1// Copyright 2021 Google LLC. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5// Code generated file. DO NOT EDIT. 6 7// Package iam provides access to the Identity and Access Management (IAM) API. 8// 9// For product documentation, see: https://cloud.google.com/iam/ 10// 11// Creating a client 12// 13// Usage example: 14// 15// import "google.golang.org/api/iam/v1" 16// ... 17// ctx := context.Background() 18// iamService, err := iam.NewService(ctx) 19// 20// In this example, Google Application Default Credentials are used for authentication. 21// 22// For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials. 23// 24// Other authentication options 25// 26// To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey: 27// 28// iamService, err := iam.NewService(ctx, option.WithAPIKey("AIza...")) 29// 30// To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource: 31// 32// config := &oauth2.Config{...} 33// // ... 34// token, err := config.Exchange(ctx, ...) 35// iamService, err := iam.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token))) 36// 37// See https://godoc.org/google.golang.org/api/option/ for details on options. 38package iam // import "google.golang.org/api/iam/v1" 39 40import ( 41 "bytes" 42 "context" 43 "encoding/json" 44 "errors" 45 "fmt" 46 "io" 47 "net/http" 48 "net/url" 49 "strconv" 50 "strings" 51 52 googleapi "google.golang.org/api/googleapi" 53 gensupport "google.golang.org/api/internal/gensupport" 54 option "google.golang.org/api/option" 55 internaloption "google.golang.org/api/option/internaloption" 56 htransport "google.golang.org/api/transport/http" 57) 58 59// Always reference these packages, just in case the auto-generated code 60// below doesn't. 61var _ = bytes.NewBuffer 62var _ = strconv.Itoa 63var _ = fmt.Sprintf 64var _ = json.NewDecoder 65var _ = io.Copy 66var _ = url.Parse 67var _ = gensupport.MarshalJSON 68var _ = googleapi.Version 69var _ = errors.New 70var _ = strings.Replace 71var _ = context.Canceled 72var _ = internaloption.WithDefaultEndpoint 73 74const apiId = "iam:v1" 75const apiName = "iam" 76const apiVersion = "v1" 77const basePath = "https://iam.googleapis.com/" 78const mtlsBasePath = "https://iam.mtls.googleapis.com/" 79 80// OAuth2 scopes used by this API. 81const ( 82 // See, edit, configure, and delete your Google Cloud data and see the 83 // email address for your Google Account. 84 CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform" 85) 86 87// NewService creates a new Service. 88func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) { 89 scopesOption := option.WithScopes( 90 "https://www.googleapis.com/auth/cloud-platform", 91 ) 92 // NOTE: prepend, so we don't override user-specified scopes. 93 opts = append([]option.ClientOption{scopesOption}, opts...) 94 opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) 95 opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) 96 client, endpoint, err := htransport.NewClient(ctx, opts...) 97 if err != nil { 98 return nil, err 99 } 100 s, err := New(client) 101 if err != nil { 102 return nil, err 103 } 104 if endpoint != "" { 105 s.BasePath = endpoint 106 } 107 return s, nil 108} 109 110// New creates a new Service. It uses the provided http.Client for requests. 111// 112// Deprecated: please use NewService instead. 113// To provide a custom HTTP client, use option.WithHTTPClient. 114// If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead. 115func New(client *http.Client) (*Service, error) { 116 if client == nil { 117 return nil, errors.New("client is nil") 118 } 119 s := &Service{client: client, BasePath: basePath} 120 s.IamPolicies = NewIamPoliciesService(s) 121 s.Locations = NewLocationsService(s) 122 s.Organizations = NewOrganizationsService(s) 123 s.Permissions = NewPermissionsService(s) 124 s.Projects = NewProjectsService(s) 125 s.Roles = NewRolesService(s) 126 return s, nil 127} 128 129type Service struct { 130 client *http.Client 131 BasePath string // API endpoint base URL 132 UserAgent string // optional additional User-Agent fragment 133 134 IamPolicies *IamPoliciesService 135 136 Locations *LocationsService 137 138 Organizations *OrganizationsService 139 140 Permissions *PermissionsService 141 142 Projects *ProjectsService 143 144 Roles *RolesService 145} 146 147func (s *Service) userAgent() string { 148 if s.UserAgent == "" { 149 return googleapi.UserAgent 150 } 151 return googleapi.UserAgent + " " + s.UserAgent 152} 153 154func NewIamPoliciesService(s *Service) *IamPoliciesService { 155 rs := &IamPoliciesService{s: s} 156 return rs 157} 158 159type IamPoliciesService struct { 160 s *Service 161} 162 163func NewLocationsService(s *Service) *LocationsService { 164 rs := &LocationsService{s: s} 165 rs.WorkforcePools = NewLocationsWorkforcePoolsService(s) 166 return rs 167} 168 169type LocationsService struct { 170 s *Service 171 172 WorkforcePools *LocationsWorkforcePoolsService 173} 174 175func NewLocationsWorkforcePoolsService(s *Service) *LocationsWorkforcePoolsService { 176 rs := &LocationsWorkforcePoolsService{s: s} 177 rs.Operations = NewLocationsWorkforcePoolsOperationsService(s) 178 rs.Providers = NewLocationsWorkforcePoolsProvidersService(s) 179 return rs 180} 181 182type LocationsWorkforcePoolsService struct { 183 s *Service 184 185 Operations *LocationsWorkforcePoolsOperationsService 186 187 Providers *LocationsWorkforcePoolsProvidersService 188} 189 190func NewLocationsWorkforcePoolsOperationsService(s *Service) *LocationsWorkforcePoolsOperationsService { 191 rs := &LocationsWorkforcePoolsOperationsService{s: s} 192 return rs 193} 194 195type LocationsWorkforcePoolsOperationsService struct { 196 s *Service 197} 198 199func NewLocationsWorkforcePoolsProvidersService(s *Service) *LocationsWorkforcePoolsProvidersService { 200 rs := &LocationsWorkforcePoolsProvidersService{s: s} 201 rs.Operations = NewLocationsWorkforcePoolsProvidersOperationsService(s) 202 return rs 203} 204 205type LocationsWorkforcePoolsProvidersService struct { 206 s *Service 207 208 Operations *LocationsWorkforcePoolsProvidersOperationsService 209} 210 211func NewLocationsWorkforcePoolsProvidersOperationsService(s *Service) *LocationsWorkforcePoolsProvidersOperationsService { 212 rs := &LocationsWorkforcePoolsProvidersOperationsService{s: s} 213 return rs 214} 215 216type LocationsWorkforcePoolsProvidersOperationsService struct { 217 s *Service 218} 219 220func NewOrganizationsService(s *Service) *OrganizationsService { 221 rs := &OrganizationsService{s: s} 222 rs.Roles = NewOrganizationsRolesService(s) 223 return rs 224} 225 226type OrganizationsService struct { 227 s *Service 228 229 Roles *OrganizationsRolesService 230} 231 232func NewOrganizationsRolesService(s *Service) *OrganizationsRolesService { 233 rs := &OrganizationsRolesService{s: s} 234 return rs 235} 236 237type OrganizationsRolesService struct { 238 s *Service 239} 240 241func NewPermissionsService(s *Service) *PermissionsService { 242 rs := &PermissionsService{s: s} 243 return rs 244} 245 246type PermissionsService struct { 247 s *Service 248} 249 250func NewProjectsService(s *Service) *ProjectsService { 251 rs := &ProjectsService{s: s} 252 rs.Locations = NewProjectsLocationsService(s) 253 rs.Roles = NewProjectsRolesService(s) 254 rs.ServiceAccounts = NewProjectsServiceAccountsService(s) 255 return rs 256} 257 258type ProjectsService struct { 259 s *Service 260 261 Locations *ProjectsLocationsService 262 263 Roles *ProjectsRolesService 264 265 ServiceAccounts *ProjectsServiceAccountsService 266} 267 268func NewProjectsLocationsService(s *Service) *ProjectsLocationsService { 269 rs := &ProjectsLocationsService{s: s} 270 rs.WorkloadIdentityPools = NewProjectsLocationsWorkloadIdentityPoolsService(s) 271 return rs 272} 273 274type ProjectsLocationsService struct { 275 s *Service 276 277 WorkloadIdentityPools *ProjectsLocationsWorkloadIdentityPoolsService 278} 279 280func NewProjectsLocationsWorkloadIdentityPoolsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsService { 281 rs := &ProjectsLocationsWorkloadIdentityPoolsService{s: s} 282 rs.Operations = NewProjectsLocationsWorkloadIdentityPoolsOperationsService(s) 283 rs.Providers = NewProjectsLocationsWorkloadIdentityPoolsProvidersService(s) 284 return rs 285} 286 287type ProjectsLocationsWorkloadIdentityPoolsService struct { 288 s *Service 289 290 Operations *ProjectsLocationsWorkloadIdentityPoolsOperationsService 291 292 Providers *ProjectsLocationsWorkloadIdentityPoolsProvidersService 293} 294 295func NewProjectsLocationsWorkloadIdentityPoolsOperationsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsOperationsService { 296 rs := &ProjectsLocationsWorkloadIdentityPoolsOperationsService{s: s} 297 return rs 298} 299 300type ProjectsLocationsWorkloadIdentityPoolsOperationsService struct { 301 s *Service 302} 303 304func NewProjectsLocationsWorkloadIdentityPoolsProvidersService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsProvidersService { 305 rs := &ProjectsLocationsWorkloadIdentityPoolsProvidersService{s: s} 306 rs.Operations = NewProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService(s) 307 return rs 308} 309 310type ProjectsLocationsWorkloadIdentityPoolsProvidersService struct { 311 s *Service 312 313 Operations *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService 314} 315 316func NewProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService { 317 rs := &ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService{s: s} 318 return rs 319} 320 321type ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService struct { 322 s *Service 323} 324 325func NewProjectsRolesService(s *Service) *ProjectsRolesService { 326 rs := &ProjectsRolesService{s: s} 327 return rs 328} 329 330type ProjectsRolesService struct { 331 s *Service 332} 333 334func NewProjectsServiceAccountsService(s *Service) *ProjectsServiceAccountsService { 335 rs := &ProjectsServiceAccountsService{s: s} 336 rs.Keys = NewProjectsServiceAccountsKeysService(s) 337 return rs 338} 339 340type ProjectsServiceAccountsService struct { 341 s *Service 342 343 Keys *ProjectsServiceAccountsKeysService 344} 345 346func NewProjectsServiceAccountsKeysService(s *Service) *ProjectsServiceAccountsKeysService { 347 rs := &ProjectsServiceAccountsKeysService{s: s} 348 return rs 349} 350 351type ProjectsServiceAccountsKeysService struct { 352 s *Service 353} 354 355func NewRolesService(s *Service) *RolesService { 356 rs := &RolesService{s: s} 357 return rs 358} 359 360type RolesService struct { 361 s *Service 362} 363 364// AdminAuditData: Audit log information specific to Cloud IAM admin 365// APIs. This message is serialized as an `Any` type in the 366// `ServiceData` message of an `AuditLog` message. 367type AdminAuditData struct { 368 // PermissionDelta: The permission_delta when when creating or updating 369 // a Role. 370 PermissionDelta *PermissionDelta `json:"permissionDelta,omitempty"` 371 372 // ForceSendFields is a list of field names (e.g. "PermissionDelta") to 373 // unconditionally include in API requests. By default, fields with 374 // empty or default values are omitted from API requests. However, any 375 // non-pointer, non-interface field appearing in ForceSendFields will be 376 // sent to the server regardless of whether the field is empty or not. 377 // This may be used to include empty fields in Patch requests. 378 ForceSendFields []string `json:"-"` 379 380 // NullFields is a list of field names (e.g. "PermissionDelta") to 381 // include in API requests with the JSON null value. By default, fields 382 // with empty values are omitted from API requests. However, any field 383 // with an empty value appearing in NullFields will be sent to the 384 // server as null. It is an error if a field in this list has a 385 // non-empty value. This may be used to include null fields in Patch 386 // requests. 387 NullFields []string `json:"-"` 388} 389 390func (s *AdminAuditData) MarshalJSON() ([]byte, error) { 391 type NoMethod AdminAuditData 392 raw := NoMethod(*s) 393 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 394} 395 396// AuditConfig: Specifies the audit configuration for a service. The 397// configuration determines which permission types are logged, and what 398// identities, if any, are exempted from logging. An AuditConfig must 399// have one or more AuditLogConfigs. If there are AuditConfigs for both 400// `allServices` and a specific service, the union of the two 401// AuditConfigs is used for that service: the log_types specified in 402// each AuditConfig are enabled, and the exempted_members in each 403// AuditLogConfig are exempted. Example Policy with multiple 404// AuditConfigs: { "audit_configs": [ { "service": "allServices", 405// "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": 406// [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { 407// "log_type": "ADMIN_READ" } ] }, { "service": 408// "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": 409// "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ 410// "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy 411// enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts 412// jose@example.com from DATA_READ logging, and aliya@example.com from 413// DATA_WRITE logging. 414type AuditConfig struct { 415 // AuditLogConfigs: The configuration for logging of each type of 416 // permission. 417 AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"` 418 419 // Service: Specifies a service that will be enabled for audit logging. 420 // For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 421 // `allServices` is a special value that covers all services. 422 Service string `json:"service,omitempty"` 423 424 // ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to 425 // unconditionally include in API requests. By default, fields with 426 // empty or default values are omitted from API requests. However, any 427 // non-pointer, non-interface field appearing in ForceSendFields will be 428 // sent to the server regardless of whether the field is empty or not. 429 // This may be used to include empty fields in Patch requests. 430 ForceSendFields []string `json:"-"` 431 432 // NullFields is a list of field names (e.g. "AuditLogConfigs") to 433 // include in API requests with the JSON null value. By default, fields 434 // with empty values are omitted from API requests. However, any field 435 // with an empty value appearing in NullFields will be sent to the 436 // server as null. It is an error if a field in this list has a 437 // non-empty value. This may be used to include null fields in Patch 438 // requests. 439 NullFields []string `json:"-"` 440} 441 442func (s *AuditConfig) MarshalJSON() ([]byte, error) { 443 type NoMethod AuditConfig 444 raw := NoMethod(*s) 445 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 446} 447 448// AuditData: Audit log information specific to Cloud IAM. This message 449// is serialized as an `Any` type in the `ServiceData` message of an 450// `AuditLog` message. 451type AuditData struct { 452 // PolicyDelta: Policy delta between the original policy and the newly 453 // set policy. 454 PolicyDelta *PolicyDelta `json:"policyDelta,omitempty"` 455 456 // ForceSendFields is a list of field names (e.g. "PolicyDelta") to 457 // unconditionally include in API requests. By default, fields with 458 // empty or default values are omitted from API requests. However, any 459 // non-pointer, non-interface field appearing in ForceSendFields will be 460 // sent to the server regardless of whether the field is empty or not. 461 // This may be used to include empty fields in Patch requests. 462 ForceSendFields []string `json:"-"` 463 464 // NullFields is a list of field names (e.g. "PolicyDelta") to include 465 // in API requests with the JSON null value. By default, fields with 466 // empty values are omitted from API requests. However, any field with 467 // an empty value appearing in NullFields will be sent to the server as 468 // null. It is an error if a field in this list has a non-empty value. 469 // This may be used to include null fields in Patch requests. 470 NullFields []string `json:"-"` 471} 472 473func (s *AuditData) MarshalJSON() ([]byte, error) { 474 type NoMethod AuditData 475 raw := NoMethod(*s) 476 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 477} 478 479// AuditLogConfig: Provides the configuration for logging a type of 480// permissions. Example: { "audit_log_configs": [ { "log_type": 481// "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { 482// "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 483// 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ 484// logging. 485type AuditLogConfig struct { 486 // ExemptedMembers: Specifies the identities that do not cause logging 487 // for this type of permission. Follows the same format of 488 // Binding.members. 489 ExemptedMembers []string `json:"exemptedMembers,omitempty"` 490 491 // LogType: The log type that this config enables. 492 // 493 // Possible values: 494 // "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this. 495 // "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy 496 // "DATA_WRITE" - Data writes. Example: CloudSQL Users create 497 // "DATA_READ" - Data reads. Example: CloudSQL Users list 498 LogType string `json:"logType,omitempty"` 499 500 // ForceSendFields is a list of field names (e.g. "ExemptedMembers") to 501 // unconditionally include in API requests. By default, fields with 502 // empty or default values are omitted from API requests. However, any 503 // non-pointer, non-interface field appearing in ForceSendFields will be 504 // sent to the server regardless of whether the field is empty or not. 505 // This may be used to include empty fields in Patch requests. 506 ForceSendFields []string `json:"-"` 507 508 // NullFields is a list of field names (e.g. "ExemptedMembers") to 509 // include in API requests with the JSON null value. By default, fields 510 // with empty values are omitted from API requests. However, any field 511 // with an empty value appearing in NullFields will be sent to the 512 // server as null. It is an error if a field in this list has a 513 // non-empty value. This may be used to include null fields in Patch 514 // requests. 515 NullFields []string `json:"-"` 516} 517 518func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { 519 type NoMethod AuditLogConfig 520 raw := NoMethod(*s) 521 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 522} 523 524// AuditableService: Contains information about an auditable service. 525type AuditableService struct { 526 // Name: Public name of the service. For example, the service name for 527 // Cloud IAM is 'iam.googleapis.com'. 528 Name string `json:"name,omitempty"` 529 530 // ForceSendFields is a list of field names (e.g. "Name") to 531 // unconditionally include in API requests. By default, fields with 532 // empty or default values are omitted from API requests. However, any 533 // non-pointer, non-interface field appearing in ForceSendFields will be 534 // sent to the server regardless of whether the field is empty or not. 535 // This may be used to include empty fields in Patch requests. 536 ForceSendFields []string `json:"-"` 537 538 // NullFields is a list of field names (e.g. "Name") to include in API 539 // requests with the JSON null value. By default, fields with empty 540 // values are omitted from API requests. However, any field with an 541 // empty value appearing in NullFields will be sent to the server as 542 // null. It is an error if a field in this list has a non-empty value. 543 // This may be used to include null fields in Patch requests. 544 NullFields []string `json:"-"` 545} 546 547func (s *AuditableService) MarshalJSON() ([]byte, error) { 548 type NoMethod AuditableService 549 raw := NoMethod(*s) 550 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 551} 552 553// Aws: Represents an Amazon Web Services identity provider. 554type Aws struct { 555 // AccountId: Required. The AWS account ID. 556 AccountId string `json:"accountId,omitempty"` 557 558 // ForceSendFields is a list of field names (e.g. "AccountId") to 559 // unconditionally include in API requests. By default, fields with 560 // empty or default values are omitted from API requests. However, any 561 // non-pointer, non-interface field appearing in ForceSendFields will be 562 // sent to the server regardless of whether the field is empty or not. 563 // This may be used to include empty fields in Patch requests. 564 ForceSendFields []string `json:"-"` 565 566 // NullFields is a list of field names (e.g. "AccountId") to include in 567 // API requests with the JSON null value. By default, fields with empty 568 // values are omitted from API requests. However, any field with an 569 // empty value appearing in NullFields will be sent to the server as 570 // null. It is an error if a field in this list has a non-empty value. 571 // This may be used to include null fields in Patch requests. 572 NullFields []string `json:"-"` 573} 574 575func (s *Aws) MarshalJSON() ([]byte, error) { 576 type NoMethod Aws 577 raw := NoMethod(*s) 578 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 579} 580 581// Binding: Associates `members`, or principals, with a `role`. 582type Binding struct { 583 // Condition: The condition that is associated with this binding. If the 584 // condition evaluates to `true`, then this binding applies to the 585 // current request. If the condition evaluates to `false`, then this 586 // binding does not apply to the current request. However, a different 587 // role binding might grant the same role to one or more of the 588 // principals in this binding. To learn which resources support 589 // conditions in their IAM policies, see the IAM documentation 590 // (https://cloud.google.com/iam/help/conditions/resource-policies). 591 Condition *Expr `json:"condition,omitempty"` 592 593 // Members: Specifies the principals requesting access for a Cloud 594 // Platform resource. `members` can have the following values: * 595 // `allUsers`: A special identifier that represents anyone who is on the 596 // internet; with or without a Google account. * 597 // `allAuthenticatedUsers`: A special identifier that represents anyone 598 // who is authenticated with a Google account or a service account. * 599 // `user:{emailid}`: An email address that represents a specific Google 600 // account. For example, `alice@example.com` . * 601 // `serviceAccount:{emailid}`: An email address that represents a 602 // service account. For example, 603 // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An 604 // email address that represents a Google group. For example, 605 // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An 606 // email address (plus unique identifier) representing a user that has 607 // been recently deleted. For example, 608 // `alice@example.com?uid=123456789012345678901`. If the user is 609 // recovered, this value reverts to `user:{emailid}` and the recovered 610 // user retains the role in the binding. * 611 // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address 612 // (plus unique identifier) representing a service account that has been 613 // recently deleted. For example, 614 // `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. 615 // If the service account is undeleted, this value reverts to 616 // `serviceAccount:{emailid}` and the undeleted service account retains 617 // the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: 618 // An email address (plus unique identifier) representing a Google group 619 // that has been recently deleted. For example, 620 // `admins@example.com?uid=123456789012345678901`. If the group is 621 // recovered, this value reverts to `group:{emailid}` and the recovered 622 // group retains the role in the binding. * `domain:{domain}`: The G 623 // Suite domain (primary) that represents all the users of that domain. 624 // For example, `google.com` or `example.com`. 625 Members []string `json:"members,omitempty"` 626 627 // Role: Role that is assigned to the list of `members`, or principals. 628 // For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 629 Role string `json:"role,omitempty"` 630 631 // ForceSendFields is a list of field names (e.g. "Condition") to 632 // unconditionally include in API requests. By default, fields with 633 // empty or default values are omitted from API requests. However, any 634 // non-pointer, non-interface field appearing in ForceSendFields will be 635 // sent to the server regardless of whether the field is empty or not. 636 // This may be used to include empty fields in Patch requests. 637 ForceSendFields []string `json:"-"` 638 639 // NullFields is a list of field names (e.g. "Condition") to include in 640 // API requests with the JSON null value. By default, fields with empty 641 // values are omitted from API requests. However, any field with an 642 // empty value appearing in NullFields will be sent to the server as 643 // null. It is an error if a field in this list has a non-empty value. 644 // This may be used to include null fields in Patch requests. 645 NullFields []string `json:"-"` 646} 647 648func (s *Binding) MarshalJSON() ([]byte, error) { 649 type NoMethod Binding 650 raw := NoMethod(*s) 651 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 652} 653 654// BindingDelta: One delta entry for Binding. Each individual change 655// (only one member in each entry) to a binding will be a separate 656// entry. 657type BindingDelta struct { 658 // Action: The action that was performed on a Binding. Required 659 // 660 // Possible values: 661 // "ACTION_UNSPECIFIED" - Unspecified. 662 // "ADD" - Addition of a Binding. 663 // "REMOVE" - Removal of a Binding. 664 Action string `json:"action,omitempty"` 665 666 // Condition: The condition that is associated with this binding. 667 Condition *Expr `json:"condition,omitempty"` 668 669 // Member: A single identity requesting access for a Cloud Platform 670 // resource. Follows the same format of Binding.members. Required 671 Member string `json:"member,omitempty"` 672 673 // Role: Role that is assigned to `members`. For example, 674 // `roles/viewer`, `roles/editor`, or `roles/owner`. Required 675 Role string `json:"role,omitempty"` 676 677 // ForceSendFields is a list of field names (e.g. "Action") to 678 // unconditionally include in API requests. By default, fields with 679 // empty or default values are omitted from API requests. However, any 680 // non-pointer, non-interface field appearing in ForceSendFields will be 681 // sent to the server regardless of whether the field is empty or not. 682 // This may be used to include empty fields in Patch requests. 683 ForceSendFields []string `json:"-"` 684 685 // NullFields is a list of field names (e.g. "Action") to include in API 686 // requests with the JSON null value. By default, fields with empty 687 // values are omitted from API requests. However, any field with an 688 // empty value appearing in NullFields will be sent to the server as 689 // null. It is an error if a field in this list has a non-empty value. 690 // This may be used to include null fields in Patch requests. 691 NullFields []string `json:"-"` 692} 693 694func (s *BindingDelta) MarshalJSON() ([]byte, error) { 695 type NoMethod BindingDelta 696 raw := NoMethod(*s) 697 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 698} 699 700// CreateRoleRequest: The request to create a new role. 701type CreateRoleRequest struct { 702 // Role: The Role resource to create. 703 Role *Role `json:"role,omitempty"` 704 705 // RoleId: The role ID to use for this role. A role ID may contain 706 // alphanumeric characters, underscores (`_`), and periods (`.`). It 707 // must contain a minimum of 3 characters and a maximum of 64 708 // characters. 709 RoleId string `json:"roleId,omitempty"` 710 711 // ForceSendFields is a list of field names (e.g. "Role") to 712 // unconditionally include in API requests. By default, fields with 713 // empty or default values are omitted from API requests. However, any 714 // non-pointer, non-interface field appearing in ForceSendFields will be 715 // sent to the server regardless of whether the field is empty or not. 716 // This may be used to include empty fields in Patch requests. 717 ForceSendFields []string `json:"-"` 718 719 // NullFields is a list of field names (e.g. "Role") to include in API 720 // requests with the JSON null value. By default, fields with empty 721 // values are omitted from API requests. However, any field with an 722 // empty value appearing in NullFields will be sent to the server as 723 // null. It is an error if a field in this list has a non-empty value. 724 // This may be used to include null fields in Patch requests. 725 NullFields []string `json:"-"` 726} 727 728func (s *CreateRoleRequest) MarshalJSON() ([]byte, error) { 729 type NoMethod CreateRoleRequest 730 raw := NoMethod(*s) 731 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 732} 733 734// CreateServiceAccountKeyRequest: The service account key create 735// request. 736type CreateServiceAccountKeyRequest struct { 737 // KeyAlgorithm: Which type of key and algorithm to use for the key. The 738 // default is currently a 2K RSA key. However this may change in the 739 // future. 740 // 741 // Possible values: 742 // "KEY_ALG_UNSPECIFIED" - An unspecified key algorithm. 743 // "KEY_ALG_RSA_1024" - 1k RSA Key. 744 // "KEY_ALG_RSA_2048" - 2k RSA Key. 745 KeyAlgorithm string `json:"keyAlgorithm,omitempty"` 746 747 // PrivateKeyType: The output format of the private key. The default 748 // value is `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google 749 // Credentials File format. 750 // 751 // Possible values: 752 // "TYPE_UNSPECIFIED" - Unspecified. Equivalent to 753 // `TYPE_GOOGLE_CREDENTIALS_FILE`. 754 // "TYPE_PKCS12_FILE" - PKCS12 format. The password for the PKCS12 755 // file is `notasecret`. For more information, see 756 // https://tools.ietf.org/html/rfc7292. 757 // "TYPE_GOOGLE_CREDENTIALS_FILE" - Google Credentials File format. 758 PrivateKeyType string `json:"privateKeyType,omitempty"` 759 760 // ForceSendFields is a list of field names (e.g. "KeyAlgorithm") to 761 // unconditionally include in API requests. By default, fields with 762 // empty or default values are omitted from API requests. However, any 763 // non-pointer, non-interface field appearing in ForceSendFields will be 764 // sent to the server regardless of whether the field is empty or not. 765 // This may be used to include empty fields in Patch requests. 766 ForceSendFields []string `json:"-"` 767 768 // NullFields is a list of field names (e.g. "KeyAlgorithm") to include 769 // in API requests with the JSON null value. By default, fields with 770 // empty values are omitted from API requests. However, any field with 771 // an empty value appearing in NullFields will be sent to the server as 772 // null. It is an error if a field in this list has a non-empty value. 773 // This may be used to include null fields in Patch requests. 774 NullFields []string `json:"-"` 775} 776 777func (s *CreateServiceAccountKeyRequest) MarshalJSON() ([]byte, error) { 778 type NoMethod CreateServiceAccountKeyRequest 779 raw := NoMethod(*s) 780 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 781} 782 783// CreateServiceAccountRequest: The service account create request. 784type CreateServiceAccountRequest struct { 785 // AccountId: Required. The account id that is used to generate the 786 // service account email address and a stable unique id. It is unique 787 // within a project, must be 6-30 characters long, and match the regular 788 // expression `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035. 789 AccountId string `json:"accountId,omitempty"` 790 791 // ServiceAccount: The ServiceAccount resource to create. Currently, 792 // only the following values are user assignable: `display_name` and 793 // `description`. 794 ServiceAccount *ServiceAccount `json:"serviceAccount,omitempty"` 795 796 // ForceSendFields is a list of field names (e.g. "AccountId") to 797 // unconditionally include in API requests. By default, fields with 798 // empty or default values are omitted from API requests. However, any 799 // non-pointer, non-interface field appearing in ForceSendFields will be 800 // sent to the server regardless of whether the field is empty or not. 801 // This may be used to include empty fields in Patch requests. 802 ForceSendFields []string `json:"-"` 803 804 // NullFields is a list of field names (e.g. "AccountId") to include in 805 // API requests with the JSON null value. By default, fields with empty 806 // values are omitted from API requests. However, any field with an 807 // empty value appearing in NullFields will be sent to the server as 808 // null. It is an error if a field in this list has a non-empty value. 809 // This may be used to include null fields in Patch requests. 810 NullFields []string `json:"-"` 811} 812 813func (s *CreateServiceAccountRequest) MarshalJSON() ([]byte, error) { 814 type NoMethod CreateServiceAccountRequest 815 raw := NoMethod(*s) 816 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 817} 818 819// DisableServiceAccountKeyRequest: The service account key disable 820// request. 821type DisableServiceAccountKeyRequest struct { 822} 823 824// DisableServiceAccountRequest: The service account disable request. 825type DisableServiceAccountRequest struct { 826} 827 828// Empty: A generic empty message that you can re-use to avoid defining 829// duplicated empty messages in your APIs. A typical example is to use 830// it as the request or the response type of an API method. For 831// instance: service Foo { rpc Bar(google.protobuf.Empty) returns 832// (google.protobuf.Empty); } The JSON representation for `Empty` is 833// empty JSON object `{}`. 834type Empty struct { 835 // ServerResponse contains the HTTP response code and headers from the 836 // server. 837 googleapi.ServerResponse `json:"-"` 838} 839 840// EnableServiceAccountKeyRequest: The service account key enable 841// request. 842type EnableServiceAccountKeyRequest struct { 843} 844 845// EnableServiceAccountRequest: The service account enable request. 846type EnableServiceAccountRequest struct { 847} 848 849// Expr: Represents a textual expression in the Common Expression 850// Language (CEL) syntax. CEL is a C-like expression language. The 851// syntax and semantics of CEL are documented at 852// https://github.com/google/cel-spec. Example (Comparison): title: 853// "Summary size limit" description: "Determines if a summary is less 854// than 100 chars" expression: "document.summary.size() < 100" Example 855// (Equality): title: "Requestor is owner" description: "Determines if 856// requestor is the document owner" expression: "document.owner == 857// request.auth.claims.email" Example (Logic): title: "Public documents" 858// description: "Determine whether the document should be publicly 859// visible" expression: "document.type != 'private' && document.type != 860// 'internal'" Example (Data Manipulation): title: "Notification string" 861// description: "Create a notification string with a timestamp." 862// expression: "'New message received at ' + 863// string(document.create_time)" The exact variables and functions that 864// may be referenced within an expression are determined by the service 865// that evaluates it. See the service documentation for additional 866// information. 867type Expr struct { 868 // Description: Optional. Description of the expression. This is a 869 // longer text which describes the expression, e.g. when hovered over it 870 // in a UI. 871 Description string `json:"description,omitempty"` 872 873 // Expression: Textual representation of an expression in Common 874 // Expression Language syntax. 875 Expression string `json:"expression,omitempty"` 876 877 // Location: Optional. String indicating the location of the expression 878 // for error reporting, e.g. a file name and a position in the file. 879 Location string `json:"location,omitempty"` 880 881 // Title: Optional. Title for the expression, i.e. a short string 882 // describing its purpose. This can be used e.g. in UIs which allow to 883 // enter the expression. 884 Title string `json:"title,omitempty"` 885 886 // ForceSendFields is a list of field names (e.g. "Description") to 887 // unconditionally include in API requests. By default, fields with 888 // empty or default values are omitted from API requests. However, any 889 // non-pointer, non-interface field appearing in ForceSendFields will be 890 // sent to the server regardless of whether the field is empty or not. 891 // This may be used to include empty fields in Patch requests. 892 ForceSendFields []string `json:"-"` 893 894 // NullFields is a list of field names (e.g. "Description") to include 895 // in API requests with the JSON null value. By default, fields with 896 // empty values are omitted from API requests. However, any field with 897 // an empty value appearing in NullFields will be sent to the server as 898 // null. It is an error if a field in this list has a non-empty value. 899 // This may be used to include null fields in Patch requests. 900 NullFields []string `json:"-"` 901} 902 903func (s *Expr) MarshalJSON() ([]byte, error) { 904 type NoMethod Expr 905 raw := NoMethod(*s) 906 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 907} 908 909// LintPolicyRequest: The request to lint a Cloud IAM policy object. 910type LintPolicyRequest struct { 911 // Condition: google.iam.v1.Binding.condition object to be linted. 912 Condition *Expr `json:"condition,omitempty"` 913 914 // FullResourceName: The full resource name of the policy this lint 915 // request is about. The name follows the Google Cloud Platform (GCP) 916 // resource format. For example, a GCP project with ID `my-project` will 917 // be named `//cloudresourcemanager.googleapis.com/projects/my-project`. 918 // The resource name is not used to read the policy instance from the 919 // Cloud IAM database. The candidate policy for lint has to be provided 920 // in the same request object. 921 FullResourceName string `json:"fullResourceName,omitempty"` 922 923 // ForceSendFields is a list of field names (e.g. "Condition") to 924 // unconditionally include in API requests. By default, fields with 925 // empty or default values are omitted from API requests. However, any 926 // non-pointer, non-interface field appearing in ForceSendFields will be 927 // sent to the server regardless of whether the field is empty or not. 928 // This may be used to include empty fields in Patch requests. 929 ForceSendFields []string `json:"-"` 930 931 // NullFields is a list of field names (e.g. "Condition") to include in 932 // API requests with the JSON null value. By default, fields with empty 933 // values are omitted from API requests. However, any field with an 934 // empty value appearing in NullFields will be sent to the server as 935 // null. It is an error if a field in this list has a non-empty value. 936 // This may be used to include null fields in Patch requests. 937 NullFields []string `json:"-"` 938} 939 940func (s *LintPolicyRequest) MarshalJSON() ([]byte, error) { 941 type NoMethod LintPolicyRequest 942 raw := NoMethod(*s) 943 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 944} 945 946// LintPolicyResponse: The response of a lint operation. An empty 947// response indicates the operation was able to fully execute and no 948// lint issue was found. 949type LintPolicyResponse struct { 950 // LintResults: List of lint results sorted by `severity` in descending 951 // order. 952 LintResults []*LintResult `json:"lintResults,omitempty"` 953 954 // ServerResponse contains the HTTP response code and headers from the 955 // server. 956 googleapi.ServerResponse `json:"-"` 957 958 // ForceSendFields is a list of field names (e.g. "LintResults") to 959 // unconditionally include in API requests. By default, fields with 960 // empty or default values are omitted from API requests. However, any 961 // non-pointer, non-interface field appearing in ForceSendFields will be 962 // sent to the server regardless of whether the field is empty or not. 963 // This may be used to include empty fields in Patch requests. 964 ForceSendFields []string `json:"-"` 965 966 // NullFields is a list of field names (e.g. "LintResults") to include 967 // in API requests with the JSON null value. By default, fields with 968 // empty values are omitted from API requests. However, any field with 969 // an empty value appearing in NullFields will be sent to the server as 970 // null. It is an error if a field in this list has a non-empty value. 971 // This may be used to include null fields in Patch requests. 972 NullFields []string `json:"-"` 973} 974 975func (s *LintPolicyResponse) MarshalJSON() ([]byte, error) { 976 type NoMethod LintPolicyResponse 977 raw := NoMethod(*s) 978 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 979} 980 981// LintResult: Structured response of a single validation unit. 982type LintResult struct { 983 // DebugMessage: Human readable debug message associated with the issue. 984 DebugMessage string `json:"debugMessage,omitempty"` 985 986 // FieldName: The name of the field for which this lint result is about. 987 // For nested messages `field_name` consists of names of the embedded 988 // fields separated by period character. The top-level qualifier is the 989 // input object to lint in the request. For example, the `field_name` 990 // value `condition.expression` identifies a lint result for the 991 // `expression` field of the provided condition. 992 FieldName string `json:"fieldName,omitempty"` 993 994 // Level: The validation unit level. 995 // 996 // Possible values: 997 // "LEVEL_UNSPECIFIED" - Level is unspecified. 998 // "CONDITION" - A validation unit which operates on an individual 999 // condition within a binding. 1000 Level string `json:"level,omitempty"` 1001 1002 // LocationOffset: 0-based character position of problematic construct 1003 // within the object identified by `field_name`. Currently, this is 1004 // populated only for condition expression. 1005 LocationOffset int64 `json:"locationOffset,omitempty"` 1006 1007 // Severity: The validation unit severity. 1008 // 1009 // Possible values: 1010 // "SEVERITY_UNSPECIFIED" - Severity is unspecified. 1011 // "ERROR" - A validation unit returns an error only for critical 1012 // issues. If an attempt is made to set the problematic policy without 1013 // rectifying the critical issue, it causes the `setPolicy` operation to 1014 // fail. 1015 // "WARNING" - Any issue which is severe enough but does not cause an 1016 // error. For example, suspicious constructs in the input object will 1017 // not necessarily fail `setPolicy`, but there is a high likelihood that 1018 // they won't behave as expected during policy evaluation in 1019 // `checkPolicy`. This includes the following common scenarios: - 1020 // Unsatisfiable condition: Expired timestamp in date/time condition. - 1021 // Ineffective condition: Condition on a pair which is granted 1022 // unconditionally in another binding of the same policy. 1023 // "NOTICE" - Reserved for the issues that are not severe as 1024 // `ERROR`/`WARNING`, but need special handling. For instance, messages 1025 // about skipped validation units are issued as `NOTICE`. 1026 // "INFO" - Any informative statement which is not severe enough to 1027 // raise `ERROR`/`WARNING`/`NOTICE`, like auto-correction 1028 // recommendations on the input content. Note that current version of 1029 // the linter does not utilize `INFO`. 1030 // "DEPRECATED" - Deprecated severity level. 1031 Severity string `json:"severity,omitempty"` 1032 1033 // ValidationUnitName: The validation unit name, for instance 1034 // "lintValidationUnits/ConditionComplexityCheck". 1035 ValidationUnitName string `json:"validationUnitName,omitempty"` 1036 1037 // ForceSendFields is a list of field names (e.g. "DebugMessage") to 1038 // unconditionally include in API requests. By default, fields with 1039 // empty or default values are omitted from API requests. However, any 1040 // non-pointer, non-interface field appearing in ForceSendFields will be 1041 // sent to the server regardless of whether the field is empty or not. 1042 // This may be used to include empty fields in Patch requests. 1043 ForceSendFields []string `json:"-"` 1044 1045 // NullFields is a list of field names (e.g. "DebugMessage") to include 1046 // in API requests with the JSON null value. By default, fields with 1047 // empty values are omitted from API requests. However, any field with 1048 // an empty value appearing in NullFields will be sent to the server as 1049 // null. It is an error if a field in this list has a non-empty value. 1050 // This may be used to include null fields in Patch requests. 1051 NullFields []string `json:"-"` 1052} 1053 1054func (s *LintResult) MarshalJSON() ([]byte, error) { 1055 type NoMethod LintResult 1056 raw := NoMethod(*s) 1057 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1058} 1059 1060// ListRolesResponse: The response containing the roles defined under a 1061// resource. 1062type ListRolesResponse struct { 1063 // NextPageToken: To retrieve the next page of results, set 1064 // `ListRolesRequest.page_token` to this value. 1065 NextPageToken string `json:"nextPageToken,omitempty"` 1066 1067 // Roles: The Roles defined on this resource. 1068 Roles []*Role `json:"roles,omitempty"` 1069 1070 // ServerResponse contains the HTTP response code and headers from the 1071 // server. 1072 googleapi.ServerResponse `json:"-"` 1073 1074 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1075 // unconditionally include in API requests. By default, fields with 1076 // empty or default values are omitted from API requests. However, any 1077 // non-pointer, non-interface field appearing in ForceSendFields will be 1078 // sent to the server regardless of whether the field is empty or not. 1079 // This may be used to include empty fields in Patch requests. 1080 ForceSendFields []string `json:"-"` 1081 1082 // NullFields is a list of field names (e.g. "NextPageToken") to include 1083 // in API requests with the JSON null value. By default, fields with 1084 // empty values are omitted from API requests. However, any field with 1085 // an empty value appearing in NullFields will be sent to the server as 1086 // null. It is an error if a field in this list has a non-empty value. 1087 // This may be used to include null fields in Patch requests. 1088 NullFields []string `json:"-"` 1089} 1090 1091func (s *ListRolesResponse) MarshalJSON() ([]byte, error) { 1092 type NoMethod ListRolesResponse 1093 raw := NoMethod(*s) 1094 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1095} 1096 1097// ListServiceAccountKeysResponse: The service account keys list 1098// response. 1099type ListServiceAccountKeysResponse struct { 1100 // Keys: The public keys for the service account. 1101 Keys []*ServiceAccountKey `json:"keys,omitempty"` 1102 1103 // ServerResponse contains the HTTP response code and headers from the 1104 // server. 1105 googleapi.ServerResponse `json:"-"` 1106 1107 // ForceSendFields is a list of field names (e.g. "Keys") to 1108 // unconditionally include in API requests. By default, fields with 1109 // empty or default values are omitted from API requests. However, any 1110 // non-pointer, non-interface field appearing in ForceSendFields will be 1111 // sent to the server regardless of whether the field is empty or not. 1112 // This may be used to include empty fields in Patch requests. 1113 ForceSendFields []string `json:"-"` 1114 1115 // NullFields is a list of field names (e.g. "Keys") to include in API 1116 // requests with the JSON null value. By default, fields with empty 1117 // values are omitted from API requests. However, any field with an 1118 // empty value appearing in NullFields will be sent to the server as 1119 // null. It is an error if a field in this list has a non-empty value. 1120 // This may be used to include null fields in Patch requests. 1121 NullFields []string `json:"-"` 1122} 1123 1124func (s *ListServiceAccountKeysResponse) MarshalJSON() ([]byte, error) { 1125 type NoMethod ListServiceAccountKeysResponse 1126 raw := NoMethod(*s) 1127 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1128} 1129 1130// ListServiceAccountsResponse: The service account list response. 1131type ListServiceAccountsResponse struct { 1132 // Accounts: The list of matching service accounts. 1133 Accounts []*ServiceAccount `json:"accounts,omitempty"` 1134 1135 // NextPageToken: To retrieve the next page of results, set 1136 // ListServiceAccountsRequest.page_token to this value. 1137 NextPageToken string `json:"nextPageToken,omitempty"` 1138 1139 // ServerResponse contains the HTTP response code and headers from the 1140 // server. 1141 googleapi.ServerResponse `json:"-"` 1142 1143 // ForceSendFields is a list of field names (e.g. "Accounts") to 1144 // unconditionally include in API requests. By default, fields with 1145 // empty or default values are omitted from API requests. However, any 1146 // non-pointer, non-interface field appearing in ForceSendFields will be 1147 // sent to the server regardless of whether the field is empty or not. 1148 // This may be used to include empty fields in Patch requests. 1149 ForceSendFields []string `json:"-"` 1150 1151 // NullFields is a list of field names (e.g. "Accounts") to include in 1152 // API requests with the JSON null value. By default, fields with empty 1153 // values are omitted from API requests. However, any field with an 1154 // empty value appearing in NullFields will be sent to the server as 1155 // null. It is an error if a field in this list has a non-empty value. 1156 // This may be used to include null fields in Patch requests. 1157 NullFields []string `json:"-"` 1158} 1159 1160func (s *ListServiceAccountsResponse) MarshalJSON() ([]byte, error) { 1161 type NoMethod ListServiceAccountsResponse 1162 raw := NoMethod(*s) 1163 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1164} 1165 1166// ListWorkloadIdentityPoolProvidersResponse: Response message for 1167// ListWorkloadIdentityPoolProviders. 1168type ListWorkloadIdentityPoolProvidersResponse struct { 1169 // NextPageToken: A token, which can be sent as `page_token` to retrieve 1170 // the next page. If this field is omitted, there are no subsequent 1171 // pages. 1172 NextPageToken string `json:"nextPageToken,omitempty"` 1173 1174 // WorkloadIdentityPoolProviders: A list of providers. 1175 WorkloadIdentityPoolProviders []*WorkloadIdentityPoolProvider `json:"workloadIdentityPoolProviders,omitempty"` 1176 1177 // ServerResponse contains the HTTP response code and headers from the 1178 // server. 1179 googleapi.ServerResponse `json:"-"` 1180 1181 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1182 // unconditionally include in API requests. By default, fields with 1183 // empty or default values are omitted from API requests. However, any 1184 // non-pointer, non-interface field appearing in ForceSendFields will be 1185 // sent to the server regardless of whether the field is empty or not. 1186 // This may be used to include empty fields in Patch requests. 1187 ForceSendFields []string `json:"-"` 1188 1189 // NullFields is a list of field names (e.g. "NextPageToken") to include 1190 // in API requests with the JSON null value. By default, fields with 1191 // empty values are omitted from API requests. However, any field with 1192 // an empty value appearing in NullFields will be sent to the server as 1193 // null. It is an error if a field in this list has a non-empty value. 1194 // This may be used to include null fields in Patch requests. 1195 NullFields []string `json:"-"` 1196} 1197 1198func (s *ListWorkloadIdentityPoolProvidersResponse) MarshalJSON() ([]byte, error) { 1199 type NoMethod ListWorkloadIdentityPoolProvidersResponse 1200 raw := NoMethod(*s) 1201 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1202} 1203 1204// ListWorkloadIdentityPoolsResponse: Response message for 1205// ListWorkloadIdentityPools. 1206type ListWorkloadIdentityPoolsResponse struct { 1207 // NextPageToken: A token, which can be sent as `page_token` to retrieve 1208 // the next page. If this field is omitted, there are no subsequent 1209 // pages. 1210 NextPageToken string `json:"nextPageToken,omitempty"` 1211 1212 // WorkloadIdentityPools: A list of pools. 1213 WorkloadIdentityPools []*WorkloadIdentityPool `json:"workloadIdentityPools,omitempty"` 1214 1215 // ServerResponse contains the HTTP response code and headers from the 1216 // server. 1217 googleapi.ServerResponse `json:"-"` 1218 1219 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1220 // unconditionally include in API requests. By default, fields with 1221 // empty or default values are omitted from API requests. However, any 1222 // non-pointer, non-interface field appearing in ForceSendFields will be 1223 // sent to the server regardless of whether the field is empty or not. 1224 // This may be used to include empty fields in Patch requests. 1225 ForceSendFields []string `json:"-"` 1226 1227 // NullFields is a list of field names (e.g. "NextPageToken") to include 1228 // in API requests with the JSON null value. By default, fields with 1229 // empty values are omitted from API requests. However, any field with 1230 // an empty value appearing in NullFields will be sent to the server as 1231 // null. It is an error if a field in this list has a non-empty value. 1232 // This may be used to include null fields in Patch requests. 1233 NullFields []string `json:"-"` 1234} 1235 1236func (s *ListWorkloadIdentityPoolsResponse) MarshalJSON() ([]byte, error) { 1237 type NoMethod ListWorkloadIdentityPoolsResponse 1238 raw := NoMethod(*s) 1239 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1240} 1241 1242// Oidc: Represents an OpenId Connect 1.0 identity provider. 1243type Oidc struct { 1244 // AllowedAudiences: Acceptable values for the `aud` field (audience) in 1245 // the OIDC token. Token exchange requests are rejected if the token 1246 // audience does not match one of the configured values. Each audience 1247 // may be at most 256 characters. A maximum of 10 audiences may be 1248 // configured. If this list is empty, the OIDC token audience must be 1249 // equal to the full canonical resource name of the 1250 // WorkloadIdentityPoolProvider, with or without the HTTPS prefix. For 1251 // example: ``` 1252 // //iam.googleapis.com/projects//locations//workloadIdentityPools//provi 1253 // ders/ 1254 // https://iam.googleapis.com/projects//locations//workloadIdentityPools//providers/ 1255 // ``` 1256 AllowedAudiences []string `json:"allowedAudiences,omitempty"` 1257 1258 // IssuerUri: Required. The OIDC issuer URL. Must be an HTTPS endpoint. 1259 IssuerUri string `json:"issuerUri,omitempty"` 1260 1261 // ForceSendFields is a list of field names (e.g. "AllowedAudiences") to 1262 // unconditionally include in API requests. By default, fields with 1263 // empty or default values are omitted from API requests. However, any 1264 // non-pointer, non-interface field appearing in ForceSendFields will be 1265 // sent to the server regardless of whether the field is empty or not. 1266 // This may be used to include empty fields in Patch requests. 1267 ForceSendFields []string `json:"-"` 1268 1269 // NullFields is a list of field names (e.g. "AllowedAudiences") to 1270 // include in API requests with the JSON null value. By default, fields 1271 // with empty values are omitted from API requests. However, any field 1272 // with an empty value appearing in NullFields will be sent to the 1273 // server as null. It is an error if a field in this list has a 1274 // non-empty value. This may be used to include null fields in Patch 1275 // requests. 1276 NullFields []string `json:"-"` 1277} 1278 1279func (s *Oidc) MarshalJSON() ([]byte, error) { 1280 type NoMethod Oidc 1281 raw := NoMethod(*s) 1282 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1283} 1284 1285// Operation: This resource represents a long-running operation that is 1286// the result of a network API call. 1287type Operation struct { 1288 // Done: If the value is `false`, it means the operation is still in 1289 // progress. If `true`, the operation is completed, and either `error` 1290 // or `response` is available. 1291 Done bool `json:"done,omitempty"` 1292 1293 // Error: The error result of the operation in case of failure or 1294 // cancellation. 1295 Error *Status `json:"error,omitempty"` 1296 1297 // Metadata: Service-specific metadata associated with the operation. It 1298 // typically contains progress information and common metadata such as 1299 // create time. Some services might not provide such metadata. Any 1300 // method that returns a long-running operation should document the 1301 // metadata type, if any. 1302 Metadata googleapi.RawMessage `json:"metadata,omitempty"` 1303 1304 // Name: The server-assigned name, which is only unique within the same 1305 // service that originally returns it. If you use the default HTTP 1306 // mapping, the `name` should be a resource name ending with 1307 // `operations/{unique_id}`. 1308 Name string `json:"name,omitempty"` 1309 1310 // Response: The normal response of the operation in case of success. If 1311 // the original method returns no data on success, such as `Delete`, the 1312 // response is `google.protobuf.Empty`. If the original method is 1313 // standard `Get`/`Create`/`Update`, the response should be the 1314 // resource. For other methods, the response should have the type 1315 // `XxxResponse`, where `Xxx` is the original method name. For example, 1316 // if the original method name is `TakeSnapshot()`, the inferred 1317 // response type is `TakeSnapshotResponse`. 1318 Response googleapi.RawMessage `json:"response,omitempty"` 1319 1320 // ServerResponse contains the HTTP response code and headers from the 1321 // server. 1322 googleapi.ServerResponse `json:"-"` 1323 1324 // ForceSendFields is a list of field names (e.g. "Done") to 1325 // unconditionally include in API requests. By default, fields with 1326 // empty or default values are omitted from API requests. However, any 1327 // non-pointer, non-interface field appearing in ForceSendFields will be 1328 // sent to the server regardless of whether the field is empty or not. 1329 // This may be used to include empty fields in Patch requests. 