt string) (*http.Response, error) { 4061 reqHeaders := make(http.Header) 4062 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 4063 for k, v := range c.header_ { 4064 reqHeaders[k] = v 4065 } 4066 reqHeaders.Set("User-Agent", c.s.userAgent()) 4067 var body io.Reader = nil 4068 c.urlParams_.Set("alt", alt) 4069 c.urlParams_.Set("prettyPrint", "false") 4070 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4071 urls += "?" + c.urlParams_.Encode() 4072 req, err := http.NewRequest("DELETE", urls, body) 4073 if err != nil { 4074 return nil, err 4075 } 4076 req.Header = reqHeaders 4077 googleapi.Expand(req.URL, map[string]string{ 4078 "name": c.name, 4079 }) 4080 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4081} 4082 4083// Do executes the "iam.projects.roles.delete" call. 4084// Exactly one of *Role or error will be non-nil. Any non-2xx status 4085// code is an error. Response headers are in either 4086// *Role.ServerResponse.Header or (if a response was returned at all) in 4087// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 4088// whether the returned error was because http.StatusNotModified was 4089// returned. 4090func (c *ProjectsRolesDeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 4091 gensupport.SetOptions(c.urlParams_, opts...) 4092 res, err := c.doRequest("json") 4093 if res != nil && res.StatusCode == http.StatusNotModified { 4094 if res.Body != nil { 4095 res.Body.Close() 4096 } 4097 return nil, &googleapi.Error{ 4098 Code: res.StatusCode, 4099 Header: res.Header, 4100 } 4101 } 4102 if err != nil { 4103 return nil, err 4104 } 4105 defer googleapi.CloseBody(res) 4106 if err := googleapi.CheckResponse(res); err != nil { 4107 return nil, err 4108 } 4109 ret := &Role{ 4110 ServerResponse: googleapi.ServerResponse{ 4111 Header: res.Header, 4112 HTTPStatusCode: res.StatusCode, 4113 }, 4114 } 4115 target := &ret 4116 if err := gensupport.DecodeResponse(target, res); err != nil { 4117 return nil, err 4118 } 4119 return ret, nil 4120 // { 4121 // "description": "Deletes a custom Role.\n\nWhen you delete a custom role, the following changes occur immediately:\n\n* You cannot bind a member to the custom role in an IAM\nPolicy.\n* Existing bindings to the custom role are not changed, but they have no\neffect.\n* By default, the response from ListRoles does not include the custom\nrole.\n\nYou have 7 days to undelete the custom role. After 7 days, the following\nchanges occur:\n\n* The custom role is permanently deleted and cannot be recovered.\n* If an IAM policy contains a binding to the custom role, the binding is\npermanently removed.", 4122 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 4123 // "httpMethod": "DELETE", 4124 // "id": "iam.projects.roles.delete", 4125 // "parameterOrder": [ 4126 // "name" 4127 // ], 4128 // "parameters": { 4129 // "etag": { 4130 // "description": "Used to perform a consistent read-modify-write.", 4131 // "format": "byte", 4132 // "location": "query", 4133 // "type": "string" 4134 // }, 4135 // "name": { 4136 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`projects.roles.delete()`](/iam/reference/rest/v1/projects.roles/delete):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only\n [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.delete()`](/iam/reference/rest/v1/organizations.roles/delete):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n deletes only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 4137 // "location": "path", 4138 // "pattern": "^projects/[^/]+/roles/[^/]+$", 4139 // "required": true, 4140 // "type": "string" 4141 // } 4142 // }, 4143 // "path": "v1/{+name}", 4144 // "response": { 4145 // "$ref": "Role" 4146 // }, 4147 // "scopes": [ 4148 // "https://www.googleapis.com/auth/cloud-platform" 4149 // ] 4150 // } 4151 4152} 4153 4154// method id "iam.projects.roles.get": 4155 4156type ProjectsRolesGetCall struct { 4157 s *Service 4158 name string 4159 urlParams_ gensupport.URLParams 4160 ifNoneMatch_ string 4161 ctx_ context.Context 4162 header_ http.Header 4163} 4164 4165// Get: Gets the definition of a Role. 4166func (r *ProjectsRolesService) Get(name string) *ProjectsRolesGetCall { 4167 c := &ProjectsRolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4168 c.name = name 4169 return c 4170} 4171 4172// Fields allows partial responses to be retrieved. See 4173// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4174// for more information. 4175func (c *ProjectsRolesGetCall) Fields(s ...googleapi.Field) *ProjectsRolesGetCall { 4176 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4177 return c 4178} 4179 4180// IfNoneMatch sets the optional parameter which makes the operation 4181// fail if the object's ETag matches the given value. This is useful for 4182// getting updates only after the object has changed since the last 4183// request. Use googleapi.IsNotModified to check whether the response 4184// error from Do is the result of In-None-Match. 4185func (c *ProjectsRolesGetCall) IfNoneMatch(entityTag string) *ProjectsRolesGetCall { 4186 c.ifNoneMatch_ = entityTag 4187 return c 4188} 4189 4190// Context sets the context to be used in this call's Do method. Any 4191// pending HTTP request will be aborted if the provided context is 4192// canceled. 4193func (c *ProjectsRolesGetCall) Context(ctx context.Context) *ProjectsRolesGetCall { 4194 c.ctx_ = ctx 4195 return c 4196} 4197 4198// Header returns an http.Header that can be modified by the caller to 4199// add HTTP headers to the request. 4200func (c *ProjectsRolesGetCall) Header() http.Header { 4201 if c.header_ == nil { 4202 c.header_ = make(http.Header) 4203 } 4204 return c.header_ 4205} 4206 4207func (c *ProjectsRolesGetCall) doRequest(alt string) (*http.Response, error) { 4208 reqHeaders := make(http.Header) 4209 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 4210 for k, v := range c.header_ { 4211 reqHeaders[k] = v 4212 } 4213 reqHeaders.Set("User-Agent", c.s.userAgent()) 4214 if c.ifNoneMatch_ != "" { 4215 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 4216 } 4217 var body io.Reader = nil 4218 c.urlParams_.Set("alt", alt) 4219 c.urlParams_.Set("prettyPrint", "false") 4220 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4221 urls += "?" + c.urlParams_.Encode() 4222 req, err := http.NewRequest("GET", urls, body) 4223 if err != nil { 4224 return nil, err 4225 } 4226 req.Header = reqHeaders 4227 googleapi.Expand(req.URL, map[string]string{ 4228 "name": c.name, 4229 }) 4230 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4231} 4232 4233// Do executes the "iam.projects.roles.get" call. 4234// Exactly one of *Role or error will be non-nil. Any non-2xx status 4235// code is an error. Response headers are in either 4236// *Role.ServerResponse.Header or (if a response was returned at all) in 4237// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 4238// whether the returned error was because http.StatusNotModified was 4239// returned. 4240func (c *ProjectsRolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 4241 gensupport.SetOptions(c.urlParams_, opts...) 4242 res, err := c.doRequest("json") 4243 if res != nil && res.StatusCode == http.StatusNotModified { 4244 if res.Body != nil { 4245 res.Body.Close() 4246 } 4247 return nil, &googleapi.Error{ 4248 Code: res.StatusCode, 4249 Header: res.Header, 4250 } 4251 } 4252 if err != nil { 4253 return nil, err 4254 } 4255 defer googleapi.CloseBody(res) 4256 if err := googleapi.CheckResponse(res); err != nil { 4257 return nil, err 4258 } 4259 ret := &Role{ 4260 ServerResponse: googleapi.ServerResponse{ 4261 Header: res.Header, 4262 HTTPStatusCode: res.StatusCode, 4263 }, 4264 } 4265 target := &ret 4266 if err := gensupport.DecodeResponse(target, res); err != nil { 4267 return nil, err 4268 } 4269 return ret, nil 4270 // { 4271 // "description": "Gets the definition of a Role.", 4272 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 4273 // "httpMethod": "GET", 4274 // "id": "iam.projects.roles.get", 4275 // "parameterOrder": [ 4276 // "name" 4277 // ], 4278 // "parameters": { 4279 // "name": { 4280 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`roles`](/iam/reference/rest/v1/roles),\n[`projects`](/iam/reference/rest/v1/projects.roles), or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`.\n This method returns results from all\n [predefined roles](/iam/docs/understanding-roles#predefined_roles) in\n Cloud IAM. Example request URL:\n `https://iam.googleapis.com/v1/roles/{ROLE_NAME}`\n\n* [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only\n [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n returns only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 4281 // "location": "path", 4282 // "pattern": "^projects/[^/]+/roles/[^/]+$", 4283 // "required": true, 4284 // "type": "string" 4285 // } 4286 // }, 4287 // "path": "v1/{+name}", 4288 // "response": { 4289 // "$ref": "Role" 4290 // }, 4291 // "scopes": [ 4292 // "https://www.googleapis.com/auth/cloud-platform" 4293 // ] 4294 // } 4295 4296} 4297 4298// method id "iam.projects.roles.list": 4299 4300type ProjectsRolesListCall struct { 4301 s *Service 4302 parent string 4303 urlParams_ gensupport.URLParams 4304 ifNoneMatch_ string 4305 ctx_ context.Context 4306 header_ http.Header 4307} 4308 4309// List: Lists every predefined Role that IAM supports, or every custom 4310// role 4311// that is defined for an organization or project. 4312func (r *ProjectsRolesService) List(parent string) *ProjectsRolesListCall { 4313 c := &ProjectsRolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4314 c.parent = parent 4315 return c 4316} 4317 4318// PageSize sets the optional parameter "pageSize": Optional limit on 4319// the number of roles to include in the response. 4320// 4321// The default is 300, and the maximum is 1,000. 4322func (c *ProjectsRolesListCall) PageSize(pageSize int64) *ProjectsRolesListCall { 4323 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 4324 return c 4325} 4326 4327// PageToken sets the optional parameter "pageToken": Optional 4328// pagination token returned in an earlier ListRolesResponse. 4329func (c *ProjectsRolesListCall) PageToken(pageToken string) *ProjectsRolesListCall { 4330 c.urlParams_.Set("pageToken", pageToken) 4331 return c 4332} 4333 4334// ShowDeleted sets the optional parameter "showDeleted": Include Roles 4335// that have been deleted. 4336func (c *ProjectsRolesListCall) ShowDeleted(showDeleted bool) *ProjectsRolesListCall { 4337 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 4338 return c 4339} 4340 4341// View sets the optional parameter "view": Optional view for the 4342// returned Role objects. When `FULL` is specified, 4343// the `includedPermissions` field is returned, which includes a list of 4344// all 4345// permissions in the role. The default value is `BASIC`, which does 4346// not 4347// return the `includedPermissions` field. 4348// 4349// Possible values: 4350// "BASIC" 4351// "FULL" 4352func (c *ProjectsRolesListCall) View(view string) *ProjectsRolesListCall { 4353 c.urlParams_.Set("view", view) 4354 return c 4355} 4356 4357// Fields allows partial responses to be retrieved. See 4358// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4359// for more information. 4360func (c *ProjectsRolesListCall) Fields(s ...googleapi.Field) *ProjectsRolesListCall { 4361 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4362 return c 4363} 4364 4365// IfNoneMatch sets the optional parameter which makes the operation 4366// fail if the object's ETag matches the given value. This is useful for 4367// getting updates only after the object has changed since the last 4368// request. Use googleapi.IsNotModified to check whether the response 4369// error from Do is the result of In-None-Match. 4370func (c *ProjectsRolesListCall) IfNoneMatch(entityTag string) *ProjectsRolesListCall { 4371 c.ifNoneMatch_ = entityTag 4372 return c 4373} 4374 4375// Context sets the context to be used in this call's Do method. Any 4376// pending HTTP request will be aborted if the provided context is 4377// canceled. 4378func (c *ProjectsRolesListCall) Context(ctx context.Context) *ProjectsRolesListCall { 4379 c.ctx_ = ctx 4380 return c 4381} 4382 4383// Header returns an http.Header that can be modified by the caller to 4384// add HTTP headers to the request. 4385func (c *ProjectsRolesListCall) Header() http.Header { 4386 if c.header_ == nil { 4387 c.header_ = make(http.Header) 4388 } 4389 return c.header_ 4390} 4391 4392func (c *ProjectsRolesListCall) doRequest(alt string) (*http.Response, error) { 4393 reqHeaders := make(http.Header) 4394 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 4395 for k, v := range c.header_ { 4396 reqHeaders[k] = v 4397 } 4398 reqHeaders.Set("User-Agent", c.s.userAgent()) 4399 if c.ifNoneMatch_ != "" { 4400 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 4401 } 4402 var body io.Reader = nil 4403 c.urlParams_.Set("alt", alt) 4404 c.urlParams_.Set("prettyPrint", "false") 4405 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 4406 urls += "?" + c.urlParams_.Encode() 4407 req, err := http.NewRequest("GET", urls, body) 4408 if err != nil { 4409 return nil, err 4410 } 4411 req.Header = reqHeaders 4412 googleapi.Expand(req.URL, map[string]string{ 4413 "parent": c.parent, 4414 }) 4415 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4416} 4417 4418// Do executes the "iam.projects.roles.list" call. 4419// Exactly one of *ListRolesResponse or error will be non-nil. Any 4420// non-2xx status code is an error. Response headers are in either 4421// *ListRolesResponse.ServerResponse.Header or (if a response was 4422// returned at all) in error.(*googleapi.Error).Header. Use 4423// googleapi.IsNotModified to check whether the returned error was 4424// because http.StatusNotModified was returned. 4425func (c *ProjectsRolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 4426 gensupport.SetOptions(c.urlParams_, opts...) 4427 res, err := c.doRequest("json") 4428 if res != nil && res.StatusCode == http.StatusNotModified { 4429 if res.Body != nil { 4430 res.Body.Close() 4431 } 4432 return nil, &googleapi.Error{ 4433 Code: res.StatusCode, 4434 Header: res.Header, 4435 } 4436 } 4437 if err != nil { 4438 return nil, err 4439 } 4440 defer googleapi.CloseBody(res) 4441 if err := googleapi.CheckResponse(res); err != nil { 4442 return nil, err 4443 } 4444 ret := &ListRolesResponse{ 4445 ServerResponse: googleapi.ServerResponse{ 4446 Header: res.Header, 4447 HTTPStatusCode: res.StatusCode, 4448 }, 4449 } 4450 target := &ret 4451 if err := gensupport.DecodeResponse(target, res); err != nil { 4452 return nil, err 4453 } 4454 return ret, nil 4455 // { 4456 // "description": "Lists every predefined Role that IAM supports, or every custom role\nthat is defined for an organization or project.", 4457 // "flatPath": "v1/projects/{projectsId}/roles", 4458 // "httpMethod": "GET", 4459 // "id": "iam.projects.roles.list", 4460 // "parameterOrder": [ 4461 // "parent" 4462 // ], 4463 // "parameters": { 4464 // "pageSize": { 4465 // "description": "Optional limit on the number of roles to include in the response.\n\nThe default is 300, and the maximum is 1,000.", 4466 // "format": "int32", 4467 // "location": "query", 4468 // "type": "integer" 4469 // }, 4470 // "pageToken": { 4471 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 4472 // "location": "query", 4473 // "type": "string" 4474 // }, 4475 // "parent": { 4476 // "description": "The `parent` parameter's value depends on the target resource for the\nrequest, namely\n[`roles`](/iam/reference/rest/v1/roles),\n[`projects`](/iam/reference/rest/v1/projects.roles), or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `parent` value format is described below:\n\n* [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string.\n This method doesn't require a resource; it simply returns all\n [predefined roles](/iam/docs/understanding-roles#predefined_roles) in\n Cloud IAM. Example request URL:\n `https://iam.googleapis.com/v1/roles`\n\n* [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list):\n `projects/{PROJECT_ID}`. This method lists all project-level\n [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles`\n\n* [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list):\n `organizations/{ORGANIZATION_ID}`. This method lists all\n organization-level [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 4477 // "location": "path", 4478 // "pattern": "^projects/[^/]+$", 4479 // "required": true, 4480 // "type": "string" 4481 // }, 4482 // "showDeleted": { 4483 // "description": "Include Roles that have been deleted.", 4484 // "location": "query", 4485 // "type": "boolean" 4486 // }, 4487 // "view": { 4488 // "description": "Optional view for the returned Role objects. When `FULL` is specified,\nthe `includedPermissions` field is returned, which includes a list of all\npermissions in the role. The default value is `BASIC`, which does not\nreturn the `includedPermissions` field.", 4489 // "enum": [ 4490 // "BASIC", 4491 // "FULL" 4492 // ], 4493 // "location": "query", 4494 // "type": "string" 4495 // } 4496 // }, 4497 // "path": "v1/{+parent}/roles", 4498 // "response": { 4499 // "$ref": "ListRolesResponse" 4500 // }, 4501 // "scopes": [ 4502 // "https://www.googleapis.com/auth/cloud-platform" 4503 // ] 4504 // } 4505 4506} 4507 4508// Pages invokes f for each page of results. 4509// A non-nil error returned from f will halt the iteration. 4510// The provided context supersedes any context provided to the Context method. 4511func (c *ProjectsRolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 4512 c.ctx_ = ctx 4513 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 4514 for { 4515 x, err := c.Do() 4516 if err != nil { 4517 return err 4518 } 4519 if err := f(x); err != nil { 4520 return err 4521 } 4522 if x.NextPageToken == "" { 4523 return nil 4524 } 4525 c.PageToken(x.NextPageToken) 4526 } 4527} 4528 4529// method id "iam.projects.roles.patch": 4530 4531type ProjectsRolesPatchCall struct { 4532 s *Service 4533 name string 4534 role *Role 4535 urlParams_ gensupport.URLParams 4536 ctx_ context.Context 4537 header_ http.Header 4538} 4539 4540// Patch: Updates the definition of a custom Role. 4541func (r *ProjectsRolesService) Patch(name string, role *Role) *ProjectsRolesPatchCall { 4542 c := &ProjectsRolesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4543 c.name = name 4544 c.role = role 4545 return c 4546} 4547 4548// UpdateMask sets the optional parameter "updateMask": A mask 4549// describing which fields in the Role have changed. 4550func (c *ProjectsRolesPatchCall) UpdateMask(updateMask string) *ProjectsRolesPatchCall { 4551 c.urlParams_.Set("updateMask", updateMask) 4552 return c 4553} 4554 4555// Fields allows partial responses to be retrieved. See 4556// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4557// for more information. 4558func (c *ProjectsRolesPatchCall) Fields(s ...googleapi.Field) *ProjectsRolesPatchCall { 4559 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4560 return c 4561} 4562 4563// Context sets the context to be used in this call's Do method. Any 4564// pending HTTP request will be aborted if the provided context is 4565// canceled. 4566func (c *ProjectsRolesPatchCall) Context(ctx context.Context) *ProjectsRolesPatchCall { 4567 c.ctx_ = ctx 4568 return c 4569} 4570 4571// Header returns an http.Header that can be modified by the caller to 4572// add HTTP headers to the request. 