1// Copyright 2020 Google LLC. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5// Code generated file. DO NOT EDIT. 6 7// Package iam provides access to the Identity and Access Management (IAM) API. 8// 9// For product documentation, see: https://cloud.google.com/iam/ 10// 11// Creating a client 12// 13// Usage example: 14// 15// import "google.golang.org/api/iam/v1" 16// ... 17// ctx := context.Background() 18// iamService, err := iam.NewService(ctx) 19// 20// In this example, Google Application Default Credentials are used for authentication. 21// 22// For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials. 23// 24// Other authentication options 25// 26// To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey: 27// 28// iamService, err := iam.NewService(ctx, option.WithAPIKey("AIza...")) 29// 30// To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource: 31// 32// config := &oauth2.Config{...} 33// // ... 34// token, err := config.Exchange(ctx, ...) 35// iamService, err := iam.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token))) 36// 37// See https://godoc.org/google.golang.org/api/option/ for details on options. 38package iam // import "google.golang.org/api/iam/v1" 39 40import ( 41 "bytes" 42 "context" 43 "encoding/json" 44 "errors" 45 "fmt" 46 "io" 47 "net/http" 48 "net/url" 49 "strconv" 50 "strings" 51 52 googleapi "google.golang.org/api/googleapi" 53 gensupport "google.golang.org/api/internal/gensupport" 54 option "google.golang.org/api/option" 55 internaloption "google.golang.org/api/option/internaloption" 56 htransport "google.golang.org/api/transport/http" 57) 58 59// Always reference these packages, just in case the auto-generated code 60// below doesn't. 61var _ = bytes.NewBuffer 62var _ = strconv.Itoa 63var _ = fmt.Sprintf 64var _ = json.NewDecoder 65var _ = io.Copy 66var _ = url.Parse 67var _ = gensupport.MarshalJSON 68var _ = googleapi.Version 69var _ = errors.New 70var _ = strings.Replace 71var _ = context.Canceled 72var _ = internaloption.WithDefaultEndpoint 73 74const apiId = "iam:v1" 75const apiName = "iam" 76const apiVersion = "v1" 77const basePath = "https://iam.googleapis.com/" 78 79// OAuth2 scopes used by this API. 80const ( 81 // View and manage your data across Google Cloud Platform services 82 CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform" 83) 84 85// NewService creates a new Service. 86func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) { 87 scopesOption := option.WithScopes( 88 "https://www.googleapis.com/auth/cloud-platform", 89 ) 90 // NOTE: prepend, so we don't override user-specified scopes. 91 opts = append([]option.ClientOption{scopesOption}, opts...) 92 opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) 93 client, endpoint, err := htransport.NewClient(ctx, opts...) 94 if err != nil { 95 return nil, err 96 } 97 s, err := New(client) 98 if err != nil { 99 return nil, err 100 } 101 if endpoint != "" { 102 s.BasePath = endpoint 103 } 104 return s, nil 105} 106 107// New creates a new Service. It uses the provided http.Client for requests. 108// 109// Deprecated: please use NewService instead. 110// To provide a custom HTTP client, use option.WithHTTPClient. 111// If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead. 112func New(client *http.Client) (*Service, error) { 113 if client == nil { 114 return nil, errors.New("client is nil") 115 } 116 s := &Service{client: client, BasePath: basePath} 117 s.IamPolicies = NewIamPoliciesService(s) 118 s.Organizations = NewOrganizationsService(s) 119 s.Permissions = NewPermissionsService(s) 120 s.Projects = NewProjectsService(s) 121 s.Roles = NewRolesService(s) 122 return s, nil 123} 124 125type Service struct { 126 client *http.Client 127 BasePath string // API endpoint base URL 128 UserAgent string // optional additional User-Agent fragment 129 130 IamPolicies *IamPoliciesService 131 132 Organizations *OrganizationsService 133 134 Permissions *PermissionsService 135 136 Projects *ProjectsService 137 138 Roles *RolesService 139} 140 141func (s *Service) userAgent() string { 142 if s.UserAgent == "" { 143 return googleapi.UserAgent 144 } 145 return googleapi.UserAgent + " " + s.UserAgent 146} 147 148func NewIamPoliciesService(s *Service) *IamPoliciesService { 149 rs := &IamPoliciesService{s: s} 150 return rs 151} 152 153type IamPoliciesService struct { 154 s *Service 155} 156 157func