1330 ForceSendFields []string `json:"-"` 1331 1332 // NullFields is a list of field names (e.g. "Done") to include in API 1333 // requests with the JSON null value. By default, fields with empty 1334 // values are omitted from API requests. However, any field with an 1335 // empty value appearing in NullFields will be sent to the server as 1336 // null. It is an error if a field in this list has a non-empty value. 1337 // This may be used to include null fields in Patch requests. 1338 NullFields []string `json:"-"` 1339} 1340 1341func (s *Operation) MarshalJSON() ([]byte, error) { 1342 type NoMethod Operation 1343 raw := NoMethod(*s) 1344 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1345} 1346 1347// PatchServiceAccountRequest: The request for PatchServiceAccount. You 1348// can patch only the `display_name` and `description` fields. You must 1349// use the `update_mask` field to specify which of these fields you want 1350// to patch. Only the fields specified in the request are guaranteed to 1351// be returned in the response. Other fields may be empty in the 1352// response. 1353type PatchServiceAccountRequest struct { 1354 ServiceAccount *ServiceAccount `json:"serviceAccount,omitempty"` 1355 1356 UpdateMask string `json:"updateMask,omitempty"` 1357 1358 // ForceSendFields is a list of field names (e.g. "ServiceAccount") to 1359 // unconditionally include in API requests. By default, fields with 1360 // empty or default values are omitted from API requests. However, any 1361 // non-pointer, non-interface field appearing in ForceSendFields will be 1362 // sent to the server regardless of whether the field is empty or not. 1363 // This may be used to include empty fields in Patch requests. 1364 ForceSendFields []string `json:"-"` 1365 1366 // NullFields is a list of field names (e.g. "ServiceAccount") to 1367 // include in API requests with the JSON null value. By default, fields 1368 // with empty values are omitted from API requests. However, any field 1369 // with an empty value appearing in NullFields will be sent to the 1370 // server as null. It is an error if a field in this list has a 1371 // non-empty value. This may be used to include null fields in Patch 1372 // requests. 1373 NullFields []string `json:"-"` 1374} 1375 1376func (s *PatchServiceAccountRequest) MarshalJSON() ([]byte, error) { 1377 type NoMethod PatchServiceAccountRequest 1378 raw := NoMethod(*s) 1379 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1380} 1381 1382// Permission: A permission which can be included by a role. 1383type Permission struct { 1384 // ApiDisabled: The service API associated with the permission is not 1385 // enabled. 1386 ApiDisabled bool `json:"apiDisabled,omitempty"` 1387 1388 // CustomRolesSupportLevel: The current custom role support level. 1389 // 1390 // Possible values: 1391 // "SUPPORTED" - Default state. Permission is fully supported for 1392 // custom role use. 1393 // "TESTING" - Permission is being tested to check custom role 1394 // compatibility. 1395 // "NOT_SUPPORTED" - Permission is not supported for custom role use. 1396 CustomRolesSupportLevel string `json:"customRolesSupportLevel,omitempty"` 1397 1398 // Description: A brief description of what this Permission is used for. 1399 // This permission can ONLY be used in predefined roles. 1400 Description string `json:"description,omitempty"` 1401 1402 // Name: The name of this Permission. 1403 Name string `json:"name,omitempty"` 1404 1405 OnlyInPredefinedRoles bool `json:"onlyInPredefinedRoles,omitempty"` 1406 1407 // PrimaryPermission: The preferred name for this permission. If 1408 // present, then this permission is an alias of, and equivalent to, the 1409 // listed primary_permission. 1410 PrimaryPermission string `json:"primaryPermission,omitempty"` 1411 1412 // Stage: The current launch stage of the permission. 1413 // 1414 // Possible values: 1415 // "ALPHA" - The permission is currently in an alpha phase. 1416 // "BETA" - The permission is currently in a beta phase. 1417 // "GA" - The permission is generally available. 1418 // "DEPRECATED" - The permission is being deprecated. 1419 Stage string `json:"stage,omitempty"` 1420 1421 // Title: The title of this Permission. 1422 Title string `json:"title,omitempty"` 1423 1424 // ForceSendFields is a list of field names (e.g. "ApiDisabled") to 1425 // unconditionally include in API requests. By default, fields with 1426 // empty or default values are omitted from API requests. However, any 1427 // non-pointer, non-interface field appearing in ForceSendFields will be 1428 // sent to the server regardless of whether the field is empty or not. 1429 // This may be used to include empty fields in Patch requests. 1430 ForceSendFields []string `json:"-"` 1431 1432 // NullFields is a list of field names (e.g. "ApiDisabled") to include 1433 // in API requests with the JSON null value. By default, fields with 1434 // empty values are omitted from API requests. However, any field with 1435 // an empty value appearing in NullFields will be sent to the server as 1436 // null. It is an error if a field in this list has a non-empty value. 1437 // This may be used to include null fields in Patch requests. 1438 NullFields []string `json:"-"` 1439} 1440 1441func (s *Permission) MarshalJSON() ([]byte, error) { 1442 type NoMethod Permission 1443 raw := NoMethod(*s) 1444 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1445} 1446 1447// PermissionDelta: A PermissionDelta message to record the 1448// added_permissions and removed_permissions inside a role. 1449type PermissionDelta struct { 1450 // AddedPermissions: Added permissions. 1451 AddedPermissions []string `json:"addedPermissions,omitempty"` 1452 1453 // RemovedPermissions: Removed permissions. 1454 RemovedPermissions []string `json:"removedPermissions,omitempty"` 1455 1456 // ForceSendFields is a list of field names (e.g. "AddedPermissions") to 1457 // unconditionally include in API requests. By default, fields with 1458 // empty or default values are omitted from API requests. However, any 1459 // non-pointer, non-interface field appearing in ForceSendFields will be 1460 // sent to the server regardless of whether the field is empty or not. 1461 // This may be used to include empty fields in Patch requests. 1462 ForceSendFields []string `json:"-"` 1463 1464 // NullFields is a list of field names (e.g. "AddedPermissions") to 1465 // include in API requests with the JSON null value. By default, fields 1466 // with empty values are omitted from API requests. However, any field 1467 // with an empty value appearing in NullFields will be sent to the 1468 // server as null. It is an error if a field in this list has a 1469 // non-empty value. This may be used to include null fields in Patch 1470 // requests. 1471 NullFields []string `json:"-"` 1472} 1473 1474func (s *PermissionDelta) MarshalJSON() ([]byte, error) { 1475 type NoMethod PermissionDelta 1476 raw := NoMethod(*s) 1477 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1478} 1479 1480// Policy: An Identity and Access Management (IAM) policy, which 1481// specifies access controls for Google Cloud resources. A `Policy` is a 1482// collection of `bindings`. A `binding` binds one or more `members`, or 1483// principals, to a single `role`. Principals can be user accounts, 1484// service accounts, Google groups, and domains (such as G Suite). A 1485// `role` is a named list of permissions; each `role` can be an IAM 1486// predefined role or a user-created custom role. For some types of 1487// Google Cloud resources, a `binding` can also specify a `condition`, 1488// which is a logical expression that allows access to a resource only 1489// if the expression evaluates to `true`. A condition can add 1490// constraints based on attributes of the request, the resource, or 1491// both. To learn which resources support conditions in their IAM 1492// policies, see the IAM documentation 1493// (https://cloud.google.com/iam/help/conditions/resource-policies). 1494// **JSON example:** { "bindings": [ { "role": 1495// "roles/resourcemanager.organizationAdmin", "members": [ 1496// "user:mike@example.com", "group:admins@example.com", 1497// "domain:google.com", 1498// "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { 1499// "role": "roles/resourcemanager.organizationViewer", "members": [ 1500// "user:eve@example.com" ], "condition": { "title": "expirable access", 1501// "description": "Does not grant access after Sep 2020", "expression": 1502// "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], 1503// "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - 1504// members: - user:mike@example.com - group:admins@example.com - 1505// domain:google.com - 1506// serviceAccount:my-project-id@appspot.gserviceaccount.com role: 1507// roles/resourcemanager.organizationAdmin - members: - 1508// user:eve@example.com role: roles/resourcemanager.organizationViewer 1509// condition: title: expirable access description: Does not grant access 1510// after Sep 2020 expression: request.time < 1511// timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 1512// For a description of IAM and its features, see the IAM documentation 1513// (https://cloud.google.com/iam/docs/). 1514type Policy struct { 1515 // AuditConfigs: Specifies cloud audit logging configuration for this 1516 // policy. 1517 AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"` 1518 1519 // Bindings: Associates a list of `members`, or principals, with a 1520 // `role`. Optionally, may specify a `condition` that determines how and 1521 // when the `bindings` are applied. Each of the `bindings` must contain 1522 // at least one principal. The `bindings` in a `Policy` can refer to up 1523 // to 1,500 principals; up to 250 of these principals can be Google 1524 // groups. Each occurrence of a principal counts towards these limits. 1525 // For example, if the `bindings` grant 50 different roles to 1526 // `user:alice@example.com`, and not to any other principal, then you 1527 // can add another 1,450 principals to the `bindings` in the `Policy`. 1528 Bindings []*Binding `json:"bindings,omitempty"` 1529 1530 // Etag: `etag` is used for optimistic concurrency control as a way to 1531 // help prevent simultaneous updates of a policy from overwriting each 1532 // other. It is strongly suggested that systems make use of the `etag` 1533 // in the read-modify-write cycle to perform policy updates in order to 1534 // avoid race conditions: An `etag` is returned in the response to 1535 // `getIamPolicy`, and systems are expected to put that etag in the 1536 // request to `setIamPolicy` to ensure that their change will be applied 1537 // to the same version of the policy. **Important:** If you use IAM 1538 // Conditions, you must include the `etag` field whenever you call 1539 // `setIamPolicy`. If you omit this field, then IAM allows you to 1540 // overwrite a version `3` policy with a version `1` policy, and all of 1541 // the conditions in the version `3` policy are lost. 1542 Etag string `json:"etag,omitempty"` 1543 1544 // Version: Specifies the format of the policy. Valid values are `0`, 1545 // `1`, and `3`. Requests that specify an invalid value are rejected. 1546 // Any operation that affects conditional role bindings must specify 1547 // version `3`. This requirement applies to the following operations: * 1548 // Getting a policy that includes a conditional role binding * Adding a 1549 // conditional role binding to a policy * Changing a conditional role 1550 // binding in a policy * Removing any role binding, with or without a 1551 // condition, from a policy that includes conditions **Important:** If 1552 // you use IAM Conditions, you must include the `etag` field whenever 1553 // you call `setIamPolicy`. If you omit this field, then IAM allows you 1554 // to overwrite a version `3` policy with a version `1` policy, and all 1555 // of the conditions in the version `3` policy are lost. If a policy 1556 // does not include any conditions, operations on that policy may 1557 // specify any valid version or leave the field unset. To learn which 1558 // resources support conditions in their IAM policies, see the IAM 1559 // documentation 1560 // (https://cloud.google.com/iam/help/conditions/resource-policies). 1561 Version int64 `json:"version,omitempty"` 1562 1563 // ServerResponse contains the HTTP response code and headers from the 1564 // server. 1565 googleapi.ServerResponse `json:"-"` 1566 1567 // ForceSendFields is a list of field names (e.g. "AuditConfigs") to 1568 // unconditionally include in API requests. By default, fields with 1569 // empty or default values are omitted from API requests. However, any 1570 // non-pointer, non-interface field appearing in ForceSendFields will be 1571 // sent to the server regardless of whether the field is empty or not. 1572 // This may be used to include empty fields in Patch requests. 1573 ForceSendFields []string `json:"-"` 1574 1575 // NullFields is a list of field names (e.g. "AuditConfigs") to include 1576 // in API requests with the JSON null value. By default, fields with 1577 // empty values are omitted from API requests. However, any field with 1578 // an empty value appearing in NullFields will be sent to the server as 1579 // null. It is an error if a field in this list has a non-empty value. 1580 // This may be used to include null fields in Patch requests. 1581 NullFields []string `json:"-"` 1582} 1583 1584func (s *Policy) MarshalJSON() ([]byte, error) { 1585 type NoMethod Policy 1586 raw := NoMethod(*s) 1587 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1588} 1589 1590// PolicyDelta: The difference delta between two policies. 1591type PolicyDelta struct { 1592 // BindingDeltas: The delta for Bindings between two policies. 1593 BindingDeltas []*BindingDelta `json:"bindingDeltas,omitempty"` 1594 1595 // ForceSendFields is a list of field names (e.g. "BindingDeltas") to 1596 // unconditionally include in API requests. By default, fields with 1597 // empty or default values are omitted from API requests. However, any 1598 // non-pointer, non-interface field appearing in ForceSendFields will be 1599 // sent to the server regardless of whether the field is empty or not. 1600 // This may be used to include empty fields in Patch requests. 1601 ForceSendFields []string `json:"-"` 1602 1603 // NullFields is a list of field names (e.g. "BindingDeltas") to include 1604 // in API requests with the JSON null value. By default, fields with 1605 // empty values are omitted from API requests. However, any field with 1606 // an empty value appearing in NullFields will be sent to the server as 1607 // null. It is an error if a field in this list has a non-empty value. 1608 // This may be used to include null fields in Patch requests. 1609 NullFields []string `json:"-"` 1610} 1611 1612func (s *PolicyDelta) MarshalJSON() ([]byte, error) { 1613 type NoMethod PolicyDelta 1614 raw := NoMethod(*s) 1615 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1616} 1617 1618// QueryAuditableServicesRequest: A request to get the list of auditable 1619// services for a resource. 1620type QueryAuditableServicesRequest struct { 1621 // FullResourceName: Required. The full resource name to query from the 1622 // list of auditable services. The name follows the Google Cloud 1623 // Platform resource format. For example, a Cloud Platform project with 1624 // id `my-project` will be named 1625 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1626 FullResourceName string `json:"fullResourceName,omitempty"` 1627 1628 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1629 // unconditionally include in API requests. By default, fields with 1630 // empty or default values are omitted from API requests. However, any 1631 // non-pointer, non-interface field appearing in ForceSendFields will be 1632 // sent to the server regardless of whether the field is empty or not. 1633 // This may be used to include empty fields in Patch requests. 1634 ForceSendFields []string `json:"-"` 1635 1636 // NullFields is a list of field names (e.g. "FullResourceName") to 1637 // include in API requests with the JSON null value. By default, fields 1638 // with empty values are omitted from API requests. However, any field 1639 // with an empty value appearing in NullFields will be sent to the 1640 // server as null. It is an error if a field in this list has a 1641 // non-empty value. This may be used to include null fields in Patch 1642 // requests. 1643 NullFields []string `json:"-"` 1644} 1645 1646func (s *QueryAuditableServicesRequest) MarshalJSON() ([]byte, error) { 1647 type NoMethod QueryAuditableServicesRequest 1648 raw := NoMethod(*s) 1649 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1650} 1651 1652// QueryAuditableServicesResponse: A response containing a list of 1653// auditable services for a resource. 1654type QueryAuditableServicesResponse struct { 1655 // Services: The auditable services for a resource. 1656 Services []*AuditableService `json:"services,omitempty"` 1657 1658 // ServerResponse contains the HTTP response code and headers from the 1659 // server. 1660 googleapi.ServerResponse `json:"-"` 1661 1662 // ForceSendFields is a list of field names (e.g. "Services") to 1663 // unconditionally include in API requests. By default, fields with 1664 // empty or default values are omitted from API requests. However, any 1665 // non-pointer, non-interface field appearing in ForceSendFields will be 1666 // sent to the server regardless of whether the field is empty or not. 1667 // This may be used to include empty fields in Patch requests. 1668 ForceSendFields []string `json:"-"` 1669 1670 // NullFields is a list of field names (e.g. "Services") to include in 1671 // API requests with the JSON null value. By default, fields with empty 1672 // values are omitted from API requests. However, any field with an 1673 // empty value appearing in NullFields will be sent to the server as 1674 // null. It is an error if a field in this list has a non-empty value. 1675 // This may be used to include null fields in Patch requests. 1676 NullFields []string `json:"-"` 1677} 1678 1679func (s *QueryAuditableServicesResponse) MarshalJSON() ([]byte, error) { 1680 type NoMethod QueryAuditableServicesResponse 1681 raw := NoMethod(*s) 1682 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1683} 1684 1685// QueryGrantableRolesRequest: The grantable role query request. 1686type QueryGrantableRolesRequest struct { 1687 // FullResourceName: Required. The full resource name to query from the 1688 // list of grantable roles. The name follows the Google Cloud Platform 1689 // resource format. For example, a Cloud Platform project with id 1690 // `my-project` will be named 1691 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1692 FullResourceName string `json:"fullResourceName,omitempty"` 1693 1694 // PageSize: Optional limit on the number of roles to include in the 1695 // response. The default is 300, and the maximum is 1,000. 1696 PageSize int64 `json:"pageSize,omitempty"` 1697 1698 // PageToken: Optional pagination token returned in an earlier 1699 // QueryGrantableRolesResponse. 1700 PageToken string `json:"pageToken,omitempty"` 1701 1702 // Possible values: 1703 // "BASIC" - Omits the `included_permissions` field. This is the 1704 // default value. 1705 // "FULL" - Returns all fields. 1706 View string `json:"view,omitempty"` 1707 1708 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1709 // unconditionally include in API requests. By default, fields with 1710 // empty or default values are omitted from API requests. However, any 1711 // non-pointer, non-interface field appearing in ForceSendFields will be 1712 // sent to the server regardless of whether the field is empty or not. 1713 // This may be used to include empty fields in Patch requests. 1714 ForceSendFields []string `json:"-"` 1715 1716 // NullFields is a list of field names (e.g. "FullResourceName") to 1717 // include in API requests with the JSON null value. By default, fields 1718 // with empty values are omitted from API requests. However, any field 1719 // with an empty value appearing in NullFields will be sent to the 1720 // server as null. It is an error if a field in this list has a 1721 // non-empty value. This may be used to include null fields in Patch 1722 // requests. 1723 NullFields []string `json:"-"` 1724} 1725 1726func (s *QueryGrantableRolesRequest) MarshalJSON() ([]byte, error) { 1727 type NoMethod QueryGrantableRolesRequest 1728 raw := NoMethod(*s) 1729 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1730} 1731 1732// QueryGrantableRolesResponse: The grantable role query response. 1733type QueryGrantableRolesResponse struct { 1734 // NextPageToken: To retrieve the next page of results, set 1735 // `QueryGrantableRolesRequest.page_token` to this value. 1736 NextPageToken string `json:"nextPageToken,omitempty"` 1737 1738 // Roles: The list of matching roles. 1739 Roles []*Role `json:"roles,omitempty"` 1740 1741 // ServerResponse contains the HTTP response code and headers from the 1742 // server. 1743 googleapi.ServerResponse `json:"-"` 1744 1745 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1746 // unconditionally include in API requests. By default, fields with 1747 // empty or default values are omitted from API requests. However, any 1748 // non-pointer, non-interface field appearing in ForceSendFields will be 1749 // sent to the server regardless of whether the field is empty or not. 1750 // This may be used to include empty fields in Patch requests. 1751 ForceSendFields []string `json:"-"` 1752 1753 // NullFields is a list of field names (e.g. "NextPageToken") to include 1754 // in API requests with the JSON null value. By default, fields with 1755 // empty values are omitted from API requests. However, any field with 1756 // an empty value appearing in NullFields will be sent to the server as 1757 // null. It is an error if a field in this list has a non-empty value. 1758 // This may be used to include null fields in Patch requests. 1759 NullFields []string `json:"-"` 1760} 1761 1762func (s *QueryGrantableRolesResponse) MarshalJSON() ([]byte, error) { 1763 type NoMethod QueryGrantableRolesResponse 1764 raw := NoMethod(*s) 1765 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1766} 1767 1768// QueryTestablePermissionsRequest: A request to get permissions which 1769// can be tested on a resource. 1770type QueryTestablePermissionsRequest struct { 1771 // FullResourceName: Required. The full resource name to query from the 1772 // list of testable permissions. The name follows the Google Cloud 1773 // Platform resource format. For example, a Cloud Platform project with 1774 // id `my-project` will be named 1775 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1776 FullResourceName string `json:"fullResourceName,omitempty"` 1777 1778 // PageSize: Optional limit on the number of permissions to include in 1779 // the response. The default is 100, and the maximum is 1,000. 1780 PageSize int64 `json:"pageSize,omitempty"` 1781 1782 // PageToken: Optional pagination token returned in an earlier 1783 // QueryTestablePermissionsRequest. 1784 PageToken string `json:"pageToken,omitempty"` 1785 1786 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1787 // unconditionally include in API requests. By default, fields with 1788 // empty or default values are omitted from API requests. However, any 1789 // non-pointer, non-interface field appearing in ForceSendFields will be 1790 // sent to the server regardless of whether the field is empty or not. 1791 // This may be used to include empty fields in Patch requests. 1792 ForceSendFields []string `json:"-"` 1793 1794 // NullFields is a list of field names (e.g. "FullResourceName") to 1795 // include in API requests with the JSON null value. By default, fields 1796 // with empty values are omitted from API requests. However, any field 1797 // with an empty value appearing in NullFields will be sent to the 1798 // server as null. It is an error if a field in this list has a 1799 // non-empty value. This may be used to include null fields in Patch 1800 // requests. 1801 NullFields []string `json:"-"` 1802} 1803 1804func (s *QueryTestablePermissionsRequest) MarshalJSON() ([]byte, error) { 1805 type NoMethod QueryTestablePermissionsRequest 1806 raw := NoMethod(*s) 1807 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1808} 1809 1810// QueryTestablePermissionsResponse: The response containing permissions 1811// which can be tested on a resource. 1812type QueryTestablePermissionsResponse struct { 1813 // NextPageToken: To retrieve the next page of results, set 1814 // `QueryTestableRolesRequest.page_token` to this value. 1815 NextPageToken string `json:"nextPageToken,omitempty"` 1816 1817 // Permissions: The Permissions testable on the requested resource. 1818 Permissions []*Permission `json:"permissions,omitempty"` 1819 1820 // ServerResponse contains the HTTP response code and headers from the 1821 // server. 1822 googleapi.ServerResponse `json:"-"` 1823 1824 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1825 // unconditionally include in API requests. By default, fields with 1826 // empty or default values are omitted from API requests. However, any 1827 // non-pointer, non-interface field appearing in ForceSendFields will be 1828 // sent to the server regardless of whether the field is empty or not. 1829 // This may be used to include empty fields in Patch requests. 1830 ForceSendFields []string `json:"-"` 1831 1832 // NullFields is a list of field names (e.g. "NextPageToken") to include 1833 // in API requests with the JSON null value. By default, fields with 1834 // empty values are omitted from API requests. However, any field with 1835 // an empty value appearing in NullFields will be sent to the server as 1836 // null. It is an error if a field in this list has a non-empty value. 1837 // This may be used to include null fields in Patch requests. 1838 NullFields []string `json:"-"` 1839} 1840 1841func (s *QueryTestablePermissionsResponse) MarshalJSON() ([]byte, error) { 1842 type NoMethod QueryTestablePermissionsResponse 1843 raw := NoMethod(*s) 1844 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1845} 1846 1847// Role: A role in the Identity and Access Management API. 1848type Role struct { 1849 // Deleted: The current deleted state of the role. This field is read 1850 // only. It will be ignored in calls to CreateRole and UpdateRole. 1851 Deleted bool `json:"deleted,omitempty"` 1852 1853 // Description: Optional. A human-readable description for the role. 1854 Description string `json:"description,omitempty"` 1855 1856 // Etag: Used to perform a consistent read-modify-write. 1857 Etag string `json:"etag,omitempty"` 1858 1859 // IncludedPermissions: The names of the permissions this role grants 1860 // when bound in an IAM policy. 1861 IncludedPermissions []string `json:"includedPermissions,omitempty"` 1862 1863 // Name: The name of the role. When Role is used in CreateRole, the role 1864 // name must not be set. When Role is used in output and other input 1865 // such as UpdateRole, the role name is the complete path, e.g., 1866 // roles/logging.viewer for predefined roles and 1867 // organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom 1868 // roles. 1869 Name string `json:"name,omitempty"` 1870 1871 // Stage: The current launch stage of the role. If the `ALPHA` launch 1872 // stage has been selected for a role, the `stage` field will not be 1873 // included in the returned definition for the role. 1874 // 1875 // Possible values: 1876 // "ALPHA" - The user has indicated this role is currently in an Alpha 1877 // phase. If this launch stage is selected, the `stage` field will not 1878 // be included when requesting the definition for a given role. 1879 // "BETA" - The user has indicated this role is currently in a Beta 1880 // phase. 1881 // "GA" - The user has indicated this role is generally available. 1882 // "DEPRECATED" - The user has indicated this role is being 1883 // deprecated. 1884 // "DISABLED" - This role is disabled and will not contribute 1885 // permissions to any principals it is granted to in policies. 1886 // "EAP" - The user has indicated this role is currently in an EAP 1887 // phase. 1888 Stage string `json:"stage,omitempty"` 1889 1890 // Title: Optional. A human-readable title for the role. Typically this 1891 // is limited to 100 UTF-8 bytes. 1892 Title string `json:"title,omitempty"` 1893 1894 // ServerResponse contains the HTTP response code and headers from the 1895 // server. 1896 googleapi.ServerResponse `json:"-"` 1897 1898 // ForceSendFields is a list of field names (e.g. "Deleted") to 1899 // unconditionally include in API requests. By default, fields with 1900 // empty or default values are omitted from API requests. However, any 1901 // non-pointer, non-interface field appearing in ForceSendFields will be 1902 // sent to the server regardless of whether the field is empty or not. 1903 // This may be used to include empty fields in Patch requests. 1904 ForceSendFields []string `json:"-"` 1905 1906 // NullFields is a list of field names (e.g. "Deleted") to include in 1907 // API requests with the JSON null value. By default, fields with empty 1908 // values are omitted from API requests. However, any field with an 1909 // empty value appearing in NullFields will be sent to the server as 1910 // null. It is an error if a field in this list has a non-empty value. 1911 // This may be used to include null fields in Patch requests. 1912 NullFields []string `json:"-"` 1913} 1914 1915func (s *Role) MarshalJSON() ([]byte, error) { 1916 type NoMethod Role 1917 raw := NoMethod(*s) 1918 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1919} 1920 1921// ServiceAccount: An IAM service account. A service account is an 1922// account for an application or a virtual machine (VM) instance, not a 1923// person. You can use a service account to call Google APIs. To learn 1924// more, read the overview of service accounts 1925// (https://cloud.google.com/iam/help/service-accounts/overview). When 1926// you create a service account, you specify the project ID that owns 1927// the service account, as well as a name that must be unique within the 1928// project. IAM uses these values to create an email address that 1929// identifies the service account. 1930type ServiceAccount struct { 1931 // Description: Optional. A user-specified, human-readable description 1932 // of the service account. The maximum length is 256 UTF-8 bytes. 1933 Description string `json:"description,omitempty"` 1934 1935 // Disabled: Output only. Whether the service account is disabled. 1936 Disabled bool `json:"disabled,omitempty"` 1937 1938 // DisplayName: Optional. A user-specified, human-readable name for the 1939 // service account. The maximum length is 100 UTF-8 bytes. 1940 DisplayName string `json:"displayName,omitempty"` 1941 1942 // Email: Output only. The email address of the service account. 1943 Email string `json:"email,omitempty"` 1944 1945 // Etag: Deprecated. Do not use. 1946 Etag string `json:"etag,omitempty"` 1947 1948 // Name: The resource name of the service account. Use one of the 1949 // following formats: * 1950 // `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * 1951 // `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an 1952 // alternative, you can use the `-` wildcard character instead of the 1953 // project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * 1954 // `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using 1955 // the `-` wildcard character, because it can cause response messages to 1956 // contain misleading error codes. For example, if you try to get the 1957 // service account `projects/-/serviceAccounts/fake@example.com`, which 1958 // does not exist, the response contains an HTTP `403 Forbidden` error 1959 // instead of a `404 Not Found` error. 1960 Name string `json:"name,omitempty"` 1961 1962 // Oauth2ClientId: Output only. The OAuth 2.0 client ID for the service 1963 // account. 1964 Oauth2ClientId string `json:"oauth2ClientId,omitempty"` 1965 1966 // ProjectId: Output only. The ID of the project that owns the service 1967 // account. 1968 ProjectId string `json:"projectId,omitempty"` 1969 1970 // UniqueId: Output only. The unique, stable numeric ID for the service 1971 // account. Each service account retains its unique ID even if you 1972 // delete the service account. For example, if you delete a service 1973 // account, then create a new service account with the same name, the 1974 // new service account has a different unique ID than the deleted 1975 // service account. 1976 UniqueId string `json:"uniqueId,omitempty"` 1977 1978 // ServerResponse contains the HTTP response code and headers from the 1979 // server. 1980 googleapi.ServerResponse `json:"-"` 1981 1982 // ForceSendFields is a list of field names (e.g. "Description") to 1983 // unconditionally include in API requests. By default, fields with 1984 // empty or default values are omitted from API requests. However, any 1985 // non-pointer, non-interface field appearing in ForceSendFields will be 1986 // sent to the server regardless of whether the field is empty or not. 1987 // This may be used to include empty fields in Patch requests. 1988 ForceSendFields []string `json:"-"` 1989 1990 // NullFields is a list of field names (e.g. "Description") to include 1991 // in API requests with the JSON null value. By default, fields with 1992 // empty values are omitted from API requests. However, any field with 1993 // an empty value appearing in NullFields will be sent to the server as 1994 // null. It is an error if a field in this list has a non-empty value. 1995 // This may be used to include null fields in Patch requests. 1996 NullFields []string `json:"-"` 1997} 1998 1999func (s *ServiceAccount) MarshalJSON() ([]byte, error) { 2000 type NoMethod ServiceAccount 2001 raw := NoMethod(*s) 2002 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2003} 2004 2005// ServiceAccountKey: Represents a service account key. A service 2006// account has two sets of key-pairs: user-managed, and system-managed. 2007// User-managed key-pairs can be created and deleted by users. Users are 2008// responsible for rotating these keys periodically to ensure security 2009// of their service accounts. Users retain the private key of these 2010// key-pairs, and Google retains ONLY the public key. System-managed 2011// keys are automatically rotated by Google, and are used for signing 2012// for a maximum of two weeks. The rotation process is probabilistic, 2013// and usage of the new key will gradually ramp up and down over the 2014// key's lifetime. If you cache the public key set for a service 2015// account, we recommend that you update the cache every 15 minutes. 2016// User-managed keys can be added and removed at any time, so it is 2017// important to update the cache frequently. For Google-managed keys, 2018// Google will publish a key at least 6 hours before it is first used 2019// for signing and will keep publishing it for at least 6 hours after it 2020// was last used for signing. Public keys for all service accounts are 2021// also published at the OAuth2 Service Account API. 2022type ServiceAccountKey struct { 2023 // Disabled: The key status. 2024 Disabled bool `json:"disabled,omitempty"` 2025 2026 // KeyAlgorithm: Specifies the algorithm (and possibly key size) for the 2027 // key. 2028 // 2029 // Possible values: 2030 // "KEY_ALG_UNSPECIFIED" - An unspecified key algorithm. 2031 // "KEY_ALG_RSA_1024" - 1k RSA Key. 2032 // "KEY_ALG_RSA_2048" - 2k RSA Key. 2033 KeyAlgorithm string `json:"keyAlgorithm,omitempty"` 2034 2035 // KeyOrigin: The key origin. 2036 // 2037 // Possible values: 2038 // "ORIGIN_UNSPECIFIED" - Unspecified key origin. 2039 // "USER_PROVIDED" - Key is provided by user. 2040 // "GOOGLE_PROVIDED" - Key is provided by Google. 2041 KeyOrigin string `json:"keyOrigin,omitempty"` 2042 2043 // KeyType: The key type. 2044 // 2045 // Possible values: 2046 // "KEY_TYPE_UNSPECIFIED" - Unspecified key type. The presence of this 2047 // in the message will immediately result in an error. 2048 // "USER_MANAGED" - User-managed keys (managed and rotated by the 2049 // user). 2050 // "SYSTEM_MANAGED" - System-managed keys (managed and rotated by 2051 // Google). 2052 KeyType string `json:"keyType,omitempty"` 2053 2054 // Name: The resource name of the service account key in the following 2055 // format `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. 2056 Name string `json:"name,omitempty"` 2057 2058 // PrivateKeyData: The private key data. Only provided in 2059 // `CreateServiceAccountKey` responses. Make sure to keep the private 2060 // key data secure because it allows for the assertion of the service 2061 // account identity. When base64 decoded, the private key data can be 2062 // used to authenticate with Google API client libraries and with gcloud 2063 // auth activate-service-account. 2064 PrivateKeyData string `json:"privateKeyData,omitempty"` 2065 2066 // PrivateKeyType: The output format for the private key. Only provided 2067 // in `CreateServiceAccountKey` responses, not in `GetServiceAccountKey` 2068 // or `ListServiceAccountKey` responses. Google never exposes 2069 // system-managed private keys, and never retains user-managed private 2070 // keys. 2071 // 2072 // Possible values: 2073 // "TYPE_UNSPECIFIED" - Unspecified. Equivalent to 2074 // `TYPE_GOOGLE_CREDENTIALS_FILE`. 2075 // "TYPE_PKCS12_FILE" - PKCS12 format. The password for the PKCS12 2076 // file is `notasecret`. For more information, see 2077 // https://tools.ietf.org/html/rfc7292. 2078 // "TYPE_GOOGLE_CREDENTIALS_FILE" - Google Credentials File format. 2079 PrivateKeyType string `json:"privateKeyType,omitempty"` 2080 2081 // PublicKeyData: The public key data. Only provided in 2082 // `GetServiceAccountKey` responses. 2083 PublicKeyData string `json:"publicKeyData,omitempty"` 2084 2085 // ValidAfterTime: The key can be used after this timestamp. 2086 ValidAfterTime string `json:"validAfterTime,omitempty"` 2087 2088 // ValidBeforeTime: The key can be used before this timestamp. For 2089 // system-managed key pairs, this timestamp is the end time for the 2090 // private key signing operation. The public key could still be used for 2091 // verification for a few hours after this time. 2092 ValidBeforeTime string `json:"validBeforeTime,omitempty"` 2093 2094 // ServerResponse contains the HTTP response code and headers from the 2095 // server. 2096 googleapi.ServerResponse `json:"-"` 2097 2098 // ForceSendFields is a list of field names (e.g. "Disabled") to 2099 // unconditionally include in API requests. By default, fields with 2100 // empty or default values are omitted from API requests. However, any 2101 // non-pointer, non-interface field appearing in ForceSendFields will be 2102 // sent to the server regardless of whether the field is empty or not. 2103 // This may be used to include empty fields in Patch requests. 2104 ForceSendFields []string `json:"-"` 2105 2106 // NullFields is a list of field names (e.g. "Disabled") to include in 2107 // API requests with the JSON null value. By default, fields with empty 2108 // values are omitted from API requests. However, any field with an 2109 // empty value appearing in NullFields will be sent to the server as 2110 // null. It is an error if a field in this list has a non-empty value. 2111 // This may be used to include null fields in Patch requests. 2112 NullFields []string `json:"-"` 2113} 2114 2115func (s *ServiceAccountKey) MarshalJSON() ([]byte, error) { 2116 type NoMethod ServiceAccountKey 2117 raw := NoMethod(*s) 2118 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2119} 2120 2121// SetIamPolicyRequest: Request message for `SetIamPolicy` method. 2122type SetIamPolicyRequest struct { 2123 // Policy: REQUIRED: The complete policy to be applied to the 2124 // `resource`. The size of the policy is limited to a few 10s of KB. An 2125 // empty policy is a valid policy but certain Cloud Platform services 2126 // (such as Projects) might reject them. 2127 Policy *Policy `json:"policy,omitempty"` 2128 2129 // UpdateMask: OPTIONAL: A FieldMask specifying which fields of the 2130 // policy to modify. Only the fields in the mask will be modified. If no 2131 // mask is provided, the following default mask is used: `paths: 2132 // "bindings, etag" 2133 UpdateMask string `json:"updateMask,omitempty"` 2134 2135 // ForceSendFields is a list of field names (e.g. "Policy") to 2136 // unconditionally include in API requests. By default, fields with 2137 // empty or default values are omitted from API requests. However, any 2138 // non-pointer, non-interface field appearing in ForceSendFields will be 2139 // sent to the server regardless of whether the field is empty or not. 2140 // This may be used to include empty fields in Patch requests. 2141 ForceSendFields []string `json:"-"` 2142 2143 // NullFields is a list of field names (e.g. "Policy") to include in API 2144 // requests with the JSON null value. By default, fields with empty 2145 // values are omitted from API requests. However, any field with an 2146 // empty value appearing in NullFields will be sent to the server as 2147 // null. It is an error if a field in this list has a non-empty value. 2148 // This may be used to include null fields in Patch requests. 2149 NullFields []string `json:"-"` 2150} 2151 2152func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) { 2153 type NoMethod SetIamPolicyRequest 2154 raw := NoMethod(*s) 2155 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2156} 2157 2158// SignBlobRequest: Deprecated. Migrate to Service Account Credentials 2159// API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2160// service account sign blob request. 2161type SignBlobRequest struct { 2162 // BytesToSign: Required. Deprecated. Migrate to Service Account 2163 // Credentials API 2164 // (https://cloud.google.com/iam/help/credentials/migrate-api). The 2165 // bytes to sign. 2166 BytesToSign string `json:"bytesToSign,omitempty"` 2167 2168 // ForceSendFields is a list of field names (e.g. "BytesToSign") to 2169 // unconditionally include in API requests. By default, fields with 2170 // empty or default values are omitted from API requests. However, any 2171 // non-pointer, non-interface field appearing in ForceSendFields will be 2172 // sent to the server regardless of whether the field is empty or not. 2173 // This may be used to include empty fields in Patch requests. 2174 ForceSendFields []string `json:"-"` 2175 2176 // NullFields is a list of field names (e.g. "BytesToSign") to include 2177 // in API requests with the JSON null value. By default, fields with 2178 // empty values are omitted from API requests. However, any field with 2179 // an empty value appearing in NullFields will be sent to the server as 2180 // null. It is an error if a field in this list has a non-empty value. 2181 // This may be used to include null fields in Patch requests. 2182 NullFields []string `json:"-"` 2183} 2184 2185func (s *SignBlobRequest) MarshalJSON() ([]byte, error) { 2186 type NoMethod SignBlobRequest 2187 raw := NoMethod(*s) 2188 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2189} 2190 2191// SignBlobResponse: Deprecated. Migrate to Service Account Credentials 2192// API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2193// service account sign blob response. 2194type SignBlobResponse struct { 2195 // KeyId: Deprecated. Migrate to Service Account Credentials API 2196 // (https://cloud.google.com/iam/help/credentials/migrate-api). The id 2197 // of the key used to sign the blob. 2198 KeyId string `json:"keyId,omitempty"` 2199 2200 // Signature: Deprecated. Migrate to Service Account Credentials API 2201 // (https://cloud.google.com/iam/help/credentials/migrate-api). The 2202 // signed blob. 2203 Signature string `json:"signature,omitempty"` 2204 2205 // ServerResponse contains the HTTP response code and headers from the 2206 // server. 2207 googleapi.ServerResponse `json:"-"` 2208 2209 // ForceSendFields is a list of field names (e.g. "KeyId") to 2210 // unconditionally include in API requests. By default, fields with 2211 // empty or default values are omitted from API requests. However, any 2212 // non-pointer, non-interface field appearing in ForceSendFields will be 2213 // sent to the server regardless of whether the field is empty or not. 2214 // This may be used to include empty fields in Patch requests. 2215 ForceSendFields []string `json:"-"` 2216 2217 // NullFields is a list of field names (e.g. "KeyId") to include in API 2218 // requests with the JSON null value. By default, fields with empty 2219 // values are omitted from API requests. However, any field with an 2220 // empty value appearing in NullFields will be sent to the server as 2221 // null. It is an error if a field in this list has a non-empty value. 2222 // This may be used to include null fields in Patch requests. 2223 NullFields []string `json:"-"` 2224} 2225 2226func (s *SignBlobResponse) MarshalJSON() ([]byte, error) { 2227 type NoMethod SignBlobResponse 2228 raw := NoMethod(*s) 2229 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2230} 2231 2232// SignJwtRequest: Deprecated. Migrate to Service Account Credentials 2233// API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2234// service account sign JWT request. 2235type SignJwtRequest struct { 2236 // Payload: Required. Deprecated. Migrate to Service Account Credentials 2237 // API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2238 // JWT payload to sign. Must be a serialized JSON object that contains a 2239 // JWT Claims Set. For example: `{"sub": "user@example.com", "iat": 2240 // 313435}` If the JWT Claims Set contains an expiration time (`exp`) 2241 // claim, it must be an integer timestamp that is not in the past and no 2242 // more than 12 hours in the future. If the JWT Claims Set does not 2243 // contain an expiration time (`exp`) claim, this claim is added 2244 // automatically, with a timestamp that is 1 hour in the future. 2245 Payload string `json:"payload,omitempty"` 2246 2247 // ForceSendFields is a list of field names (e.g. "Payload") to 2248 // unconditionally include in API requests. By default, fields with 2249 // empty or default values are omitted from API requests. However, any 2250 // non-pointer, non-interface field appearing in ForceSendFields will be 2251 // sent to the server regardless of whether the field is empty or not. 2252 // This may be used to include empty fields in Patch requests. 2253 ForceSendFields []string `json:"-"` 2254 2255 // NullFields is a list of field names (e.g. "Payload") to include in 2256 // API requests with the JSON null value. By default, fields with empty 2257 // values are omitted from API requests. However, any field with an 2258 // empty value appearing in NullFields will be sent to the server as 2259 // null. It is an error if a field in this list has a non-empty value. 2260 // This may be used to include null fields in Patch requests. 2261 NullFields []string `json:"-"` 2262} 2263 2264func (s *SignJwtRequest) MarshalJSON() ([]byte, error) { 2265 type NoMethod SignJwtRequest 2266 raw := NoMethod(*s) 2267 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2268} 2269 2270// SignJwtResponse: Deprecated. Migrate to Service Account Credentials 2271// API (https://cloud.google.com/iam/help/credentials/migrate-api). The 2272// service account sign JWT response. 2273type SignJwtResponse struct { 2274 // KeyId: Deprecated. Migrate to Service Account Credentials API 2275 // (https://cloud.google.com/iam/help/credentials/migrate-api). The id 2276 // of the key used to sign the JWT. 2277 KeyId string `json:"keyId,omitempty"` 2278 2279 // SignedJwt: Deprecated. Migrate to Service Account Credentials API 2280 // (https://cloud.google.com/iam/help/credentials/migrate-api). The 2281 // signed JWT. 2282 SignedJwt string `json:"signedJwt,omitempty"` 2283 2284 // ServerResponse contains the HTTP response code and headers from the 2285 // server. 2286 googleapi.ServerResponse `json:"-"` 2287 2288 // ForceSendFields is a list of field names (e.g. "KeyId") to 2289 // unconditionally include in API requests. By default, fields with 2290 // empty or default values are omitted from API requests. However, any 2291 // non-pointer, non-interface field appearing in ForceSendFields will be 2292 // sent to the server regardless of whether the field is empty or not. 2293 // This may be used to include empty fields in Patch requests. 2294 ForceSendFields []string `json:"-"` 2295 2296 // NullFields is a list of field names (e.g. "KeyId") to include in API 2297 // requests with the JSON null value. By default, fields with empty 2298 // values are omitted from API requests. However, any field with an 2299 // empty value appearing in NullFields will be sent to the server as 2300 // null. It is an error if a field in this list has a non-empty value. 2301 // This may be used to include null fields in Patch requests. 2302 NullFields []string `json:"-"` 2303} 2304 2305func (s *SignJwtResponse) MarshalJSON() ([]byte, error) { 2306 type NoMethod SignJwtResponse 2307 raw := NoMethod(*s) 2308 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2309} 2310 2311// Status: The `Status` type defines a logical error model that is 2312// suitable for different programming environments, including REST APIs 2313// and RPC APIs. It is used by gRPC (https://github.com/grpc). Each 2314// `Status` message contains three pieces of data: error code, error 2315// message, and error details. You can find out more about this error 2316// model and how to work with it in the API Design Guide 2317// (https://cloud.google.com/apis/design/errors). 2318type Status struct { 2319 // Code: The status code, which should be an enum value of 2320 // google.rpc.Code. 2321 Code int64 `json:"code,omitempty"` 2322 2323 // Details: A list of messages that carry the error details. There is a 2324 // common set of message types for APIs to use. 2325 Details []googleapi.RawMessage `json:"details,omitempty"` 2326 2327 // Message: A developer-facing error message, which should be in 2328 // English. Any user-facing error message should be localized and sent 2329 // in the google.rpc.Status.details field, or localized by the client. 2330 Message string `json:"message,omitempty"` 2331 2332 // ForceSendFields is a list of field names (e.g. "Code") to 2333 // unconditionally include in API requests. By default, fields with 2334 // empty or default values are omitted from API requests. However, any 2335 // non-pointer, non-interface field appearing in ForceSendFields will be 2336 // sent to the server regardless of whether the field is empty or not. 2337 // This may be used to include empty fields in Patch requests. 2338 ForceSendFields []string `json:"-"` 2339 2340 // NullFields is a list of field names (e.g. "Code") to include in API 2341 // requests with the JSON null value. By default, fields with empty 2342 // values are omitted from API requests. However, any field with an 2343 // empty value appearing in NullFields will be sent to the server as 2344 // null. It is an error if a field in this list has a non-empty value. 2345 // This may be used to include null fields in Patch requests. 2346 NullFields []string `json:"-"` 2347} 2348 2349func (s *Status) MarshalJSON() ([]byte, error) { 2350 type NoMethod Status 2351 raw := NoMethod(*s) 2352 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2353} 2354 2355// TestIamPermissionsRequest: Request message for `TestIamPermissions` 2356// method. 2357type TestIamPermissionsRequest struct { 2358 // Permissions: The set of permissions to check for the `resource`. 2359 // Permissions with wildcards (such as '*' or 'storage.*') are not 2360 // allowed. For more information see IAM Overview 2361 // (https://cloud.google.com/iam/docs/overview#permissions). 2362 Permissions []string `json:"permissions,omitempty"` 2363 2364 // ForceSendFields is a list of field names (e.g. "Permissions") to 2365 // unconditionally include in API requests. By default, fields with 2366 // empty or default values are omitted from API requests. However, any 2367 // non-pointer, non-interface field appearing in ForceSendFields will be 2368 // sent to the server regardless of whether the field is empty or not. 2369 // This may be used to include empty fields in Patch requests. 2370 ForceSendFields []string `json:"-"` 2371 2372 // NullFields is a list of field names (e.g. "Permissions") to include 2373 // in API requests with the JSON null value. By default, fields with 2374 // empty values are omitted from API requests. However, any field with 2375 // an empty value appearing in NullFields will be sent to the server as 2376 // null. It is an error if a field in this list has a non-empty value. 2377 // This may be used to include null fields in Patch requests. 2378 NullFields []string `json:"-"` 2379} 2380 2381func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error) { 2382 type NoMethod TestIamPermissionsRequest 2383 raw := NoMethod(*s) 2384 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2385} 2386 2387// TestIamPermissionsResponse: Response message for `TestIamPermissions` 2388// method. 2389type TestIamPermissionsResponse struct { 2390 // Permissions: A subset of `TestPermissionsRequest.permissions` that 2391 // the caller is allowed. 2392 Permissions []string `json:"permissions,omitempty"` 2393 2394 // ServerResponse contains the HTTP response code and headers from the 2395 // server. 2396 googleapi.ServerResponse `json:"-"` 2397 2398 // ForceSendFields is a list of field names (e.g. "Permissions") to 2399 // unconditionally include in API requests. By default, fields with 2400 // empty or default values are omitted from API requests. However, any 2401 // non-pointer, non-interface field appearing in ForceSendFields will be 2402 // sent to the server regardless of whether the field is empty or not. 2403 // This may be used to include empty fields in Patch requests. 2404 ForceSendFields []string `json:"-"` 2405 2406 // NullFields is a list of field names (e.g. "Permissions") to include 2407 // in API requests with the JSON null value. By default, fields with 2408 // empty values are omitted from API requests. However, any field with 2409 // an empty value appearing in NullFields will be sent to the server as 2410 // null. It is an error if a field in this list has a non-empty value. 2411 // This may be used to include null fields in Patch requests. 2412 NullFields []string `json:"-"` 2413} 2414 2415func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) { 2416 type NoMethod TestIamPermissionsResponse 2417 raw := NoMethod(*s) 2418 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2419} 2420 2421// UndeleteRoleRequest: The request to undelete an existing role. 2422type UndeleteRoleRequest struct { 2423 // Etag: Used to perform a consistent read-modify-write. 2424 Etag string `json:"etag,omitempty"` 2425 2426 // ForceSendFields is a list of field names (e.g. "Etag") to 2427 // unconditionally include in API requests. By default, fields with 2428 // empty or default values are omitted from API requests. However, any 2429 // non-pointer, non-interface field appearing in ForceSendFields will be 2430 // sent to the server regardless of whether the field is empty or not. 2431 // This may be used to include empty fields in Patch requests. 2432 ForceSendFields []string `json:"-"` 2433 2434 // NullFields is a list of field names (e.g. "Etag") to include in API 2435 // requests with the JSON null value. By default, fields with empty 2436 // values are omitted from API requests. However, any field with an 2437 // empty value appearing in NullFields will be sent to the server as 2438 // null. It is an error if a field in this list has a non-empty value. 2439 // This may be used to include null fields in Patch requests. 2440 NullFields []string `json:"-"` 2441} 2442 2443func (s *UndeleteRoleRequest) MarshalJSON() ([]byte, error) { 2444 type NoMethod UndeleteRoleRequest 2445 raw := NoMethod(*s) 2446 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2447} 2448 2449// UndeleteServiceAccountRequest: The service account undelete request. 2450type UndeleteServiceAccountRequest struct { 2451} 2452 2453type UndeleteServiceAccountResponse struct { 2454 // RestoredAccount: Metadata for the restored service account. 2455 RestoredAccount *ServiceAccount `json:"restoredAccount,omitempty"` 2456 2457 // ServerResponse contains the HTTP response code and headers from the 2458 // server. 2459 googleapi.ServerResponse `json:"-"` 2460 2461 // ForceSendFields is a list of field names (e.g. "RestoredAccount") to 2462 // unconditionally include in API requests. By default, fields with 2463 // empty or default values are omitted from API requests. However, any 2464 // non-pointer, non-interface field appearing in ForceSendFields will be 2465 // sent to the server regardless of whether the field is empty or not. 2466 // This may be used to include empty fields in Patch requests. 2467 ForceSendFields []string `json:"-"` 2468 2469 // NullFields is a list of field names (e.g. "RestoredAccount") to 2470 // include in API requests with the JSON null value. By default, fields 2471 // with empty values are omitted from API requests. However, any field 2472 // with an empty value appearing in NullFields will be sent to the 2473 // server as null. It is an error if a field in this list has a 2474 // non-empty value. This may be used to include null fields in Patch 2475 // requests. 2476 NullFields []string `json:"-"` 2477} 2478 2479func (s *UndeleteServiceAccountResponse) MarshalJSON() ([]byte, error) { 2480 type NoMethod UndeleteServiceAccountResponse 2481 raw := NoMethod(*s) 2482 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2483} 2484 2485// UndeleteWorkloadIdentityPoolProviderRequest: Request message for 2486// UndeleteWorkloadIdentityPoolProvider. 2487type UndeleteWorkloadIdentityPoolProviderRequest struct { 2488} 2489 2490// UndeleteWorkloadIdentityPoolRequest: Request message for 2491// UndeleteWorkloadIdentityPool. 