4573func (c *ProjectsRolesPatchCall) Header() http.Header { 4574 if c.header_ == nil { 4575 c.header_ = make(http.Header) 4576 } 4577 return c.header_ 4578} 4579 4580func (c *ProjectsRolesPatchCall) doRequest(alt string) (*http.Response, error) { 4581 reqHeaders := make(http.Header) 4582 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 4583 for k, v := range c.header_ { 4584 reqHeaders[k] = v 4585 } 4586 reqHeaders.Set("User-Agent", c.s.userAgent()) 4587 var body io.Reader = nil 4588 body, err := googleapi.WithoutDataWrapper.JSONReader(c.role) 4589 if err != nil { 4590 return nil, err 4591 } 4592 reqHeaders.Set("Content-Type", "application/json") 4593 c.urlParams_.Set("alt", alt) 4594 c.urlParams_.Set("prettyPrint", "false") 4595 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4596 urls += "?" + c.urlParams_.Encode() 4597 req, err := http.NewRequest("PATCH", urls, body) 4598 if err != nil { 4599 return nil, err 4600 } 4601 req.Header = reqHeaders 4602 googleapi.Expand(req.URL, map[string]string{ 4603 "name": c.name, 4604 }) 4605 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4606} 4607 4608// Do executes the "iam.projects.roles.patch" call. 4609// Exactly one of *Role or error will be non-nil. Any non-2xx status 4610// code is an error. Response headers are in either 4611// *Role.ServerResponse.Header or (if a response was returned at all) in 4612// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 4613// whether the returned error was because http.StatusNotModified was 4614// returned. 4615func (c *ProjectsRolesPatchCall) Do(opts ...googleapi.CallOption) (*Role, error) { 4616 gensupport.SetOptions(c.urlParams_, opts...) 4617 res, err := c.doRequest("json") 4618 if res != nil && res.StatusCode == http.StatusNotModified { 4619 if res.Body != nil { 4620 res.Body.Close() 4621 } 4622 return nil, &googleapi.Error{ 4623 Code: res.StatusCode, 4624 Header: res.Header, 4625 } 4626 } 4627 if err != nil { 4628 return nil, err 4629 } 4630 defer googleapi.CloseBody(res) 4631 if err := googleapi.CheckResponse(res); err != nil { 4632 return nil, err 4633 } 4634 ret := &Role{ 4635 ServerResponse: googleapi.ServerResponse{ 4636 Header: res.Header, 4637 HTTPStatusCode: res.StatusCode, 4638 }, 4639 } 4640 target := &ret 4641 if err := gensupport.DecodeResponse(target, res); err != nil { 4642 return nil, err 4643 } 4644 return ret, nil 4645 // { 4646 // "description": "Updates the definition of a custom Role.", 4647 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 4648 // "httpMethod": "PATCH", 4649 // "id": "iam.projects.roles.patch", 4650 // "parameterOrder": [ 4651 // "name" 4652 // ], 4653 // "parameters": { 4654 // "name": { 4655 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`projects.roles.patch()`](/iam/reference/rest/v1/projects.roles/patch):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only\n [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.patch()`](/iam/reference/rest/v1/organizations.roles/patch):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n updates only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 4656 // "location": "path", 4657 // "pattern": "^projects/[^/]+/roles/[^/]+$", 4658 // "required": true, 4659 // "type": "string" 4660 // }, 4661 // "updateMask": { 4662 // "description": "A mask describing which fields in the Role have changed.", 4663 // "format": "google-fieldmask", 4664 // "location": "query", 4665 // "type": "string" 4666 // } 4667 // }, 4668 // "path": "v1/{+name}", 4669 // "request": { 4670 // "$ref": "Role" 4671 // }, 4672 // "response": { 4673 // "$ref": "Role" 4674 // }, 4675 // "scopes": [ 4676 // "https://www.googleapis.com/auth/cloud-platform" 4677 // ] 4678 // } 4679 4680} 4681 4682// method id "iam.projects.roles.undelete": 4683 4684type ProjectsRolesUndeleteCall struct { 4685 s *Service 4686 name string 4687 undeleterolerequest *UndeleteRoleRequest 4688 urlParams_ gensupport.URLParams 4689 ctx_ context.Context 4690 header_ http.Header 4691} 4692 4693// Undelete: Undeletes a custom Role. 4694func (r *ProjectsRolesService) Undelete(name string, undeleterolerequest *UndeleteRoleRequest) *ProjectsRolesUndeleteCall { 4695 c := &ProjectsRolesUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4696 c.name = name 4697 c.undeleterolerequest = undeleterolerequest 4698 return c 4699} 4700 4701// Fields allows partial responses to be retrieved. See 4702// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4703// for more information. 4704func (c *ProjectsRolesUndeleteCall) Fields(s ...googleapi.Field) *ProjectsRolesUndeleteCall { 4705 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4706 return c 4707} 4708 4709// Context sets the context to be used in this call's Do method. Any 4710// pending HTTP request will be aborted if the provided context is 4711// canceled. 4712func (c *ProjectsRolesUndeleteCall) Context(ctx context.Context) *ProjectsRolesUndeleteCall { 4713 c.ctx_ = ctx 4714 return c 4715} 4716 4717// Header returns an http.Header that can be modified by the caller to 4718// add HTTP headers to the request. 4719func (c *ProjectsRolesUndeleteCall) Header() http.Header { 4720 if c.header_ == nil { 4721 c.header_ = make(http.Header) 4722 } 4723 return c.header_ 4724} 4725 4726func (c *ProjectsRolesUndeleteCall) doRequest(alt string) (*http.Response, error) { 4727 reqHeaders := make(http.Header) 4728 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 4729 for k, v := range c.header_ { 4730 reqHeaders[k] = v 4731 } 4732 reqHeaders.Set("User-Agent", c.s.userAgent()) 4733 var body io.Reader = nil 4734 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleterolerequest) 4735 if err != nil { 4736 return nil, err 4737 } 4738 reqHeaders.Set("Content-Type", "application/json") 4739 c.urlParams_.Set("alt", alt) 4740 c.urlParams_.Set("prettyPrint", "false") 4741 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 4742 urls += "?" + c.urlParams_.Encode() 4743 req, err := http.NewRequest("POST", urls, body) 4744 if err != nil { 4745 return nil, err 4746 } 4747 req.Header = reqHeaders 4748 googleapi.Expand(req.URL, map[string]string{ 4749 "name": c.name, 4750 }) 4751 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4752} 4753 4754// Do executes the "iam.projects.roles.undelete" call. 4755// Exactly one of *Role or error will be non-nil. Any non-2xx status 4756// code is an error. Response headers are in either 4757// *Role.ServerResponse.Header or (if a response was returned at all) in 4758// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 4759// whether the returned error was because http.StatusNotModified was 4760// returned. 4761func (c *ProjectsRolesUndeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 4762 gensupport.SetOptions(c.urlParams_, opts...) 4763 res, err := c.doRequest("json") 4764 if res != nil && res.StatusCode == http.StatusNotModified { 4765 if res.Body != nil { 4766 res.Body.Close() 4767 } 4768 return nil, &googleapi.Error{ 4769 Code: res.StatusCode, 4770 Header: res.Header, 4771 } 4772 } 4773 if err != nil { 4774 return nil, err 4775 } 4776 defer googleapi.CloseBody(res) 4777 if err := googleapi.CheckResponse(res); err != nil { 4778 return nil, err 4779 } 4780 ret := &Role{ 4781 ServerResponse: googleapi.ServerResponse{ 4782 Header: res.Header, 4783 HTTPStatusCode: res.StatusCode, 4784 }, 4785 } 4786 target := &ret 4787 if err := gensupport.DecodeResponse(target, res); err != nil { 4788 return nil, err 4789 } 4790 return ret, nil 4791 // { 4792 // "description": "Undeletes a custom Role.", 4793 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}:undelete", 4794 // "httpMethod": "POST", 4795 // "id": "iam.projects.roles.undelete", 4796 // "parameterOrder": [ 4797 // "name" 4798 // ], 4799 // "parameters": { 4800 // "name": { 4801 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`projects.roles.undelete()`](/iam/reference/rest/v1/projects.roles/undelete):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes\n only [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.undelete()`](/iam/reference/rest/v1/organizations.roles/undelete):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n undeletes only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 4802 // "location": "path", 4803 // "pattern": "^projects/[^/]+/roles/[^/]+$", 4804 // "required": true, 4805 // "type": "string" 4806 // } 4807 // }, 4808 // "path": "v1/{+name}:undelete", 4809 // "request": { 4810 // "$ref": "UndeleteRoleRequest" 4811 // }, 4812 // "response": { 4813 // "$ref": "Role" 4814 // }, 4815 // "scopes": [ 4816 // "https://www.googleapis.com/auth/cloud-platform" 4817 // ] 4818 // } 4819 4820} 4821 4822// method id "iam.projects.serviceAccounts.create": 4823 4824type ProjectsServiceAccountsCreateCall struct { 4825 s *Service 4826 name string 4827 createserviceaccountrequest *CreateServiceAccountRequest 4828 urlParams_ gensupport.URLParams 4829 ctx_ context.Context 4830 header_ http.Header 4831} 4832 4833// Create: Creates a ServiceAccount. 4834func (r *ProjectsServiceAccountsService) Create(name string, createserviceaccountrequest *CreateServiceAccountRequest) *ProjectsServiceAccountsCreateCall { 4835 c := &ProjectsServiceAccountsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4836 c.name = name 4837 c.createserviceaccountrequest = createserviceaccountrequest 4838 return c 4839} 4840 4841// Fields allows partial responses to be retrieved. See 4842// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4843// for more information. 4844func (c *ProjectsServiceAccountsCreateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsCreateCall { 4845 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4846 return c 4847} 4848 4849// Context sets the context to be used in this call's Do method. Any 4850// pending HTTP request will be aborted if the provided context is 4851// canceled. 4852func (c *ProjectsServiceAccountsCreateCall) Context(ctx context.Context) *ProjectsServiceAccountsCreateCall { 4853 c.ctx_ = ctx 4854 return c 4855} 4856 4857// Header returns an http.Header that can be modified by the caller to 4858// add HTTP headers to the request. 4859func (c *ProjectsServiceAccountsCreateCall) Header() http.Header { 4860 if c.header_ == nil { 4861 c.header_ = make(http.Header) 4862 } 4863 return c.header_ 4864} 4865 4866func (c *ProjectsServiceAccountsCreateCall) doRequest(alt string) (*http.Response, error) { 4867 reqHeaders := make(http.Header) 4868 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 4869 for k, v := range c.header_ { 4870 reqHeaders[k] = v 4871 } 4872 reqHeaders.Set("User-Agent", c.s.userAgent()) 4873 var body io.Reader = nil 4874 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createserviceaccountrequest) 4875 if err != nil { 4876 return nil, err 4877 } 4878 reqHeaders.Set("Content-Type", "application/json") 4879 c.urlParams_.Set("alt", alt) 4880 c.urlParams_.Set("prettyPrint", "false") 4881 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/serviceAccounts") 4882 urls += "?" + c.urlParams_.Encode() 4883 req, err := http.NewRequest("POST", urls, body) 4884 if err != nil { 4885 return nil, err 4886 } 4887 req.Header = reqHeaders 4888 googleapi.Expand(req.URL, map[string]string{ 4889 "name": c.name, 4890 }) 4891 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4892} 4893 4894// Do executes the "iam.projects.serviceAccounts.create" call. 4895// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 4896// status code is an error. Response headers are in either 4897// *ServiceAccount.ServerResponse.Header or (if a response was returned 4898// at all) in error.(*googleapi.Error).Header. Use 4899// googleapi.IsNotModified to check whether the returned error was 4900// because http.StatusNotModified was returned. 4901func (c *ProjectsServiceAccountsCreateCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 4902 gensupport.SetOptions(c.urlParams_, opts...) 4903 res, err := c.doRequest("json") 4904 if res != nil && res.StatusCode == http.StatusNotModified { 4905 if res.Body != nil { 4906 res.Body.Close() 4907 } 4908 return nil, &googleapi.Error{ 4909 Code: res.StatusCode, 4910 Header: res.Header, 4911 } 4912 } 4913 if err != nil { 4914 return nil, err 4915 } 4916 defer googleapi.CloseBody(res) 4917 if err := googleapi.CheckResponse(res); err != nil { 4918 return nil, err 4919 } 4920 ret := &ServiceAccount{ 4921 ServerResponse: googleapi.ServerResponse{ 4922 Header: res.Header, 4923 HTTPStatusCode: res.StatusCode, 4924 }, 4925 } 4926 target := &ret 4927 if err := gensupport.DecodeResponse(target, res); err != nil { 4928 return nil, err 4929 } 4930 return ret, nil 4931 // { 4932 // "description": "Creates a ServiceAccount.", 4933 // "flatPath": "v1/projects/{projectsId}/serviceAccounts", 4934 // "httpMethod": "POST", 4935 // "id": "iam.projects.serviceAccounts.create", 4936 // "parameterOrder": [ 4937 // "name" 4938 // ], 4939 // "parameters": { 4940 // "name": { 4941 // "description": "Required. The resource name of the project associated with the service\naccounts, such as `projects/my-project-123`.", 4942 // "location": "path", 4943 // "pattern": "^projects/[^/]+$", 4944 // "required": true, 4945 // "type": "string" 4946 // } 4947 // }, 4948 // "path": "v1/{+name}/serviceAccounts", 4949 // "request": { 4950 // "$ref": "CreateServiceAccountRequest" 4951 // }, 4952 // "response": { 4953 // "$ref": "ServiceAccount" 4954 // }, 4955 // "scopes": [ 4956 // "https://www.googleapis.com/auth/cloud-platform" 4957 // ] 4958 // } 4959 4960} 4961 4962// method id "iam.projects.serviceAccounts.delete": 4963 4964type ProjectsServiceAccountsDeleteCall struct { 4965 s *Service 4966 name string 4967 urlParams_ gensupport.URLParams 4968 ctx_ context.Context 4969 header_ http.Header 4970} 4971 4972// Delete: Deletes a ServiceAccount. 4973// 4974// **Warning:** After you delete a service account, you might not be 4975// able to 4976// undelete it. If you know that you need to re-enable the service 4977// account in 4978// the future, use DisableServiceAccount instead. 4979// 4980// If you delete a service account, IAM permanently removes the 4981// service 4982// account 30 days later. Google Cloud cannot recover the service 4983// account 4984// after it is permanently removed, even if you file a support 4985// request. 4986// 4987// To help avoid unplanned outages, we recommend that you disable the 4988// service 4989// account before you delete it. Use DisableServiceAccount to disable 4990// the 4991// service account, then wait at least 24 hours and watch for 4992// unintended 4993// consequences. If there are no unintended consequences, you can delete 4994// the 4995// service account. 4996func (r *ProjectsServiceAccountsService) Delete(name string) *ProjectsServiceAccountsDeleteCall { 4997 c := &ProjectsServiceAccountsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4998 c.name = name 4999 return c 5000} 5001 5002// Fields allows partial responses to be retrieved. See 5003// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5004// for more information. 5005func (c *ProjectsServiceAccountsDeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsDeleteCall { 5006 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5007 return c 5008} 5009 5010// Context sets the context to be used in this call's Do method. Any 5011// pending HTTP request will be aborted if the provided context is 5012// canceled. 5013func (c *ProjectsServiceAccountsDeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsDeleteCall { 5014 c.ctx_ = ctx 5015 return c 5016} 5017 5018// Header returns an http.Header that can be modified by the caller to 5019// add HTTP headers to the request. 5020func (c *ProjectsServiceAccountsDeleteCall) Header() http.Header { 5021 if c.header_ == nil { 5022 c.header_ = make(http.Header) 5023 } 5024 return c.header_ 5025} 5026 5027func (c *ProjectsServiceAccountsDeleteCall) doRequest(alt string) (*http.Response, error) { 5028 reqHeaders := make(http.Header) 5029 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 5030 for k, v := range c.header_ { 5031 reqHeaders[k] = v 5032 } 5033 reqHeaders.Set("User-Agent", c.s.userAgent()) 5034 var body io.Reader = nil 5035 c.urlParams_.Set("alt", alt) 5036 c.urlParams_.Set("prettyPrint", "false") 5037 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5038 urls += "?" + c.urlParams_.Encode() 5039 req, err := http.NewRequest("DELETE", urls, body) 5040 if err != nil { 5041 return nil, err 5042 } 5043 req.Header = reqHeaders 5044 googleapi.Expand(req.URL, map[string]string{ 5045 "name": c.name, 5046 }) 5047 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5048} 5049 5050// Do executes the "iam.projects.serviceAccounts.delete" call. 5051// Exactly one of *Empty or error will be non-nil. Any non-2xx status 5052// code is an error. Response headers are in either 5053// *Empty.ServerResponse.Header or (if a response was returned at all) 5054// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 5055// check whether the returned error was because http.StatusNotModified 5056// was returned. 5057func (c *ProjectsServiceAccountsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 5058 gensupport.SetOptions(c.urlParams_, opts...) 5059 res, err := c.doRequest("json") 5060 if res != nil && res.StatusCode == http.StatusNotModified { 5061 if res.Body != nil { 5062 res.Body.Close() 5063 } 5064 return nil, &googleapi.Error{ 5065 Code: res.StatusCode, 5066 Header: res.Header, 5067 } 5068 } 5069 if err != nil { 5070 return nil, err 5071 } 5072 defer googleapi.CloseBody(res) 5073 if err := googleapi.CheckResponse(res); err != nil { 5074 return nil, err 5075 } 5076 ret := &Empty{ 5077 ServerResponse: googleapi.ServerResponse{ 5078 Header: res.Header, 5079 HTTPStatusCode: res.StatusCode, 5080 }, 5081 } 5082 target := &ret 5083 if err := gensupport.DecodeResponse(target, res); err != nil { 5084 return nil, err 5085 } 5086 return ret, nil 5087 // { 5088 // "description": "Deletes a ServiceAccount.\n\n**Warning:** After you delete a service account, you might not be able to\nundelete it. If you know that you need to re-enable the service account in\nthe future, use DisableServiceAccount instead.\n\nIf you delete a service account, IAM permanently removes the service\naccount 30 days later. Google Cloud cannot recover the service account\nafter it is permanently removed, even if you file a support request.\n\nTo help avoid unplanned outages, we recommend that you disable the service\naccount before you delete it. Use DisableServiceAccount to disable the\nservice account, then wait at least 24 hours and watch for unintended\nconsequences. If there are no unintended consequences, you can delete the\nservice account.", 5089 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 5090 // "httpMethod": "DELETE", 5091 // "id": "iam.projects.serviceAccounts.delete", 5092 // "parameterOrder": [ 5093 // "name" 5094 // ], 5095 // "parameters": { 5096 // "name": { 5097 // "description": "Required. The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 5098 // "location": "path", 5099 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 5100 // "required": true, 5101 // "type": "string" 5102 // } 5103 // }, 5104 // "path": "v1/{+name}", 5105 // "response": { 5106 // "$ref": "Empty" 5107 // }, 5108 // "scopes": [ 5109 // "https://www.googleapis.com/auth/cloud-platform" 5110 // ] 5111 // } 5112 5113} 5114 5115// method id "iam.projects.serviceAccounts.disable": 5116 5117type ProjectsServiceAccountsDisableCall struct { 5118 s *Service 5119 name string 5120 disableserviceaccountrequest *DisableServiceAccountRequest 5121 urlParams_ gensupport.URLParams 5122 ctx_ context.Context 5123 header_ http.Header 5124} 5125 5126// Disable: Disables a ServiceAccount immediately. 