1// Copyright 2020 Google LLC. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5// Code generated file. DO NOT EDIT. 6 7// Package cloudasset provides access to the Cloud Asset API. 8// 9// For product documentation, see: https://cloud.google.com/asset-inventory/docs/quickstart 10// 11// Creating a client 12// 13// Usage example: 14// 15// import "google.golang.org/api/cloudasset/v1beta1" 16// ... 17// ctx := context.Background() 18// cloudassetService, err := cloudasset.NewService(ctx) 19// 20// In this example, Google Application Default Credentials are used for authentication. 21// 22// For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials. 23// 24// Other authentication options 25// 26// To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey: 27// 28// cloudassetService, err := cloudasset.NewService(ctx, option.WithAPIKey("AIza...")) 29// 30// To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource: 31// 32// config := &oauth2.Config{...} 33// // ... 34// token, err := config.Exchange(ctx, ...) 35// cloudassetService, err := cloudasset.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token))) 36// 37// See https://godoc.org/google.golang.org/api/option/ for details on options. 38package cloudasset // import "google.golang.org/api/cloudasset/v1beta1" 39 40import ( 41 "bytes" 42 "context" 43 "encoding/json" 44 "errors" 45 "fmt" 46 "io" 47 "net/http" 48 "net/url" 49 "strconv" 50 "strings" 51 52 googleapi "google.golang.org/api/googleapi" 53 gensupport "google.golang.org/api/internal/gensupport" 54 option "google.golang.org/api/option" 55 internaloption "google.golang.org/api/option/internaloption" 56 htransport "google.golang.org/api/transport/http" 57) 58 59// Always reference these packages, just in case the auto-generated code 60// below doesn't. 61var _ = bytes.NewBuffer 62var _ = strconv.Itoa 63var _ = fmt.Sprintf 64var _ = json.NewDecoder 65var _ = io.Copy 66var _ = url.Parse 67var _ = gensupport.MarshalJSON 68var _ = googleapi.Version 69var _ = errors.New 70var _ = strings.Replace 71var _ = context.Canceled 72var _ = internaloption.WithDefaultEndpoint 73 74const apiId = "cloudasset:v1beta1" 75const apiName = "cloudasset" 76const apiVersion = "v1beta1" 77const basePath = "https://cloudasset.googleapis.com/" 78const mtlsBasePath = "https://cloudasset.mtls.googleapis.com/" 79 80// OAuth2 scopes used by this API. 81const ( 82 // View and manage your data across Google Cloud Platform services 83 CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform" 84) 85 86// NewService creates a new Service. 87func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) { 88 scopesOption := option.WithScopes( 89 "https://www.googleapis.com/auth/cloud-platform", 90 ) 91 // NOTE: prepend, so we don't override user-specified scopes. 92 opts = append([]option.ClientOption{scopesOption}, opts...) 93 opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) 94 opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) 95 client, endpoint, err := htransport.NewClient(ctx, opts...) 96 if err != nil { 97 return nil, err 98 } 99 s, err := New(client) 100 if err != nil { 101 return nil, err 102 } 103 if endpoint != "" { 104 s.BasePath = endpoint 105 } 106 return s, nil 107} 108 109// New creates a new Service. It uses the provided http.Client for requests. 110// 111// Deprecated: please use NewService instead. 112// To provide a custom HTTP client, use option.WithHTTPClient. 113// If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead. 114func New(client *http.Client) (*Service, error) { 115 if client == nil { 116 return nil, errors.New("client is nil") 117 } 118 s := &Service{client: client, BasePath: basePath} 119 s.Folders = NewFoldersService(s) 120 s.Organizations = NewOrganizationsService(s) 121 s.Projects = NewProjectsService(s) 122 return s, nil 123} 124 125type Service struct { 126 client *http.Client 127 BasePath string // API endpoint base URL 128 UserAgent string // optional additional User-Agent fragment 129 130 Folders *FoldersService 131 132 Organizations *OrganizationsService 133 134 Projects *ProjectsService 135} 136 137func (s *Service) userAgent() string { 138 if s.UserAgent == "" { 139 return googleapi.UserAgent 140 } 141 return googleapi.UserAgent + " " + s.UserAgent 142} 143 144func NewFoldersService(s *Service) *FoldersService { 145 rs := &FoldersService{s: s} 146 rs.Operations = NewFoldersOperationsService(s) 147 return rs 148} 149 150type FoldersService struct { 151 s *Service 152 153 Operations *FoldersOperationsService 154} 155 156func NewFoldersOperationsService(s *Service) *FoldersOperationsService { 157 rs := &FoldersOperationsService{s: s} 158 return rs 159} 160 161type FoldersOperationsService struct { 162 s *Service 163} 164 165func NewOrganizationsService(s *Service) *OrganizationsService { 166 rs := &OrganizationsService{s: s} 167 rs.Operations = NewOrganizationsOperationsService(s) 168 return rs 169} 170 171type OrganizationsService struct { 172 s *Service 173 174 Operations *OrganizationsOperationsService 175} 176 177func NewOrganizationsOperationsService(s *Service) *OrganizationsOperationsService { 178 rs := &OrganizationsOperationsService{s: s} 179 return rs 180} 181 182type OrganizationsOperationsService struct { 183 s *Service 184} 185 186func NewProjectsService(s *Service) *ProjectsService { 187 rs := &ProjectsService{s: s} 188 rs.Operations = NewProjectsOperationsService(s) 189 return rs 190} 191 192type ProjectsService struct { 193 s *Service 194 195 Operations *ProjectsOperationsService 196} 197 198func NewProjectsOperationsService(s *Service) *ProjectsOperationsService { 199 rs := &ProjectsOperationsService{s: s} 200 return rs 201} 202 203type ProjectsOperationsService struct { 204 s *Service 205} 206 207// Asset: An asset in Google Cloud. An asset can be any resource in the 208// Google Cloud [resource 209// hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platfo 210// rm-resource-hierarchy), a resource outside the Google Cloud resource 211// hierarchy (such as Google Kubernetes Engine clusters and objects), or 212// a policy (e.g. Cloud IAM policy). See [Supported asset 213// types](https://cloud.google.com/asset-inventory/docs/supported-asset-t 214// ypes) for more information. 215type Asset struct { 216 // AccessLevel: Please also refer to the [access level user 217 // guide](https://cloud.google.com/access-context-manager/docs/overview#a 218 // ccess-levels). 219 AccessLevel *GoogleIdentityAccesscontextmanagerV1AccessLevel `json:"accessLevel,omitempty"` 220 221 // AccessPolicy: Please also refer to the [access policy user 222 // guide](https://cloud.google.com/access-context-manager/docs/overview#a 223 // ccess-policies). 224 AccessPolicy *GoogleIdentityAccesscontextmanagerV1AccessPolicy `json:"accessPolicy,omitempty"` 225 226 // AssetType: The type of the asset. Example: 227 // `compute.googleapis.com/Disk` See [Supported asset 228 // types](https://cloud.google.com/asset-inventory/docs/supported-asset-t 229 // ypes) for more information. 230 AssetType string `json:"assetType,omitempty"` 231 232 // IamPolicy: A representation of the Cloud IAM policy set on a Google 233 // Cloud resource. There can be a maximum of one Cloud IAM policy set on 234 // any given resource. In addition, Cloud IAM policies inherit their 235 // granted access scope from any policies set on parent resources in the 236 // resource hierarchy. Therefore, the effectively policy is the union of 237 // both the policy set on this resource and each policy set on all of 238 // the resource's ancestry resource levels in the hierarchy. See [this 239 // topic](https://cloud.google.com/iam/docs/policies#inheritance) for 240 // more information. 241 IamPolicy *Policy `json:"iamPolicy,omitempty"` 242 243 // Name: The full name of the asset. Example: 244 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 245 // s/instance1` See [Resource 246 // names](https://cloud.google.com/apis/design/resource_names#full_resour 247 // ce_name) for more information. 248 Name string `json:"name,omitempty"` 249 250 // OrgPolicy: A representation of an [organization 251 // policy](https://cloud.google.com/resource-manager/docs/organization-po 252 // licy/overview#organization_policy). There can be more than one 253 // organization policy with different constraints set on a given 254 // resource. 255 OrgPolicy []*GoogleCloudOrgpolicyV1Policy `json:"orgPolicy,omitempty"` 256 257 // Resource: A representation of the resource. 258 Resource *Resource `json:"resource,omitempty"` 259 260 // ServicePerimeter: Please also refer to the [service perimeter user 261 // guide](https://cloud.google.com/vpc-service-controls/docs/overview). 262 ServicePerimeter *GoogleIdentityAccesscontextmanagerV1ServicePerimeter `json:"servicePerimeter,omitempty"` 263 264 // ForceSendFields is a list of field names (e.g. "AccessLevel") to 265 // unconditionally include in API requests. By default, fields with 266 // empty values are omitted from API requests. However, any non-pointer, 267 // non-interface field appearing in ForceSendFields will be sent to the 268 // server regardless of whether the field is empty or not. This may be 269 // used to include empty fields in Patch requests. 270 ForceSendFields []string `json:"-"` 271 272 // NullFields is a list of field names (e.g. "AccessLevel") to include 273 // in API requests with the JSON null value. By default, fields with 274 // empty values are omitted from API requests. However, any field with 275 // an empty value appearing in NullFields will be sent to the server as 276 // null. It is an error if a field in this list has a non-empty value. 277 // This may be used to include null fields in Patch requests. 278 NullFields []string `json:"-"` 279} 280 281func (s *Asset) MarshalJSON() ([]byte, error) { 282 type NoMethod Asset 283 raw := NoMethod(*s) 284 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 285} 286 287// AuditConfig: Specifies the audit configuration for a service. The 288// configuration determines which permission types are logged, and what 289// identities, if any, are exempted from logging. An AuditConfig must 290// have one or more AuditLogConfigs. If there are AuditConfigs for both 291// `allServices` and a specific service, the union of the two 292// AuditConfigs is used for that service: the log_types specified in 293// each AuditConfig are enabled, and the exempted_members in each 294// AuditLogConfig are exempted. Example Policy with multiple 295// AuditConfigs: { "audit_configs": [ { "service": "allServices", 296// "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": 297// [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { 298// "log_type": "ADMIN_READ" } ] }, { "service": 299// "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": 300// "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ 301// "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy 302// enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts 303// jose@example.com from DATA_READ logging, and aliya@example.com from 304// DATA_WRITE logging. 305type AuditConfig struct { 306 // AuditLogConfigs: The configuration for logging of each type of 307 // permission. 308 AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"` 309 310 // Service: Specifies a service that will be enabled for audit logging. 311 // For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 312 // `allServices` is a special value that covers all services. 313 Service string `json:"service,omitempty"` 314 315 // ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to 316 // unconditionally include in API requests. By default, fields with 317 // empty values are omitted from API requests. However, any non-pointer, 318 // non-interface field appearing in ForceSendFields will be sent to the 319 // server regardless of whether the field is empty or not. This may be 320 // used to include empty fields in Patch requests. 321 ForceSendFields []string `json:"-"` 322 323 // NullFields is a list of field names (e.g. "AuditLogConfigs") to 324 // include in API requests with the JSON null value. By default, fields 325 // with empty values are omitted from API requests. However, any field 326 // with an empty value appearing in NullFields will be sent to the 327 // server as null. It is an error if a field in this list has a 328 // non-empty value. This may be used to include null fields in Patch 329 // requests. 330 NullFields []string `json:"-"` 331} 332 333func (s *AuditConfig) MarshalJSON() ([]byte, error) { 334 type NoMethod AuditConfig 335 raw := NoMethod(*s) 336 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 337} 338 339// AuditLogConfig: Provides the configuration for logging a type of 340// permissions. Example: { "audit_log_configs": [ { "log_type": 341// "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { 342// "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 343// 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ 344// logging. 345type AuditLogConfig struct { 346 // ExemptedMembers: Specifies the identities that do not cause logging 347 // for this type of permission. Follows the same format of 348 // Binding.members. 349 ExemptedMembers []string `json:"exemptedMembers,omitempty"` 350 351 // LogType: The log type that this config enables. 352 // 353 // Possible values: 354 // "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this. 355 // "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy 356 // "DATA_WRITE" - Data writes. Example: CloudSQL Users create 357 // "DATA_READ" - Data reads. Example: CloudSQL Users list 358 LogType string `json:"logType,omitempty"` 359 360 // ForceSendFields is a list of field names (e.g. "ExemptedMembers") to 361 // unconditionally include in API requests. By default, fields with 362 // empty values are omitted from API requests. However, any non-pointer, 363 // non-interface field appearing in ForceSendFields will be sent to the 364 // server regardless of whether the field is empty or not. This may be 365 // used to include empty fields in Patch requests. 366 ForceSendFields []string `json:"-"` 367 368 // NullFields is a list of field names (e.g. "ExemptedMembers") to 369 // include in API requests with the JSON null value. By default, fields 370 // with empty values are omitted from API requests. However, any field 371 // with an empty value appearing in NullFields will be sent to the 372 // server as null. It is an error if a field in this list has a 373 // non-empty value. This may be used to include null fields in Patch 374 // requests. 375 NullFields []string `json:"-"` 376} 377 378func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { 379 type NoMethod AuditLogConfig 380 raw := NoMethod(*s) 381 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 382} 383 384// BatchGetAssetsHistoryResponse: Batch get assets history response. 385type BatchGetAssetsHistoryResponse struct { 386 // Assets: A list of assets with valid time windows. 387 Assets []*TemporalAsset `json:"assets,omitempty"` 388 389 // ServerResponse contains the HTTP response code and headers from the 390 // server. 391 googleapi.ServerResponse `json:"-"` 392 393 // ForceSendFields is a list of field names (e.g. "Assets") to 394 // unconditionally include in API requests. By default, fields with 395 // empty values are omitted from API requests. However, any non-pointer, 396 // non-interface field appearing in ForceSendFields will be sent to the 397 // server regardless of whether the field is empty or not. This may be 398 // used to include empty fields in Patch requests. 399 ForceSendFields []string `json:"-"` 400 401 // NullFields is a list of field names (e.g. "Assets") to include in API 402 // requests with the JSON null value. By default, fields with empty 403 // values are omitted from API requests. However, any field with an 404 // empty value appearing in NullFields will be sent to the server as 405 // null. It is an error if a field in this list has a non-empty value. 406 // This may be used to include null fields in Patch requests. 407 NullFields []string `json:"-"` 408} 409 410func (s *BatchGetAssetsHistoryResponse) MarshalJSON() ([]byte, error) { 411 type NoMethod BatchGetAssetsHistoryResponse 412 raw := NoMethod(*s) 413 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 414} 415 416// Binding: Associates `members` with a `role`. 417type Binding struct { 418 // Condition: The condition that is associated with this binding. If the 419 // condition evaluates to `true`, then this binding applies to the 420 // current request. If the condition evaluates to `false`, then this 421 // binding does not apply to the current request. However, a different 422 // role binding might grant the same role to one or more of the members 423 // in this binding. To learn which resources support conditions in their 424 // IAM policies, see the [IAM 425 // documentation](https://cloud.google.com/iam/help/conditions/resource-p 426 // olicies). 427 Condition *Expr `json:"condition,omitempty"` 428 429 // Members: Specifies the identities requesting access for a Cloud 430 // Platform resource. `members` can have the following values: * 431 // `allUsers`: A special identifier that represents anyone who is on the 432 // internet; with or without a Google account. * 433 // `allAuthenticatedUsers`: A special identifier that represents anyone 434 // who is authenticated with a Google account or a service account. * 435 // `user:{emailid}`: An email address that represents a specific Google 436 // account. For example, `alice@example.com` . * 437 // `serviceAccount:{emailid}`: An email address that represents a 438 // service account. For example, 439 // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An 440 // email address that represents a Google group. For example, 441 // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An 442 // email address (plus unique identifier) representing a user that has 443 // been recently deleted. For example, 444 // `alice@example.com?uid=123456789012345678901`. If the user is 445 // recovered, this value reverts to `user:{emailid}` and the recovered 446 // user retains the role in the binding. * 447 // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address 448 // (plus unique identifier) representing a service account that has been 449 // recently deleted. For example, 450 // `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. 