2492type UndeleteWorkloadIdentityPoolRequest struct { 2493} 2494 2495// UploadServiceAccountKeyRequest: The service account key upload 2496// request. 2497type UploadServiceAccountKeyRequest struct { 2498 // PublicKeyData: A field that allows clients to upload their own public 2499 // key. If set, use this public key data to create a service account key 2500 // for given service account. Please note, the expected format for this 2501 // field is X509_PEM. 2502 PublicKeyData string `json:"publicKeyData,omitempty"` 2503 2504 // ForceSendFields is a list of field names (e.g. "PublicKeyData") to 2505 // unconditionally include in API requests. By default, fields with 2506 // empty or default values are omitted from API requests. However, any 2507 // non-pointer, non-interface field appearing in ForceSendFields will be 2508 // sent to the server regardless of whether the field is empty or not. 2509 // This may be used to include empty fields in Patch requests. 2510 ForceSendFields []string `json:"-"` 2511 2512 // NullFields is a list of field names (e.g. "PublicKeyData") to include 2513 // in API requests with the JSON null value. By default, fields with 2514 // empty values are omitted from API requests. However, any field with 2515 // an empty value appearing in NullFields will be sent to the server as 2516 // null. It is an error if a field in this list has a non-empty value. 2517 // This may be used to include null fields in Patch requests. 2518 NullFields []string `json:"-"` 2519} 2520 2521func (s *UploadServiceAccountKeyRequest) MarshalJSON() ([]byte, error) { 2522 type NoMethod UploadServiceAccountKeyRequest 2523 raw := NoMethod(*s) 2524 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2525} 2526 2527// WorkloadIdentityPool: Represents a collection of external workload 2528// identities. You can define IAM policies to grant these identities 2529// access to Google Cloud resources. 2530type WorkloadIdentityPool struct { 2531 // Description: A description of the pool. Cannot exceed 256 characters. 2532 Description string `json:"description,omitempty"` 2533 2534 // Disabled: Whether the pool is disabled. You cannot use a disabled 2535 // pool to exchange tokens, or use existing tokens to access resources. 2536 // If the pool is re-enabled, existing tokens grant access again. 2537 Disabled bool `json:"disabled,omitempty"` 2538 2539 // DisplayName: A display name for the pool. Cannot exceed 32 2540 // characters. 2541 DisplayName string `json:"displayName,omitempty"` 2542 2543 // Name: Output only. The resource name of the pool. 2544 Name string `json:"name,omitempty"` 2545 2546 // State: Output only. The state of the pool. 2547 // 2548 // Possible values: 2549 // "STATE_UNSPECIFIED" - State unspecified. 2550 // "ACTIVE" - The pool is active, and may be used in Google Cloud 2551 // policies. 2552 // "DELETED" - The pool is soft-deleted. Soft-deleted pools are 2553 // permanently deleted after approximately 30 days. You can restore a 2554 // soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot 2555 // reuse the ID of a soft-deleted pool until it is permanently deleted. 2556 // While a pool is deleted, you cannot use it to exchange tokens, or use 2557 // existing tokens to access resources. If the pool is undeleted, 2558 // existing tokens grant access again. 2559 State string `json:"state,omitempty"` 2560 2561 // ServerResponse contains the HTTP response code and headers from the 2562 // server. 2563 googleapi.ServerResponse `json:"-"` 2564 2565 // ForceSendFields is a list of field names (e.g. "Description") to 2566 // unconditionally include in API requests. By default, fields with 2567 // empty or default values are omitted from API requests. However, any 2568 // non-pointer, non-interface field appearing in ForceSendFields will be 2569 // sent to the server regardless of whether the field is empty or not. 2570 // This may be used to include empty fields in Patch requests. 2571 ForceSendFields []string `json:"-"` 2572 2573 // NullFields is a list of field names (e.g. "Description") to include 2574 // in API requests with the JSON null value. By default, fields with 2575 // empty values are omitted from API requests. However, any field with 2576 // an empty value appearing in NullFields will be sent to the server as 2577 // null. It is an error if a field in this list has a non-empty value. 2578 // This may be used to include null fields in Patch requests. 2579 NullFields []string `json:"-"` 2580} 2581 2582func (s *WorkloadIdentityPool) MarshalJSON() ([]byte, error) { 2583 type NoMethod WorkloadIdentityPool 2584 raw := NoMethod(*s) 2585 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2586} 2587 2588// WorkloadIdentityPoolProvider: A configuration for an external 2589// identity provider. 2590type WorkloadIdentityPoolProvider struct { 2591 // AttributeCondition: A Common Expression Language 2592 // (https://opensource.google/projects/cel) expression, in plain text, 2593 // to restrict what otherwise valid authentication credentials issued by 2594 // the provider should not be accepted. The expression must output a 2595 // boolean representing whether to allow the federation. The following 2596 // keywords may be referenced in the expressions: * `assertion`: JSON 2597 // representing the authentication credential issued by the provider. * 2598 // `google`: The Google attributes mapped from the assertion in the 2599 // `attribute_mappings`. * `attribute`: The custom attributes mapped 2600 // from the assertion in the `attribute_mappings`. The maximum length of 2601 // the attribute condition expression is 4096 characters. If 2602 // unspecified, all valid authentication credential are accepted. The 2603 // following example shows how to only allow credentials with a mapped 2604 // `google.groups` value of `admins`: ``` "'admins' in google.groups" 2605 // ``` 2606 AttributeCondition string `json:"attributeCondition,omitempty"` 2607 2608 // AttributeMapping: Maps attributes from authentication credentials 2609 // issued by an external identity provider to Google Cloud attributes, 2610 // such as `subject` and `segment`. Each key must be a string specifying 2611 // the Google Cloud IAM attribute to map to. The following keys are 2612 // supported: * `google.subject`: The principal IAM is authenticating. 2613 // You can reference this value in IAM bindings. This is also the 2614 // subject that appears in Cloud Logging logs. Cannot exceed 127 2615 // characters. * `google.groups`: Groups the external identity belongs 2616 // to. You can grant groups access to resources using an IAM 2617 // `principalSet` binding; access applies to all members of the group. 2618 // You can also provide custom attributes by specifying 2619 // `attribute.{custom_attribute}`, where `{custom_attribute}` is the 2620 // name of the custom attribute to be mapped. You can define a maximum 2621 // of 50 custom attributes. The maximum length of a mapped attribute key 2622 // is 100 characters, and the key may only contain the characters 2623 // [a-z0-9_]. You can reference these attributes in IAM policies to 2624 // define fine-grained access for a workload to Google Cloud resources. 2625 // For example: * `google.subject`: 2626 // `principal://iam.googleapis.com/projects/{project}/locations/{location 2627 // }/workloadIdentityPools/{pool}/subject/{value}` * `google.groups`: 2628 // `principalSet://iam.googleapis.com/projects/{project}/locations/{locat 2629 // ion}/workloadIdentityPools/{pool}/group/{value}` * 2630 // `attribute.{custom_attribute}`: 2631 // `principalSet://iam.googleapis.com/projects/{project}/locations/{locat 2632 // ion}/workloadIdentityPools/{pool}/attribute.{custom_attribute}/{value} 2633 // ` Each value must be a [Common Expression Language] 2634 // (https://opensource.google/projects/cel) function that maps an 2635 // identity provider credential to the normalized attribute specified by 2636 // the corresponding map key. You can use the `assertion` keyword in the 2637 // expression to access a JSON representation of the authentication 2638 // credential issued by the provider. The maximum length of an attribute 2639 // mapping expression is 2048 characters. When evaluated, the total size 2640 // of all mapped attributes must not exceed 8KB. For AWS providers, if 2641 // no attribute mapping is defined, the following default mapping 2642 // applies: ``` { "google.subject":"assertion.arn", 2643 // "attribute.aws_role": "assertion.arn.contains('assumed-role')" " ? 2644 // assertion.arn.extract('{account_arn}assumed-role/')" " + 2645 // 'assumed-role/'" " + 2646 // assertion.arn.extract('assumed-role/{role_name}/')" " : 2647 // assertion.arn", } ``` If any custom attribute mappings are defined, 2648 // they must include a mapping to the `google.subject` attribute. For 2649 // OIDC providers, you must supply a custom mapping, which must include 2650 // the `google.subject` attribute. For example, the following maps the 2651 // `sub` claim of the incoming credential to the `subject` attribute on 2652 // a Google token: ``` {"google.subject": "assertion.sub"} ``` 2653 AttributeMapping map[string]string `json:"attributeMapping,omitempty"` 2654 2655 // Aws: An Amazon Web Services identity provider. 2656 Aws *Aws `json:"aws,omitempty"` 2657 2658 // Description: A description for the provider. Cannot exceed 256 2659 // characters. 2660 Description string `json:"description,omitempty"` 2661 2662 // Disabled: Whether the provider is disabled. You cannot use a disabled 2663 // provider to exchange tokens. However, existing tokens still grant 2664 // access. 2665 Disabled bool `json:"disabled,omitempty"` 2666 2667 // DisplayName: A display name for the provider. Cannot exceed 32 2668 // characters. 2669 DisplayName string `json:"displayName,omitempty"` 2670 2671 // Name: Output only. The resource name of the provider. 2672 Name string `json:"name,omitempty"` 2673 2674 // Oidc: An OpenId Connect 1.0 identity provider. 2675 Oidc *Oidc `json:"oidc,omitempty"` 2676 2677 // State: Output only. The state of the provider. 2678 // 2679 // Possible values: 2680 // "STATE_UNSPECIFIED" - State unspecified. 2681 // "ACTIVE" - The provider is active, and may be used to validate 2682 // authentication credentials. 2683 // "DELETED" - The provider is soft-deleted. Soft-deleted providers 2684 // are permanently deleted after approximately 30 days. You can restore 2685 // a soft-deleted provider using UndeleteWorkloadIdentityPoolProvider. 2686 // You cannot reuse the ID of a soft-deleted provider until it is 2687 // permanently deleted. 2688 State string `json:"state,omitempty"` 2689 2690 // ServerResponse contains the HTTP response code and headers from the 2691 // server. 2692 googleapi.ServerResponse `json:"-"` 2693 2694 // ForceSendFields is a list of field names (e.g. "AttributeCondition") 2695 // to unconditionally include in API requests. By default, fields with 2696 // empty or default values are omitted from API requests. However, any 2697 // non-pointer, non-interface field appearing in ForceSendFields will be 2698 // sent to the server regardless of whether the field is empty or not. 2699 // This may be used to include empty fields in Patch requests. 2700 ForceSendFields []string `json:"-"` 2701 2702 // NullFields is a list of field names (e.g. "AttributeCondition") to 2703 // include in API requests with the JSON null value. By default, fields 2704 // with empty values are omitted from API requests. However, any field 2705 // with an empty value appearing in NullFields will be sent to the 2706 // server as null. It is an error if a field in this list has a 2707 // non-empty value. This may be used to include null fields in Patch 2708 // requests. 2709 NullFields []string `json:"-"` 2710} 2711 2712func (s *WorkloadIdentityPoolProvider) MarshalJSON() ([]byte, error) { 2713 type NoMethod WorkloadIdentityPoolProvider 2714 raw := NoMethod(*s) 2715 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2716} 2717 2718// method id "iam.iamPolicies.lintPolicy": 2719 2720type IamPoliciesLintPolicyCall struct { 2721 s *Service 2722 lintpolicyrequest *LintPolicyRequest 2723 urlParams_ gensupport.URLParams 2724 ctx_ context.Context 2725 header_ http.Header 2726} 2727 2728// LintPolicy: Lints, or validates, an IAM policy. Currently checks the 2729// google.iam.v1.Binding.condition field, which contains a condition 2730// expression for a role binding. Successful calls to this method always 2731// return an HTTP `200 OK` status code, even if the linter detects an 2732// issue in the IAM policy. 2733func (r *IamPoliciesService) LintPolicy(lintpolicyrequest *LintPolicyRequest) *IamPoliciesLintPolicyCall { 2734 c := &IamPoliciesLintPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2735 c.lintpolicyrequest = lintpolicyrequest 2736 return c 2737} 2738 2739// Fields allows partial responses to be retrieved. See 2740// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2741// for more information. 2742func (c *IamPoliciesLintPolicyCall) Fields(s ...googleapi.Field) *IamPoliciesLintPolicyCall { 2743 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2744 return c 2745} 2746 2747// Context sets the context to be used in this call's Do method. Any 2748// pending HTTP request will be aborted if the provided context is 2749// canceled. 2750func (c *IamPoliciesLintPolicyCall) Context(ctx context.Context) *IamPoliciesLintPolicyCall { 2751 c.ctx_ = ctx 2752 return c 2753} 2754 2755// Header returns an http.Header that can be modified by the caller to 2756// add HTTP headers to the request. 2757func (c *IamPoliciesLintPolicyCall) Header() http.Header { 2758 if c.header_ == nil { 2759 c.header_ = make(http.Header) 2760 } 2761 return c.header_ 2762} 2763 2764func (c *IamPoliciesLintPolicyCall) doRequest(alt string) (*http.Response, error) { 2765 reqHeaders := make(http.Header) 2766 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 2767 for k, v := range c.header_ { 2768 reqHeaders[k] = v 2769 } 2770 reqHeaders.Set("User-Agent", c.s.userAgent()) 2771 var body io.Reader = nil 2772 body, err := googleapi.WithoutDataWrapper.JSONReader(c.lintpolicyrequest) 2773 if err != nil { 2774 return nil, err 2775 } 2776 reqHeaders.Set("Content-Type", "application/json") 2777 c.urlParams_.Set("alt", alt) 2778 c.urlParams_.Set("prettyPrint", "false") 2779 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/iamPolicies:lintPolicy") 2780 urls += "?" + c.urlParams_.Encode() 2781 req, err := http.NewRequest("POST", urls, body) 2782 if err != nil { 2783 return nil, err 2784 } 2785 req.Header = reqHeaders 2786 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2787} 2788 2789// Do executes the "iam.iamPolicies.lintPolicy" call. 2790// Exactly one of *LintPolicyResponse or error will be non-nil. Any 2791// non-2xx status code is an error. Response headers are in either 2792// *LintPolicyResponse.ServerResponse.Header or (if a response was 2793// returned at all) in error.(*googleapi.Error).Header. Use 2794// googleapi.IsNotModified to check whether the returned error was 2795// because http.StatusNotModified was returned. 2796func (c *IamPoliciesLintPolicyCall) Do(opts ...googleapi.CallOption) (*LintPolicyResponse, error) { 2797 gensupport.SetOptions(c.urlParams_, opts...) 2798 res, err := c.doRequest("json") 2799 if res != nil && res.StatusCode == http.StatusNotModified { 2800 if res.Body != nil { 2801 res.Body.Close() 2802 } 2803 return nil, &googleapi.Error{ 2804 Code: res.StatusCode, 2805 Header: res.Header, 2806 } 2807 } 2808 if err != nil { 2809 return nil, err 2810 } 2811 defer googleapi.CloseBody(res) 2812 if err := googleapi.CheckResponse(res); err != nil { 2813 return nil, err 2814 } 2815 ret := &LintPolicyResponse{ 2816 ServerResponse: googleapi.ServerResponse{ 2817 Header: res.Header, 2818 HTTPStatusCode: res.StatusCode, 2819 }, 2820 } 2821 target := &ret 2822 if err := gensupport.DecodeResponse(target, res); err != nil { 2823 return nil, err 2824 } 2825 return ret, nil 2826 // { 2827 // "description": "Lints, or validates, an IAM policy. Currently checks the google.iam.v1.Binding.condition field, which contains a condition expression for a role binding. Successful calls to this method always return an HTTP `200 OK` status code, even if the linter detects an issue in the IAM policy.", 2828 // "flatPath": "v1/iamPolicies:lintPolicy", 2829 // "httpMethod": "POST", 2830 // "id": "iam.iamPolicies.lintPolicy", 2831 // "parameterOrder": [], 2832 // "parameters": {}, 2833 // "path": "v1/iamPolicies:lintPolicy", 2834 // "request": { 2835 // "$ref": "LintPolicyRequest" 2836 // }, 2837 // "response": { 2838 // "$ref": "LintPolicyResponse" 2839 // }, 2840 // "scopes": [ 2841 // "https://www.googleapis.com/auth/cloud-platform" 2842 // ] 2843 // } 2844 2845} 2846 2847// method id "iam.iamPolicies.queryAuditableServices": 2848 2849type IamPoliciesQueryAuditableServicesCall struct { 2850 s *Service 2851 queryauditableservicesrequest *QueryAuditableServicesRequest 2852 urlParams_ gensupport.URLParams 2853 ctx_ context.Context 2854 header_ http.Header 2855} 2856 2857// QueryAuditableServices: Returns a list of services that allow you to 2858// opt into audit logs that are not generated by default. To learn more 2859// about audit logs, see the Logging documentation 2860// (https://cloud.google.com/logging/docs/audit). 2861func (r *IamPoliciesService) QueryAuditableServices(queryauditableservicesrequest *QueryAuditableServicesRequest) *IamPoliciesQueryAuditableServicesCall { 2862 c := &IamPoliciesQueryAuditableServicesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2863 c.queryauditableservicesrequest = queryauditableservicesrequest 2864 return c 2865} 2866 2867// Fields allows partial responses to be retrieved. See 2868// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2869// for more information. 2870func (c *IamPoliciesQueryAuditableServicesCall) Fields(s ...googleapi.Field) *IamPoliciesQueryAuditableServicesCall { 2871 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2872 return c 2873} 2874 2875// Context sets the context to be used in this call's Do method. Any 2876// pending HTTP request will be aborted if the provided context is 2877// canceled. 2878func (c *IamPoliciesQueryAuditableServicesCall) Context(ctx context.Context) *IamPoliciesQueryAuditableServicesCall { 2879 c.ctx_ = ctx 2880 return c 2881} 2882 2883// Header returns an http.Header that can be modified by the caller to 2884// add HTTP headers to the request. 2885func (c *IamPoliciesQueryAuditableServicesCall) Header() http.Header { 2886 if c.header_ == nil { 2887 c.header_ = make(http.Header) 2888 } 2889 return c.header_ 2890} 2891 2892func (c *IamPoliciesQueryAuditableServicesCall) doRequest(alt string) (*http.Response, error) { 2893 reqHeaders := make(http.Header) 2894 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 2895 for k, v := range c.header_ { 2896 reqHeaders[k] = v 2897 } 2898 reqHeaders.Set("User-Agent", c.s.userAgent()) 2899 var body io.Reader = nil 2900 body, err := googleapi.WithoutDataWrapper.JSONReader(c.queryauditableservicesrequest) 2901 if err != nil { 2902 return nil, err 2903 } 2904 reqHeaders.Set("Content-Type", "application/json") 2905 c.urlParams_.Set("alt", alt) 2906 c.urlParams_.Set("prettyPrint", "false") 2907 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/iamPolicies:queryAuditableServices") 2908 urls += "?" + c.urlParams_.Encode() 2909 req, err := http.NewRequest("POST", urls, body) 2910 if err != nil { 2911 return nil, err 2912 } 2913 req.Header = reqHeaders 2914 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2915} 2916 2917// Do executes the "iam.iamPolicies.queryAuditableServices" call. 2918// Exactly one of *QueryAuditableServicesResponse or error will be 2919// non-nil. Any non-2xx status code is an error. Response headers are in 2920// either *QueryAuditableServicesResponse.ServerResponse.Header or (if a 2921// response was returned at all) in error.(*googleapi.Error).Header. Use 2922// googleapi.IsNotModified to check whether the returned error was 2923// because http.StatusNotModified was returned. 2924func (c *IamPoliciesQueryAuditableServicesCall) Do(opts ...googleapi.CallOption) (*QueryAuditableServicesResponse, error) { 2925 gensupport.SetOptions(c.urlParams_, opts...) 2926 res, err := c.doRequest("json") 2927 if res != nil && res.StatusCode == http.StatusNotModified { 2928 if res.Body != nil { 2929 res.Body.Close() 2930 } 2931 return nil, &googleapi.Error{ 2932 Code: res.StatusCode, 2933 Header: res.Header, 2934 } 2935 } 2936 if err != nil { 2937 return nil, err 2938 } 2939 defer googleapi.CloseBody(res) 2940 if err := googleapi.CheckResponse(res); err != nil { 2941 return nil, err 2942 } 2943 ret := &QueryAuditableServicesResponse{ 2944 ServerResponse: googleapi.ServerResponse{ 2945 Header: res.Header, 2946 HTTPStatusCode: res.StatusCode, 2947 }, 2948 } 2949 target := &ret 2950 if err := gensupport.DecodeResponse(target, res); err != nil { 2951 return nil, err 2952 } 2953 return ret, nil 2954 // { 2955 // "description": "Returns a list of services that allow you to opt into audit logs that are not generated by default. To learn more about audit logs, see the [Logging documentation](https://cloud.google.com/logging/docs/audit).", 2956 // "flatPath": "v1/iamPolicies:queryAuditableServices", 2957 // "httpMethod": "POST", 2958 // "id": "iam.iamPolicies.queryAuditableServices", 2959 // "parameterOrder": [], 2960 // "parameters": {}, 2961 // "path": "v1/iamPolicies:queryAuditableServices", 2962 // "request": { 2963 // "$ref": "QueryAuditableServicesRequest" 2964 // }, 2965 // "response": { 2966 // "$ref": "QueryAuditableServicesResponse" 2967 // }, 2968 // "scopes": [ 2969 // "https://www.googleapis.com/auth/cloud-platform" 2970 // ] 2971 // } 2972 2973} 2974 2975// method id "iam.locations.workforcePools.operations.get": 2976 2977type LocationsWorkforcePoolsOperationsGetCall struct { 2978 s *Service 2979 name string 2980 urlParams_ gensupport.URLParams 2981 ifNoneMatch_ string 2982 ctx_ context.Context 2983 header_ http.Header 2984} 2985 2986// Get: Gets the latest state of a long-running operation. Clients can 2987// use this method to poll the operation result at intervals as 2988// recommended by the API service. 2989// 2990// - name: The name of the operation resource. 2991func (r *LocationsWorkforcePoolsOperationsService) Get(name string) *LocationsWorkforcePoolsOperationsGetCall { 2992 c := &LocationsWorkforcePoolsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2993 c.name = name 2994 return c 2995} 2996 2997// Fields allows partial responses to be retrieved. See 2998// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2999// for more information. 3000func (c *LocationsWorkforcePoolsOperationsGetCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsOperationsGetCall { 3001 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3002 return c 3003} 3004 3005// IfNoneMatch sets the optional parameter which makes the operation 3006// fail if the object's ETag matches the given value. This is useful for 3007// getting updates only after the object has changed since the last 3008// request. Use googleapi.IsNotModified to check whether the response 3009// error from Do is the result of In-None-Match. 3010func (c *LocationsWorkforcePoolsOperationsGetCall) IfNoneMatch(entityTag string) *LocationsWorkforcePoolsOperationsGetCall { 3011 c.ifNoneMatch_ = entityTag 3012 return c 3013} 3014 3015// Context sets the context to be used in this call's Do method. Any 3016// pending HTTP request will be aborted if the provided context is 3017// canceled. 3018func (c *LocationsWorkforcePoolsOperationsGetCall) Context(ctx context.Context) *LocationsWorkforcePoolsOperationsGetCall { 3019 c.ctx_ = ctx 3020 return c 3021} 3022 3023// Header returns an http.Header that can be modified by the caller to 3024// add HTTP headers to the request. 3025func (c *LocationsWorkforcePoolsOperationsGetCall) Header() http.Header { 3026 if c.header_ == nil { 3027 c.header_ = make(http.Header) 3028 } 3029 return c.header_ 3030} 3031 3032func (c *LocationsWorkforcePoolsOperationsGetCall) doRequest(alt string) (*http.Response, error) { 3033 reqHeaders := make(http.Header) 3034 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 3035 for k, v := range c.header_ { 3036 reqHeaders[k] = v 3037 } 3038 reqHeaders.Set("User-Agent", c.s.userAgent()) 3039 if c.ifNoneMatch_ != "" { 3040 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3041 } 3042 var body io.Reader = nil 3043 c.urlParams_.Set("alt", alt) 3044 c.urlParams_.Set("prettyPrint", "false") 3045 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3046 urls += "?" + c.urlParams_.Encode() 3047 req, err := http.NewRequest("GET", urls, body) 3048 if err != nil { 3049 return nil, err 3050 } 3051 req.Header = reqHeaders 3052 googleapi.Expand(req.URL, map[string]string{ 3053 "name": c.name, 3054 }) 3055 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3056} 3057 3058// Do executes the "iam.locations.workforcePools.operations.get" call. 3059// Exactly one of *Operation or error will be non-nil. Any non-2xx 3060// status code is an error. Response headers are in either 3061// *Operation.ServerResponse.Header or (if a response was returned at 3062// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 3063// to check whether the returned error was because 3064// http.StatusNotModified was returned. 3065func (c *LocationsWorkforcePoolsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 3066 gensupport.SetOptions(c.urlParams_, opts...) 3067 res, err := c.doRequest("json") 3068 if res != nil && res.StatusCode == http.StatusNotModified { 3069 if res.Body != nil { 3070 res.Body.Close() 3071 } 3072 return nil, &googleapi.Error{ 3073 Code: res.StatusCode, 3074 Header: res.Header, 3075 } 3076 } 3077 if err != nil { 3078 return nil, err 3079 } 3080 defer googleapi.CloseBody(res) 3081 if err := googleapi.CheckResponse(res); err != nil { 3082 return nil, err 3083 } 3084 ret := &Operation{ 3085 ServerResponse: googleapi.ServerResponse{ 3086 Header: res.Header, 3087 HTTPStatusCode: res.StatusCode, 3088 }, 3089 } 3090 target := &ret 3091 if err := gensupport.DecodeResponse(target, res); err != nil { 3092 return nil, err 3093 } 3094 return ret, nil 3095 // { 3096 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 3097 // "flatPath": "v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/operations/{operationsId}", 3098 // "httpMethod": "GET", 3099 // "id": "iam.locations.workforcePools.operations.get", 3100 // "parameterOrder": [ 3101 // "name" 3102 // ], 3103 // "parameters": { 3104 // "name": { 3105 // "description": "The name of the operation resource.", 3106 // "location": "path", 3107 // "pattern": "^locations/[^/]+/workforcePools/[^/]+/operations/[^/]+$", 3108 // "required": true, 3109 // "type": "string" 3110 // } 3111 // }, 3112 // "path": "v1/{+name}", 3113 // "response": { 3114 // "$ref": "Operation" 3115 // }, 3116 // "scopes": [ 3117 // "https://www.googleapis.com/auth/cloud-platform" 3118 // ] 3119 // } 3120 3121} 3122 3123// method id "iam.locations.workforcePools.providers.operations.get": 3124 3125type LocationsWorkforcePoolsProvidersOperationsGetCall struct { 3126 s *Service 3127 name string 3128 urlParams_ gensupport.URLParams 3129 ifNoneMatch_ string 3130 ctx_ context.Context 3131 header_ http.Header 3132} 3133 3134// Get: Gets the latest state of a long-running operation. Clients can 3135// use this method to poll the operation result at intervals as 3136// recommended by the API service. 3137// 3138// - name: The name of the operation resource. 3139func (r *LocationsWorkforcePoolsProvidersOperationsService) Get(name string) *LocationsWorkforcePoolsProvidersOperationsGetCall { 3140 c := &LocationsWorkforcePoolsProvidersOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3141 c.name = name 3142 return c 3143} 3144 3145// Fields allows partial responses to be retrieved. See 3146// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3147// for more information. 3148func (c *LocationsWorkforcePoolsProvidersOperationsGetCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsProvidersOperationsGetCall { 3149 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3150 return c 3151} 3152 3153// IfNoneMatch sets the optional parameter which makes the operation 3154// fail if the object's ETag matches the given value. This is useful for 3155// getting updates only after the object has changed since the last 3156// request. Use googleapi.IsNotModified to check whether the response 3157// error from Do is the result of In-None-Match. 3158func (c *LocationsWorkforcePoolsProvidersOperationsGetCall) IfNoneMatch(entityTag string) *LocationsWorkforcePoolsProvidersOperationsGetCall { 3159 c.ifNoneMatch_ = entityTag 3160 return c 3161} 3162 3163// Context sets the context to be used in this call's Do method. Any 3164// pending HTTP request will be aborted if the provided context is 3165// canceled. 3166func (c *LocationsWorkforcePoolsProvidersOperationsGetCall) Context(ctx context.Context) *LocationsWorkforcePoolsProvidersOperationsGetCall { 3167 c.ctx_ = ctx 3168 return c 3169} 3170 3171// Header returns an http.Header that can be modified by the caller to 3172// add HTTP headers to the request. 3173func (c *LocationsWorkforcePoolsProvidersOperationsGetCall) Header() http.Header { 3174 if c.header_ == nil { 3175 c.header_ = make(http.Header) 3176 } 3177 return c.header_ 3178} 3179 3180func (c *LocationsWorkforcePoolsProvidersOperationsGetCall) doRequest(alt string) (*http.Response, error) { 3181 reqHeaders := make(http.Header) 3182 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 3183 for k, v := range c.header_ { 3184 reqHeaders[k] = v 3185 } 3186 reqHeaders.Set("User-Agent", c.s.userAgent()) 3187 if c.ifNoneMatch_ != "" { 3188 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3189 } 3190 var body io.Reader = nil 3191 c.urlParams_.Set("alt", alt) 3192 c.urlParams_.Set("prettyPrint", "false") 3193 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3194 urls += "?" + c.urlParams_.Encode() 3195 req, err := http.NewRequest("GET", urls, body) 3196 if err != nil { 3197 return nil, err 3198 } 3199 req.Header = reqHeaders 3200 googleapi.Expand(req.URL, map[string]string{ 3201 "name": c.name, 3202 }) 3203 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3204} 3205 3206// Do executes the "iam.locations.workforcePools.providers.operations.get" call. 3207// Exactly one of *Operation or error will be non-nil. Any non-2xx 3208// status code is an error. Response headers are in either 3209// *Operation.ServerResponse.Header or (if a response was returned at 3210// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 3211// to check whether the returned error was because 3212// http.StatusNotModified was returned. 3213func (c *LocationsWorkforcePoolsProvidersOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 3214 gensupport.SetOptions(c.urlParams_, opts...) 3215 res, err := c.doRequest("json") 3216 if res != nil && res.StatusCode == http.StatusNotModified { 3217 if res.Body != nil { 3218 res.Body.Close() 3219 } 3220 return nil, &googleapi.Error{ 3221 Code: res.StatusCode, 3222 Header: res.Header, 3223 } 3224 } 3225 if err != nil { 3226 return nil, err 3227 } 3228 defer googleapi.CloseBody(res) 3229 if err := googleapi.CheckResponse(res); err != nil { 3230 return nil, err 3231 } 3232 ret := &Operation{ 3233 ServerResponse: googleapi.ServerResponse{ 3234 Header: res.Header, 3235 HTTPStatusCode: res.StatusCode, 3236 }, 3237 } 3238 target := &ret 3239 if err := gensupport.DecodeResponse(target, res); err != nil { 3240 return nil, err 3241 } 3242 return ret, nil 3243 // { 3244 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 3245 // "flatPath": "v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/providers/{providersId}/operations/{operationsId}", 3246 // "httpMethod": "GET", 3247 // "id": "iam.locations.workforcePools.providers.operations.get", 3248 // "parameterOrder": [ 3249 // "name" 3250 // ], 3251 // "parameters": { 3252 // "name": { 3253 // "description": "The name of the operation resource.", 3254 // "location": "path", 3255 // "pattern": "^locations/[^/]+/workforcePools/[^/]+/providers/[^/]+/operations/[^/]+$", 3256 // "required": true, 3257 // "type": "string" 3258 // } 3259 // }, 3260 // "path": "v1/{+name}", 3261 // "response": { 3262 // "$ref": "Operation" 3263 // }, 3264 // "scopes": [ 3265 // "https://www.googleapis.com/auth/cloud-platform" 3266 // ] 3267 // } 3268 3269} 3270 3271// method id "iam.organizations.roles.create": 3272 3273type OrganizationsRolesCreateCall struct { 3274 s *Service 3275 parent string 3276 createrolerequest *CreateRoleRequest 3277 urlParams_ gensupport.URLParams 3278 ctx_ context.Context 3279 header_ http.Header 3280} 3281 3282// Create: Creates a new custom Role. 3283// 3284// - parent: The `parent` parameter's value depends on the target 3285// resource for the request, namely `projects` 3286// (/iam/reference/rest/v1/projects.roles) or `organizations` 3287// (/iam/reference/rest/v1/organizations.roles). Each resource type's 3288// `parent` value format is described below: * 3289// `projects.roles.create()` 3290// (/iam/reference/rest/v1/projects.roles/create): 3291// `projects/{PROJECT_ID}`. This method creates project-level custom 3292// roles (/iam/docs/understanding-custom-roles). Example request URL: 3293// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 3294// `organizations.roles.create()` 3295// (/iam/reference/rest/v1/organizations.roles/create): 3296// `organizations/{ORGANIZATION_ID}`. This method creates 3297// organization-level custom roles 3298// (/iam/docs/understanding-custom-roles). Example request URL: 3299// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 3300// ` Note: Wildcard (*) values are invalid; you must specify a 3301// complete project ID or organization ID. 3302func (r *OrganizationsRolesService) Create(parent string, createrolerequest *CreateRoleRequest) *OrganizationsRolesCreateCall { 3303 c := &OrganizationsRolesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3304 c.parent = parent 3305 c.createrolerequest = createrolerequest 3306 return c 3307} 3308 3309// Fields allows partial responses to be retrieved. See 3310// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3311// for more information. 3312func (c *OrganizationsRolesCreateCall) Fields(s ...googleapi.Field) *OrganizationsRolesCreateCall { 3313 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3314 return c 3315} 3316 3317// Context sets the context to be used in this call's Do method. Any 3318// pending HTTP request will be aborted if the provided context is 3319// canceled. 3320func (c *OrganizationsRolesCreateCall) Context(ctx context.Context) *OrganizationsRolesCreateCall { 3321 c.ctx_ = ctx 3322 return c 3323} 3324 3325// Header returns an http.Header that can be modified by the caller to 3326// add HTTP headers to the request. 3327func (c *OrganizationsRolesCreateCall) Header() http.Header { 3328 if c.header_ == nil { 3329 c.header_ = make(http.Header) 3330 } 3331 return c.header_ 3332} 3333 3334func (c *OrganizationsRolesCreateCall) doRequest(alt string) (*http.Response, error) { 3335 reqHeaders := make(http.Header) 3336 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 3337 for k, v := range c.header_ { 3338 reqHeaders[k] = v 3339 } 3340 reqHeaders.Set("User-Agent", c.s.userAgent()) 3341 var body io.Reader = nil 3342 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createrolerequest) 3343 if err != nil { 3344 return nil, err 3345 } 3346 reqHeaders.Set("Content-Type", "application/json") 3347 c.urlParams_.Set("alt", alt) 3348 c.urlParams_.Set("prettyPrint", "false") 3349 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 3350 urls += "?" + c.urlParams_.Encode() 3351 req, err := http.NewRequest("POST", urls, body) 3352 if err != nil { 3353 return nil, err 3354 } 3355 req.Header = reqHeaders 3356 googleapi.Expand(req.URL, map[string]string{ 3357 "parent": c.parent, 3358 }) 3359 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3360} 3361 3362// Do executes the "iam.organizations.roles.create" call. 3363// Exactly one of *Role or error will be non-nil. Any non-2xx status 3364// code is an error. Response headers are in either 3365// *Role.ServerResponse.Header or (if a response was returned at all) in 3366// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3367// whether the returned error was because http.StatusNotModified was 3368// returned. 3369func (c *OrganizationsRolesCreateCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3370 gensupport.SetOptions(c.urlParams_, opts...) 3371 res, err := c.doRequest("json") 3372 if res != nil && res.StatusCode == http.StatusNotModified { 3373 if res.Body != nil { 3374 res.Body.Close() 3375 } 3376 return nil, &googleapi.Error{ 3377 Code: res.StatusCode, 3378 Header: res.Header, 3379 } 3380 } 3381 if err != nil { 3382 return nil, err 3383 } 3384 defer googleapi.CloseBody(res) 3385 if err := googleapi.CheckResponse(res); err != nil { 3386 return nil, err 3387 } 3388 ret := &Role{ 3389 ServerResponse: googleapi.ServerResponse{ 3390 Header: res.Header, 3391 HTTPStatusCode: res.StatusCode, 3392 }, 3393 } 3394 target := &ret 3395 if err := gensupport.DecodeResponse(target, res); err != nil { 3396 return nil, err 3397 } 3398 return ret, nil 3399 // { 3400 // "description": "Creates a new custom Role.", 3401 // "flatPath": "v1/organizations/{organizationsId}/roles", 3402 // "httpMethod": "POST", 3403 // "id": "iam.organizations.roles.create", 3404 // "parameterOrder": [ 3405 // "parent" 3406 // ], 3407 // "parameters": { 3408 // "parent": { 3409 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`projects.roles.create()`](/iam/reference/rest/v1/projects.roles/create): `projects/{PROJECT_ID}`. This method creates project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.create()`](/iam/reference/rest/v1/organizations.roles/create): `organizations/{ORGANIZATION_ID}`. This method creates organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3410 // "location": "path", 3411 // "pattern": "^organizations/[^/]+$", 3412 // "required": true, 3413 // "type": "string" 3414 // } 3415 // }, 3416 // "path": "v1/{+parent}/roles", 3417 // "request": { 3418 // "$ref": "CreateRoleRequest" 3419 // }, 3420 // "response": { 3421 // "$ref": "Role" 3422 // }, 3423 // "scopes": [ 3424 // "https://www.googleapis.com/auth/cloud-platform" 3425 // ] 3426 // } 3427 3428} 3429 3430// method id "iam.organizations.roles.delete": 3431 3432type OrganizationsRolesDeleteCall struct { 3433 s *Service 3434 name string 3435 urlParams_ gensupport.URLParams 3436 ctx_ context.Context 3437 header_ http.Header 3438} 3439 3440// Delete: Deletes a custom Role. When you delete a custom role, the 3441// following changes occur immediately: * You cannot bind a principal to 3442// the custom role in an IAM Policy. * Existing bindings to the custom 3443// role are not changed, but they have no effect. * By default, the 3444// response from ListRoles does not include the custom role. You have 7 3445// days to undelete the custom role. After 7 days, the following changes 3446// occur: * The custom role is permanently deleted and cannot be 3447// recovered. * If an IAM policy contains a binding to the custom role, 3448// the binding is permanently removed. 3449// 3450// - name: The `name` parameter's value depends on the target resource 3451// for the request, namely `projects` 3452// (/iam/reference/rest/v1/projects.roles) or `organizations` 3453// (/iam/reference/rest/v1/organizations.roles). Each resource type's 3454// `name` value format is described below: * `projects.roles.delete()` 3455// (/iam/reference/rest/v1/projects.roles/delete): 3456// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes 3457// only custom roles (/iam/docs/understanding-custom-roles) that have 3458// been created at the project level. Example request URL: 3459// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 3460// OLE_ID}` * `organizations.roles.delete()` 3461// (/iam/reference/rest/v1/organizations.roles/delete): 3462// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 3463// method deletes only custom roles 3464// (/iam/docs/understanding-custom-roles) that have been created at 3465// the organization level. Example request URL: 3466// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 3467// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 3468// specify a complete project ID or organization ID. 3469func (r *OrganizationsRolesService) Delete(name string) *OrganizationsRolesDeleteCall { 3470 c := &OrganizationsRolesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3471 c.name = name 3472 return c 3473} 3474 3475// Etag sets the optional parameter "etag": Used to perform a consistent 3476// read-modify-write. 3477func (c *OrganizationsRolesDeleteCall) Etag(etag string) *OrganizationsRolesDeleteCall { 3478 c.urlParams_.Set("etag", etag) 3479 return c 3480} 3481 3482// Fields allows partial responses to be retrieved. See 3483// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3484// for more information. 3485func (c *OrganizationsRolesDeleteCall) Fields(s ...googleapi.Field) *OrganizationsRolesDeleteCall { 3486 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3487 return c 3488} 3489 3490// Context sets the context to be used in this call's Do method. Any 3491// pending HTTP request will be aborted if the provided context is 3492// canceled. 3493func (c *OrganizationsRolesDeleteCall) Context(ctx context.Context) *OrganizationsRolesDeleteCall { 3494 c.ctx_ = ctx 3495 return c 3496} 3497 3498// Header returns an http.Header that can be modified by the caller to 3499// add HTTP headers to the request. 3500func (c *OrganizationsRolesDeleteCall) Header() http.Header { 3501 if c.header_ == nil { 3502 c.header_ = make(http.Header) 3503 } 3504 return c.header_ 3505} 3506 3507func (c *OrganizationsRolesDeleteCall) doRequest(alt string) (*http.Response, error) { 3508 reqHeaders := make(http.Header) 3509 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 3510 for k, v := range c.header_ { 3511 reqHeaders[k] = v 3512 } 3513 reqHeaders.Set("User-Agent", c.s.userAgent()) 3514 var body io.Reader = nil 3515 c.urlParams_.Set("alt", alt) 3516 c.urlParams_.Set("prettyPrint", "false") 3517 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3518 urls += "?" + c.urlParams_.Encode() 3519 req, err := http.NewRequest("DELETE", urls, body) 3520 if err != nil { 3521 return nil, err 3522 } 3523 req.Header = reqHeaders 3524 googleapi.Expand(req.URL, map[string]string{ 3525 "name": c.name, 3526 }) 3527 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3528} 3529 3530// Do executes the "iam.organizations.roles.delete" call. 3531// Exactly one of *Role or error will be non-nil. Any non-2xx status 3532// code is an error. Response headers are in either 3533// *Role.ServerResponse.Header or (if a response was returned at all) in 3534// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3535// whether the returned error was because http.StatusNotModified was 3536// returned. 3537func (c *OrganizationsRolesDeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3538 gensupport.SetOptions(c.urlParams_, opts...) 3539 res, err := c.doRequest("json") 3540 if res != nil && res.StatusCode == http.StatusNotModified { 3541 if res.Body != nil { 3542 res.Body.Close() 3543 } 3544 return nil, &googleapi.Error{ 3545 Code: res.StatusCode, 3546 Header: res.Header, 3547 } 3548 } 3549 if err != nil { 3550 return nil, err 3551 } 3552 defer googleapi.CloseBody(res) 3553 if err := googleapi.CheckResponse(res); err != nil { 3554 return nil, err 3555 } 3556 ret := &Role{ 3557 ServerResponse: googleapi.ServerResponse{ 3558 Header: res.Header, 3559 HTTPStatusCode: res.StatusCode, 3560 }, 3561 } 3562 target := &ret 3563 if err := gensupport.DecodeResponse(target, res); err != nil { 3564 return nil, err 3565 } 3566 return ret, nil 3567 // { 3568 // "description": "Deletes a custom Role. When you delete a custom role, the following changes occur immediately: * You cannot bind a principal to the custom role in an IAM Policy. * Existing bindings to the custom role are not changed, but they have no effect. * By default, the response from ListRoles does not include the custom role. You have 7 days to undelete the custom role. After 7 days, the following changes occur: * The custom role is permanently deleted and cannot be recovered. * If an IAM policy contains a binding to the custom role, the binding is permanently removed.", 3569 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 3570 // "httpMethod": "DELETE", 3571 // "id": "iam.organizations.roles.delete", 3572 // "parameterOrder": [ 3573 // "name" 3574 // ], 3575 // "parameters": { 3576 // "etag": { 3577 // "description": "Used to perform a consistent read-modify-write.", 3578 // "format": "byte", 3579 // "location": "query", 3580 // "type": "string" 3581 // }, 3582 // "name": { 3583 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.delete()`](/iam/reference/rest/v1/projects.roles/delete): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.delete()`](/iam/reference/rest/v1/organizations.roles/delete): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3584 // "location": "path", 3585 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3586 // "required": true, 3587 // "type": "string" 3588 // } 3589 // }, 3590 // "path": "v1/{+name}", 3591 // "response": { 3592 // "$ref": "Role" 3593 // }, 3594 // "scopes": [ 3595 // "https://www.googleapis.com/auth/cloud-platform" 3596 // ] 3597 // } 3598 3599} 3600 3601// method id "iam.organizations.roles.get": 3602 3603type OrganizationsRolesGetCall struct { 3604 s *Service 3605 name string 3606 urlParams_ gensupport.URLParams 3607 ifNoneMatch_ string 3608 ctx_ context.Context 3609 header_ http.Header 3610} 3611 3612// Get: Gets the definition of a Role. 3613// 3614// - name: The `name` parameter's value depends on the target resource 3615// for the request, namely `roles` (/iam/reference/rest/v1/roles), 3616// `projects` (/iam/reference/rest/v1/projects.roles), or 3617// `organizations` (/iam/reference/rest/v1/organizations.roles). Each 3618// resource type's `name` value format is described below: * 3619// `roles.get()` (/iam/reference/rest/v1/roles/get): 3620// `roles/{ROLE_NAME}`. This method returns results from all 3621// predefined roles (/iam/docs/understanding-roles#predefined_roles) 3622// in Cloud IAM. Example request URL: 3623// `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * 3624// `projects.roles.get()` (/iam/reference/rest/v1/projects.roles/get): 3625// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns 3626// only custom roles (/iam/docs/understanding-custom-roles) that have 3627// been created at the project level. Example request URL: 3628// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 3629// OLE_ID}` * `organizations.roles.get()` 3630// (/iam/reference/rest/v1/organizations.roles/get): 3631// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 3632// method returns only custom roles 3633// (/iam/docs/understanding-custom-roles) that have been created at 3634// the organization level. Example request URL: 3635// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 3636// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 3637// specify a complete project ID or organization ID. 3638func (r *OrganizationsRolesService) Get(name string) *OrganizationsRolesGetCall { 3639 c := &OrganizationsRolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3640 c.name = name 3641 return c 3642} 3643 3644// Fields allows partial responses to be retrieved. See 3645// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3646// for more information. 3647func (c *OrganizationsRolesGetCall) Fields(s ...googleapi.Field) *OrganizationsRolesGetCall { 3648 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3649 return c 3650} 3651 3652// IfNoneMatch sets the optional parameter which makes the operation 3653// fail if the object's ETag matches the given value. This is useful for 3654// getting updates only after the object has changed since the last 3655// request. Use googleapi.IsNotModified to check whether the response 3656// error from Do is the result of In-None-Match. 3657func (c *OrganizationsRolesGetCall) IfNoneMatch(entityTag string) *OrganizationsRolesGetCall { 3658 c.ifNoneMatch_ = entityTag 3659 return c 3660} 3661 3662// Context sets the context to be used in this call's Do method. Any 3663// pending HTTP request will be aborted if the provided context is 3664// canceled. 3665func (c *OrganizationsRolesGetCall) Context(ctx context.Context) *OrganizationsRolesGetCall { 3666 c.ctx_ = ctx 3667 return c 3668} 3669 3670// Header returns an http.Header that can be modified by the caller to 3671// add HTTP headers to the request. 3672func (c *OrganizationsRolesGetCall) Header() http.Header { 3673 if c.header_ == nil { 3674 c.header_ = make(http.Header) 3675 } 3676 return c.header_ 3677} 3678 3679func (c *OrganizationsRolesGetCall) doRequest(alt string) (*http.Response, error) { 3680 reqHeaders := make(http.Header) 3681 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 3682 for k, v := range c.header_ { 3683 reqHeaders[k] = v 3684 } 3685 reqHeaders.Set("User-Agent", c.s.userAgent()) 3686 if c.ifNoneMatch_ != "" { 3687 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3688 } 3689 var body io.Reader = nil 3690 c.urlParams_.Set("alt", alt) 3691 c.urlParams_.Set("prettyPrint", "false") 3692 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3693 urls += "?" + c.urlParams_.Encode() 3694 req, err := http.NewRequest("GET", urls, body) 3695 if err != nil { 3696 return nil, err 3697 } 3698 req.Header = reqHeaders 3699 googleapi.Expand(req.URL, map[string]string{ 3700 "name": c.name, 3701 }) 3702 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3703} 3704 3705// Do executes the "iam.organizations.roles.get" call. 3706// Exactly one of *Role or error will be non-nil. Any non-2xx status 3707// code is an error. Response headers are in either 3708// *Role.ServerResponse.Header or (if a response was returned at all) in 3709// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3710// whether the returned error was because http.StatusNotModified was 3711// returned. 3712func (c *OrganizationsRolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3713 gensupport.SetOptions(c.urlParams_, opts...) 3714 res, err := c.doRequest("json") 3715 if res != nil && res.StatusCode == http.StatusNotModified { 3716 if res.Body != nil { 3717 res.Body.Close() 3718 } 3719 return nil, &googleapi.Error{ 3720 Code: res.StatusCode, 3721 Header: res.Header, 3722 } 3723 } 3724 if err != nil { 3725 return nil, err 3726 } 3727 defer googleapi.CloseBody(res) 3728 if err := googleapi.CheckResponse(res); err != nil { 3729 return nil, err 3730 } 3731 ret := &Role{ 3732 ServerResponse: googleapi.ServerResponse{ 3733 Header: res.Header, 3734 HTTPStatusCode: res.StatusCode, 3735 }, 3736 } 3737 target := &ret 3738 if err := gensupport.DecodeResponse(target, res); err != nil { 3739 return nil, err 3740 } 3741 return ret, nil 3742 // { 3743 // "description": "Gets the definition of a Role.", 3744 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 3745 // "httpMethod": "GET", 3746 // "id": "iam.organizations.roles.get", 3747 // "parameterOrder": [ 3748 // "name" 3749 // ], 3750 // "parameters": { 3751 // "name": { 3752 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`. This method returns results from all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3753 // "location": "path", 3754 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3755 // "required": true, 3756 // "type": "string" 3757 // } 3758 // }, 3759 // "path": "v1/{+name}", 3760 // "response": { 3761 // "$ref": "Role" 3762 // }, 3763 // "scopes": [ 3764 // "https://www.googleapis.com/auth/cloud-platform" 3765 // ] 3766 // } 3767 3768} 3769 3770// method id "iam.organizations.roles.list": 3771 3772type OrganizationsRolesListCall struct { 3773 s *Service 3774 parent string 3775 urlParams_ gensupport.URLParams 3776 ifNoneMatch_ string 3777 ctx_ context.Context 3778 header_ http.Header 3779} 3780 3781// List: Lists every predefined Role that IAM supports, or every custom 3782// role that is defined for an organization or project. 3783// 3784// - parent: The `parent` parameter's value depends on the target 3785// resource for the request, namely `roles` 3786// (/iam/reference/rest/v1/roles), `projects` 3787// (/iam/reference/rest/v1/projects.roles), or `organizations` 3788// (/iam/reference/rest/v1/organizations.roles). Each resource type's 3789// `parent` value format is described below: * `roles.list()` 3790// (/iam/reference/rest/v1/roles/list): An empty string. This method 3791// doesn't require a resource; it simply returns all predefined roles 3792// (/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. 3793// Example request URL: `https://iam.googleapis.com/v1/roles` * 3794// `projects.roles.list()` 3795// (/iam/reference/rest/v1/projects.roles/list): 3796// `projects/{PROJECT_ID}`. This method lists all project-level custom 3797// roles (/iam/docs/understanding-custom-roles). Example request URL: 3798// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 3799// `organizations.roles.list()` 3800// (/iam/reference/rest/v1/organizations.roles/list): 3801// `organizations/{ORGANIZATION_ID}`. This method lists all 3802// organization-level custom roles 3803// (/iam/docs/understanding-custom-roles). Example request URL: 3804// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 3805// ` Note: Wildcard (*) values are invalid; you must specify a 3806// complete project ID or organization ID. 3807func (r *OrganizationsRolesService) List(parent string) *OrganizationsRolesListCall { 3808 c := &OrganizationsRolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3809 c.parent = parent 3810 return c 3811} 3812 3813// PageSize sets the optional parameter "pageSize": Optional limit on 3814// the number of roles to include in the response. The default is 300, 3815// and the maximum is 1,000. 3816func (c *OrganizationsRolesListCall) PageSize(pageSize int64) *OrganizationsRolesListCall { 3817 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 3818 return c 3819} 3820 3821// PageToken sets the optional parameter "pageToken": Optional 3822// pagination token returned in an earlier ListRolesResponse. 3823func (c *OrganizationsRolesListCall) PageToken(pageToken string) *OrganizationsRolesListCall { 3824 c.urlParams_.Set("pageToken", pageToken) 3825 return c 3826} 3827 3828// ShowDeleted sets the optional parameter "showDeleted": Include Roles 3829// that have been deleted. 3830func (c *OrganizationsRolesListCall) ShowDeleted(showDeleted bool) *OrganizationsRolesListCall { 3831 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 3832 return c 3833} 3834 3835// View sets the optional parameter "view": Optional view for the 3836// returned Role objects. When `FULL` is specified, the 3837// `includedPermissions` field is returned, which includes a list of all 3838// permissions in the role. The default value is `BASIC`, which does not 3839// return the `includedPermissions` field. 3840// 3841// Possible values: 3842// "BASIC" - Omits the `included_permissions` field. This is the 3843// default value. 3844// "FULL" - Returns all fields. 3845func (c *OrganizationsRolesListCall) View(view string) *OrganizationsRolesListCall { 3846 c.urlParams_.Set("view", view) 3847 return c 3848} 3849 3850// Fields allows partial responses to be retrieved. See 3851// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3852// for more information. 3853func (c *OrganizationsRolesListCall) Fields(s ...googleapi.Field) *OrganizationsRolesListCall { 3854 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3855 return c 3856} 3857 3858// IfNoneMatch sets the optional parameter which makes the operation 3859// fail if the object's ETag matches the given value. This is useful for 3860// getting updates only after the object has changed since the last 3861// request. Use googleapi.IsNotModified to check whether the response 3862// error from Do is the result of In-None-Match. 3863func (c *OrganizationsRolesListCall) IfNoneMatch(entityTag string) *OrganizationsRolesListCall { 3864 c.ifNoneMatch_ = entityTag 3865 return c 3866} 3867 3868// Context sets the context to be used in this call's Do method. Any 3869// pending HTTP request will be aborted if the provided context is 3870// canceled. 3871func (c *OrganizationsRolesListCall) Context(ctx context.Context) *OrganizationsRolesListCall { 3872 c.ctx_ = ctx 3873 return c 3874} 3875 3876// Header returns an http.Header that can be modified by the caller to 3877// add HTTP headers to the request. 3878func (c *OrganizationsRolesListCall) Header() http.Header { 3879 if c.header_ == nil { 3880 c.header_ = make(http.Header) 3881 } 3882 return c.header_ 3883} 3884 3885func (c *OrganizationsRolesListCall) doRequest(alt string) (*http.Response, error) { 3886 reqHeaders := make(http.Header) 3887 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 3888 for k, v := range c.header_ { 3889 reqHeaders[k] = v 3890 } 3891 reqHeaders.Set("User-Agent", c.s.userAgent()) 3892 if c.ifNoneMatch_ != "" { 3893 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3894 } 3895 var body io.Reader = nil 3896 c.urlParams_.Set("alt", alt) 3897 c.urlParams_.Set("prettyPrint", "false") 3898 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 3899 urls += "?" + c.urlParams_.Encode() 3900 req, err := http.NewRequest("GET", urls, body) 3901 if err != nil { 3902 return nil, err 3903 } 3904 req.Header = reqHeaders 3905 googleapi.Expand(req.URL, map[string]string{ 3906 "parent": c.parent, 3907 }) 3908 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3909} 3910 3911// Do executes the "iam.organizations.roles.list" call. 3912// Exactly one of *ListRolesResponse or error will be non-nil. Any 3913// non-2xx status code is an error. Response headers are in either 3914// *ListRolesResponse.ServerResponse.Header or (if a response was 3915// returned at all) in error.(*googleapi.Error).Header. Use 3916// googleapi.IsNotModified to check whether the returned error was 3917// because http.StatusNotModified was returned. 