NewOrganizationsService(s *Service) *OrganizationsService { 158 rs := &OrganizationsService{s: s} 159 rs.Roles = NewOrganizationsRolesService(s) 160 return rs 161} 162 163type OrganizationsService struct { 164 s *Service 165 166 Roles *OrganizationsRolesService 167} 168 169func NewOrganizationsRolesService(s *Service) *OrganizationsRolesService { 170 rs := &OrganizationsRolesService{s: s} 171 return rs 172} 173 174type OrganizationsRolesService struct { 175 s *Service 176} 177 178func NewPermissionsService(s *Service) *PermissionsService { 179 rs := &PermissionsService{s: s} 180 return rs 181} 182 183type PermissionsService struct { 184 s *Service 185} 186 187func NewProjectsService(s *Service) *ProjectsService { 188 rs := &ProjectsService{s: s} 189 rs.Roles = NewProjectsRolesService(s) 190 rs.ServiceAccounts = NewProjectsServiceAccountsService(s) 191 return rs 192} 193 194type ProjectsService struct { 195 s *Service 196 197 Roles *ProjectsRolesService 198 199 ServiceAccounts *ProjectsServiceAccountsService 200} 201 202func NewProjectsRolesService(s *Service) *ProjectsRolesService { 203 rs := &ProjectsRolesService{s: s} 204 return rs 205} 206 207type ProjectsRolesService struct { 208 s *Service 209} 210 211func NewProjectsServiceAccountsService(s *Service) *ProjectsServiceAccountsService { 212 rs := &ProjectsServiceAccountsService{s: s} 213 rs.Keys = NewProjectsServiceAccountsKeysService(s) 214 return rs 215} 216 217type ProjectsServiceAccountsService struct { 218 s *Service 219 220 Keys *ProjectsServiceAccountsKeysService 221} 222 223func NewProjectsServiceAccountsKeysService(s *Service) *ProjectsServiceAccountsKeysService { 224 rs := &ProjectsServiceAccountsKeysService{s: s} 225 return rs 226} 227 228type ProjectsServiceAccountsKeysService struct { 229 s *Service 230} 231 232func NewRolesService(s *Service) *RolesService { 233 rs := &RolesService{s: s} 234 return rs 235} 236 237type RolesService struct { 238 s *Service 239} 240 241// AdminAuditData: Audit log information specific to Cloud IAM admin 242// APIs. This message is 243// serialized as an `Any` type in the `ServiceData` message of 244// an 245// `AuditLog` message. 246type AdminAuditData struct { 247 // PermissionDelta: The permission_delta when when creating or updating 248 // a Role. 249 PermissionDelta *PermissionDelta `json:"permissionDelta,omitempty"` 250 251 // ForceSendFields is a list of field names (e.g. "PermissionDelta") to 252 // unconditionally include in API requests. By default, fields with 253 // empty values are omitted from API requests. However, any non-pointer, 254 // non-interface field appearing in ForceSendFields will be sent to the 255 // server regardless of whether the field is empty or not. This may be 256 // used to include empty fields in Patch requests. 257 ForceSendFields []string `json:"-"` 258 259 // NullFields is a list of field names (e.g. "PermissionDelta") to 260 // include in API requests with the JSON null value. By default, fields 261 // with empty values are omitted from API requests. However, any field 262 // with an empty value appearing in NullFields will be sent to the 263 // server as null. It is an error if a field in this list has a 264 // non-empty value. This may be used to include null fields in Patch 265 // requests. 266 NullFields []string `json:"-"` 267} 268 269func (s *AdminAuditData) MarshalJSON() ([]byte, error) { 270 type NoMethod AdminAuditData 271 raw := NoMethod(*s) 272 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 273} 274 275// AuditConfig: Specifies the audit configuration for a service. 276// The configuration determines which permission types are logged, and 277// what 278// identities, if any, are exempted from logging. 279// An AuditConfig must have one or more AuditLogConfigs. 280// 281// If there are AuditConfigs for both `allServices` and a specific 282// service, 283// the union of the two AuditConfigs is used for that service: the 284// log_types 285// specified in each AuditConfig are enabled, and the exempted_members 286// in each 287// AuditLogConfig are exempted. 