451 // If the service account is undeleted, this value reverts to 452 // `serviceAccount:{emailid}` and the undeleted service account retains 453 // the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: 454 // An email address (plus unique identifier) representing a Google group 455 // that has been recently deleted. For example, 456 // `admins@example.com?uid=123456789012345678901`. If the group is 457 // recovered, this value reverts to `group:{emailid}` and the recovered 458 // group retains the role in the binding. * `domain:{domain}`: The G 459 // Suite domain (primary) that represents all the users of that domain. 460 // For example, `google.com` or `example.com`. 461 Members []string `json:"members,omitempty"` 462 463 // Role: Role that is assigned to `members`. For example, 464 // `roles/viewer`, `roles/editor`, or `roles/owner`. 465 Role string `json:"role,omitempty"` 466 467 // ForceSendFields is a list of field names (e.g. "Condition") to 468 // unconditionally include in API requests. By default, fields with 469 // empty values are omitted from API requests. However, any non-pointer, 470 // non-interface field appearing in ForceSendFields will be sent to the 471 // server regardless of whether the field is empty or not. This may be 472 // used to include empty fields in Patch requests. 473 ForceSendFields []string `json:"-"` 474 475 // NullFields is a list of field names (e.g. "Condition") to include in 476 // API requests with the JSON null value. By default, fields with empty 477 // values are omitted from API requests. However, any field with an 478 // empty value appearing in NullFields will be sent to the server as 479 // null. It is an error if a field in this list has a non-empty value. 480 // This may be used to include null fields in Patch requests. 481 NullFields []string `json:"-"` 482} 483 484func (s *Binding) MarshalJSON() ([]byte, error) { 485 type NoMethod Binding 486 raw := NoMethod(*s) 487 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 488} 489 490// ExportAssetsRequest: Export asset request. 491type ExportAssetsRequest struct { 492 // AssetTypes: A list of asset types of which to take a snapshot for. 493 // For example: "google.compute.Disk". If specified, only matching 494 // assets will be returned. See [Introduction to Cloud Asset 495 // Inventory](https://cloud.google.com/resource-manager/docs/cloud-asset- 496 // inventory/overview) for all supported asset types. 497 AssetTypes []string `json:"assetTypes,omitempty"` 498 499 // ContentType: Asset content type. If not specified, no content but the 500 // asset name will be returned. 501 // 502 // Possible values: 503 // "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. 504 // "RESOURCE" - Resource metadata. 505 // "IAM_POLICY" - The actual IAM policy set on a resource. 506 ContentType string `json:"contentType,omitempty"` 507 508 // OutputConfig: Required. Output configuration indicating where the 509 // results will be output to. All results will be in newline delimited 510 // JSON format. 511 OutputConfig *OutputConfig `json:"outputConfig,omitempty"` 512 513 // ReadTime: Timestamp to take an asset snapshot. This can only be set 514 // to a timestamp between 2018-10-02 UTC (inclusive) and the current 515 // time. If not specified, the current time will be used. Due to delays 516 // in resource data collection and indexing, there is a volatile window 517 // during which running the same query may get different results. 518 ReadTime string `json:"readTime,omitempty"` 519 520 // ForceSendFields is a list of field names (e.g. "AssetTypes") to 521 // unconditionally include in API requests. By default, fields with 522 // empty values are omitted from API requests. However, any non-pointer, 523 // non-interface field appearing in ForceSendFields will be sent to the 524 // server regardless of whether the field is empty or not. This may be 525 // used to include empty fields in Patch requests. 526 ForceSendFields []string `json:"-"` 527 528 // NullFields is a list of field names (e.g. "AssetTypes") to include in 529 // API requests with the JSON null value. By default, fields with empty 530 // values are omitted from API requests. However, any field with an 531 // empty value appearing in NullFields will be sent to the server as 532 // null. It is an error if a field in this list has a non-empty value. 533 // This may be used to include null fields in Patch requests. 534 NullFields []string `json:"-"` 535} 536 537func (s *ExportAssetsRequest) MarshalJSON() ([]byte, error) { 538 type NoMethod ExportAssetsRequest 539 raw := NoMethod(*s) 540 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 541} 542 543// Expr: Represents a textual expression in the Common Expression 544// Language (CEL) syntax. CEL is a C-like expression language. The 545// syntax and semantics of CEL are documented at 546// https://github.com/google/cel-spec. Example (Comparison): title: 547// "Summary size limit" description: "Determines if a summary is less 548// than 100 chars" expression: "document.summary.size() < 100" Example 549// (Equality): title: "Requestor is owner" description: "Determines if 550// requestor is the document owner" expression: "document.owner == 551// request.auth.claims.email" Example (Logic): title: "Public documents" 552// description: "Determine whether the document should be publicly 553// visible" expression: "document.type != 'private' && document.type != 554// 'internal'" Example (Data Manipulation): title: "Notification string" 555// description: "Create a notification string with a timestamp." 556// expression: "'New message received at ' + 557// string(document.create_time)" The exact variables and functions that 558// may be referenced within an expression are determined by the service 559// that evaluates it. See the service documentation for additional 560// information. 561type Expr struct { 562 // Description: Optional. Description of the expression. This is a 563 // longer text which describes the expression, e.g. when hovered over it 564 // in a UI. 565 Description string `json:"description,omitempty"` 566 567 // Expression: Textual representation of an expression in Common 568 // Expression Language syntax. 569 Expression string `json:"expression,omitempty"` 570 571 // Location: Optional. String indicating the location of the expression 572 // for error reporting, e.g. a file name and a position in the file. 573 Location string `json:"location,omitempty"` 574 575 // Title: Optional. Title for the expression, i.e. a short string 576 // describing its purpose. This can be used e.g. in UIs which allow to 577 // enter the expression. 578 Title string `json:"title,omitempty"` 579 580 // ForceSendFields is a list of field names (e.g. "Description") to 581 // unconditionally include in API requests. By default, fields with 582 // empty values are omitted from API requests. However, any non-pointer, 583 // non-interface field appearing in ForceSendFields will be sent to the 584 // server regardless of whether the field is empty or not. This may be 585 // used to include empty fields in Patch requests. 586 ForceSendFields []string `json:"-"` 587 588 // NullFields is a list of field names (e.g. "Description") to include 589 // in API requests with the JSON null value. By default, fields with 590 // empty values are omitted from API requests. However, any field with 591 // an empty value appearing in NullFields will be sent to the server as 592 // null. It is an error if a field in this list has a non-empty value. 593 // This may be used to include null fields in Patch requests. 594 NullFields []string `json:"-"` 595} 596 597func (s *Expr) MarshalJSON() ([]byte, error) { 598 type NoMethod Expr 599 raw := NoMethod(*s) 600 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 601} 602 603// GcsDestination: A Cloud Storage location. 604type GcsDestination struct { 605 // Uri: The uri of the Cloud Storage object. It's the same uri that is 606 // used by gsutil. For example: "gs://bucket_name/object_name". See 607 // [Viewing and Editing Object 608 // Metadata](https://cloud.google.com/storage/docs/viewing-editing-metada 609 // ta) for more information. 610 Uri string `json:"uri,omitempty"` 611 612 // UriPrefix: The uri prefix of all generated Cloud Storage objects. For 613 // example: "gs://bucket_name/object_name_prefix". Each object uri is in 614 // format: "gs://bucket_name/object_name_prefix// and only contains 615 // assets for that type. starts from 0. For example: 616 // "gs://bucket_name/object_name_prefix/google.compute.disk/0" is the 617 // first shard of output objects containing all google.compute.disk 618 // assets. An INVALID_ARGUMENT error will be returned if file with the 619 // same name "gs://bucket_name/object_name_prefix" already exists. 620 UriPrefix string `json:"uriPrefix,omitempty"` 621 622 // ForceSendFields is a list of field names (e.g. "Uri") to 623 // unconditionally include in API requests. By default, fields with 624 // empty values are omitted from API requests. However, any non-pointer, 625 // non-interface field appearing in ForceSendFields will be sent to the 626 // server regardless of whether the field is empty or not. This may be 627 // used to include empty fields in Patch requests. 628 ForceSendFields []string `json:"-"` 629 630 // NullFields is a list of field names (e.g. "Uri") to include in API 631 // requests with the JSON null value. By default, fields with empty 632 // values are omitted from API requests. However, any field with an 633 // empty value appearing in NullFields will be sent to the server as 634 // null. It is an error if a field in this list has a non-empty value. 635 // This may be used to include null fields in Patch requests. 636 NullFields []string `json:"-"` 637} 638 639func (s *GcsDestination) MarshalJSON() ([]byte, error) { 640 type NoMethod GcsDestination 641 raw := NoMethod(*s) 642 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 643} 644 645// GoogleCloudOrgpolicyV1BooleanPolicy: Used in `policy_type` to specify 646// how `boolean_policy` will behave at this resource. 647type GoogleCloudOrgpolicyV1BooleanPolicy struct { 648 // Enforced: If `true`, then the `Policy` is enforced. If `false`, then 649 // any configuration is acceptable. Suppose you have a `Constraint` 650 // `constraints/compute.disableSerialPortAccess` with 651 // `constraint_default` set to `ALLOW`. A `Policy` for that `Constraint` 652 // exhibits the following behavior: - If the `Policy` at this resource 653 // has enforced set to `false`, serial port connection attempts will be 654 // allowed. - If the `Policy` at this resource has enforced set to 655 // `true`, serial port connection attempts will be refused. - If the 656 // `Policy` at this resource is `RestoreDefault`, serial port connection 657 // attempts will be allowed. - If no `Policy` is set at this resource or 658 // anywhere higher in the resource hierarchy, serial port connection 659 // attempts will be allowed. - If no `Policy` is set at this resource, 660 // but one exists higher in the resource hierarchy, the behavior is as 661 // if the`Policy` were set at this resource. The following examples 662 // demonstrate the different possible layerings: Example 1 (nearest 663 // `Constraint` wins): `organizations/foo` has a `Policy` with: 664 // {enforced: false} `projects/bar` has no `Policy` set. The constraint 665 // at `projects/bar` and `organizations/foo` will not be enforced. 666 // Example 2 (enforcement gets replaced): `organizations/foo` has a 667 // `Policy` with: {enforced: false} `projects/bar` has a `Policy` with: 668 // {enforced: true} The constraint at `organizations/foo` is not 669 // enforced. The constraint at `projects/bar` is enforced. Example 3 670 // (RestoreDefault): `organizations/foo` has a `Policy` with: {enforced: 671 // true} `projects/bar` has a `Policy` with: {RestoreDefault: {}} The 672 // constraint at `organizations/foo` is enforced. The constraint at 673 // `projects/bar` is not enforced, because `constraint_default` for the 674 // `Constraint` is `ALLOW`. 675 Enforced bool `json:"enforced,omitempty"` 676 677 // ForceSendFields is a list of field names (e.g. "Enforced") to 678 // unconditionally include in API requests. By default, fields with 679 // empty values are omitted from API requests. However, any non-pointer, 680 // non-interface field appearing in ForceSendFields will be sent to the 681 // server regardless of whether the field is empty or not. This may be 682 // used to include empty fields in Patch requests. 683 ForceSendFields []string `json:"-"` 684 685 // NullFields is a list of field names (e.g. "Enforced") to include in 686 // API requests with the JSON null value. By default, fields with empty 687 // values are omitted from API requests. However, any field with an 688 // empty value appearing in NullFields will be sent to the server as 689 // null. It is an error if a field in this list has a non-empty value. 690 // This may be used to include null fields in Patch requests. 691 NullFields []string `json:"-"` 692} 693 694func (s *GoogleCloudOrgpolicyV1BooleanPolicy) MarshalJSON() ([]byte, error) { 695 type NoMethod GoogleCloudOrgpolicyV1BooleanPolicy 696 raw := NoMethod(*s) 697 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 698} 699 700// GoogleCloudOrgpolicyV1ListPolicy: Used in `policy_type` to specify 701// how `list_policy` behaves at this resource. `ListPolicy` can define 702// specific values and subtrees of Cloud Resource Manager resource 703// hierarchy (`Organizations`, `Folders`, `Projects`) that are allowed 704// or denied by setting the `allowed_values` and `denied_values` fields. 705// This is achieved by using the `under:` and optional `is:` prefixes. 706// The `under:` prefix is used to denote resource subtree values. The 707// `is:` prefix is used to denote specific values, and is required only 708// if the value contains a ":". Values prefixed with "is:" are treated 709// the same as values with no prefix. Ancestry subtrees must be in one 710// of the following formats: - "projects/", e.g. 711// "projects/tokyo-rain-123" - "folders/", e.g. "folders/1234" - 712// "organizations/", e.g. "organizations/1234" The `supports_under` 713// field of the associated `Constraint` defines whether ancestry 714// prefixes can be used. You can set `allowed_values` and 715// `denied_values` in the same `Policy` if `all_values` is 716// `ALL_VALUES_UNSPECIFIED`. `ALLOW` or `DENY` are used to allow or deny 717// all values. If `all_values` is set to either `ALLOW` or `DENY`, 718// `allowed_values` and `denied_values` must be unset. 719type GoogleCloudOrgpolicyV1ListPolicy struct { 720 // AllValues: The policy all_values state. 721 // 722 // Possible values: 723 // "ALL_VALUES_UNSPECIFIED" - Indicates that allowed_values or 724 // denied_values must be set. 725 // "ALLOW" - A policy with this set allows all values. 726 // "DENY" - A policy with this set denies all values. 727 AllValues string `json:"allValues,omitempty"` 728 729 // AllowedValues: List of values allowed at this resource. Can only be 730 // set if `all_values` is set to `ALL_VALUES_UNSPECIFIED`. 731 AllowedValues []string `json:"allowedValues,omitempty"` 732 733 // DeniedValues: List of values denied at this resource. Can only be set 734 // if `all_values` is set to `ALL_VALUES_UNSPECIFIED`. 735 DeniedValues []string `json:"deniedValues,omitempty"` 736 737 // InheritFromParent: Determines the inheritance behavior for this 738 // `Policy`. By default, a `ListPolicy` set at a resource supersedes any 739 // `Policy` set anywhere up the resource hierarchy. However, if 740 // `inherit_from_parent` is set to `true`, then the values from the 741 // effective `Policy` of the parent resource are inherited, meaning the 742 // values set in this `Policy` are added to the values inherited up the 743 // hierarchy. Setting `Policy` hierarchies that inherit both allowed 744 // values and denied values isn't recommended in most circumstances to 745 // keep the configuration simple and understandable. However, it is 746 // possible to set a `Policy` with `allowed_values` set that inherits a 747 // `Policy` with `denied_values` set. In this case, the values that are 748 // allowed must be in `allowed_values` and not present in 749 // `denied_values`. For example, suppose you have a `Constraint` 750 // `constraints/serviceuser.services`, which has a `constraint_type` of 751 // `list_constraint`, and with `constraint_default` set to `ALLOW`. 752 // Suppose that at the Organization level, a `Policy` is applied that 753 // restricts the allowed API activations to {`E1`, `E2`}. Then, if a 754 // `Policy` is applied to a project below the Organization that has 755 // `inherit_from_parent` set to `false` and field all_values set to 756 // DENY, then an attempt to activate any API will be denied. The 757 // following examples demonstrate different possible layerings for 758 // `projects/bar` parented by `organizations/foo`: Example 1 (no 759 // inherited values): `organizations/foo` has a `Policy` with values: 760 // {allowed_values: "E1" allowed_values:"E2"} `projects/bar` has 761 // `inherit_from_parent` `false` and values: {allowed_values: "E3" 762 // allowed_values: "E4"} The accepted values at `organizations/foo` are 763 // `E1`, `E2`. The accepted values at `projects/bar` are `E3`, and `E4`. 764 // Example 2 (inherited values): `organizations/foo` has a `Policy` with 765 // values: {allowed_values: "E1" allowed_values:"E2"} `projects/bar` has 766 // a `Policy` with values: {value: "E3" value: "E4" inherit_from_parent: 767 // true} The accepted values at `organizations/foo` are `E1`, `E2`. The 768 // accepted values at `projects/bar` are `E1`, `E2`, `E3`, and `E4`. 