3918func (c *OrganizationsRolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 3919 gensupport.SetOptions(c.urlParams_, opts...) 3920 res, err := c.doRequest("json") 3921 if res != nil && res.StatusCode == http.StatusNotModified { 3922 if res.Body != nil { 3923 res.Body.Close() 3924 } 3925 return nil, &googleapi.Error{ 3926 Code: res.StatusCode, 3927 Header: res.Header, 3928 } 3929 } 3930 if err != nil { 3931 return nil, err 3932 } 3933 defer googleapi.CloseBody(res) 3934 if err := googleapi.CheckResponse(res); err != nil { 3935 return nil, err 3936 } 3937 ret := &ListRolesResponse{ 3938 ServerResponse: googleapi.ServerResponse{ 3939 Header: res.Header, 3940 HTTPStatusCode: res.StatusCode, 3941 }, 3942 } 3943 target := &ret 3944 if err := gensupport.DecodeResponse(target, res); err != nil { 3945 return nil, err 3946 } 3947 return ret, nil 3948 // { 3949 // "description": "Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.", 3950 // "flatPath": "v1/organizations/{organizationsId}/roles", 3951 // "httpMethod": "GET", 3952 // "id": "iam.organizations.roles.list", 3953 // "parameterOrder": [ 3954 // "parent" 3955 // ], 3956 // "parameters": { 3957 // "pageSize": { 3958 // "description": "Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000.", 3959 // "format": "int32", 3960 // "location": "query", 3961 // "type": "integer" 3962 // }, 3963 // "pageToken": { 3964 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 3965 // "location": "query", 3966 // "type": "string" 3967 // }, 3968 // "parent": { 3969 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string. This method doesn't require a resource; it simply returns all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles` * [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list): `projects/{PROJECT_ID}`. This method lists all project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list): `organizations/{ORGANIZATION_ID}`. This method lists all organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 3970 // "location": "path", 3971 // "pattern": "^organizations/[^/]+$", 3972 // "required": true, 3973 // "type": "string" 3974 // }, 3975 // "showDeleted": { 3976 // "description": "Include Roles that have been deleted.", 3977 // "location": "query", 3978 // "type": "boolean" 3979 // }, 3980 // "view": { 3981 // "description": "Optional view for the returned Role objects. When `FULL` is specified, the `includedPermissions` field is returned, which includes a list of all permissions in the role. The default value is `BASIC`, which does not return the `includedPermissions` field.", 3982 // "enum": [ 3983 // "BASIC", 3984 // "FULL" 3985 // ], 3986 // "enumDescriptions": [ 3987 // "Omits the `included_permissions` field. This is the default value.", 3988 // "Returns all fields." 3989 // ], 3990 // "location": "query", 3991 // "type": "string" 3992 // } 3993 // }, 3994 // "path": "v1/{+parent}/roles", 3995 // "response": { 3996 // "$ref": "ListRolesResponse" 3997 // }, 3998 // "scopes": [ 3999 // "https://www.googleapis.com/auth/cloud-platform" 4000 // ] 4001 // } 4002 4003} 4004 4005// Pages invokes f for each page of results. 4006// A non-nil error returned from f will halt the iteration. 4007// The provided context supersedes any context provided to the Context method. 4008func (c *OrganizationsRolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 4009 c.ctx_ = ctx 4010 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 4011 for { 4012 x, err := c.Do() 4013 if err != nil { 4014 return err 4015 } 4016 if err := f(x); err != nil { 4017 return err 4018 } 4019 if x.NextPageToken == "" { 4020 return nil 4021 } 4022 c.PageToken(x.NextPageToken) 4023 } 4024} 4025 4026// method id "iam.organizations.roles.patch": 4027 4028type OrganizationsRolesPatchCall struct { 4029 s *Service 4030 name string 4031 role *Role 4032 urlParams_ gensupport.URLParams 4033 ctx_ context.Context 4034 header_ http.Header 4035} 4036 4037// Patch: Updates the definition of a custom Role. 4038// 4039// - name: The `name` parameter's value depends on the target resource 4040// for the request, namely `projects` 4041// (/iam/reference/rest/v1/projects.roles) or `organizations` 4042// (/iam/reference/rest/v1/organizations.roles). Each resource type's 4043// `name` value format is described below: * `projects.roles.patch()` 4044// (/iam/reference/rest/v1/projects.roles/patch): 4045// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates 4046// only custom roles (/iam/docs/understanding-custom-roles) that have 4047// been created at the project level. Example request URL: 4048// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 4049// OLE_ID}` * `organizations.roles.patch()` 4050// (/iam/reference/rest/v1/organizations.roles/patch): 4051// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 4052// method updates only custom roles 4053// (/iam/docs/understanding-custom-roles) that have been created at 4054// the organization level. Example request URL: 4055// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 4056// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 4057// specify a complete project ID or organization ID. 4058func (r *OrganizationsRolesService) Patch(name string, role *Role) *OrganizationsRolesPatchCall { 4059 c := &OrganizationsRolesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4060 c.name = name 4061 c.role = role 4062 return c 4063} 4064 4065// UpdateMask sets the optional parameter "updateMask": A mask 4066// describing which fields in the Role have changed. 4067func (c *OrganizationsRolesPatchCall) UpdateMask(updateMask string) *OrganizationsRolesPatchCall { 4068 c.urlParams_.Set("updateMask", updateMask) 4069 return c 4070} 4071 4072// Fields allows partial responses to be retrieved. See 4073// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4074// for more information. 4075func (c *OrganizationsRolesPatchCall) Fields(s ...googleapi.Field) *OrganizationsRolesPatchCall { 4076 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4077 return c 4078} 4079 4080// Context sets the context to be used in this call's Do method. Any 4081// pending HTTP request will be aborted if the provided context is 4082// canceled. 4083func (c *OrganizationsRolesPatchCall) Context(ctx context.Context) *OrganizationsRolesPatchCall { 4084 c.ctx_ = ctx 4085 return c 4086} 4087 4088// Header returns an http.Header that can be modified by the caller to 4089// add HTTP headers to the request. 4090func (c *OrganizationsRolesPatchCall) Header() http.Header { 4091 if c.header_ == nil { 4092 c.header_ = make(http.Header) 4093 } 4094 return c.header_ 4095} 4096 4097func (c *OrganizationsRolesPatchCall) doRequest(alt string) (*http.Response, error) { 4098 reqHeaders := make(http.Header) 4099 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 4100 for k, v := range c.header_ { 4101 reqHeaders[k] = v 4102 } 4103 reqHeaders.Set("User-Agent", c.s.userAgent()) 4104 var body io.Reader = nil 4105 body, err := googleapi.WithoutDataWrapper.JSONReader(c.role) 4106 if err != nil { 4107 return nil, err 4108 } 4109 reqHeaders.Set("Content-Type", "application/json") 4110 c.urlParams_.Set("alt", alt) 4111 c.urlParams_.Set("prettyPrint", "false") 4112 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4113 urls += "?" + c.urlParams_.Encode() 4114 req, err := http.NewRequest("PATCH", urls, body) 4115 if err != nil { 4116 return nil, err 4117 } 4118 req.Header = reqHeaders 4119 googleapi.Expand(req.URL, map[string]string{ 4120 "name": c.name, 4121 }) 4122 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4123} 4124 4125// Do executes the "iam.organizations.roles.patch" call. 4126// Exactly one of *Role or error will be non-nil. Any non-2xx status 4127// code is an error. Response headers are in either 4128// *Role.ServerResponse.Header or (if a response was returned at all) in 4129// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 4130// whether the returned error was because http.StatusNotModified was 4131// returned. 4132func (c *OrganizationsRolesPatchCall) Do(opts ...googleapi.CallOption) (*Role, error) { 4133 gensupport.SetOptions(c.urlParams_, opts...) 4134 res, err := c.doRequest("json") 4135 if res != nil && res.StatusCode == http.StatusNotModified { 4136 if res.Body != nil { 4137 res.Body.Close() 4138 } 4139 return nil, &googleapi.Error{ 4140 Code: res.StatusCode, 4141 Header: res.Header, 4142 } 4143 } 4144 if err != nil { 4145 return nil, err 4146 } 4147 defer googleapi.CloseBody(res) 4148 if err := googleapi.CheckResponse(res); err != nil { 4149 return nil, err 4150 } 4151 ret := &Role{ 4152 ServerResponse: googleapi.ServerResponse{ 4153 Header: res.Header, 4154 HTTPStatusCode: res.StatusCode, 4155 }, 4156 } 4157 target := &ret 4158 if err := gensupport.DecodeResponse(target, res); err != nil { 4159 return nil, err 4160 } 4161 return ret, nil 4162 // { 4163 // "description": "Updates the definition of a custom Role.", 4164 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 4165 // "httpMethod": "PATCH", 4166 // "id": "iam.organizations.roles.patch", 4167 // "parameterOrder": [ 4168 // "name" 4169 // ], 4170 // "parameters": { 4171 // "name": { 4172 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.patch()`](/iam/reference/rest/v1/projects.roles/patch): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.patch()`](/iam/reference/rest/v1/organizations.roles/patch): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 4173 // "location": "path", 4174 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 4175 // "required": true, 4176 // "type": "string" 4177 // }, 4178 // "updateMask": { 4179 // "description": "A mask describing which fields in the Role have changed.", 4180 // "format": "google-fieldmask", 4181 // "location": "query", 4182 // "type": "string" 4183 // } 4184 // }, 4185 // "path": "v1/{+name}", 4186 // "request": { 4187 // "$ref": "Role" 4188 // }, 4189 // "response": { 4190 // "$ref": "Role" 4191 // }, 4192 // "scopes": [ 4193 // "https://www.googleapis.com/auth/cloud-platform" 4194 // ] 4195 // } 4196 4197} 4198 4199// method id "iam.organizations.roles.undelete": 4200 4201type OrganizationsRolesUndeleteCall struct { 4202 s *Service 4203 name string 4204 undeleterolerequest *UndeleteRoleRequest 4205 urlParams_ gensupport.URLParams 4206 ctx_ context.Context 4207 header_ http.Header 4208} 4209 4210// Undelete: Undeletes a custom Role. 4211// 4212// - name: The `name` parameter's value depends on the target resource 4213// for the request, namely `projects` 4214// (/iam/reference/rest/v1/projects.roles) or `organizations` 4215// (/iam/reference/rest/v1/organizations.roles). Each resource type's 4216// `name` value format is described below: * 4217// `projects.roles.undelete()` 4218// (/iam/reference/rest/v1/projects.roles/undelete): 4219// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method 4220// undeletes only custom roles (/iam/docs/understanding-custom-roles) 4221// that have been created at the project level. Example request URL: 4222// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 4223// OLE_ID}` * `organizations.roles.undelete()` 4224// (/iam/reference/rest/v1/organizations.roles/undelete): 4225// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 4226// method undeletes only custom roles 4227// (/iam/docs/understanding-custom-roles) that have been created at 4228// the organization level. Example request URL: 4229// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 4230// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 4231// specify a complete project ID or organization ID. 4232func (r *OrganizationsRolesService) Undelete(name string, undeleterolerequest *UndeleteRoleRequest) *OrganizationsRolesUndeleteCall { 4233 c := &OrganizationsRolesUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4234 c.name = name 4235 c.undeleterolerequest = undeleterolerequest 4236 return c 4237} 4238 4239// Fields allows partial responses to be retrieved. See 4240// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4241// for more information. 4242func (c *OrganizationsRolesUndeleteCall) Fields(s ...googleapi.Field) *OrganizationsRolesUndeleteCall { 4243 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4244 return c 4245} 4246 4247// Context sets the context to be used in this call's Do method. Any 4248// pending HTTP request will be aborted if the provided context is 4249// canceled. 4250func (c *OrganizationsRolesUndeleteCall) Context(ctx context.Context) *OrganizationsRolesUndeleteCall { 4251 c.ctx_ = ctx 4252 return c 4253} 4254 4255// Header returns an http.Header that can be modified by the caller to 4256// add HTTP headers to the request. 4257func (c *OrganizationsRolesUndeleteCall) Header() http.Header { 4258 if c.header_ == nil { 4259 c.header_ = make(http.Header) 4260 } 4261 return c.header_ 4262} 4263 4264func (c *OrganizationsRolesUndeleteCall) doRequest(alt string) (*http.Response, error) { 4265 reqHeaders := make(http.Header) 4266 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 4267 for k, v := range c.header_ { 4268 reqHeaders[k] = v 4269 } 4270 reqHeaders.Set("User-Agent", c.s.userAgent()) 4271 var body io.Reader = nil 4272 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleterolerequest) 4273 if err != nil { 4274 return nil, err 4275 } 4276 reqHeaders.Set("Content-Type", "application/json") 4277 c.urlParams_.Set("alt", alt) 4278 c.urlParams_.Set("prettyPrint", "false") 4279 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 4280 urls += "?" + c.urlParams_.Encode() 4281 req, err := http.NewRequest("POST", urls, body) 4282 if err != nil { 4283 return nil, err 4284 } 4285 req.Header = reqHeaders 4286 googleapi.Expand(req.URL, map[string]string{ 4287 "name": c.name, 4288 }) 4289 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4290} 4291 4292// Do executes the "iam.organizations.roles.undelete" call. 4293// Exactly one of *Role or error will be non-nil. Any non-2xx status 4294// code is an error. Response headers are in either 4295// *Role.ServerResponse.Header or (if a response was returned at all) in 4296// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 4297// whether the returned error was because http.StatusNotModified was 4298// returned. 4299func (c *OrganizationsRolesUndeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 4300 gensupport.SetOptions(c.urlParams_, opts...) 4301 res, err := c.doRequest("json") 4302 if res != nil && res.StatusCode == http.StatusNotModified { 4303 if res.Body != nil { 4304 res.Body.Close() 4305 } 4306 return nil, &googleapi.Error{ 4307 Code: res.StatusCode, 4308 Header: res.Header, 4309 } 4310 } 4311 if err != nil { 4312 return nil, err 4313 } 4314 defer googleapi.CloseBody(res) 4315 if err := googleapi.CheckResponse(res); err != nil { 4316 return nil, err 4317 } 4318 ret := &Role{ 4319 ServerResponse: googleapi.ServerResponse{ 4320 Header: res.Header, 4321 HTTPStatusCode: res.StatusCode, 4322 }, 4323 } 4324 target := &ret 4325 if err := gensupport.DecodeResponse(target, res); err != nil { 4326 return nil, err 4327 } 4328 return ret, nil 4329 // { 4330 // "description": "Undeletes a custom Role.", 4331 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}:undelete", 4332 // "httpMethod": "POST", 4333 // "id": "iam.organizations.roles.undelete", 4334 // "parameterOrder": [ 4335 // "name" 4336 // ], 4337 // "parameters": { 4338 // "name": { 4339 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.undelete()`](/iam/reference/rest/v1/projects.roles/undelete): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.undelete()`](/iam/reference/rest/v1/organizations.roles/undelete): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 4340 // "location": "path", 4341 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 4342 // "required": true, 4343 // "type": "string" 4344 // } 4345 // }, 4346 // "path": "v1/{+name}:undelete", 4347 // "request": { 4348 // "$ref": "UndeleteRoleRequest" 4349 // }, 4350 // "response": { 4351 // "$ref": "Role" 4352 // }, 4353 // "scopes": [ 4354 // "https://www.googleapis.com/auth/cloud-platform" 4355 // ] 4356 // } 4357 4358} 4359 4360// method id "iam.permissions.queryTestablePermissions": 4361 4362type PermissionsQueryTestablePermissionsCall struct { 4363 s *Service 4364 querytestablepermissionsrequest *QueryTestablePermissionsRequest 4365 urlParams_ gensupport.URLParams 4366 ctx_ context.Context 4367 header_ http.Header 4368} 4369 4370// QueryTestablePermissions: Lists every permission that you can test on 4371// a resource. A permission is testable if you can check whether a 4372// principal has that permission on the resource. 4373func (r *PermissionsService) QueryTestablePermissions(querytestablepermissionsrequest *QueryTestablePermissionsRequest) *PermissionsQueryTestablePermissionsCall { 4374 c := &PermissionsQueryTestablePermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4375 c.querytestablepermissionsrequest = querytestablepermissionsrequest 4376 return c 4377} 4378 4379// Fields allows partial responses to be retrieved. See 4380// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4381// for more information. 4382func (c *PermissionsQueryTestablePermissionsCall) Fields(s ...googleapi.Field) *PermissionsQueryTestablePermissionsCall { 4383 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4384 return c 4385} 4386 4387// Context sets the context to be used in this call's Do method. Any 4388// pending HTTP request will be aborted if the provided context is 4389// canceled. 4390func (c *PermissionsQueryTestablePermissionsCall) Context(ctx context.Context) *PermissionsQueryTestablePermissionsCall { 4391 c.ctx_ = ctx 4392 return c 4393} 4394 4395// Header returns an http.Header that can be modified by the caller to 4396// add HTTP headers to the request. 4397func (c *PermissionsQueryTestablePermissionsCall) Header() http.Header { 4398 if c.header_ == nil { 4399 c.header_ = make(http.Header) 4400 } 4401 return c.header_ 4402} 4403 4404func (c *PermissionsQueryTestablePermissionsCall) doRequest(alt string) (*http.Response, error) { 4405 reqHeaders := make(http.Header) 4406 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 4407 for k, v := range c.header_ { 4408 reqHeaders[k] = v 4409 } 4410 reqHeaders.Set("User-Agent", c.s.userAgent()) 4411 var body io.Reader = nil 4412 body, err := googleapi.WithoutDataWrapper.JSONReader(c.querytestablepermissionsrequest) 4413 if err != nil { 4414 return nil, err 4415 } 4416 reqHeaders.Set("Content-Type", "application/json") 4417 c.urlParams_.Set("alt", alt) 4418 c.urlParams_.Set("prettyPrint", "false") 4419 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/permissions:queryTestablePermissions") 4420 urls += "?" + c.urlParams_.Encode() 4421 req, err := http.NewRequest("POST", urls, body) 4422 if err != nil { 4423 return nil, err 4424 } 4425 req.Header = reqHeaders 4426 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4427} 4428 4429// Do executes the "iam.permissions.queryTestablePermissions" call. 4430// Exactly one of *QueryTestablePermissionsResponse or error will be 4431// non-nil. Any non-2xx status code is an error. Response headers are in 4432// either *QueryTestablePermissionsResponse.ServerResponse.Header or (if 4433// a response was returned at all) in error.(*googleapi.Error).Header. 4434// Use googleapi.IsNotModified to check whether the returned error was 4435// because http.StatusNotModified was returned. 4436func (c *PermissionsQueryTestablePermissionsCall) Do(opts ...googleapi.CallOption) (*QueryTestablePermissionsResponse, error) { 4437 gensupport.SetOptions(c.urlParams_, opts...) 4438 res, err := c.doRequest("json") 4439 if res != nil && res.StatusCode == http.StatusNotModified { 4440 if res.Body != nil { 4441 res.Body.Close() 4442 } 4443 return nil, &googleapi.Error{ 4444 Code: res.StatusCode, 4445 Header: res.Header, 4446 } 4447 } 4448 if err != nil { 4449 return nil, err 4450 } 4451 defer googleapi.CloseBody(res) 4452 if err := googleapi.CheckResponse(res); err != nil { 4453 return nil, err 4454 } 4455 ret := &QueryTestablePermissionsResponse{ 4456 ServerResponse: googleapi.ServerResponse{ 4457 Header: res.Header, 4458 HTTPStatusCode: res.StatusCode, 4459 }, 4460 } 4461 target := &ret 4462 if err := gensupport.DecodeResponse(target, res); err != nil { 4463 return nil, err 4464 } 4465 return ret, nil 4466 // { 4467 // "description": "Lists every permission that you can test on a resource. A permission is testable if you can check whether a principal has that permission on the resource.", 4468 // "flatPath": "v1/permissions:queryTestablePermissions", 4469 // "httpMethod": "POST", 4470 // "id": "iam.permissions.queryTestablePermissions", 4471 // "parameterOrder": [], 4472 // "parameters": {}, 4473 // "path": "v1/permissions:queryTestablePermissions", 4474 // "request": { 4475 // "$ref": "QueryTestablePermissionsRequest" 4476 // }, 4477 // "response": { 4478 // "$ref": "QueryTestablePermissionsResponse" 4479 // }, 4480 // "scopes": [ 4481 // "https://www.googleapis.com/auth/cloud-platform" 4482 // ] 4483 // } 4484 4485} 4486 4487// Pages invokes f for each page of results. 4488// A non-nil error returned from f will halt the iteration. 4489// The provided context supersedes any context provided to the Context method. 4490func (c *PermissionsQueryTestablePermissionsCall) Pages(ctx context.Context, f func(*QueryTestablePermissionsResponse) error) error { 4491 c.ctx_ = ctx 4492 defer func(pt string) { c.querytestablepermissionsrequest.PageToken = pt }(c.querytestablepermissionsrequest.PageToken) // reset paging to original point 4493 for { 4494 x, err := c.Do() 4495 if err != nil { 4496 return err 4497 } 4498 if err := f(x); err != nil { 4499 return err 4500 } 4501 if x.NextPageToken == "" { 4502 return nil 4503 } 4504 c.querytestablepermissionsrequest.PageToken = x.NextPageToken 4505 } 4506} 4507 4508// method id "iam.projects.locations.workloadIdentityPools.create": 4509 4510type ProjectsLocationsWorkloadIdentityPoolsCreateCall struct { 4511 s *Service 4512 parent string 4513 workloadidentitypool *WorkloadIdentityPool 4514 urlParams_ gensupport.URLParams 4515 ctx_ context.Context 4516 header_ http.Header 4517} 4518 4519// Create: Creates a new WorkloadIdentityPool. You cannot reuse the name 4520// of a deleted pool until 30 days after deletion. 4521// 4522// - parent: The parent resource to create the pool in. The only 4523// supported location is `global`. 4524func (r *ProjectsLocationsWorkloadIdentityPoolsService) Create(parent string, workloadidentitypool *WorkloadIdentityPool) *ProjectsLocationsWorkloadIdentityPoolsCreateCall { 4525 c := &ProjectsLocationsWorkloadIdentityPoolsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4526 c.parent = parent 4527 c.workloadidentitypool = workloadidentitypool 4528 return c 4529} 4530 4531// WorkloadIdentityPoolId sets the optional parameter 4532// "workloadIdentityPoolId": Required. The ID to use for the pool, which 4533// becomes the final component of the resource name. This value should 4534// be 4-32 characters, and may contain the characters [a-z0-9-]. The 4535// prefix `gcp-` is reserved for use by Google, and may not be 4536// specified. 4537func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) WorkloadIdentityPoolId(workloadIdentityPoolId string) *ProjectsLocationsWorkloadIdentityPoolsCreateCall { 4538 c.urlParams_.Set("workloadIdentityPoolId", workloadIdentityPoolId) 4539 return c 4540} 4541 4542// Fields allows partial responses to be retrieved. See 4543// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4544// for more information. 4545func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsCreateCall { 4546 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4547 return c 4548} 4549 4550// Context sets the context to be used in this call's Do method. Any 4551// pending HTTP request will be aborted if the provided context is 4552// canceled. 4553func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsCreateCall { 4554 c.ctx_ = ctx 4555 return c 4556} 4557 4558// Header returns an http.Header that can be modified by the caller to 4559// add HTTP headers to the request. 4560func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Header() http.Header { 4561 if c.header_ == nil { 4562 c.header_ = make(http.Header) 4563 } 4564 return c.header_ 4565} 4566 4567func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) doRequest(alt string) (*http.Response, error) { 4568 reqHeaders := make(http.Header) 4569 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 4570 for k, v := range c.header_ { 4571 reqHeaders[k] = v 4572 } 4573 reqHeaders.Set("User-Agent", c.s.userAgent()) 4574 var body io.Reader = nil 4575 body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypool) 4576 if err != nil { 4577 return nil, err 4578 } 4579 reqHeaders.Set("Content-Type", "application/json") 4580 c.urlParams_.Set("alt", alt) 4581 c.urlParams_.Set("prettyPrint", "false") 4582 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/workloadIdentityPools") 4583 urls += "?" + c.urlParams_.Encode() 4584 req, err := http.NewRequest("POST", urls, body) 4585 if err != nil { 4586 return nil, err 4587 } 4588 req.Header = reqHeaders 4589 googleapi.Expand(req.URL, map[string]string{ 4590 "parent": c.parent, 4591 }) 4592 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4593} 4594 4595// Do executes the "iam.projects.locations.workloadIdentityPools.create" call. 4596// Exactly one of *Operation or error will be non-nil. Any non-2xx 4597// status code is an error. Response headers are in either 4598// *Operation.ServerResponse.Header or (if a response was returned at 4599// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 4600// to check whether the returned error was because 4601// http.StatusNotModified was returned. 4602func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 4603 gensupport.SetOptions(c.urlParams_, opts...) 4604 res, err := c.doRequest("json") 4605 if res != nil && res.StatusCode == http.StatusNotModified { 4606 if res.Body != nil { 4607 res.Body.Close() 4608 } 4609 return nil, &googleapi.Error{ 4610 Code: res.StatusCode, 4611 Header: res.Header, 4612 } 4613 } 4614 if err != nil { 4615 return nil, err 4616 } 4617 defer googleapi.CloseBody(res) 4618 if err := googleapi.CheckResponse(res); err != nil { 4619 return nil, err 4620 } 4621 ret := &Operation{ 4622 ServerResponse: googleapi.ServerResponse{ 4623 Header: res.Header, 4624 HTTPStatusCode: res.StatusCode, 4625 }, 4626 } 4627 target := &ret 4628 if err := gensupport.DecodeResponse(target, res); err != nil { 4629 return nil, err 4630 } 4631 return ret, nil 4632 // { 4633 // "description": "Creates a new WorkloadIdentityPool. You cannot reuse the name of a deleted pool until 30 days after deletion.", 4634 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools", 4635 // "httpMethod": "POST", 4636 // "id": "iam.projects.locations.workloadIdentityPools.create", 4637 // "parameterOrder": [ 4638 // "parent" 4639 // ], 4640 // "parameters": { 4641 // "parent": { 4642 // "description": "Required. The parent resource to create the pool in. The only supported location is `global`.", 4643 // "location": "path", 4644 // "pattern": "^projects/[^/]+/locations/[^/]+$", 4645 // "required": true, 4646 // "type": "string" 4647 // }, 4648 // "workloadIdentityPoolId": { 4649 // "description": "Required. The ID to use for the pool, which becomes the final component of the resource name. This value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix `gcp-` is reserved for use by Google, and may not be specified.", 4650 // "location": "query", 4651 // "type": "string" 4652 // } 4653 // }, 4654 // "path": "v1/{+parent}/workloadIdentityPools", 4655 // "request": { 4656 // "$ref": "WorkloadIdentityPool" 4657 // }, 4658 // "response": { 4659 // "$ref": "Operation" 4660 // }, 4661 // "scopes": [ 4662 // "https://www.googleapis.com/auth/cloud-platform" 4663 // ] 4664 // } 4665 4666} 4667 4668// method id "iam.projects.locations.workloadIdentityPools.delete": 4669 4670type ProjectsLocationsWorkloadIdentityPoolsDeleteCall struct { 4671 s *Service 4672 name string 4673 urlParams_ gensupport.URLParams 4674 ctx_ context.Context 4675 header_ http.Header 4676} 4677 4678// Delete: Deletes a WorkloadIdentityPool. You cannot use a deleted pool 4679// to exchange external credentials for Google Cloud credentials. 4680// However, deletion does not revoke credentials that have already been 4681// issued. Credentials issued for a deleted pool do not grant access to 4682// resources. If the pool is undeleted, and the credentials are not 4683// expired, they grant access again. You can undelete a pool for 30 4684// days. After 30 days, deletion is permanent. You cannot update deleted 4685// pools. However, you can view and list them. 4686// 4687// - name: The name of the pool to delete. 4688func (r *ProjectsLocationsWorkloadIdentityPoolsService) Delete(name string) *ProjectsLocationsWorkloadIdentityPoolsDeleteCall { 4689 c := &ProjectsLocationsWorkloadIdentityPoolsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4690 c.name = name 4691 return c 4692} 4693 4694// Fields allows partial responses to be retrieved. See 4695// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4696// for more information. 4697func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsDeleteCall { 4698 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4699 return c 4700} 4701 4702// Context sets the context to be used in this call's Do method. Any 4703// pending HTTP request will be aborted if the provided context is 4704// canceled. 4705func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsDeleteCall { 4706 c.ctx_ = ctx 4707 return c 4708} 4709 4710// Header returns an http.Header that can be modified by the caller to 4711// add HTTP headers to the request. 4712func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Header() http.Header { 4713 if c.header_ == nil { 4714 c.header_ = make(http.Header) 4715 } 4716 return c.header_ 4717} 4718 4719func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) doRequest(alt string) (*http.Response, error) { 4720 reqHeaders := make(http.Header) 4721 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 4722 for k, v := range c.header_ { 4723 reqHeaders[k] = v 4724 } 4725 reqHeaders.Set("User-Agent", c.s.userAgent()) 4726 var body io.Reader = nil 4727 c.urlParams_.Set("alt", alt) 4728 c.urlParams_.Set("prettyPrint", "false") 4729 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4730 urls += "?" + c.urlParams_.Encode() 4731 req, err := http.NewRequest("DELETE", urls, body) 4732 if err != nil { 4733 return nil, err 4734 } 4735 req.Header = reqHeaders 4736 googleapi.Expand(req.URL, map[string]string{ 4737 "name": c.name, 4738 }) 4739 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4740} 4741 4742// Do executes the "iam.projects.locations.workloadIdentityPools.delete" call. 4743// Exactly one of *Operation or error will be non-nil. Any non-2xx 4744// status code is an error. Response headers are in either 4745// *Operation.ServerResponse.Header or (if a response was returned at 4746// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 4747// to check whether the returned error was because 4748// http.StatusNotModified was returned. 4749func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 4750 gensupport.SetOptions(c.urlParams_, opts...) 4751 res, err := c.doRequest("json") 4752 if res != nil && res.StatusCode == http.StatusNotModified { 4753 if res.Body != nil { 4754 res.Body.Close() 4755 } 4756 return nil, &googleapi.Error{ 4757 Code: res.StatusCode, 4758 Header: res.Header, 4759 } 4760 } 4761 if err != nil { 4762 return nil, err 4763 } 4764 defer googleapi.CloseBody(res) 4765 if err := googleapi.CheckResponse(res); err != nil { 4766 return nil, err 4767 } 4768 ret := &Operation{ 4769 ServerResponse: googleapi.ServerResponse{ 4770 Header: res.Header, 4771 HTTPStatusCode: res.StatusCode, 4772 }, 4773 } 4774 target := &ret 4775 if err := gensupport.DecodeResponse(target, res); err != nil { 4776 return nil, err 4777 } 4778 return ret, nil 4779 // { 4780 // "description": "Deletes a WorkloadIdentityPool. You cannot use a deleted pool to exchange external credentials for Google Cloud credentials. However, deletion does not revoke credentials that have already been issued. Credentials issued for a deleted pool do not grant access to resources. If the pool is undeleted, and the credentials are not expired, they grant access again. You can undelete a pool for 30 days. After 30 days, deletion is permanent. You cannot update deleted pools. However, you can view and list them.", 4781 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}", 4782 // "httpMethod": "DELETE", 4783 // "id": "iam.projects.locations.workloadIdentityPools.delete", 4784 // "parameterOrder": [ 4785 // "name" 4786 // ], 4787 // "parameters": { 4788 // "name": { 4789 // "description": "Required. The name of the pool to delete.", 4790 // "location": "path", 4791 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 4792 // "required": true, 4793 // "type": "string" 4794 // } 4795 // }, 4796 // "path": "v1/{+name}", 4797 // "response": { 4798 // "$ref": "Operation" 4799 // }, 4800 // "scopes": [ 4801 // "https://www.googleapis.com/auth/cloud-platform" 4802 // ] 4803 // } 4804 4805} 4806 4807// method id "iam.projects.locations.workloadIdentityPools.get": 4808 4809type ProjectsLocationsWorkloadIdentityPoolsGetCall struct { 4810 s *Service 4811 name string 4812 urlParams_ gensupport.URLParams 4813 ifNoneMatch_ string 4814 ctx_ context.Context 4815 header_ http.Header 4816} 4817 4818// Get: Gets an individual WorkloadIdentityPool. 4819// 4820// - name: The name of the pool to retrieve. 4821func (r *ProjectsLocationsWorkloadIdentityPoolsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsGetCall { 4822 c := &ProjectsLocationsWorkloadIdentityPoolsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4823 c.name = name 4824 return c 4825} 4826 4827// Fields allows partial responses to be retrieved. See 4828// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4829// for more information. 4830func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsGetCall { 4831 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4832 return c 4833} 4834 4835// IfNoneMatch sets the optional parameter which makes the operation 4836// fail if the object's ETag matches the given value. This is useful for 4837// getting updates only after the object has changed since the last 4838// request. Use googleapi.IsNotModified to check whether the response 4839// error from Do is the result of In-None-Match. 4840func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsGetCall { 4841 c.ifNoneMatch_ = entityTag 4842 return c 4843} 4844 4845// Context sets the context to be used in this call's Do method. Any 4846// pending HTTP request will be aborted if the provided context is 4847// canceled. 4848func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsGetCall { 4849 c.ctx_ = ctx 4850 return c 4851} 4852 4853// Header returns an http.Header that can be modified by the caller to 4854// add HTTP headers to the request. 4855func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Header() http.Header { 4856 if c.header_ == nil { 4857 c.header_ = make(http.Header) 4858 } 4859 return c.header_ 4860} 4861 4862func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) doRequest(alt string) (*http.Response, error) { 4863 reqHeaders := make(http.Header) 4864 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 4865 for k, v := range c.header_ { 4866 reqHeaders[k] = v 4867 } 4868 reqHeaders.Set("User-Agent", c.s.userAgent()) 4869 if c.ifNoneMatch_ != "" { 4870 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 4871 } 4872 var body io.Reader = nil 4873 c.urlParams_.Set("alt", alt) 4874 c.urlParams_.Set("prettyPrint", "false") 4875 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4876 urls += "?" + c.urlParams_.Encode() 4877 req, err := http.NewRequest("GET", urls, body) 4878 if err != nil { 4879 return nil, err 4880 } 4881 req.Header = reqHeaders 4882 googleapi.Expand(req.URL, map[string]string{ 4883 "name": c.name, 4884 }) 4885 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4886} 4887 4888// Do executes the "iam.projects.locations.workloadIdentityPools.get" call. 4889// Exactly one of *WorkloadIdentityPool or error will be non-nil. Any 4890// non-2xx status code is an error. Response headers are in either 4891// *WorkloadIdentityPool.ServerResponse.Header or (if a response was 4892// returned at all) in error.(*googleapi.Error).Header. Use 4893// googleapi.IsNotModified to check whether the returned error was 4894// because http.StatusNotModified was returned. 4895func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Do(opts ...googleapi.CallOption) (*WorkloadIdentityPool, error) { 4896 gensupport.SetOptions(c.urlParams_, opts...) 4897 res, err := c.doRequest("json") 4898 if res != nil && res.StatusCode == http.StatusNotModified { 4899 if res.Body != nil { 4900 res.Body.Close() 4901 } 4902 return nil, &googleapi.Error{ 4903 Code: res.StatusCode, 4904 Header: res.Header, 4905 } 4906 } 4907 if err != nil { 4908 return nil, err 4909 } 4910 defer googleapi.CloseBody(res) 4911 if err := googleapi.CheckResponse(res); err != nil { 4912 return nil, err 4913 } 4914 ret := &WorkloadIdentityPool{ 4915 ServerResponse: googleapi.ServerResponse{ 4916 Header: res.Header, 4917 HTTPStatusCode: res.StatusCode, 4918 }, 4919 } 4920 target := &ret 4921 if err := gensupport.DecodeResponse(target, res); err != nil { 4922 return nil, err 4923 } 4924 return ret, nil 4925 // { 4926 // "description": "Gets an individual WorkloadIdentityPool.", 4927 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}", 4928 // "httpMethod": "GET", 4929 // "id": "iam.projects.locations.workloadIdentityPools.get", 4930 // "parameterOrder": [ 4931 // "name" 4932 // ], 4933 // "parameters": { 4934 // "name": { 4935 // "description": "Required. The name of the pool to retrieve.", 4936 // "location": "path", 4937 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 4938 // "required": true, 4939 // "type": "string" 4940 // } 4941 // }, 4942 // "path": "v1/{+name}", 4943 // "response": { 4944 // "$ref": "WorkloadIdentityPool" 4945 // }, 4946 // "scopes": [ 4947 // "https://www.googleapis.com/auth/cloud-platform" 4948 // ] 4949 // } 4950 4951} 4952 4953// method id "iam.projects.locations.workloadIdentityPools.list": 4954 4955type ProjectsLocationsWorkloadIdentityPoolsListCall struct { 4956 s *Service 4957 parent string 4958 urlParams_ gensupport.URLParams 4959 ifNoneMatch_ string 4960 ctx_ context.Context 4961 header_ http.Header 4962} 4963 4964// List: Lists all non-deleted WorkloadIdentityPools in a project. If 4965// `show_deleted` is set to `true`, then deleted pools are also listed. 4966// 4967// - parent: The parent resource to list pools for. 4968func (r *ProjectsLocationsWorkloadIdentityPoolsService) List(parent string) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4969 c := &ProjectsLocationsWorkloadIdentityPoolsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4970 c.parent = parent 4971 return c 4972} 4973 4974// PageSize sets the optional parameter "pageSize": The maximum number 4975// of pools to return. If unspecified, at most 50 pools are returned. 4976// The maximum value is 1000; values above are 1000 truncated to 1000. 4977func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) PageSize(pageSize int64) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4978 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 4979 return c 4980} 4981 4982// PageToken sets the optional parameter "pageToken": A page token, 4983// received from a previous `ListWorkloadIdentityPools` call. Provide 4984// this to retrieve the subsequent page. 4985func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) PageToken(pageToken string) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4986 c.urlParams_.Set("pageToken", pageToken) 4987 return c 4988} 4989 4990// ShowDeleted sets the optional parameter "showDeleted": Whether to 4991// return soft-deleted pools. 4992func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) ShowDeleted(showDeleted bool) *ProjectsLocationsWorkloadIdentityPoolsListCall { 4993 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 4994 return c 4995} 4996 4997// Fields allows partial responses to be retrieved. See 4998// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4999// for more information. 5000func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsListCall { 5001 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5002 return c 5003} 5004 5005// IfNoneMatch sets the optional parameter which makes the operation 5006// fail if the object's ETag matches the given value. This is useful for 5007// getting updates only after the object has changed since the last 5008// request. Use googleapi.IsNotModified to check whether the response 5009// error from Do is the result of In-None-Match. 5010func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsListCall { 5011 c.ifNoneMatch_ = entityTag 5012 return c 5013} 5014 5015// Context sets the context to be used in this call's Do method. Any 5016// pending HTTP request will be aborted if the provided context is 5017// canceled. 5018func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsListCall { 5019 c.ctx_ = ctx 5020 return c 5021} 5022 5023// Header returns an http.Header that can be modified by the caller to 5024// add HTTP headers to the request. 5025func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Header() http.Header { 5026 if c.header_ == nil { 5027 c.header_ = make(http.Header) 5028 } 5029 return c.header_ 5030} 5031 5032func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) doRequest(alt string) (*http.Response, error) { 5033 reqHeaders := make(http.Header) 5034 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 5035 for k, v := range c.header_ { 5036 reqHeaders[k] = v 5037 } 5038 reqHeaders.Set("User-Agent", c.s.userAgent()) 5039 if c.ifNoneMatch_ != "" { 5040 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5041 } 5042 var body io.Reader = nil 5043 c.urlParams_.Set("alt", alt) 5044 c.urlParams_.Set("prettyPrint", "false") 5045 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/workloadIdentityPools") 5046 urls += "?" + c.urlParams_.Encode() 5047 req, err := http.NewRequest("GET", urls, body) 5048 if err != nil { 5049 return nil, err 5050 } 5051 req.Header = reqHeaders 5052 googleapi.Expand(req.URL, map[string]string{ 5053 "parent": c.parent, 5054 }) 5055 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5056} 5057 5058// Do executes the "iam.projects.locations.workloadIdentityPools.list" call. 5059// Exactly one of *ListWorkloadIdentityPoolsResponse or error will be 5060// non-nil. Any non-2xx status code is an error. Response headers are in 5061// either *ListWorkloadIdentityPoolsResponse.ServerResponse.Header or 5062// (if a response was returned at all) in 5063// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 5064// whether the returned error was because http.StatusNotModified was 5065// returned. 5066func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Do(opts ...googleapi.CallOption) (*ListWorkloadIdentityPoolsResponse, error) { 5067 gensupport.SetOptions(c.urlParams_, opts...) 5068 res, err := c.doRequest("json") 5069 if res != nil && res.StatusCode == http.StatusNotModified { 5070 if res.Body != nil { 5071 res.Body.Close() 5072 } 5073 return nil, &googleapi.Error{ 5074 Code: res.StatusCode, 5075 Header: res.Header, 5076 } 5077 } 5078 if err != nil { 5079 return nil, err 5080 } 5081 defer googleapi.CloseBody(res) 5082 if err := googleapi.CheckResponse(res); err != nil { 5083 return nil, err 5084 } 5085 ret := &ListWorkloadIdentityPoolsResponse{ 5086 ServerResponse: googleapi.ServerResponse{ 5087 Header: res.Header, 5088 HTTPStatusCode: res.StatusCode, 5089 }, 5090 } 5091 target := &ret 5092 if err := gensupport.DecodeResponse(target, res); err != nil { 5093 return nil, err 5094 } 5095 return ret, nil 5096 // { 5097 // "description": "Lists all non-deleted WorkloadIdentityPools in a project. If `show_deleted` is set to `true`, then deleted pools are also listed.", 5098 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools", 5099 // "httpMethod": "GET", 5100 // "id": "iam.projects.locations.workloadIdentityPools.list", 5101 // "parameterOrder": [ 5102 // "parent" 5103 // ], 5104 // "parameters": { 5105 // "pageSize": { 5106 // "description": "The maximum number of pools to return. If unspecified, at most 50 pools are returned. The maximum value is 1000; values above are 1000 truncated to 1000.", 5107 // "format": "int32", 5108 // "location": "query", 5109 // "type": "integer" 5110 // }, 5111 // "pageToken": { 5112 // "description": "A page token, received from a previous `ListWorkloadIdentityPools` call. Provide this to retrieve the subsequent page.", 5113 // "location": "query", 5114 // "type": "string" 5115 // }, 5116 // "parent": { 5117 // "description": "Required. The parent resource to list pools for.", 5118 // "location": "path", 5119 // "pattern": "^projects/[^/]+/locations/[^/]+$", 5120 // "required": true, 5121 // "type": "string" 5122 // }, 5123 // "showDeleted": { 5124 // "description": "Whether to return soft-deleted pools.", 5125 // "location": "query", 5126 // "type": "boolean" 5127 // } 5128 // }, 5129 // "path": "v1/{+parent}/workloadIdentityPools", 5130 // "response": { 5131 // "$ref": "ListWorkloadIdentityPoolsResponse" 5132 // }, 5133 // "scopes": [ 5134 // "https://www.googleapis.com/auth/cloud-platform" 5135 // ] 5136 // } 5137 5138} 5139 5140// Pages invokes f for each page of results. 5141// A non-nil error returned from f will halt the iteration. 5142// The provided context supersedes any context provided to the Context method. 5143func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Pages(ctx context.Context, f func(*ListWorkloadIdentityPoolsResponse) error) error { 5144 c.ctx_ = ctx 5145 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 5146 for { 5147 x, err := c.Do() 5148 if err != nil { 5149 return err 5150 } 5151 if err := f(x); err != nil { 5152 return err 5153 } 5154 if x.NextPageToken == "" { 5155 return nil 5156 } 5157 c.PageToken(x.NextPageToken) 5158 } 5159} 5160 5161// method id "iam.projects.locations.workloadIdentityPools.patch": 5162 5163type ProjectsLocationsWorkloadIdentityPoolsPatchCall struct { 5164 s *Service 5165 name string 5166 workloadidentitypool *WorkloadIdentityPool 5167 urlParams_ gensupport.URLParams 5168 ctx_ context.Context 5169 header_ http.Header 5170} 5171 5172// Patch: Updates an existing WorkloadIdentityPool. 5173// 5174// - name: Output only. The resource name of the pool. 5175func (r *ProjectsLocationsWorkloadIdentityPoolsService) Patch(name string, workloadidentitypool *WorkloadIdentityPool) *ProjectsLocationsWorkloadIdentityPoolsPatchCall { 5176 c := &ProjectsLocationsWorkloadIdentityPoolsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5177 c.name = name 5178 c.workloadidentitypool = workloadidentitypool 5179 return c 5180} 5181 5182// UpdateMask sets the optional parameter "updateMask": Required. The 5183// list of fields to update. 5184func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) UpdateMask(updateMask string) *ProjectsLocationsWorkloadIdentityPoolsPatchCall { 5185 c.urlParams_.Set("updateMask", updateMask) 5186 return c 5187} 5188 5189// Fields allows partial responses to be retrieved. See 5190// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5191// for more information. 5192func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsPatchCall { 5193 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5194 return c 5195} 5196 5197// Context sets the context to be used in this call's Do method. Any 5198// pending HTTP request will be aborted if the provided context is 5199// canceled. 5200func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsPatchCall { 5201 c.ctx_ = ctx 5202 return c 5203} 5204 5205// Header returns an http.Header that can be modified by the caller to 5206// add HTTP headers to the request. 5207func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Header() http.Header { 5208 if c.header_ == nil { 5209 c.header_ = make(http.Header) 5210 } 5211 return c.header_ 5212} 5213 5214func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) doRequest(alt string) (*http.Response, error) { 5215 reqHeaders := make(http.Header) 5216 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 5217 for k, v := range c.header_ { 5218 reqHeaders[k] = v 5219 } 5220 reqHeaders.Set("User-Agent", c.s.userAgent()) 5221 var body io.Reader = nil 5222 body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypool) 5223 if err != nil { 5224 return nil, err 5225 } 5226 reqHeaders.Set("Content-Type", "application/json") 5227 c.urlParams_.Set("alt", alt) 5228 c.urlParams_.Set("prettyPrint", "false") 5229 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5230 urls += "?" + c.urlParams_.Encode() 5231 req, err := http.NewRequest("PATCH", urls, body) 5232 if err != nil { 5233 return nil, err 5234 } 5235 req.Header = reqHeaders 5236 googleapi.Expand(req.URL, map[string]string{ 5237 "name": c.name, 5238 }) 5239 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5240} 5241 5242// Do executes the "iam.projects.locations.workloadIdentityPools.patch" call. 5243// Exactly one of *Operation or error will be non-nil. Any non-2xx 5244// status code is an error. Response headers are in either 5245// *Operation.ServerResponse.Header or (if a response was returned at 5246// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5247// to check whether the returned error was because 5248// http.StatusNotModified was returned. 5249func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 5250 gensupport.SetOptions(c.urlParams_, opts...) 5251 res, err := c.doRequest("json") 5252 if res != nil && res.StatusCode == http.StatusNotModified { 5253 if res.Body != nil { 5254 res.Body.Close() 5255 } 5256 return nil, &googleapi.Error{ 5257 Code: res.StatusCode, 5258 Header: res.Header, 5259 } 5260 } 5261 if err != nil { 5262 return nil, err 5263 } 5264 defer googleapi.CloseBody(res) 5265 if err := googleapi.CheckResponse(res); err != nil { 5266 return nil, err 5267 } 5268 ret := &Operation{ 5269 ServerResponse: googleapi.ServerResponse{ 5270 Header: res.Header, 5271 HTTPStatusCode: res.StatusCode, 5272 }, 5273 } 5274 target := &ret 5275 if err := gensupport.DecodeResponse(target, res); err != nil { 5276 return nil, err 5277 } 5278 return ret, nil 5279 // { 5280 // "description": "Updates an existing WorkloadIdentityPool.", 5281 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}", 5282 // "httpMethod": "PATCH", 5283 // "id": "iam.projects.locations.workloadIdentityPools.patch", 5284 // "parameterOrder": [ 5285 // "name" 5286 // ], 5287 // "parameters": { 5288 // "name": { 5289 // "description": "Output only. The resource name of the pool.", 5290 // "location": "path", 5291 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 5292 // "required": true, 5293 // "type": "string" 5294 // }, 5295 // "updateMask": { 5296 // "description": "Required. The list of fields to update.", 5297 // "format": "google-fieldmask", 5298 // "location": "query", 5299 // "type": "string" 5300 // } 5301 // }, 5302 // "path": "v1/{+name}", 5303 // "request": { 5304 // "$ref": "WorkloadIdentityPool" 5305 // }, 5306 // "response": { 5307 // "$ref": "Operation" 5308 // }, 5309 // "scopes": [ 5310 // "https://www.googleapis.com/auth/cloud-platform" 5311 // ] 5312 // } 5313 5314} 5315 5316// method id "iam.projects.locations.workloadIdentityPools.undelete": 5317 5318type ProjectsLocationsWorkloadIdentityPoolsUndeleteCall struct { 5319 s *Service 5320 name string 5321 undeleteworkloadidentitypoolrequest *UndeleteWorkloadIdentityPoolRequest 5322 urlParams_ gensupport.URLParams 5323 ctx_ context.Context 5324 header_ http.Header 5325} 5326 5327// Undelete: Undeletes a WorkloadIdentityPool, as long as it was deleted 5328// fewer than 30 days ago. 5329// 5330// - name: The name of the pool to undelete. 5331func (r *ProjectsLocationsWorkloadIdentityPoolsService) Undelete(name string, undeleteworkloadidentitypoolrequest *UndeleteWorkloadIdentityPoolRequest) *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall { 5332 c := &ProjectsLocationsWorkloadIdentityPoolsUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5333 c.name = name 5334 c.undeleteworkloadidentitypoolrequest = undeleteworkloadidentitypoolrequest 5335 return c 5336} 5337 5338// Fields allows partial responses to be retrieved. See 5339// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5340// for more information. 5341func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall { 5342 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5343 return c 5344} 5345 5346// Context sets the context to be used in this call's Do method. Any 5347// pending HTTP request will be aborted if the provided context is 5348// canceled. 5349func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall { 5350 c.ctx_ = ctx 5351 return c 5352} 5353 5354// Header returns an http.Header that can be modified by the caller to 5355// add HTTP headers to the request. 5356func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Header() http.Header { 5357 if c.header_ == nil { 5358 c.header_ = make(http.Header) 5359 } 5360 return c.header_ 5361} 5362 5363func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) doRequest(alt string) (*http.Response, error) { 5364 reqHeaders := make(http.Header) 5365 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 5366 for k, v := range c.header_ { 5367 reqHeaders[k] = v 5368 } 5369 reqHeaders.Set("User-Agent", c.s.userAgent()) 5370 var body io.Reader = nil 5371 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteworkloadidentitypoolrequest) 5372 if err != nil { 5373 return nil, err 5374 } 5375 reqHeaders.Set("Content-Type", "application/json") 5376 c.urlParams_.Set("alt", alt) 5377 c.urlParams_.Set("prettyPrint", "false") 5378 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 5379 urls += "?" + c.urlParams_.Encode() 5380 req, err := http.NewRequest("POST", urls, body) 5381 if err != nil { 5382 return nil, err 5383 } 5384 req.Header = reqHeaders 5385 googleapi.Expand(req.URL, map[string]string{ 5386 "name": c.name, 5387 }) 5388 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5389} 5390 5391// Do executes the "iam.projects.locations.workloadIdentityPools.undelete" call. 5392// Exactly one of *Operation or error will be non-nil. Any non-2xx 5393// status code is an error. Response headers are in either 5394// *Operation.ServerResponse.Header or (if a response was returned at 5395// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5396// to check whether the returned error was because 5397// http.StatusNotModified was returned. 5398func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 5399 gensupport.SetOptions(c.urlParams_, opts...) 5400 res, err := c.doRequest("json") 5401 if res != nil && res.StatusCode == http.StatusNotModified { 5402 if res.Body != nil { 5403 res.Body.Close() 5404 } 5405 return nil, &googleapi.Error{ 5406 Code: res.StatusCode, 5407 Header: res.Header, 5408 } 5409 } 5410 if err != nil { 5411 return nil, err 5412 } 5413 defer googleapi.CloseBody(res) 5414 if err := googleapi.CheckResponse(res); err != nil { 5415 return nil, err 5416 } 5417 ret := &Operation{ 5418 ServerResponse: googleapi.ServerResponse{ 5419 Header: res.Header, 5420 HTTPStatusCode: res.StatusCode, 5421 }, 5422 } 5423 target := &ret 5424 if err := gensupport.DecodeResponse(target, res); err != nil { 5425 return nil, err 5426 } 5427 return ret, nil 5428 // { 5429 // "description": "Undeletes a WorkloadIdentityPool, as long as it was deleted fewer than 30 days ago.", 5430 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}:undelete", 5431 // "httpMethod": "POST", 5432 // "id": "iam.projects.locations.workloadIdentityPools.undelete", 5433 // "parameterOrder": [ 5434 // "name" 5435 // ], 5436 // "parameters": { 5437 // "name": { 5438 // "description": "Required. The name of the pool to undelete.", 5439 // "location": "path", 5440 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 5441 // "required": true, 5442 // "type": "string" 5443 // } 5444 // }, 5445 // "path": "v1/{+name}:undelete", 5446 // "request": { 5447 // "$ref": "UndeleteWorkloadIdentityPoolRequest" 5448 // }, 5449 // "response": { 5450 // "$ref": "Operation" 5451 // }, 5452 // "scopes": [ 5453 // "https://www.googleapis.com/auth/cloud-platform" 5454 // ] 5455 // } 5456 5457} 5458 5459// method id "iam.projects.locations.workloadIdentityPools.operations.get": 5460 5461type ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall struct { 5462 s *Service 5463 name string 5464 urlParams_ gensupport.URLParams 5465 ifNoneMatch_ string 5466 ctx_ context.Context 5467 header_ http.Header 5468} 5469 5470// Get: Gets the latest state of a long-running operation. Clients can 5471// use this method to poll the operation result at intervals as 5472// recommended by the API service. 5473// 5474// - name: The name of the operation resource. 5475func (r *ProjectsLocationsWorkloadIdentityPoolsOperationsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall { 5476 c := &ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5477 c.name = name 5478 return c 5479} 5480 5481// Fields allows partial responses to be retrieved. See 5482// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5483// for more information. 5484func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall { 5485 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5486 return c 5487} 5488 5489// IfNoneMatch sets the optional parameter which makes the operation 5490// fail if the object's ETag matches the given value. This is useful for 5491// getting updates only after the object has changed since the last 5492// request. Use googleapi.IsNotModified to check whether the response 5493// error from Do is the result of In-None-Match. 5494func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall { 5495 c.ifNoneMatch_ = entityTag 5496 return c 5497} 5498 5499// Context sets the context to be used in this call's Do method. Any 5500// pending HTTP request will be aborted if the provided context is 5501// canceled. 