5127// 5128// If an application uses the service account to authenticate, 5129// that 5130// application can no longer call Google APIs or access Google 5131// Cloud 5132// resources. Existing access tokens for the service account are 5133// rejected, and 5134// requests for new access tokens will fail. 5135// 5136// To re-enable the service account, use EnableServiceAccount. After 5137// you 5138// re-enable the service account, its existing access tokens will be 5139// accepted, 5140// and you can request new access tokens. 5141// 5142// To help avoid unplanned outages, we recommend that you disable the 5143// service 5144// account before you delete it. Use this method to disable the 5145// service 5146// account, then wait at least 24 hours and watch for unintended 5147// consequences. 5148// If there are no unintended consequences, you can delete the service 5149// account 5150// with DeleteServiceAccount. 5151func (r *ProjectsServiceAccountsService) Disable(name string, disableserviceaccountrequest *DisableServiceAccountRequest) *ProjectsServiceAccountsDisableCall { 5152 c := &ProjectsServiceAccountsDisableCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5153 c.name = name 5154 c.disableserviceaccountrequest = disableserviceaccountrequest 5155 return c 5156} 5157 5158// Fields allows partial responses to be retrieved. See 5159// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5160// for more information. 5161func (c *ProjectsServiceAccountsDisableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsDisableCall { 5162 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5163 return c 5164} 5165 5166// Context sets the context to be used in this call's Do method. Any 5167// pending HTTP request will be aborted if the provided context is 5168// canceled. 5169func (c *ProjectsServiceAccountsDisableCall) Context(ctx context.Context) *ProjectsServiceAccountsDisableCall { 5170 c.ctx_ = ctx 5171 return c 5172} 5173 5174// Header returns an http.Header that can be modified by the caller to 5175// add HTTP headers to the request. 5176func (c *ProjectsServiceAccountsDisableCall) Header() http.Header { 5177 if c.header_ == nil { 5178 c.header_ = make(http.Header) 5179 } 5180 return c.header_ 5181} 5182 5183func (c *ProjectsServiceAccountsDisableCall) doRequest(alt string) (*http.Response, error) { 5184 reqHeaders := make(http.Header) 5185 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 5186 for k, v := range c.header_ { 5187 reqHeaders[k] = v 5188 } 5189 reqHeaders.Set("User-Agent", c.s.userAgent()) 5190 var body io.Reader = nil 5191 body, err := googleapi.WithoutDataWrapper.JSONReader(c.disableserviceaccountrequest) 5192 if err != nil { 5193 return nil, err 5194 } 5195 reqHeaders.Set("Content-Type", "application/json") 5196 c.urlParams_.Set("alt", alt) 5197 c.urlParams_.Set("prettyPrint", "false") 5198 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:disable") 5199 urls += "?" + c.urlParams_.Encode() 5200 req, err := http.NewRequest("POST", urls, body) 5201 if err != nil { 5202 return nil, err 5203 } 5204 req.Header = reqHeaders 5205 googleapi.Expand(req.URL, map[string]string{ 5206 "name": c.name, 5207 }) 5208 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5209} 5210 5211// Do executes the "iam.projects.serviceAccounts.disable" call. 5212// Exactly one of *Empty or error will be non-nil. Any non-2xx status 5213// code is an error. Response headers are in either 5214// *Empty.ServerResponse.Header or (if a response was returned at all) 5215// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 5216// check whether the returned error was because http.StatusNotModified 5217// was returned. 5218func (c *ProjectsServiceAccountsDisableCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 5219 gensupport.SetOptions(c.urlParams_, opts...) 5220 res, err := c.doRequest("json") 5221 if res != nil && res.StatusCode == http.StatusNotModified { 5222 if res.Body != nil { 5223 res.Body.Close() 5224 } 5225 return nil, &googleapi.Error{ 5226 Code: res.StatusCode, 5227 Header: res.Header, 5228 } 5229 } 5230 if err != nil { 5231 return nil, err 5232 } 5233 defer googleapi.CloseBody(res) 5234 if err := googleapi.CheckResponse(res); err != nil { 5235 return nil, err 5236 } 5237 ret := &Empty{ 5238 ServerResponse: googleapi.ServerResponse{ 5239 Header: res.Header, 5240 HTTPStatusCode: res.StatusCode, 5241 }, 5242 } 5243 target := &ret 5244 if err := gensupport.DecodeResponse(target, res); err != nil { 5245 return nil, err 5246 } 5247 return ret, nil 5248 // { 5249 // "description": "Disables a ServiceAccount immediately.\n\nIf an application uses the service account to authenticate, that\napplication can no longer call Google APIs or access Google Cloud\nresources. Existing access tokens for the service account are rejected, and\nrequests for new access tokens will fail.\n\nTo re-enable the service account, use EnableServiceAccount. After you\nre-enable the service account, its existing access tokens will be accepted,\nand you can request new access tokens.\n\nTo help avoid unplanned outages, we recommend that you disable the service\naccount before you delete it. Use this method to disable the service\naccount, then wait at least 24 hours and watch for unintended consequences.\nIf there are no unintended consequences, you can delete the service account\nwith DeleteServiceAccount.", 5250 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:disable", 5251 // "httpMethod": "POST", 5252 // "id": "iam.projects.serviceAccounts.disable", 5253 // "parameterOrder": [ 5254 // "name" 5255 // ], 5256 // "parameters": { 5257 // "name": { 5258 // "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 5259 // "location": "path", 5260 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 5261 // "required": true, 5262 // "type": "string" 5263 // } 5264 // }, 5265 // "path": "v1/{+name}:disable", 5266 // "request": { 5267 // "$ref": "DisableServiceAccountRequest" 5268 // }, 5269 // "response": { 5270 // "$ref": "Empty" 5271 // }, 5272 // "scopes": [ 5273 // "https://www.googleapis.com/auth/cloud-platform" 5274 // ] 5275 // } 5276 5277} 5278 5279// method id "iam.projects.serviceAccounts.enable": 5280 5281type ProjectsServiceAccountsEnableCall struct { 5282 s *Service 5283 name string 5284 enableserviceaccountrequest *EnableServiceAccountRequest 5285 urlParams_ gensupport.URLParams 5286 ctx_ context.Context 5287 header_ http.Header 5288} 5289 5290// Enable: Enables a ServiceAccount that was disabled 5291// by 5292// DisableServiceAccount. 5293// 5294// If the service account is already enabled, then this method has no 5295// effect. 5296// 5297// If the service account was disabled by other means—for example, if 5298// Google 5299// disabled the service account because it was compromised—you cannot 5300// use this 5301// method to enable the service account. 5302func (r *ProjectsServiceAccountsService) Enable(name string, enableserviceaccountrequest *EnableServiceAccountRequest) *ProjectsServiceAccountsEnableCall { 5303 c := &ProjectsServiceAccountsEnableCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5304 c.name = name 5305 c.enableserviceaccountrequest = enableserviceaccountrequest 5306 return c 5307} 5308 5309// Fields allows partial responses to be retrieved. See 5310// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5311// for more information. 5312func (c *ProjectsServiceAccountsEnableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsEnableCall { 5313 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5314 return c 5315} 5316 5317// Context sets the context to be used in this call's Do method. Any 5318// pending HTTP request will be aborted if the provided context is 5319// canceled. 5320func (c *ProjectsServiceAccountsEnableCall) Context(ctx context.Context) *ProjectsServiceAccountsEnableCall { 5321 c.ctx_ = ctx 5322 return c 5323} 5324 5325// Header returns an http.Header that can be modified by the caller to 5326// add HTTP headers to the request. 5327func (c *ProjectsServiceAccountsEnableCall) Header() http.Header { 5328 if c.header_ == nil { 5329 c.header_ = make(http.Header) 5330 } 5331 return c.header_ 5332} 5333 5334func (c *ProjectsServiceAccountsEnableCall) doRequest(alt string) (*http.Response, error) { 5335 reqHeaders := make(http.Header) 5336 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 5337 for k, v := range c.header_ { 5338 reqHeaders[k] = v 5339 } 5340 reqHeaders.Set("User-Agent", c.s.userAgent()) 5341 var body io.Reader = nil 5342 body, err := googleapi.WithoutDataWrapper.JSONReader(c.enableserviceaccountrequest) 5343 if err != nil { 5344 return nil, err 5345 } 5346 reqHeaders.Set("Content-Type", "application/json") 5347 c.urlParams_.Set("alt", alt) 5348 c.urlParams_.Set("prettyPrint", "false") 5349 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:enable") 5350 urls += "?" + c.urlParams_.Encode() 5351 req, err := http.NewRequest("POST", urls, body) 5352 if err != nil { 5353 return nil, err 5354 } 5355 req.Header = reqHeaders 5356 googleapi.Expand(req.URL, map[string]string{ 5357 "name": c.name, 5358 }) 5359 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5360} 5361 5362// Do executes the "iam.projects.serviceAccounts.enable" call. 5363// Exactly one of *Empty or error will be non-nil. Any non-2xx status 5364// code is an error. Response headers are in either 5365// *Empty.ServerResponse.Header or (if a response was returned at all) 5366// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 5367// check whether the returned error was because http.StatusNotModified 5368// was returned. 5369func (c *ProjectsServiceAccountsEnableCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 5370 gensupport.SetOptions(c.urlParams_, opts...) 5371 res, err := c.doRequest("json") 5372 if res != nil && res.StatusCode == http.StatusNotModified { 5373 if res.Body != nil { 5374 res.Body.Close() 5375 } 5376 return nil, &googleapi.Error{ 5377 Code: res.StatusCode, 5378 Header: res.Header, 5379 } 5380 } 5381 if err != nil { 5382 return nil, err 5383 } 5384 defer googleapi.CloseBody(res) 5385 if err := googleapi.CheckResponse(res); err != nil { 5386 return nil, err 5387 } 5388 ret := &Empty{ 5389 ServerResponse: googleapi.ServerResponse{ 5390 Header: res.Header, 5391 HTTPStatusCode: res.StatusCode, 5392 }, 5393 } 5394 target := &ret 5395 if err := gensupport.DecodeResponse(target, res); err != nil { 5396 return nil, err 5397 } 5398 return ret, nil 5399 // { 5400 // "description": "Enables a ServiceAccount that was disabled by\nDisableServiceAccount.\n\nIf the service account is already enabled, then this method has no effect.\n\nIf the service account was disabled by other means—for example, if Google\ndisabled the service account because it was compromised—you cannot use this\nmethod to enable the service account.", 5401 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:enable", 5402 // "httpMethod": "POST", 5403 // "id": "iam.projects.serviceAccounts.enable", 5404 // "parameterOrder": [ 5405 // "name" 5406 // ], 5407 // "parameters": { 5408 // "name": { 5409 // "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 5410 // "location": "path", 5411 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 5412 // "required": true, 5413 // "type": "string" 5414 // } 5415 // }, 5416 // "path": "v1/{+name}:enable", 5417 // "request": { 5418 // "$ref": "EnableServiceAccountRequest" 5419 // }, 5420 // "response": { 5421 // "$ref": "Empty" 5422 // }, 5423 // "scopes": [ 5424 // "https://www.googleapis.com/auth/cloud-platform" 5425 // ] 5426 // } 5427 5428} 5429 5430// method id "iam.projects.serviceAccounts.get": 5431 5432type ProjectsServiceAccountsGetCall struct { 5433 s *Service 5434 name string 5435 urlParams_ gensupport.URLParams 5436 ifNoneMatch_ string 5437 ctx_ context.Context 5438 header_ http.Header 5439} 5440 5441// Get: Gets a ServiceAccount. 5442func (r *ProjectsServiceAccountsService) Get(name string) *ProjectsServiceAccountsGetCall { 5443 c := &ProjectsServiceAccountsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5444 c.name = name 5445 return c 5446} 5447 5448// Fields allows partial responses to be retrieved. See 5449// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5450// for more information. 5451func (c *ProjectsServiceAccountsGetCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGetCall { 5452 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5453 return c 5454} 5455 5456// IfNoneMatch sets the optional parameter which makes the operation 5457// fail if the object's ETag matches the given value. This is useful for 5458// getting updates only after the object has changed since the last 5459// request. Use googleapi.IsNotModified to check whether the response 5460// error from Do is the result of In-None-Match. 5461func (c *ProjectsServiceAccountsGetCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsGetCall { 5462 c.ifNoneMatch_ = entityTag 5463 return c 5464} 5465 5466// Context sets the context to be used in this call's Do method. Any 5467// pending HTTP request will be aborted if the provided context is 5468// canceled. 5469func (c *ProjectsServiceAccountsGetCall) Context(ctx context.Context) *ProjectsServiceAccountsGetCall { 5470 c.ctx_ = ctx 5471 return c 5472} 5473 5474// Header returns an http.Header that can be modified by the caller to 5475// add HTTP headers to the request. 5476func (c *ProjectsServiceAccountsGetCall) Header() http.Header { 5477 if c.header_ == nil { 5478 c.header_ = make(http.Header) 5479 } 5480 return c.header_ 5481} 5482 5483func (c *ProjectsServiceAccountsGetCall) doRequest(alt string) (*http.Response, error) { 5484 reqHeaders := make(http.Header) 5485 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 5486 for k, v := range c.header_ { 5487 reqHeaders[k] = v 5488 } 5489 reqHeaders.Set("User-Agent", c.s.userAgent()) 5490 if c.ifNoneMatch_ != "" { 5491 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5492 } 5493 var body io.Reader = nil 5494 c.urlParams_.Set("alt", alt) 5495 c.urlParams_.Set("prettyPrint", "false") 5496 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5497 urls += "?" + c.urlParams_.Encode() 5498 req, err := http.NewRequest("GET", urls, body) 5499 if err != nil { 5500 return nil, err 5501 } 5502 req.Header = reqHeaders 5503 googleapi.Expand(req.URL, map[string]string{ 5504 "name": c.name, 5505 }) 5506 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5507} 5508 5509// Do executes the "iam.projects.serviceAccounts.get" call. 5510// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 5511// status code is an error. Response headers are in either 5512// *ServiceAccount.ServerResponse.Header or (if a response was returned 5513// at all) in error.(*googleapi.Error).Header. Use 5514// googleapi.IsNotModified to check whether the returned error was 5515// because http.StatusNotModified was returned. 5516func (c *ProjectsServiceAccountsGetCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 5517 gensupport.SetOptions(c.urlParams_, opts...) 5518 res, err := c.doRequest("json") 5519 if res != nil && res.StatusCode == http.StatusNotModified { 5520 if res.Body != nil { 5521 res.Body.Close() 5522 } 5523 return nil, &googleapi.Error{ 5524 Code: res.StatusCode, 5525 Header: res.Header, 5526 } 5527 } 5528 if err != nil { 5529 return nil, err 5530 } 5531 defer googleapi.CloseBody(res) 5532 if err := googleapi.CheckResponse(res); err != nil { 5533 return nil, err 5534 } 5535 ret := &ServiceAccount{ 5536 ServerResponse: googleapi.ServerResponse{ 5537 Header: res.Header, 5538 HTTPStatusCode: res.StatusCode, 5539 }, 5540 } 5541 target := &ret 5542 if err := gensupport.DecodeResponse(target, res); err != nil { 5543 return nil, err 5544 } 5545 return ret, nil 5546 // { 5547 // "description": "Gets a ServiceAccount.", 5548 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 5549 // "httpMethod": "GET", 5550 // "id": "iam.projects.serviceAccounts.get", 5551 // "parameterOrder": [ 5552 // "name" 5553 // ], 5554 // "parameters": { 5555 // "name": { 5556 // "description": "Required. The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 5557 // "location": "path", 5558 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 5559 // "required": true, 5560 // "type": "string" 5561 // } 5562 // }, 5563 // "path": "v1/{+name}", 5564 // "response": { 5565 // "$ref": "ServiceAccount" 5566 // }, 5567 // "scopes": [ 5568 // "https://www.googleapis.com/auth/cloud-platform" 5569 // ] 5570 // } 5571 5572} 5573 5574// method id "iam.projects.serviceAccounts.getIamPolicy": 5575 5576type ProjectsServiceAccountsGetIamPolicyCall struct { 5577 s *Service 5578 resource string 5579 urlParams_ gensupport.URLParams 5580 ctx_ context.Context 5581 header_ http.Header 5582} 5583 5584// GetIamPolicy: Gets the IAM policy that is attached to a 5585// ServiceAccount. This IAM 5586// policy specifies which members have access to the service 5587// account. 5588// 5589// This method does not tell you whether the service account has been 5590// granted 5591// any roles on other resources. To check whether a service account has 5592// role 5593// grants on a resource, use the `getIamPolicy` method for that 5594// resource. For 5595// example, to view the role grants for a project, call the Resource 5596// Manager 5597// API's 5598// [`projects.getIamPolicy`](https://cloud.google.com/resou 5599// rce-manager/reference/rest/v1/projects/getIamPolicy) 5600// method. 5601func (r *ProjectsServiceAccountsService) GetIamPolicy(resource string) *ProjectsServiceAccountsGetIamPolicyCall { 5602 c := &ProjectsServiceAccountsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5603 c.resource = resource 5604 return c 5605} 5606 5607// OptionsRequestedPolicyVersion sets the optional parameter 5608// "options.requestedPolicyVersion": The policy format version to be 5609// returned. 5610// 5611// Valid values are 0, 1, and 3. Requests specifying an invalid value 5612// will be 5613// rejected. 5614// 5615// Requests for policies with any conditional bindings must specify 5616// version 3. 5617// Policies without any conditional bindings may specify any valid value 5618// or 5619// leave the field unset. 5620// 5621// To learn which resources support conditions in their IAM policies, 5622// see 5623// the 5624// [IAM 5625// documentation](https://cloud.google.com/iam/help/conditions/r 5626// esource-policies). 5627func (c *ProjectsServiceAccountsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsServiceAccountsGetIamPolicyCall { 5628 c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) 5629 return c 5630} 5631 5632// Fields allows partial responses to be retrieved. See 5633// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5634// for more information. 5635func (c *ProjectsServiceAccountsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGetIamPolicyCall { 5636 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5637 return c 5638} 5639 5640// Context sets the context to be used in this call's Do method. Any 5641// pending HTTP request will be aborted if the provided context is 5642// canceled. 5643func (c *ProjectsServiceAccountsGetIamPolicyCall) Context(ctx context.Context) *ProjectsServiceAccountsGetIamPolicyCall { 5644 c.ctx_ = ctx 5645 return c 5646} 5647 5648// Header returns an http.Header that can be modified by the caller to 5649// add HTTP headers to the request. 