769 // Example 3 (inheriting both allowed and denied values): 770 // `organizations/foo` has a `Policy` with values: {allowed_values: "E1" 771 // allowed_values: "E2"} `projects/bar` has a `Policy` with: 772 // {denied_values: "E1"} The accepted values at `organizations/foo` are 773 // `E1`, `E2`. The value accepted at `projects/bar` is `E2`. Example 4 774 // (RestoreDefault): `organizations/foo` has a `Policy` with values: 775 // {allowed_values: "E1" allowed_values:"E2"} `projects/bar` has a 776 // `Policy` with values: {RestoreDefault: {}} The accepted values at 777 // `organizations/foo` are `E1`, `E2`. The accepted values at 778 // `projects/bar` are either all or none depending on the value of 779 // `constraint_default` (if `ALLOW`, all; if `DENY`, none). Example 5 780 // (no policy inherits parent policy): `organizations/foo` has no 781 // `Policy` set. `projects/bar` has no `Policy` set. The accepted values 782 // at both levels are either all or none depending on the value of 783 // `constraint_default` (if `ALLOW`, all; if `DENY`, none). Example 6 784 // (ListConstraint allowing all): `organizations/foo` has a `Policy` 785 // with values: {allowed_values: "E1" allowed_values: "E2"} 786 // `projects/bar` has a `Policy` with: {all: ALLOW} The accepted values 787 // at `organizations/foo` are `E1`, E2`. Any value is accepted at 788 // `projects/bar`. Example 7 (ListConstraint allowing none): 789 // `organizations/foo` has a `Policy` with values: {allowed_values: "E1" 790 // allowed_values: "E2"} `projects/bar` has a `Policy` with: {all: DENY} 791 // The accepted values at `organizations/foo` are `E1`, E2`. No value is 792 // accepted at `projects/bar`. Example 10 (allowed and denied subtrees 793 // of Resource Manager hierarchy): Given the following resource 794 // hierarchy O1->{F1, F2}; F1->{P1}; F2->{P2, P3}, `organizations/foo` 795 // has a `Policy` with values: {allowed_values: 796 // "under:organizations/O1"} `projects/bar` has a `Policy` with: 797 // {allowed_values: "under:projects/P3"} {denied_values: 798 // "under:folders/F2"} The accepted values at `organizations/foo` are 799 // `organizations/O1`, `folders/F1`, `folders/F2`, `projects/P1`, 800 // `projects/P2`, `projects/P3`. The accepted values at `projects/bar` 801 // are `organizations/O1`, `folders/F1`, `projects/P1`. 802 InheritFromParent bool `json:"inheritFromParent,omitempty"` 803 804 // SuggestedValue: Optional. The Google Cloud Console will try to 805 // default to a configuration that matches the value specified in this 806 // `Policy`. If `suggested_value` is not set, it will inherit the value 807 // specified higher in the hierarchy, unless `inherit_from_parent` is 808 // `false`. 809 SuggestedValue string `json:"suggestedValue,omitempty"` 810 811 // ForceSendFields is a list of field names (e.g. "AllValues") to 812 // unconditionally include in API requests. By default, fields with 813 // empty values are omitted from API requests. However, any non-pointer, 814 // non-interface field appearing in ForceSendFields will be sent to the 815 // server regardless of whether the field is empty or not. This may be 816 // used to include empty fields in Patch requests. 817 ForceSendFields []string `json:"-"` 818 819 // NullFields is a list of field names (e.g. "AllValues") to include in 820 // API requests with the JSON null value. By default, fields with empty 821 // values are omitted from API requests. However, any field with an 822 // empty value appearing in NullFields will be sent to the server as 823 // null. It is an error if a field in this list has a non-empty value. 824 // This may be used to include null fields in Patch requests. 825 NullFields []string `json:"-"` 826} 827 828func (s *GoogleCloudOrgpolicyV1ListPolicy) MarshalJSON() ([]byte, error) { 829 type NoMethod GoogleCloudOrgpolicyV1ListPolicy 830 raw := NoMethod(*s) 831 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 832} 833 834// GoogleCloudOrgpolicyV1Policy: Defines a Cloud Organization `Policy` 835// which is used to specify `Constraints` for configurations of Cloud 836// Platform resources. 837type GoogleCloudOrgpolicyV1Policy struct { 838 // BooleanPolicy: For boolean `Constraints`, whether to enforce the 839 // `Constraint` or not. 840 BooleanPolicy *GoogleCloudOrgpolicyV1BooleanPolicy `json:"booleanPolicy,omitempty"` 841 842 // Constraint: The name of the `Constraint` the `Policy` is configuring, 843 // for example, `constraints/serviceuser.services`. A [list of available 844 // constraints](/resource-manager/docs/organization-policy/org-policy-con 845 // straints) is available. Immutable after creation. 846 Constraint string `json:"constraint,omitempty"` 847 848 // Etag: An opaque tag indicating the current version of the `Policy`, 849 // used for concurrency control. When the `Policy` is returned from 850 // either a `GetPolicy` or a `ListOrgPolicy` request, this `etag` 851 // indicates the version of the current `Policy` to use when executing a 852 // read-modify-write loop. When the `Policy` is returned from a 853 // `GetEffectivePolicy` request, the `etag` will be unset. When the 854 // `Policy` is used in a `SetOrgPolicy` method, use the `etag` value 855 // that was returned from a `GetOrgPolicy` request as part of a 856 // read-modify-write loop for concurrency control. Not setting the 857 // `etag`in a `SetOrgPolicy` request will result in an unconditional 858 // write of the `Policy`. 859 Etag string `json:"etag,omitempty"` 860 861 // ListPolicy: List of values either allowed or disallowed. 862 ListPolicy *GoogleCloudOrgpolicyV1ListPolicy `json:"listPolicy,omitempty"` 863 864 // RestoreDefault: Restores the default behavior of the constraint; 865 // independent of `Constraint` type. 866 RestoreDefault *GoogleCloudOrgpolicyV1RestoreDefault `json:"restoreDefault,omitempty"` 867 868 // UpdateTime: The time stamp the `Policy` was previously updated. This 869 // is set by the server, not specified by the caller, and represents the 870 // last time a call to `SetOrgPolicy` was made for that `Policy`. Any 871 // value set by the client will be ignored. 872 UpdateTime string `json:"updateTime,omitempty"` 873 874 // Version: Version of the `Policy`. Default version is 0; 875 Version int64 `json:"version,omitempty"` 876 877 // ForceSendFields is a list of field names (e.g. "BooleanPolicy") to 878 // unconditionally include in API requests. By default, fields with 879 // empty values are omitted from API requests. However, any non-pointer, 880 // non-interface field appearing in ForceSendFields will be sent to the 881 // server regardless of whether the field is empty or not. This may be 882 // used to include empty fields in Patch requests. 883 ForceSendFields []string `json:"-"` 884 885 // NullFields is a list of field names (e.g. "BooleanPolicy") to include 886 // in API requests with the JSON null value. By default, fields with 887 // empty values are omitted from API requests. However, any field with 888 // an empty value appearing in NullFields will be sent to the server as 889 // null. It is an error if a field in this list has a non-empty value. 890 // This may be used to include null fields in Patch requests. 891 NullFields []string `json:"-"` 892} 893 894func (s *GoogleCloudOrgpolicyV1Policy) MarshalJSON() ([]byte, error) { 895 type NoMethod GoogleCloudOrgpolicyV1Policy 896 raw := NoMethod(*s) 897 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 898} 899 900// GoogleCloudOrgpolicyV1RestoreDefault: Ignores policies set above this 901// resource and restores the `constraint_default` enforcement behavior 902// of the specific `Constraint` at this resource. Suppose that 903// `constraint_default` is set to `ALLOW` for the `Constraint` 904// `constraints/serviceuser.services`. Suppose that organization foo.com 905// sets a `Policy` at their Organization resource node that restricts 906// the allowed service activations to deny all service activations. They 907// could then set a `Policy` with the `policy_type` `restore_default` on 908// several experimental projects, restoring the `constraint_default` 909// enforcement of the `Constraint` for only those projects, allowing 910// those projects to have all services activated. 911type GoogleCloudOrgpolicyV1RestoreDefault struct { 912} 913 914// GoogleIdentityAccesscontextmanagerV1AccessLevel: An `AccessLevel` is 915// a label that can be applied to requests to Google Cloud services, 916// along with a list of requirements necessary for the label to be 917// applied. 918type GoogleIdentityAccesscontextmanagerV1AccessLevel struct { 919 // Basic: A `BasicLevel` composed of `Conditions`. 920 Basic *GoogleIdentityAccesscontextmanagerV1BasicLevel `json:"basic,omitempty"` 921 922 // Custom: A `CustomLevel` written in the Common Expression Language. 923 Custom *GoogleIdentityAccesscontextmanagerV1CustomLevel `json:"custom,omitempty"` 924 925 // Description: Description of the `AccessLevel` and its use. Does not 926 // affect behavior. 927 Description string `json:"description,omitempty"` 928 929 // Name: Required. Resource name for the Access Level. The `short_name` 930 // component must begin with a letter and only include alphanumeric and 931 // '_'. Format: `accessPolicies/{policy_id}/accessLevels/{short_name}`. 932 // The maximum length of the `short_name` component is 50 characters. 933 Name string `json:"name,omitempty"` 934 935 // Title: Human readable title. Must be unique within the Policy. 936 Title string `json:"title,omitempty"` 937 938 // ForceSendFields is a list of field names (e.g. "Basic") to 939 // unconditionally include in API requests. By default, fields with 940 // empty values are omitted from API requests. However, any non-pointer, 941 // non-interface field appearing in ForceSendFields will be sent to the 942 // server regardless of whether the field is empty or not. This may be 943 // used to include empty fields in Patch requests. 944 ForceSendFields []string `json:"-"` 945 946 // NullFields is a list of field names (e.g. "Basic") to include in API 947 // requests with the JSON null value. By default, fields with empty 948 // values are omitted from API requests. However, any field with an 949 // empty value appearing in NullFields will be sent to the server as 950 // null. It is an error if a field in this list has a non-empty value. 951 // This may be used to include null fields in Patch requests. 952 NullFields []string `json:"-"` 953} 954 955func (s *GoogleIdentityAccesscontextmanagerV1AccessLevel) MarshalJSON() ([]byte, error) { 956 type NoMethod GoogleIdentityAccesscontextmanagerV1AccessLevel 957 raw := NoMethod(*s) 958 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 959} 960 961// GoogleIdentityAccesscontextmanagerV1AccessPolicy: `AccessPolicy` is a 962// container for `AccessLevels` (which define the necessary attributes 963// to use Google Cloud services) and `ServicePerimeters` (which define 964// regions of services able to freely pass data within a perimeter). An 965// access policy is globally visible within an organization, and the 966// restrictions it specifies apply to all projects within an 967// organization. 968type GoogleIdentityAccesscontextmanagerV1AccessPolicy struct { 969 // Etag: Output only. An opaque identifier for the current version of 970 // the `AccessPolicy`. This will always be a strongly validated etag, 971 // meaning that two Access Polices will be identical if and only if 972 // their etags are identical. Clients should not expect this to be in 973 // any specific format. 974 Etag string `json:"etag,omitempty"` 975 976 // Name: Output only. Resource name of the `AccessPolicy`. Format: 977 // `accessPolicies/{policy_id}` 978 Name string `json:"name,omitempty"` 979 980 // Parent: Required. The parent of this `AccessPolicy` in the Cloud 981 // Resource Hierarchy. Currently immutable once created. Format: 982 // `organizations/{organization_id}` 983 Parent string `json:"parent,omitempty"` 984 985 // Title: Required. Human readable title. Does not affect behavior. 986 Title string `json:"title,omitempty"` 987 988 // ForceSendFields is a list of field names (e.g. "Etag") to 989 // unconditionally include in API requests. By default, fields with 990 // empty values are omitted from API requests. However, any non-pointer, 991 // non-interface field appearing in ForceSendFields will be sent to the 992 // server regardless of whether the field is empty or not. This may be 993 // used to include empty fields in Patch requests. 994 ForceSendFields []string `json:"-"` 995 996 // NullFields is a list of field names (e.g. "Etag") to include in API 997 // requests with the JSON null value. By default, fields with empty 998 // values are omitted from API requests. However, any field with an 999 // empty value appearing in NullFields will be sent to the server as 1000 // null. It is an error if a field in this list has a non-empty value. 1001 // This may be used to include null fields in Patch requests. 1002 NullFields []string `json:"-"` 1003} 1004 1005func (s *GoogleIdentityAccesscontextmanagerV1AccessPolicy) MarshalJSON() ([]byte, error) { 1006 type NoMethod GoogleIdentityAccesscontextmanagerV1AccessPolicy 1007 raw := NoMethod(*s) 1008 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1009} 1010 1011// GoogleIdentityAccesscontextmanagerV1BasicLevel: `BasicLevel` is an 1012// `AccessLevel` using a set of recommended features. 1013type GoogleIdentityAccesscontextmanagerV1BasicLevel struct { 1014 // CombiningFunction: How the `conditions` list should be combined to 1015 // determine if a request is granted this `AccessLevel`. If AND is used, 1016 // each `Condition` in `conditions` must be satisfied for the 1017 // `AccessLevel` to be applied. If OR is used, at least one `Condition` 1018 // in `conditions` must be satisfied for the `AccessLevel` to be 1019 // applied. Default behavior is AND. 1020 // 1021 // Possible values: 1022 // "AND" - All `Conditions` must be true for the `BasicLevel` to be 1023 // true. 1024 // "OR" - If at least one `Condition` is true, then the `BasicLevel` 1025 // is true. 1026 CombiningFunction string `json:"combiningFunction,omitempty"` 1027 1028 // Conditions: Required. A list of requirements for the `AccessLevel` to 1029 // be granted. 1030 Conditions []*GoogleIdentityAccesscontextmanagerV1Condition `json:"conditions,omitempty"` 1031 1032 // ForceSendFields is a list of field names (e.g. "CombiningFunction") 1033 // to unconditionally include in API requests. By default, fields with 1034 // empty values are omitted from API requests. However, any non-pointer, 1035 // non-interface field appearing in ForceSendFields will be sent to the 1036 // server regardless of whether the field is empty or not. This may be 1037 // used to include empty fields in Patch requests. 1038 ForceSendFields []string `json:"-"` 1039 1040 // NullFields is a list of field names (e.g. "CombiningFunction") to 1041 // include in API requests with the JSON null value. By default, fields 1042 // with empty values are omitted from API requests. However, any field 1043 // with an empty value appearing in NullFields will be sent to the 1044 // server as null. It is an error if a field in this list has a 1045 // non-empty value. This may be used to include null fields in Patch 1046 // requests. 1047 NullFields []string `json:"-"` 1048} 1049 1050func (s *GoogleIdentityAccesscontextmanagerV1BasicLevel) MarshalJSON() ([]byte, error) { 1051 type NoMethod GoogleIdentityAccesscontextmanagerV1BasicLevel 1052 raw := NoMethod(*s) 1053 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1054} 1055 1056// GoogleIdentityAccesscontextmanagerV1Condition: A condition necessary 1057// for an `AccessLevel` to be granted. The Condition is an AND over its 1058// fields. So a Condition is true if: 1) the request IP is from one of 1059// the listed subnetworks AND 2) the originating device complies with 1060// the listed device policy AND 3) all listed access levels are granted 1061// AND 4) the request was sent at a time allowed by the 1062// DateTimeRestriction. 1063type GoogleIdentityAccesscontextmanagerV1Condition struct { 1064 // DevicePolicy: Device specific restrictions, all restrictions must 1065 // hold for the Condition to be true. If not specified, all devices are 1066 // allowed. 1067 DevicePolicy *GoogleIdentityAccesscontextmanagerV1DevicePolicy `json:"devicePolicy,omitempty"` 1068 1069 // IpSubnetworks: CIDR block IP subnetwork specification. May be IPv4 or 1070 // IPv6. Note that for a CIDR IP address block, the specified IP address 1071 // portion must be properly truncated (i.e. all the host bits must be 1072 // zero) or the input is considered malformed. For example, 1073 // "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for 1074 // IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. 1075 // The originating IP of a request must be in one of the listed subnets 1076 // in order for this Condition to be true. If empty, all IP addresses 1077 // are allowed. 1078 IpSubnetworks []string `json:"ipSubnetworks,omitempty"` 1079 1080 // Members: The request must be made by one of the provided user or 1081 // service accounts. Groups are not supported. Syntax: `user:{emailid}` 1082 // `serviceAccount:{emailid}` If not specified, a request may come from 1083 // any user. 1084 Members []string `json:"members,omitempty"` 1085 1086 // Negate: Whether to negate the Condition. If true, the Condition 1087 // becomes a NAND over its non-empty fields, each field must be false 1088 // for the Condition overall to be satisfied. Defaults to false. 1089 Negate bool `json:"negate,omitempty"` 1090 1091 // Regions: The request must originate from one of the provided 1092 // countries/regions. Must be valid ISO 3166-1 alpha-2 codes. 