5502func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall { 5503 c.ctx_ = ctx 5504 return c 5505} 5506 5507// Header returns an http.Header that can be modified by the caller to 5508// add HTTP headers to the request. 5509func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Header() http.Header { 5510 if c.header_ == nil { 5511 c.header_ = make(http.Header) 5512 } 5513 return c.header_ 5514} 5515 5516func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) doRequest(alt string) (*http.Response, error) { 5517 reqHeaders := make(http.Header) 5518 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 5519 for k, v := range c.header_ { 5520 reqHeaders[k] = v 5521 } 5522 reqHeaders.Set("User-Agent", c.s.userAgent()) 5523 if c.ifNoneMatch_ != "" { 5524 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5525 } 5526 var body io.Reader = nil 5527 c.urlParams_.Set("alt", alt) 5528 c.urlParams_.Set("prettyPrint", "false") 5529 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5530 urls += "?" + c.urlParams_.Encode() 5531 req, err := http.NewRequest("GET", urls, body) 5532 if err != nil { 5533 return nil, err 5534 } 5535 req.Header = reqHeaders 5536 googleapi.Expand(req.URL, map[string]string{ 5537 "name": c.name, 5538 }) 5539 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5540} 5541 5542// Do executes the "iam.projects.locations.workloadIdentityPools.operations.get" call. 5543// Exactly one of *Operation or error will be non-nil. Any non-2xx 5544// status code is an error. Response headers are in either 5545// *Operation.ServerResponse.Header or (if a response was returned at 5546// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5547// to check whether the returned error was because 5548// http.StatusNotModified was returned. 5549func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 5550 gensupport.SetOptions(c.urlParams_, opts...) 5551 res, err := c.doRequest("json") 5552 if res != nil && res.StatusCode == http.StatusNotModified { 5553 if res.Body != nil { 5554 res.Body.Close() 5555 } 5556 return nil, &googleapi.Error{ 5557 Code: res.StatusCode, 5558 Header: res.Header, 5559 } 5560 } 5561 if err != nil { 5562 return nil, err 5563 } 5564 defer googleapi.CloseBody(res) 5565 if err := googleapi.CheckResponse(res); err != nil { 5566 return nil, err 5567 } 5568 ret := &Operation{ 5569 ServerResponse: googleapi.ServerResponse{ 5570 Header: res.Header, 5571 HTTPStatusCode: res.StatusCode, 5572 }, 5573 } 5574 target := &ret 5575 if err := gensupport.DecodeResponse(target, res); err != nil { 5576 return nil, err 5577 } 5578 return ret, nil 5579 // { 5580 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 5581 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/operations/{operationsId}", 5582 // "httpMethod": "GET", 5583 // "id": "iam.projects.locations.workloadIdentityPools.operations.get", 5584 // "parameterOrder": [ 5585 // "name" 5586 // ], 5587 // "parameters": { 5588 // "name": { 5589 // "description": "The name of the operation resource.", 5590 // "location": "path", 5591 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/operations/[^/]+$", 5592 // "required": true, 5593 // "type": "string" 5594 // } 5595 // }, 5596 // "path": "v1/{+name}", 5597 // "response": { 5598 // "$ref": "Operation" 5599 // }, 5600 // "scopes": [ 5601 // "https://www.googleapis.com/auth/cloud-platform" 5602 // ] 5603 // } 5604 5605} 5606 5607// method id "iam.projects.locations.workloadIdentityPools.providers.create": 5608 5609type ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall struct { 5610 s *Service 5611 parent string 5612 workloadidentitypoolprovider *WorkloadIdentityPoolProvider 5613 urlParams_ gensupport.URLParams 5614 ctx_ context.Context 5615 header_ http.Header 5616} 5617 5618// Create: Creates a new WorkloadIdentityPoolProvider in a 5619// WorkloadIdentityPool. You cannot reuse the name of a deleted provider 5620// until 30 days after deletion. 5621// 5622// - parent: The pool to create this provider in. 5623func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Create(parent string, workloadidentitypoolprovider *WorkloadIdentityPoolProvider) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall { 5624 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5625 c.parent = parent 5626 c.workloadidentitypoolprovider = workloadidentitypoolprovider 5627 return c 5628} 5629 5630// WorkloadIdentityPoolProviderId sets the optional parameter 5631// "workloadIdentityPoolProviderId": Required. The ID for the provider, 5632// which becomes the final component of the resource name. This value 5633// must be 4-32 characters, and may contain the characters [a-z0-9-]. 5634// The prefix `gcp-` is reserved for use by Google, and may not be 5635// specified. 5636func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) WorkloadIdentityPoolProviderId(workloadIdentityPoolProviderId string) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall { 5637 c.urlParams_.Set("workloadIdentityPoolProviderId", workloadIdentityPoolProviderId) 5638 return c 5639} 5640 5641// Fields allows partial responses to be retrieved. See 5642// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5643// for more information. 5644func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall { 5645 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5646 return c 5647} 5648 5649// Context sets the context to be used in this call's Do method. Any 5650// pending HTTP request will be aborted if the provided context is 5651// canceled. 5652func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall { 5653 c.ctx_ = ctx 5654 return c 5655} 5656 5657// Header returns an http.Header that can be modified by the caller to 5658// add HTTP headers to the request. 5659func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Header() http.Header { 5660 if c.header_ == nil { 5661 c.header_ = make(http.Header) 5662 } 5663 return c.header_ 5664} 5665 5666func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) doRequest(alt string) (*http.Response, error) { 5667 reqHeaders := make(http.Header) 5668 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 5669 for k, v := range c.header_ { 5670 reqHeaders[k] = v 5671 } 5672 reqHeaders.Set("User-Agent", c.s.userAgent()) 5673 var body io.Reader = nil 5674 body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypoolprovider) 5675 if err != nil { 5676 return nil, err 5677 } 5678 reqHeaders.Set("Content-Type", "application/json") 5679 c.urlParams_.Set("alt", alt) 5680 c.urlParams_.Set("prettyPrint", "false") 5681 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/providers") 5682 urls += "?" + c.urlParams_.Encode() 5683 req, err := http.NewRequest("POST", urls, body) 5684 if err != nil { 5685 return nil, err 5686 } 5687 req.Header = reqHeaders 5688 googleapi.Expand(req.URL, map[string]string{ 5689 "parent": c.parent, 5690 }) 5691 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5692} 5693 5694// Do executes the "iam.projects.locations.workloadIdentityPools.providers.create" call. 5695// Exactly one of *Operation or error will be non-nil. Any non-2xx 5696// status code is an error. Response headers are in either 5697// *Operation.ServerResponse.Header or (if a response was returned at 5698// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5699// to check whether the returned error was because 5700// http.StatusNotModified was returned. 5701func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 5702 gensupport.SetOptions(c.urlParams_, opts...) 5703 res, err := c.doRequest("json") 5704 if res != nil && res.StatusCode == http.StatusNotModified { 5705 if res.Body != nil { 5706 res.Body.Close() 5707 } 5708 return nil, &googleapi.Error{ 5709 Code: res.StatusCode, 5710 Header: res.Header, 5711 } 5712 } 5713 if err != nil { 5714 return nil, err 5715 } 5716 defer googleapi.CloseBody(res) 5717 if err := googleapi.CheckResponse(res); err != nil { 5718 return nil, err 5719 } 5720 ret := &Operation{ 5721 ServerResponse: googleapi.ServerResponse{ 5722 Header: res.Header, 5723 HTTPStatusCode: res.StatusCode, 5724 }, 5725 } 5726 target := &ret 5727 if err := gensupport.DecodeResponse(target, res); err != nil { 5728 return nil, err 5729 } 5730 return ret, nil 5731 // { 5732 // "description": "Creates a new WorkloadIdentityPoolProvider in a WorkloadIdentityPool. You cannot reuse the name of a deleted provider until 30 days after deletion.", 5733 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers", 5734 // "httpMethod": "POST", 5735 // "id": "iam.projects.locations.workloadIdentityPools.providers.create", 5736 // "parameterOrder": [ 5737 // "parent" 5738 // ], 5739 // "parameters": { 5740 // "parent": { 5741 // "description": "Required. The pool to create this provider in.", 5742 // "location": "path", 5743 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 5744 // "required": true, 5745 // "type": "string" 5746 // }, 5747 // "workloadIdentityPoolProviderId": { 5748 // "description": "Required. The ID for the provider, which becomes the final component of the resource name. This value must be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix `gcp-` is reserved for use by Google, and may not be specified.", 5749 // "location": "query", 5750 // "type": "string" 5751 // } 5752 // }, 5753 // "path": "v1/{+parent}/providers", 5754 // "request": { 5755 // "$ref": "WorkloadIdentityPoolProvider" 5756 // }, 5757 // "response": { 5758 // "$ref": "Operation" 5759 // }, 5760 // "scopes": [ 5761 // "https://www.googleapis.com/auth/cloud-platform" 5762 // ] 5763 // } 5764 5765} 5766 5767// method id "iam.projects.locations.workloadIdentityPools.providers.delete": 5768 5769type ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall struct { 5770 s *Service 5771 name string 5772 urlParams_ gensupport.URLParams 5773 ctx_ context.Context 5774 header_ http.Header 5775} 5776 5777// Delete: Deletes a WorkloadIdentityPoolProvider. Deleting a provider 5778// does not revoke credentials that have already been issued; they 5779// continue to grant access. You can undelete a provider for 30 days. 5780// After 30 days, deletion is permanent. You cannot update deleted 5781// providers. However, you can view and list them. 5782// 5783// - name: The name of the provider to delete. 5784func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Delete(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall { 5785 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5786 c.name = name 5787 return c 5788} 5789 5790// Fields allows partial responses to be retrieved. See 5791// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5792// for more information. 5793func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall { 5794 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5795 return c 5796} 5797 5798// Context sets the context to be used in this call's Do method. Any 5799// pending HTTP request will be aborted if the provided context is 5800// canceled. 5801func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall { 5802 c.ctx_ = ctx 5803 return c 5804} 5805 5806// Header returns an http.Header that can be modified by the caller to 5807// add HTTP headers to the request. 5808func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Header() http.Header { 5809 if c.header_ == nil { 5810 c.header_ = make(http.Header) 5811 } 5812 return c.header_ 5813} 5814 5815func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) doRequest(alt string) (*http.Response, error) { 5816 reqHeaders := make(http.Header) 5817 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 5818 for k, v := range c.header_ { 5819 reqHeaders[k] = v 5820 } 5821 reqHeaders.Set("User-Agent", c.s.userAgent()) 5822 var body io.Reader = nil 5823 c.urlParams_.Set("alt", alt) 5824 c.urlParams_.Set("prettyPrint", "false") 5825 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5826 urls += "?" + c.urlParams_.Encode() 5827 req, err := http.NewRequest("DELETE", urls, body) 5828 if err != nil { 5829 return nil, err 5830 } 5831 req.Header = reqHeaders 5832 googleapi.Expand(req.URL, map[string]string{ 5833 "name": c.name, 5834 }) 5835 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5836} 5837 5838// Do executes the "iam.projects.locations.workloadIdentityPools.providers.delete" call. 5839// Exactly one of *Operation or error will be non-nil. Any non-2xx 5840// status code is an error. Response headers are in either 5841// *Operation.ServerResponse.Header or (if a response was returned at 5842// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 5843// to check whether the returned error was because 5844// http.StatusNotModified was returned. 5845func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 5846 gensupport.SetOptions(c.urlParams_, opts...) 5847 res, err := c.doRequest("json") 5848 if res != nil && res.StatusCode == http.StatusNotModified { 5849 if res.Body != nil { 5850 res.Body.Close() 5851 } 5852 return nil, &googleapi.Error{ 5853 Code: res.StatusCode, 5854 Header: res.Header, 5855 } 5856 } 5857 if err != nil { 5858 return nil, err 5859 } 5860 defer googleapi.CloseBody(res) 5861 if err := googleapi.CheckResponse(res); err != nil { 5862 return nil, err 5863 } 5864 ret := &Operation{ 5865 ServerResponse: googleapi.ServerResponse{ 5866 Header: res.Header, 5867 HTTPStatusCode: res.StatusCode, 5868 }, 5869 } 5870 target := &ret 5871 if err := gensupport.DecodeResponse(target, res); err != nil { 5872 return nil, err 5873 } 5874 return ret, nil 5875 // { 5876 // "description": "Deletes a WorkloadIdentityPoolProvider. Deleting a provider does not revoke credentials that have already been issued; they continue to grant access. You can undelete a provider for 30 days. After 30 days, deletion is permanent. You cannot update deleted providers. However, you can view and list them.", 5877 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}", 5878 // "httpMethod": "DELETE", 5879 // "id": "iam.projects.locations.workloadIdentityPools.providers.delete", 5880 // "parameterOrder": [ 5881 // "name" 5882 // ], 5883 // "parameters": { 5884 // "name": { 5885 // "description": "Required. The name of the provider to delete.", 5886 // "location": "path", 5887 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+$", 5888 // "required": true, 5889 // "type": "string" 5890 // } 5891 // }, 5892 // "path": "v1/{+name}", 5893 // "response": { 5894 // "$ref": "Operation" 5895 // }, 5896 // "scopes": [ 5897 // "https://www.googleapis.com/auth/cloud-platform" 5898 // ] 5899 // } 5900 5901} 5902 5903// method id "iam.projects.locations.workloadIdentityPools.providers.get": 5904 5905type ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall struct { 5906 s *Service 5907 name string 5908 urlParams_ gensupport.URLParams 5909 ifNoneMatch_ string 5910 ctx_ context.Context 5911 header_ http.Header 5912} 5913 5914// Get: Gets an individual WorkloadIdentityPoolProvider. 5915// 5916// - name: The name of the provider to retrieve. 5917func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall { 5918 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5919 c.name = name 5920 return c 5921} 5922 5923// Fields allows partial responses to be retrieved. See 5924// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5925// for more information. 5926func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall { 5927 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5928 return c 5929} 5930 5931// IfNoneMatch sets the optional parameter which makes the operation 5932// fail if the object's ETag matches the given value. This is useful for 5933// getting updates only after the object has changed since the last 5934// request. Use googleapi.IsNotModified to check whether the response 5935// error from Do is the result of In-None-Match. 5936func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall { 5937 c.ifNoneMatch_ = entityTag 5938 return c 5939} 5940 5941// Context sets the context to be used in this call's Do method. Any 5942// pending HTTP request will be aborted if the provided context is 5943// canceled. 5944func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall { 5945 c.ctx_ = ctx 5946 return c 5947} 5948 5949// Header returns an http.Header that can be modified by the caller to 5950// add HTTP headers to the request. 5951func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Header() http.Header { 5952 if c.header_ == nil { 5953 c.header_ = make(http.Header) 5954 } 5955 return c.header_ 5956} 5957 5958func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) doRequest(alt string) (*http.Response, error) { 5959 reqHeaders := make(http.Header) 5960 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 5961 for k, v := range c.header_ { 5962 reqHeaders[k] = v 5963 } 5964 reqHeaders.Set("User-Agent", c.s.userAgent()) 5965 if c.ifNoneMatch_ != "" { 5966 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5967 } 5968 var body io.Reader = nil 5969 c.urlParams_.Set("alt", alt) 5970 c.urlParams_.Set("prettyPrint", "false") 5971 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5972 urls += "?" + c.urlParams_.Encode() 5973 req, err := http.NewRequest("GET", urls, body) 5974 if err != nil { 5975 return nil, err 5976 } 5977 req.Header = reqHeaders 5978 googleapi.Expand(req.URL, map[string]string{ 5979 "name": c.name, 5980 }) 5981 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5982} 5983 5984// Do executes the "iam.projects.locations.workloadIdentityPools.providers.get" call. 5985// Exactly one of *WorkloadIdentityPoolProvider or error will be 5986// non-nil. Any non-2xx status code is an error. Response headers are in 5987// either *WorkloadIdentityPoolProvider.ServerResponse.Header or (if a 5988// response was returned at all) in error.(*googleapi.Error).Header. Use 5989// googleapi.IsNotModified to check whether the returned error was 5990// because http.StatusNotModified was returned. 5991func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Do(opts ...googleapi.CallOption) (*WorkloadIdentityPoolProvider, error) { 5992 gensupport.SetOptions(c.urlParams_, opts...) 5993 res, err := c.doRequest("json") 5994 if res != nil && res.StatusCode == http.StatusNotModified { 5995 if res.Body != nil { 5996 res.Body.Close() 5997 } 5998 return nil, &googleapi.Error{ 5999 Code: res.StatusCode, 6000 Header: res.Header, 6001 } 6002 } 6003 if err != nil { 6004 return nil, err 6005 } 6006 defer googleapi.CloseBody(res) 6007 if err := googleapi.CheckResponse(res); err != nil { 6008 return nil, err 6009 } 6010 ret := &WorkloadIdentityPoolProvider{ 6011 ServerResponse: googleapi.ServerResponse{ 6012 Header: res.Header, 6013 HTTPStatusCode: res.StatusCode, 6014 }, 6015 } 6016 target := &ret 6017 if err := gensupport.DecodeResponse(target, res); err != nil { 6018 return nil, err 6019 } 6020 return ret, nil 6021 // { 6022 // "description": "Gets an individual WorkloadIdentityPoolProvider.", 6023 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}", 6024 // "httpMethod": "GET", 6025 // "id": "iam.projects.locations.workloadIdentityPools.providers.get", 6026 // "parameterOrder": [ 6027 // "name" 6028 // ], 6029 // "parameters": { 6030 // "name": { 6031 // "description": "Required. The name of the provider to retrieve.", 6032 // "location": "path", 6033 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+$", 6034 // "required": true, 6035 // "type": "string" 6036 // } 6037 // }, 6038 // "path": "v1/{+name}", 6039 // "response": { 6040 // "$ref": "WorkloadIdentityPoolProvider" 6041 // }, 6042 // "scopes": [ 6043 // "https://www.googleapis.com/auth/cloud-platform" 6044 // ] 6045 // } 6046 6047} 6048 6049// method id "iam.projects.locations.workloadIdentityPools.providers.list": 6050 6051type ProjectsLocationsWorkloadIdentityPoolsProvidersListCall struct { 6052 s *Service 6053 parent string 6054 urlParams_ gensupport.URLParams 6055 ifNoneMatch_ string 6056 ctx_ context.Context 6057 header_ http.Header 6058} 6059 6060// List: Lists all non-deleted WorkloadIdentityPoolProviders in a 6061// WorkloadIdentityPool. If `show_deleted` is set to `true`, then 6062// deleted providers are also listed. 6063// 6064// - parent: The pool to list providers for. 6065func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) List(parent string) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 6066 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6067 c.parent = parent 6068 return c 6069} 6070 6071// PageSize sets the optional parameter "pageSize": The maximum number 6072// of providers to return. If unspecified, at most 50 providers are 6073// returned. The maximum value is 100; values above 100 are truncated to 6074// 100. 6075func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) PageSize(pageSize int64) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 6076 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 6077 return c 6078} 6079 6080// PageToken sets the optional parameter "pageToken": A page token, 6081// received from a previous `ListWorkloadIdentityPoolProviders` call. 6082// Provide this to retrieve the subsequent page. 6083func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) PageToken(pageToken string) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 6084 c.urlParams_.Set("pageToken", pageToken) 6085 return c 6086} 6087 6088// ShowDeleted sets the optional parameter "showDeleted": Whether to 6089// return soft-deleted providers. 6090func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) ShowDeleted(showDeleted bool) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 6091 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 6092 return c 6093} 6094 6095// Fields allows partial responses to be retrieved. See 6096// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6097// for more information. 6098func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 6099 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6100 return c 6101} 6102 6103// IfNoneMatch sets the optional parameter which makes the operation 6104// fail if the object's ETag matches the given value. This is useful for 6105// getting updates only after the object has changed since the last 6106// request. Use googleapi.IsNotModified to check whether the response 6107// error from Do is the result of In-None-Match. 6108func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 6109 c.ifNoneMatch_ = entityTag 6110 return c 6111} 6112 6113// Context sets the context to be used in this call's Do method. Any 6114// pending HTTP request will be aborted if the provided context is 6115// canceled. 6116func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall { 6117 c.ctx_ = ctx 6118 return c 6119} 6120 6121// Header returns an http.Header that can be modified by the caller to 6122// add HTTP headers to the request. 6123func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Header() http.Header { 6124 if c.header_ == nil { 6125 c.header_ = make(http.Header) 6126 } 6127 return c.header_ 6128} 6129 6130func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) doRequest(alt string) (*http.Response, error) { 6131 reqHeaders := make(http.Header) 6132 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 6133 for k, v := range c.header_ { 6134 reqHeaders[k] = v 6135 } 6136 reqHeaders.Set("User-Agent", c.s.userAgent()) 6137 if c.ifNoneMatch_ != "" { 6138 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6139 } 6140 var body io.Reader = nil 6141 c.urlParams_.Set("alt", alt) 6142 c.urlParams_.Set("prettyPrint", "false") 6143 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/providers") 6144 urls += "?" + c.urlParams_.Encode() 6145 req, err := http.NewRequest("GET", urls, body) 6146 if err != nil { 6147 return nil, err 6148 } 6149 req.Header = reqHeaders 6150 googleapi.Expand(req.URL, map[string]string{ 6151 "parent": c.parent, 6152 }) 6153 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6154} 6155 6156// Do executes the "iam.projects.locations.workloadIdentityPools.providers.list" call. 6157// Exactly one of *ListWorkloadIdentityPoolProvidersResponse or error 6158// will be non-nil. Any non-2xx status code is an error. Response 6159// headers are in either 6160// *ListWorkloadIdentityPoolProvidersResponse.ServerResponse.Header or 6161// (if a response was returned at all) in 6162// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6163// whether the returned error was because http.StatusNotModified was 6164// returned. 6165func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Do(opts ...googleapi.CallOption) (*ListWorkloadIdentityPoolProvidersResponse, error) { 6166 gensupport.SetOptions(c.urlParams_, opts...) 6167 res, err := c.doRequest("json") 6168 if res != nil && res.StatusCode == http.StatusNotModified { 6169 if res.Body != nil { 6170 res.Body.Close() 6171 } 6172 return nil, &googleapi.Error{ 6173 Code: res.StatusCode, 6174 Header: res.Header, 6175 } 6176 } 6177 if err != nil { 6178 return nil, err 6179 } 6180 defer googleapi.CloseBody(res) 6181 if err := googleapi.CheckResponse(res); err != nil { 6182 return nil, err 6183 } 6184 ret := &ListWorkloadIdentityPoolProvidersResponse{ 6185 ServerResponse: googleapi.ServerResponse{ 6186 Header: res.Header, 6187 HTTPStatusCode: res.StatusCode, 6188 }, 6189 } 6190 target := &ret 6191 if err := gensupport.DecodeResponse(target, res); err != nil { 6192 return nil, err 6193 } 6194 return ret, nil 6195 // { 6196 // "description": "Lists all non-deleted WorkloadIdentityPoolProviders in a WorkloadIdentityPool. If `show_deleted` is set to `true`, then deleted providers are also listed.", 6197 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers", 6198 // "httpMethod": "GET", 6199 // "id": "iam.projects.locations.workloadIdentityPools.providers.list", 6200 // "parameterOrder": [ 6201 // "parent" 6202 // ], 6203 // "parameters": { 6204 // "pageSize": { 6205 // "description": "The maximum number of providers to return. If unspecified, at most 50 providers are returned. The maximum value is 100; values above 100 are truncated to 100.", 6206 // "format": "int32", 6207 // "location": "query", 6208 // "type": "integer" 6209 // }, 6210 // "pageToken": { 6211 // "description": "A page token, received from a previous `ListWorkloadIdentityPoolProviders` call. Provide this to retrieve the subsequent page.", 6212 // "location": "query", 6213 // "type": "string" 6214 // }, 6215 // "parent": { 6216 // "description": "Required. The pool to list providers for.", 6217 // "location": "path", 6218 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$", 6219 // "required": true, 6220 // "type": "string" 6221 // }, 6222 // "showDeleted": { 6223 // "description": "Whether to return soft-deleted providers.", 6224 // "location": "query", 6225 // "type": "boolean" 6226 // } 6227 // }, 6228 // "path": "v1/{+parent}/providers", 6229 // "response": { 6230 // "$ref": "ListWorkloadIdentityPoolProvidersResponse" 6231 // }, 6232 // "scopes": [ 6233 // "https://www.googleapis.com/auth/cloud-platform" 6234 // ] 6235 // } 6236 6237} 6238 6239// Pages invokes f for each page of results. 6240// A non-nil error returned from f will halt the iteration. 6241// The provided context supersedes any context provided to the Context method. 6242func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Pages(ctx context.Context, f func(*ListWorkloadIdentityPoolProvidersResponse) error) error { 6243 c.ctx_ = ctx 6244 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 6245 for { 6246 x, err := c.Do() 6247 if err != nil { 6248 return err 6249 } 6250 if err := f(x); err != nil { 6251 return err 6252 } 6253 if x.NextPageToken == "" { 6254 return nil 6255 } 6256 c.PageToken(x.NextPageToken) 6257 } 6258} 6259 6260// method id "iam.projects.locations.workloadIdentityPools.providers.patch": 6261 6262type ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall struct { 6263 s *Service 6264 name string 6265 workloadidentitypoolprovider *WorkloadIdentityPoolProvider 6266 urlParams_ gensupport.URLParams 6267 ctx_ context.Context 6268 header_ http.Header 6269} 6270 6271// Patch: Updates an existing WorkloadIdentityPoolProvider. 6272// 6273// - name: Output only. The resource name of the provider. 6274func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Patch(name string, workloadidentitypoolprovider *WorkloadIdentityPoolProvider) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall { 6275 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6276 c.name = name 6277 c.workloadidentitypoolprovider = workloadidentitypoolprovider 6278 return c 6279} 6280 6281// UpdateMask sets the optional parameter "updateMask": Required. The 6282// list of fields to update. 6283func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) UpdateMask(updateMask string) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall { 6284 c.urlParams_.Set("updateMask", updateMask) 6285 return c 6286} 6287 6288// Fields allows partial responses to be retrieved. See 6289// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6290// for more information. 6291func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall { 6292 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6293 return c 6294} 6295 6296// Context sets the context to be used in this call's Do method. Any 6297// pending HTTP request will be aborted if the provided context is 6298// canceled. 6299func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall { 6300 c.ctx_ = ctx 6301 return c 6302} 6303 6304// Header returns an http.Header that can be modified by the caller to 6305// add HTTP headers to the request. 6306func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Header() http.Header { 6307 if c.header_ == nil { 6308 c.header_ = make(http.Header) 6309 } 6310 return c.header_ 6311} 6312 6313func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) doRequest(alt string) (*http.Response, error) { 6314 reqHeaders := make(http.Header) 6315 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 6316 for k, v := range c.header_ { 6317 reqHeaders[k] = v 6318 } 6319 reqHeaders.Set("User-Agent", c.s.userAgent()) 6320 var body io.Reader = nil 6321 body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypoolprovider) 6322 if err != nil { 6323 return nil, err 6324 } 6325 reqHeaders.Set("Content-Type", "application/json") 6326 c.urlParams_.Set("alt", alt) 6327 c.urlParams_.Set("prettyPrint", "false") 6328 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6329 urls += "?" + c.urlParams_.Encode() 6330 req, err := http.NewRequest("PATCH", urls, body) 6331 if err != nil { 6332 return nil, err 6333 } 6334 req.Header = reqHeaders 6335 googleapi.Expand(req.URL, map[string]string{ 6336 "name": c.name, 6337 }) 6338 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6339} 6340 6341// Do executes the "iam.projects.locations.workloadIdentityPools.providers.patch" call. 6342// Exactly one of *Operation or error will be non-nil. Any non-2xx 6343// status code is an error. Response headers are in either 6344// *Operation.ServerResponse.Header or (if a response was returned at 6345// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 6346// to check whether the returned error was because 6347// http.StatusNotModified was returned. 6348func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 6349 gensupport.SetOptions(c.urlParams_, opts...) 6350 res, err := c.doRequest("json") 6351 if res != nil && res.StatusCode == http.StatusNotModified { 6352 if res.Body != nil { 6353 res.Body.Close() 6354 } 6355 return nil, &googleapi.Error{ 6356 Code: res.StatusCode, 6357 Header: res.Header, 6358 } 6359 } 6360 if err != nil { 6361 return nil, err 6362 } 6363 defer googleapi.CloseBody(res) 6364 if err := googleapi.CheckResponse(res); err != nil { 6365 return nil, err 6366 } 6367 ret := &Operation{ 6368 ServerResponse: googleapi.ServerResponse{ 6369 Header: res.Header, 6370 HTTPStatusCode: res.StatusCode, 6371 }, 6372 } 6373 target := &ret 6374 if err := gensupport.DecodeResponse(target, res); err != nil { 6375 return nil, err 6376 } 6377 return ret, nil 6378 // { 6379 // "description": "Updates an existing WorkloadIdentityPoolProvider.", 6380 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}", 6381 // "httpMethod": "PATCH", 6382 // "id": "iam.projects.locations.workloadIdentityPools.providers.patch", 6383 // "parameterOrder": [ 6384 // "name" 6385 // ], 6386 // "parameters": { 6387 // "name": { 6388 // "description": "Output only. The resource name of the provider.", 6389 // "location": "path", 6390 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+$", 6391 // "required": true, 6392 // "type": "string" 6393 // }, 6394 // "updateMask": { 6395 // "description": "Required. The list of fields to update.", 6396 // "format": "google-fieldmask", 6397 // "location": "query", 6398 // "type": "string" 6399 // } 6400 // }, 6401 // "path": "v1/{+name}", 6402 // "request": { 6403 // "$ref": "WorkloadIdentityPoolProvider" 6404 // }, 6405 // "response": { 6406 // "$ref": "Operation" 6407 // }, 6408 // "scopes": [ 6409 // "https://www.googleapis.com/auth/cloud-platform" 6410 // ] 6411 // } 6412 6413} 6414 6415// method id "iam.projects.locations.workloadIdentityPools.providers.undelete": 6416 6417type ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall struct { 6418 s *Service 6419 name string 6420 undeleteworkloadidentitypoolproviderrequest *UndeleteWorkloadIdentityPoolProviderRequest 6421 urlParams_ gensupport.URLParams 6422 ctx_ context.Context 6423 header_ http.Header 6424} 6425 6426// Undelete: Undeletes a WorkloadIdentityPoolProvider, as long as it was 6427// deleted fewer than 30 days ago. 6428// 6429// - name: The name of the provider to undelete. 6430func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Undelete(name string, undeleteworkloadidentitypoolproviderrequest *UndeleteWorkloadIdentityPoolProviderRequest) *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall { 6431 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6432 c.name = name 6433 c.undeleteworkloadidentitypoolproviderrequest = undeleteworkloadidentitypoolproviderrequest 6434 return c 6435} 6436 6437// Fields allows partial responses to be retrieved. See 6438// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6439// for more information. 6440func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall { 6441 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6442 return c 6443} 6444 6445// Context sets the context to be used in this call's Do method. Any 6446// pending HTTP request will be aborted if the provided context is 6447// canceled. 6448func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall { 6449 c.ctx_ = ctx 6450 return c 6451} 6452 6453// Header returns an http.Header that can be modified by the caller to 6454// add HTTP headers to the request. 6455func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Header() http.Header { 6456 if c.header_ == nil { 6457 c.header_ = make(http.Header) 6458 } 6459 return c.header_ 6460} 6461 6462func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) doRequest(alt string) (*http.Response, error) { 6463 reqHeaders := make(http.Header) 6464 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 6465 for k, v := range c.header_ { 6466 reqHeaders[k] = v 6467 } 6468 reqHeaders.Set("User-Agent", c.s.userAgent()) 6469 var body io.Reader = nil 6470 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteworkloadidentitypoolproviderrequest) 6471 if err != nil { 6472 return nil, err 6473 } 6474 reqHeaders.Set("Content-Type", "application/json") 6475 c.urlParams_.Set("alt", alt) 6476 c.urlParams_.Set("prettyPrint", "false") 6477 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 6478 urls += "?" + c.urlParams_.Encode() 6479 req, err := http.NewRequest("POST", urls, body) 6480 if err != nil { 6481 return nil, err 6482 } 6483 req.Header = reqHeaders 6484 googleapi.Expand(req.URL, map[string]string{ 6485 "name": c.name, 6486 }) 6487 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6488} 6489 6490// Do executes the "iam.projects.locations.workloadIdentityPools.providers.undelete" call. 6491// Exactly one of *Operation or error will be non-nil. Any non-2xx 6492// status code is an error. Response headers are in either 6493// *Operation.ServerResponse.Header or (if a response was returned at 6494// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 6495// to check whether the returned error was because 6496// http.StatusNotModified was returned. 6497func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 6498 gensupport.SetOptions(c.urlParams_, opts...) 6499 res, err := c.doRequest("json") 6500 if res != nil && res.StatusCode == http.StatusNotModified { 6501 if res.Body != nil { 6502 res.Body.Close() 6503 } 6504 return nil, &googleapi.Error{ 6505 Code: res.StatusCode, 6506 Header: res.Header, 6507 } 6508 } 6509 if err != nil { 6510 return nil, err 6511 } 6512 defer googleapi.CloseBody(res) 6513 if err := googleapi.CheckResponse(res); err != nil { 6514 return nil, err 6515 } 6516 ret := &Operation{ 6517 ServerResponse: googleapi.ServerResponse{ 6518 Header: res.Header, 6519 HTTPStatusCode: res.StatusCode, 6520 }, 6521 } 6522 target := &ret 6523 if err := gensupport.DecodeResponse(target, res); err != nil { 6524 return nil, err 6525 } 6526 return ret, nil 6527 // { 6528 // "description": "Undeletes a WorkloadIdentityPoolProvider, as long as it was deleted fewer than 30 days ago.", 6529 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}:undelete", 6530 // "httpMethod": "POST", 6531 // "id": "iam.projects.locations.workloadIdentityPools.providers.undelete", 6532 // "parameterOrder": [ 6533 // "name" 6534 // ], 6535 // "parameters": { 6536 // "name": { 6537 // "description": "Required. The name of the provider to undelete.", 6538 // "location": "path", 6539 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+$", 6540 // "required": true, 6541 // "type": "string" 6542 // } 6543 // }, 6544 // "path": "v1/{+name}:undelete", 6545 // "request": { 6546 // "$ref": "UndeleteWorkloadIdentityPoolProviderRequest" 6547 // }, 6548 // "response": { 6549 // "$ref": "Operation" 6550 // }, 6551 // "scopes": [ 6552 // "https://www.googleapis.com/auth/cloud-platform" 6553 // ] 6554 // } 6555 6556} 6557 6558// method id "iam.projects.locations.workloadIdentityPools.providers.operations.get": 6559 6560type ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall struct { 6561 s *Service 6562 name string 6563 urlParams_ gensupport.URLParams 6564 ifNoneMatch_ string 6565 ctx_ context.Context 6566 header_ http.Header 6567} 6568 6569// Get: Gets the latest state of a long-running operation. Clients can 6570// use this method to poll the operation result at intervals as 6571// recommended by the API service. 6572// 6573// - name: The name of the operation resource. 6574func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall { 6575 c := &ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6576 c.name = name 6577 return c 6578} 6579 6580// Fields allows partial responses to be retrieved. See 6581// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6582// for more information. 6583func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall { 6584 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6585 return c 6586} 6587 6588// IfNoneMatch sets the optional parameter which makes the operation 6589// fail if the object's ETag matches the given value. This is useful for 6590// getting updates only after the object has changed since the last 6591// request. Use googleapi.IsNotModified to check whether the response 6592// error from Do is the result of In-None-Match. 6593func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall { 6594 c.ifNoneMatch_ = entityTag 6595 return c 6596} 6597 6598// Context sets the context to be used in this call's Do method. Any 6599// pending HTTP request will be aborted if the provided context is 6600// canceled. 6601func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall { 6602 c.ctx_ = ctx 6603 return c 6604} 6605 6606// Header returns an http.Header that can be modified by the caller to 6607// add HTTP headers to the request. 6608func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Header() http.Header { 6609 if c.header_ == nil { 6610 c.header_ = make(http.Header) 6611 } 6612 return c.header_ 6613} 6614 6615func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) doRequest(alt string) (*http.Response, error) { 6616 reqHeaders := make(http.Header) 6617 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 6618 for k, v := range c.header_ { 6619 reqHeaders[k] = v 6620 } 6621 reqHeaders.Set("User-Agent", c.s.userAgent()) 6622 if c.ifNoneMatch_ != "" { 6623 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6624 } 6625 var body io.Reader = nil 6626 c.urlParams_.Set("alt", alt) 6627 c.urlParams_.Set("prettyPrint", "false") 6628 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6629 urls += "?" + c.urlParams_.Encode() 6630 req, err := http.NewRequest("GET", urls, body) 6631 if err != nil { 6632 return nil, err 6633 } 6634 req.Header = reqHeaders 6635 googleapi.Expand(req.URL, map[string]string{ 6636 "name": c.name, 6637 }) 6638 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6639} 6640 6641// Do executes the "iam.projects.locations.workloadIdentityPools.providers.operations.get" call. 6642// Exactly one of *Operation or error will be non-nil. Any non-2xx 6643// status code is an error. Response headers are in either 6644// *Operation.ServerResponse.Header or (if a response was returned at 6645// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 6646// to check whether the returned error was because 6647// http.StatusNotModified was returned. 6648func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 6649 gensupport.SetOptions(c.urlParams_, opts...) 6650 res, err := c.doRequest("json") 6651 if res != nil && res.StatusCode == http.StatusNotModified { 6652 if res.Body != nil { 6653 res.Body.Close() 6654 } 6655 return nil, &googleapi.Error{ 6656 Code: res.StatusCode, 6657 Header: res.Header, 6658 } 6659 } 6660 if err != nil { 6661 return nil, err 6662 } 6663 defer googleapi.CloseBody(res) 6664 if err := googleapi.CheckResponse(res); err != nil { 6665 return nil, err 6666 } 6667 ret := &Operation{ 6668 ServerResponse: googleapi.ServerResponse{ 6669 Header: res.Header, 6670 HTTPStatusCode: res.StatusCode, 6671 }, 6672 } 6673 target := &ret 6674 if err := gensupport.DecodeResponse(target, res); err != nil { 6675 return nil, err 6676 } 6677 return ret, nil 6678 // { 6679 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 6680 // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/providers/{providersId}/operations/{operationsId}", 6681 // "httpMethod": "GET", 6682 // "id": "iam.projects.locations.workloadIdentityPools.providers.operations.get", 6683 // "parameterOrder": [ 6684 // "name" 6685 // ], 6686 // "parameters": { 6687 // "name": { 6688 // "description": "The name of the operation resource.", 6689 // "location": "path", 6690 // "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+/providers/[^/]+/operations/[^/]+$", 6691 // "required": true, 6692 // "type": "string" 6693 // } 6694 // }, 6695 // "path": "v1/{+name}", 6696 // "response": { 6697 // "$ref": "Operation" 6698 // }, 6699 // "scopes": [ 6700 // "https://www.googleapis.com/auth/cloud-platform" 6701 // ] 6702 // } 6703 6704} 6705 6706// method id "iam.projects.roles.create": 6707 6708type ProjectsRolesCreateCall struct { 6709 s *Service 6710 parent string 6711 createrolerequest *CreateRoleRequest 6712 urlParams_ gensupport.URLParams 6713 ctx_ context.Context 6714 header_ http.Header 6715} 6716 6717// Create: Creates a new custom Role. 6718// 6719// - parent: The `parent` parameter's value depends on the target 6720// resource for the request, namely `projects` 6721// (/iam/reference/rest/v1/projects.roles) or `organizations` 6722// (/iam/reference/rest/v1/organizations.roles). Each resource type's 6723// `parent` value format is described below: * 6724// `projects.roles.create()` 6725// (/iam/reference/rest/v1/projects.roles/create): 6726// `projects/{PROJECT_ID}`. This method creates project-level custom 6727// roles (/iam/docs/understanding-custom-roles). Example request URL: 6728// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 6729// `organizations.roles.create()` 6730// (/iam/reference/rest/v1/organizations.roles/create): 6731// `organizations/{ORGANIZATION_ID}`. This method creates 6732// organization-level custom roles 6733// (/iam/docs/understanding-custom-roles). Example request URL: 6734// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 6735// ` Note: Wildcard (*) values are invalid; you must specify a 6736// complete project ID or organization ID. 6737func (r *ProjectsRolesService) Create(parent string, createrolerequest *CreateRoleRequest) *ProjectsRolesCreateCall { 6738 c := &ProjectsRolesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6739 c.parent = parent 6740 c.createrolerequest = createrolerequest 6741 return c 6742} 6743 6744// Fields allows partial responses to be retrieved. See 6745// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6746// for more information. 6747func (c *ProjectsRolesCreateCall) Fields(s ...googleapi.Field) *ProjectsRolesCreateCall { 6748 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6749 return c 6750} 6751 6752// Context sets the context to be used in this call's Do method. Any 6753// pending HTTP request will be aborted if the provided context is 6754// canceled. 6755func (c *ProjectsRolesCreateCall) Context(ctx context.Context) *ProjectsRolesCreateCall { 6756 c.ctx_ = ctx 6757 return c 6758} 6759 6760// Header returns an http.Header that can be modified by the caller to 6761// add HTTP headers to the request. 6762func (c *ProjectsRolesCreateCall) Header() http.Header { 6763 if c.header_ == nil { 6764 c.header_ = make(http.Header) 6765 } 6766 return c.header_ 6767} 6768 6769func (c *ProjectsRolesCreateCall) doRequest(alt string) (*http.Response, error) { 6770 reqHeaders := make(http.Header) 6771 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 6772 for k, v := range c.header_ { 6773 reqHeaders[k] = v 6774 } 6775 reqHeaders.Set("User-Agent", c.s.userAgent()) 6776 var body io.Reader = nil 6777 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createrolerequest) 6778 if err != nil { 6779 return nil, err 6780 } 6781 reqHeaders.Set("Content-Type", "application/json") 6782 c.urlParams_.Set("alt", alt) 6783 c.urlParams_.Set("prettyPrint", "false") 6784 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 6785 urls += "?" + c.urlParams_.Encode() 6786 req, err := http.NewRequest("POST", urls, body) 6787 if err != nil { 6788 return nil, err 6789 } 6790 req.Header = reqHeaders 6791 googleapi.Expand(req.URL, map[string]string{ 6792 "parent": c.parent, 6793 }) 6794 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6795} 6796 6797// Do executes the "iam.projects.roles.create" call. 6798// Exactly one of *Role or error will be non-nil. Any non-2xx status 6799// code is an error. Response headers are in either 6800// *Role.ServerResponse.Header or (if a response was returned at all) in 6801// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6802// whether the returned error was because http.StatusNotModified was 6803// returned. 6804func (c *ProjectsRolesCreateCall) Do(opts ...googleapi.CallOption) (*Role, error) { 6805 gensupport.SetOptions(c.urlParams_, opts...) 6806 res, err := c.doRequest("json") 6807 if res != nil && res.StatusCode == http.StatusNotModified { 6808 if res.Body != nil { 6809 res.Body.Close() 6810 } 6811 return nil, &googleapi.Error{ 6812 Code: res.StatusCode, 6813 Header: res.Header, 6814 } 6815 } 6816 if err != nil { 6817 return nil, err 6818 } 6819 defer googleapi.CloseBody(res) 6820 if err := googleapi.CheckResponse(res); err != nil { 6821 return nil, err 6822 } 6823 ret := &Role{ 6824 ServerResponse: googleapi.ServerResponse{ 6825 Header: res.Header, 6826 HTTPStatusCode: res.StatusCode, 6827 }, 6828 } 6829 target := &ret 6830 if err := gensupport.DecodeResponse(target, res); err != nil { 6831 return nil, err 6832 } 6833 return ret, nil 6834 // { 6835 // "description": "Creates a new custom Role.", 6836 // "flatPath": "v1/projects/{projectsId}/roles", 6837 // "httpMethod": "POST", 6838 // "id": "iam.projects.roles.create", 6839 // "parameterOrder": [ 6840 // "parent" 6841 // ], 6842 // "parameters": { 6843 // "parent": { 6844 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`projects.roles.create()`](/iam/reference/rest/v1/projects.roles/create): `projects/{PROJECT_ID}`. This method creates project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.create()`](/iam/reference/rest/v1/organizations.roles/create): `organizations/{ORGANIZATION_ID}`. This method creates organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 6845 // "location": "path", 6846 // "pattern": "^projects/[^/]+$", 6847 // "required": true, 6848 // "type": "string" 6849 // } 6850 // }, 6851 // "path": "v1/{+parent}/roles", 6852 // "request": { 6853 // "$ref": "CreateRoleRequest" 6854 // }, 6855 // "response": { 6856 // "$ref": "Role" 6857 // }, 6858 // "scopes": [ 6859 // "https://www.googleapis.com/auth/cloud-platform" 6860 // ] 6861 // } 6862 6863} 6864 6865// method id "iam.projects.roles.delete": 6866 6867type ProjectsRolesDeleteCall struct { 6868 s *Service 6869 name string 6870 urlParams_ gensupport.URLParams 6871 ctx_ context.Context 6872 header_ http.Header 6873} 6874 6875// Delete: Deletes a custom Role. When you delete a custom role, the 6876// following changes occur immediately: * You cannot bind a principal to 6877// the custom role in an IAM Policy. * Existing bindings to the custom 6878// role are not changed, but they have no effect. * By default, the 6879// response from ListRoles does not include the custom role. You have 7 6880// days to undelete the custom role. After 7 days, the following changes 6881// occur: * The custom role is permanently deleted and cannot be 6882// recovered. * If an IAM policy contains a binding to the custom role, 6883// the binding is permanently removed. 6884// 6885// - name: The `name` parameter's value depends on the target resource 6886// for the request, namely `projects` 6887// (/iam/reference/rest/v1/projects.roles) or `organizations` 6888// (/iam/reference/rest/v1/organizations.roles). Each resource type's 6889// `name` value format is described below: * `projects.roles.delete()` 6890// (/iam/reference/rest/v1/projects.roles/delete): 6891// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes 6892// only custom roles (/iam/docs/understanding-custom-roles) that have 6893// been created at the project level. Example request URL: 6894// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 6895// OLE_ID}` * `organizations.roles.delete()` 6896// (/iam/reference/rest/v1/organizations.roles/delete): 6897// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 6898// method deletes only custom roles 6899// (/iam/docs/understanding-custom-roles) that have been created at 6900// the organization level. Example request URL: 6901// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 6902// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 6903// specify a complete project ID or organization ID. 6904func (r *ProjectsRolesService) Delete(name string) *ProjectsRolesDeleteCall { 6905 c := &ProjectsRolesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6906 c.name = name 6907 return c 6908} 6909 6910// Etag sets the optional parameter "etag": Used to perform a consistent 6911// read-modify-write. 6912func (c *ProjectsRolesDeleteCall) Etag(etag string) *ProjectsRolesDeleteCall { 6913 c.urlParams_.Set("etag", etag) 6914 return c 6915} 6916 6917// Fields allows partial responses to be retrieved. See 6918// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6919// for more information. 6920func (c *ProjectsRolesDeleteCall) Fields(s ...googleapi.Field) *ProjectsRolesDeleteCall { 6921 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6922 return c 6923} 6924 6925// Context sets the context to be used in this call's Do method. Any 6926// pending HTTP request will be aborted if the provided context is 6927// canceled. 6928func (c *ProjectsRolesDeleteCall) Context(ctx context.Context) *ProjectsRolesDeleteCall { 6929 c.ctx_ = ctx 6930 return c 6931} 6932 6933// Header returns an http.Header that can be modified by the caller to 6934// add HTTP headers to the request. 6935func (c *ProjectsRolesDeleteCall) Header() http.Header { 6936 if c.header_ == nil { 6937 c.header_ = make(http.Header) 6938 } 6939 return c.header_ 6940} 6941 6942func (c *ProjectsRolesDeleteCall) doRequest(alt string) (*http.Response, error) { 6943 reqHeaders := make(http.Header) 6944 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 6945 for k, v := range c.header_ { 6946 reqHeaders[k] = v 6947 } 6948 reqHeaders.Set("User-Agent", c.s.userAgent()) 6949 var body io.Reader = nil 6950 c.urlParams_.Set("alt", alt) 6951 c.urlParams_.Set("prettyPrint", "false") 6952 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6953 urls += "?" + c.urlParams_.Encode() 6954 req, err := http.NewRequest("DELETE", urls, body) 6955 if err != nil { 6956 return nil, err 6957 } 6958 req.Header = reqHeaders 6959 googleapi.Expand(req.URL, map[string]string{ 6960 "name": c.name, 6961 }) 6962 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6963} 6964 6965// Do executes the "iam.projects.roles.delete" call. 6966// Exactly one of *Role or error will be non-nil. Any non-2xx status 6967// code is an error. Response headers are in either 6968// *Role.ServerResponse.Header or (if a response was returned at all) in 6969// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6970// whether the returned error was because http.StatusNotModified was 6971// returned. 6972func (c *ProjectsRolesDeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 6973 gensupport.SetOptions(c.urlParams_, opts...) 6974 res, err := c.doRequest("json") 6975 if res != nil && res.StatusCode == http.StatusNotModified { 6976 if res.Body != nil { 6977 res.Body.Close() 6978 } 6979 return nil, &googleapi.Error{ 6980 Code: res.StatusCode, 6981 Header: res.Header, 6982 } 6983 } 6984 if err != nil { 6985 return nil, err 6986 } 6987 defer googleapi.CloseBody(res) 6988 if err := googleapi.CheckResponse(res); err != nil { 6989 return nil, err 6990 } 6991 ret := &Role{ 6992 ServerResponse: googleapi.ServerResponse{ 6993 Header: res.Header, 6994 HTTPStatusCode: res.StatusCode, 6995 }, 6996 } 6997 target := &ret 6998 if err := gensupport.DecodeResponse(target, res); err != nil { 6999 return nil, err 7000 } 7001 return ret, nil 7002 // { 7003 // "description": "Deletes a custom Role. When you delete a custom role, the following changes occur immediately: * You cannot bind a principal to the custom role in an IAM Policy. * Existing bindings to the custom role are not changed, but they have no effect. * By default, the response from ListRoles does not include the custom role. You have 7 days to undelete the custom role. After 7 days, the following changes occur: * The custom role is permanently deleted and cannot be recovered. * If an IAM policy contains a binding to the custom role, the binding is permanently removed.", 7004 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 7005 // "httpMethod": "DELETE", 7006 // "id": "iam.projects.roles.delete", 7007 // "parameterOrder": [ 7008 // "name" 7009 // ], 7010 // "parameters": { 7011 // "etag": { 7012 // "description": "Used to perform a consistent read-modify-write.", 7013 // "format": "byte", 7014 // "location": "query", 7015 // "type": "string" 7016 // }, 7017 // "name": { 7018 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.delete()`](/iam/reference/rest/v1/projects.roles/delete): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.delete()`](/iam/reference/rest/v1/organizations.roles/delete): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 7019 // "location": "path", 7020 // "pattern": "^projects/[^/]+/roles/[^/]+$", 7021 // "required": true, 7022 // "type": "string" 7023 // } 7024 // }, 7025 // "path": "v1/{+name}", 7026 // "response": { 7027 // "$ref": "Role" 7028 // }, 7029 // "scopes": [ 7030 // "https://www.googleapis.com/auth/cloud-platform" 7031 // ] 7032 // } 7033 7034} 7035 7036// method id "iam.projects.roles.get": 7037 7038type ProjectsRolesGetCall struct { 7039 s *Service 7040 name string 7041 urlParams_ gensupport.URLParams 7042 ifNoneMatch_ string 7043 ctx_ context.Context 7044 header_ http.Header 7045} 7046 7047// Get: Gets the definition of a Role. 7048// 7049// - name: The `name` parameter's value depends on the target resource 7050// for the request, namely `roles` (/iam/reference/rest/v1/roles), 7051// `projects` (/iam/reference/rest/v1/projects.roles), or 7052// `organizations` (/iam/reference/rest/v1/organizations.roles). Each 7053// resource type's `name` value format is described below: * 7054// `roles.get()` (/iam/reference/rest/v1/roles/get): 7055// `roles/{ROLE_NAME}`. This method returns results from all 7056// predefined roles (/iam/docs/understanding-roles#predefined_roles) 7057// in Cloud IAM. Example request URL: 7058// `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * 7059// `projects.roles.get()` (/iam/reference/rest/v1/projects.roles/get): 7060// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns 7061// only custom roles (/iam/docs/understanding-custom-roles) that have 7062// been created at the project level. Example request URL: 7063// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 7064// OLE_ID}` * `organizations.roles.get()` 7065// (/iam/reference/rest/v1/organizations.roles/get): 7066// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 7067// method returns only custom roles 7068// (/iam/docs/understanding-custom-roles) that have been created at 7069// the organization level. Example request URL: 7070// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 7071// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 7072// specify a complete project ID or organization ID. 7073func (r *ProjectsRolesService) Get(name string) *ProjectsRolesGetCall { 7074 c := &ProjectsRolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7075 c.name = name 7076 return c 7077} 7078 7079// Fields allows partial responses to be retrieved. See 7080// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7081// for more information. 