5650func (c *ProjectsServiceAccountsGetIamPolicyCall) Header() http.Header { 5651 if c.header_ == nil { 5652 c.header_ = make(http.Header) 5653 } 5654 return c.header_ 5655} 5656 5657func (c *ProjectsServiceAccountsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { 5658 reqHeaders := make(http.Header) 5659 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 5660 for k, v := range c.header_ { 5661 reqHeaders[k] = v 5662 } 5663 reqHeaders.Set("User-Agent", c.s.userAgent()) 5664 var body io.Reader = nil 5665 c.urlParams_.Set("alt", alt) 5666 c.urlParams_.Set("prettyPrint", "false") 5667 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy") 5668 urls += "?" + c.urlParams_.Encode() 5669 req, err := http.NewRequest("POST", urls, body) 5670 if err != nil { 5671 return nil, err 5672 } 5673 req.Header = reqHeaders 5674 googleapi.Expand(req.URL, map[string]string{ 5675 "resource": c.resource, 5676 }) 5677 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5678} 5679 5680// Do executes the "iam.projects.serviceAccounts.getIamPolicy" call. 5681// Exactly one of *Policy or error will be non-nil. Any non-2xx status 5682// code is an error. Response headers are in either 5683// *Policy.ServerResponse.Header or (if a response was returned at all) 5684// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 5685// check whether the returned error was because http.StatusNotModified 5686// was returned. 5687func (c *ProjectsServiceAccountsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { 5688 gensupport.SetOptions(c.urlParams_, opts...) 5689 res, err := c.doRequest("json") 5690 if res != nil && res.StatusCode == http.StatusNotModified { 5691 if res.Body != nil { 5692 res.Body.Close() 5693 } 5694 return nil, &googleapi.Error{ 5695 Code: res.StatusCode, 5696 Header: res.Header, 5697 } 5698 } 5699 if err != nil { 5700 return nil, err 5701 } 5702 defer googleapi.CloseBody(res) 5703 if err := googleapi.CheckResponse(res); err != nil { 5704 return nil, err 5705 } 5706 ret := &Policy{ 5707 ServerResponse: googleapi.ServerResponse{ 5708 Header: res.Header, 5709 HTTPStatusCode: res.StatusCode, 5710 }, 5711 } 5712 target := &ret 5713 if err := gensupport.DecodeResponse(target, res); err != nil { 5714 return nil, err 5715 } 5716 return ret, nil 5717 // { 5718 // "description": "Gets the IAM policy that is attached to a ServiceAccount. This IAM\npolicy specifies which members have access to the service account.\n\nThis method does not tell you whether the service account has been granted\nany roles on other resources. To check whether a service account has role\ngrants on a resource, use the `getIamPolicy` method for that resource. For\nexample, to view the role grants for a project, call the Resource Manager\nAPI's\n[`projects.getIamPolicy`](https://cloud.google.com/resource-manager/reference/rest/v1/projects/getIamPolicy)\nmethod.", 5719 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:getIamPolicy", 5720 // "httpMethod": "POST", 5721 // "id": "iam.projects.serviceAccounts.getIamPolicy", 5722 // "parameterOrder": [ 5723 // "resource" 5724 // ], 5725 // "parameters": { 5726 // "options.requestedPolicyVersion": { 5727 // "description": "Optional. The policy format version to be returned.\n\nValid values are 0, 1, and 3. Requests specifying an invalid value will be\nrejected.\n\nRequests for policies with any conditional bindings must specify version 3.\nPolicies without any conditional bindings may specify any valid value or\nleave the field unset.\n\nTo learn which resources support conditions in their IAM policies, see the\n[IAM\ndocumentation](https://cloud.google.com/iam/help/conditions/resource-policies).", 5728 // "format": "int32", 5729 // "location": "query", 5730 // "type": "integer" 5731 // }, 5732 // "resource": { 5733 // "description": "REQUIRED: The resource for which the policy is being requested.\nSee the operation documentation for the appropriate value for this field.", 5734 // "location": "path", 5735 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 5736 // "required": true, 5737 // "type": "string" 5738 // } 5739 // }, 5740 // "path": "v1/{+resource}:getIamPolicy", 5741 // "response": { 5742 // "$ref": "Policy" 5743 // }, 5744 // "scopes": [ 5745 // "https://www.googleapis.com/auth/cloud-platform" 5746 // ] 5747 // } 5748 5749} 5750 5751// method id "iam.projects.serviceAccounts.list": 5752 5753type ProjectsServiceAccountsListCall struct { 5754 s *Service 5755 name string 5756 urlParams_ gensupport.URLParams 5757 ifNoneMatch_ string 5758 ctx_ context.Context 5759 header_ http.Header 5760} 5761 5762// List: Lists every ServiceAccount that belongs to a specific project. 5763func (r *ProjectsServiceAccountsService) List(name string) *ProjectsServiceAccountsListCall { 5764 c := &ProjectsServiceAccountsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5765 c.name = name 5766 return c 5767} 5768 5769// PageSize sets the optional parameter "pageSize": Optional limit on 5770// the number of service accounts to include in the 5771// response. Further accounts can subsequently be obtained by including 5772// the 5773// ListServiceAccountsResponse.next_page_token 5774// in a subsequent request. 5775// 5776// The default is 20, and the maximum is 100. 5777func (c *ProjectsServiceAccountsListCall) PageSize(pageSize int64) *ProjectsServiceAccountsListCall { 5778 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 5779 return c 5780} 5781 5782// PageToken sets the optional parameter "pageToken": Optional 5783// pagination token returned in an 5784// earlier 5785// ListServiceAccountsResponse.next_page_token. 5786func (c *ProjectsServiceAccountsListCall) PageToken(pageToken string) *ProjectsServiceAccountsListCall { 5787 c.urlParams_.Set("pageToken", pageToken) 5788 return c 5789} 5790 5791// Fields allows partial responses to be retrieved. See 5792// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5793// for more information. 5794func (c *ProjectsServiceAccountsListCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsListCall { 5795 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5796 return c 5797} 5798 5799// IfNoneMatch sets the optional parameter which makes the operation 5800// fail if the object's ETag matches the given value. This is useful for 5801// getting updates only after the object has changed since the last 5802// request. Use googleapi.IsNotModified to check whether the response 5803// error from Do is the result of In-None-Match. 5804func (c *ProjectsServiceAccountsListCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsListCall { 5805 c.ifNoneMatch_ = entityTag 5806 return c 5807} 5808 5809// Context sets the context to be used in this call's Do method. Any 5810// pending HTTP request will be aborted if the provided context is 5811// canceled. 5812func (c *ProjectsServiceAccountsListCall) Context(ctx context.Context) *ProjectsServiceAccountsListCall { 5813 c.ctx_ = ctx 5814 return c 5815} 5816 5817// Header returns an http.Header that can be modified by the caller to 5818// add HTTP headers to the request. 5819func (c *ProjectsServiceAccountsListCall) Header() http.Header { 5820 if c.header_ == nil { 5821 c.header_ = make(http.Header) 5822 } 5823 return c.header_ 5824} 5825 5826func (c *ProjectsServiceAccountsListCall) doRequest(alt string) (*http.Response, error) { 5827 reqHeaders := make(http.Header) 5828 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 5829 for k, v := range c.header_ { 5830 reqHeaders[k] = v 5831 } 5832 reqHeaders.Set("User-Agent", c.s.userAgent()) 5833 if c.ifNoneMatch_ != "" { 5834 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5835 } 5836 var body io.Reader = nil 5837 c.urlParams_.Set("alt", alt) 5838 c.urlParams_.Set("prettyPrint", "false") 5839 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/serviceAccounts") 5840 urls += "?" + c.urlParams_.Encode() 5841 req, err := http.NewRequest("GET", urls, body) 5842 if err != nil { 5843 return nil, err 5844 } 5845 req.Header = reqHeaders 5846 googleapi.Expand(req.URL, map[string]string{ 5847 "name": c.name, 5848 }) 5849 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5850} 5851 5852// Do executes the "iam.projects.serviceAccounts.list" call. 5853// Exactly one of *ListServiceAccountsResponse or error will be non-nil. 5854// Any non-2xx status code is an error. Response headers are in either 5855// *ListServiceAccountsResponse.ServerResponse.Header or (if a response 5856// was returned at all) in error.(*googleapi.Error).Header. Use 5857// googleapi.IsNotModified to check whether the returned error was 5858// because http.StatusNotModified was returned. 5859func (c *ProjectsServiceAccountsListCall) Do(opts ...googleapi.CallOption) (*ListServiceAccountsResponse, error) { 5860 gensupport.SetOptions(c.urlParams_, opts...) 5861 res, err := c.doRequest("json") 5862 if res != nil && res.StatusCode == http.StatusNotModified { 5863 if res.Body != nil { 5864 res.Body.Close() 5865 } 5866 return nil, &googleapi.Error{ 5867 Code: res.StatusCode, 5868 Header: res.Header, 5869 } 5870 } 5871 if err != nil { 5872 return nil, err 5873 } 5874 defer googleapi.CloseBody(res) 5875 if err := googleapi.CheckResponse(res); err != nil { 5876 return nil, err 5877 } 5878 ret := &ListServiceAccountsResponse{ 5879 ServerResponse: googleapi.ServerResponse{ 5880 Header: res.Header, 5881 HTTPStatusCode: res.StatusCode, 5882 }, 5883 } 5884 target := &ret 5885 if err := gensupport.DecodeResponse(target, res); err != nil { 5886 return nil, err 5887 } 5888 return ret, nil 5889 // { 5890 // "description": "Lists every ServiceAccount that belongs to a specific project.", 5891 // "flatPath": "v1/projects/{projectsId}/serviceAccounts", 5892 // "httpMethod": "GET", 5893 // "id": "iam.projects.serviceAccounts.list", 5894 // "parameterOrder": [ 5895 // "name" 5896 // ], 5897 // "parameters": { 5898 // "name": { 5899 // "description": "Required. The resource name of the project associated with the service\naccounts, such as `projects/my-project-123`.", 5900 // "location": "path", 5901 // "pattern": "^projects/[^/]+$", 5902 // "required": true, 5903 // "type": "string" 5904 // }, 5905 // "pageSize": { 5906 // "description": "Optional limit on the number of service accounts to include in the\nresponse. Further accounts can subsequently be obtained by including the\nListServiceAccountsResponse.next_page_token\nin a subsequent request.\n\nThe default is 20, and the maximum is 100.", 5907 // "format": "int32", 5908 // "location": "query", 5909 // "type": "integer" 5910 // }, 5911 // "pageToken": { 5912 // "description": "Optional pagination token returned in an earlier\nListServiceAccountsResponse.next_page_token.", 5913 // "location": "query", 5914 // "type": "string" 5915 // } 5916 // }, 5917 // "path": "v1/{+name}/serviceAccounts", 5918 // "response": { 5919 // "$ref": "ListServiceAccountsResponse" 5920 // }, 5921 // "scopes": [ 5922 // "https://www.googleapis.com/auth/cloud-platform" 5923 // ] 5924 // } 5925 5926} 5927 5928// Pages invokes f for each page of results. 5929// A non-nil error returned from f will halt the iteration. 5930// The provided context supersedes any context provided to the Context method. 5931func (c *ProjectsServiceAccountsListCall) Pages(ctx context.Context, f func(*ListServiceAccountsResponse) error) error { 5932 c.ctx_ = ctx 5933 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 5934 for { 5935 x, err := c.Do() 5936 if err != nil { 5937 return err 5938 } 5939 if err := f(x); err != nil { 5940 return err 5941 } 5942 if x.NextPageToken == "" { 5943 return nil 5944 } 5945 c.PageToken(x.NextPageToken) 5946 } 5947} 5948 5949// method id "iam.projects.serviceAccounts.patch": 5950 5951type ProjectsServiceAccountsPatchCall struct { 5952 s *Service 5953 name string 5954 patchserviceaccountrequest *PatchServiceAccountRequest 5955 urlParams_ gensupport.URLParams 5956 ctx_ context.Context 5957 header_ http.Header 5958} 5959 5960// Patch: Patches a ServiceAccount. 5961func (r *ProjectsServiceAccountsService) Patch(name string, patchserviceaccountrequest *PatchServiceAccountRequest) *ProjectsServiceAccountsPatchCall { 5962 c := &ProjectsServiceAccountsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5963 c.name = name 5964 c.patchserviceaccountrequest = patchserviceaccountrequest 5965 return c 5966} 5967 5968// Fields allows partial responses to be retrieved. See 5969// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5970// for more information. 5971func (c *ProjectsServiceAccountsPatchCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsPatchCall { 5972 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5973 return c 5974} 5975 5976// Context sets the context to be used in this call's Do method. Any 5977// pending HTTP request will be aborted if the provided context is 5978// canceled. 5979func (c *ProjectsServiceAccountsPatchCall) Context(ctx context.Context) *ProjectsServiceAccountsPatchCall { 5980 c.ctx_ = ctx 5981 return c 5982} 5983 5984// Header returns an http.Header that can be modified by the caller to 5985// add HTTP headers to the request. 5986func (c *ProjectsServiceAccountsPatchCall) Header() http.Header { 5987 if c.header_ == nil { 5988 c.header_ = make(http.Header) 5989 } 5990 return c.header_ 5991} 5992 5993func (c *ProjectsServiceAccountsPatchCall) doRequest(alt string) (*http.Response, error) { 5994 reqHeaders := make(http.Header) 5995 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 5996 for k, v := range c.header_ { 5997 reqHeaders[k] = v 5998 } 5999 reqHeaders.Set("User-Agent", c.s.userAgent()) 6000 var body io.Reader = nil 6001 body, err := googleapi.WithoutDataWrapper.JSONReader(c.patchserviceaccountrequest) 6002 if err != nil { 6003 return nil, err 6004 } 6005 reqHeaders.Set("Content-Type", "application/json") 6006 c.urlParams_.Set("alt", alt) 6007 c.urlParams_.Set("prettyPrint", "false") 6008 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6009 urls += "?" + c.urlParams_.Encode() 6010 req, err := http.NewRequest("PATCH", urls, body) 6011 if err != nil { 6012 return nil, err 6013 } 6014 req.Header = reqHeaders 6015 googleapi.Expand(req.URL, map[string]string{ 6016 "name": c.name, 6017 }) 6018 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6019} 6020 6021// Do executes the "iam.projects.serviceAccounts.patch" call. 6022// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 6023// status code is an error. Response headers are in either 6024// *ServiceAccount.ServerResponse.Header or (if a response was returned 6025// at all) in error.(*googleapi.Error).Header. Use 6026// googleapi.IsNotModified to check whether the returned error was 6027// because http.StatusNotModified was returned. 6028func (c *ProjectsServiceAccountsPatchCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 6029 gensupport.SetOptions(c.urlParams_, opts...) 6030 res, err := c.doRequest("json") 6031 if res != nil && res.StatusCode == http.StatusNotModified { 6032 if res.Body != nil { 6033 res.Body.Close() 6034 } 6035 return nil, &googleapi.Error{ 6036 Code: res.StatusCode, 6037 Header: res.Header, 6038 } 6039 } 6040 if err != nil { 6041 return nil, err 6042 } 6043 defer googleapi.CloseBody(res) 6044 if err := googleapi.CheckResponse(res); err != nil { 6045 return nil, err 6046 } 6047 ret := &ServiceAccount{ 6048 ServerResponse: googleapi.ServerResponse{ 6049 Header: res.Header, 6050 HTTPStatusCode: res.StatusCode, 6051 }, 6052 } 6053 target := &ret 6054 if err := gensupport.DecodeResponse(target, res); err != nil { 6055 return nil, err 6056 } 6057 return ret, nil 6058 // { 6059 // "description": "Patches a ServiceAccount.", 6060 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 6061 // "httpMethod": "PATCH", 6062 // "id": "iam.projects.serviceAccounts.patch", 6063 // "parameterOrder": [ 6064 // "name" 6065 // ], 6066 // "parameters": { 6067 // "name": { 6068 // "description": "The resource name of the service account.\n\nUse one of the following formats:\n\n* `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}`\n* `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}`\n\nAs an alternative, you can use the `-` wildcard character instead of the\nproject ID:\n\n* `projects/-/serviceAccounts/{EMAIL_ADDRESS}`\n* `projects/-/serviceAccounts/{UNIQUE_ID}`\n\nWhen possible, avoid using the `-` wildcard character, because it can cause\nresponse messages to contain misleading error codes. For example, if you\ntry to get the service account\n`projects/-/serviceAccounts/fake@example.com`, which does not exist, the\nresponse contains an HTTP `403 Forbidden` error instead of a `404 Not\nFound` error.", 6069 // "location": "path", 6070 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 6071 // "required": true, 6072 // "type": "string" 6073 // } 6074 // }, 6075 // "path": "v1/{+name}", 6076 // "request": { 6077 // "$ref": "PatchServiceAccountRequest" 6078 // }, 6079 // "response": { 6080 // "$ref": "ServiceAccount" 6081 // }, 6082 // "scopes": [ 6083 // "https://www.googleapis.com/auth/cloud-platform" 6084 // ] 6085 // } 6086 6087} 6088 6089// method id "iam.projects.serviceAccounts.setIamPolicy": 6090 6091type ProjectsServiceAccountsSetIamPolicyCall struct { 6092 s *Service 6093 resource string 6094 setiampolicyrequest *SetIamPolicyRequest 6095 urlParams_ gensupport.URLParams 6096 ctx_ context.Context 6097 header_ http.Header 6098} 6099 6100// SetIamPolicy: Sets the IAM policy that is attached to a 6101// ServiceAccount. 6102// 6103// Use this method to grant or revoke access to the service account. 6104// For 6105// example, you could grant a member the ability to impersonate the 6106// service 6107// account. 6108// 6109// This method does not enable the service account to access other 6110// resources. 6111// To grant roles to a service account on a resource, follow these 6112// steps: 6113// 6114// 1. Call the resource's `getIamPolicy` method to get its current IAM 6115// policy. 6116// 2. Edit the policy so that it binds the service account to an IAM 6117// role for 6118// the resource. 6119// 3. Call the resource's `setIamPolicy` method to update its IAM 6120// policy. 6121// 6122// For detailed instructions, see 6123// [Granting roles to a service account for 6124// specific 6125// resources](https://cloud.google.com/iam/help/service-accounts 6126// /granting-access-to-service-accounts). 6127func (r *ProjectsServiceAccountsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsServiceAccountsSetIamPolicyCall { 6128 c := &ProjectsServiceAccountsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6129 c.resource = resource 6130 c.setiampolicyrequest = setiampolicyrequest 6131 return c 6132} 6133 6134// Fields allows partial responses to be retrieved. See 6135// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6136// for more information. 6137func (c *ProjectsServiceAccountsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSetIamPolicyCall { 6138 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6139 return c 6140} 6141 6142// Context sets the context to be used in this call's Do method. Any 6143// pending HTTP request will be aborted if the provided context is 6144// canceled. 6145func (c *ProjectsServiceAccountsSetIamPolicyCall) Context(ctx context.Context) *ProjectsServiceAccountsSetIamPolicyCall { 6146 c.ctx_ = ctx 6147 return c 6148} 6149 6150// Header returns an http.Header that can be modified by the caller to 6151// add HTTP headers to the request. 