1093 Regions []string `json:"regions,omitempty"` 1094 1095 // RequiredAccessLevels: A list of other access levels defined in the 1096 // same `Policy`, referenced by resource name. Referencing an 1097 // `AccessLevel` which does not exist is an error. All access levels 1098 // listed must be granted for the Condition to be true. Example: 1099 // "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME" 1100 RequiredAccessLevels []string `json:"requiredAccessLevels,omitempty"` 1101 1102 // ForceSendFields is a list of field names (e.g. "DevicePolicy") to 1103 // unconditionally include in API requests. By default, fields with 1104 // empty values are omitted from API requests. However, any non-pointer, 1105 // non-interface field appearing in ForceSendFields will be sent to the 1106 // server regardless of whether the field is empty or not. This may be 1107 // used to include empty fields in Patch requests. 1108 ForceSendFields []string `json:"-"` 1109 1110 // NullFields is a list of field names (e.g. "DevicePolicy") to include 1111 // in API requests with the JSON null value. By default, fields with 1112 // empty values are omitted from API requests. However, any field with 1113 // an empty value appearing in NullFields will be sent to the server as 1114 // null. It is an error if a field in this list has a non-empty value. 1115 // This may be used to include null fields in Patch requests. 1116 NullFields []string `json:"-"` 1117} 1118 1119func (s *GoogleIdentityAccesscontextmanagerV1Condition) MarshalJSON() ([]byte, error) { 1120 type NoMethod GoogleIdentityAccesscontextmanagerV1Condition 1121 raw := NoMethod(*s) 1122 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1123} 1124 1125// GoogleIdentityAccesscontextmanagerV1CustomLevel: `CustomLevel` is an 1126// `AccessLevel` using the Cloud Common Expression Language to represent 1127// the necessary conditions for the level to apply to a request. See CEL 1128// spec at: https://github.com/google/cel-spec 1129type GoogleIdentityAccesscontextmanagerV1CustomLevel struct { 1130 // Expr: Required. A Cloud CEL expression evaluating to a boolean. 1131 Expr *Expr `json:"expr,omitempty"` 1132 1133 // ForceSendFields is a list of field names (e.g. "Expr") to 1134 // unconditionally include in API requests. By default, fields with 1135 // empty values are omitted from API requests. However, any non-pointer, 1136 // non-interface field appearing in ForceSendFields will be sent to the 1137 // server regardless of whether the field is empty or not. This may be 1138 // used to include empty fields in Patch requests. 1139 ForceSendFields []string `json:"-"` 1140 1141 // NullFields is a list of field names (e.g. "Expr") to include in API 1142 // requests with the JSON null value. By default, fields with empty 1143 // values are omitted from API requests. However, any field with an 1144 // empty value appearing in NullFields will be sent to the server as 1145 // null. It is an error if a field in this list has a non-empty value. 1146 // This may be used to include null fields in Patch requests. 1147 NullFields []string `json:"-"` 1148} 1149 1150func (s *GoogleIdentityAccesscontextmanagerV1CustomLevel) MarshalJSON() ([]byte, error) { 1151 type NoMethod GoogleIdentityAccesscontextmanagerV1CustomLevel 1152 raw := NoMethod(*s) 1153 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1154} 1155 1156// GoogleIdentityAccesscontextmanagerV1DevicePolicy: `DevicePolicy` 1157// specifies device specific restrictions necessary to acquire a given 1158// access level. A `DevicePolicy` specifies requirements for requests 1159// from devices to be granted access levels, it does not do any 1160// enforcement on the device. `DevicePolicy` acts as an AND over all 1161// specified fields, and each repeated field is an OR over its elements. 1162// Any unset fields are ignored. For example, if the proto is { os_type 1163// : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: 1164// ENCRYPTED}, then the DevicePolicy will be true for requests 1165// originating from encrypted Linux desktops and encrypted Windows 1166// desktops. 1167type GoogleIdentityAccesscontextmanagerV1DevicePolicy struct { 1168 // AllowedDeviceManagementLevels: Allowed device management levels, an 1169 // empty list allows all management levels. 1170 // 1171 // Possible values: 1172 // "MANAGEMENT_UNSPECIFIED" - The device's management level is not 1173 // specified or not known. 1174 // "NONE" - The device is not managed. 1175 // "BASIC" - Basic management is enabled, which is generally limited 1176 // to monitoring and wiping the corporate account. 1177 // "COMPLETE" - Complete device management. This includes more 1178 // thorough monitoring and the ability to directly manage the device 1179 // (such as remote wiping). This can be enabled through the Android 1180 // Enterprise Platform. 1181 AllowedDeviceManagementLevels []string `json:"allowedDeviceManagementLevels,omitempty"` 1182 1183 // AllowedEncryptionStatuses: Allowed encryptions statuses, an empty 1184 // list allows all statuses. 1185 // 1186 // Possible values: 1187 // "ENCRYPTION_UNSPECIFIED" - The encryption status of the device is 1188 // not specified or not known. 1189 // "ENCRYPTION_UNSUPPORTED" - The device does not support encryption. 1190 // "UNENCRYPTED" - The device supports encryption, but is currently 1191 // unencrypted. 1192 // "ENCRYPTED" - The device is encrypted. 1193 AllowedEncryptionStatuses []string `json:"allowedEncryptionStatuses,omitempty"` 1194 1195 // OsConstraints: Allowed OS versions, an empty list allows all types 1196 // and all versions. 1197 OsConstraints []*GoogleIdentityAccesscontextmanagerV1OsConstraint `json:"osConstraints,omitempty"` 1198 1199 // RequireAdminApproval: Whether the device needs to be approved by the 1200 // customer admin. 1201 RequireAdminApproval bool `json:"requireAdminApproval,omitempty"` 1202 1203 // RequireCorpOwned: Whether the device needs to be corp owned. 1204 RequireCorpOwned bool `json:"requireCorpOwned,omitempty"` 1205 1206 // RequireScreenlock: Whether or not screenlock is required for the 1207 // DevicePolicy to be true. Defaults to `false`. 1208 RequireScreenlock bool `json:"requireScreenlock,omitempty"` 1209 1210 // ForceSendFields is a list of field names (e.g. 1211 // "AllowedDeviceManagementLevels") to unconditionally include in API 1212 // requests. By default, fields with empty values are omitted from API 1213 // requests. However, any non-pointer, non-interface field appearing in 1214 // ForceSendFields will be sent to the server regardless of whether the 1215 // field is empty or not. This may be used to include empty fields in 1216 // Patch requests. 1217 ForceSendFields []string `json:"-"` 1218 1219 // NullFields is a list of field names (e.g. 1220 // "AllowedDeviceManagementLevels") to include in API requests with the 1221 // JSON null value. By default, fields with empty values are omitted 1222 // from API requests. However, any field with an empty value appearing 1223 // in NullFields will be sent to the server as null. It is an error if a 1224 // field in this list has a non-empty value. This may be used to include 1225 // null fields in Patch requests. 1226 NullFields []string `json:"-"` 1227} 1228 1229func (s *GoogleIdentityAccesscontextmanagerV1DevicePolicy) MarshalJSON() ([]byte, error) { 1230 type NoMethod GoogleIdentityAccesscontextmanagerV1DevicePolicy 1231 raw := NoMethod(*s) 1232 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1233} 1234 1235// GoogleIdentityAccesscontextmanagerV1OsConstraint: A restriction on 1236// the OS type and version of devices making requests. 1237type GoogleIdentityAccesscontextmanagerV1OsConstraint struct { 1238 // MinimumVersion: The minimum allowed OS version. If not set, any 1239 // version of this OS satisfies the constraint. Format: 1240 // "major.minor.patch". Examples: "10.5.301", "9.2.1". 1241 MinimumVersion string `json:"minimumVersion,omitempty"` 1242 1243 // OsType: Required. The allowed OS type. 1244 // 1245 // Possible values: 1246 // "OS_UNSPECIFIED" - The operating system of the device is not 1247 // specified or not known. 1248 // "DESKTOP_MAC" - A desktop Mac operating system. 1249 // "DESKTOP_WINDOWS" - A desktop Windows operating system. 1250 // "DESKTOP_LINUX" - A desktop Linux operating system. 1251 // "DESKTOP_CHROME_OS" - A desktop ChromeOS operating system. 1252 // "ANDROID" - An Android operating system. 1253 // "IOS" - An iOS operating system. 1254 OsType string `json:"osType,omitempty"` 1255 1256 // RequireVerifiedChromeOs: Only allows requests from devices with a 1257 // verified Chrome OS. Verifications includes requirements that the 1258 // device is enterprise-managed, conformant to domain policies, and the 1259 // caller has permission to call the API targeted by the request. 1260 RequireVerifiedChromeOs bool `json:"requireVerifiedChromeOs,omitempty"` 1261 1262 // ForceSendFields is a list of field names (e.g. "MinimumVersion") to 1263 // unconditionally include in API requests. By default, fields with 1264 // empty values are omitted from API requests. However, any non-pointer, 1265 // non-interface field appearing in ForceSendFields will be sent to the 1266 // server regardless of whether the field is empty or not. This may be 1267 // used to include empty fields in Patch requests. 1268 ForceSendFields []string `json:"-"` 1269 1270 // NullFields is a list of field names (e.g. "MinimumVersion") to 1271 // include in API requests with the JSON null value. By default, fields 1272 // with empty values are omitted from API requests. However, any field 1273 // with an empty value appearing in NullFields will be sent to the 1274 // server as null. It is an error if a field in this list has a 1275 // non-empty value. This may be used to include null fields in Patch 1276 // requests. 1277 NullFields []string `json:"-"` 1278} 1279 1280func (s *GoogleIdentityAccesscontextmanagerV1OsConstraint) MarshalJSON() ([]byte, error) { 1281 type NoMethod GoogleIdentityAccesscontextmanagerV1OsConstraint 1282 raw := NoMethod(*s) 1283 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1284} 1285 1286// GoogleIdentityAccesscontextmanagerV1ServicePerimeter: 1287// `ServicePerimeter` describes a set of Google Cloud resources which 1288// can freely import and export data amongst themselves, but not export 1289// outside of the `ServicePerimeter`. If a request with a source within 1290// this `ServicePerimeter` has a target outside of the 1291// `ServicePerimeter`, the request will be blocked. Otherwise the 1292// request is allowed. There are two types of Service Perimeter - 1293// Regular and Bridge. Regular Service Perimeters cannot overlap, a 1294// single Google Cloud project can only belong to a single regular 1295// Service Perimeter. Service Perimeter Bridges can contain only Google 1296// Cloud projects as members, a single Google Cloud project may belong 1297// to multiple Service Perimeter Bridges. 1298type GoogleIdentityAccesscontextmanagerV1ServicePerimeter struct { 1299 // Description: Description of the `ServicePerimeter` and its use. Does 1300 // not affect behavior. 1301 Description string `json:"description,omitempty"` 1302 1303 // Name: Required. Resource name for the ServicePerimeter. The 1304 // `short_name` component must begin with a letter and only include 1305 // alphanumeric and '_'. Format: 1306 // `accessPolicies/{policy_id}/servicePerimeters/{short_name}` 1307 Name string `json:"name,omitempty"` 1308 1309 // PerimeterType: Perimeter type indicator. A single project is allowed 1310 // to be a member of single regular perimeter, but multiple service 1311 // perimeter bridges. A project cannot be a included in a perimeter 1312 // bridge without being included in regular perimeter. For perimeter 1313 // bridges, the restricted service list as well as access level lists 1314 // must be empty. 1315 // 1316 // Possible values: 1317 // "PERIMETER_TYPE_REGULAR" - Regular Perimeter. 1318 // "PERIMETER_TYPE_BRIDGE" - Perimeter Bridge. 1319 PerimeterType string `json:"perimeterType,omitempty"` 1320 1321 // Spec: Proposed (or dry run) ServicePerimeter configuration. This 1322 // configuration allows to specify and test ServicePerimeter 1323 // configuration without enforcing actual access restrictions. Only 1324 // allowed to be set when the "use_explicit_dry_run_spec" flag is set. 1325 Spec *GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig `json:"spec,omitempty"` 1326 1327 // Status: Current ServicePerimeter configuration. Specifies sets of 1328 // resources, restricted services and access levels that determine 1329 // perimeter content and boundaries. 1330 Status *GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig `json:"status,omitempty"` 1331 1332 // Title: Human readable title. Must be unique within the Policy. 1333 Title string `json:"title,omitempty"` 1334 1335 // UseExplicitDryRunSpec: Use explicit dry run spec flag. Ordinarily, a 1336 // dry-run spec implicitly exists for all Service Perimeters, and that 1337 // spec is identical to the status for those Service Perimeters. When 1338 // this flag is set, it inhibits the generation of the implicit spec, 1339 // thereby allowing the user to explicitly provide a configuration 1340 // ("spec") to use in a dry-run version of the Service Perimeter. This 1341 // allows the user to test changes to the enforced config ("status") 1342 // without actually enforcing them. This testing is done through 1343 // analyzing the differences between currently enforced and suggested 1344 // restrictions. use_explicit_dry_run_spec must bet set to True if any 1345 // of the fields in the spec are set to non-default values. 1346 UseExplicitDryRunSpec bool `json:"useExplicitDryRunSpec,omitempty"` 1347 1348 // ForceSendFields is a list of field names (e.g. "Description") to 1349 // unconditionally include in API requests. By default, fields with 1350 // empty values are omitted from API requests. However, any non-pointer, 1351 // non-interface field appearing in ForceSendFields will be sent to the 1352 // server regardless of whether the field is empty or not. This may be 1353 // used to include empty fields in Patch requests. 1354 ForceSendFields []string `json:"-"` 1355 1356 // NullFields is a list of field names (e.g. "Description") to include 1357 // in API requests with the JSON null value. By default, fields with 1358 // empty values are omitted from API requests. However, any field with 1359 // an empty value appearing in NullFields will be sent to the server as 1360 // null. It is an error if a field in this list has a non-empty value. 1361 // This may be used to include null fields in Patch requests. 1362 NullFields []string `json:"-"` 1363} 1364 1365func (s *GoogleIdentityAccesscontextmanagerV1ServicePerimeter) MarshalJSON() ([]byte, error) { 1366 type NoMethod GoogleIdentityAccesscontextmanagerV1ServicePerimeter 1367 raw := NoMethod(*s) 1368 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1369} 1370 1371// GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig: 1372// `ServicePerimeterConfig` specifies a set of Google Cloud resources 1373// that describe specific Service Perimeter configuration. 1374type GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig struct { 1375 // AccessLevels: A list of `AccessLevel` resource names that allow 1376 // resources within the `ServicePerimeter` to be accessed from the 1377 // internet. `AccessLevels` listed must be in the same policy as this 1378 // `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a 1379 // syntax error. If no `AccessLevel` names are listed, resources within 1380 // the perimeter can only be accessed via Google Cloud calls with 1381 // request origins within the perimeter. Example: 1382 // "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service 1383 // Perimeter Bridge, must be empty. 1384 AccessLevels []string `json:"accessLevels,omitempty"` 1385 1386 // Resources: A list of Google Cloud resources that are inside of the 1387 // service perimeter. Currently only projects are allowed. Format: 1388 // `projects/{project_number}` 1389 Resources []string `json:"resources,omitempty"` 1390 1391 // RestrictedServices: Google Cloud services that are subject to the 1392 // Service Perimeter restrictions. For example, if 1393 // `storage.googleapis.com` is specified, access to the storage buckets 1394 // inside the perimeter must meet the perimeter's access restrictions. 1395 RestrictedServices []string `json:"restrictedServices,omitempty"` 1396 1397 // VpcAccessibleServices: Configuration for APIs allowed within 1398 // Perimeter. 1399 VpcAccessibleServices *GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices `json:"vpcAccessibleServices,omitempty"` 1400 1401 // ForceSendFields is a list of field names (e.g. "AccessLevels") to 1402 // unconditionally include in API requests. By default, fields with 1403 // empty values are omitted from API requests. However, any non-pointer, 1404 // non-interface field appearing in ForceSendFields will be sent to the 1405 // server regardless of whether the field is empty or not. This may be 1406 // used to include empty fields in Patch requests. 1407 ForceSendFields []string `json:"-"` 1408 1409 // NullFields is a list of field names (e.g. "AccessLevels") to include 1410 // in API requests with the JSON null value. By default, fields with 1411 // empty values are omitted from API requests. However, any field with 1412 // an empty value appearing in NullFields will be sent to the server as 1413 // null. It is an error if a field in this list has a non-empty value. 1414 // This may be used to include null fields in Patch requests. 1415 NullFields []string `json:"-"` 1416} 1417 1418func (s *GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig) MarshalJSON() ([]byte, error) { 1419 type NoMethod GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig 1420 raw := NoMethod(*s) 1421 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1422} 1423 1424// GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices: Specifies 1425// how APIs are allowed to communicate within the Service Perimeter. 