7082func (c *ProjectsRolesGetCall) Fields(s ...googleapi.Field) *ProjectsRolesGetCall { 7083 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7084 return c 7085} 7086 7087// IfNoneMatch sets the optional parameter which makes the operation 7088// fail if the object's ETag matches the given value. This is useful for 7089// getting updates only after the object has changed since the last 7090// request. Use googleapi.IsNotModified to check whether the response 7091// error from Do is the result of In-None-Match. 7092func (c *ProjectsRolesGetCall) IfNoneMatch(entityTag string) *ProjectsRolesGetCall { 7093 c.ifNoneMatch_ = entityTag 7094 return c 7095} 7096 7097// Context sets the context to be used in this call's Do method. Any 7098// pending HTTP request will be aborted if the provided context is 7099// canceled. 7100func (c *ProjectsRolesGetCall) Context(ctx context.Context) *ProjectsRolesGetCall { 7101 c.ctx_ = ctx 7102 return c 7103} 7104 7105// Header returns an http.Header that can be modified by the caller to 7106// add HTTP headers to the request. 7107func (c *ProjectsRolesGetCall) Header() http.Header { 7108 if c.header_ == nil { 7109 c.header_ = make(http.Header) 7110 } 7111 return c.header_ 7112} 7113 7114func (c *ProjectsRolesGetCall) doRequest(alt string) (*http.Response, error) { 7115 reqHeaders := make(http.Header) 7116 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 7117 for k, v := range c.header_ { 7118 reqHeaders[k] = v 7119 } 7120 reqHeaders.Set("User-Agent", c.s.userAgent()) 7121 if c.ifNoneMatch_ != "" { 7122 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7123 } 7124 var body io.Reader = nil 7125 c.urlParams_.Set("alt", alt) 7126 c.urlParams_.Set("prettyPrint", "false") 7127 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 7128 urls += "?" + c.urlParams_.Encode() 7129 req, err := http.NewRequest("GET", urls, body) 7130 if err != nil { 7131 return nil, err 7132 } 7133 req.Header = reqHeaders 7134 googleapi.Expand(req.URL, map[string]string{ 7135 "name": c.name, 7136 }) 7137 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7138} 7139 7140// Do executes the "iam.projects.roles.get" call. 7141// Exactly one of *Role or error will be non-nil. Any non-2xx status 7142// code is an error. Response headers are in either 7143// *Role.ServerResponse.Header or (if a response was returned at all) in 7144// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 7145// whether the returned error was because http.StatusNotModified was 7146// returned. 7147func (c *ProjectsRolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 7148 gensupport.SetOptions(c.urlParams_, opts...) 7149 res, err := c.doRequest("json") 7150 if res != nil && res.StatusCode == http.StatusNotModified { 7151 if res.Body != nil { 7152 res.Body.Close() 7153 } 7154 return nil, &googleapi.Error{ 7155 Code: res.StatusCode, 7156 Header: res.Header, 7157 } 7158 } 7159 if err != nil { 7160 return nil, err 7161 } 7162 defer googleapi.CloseBody(res) 7163 if err := googleapi.CheckResponse(res); err != nil { 7164 return nil, err 7165 } 7166 ret := &Role{ 7167 ServerResponse: googleapi.ServerResponse{ 7168 Header: res.Header, 7169 HTTPStatusCode: res.StatusCode, 7170 }, 7171 } 7172 target := &ret 7173 if err := gensupport.DecodeResponse(target, res); err != nil { 7174 return nil, err 7175 } 7176 return ret, nil 7177 // { 7178 // "description": "Gets the definition of a Role.", 7179 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 7180 // "httpMethod": "GET", 7181 // "id": "iam.projects.roles.get", 7182 // "parameterOrder": [ 7183 // "name" 7184 // ], 7185 // "parameters": { 7186 // "name": { 7187 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`. This method returns results from all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 7188 // "location": "path", 7189 // "pattern": "^projects/[^/]+/roles/[^/]+$", 7190 // "required": true, 7191 // "type": "string" 7192 // } 7193 // }, 7194 // "path": "v1/{+name}", 7195 // "response": { 7196 // "$ref": "Role" 7197 // }, 7198 // "scopes": [ 7199 // "https://www.googleapis.com/auth/cloud-platform" 7200 // ] 7201 // } 7202 7203} 7204 7205// method id "iam.projects.roles.list": 7206 7207type ProjectsRolesListCall struct { 7208 s *Service 7209 parent string 7210 urlParams_ gensupport.URLParams 7211 ifNoneMatch_ string 7212 ctx_ context.Context 7213 header_ http.Header 7214} 7215 7216// List: Lists every predefined Role that IAM supports, or every custom 7217// role that is defined for an organization or project. 7218// 7219// - parent: The `parent` parameter's value depends on the target 7220// resource for the request, namely `roles` 7221// (/iam/reference/rest/v1/roles), `projects` 7222// (/iam/reference/rest/v1/projects.roles), or `organizations` 7223// (/iam/reference/rest/v1/organizations.roles). Each resource type's 7224// `parent` value format is described below: * `roles.list()` 7225// (/iam/reference/rest/v1/roles/list): An empty string. This method 7226// doesn't require a resource; it simply returns all predefined roles 7227// (/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. 7228// Example request URL: `https://iam.googleapis.com/v1/roles` * 7229// `projects.roles.list()` 7230// (/iam/reference/rest/v1/projects.roles/list): 7231// `projects/{PROJECT_ID}`. This method lists all project-level custom 7232// roles (/iam/docs/understanding-custom-roles). Example request URL: 7233// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 7234// `organizations.roles.list()` 7235// (/iam/reference/rest/v1/organizations.roles/list): 7236// `organizations/{ORGANIZATION_ID}`. This method lists all 7237// organization-level custom roles 7238// (/iam/docs/understanding-custom-roles). Example request URL: 7239// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 7240// ` Note: Wildcard (*) values are invalid; you must specify a 7241// complete project ID or organization ID. 7242func (r *ProjectsRolesService) List(parent string) *ProjectsRolesListCall { 7243 c := &ProjectsRolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7244 c.parent = parent 7245 return c 7246} 7247 7248// PageSize sets the optional parameter "pageSize": Optional limit on 7249// the number of roles to include in the response. The default is 300, 7250// and the maximum is 1,000. 7251func (c *ProjectsRolesListCall) PageSize(pageSize int64) *ProjectsRolesListCall { 7252 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 7253 return c 7254} 7255 7256// PageToken sets the optional parameter "pageToken": Optional 7257// pagination token returned in an earlier ListRolesResponse. 7258func (c *ProjectsRolesListCall) PageToken(pageToken string) *ProjectsRolesListCall { 7259 c.urlParams_.Set("pageToken", pageToken) 7260 return c 7261} 7262 7263// ShowDeleted sets the optional parameter "showDeleted": Include Roles 7264// that have been deleted. 7265func (c *ProjectsRolesListCall) ShowDeleted(showDeleted bool) *ProjectsRolesListCall { 7266 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 7267 return c 7268} 7269 7270// View sets the optional parameter "view": Optional view for the 7271// returned Role objects. When `FULL` is specified, the 7272// `includedPermissions` field is returned, which includes a list of all 7273// permissions in the role. The default value is `BASIC`, which does not 7274// return the `includedPermissions` field. 7275// 7276// Possible values: 7277// "BASIC" - Omits the `included_permissions` field. This is the 7278// default value. 7279// "FULL" - Returns all fields. 7280func (c *ProjectsRolesListCall) View(view string) *ProjectsRolesListCall { 7281 c.urlParams_.Set("view", view) 7282 return c 7283} 7284 7285// Fields allows partial responses to be retrieved. See 7286// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7287// for more information. 7288func (c *ProjectsRolesListCall) Fields(s ...googleapi.Field) *ProjectsRolesListCall { 7289 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7290 return c 7291} 7292 7293// IfNoneMatch sets the optional parameter which makes the operation 7294// fail if the object's ETag matches the given value. This is useful for 7295// getting updates only after the object has changed since the last 7296// request. Use googleapi.IsNotModified to check whether the response 7297// error from Do is the result of In-None-Match. 7298func (c *ProjectsRolesListCall) IfNoneMatch(entityTag string) *ProjectsRolesListCall { 7299 c.ifNoneMatch_ = entityTag 7300 return c 7301} 7302 7303// Context sets the context to be used in this call's Do method. Any 7304// pending HTTP request will be aborted if the provided context is 7305// canceled. 7306func (c *ProjectsRolesListCall) Context(ctx context.Context) *ProjectsRolesListCall { 7307 c.ctx_ = ctx 7308 return c 7309} 7310 7311// Header returns an http.Header that can be modified by the caller to 7312// add HTTP headers to the request. 7313func (c *ProjectsRolesListCall) Header() http.Header { 7314 if c.header_ == nil { 7315 c.header_ = make(http.Header) 7316 } 7317 return c.header_ 7318} 7319 7320func (c *ProjectsRolesListCall) doRequest(alt string) (*http.Response, error) { 7321 reqHeaders := make(http.Header) 7322 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 7323 for k, v := range c.header_ { 7324 reqHeaders[k] = v 7325 } 7326 reqHeaders.Set("User-Agent", c.s.userAgent()) 7327 if c.ifNoneMatch_ != "" { 7328 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7329 } 7330 var body io.Reader = nil 7331 c.urlParams_.Set("alt", alt) 7332 c.urlParams_.Set("prettyPrint", "false") 7333 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 7334 urls += "?" + c.urlParams_.Encode() 7335 req, err := http.NewRequest("GET", urls, body) 7336 if err != nil { 7337 return nil, err 7338 } 7339 req.Header = reqHeaders 7340 googleapi.Expand(req.URL, map[string]string{ 7341 "parent": c.parent, 7342 }) 7343 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7344} 7345 7346// Do executes the "iam.projects.roles.list" call. 7347// Exactly one of *ListRolesResponse or error will be non-nil. Any 7348// non-2xx status code is an error. Response headers are in either 7349// *ListRolesResponse.ServerResponse.Header or (if a response was 7350// returned at all) in error.(*googleapi.Error).Header. Use 7351// googleapi.IsNotModified to check whether the returned error was 7352// because http.StatusNotModified was returned. 7353func (c *ProjectsRolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 7354 gensupport.SetOptions(c.urlParams_, opts...) 7355 res, err := c.doRequest("json") 7356 if res != nil && res.StatusCode == http.StatusNotModified { 7357 if res.Body != nil { 7358 res.Body.Close() 7359 } 7360 return nil, &googleapi.Error{ 7361 Code: res.StatusCode, 7362 Header: res.Header, 7363 } 7364 } 7365 if err != nil { 7366 return nil, err 7367 } 7368 defer googleapi.CloseBody(res) 7369 if err := googleapi.CheckResponse(res); err != nil { 7370 return nil, err 7371 } 7372 ret := &ListRolesResponse{ 7373 ServerResponse: googleapi.ServerResponse{ 7374 Header: res.Header, 7375 HTTPStatusCode: res.StatusCode, 7376 }, 7377 } 7378 target := &ret 7379 if err := gensupport.DecodeResponse(target, res); err != nil { 7380 return nil, err 7381 } 7382 return ret, nil 7383 // { 7384 // "description": "Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.", 7385 // "flatPath": "v1/projects/{projectsId}/roles", 7386 // "httpMethod": "GET", 7387 // "id": "iam.projects.roles.list", 7388 // "parameterOrder": [ 7389 // "parent" 7390 // ], 7391 // "parameters": { 7392 // "pageSize": { 7393 // "description": "Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000.", 7394 // "format": "int32", 7395 // "location": "query", 7396 // "type": "integer" 7397 // }, 7398 // "pageToken": { 7399 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 7400 // "location": "query", 7401 // "type": "string" 7402 // }, 7403 // "parent": { 7404 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string. This method doesn't require a resource; it simply returns all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles` * [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list): `projects/{PROJECT_ID}`. This method lists all project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list): `organizations/{ORGANIZATION_ID}`. This method lists all organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 7405 // "location": "path", 7406 // "pattern": "^projects/[^/]+$", 7407 // "required": true, 7408 // "type": "string" 7409 // }, 7410 // "showDeleted": { 7411 // "description": "Include Roles that have been deleted.", 7412 // "location": "query", 7413 // "type": "boolean" 7414 // }, 7415 // "view": { 7416 // "description": "Optional view for the returned Role objects. When `FULL` is specified, the `includedPermissions` field is returned, which includes a list of all permissions in the role. The default value is `BASIC`, which does not return the `includedPermissions` field.", 7417 // "enum": [ 7418 // "BASIC", 7419 // "FULL" 7420 // ], 7421 // "enumDescriptions": [ 7422 // "Omits the `included_permissions` field. This is the default value.", 7423 // "Returns all fields." 7424 // ], 7425 // "location": "query", 7426 // "type": "string" 7427 // } 7428 // }, 7429 // "path": "v1/{+parent}/roles", 7430 // "response": { 7431 // "$ref": "ListRolesResponse" 7432 // }, 7433 // "scopes": [ 7434 // "https://www.googleapis.com/auth/cloud-platform" 7435 // ] 7436 // } 7437 7438} 7439 7440// Pages invokes f for each page of results. 7441// A non-nil error returned from f will halt the iteration. 7442// The provided context supersedes any context provided to the Context method. 7443func (c *ProjectsRolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 7444 c.ctx_ = ctx 7445 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 7446 for { 7447 x, err := c.Do() 7448 if err != nil { 7449 return err 7450 } 7451 if err := f(x); err != nil { 7452 return err 7453 } 7454 if x.NextPageToken == "" { 7455 return nil 7456 } 7457 c.PageToken(x.NextPageToken) 7458 } 7459} 7460 7461// method id "iam.projects.roles.patch": 7462 7463type ProjectsRolesPatchCall struct { 7464 s *Service 7465 name string 7466 role *Role 7467 urlParams_ gensupport.URLParams 7468 ctx_ context.Context 7469 header_ http.Header 7470} 7471 7472// Patch: Updates the definition of a custom Role. 7473// 7474// - name: The `name` parameter's value depends on the target resource 7475// for the request, namely `projects` 7476// (/iam/reference/rest/v1/projects.roles) or `organizations` 7477// (/iam/reference/rest/v1/organizations.roles). Each resource type's 7478// `name` value format is described below: * `projects.roles.patch()` 7479// (/iam/reference/rest/v1/projects.roles/patch): 7480// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates 7481// only custom roles (/iam/docs/understanding-custom-roles) that have 7482// been created at the project level. Example request URL: 7483// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 7484// OLE_ID}` * `organizations.roles.patch()` 7485// (/iam/reference/rest/v1/organizations.roles/patch): 7486// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 7487// method updates only custom roles 7488// (/iam/docs/understanding-custom-roles) that have been created at 7489// the organization level. Example request URL: 7490// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 7491// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 7492// specify a complete project ID or organization ID. 7493func (r *ProjectsRolesService) Patch(name string, role *Role) *ProjectsRolesPatchCall { 7494 c := &ProjectsRolesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7495 c.name = name 7496 c.role = role 7497 return c 7498} 7499 7500// UpdateMask sets the optional parameter "updateMask": A mask 7501// describing which fields in the Role have changed. 7502func (c *ProjectsRolesPatchCall) UpdateMask(updateMask string) *ProjectsRolesPatchCall { 7503 c.urlParams_.Set("updateMask", updateMask) 7504 return c 7505} 7506 7507// Fields allows partial responses to be retrieved. See 7508// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7509// for more information. 7510func (c *ProjectsRolesPatchCall) Fields(s ...googleapi.Field) *ProjectsRolesPatchCall { 7511 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7512 return c 7513} 7514 7515// Context sets the context to be used in this call's Do method. Any 7516// pending HTTP request will be aborted if the provided context is 7517// canceled. 7518func (c *ProjectsRolesPatchCall) Context(ctx context.Context) *ProjectsRolesPatchCall { 7519 c.ctx_ = ctx 7520 return c 7521} 7522 7523// Header returns an http.Header that can be modified by the caller to 7524// add HTTP headers to the request. 7525func (c *ProjectsRolesPatchCall) Header() http.Header { 7526 if c.header_ == nil { 7527 c.header_ = make(http.Header) 7528 } 7529 return c.header_ 7530} 7531 7532func (c *ProjectsRolesPatchCall) doRequest(alt string) (*http.Response, error) { 7533 reqHeaders := make(http.Header) 7534 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 7535 for k, v := range c.header_ { 7536 reqHeaders[k] = v 7537 } 7538 reqHeaders.Set("User-Agent", c.s.userAgent()) 7539 var body io.Reader = nil 7540 body, err := googleapi.WithoutDataWrapper.JSONReader(c.role) 7541 if err != nil { 7542 return nil, err 7543 } 7544 reqHeaders.Set("Content-Type", "application/json") 7545 c.urlParams_.Set("alt", alt) 7546 c.urlParams_.Set("prettyPrint", "false") 7547 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 7548 urls += "?" + c.urlParams_.Encode() 7549 req, err := http.NewRequest("PATCH", urls, body) 7550 if err != nil { 7551 return nil, err 7552 } 7553 req.Header = reqHeaders 7554 googleapi.Expand(req.URL, map[string]string{ 7555 "name": c.name, 7556 }) 7557 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7558} 7559 7560// Do executes the "iam.projects.roles.patch" call. 7561// Exactly one of *Role or error will be non-nil. Any non-2xx status 7562// code is an error. Response headers are in either 7563// *Role.ServerResponse.Header or (if a response was returned at all) in 7564// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 7565// whether the returned error was because http.StatusNotModified was 7566// returned. 7567func (c *ProjectsRolesPatchCall) Do(opts ...googleapi.CallOption) (*Role, error) { 7568 gensupport.SetOptions(c.urlParams_, opts...) 7569 res, err := c.doRequest("json") 7570 if res != nil && res.StatusCode == http.StatusNotModified { 7571 if res.Body != nil { 7572 res.Body.Close() 7573 } 7574 return nil, &googleapi.Error{ 7575 Code: res.StatusCode, 7576 Header: res.Header, 7577 } 7578 } 7579 if err != nil { 7580 return nil, err 7581 } 7582 defer googleapi.CloseBody(res) 7583 if err := googleapi.CheckResponse(res); err != nil { 7584 return nil, err 7585 } 7586 ret := &Role{ 7587 ServerResponse: googleapi.ServerResponse{ 7588 Header: res.Header, 7589 HTTPStatusCode: res.StatusCode, 7590 }, 7591 } 7592 target := &ret 7593 if err := gensupport.DecodeResponse(target, res); err != nil { 7594 return nil, err 7595 } 7596 return ret, nil 7597 // { 7598 // "description": "Updates the definition of a custom Role.", 7599 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 7600 // "httpMethod": "PATCH", 7601 // "id": "iam.projects.roles.patch", 7602 // "parameterOrder": [ 7603 // "name" 7604 // ], 7605 // "parameters": { 7606 // "name": { 7607 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.patch()`](/iam/reference/rest/v1/projects.roles/patch): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.patch()`](/iam/reference/rest/v1/organizations.roles/patch): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 7608 // "location": "path", 7609 // "pattern": "^projects/[^/]+/roles/[^/]+$", 7610 // "required": true, 7611 // "type": "string" 7612 // }, 7613 // "updateMask": { 7614 // "description": "A mask describing which fields in the Role have changed.", 7615 // "format": "google-fieldmask", 7616 // "location": "query", 7617 // "type": "string" 7618 // } 7619 // }, 7620 // "path": "v1/{+name}", 7621 // "request": { 7622 // "$ref": "Role" 7623 // }, 7624 // "response": { 7625 // "$ref": "Role" 7626 // }, 7627 // "scopes": [ 7628 // "https://www.googleapis.com/auth/cloud-platform" 7629 // ] 7630 // } 7631 7632} 7633 7634// method id "iam.projects.roles.undelete": 7635 7636type ProjectsRolesUndeleteCall struct { 7637 s *Service 7638 name string 7639 undeleterolerequest *UndeleteRoleRequest 7640 urlParams_ gensupport.URLParams 7641 ctx_ context.Context 7642 header_ http.Header 7643} 7644 7645// Undelete: Undeletes a custom Role. 7646// 7647// - name: The `name` parameter's value depends on the target resource 7648// for the request, namely `projects` 7649// (/iam/reference/rest/v1/projects.roles) or `organizations` 7650// (/iam/reference/rest/v1/organizations.roles). Each resource type's 7651// `name` value format is described below: * 7652// `projects.roles.undelete()` 7653// (/iam/reference/rest/v1/projects.roles/undelete): 7654// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method 7655// undeletes only custom roles (/iam/docs/understanding-custom-roles) 7656// that have been created at the project level. Example request URL: 7657// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 7658// OLE_ID}` * `organizations.roles.undelete()` 7659// (/iam/reference/rest/v1/organizations.roles/undelete): 7660// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 7661// method undeletes only custom roles 7662// (/iam/docs/understanding-custom-roles) that have been created at 7663// the organization level. Example request URL: 7664// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 7665// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 7666// specify a complete project ID or organization ID. 7667func (r *ProjectsRolesService) Undelete(name string, undeleterolerequest *UndeleteRoleRequest) *ProjectsRolesUndeleteCall { 7668 c := &ProjectsRolesUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7669 c.name = name 7670 c.undeleterolerequest = undeleterolerequest 7671 return c 7672} 7673 7674// Fields allows partial responses to be retrieved. See 7675// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7676// for more information. 7677func (c *ProjectsRolesUndeleteCall) Fields(s ...googleapi.Field) *ProjectsRolesUndeleteCall { 7678 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7679 return c 7680} 7681 7682// Context sets the context to be used in this call's Do method. Any 7683// pending HTTP request will be aborted if the provided context is 7684// canceled. 7685func (c *ProjectsRolesUndeleteCall) Context(ctx context.Context) *ProjectsRolesUndeleteCall { 7686 c.ctx_ = ctx 7687 return c 7688} 7689 7690// Header returns an http.Header that can be modified by the caller to 7691// add HTTP headers to the request. 7692func (c *ProjectsRolesUndeleteCall) Header() http.Header { 7693 if c.header_ == nil { 7694 c.header_ = make(http.Header) 7695 } 7696 return c.header_ 7697} 7698 7699func (c *ProjectsRolesUndeleteCall) doRequest(alt string) (*http.Response, error) { 7700 reqHeaders := make(http.Header) 7701 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 7702 for k, v := range c.header_ { 7703 reqHeaders[k] = v 7704 } 7705 reqHeaders.Set("User-Agent", c.s.userAgent()) 7706 var body io.Reader = nil 7707 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleterolerequest) 7708 if err != nil { 7709 return nil, err 7710 } 7711 reqHeaders.Set("Content-Type", "application/json") 7712 c.urlParams_.Set("alt", alt) 7713 c.urlParams_.Set("prettyPrint", "false") 7714 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 7715 urls += "?" + c.urlParams_.Encode() 7716 req, err := http.NewRequest("POST", urls, body) 7717 if err != nil { 7718 return nil, err 7719 } 7720 req.Header = reqHeaders 7721 googleapi.Expand(req.URL, map[string]string{ 7722 "name": c.name, 7723 }) 7724 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7725} 7726 7727// Do executes the "iam.projects.roles.undelete" call. 7728// Exactly one of *Role or error will be non-nil. Any non-2xx status 7729// code is an error. Response headers are in either 7730// *Role.ServerResponse.Header or (if a response was returned at all) in 7731// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 7732// whether the returned error was because http.StatusNotModified was 7733// returned. 7734func (c *ProjectsRolesUndeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 7735 gensupport.SetOptions(c.urlParams_, opts...) 7736 res, err := c.doRequest("json") 7737 if res != nil && res.StatusCode == http.StatusNotModified { 7738 if res.Body != nil { 7739 res.Body.Close() 7740 } 7741 return nil, &googleapi.Error{ 7742 Code: res.StatusCode, 7743 Header: res.Header, 7744 } 7745 } 7746 if err != nil { 7747 return nil, err 7748 } 7749 defer googleapi.CloseBody(res) 7750 if err := googleapi.CheckResponse(res); err != nil { 7751 return nil, err 7752 } 7753 ret := &Role{ 7754 ServerResponse: googleapi.ServerResponse{ 7755 Header: res.Header, 7756 HTTPStatusCode: res.StatusCode, 7757 }, 7758 } 7759 target := &ret 7760 if err := gensupport.DecodeResponse(target, res); err != nil { 7761 return nil, err 7762 } 7763 return ret, nil 7764 // { 7765 // "description": "Undeletes a custom Role.", 7766 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}:undelete", 7767 // "httpMethod": "POST", 7768 // "id": "iam.projects.roles.undelete", 7769 // "parameterOrder": [ 7770 // "name" 7771 // ], 7772 // "parameters": { 7773 // "name": { 7774 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`projects`](/iam/reference/rest/v1/projects.roles) or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`projects.roles.undelete()`](/iam/reference/rest/v1/projects.roles/undelete): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.undelete()`](/iam/reference/rest/v1/organizations.roles/undelete): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 7775 // "location": "path", 7776 // "pattern": "^projects/[^/]+/roles/[^/]+$", 7777 // "required": true, 7778 // "type": "string" 7779 // } 7780 // }, 7781 // "path": "v1/{+name}:undelete", 7782 // "request": { 7783 // "$ref": "UndeleteRoleRequest" 7784 // }, 7785 // "response": { 7786 // "$ref": "Role" 7787 // }, 7788 // "scopes": [ 7789 // "https://www.googleapis.com/auth/cloud-platform" 7790 // ] 7791 // } 7792 7793} 7794 7795// method id "iam.projects.serviceAccounts.create": 7796 7797type ProjectsServiceAccountsCreateCall struct { 7798 s *Service 7799 name string 7800 createserviceaccountrequest *CreateServiceAccountRequest 7801 urlParams_ gensupport.URLParams 7802 ctx_ context.Context 7803 header_ http.Header 7804} 7805 7806// Create: Creates a ServiceAccount. 7807// 7808// - name: The resource name of the project associated with the service 7809// accounts, such as `projects/my-project-123`. 7810func (r *ProjectsServiceAccountsService) Create(name string, createserviceaccountrequest *CreateServiceAccountRequest) *ProjectsServiceAccountsCreateCall { 7811 c := &ProjectsServiceAccountsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7812 c.name = name 7813 c.createserviceaccountrequest = createserviceaccountrequest 7814 return c 7815} 7816 7817// Fields allows partial responses to be retrieved. See 7818// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7819// for more information. 7820func (c *ProjectsServiceAccountsCreateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsCreateCall { 7821 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7822 return c 7823} 7824 7825// Context sets the context to be used in this call's Do method. Any 7826// pending HTTP request will be aborted if the provided context is 7827// canceled. 7828func (c *ProjectsServiceAccountsCreateCall) Context(ctx context.Context) *ProjectsServiceAccountsCreateCall { 7829 c.ctx_ = ctx 7830 return c 7831} 7832 7833// Header returns an http.Header that can be modified by the caller to 7834// add HTTP headers to the request. 7835func (c *ProjectsServiceAccountsCreateCall) Header() http.Header { 7836 if c.header_ == nil { 7837 c.header_ = make(http.Header) 7838 } 7839 return c.header_ 7840} 7841 7842func (c *ProjectsServiceAccountsCreateCall) doRequest(alt string) (*http.Response, error) { 7843 reqHeaders := make(http.Header) 7844 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 7845 for k, v := range c.header_ { 7846 reqHeaders[k] = v 7847 } 7848 reqHeaders.Set("User-Agent", c.s.userAgent()) 7849 var body io.Reader = nil 7850 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createserviceaccountrequest) 7851 if err != nil { 7852 return nil, err 7853 } 7854 reqHeaders.Set("Content-Type", "application/json") 7855 c.urlParams_.Set("alt", alt) 7856 c.urlParams_.Set("prettyPrint", "false") 7857 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/serviceAccounts") 7858 urls += "?" + c.urlParams_.Encode() 7859 req, err := http.NewRequest("POST", urls, body) 7860 if err != nil { 7861 return nil, err 7862 } 7863 req.Header = reqHeaders 7864 googleapi.Expand(req.URL, map[string]string{ 7865 "name": c.name, 7866 }) 7867 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7868} 7869 7870// Do executes the "iam.projects.serviceAccounts.create" call. 7871// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 7872// status code is an error. Response headers are in either 7873// *ServiceAccount.ServerResponse.Header or (if a response was returned 7874// at all) in error.(*googleapi.Error).Header. Use 7875// googleapi.IsNotModified to check whether the returned error was 7876// because http.StatusNotModified was returned. 7877func (c *ProjectsServiceAccountsCreateCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 7878 gensupport.SetOptions(c.urlParams_, opts...) 7879 res, err := c.doRequest("json") 7880 if res != nil && res.StatusCode == http.StatusNotModified { 7881 if res.Body != nil { 7882 res.Body.Close() 7883 } 7884 return nil, &googleapi.Error{ 7885 Code: res.StatusCode, 7886 Header: res.Header, 7887 } 7888 } 7889 if err != nil { 7890 return nil, err 7891 } 7892 defer googleapi.CloseBody(res) 7893 if err := googleapi.CheckResponse(res); err != nil { 7894 return nil, err 7895 } 7896 ret := &ServiceAccount{ 7897 ServerResponse: googleapi.ServerResponse{ 7898 Header: res.Header, 7899 HTTPStatusCode: res.StatusCode, 7900 }, 7901 } 7902 target := &ret 7903 if err := gensupport.DecodeResponse(target, res); err != nil { 7904 return nil, err 7905 } 7906 return ret, nil 7907 // { 7908 // "description": "Creates a ServiceAccount.", 7909 // "flatPath": "v1/projects/{projectsId}/serviceAccounts", 7910 // "httpMethod": "POST", 7911 // "id": "iam.projects.serviceAccounts.create", 7912 // "parameterOrder": [ 7913 // "name" 7914 // ], 7915 // "parameters": { 7916 // "name": { 7917 // "description": "Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.", 7918 // "location": "path", 7919 // "pattern": "^projects/[^/]+$", 7920 // "required": true, 7921 // "type": "string" 7922 // } 7923 // }, 7924 // "path": "v1/{+name}/serviceAccounts", 7925 // "request": { 7926 // "$ref": "CreateServiceAccountRequest" 7927 // }, 7928 // "response": { 7929 // "$ref": "ServiceAccount" 7930 // }, 7931 // "scopes": [ 7932 // "https://www.googleapis.com/auth/cloud-platform" 7933 // ] 7934 // } 7935 7936} 7937 7938// method id "iam.projects.serviceAccounts.delete": 7939 7940type ProjectsServiceAccountsDeleteCall struct { 7941 s *Service 7942 name string 7943 urlParams_ gensupport.URLParams 7944 ctx_ context.Context 7945 header_ http.Header 7946} 7947 7948// Delete: Deletes a ServiceAccount. **Warning:** After you delete a 7949// service account, you might not be able to undelete it. If you know 7950// that you need to re-enable the service account in the future, use 7951// DisableServiceAccount instead. If you delete a service account, IAM 7952// permanently removes the service account 30 days later. Google Cloud 7953// cannot recover the service account after it is permanently removed, 7954// even if you file a support request. To help avoid unplanned outages, 7955// we recommend that you disable the service account before you delete 7956// it. Use DisableServiceAccount to disable the service account, then 7957// wait at least 24 hours and watch for unintended consequences. If 7958// there are no unintended consequences, you can delete the service 7959// account. 7960// 7961// - name: The resource name of the service account in the following 7962// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 7963// `-` as a wildcard for the `PROJECT_ID` will infer the project from 7964// the account. The `ACCOUNT` value can be the `email` address or the 7965// `unique_id` of the service account. 7966func (r *ProjectsServiceAccountsService) Delete(name string) *ProjectsServiceAccountsDeleteCall { 7967 c := &ProjectsServiceAccountsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7968 c.name = name 7969 return c 7970} 7971 7972// Fields allows partial responses to be retrieved. See 7973// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7974// for more information. 7975func (c *ProjectsServiceAccountsDeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsDeleteCall { 7976 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7977 return c 7978} 7979 7980// Context sets the context to be used in this call's Do method. Any 7981// pending HTTP request will be aborted if the provided context is 7982// canceled. 7983func (c *ProjectsServiceAccountsDeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsDeleteCall { 7984 c.ctx_ = ctx 7985 return c 7986} 7987 7988// Header returns an http.Header that can be modified by the caller to 7989// add HTTP headers to the request. 7990func (c *ProjectsServiceAccountsDeleteCall) Header() http.Header { 7991 if c.header_ == nil { 7992 c.header_ = make(http.Header) 7993 } 7994 return c.header_ 7995} 7996 7997func (c *ProjectsServiceAccountsDeleteCall) doRequest(alt string) (*http.Response, error) { 7998 reqHeaders := make(http.Header) 7999 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 8000 for k, v := range c.header_ { 8001 reqHeaders[k] = v 8002 } 8003 reqHeaders.Set("User-Agent", c.s.userAgent()) 8004 var body io.Reader = nil 8005 c.urlParams_.Set("alt", alt) 8006 c.urlParams_.Set("prettyPrint", "false") 8007 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 8008 urls += "?" + c.urlParams_.Encode() 8009 req, err := http.NewRequest("DELETE", urls, body) 8010 if err != nil { 8011 return nil, err 8012 } 8013 req.Header = reqHeaders 8014 googleapi.Expand(req.URL, map[string]string{ 8015 "name": c.name, 8016 }) 8017 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8018} 8019 8020// Do executes the "iam.projects.serviceAccounts.delete" call. 8021// Exactly one of *Empty or error will be non-nil. Any non-2xx status 8022// code is an error. Response headers are in either 8023// *Empty.ServerResponse.Header or (if a response was returned at all) 8024// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 8025// check whether the returned error was because http.StatusNotModified 8026// was returned. 8027func (c *ProjectsServiceAccountsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 8028 gensupport.SetOptions(c.urlParams_, opts...) 8029 res, err := c.doRequest("json") 8030 if res != nil && res.StatusCode == http.StatusNotModified { 8031 if res.Body != nil { 8032 res.Body.Close() 8033 } 8034 return nil, &googleapi.Error{ 8035 Code: res.StatusCode, 8036 Header: res.Header, 8037 } 8038 } 8039 if err != nil { 8040 return nil, err 8041 } 8042 defer googleapi.CloseBody(res) 8043 if err := googleapi.CheckResponse(res); err != nil { 8044 return nil, err 8045 } 8046 ret := &Empty{ 8047 ServerResponse: googleapi.ServerResponse{ 8048 Header: res.Header, 8049 HTTPStatusCode: res.StatusCode, 8050 }, 8051 } 8052 target := &ret 8053 if err := gensupport.DecodeResponse(target, res); err != nil { 8054 return nil, err 8055 } 8056 return ret, nil 8057 // { 8058 // "description": "Deletes a ServiceAccount. **Warning:** After you delete a service account, you might not be able to undelete it. If you know that you need to re-enable the service account in the future, use DisableServiceAccount instead. If you delete a service account, IAM permanently removes the service account 30 days later. Google Cloud cannot recover the service account after it is permanently removed, even if you file a support request. To help avoid unplanned outages, we recommend that you disable the service account before you delete it. Use DisableServiceAccount to disable the service account, then wait at least 24 hours and watch for unintended consequences. If there are no unintended consequences, you can delete the service account.", 8059 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 8060 // "httpMethod": "DELETE", 8061 // "id": "iam.projects.serviceAccounts.delete", 8062 // "parameterOrder": [ 8063 // "name" 8064 // ], 8065 // "parameters": { 8066 // "name": { 8067 // "description": "Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 8068 // "location": "path", 8069 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8070 // "required": true, 8071 // "type": "string" 8072 // } 8073 // }, 8074 // "path": "v1/{+name}", 8075 // "response": { 8076 // "$ref": "Empty" 8077 // }, 8078 // "scopes": [ 8079 // "https://www.googleapis.com/auth/cloud-platform" 8080 // ] 8081 // } 8082 8083} 8084 8085// method id "iam.projects.serviceAccounts.disable": 8086 8087type ProjectsServiceAccountsDisableCall struct { 8088 s *Service 8089 name string 8090 disableserviceaccountrequest *DisableServiceAccountRequest 8091 urlParams_ gensupport.URLParams 8092 ctx_ context.Context 8093 header_ http.Header 8094} 8095 8096// Disable: Disables a ServiceAccount immediately. If an application 8097// uses the service account to authenticate, that application can no 8098// longer call Google APIs or access Google Cloud resources. Existing 8099// access tokens for the service account are rejected, and requests for 8100// new access tokens will fail. To re-enable the service account, use 8101// EnableServiceAccount. After you re-enable the service account, its 8102// existing access tokens will be accepted, and you can request new 8103// access tokens. To help avoid unplanned outages, we recommend that you 8104// disable the service account before you delete it. Use this method to 8105// disable the service account, then wait at least 24 hours and watch 8106// for unintended consequences. If there are no unintended consequences, 8107// you can delete the service account with DeleteServiceAccount. 8108// 8109// - name: The resource name of the service account in the following 8110// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 8111// `-` as a wildcard for the `PROJECT_ID` will infer the project from 8112// the account. The `ACCOUNT` value can be the `email` address or the 8113// `unique_id` of the service account. 8114func (r *ProjectsServiceAccountsService) Disable(name string, disableserviceaccountrequest *DisableServiceAccountRequest) *ProjectsServiceAccountsDisableCall { 8115 c := &ProjectsServiceAccountsDisableCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8116 c.name = name 8117 c.disableserviceaccountrequest = disableserviceaccountrequest 8118 return c 8119} 8120 8121// Fields allows partial responses to be retrieved. See 8122// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8123// for more information. 8124func (c *ProjectsServiceAccountsDisableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsDisableCall { 8125 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8126 return c 8127} 8128 8129// Context sets the context to be used in this call's Do method. Any 8130// pending HTTP request will be aborted if the provided context is 8131// canceled. 8132func (c *ProjectsServiceAccountsDisableCall) Context(ctx context.Context) *ProjectsServiceAccountsDisableCall { 8133 c.ctx_ = ctx 8134 return c 8135} 8136 8137// Header returns an http.Header that can be modified by the caller to 8138// add HTTP headers to the request. 8139func (c *ProjectsServiceAccountsDisableCall) Header() http.Header { 8140 if c.header_ == nil { 8141 c.header_ = make(http.Header) 8142 } 8143 return c.header_ 8144} 8145 8146func (c *ProjectsServiceAccountsDisableCall) doRequest(alt string) (*http.Response, error) { 8147 reqHeaders := make(http.Header) 8148 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 8149 for k, v := range c.header_ { 8150 reqHeaders[k] = v 8151 } 8152 reqHeaders.Set("User-Agent", c.s.userAgent()) 8153 var body io.Reader = nil 8154 body, err := googleapi.WithoutDataWrapper.JSONReader(c.disableserviceaccountrequest) 8155 if err != nil { 8156 return nil, err 8157 } 8158 reqHeaders.Set("Content-Type", "application/json") 8159 c.urlParams_.Set("alt", alt) 8160 c.urlParams_.Set("prettyPrint", "false") 8161 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:disable") 8162 urls += "?" + c.urlParams_.Encode() 8163 req, err := http.NewRequest("POST", urls, body) 8164 if err != nil { 8165 return nil, err 8166 } 8167 req.Header = reqHeaders 8168 googleapi.Expand(req.URL, map[string]string{ 8169 "name": c.name, 8170 }) 8171 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8172} 8173 8174// Do executes the "iam.projects.serviceAccounts.disable" call. 8175// Exactly one of *Empty or error will be non-nil. Any non-2xx status 8176// code is an error. Response headers are in either 8177// *Empty.ServerResponse.Header or (if a response was returned at all) 8178// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 8179// check whether the returned error was because http.StatusNotModified 8180// was returned. 8181func (c *ProjectsServiceAccountsDisableCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 8182 gensupport.SetOptions(c.urlParams_, opts...) 8183 res, err := c.doRequest("json") 8184 if res != nil && res.StatusCode == http.StatusNotModified { 8185 if res.Body != nil { 8186 res.Body.Close() 8187 } 8188 return nil, &googleapi.Error{ 8189 Code: res.StatusCode, 8190 Header: res.Header, 8191 } 8192 } 8193 if err != nil { 8194 return nil, err 8195 } 8196 defer googleapi.CloseBody(res) 8197 if err := googleapi.CheckResponse(res); err != nil { 8198 return nil, err 8199 } 8200 ret := &Empty{ 8201 ServerResponse: googleapi.ServerResponse{ 8202 Header: res.Header, 8203 HTTPStatusCode: res.StatusCode, 8204 }, 8205 } 8206 target := &ret 8207 if err := gensupport.DecodeResponse(target, res); err != nil { 8208 return nil, err 8209 } 8210 return ret, nil 8211 // { 8212 // "description": "Disables a ServiceAccount immediately. If an application uses the service account to authenticate, that application can no longer call Google APIs or access Google Cloud resources. Existing access tokens for the service account are rejected, and requests for new access tokens will fail. To re-enable the service account, use EnableServiceAccount. After you re-enable the service account, its existing access tokens will be accepted, and you can request new access tokens. To help avoid unplanned outages, we recommend that you disable the service account before you delete it. Use this method to disable the service account, then wait at least 24 hours and watch for unintended consequences. If there are no unintended consequences, you can delete the service account with DeleteServiceAccount.", 8213 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:disable", 8214 // "httpMethod": "POST", 8215 // "id": "iam.projects.serviceAccounts.disable", 8216 // "parameterOrder": [ 8217 // "name" 8218 // ], 8219 // "parameters": { 8220 // "name": { 8221 // "description": "The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 8222 // "location": "path", 8223 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8224 // "required": true, 8225 // "type": "string" 8226 // } 8227 // }, 8228 // "path": "v1/{+name}:disable", 8229 // "request": { 8230 // "$ref": "DisableServiceAccountRequest" 8231 // }, 8232 // "response": { 8233 // "$ref": "Empty" 8234 // }, 8235 // "scopes": [ 8236 // "https://www.googleapis.com/auth/cloud-platform" 8237 // ] 8238 // } 8239 8240} 8241 8242// method id "iam.projects.serviceAccounts.enable": 8243 8244type ProjectsServiceAccountsEnableCall struct { 8245 s *Service 8246 name string 8247 enableserviceaccountrequest *EnableServiceAccountRequest 8248 urlParams_ gensupport.URLParams 8249 ctx_ context.Context 8250 header_ http.Header 8251} 8252 8253// Enable: Enables a ServiceAccount that was disabled by 8254// DisableServiceAccount. If the service account is already enabled, 8255// then this method has no effect. If the service account was disabled 8256// by other means—for example, if Google disabled the service account 8257// because it was compromised—you cannot use this method to enable the 8258// service account. 8259// 8260// - name: The resource name of the service account in the following 8261// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 8262// `-` as a wildcard for the `PROJECT_ID` will infer the project from 8263// the account. The `ACCOUNT` value can be the `email` address or the 8264// `unique_id` of the service account. 8265func (r *ProjectsServiceAccountsService) Enable(name string, enableserviceaccountrequest *EnableServiceAccountRequest) *ProjectsServiceAccountsEnableCall { 8266 c := &ProjectsServiceAccountsEnableCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8267 c.name = name 8268 c.enableserviceaccountrequest = enableserviceaccountrequest 8269 return c 8270} 8271 8272// Fields allows partial responses to be retrieved. See 8273// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8274// for more information. 8275func (c *ProjectsServiceAccountsEnableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsEnableCall { 8276 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8277 return c 8278} 8279 8280// Context sets the context to be used in this call's Do method. Any 8281// pending HTTP request will be aborted if the provided context is 8282// canceled. 8283func (c *ProjectsServiceAccountsEnableCall) Context(ctx context.Context) *ProjectsServiceAccountsEnableCall { 8284 c.ctx_ = ctx 8285 return c 8286} 8287 8288// Header returns an http.Header that can be modified by the caller to 8289// add HTTP headers to the request. 8290func (c *ProjectsServiceAccountsEnableCall) Header() http.Header { 8291 if c.header_ == nil { 8292 c.header_ = make(http.Header) 8293 } 8294 return c.header_ 8295} 8296 8297func (c *ProjectsServiceAccountsEnableCall) doRequest(alt string) (*http.Response, error) { 8298 reqHeaders := make(http.Header) 8299 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 8300 for k, v := range c.header_ { 8301 reqHeaders[k] = v 8302 } 8303 reqHeaders.Set("User-Agent", c.s.userAgent()) 8304 var body io.Reader = nil 8305 body, err := googleapi.WithoutDataWrapper.JSONReader(c.enableserviceaccountrequest) 8306 if err != nil { 8307 return nil, err 8308 } 8309 reqHeaders.Set("Content-Type", "application/json") 8310 c.urlParams_.Set("alt", alt) 8311 c.urlParams_.Set("prettyPrint", "false") 8312 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:enable") 8313 urls += "?" + c.urlParams_.Encode() 8314 req, err := http.NewRequest("POST", urls, body) 8315 if err != nil { 8316 return nil, err 8317 } 8318 req.Header = reqHeaders 8319 googleapi.Expand(req.URL, map[string]string{ 8320 "name": c.name, 8321 }) 8322 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8323} 8324 8325// Do executes the "iam.projects.serviceAccounts.enable" call. 8326// Exactly one of *Empty or error will be non-nil. Any non-2xx status 8327// code is an error. Response headers are in either 8328// *Empty.ServerResponse.Header or (if a response was returned at all) 8329// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 8330// check whether the returned error was because http.StatusNotModified 8331// was returned. 8332func (c *ProjectsServiceAccountsEnableCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 8333 gensupport.SetOptions(c.urlParams_, opts...) 8334 res, err := c.doRequest("json") 8335 if res != nil && res.StatusCode == http.StatusNotModified { 8336 if res.Body != nil { 8337 res.Body.Close() 8338 } 8339 return nil, &googleapi.Error{ 8340 Code: res.StatusCode, 8341 Header: res.Header, 8342 } 8343 } 8344 if err != nil { 8345 return nil, err 8346 } 8347 defer googleapi.CloseBody(res) 8348 if err := googleapi.CheckResponse(res); err != nil { 8349 return nil, err 8350 } 8351 ret := &Empty{ 8352 ServerResponse: googleapi.ServerResponse{ 8353 Header: res.Header, 8354 HTTPStatusCode: res.StatusCode, 8355 }, 8356 } 8357 target := &ret 8358 if err := gensupport.DecodeResponse(target, res); err != nil { 8359 return nil, err 8360 } 8361 return ret, nil 8362 // { 8363 // "description": "Enables a ServiceAccount that was disabled by DisableServiceAccount. If the service account is already enabled, then this method has no effect. If the service account was disabled by other means—for example, if Google disabled the service account because it was compromised—you cannot use this method to enable the service account.", 8364 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:enable", 8365 // "httpMethod": "POST", 8366 // "id": "iam.projects.serviceAccounts.enable", 8367 // "parameterOrder": [ 8368 // "name" 8369 // ], 8370 // "parameters": { 8371 // "name": { 8372 // "description": "The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 8373 // "location": "path", 8374 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8375 // "required": true, 8376 // "type": "string" 8377 // } 8378 // }, 8379 // "path": "v1/{+name}:enable", 8380 // "request": { 8381 // "$ref": "EnableServiceAccountRequest" 8382 // }, 8383 // "response": { 8384 // "$ref": "Empty" 8385 // }, 8386 // "scopes": [ 8387 // "https://www.googleapis.com/auth/cloud-platform" 8388 // ] 8389 // } 8390 8391} 8392 8393// method id "iam.projects.serviceAccounts.get": 8394 8395type ProjectsServiceAccountsGetCall struct { 8396 s *Service 8397 name string 8398 urlParams_ gensupport.URLParams 8399 ifNoneMatch_ string 8400 ctx_ context.Context 8401 header_ http.Header 8402} 8403 8404// Get: Gets a ServiceAccount. 8405// 8406// - name: The resource name of the service account in the following 8407// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 8408// `-` as a wildcard for the `PROJECT_ID` will infer the project from 8409// the account. The `ACCOUNT` value can be the `email` address or the 8410// `unique_id` of the service account. 8411func (r *ProjectsServiceAccountsService) Get(name string) *ProjectsServiceAccountsGetCall { 8412 c := &ProjectsServiceAccountsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8413 c.name = name 8414 return c 8415} 8416 8417// Fields allows partial responses to be retrieved. See 8418// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8419// for more information. 8420func (c *ProjectsServiceAccountsGetCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGetCall { 8421 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8422 return c 8423} 8424 8425// IfNoneMatch sets the optional parameter which makes the operation 8426// fail if the object's ETag matches the given value. This is useful for 8427// getting updates only after the object has changed since the last 8428// request. Use googleapi.IsNotModified to check whether the response 8429// error from Do is the result of In-None-Match. 8430func (c *ProjectsServiceAccountsGetCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsGetCall { 8431 c.ifNoneMatch_ = entityTag 8432 return c 8433} 8434 8435// Context sets the context to be used in this call's Do method. Any 8436// pending HTTP request will be aborted if the provided context is 8437// canceled. 8438func (c *ProjectsServiceAccountsGetCall) Context(ctx context.Context) *ProjectsServiceAccountsGetCall { 8439 c.ctx_ = ctx 8440 return c 8441} 8442 8443// Header returns an http.Header that can be modified by the caller to 8444// add HTTP headers to the request. 8445func (c *ProjectsServiceAccountsGetCall) Header() http.Header { 8446 if c.header_ == nil { 8447 c.header_ = make(http.Header) 8448 } 8449 return c.header_ 8450} 8451 8452func (c *ProjectsServiceAccountsGetCall) doRequest(alt string) (*http.Response, error) { 8453 reqHeaders := make(http.Header) 8454 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 8455 for k, v := range c.header_ { 8456 reqHeaders[k] = v 8457 } 8458 reqHeaders.Set("User-Agent", c.s.userAgent()) 8459 if c.ifNoneMatch_ != "" { 8460 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 8461 } 8462 var body io.Reader = nil 8463 c.urlParams_.Set("alt", alt) 8464 c.urlParams_.Set("prettyPrint", "false") 8465 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 8466 urls += "?" + c.urlParams_.Encode() 8467 req, err := http.NewRequest("GET", urls, body) 8468 if err != nil { 8469 return nil, err 8470 } 8471 req.Header = reqHeaders 8472 googleapi.Expand(req.URL, map[string]string{ 8473 "name": c.name, 8474 }) 8475 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8476} 8477 8478// Do executes the "iam.projects.serviceAccounts.get" call. 8479// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 8480// status code is an error. Response headers are in either 8481// *ServiceAccount.ServerResponse.Header or (if a response was returned 8482// at all) in error.(*googleapi.Error).Header. Use 8483// googleapi.IsNotModified to check whether the returned error was 8484// because http.StatusNotModified was returned. 8485func (c *ProjectsServiceAccountsGetCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 8486 gensupport.SetOptions(c.urlParams_, opts...) 8487 res, err := c.doRequest("json") 8488 if res != nil && res.StatusCode == http.StatusNotModified { 8489 if res.Body != nil { 8490 res.Body.Close() 8491 } 8492 return nil, &googleapi.Error{ 8493 Code: res.StatusCode, 8494 Header: res.Header, 8495 } 8496 } 8497 if err != nil { 8498 return nil, err 8499 } 8500 defer googleapi.CloseBody(res) 8501 if err := googleapi.CheckResponse(res); err != nil { 8502 return nil, err 8503 } 8504 ret := &ServiceAccount{ 8505 ServerResponse: googleapi.ServerResponse{ 8506 Header: res.Header, 8507 HTTPStatusCode: res.StatusCode, 8508 }, 8509 } 8510 target := &ret 8511 if err := gensupport.DecodeResponse(target, res); err != nil { 8512 return nil, err 8513 } 8514 return ret, nil 8515 // { 8516 // "description": "Gets a ServiceAccount.", 8517 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 8518 // "httpMethod": "GET", 8519 // "id": "iam.projects.serviceAccounts.get", 8520 // "parameterOrder": [ 8521 // "name" 8522 // ], 8523 // "parameters": { 8524 // "name": { 8525 // "description": "Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 8526 // "location": "path", 8527 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8528 // "required": true, 8529 // "type": "string" 8530 // } 8531 // }, 8532 // "path": "v1/{+name}", 8533 // "response": { 8534 // "$ref": "ServiceAccount" 8535 // }, 8536 // "scopes": [ 8537 // "https://www.googleapis.com/auth/cloud-platform" 8538 // ] 8539 // } 8540 8541} 8542 8543// method id "iam.projects.serviceAccounts.getIamPolicy": 8544 8545type ProjectsServiceAccountsGetIamPolicyCall struct { 8546 s *Service 8547 resource string 8548 urlParams_ gensupport.URLParams 8549 ctx_ context.Context 8550 header_ http.Header 8551} 8552 8553// GetIamPolicy: Gets the IAM policy that is attached to a 8554// ServiceAccount. This IAM policy specifies which principals have 8555// access to the service account. This method does not tell you whether 8556// the service account has been granted any roles on other resources. To 8557// check whether a service account has role grants on a resource, use 8558// the `getIamPolicy` method for that resource. For example, to view the 8559// role grants for a project, call the Resource Manager API's 8560// `projects.getIamPolicy` 8561// (https://cloud.google.com/resource-manager/reference/rest/v1/projects/getIamPolicy) 8562// method. 8563// 8564// - resource: REQUIRED: The resource for which the policy is being 8565// requested. See the operation documentation for the appropriate 8566// value for this field. 8567func (r *ProjectsServiceAccountsService) GetIamPolicy(resource string) *ProjectsServiceAccountsGetIamPolicyCall { 8568 c := &ProjectsServiceAccountsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8569 c.resource = resource 8570 return c 8571} 8572 8573// OptionsRequestedPolicyVersion sets the optional parameter 8574// "options.requestedPolicyVersion": The maximum policy version that 8575// will be used to format the policy. Valid values are 0, 1, and 3. 8576// Requests specifying an invalid value will be rejected. Requests for 8577// policies with any conditional role bindings must specify version 3. 8578// Policies with no conditional role bindings may specify any valid 8579// value or leave the field unset. The policy in the response might use 8580// the policy version that you specified, or it might use a lower policy 8581// version. For example, if you specify version 3, but the policy has no 8582// conditional role bindings, the response uses version 1. To learn 8583// which resources support conditions in their IAM policies, see the IAM 8584// documentation 8585// (https://cloud.google.com/iam/help/conditions/resource-policies). 8586func (c *ProjectsServiceAccountsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsServiceAccountsGetIamPolicyCall { 8587 c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) 8588 return c 8589} 8590 8591// Fields allows partial responses to be retrieved. See 8592// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8593// for more information. 8594func (c *ProjectsServiceAccountsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGetIamPolicyCall { 8595 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8596 return c 8597} 8598 8599// Context sets the context to be used in this call's Do method. Any 8600// pending HTTP request will be aborted if the provided context is 8601// canceled. 8602func (c *ProjectsServiceAccountsGetIamPolicyCall) Context(ctx context.Context) *ProjectsServiceAccountsGetIamPolicyCall { 8603 c.ctx_ = ctx 8604 return c 8605} 8606 8607// Header returns an http.Header that can be modified by the caller to 8608// add HTTP headers to the request. 