6152func (c *ProjectsServiceAccountsSetIamPolicyCall) Header() http.Header { 6153 if c.header_ == nil { 6154 c.header_ = make(http.Header) 6155 } 6156 return c.header_ 6157} 6158 6159func (c *ProjectsServiceAccountsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { 6160 reqHeaders := make(http.Header) 6161 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 6162 for k, v := range c.header_ { 6163 reqHeaders[k] = v 6164 } 6165 reqHeaders.Set("User-Agent", c.s.userAgent()) 6166 var body io.Reader = nil 6167 body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) 6168 if err != nil { 6169 return nil, err 6170 } 6171 reqHeaders.Set("Content-Type", "application/json") 6172 c.urlParams_.Set("alt", alt) 6173 c.urlParams_.Set("prettyPrint", "false") 6174 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy") 6175 urls += "?" + c.urlParams_.Encode() 6176 req, err := http.NewRequest("POST", urls, body) 6177 if err != nil { 6178 return nil, err 6179 } 6180 req.Header = reqHeaders 6181 googleapi.Expand(req.URL, map[string]string{ 6182 "resource": c.resource, 6183 }) 6184 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6185} 6186 6187// Do executes the "iam.projects.serviceAccounts.setIamPolicy" call. 6188// Exactly one of *Policy or error will be non-nil. Any non-2xx status 6189// code is an error. Response headers are in either 6190// *Policy.ServerResponse.Header or (if a response was returned at all) 6191// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 6192// check whether the returned error was because http.StatusNotModified 6193// was returned. 6194func (c *ProjectsServiceAccountsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { 6195 gensupport.SetOptions(c.urlParams_, opts...) 6196 res, err := c.doRequest("json") 6197 if res != nil && res.StatusCode == http.StatusNotModified { 6198 if res.Body != nil { 6199 res.Body.Close() 6200 } 6201 return nil, &googleapi.Error{ 6202 Code: res.StatusCode, 6203 Header: res.Header, 6204 } 6205 } 6206 if err != nil { 6207 return nil, err 6208 } 6209 defer googleapi.CloseBody(res) 6210 if err := googleapi.CheckResponse(res); err != nil { 6211 return nil, err 6212 } 6213 ret := &Policy{ 6214 ServerResponse: googleapi.ServerResponse{ 6215 Header: res.Header, 6216 HTTPStatusCode: res.StatusCode, 6217 }, 6218 } 6219 target := &ret 6220 if err := gensupport.DecodeResponse(target, res); err != nil { 6221 return nil, err 6222 } 6223 return ret, nil 6224 // { 6225 // "description": "Sets the IAM policy that is attached to a ServiceAccount.\n\nUse this method to grant or revoke access to the service account. For\nexample, you could grant a member the ability to impersonate the service\naccount.\n\nThis method does not enable the service account to access other resources.\nTo grant roles to a service account on a resource, follow these steps:\n\n1. Call the resource's `getIamPolicy` method to get its current IAM policy.\n2. Edit the policy so that it binds the service account to an IAM role for\nthe resource.\n3. Call the resource's `setIamPolicy` method to update its IAM policy.\n\nFor detailed instructions, see\n[Granting roles to a service account for specific\nresources](https://cloud.google.com/iam/help/service-accounts/granting-access-to-service-accounts).", 6226 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:setIamPolicy", 6227 // "httpMethod": "POST", 6228 // "id": "iam.projects.serviceAccounts.setIamPolicy", 6229 // "parameterOrder": [ 6230 // "resource" 6231 // ], 6232 // "parameters": { 6233 // "resource": { 6234 // "description": "REQUIRED: The resource for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.", 6235 // "location": "path", 6236 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 6237 // "required": true, 6238 // "type": "string" 6239 // } 6240 // }, 6241 // "path": "v1/{+resource}:setIamPolicy", 6242 // "request": { 6243 // "$ref": "SetIamPolicyRequest" 6244 // }, 6245 // "response": { 6246 // "$ref": "Policy" 6247 // }, 6248 // "scopes": [ 6249 // "https://www.googleapis.com/auth/cloud-platform" 6250 // ] 6251 // } 6252 6253} 6254 6255// method id "iam.projects.serviceAccounts.signBlob": 6256 6257type ProjectsServiceAccountsSignBlobCall struct { 6258 s *Service 6259 name string 6260 signblobrequest *SignBlobRequest 6261 urlParams_ gensupport.URLParams 6262 ctx_ context.Context 6263 header_ http.Header 6264} 6265 6266// SignBlob: **Note:** We are in the process of deprecating this method. 6267// Use 6268// the 6269// [`signBlob`](https://cloud.google.com/iam/help/rest-credentials/v1 6270// /projects.serviceAccounts/signBlob) 6271// method in the IAM Service Account Credentials API instead. 6272// 6273// Signs a blob using the system-managed private key for a 6274// ServiceAccount. 6275func (r *ProjectsServiceAccountsService) SignBlob(name string, signblobrequest *SignBlobRequest) *ProjectsServiceAccountsSignBlobCall { 6276 c := &ProjectsServiceAccountsSignBlobCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6277 c.name = name 6278 c.signblobrequest = signblobrequest 6279 return c 6280} 6281 6282// Fields allows partial responses to be retrieved. See 6283// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6284// for more information. 6285func (c *ProjectsServiceAccountsSignBlobCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignBlobCall { 6286 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6287 return c 6288} 6289 6290// Context sets the context to be used in this call's Do method. Any 6291// pending HTTP request will be aborted if the provided context is 6292// canceled. 6293func (c *ProjectsServiceAccountsSignBlobCall) Context(ctx context.Context) *ProjectsServiceAccountsSignBlobCall { 6294 c.ctx_ = ctx 6295 return c 6296} 6297 6298// Header returns an http.Header that can be modified by the caller to 6299// add HTTP headers to the request. 6300func (c *ProjectsServiceAccountsSignBlobCall) Header() http.Header { 6301 if c.header_ == nil { 6302 c.header_ = make(http.Header) 6303 } 6304 return c.header_ 6305} 6306 6307func (c *ProjectsServiceAccountsSignBlobCall) doRequest(alt string) (*http.Response, error) { 6308 reqHeaders := make(http.Header) 6309 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 6310 for k, v := range c.header_ { 6311 reqHeaders[k] = v 6312 } 6313 reqHeaders.Set("User-Agent", c.s.userAgent()) 6314 var body io.Reader = nil 6315 body, err := googleapi.WithoutDataWrapper.JSONReader(c.signblobrequest) 6316 if err != nil { 6317 return nil, err 6318 } 6319 reqHeaders.Set("Content-Type", "application/json") 6320 c.urlParams_.Set("alt", alt) 6321 c.urlParams_.Set("prettyPrint", "false") 6322 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:signBlob") 6323 urls += "?" + c.urlParams_.Encode() 6324 req, err := http.NewRequest("POST", urls, body) 6325 if err != nil { 6326 return nil, err 6327 } 6328 req.Header = reqHeaders 6329 googleapi.Expand(req.URL, map[string]string{ 6330 "name": c.name, 6331 }) 6332 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6333} 6334 6335// Do executes the "iam.projects.serviceAccounts.signBlob" call. 6336// Exactly one of *SignBlobResponse or error will be non-nil. Any 6337// non-2xx status code is an error. Response headers are in either 6338// *SignBlobResponse.ServerResponse.Header or (if a response was 6339// returned at all) in error.(*googleapi.Error).Header. Use 6340// googleapi.IsNotModified to check whether the returned error was 6341// because http.StatusNotModified was returned. 6342func (c *ProjectsServiceAccountsSignBlobCall) Do(opts ...googleapi.CallOption) (*SignBlobResponse, error) { 6343 gensupport.SetOptions(c.urlParams_, opts...) 6344 res, err := c.doRequest("json") 6345 if res != nil && res.StatusCode == http.StatusNotModified { 6346 if res.Body != nil { 6347 res.Body.Close() 6348 } 6349 return nil, &googleapi.Error{ 6350 Code: res.StatusCode, 6351 Header: res.Header, 6352 } 6353 } 6354 if err != nil { 6355 return nil, err 6356 } 6357 defer googleapi.CloseBody(res) 6358 if err := googleapi.CheckResponse(res); err != nil { 6359 return nil, err 6360 } 6361 ret := &SignBlobResponse{ 6362 ServerResponse: googleapi.ServerResponse{ 6363 Header: res.Header, 6364 HTTPStatusCode: res.StatusCode, 6365 }, 6366 } 6367 target := &ret 6368 if err := gensupport.DecodeResponse(target, res); err != nil { 6369 return nil, err 6370 } 6371 return ret, nil 6372 // { 6373 // "description": "**Note:** We are in the process of deprecating this method. Use the\n[`signBlob`](https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signBlob)\nmethod in the IAM Service Account Credentials API instead.\n\nSigns a blob using the system-managed private key for a ServiceAccount.", 6374 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signBlob", 6375 // "httpMethod": "POST", 6376 // "id": "iam.projects.serviceAccounts.signBlob", 6377 // "parameterOrder": [ 6378 // "name" 6379 // ], 6380 // "parameters": { 6381 // "name": { 6382 // "description": "Required. The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 6383 // "location": "path", 6384 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 6385 // "required": true, 6386 // "type": "string" 6387 // } 6388 // }, 6389 // "path": "v1/{+name}:signBlob", 6390 // "request": { 6391 // "$ref": "SignBlobRequest" 6392 // }, 6393 // "response": { 6394 // "$ref": "SignBlobResponse" 6395 // }, 6396 // "scopes": [ 6397 // "https://www.googleapis.com/auth/cloud-platform" 6398 // ] 6399 // } 6400 6401} 6402 6403// method id "iam.projects.serviceAccounts.signJwt": 6404 6405type ProjectsServiceAccountsSignJwtCall struct { 6406 s *Service 6407 name string 6408 signjwtrequest *SignJwtRequest 6409 urlParams_ gensupport.URLParams 6410 ctx_ context.Context 6411 header_ http.Header 6412} 6413 6414// SignJwt: **Note:** We are in the process of deprecating this method. 6415// Use 6416// the 6417// [`signJwt`](https://cloud.google.com/iam/help/rest-credentials/v1/ 6418// projects.serviceAccounts/signJwt) 6419// method in the IAM Service Account Credentials API instead. 6420// 6421// Signs a JSON Web Token (JWT) using the system-managed private key for 6422// a 6423// ServiceAccount. 6424func (r *ProjectsServiceAccountsService) SignJwt(name string, signjwtrequest *SignJwtRequest) *ProjectsServiceAccountsSignJwtCall { 6425 c := &ProjectsServiceAccountsSignJwtCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6426 c.name = name 6427 c.signjwtrequest = signjwtrequest 6428 return c 6429} 6430 6431// Fields allows partial responses to be retrieved. See 6432// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6433// for more information. 6434func (c *ProjectsServiceAccountsSignJwtCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignJwtCall { 6435 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6436 return c 6437} 6438 6439// Context sets the context to be used in this call's Do method. Any 6440// pending HTTP request will be aborted if the provided context is 6441// canceled. 6442func (c *ProjectsServiceAccountsSignJwtCall) Context(ctx context.Context) *ProjectsServiceAccountsSignJwtCall { 6443 c.ctx_ = ctx 6444 return c 6445} 6446 6447// Header returns an http.Header that can be modified by the caller to 6448// add HTTP headers to the request. 6449func (c *ProjectsServiceAccountsSignJwtCall) Header() http.Header { 6450 if c.header_ == nil { 6451 c.header_ = make(http.Header) 6452 } 6453 return c.header_ 6454} 6455 6456func (c *ProjectsServiceAccountsSignJwtCall) doRequest(alt string) (*http.Response, error) { 6457 reqHeaders := make(http.Header) 6458 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 6459 for k, v := range c.header_ { 6460 reqHeaders[k] = v 6461 } 6462 reqHeaders.Set("User-Agent", c.s.userAgent()) 6463 var body io.Reader = nil 6464 body, err := googleapi.WithoutDataWrapper.JSONReader(c.signjwtrequest) 6465 if err != nil { 6466 return nil, err 6467 } 6468 reqHeaders.Set("Content-Type", "application/json") 6469 c.urlParams_.Set("alt", alt) 6470 c.urlParams_.Set("prettyPrint", "false") 6471 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:signJwt") 6472 urls += "?" + c.urlParams_.Encode() 6473 req, err := http.NewRequest("POST", urls, body) 6474 if err != nil { 6475 return nil, err 6476 } 6477 req.Header = reqHeaders 6478 googleapi.Expand(req.URL, map[string]string{ 6479 "name": c.name, 6480 }) 6481 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6482} 6483 6484// Do executes the "iam.projects.serviceAccounts.signJwt" call. 6485// Exactly one of *SignJwtResponse or error will be non-nil. Any non-2xx 6486// status code is an error. Response headers are in either 6487// *SignJwtResponse.ServerResponse.Header or (if a response was returned 6488// at all) in error.(*googleapi.Error).Header. Use 6489// googleapi.IsNotModified to check whether the returned error was 6490// because http.StatusNotModified was returned. 6491func (c *ProjectsServiceAccountsSignJwtCall) Do(opts ...googleapi.CallOption) (*SignJwtResponse, error) { 6492 gensupport.SetOptions(c.urlParams_, opts...) 6493 res, err := c.doRequest("json") 6494 if res != nil && res.StatusCode == http.StatusNotModified { 6495 if res.Body != nil { 6496 res.Body.Close() 6497 } 6498 return nil, &googleapi.Error{ 6499 Code: res.StatusCode, 6500 Header: res.Header, 6501 } 6502 } 6503 if err != nil { 6504 return nil, err 6505 } 6506 defer googleapi.CloseBody(res) 6507 if err := googleapi.CheckResponse(res); err != nil { 6508 return nil, err 6509 } 6510 ret := &SignJwtResponse{ 6511 ServerResponse: googleapi.ServerResponse{ 6512 Header: res.Header, 6513 HTTPStatusCode: res.StatusCode, 6514 }, 6515 } 6516 target := &ret 6517 if err := gensupport.DecodeResponse(target, res); err != nil { 6518 return nil, err 6519 } 6520 return ret, nil 6521 // { 6522 // "description": "**Note:** We are in the process of deprecating this method. Use the\n[`signJwt`](https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signJwt)\nmethod in the IAM Service Account Credentials API instead.\n\nSigns a JSON Web Token (JWT) using the system-managed private key for a\nServiceAccount.", 6523 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signJwt", 6524 // "httpMethod": "POST", 6525 // "id": "iam.projects.serviceAccounts.signJwt", 6526 // "parameterOrder": [ 6527 // "name" 6528 // ], 6529 // "parameters": { 6530 // "name": { 6531 // "description": "Required. The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 6532 // "location": "path", 6533 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 6534 // "required": true, 6535 // "type": "string" 6536 // } 6537 // }, 6538 // "path": "v1/{+name}:signJwt", 6539 // "request": { 6540 // "$ref": "SignJwtRequest" 6541 // }, 6542 // "response": { 6543 // "$ref": "SignJwtResponse" 6544 // }, 6545 // "scopes": [ 6546 // "https://www.googleapis.com/auth/cloud-platform" 6547 // ] 6548 // } 6549 6550} 6551 6552// method id "iam.projects.serviceAccounts.testIamPermissions": 6553 6554type ProjectsServiceAccountsTestIamPermissionsCall struct { 6555 s *Service 6556 resource string 6557 testiampermissionsrequest *TestIamPermissionsRequest 6558 urlParams_ gensupport.URLParams 6559 ctx_ context.Context 6560 header_ http.Header 6561} 6562 6563// TestIamPermissions: Tests whether the caller has the specified 6564// permissions on a 6565// ServiceAccount. 6566func (r *ProjectsServiceAccountsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsServiceAccountsTestIamPermissionsCall { 6567 c := &ProjectsServiceAccountsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6568 c.resource = resource 6569 c.testiampermissionsrequest = testiampermissionsrequest 6570 return c 6571} 6572 6573// Fields allows partial responses to be retrieved. See 6574// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6575// for more information. 6576func (c *ProjectsServiceAccountsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsTestIamPermissionsCall { 6577 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6578 return c 6579} 6580 6581// Context sets the context to be used in this call's Do method. Any 6582// pending HTTP request will be aborted if the provided context is 6583// canceled. 6584func (c *ProjectsServiceAccountsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsServiceAccountsTestIamPermissionsCall { 6585 c.ctx_ = ctx 6586 return c 6587} 6588 6589// Header returns an http.Header that can be modified by the caller to 6590// add HTTP headers to the request. 6591func (c *ProjectsServiceAccountsTestIamPermissionsCall) Header() http.Header { 6592 if c.header_ == nil { 6593 c.header_ = make(http.Header) 6594 } 6595 return c.header_ 6596} 6597 6598func (c *ProjectsServiceAccountsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { 6599 reqHeaders := make(http.Header) 6600 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 6601 for k, v := range c.header_ { 6602 reqHeaders[k] = v 6603 } 6604 reqHeaders.Set("User-Agent", c.s.userAgent()) 6605 var body io.Reader = nil 6606 body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) 6607 if err != nil { 6608 return nil, err 6609 } 6610 reqHeaders.Set("Content-Type", "application/json") 6611 c.urlParams_.Set("alt", alt) 6612 c.urlParams_.Set("prettyPrint", "false") 6613 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions") 6614 urls += "?" + c.urlParams_.Encode() 6615 req, err := http.NewRequest("POST", urls, body) 6616 if err != nil { 6617 return nil, err 6618 } 6619 req.Header = reqHeaders 6620 googleapi.Expand(req.URL, map[string]string{ 6621 "resource": c.resource, 6622 }) 6623 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6624} 6625 6626// Do executes the "iam.projects.serviceAccounts.testIamPermissions" call. 6627// Exactly one of *TestIamPermissionsResponse or error will be non-nil. 6628// Any non-2xx status code is an error. Response headers are in either 6629// *TestIamPermissionsResponse.ServerResponse.Header or (if a response 6630// was returned at all) in error.(*googleapi.Error).Header. Use 6631// googleapi.IsNotModified to check whether the returned error was 6632// because http.StatusNotModified was returned. 6633func (c *ProjectsServiceAccountsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { 6634 gensupport.SetOptions(c.urlParams_, opts...) 6635 res, err := c.doRequest("json") 6636 if res != nil && res.StatusCode == http.StatusNotModified { 6637 if res.Body != nil { 6638 res.Body.Close() 6639 } 6640 return nil, &googleapi.Error{ 6641 Code: res.StatusCode, 6642 Header: res.Header, 6643 } 6644 } 6645 if err != nil { 6646 return nil, err 6647 } 6648 defer googleapi.CloseBody(res) 6649 if err := googleapi.CheckResponse(res); err != nil { 6650 return nil, err 6651 } 6652 ret := &TestIamPermissionsResponse{ 6653 ServerResponse: googleapi.ServerResponse{ 6654 Header: res.Header, 6655 HTTPStatusCode: res.StatusCode, 6656 }, 6657 } 6658 target := &ret 6659 if err := gensupport.DecodeResponse(target, res); err != nil { 6660 return nil, err 6661 } 6662 return ret, nil 6663 // { 6664 // "description": "Tests whether the caller has the specified permissions on a\nServiceAccount.", 6665 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:testIamPermissions", 6666 // "httpMethod": "POST", 6667 // "id": "iam.projects.serviceAccounts.testIamPermissions", 6668 // "parameterOrder": [ 6669 // "resource" 6670 // ], 6671 // "parameters": { 6672 // "resource": { 6673 // "description": "REQUIRED: The resource for which the policy detail is being requested.