1426type GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices struct { 1427 // AllowedServices: The list of APIs usable within the Service 1428 // Perimeter. Must be empty unless 'enable_restriction' is True. You can 1429 // specify a list of individual services, as well as include the 1430 // 'RESTRICTED-SERVICES' value, which automatically includes all of the 1431 // services protected by the perimeter. 1432 AllowedServices []string `json:"allowedServices,omitempty"` 1433 1434 // EnableRestriction: Whether to restrict API calls within the Service 1435 // Perimeter to the list of APIs specified in 'allowed_services'. 1436 EnableRestriction bool `json:"enableRestriction,omitempty"` 1437 1438 // ForceSendFields is a list of field names (e.g. "AllowedServices") to 1439 // unconditionally include in API requests. By default, fields with 1440 // empty values are omitted from API requests. However, any non-pointer, 1441 // non-interface field appearing in ForceSendFields will be sent to the 1442 // server regardless of whether the field is empty or not. This may be 1443 // used to include empty fields in Patch requests. 1444 ForceSendFields []string `json:"-"` 1445 1446 // NullFields is a list of field names (e.g. "AllowedServices") to 1447 // include in API requests with the JSON null value. By default, fields 1448 // with empty values are omitted from API requests. However, any field 1449 // with an empty value appearing in NullFields will be sent to the 1450 // server as null. It is an error if a field in this list has a 1451 // non-empty value. This may be used to include null fields in Patch 1452 // requests. 1453 NullFields []string `json:"-"` 1454} 1455 1456func (s *GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices) MarshalJSON() ([]byte, error) { 1457 type NoMethod GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices 1458 raw := NoMethod(*s) 1459 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1460} 1461 1462// Operation: This resource represents a long-running operation that is 1463// the result of a network API call. 1464type Operation struct { 1465 // Done: If the value is `false`, it means the operation is still in 1466 // progress. If `true`, the operation is completed, and either `error` 1467 // or `response` is available. 1468 Done bool `json:"done,omitempty"` 1469 1470 // Error: The error result of the operation in case of failure or 1471 // cancellation. 1472 Error *Status `json:"error,omitempty"` 1473 1474 // Metadata: Service-specific metadata associated with the operation. It 1475 // typically contains progress information and common metadata such as 1476 // create time. Some services might not provide such metadata. Any 1477 // method that returns a long-running operation should document the 1478 // metadata type, if any. 1479 Metadata googleapi.RawMessage `json:"metadata,omitempty"` 1480 1481 // Name: The server-assigned name, which is only unique within the same 1482 // service that originally returns it. If you use the default HTTP 1483 // mapping, the `name` should be a resource name ending with 1484 // `operations/{unique_id}`. 1485 Name string `json:"name,omitempty"` 1486 1487 // Response: The normal response of the operation in case of success. If 1488 // the original method returns no data on success, such as `Delete`, the 1489 // response is `google.protobuf.Empty`. If the original method is 1490 // standard `Get`/`Create`/`Update`, the response should be the 1491 // resource. For other methods, the response should have the type 1492 // `XxxResponse`, where `Xxx` is the original method name. For example, 1493 // if the original method name is `TakeSnapshot()`, the inferred 1494 // response type is `TakeSnapshotResponse`. 1495 Response googleapi.RawMessage `json:"response,omitempty"` 1496 1497 // ServerResponse contains the HTTP response code and headers from the 1498 // server. 1499 googleapi.ServerResponse `json:"-"` 1500 1501 // ForceSendFields is a list of field names (e.g. "Done") to 1502 // unconditionally include in API requests. By default, fields with 1503 // empty values are omitted from API requests. However, any non-pointer, 1504 // non-interface field appearing in ForceSendFields will be sent to the 1505 // server regardless of whether the field is empty or not. This may be 1506 // used to include empty fields in Patch requests. 1507 ForceSendFields []string `json:"-"` 1508 1509 // NullFields is a list of field names (e.g. "Done") to include in API 1510 // requests with the JSON null value. By default, fields with empty 1511 // values are omitted from API requests. However, any field with an 1512 // empty value appearing in NullFields will be sent to the server as 1513 // null. It is an error if a field in this list has a non-empty value. 1514 // This may be used to include null fields in Patch requests. 1515 NullFields []string `json:"-"` 1516} 1517 1518func (s *Operation) MarshalJSON() ([]byte, error) { 1519 type NoMethod Operation 1520 raw := NoMethod(*s) 1521 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1522} 1523 1524// OutputConfig: Output configuration for export assets destination. 1525type OutputConfig struct { 1526 // GcsDestination: Destination on Cloud Storage. 1527 GcsDestination *GcsDestination `json:"gcsDestination,omitempty"` 1528 1529 // ForceSendFields is a list of field names (e.g. "GcsDestination") to 1530 // unconditionally include in API requests. By default, fields with 1531 // empty values are omitted from API requests. However, any non-pointer, 1532 // non-interface field appearing in ForceSendFields will be sent to the 1533 // server regardless of whether the field is empty or not. This may be 1534 // used to include empty fields in Patch requests. 1535 ForceSendFields []string `json:"-"` 1536 1537 // NullFields is a list of field names (e.g. "GcsDestination") to 1538 // include in API requests with the JSON null value. By default, fields 1539 // with empty values are omitted from API requests. However, any field 1540 // with an empty value appearing in NullFields will be sent to the 1541 // server as null. It is an error if a field in this list has a 1542 // non-empty value. This may be used to include null fields in Patch 1543 // requests. 1544 NullFields []string `json:"-"` 1545} 1546 1547func (s *OutputConfig) MarshalJSON() ([]byte, error) { 1548 type NoMethod OutputConfig 1549 raw := NoMethod(*s) 1550 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1551} 1552 1553// Policy: An Identity and Access Management (IAM) policy, which 1554// specifies access controls for Google Cloud resources. A `Policy` is a 1555// collection of `bindings`. A `binding` binds one or more `members` to 1556// a single `role`. Members can be user accounts, service accounts, 1557// Google groups, and domains (such as G Suite). A `role` is a named 1558// list of permissions; each `role` can be an IAM predefined role or a 1559// user-created custom role. For some types of Google Cloud resources, a 1560// `binding` can also specify a `condition`, which is a logical 1561// expression that allows access to a resource only if the expression 1562// evaluates to `true`. A condition can add constraints based on 1563// attributes of the request, the resource, or both. To learn which 1564// resources support conditions in their IAM policies, see the [IAM 1565// documentation](https://cloud.google.com/iam/help/conditions/resource-p 1566// olicies). **JSON example:** { "bindings": [ { "role": 1567// "roles/resourcemanager.organizationAdmin", "members": [ 1568// "user:mike@example.com", "group:admins@example.com", 1569// "domain:google.com", 1570// "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { 1571// "role": "roles/resourcemanager.organizationViewer", "members": [ 1572// "user:eve@example.com" ], "condition": { "title": "expirable access", 1573// "description": "Does not grant access after Sep 2020", "expression": 1574// "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], 1575// "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - 1576// members: - user:mike@example.com - group:admins@example.com - 1577// domain:google.com - 1578// serviceAccount:my-project-id@appspot.gserviceaccount.com role: 1579// roles/resourcemanager.organizationAdmin - members: - 1580// user:eve@example.com role: roles/resourcemanager.organizationViewer 1581// condition: title: expirable access description: Does not grant access 1582// after Sep 2020 expression: request.time < 1583// timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 1584// 3 For a description of IAM and its features, see the [IAM 1585// documentation](https://cloud.google.com/iam/docs/). 1586type Policy struct { 1587 // AuditConfigs: Specifies cloud audit logging configuration for this 1588 // policy. 1589 AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"` 1590 1591 // Bindings: Associates a list of `members` to a `role`. Optionally, may 1592 // specify a `condition` that determines how and when the `bindings` are 1593 // applied. Each of the `bindings` must contain at least one member. 1594 Bindings []*Binding `json:"bindings,omitempty"` 1595 1596 // Etag: `etag` is used for optimistic concurrency control as a way to 1597 // help prevent simultaneous updates of a policy from overwriting each 1598 // other. It is strongly suggested that systems make use of the `etag` 1599 // in the read-modify-write cycle to perform policy updates in order to 1600 // avoid race conditions: An `etag` is returned in the response to 1601 // `getIamPolicy`, and systems are expected to put that etag in the 1602 // request to `setIamPolicy` to ensure that their change will be applied 1603 // to the same version of the policy. **Important:** If you use IAM 1604 // Conditions, you must include the `etag` field whenever you call 1605 // `setIamPolicy`. If you omit this field, then IAM allows you to 1606 // overwrite a version `3` policy with a version `1` policy, and all of 1607 // the conditions in the version `3` policy are lost. 1608 Etag string `json:"etag,omitempty"` 1609 1610 // Version: Specifies the format of the policy. Valid values are `0`, 1611 // `1`, and `3`. Requests that specify an invalid value are rejected. 1612 // Any operation that affects conditional role bindings must specify 1613 // version `3`. This requirement applies to the following operations: * 1614 // Getting a policy that includes a conditional role binding * Adding a 1615 // conditional role binding to a policy * Changing a conditional role 1616 // binding in a policy * Removing any role binding, with or without a 1617 // condition, from a policy that includes conditions **Important:** If 1618 // you use IAM Conditions, you must include the `etag` field whenever 1619 // you call `setIamPolicy`. If you omit this field, then IAM allows you 1620 // to overwrite a version `3` policy with a version `1` policy, and all 1621 // of the conditions in the version `3` policy are lost. If a policy 1622 // does not include any conditions, operations on that policy may 1623 // specify any valid version or leave the field unset. To learn which 1624 // resources support conditions in their IAM policies, see the [IAM 1625 // documentation](https://cloud.google.com/iam/help/conditions/resource-p 1626 // olicies). 1627 Version int64 `json:"version,omitempty"` 1628 1629 // ForceSendFields is a list of field names (e.g. "AuditConfigs") to 1630 // unconditionally include in API requests. By default, fields with 1631 // empty values are omitted from API requests. However, any non-pointer, 1632 // non-interface field appearing in ForceSendFields will be sent to the 1633 // server regardless of whether the field is empty or not. This may be 1634 // used to include empty fields in Patch requests. 1635 ForceSendFields []string `json:"-"` 1636 1637 // NullFields is a list of field names (e.g. "AuditConfigs") to include 1638 // in API requests with the JSON null value. By default, fields with 1639 // empty values are omitted from API requests. However, any field with 1640 // an empty value appearing in NullFields will be sent to the server as 1641 // null. It is an error if a field in this list has a non-empty value. 1642 // This may be used to include null fields in Patch requests. 1643 NullFields []string `json:"-"` 1644} 1645 1646func (s *Policy) MarshalJSON() ([]byte, error) { 1647 type NoMethod Policy 1648 raw := NoMethod(*s) 1649 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1650} 1651 1652// Resource: A representation of a Google Cloud resource. 1653type Resource struct { 1654 // Data: The content of the resource, in which some sensitive fields are 1655 // removed and may not be present. 1656 Data googleapi.RawMessage `json:"data,omitempty"` 1657 1658 // DiscoveryDocumentUri: The URL of the discovery document containing 1659 // the resource's JSON schema. Example: 1660 // `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` This 1661 // value is unspecified for resources that do not have an API based on a 1662 // discovery document, such as Cloud Bigtable. 1663 DiscoveryDocumentUri string `json:"discoveryDocumentUri,omitempty"` 1664 1665 // DiscoveryName: The JSON schema name listed in the discovery document. 1666 // Example: `Project` This value is unspecified for resources that do 1667 // not have an API based on a discovery document, such as Cloud 1668 // Bigtable. 1669 DiscoveryName string `json:"discoveryName,omitempty"` 1670 1671 // Parent: The full name of the immediate parent of this resource. See 1672 // [Resource 1673 // Names](https://cloud.google.com/apis/design/resource_names#full_resour 1674 // ce_name) for more information. For Google Cloud assets, this value is 1675 // the parent resource defined in the [Cloud IAM policy 1676 // hierarchy](https://cloud.google.com/iam/docs/overview#policy_hierarchy 1677 // ). Example: 1678 // `//cloudresourcemanager.googleapis.com/projects/my_project_123` For 1679 // third-party assets, this field may be set differently. 1680 Parent string `json:"parent,omitempty"` 1681 1682 // ResourceUrl: The REST URL for accessing the resource. An HTTP `GET` 1683 // request using this URL returns the resource itself. Example: 1684 // `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-12 1685 // 3` This value is unspecified for resources without a REST API. 1686 ResourceUrl string `json:"resourceUrl,omitempty"` 1687 1688 // Version: The API version. Example: `v1` 1689 Version string `json:"version,omitempty"` 1690 1691 // ForceSendFields is a list of field names (e.g. "Data") to 1692 // unconditionally include in API requests. By default, fields with 1693 // empty values are omitted from API requests. However, any non-pointer, 1694 // non-interface field appearing in ForceSendFields will be sent to the 1695 // server regardless of whether the field is empty or not. This may be 1696 // used to include empty fields in Patch requests. 1697 ForceSendFields []string `json:"-"` 1698 1699 // NullFields is a list of field names (e.g. "Data") to include in API 1700 // requests with the JSON null value. By default, fields with empty 1701 // values are omitted from API requests. However, any field with an 1702 // empty value appearing in NullFields will be sent to the server as 1703 // null. It is an error if a field in this list has a non-empty value. 1704 // This may be used to include null fields in Patch requests. 1705 NullFields []string `json:"-"` 1706} 1707 1708func (s *Resource) MarshalJSON() ([]byte, error) { 1709 type NoMethod Resource 1710 raw := NoMethod(*s) 1711 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1712} 1713 1714// Status: The `Status` type defines a logical error model that is 1715// suitable for different programming environments, including REST APIs 1716// and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each 1717// `Status` message contains three pieces of data: error code, error 1718// message, and error details. You can find out more about this error 1719// model and how to work with it in the [API Design 1720// Guide](https://cloud.google.com/apis/design/errors). 1721type Status struct { 1722 // Code: The status code, which should be an enum value of 1723 // google.rpc.Code. 1724 Code int64 `json:"code,omitempty"` 1725 1726 // Details: A list of messages that carry the error details. There is a 1727 // common set of message types for APIs to use. 1728 Details []googleapi.RawMessage `json:"details,omitempty"` 1729 1730 // Message: A developer-facing error message, which should be in 1731 // English. Any user-facing error message should be localized and sent 1732 // in the google.rpc.Status.details field, or localized by the client. 1733 Message string `json:"message,omitempty"` 1734 1735 // ForceSendFields is a list of field names (e.g. "Code") to 1736 // unconditionally include in API requests. By default, fields with 1737 // empty values are omitted from API requests. However, any non-pointer, 1738 // non-interface field appearing in ForceSendFields will be sent to the 1739 // server regardless of whether the field is empty or not. This may be 1740 // used to include empty fields in Patch requests. 1741 ForceSendFields []string `json:"-"` 1742 1743 // NullFields is a list of field names (e.g. "Code") to include in API 1744 // requests with the JSON null value. By default, fields with empty 1745 // values are omitted from API requests. However, any field with an 1746 // empty value appearing in NullFields will be sent to the server as 1747 // null. It is an error if a field in this list has a non-empty value. 1748 // This may be used to include null fields in Patch requests. 1749 NullFields []string `json:"-"` 1750} 1751 1752func (s *Status) MarshalJSON() ([]byte, error) { 1753 type NoMethod Status 1754 raw := NoMethod(*s) 1755 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1756} 1757 1758// TemporalAsset: An asset in Google Cloud and its temporal metadata, 1759// including the time window when it was observed and its status during 1760// that window. 1761type TemporalAsset struct { 1762 // Asset: An asset in Google Cloud. 