8609func (c *ProjectsServiceAccountsGetIamPolicyCall) Header() http.Header { 8610 if c.header_ == nil { 8611 c.header_ = make(http.Header) 8612 } 8613 return c.header_ 8614} 8615 8616func (c *ProjectsServiceAccountsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { 8617 reqHeaders := make(http.Header) 8618 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 8619 for k, v := range c.header_ { 8620 reqHeaders[k] = v 8621 } 8622 reqHeaders.Set("User-Agent", c.s.userAgent()) 8623 var body io.Reader = nil 8624 c.urlParams_.Set("alt", alt) 8625 c.urlParams_.Set("prettyPrint", "false") 8626 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy") 8627 urls += "?" + c.urlParams_.Encode() 8628 req, err := http.NewRequest("POST", urls, body) 8629 if err != nil { 8630 return nil, err 8631 } 8632 req.Header = reqHeaders 8633 googleapi.Expand(req.URL, map[string]string{ 8634 "resource": c.resource, 8635 }) 8636 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8637} 8638 8639// Do executes the "iam.projects.serviceAccounts.getIamPolicy" call. 8640// Exactly one of *Policy or error will be non-nil. Any non-2xx status 8641// code is an error. Response headers are in either 8642// *Policy.ServerResponse.Header or (if a response was returned at all) 8643// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 8644// check whether the returned error was because http.StatusNotModified 8645// was returned. 8646func (c *ProjectsServiceAccountsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { 8647 gensupport.SetOptions(c.urlParams_, opts...) 8648 res, err := c.doRequest("json") 8649 if res != nil && res.StatusCode == http.StatusNotModified { 8650 if res.Body != nil { 8651 res.Body.Close() 8652 } 8653 return nil, &googleapi.Error{ 8654 Code: res.StatusCode, 8655 Header: res.Header, 8656 } 8657 } 8658 if err != nil { 8659 return nil, err 8660 } 8661 defer googleapi.CloseBody(res) 8662 if err := googleapi.CheckResponse(res); err != nil { 8663 return nil, err 8664 } 8665 ret := &Policy{ 8666 ServerResponse: googleapi.ServerResponse{ 8667 Header: res.Header, 8668 HTTPStatusCode: res.StatusCode, 8669 }, 8670 } 8671 target := &ret 8672 if err := gensupport.DecodeResponse(target, res); err != nil { 8673 return nil, err 8674 } 8675 return ret, nil 8676 // { 8677 // "description": "Gets the IAM policy that is attached to a ServiceAccount. This IAM policy specifies which principals have access to the service account. This method does not tell you whether the service account has been granted any roles on other resources. To check whether a service account has role grants on a resource, use the `getIamPolicy` method for that resource. For example, to view the role grants for a project, call the Resource Manager API's [`projects.getIamPolicy`](https://cloud.google.com/resource-manager/reference/rest/v1/projects/getIamPolicy) method.", 8678 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:getIamPolicy", 8679 // "httpMethod": "POST", 8680 // "id": "iam.projects.serviceAccounts.getIamPolicy", 8681 // "parameterOrder": [ 8682 // "resource" 8683 // ], 8684 // "parameters": { 8685 // "options.requestedPolicyVersion": { 8686 // "description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", 8687 // "format": "int32", 8688 // "location": "query", 8689 // "type": "integer" 8690 // }, 8691 // "resource": { 8692 // "description": "REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.", 8693 // "location": "path", 8694 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 8695 // "required": true, 8696 // "type": "string" 8697 // } 8698 // }, 8699 // "path": "v1/{+resource}:getIamPolicy", 8700 // "response": { 8701 // "$ref": "Policy" 8702 // }, 8703 // "scopes": [ 8704 // "https://www.googleapis.com/auth/cloud-platform" 8705 // ] 8706 // } 8707 8708} 8709 8710// method id "iam.projects.serviceAccounts.list": 8711 8712type ProjectsServiceAccountsListCall struct { 8713 s *Service 8714 name string 8715 urlParams_ gensupport.URLParams 8716 ifNoneMatch_ string 8717 ctx_ context.Context 8718 header_ http.Header 8719} 8720 8721// List: Lists every ServiceAccount that belongs to a specific project. 8722// 8723// - name: The resource name of the project associated with the service 8724// accounts, such as `projects/my-project-123`. 8725func (r *ProjectsServiceAccountsService) List(name string) *ProjectsServiceAccountsListCall { 8726 c := &ProjectsServiceAccountsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8727 c.name = name 8728 return c 8729} 8730 8731// PageSize sets the optional parameter "pageSize": Optional limit on 8732// the number of service accounts to include in the response. Further 8733// accounts can subsequently be obtained by including the 8734// ListServiceAccountsResponse.next_page_token in a subsequent request. 8735// The default is 20, and the maximum is 100. 8736func (c *ProjectsServiceAccountsListCall) PageSize(pageSize int64) *ProjectsServiceAccountsListCall { 8737 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 8738 return c 8739} 8740 8741// PageToken sets the optional parameter "pageToken": Optional 8742// pagination token returned in an earlier 8743// ListServiceAccountsResponse.next_page_token. 8744func (c *ProjectsServiceAccountsListCall) PageToken(pageToken string) *ProjectsServiceAccountsListCall { 8745 c.urlParams_.Set("pageToken", pageToken) 8746 return c 8747} 8748 8749// Fields allows partial responses to be retrieved. See 8750// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8751// for more information. 8752func (c *ProjectsServiceAccountsListCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsListCall { 8753 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8754 return c 8755} 8756 8757// IfNoneMatch sets the optional parameter which makes the operation 8758// fail if the object's ETag matches the given value. This is useful for 8759// getting updates only after the object has changed since the last 8760// request. Use googleapi.IsNotModified to check whether the response 8761// error from Do is the result of In-None-Match. 8762func (c *ProjectsServiceAccountsListCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsListCall { 8763 c.ifNoneMatch_ = entityTag 8764 return c 8765} 8766 8767// Context sets the context to be used in this call's Do method. Any 8768// pending HTTP request will be aborted if the provided context is 8769// canceled. 8770func (c *ProjectsServiceAccountsListCall) Context(ctx context.Context) *ProjectsServiceAccountsListCall { 8771 c.ctx_ = ctx 8772 return c 8773} 8774 8775// Header returns an http.Header that can be modified by the caller to 8776// add HTTP headers to the request. 8777func (c *ProjectsServiceAccountsListCall) Header() http.Header { 8778 if c.header_ == nil { 8779 c.header_ = make(http.Header) 8780 } 8781 return c.header_ 8782} 8783 8784func (c *ProjectsServiceAccountsListCall) doRequest(alt string) (*http.Response, error) { 8785 reqHeaders := make(http.Header) 8786 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 8787 for k, v := range c.header_ { 8788 reqHeaders[k] = v 8789 } 8790 reqHeaders.Set("User-Agent", c.s.userAgent()) 8791 if c.ifNoneMatch_ != "" { 8792 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 8793 } 8794 var body io.Reader = nil 8795 c.urlParams_.Set("alt", alt) 8796 c.urlParams_.Set("prettyPrint", "false") 8797 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/serviceAccounts") 8798 urls += "?" + c.urlParams_.Encode() 8799 req, err := http.NewRequest("GET", urls, body) 8800 if err != nil { 8801 return nil, err 8802 } 8803 req.Header = reqHeaders 8804 googleapi.Expand(req.URL, map[string]string{ 8805 "name": c.name, 8806 }) 8807 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8808} 8809 8810// Do executes the "iam.projects.serviceAccounts.list" call. 8811// Exactly one of *ListServiceAccountsResponse or error will be non-nil. 8812// Any non-2xx status code is an error. Response headers are in either 8813// *ListServiceAccountsResponse.ServerResponse.Header or (if a response 8814// was returned at all) in error.(*googleapi.Error).Header. Use 8815// googleapi.IsNotModified to check whether the returned error was 8816// because http.StatusNotModified was returned. 8817func (c *ProjectsServiceAccountsListCall) Do(opts ...googleapi.CallOption) (*ListServiceAccountsResponse, error) { 8818 gensupport.SetOptions(c.urlParams_, opts...) 8819 res, err := c.doRequest("json") 8820 if res != nil && res.StatusCode == http.StatusNotModified { 8821 if res.Body != nil { 8822 res.Body.Close() 8823 } 8824 return nil, &googleapi.Error{ 8825 Code: res.StatusCode, 8826 Header: res.Header, 8827 } 8828 } 8829 if err != nil { 8830 return nil, err 8831 } 8832 defer googleapi.CloseBody(res) 8833 if err := googleapi.CheckResponse(res); err != nil { 8834 return nil, err 8835 } 8836 ret := &ListServiceAccountsResponse{ 8837 ServerResponse: googleapi.ServerResponse{ 8838 Header: res.Header, 8839 HTTPStatusCode: res.StatusCode, 8840 }, 8841 } 8842 target := &ret 8843 if err := gensupport.DecodeResponse(target, res); err != nil { 8844 return nil, err 8845 } 8846 return ret, nil 8847 // { 8848 // "description": "Lists every ServiceAccount that belongs to a specific project.", 8849 // "flatPath": "v1/projects/{projectsId}/serviceAccounts", 8850 // "httpMethod": "GET", 8851 // "id": "iam.projects.serviceAccounts.list", 8852 // "parameterOrder": [ 8853 // "name" 8854 // ], 8855 // "parameters": { 8856 // "name": { 8857 // "description": "Required. The resource name of the project associated with the service accounts, such as `projects/my-project-123`.", 8858 // "location": "path", 8859 // "pattern": "^projects/[^/]+$", 8860 // "required": true, 8861 // "type": "string" 8862 // }, 8863 // "pageSize": { 8864 // "description": "Optional limit on the number of service accounts to include in the response. Further accounts can subsequently be obtained by including the ListServiceAccountsResponse.next_page_token in a subsequent request. The default is 20, and the maximum is 100.", 8865 // "format": "int32", 8866 // "location": "query", 8867 // "type": "integer" 8868 // }, 8869 // "pageToken": { 8870 // "description": "Optional pagination token returned in an earlier ListServiceAccountsResponse.next_page_token.", 8871 // "location": "query", 8872 // "type": "string" 8873 // } 8874 // }, 8875 // "path": "v1/{+name}/serviceAccounts", 8876 // "response": { 8877 // "$ref": "ListServiceAccountsResponse" 8878 // }, 8879 // "scopes": [ 8880 // "https://www.googleapis.com/auth/cloud-platform" 8881 // ] 8882 // } 8883 8884} 8885 8886// Pages invokes f for each page of results. 8887// A non-nil error returned from f will halt the iteration. 8888// The provided context supersedes any context provided to the Context method. 8889func (c *ProjectsServiceAccountsListCall) Pages(ctx context.Context, f func(*ListServiceAccountsResponse) error) error { 8890 c.ctx_ = ctx 8891 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 8892 for { 8893 x, err := c.Do() 8894 if err != nil { 8895 return err 8896 } 8897 if err := f(x); err != nil { 8898 return err 8899 } 8900 if x.NextPageToken == "" { 8901 return nil 8902 } 8903 c.PageToken(x.NextPageToken) 8904 } 8905} 8906 8907// method id "iam.projects.serviceAccounts.patch": 8908 8909type ProjectsServiceAccountsPatchCall struct { 8910 s *Service 8911 name string 8912 patchserviceaccountrequest *PatchServiceAccountRequest 8913 urlParams_ gensupport.URLParams 8914 ctx_ context.Context 8915 header_ http.Header 8916} 8917 8918// Patch: Patches a ServiceAccount. 8919// 8920// - name: The resource name of the service account. Use one of the 8921// following formats: * 8922// `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * 8923// `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an 8924// alternative, you can use the `-` wildcard character instead of the 8925// project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * 8926// `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using 8927// the `-` wildcard character, because it can cause response messages 8928// to contain misleading error codes. For example, if you try to get 8929// the service account `projects/-/serviceAccounts/fake@example.com`, 8930// which does not exist, the response contains an HTTP `403 Forbidden` 8931// error instead of a `404 Not Found` error. 8932func (r *ProjectsServiceAccountsService) Patch(name string, patchserviceaccountrequest *PatchServiceAccountRequest) *ProjectsServiceAccountsPatchCall { 8933 c := &ProjectsServiceAccountsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8934 c.name = name 8935 c.patchserviceaccountrequest = patchserviceaccountrequest 8936 return c 8937} 8938 8939// Fields allows partial responses to be retrieved. See 8940// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8941// for more information. 8942func (c *ProjectsServiceAccountsPatchCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsPatchCall { 8943 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8944 return c 8945} 8946 8947// Context sets the context to be used in this call's Do method. Any 8948// pending HTTP request will be aborted if the provided context is 8949// canceled. 8950func (c *ProjectsServiceAccountsPatchCall) Context(ctx context.Context) *ProjectsServiceAccountsPatchCall { 8951 c.ctx_ = ctx 8952 return c 8953} 8954 8955// Header returns an http.Header that can be modified by the caller to 8956// add HTTP headers to the request. 8957func (c *ProjectsServiceAccountsPatchCall) Header() http.Header { 8958 if c.header_ == nil { 8959 c.header_ = make(http.Header) 8960 } 8961 return c.header_ 8962} 8963 8964func (c *ProjectsServiceAccountsPatchCall) doRequest(alt string) (*http.Response, error) { 8965 reqHeaders := make(http.Header) 8966 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 8967 for k, v := range c.header_ { 8968 reqHeaders[k] = v 8969 } 8970 reqHeaders.Set("User-Agent", c.s.userAgent()) 8971 var body io.Reader = nil 8972 body, err := googleapi.WithoutDataWrapper.JSONReader(c.patchserviceaccountrequest) 8973 if err != nil { 8974 return nil, err 8975 } 8976 reqHeaders.Set("Content-Type", "application/json") 8977 c.urlParams_.Set("alt", alt) 8978 c.urlParams_.Set("prettyPrint", "false") 8979 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 8980 urls += "?" + c.urlParams_.Encode() 8981 req, err := http.NewRequest("PATCH", urls, body) 8982 if err != nil { 8983 return nil, err 8984 } 8985 req.Header = reqHeaders 8986 googleapi.Expand(req.URL, map[string]string{ 8987 "name": c.name, 8988 }) 8989 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8990} 8991 8992// Do executes the "iam.projects.serviceAccounts.patch" call. 8993// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 8994// status code is an error. Response headers are in either 8995// *ServiceAccount.ServerResponse.Header or (if a response was returned 8996// at all) in error.(*googleapi.Error).Header. Use 8997// googleapi.IsNotModified to check whether the returned error was 8998// because http.StatusNotModified was returned. 8999func (c *ProjectsServiceAccountsPatchCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 9000 gensupport.SetOptions(c.urlParams_, opts...) 9001 res, err := c.doRequest("json") 9002 if res != nil && res.StatusCode == http.StatusNotModified { 9003 if res.Body != nil { 9004 res.Body.Close() 9005 } 9006 return nil, &googleapi.Error{ 9007 Code: res.StatusCode, 9008 Header: res.Header, 9009 } 9010 } 9011 if err != nil { 9012 return nil, err 9013 } 9014 defer googleapi.CloseBody(res) 9015 if err := googleapi.CheckResponse(res); err != nil { 9016 return nil, err 9017 } 9018 ret := &ServiceAccount{ 9019 ServerResponse: googleapi.ServerResponse{ 9020 Header: res.Header, 9021 HTTPStatusCode: res.StatusCode, 9022 }, 9023 } 9024 target := &ret 9025 if err := gensupport.DecodeResponse(target, res); err != nil { 9026 return nil, err 9027 } 9028 return ret, nil 9029 // { 9030 // "description": "Patches a ServiceAccount.", 9031 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 9032 // "httpMethod": "PATCH", 9033 // "id": "iam.projects.serviceAccounts.patch", 9034 // "parameterOrder": [ 9035 // "name" 9036 // ], 9037 // "parameters": { 9038 // "name": { 9039 // "description": "The resource name of the service account. Use one of the following formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you can use the `-` wildcard character instead of the project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the `-` wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to get the service account `projects/-/serviceAccounts/fake@example.com`, which does not exist, the response contains an HTTP `403 Forbidden` error instead of a `404 Not Found` error.", 9040 // "location": "path", 9041 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9042 // "required": true, 9043 // "type": "string" 9044 // } 9045 // }, 9046 // "path": "v1/{+name}", 9047 // "request": { 9048 // "$ref": "PatchServiceAccountRequest" 9049 // }, 9050 // "response": { 9051 // "$ref": "ServiceAccount" 9052 // }, 9053 // "scopes": [ 9054 // "https://www.googleapis.com/auth/cloud-platform" 9055 // ] 9056 // } 9057 9058} 9059 9060// method id "iam.projects.serviceAccounts.setIamPolicy": 9061 9062type ProjectsServiceAccountsSetIamPolicyCall struct { 9063 s *Service 9064 resource string 9065 setiampolicyrequest *SetIamPolicyRequest 9066 urlParams_ gensupport.URLParams 9067 ctx_ context.Context 9068 header_ http.Header 9069} 9070 9071// SetIamPolicy: Sets the IAM policy that is attached to a 9072// ServiceAccount. Use this method to grant or revoke access to the 9073// service account. For example, you could grant a principal the ability 9074// to impersonate the service account. This method does not enable the 9075// service account to access other resources. To grant roles to a 9076// service account on a resource, follow these steps: 1. Call the 9077// resource's `getIamPolicy` method to get its current IAM policy. 2. 9078// Edit the policy so that it binds the service account to an IAM role 9079// for the resource. 3. Call the resource's `setIamPolicy` method to 9080// update its IAM policy. For detailed instructions, see Manage access 9081// to project, folders, and organizations 9082// (https://cloud.google.com/iam/help/service-accounts/granting-access-to-service-accounts) 9083// or Manage access to other resources 9084// (https://cloud.google.com/iam/help/access/manage-other-resources). 9085// 9086// - resource: REQUIRED: The resource for which the policy is being 9087// specified. See the operation documentation for the appropriate 9088// value for this field. 9089func (r *ProjectsServiceAccountsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsServiceAccountsSetIamPolicyCall { 9090 c := &ProjectsServiceAccountsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9091 c.resource = resource 9092 c.setiampolicyrequest = setiampolicyrequest 9093 return c 9094} 9095 9096// Fields allows partial responses to be retrieved. See 9097// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9098// for more information. 9099func (c *ProjectsServiceAccountsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSetIamPolicyCall { 9100 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9101 return c 9102} 9103 9104// Context sets the context to be used in this call's Do method. Any 9105// pending HTTP request will be aborted if the provided context is 9106// canceled. 9107func (c *ProjectsServiceAccountsSetIamPolicyCall) Context(ctx context.Context) *ProjectsServiceAccountsSetIamPolicyCall { 9108 c.ctx_ = ctx 9109 return c 9110} 9111 9112// Header returns an http.Header that can be modified by the caller to 9113// add HTTP headers to the request. 9114func (c *ProjectsServiceAccountsSetIamPolicyCall) Header() http.Header { 9115 if c.header_ == nil { 9116 c.header_ = make(http.Header) 9117 } 9118 return c.header_ 9119} 9120 9121func (c *ProjectsServiceAccountsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { 9122 reqHeaders := make(http.Header) 9123 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 9124 for k, v := range c.header_ { 9125 reqHeaders[k] = v 9126 } 9127 reqHeaders.Set("User-Agent", c.s.userAgent()) 9128 var body io.Reader = nil 9129 body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) 9130 if err != nil { 9131 return nil, err 9132 } 9133 reqHeaders.Set("Content-Type", "application/json") 9134 c.urlParams_.Set("alt", alt) 9135 c.urlParams_.Set("prettyPrint", "false") 9136 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy") 9137 urls += "?" + c.urlParams_.Encode() 9138 req, err := http.NewRequest("POST", urls, body) 9139 if err != nil { 9140 return nil, err 9141 } 9142 req.Header = reqHeaders 9143 googleapi.Expand(req.URL, map[string]string{ 9144 "resource": c.resource, 9145 }) 9146 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9147} 9148 9149// Do executes the "iam.projects.serviceAccounts.setIamPolicy" call. 9150// Exactly one of *Policy or error will be non-nil. Any non-2xx status 9151// code is an error. Response headers are in either 9152// *Policy.ServerResponse.Header or (if a response was returned at all) 9153// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 9154// check whether the returned error was because http.StatusNotModified 9155// was returned. 9156func (c *ProjectsServiceAccountsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { 9157 gensupport.SetOptions(c.urlParams_, opts...) 9158 res, err := c.doRequest("json") 9159 if res != nil && res.StatusCode == http.StatusNotModified { 9160 if res.Body != nil { 9161 res.Body.Close() 9162 } 9163 return nil, &googleapi.Error{ 9164 Code: res.StatusCode, 9165 Header: res.Header, 9166 } 9167 } 9168 if err != nil { 9169 return nil, err 9170 } 9171 defer googleapi.CloseBody(res) 9172 if err := googleapi.CheckResponse(res); err != nil { 9173 return nil, err 9174 } 9175 ret := &Policy{ 9176 ServerResponse: googleapi.ServerResponse{ 9177 Header: res.Header, 9178 HTTPStatusCode: res.StatusCode, 9179 }, 9180 } 9181 target := &ret 9182 if err := gensupport.DecodeResponse(target, res); err != nil { 9183 return nil, err 9184 } 9185 return ret, nil 9186 // { 9187 // "description": "Sets the IAM policy that is attached to a ServiceAccount. Use this method to grant or revoke access to the service account. For example, you could grant a principal the ability to impersonate the service account. This method does not enable the service account to access other resources. To grant roles to a service account on a resource, follow these steps: 1. Call the resource's `getIamPolicy` method to get its current IAM policy. 2. Edit the policy so that it binds the service account to an IAM role for the resource. 3. Call the resource's `setIamPolicy` method to update its IAM policy. For detailed instructions, see [Manage access to project, folders, and organizations](https://cloud.google.com/iam/help/service-accounts/granting-access-to-service-accounts) or [Manage access to other resources](https://cloud.google.com/iam/help/access/manage-other-resources).", 9188 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:setIamPolicy", 9189 // "httpMethod": "POST", 9190 // "id": "iam.projects.serviceAccounts.setIamPolicy", 9191 // "parameterOrder": [ 9192 // "resource" 9193 // ], 9194 // "parameters": { 9195 // "resource": { 9196 // "description": "REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.", 9197 // "location": "path", 9198 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9199 // "required": true, 9200 // "type": "string" 9201 // } 9202 // }, 9203 // "path": "v1/{+resource}:setIamPolicy", 9204 // "request": { 9205 // "$ref": "SetIamPolicyRequest" 9206 // }, 9207 // "response": { 9208 // "$ref": "Policy" 9209 // }, 9210 // "scopes": [ 9211 // "https://www.googleapis.com/auth/cloud-platform" 9212 // ] 9213 // } 9214 9215} 9216 9217// method id "iam.projects.serviceAccounts.signBlob": 9218 9219type ProjectsServiceAccountsSignBlobCall struct { 9220 s *Service 9221 name string 9222 signblobrequest *SignBlobRequest 9223 urlParams_ gensupport.URLParams 9224 ctx_ context.Context 9225 header_ http.Header 9226} 9227 9228// SignBlob: **Note:** This method is deprecated. Use the `signBlob` 9229// (https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signBlob) 9230// method in the IAM Service Account Credentials API instead. If you 9231// currently use this method, see the migration guide 9232// (https://cloud.google.com/iam/help/credentials/migrate-api) for 9233// instructions. Signs a blob using the system-managed private key for a 9234// ServiceAccount. 9235// 9236// - name: Deprecated. Migrate to Service Account Credentials API 9237// (https://cloud.google.com/iam/help/credentials/migrate-api). The 9238// resource name of the service account in the following format: 9239// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a 9240// wildcard for the `PROJECT_ID` will infer the project from the 9241// account. The `ACCOUNT` value can be the `email` address or the 9242// `unique_id` of the service account. 9243func (r *ProjectsServiceAccountsService) SignBlob(name string, signblobrequest *SignBlobRequest) *ProjectsServiceAccountsSignBlobCall { 9244 c := &ProjectsServiceAccountsSignBlobCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9245 c.name = name 9246 c.signblobrequest = signblobrequest 9247 return c 9248} 9249 9250// Fields allows partial responses to be retrieved. See 9251// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9252// for more information. 9253func (c *ProjectsServiceAccountsSignBlobCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignBlobCall { 9254 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9255 return c 9256} 9257 9258// Context sets the context to be used in this call's Do method. Any 9259// pending HTTP request will be aborted if the provided context is 9260// canceled. 9261func (c *ProjectsServiceAccountsSignBlobCall) Context(ctx context.Context) *ProjectsServiceAccountsSignBlobCall { 9262 c.ctx_ = ctx 9263 return c 9264} 9265 9266// Header returns an http.Header that can be modified by the caller to 9267// add HTTP headers to the request. 9268func (c *ProjectsServiceAccountsSignBlobCall) Header() http.Header { 9269 if c.header_ == nil { 9270 c.header_ = make(http.Header) 9271 } 9272 return c.header_ 9273} 9274 9275func (c *ProjectsServiceAccountsSignBlobCall) doRequest(alt string) (*http.Response, error) { 9276 reqHeaders := make(http.Header) 9277 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 9278 for k, v := range c.header_ { 9279 reqHeaders[k] = v 9280 } 9281 reqHeaders.Set("User-Agent", c.s.userAgent()) 9282 var body io.Reader = nil 9283 body, err := googleapi.WithoutDataWrapper.JSONReader(c.signblobrequest) 9284 if err != nil { 9285 return nil, err 9286 } 9287 reqHeaders.Set("Content-Type", "application/json") 9288 c.urlParams_.Set("alt", alt) 9289 c.urlParams_.Set("prettyPrint", "false") 9290 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:signBlob") 9291 urls += "?" + c.urlParams_.Encode() 9292 req, err := http.NewRequest("POST", urls, body) 9293 if err != nil { 9294 return nil, err 9295 } 9296 req.Header = reqHeaders 9297 googleapi.Expand(req.URL, map[string]string{ 9298 "name": c.name, 9299 }) 9300 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9301} 9302 9303// Do executes the "iam.projects.serviceAccounts.signBlob" call. 9304// Exactly one of *SignBlobResponse or error will be non-nil. Any 9305// non-2xx status code is an error. Response headers are in either 9306// *SignBlobResponse.ServerResponse.Header or (if a response was 9307// returned at all) in error.(*googleapi.Error).Header. Use 9308// googleapi.IsNotModified to check whether the returned error was 9309// because http.StatusNotModified was returned. 9310func (c *ProjectsServiceAccountsSignBlobCall) Do(opts ...googleapi.CallOption) (*SignBlobResponse, error) { 9311 gensupport.SetOptions(c.urlParams_, opts...) 9312 res, err := c.doRequest("json") 9313 if res != nil && res.StatusCode == http.StatusNotModified { 9314 if res.Body != nil { 9315 res.Body.Close() 9316 } 9317 return nil, &googleapi.Error{ 9318 Code: res.StatusCode, 9319 Header: res.Header, 9320 } 9321 } 9322 if err != nil { 9323 return nil, err 9324 } 9325 defer googleapi.CloseBody(res) 9326 if err := googleapi.CheckResponse(res); err != nil { 9327 return nil, err 9328 } 9329 ret := &SignBlobResponse{ 9330 ServerResponse: googleapi.ServerResponse{ 9331 Header: res.Header, 9332 HTTPStatusCode: res.StatusCode, 9333 }, 9334 } 9335 target := &ret 9336 if err := gensupport.DecodeResponse(target, res); err != nil { 9337 return nil, err 9338 } 9339 return ret, nil 9340 // { 9341 // "description": "**Note:** This method is deprecated. Use the [`signBlob`](https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signBlob) method in the IAM Service Account Credentials API instead. If you currently use this method, see the [migration guide](https://cloud.google.com/iam/help/credentials/migrate-api) for instructions. Signs a blob using the system-managed private key for a ServiceAccount.", 9342 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signBlob", 9343 // "httpMethod": "POST", 9344 // "id": "iam.projects.serviceAccounts.signBlob", 9345 // "parameterOrder": [ 9346 // "name" 9347 // ], 9348 // "parameters": { 9349 // "name": { 9350 // "description": "Required. Deprecated. [Migrate to Service Account Credentials API](https://cloud.google.com/iam/help/credentials/migrate-api). The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 9351 // "location": "path", 9352 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9353 // "required": true, 9354 // "type": "string" 9355 // } 9356 // }, 9357 // "path": "v1/{+name}:signBlob", 9358 // "request": { 9359 // "$ref": "SignBlobRequest" 9360 // }, 9361 // "response": { 9362 // "$ref": "SignBlobResponse" 9363 // }, 9364 // "scopes": [ 9365 // "https://www.googleapis.com/auth/cloud-platform" 9366 // ] 9367 // } 9368 9369} 9370 9371// method id "iam.projects.serviceAccounts.signJwt": 9372 9373type ProjectsServiceAccountsSignJwtCall struct { 9374 s *Service 9375 name string 9376 signjwtrequest *SignJwtRequest 9377 urlParams_ gensupport.URLParams 9378 ctx_ context.Context 9379 header_ http.Header 9380} 9381 9382// SignJwt: **Note:** This method is deprecated. Use the `signJwt` 9383// (https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signJwt) 9384// method in the IAM Service Account Credentials API instead. If you 9385// currently use this method, see the migration guide 9386// (https://cloud.google.com/iam/help/credentials/migrate-api) for 9387// instructions. Signs a JSON Web Token (JWT) using the system-managed 9388// private key for a ServiceAccount. 9389// 9390// - name: Deprecated. Migrate to Service Account Credentials API 9391// (https://cloud.google.com/iam/help/credentials/migrate-api). The 9392// resource name of the service account in the following format: 9393// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a 9394// wildcard for the `PROJECT_ID` will infer the project from the 9395// account. The `ACCOUNT` value can be the `email` address or the 9396// `unique_id` of the service account. 9397func (r *ProjectsServiceAccountsService) SignJwt(name string, signjwtrequest *SignJwtRequest) *ProjectsServiceAccountsSignJwtCall { 9398 c := &ProjectsServiceAccountsSignJwtCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9399 c.name = name 9400 c.signjwtrequest = signjwtrequest 9401 return c 9402} 9403 9404// Fields allows partial responses to be retrieved. See 9405// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9406// for more information. 9407func (c *ProjectsServiceAccountsSignJwtCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignJwtCall { 9408 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9409 return c 9410} 9411 9412// Context sets the context to be used in this call's Do method. Any 9413// pending HTTP request will be aborted if the provided context is 9414// canceled. 9415func (c *ProjectsServiceAccountsSignJwtCall) Context(ctx context.Context) *ProjectsServiceAccountsSignJwtCall { 9416 c.ctx_ = ctx 9417 return c 9418} 9419 9420// Header returns an http.Header that can be modified by the caller to 9421// add HTTP headers to the request. 9422func (c *ProjectsServiceAccountsSignJwtCall) Header() http.Header { 9423 if c.header_ == nil { 9424 c.header_ = make(http.Header) 9425 } 9426 return c.header_ 9427} 9428 9429func (c *ProjectsServiceAccountsSignJwtCall) doRequest(alt string) (*http.Response, error) { 9430 reqHeaders := make(http.Header) 9431 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 9432 for k, v := range c.header_ { 9433 reqHeaders[k] = v 9434 } 9435 reqHeaders.Set("User-Agent", c.s.userAgent()) 9436 var body io.Reader = nil 9437 body, err := googleapi.WithoutDataWrapper.JSONReader(c.signjwtrequest) 9438 if err != nil { 9439 return nil, err 9440 } 9441 reqHeaders.Set("Content-Type", "application/json") 9442 c.urlParams_.Set("alt", alt) 9443 c.urlParams_.Set("prettyPrint", "false") 9444 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:signJwt") 9445 urls += "?" + c.urlParams_.Encode() 9446 req, err := http.NewRequest("POST", urls, body) 9447 if err != nil { 9448 return nil, err 9449 } 9450 req.Header = reqHeaders 9451 googleapi.Expand(req.URL, map[string]string{ 9452 "name": c.name, 9453 }) 9454 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9455} 9456 9457// Do executes the "iam.projects.serviceAccounts.signJwt" call. 9458// Exactly one of *SignJwtResponse or error will be non-nil. Any non-2xx 9459// status code is an error. Response headers are in either 9460// *SignJwtResponse.ServerResponse.Header or (if a response was returned 9461// at all) in error.(*googleapi.Error).Header. Use 9462// googleapi.IsNotModified to check whether the returned error was 9463// because http.StatusNotModified was returned. 9464func (c *ProjectsServiceAccountsSignJwtCall) Do(opts ...googleapi.CallOption) (*SignJwtResponse, error) { 9465 gensupport.SetOptions(c.urlParams_, opts...) 9466 res, err := c.doRequest("json") 9467 if res != nil && res.StatusCode == http.StatusNotModified { 9468 if res.Body != nil { 9469 res.Body.Close() 9470 } 9471 return nil, &googleapi.Error{ 9472 Code: res.StatusCode, 9473 Header: res.Header, 9474 } 9475 } 9476 if err != nil { 9477 return nil, err 9478 } 9479 defer googleapi.CloseBody(res) 9480 if err := googleapi.CheckResponse(res); err != nil { 9481 return nil, err 9482 } 9483 ret := &SignJwtResponse{ 9484 ServerResponse: googleapi.ServerResponse{ 9485 Header: res.Header, 9486 HTTPStatusCode: res.StatusCode, 9487 }, 9488 } 9489 target := &ret 9490 if err := gensupport.DecodeResponse(target, res); err != nil { 9491 return nil, err 9492 } 9493 return ret, nil 9494 // { 9495 // "description": "**Note:** This method is deprecated. Use the [`signJwt`](https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signJwt) method in the IAM Service Account Credentials API instead. If you currently use this method, see the [migration guide](https://cloud.google.com/iam/help/credentials/migrate-api) for instructions. Signs a JSON Web Token (JWT) using the system-managed private key for a ServiceAccount.", 9496 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signJwt", 9497 // "httpMethod": "POST", 9498 // "id": "iam.projects.serviceAccounts.signJwt", 9499 // "parameterOrder": [ 9500 // "name" 9501 // ], 9502 // "parameters": { 9503 // "name": { 9504 // "description": "Required. Deprecated. [Migrate to Service Account Credentials API](https://cloud.google.com/iam/help/credentials/migrate-api). The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 9505 // "location": "path", 9506 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9507 // "required": true, 9508 // "type": "string" 9509 // } 9510 // }, 9511 // "path": "v1/{+name}:signJwt", 9512 // "request": { 9513 // "$ref": "SignJwtRequest" 9514 // }, 9515 // "response": { 9516 // "$ref": "SignJwtResponse" 9517 // }, 9518 // "scopes": [ 9519 // "https://www.googleapis.com/auth/cloud-platform" 9520 // ] 9521 // } 9522 9523} 9524 9525// method id "iam.projects.serviceAccounts.testIamPermissions": 9526 9527type ProjectsServiceAccountsTestIamPermissionsCall struct { 9528 s *Service 9529 resource string 9530 testiampermissionsrequest *TestIamPermissionsRequest 9531 urlParams_ gensupport.URLParams 9532 ctx_ context.Context 9533 header_ http.Header 9534} 9535 9536// TestIamPermissions: Tests whether the caller has the specified 9537// permissions on a ServiceAccount. 9538// 9539// - resource: REQUIRED: The resource for which the policy detail is 9540// being requested. See the operation documentation for the 9541// appropriate value for this field. 9542func (r *ProjectsServiceAccountsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsServiceAccountsTestIamPermissionsCall { 9543 c := &ProjectsServiceAccountsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9544 c.resource = resource 9545 c.testiampermissionsrequest = testiampermissionsrequest 9546 return c 9547} 9548 9549// Fields allows partial responses to be retrieved. See 9550// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9551// for more information. 9552func (c *ProjectsServiceAccountsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsTestIamPermissionsCall { 9553 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9554 return c 9555} 9556 9557// Context sets the context to be used in this call's Do method. Any 9558// pending HTTP request will be aborted if the provided context is 9559// canceled. 9560func (c *ProjectsServiceAccountsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsServiceAccountsTestIamPermissionsCall { 9561 c.ctx_ = ctx 9562 return c 9563} 9564 9565// Header returns an http.Header that can be modified by the caller to 9566// add HTTP headers to the request. 9567func (c *ProjectsServiceAccountsTestIamPermissionsCall) Header() http.Header { 9568 if c.header_ == nil { 9569 c.header_ = make(http.Header) 9570 } 9571 return c.header_ 9572} 9573 9574func (c *ProjectsServiceAccountsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { 9575 reqHeaders := make(http.Header) 9576 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 9577 for k, v := range c.header_ { 9578 reqHeaders[k] = v 9579 } 9580 reqHeaders.Set("User-Agent", c.s.userAgent()) 9581 var body io.Reader = nil 9582 body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) 9583 if err != nil { 9584 return nil, err 9585 } 9586 reqHeaders.Set("Content-Type", "application/json") 9587 c.urlParams_.Set("alt", alt) 9588 c.urlParams_.Set("prettyPrint", "false") 9589 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions") 9590 urls += "?" + c.urlParams_.Encode() 9591 req, err := http.NewRequest("POST", urls, body) 9592 if err != nil { 9593 return nil, err 9594 } 9595 req.Header = reqHeaders 9596 googleapi.Expand(req.URL, map[string]string{ 9597 "resource": c.resource, 9598 }) 9599 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9600} 9601 9602// Do executes the "iam.projects.serviceAccounts.testIamPermissions" call. 9603// Exactly one of *TestIamPermissionsResponse or error will be non-nil. 9604// Any non-2xx status code is an error. Response headers are in either 9605// *TestIamPermissionsResponse.ServerResponse.Header or (if a response 9606// was returned at all) in error.(*googleapi.Error).Header. Use 9607// googleapi.IsNotModified to check whether the returned error was 9608// because http.StatusNotModified was returned. 9609func (c *ProjectsServiceAccountsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { 9610 gensupport.SetOptions(c.urlParams_, opts...) 9611 res, err := c.doRequest("json") 9612 if res != nil && res.StatusCode == http.StatusNotModified { 9613 if res.Body != nil { 9614 res.Body.Close() 9615 } 9616 return nil, &googleapi.Error{ 9617 Code: res.StatusCode, 9618 Header: res.Header, 9619 } 9620 } 9621 if err != nil { 9622 return nil, err 9623 } 9624 defer googleapi.CloseBody(res) 9625 if err := googleapi.CheckResponse(res); err != nil { 9626 return nil, err 9627 } 9628 ret := &TestIamPermissionsResponse{ 9629 ServerResponse: googleapi.ServerResponse{ 9630 Header: res.Header, 9631 HTTPStatusCode: res.StatusCode, 9632 }, 9633 } 9634 target := &ret 9635 if err := gensupport.DecodeResponse(target, res); err != nil { 9636 return nil, err 9637 } 9638 return ret, nil 9639 // { 9640 // "description": "Tests whether the caller has the specified permissions on a ServiceAccount.", 9641 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:testIamPermissions", 9642 // "httpMethod": "POST", 9643 // "id": "iam.projects.serviceAccounts.testIamPermissions", 9644 // "parameterOrder": [ 9645 // "resource" 9646 // ], 9647 // "parameters": { 9648 // "resource": { 9649 // "description": "REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.", 9650 // "location": "path", 9651 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9652 // "required": true, 9653 // "type": "string" 9654 // } 9655 // }, 9656 // "path": "v1/{+resource}:testIamPermissions", 9657 // "request": { 9658 // "$ref": "TestIamPermissionsRequest" 9659 // }, 9660 // "response": { 9661 // "$ref": "TestIamPermissionsResponse" 9662 // }, 9663 // "scopes": [ 9664 // "https://www.googleapis.com/auth/cloud-platform" 9665 // ] 9666 // } 9667 9668} 9669 9670// method id "iam.projects.serviceAccounts.undelete": 9671 9672type ProjectsServiceAccountsUndeleteCall struct { 9673 s *Service 9674 name string 9675 undeleteserviceaccountrequest *UndeleteServiceAccountRequest 9676 urlParams_ gensupport.URLParams 9677 ctx_ context.Context 9678 header_ http.Header 9679} 9680 9681// Undelete: Restores a deleted ServiceAccount. **Important:** It is not 9682// always possible to restore a deleted service account. Use this method 9683// only as a last resort. After you delete a service account, IAM 9684// permanently removes the service account 30 days later. There is no 9685// way to restore a deleted service account that has been permanently 9686// removed. 9687// 9688// - name: The resource name of the service account in the following 9689// format: 9690// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT_UNIQUE_ID}`. Using 9691// `-` as a wildcard for the `PROJECT_ID` will infer the project from 9692// the account. 9693func (r *ProjectsServiceAccountsService) Undelete(name string, undeleteserviceaccountrequest *UndeleteServiceAccountRequest) *ProjectsServiceAccountsUndeleteCall { 9694 c := &ProjectsServiceAccountsUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9695 c.name = name 9696 c.undeleteserviceaccountrequest = undeleteserviceaccountrequest 9697 return c 9698} 9699 9700// Fields allows partial responses to be retrieved. See 9701// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9702// for more information. 9703func (c *ProjectsServiceAccountsUndeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsUndeleteCall { 9704 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9705 return c 9706} 9707 9708// Context sets the context to be used in this call's Do method. Any 9709// pending HTTP request will be aborted if the provided context is 9710// canceled. 9711func (c *ProjectsServiceAccountsUndeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsUndeleteCall { 9712 c.ctx_ = ctx 9713 return c 9714} 9715 9716// Header returns an http.Header that can be modified by the caller to 9717// add HTTP headers to the request. 9718func (c *ProjectsServiceAccountsUndeleteCall) Header() http.Header { 9719 if c.header_ == nil { 9720 c.header_ = make(http.Header) 9721 } 9722 return c.header_ 9723} 9724 9725func (c *ProjectsServiceAccountsUndeleteCall) doRequest(alt string) (*http.Response, error) { 9726 reqHeaders := make(http.Header) 9727 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 9728 for k, v := range c.header_ { 9729 reqHeaders[k] = v 9730 } 9731 reqHeaders.Set("User-Agent", c.s.userAgent()) 9732 var body io.Reader = nil 9733 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteserviceaccountrequest) 9734 if err != nil { 9735 return nil, err 9736 } 9737 reqHeaders.Set("Content-Type", "application/json") 9738 c.urlParams_.Set("alt", alt) 9739 c.urlParams_.Set("prettyPrint", "false") 9740 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 9741 urls += "?" + c.urlParams_.Encode() 9742 req, err := http.NewRequest("POST", urls, body) 9743 if err != nil { 9744 return nil, err 9745 } 9746 req.Header = reqHeaders 9747 googleapi.Expand(req.URL, map[string]string{ 9748 "name": c.name, 9749 }) 9750 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9751} 9752 9753// Do executes the "iam.projects.serviceAccounts.undelete" call. 9754// Exactly one of *UndeleteServiceAccountResponse or error will be 9755// non-nil. Any non-2xx status code is an error. Response headers are in 9756// either *UndeleteServiceAccountResponse.ServerResponse.Header or (if a 9757// response was returned at all) in error.(*googleapi.Error).Header. Use 9758// googleapi.IsNotModified to check whether the returned error was 9759// because http.StatusNotModified was returned. 9760func (c *ProjectsServiceAccountsUndeleteCall) Do(opts ...googleapi.CallOption) (*UndeleteServiceAccountResponse, error) { 9761 gensupport.SetOptions(c.urlParams_, opts...) 9762 res, err := c.doRequest("json") 9763 if res != nil && res.StatusCode == http.StatusNotModified { 9764 if res.Body != nil { 9765 res.Body.Close() 9766 } 9767 return nil, &googleapi.Error{ 9768 Code: res.StatusCode, 9769 Header: res.Header, 9770 } 9771 } 9772 if err != nil { 9773 return nil, err 9774 } 9775 defer googleapi.CloseBody(res) 9776 if err := googleapi.CheckResponse(res); err != nil { 9777 return nil, err 9778 } 9779 ret := &UndeleteServiceAccountResponse{ 9780 ServerResponse: googleapi.ServerResponse{ 9781 Header: res.Header, 9782 HTTPStatusCode: res.StatusCode, 9783 }, 9784 } 9785 target := &ret 9786 if err := gensupport.DecodeResponse(target, res); err != nil { 9787 return nil, err 9788 } 9789 return ret, nil 9790 // { 9791 // "description": "Restores a deleted ServiceAccount. **Important:** It is not always possible to restore a deleted service account. Use this method only as a last resort. After you delete a service account, IAM permanently removes the service account 30 days later. There is no way to restore a deleted service account that has been permanently removed.", 9792 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:undelete", 9793 // "httpMethod": "POST", 9794 // "id": "iam.projects.serviceAccounts.undelete", 9795 // "parameterOrder": [ 9796 // "name" 9797 // ], 9798 // "parameters": { 9799 // "name": { 9800 // "description": "The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT_UNIQUE_ID}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account.", 9801 // "location": "path", 9802 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9803 // "required": true, 9804 // "type": "string" 9805 // } 9806 // }, 9807 // "path": "v1/{+name}:undelete", 9808 // "request": { 9809 // "$ref": "UndeleteServiceAccountRequest" 9810 // }, 9811 // "response": { 9812 // "$ref": "UndeleteServiceAccountResponse" 9813 // }, 9814 // "scopes": [ 9815 // "https://www.googleapis.com/auth/cloud-platform" 9816 // ] 9817 // } 9818 9819} 9820 9821// method id "iam.projects.serviceAccounts.update": 9822 9823type ProjectsServiceAccountsUpdateCall struct { 9824 s *Service 9825 name string 9826 serviceaccount *ServiceAccount 9827 urlParams_ gensupport.URLParams 9828 ctx_ context.Context 9829 header_ http.Header 9830} 9831 9832// Update: **Note:** We are in the process of deprecating this method. 9833// Use PatchServiceAccount instead. Updates a ServiceAccount. You can 9834// update only the `display_name` and `description` fields. 9835// 9836// - name: The resource name of the service account. Use one of the 9837// following formats: * 9838// `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * 9839// `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an 9840// alternative, you can use the `-` wildcard character instead of the 9841// project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * 9842// `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using 9843// the `-` wildcard character, because it can cause response messages 9844// to contain misleading error codes. For example, if you try to get 9845// the service account `projects/-/serviceAccounts/fake@example.com`, 9846// which does not exist, the response contains an HTTP `403 Forbidden` 9847// error instead of a `404 Not Found` error. 9848func (r *ProjectsServiceAccountsService) Update(name string, serviceaccount *ServiceAccount) *ProjectsServiceAccountsUpdateCall { 9849 c := &ProjectsServiceAccountsUpdateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9850 c.name = name 9851 c.serviceaccount = serviceaccount 9852 return c 9853} 9854 9855// Fields allows partial responses to be retrieved. See 9856// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 9857// for more information. 9858func (c *ProjectsServiceAccountsUpdateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsUpdateCall { 9859 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9860 return c 9861} 9862 9863// Context sets the context to be used in this call's Do method. Any 9864// pending HTTP request will be aborted if the provided context is 9865// canceled. 9866func (c *ProjectsServiceAccountsUpdateCall) Context(ctx context.Context) *ProjectsServiceAccountsUpdateCall { 9867 c.ctx_ = ctx 9868 return c 9869} 9870 9871// Header returns an http.Header that can be modified by the caller to 9872// add HTTP headers to the request. 9873func (c *ProjectsServiceAccountsUpdateCall) Header() http.Header { 9874 if c.header_ == nil { 9875 c.header_ = make(http.Header) 9876 } 9877 return c.header_ 9878} 9879 9880func (c *ProjectsServiceAccountsUpdateCall) doRequest(alt string) (*http.Response, error) { 9881 reqHeaders := make(http.Header) 9882 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 9883 for k, v := range c.header_ { 9884 reqHeaders[k] = v 9885 } 9886 reqHeaders.Set("User-Agent", c.s.userAgent()) 9887 var body io.Reader = nil 9888 body, err := googleapi.WithoutDataWrapper.JSONReader(c.serviceaccount) 9889 if err != nil { 9890 return nil, err 9891 } 9892 reqHeaders.Set("Content-Type", "application/json") 9893 c.urlParams_.Set("alt", alt) 9894 c.urlParams_.Set("prettyPrint", "false") 9895 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 9896 urls += "?" + c.urlParams_.Encode() 9897 req, err := http.NewRequest("PUT", urls, body) 9898 if err != nil { 9899 return nil, err 9900 } 9901 req.Header = reqHeaders 9902 googleapi.Expand(req.URL, map[string]string{ 9903 "name": c.name, 9904 }) 9905 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9906} 9907 9908// Do executes the "iam.projects.serviceAccounts.update" call. 9909// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 9910// status code is an error. Response headers are in either 9911// *ServiceAccount.ServerResponse.Header or (if a response was returned 9912// at all) in error.(*googleapi.Error).Header. Use 9913// googleapi.IsNotModified to check whether the returned error was 9914// because http.StatusNotModified was returned. 9915func (c *ProjectsServiceAccountsUpdateCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 9916 gensupport.SetOptions(c.urlParams_, opts...) 9917 res, err := c.doRequest("json") 9918 if res != nil && res.StatusCode == http.StatusNotModified { 9919 if res.Body != nil { 9920 res.Body.Close() 9921 } 9922 return nil, &googleapi.Error{ 9923 Code: res.StatusCode, 9924 Header: res.Header, 9925 } 9926 } 9927 if err != nil { 9928 return nil, err 9929 } 9930 defer googleapi.CloseBody(res) 9931 if err := googleapi.CheckResponse(res); err != nil { 9932 return nil, err 9933 } 9934 ret := &ServiceAccount{ 9935 ServerResponse: googleapi.ServerResponse{ 9936 Header: res.Header, 9937 HTTPStatusCode: res.StatusCode, 9938 }, 9939 } 9940 target := &ret 9941 if err := gensupport.DecodeResponse(target, res); err != nil { 9942 return nil, err 9943 } 9944 return ret, nil 9945 // { 9946 // "description": "**Note:** We are in the process of deprecating this method. Use PatchServiceAccount instead. Updates a ServiceAccount. You can update only the `display_name` and `description` fields.", 9947 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 9948 // "httpMethod": "PUT", 9949 // "id": "iam.projects.serviceAccounts.update", 9950 // "parameterOrder": [ 9951 // "name" 9952 // ], 9953 // "parameters": { 9954 // "name": { 9955 // "description": "The resource name of the service account. Use one of the following formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` * `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you can use the `-` wildcard character instead of the project ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` * `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the `-` wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to get the service account `projects/-/serviceAccounts/fake@example.com`, which does not exist, the response contains an HTTP `403 Forbidden` error instead of a `404 Not Found` error.", 9956 // "location": "path", 9957 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 9958 // "required": true, 9959 // "type": "string" 9960 // } 9961 // }, 9962 // "path": "v1/{+name}", 9963 // "request": { 9964 // "$ref": "ServiceAccount" 9965 // }, 9966 // "response": { 9967 // "$ref": "ServiceAccount" 9968 // }, 9969 // "scopes": [ 9970 // "https://www.googleapis.com/auth/cloud-platform" 9971 // ] 9972 // } 9973 9974} 9975 9976// method id "iam.projects.serviceAccounts.keys.create": 9977 9978type ProjectsServiceAccountsKeysCreateCall struct { 9979 s *Service 9980 name string 9981 createserviceaccountkeyrequest *CreateServiceAccountKeyRequest 9982 urlParams_ gensupport.URLParams 9983 ctx_ context.Context 9984 header_ http.Header 9985} 9986 9987// Create: Creates a ServiceAccountKey. 9988// 9989// - name: The resource name of the service account in the following 9990// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 9991// `-` as a wildcard for the `PROJECT_ID` will infer the project from 9992// the account. The `ACCOUNT` value can be the `email` address or the 9993// `unique_id` of the service account. 9994func (r *ProjectsServiceAccountsKeysService) Create(name string, createserviceaccountkeyrequest *CreateServiceAccountKeyRequest) *ProjectsServiceAccountsKeysCreateCall { 9995 c := &ProjectsServiceAccountsKeysCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9996 c.name = name 9997 c.createserviceaccountkeyrequest = createserviceaccountkeyrequest 9998 return c 9999} 10000 10001// Fields allows partial responses to be retrieved. See 10002// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10003// for more information. 10004func (c *ProjectsServiceAccountsKeysCreateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysCreateCall { 10005 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10006 return c 10007} 10008 10009// Context sets the context to be used in this call's Do method. Any 10010// pending HTTP request will be aborted if the provided context is 10011// canceled. 10012func (c *ProjectsServiceAccountsKeysCreateCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysCreateCall { 10013 c.ctx_ = ctx 10014 return c 10015} 10016 10017// Header returns an http.Header that can be modified by the caller to 10018// add HTTP headers to the request. 10019func (c *ProjectsServiceAccountsKeysCreateCall) Header() http.Header { 10020 if c.header_ == nil { 10021 c.header_ = make(http.Header) 10022 } 10023 return c.header_ 10024} 10025 10026func (c *ProjectsServiceAccountsKeysCreateCall) doRequest(alt string) (*http.Response, error) { 10027 reqHeaders := make(http.Header) 10028 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 10029 for k, v := range c.header_ { 10030 reqHeaders[k] = v 10031 } 10032 reqHeaders.Set("User-Agent", c.s.userAgent()) 10033 var body io.Reader = nil 10034 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createserviceaccountkeyrequest) 10035 if err != nil { 10036 return nil, err 10037 } 10038 reqHeaders.Set("Content-Type", "application/json") 10039 c.urlParams_.Set("alt", alt) 10040 c.urlParams_.Set("prettyPrint", "false") 10041 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys") 10042 urls += "?" + c.urlParams_.Encode() 10043 req, err := http.NewRequest("POST", urls, body) 10044 if err != nil { 10045 return nil, err 10046 } 10047 req.Header = reqHeaders 10048 googleapi.Expand(req.URL, map[string]string{ 10049 "name": c.name, 10050 }) 10051 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10052} 10053 10054// Do executes the "iam.projects.serviceAccounts.keys.create" call. 10055// Exactly one of *ServiceAccountKey or error will be non-nil. Any 10056// non-2xx status code is an error. Response headers are in either 10057// *ServiceAccountKey.ServerResponse.Header or (if a response was 10058// returned at all) in error.(*googleapi.Error).Header. Use 10059// googleapi.IsNotModified to check whether the returned error was 10060// because http.StatusNotModified was returned. 10061func (c *ProjectsServiceAccountsKeysCreateCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 10062 gensupport.SetOptions(c.urlParams_, opts...) 10063 res, err := c.doRequest("json") 10064 if res != nil && res.StatusCode == http.StatusNotModified { 10065 if res.Body != nil { 10066 res.Body.Close() 10067 } 10068 return nil, &googleapi.Error{ 10069 Code: res.StatusCode, 10070 Header: res.Header, 10071 } 10072 } 10073 if err != nil { 10074 return nil, err 10075 } 10076 defer googleapi.CloseBody(res) 10077 if err := googleapi.CheckResponse(res); err != nil { 10078 return nil, err 10079 } 10080 ret := &ServiceAccountKey{ 10081 ServerResponse: googleapi.ServerResponse{ 10082 Header: res.Header, 10083 HTTPStatusCode: res.StatusCode, 10084 }, 10085 } 10086 target := &ret 10087 if err := gensupport.DecodeResponse(target, res); err != nil { 10088 return nil, err 10089 } 10090 return ret, nil 10091 // { 10092 // "description": "Creates a ServiceAccountKey.", 10093 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys", 10094 // "httpMethod": "POST", 10095 // "id": "iam.projects.serviceAccounts.keys.create", 10096 // "parameterOrder": [ 10097 // "name" 10098 // ], 10099 // "parameters": { 10100 // "name": { 10101 // "description": "Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 10102 // "location": "path", 10103 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 10104 // "required": true, 10105 // "type": "string" 10106 // } 10107 // }, 10108 // "path": "v1/{+name}/keys", 10109 // "request": { 10110 // "$ref": "CreateServiceAccountKeyRequest" 10111 // }, 10112 // "response": { 10113 // "$ref": "ServiceAccountKey" 10114 // }, 10115 // "scopes": [ 10116 // "https://www.googleapis.com/auth/cloud-platform" 10117 // ] 10118 // } 10119 10120} 10121 10122// method id "iam.projects.serviceAccounts.keys.delete": 10123 10124type ProjectsServiceAccountsKeysDeleteCall struct { 10125 s *Service 10126 name string 10127 urlParams_ gensupport.URLParams 10128 ctx_ context.Context 10129 header_ http.Header 10130} 10131 10132// Delete: Deletes a ServiceAccountKey. Deleting a service account key 10133// does not revoke short-lived credentials that have been issued based 10134// on the service account key. 10135// 10136// - name: The resource name of the service account key in the following 10137// format: 10138// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using 10139// `-` as a wildcard for the `PROJECT_ID` will infer the project from 10140// the account. The `ACCOUNT` value can be the `email` address or the 10141// `unique_id` of the service account. 