\nSee the operation documentation for the appropriate value for this field.", 6674 // "location": "path", 6675 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 6676 // "required": true, 6677 // "type": "string" 6678 // } 6679 // }, 6680 // "path": "v1/{+resource}:testIamPermissions", 6681 // "request": { 6682 // "$ref": "TestIamPermissionsRequest" 6683 // }, 6684 // "response": { 6685 // "$ref": "TestIamPermissionsResponse" 6686 // }, 6687 // "scopes": [ 6688 // "https://www.googleapis.com/auth/cloud-platform" 6689 // ] 6690 // } 6691 6692} 6693 6694// method id "iam.projects.serviceAccounts.undelete": 6695 6696type ProjectsServiceAccountsUndeleteCall struct { 6697 s *Service 6698 name string 6699 undeleteserviceaccountrequest *UndeleteServiceAccountRequest 6700 urlParams_ gensupport.URLParams 6701 ctx_ context.Context 6702 header_ http.Header 6703} 6704 6705// Undelete: Restores a deleted ServiceAccount. 6706// 6707// **Important:** It is not always possible to restore a deleted 6708// service 6709// account. Use this method only as a last resort. 6710// 6711// After you delete a service account, IAM permanently removes the 6712// service 6713// account 30 days later. There is no way to restore a deleted service 6714// account 6715// that has been permanently removed. 6716func (r *ProjectsServiceAccountsService) Undelete(name string, undeleteserviceaccountrequest *UndeleteServiceAccountRequest) *ProjectsServiceAccountsUndeleteCall { 6717 c := &ProjectsServiceAccountsUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6718 c.name = name 6719 c.undeleteserviceaccountrequest = undeleteserviceaccountrequest 6720 return c 6721} 6722 6723// Fields allows partial responses to be retrieved. See 6724// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6725// for more information. 6726func (c *ProjectsServiceAccountsUndeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsUndeleteCall { 6727 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6728 return c 6729} 6730 6731// Context sets the context to be used in this call's Do method. Any 6732// pending HTTP request will be aborted if the provided context is 6733// canceled. 6734func (c *ProjectsServiceAccountsUndeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsUndeleteCall { 6735 c.ctx_ = ctx 6736 return c 6737} 6738 6739// Header returns an http.Header that can be modified by the caller to 6740// add HTTP headers to the request. 6741func (c *ProjectsServiceAccountsUndeleteCall) Header() http.Header { 6742 if c.header_ == nil { 6743 c.header_ = make(http.Header) 6744 } 6745 return c.header_ 6746} 6747 6748func (c *ProjectsServiceAccountsUndeleteCall) doRequest(alt string) (*http.Response, error) { 6749 reqHeaders := make(http.Header) 6750 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 6751 for k, v := range c.header_ { 6752 reqHeaders[k] = v 6753 } 6754 reqHeaders.Set("User-Agent", c.s.userAgent()) 6755 var body io.Reader = nil 6756 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteserviceaccountrequest) 6757 if err != nil { 6758 return nil, err 6759 } 6760 reqHeaders.Set("Content-Type", "application/json") 6761 c.urlParams_.Set("alt", alt) 6762 c.urlParams_.Set("prettyPrint", "false") 6763 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 6764 urls += "?" + c.urlParams_.Encode() 6765 req, err := http.NewRequest("POST", urls, body) 6766 if err != nil { 6767 return nil, err 6768 } 6769 req.Header = reqHeaders 6770 googleapi.Expand(req.URL, map[string]string{ 6771 "name": c.name, 6772 }) 6773 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6774} 6775 6776// Do executes the "iam.projects.serviceAccounts.undelete" call. 6777// Exactly one of *UndeleteServiceAccountResponse or error will be 6778// non-nil. Any non-2xx status code is an error. Response headers are in 6779// either *UndeleteServiceAccountResponse.ServerResponse.Header or (if a 6780// response was returned at all) in error.(*googleapi.Error).Header. Use 6781// googleapi.IsNotModified to check whether the returned error was 6782// because http.StatusNotModified was returned. 6783func (c *ProjectsServiceAccountsUndeleteCall) Do(opts ...googleapi.CallOption) (*UndeleteServiceAccountResponse, error) { 6784 gensupport.SetOptions(c.urlParams_, opts...) 6785 res, err := c.doRequest("json") 6786 if res != nil && res.StatusCode == http.StatusNotModified { 6787 if res.Body != nil { 6788 res.Body.Close() 6789 } 6790 return nil, &googleapi.Error{ 6791 Code: res.StatusCode, 6792 Header: res.Header, 6793 } 6794 } 6795 if err != nil { 6796 return nil, err 6797 } 6798 defer googleapi.CloseBody(res) 6799 if err := googleapi.CheckResponse(res); err != nil { 6800 return nil, err 6801 } 6802 ret := &UndeleteServiceAccountResponse{ 6803 ServerResponse: googleapi.ServerResponse{ 6804 Header: res.Header, 6805 HTTPStatusCode: res.StatusCode, 6806 }, 6807 } 6808 target := &ret 6809 if err := gensupport.DecodeResponse(target, res); err != nil { 6810 return nil, err 6811 } 6812 return ret, nil 6813 // { 6814 // "description": "Restores a deleted ServiceAccount.\n\n**Important:** It is not always possible to restore a deleted service\naccount. Use this method only as a last resort.\n\nAfter you delete a service account, IAM permanently removes the service\naccount 30 days later. There is no way to restore a deleted service account\nthat has been permanently removed.", 6815 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:undelete", 6816 // "httpMethod": "POST", 6817 // "id": "iam.projects.serviceAccounts.undelete", 6818 // "parameterOrder": [ 6819 // "name" 6820 // ], 6821 // "parameters": { 6822 // "name": { 6823 // "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT_UNIQUE_ID}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account.", 6824 // "location": "path", 6825 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 6826 // "required": true, 6827 // "type": "string" 6828 // } 6829 // }, 6830 // "path": "v1/{+name}:undelete", 6831 // "request": { 6832 // "$ref": "UndeleteServiceAccountRequest" 6833 // }, 6834 // "response": { 6835 // "$ref": "UndeleteServiceAccountResponse" 6836 // }, 6837 // "scopes": [ 6838 // "https://www.googleapis.com/auth/cloud-platform" 6839 // ] 6840 // } 6841 6842} 6843 6844// method id "iam.projects.serviceAccounts.update": 6845 6846type ProjectsServiceAccountsUpdateCall struct { 6847 s *Service 6848 name string 6849 serviceaccount *ServiceAccount 6850 urlParams_ gensupport.URLParams 6851 ctx_ context.Context 6852 header_ http.Header 6853} 6854 6855// Update: **Note:** We are in the process of deprecating this method. 6856// Use 6857// PatchServiceAccount instead. 6858// 6859// Updates a ServiceAccount. 6860// 6861// You can update only the `display_name` and `description` fields. 6862func (r *ProjectsServiceAccountsService) Update(name string, serviceaccount *ServiceAccount) *ProjectsServiceAccountsUpdateCall { 6863 c := &ProjectsServiceAccountsUpdateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6864 c.name = name 6865 c.serviceaccount = serviceaccount 6866 return c 6867} 6868 6869// Fields allows partial responses to be retrieved. See 6870// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6871// for more information. 6872func (c *ProjectsServiceAccountsUpdateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsUpdateCall { 6873 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6874 return c 6875} 6876 6877// Context sets the context to be used in this call's Do method. Any 6878// pending HTTP request will be aborted if the provided context is 6879// canceled. 6880func (c *ProjectsServiceAccountsUpdateCall) Context(ctx context.Context) *ProjectsServiceAccountsUpdateCall { 6881 c.ctx_ = ctx 6882 return c 6883} 6884 6885// Header returns an http.Header that can be modified by the caller to 6886// add HTTP headers to the request. 6887func (c *ProjectsServiceAccountsUpdateCall) Header() http.Header { 6888 if c.header_ == nil { 6889 c.header_ = make(http.Header) 6890 } 6891 return c.header_ 6892} 6893 6894func (c *ProjectsServiceAccountsUpdateCall) doRequest(alt string) (*http.Response, error) { 6895 reqHeaders := make(http.Header) 6896 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 6897 for k, v := range c.header_ { 6898 reqHeaders[k] = v 6899 } 6900 reqHeaders.Set("User-Agent", c.s.userAgent()) 6901 var body io.Reader = nil 6902 body, err := googleapi.WithoutDataWrapper.JSONReader(c.serviceaccount) 6903 if err != nil { 6904 return nil, err 6905 } 6906 reqHeaders.Set("Content-Type", "application/json") 6907 c.urlParams_.Set("alt", alt) 6908 c.urlParams_.Set("prettyPrint", "false") 6909 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6910 urls += "?" + c.urlParams_.Encode() 6911 req, err := http.NewRequest("PUT", urls, body) 6912 if err != nil { 6913 return nil, err 6914 } 6915 req.Header = reqHeaders 6916 googleapi.Expand(req.URL, map[string]string{ 6917 "name": c.name, 6918 }) 6919 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6920} 6921 6922// Do executes the "iam.projects.serviceAccounts.update" call. 6923// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 6924// status code is an error. Response headers are in either 6925// *ServiceAccount.ServerResponse.Header or (if a response was returned 6926// at all) in error.(*googleapi.Error).Header. Use 6927// googleapi.IsNotModified to check whether the returned error was 6928// because http.StatusNotModified was returned. 6929func (c *ProjectsServiceAccountsUpdateCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 6930 gensupport.SetOptions(c.urlParams_, opts...) 6931 res, err := c.doRequest("json") 6932 if res != nil && res.StatusCode == http.StatusNotModified { 6933 if res.Body != nil { 6934 res.Body.Close() 6935 } 6936 return nil, &googleapi.Error{ 6937 Code: res.StatusCode, 6938 Header: res.Header, 6939 } 6940 } 6941 if err != nil { 6942 return nil, err 6943 } 6944 defer googleapi.CloseBody(res) 6945 if err := googleapi.CheckResponse(res); err != nil { 6946 return nil, err 6947 } 6948 ret := &ServiceAccount{ 6949 ServerResponse: googleapi.ServerResponse{ 6950 Header: res.Header, 6951 HTTPStatusCode: res.StatusCode, 6952 }, 6953 } 6954 target := &ret 6955 if err := gensupport.DecodeResponse(target, res); err != nil { 6956 return nil, err 6957 } 6958 return ret, nil 6959 // { 6960 // "description": "**Note:** We are in the process of deprecating this method. Use\nPatchServiceAccount instead.\n\nUpdates a ServiceAccount.\n\nYou can update only the `display_name` and `description` fields.", 6961 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 6962 // "httpMethod": "PUT", 6963 // "id": "iam.projects.serviceAccounts.update", 6964 // "parameterOrder": [ 6965 // "name" 6966 // ], 6967 // "parameters": { 6968 // "name": { 6969 // "description": "The resource name of the service account.\n\nUse one of the following formats:\n\n* `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}`\n* `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}`\n\nAs an alternative, you can use the `-` wildcard character instead of the\nproject ID:\n\n* `projects/-/serviceAccounts/{EMAIL_ADDRESS}`\n* `projects/-/serviceAccounts/{UNIQUE_ID}`\n\nWhen possible, avoid using the `-` wildcard character, because it can cause\nresponse messages to contain misleading error codes. For example, if you\ntry to get the service account\n`projects/-/serviceAccounts/fake@example.com`, which does not exist, the\nresponse contains an HTTP `403 Forbidden` error instead of a `404 Not\nFound` error.", 6970 // "location": "path", 6971 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 6972 // "required": true, 6973 // "type": "string" 6974 // } 6975 // }, 6976 // "path": "v1/{+name}", 6977 // "request": { 6978 // "$ref": "ServiceAccount" 6979 // }, 6980 // "response": { 6981 // "$ref": "ServiceAccount" 6982 // }, 6983 // "scopes": [ 6984 // "https://www.googleapis.com/auth/cloud-platform" 6985 // ] 6986 // } 6987 6988} 6989 6990// method id "iam.projects.serviceAccounts.keys.create": 6991 6992type ProjectsServiceAccountsKeysCreateCall struct { 6993 s *Service 6994 name string 6995 createserviceaccountkeyrequest *CreateServiceAccountKeyRequest 6996 urlParams_ gensupport.URLParams 6997 ctx_ context.Context 6998 header_ http.Header 6999} 7000 7001// Create: Creates a ServiceAccountKey. 7002func (r *ProjectsServiceAccountsKeysService) Create(name string, createserviceaccountkeyrequest *CreateServiceAccountKeyRequest) *ProjectsServiceAccountsKeysCreateCall { 7003 c := &ProjectsServiceAccountsKeysCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7004 c.name = name 7005 c.createserviceaccountkeyrequest = createserviceaccountkeyrequest 7006 return c 7007} 7008 7009// Fields allows partial responses to be retrieved. See 7010// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7011// for more information. 7012func (c *ProjectsServiceAccountsKeysCreateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysCreateCall { 7013 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7014 return c 7015} 7016 7017// Context sets the context to be used in this call's Do method. Any 7018// pending HTTP request will be aborted if the provided context is 7019// canceled. 7020func (c *ProjectsServiceAccountsKeysCreateCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysCreateCall { 7021 c.ctx_ = ctx 7022 return c 7023} 7024 7025// Header returns an http.Header that can be modified by the caller to 7026// add HTTP headers to the request. 7027func (c *ProjectsServiceAccountsKeysCreateCall) Header() http.Header { 7028 if c.header_ == nil { 7029 c.header_ = make(http.Header) 7030 } 7031 return c.header_ 7032} 7033 7034func (c *ProjectsServiceAccountsKeysCreateCall) doRequest(alt string) (*http.Response, error) { 7035 reqHeaders := make(http.Header) 7036 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 7037 for k, v := range c.header_ { 7038 reqHeaders[k] = v 7039 } 7040 reqHeaders.Set("User-Agent", c.s.userAgent()) 7041 var body io.Reader = nil 7042 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createserviceaccountkeyrequest) 7043 if err != nil { 7044 return nil, err 7045 } 7046 reqHeaders.Set("Content-Type", "application/json") 7047 c.urlParams_.Set("alt", alt) 7048 c.urlParams_.Set("prettyPrint", "false") 7049 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys") 7050 urls += "?" + c.urlParams_.Encode() 7051 req, err := http.NewRequest("POST", urls, body) 7052 if err != nil { 7053 return nil, err 7054 } 7055 req.Header = reqHeaders 7056 googleapi.Expand(req.URL, map[string]string{ 7057 "name": c.name, 7058 }) 7059 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7060} 7061 7062// Do executes the "iam.projects.serviceAccounts.keys.create" call. 7063// Exactly one of *ServiceAccountKey or error will be non-nil. Any 7064// non-2xx status code is an error. Response headers are in either 7065// *ServiceAccountKey.ServerResponse.Header or (if a response was 7066// returned at all) in error.(*googleapi.Error).Header. Use 7067// googleapi.IsNotModified to check whether the returned error was 7068// because http.StatusNotModified was returned. 7069func (c *ProjectsServiceAccountsKeysCreateCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 7070 gensupport.SetOptions(c.urlParams_, opts...) 7071 res, err := c.doRequest("json") 7072 if res != nil && res.StatusCode == http.StatusNotModified { 7073 if res.Body != nil { 7074 res.Body.Close() 7075 } 7076 return nil, &googleapi.Error{ 7077 Code: res.StatusCode, 7078 Header: res.Header, 7079 } 7080 } 7081 if err != nil { 7082 return nil, err 7083 } 7084 defer googleapi.CloseBody(res) 7085 if err := googleapi.CheckResponse(res); err != nil { 7086 return nil, err 7087 } 7088 ret := &ServiceAccountKey{ 7089 ServerResponse: googleapi.ServerResponse{ 7090 Header: res.Header, 7091 HTTPStatusCode: res.StatusCode, 7092 }, 7093 } 7094 target := &ret 7095 if err := gensupport.DecodeResponse(target, res); err != nil { 7096 return nil, err 7097 } 7098 return ret, nil 7099 // { 7100 // "description": "Creates a ServiceAccountKey.", 7101 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys", 7102 // "httpMethod": "POST", 7103 // "id": "iam.projects.serviceAccounts.keys.create", 7104 // "parameterOrder": [ 7105 // "name" 7106 // ], 7107 // "parameters": { 7108 // "name": { 7109 // "description": "Required. The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 7110 // "location": "path", 7111 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 7112 // "required": true, 7113 // "type": "string" 7114 // } 7115 // }, 7116 // "path": "v1/{+name}/keys", 7117 // "request": { 7118 // "$ref": "CreateServiceAccountKeyRequest" 7119 // }, 7120 // "response": { 7121 // "$ref": "ServiceAccountKey" 7122 // }, 7123 // "scopes": [ 7124 // "https://www.googleapis.com/auth/cloud-platform" 7125 // ] 7126 // } 7127 7128} 7129 7130// method id "iam.projects.serviceAccounts.keys.delete": 7131 7132type ProjectsServiceAccountsKeysDeleteCall struct { 7133 s *Service 7134 name string 7135 urlParams_ gensupport.URLParams 7136 ctx_ context.Context 7137 header_ http.Header 7138} 7139 7140// Delete: Deletes a ServiceAccountKey. 7141func (r *ProjectsServiceAccountsKeysService) Delete(name string) *ProjectsServiceAccountsKeysDeleteCall { 7142 c := &ProjectsServiceAccountsKeysDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7143 c.name = name 7144 return c 7145} 7146 7147// Fields allows partial responses to be retrieved. See 7148// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7149// for more information. 7150func (c *ProjectsServiceAccountsKeysDeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysDeleteCall { 7151 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7152 return c 7153} 7154 7155// Context sets the context to be used in this call's Do method. Any 7156// pending HTTP request will be aborted if the provided context is 7157// canceled. 7158func (c *ProjectsServiceAccountsKeysDeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysDeleteCall { 7159 c.ctx_ = ctx 7160 return c 7161} 7162 7163// Header returns an http.Header that can be modified by the caller to 7164// add HTTP headers to the request. 7165func (c *ProjectsServiceAccountsKeysDeleteCall) Header() http.Header { 7166 if c.header_ == nil { 7167 c.header_ = make(http.Header) 7168 } 7169 return c.header_ 7170} 7171 7172func (c *ProjectsServiceAccountsKeysDeleteCall) doRequest(alt string) (*http.Response, error) { 7173 reqHeaders := make(http.Header) 7174 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 7175 for k, v := range c.header_ { 7176 reqHeaders[k] = v 7177 } 7178 reqHeaders.Set("User-Agent", c.s.userAgent()) 7179 var body io.Reader = nil 7180 c.urlParams_.Set("alt", alt) 7181 c.urlParams_.Set("prettyPrint", "false") 7182 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 7183 urls += "?" + c.urlParams_.Encode() 7184 req, err := http.NewRequest("DELETE", urls, body) 7185 if err != nil { 7186 return nil, err 7187 } 7188 req.Header = reqHeaders 7189 googleapi.Expand(req.URL, map[string]string{ 7190 "name": c.name, 7191 }) 7192 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7193} 7194 7195// Do executes the "iam.projects.serviceAccounts.keys.delete" call. 7196// Exactly one of *Empty or error will be non-nil. Any non-2xx status 7197// code is an error. Response headers are in either 7198// *Empty.ServerResponse.Header or (if a response was returned at all) 7199// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 7200// check whether the returned error was because http.StatusNotModified 7201// was returned. 7202func (c *ProjectsServiceAccountsKeysDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 7203 gensupport.SetOptions(c.urlParams_, opts...) 7204 res, err := c.doRequest("json") 7205 if res != nil && res.StatusCode == http.StatusNotModified { 7206 if res.Body != nil { 7207 res.Body.Close() 7208 } 7209 return nil, &googleapi.Error{ 7210 Code: res.StatusCode, 7211 Header: res.Header, 7212 } 7213 } 7214 if err != nil { 7215 return nil, err 7216 } 7217 defer googleapi.CloseBody(res) 7218 if err := googleapi.CheckResponse(res); err != nil { 7219 return nil, err 7220 } 7221 ret := &Empty{ 7222 ServerResponse: googleapi.ServerResponse{ 7223 Header: res.Header, 7224 HTTPStatusCode: res.StatusCode, 7225 }, 7226 } 7227 target := &ret 7228 if err := gensupport.DecodeResponse(target, res); err != nil { 7229 return nil, err 7230 } 7231 return ret, nil 7232 // { 7233 // "description": "Deletes a ServiceAccountKey.", 7234 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}", 7235 // "httpMethod": "DELETE", 7236 // "id": "iam.projects.serviceAccounts.keys.delete", 7237 // "parameterOrder": [ 7238 // "name" 7239 // ], 7240 // "parameters": { 7241 // "name": { 7242 // "description": "Required. The resource name of the service account key in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 7243 // "location": "path", 7244 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$", 7245 // "required": true, 7246 // "type": "string" 7247 // } 7248 // }, 7249 // "path": "v1/{+name}", 7250 // "response": { 7251 // "$ref": "Empty" 7252 // }, 7253 // "scopes": [ 7254 // "https://www.googleapis.com/auth/cloud-platform" 7255 // ] 7256 // } 7257 7258} 7259 7260// method id "iam.projects.serviceAccounts.keys.get": 7261 7262type ProjectsServiceAccountsKeysGetCall struct { 7263 s *Service 7264 name string 7265 urlParams_ gensupport.URLParams 7266 ifNoneMatch_ string 7267 ctx_ context.Context 7268 header_ http.Header 7269} 7270 7271// Get: Gets a ServiceAccountKey. 7272func (r *ProjectsServiceAccountsKeysService) Get(name string) *ProjectsServiceAccountsKeysGetCall { 7273 c := &ProjectsServiceAccountsKeysGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7274 c.name = name 7275 return c 7276} 7277 7278// PublicKeyType sets the optional parameter "publicKeyType": The output 7279// format of the public key requested. 7280// X509_PEM is the default output format. 7281// 7282// Possible values: 7283// "TYPE_NONE" 7284// "TYPE_X509_PEM_FILE" 7285// "TYPE_RAW_PUBLIC_KEY" 7286func (c *ProjectsServiceAccountsKeysGetCall) PublicKeyType(publicKeyType string) *ProjectsServiceAccountsKeysGetCall { 7287 c.urlParams_.Set("publicKeyType", publicKeyType) 7288 return c 7289} 7290 7291// Fields allows partial responses to be retrieved. See 7292// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7293// for more information. 7294func (c *ProjectsServiceAccountsKeysGetCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysGetCall { 7295 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7296 return c 7297} 7298 7299// IfNoneMatch sets the optional parameter which makes the operation 7300// fail if the object's ETag matches the given value. This is useful for 7301// getting updates only after the object has changed since the last 7302// request. Use googleapi.IsNotModified to check whether the response 7303// error from Do is the result of In-None-Match. 7304func (c *ProjectsServiceAccountsKeysGetCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsKeysGetCall { 7305 c.ifNoneMatch_ = entityTag 7306 return c 7307} 7308 7309// Context sets the context to be used in this call's Do method. Any 7310// pending HTTP request will be aborted if the provided context is 7311// canceled. 7312func (c *ProjectsServiceAccountsKeysGetCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysGetCall { 7313 c.ctx_ = ctx 7314 return c 7315} 7316 7317// Header returns an http.Header that can be modified by the caller to 7318// add HTTP headers to the request. 7319func (c *ProjectsServiceAccountsKeysGetCall) Header() http.Header { 7320 if c.header_ == nil { 7321 c.header_ = make(http.Header) 7322 } 7323 return c.header_ 7324} 7325 7326func (c *ProjectsServiceAccountsKeysGetCall) doRequest(alt string) (*http.Response, error) { 7327 reqHeaders := make(http.Header) 7328 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 7329 for k, v := range c.header_ { 7330 reqHeaders[k] = v 7331 } 7332 reqHeaders.Set("User-Agent", c.s.userAgent()) 7333 if c.ifNoneMatch_ != "" { 7334 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7335 } 7336 var body io.Reader = nil 7337 c.urlParams_.Set("alt", alt) 7338 c.urlParams_.Set("prettyPrint", "false") 7339 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 7340 urls += "?" + c.urlParams_.Encode() 7341 req, err := http.NewRequest("GET", urls, body) 7342 if err != nil { 7343 return nil, err 7344 } 7345 req.Header = reqHeaders 7346 googleapi.Expand(req.URL, map[string]string{ 7347 "name": c.name, 7348 }) 7349 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7350} 7351 7352// Do executes the "iam.projects.serviceAccounts.keys.get" call. 7353// Exactly one of *ServiceAccountKey or error will be non-nil. Any 7354// non-2xx status code is an error. Response headers are in either 7355// *ServiceAccountKey.ServerResponse.Header or (if a response was 7356// returned at all) in error.(*googleapi.Error).Header. Use 7357// googleapi.IsNotModified to check whether the returned error was 7358// because http.StatusNotModified was returned. 7359func (c *ProjectsServiceAccountsKeysGetCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 7360 gensupport.SetOptions(c.urlParams_, opts...) 7361 res, err := c.doRequest("json") 7362 if res != nil && res.StatusCode == http.StatusNotModified { 7363 if res.Body != nil { 7364 res.Body.Close() 7365 } 7366 return nil, &googleapi.Error{ 7367 Code: res.StatusCode, 7368 Header: res.Header, 7369 } 7370 } 7371 if err != nil { 7372 return nil, err 7373 } 7374 defer googleapi.CloseBody(res) 7375 if err := googleapi.CheckResponse(res); err != nil { 7376 return nil, err 7377 } 7378 ret := &ServiceAccountKey{ 7379 ServerResponse: googleapi.ServerResponse{ 7380 Header: res.Header, 7381 HTTPStatusCode: res.StatusCode, 7382 }, 7383 } 7384 target := &ret 7385 if err := gensupport.DecodeResponse(target, res); err != nil { 7386 return nil, err 7387 } 7388 return ret, nil 7389 // { 7390 // "description": "Gets a ServiceAccountKey.", 7391 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}", 7392 // "httpMethod": "GET", 7393 // "id": "iam.projects.serviceAccounts.keys.get", 7394 // "parameterOrder": [ 7395 // "name" 7396 // ], 7397 // "parameters": { 7398 // "name": { 7399 // "description": "Required. The resource name of the service account key in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`.\n\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 7400 // "location": "path", 7401 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$", 7402 // "required": true, 7403 // "type": "string" 7404 // }, 7405 // "publicKeyType": { 7406 // "description": "The output format of the public key requested.\nX509_PEM is the default output format.", 7407 // "enum": [ 7408 // "TYPE_NONE", 7409 // "TYPE_X509_PEM_FILE", 7410 // "TYPE_RAW_PUBLIC_KEY" 7411 // ], 7412 // "location": "query", 7413 // "type": "string" 7414 // } 7415 // }, 7416 // "path": "v1/{+name}", 7417 // "response": { 7418 // "$ref": "ServiceAccountKey" 7419 // }, 7420 // "scopes": [ 7421 // "https://www.googleapis.com/auth/cloud-platform" 7422 // ] 7423 // } 7424 7425} 7426 7427// method id "iam.projects.serviceAccounts.keys.list": 7428 7429type ProjectsServiceAccountsKeysListCall struct { 7430 s *Service 7431 name string 7432 urlParams_ gensupport.URLParams 7433 ifNoneMatch_ string 7434 ctx_ context.Context 7435 header_ http.Header 7436} 7437 7438// List: Lists every ServiceAccountKey for a service account. 7439func (r *ProjectsServiceAccountsKeysService) List(name string) *ProjectsServiceAccountsKeysListCall { 7440 c := &ProjectsServiceAccountsKeysListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7441 c.name = name 7442 return c 7443} 7444 7445// KeyTypes sets the optional parameter "keyTypes": Filters the types of 7446// keys the user wants to include in the list 7447// response. Duplicate key types are not allowed. If no key type 7448// is provided, all keys are returned. 7449// 7450// Possible values: 7451// "KEY_TYPE_UNSPECIFIED" 7452// "USER_MANAGED" 7453// "SYSTEM_MANAGED" 7454func (c *ProjectsServiceAccountsKeysListCall) KeyTypes(keyTypes ...string) *ProjectsServiceAccountsKeysListCall { 7455 c.urlParams_.SetMulti("keyTypes", append([]string{}, keyTypes...)) 7456 return c 7457} 7458 7459// Fields allows partial responses to be retrieved. See 7460// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7461// for more information. 7462func (c *ProjectsServiceAccountsKeysListCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysListCall { 7463 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7464 return c 7465} 7466 7467// IfNoneMatch sets the optional parameter which makes the operation 7468// fail if the object's ETag matches the given value. This is useful for 7469// getting updates only after the object has changed since the last 7470// request. Use googleapi.IsNotModified to check whether the response 7471// error from Do is the result of In-None-Match. 7472func (c *ProjectsServiceAccountsKeysListCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsKeysListCall { 7473 c.ifNoneMatch_ = entityTag 7474 return c 7475} 7476 7477// Context sets the context to be used in this call's Do method. Any 7478// pending HTTP request will be aborted if the provided context is 7479// canceled. 7480func (c *ProjectsServiceAccountsKeysListCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysListCall { 7481 c.ctx_ = ctx 7482 return c 7483} 7484 7485// Header returns an http.Header that can be modified by the caller to 7486// add HTTP headers to the request. 7487func (c *ProjectsServiceAccountsKeysListCall) Header() http.Header { 7488 if c.header_ == nil { 7489 c.header_ = make(http.Header) 7490 } 7491 return c.header_ 7492} 7493 7494func (c *ProjectsServiceAccountsKeysListCall) doRequest(alt string) (*http.Response, error) { 7495 reqHeaders := make(http.Header) 7496 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 7497 for k, v := range c.header_ { 7498 reqHeaders[k] = v 7499 } 7500 reqHeaders.Set("User-Agent", c.s.userAgent()) 7501 if c.ifNoneMatch_ != "" { 7502 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7503 } 7504 var body io.Reader = nil 7505 c.urlParams_.Set("alt", alt) 7506 c.urlParams_.Set("prettyPrint", "false") 7507 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys") 7508 urls += "?" + c.urlParams_.Encode() 7509 req, err := http.NewRequest("GET", urls, body) 7510 if err != nil { 7511 return nil, err 7512 } 7513 req.Header = reqHeaders 7514 googleapi.Expand(req.URL, map[string]string{ 7515 "name": c.name, 7516 }) 7517 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7518} 7519 7520// Do executes the "iam.projects.serviceAccounts.keys.list" call. 7521// Exactly one of *ListServiceAccountKeysResponse or error will be 7522// non-nil. Any non-2xx status code is an error. Response headers are in 7523// either *ListServiceAccountKeysResponse.ServerResponse.Header or (if a 7524// response was returned at all) in error.(*googleapi.Error).Header. Use 7525// googleapi.IsNotModified to check whether the returned error was 7526// because http.StatusNotModified was returned. 7527func (c *ProjectsServiceAccountsKeysListCall) Do(opts ...googleapi.CallOption) (*ListServiceAccountKeysResponse, error) { 7528 gensupport.SetOptions(c.urlParams_, opts...) 7529 res, err := c.doRequest("json") 7530 if res != nil && res.StatusCode == http.StatusNotModified { 7531 if res.Body != nil { 7532 res.Body.Close() 7533 } 7534 return nil, &googleapi.Error{ 7535 Code: res.StatusCode, 7536 Header: res.Header, 7537 } 7538 } 7539 if err != nil { 7540 return nil, err 7541 } 7542 defer googleapi.CloseBody(res) 7543 if err := googleapi.CheckResponse(res); err != nil { 7544 return nil, err 7545 } 7546 ret := &ListServiceAccountKeysResponse{ 7547 ServerResponse: googleapi.ServerResponse{ 7548 Header: res.Header, 7549 HTTPStatusCode: res.StatusCode, 7550 }, 7551 } 7552 target := &ret 7553 if err := gensupport.DecodeResponse(target, res); err != nil { 7554 return nil, err 7555 } 7556 return ret, nil 7557 // { 7558 // "description": "Lists every ServiceAccountKey for a service account.", 7559 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys", 7560 // "httpMethod": "GET", 7561 // "id": "iam.projects.serviceAccounts.keys.list", 7562 // "parameterOrder": [ 7563 // "name" 7564 // ], 7565 // "parameters": { 7566 // "keyTypes": { 7567 // "description": "Filters the types of keys the user wants to include in the list\nresponse. Duplicate key types are not allowed. If no key type\nis provided, all keys are returned.", 7568 // "enum": [ 7569 // "KEY_TYPE_UNSPECIFIED", 7570 // "USER_MANAGED", 7571 // "SYSTEM_MANAGED" 7572 // ], 7573 // "location": "query", 7574 // "repeated": true, 7575 // "type": "string" 7576 // }, 7577 // "name": { 7578 // "description": "Required. The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\n\nUsing `-` as a wildcard for the `PROJECT_ID`, will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 7579 // "location": "path", 7580 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 7581 // "required": true, 7582 // "type": "string" 7583 // } 7584 // }, 7585 // "path": "v1/{+name}/keys", 7586 // "response": { 7587 // "$ref": "ListServiceAccountKeysResponse" 7588 // }, 7589 // "scopes": [ 7590 // "https://www.googleapis.com/auth/cloud-platform" 7591 // ] 7592 // } 7593 7594} 7595 7596// method id "iam.projects.serviceAccounts.keys.upload": 7597 7598type ProjectsServiceAccountsKeysUploadCall struct { 7599 s *Service 7600 name string 7601 uploadserviceaccountkeyrequest *UploadServiceAccountKeyRequest 7602 urlParams_ gensupport.URLParams 7603 ctx_ context.Context 7604 header_ http.Header 7605} 7606 7607// Upload: Creates a ServiceAccountKey, using a public key that you 7608// provide. 7609func (r *ProjectsServiceAccountsKeysService) Upload(name string, uploadserviceaccountkeyrequest *UploadServiceAccountKeyRequest) *ProjectsServiceAccountsKeysUploadCall { 7610 c := &ProjectsServiceAccountsKeysUploadCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7611 c.name = name 7612 c.uploadserviceaccountkeyrequest = uploadserviceaccountkeyrequest 7613 return c 7614} 7615 7616// Fields allows partial responses to be retrieved. See 7617// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7618// for more information. 7619func (c *ProjectsServiceAccountsKeysUploadCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysUploadCall { 7620 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7621 return c 7622} 7623 7624// Context sets the context to be used in this call's Do method. Any 7625// pending HTTP request will be aborted if the provided context is 7626// canceled. 7627func (c *ProjectsServiceAccountsKeysUploadCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysUploadCall { 7628 c.ctx_ = ctx 7629 return c 7630} 7631 7632// Header returns an http.Header that can be modified by the caller to 7633// add HTTP headers to the request. 7634func (c *ProjectsServiceAccountsKeysUploadCall) Header() http.Header { 7635 if c.header_ == nil { 7636 c.header_ = make(http.Header) 7637 } 7638 return c.header_ 7639} 7640 7641func (c *ProjectsServiceAccountsKeysUploadCall) doRequest(alt string) (*http.Response, error) { 7642 reqHeaders := make(http.Header) 7643 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 7644 for k, v := range c.header_ { 7645 reqHeaders[k] = v 7646 } 7647 reqHeaders.Set("User-Agent", c.s.userAgent()) 7648 var body io.Reader = nil 7649 body, err := googleapi.WithoutDataWrapper.JSONReader(c.uploadserviceaccountkeyrequest) 7650 if err != nil { 7651 return nil, err 7652 } 7653 reqHeaders.Set("Content-Type", "application/json") 7654 c.urlParams_.Set("alt", alt) 7655 c.urlParams_.Set("prettyPrint", "false") 7656 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys:upload") 7657 urls += "?" + c.urlParams_.Encode() 7658 req, err := http.NewRequest("POST", urls, body) 7659 if err != nil { 7660 return nil, err 7661 } 7662 req.Header = reqHeaders 7663 googleapi.Expand(req.URL, map[string]string{ 7664 "name": c.name, 7665 }) 7666 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7667} 7668 7669// Do executes the "iam.projects.serviceAccounts.keys.upload" call. 7670// Exactly one of *ServiceAccountKey or error will be non-nil. Any 7671// non-2xx status code is an error. Response headers are in either 7672// *ServiceAccountKey.ServerResponse.Header or (if a response was 7673// returned at all) in error.(*googleapi.Error).Header. Use 7674// googleapi.IsNotModified to check whether the returned error was 7675// because http.StatusNotModified was returned. 7676func (c *ProjectsServiceAccountsKeysUploadCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 7677 gensupport.SetOptions(c.urlParams_, opts...) 7678 res, err := c.doRequest("json") 7679 if res != nil && res.StatusCode == http.StatusNotModified { 7680 if res.Body != nil { 7681 res.Body.Close() 7682 } 7683 return nil, &googleapi.Error{ 7684 Code: res.StatusCode, 7685 Header: res.Header, 7686 } 7687 } 7688 if err != nil { 7689 return nil, err 7690 } 7691 defer googleapi.CloseBody(res) 7692 if err := googleapi.CheckResponse(res); err != nil { 7693 return nil, err 7694 } 7695 ret := &ServiceAccountKey{ 7696 ServerResponse: googleapi.ServerResponse{ 7697 Header: res.Header, 7698 HTTPStatusCode: res.StatusCode, 7699 }, 7700 } 7701 target := &ret 7702 if err := gensupport.DecodeResponse(target, res); err != nil { 7703 return nil, err 7704 } 7705 return ret, nil 7706 // { 7707 // "description": "Creates a ServiceAccountKey, using a public key that you provide.", 7708 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys:upload", 7709 // "httpMethod": "POST", 7710 // "id": "iam.projects.serviceAccounts.keys.upload", 7711 // "parameterOrder": [ 7712 // "name" 7713 // ], 7714 // "parameters": { 7715 // "name": { 7716 // "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 7717 // "location": "path", 7718 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 7719 // "required": true, 7720 // "type": "string" 7721 // } 7722 // }, 7723 // "path": "v1/{+name}/keys:upload", 7724 // "request": { 7725 // "$ref": "UploadServiceAccountKeyRequest" 7726 // }, 7727 // "response": { 7728 // "$ref": "ServiceAccountKey" 7729 // }, 7730 // "scopes": [ 7731 // "https://www.googleapis.com/auth/cloud-platform" 7732 // ] 7733 // } 7734 7735} 7736 7737// method id "iam.roles.get": 7738 7739type RolesGetCall struct { 7740 s *Service 7741 name string 7742 urlParams_ gensupport.URLParams 7743 ifNoneMatch_ string 7744 ctx_ context.Context 7745 header_ http.Header 7746} 7747 7748// Get: Gets the definition of a Role. 7749func (r *RolesService) Get(name string) *RolesGetCall { 7750 c := &RolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7751 c.name = name 7752 return c 7753} 7754 7755// Fields allows partial responses to be retrieved. See 7756// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7757// for more information. 7758func (c *RolesGetCall) Fields(s ...googleapi.Field) *RolesGetCall { 7759 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7760 return c 7761} 7762 7763// IfNoneMatch sets the optional parameter which makes the operation 7764// fail if the object's ETag matches the given value. This is useful for 7765// getting updates only after the object has changed since the last 7766// request. Use googleapi.IsNotModified to check whether the response 7767// error from Do is the result of In-None-Match. 