1763 Asset *Asset `json:"asset,omitempty"` 1764 1765 // Deleted: Whether the asset has been deleted or not. 1766 Deleted bool `json:"deleted,omitempty"` 1767 1768 // Window: The time window when the asset data and state was observed. 1769 Window *TimeWindow `json:"window,omitempty"` 1770 1771 // ForceSendFields is a list of field names (e.g. "Asset") to 1772 // unconditionally include in API requests. By default, fields with 1773 // empty values are omitted from API requests. However, any non-pointer, 1774 // non-interface field appearing in ForceSendFields will be sent to the 1775 // server regardless of whether the field is empty or not. This may be 1776 // used to include empty fields in Patch requests. 1777 ForceSendFields []string `json:"-"` 1778 1779 // NullFields is a list of field names (e.g. "Asset") to include in API 1780 // requests with the JSON null value. By default, fields with empty 1781 // values are omitted from API requests. However, any field with an 1782 // empty value appearing in NullFields will be sent to the server as 1783 // null. It is an error if a field in this list has a non-empty value. 1784 // This may be used to include null fields in Patch requests. 1785 NullFields []string `json:"-"` 1786} 1787 1788func (s *TemporalAsset) MarshalJSON() ([]byte, error) { 1789 type NoMethod TemporalAsset 1790 raw := NoMethod(*s) 1791 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1792} 1793 1794// TimeWindow: A time window specified by its `start_time` and 1795// `end_time`. 1796type TimeWindow struct { 1797 // EndTime: End time of the time window (inclusive). If not specified, 1798 // the current timestamp is used instead. 1799 EndTime string `json:"endTime,omitempty"` 1800 1801 // StartTime: Start time of the time window (exclusive). 1802 StartTime string `json:"startTime,omitempty"` 1803 1804 // ForceSendFields is a list of field names (e.g. "EndTime") to 1805 // unconditionally include in API requests. By default, fields with 1806 // empty values are omitted from API requests. However, any non-pointer, 1807 // non-interface field appearing in ForceSendFields will be sent to the 1808 // server regardless of whether the field is empty or not. This may be 1809 // used to include empty fields in Patch requests. 1810 ForceSendFields []string `json:"-"` 1811 1812 // NullFields is a list of field names (e.g. "EndTime") to include in 1813 // API requests with the JSON null value. By default, fields with empty 1814 // values are omitted from API requests. However, any field with an 1815 // empty value appearing in NullFields will be sent to the server as 1816 // null. It is an error if a field in this list has a non-empty value. 1817 // This may be used to include null fields in Patch requests. 1818 NullFields []string `json:"-"` 1819} 1820 1821func (s *TimeWindow) MarshalJSON() ([]byte, error) { 1822 type NoMethod TimeWindow 1823 raw := NoMethod(*s) 1824 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1825} 1826 1827// method id "cloudasset.folders.exportAssets": 1828 1829type FoldersExportAssetsCall struct { 1830 s *Service 1831 parent string 1832 exportassetsrequest *ExportAssetsRequest 1833 urlParams_ gensupport.URLParams 1834 ctx_ context.Context 1835 header_ http.Header 1836} 1837 1838// ExportAssets: Exports assets with time and resource types to a given 1839// Cloud Storage location. The output format is newline-delimited JSON. 1840// This API implements the google.longrunning.Operation API allowing you 1841// to keep track of the export. We recommend intervals of at least 2 1842// seconds with exponential retry to poll the export operation result. 1843// For regular-size resource parent, the export operation usually 1844// finishes within 5 minutes. 1845func (r *FoldersService) ExportAssets(parent string, exportassetsrequest *ExportAssetsRequest) *FoldersExportAssetsCall { 1846 c := &FoldersExportAssetsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 1847 c.parent = parent 1848 c.exportassetsrequest = exportassetsrequest 1849 return c 1850} 1851 1852// Fields allows partial responses to be retrieved. See 1853// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 1854// for more information. 1855func (c *FoldersExportAssetsCall) Fields(s ...googleapi.Field) *FoldersExportAssetsCall { 1856 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 1857 return c 1858} 1859 1860// Context sets the context to be used in this call's Do method. Any 1861// pending HTTP request will be aborted if the provided context is 1862// canceled. 1863func (c *FoldersExportAssetsCall) Context(ctx context.Context) *FoldersExportAssetsCall { 1864 c.ctx_ = ctx 1865 return c 1866} 1867 1868// Header returns an http.Header that can be modified by the caller to 1869// add HTTP headers to the request. 1870func (c *FoldersExportAssetsCall) Header() http.Header { 1871 if c.header_ == nil { 1872 c.header_ = make(http.Header) 1873 } 1874 return c.header_ 1875} 1876 1877func (c *FoldersExportAssetsCall) doRequest(alt string) (*http.Response, error) { 1878 reqHeaders := make(http.Header) 1879 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20201124") 1880 for k, v := range c.header_ { 1881 reqHeaders[k] = v 1882 } 1883 reqHeaders.Set("User-Agent", c.s.userAgent()) 1884 var body io.Reader = nil 1885 body, err := googleapi.WithoutDataWrapper.JSONReader(c.exportassetsrequest) 1886 if err != nil { 1887 return nil, err 1888 } 1889 reqHeaders.Set("Content-Type", "application/json") 1890 c.urlParams_.Set("alt", alt) 1891 c.urlParams_.Set("prettyPrint", "false") 1892 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}:exportAssets") 1893 urls += "?" + c.urlParams_.Encode() 1894 req, err := http.NewRequest("POST", urls, body) 1895 if err != nil { 1896 return nil, err 1897 } 1898 req.Header = reqHeaders 1899 googleapi.Expand(req.URL, map[string]string{ 1900 "parent": c.parent, 1901 }) 1902 return gensupport.SendRequest(c.ctx_, c.s.client, req) 1903} 1904 1905// Do executes the "cloudasset.folders.exportAssets" call. 1906// Exactly one of *Operation or error will be non-nil. Any non-2xx 1907// status code is an error. Response headers are in either 1908// *Operation.ServerResponse.Header or (if a response was returned at 1909// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 1910// to check whether the returned error was because 1911// http.StatusNotModified was returned. 1912func (c *FoldersExportAssetsCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 1913 gensupport.SetOptions(c.urlParams_, opts...) 1914 res, err := c.doRequest("json") 1915 if res != nil && res.StatusCode == http.StatusNotModified { 1916 if res.Body != nil { 1917 res.Body.Close() 1918 } 1919 return nil, &googleapi.Error{ 1920 Code: res.StatusCode, 1921 Header: res.Header, 1922 } 1923 } 1924 if err != nil { 1925 return nil, err 1926 } 1927 defer googleapi.CloseBody(res) 1928 if err := googleapi.CheckResponse(res); err != nil { 1929 return nil, err 1930 } 1931 ret := &Operation{ 1932 ServerResponse: googleapi.ServerResponse{ 1933 Header: res.Header, 1934 HTTPStatusCode: res.StatusCode, 1935 }, 1936 } 1937 target := &ret 1938 if err := gensupport.DecodeResponse(target, res); err != nil { 1939 return nil, err 1940 } 1941 return ret, nil 1942 // { 1943 // "description": "Exports assets with time and resource types to a given Cloud Storage location. The output format is newline-delimited JSON. This API implements the google.longrunning.Operation API allowing you to keep track of the export. We recommend intervals of at least 2 seconds with exponential retry to poll the export operation result. For regular-size resource parent, the export operation usually finishes within 5 minutes.", 1944 // "flatPath": "v1beta1/folders/{foldersId}:exportAssets", 1945 // "httpMethod": "POST", 1946 // "id": "cloudasset.folders.exportAssets", 1947 // "parameterOrder": [ 1948 // "parent" 1949 // ], 1950 // "parameters": { 1951 // "parent": { 1952 // "description": "Required. The relative name of the root asset. This can only be an organization number (such as \"organizations/123\"), a project ID (such as \"projects/my-project-id\"), a project number (such as \"projects/12345\"), or a folder number (such as \"folders/123\").", 1953 // "location": "path", 1954 // "pattern": "^folders/[^/]+$", 1955 // "required": true, 1956 // "type": "string" 1957 // } 1958 // }, 1959 // "path": "v1beta1/{+parent}:exportAssets", 1960 // "request": { 1961 // "$ref": "ExportAssetsRequest" 1962 // }, 1963 // "response": { 1964 // "$ref": "Operation" 1965 // }, 1966 // "scopes": [ 1967 // "https://www.googleapis.com/auth/cloud-platform" 1968 // ] 1969 // } 1970 1971} 1972 1973// method id "cloudasset.folders.operations.get": 1974 1975type FoldersOperationsGetCall struct { 1976 s *Service 1977 name string 1978 urlParams_ gensupport.URLParams 1979 ifNoneMatch_ string 1980 ctx_ context.Context 1981 header_ http.Header 1982} 1983 1984// Get: Gets the latest state of a long-running operation. Clients can 1985// use this method to poll the operation result at intervals as 1986// recommended by the API service. 1987func (r *FoldersOperationsService) Get(name string) *FoldersOperationsGetCall { 1988 c := &FoldersOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 1989 c.name = name 1990 return c 1991} 1992 1993// Fields allows partial responses to be retrieved. See 1994// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 1995// for more information. 1996func (c *FoldersOperationsGetCall) Fields(s ...googleapi.Field) *FoldersOperationsGetCall { 1997 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 1998 return c 1999} 2000 2001// IfNoneMatch sets the optional parameter which makes the operation 2002// fail if the object's ETag matches the given value. This is useful for 2003// getting updates only after the object has changed since the last 2004// request. Use googleapi.IsNotModified to check whether the response 2005// error from Do is the result of In-None-Match. 2006func (c *FoldersOperationsGetCall) IfNoneMatch(entityTag string) *FoldersOperationsGetCall { 2007 c.ifNoneMatch_ = entityTag 2008 return c 2009} 2010 2011// Context sets the context to be used in this call's Do method. Any 2012// pending HTTP request will be aborted if the provided context is 2013// canceled. 2014func (c *FoldersOperationsGetCall) Context(ctx context.Context) *FoldersOperationsGetCall { 2015 c.ctx_ = ctx 2016 return c 2017} 2018 2019// Header returns an http.Header that can be modified by the caller to 2020// add HTTP headers to the request. 2021func (c *FoldersOperationsGetCall) Header() http.Header { 2022 if c.header_ == nil { 2023 c.header_ = make(http.Header) 2024 } 2025 return c.header_ 2026} 2027 2028func (c *FoldersOperationsGetCall) doRequest(alt string) (*http.Response, error) { 2029 reqHeaders := make(http.Header) 2030 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20201124") 2031 for k, v := range c.header_ { 2032 reqHeaders[k] = v 2033 } 2034 reqHeaders.Set("User-Agent", c.s.userAgent()) 2035 if c.ifNoneMatch_ != "" { 2036 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 2037 } 2038 var body io.Reader = nil 2039 c.urlParams_.Set("alt", alt) 2040 c.urlParams_.Set("prettyPrint", "false") 2041 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}") 2042 urls += "?" + c.urlParams_.Encode() 2043 req, err := http.NewRequest("GET", urls, body) 2044 if err != nil { 2045 return nil, err 2046 } 2047 req.Header = reqHeaders 2048 googleapi.Expand(req.URL, map[string]string{ 2049 "name": c.name, 2050 }) 2051 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2052} 2053 2054// Do executes the "cloudasset.folders.operations.get" call. 2055// Exactly one of *Operation or error will be non-nil. Any non-2xx 2056// status code is an error. Response headers are in either 2057// *Operation.ServerResponse.Header or (if a response was returned at 2058// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 2059// to check whether the returned error was because 2060// http.StatusNotModified was returned. 2061func (c *FoldersOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 2062 gensupport.SetOptions(c.urlParams_, opts...) 2063 res, err := c.doRequest("json") 2064 if res != nil && res.StatusCode == http.StatusNotModified { 2065 if res.Body != nil { 2066 res.Body.Close() 2067 } 2068 return nil, &googleapi.Error{ 2069 Code: res.StatusCode, 2070 Header: res.Header, 2071 } 2072 } 2073 if err != nil { 2074 return nil, err 2075 } 2076 defer googleapi.CloseBody(res) 2077 if err := googleapi.CheckResponse(res); err != nil { 2078 return nil, err 2079 } 2080 ret := &Operation{ 2081 ServerResponse: googleapi.ServerResponse{ 2082 Header: res.Header, 2083 HTTPStatusCode: res.StatusCode, 2084 }, 2085 } 2086 target := &ret 2087 if err := gensupport.DecodeResponse(target, res); err != nil { 2088 return nil, err 2089 } 2090 return ret, nil 2091 // { 2092 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 2093 // "flatPath": "v1beta1/folders/{foldersId}/operations/{operationsId}/{operationsId1}", 2094 // "httpMethod": "GET", 2095 // "id": "cloudasset.folders.operations.get", 2096 // "parameterOrder": [ 2097 // "name" 2098 // ], 2099 // "parameters": { 2100 // "name": { 2101 // "description": "The name of the operation resource.", 2102 // "location": "path", 2103 // "pattern": "^folders/[^/]+/operations/[^/]+/.*$", 2104 // "required": true, 2105 // "type": "string" 2106 // } 2107 // }, 2108 // "path": "v1beta1/{+name}", 2109 // "response": { 2110 // "$ref": "Operation" 2111 // }, 2112 // "scopes": [ 2113 // "https://www.googleapis.com/auth/cloud-platform" 2114 // ] 2115 // } 2116 2117} 2118 2119// method id "cloudasset.organizations.batchGetAssetsHistory": 2120 2121type OrganizationsBatchGetAssetsHistoryCall struct { 2122 s *Service 2123 parent string 2124 urlParams_ gensupport.URLParams 2125 ifNoneMatch_ string 2126 ctx_ context.Context 2127 header_ http.Header 2128} 2129 2130// BatchGetAssetsHistory: Batch gets the update history of assets that 2131// overlap a time window. For IAM_POLICY content, this API outputs 2132// history when the asset and its attached IAM POLICY both exist. This 2133// can create gaps in the output history. Otherwise, this API outputs 2134// history with asset in both non-delete or deleted status. If a 2135// specified asset does not exist, this API returns an INVALID_ARGUMENT 2136// error. 2137func (r *OrganizationsService) BatchGetAssetsHistory(parent string) *OrganizationsBatchGetAssetsHistoryCall { 2138 c := &OrganizationsBatchGetAssetsHistoryCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2139 c.parent = parent 2140 return c 2141} 2142 2143// AssetNames sets the optional parameter "assetNames": A list of the 2144// full names of the assets. For example: 2145// `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 2146// s/instance1`. See [Resource 2147// Names](https://cloud.google.com/apis/design/resource_names#full_resour 2148// ce_name) for more info. The request becomes a no-op if the asset name 2149// list is empty, and the max size of the asset name list is 100 in one 2150// request. 2151func (c *OrganizationsBatchGetAssetsHistoryCall) AssetNames(assetNames ...string) *OrganizationsBatchGetAssetsHistoryCall { 2152 c.urlParams_.SetMulti("assetNames", append([]string{}, assetNames...)) 2153 return c 2154} 2155 2156// ContentType sets the optional parameter "contentType": The content 2157// type. 2158// 2159// Possible values: 2160// "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. 2161// "RESOURCE" - Resource metadata. 2162// "IAM_POLICY" - The actual IAM policy set on a resource. 2163func (c *OrganizationsBatchGetAssetsHistoryCall) ContentType(contentType string) *OrganizationsBatchGetAssetsHistoryCall { 2164 c.urlParams_.Set("contentType", contentType) 2165 return c 2166} 2167 2168// ReadTimeWindowEndTime sets the optional parameter 2169// "readTimeWindow.endTime": End time of the time window (inclusive). If 2170// not specified, the current timestamp is used instead. 2171func (c *OrganizationsBatchGetAssetsHistoryCall) ReadTimeWindowEndTime(readTimeWindowEndTime string) *OrganizationsBatchGetAssetsHistoryCall { 2172 c.urlParams_.Set("readTimeWindow.endTime", readTimeWindowEndTime) 2173 return c 2174} 2175 2176// ReadTimeWindowStartTime sets the optional parameter 2177// "readTimeWindow.startTime": Start time of the time window 2178// (exclusive). 2179func (c *OrganizationsBatchGetAssetsHistoryCall) ReadTimeWindowStartTime(readTimeWindowStartTime string) *OrganizationsBatchGetAssetsHistoryCall { 2180 c.urlParams_.Set("readTimeWindow.startTime", readTimeWindowStartTime) 2181 return c 2182} 2183 2184// Fields allows partial responses to be retrieved. See 2185// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2186// for more information. 2187func (c *OrganizationsBatchGetAssetsHistoryCall) Fields(s ...googleapi.Field) *OrganizationsBatchGetAssetsHistoryCall { 2188 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2189 return c 2190} 2191 2192// IfNoneMatch sets the optional parameter which makes the operation 2193// fail if the object's ETag matches the given value. This is useful for 2194// getting updates only after the object has changed since the last 2195// request. Use googleapi.IsNotModified to check whether the response 2196// error from Do is the result of In-None-Match. 2197func (c *OrganizationsBatchGetAssetsHistoryCall) IfNoneMatch(entityTag string) *OrganizationsBatchGetAssetsHistoryCall { 2198 c.ifNoneMatch_ = entityTag 2199 return c 2200} 2201 2202// Context sets the context to be used in this call's Do method. Any 2203// pending HTTP request will be aborted if the provided context is 2204// canceled. 2205func (c *OrganizationsBatchGetAssetsHistoryCall) Context(ctx context.Context) *OrganizationsBatchGetAssetsHistoryCall { 2206 c.ctx_ = ctx 2207 return c 2208} 2209 2210// Header returns an http.Header that can be modified by the caller to 2211// add HTTP headers to the request. 