10142func (r *ProjectsServiceAccountsKeysService) Delete(name string) *ProjectsServiceAccountsKeysDeleteCall { 10143 c := &ProjectsServiceAccountsKeysDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10144 c.name = name 10145 return c 10146} 10147 10148// Fields allows partial responses to be retrieved. See 10149// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10150// for more information. 10151func (c *ProjectsServiceAccountsKeysDeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysDeleteCall { 10152 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10153 return c 10154} 10155 10156// Context sets the context to be used in this call's Do method. Any 10157// pending HTTP request will be aborted if the provided context is 10158// canceled. 10159func (c *ProjectsServiceAccountsKeysDeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysDeleteCall { 10160 c.ctx_ = ctx 10161 return c 10162} 10163 10164// Header returns an http.Header that can be modified by the caller to 10165// add HTTP headers to the request. 10166func (c *ProjectsServiceAccountsKeysDeleteCall) Header() http.Header { 10167 if c.header_ == nil { 10168 c.header_ = make(http.Header) 10169 } 10170 return c.header_ 10171} 10172 10173func (c *ProjectsServiceAccountsKeysDeleteCall) doRequest(alt string) (*http.Response, error) { 10174 reqHeaders := make(http.Header) 10175 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 10176 for k, v := range c.header_ { 10177 reqHeaders[k] = v 10178 } 10179 reqHeaders.Set("User-Agent", c.s.userAgent()) 10180 var body io.Reader = nil 10181 c.urlParams_.Set("alt", alt) 10182 c.urlParams_.Set("prettyPrint", "false") 10183 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 10184 urls += "?" + c.urlParams_.Encode() 10185 req, err := http.NewRequest("DELETE", urls, body) 10186 if err != nil { 10187 return nil, err 10188 } 10189 req.Header = reqHeaders 10190 googleapi.Expand(req.URL, map[string]string{ 10191 "name": c.name, 10192 }) 10193 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10194} 10195 10196// Do executes the "iam.projects.serviceAccounts.keys.delete" call. 10197// Exactly one of *Empty or error will be non-nil. Any non-2xx status 10198// code is an error. Response headers are in either 10199// *Empty.ServerResponse.Header or (if a response was returned at all) 10200// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 10201// check whether the returned error was because http.StatusNotModified 10202// was returned. 10203func (c *ProjectsServiceAccountsKeysDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 10204 gensupport.SetOptions(c.urlParams_, opts...) 10205 res, err := c.doRequest("json") 10206 if res != nil && res.StatusCode == http.StatusNotModified { 10207 if res.Body != nil { 10208 res.Body.Close() 10209 } 10210 return nil, &googleapi.Error{ 10211 Code: res.StatusCode, 10212 Header: res.Header, 10213 } 10214 } 10215 if err != nil { 10216 return nil, err 10217 } 10218 defer googleapi.CloseBody(res) 10219 if err := googleapi.CheckResponse(res); err != nil { 10220 return nil, err 10221 } 10222 ret := &Empty{ 10223 ServerResponse: googleapi.ServerResponse{ 10224 Header: res.Header, 10225 HTTPStatusCode: res.StatusCode, 10226 }, 10227 } 10228 target := &ret 10229 if err := gensupport.DecodeResponse(target, res); err != nil { 10230 return nil, err 10231 } 10232 return ret, nil 10233 // { 10234 // "description": "Deletes a ServiceAccountKey. Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.", 10235 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}", 10236 // "httpMethod": "DELETE", 10237 // "id": "iam.projects.serviceAccounts.keys.delete", 10238 // "parameterOrder": [ 10239 // "name" 10240 // ], 10241 // "parameters": { 10242 // "name": { 10243 // "description": "Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 10244 // "location": "path", 10245 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$", 10246 // "required": true, 10247 // "type": "string" 10248 // } 10249 // }, 10250 // "path": "v1/{+name}", 10251 // "response": { 10252 // "$ref": "Empty" 10253 // }, 10254 // "scopes": [ 10255 // "https://www.googleapis.com/auth/cloud-platform" 10256 // ] 10257 // } 10258 10259} 10260 10261// method id "iam.projects.serviceAccounts.keys.disable": 10262 10263type ProjectsServiceAccountsKeysDisableCall struct { 10264 s *Service 10265 name string 10266 disableserviceaccountkeyrequest *DisableServiceAccountKeyRequest 10267 urlParams_ gensupport.URLParams 10268 ctx_ context.Context 10269 header_ http.Header 10270} 10271 10272// Disable: Disable a ServiceAccountKey. A disabled service account key 10273// can be enabled through EnableServiceAccountKey. 10274// 10275// - name: The resource name of the service account key in the following 10276// format: 10277// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using 10278// `-` as a wildcard for the `PROJECT_ID` will infer the project from 10279// the account. The `ACCOUNT` value can be the `email` address or the 10280// `unique_id` of the service account. 10281func (r *ProjectsServiceAccountsKeysService) Disable(name string, disableserviceaccountkeyrequest *DisableServiceAccountKeyRequest) *ProjectsServiceAccountsKeysDisableCall { 10282 c := &ProjectsServiceAccountsKeysDisableCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10283 c.name = name 10284 c.disableserviceaccountkeyrequest = disableserviceaccountkeyrequest 10285 return c 10286} 10287 10288// Fields allows partial responses to be retrieved. See 10289// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10290// for more information. 10291func (c *ProjectsServiceAccountsKeysDisableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysDisableCall { 10292 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10293 return c 10294} 10295 10296// Context sets the context to be used in this call's Do method. Any 10297// pending HTTP request will be aborted if the provided context is 10298// canceled. 10299func (c *ProjectsServiceAccountsKeysDisableCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysDisableCall { 10300 c.ctx_ = ctx 10301 return c 10302} 10303 10304// Header returns an http.Header that can be modified by the caller to 10305// add HTTP headers to the request. 10306func (c *ProjectsServiceAccountsKeysDisableCall) Header() http.Header { 10307 if c.header_ == nil { 10308 c.header_ = make(http.Header) 10309 } 10310 return c.header_ 10311} 10312 10313func (c *ProjectsServiceAccountsKeysDisableCall) doRequest(alt string) (*http.Response, error) { 10314 reqHeaders := make(http.Header) 10315 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 10316 for k, v := range c.header_ { 10317 reqHeaders[k] = v 10318 } 10319 reqHeaders.Set("User-Agent", c.s.userAgent()) 10320 var body io.Reader = nil 10321 body, err := googleapi.WithoutDataWrapper.JSONReader(c.disableserviceaccountkeyrequest) 10322 if err != nil { 10323 return nil, err 10324 } 10325 reqHeaders.Set("Content-Type", "application/json") 10326 c.urlParams_.Set("alt", alt) 10327 c.urlParams_.Set("prettyPrint", "false") 10328 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:disable") 10329 urls += "?" + c.urlParams_.Encode() 10330 req, err := http.NewRequest("POST", urls, body) 10331 if err != nil { 10332 return nil, err 10333 } 10334 req.Header = reqHeaders 10335 googleapi.Expand(req.URL, map[string]string{ 10336 "name": c.name, 10337 }) 10338 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10339} 10340 10341// Do executes the "iam.projects.serviceAccounts.keys.disable" call. 10342// Exactly one of *Empty or error will be non-nil. Any non-2xx status 10343// code is an error. Response headers are in either 10344// *Empty.ServerResponse.Header or (if a response was returned at all) 10345// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 10346// check whether the returned error was because http.StatusNotModified 10347// was returned. 10348func (c *ProjectsServiceAccountsKeysDisableCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 10349 gensupport.SetOptions(c.urlParams_, opts...) 10350 res, err := c.doRequest("json") 10351 if res != nil && res.StatusCode == http.StatusNotModified { 10352 if res.Body != nil { 10353 res.Body.Close() 10354 } 10355 return nil, &googleapi.Error{ 10356 Code: res.StatusCode, 10357 Header: res.Header, 10358 } 10359 } 10360 if err != nil { 10361 return nil, err 10362 } 10363 defer googleapi.CloseBody(res) 10364 if err := googleapi.CheckResponse(res); err != nil { 10365 return nil, err 10366 } 10367 ret := &Empty{ 10368 ServerResponse: googleapi.ServerResponse{ 10369 Header: res.Header, 10370 HTTPStatusCode: res.StatusCode, 10371 }, 10372 } 10373 target := &ret 10374 if err := gensupport.DecodeResponse(target, res); err != nil { 10375 return nil, err 10376 } 10377 return ret, nil 10378 // { 10379 // "description": "Disable a ServiceAccountKey. A disabled service account key can be enabled through EnableServiceAccountKey.", 10380 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}:disable", 10381 // "httpMethod": "POST", 10382 // "id": "iam.projects.serviceAccounts.keys.disable", 10383 // "parameterOrder": [ 10384 // "name" 10385 // ], 10386 // "parameters": { 10387 // "name": { 10388 // "description": "Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 10389 // "location": "path", 10390 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$", 10391 // "required": true, 10392 // "type": "string" 10393 // } 10394 // }, 10395 // "path": "v1/{+name}:disable", 10396 // "request": { 10397 // "$ref": "DisableServiceAccountKeyRequest" 10398 // }, 10399 // "response": { 10400 // "$ref": "Empty" 10401 // }, 10402 // "scopes": [ 10403 // "https://www.googleapis.com/auth/cloud-platform" 10404 // ] 10405 // } 10406 10407} 10408 10409// method id "iam.projects.serviceAccounts.keys.enable": 10410 10411type ProjectsServiceAccountsKeysEnableCall struct { 10412 s *Service 10413 name string 10414 enableserviceaccountkeyrequest *EnableServiceAccountKeyRequest 10415 urlParams_ gensupport.URLParams 10416 ctx_ context.Context 10417 header_ http.Header 10418} 10419 10420// Enable: Enable a ServiceAccountKey. 10421// 10422// - name: The resource name of the service account key in the following 10423// format: 10424// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using 10425// `-` as a wildcard for the `PROJECT_ID` will infer the project from 10426// the account. The `ACCOUNT` value can be the `email` address or the 10427// `unique_id` of the service account. 10428func (r *ProjectsServiceAccountsKeysService) Enable(name string, enableserviceaccountkeyrequest *EnableServiceAccountKeyRequest) *ProjectsServiceAccountsKeysEnableCall { 10429 c := &ProjectsServiceAccountsKeysEnableCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10430 c.name = name 10431 c.enableserviceaccountkeyrequest = enableserviceaccountkeyrequest 10432 return c 10433} 10434 10435// Fields allows partial responses to be retrieved. See 10436// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10437// for more information. 10438func (c *ProjectsServiceAccountsKeysEnableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysEnableCall { 10439 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10440 return c 10441} 10442 10443// Context sets the context to be used in this call's Do method. Any 10444// pending HTTP request will be aborted if the provided context is 10445// canceled. 10446func (c *ProjectsServiceAccountsKeysEnableCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysEnableCall { 10447 c.ctx_ = ctx 10448 return c 10449} 10450 10451// Header returns an http.Header that can be modified by the caller to 10452// add HTTP headers to the request. 10453func (c *ProjectsServiceAccountsKeysEnableCall) Header() http.Header { 10454 if c.header_ == nil { 10455 c.header_ = make(http.Header) 10456 } 10457 return c.header_ 10458} 10459 10460func (c *ProjectsServiceAccountsKeysEnableCall) doRequest(alt string) (*http.Response, error) { 10461 reqHeaders := make(http.Header) 10462 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 10463 for k, v := range c.header_ { 10464 reqHeaders[k] = v 10465 } 10466 reqHeaders.Set("User-Agent", c.s.userAgent()) 10467 var body io.Reader = nil 10468 body, err := googleapi.WithoutDataWrapper.JSONReader(c.enableserviceaccountkeyrequest) 10469 if err != nil { 10470 return nil, err 10471 } 10472 reqHeaders.Set("Content-Type", "application/json") 10473 c.urlParams_.Set("alt", alt) 10474 c.urlParams_.Set("prettyPrint", "false") 10475 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:enable") 10476 urls += "?" + c.urlParams_.Encode() 10477 req, err := http.NewRequest("POST", urls, body) 10478 if err != nil { 10479 return nil, err 10480 } 10481 req.Header = reqHeaders 10482 googleapi.Expand(req.URL, map[string]string{ 10483 "name": c.name, 10484 }) 10485 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10486} 10487 10488// Do executes the "iam.projects.serviceAccounts.keys.enable" call. 10489// Exactly one of *Empty or error will be non-nil. Any non-2xx status 10490// code is an error. Response headers are in either 10491// *Empty.ServerResponse.Header or (if a response was returned at all) 10492// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 10493// check whether the returned error was because http.StatusNotModified 10494// was returned. 10495func (c *ProjectsServiceAccountsKeysEnableCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 10496 gensupport.SetOptions(c.urlParams_, opts...) 10497 res, err := c.doRequest("json") 10498 if res != nil && res.StatusCode == http.StatusNotModified { 10499 if res.Body != nil { 10500 res.Body.Close() 10501 } 10502 return nil, &googleapi.Error{ 10503 Code: res.StatusCode, 10504 Header: res.Header, 10505 } 10506 } 10507 if err != nil { 10508 return nil, err 10509 } 10510 defer googleapi.CloseBody(res) 10511 if err := googleapi.CheckResponse(res); err != nil { 10512 return nil, err 10513 } 10514 ret := &Empty{ 10515 ServerResponse: googleapi.ServerResponse{ 10516 Header: res.Header, 10517 HTTPStatusCode: res.StatusCode, 10518 }, 10519 } 10520 target := &ret 10521 if err := gensupport.DecodeResponse(target, res); err != nil { 10522 return nil, err 10523 } 10524 return ret, nil 10525 // { 10526 // "description": "Enable a ServiceAccountKey.", 10527 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}:enable", 10528 // "httpMethod": "POST", 10529 // "id": "iam.projects.serviceAccounts.keys.enable", 10530 // "parameterOrder": [ 10531 // "name" 10532 // ], 10533 // "parameters": { 10534 // "name": { 10535 // "description": "Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 10536 // "location": "path", 10537 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$", 10538 // "required": true, 10539 // "type": "string" 10540 // } 10541 // }, 10542 // "path": "v1/{+name}:enable", 10543 // "request": { 10544 // "$ref": "EnableServiceAccountKeyRequest" 10545 // }, 10546 // "response": { 10547 // "$ref": "Empty" 10548 // }, 10549 // "scopes": [ 10550 // "https://www.googleapis.com/auth/cloud-platform" 10551 // ] 10552 // } 10553 10554} 10555 10556// method id "iam.projects.serviceAccounts.keys.get": 10557 10558type ProjectsServiceAccountsKeysGetCall struct { 10559 s *Service 10560 name string 10561 urlParams_ gensupport.URLParams 10562 ifNoneMatch_ string 10563 ctx_ context.Context 10564 header_ http.Header 10565} 10566 10567// Get: Gets a ServiceAccountKey. 10568// 10569// - name: The resource name of the service account key in the following 10570// format: 10571// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using 10572// `-` as a wildcard for the `PROJECT_ID` will infer the project from 10573// the account. The `ACCOUNT` value can be the `email` address or the 10574// `unique_id` of the service account. 10575func (r *ProjectsServiceAccountsKeysService) Get(name string) *ProjectsServiceAccountsKeysGetCall { 10576 c := &ProjectsServiceAccountsKeysGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10577 c.name = name 10578 return c 10579} 10580 10581// PublicKeyType sets the optional parameter "publicKeyType": The output 10582// format of the public key requested. X509_PEM is the default output 10583// format. 10584// 10585// Possible values: 10586// "TYPE_NONE" - Unspecified. Returns nothing here. 10587// "TYPE_X509_PEM_FILE" - X509 PEM format. 10588// "TYPE_RAW_PUBLIC_KEY" - Raw public key. 10589func (c *ProjectsServiceAccountsKeysGetCall) PublicKeyType(publicKeyType string) *ProjectsServiceAccountsKeysGetCall { 10590 c.urlParams_.Set("publicKeyType", publicKeyType) 10591 return c 10592} 10593 10594// Fields allows partial responses to be retrieved. See 10595// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10596// for more information. 10597func (c *ProjectsServiceAccountsKeysGetCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysGetCall { 10598 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10599 return c 10600} 10601 10602// IfNoneMatch sets the optional parameter which makes the operation 10603// fail if the object's ETag matches the given value. This is useful for 10604// getting updates only after the object has changed since the last 10605// request. Use googleapi.IsNotModified to check whether the response 10606// error from Do is the result of In-None-Match. 10607func (c *ProjectsServiceAccountsKeysGetCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsKeysGetCall { 10608 c.ifNoneMatch_ = entityTag 10609 return c 10610} 10611 10612// Context sets the context to be used in this call's Do method. Any 10613// pending HTTP request will be aborted if the provided context is 10614// canceled. 10615func (c *ProjectsServiceAccountsKeysGetCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysGetCall { 10616 c.ctx_ = ctx 10617 return c 10618} 10619 10620// Header returns an http.Header that can be modified by the caller to 10621// add HTTP headers to the request. 10622func (c *ProjectsServiceAccountsKeysGetCall) Header() http.Header { 10623 if c.header_ == nil { 10624 c.header_ = make(http.Header) 10625 } 10626 return c.header_ 10627} 10628 10629func (c *ProjectsServiceAccountsKeysGetCall) doRequest(alt string) (*http.Response, error) { 10630 reqHeaders := make(http.Header) 10631 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 10632 for k, v := range c.header_ { 10633 reqHeaders[k] = v 10634 } 10635 reqHeaders.Set("User-Agent", c.s.userAgent()) 10636 if c.ifNoneMatch_ != "" { 10637 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 10638 } 10639 var body io.Reader = nil 10640 c.urlParams_.Set("alt", alt) 10641 c.urlParams_.Set("prettyPrint", "false") 10642 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 10643 urls += "?" + c.urlParams_.Encode() 10644 req, err := http.NewRequest("GET", urls, body) 10645 if err != nil { 10646 return nil, err 10647 } 10648 req.Header = reqHeaders 10649 googleapi.Expand(req.URL, map[string]string{ 10650 "name": c.name, 10651 }) 10652 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10653} 10654 10655// Do executes the "iam.projects.serviceAccounts.keys.get" call. 10656// Exactly one of *ServiceAccountKey or error will be non-nil. Any 10657// non-2xx status code is an error. Response headers are in either 10658// *ServiceAccountKey.ServerResponse.Header or (if a response was 10659// returned at all) in error.(*googleapi.Error).Header. Use 10660// googleapi.IsNotModified to check whether the returned error was 10661// because http.StatusNotModified was returned. 10662func (c *ProjectsServiceAccountsKeysGetCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 10663 gensupport.SetOptions(c.urlParams_, opts...) 10664 res, err := c.doRequest("json") 10665 if res != nil && res.StatusCode == http.StatusNotModified { 10666 if res.Body != nil { 10667 res.Body.Close() 10668 } 10669 return nil, &googleapi.Error{ 10670 Code: res.StatusCode, 10671 Header: res.Header, 10672 } 10673 } 10674 if err != nil { 10675 return nil, err 10676 } 10677 defer googleapi.CloseBody(res) 10678 if err := googleapi.CheckResponse(res); err != nil { 10679 return nil, err 10680 } 10681 ret := &ServiceAccountKey{ 10682 ServerResponse: googleapi.ServerResponse{ 10683 Header: res.Header, 10684 HTTPStatusCode: res.StatusCode, 10685 }, 10686 } 10687 target := &ret 10688 if err := gensupport.DecodeResponse(target, res); err != nil { 10689 return nil, err 10690 } 10691 return ret, nil 10692 // { 10693 // "description": "Gets a ServiceAccountKey.", 10694 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}", 10695 // "httpMethod": "GET", 10696 // "id": "iam.projects.serviceAccounts.keys.get", 10697 // "parameterOrder": [ 10698 // "name" 10699 // ], 10700 // "parameters": { 10701 // "name": { 10702 // "description": "Required. The resource name of the service account key in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 10703 // "location": "path", 10704 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$", 10705 // "required": true, 10706 // "type": "string" 10707 // }, 10708 // "publicKeyType": { 10709 // "description": "The output format of the public key requested. X509_PEM is the default output format.", 10710 // "enum": [ 10711 // "TYPE_NONE", 10712 // "TYPE_X509_PEM_FILE", 10713 // "TYPE_RAW_PUBLIC_KEY" 10714 // ], 10715 // "enumDescriptions": [ 10716 // "Unspecified. Returns nothing here.", 10717 // "X509 PEM format.", 10718 // "Raw public key." 10719 // ], 10720 // "location": "query", 10721 // "type": "string" 10722 // } 10723 // }, 10724 // "path": "v1/{+name}", 10725 // "response": { 10726 // "$ref": "ServiceAccountKey" 10727 // }, 10728 // "scopes": [ 10729 // "https://www.googleapis.com/auth/cloud-platform" 10730 // ] 10731 // } 10732 10733} 10734 10735// method id "iam.projects.serviceAccounts.keys.list": 10736 10737type ProjectsServiceAccountsKeysListCall struct { 10738 s *Service 10739 name string 10740 urlParams_ gensupport.URLParams 10741 ifNoneMatch_ string 10742 ctx_ context.Context 10743 header_ http.Header 10744} 10745 10746// List: Lists every ServiceAccountKey for a service account. 10747// 10748// - name: The resource name of the service account in the following 10749// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 10750// `-` as a wildcard for the `PROJECT_ID`, will infer the project from 10751// the account. The `ACCOUNT` value can be the `email` address or the 10752// `unique_id` of the service account. 10753func (r *ProjectsServiceAccountsKeysService) List(name string) *ProjectsServiceAccountsKeysListCall { 10754 c := &ProjectsServiceAccountsKeysListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10755 c.name = name 10756 return c 10757} 10758 10759// KeyTypes sets the optional parameter "keyTypes": Filters the types of 10760// keys the user wants to include in the list response. Duplicate key 10761// types are not allowed. If no key type is provided, all keys are 10762// returned. 10763// 10764// Possible values: 10765// "KEY_TYPE_UNSPECIFIED" - Unspecified key type. The presence of this 10766// in the message will immediately result in an error. 10767// "USER_MANAGED" - User-managed keys (managed and rotated by the 10768// user). 10769// "SYSTEM_MANAGED" - System-managed keys (managed and rotated by 10770// Google). 10771func (c *ProjectsServiceAccountsKeysListCall) KeyTypes(keyTypes ...string) *ProjectsServiceAccountsKeysListCall { 10772 c.urlParams_.SetMulti("keyTypes", append([]string{}, keyTypes...)) 10773 return c 10774} 10775 10776// Fields allows partial responses to be retrieved. See 10777// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10778// for more information. 10779func (c *ProjectsServiceAccountsKeysListCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysListCall { 10780 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10781 return c 10782} 10783 10784// IfNoneMatch sets the optional parameter which makes the operation 10785// fail if the object's ETag matches the given value. This is useful for 10786// getting updates only after the object has changed since the last 10787// request. Use googleapi.IsNotModified to check whether the response 10788// error from Do is the result of In-None-Match. 10789func (c *ProjectsServiceAccountsKeysListCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsKeysListCall { 10790 c.ifNoneMatch_ = entityTag 10791 return c 10792} 10793 10794// Context sets the context to be used in this call's Do method. Any 10795// pending HTTP request will be aborted if the provided context is 10796// canceled. 10797func (c *ProjectsServiceAccountsKeysListCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysListCall { 10798 c.ctx_ = ctx 10799 return c 10800} 10801 10802// Header returns an http.Header that can be modified by the caller to 10803// add HTTP headers to the request. 10804func (c *ProjectsServiceAccountsKeysListCall) Header() http.Header { 10805 if c.header_ == nil { 10806 c.header_ = make(http.Header) 10807 } 10808 return c.header_ 10809} 10810 10811func (c *ProjectsServiceAccountsKeysListCall) doRequest(alt string) (*http.Response, error) { 10812 reqHeaders := make(http.Header) 10813 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 10814 for k, v := range c.header_ { 10815 reqHeaders[k] = v 10816 } 10817 reqHeaders.Set("User-Agent", c.s.userAgent()) 10818 if c.ifNoneMatch_ != "" { 10819 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 10820 } 10821 var body io.Reader = nil 10822 c.urlParams_.Set("alt", alt) 10823 c.urlParams_.Set("prettyPrint", "false") 10824 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys") 10825 urls += "?" + c.urlParams_.Encode() 10826 req, err := http.NewRequest("GET", urls, body) 10827 if err != nil { 10828 return nil, err 10829 } 10830 req.Header = reqHeaders 10831 googleapi.Expand(req.URL, map[string]string{ 10832 "name": c.name, 10833 }) 10834 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10835} 10836 10837// Do executes the "iam.projects.serviceAccounts.keys.list" call. 10838// Exactly one of *ListServiceAccountKeysResponse or error will be 10839// non-nil. Any non-2xx status code is an error. Response headers are in 10840// either *ListServiceAccountKeysResponse.ServerResponse.Header or (if a 10841// response was returned at all) in error.(*googleapi.Error).Header. Use 10842// googleapi.IsNotModified to check whether the returned error was 10843// because http.StatusNotModified was returned. 10844func (c *ProjectsServiceAccountsKeysListCall) Do(opts ...googleapi.CallOption) (*ListServiceAccountKeysResponse, error) { 10845 gensupport.SetOptions(c.urlParams_, opts...) 10846 res, err := c.doRequest("json") 10847 if res != nil && res.StatusCode == http.StatusNotModified { 10848 if res.Body != nil { 10849 res.Body.Close() 10850 } 10851 return nil, &googleapi.Error{ 10852 Code: res.StatusCode, 10853 Header: res.Header, 10854 } 10855 } 10856 if err != nil { 10857 return nil, err 10858 } 10859 defer googleapi.CloseBody(res) 10860 if err := googleapi.CheckResponse(res); err != nil { 10861 return nil, err 10862 } 10863 ret := &ListServiceAccountKeysResponse{ 10864 ServerResponse: googleapi.ServerResponse{ 10865 Header: res.Header, 10866 HTTPStatusCode: res.StatusCode, 10867 }, 10868 } 10869 target := &ret 10870 if err := gensupport.DecodeResponse(target, res); err != nil { 10871 return nil, err 10872 } 10873 return ret, nil 10874 // { 10875 // "description": "Lists every ServiceAccountKey for a service account.", 10876 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys", 10877 // "httpMethod": "GET", 10878 // "id": "iam.projects.serviceAccounts.keys.list", 10879 // "parameterOrder": [ 10880 // "name" 10881 // ], 10882 // "parameters": { 10883 // "keyTypes": { 10884 // "description": "Filters the types of keys the user wants to include in the list response. Duplicate key types are not allowed. If no key type is provided, all keys are returned.", 10885 // "enum": [ 10886 // "KEY_TYPE_UNSPECIFIED", 10887 // "USER_MANAGED", 10888 // "SYSTEM_MANAGED" 10889 // ], 10890 // "enumDescriptions": [ 10891 // "Unspecified key type. The presence of this in the message will immediately result in an error.", 10892 // "User-managed keys (managed and rotated by the user).", 10893 // "System-managed keys (managed and rotated by Google)." 10894 // ], 10895 // "location": "query", 10896 // "repeated": true, 10897 // "type": "string" 10898 // }, 10899 // "name": { 10900 // "description": "Required. The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID`, will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 10901 // "location": "path", 10902 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 10903 // "required": true, 10904 // "type": "string" 10905 // } 10906 // }, 10907 // "path": "v1/{+name}/keys", 10908 // "response": { 10909 // "$ref": "ListServiceAccountKeysResponse" 10910 // }, 10911 // "scopes": [ 10912 // "https://www.googleapis.com/auth/cloud-platform" 10913 // ] 10914 // } 10915 10916} 10917 10918// method id "iam.projects.serviceAccounts.keys.upload": 10919 10920type ProjectsServiceAccountsKeysUploadCall struct { 10921 s *Service 10922 name string 10923 uploadserviceaccountkeyrequest *UploadServiceAccountKeyRequest 10924 urlParams_ gensupport.URLParams 10925 ctx_ context.Context 10926 header_ http.Header 10927} 10928 10929// Upload: Creates a ServiceAccountKey, using a public key that you 10930// provide. 10931// 10932// - name: The resource name of the service account in the following 10933// format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using 10934// `-` as a wildcard for the `PROJECT_ID` will infer the project from 10935// the account. The `ACCOUNT` value can be the `email` address or the 10936// `unique_id` of the service account. 10937func (r *ProjectsServiceAccountsKeysService) Upload(name string, uploadserviceaccountkeyrequest *UploadServiceAccountKeyRequest) *ProjectsServiceAccountsKeysUploadCall { 10938 c := &ProjectsServiceAccountsKeysUploadCall{s: r.s, urlParams_: make(gensupport.URLParams)} 10939 c.name = name 10940 c.uploadserviceaccountkeyrequest = uploadserviceaccountkeyrequest 10941 return c 10942} 10943 10944// Fields allows partial responses to be retrieved. See 10945// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 10946// for more information. 10947func (c *ProjectsServiceAccountsKeysUploadCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysUploadCall { 10948 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 10949 return c 10950} 10951 10952// Context sets the context to be used in this call's Do method. Any 10953// pending HTTP request will be aborted if the provided context is 10954// canceled. 10955func (c *ProjectsServiceAccountsKeysUploadCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysUploadCall { 10956 c.ctx_ = ctx 10957 return c 10958} 10959 10960// Header returns an http.Header that can be modified by the caller to 10961// add HTTP headers to the request. 10962func (c *ProjectsServiceAccountsKeysUploadCall) Header() http.Header { 10963 if c.header_ == nil { 10964 c.header_ = make(http.Header) 10965 } 10966 return c.header_ 10967} 10968 10969func (c *ProjectsServiceAccountsKeysUploadCall) doRequest(alt string) (*http.Response, error) { 10970 reqHeaders := make(http.Header) 10971 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 10972 for k, v := range c.header_ { 10973 reqHeaders[k] = v 10974 } 10975 reqHeaders.Set("User-Agent", c.s.userAgent()) 10976 var body io.Reader = nil 10977 body, err := googleapi.WithoutDataWrapper.JSONReader(c.uploadserviceaccountkeyrequest) 10978 if err != nil { 10979 return nil, err 10980 } 10981 reqHeaders.Set("Content-Type", "application/json") 10982 c.urlParams_.Set("alt", alt) 10983 c.urlParams_.Set("prettyPrint", "false") 10984 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys:upload") 10985 urls += "?" + c.urlParams_.Encode() 10986 req, err := http.NewRequest("POST", urls, body) 10987 if err != nil { 10988 return nil, err 10989 } 10990 req.Header = reqHeaders 10991 googleapi.Expand(req.URL, map[string]string{ 10992 "name": c.name, 10993 }) 10994 return gensupport.SendRequest(c.ctx_, c.s.client, req) 10995} 10996 10997// Do executes the "iam.projects.serviceAccounts.keys.upload" call. 10998// Exactly one of *ServiceAccountKey or error will be non-nil. Any 10999// non-2xx status code is an error. Response headers are in either 11000// *ServiceAccountKey.ServerResponse.Header or (if a response was 11001// returned at all) in error.(*googleapi.Error).Header. Use 11002// googleapi.IsNotModified to check whether the returned error was 11003// because http.StatusNotModified was returned. 11004func (c *ProjectsServiceAccountsKeysUploadCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 11005 gensupport.SetOptions(c.urlParams_, opts...) 11006 res, err := c.doRequest("json") 11007 if res != nil && res.StatusCode == http.StatusNotModified { 11008 if res.Body != nil { 11009 res.Body.Close() 11010 } 11011 return nil, &googleapi.Error{ 11012 Code: res.StatusCode, 11013 Header: res.Header, 11014 } 11015 } 11016 if err != nil { 11017 return nil, err 11018 } 11019 defer googleapi.CloseBody(res) 11020 if err := googleapi.CheckResponse(res); err != nil { 11021 return nil, err 11022 } 11023 ret := &ServiceAccountKey{ 11024 ServerResponse: googleapi.ServerResponse{ 11025 Header: res.Header, 11026 HTTPStatusCode: res.StatusCode, 11027 }, 11028 } 11029 target := &ret 11030 if err := gensupport.DecodeResponse(target, res); err != nil { 11031 return nil, err 11032 } 11033 return ret, nil 11034 // { 11035 // "description": "Creates a ServiceAccountKey, using a public key that you provide.", 11036 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys:upload", 11037 // "httpMethod": "POST", 11038 // "id": "iam.projects.serviceAccounts.keys.upload", 11039 // "parameterOrder": [ 11040 // "name" 11041 // ], 11042 // "parameters": { 11043 // "name": { 11044 // "description": "The resource name of the service account in the following format: `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. Using `-` as a wildcard for the `PROJECT_ID` will infer the project from the account. The `ACCOUNT` value can be the `email` address or the `unique_id` of the service account.", 11045 // "location": "path", 11046 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 11047 // "required": true, 11048 // "type": "string" 11049 // } 11050 // }, 11051 // "path": "v1/{+name}/keys:upload", 11052 // "request": { 11053 // "$ref": "UploadServiceAccountKeyRequest" 11054 // }, 11055 // "response": { 11056 // "$ref": "ServiceAccountKey" 11057 // }, 11058 // "scopes": [ 11059 // "https://www.googleapis.com/auth/cloud-platform" 11060 // ] 11061 // } 11062 11063} 11064 11065// method id "iam.roles.get": 11066 11067type RolesGetCall struct { 11068 s *Service 11069 name string 11070 urlParams_ gensupport.URLParams 11071 ifNoneMatch_ string 11072 ctx_ context.Context 11073 header_ http.Header 11074} 11075 11076// Get: Gets the definition of a Role. 11077// 11078// - name: The `name` parameter's value depends on the target resource 11079// for the request, namely `roles` (/iam/reference/rest/v1/roles), 11080// `projects` (/iam/reference/rest/v1/projects.roles), or 11081// `organizations` (/iam/reference/rest/v1/organizations.roles). Each 11082// resource type's `name` value format is described below: * 11083// `roles.get()` (/iam/reference/rest/v1/roles/get): 11084// `roles/{ROLE_NAME}`. This method returns results from all 11085// predefined roles (/iam/docs/understanding-roles#predefined_roles) 11086// in Cloud IAM. Example request URL: 11087// `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * 11088// `projects.roles.get()` (/iam/reference/rest/v1/projects.roles/get): 11089// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns 11090// only custom roles (/iam/docs/understanding-custom-roles) that have 11091// been created at the project level. Example request URL: 11092// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_R 11093// OLE_ID}` * `organizations.roles.get()` 11094// (/iam/reference/rest/v1/organizations.roles/get): 11095// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This 11096// method returns only custom roles 11097// (/iam/docs/understanding-custom-roles) that have been created at 11098// the organization level. Example request URL: 11099// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles 11100// /{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must 11101// specify a complete project ID or organization ID. 11102func (r *RolesService) Get(name string) *RolesGetCall { 11103 c := &RolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 11104 c.name = name 11105 return c 11106} 11107 11108// Fields allows partial responses to be retrieved. See 11109// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 11110// for more information. 11111func (c *RolesGetCall) Fields(s ...googleapi.Field) *RolesGetCall { 11112 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 11113 return c 11114} 11115 11116// IfNoneMatch sets the optional parameter which makes the operation 11117// fail if the object's ETag matches the given value. This is useful for 11118// getting updates only after the object has changed since the last 11119// request. Use googleapi.IsNotModified to check whether the response 11120// error from Do is the result of In-None-Match. 11121func (c *RolesGetCall) IfNoneMatch(entityTag string) *RolesGetCall { 11122 c.ifNoneMatch_ = entityTag 11123 return c 11124} 11125 11126// Context sets the context to be used in this call's Do method. Any 11127// pending HTTP request will be aborted if the provided context is 11128// canceled. 11129func (c *RolesGetCall) Context(ctx context.Context) *RolesGetCall { 11130 c.ctx_ = ctx 11131 return c 11132} 11133 11134// Header returns an http.Header that can be modified by the caller to 11135// add HTTP headers to the request. 11136func (c *RolesGetCall) Header() http.Header { 11137 if c.header_ == nil { 11138 c.header_ = make(http.Header) 11139 } 11140 return c.header_ 11141} 11142 11143func (c *RolesGetCall) doRequest(alt string) (*http.Response, error) { 11144 reqHeaders := make(http.Header) 11145 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 11146 for k, v := range c.header_ { 11147 reqHeaders[k] = v 11148 } 11149 reqHeaders.Set("User-Agent", c.s.userAgent()) 11150 if c.ifNoneMatch_ != "" { 11151 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 11152 } 11153 var body io.Reader = nil 11154 c.urlParams_.Set("alt", alt) 11155 c.urlParams_.Set("prettyPrint", "false") 11156 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 11157 urls += "?" + c.urlParams_.Encode() 11158 req, err := http.NewRequest("GET", urls, body) 11159 if err != nil { 11160 return nil, err 11161 } 11162 req.Header = reqHeaders 11163 googleapi.Expand(req.URL, map[string]string{ 11164 "name": c.name, 11165 }) 11166 return gensupport.SendRequest(c.ctx_, c.s.client, req) 11167} 11168 11169// Do executes the "iam.roles.get" call. 11170// Exactly one of *Role or error will be non-nil. Any non-2xx status 11171// code is an error. Response headers are in either 11172// *Role.ServerResponse.Header or (if a response was returned at all) in 11173// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 11174// whether the returned error was because http.StatusNotModified was 11175// returned. 11176func (c *RolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 11177 gensupport.SetOptions(c.urlParams_, opts...) 11178 res, err := c.doRequest("json") 11179 if res != nil && res.StatusCode == http.StatusNotModified { 11180 if res.Body != nil { 11181 res.Body.Close() 11182 } 11183 return nil, &googleapi.Error{ 11184 Code: res.StatusCode, 11185 Header: res.Header, 11186 } 11187 } 11188 if err != nil { 11189 return nil, err 11190 } 11191 defer googleapi.CloseBody(res) 11192 if err := googleapi.CheckResponse(res); err != nil { 11193 return nil, err 11194 } 11195 ret := &Role{ 11196 ServerResponse: googleapi.ServerResponse{ 11197 Header: res.Header, 11198 HTTPStatusCode: res.StatusCode, 11199 }, 11200 } 11201 target := &ret 11202 if err := gensupport.DecodeResponse(target, res); err != nil { 11203 return nil, err 11204 } 11205 return ret, nil 11206 // { 11207 // "description": "Gets the definition of a Role.", 11208 // "flatPath": "v1/roles/{rolesId}", 11209 // "httpMethod": "GET", 11210 // "id": "iam.roles.get", 11211 // "parameterOrder": [ 11212 // "name" 11213 // ], 11214 // "parameters": { 11215 // "name": { 11216 // "description": "The `name` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `name` value format is described below: * [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`. This method returns results from all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get): `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` * [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get): `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only [custom roles](/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 11217 // "location": "path", 11218 // "pattern": "^roles/[^/]+$", 11219 // "required": true, 11220 // "type": "string" 11221 // } 11222 // }, 11223 // "path": "v1/{+name}", 11224 // "response": { 11225 // "$ref": "Role" 11226 // }, 11227 // "scopes": [ 11228 // "https://www.googleapis.com/auth/cloud-platform" 11229 // ] 11230 // } 11231 11232} 11233 11234// method id "iam.roles.list": 11235 11236type RolesListCall struct { 11237 s *Service 11238 urlParams_ gensupport.URLParams 11239 ifNoneMatch_ string 11240 ctx_ context.Context 11241 header_ http.Header 11242} 11243 11244// List: Lists every predefined Role that IAM supports, or every custom 11245// role that is defined for an organization or project. 11246func (r *RolesService) List() *RolesListCall { 11247 c := &RolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 11248 return c 11249} 11250 11251// PageSize sets the optional parameter "pageSize": Optional limit on 11252// the number of roles to include in the response. The default is 300, 11253// and the maximum is 1,000. 11254func (c *RolesListCall) PageSize(pageSize int64) *RolesListCall { 11255 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 11256 return c 11257} 11258 11259// PageToken sets the optional parameter "pageToken": Optional 11260// pagination token returned in an earlier ListRolesResponse. 11261func (c *RolesListCall) PageToken(pageToken string) *RolesListCall { 11262 c.urlParams_.Set("pageToken", pageToken) 11263 return c 11264} 11265 11266// Parent sets the optional parameter "parent": The `parent` parameter's 11267// value depends on the target resource for the request, namely `roles` 11268// (/iam/reference/rest/v1/roles), `projects` 11269// (/iam/reference/rest/v1/projects.roles), or `organizations` 11270// (/iam/reference/rest/v1/organizations.roles). Each resource type's 11271// `parent` value format is described below: * `roles.list()` 11272// (/iam/reference/rest/v1/roles/list): An empty string. This method 11273// doesn't require a resource; it simply returns all predefined roles 11274// (/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. 11275// Example request URL: `https://iam.googleapis.com/v1/roles` * 11276// `projects.roles.list()` (/iam/reference/rest/v1/projects.roles/list): 11277// `projects/{PROJECT_ID}`. This method lists all project-level custom 11278// roles (/iam/docs/understanding-custom-roles). Example request URL: 11279// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * 11280// `organizations.roles.list()` 11281// (/iam/reference/rest/v1/organizations.roles/list): 11282// `organizations/{ORGANIZATION_ID}`. This method lists all 11283// organization-level custom roles 11284// (/iam/docs/understanding-custom-roles). Example request URL: 11285// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` 11286// Note: Wildcard (*) values are invalid; you must specify a complete 11287// project ID or organization ID. 11288func (c *RolesListCall) Parent(parent string) *RolesListCall { 11289 c.urlParams_.Set("parent", parent) 11290 return c 11291} 11292 11293// ShowDeleted sets the optional parameter "showDeleted": Include Roles 11294// that have been deleted. 11295func (c *RolesListCall) ShowDeleted(showDeleted bool) *RolesListCall { 11296 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 11297 return c 11298} 11299 11300// View sets the optional parameter "view": Optional view for the 11301// returned Role objects. When `FULL` is specified, the 11302// `includedPermissions` field is returned, which includes a list of all 11303// permissions in the role. The default value is `BASIC`, which does not 11304// return the `includedPermissions` field. 11305// 11306// Possible values: 11307// "BASIC" - Omits the `included_permissions` field. This is the 11308// default value. 11309// "FULL" - Returns all fields. 11310func (c *RolesListCall) View(view string) *RolesListCall { 11311 c.urlParams_.Set("view", view) 11312 return c 11313} 11314 11315// Fields allows partial responses to be retrieved. See 11316// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 11317// for more information. 11318func (c *RolesListCall) Fields(s ...googleapi.Field) *RolesListCall { 11319 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 11320 return c 11321} 11322 11323// IfNoneMatch sets the optional parameter which makes the operation 11324// fail if the object's ETag matches the given value. This is useful for 11325// getting updates only after the object has changed since the last 11326// request. Use googleapi.IsNotModified to check whether the response 11327// error from Do is the result of In-None-Match. 11328func (c *RolesListCall) IfNoneMatch(entityTag string) *RolesListCall { 11329 c.ifNoneMatch_ = entityTag 11330 return c 11331} 11332 11333// Context sets the context to be used in this call's Do method. Any 11334// pending HTTP request will be aborted if the provided context is 11335// canceled. 11336func (c *RolesListCall) Context(ctx context.Context) *RolesListCall { 11337 c.ctx_ = ctx 11338 return c 11339} 11340 11341// Header returns an http.Header that can be modified by the caller to 11342// add HTTP headers to the request. 11343func (c *RolesListCall) Header() http.Header { 11344 if c.header_ == nil { 11345 c.header_ = make(http.Header) 11346 } 11347 return c.header_ 11348} 11349 11350func (c *RolesListCall) doRequest(alt string) (*http.Response, error) { 11351 reqHeaders := make(http.Header) 11352 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 11353 for k, v := range c.header_ { 11354 reqHeaders[k] = v 11355 } 11356 reqHeaders.Set("User-Agent", c.s.userAgent()) 11357 if c.ifNoneMatch_ != "" { 11358 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 11359 } 11360 var body io.Reader = nil 11361 c.urlParams_.Set("alt", alt) 11362 c.urlParams_.Set("prettyPrint", "false") 11363 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/roles") 11364 urls += "?" + c.urlParams_.Encode() 11365 req, err := http.NewRequest("GET", urls, body) 11366 if err != nil { 11367 return nil, err 11368 } 11369 req.Header = reqHeaders 11370 return gensupport.SendRequest(c.ctx_, c.s.client, req) 11371} 11372 11373// Do executes the "iam.roles.list" call. 11374// Exactly one of *ListRolesResponse or error will be non-nil. Any 11375// non-2xx status code is an error. Response headers are in either 11376// *ListRolesResponse.ServerResponse.Header or (if a response was 11377// returned at all) in error.(*googleapi.Error).Header. Use 11378// googleapi.IsNotModified to check whether the returned error was 11379// because http.StatusNotModified was returned. 11380func (c *RolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 11381 gensupport.SetOptions(c.urlParams_, opts...) 11382 res, err := c.doRequest("json") 11383 if res != nil && res.StatusCode == http.StatusNotModified { 11384 if res.Body != nil { 11385 res.Body.Close() 11386 } 11387 return nil, &googleapi.Error{ 11388 Code: res.StatusCode, 11389 Header: res.Header, 11390 } 11391 } 11392 if err != nil { 11393 return nil, err 11394 } 11395 defer googleapi.CloseBody(res) 11396 if err := googleapi.CheckResponse(res); err != nil { 11397 return nil, err 11398 } 11399 ret := &ListRolesResponse{ 11400 ServerResponse: googleapi.ServerResponse{ 11401 Header: res.Header, 11402 HTTPStatusCode: res.StatusCode, 11403 }, 11404 } 11405 target := &ret 11406 if err := gensupport.DecodeResponse(target, res); err != nil { 11407 return nil, err 11408 } 11409 return ret, nil 11410 // { 11411 // "description": "Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.", 11412 // "flatPath": "v1/roles", 11413 // "httpMethod": "GET", 11414 // "id": "iam.roles.list", 11415 // "parameterOrder": [], 11416 // "parameters": { 11417 // "pageSize": { 11418 // "description": "Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000.", 11419 // "format": "int32", 11420 // "location": "query", 11421 // "type": "integer" 11422 // }, 11423 // "pageToken": { 11424 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 11425 // "location": "query", 11426 // "type": "string" 11427 // }, 11428 // "parent": { 11429 // "description": "The `parent` parameter's value depends on the target resource for the request, namely [`roles`](/iam/reference/rest/v1/roles), [`projects`](/iam/reference/rest/v1/projects.roles), or [`organizations`](/iam/reference/rest/v1/organizations.roles). Each resource type's `parent` value format is described below: * [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string. This method doesn't require a resource; it simply returns all [predefined roles](/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles` * [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list): `projects/{PROJECT_ID}`. This method lists all project-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` * [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list): `organizations/{ORGANIZATION_ID}`. This method lists all organization-level [custom roles](/iam/docs/understanding-custom-roles). Example request URL: `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.", 11430 // "location": "query", 11431 // "type": "string" 11432 // }, 11433 // "showDeleted": { 11434 // "description": "Include Roles that have been deleted.", 11435 // "location": "query", 11436 // "type": "boolean" 11437 // }, 11438 // "view": { 11439 // "description": "Optional view for the returned Role objects. When `FULL` is specified, the `includedPermissions` field is returned, which includes a list of all permissions in the role. The default value is `BASIC`, which does not return the `includedPermissions` field.", 11440 // "enum": [ 11441 // "BASIC", 11442 // "FULL" 11443 // ], 11444 // "enumDescriptions": [ 11445 // "Omits the `included_permissions` field. This is the default value.", 11446 // "Returns all fields." 11447 // ], 11448 // "location": "query", 11449 // "type": "string" 11450 // } 11451 // }, 11452 // "path": "v1/roles", 11453 // "response": { 11454 // "$ref": "ListRolesResponse" 11455 // }, 11456 // "scopes": [ 11457 // "https://www.googleapis.com/auth/cloud-platform" 11458 // ] 11459 // } 11460 11461} 11462 11463// Pages invokes f for each page of results. 11464// A non-nil error returned from f will halt the iteration. 11465// The provided context supersedes any context provided to the Context method. 11466func (c *RolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 11467 c.ctx_ = ctx 11468 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 11469 for { 11470 x, err := c.Do() 11471 if err != nil { 11472 return err 11473 } 11474 if err := f(x); err != nil { 11475 return err 11476 } 11477 if x.NextPageToken == "" { 11478 return nil 11479 } 11480 c.PageToken(x.NextPageToken) 11481 } 11482} 11483 11484// method id "iam.roles.queryGrantableRoles": 11485 11486type RolesQueryGrantableRolesCall struct { 11487 s *Service 11488 querygrantablerolesrequest *QueryGrantableRolesRequest 11489 urlParams_ gensupport.URLParams 11490 ctx_ context.Context 11491 header_ http.Header 11492} 11493 11494// QueryGrantableRoles: Lists roles that can be granted on a Google 11495// Cloud resource. A role is grantable if the IAM policy for the 11496// resource can contain bindings to the role. 11497func (r *RolesService) QueryGrantableRoles(querygrantablerolesrequest *QueryGrantableRolesRequest) *RolesQueryGrantableRolesCall { 11498 c := &RolesQueryGrantableRolesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 11499 c.querygrantablerolesrequest = querygrantablerolesrequest 11500 return c 11501} 11502 11503// Fields allows partial responses to be retrieved. See 11504// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 11505// for more information. 11506func (c *RolesQueryGrantableRolesCall) Fields(s ...googleapi.Field) *RolesQueryGrantableRolesCall { 11507 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 11508 return c 11509} 11510 11511// Context sets the context to be used in this call's Do method. Any 11512// pending HTTP request will be aborted if the provided context is 11513// canceled. 11514func (c *RolesQueryGrantableRolesCall) Context(ctx context.Context) *RolesQueryGrantableRolesCall { 11515 c.ctx_ = ctx 11516 return c 11517} 11518 11519// Header returns an http.Header that can be modified by the caller to 11520// add HTTP headers to the request. 11521func (c *RolesQueryGrantableRolesCall) Header() http.Header { 11522 if c.header_ == nil { 11523 c.header_ = make(http.Header) 11524 } 11525 return c.header_ 11526} 11527 11528func (c *RolesQueryGrantableRolesCall) doRequest(alt string) (*http.Response, error) { 11529 reqHeaders := make(http.Header) 11530 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20211201") 11531 for k, v := range c.header_ { 11532 reqHeaders[k] = v 11533 } 11534 reqHeaders.Set("User-Agent", c.s.userAgent()) 11535 var body io.Reader = nil 11536 body, err := googleapi.WithoutDataWrapper.JSONReader(c.querygrantablerolesrequest) 11537 if err != nil { 11538 return nil, err 11539 } 11540 reqHeaders.Set("Content-Type", "application/json") 11541 c.urlParams_.Set("alt", alt) 11542 c.urlParams_.Set("prettyPrint", "false") 11543 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/roles:queryGrantableRoles") 11544 urls += "?" + c.urlParams_.Encode() 11545 req, err := http.NewRequest("POST", urls, body) 11546 if err != nil { 11547 return nil, err 11548 } 11549 req.Header = reqHeaders 11550 return gensupport.SendRequest(c.ctx_, c.s.client, req) 11551} 11552 11553// Do executes the "iam.roles.queryGrantableRoles" call. 11554// Exactly one of *QueryGrantableRolesResponse or error will be non-nil. 11555// Any non-2xx status code is an error. Response headers are in either 11556// *QueryGrantableRolesResponse.ServerResponse.Header or (if a response 11557// was returned at all) in error.(*googleapi.Error).Header. Use 11558// googleapi.IsNotModified to check whether the returned error was 11559// because http.StatusNotModified was returned. 11560func (c *RolesQueryGrantableRolesCall) Do(opts ...googleapi.CallOption) (*QueryGrantableRolesResponse, error) { 11561 gensupport.SetOptions(c.urlParams_, opts...) 11562 res, err := c.doRequest("json") 11563 if res != nil && res.StatusCode == http.StatusNotModified { 11564 if res.Body != nil { 11565 res.Body.Close() 11566 } 11567 return nil, &googleapi.Error{ 11568 Code: res.StatusCode, 11569 Header: res.Header, 11570 } 11571 } 11572 if err != nil { 11573 return nil, err 11574 } 11575 defer googleapi.CloseBody(res) 11576 if err := googleapi.CheckResponse(res); err != nil { 11577 return nil, err 11578 } 11579 ret := &QueryGrantableRolesResponse{ 11580 ServerResponse: googleapi.ServerResponse{ 11581 Header: res.Header, 11582 HTTPStatusCode: res.StatusCode, 11583 }, 11584 } 11585 target := &ret 11586 if err := gensupport.DecodeResponse(target, res); err != nil { 11587 return nil, err 11588 } 11589 return ret, nil 11590 // { 11591 // "description": "Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role.", 11592 // "flatPath": "v1/roles:queryGrantableRoles", 11593 // "httpMethod": "POST", 11594 // "id": "iam.roles.queryGrantableRoles", 11595 // "parameterOrder": [], 11596 // "parameters": {}, 11597 // "path": "v1/roles:queryGrantableRoles", 11598 // "request": { 11599 // "$ref": "QueryGrantableRolesRequest" 11600 // }, 11601 // "response": { 11602 // "$ref": "QueryGrantableRolesResponse" 11603 // }, 11604 // "scopes": [ 11605 // "https://www.googleapis.com/auth/cloud-platform" 11606 // ] 11607 // } 11608 11609} 11610 11611// Pages invokes f for each page of results. 11612// A non-nil error returned from f will halt the iteration. 11613// The provided context supersedes any context provided to the Context method. 11614func (c *RolesQueryGrantableRolesCall) Pages(ctx context.Context, f func(*QueryGrantableRolesResponse) error) error { 11615 c.ctx_ = ctx 11616 defer func(pt string) { c.querygrantablerolesrequest.PageToken = pt }(c.querygrantablerolesrequest.PageToken) // reset paging to original point 11617 for { 11618 x, err := c.Do() 11619 if err != nil { 11620 return err 11621 } 11622 if err := f(x); err != nil { 11623 return err 11624 } 11625 if x.NextPageToken == "" { 11626 return nil 11627 } 11628 c.querygrantablerolesrequest.PageToken = x.NextPageToken 11629 } 11630} 11631