7768func (c *RolesGetCall) IfNoneMatch(entityTag string) *RolesGetCall { 7769 c.ifNoneMatch_ = entityTag 7770 return c 7771} 7772 7773// Context sets the context to be used in this call's Do method. Any 7774// pending HTTP request will be aborted if the provided context is 7775// canceled. 7776func (c *RolesGetCall) Context(ctx context.Context) *RolesGetCall { 7777 c.ctx_ = ctx 7778 return c 7779} 7780 7781// Header returns an http.Header that can be modified by the caller to 7782// add HTTP headers to the request. 7783func (c *RolesGetCall) Header() http.Header { 7784 if c.header_ == nil { 7785 c.header_ = make(http.Header) 7786 } 7787 return c.header_ 7788} 7789 7790func (c *RolesGetCall) doRequest(alt string) (*http.Response, error) { 7791 reqHeaders := make(http.Header) 7792 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 7793 for k, v := range c.header_ { 7794 reqHeaders[k] = v 7795 } 7796 reqHeaders.Set("User-Agent", c.s.userAgent()) 7797 if c.ifNoneMatch_ != "" { 7798 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7799 } 7800 var body io.Reader = nil 7801 c.urlParams_.Set("alt", alt) 7802 c.urlParams_.Set("prettyPrint", "false") 7803 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 7804 urls += "?" + c.urlParams_.Encode() 7805 req, err := http.NewRequest("GET", urls, body) 7806 if err != nil { 7807 return nil, err 7808 } 7809 req.Header = reqHeaders 7810 googleapi.Expand(req.URL, map[string]string{ 7811 "name": c.name, 7812 }) 7813 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7814} 7815 7816// Do executes the "iam.roles.get" call. 7817// Exactly one of *Role or error will be non-nil. Any non-2xx status 7818// code is an error. Response headers are in either 7819// *Role.ServerResponse.Header or (if a response was returned at all) in 7820// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 7821// whether the returned error was because http.StatusNotModified was 7822// returned. 7823func (c *RolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 7824 gensupport.SetOptions(c.urlParams_, opts...) 7825 res, err := c.doRequest("json") 7826 if res != nil && res.StatusCode == http.StatusNotModified { 7827 if res.Body != nil { 7828 res.Body.Close() 7829 } 7830 return nil, &googleapi.Error{ 7831 Code: res.StatusCode, 7832 Header: res.Header, 7833 } 7834 } 7835 if err != nil { 7836 return nil, err 7837 } 7838 defer googleapi.CloseBody(res) 7839 if err := googleapi.CheckResponse(res); err != nil { 7840 return nil, err 7841 } 7842 ret := &Role{ 7843 ServerResponse: googleapi.ServerResponse{ 7844 Header: res.Header, 7845 HTTPStatusCode: res.StatusCode, 7846 }, 7847 } 7848 target := &ret 7849 if err := gensupport.DecodeResponse(target, res); err != nil { 7850 return nil, err 7851 } 7852 return ret, nil 7853 // { 7854 // "description": "Gets the definition of a Role.", 7855 // "flatPath": "v1/roles/{rolesId}", 7856 // "httpMethod": "GET", 7857 // "id": "iam.roles.get", 7858 // "parameterOrder": [ 7859 // "name" 7860 // ], 7861 // "parameters": { 7862 // "name": { 7863 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`roles`](/iam/reference/rest/v1/roles),\n[`projects`](/iam/reference/rest/v1/projects.roles), or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`.\n This method returns results from all\n [predefined roles](/iam/docs/understanding-roles#predefined_roles) in\n Cloud IAM. Example request URL:\n `https://iam.googleapis.com/v1/roles/{ROLE_NAME}`\n\n* [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only\n [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n returns only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 7864 // "location": "path", 7865 // "pattern": "^roles/[^/]+$", 7866 // "required": true, 7867 // "type": "string" 7868 // } 7869 // }, 7870 // "path": "v1/{+name}", 7871 // "response": { 7872 // "$ref": "Role" 7873 // }, 7874 // "scopes": [ 7875 // "https://www.googleapis.com/auth/cloud-platform" 7876 // ] 7877 // } 7878 7879} 7880 7881// method id "iam.roles.list": 7882 7883type RolesListCall struct { 7884 s *Service 7885 urlParams_ gensupport.URLParams 7886 ifNoneMatch_ string 7887 ctx_ context.Context 7888 header_ http.Header 7889} 7890 7891// List: Lists every predefined Role that IAM supports, or every custom 7892// role 7893// that is defined for an organization or project. 7894func (r *RolesService) List() *RolesListCall { 7895 c := &RolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7896 return c 7897} 7898 7899// PageSize sets the optional parameter "pageSize": Optional limit on 7900// the number of roles to include in the response. 7901// 7902// The default is 300, and the maximum is 1,000. 7903func (c *RolesListCall) PageSize(pageSize int64) *RolesListCall { 7904 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 7905 return c 7906} 7907 7908// PageToken sets the optional parameter "pageToken": Optional 7909// pagination token returned in an earlier ListRolesResponse. 7910func (c *RolesListCall) PageToken(pageToken string) *RolesListCall { 7911 c.urlParams_.Set("pageToken", pageToken) 7912 return c 7913} 7914 7915// Parent sets the optional parameter "parent": The `parent` parameter's 7916// value depends on the target resource for the 7917// request, 7918// namely 7919// [`roles`](/iam/reference/rest/v1/roles), 7920// [`projects`](/iam/refe 7921// rence/rest/v1/projects.roles), 7922// or 7923// [`organizations`](/iam/reference/rest/v1/organizations.roles). 7924// Each 7925// resource type's `parent` value format is described below: 7926// 7927// * [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty 7928// string. 7929// This method doesn't require a resource; it simply returns all 7930// [predefined roles](/iam/docs/understanding-roles#predefined_roles) 7931// in 7932// Cloud IAM. Example request URL: 7933// `https://iam.googleapis.com/v1/roles` 7934// 7935// * 7936// [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list): 7937// 7938// `projects/{PROJECT_ID}`. This method lists all project-level 7939// [custom roles](/iam/docs/understanding-custom-roles). 7940// Example request URL: 7941// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` 7942// 7943// * 7944// [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.ro 7945// les/list): 7946// `organizations/{ORGANIZATION_ID}`. This method lists all 7947// organization-level [custom 7948// roles](/iam/docs/understanding-custom-roles). 7949// Example request URL: 7950// 7951// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` 7952// 7953// 7954// Note: Wildcard (*) values are invalid; you must specify a complete 7955// project 7956// ID or organization ID. 7957func (c *RolesListCall) Parent(parent string) *RolesListCall { 7958 c.urlParams_.Set("parent", parent) 7959 return c 7960} 7961 7962// ShowDeleted sets the optional parameter "showDeleted": Include Roles 7963// that have been deleted. 7964func (c *RolesListCall) ShowDeleted(showDeleted bool) *RolesListCall { 7965 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 7966 return c 7967} 7968 7969// View sets the optional parameter "view": Optional view for the 7970// returned Role objects. When `FULL` is specified, 7971// the `includedPermissions` field is returned, which includes a list of 7972// all 7973// permissions in the role. The default value is `BASIC`, which does 7974// not 7975// return the `includedPermissions` field. 7976// 7977// Possible values: 7978// "BASIC" 7979// "FULL" 7980func (c *RolesListCall) View(view string) *RolesListCall { 7981 c.urlParams_.Set("view", view) 7982 return c 7983} 7984 7985// Fields allows partial responses to be retrieved. See 7986// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7987// for more information. 7988func (c *RolesListCall) Fields(s ...googleapi.Field) *RolesListCall { 7989 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7990 return c 7991} 7992 7993// IfNoneMatch sets the optional parameter which makes the operation 7994// fail if the object's ETag matches the given value. This is useful for 7995// getting updates only after the object has changed since the last 7996// request. Use googleapi.IsNotModified to check whether the response 7997// error from Do is the result of In-None-Match. 7998func (c *RolesListCall) IfNoneMatch(entityTag string) *RolesListCall { 7999 c.ifNoneMatch_ = entityTag 8000 return c 8001} 8002 8003// Context sets the context to be used in this call's Do method. Any 8004// pending HTTP request will be aborted if the provided context is 8005// canceled. 8006func (c *RolesListCall) Context(ctx context.Context) *RolesListCall { 8007 c.ctx_ = ctx 8008 return c 8009} 8010 8011// Header returns an http.Header that can be modified by the caller to 8012// add HTTP headers to the request. 8013func (c *RolesListCall) Header() http.Header { 8014 if c.header_ == nil { 8015 c.header_ = make(http.Header) 8016 } 8017 return c.header_ 8018} 8019 8020func (c *RolesListCall) doRequest(alt string) (*http.Response, error) { 8021 reqHeaders := make(http.Header) 8022 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 8023 for k, v := range c.header_ { 8024 reqHeaders[k] = v 8025 } 8026 reqHeaders.Set("User-Agent", c.s.userAgent()) 8027 if c.ifNoneMatch_ != "" { 8028 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 8029 } 8030 var body io.Reader = nil 8031 c.urlParams_.Set("alt", alt) 8032 c.urlParams_.Set("prettyPrint", "false") 8033 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/roles") 8034 urls += "?" + c.urlParams_.Encode() 8035 req, err := http.NewRequest("GET", urls, body) 8036 if err != nil { 8037 return nil, err 8038 } 8039 req.Header = reqHeaders 8040 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8041} 8042 8043// Do executes the "iam.roles.list" call. 8044// Exactly one of *ListRolesResponse or error will be non-nil. Any 8045// non-2xx status code is an error. Response headers are in either 8046// *ListRolesResponse.ServerResponse.Header or (if a response was 8047// returned at all) in error.(*googleapi.Error).Header. Use 8048// googleapi.IsNotModified to check whether the returned error was 8049// because http.StatusNotModified was returned. 8050func (c *RolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 8051 gensupport.SetOptions(c.urlParams_, opts...) 8052 res, err := c.doRequest("json") 8053 if res != nil && res.StatusCode == http.StatusNotModified { 8054 if res.Body != nil { 8055 res.Body.Close() 8056 } 8057 return nil, &googleapi.Error{ 8058 Code: res.StatusCode, 8059 Header: res.Header, 8060 } 8061 } 8062 if err != nil { 8063 return nil, err 8064 } 8065 defer googleapi.CloseBody(res) 8066 if err := googleapi.CheckResponse(res); err != nil { 8067 return nil, err 8068 } 8069 ret := &ListRolesResponse{ 8070 ServerResponse: googleapi.ServerResponse{ 8071 Header: res.Header, 8072 HTTPStatusCode: res.StatusCode, 8073 }, 8074 } 8075 target := &ret 8076 if err := gensupport.DecodeResponse(target, res); err != nil { 8077 return nil, err 8078 } 8079 return ret, nil 8080 // { 8081 // "description": "Lists every predefined Role that IAM supports, or every custom role\nthat is defined for an organization or project.", 8082 // "flatPath": "v1/roles", 8083 // "httpMethod": "GET", 8084 // "id": "iam.roles.list", 8085 // "parameterOrder": [], 8086 // "parameters": { 8087 // "pageSize": { 8088 // "description": "Optional limit on the number of roles to include in the response.\n\nThe default is 300, and the maximum is 1,000.", 8089 // "format": "int32", 8090 // "location": "query", 8091 // "type": "integer" 8092 // }, 8093 // "pageToken": { 8094 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 8095 // "location": "query", 8096 // "type": "string" 8097 // }, 8098 // "parent": { 8099 // "description": "The `parent` parameter's value depends on the target resource for the\nrequest, namely\n[`roles`](/iam/reference/rest/v1/roles),\n[`projects`](/iam/reference/rest/v1/projects.roles), or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `parent` value format is described below:\n\n* [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string.\n This method doesn't require a resource; it simply returns all\n [predefined roles](/iam/docs/understanding-roles#predefined_roles) in\n Cloud IAM. Example request URL:\n `https://iam.googleapis.com/v1/roles`\n\n* [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list):\n `projects/{PROJECT_ID}`. This method lists all project-level\n [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles`\n\n* [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list):\n `organizations/{ORGANIZATION_ID}`. This method lists all\n organization-level [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 8100 // "location": "query", 8101 // "type": "string" 8102 // }, 8103 // "showDeleted": { 8104 // "description": "Include Roles that have been deleted.", 8105 // "location": "query", 8106 // "type": "boolean" 8107 // }, 8108 // "view": { 8109 // "description": "Optional view for the returned Role objects. When `FULL` is specified,\nthe `includedPermissions` field is returned, which includes a list of all\npermissions in the role. The default value is `BASIC`, which does not\nreturn the `includedPermissions` field.", 8110 // "enum": [ 8111 // "BASIC", 8112 // "FULL" 8113 // ], 8114 // "location": "query", 8115 // "type": "string" 8116 // } 8117 // }, 8118 // "path": "v1/roles", 8119 // "response": { 8120 // "$ref": "ListRolesResponse" 8121 // }, 8122 // "scopes": [ 8123 // "https://www.googleapis.com/auth/cloud-platform" 8124 // ] 8125 // } 8126 8127} 8128 8129// Pages invokes f for each page of results. 8130// A non-nil error returned from f will halt the iteration. 8131// The provided context supersedes any context provided to the Context method. 8132func (c *RolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 8133 c.ctx_ = ctx 8134 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 8135 for { 8136 x, err := c.Do() 8137 if err != nil { 8138 return err 8139 } 8140 if err := f(x); err != nil { 8141 return err 8142 } 8143 if x.NextPageToken == "" { 8144 return nil 8145 } 8146 c.PageToken(x.NextPageToken) 8147 } 8148} 8149 8150// method id "iam.roles.queryGrantableRoles": 8151 8152type RolesQueryGrantableRolesCall struct { 8153 s *Service 8154 querygrantablerolesrequest *QueryGrantableRolesRequest 8155 urlParams_ gensupport.URLParams 8156 ctx_ context.Context 8157 header_ http.Header 8158} 8159 8160// QueryGrantableRoles: Lists roles that can be granted on a Google 8161// Cloud resource. A role is 8162// grantable if the IAM policy for the resource can contain bindings to 8163// the 8164// role. 8165func (r *RolesService) QueryGrantableRoles(querygrantablerolesrequest *QueryGrantableRolesRequest) *RolesQueryGrantableRolesCall { 8166 c := &RolesQueryGrantableRolesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8167 c.querygrantablerolesrequest = querygrantablerolesrequest 8168 return c 8169} 8170 8171// Fields allows partial responses to be retrieved. See 8172// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8173// for more information. 8174func (c *RolesQueryGrantableRolesCall) Fields(s ...googleapi.Field) *RolesQueryGrantableRolesCall { 8175 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8176 return c 8177} 8178 8179// Context sets the context to be used in this call's Do method. Any 8180// pending HTTP request will be aborted if the provided context is 8181// canceled. 8182func (c *RolesQueryGrantableRolesCall) Context(ctx context.Context) *RolesQueryGrantableRolesCall { 8183 c.ctx_ = ctx 8184 return c 8185} 8186 8187// Header returns an http.Header that can be modified by the caller to 8188// add HTTP headers to the request. 8189func (c *RolesQueryGrantableRolesCall) Header() http.Header { 8190 if c.header_ == nil { 8191 c.header_ = make(http.Header) 8192 } 8193 return c.header_ 8194} 8195 8196func (c *RolesQueryGrantableRolesCall) doRequest(alt string) (*http.Response, error) { 8197 reqHeaders := make(http.Header) 8198 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200707") 8199 for k, v := range c.header_ { 8200 reqHeaders[k] = v 8201 } 8202 reqHeaders.Set("User-Agent", c.s.userAgent()) 8203 var body io.Reader = nil 8204 body, err := googleapi.WithoutDataWrapper.JSONReader(c.querygrantablerolesrequest) 8205 if err != nil { 8206 return nil, err 8207 } 8208 reqHeaders.Set("Content-Type", "application/json") 8209 c.urlParams_.Set("alt", alt) 8210 c.urlParams_.Set("prettyPrint", "false") 8211 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/roles:queryGrantableRoles") 8212 urls += "?" + c.urlParams_.Encode() 8213 req, err := http.NewRequest("POST", urls, body) 8214 if err != nil { 8215 return nil, err 8216 } 8217 req.Header = reqHeaders 8218 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8219} 8220 8221// Do executes the "iam.roles.queryGrantableRoles" call. 8222// Exactly one of *QueryGrantableRolesResponse or error will be non-nil. 8223// Any non-2xx status code is an error. Response headers are in either 8224// *QueryGrantableRolesResponse.ServerResponse.Header or (if a response 8225// was returned at all) in error.(*googleapi.Error).Header. Use 8226// googleapi.IsNotModified to check whether the returned error was 8227// because http.StatusNotModified was returned. 8228func (c *RolesQueryGrantableRolesCall) Do(opts ...googleapi.CallOption) (*QueryGrantableRolesResponse, error) { 8229 gensupport.SetOptions(c.urlParams_, opts...) 8230 res, err := c.doRequest("json") 8231 if res != nil && res.StatusCode == http.StatusNotModified { 8232 if res.Body != nil { 8233 res.Body.Close() 8234 } 8235 return nil, &googleapi.Error{ 8236 Code: res.StatusCode, 8237 Header: res.Header, 8238 } 8239 } 8240 if err != nil { 8241 return nil, err 8242 } 8243 defer googleapi.CloseBody(res) 8244 if err := googleapi.CheckResponse(res); err != nil { 8245 return nil, err 8246 } 8247 ret := &QueryGrantableRolesResponse{ 8248 ServerResponse: googleapi.ServerResponse{ 8249 Header: res.Header, 8250 HTTPStatusCode: res.StatusCode, 8251 }, 8252 } 8253 target := &ret 8254 if err := gensupport.DecodeResponse(target, res); err != nil { 8255 return nil, err 8256 } 8257 return ret, nil 8258 // { 8259 // "description": "Lists roles that can be granted on a Google Cloud resource. A role is\ngrantable if the IAM policy for the resource can contain bindings to the\nrole.", 8260 // "flatPath": "v1/roles:queryGrantableRoles", 8261 // "httpMethod": "POST", 8262 // "id": "iam.roles.queryGrantableRoles", 8263 // "parameterOrder": [], 8264 // "parameters": {}, 8265 // "path": "v1/roles:queryGrantableRoles", 8266 // "request": { 8267 // "$ref": "QueryGrantableRolesRequest" 8268 // }, 8269 // "response": { 8270 // "$ref": "QueryGrantableRolesResponse" 8271 // }, 8272 // "scopes": [ 8273 // "https://www.googleapis.com/auth/cloud-platform" 8274 // ] 8275 // } 8276 8277} 8278 8279// Pages invokes f for each page of results. 8280// A non-nil error returned from f will halt the iteration. 8281// The provided context supersedes any context provided to the Context method. 8282func (c *RolesQueryGrantableRolesCall) Pages(ctx context.Context, f func(*QueryGrantableRolesResponse) error) error { 8283 c.ctx_ = ctx 8284 defer func(pt string) { c.querygrantablerolesrequest.PageToken = pt }(c.querygrantablerolesrequest.PageToken) // reset paging to original point 8285 for { 8286 x, err := c.Do() 8287 if err != nil { 8288 return err 8289 } 8290 if err := f(x); err != nil { 8291 return err 8292 } 8293 if x.NextPageToken == "" { 8294 return nil 8295 } 8296 c.querygrantablerolesrequest.PageToken = x.NextPageToken 8297 } 8298} 8299