2212func (c *OrganizationsBatchGetAssetsHistoryCall) Header() http.Header { 2213 if c.header_ == nil { 2214 c.header_ = make(http.Header) 2215 } 2216 return c.header_ 2217} 2218 2219func (c *OrganizationsBatchGetAssetsHistoryCall) doRequest(alt string) (*http.Response, error) { 2220 reqHeaders := make(http.Header) 2221 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20201124") 2222 for k, v := range c.header_ { 2223 reqHeaders[k] = v 2224 } 2225 reqHeaders.Set("User-Agent", c.s.userAgent()) 2226 if c.ifNoneMatch_ != "" { 2227 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 2228 } 2229 var body io.Reader = nil 2230 c.urlParams_.Set("alt", alt) 2231 c.urlParams_.Set("prettyPrint", "false") 2232 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}:batchGetAssetsHistory") 2233 urls += "?" + c.urlParams_.Encode() 2234 req, err := http.NewRequest("GET", urls, body) 2235 if err != nil { 2236 return nil, err 2237 } 2238 req.Header = reqHeaders 2239 googleapi.Expand(req.URL, map[string]string{ 2240 "parent": c.parent, 2241 }) 2242 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2243} 2244 2245// Do executes the "cloudasset.organizations.batchGetAssetsHistory" call. 2246// Exactly one of *BatchGetAssetsHistoryResponse or error will be 2247// non-nil. Any non-2xx status code is an error. Response headers are in 2248// either *BatchGetAssetsHistoryResponse.ServerResponse.Header or (if a 2249// response was returned at all) in error.(*googleapi.Error).Header. Use 2250// googleapi.IsNotModified to check whether the returned error was 2251// because http.StatusNotModified was returned. 2252func (c *OrganizationsBatchGetAssetsHistoryCall) Do(opts ...googleapi.CallOption) (*BatchGetAssetsHistoryResponse, error) { 2253 gensupport.SetOptions(c.urlParams_, opts...) 2254 res, err := c.doRequest("json") 2255 if res != nil && res.StatusCode == http.StatusNotModified { 2256 if res.Body != nil { 2257 res.Body.Close() 2258 } 2259 return nil, &googleapi.Error{ 2260 Code: res.StatusCode, 2261 Header: res.Header, 2262 } 2263 } 2264 if err != nil { 2265 return nil, err 2266 } 2267 defer googleapi.CloseBody(res) 2268 if err := googleapi.CheckResponse(res); err != nil { 2269 return nil, err 2270 } 2271 ret := &BatchGetAssetsHistoryResponse{ 2272 ServerResponse: googleapi.ServerResponse{ 2273 Header: res.Header, 2274 HTTPStatusCode: res.StatusCode, 2275 }, 2276 } 2277 target := &ret 2278 if err := gensupport.DecodeResponse(target, res); err != nil { 2279 return nil, err 2280 } 2281 return ret, nil 2282 // { 2283 // "description": "Batch gets the update history of assets that overlap a time window. For IAM_POLICY content, this API outputs history when the asset and its attached IAM POLICY both exist. This can create gaps in the output history. Otherwise, this API outputs history with asset in both non-delete or deleted status. If a specified asset does not exist, this API returns an INVALID_ARGUMENT error.", 2284 // "flatPath": "v1beta1/organizations/{organizationsId}:batchGetAssetsHistory", 2285 // "httpMethod": "GET", 2286 // "id": "cloudasset.organizations.batchGetAssetsHistory", 2287 // "parameterOrder": [ 2288 // "parent" 2289 // ], 2290 // "parameters": { 2291 // "assetNames": { 2292 // "description": "A list of the full names of the assets. For example: `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. See [Resource Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) for more info. The request becomes a no-op if the asset name list is empty, and the max size of the asset name list is 100 in one request.", 2293 // "location": "query", 2294 // "repeated": true, 2295 // "type": "string" 2296 // }, 2297 // "contentType": { 2298 // "description": "Optional. The content type.", 2299 // "enum": [ 2300 // "CONTENT_TYPE_UNSPECIFIED", 2301 // "RESOURCE", 2302 // "IAM_POLICY" 2303 // ], 2304 // "enumDescriptions": [ 2305 // "Unspecified content type.", 2306 // "Resource metadata.", 2307 // "The actual IAM policy set on a resource." 2308 // ], 2309 // "location": "query", 2310 // "type": "string" 2311 // }, 2312 // "parent": { 2313 // "description": "Required. The relative name of the root asset. It can only be an organization number (such as \"organizations/123\"), a project ID (such as \"projects/my-project-id\")\", or a project number (such as \"projects/12345\").", 2314 // "location": "path", 2315 // "pattern": "^organizations/[^/]+$", 2316 // "required": true, 2317 // "type": "string" 2318 // }, 2319 // "readTimeWindow.endTime": { 2320 // "description": "End time of the time window (inclusive). If not specified, the current timestamp is used instead.", 2321 // "format": "google-datetime", 2322 // "location": "query", 2323 // "type": "string" 2324 // }, 2325 // "readTimeWindow.startTime": { 2326 // "description": "Start time of the time window (exclusive).", 2327 // "format": "google-datetime", 2328 // "location": "query", 2329 // "type": "string" 2330 // } 2331 // }, 2332 // "path": "v1beta1/{+parent}:batchGetAssetsHistory", 2333 // "response": { 2334 // "$ref": "BatchGetAssetsHistoryResponse" 2335 // }, 2336 // "scopes": [ 2337 // "https://www.googleapis.com/auth/cloud-platform" 2338 // ] 2339 // } 2340 2341} 2342 2343// method id "cloudasset.organizations.exportAssets": 2344 2345type OrganizationsExportAssetsCall struct { 2346 s *Service 2347 parent string 2348 exportassetsrequest *ExportAssetsRequest 2349 urlParams_ gensupport.URLParams 2350 ctx_ context.Context 2351 header_ http.Header 2352} 2353 2354// ExportAssets: Exports assets with time and resource types to a given 2355// Cloud Storage location. The output format is newline-delimited JSON. 2356// This API implements the google.longrunning.Operation API allowing you 2357// to keep track of the export. We recommend intervals of at least 2 2358// seconds with exponential retry to poll the export operation result. 2359// For regular-size resource parent, the export operation usually 2360// finishes within 5 minutes. 2361func (r *OrganizationsService) ExportAssets(parent string, exportassetsrequest *ExportAssetsRequest) *OrganizationsExportAssetsCall { 2362 c := &OrganizationsExportAssetsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2363 c.parent = parent 2364 c.exportassetsrequest = exportassetsrequest 2365 return c 2366} 2367 2368// Fields allows partial responses to be retrieved. See 2369// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2370// for more information. 2371func (c *OrganizationsExportAssetsCall) Fields(s ...googleapi.Field) *OrganizationsExportAssetsCall { 2372 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2373 return c 2374} 2375 2376// Context sets the context to be used in this call's Do method. Any 2377// pending HTTP request will be aborted if the provided context is 2378// canceled. 2379func (c *OrganizationsExportAssetsCall) Context(ctx context.Context) *OrganizationsExportAssetsCall { 2380 c.ctx_ = ctx 2381 return c 2382} 2383 2384// Header returns an http.Header that can be modified by the caller to 2385// add HTTP headers to the request. 2386func (c *OrganizationsExportAssetsCall) Header() http.Header { 2387 if c.header_ == nil { 2388 c.header_ = make(http.Header) 2389 } 2390 return c.header_ 2391} 2392 2393func (c *OrganizationsExportAssetsCall) doRequest(alt string) (*http.Response, error) { 2394 reqHeaders := make(http.Header) 2395 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20201124") 2396 for k, v := range c.header_ { 2397 reqHeaders[k] = v 2398 } 2399 reqHeaders.Set("User-Agent", c.s.userAgent()) 2400 var body io.Reader = nil 2401 body, err := googleapi.WithoutDataWrapper.JSONReader(c.exportassetsrequest) 2402 if err != nil { 2403 return nil, err 2404 } 2405 reqHeaders.Set("Content-Type", "application/json") 2406 c.urlParams_.Set("alt", alt) 2407 c.urlParams_.Set("prettyPrint", "false") 2408 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}:exportAssets") 2409 urls += "?" + c.urlParams_.Encode() 2410 req, err := http.NewRequest("POST", urls, body) 2411 if err != nil { 2412 return nil, err 2413 } 2414 req.Header = reqHeaders 2415 googleapi.Expand(req.URL, map[string]string{ 2416 "parent": c.parent, 2417 }) 2418 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2419} 2420 2421// Do executes the "cloudasset.organizations.exportAssets" call. 2422// Exactly one of *Operation or error will be non-nil. Any non-2xx 2423// status code is an error. Response headers are in either 2424// *Operation.ServerResponse.Header or (if a response was returned at 2425// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 2426// to check whether the returned error was because 2427// http.StatusNotModified was returned. 2428func (c *OrganizationsExportAssetsCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 2429 gensupport.SetOptions(c.urlParams_, opts...) 2430 res, err := c.doRequest("json") 2431 if res != nil && res.StatusCode == http.StatusNotModified { 2432 if res.Body != nil { 2433 res.Body.Close() 2434 } 2435 return nil, &googleapi.Error{ 2436 Code: res.StatusCode, 2437 Header: res.Header, 2438 } 2439 } 2440 if err != nil { 2441 return nil, err 2442 } 2443 defer googleapi.CloseBody(res) 2444 if err := googleapi.CheckResponse(res); err != nil { 2445 return nil, err 2446 } 2447 ret := &Operation{ 2448 ServerResponse: googleapi.ServerResponse{ 2449 Header: res.Header, 2450 HTTPStatusCode: res.StatusCode, 2451 }, 2452 } 2453 target := &ret 2454 if err := gensupport.DecodeResponse(target, res); err != nil { 2455 return nil, err 2456 } 2457 return ret, nil 2458 // { 2459 // "description": "Exports assets with time and resource types to a given Cloud Storage location. The output format is newline-delimited JSON. This API implements the google.longrunning.Operation API allowing you to keep track of the export. We recommend intervals of at least 2 seconds with exponential retry to poll the export operation result. For regular-size resource parent, the export operation usually finishes within 5 minutes.", 2460 // "flatPath": "v1beta1/organizations/{organizationsId}:exportAssets", 2461 // "httpMethod": "POST", 2462 // "id": "cloudasset.organizations.exportAssets", 2463 // "parameterOrder": [ 2464 // "parent" 2465 // ], 2466 // "parameters": { 2467 // "parent": { 2468 // "description": "Required. The relative name of the root asset. This can only be an organization number (such as \"organizations/123\"), a project ID (such as \"projects/my-project-id\"), a project number (such as \"projects/12345\"), or a folder number (such as \"folders/123\").", 2469 // "location": "path", 2470 // "pattern": "^organizations/[^/]+$", 2471 // "required": true, 2472 // "type": "string" 2473 // } 2474 // }, 2475 // "path": "v1beta1/{+parent}:exportAssets", 2476 // "request": { 2477 // "$ref": "ExportAssetsRequest" 2478 // }, 2479 // "response": { 2480 // "$ref": "Operation" 2481 // }, 2482 // "scopes": [ 2483 // "https://www.googleapis.com/auth/cloud-platform" 2484 // ] 2485 // } 2486 2487} 2488 2489// method id "cloudasset.organizations.operations.get": 2490 2491type OrganizationsOperationsGetCall struct { 2492 s *Service 2493 name string 2494 urlParams_ gensupport.URLParams 2495 ifNoneMatch_ string 2496 ctx_ context.Context 2497 header_ http.Header 2498} 2499 2500// Get: Gets the latest state of a long-running operation. Clients can 2501// use this method to poll the operation result at intervals as 2502// recommended by the API service. 2503func (r *OrganizationsOperationsService) Get(name string) *OrganizationsOperationsGetCall { 2504 c := &OrganizationsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2505 c.name = name 2506 return c 2507} 2508 2509// Fields allows partial responses to be retrieved. See 2510// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2511// for more information. 2512func (c *OrganizationsOperationsGetCall) Fields(s ...googleapi.Field) *OrganizationsOperationsGetCall { 2513 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2514 return c 2515} 2516 2517// IfNoneMatch sets the optional parameter which makes the operation 2518// fail if the object's ETag matches the given value. This is useful for 2519// getting updates only after the object has changed since the last 2520// request. Use googleapi.IsNotModified to check whether the response 2521// error from Do is the result of In-None-Match. 2522func (c *OrganizationsOperationsGetCall) IfNoneMatch(entityTag string) *OrganizationsOperationsGetCall { 2523 c.ifNoneMatch_ = entityTag 2524 return c 2525} 2526 2527// Context sets the context to be used in this call's Do method. Any 2528// pending HTTP request will be aborted if the provided context is 2529// canceled. 2530func (c *OrganizationsOperationsGetCall) Context(ctx context.Context) *OrganizationsOperationsGetCall { 2531 c.ctx_ = ctx 2532 return c 2533} 2534 2535// Header returns an http.Header that can be modified by the caller to 2536// add HTTP headers to the request. 2537func (c *OrganizationsOperationsGetCall) Header() http.Header { 2538 if c.header_ == nil { 2539 c.header_ = make(http.Header) 2540 } 2541 return c.header_ 2542} 2543 2544func (c *OrganizationsOperationsGetCall) doRequest(alt string) (*http.Response, error) { 2545 reqHeaders := make(http.Header) 2546 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20201124") 2547 for k, v := range c.header_ { 2548 reqHeaders[k] = v 2549 } 2550 reqHeaders.Set("User-Agent", c.s.userAgent()) 2551 if c.ifNoneMatch_ != "" { 2552 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 2553 } 2554 var body io.Reader = nil 2555 c.urlParams_.Set("alt", alt) 2556 c.urlParams_.Set("prettyPrint", "false") 2557 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}") 2558 urls += "?" + c.urlParams_.Encode() 2559 req, err := http.NewRequest("GET", urls, body) 2560 if err != nil { 2561 return nil, err 2562 } 2563 req.Header = reqHeaders 2564 googleapi.Expand(req.URL, map[string]string{ 2565 "name": c.name, 2566 }) 2567 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2568} 2569 2570// Do executes the "cloudasset.organizations.operations.get" call. 2571// Exactly one of *Operation or error will be non-nil. Any non-2xx 2572// status code is an error. Response headers are in either 2573// *Operation.ServerResponse.Header or (if a response was returned at 2574// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 2575// to check whether the returned error was because 2576// http.StatusNotModified was returned. 2577func (c *OrganizationsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 2578 gensupport.SetOptions(c.urlParams_, opts...) 2579 res, err := c.doRequest("json") 2580 if res != nil && res.StatusCode == http.StatusNotModified { 2581 if res.Body != nil { 2582 res.Body.Close() 2583 } 2584 return nil, &googleapi.Error{ 2585 Code: res.StatusCode, 2586 Header: res.Header, 2587 } 2588 } 2589 if err != nil { 2590 return nil, err 2591 } 2592 defer googleapi.CloseBody(res) 2593 if err := googleapi.CheckResponse(res); err != nil { 2594 return nil, err 2595 } 2596 ret := &Operation{ 2597 ServerResponse: googleapi.ServerResponse{ 2598 Header: res.Header, 2599 HTTPStatusCode: res.StatusCode, 2600 }, 2601 } 2602 target := &ret 2603 if err := gensupport.DecodeResponse(target, res); err != nil { 2604 return nil, err 2605 } 2606 return ret, nil 2607 // { 2608 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 2609 // "flatPath": "v1beta1/organizations/{organizationsId}/operations/{operationsId}/{operationsId1}", 2610 // "httpMethod": "GET", 2611 // "id": "cloudasset.organizations.operations.get", 2612 // "parameterOrder": [ 2613 // "name" 2614 // ], 2615 // "parameters": { 2616 // "name": { 2617 // "description": "The name of the operation resource.", 2618 // "location": "path", 2619 // "pattern": "^organizations/[^/]+/operations/[^/]+/.*$", 2620 // "required": true, 2621 // "type": "string" 2622 // } 2623 // }, 2624 // "path": "v1beta1/{+name}", 2625 // "response": { 2626 // "$ref": "Operation" 2627 // }, 2628 // "scopes": [ 2629 // "https://www.googleapis.com/auth/cloud-platform" 2630 // ] 2631 // } 2632 2633} 2634 2635// method id "cloudasset.projects.batchGetAssetsHistory": 2636 2637type ProjectsBatchGetAssetsHistoryCall struct { 2638 s *Service 2639 parent string 2640 urlParams_ gensupport.URLParams 2641 ifNoneMatch_ string 2642 ctx_ context.Context 2643 header_ http.Header 2644} 2645 2646// BatchGetAssetsHistory: Batch gets the update history of assets that 2647// overlap a time window. For IAM_POLICY content, this API outputs 2648// history when the asset and its attached IAM POLICY both exist. This 2649// can create gaps in the output history. Otherwise, this API outputs 2650// history with asset in both non-delete or deleted status. If a 2651// specified asset does not exist, this API returns an INVALID_ARGUMENT 2652// error. 2653func (r *ProjectsService) BatchGetAssetsHistory(parent string) *ProjectsBatchGetAssetsHistoryCall { 2654 c := &ProjectsBatchGetAssetsHistoryCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2655 c.parent = parent 2656 return c 2657} 2658 2659// AssetNames sets the optional parameter "assetNames": A list of the 2660// full names of the assets. For example: 2661// `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 2662// s/instance1`. See [Resource 2663// Names](https://cloud.google.com/apis/design/resource_names#full_resour 2664// ce_name) for more info. The request becomes a no-op if the asset name 2665// list is empty, and the max size of the asset name list is 100 in one 2666// request. 2667func (c *ProjectsBatchGetAssetsHistoryCall) AssetNames(assetNames ...string) *ProjectsBatchGetAssetsHistoryCall { 2668 c.urlParams_.SetMulti("assetNames", append([]string{}, assetNames...)) 2669 return c 2670} 2671 2672// ContentType sets the optional parameter "contentType": The content 2673// type. 2674// 2675// Possible values: 2676// "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. 2677// "RESOURCE" - Resource metadata. 2678// "IAM_POLICY" - The actual IAM policy set on a resource. 2679func (c *ProjectsBatchGetAssetsHistoryCall) ContentType(contentType string) *ProjectsBatchGetAssetsHistoryCall { 2680 c.urlParams_.Set("contentType", contentType) 2681 return c 2682} 2683 2684// ReadTimeWindowEndTime sets the optional parameter 2685// "readTimeWindow.endTime": End time of the time window (inclusive). If 2686// not specified, the current timestamp is used instead. 2687func (c *ProjectsBatchGetAssetsHistoryCall) ReadTimeWindowEndTime(readTimeWindowEndTime string) *ProjectsBatchGetAssetsHistoryCall { 2688 c.urlParams_.Set("readTimeWindow.endTime", readTimeWindowEndTime) 2689 return c 2690} 2691 2692// ReadTimeWindowStartTime sets the optional parameter 2693// "readTimeWindow.startTime": Start time of the time window 2694// (exclusive). 2695func (c *ProjectsBatchGetAssetsHistoryCall) ReadTimeWindowStartTime(readTimeWindowStartTime string) *ProjectsBatchGetAssetsHistoryCall { 2696 c.urlParams_.Set("readTimeWindow.startTime", readTimeWindowStartTime) 2697 return c 2698} 2699 2700// Fields allows partial responses to be retrieved. See 2701// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2702// for more information. 2703func (c *ProjectsBatchGetAssetsHistoryCall) Fields(s ...googleapi.Field) *ProjectsBatchGetAssetsHistoryCall { 2704 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2705 return c 2706} 2707 2708// IfNoneMatch sets the optional parameter which makes the operation 2709// fail if the object's ETag matches the given value. This is useful for 2710// getting updates only after the object has changed since the last 2711// request. Use googleapi.IsNotModified to check whether the response 2712// error from Do is the result of In-None-Match. 2713func (c *ProjectsBatchGetAssetsHistoryCall) IfNoneMatch(entityTag string) *ProjectsBatchGetAssetsHistoryCall { 2714 c.ifNoneMatch_ = entityTag 2715 return c 2716} 2717 2718// Context sets the context to be used in this call's Do method. Any 2719// pending HTTP request will be aborted if the provided context is 2720// canceled. 2721func (c *ProjectsBatchGetAssetsHistoryCall) Context(ctx context.Context) *ProjectsBatchGetAssetsHistoryCall { 2722 c.ctx_ = ctx 2723 return c 2724} 2725 2726// Header returns an http.Header that can be modified by the caller to 2727// add HTTP headers to the request. 2728func (c *ProjectsBatchGetAssetsHistoryCall) Header() http.Header { 2729 if c.header_ == nil { 2730 c.header_ = make(http.Header) 2731 } 2732 return c.header_ 2733} 2734 2735func (c *ProjectsBatchGetAssetsHistoryCall) doRequest(alt string) (*http.Response, error) { 2736 reqHeaders := make(http.Header) 2737 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20201124") 2738 for k, v := range c.header_ { 2739 reqHeaders[k] = v 2740 } 2741 reqHeaders.Set("User-Agent", c.s.userAgent()) 2742 if c.ifNoneMatch_ != "" { 2743 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 2744 } 2745 var body io.Reader = nil 2746 c.urlParams_.Set("alt", alt) 2747 c.urlParams_.Set("prettyPrint", "false") 2748 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}:batchGetAssetsHistory") 2749 urls += "?" + c.urlParams_.Encode() 2750 req, err := http.NewRequest("GET", urls, body) 2751 if err != nil { 2752 return nil, err 2753 } 2754 req.Header = reqHeaders 2755 googleapi.Expand(req.URL, map[string]string{ 2756 "parent": c.parent, 2757 }) 2758 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2759} 2760 2761// Do executes the "cloudasset.projects.batchGetAssetsHistory" call. 2762// Exactly one of *BatchGetAssetsHistoryResponse or error will be 2763// non-nil. Any non-2xx status code is an error. Response headers are in 2764// either *BatchGetAssetsHistoryResponse.ServerResponse.Header or (if a 2765// response was returned at all) in error.(*googleapi.Error).Header. Use 2766// googleapi.IsNotModified to check whether the returned error was 2767// because http.StatusNotModified was returned. 2768func (c *ProjectsBatchGetAssetsHistoryCall) Do(opts ...googleapi.CallOption) (*BatchGetAssetsHistoryResponse, error) { 2769 gensupport.SetOptions(c.urlParams_, opts...) 2770 res, err := c.doRequest("json") 2771 if res != nil && res.StatusCode == http.StatusNotModified { 2772 if res.Body != nil { 2773 res.Body.Close() 2774 } 2775 return nil, &googleapi.Error{ 2776 Code: res.StatusCode, 2777 Header: res.Header, 2778 } 2779 } 2780 if err != nil { 2781 return nil, err 2782 } 2783 defer googleapi.CloseBody(res) 2784 if err := googleapi.CheckResponse(res); err != nil { 2785 return nil, err 2786 } 2787 ret := &BatchGetAssetsHistoryResponse{ 2788 ServerResponse: googleapi.ServerResponse{ 2789 Header: res.Header, 2790 HTTPStatusCode: res.StatusCode, 2791 }, 2792 } 2793 target := &ret 2794 if err := gensupport.DecodeResponse(target, res); err != nil { 2795 return nil, err 2796 } 2797 return ret, nil 2798 // { 2799 // "description": "Batch gets the update history of assets that overlap a time window. For IAM_POLICY content, this API outputs history when the asset and its attached IAM POLICY both exist. This can create gaps in the output history. Otherwise, this API outputs history with asset in both non-delete or deleted status. If a specified asset does not exist, this API returns an INVALID_ARGUMENT error.", 2800 // "flatPath": "v1beta1/projects/{projectsId}:batchGetAssetsHistory", 2801 // "httpMethod": "GET", 2802 // "id": "cloudasset.projects.batchGetAssetsHistory", 2803 // "parameterOrder": [ 2804 // "parent" 2805 // ], 2806 // "parameters": { 2807 // "assetNames": { 2808 // "description": "A list of the full names of the assets. For example: `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. See [Resource Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) for more info. The request becomes a no-op if the asset name list is empty, and the max size of the asset name list is 100 in one request.", 2809 // "location": "query", 2810 // "repeated": true, 2811 // "type": "string" 2812 // }, 2813 // "contentType": { 2814 // "description": "Optional. The content type.", 2815 // "enum": [ 2816 // "CONTENT_TYPE_UNSPECIFIED", 2817 // "RESOURCE", 2818 // "IAM_POLICY" 2819 // ], 2820 // "enumDescriptions": [ 2821 // "Unspecified content type.", 2822 // "Resource metadata.", 2823 // "The actual IAM policy set on a resource." 2824 // ], 2825 // "location": "query", 2826 // "type": "string" 2827 // }, 2828 // "parent": { 2829 // "description": "Required. The relative name of the root asset. It can only be an organization number (such as \"organizations/123\"), a project ID (such as \"projects/my-project-id\")\", or a project number (such as \"projects/12345\").", 2830 // "location": "path", 2831 // "pattern": "^projects/[^/]+$", 2832 // "required": true, 2833 // "type": "string" 2834 // }, 2835 // "readTimeWindow.endTime": { 2836 // "description": "End time of the time window (inclusive). If not specified, the current timestamp is used instead.", 2837 // "format": "google-datetime", 2838 // "location": "query", 2839 // "type": "string" 2840 // }, 2841 // "readTimeWindow.startTime": { 2842 // "description": "Start time of the time window (exclusive).", 2843 // "format": "google-datetime", 2844 // "location": "query", 2845 // "type": "string" 2846 // } 2847 // }, 2848 // "path": "v1beta1/{+parent}:batchGetAssetsHistory", 2849 // "response": { 2850 // "$ref": "BatchGetAssetsHistoryResponse" 2851 // }, 2852 // "scopes": [ 2853 // "https://www.googleapis.com/auth/cloud-platform" 2854 // ] 2855 // } 2856 2857} 2858 2859// method id "cloudasset.projects.exportAssets": 2860 2861type ProjectsExportAssetsCall struct { 2862 s *Service 2863 parent string 2864 exportassetsrequest *ExportAssetsRequest 2865 urlParams_ gensupport.URLParams 2866 ctx_ context.Context 2867 header_ http.Header 2868} 2869 2870// ExportAssets: Exports assets with time and resource types to a given 2871// Cloud Storage location. The output format is newline-delimited JSON. 2872// This API implements the google.longrunning.Operation API allowing you 2873// to keep track of the export. We recommend intervals of at least 2 2874// seconds with exponential retry to poll the export operation result. 2875// For regular-size resource parent, the export operation usually 2876// finishes within 5 minutes. 2877func (r *ProjectsService) ExportAssets(parent string, exportassetsrequest *ExportAssetsRequest) *ProjectsExportAssetsCall { 2878 c := &ProjectsExportAssetsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2879 c.parent = parent 2880 c.exportassetsrequest = exportassetsrequest 2881 return c 2882} 2883 2884// Fields allows partial responses to be retrieved. See 2885// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2886// for more information. 2887func (c *ProjectsExportAssetsCall) Fields(s ...googleapi.Field) *ProjectsExportAssetsCall { 2888 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2889 return c 2890} 2891 2892// Context sets the context to be used in this call's Do method. Any 2893// pending HTTP request will be aborted if the provided context is 2894// canceled. 2895func (c *ProjectsExportAssetsCall) Context(ctx context.Context) *ProjectsExportAssetsCall { 2896 c.ctx_ = ctx 2897 return c 2898} 2899 2900// Header returns an http.Header that can be modified by the caller to 2901// add HTTP headers to the request. 2902func (c *ProjectsExportAssetsCall) Header() http.Header { 2903 if c.header_ == nil { 2904 c.header_ = make(http.Header) 2905 } 2906 return c.header_ 2907} 2908 2909func (c *ProjectsExportAssetsCall) doRequest(alt string) (*http.Response, error) { 2910 reqHeaders := make(http.Header) 2911 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20201124") 2912 for k, v := range c.header_ { 2913 reqHeaders[k] = v 2914 } 2915 reqHeaders.Set("User-Agent", c.s.userAgent()) 2916 var body io.Reader = nil 2917 body, err := googleapi.WithoutDataWrapper.JSONReader(c.exportassetsrequest) 2918 if err != nil { 2919 return nil, err 2920 } 2921 reqHeaders.Set("Content-Type", "application/json") 2922 c.urlParams_.Set("alt", alt) 2923 c.urlParams_.Set("prettyPrint", "false") 2924 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+parent}:exportAssets") 2925 urls += "?" + c.urlParams_.Encode() 2926 req, err := http.NewRequest("POST", urls, body) 2927 if err != nil { 2928 return nil, err 2929 } 2930 req.Header = reqHeaders 2931 googleapi.Expand(req.URL, map[string]string{ 2932 "parent": c.parent, 2933 }) 2934 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2935} 2936 2937// Do executes the "cloudasset.projects.exportAssets" call. 2938// Exactly one of *Operation or error will be non-nil. Any non-2xx 2939// status code is an error. Response headers are in either 2940// *Operation.ServerResponse.Header or (if a response was returned at 2941// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 2942// to check whether the returned error was because 2943// http.StatusNotModified was returned. 2944func (c *ProjectsExportAssetsCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 2945 gensupport.SetOptions(c.urlParams_, opts...) 2946 res, err := c.doRequest("json") 2947 if res != nil && res.StatusCode == http.StatusNotModified { 2948 if res.Body != nil { 2949 res.Body.Close() 2950 } 2951 return nil, &googleapi.Error{ 2952 Code: res.StatusCode, 2953 Header: res.Header, 2954 } 2955 } 2956 if err != nil { 2957 return nil, err 2958 } 2959 defer googleapi.CloseBody(res) 2960 if err := googleapi.CheckResponse(res); err != nil { 2961 return nil, err 2962 } 2963 ret := &Operation{ 2964 ServerResponse: googleapi.ServerResponse{ 2965 Header: res.Header, 2966 HTTPStatusCode: res.StatusCode, 2967 }, 2968 } 2969 target := &ret 2970 if err := gensupport.DecodeResponse(target, res); err != nil { 2971 return nil, err 2972 } 2973 return ret, nil 2974 // { 2975 // "description": "Exports assets with time and resource types to a given Cloud Storage location. The output format is newline-delimited JSON. This API implements the google.longrunning.Operation API allowing you to keep track of the export. We recommend intervals of at least 2 seconds with exponential retry to poll the export operation result. For regular-size resource parent, the export operation usually finishes within 5 minutes.", 2976 // "flatPath": "v1beta1/projects/{projectsId}:exportAssets", 2977 // "httpMethod": "POST", 2978 // "id": "cloudasset.projects.exportAssets", 2979 // "parameterOrder": [ 2980 // "parent" 2981 // ], 2982 // "parameters": { 2983 // "parent": { 2984 // "description": "Required. The relative name of the root asset. This can only be an organization number (such as \"organizations/123\"), a project ID (such as \"projects/my-project-id\"), a project number (such as \"projects/12345\"), or a folder number (such as \"folders/123\").", 2985 // "location": "path", 2986 // "pattern": "^projects/[^/]+$", 2987 // "required": true, 2988 // "type": "string" 2989 // } 2990 // }, 2991 // "path": "v1beta1/{+parent}:exportAssets", 2992 // "request": { 2993 // "$ref": "ExportAssetsRequest" 2994 // }, 2995 // "response": { 2996 // "$ref": "Operation" 2997 // }, 2998 // "scopes": [ 2999 // "https://www.googleapis.com/auth/cloud-platform" 3000 // ] 3001 // } 3002 3003} 3004 3005// method id "cloudasset.projects.operations.get": 3006 3007type ProjectsOperationsGetCall struct { 3008 s *Service 3009 name string 3010 urlParams_ gensupport.URLParams 3011 ifNoneMatch_ string 3012 ctx_ context.Context 3013 header_ http.Header 3014} 3015 3016// Get: Gets the latest state of a long-running operation. Clients can 3017// use this method to poll the operation result at intervals as 3018// recommended by the API service. 3019func (r *ProjectsOperationsService) Get(name string) *ProjectsOperationsGetCall { 3020 c := &ProjectsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3021 c.name = name 3022 return c 3023} 3024 3025// Fields allows partial responses to be retrieved. See 3026// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3027// for more information. 3028func (c *ProjectsOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsOperationsGetCall { 3029 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3030 return c 3031} 3032 3033// IfNoneMatch sets the optional parameter which makes the operation 3034// fail if the object's ETag matches the given value. This is useful for 3035// getting updates only after the object has changed since the last 3036// request. Use googleapi.IsNotModified to check whether the response 3037// error from Do is the result of In-None-Match. 3038func (c *ProjectsOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsOperationsGetCall { 3039 c.ifNoneMatch_ = entityTag 3040 return c 3041} 3042 3043// Context sets the context to be used in this call's Do method. Any 3044// pending HTTP request will be aborted if the provided context is 3045// canceled. 3046func (c *ProjectsOperationsGetCall) Context(ctx context.Context) *ProjectsOperationsGetCall { 3047 c.ctx_ = ctx 3048 return c 3049} 3050 3051// Header returns an http.Header that can be modified by the caller to 3052// add HTTP headers to the request. 3053func (c *ProjectsOperationsGetCall) Header() http.Header { 3054 if c.header_ == nil { 3055 c.header_ = make(http.Header) 3056 } 3057 return c.header_ 3058} 3059 3060func (c *ProjectsOperationsGetCall) doRequest(alt string) (*http.Response, error) { 3061 reqHeaders := make(http.Header) 3062 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20201124") 3063 for k, v := range c.header_ { 3064 reqHeaders[k] = v 3065 } 3066 reqHeaders.Set("User-Agent", c.s.userAgent()) 3067 if c.ifNoneMatch_ != "" { 3068 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3069 } 3070 var body io.Reader = nil 3071 c.urlParams_.Set("alt", alt) 3072 c.urlParams_.Set("prettyPrint", "false") 3073 urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+name}") 3074 urls += "?" + c.urlParams_.Encode() 3075 req, err := http.NewRequest("GET", urls, body) 3076 if err != nil { 3077 return nil, err 3078 } 3079 req.Header = reqHeaders 3080 googleapi.Expand(req.URL, map[string]string{ 3081 "name": c.name, 3082 }) 3083 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3084} 3085 3086// Do executes the "cloudasset.projects.operations.get" call. 3087// Exactly one of *Operation or error will be non-nil. Any non-2xx 3088// status code is an error. Response headers are in either 3089// *Operation.ServerResponse.Header or (if a response was returned at 3090// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 3091// to check whether the returned error was because 3092// http.StatusNotModified was returned. 3093func (c *ProjectsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 3094 gensupport.SetOptions(c.urlParams_, opts...) 3095 res, err := c.doRequest("json") 3096 if res != nil && res.StatusCode == http.StatusNotModified { 3097 if res.Body != nil { 3098 res.Body.Close() 3099 } 3100 return nil, &googleapi.Error{ 3101 Code: res.StatusCode, 3102 Header: res.Header, 3103 } 3104 } 3105 if err != nil { 3106 return nil, err 3107 } 3108 defer googleapi.CloseBody(res) 3109 if err := googleapi.CheckResponse(res); err != nil { 3110 return nil, err 3111 } 3112 ret := &Operation{ 3113 ServerResponse: googleapi.ServerResponse{ 3114 Header: res.Header, 3115 HTTPStatusCode: res.StatusCode, 3116 }, 3117 } 3118 target := &ret 3119 if err := gensupport.DecodeResponse(target, res); err != nil { 3120 return nil, err 3121 } 3122 return ret, nil 3123 // { 3124 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 3125 // "flatPath": "v1beta1/projects/{projectsId}/operations/{operationsId}/{operationsId1}", 3126 // "httpMethod": "GET", 3127 // "id": "cloudasset.projects.operations.get", 3128 // "parameterOrder": [ 3129 // "name" 3130 // ], 3131 // "parameters": { 3132 // "name": { 3133 // "description": "The name of the operation resource.", 3134 // "location": "path", 3135 // "pattern": "^projects/[^/]+/operations/[^/]+/.*$", 3136 // "required": true, 3137 // "type": "string" 3138 // } 3139 // }, 3140 // "path": "v1beta1/{+name}", 3141 // "response": { 3142 // "$ref": "Operation" 3143 // }, 3144 // "scopes": [ 3145 // "https://www.googleapis.com/auth/cloud-platform" 3146 // ] 3147 // } 3148 3149} 3150