288// 289// Example Policy with multiple AuditConfigs: 290// 291// { 292// "audit_configs": [ 293// { 294// "service": "allServices" 295// "audit_log_configs": [ 296// { 297// "log_type": "DATA_READ", 298// "exempted_members": [ 299// "user:jose@example.com" 300// ] 301// }, 302// { 303// "log_type": "DATA_WRITE", 304// }, 305// { 306// "log_type": "ADMIN_READ", 307// } 308// ] 309// }, 310// { 311// "service": "sampleservice.googleapis.com" 312// "audit_log_configs": [ 313// { 314// "log_type": "DATA_READ", 315// }, 316// { 317// "log_type": "DATA_WRITE", 318// "exempted_members": [ 319// "user:aliya@example.com" 320// ] 321// } 322// ] 323// } 324// ] 325// } 326// 327// For sampleservice, this policy enables DATA_READ, DATA_WRITE and 328// ADMIN_READ 329// logging. It also exempts jose@example.com from DATA_READ logging, 330// and 331// aliya@example.com from DATA_WRITE logging. 332type AuditConfig struct { 333 // AuditLogConfigs: The configuration for logging of each type of 334 // permission. 335 AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"` 336 337 // Service: Specifies a service that will be enabled for audit 338 // logging. 339 // For example, `storage.googleapis.com`, 340 // `cloudsql.googleapis.com`. 341 // `allServices` is a special value that covers all services. 342 Service string `json:"service,omitempty"` 343 344 // ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to 345 // unconditionally include in API requests. By default, fields with 346 // empty values are omitted from API requests. However, any non-pointer, 347 // non-interface field appearing in ForceSendFields will be sent to the 348 // server regardless of whether the field is empty or not. This may be 349 // used to include empty fields in Patch requests. 350 ForceSendFields []string `json:"-"` 351 352 // NullFields is a list of field names (e.g. "AuditLogConfigs") to 353 // include in API requests with the JSON null value. By default, fields 354 // with empty values are omitted from API requests. However, any field 355 // with an empty value appearing in NullFields will be sent to the 356 // server as null. It is an error if a field in this list has a 357 // non-empty value. This may be used to include null fields in Patch 358 // requests. 359 NullFields []string `json:"-"` 360} 361 362func (s *AuditConfig) MarshalJSON() ([]byte, error) { 363 type NoMethod AuditConfig 364 raw := NoMethod(*s) 365 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 366} 367 368// AuditData: Audit log information specific to Cloud IAM. This message 369// is serialized 370// as an `Any` type in the `ServiceData` message of an 371// `AuditLog` message. 372type AuditData struct { 373 // PolicyDelta: Policy delta between the original policy and the newly 374 // set policy. 375 PolicyDelta *PolicyDelta `json:"policyDelta,omitempty"` 376 377 // ForceSendFields is a list of field names (e.g. "PolicyDelta") to 378 // unconditionally include in API requests. By default, fields with 379 // empty values are omitted from API requests. However, any non-pointer, 380 // non-interface field appearing in ForceSendFields will be sent to the 381 // server regardless of whether the field is empty or not. This may be 382 // used to include empty fields in Patch requests. 383 ForceSendFields []string `json:"-"` 384 385 // NullFields is a list of field names (e.g. "PolicyDelta") to include 386 // in API requests with the JSON null value. By default, fields with 387 // empty values are omitted from API requests. However, any field with 388 // an empty value appearing in NullFields will be sent to the server as 389 // null. It is an error if a field in this list has a non-empty value. 390 // This may be used to include null fields in Patch requests. 391 NullFields []string `json:"-"` 392} 393 394func (s *AuditData) MarshalJSON() ([]byte, error) { 395 type NoMethod AuditData 396 raw := NoMethod(*s) 397 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 398} 399 400// AuditLogConfig: Provides the configuration for logging a type of 401// permissions. 402// Example: 403// 404// { 405// "audit_log_configs": [ 406// { 407// "log_type": "DATA_READ", 408// "exempted_members": [ 409// "user:jose@example.com" 410// ] 411// }, 412// { 413// "log_type": "DATA_WRITE", 414// } 415// ] 416// } 417// 418// This enables 'DATA_READ' and 'DATA_WRITE' logging, while 419// exempting 420// jose@example.com from DATA_READ logging. 421type AuditLogConfig struct { 422 // ExemptedMembers: Specifies the identities that do not cause logging 423 // for this type of 424 // permission. 425 // Follows the same format of Binding.members. 426 ExemptedMembers []string `json:"exemptedMembers,omitempty"` 427 428 // LogType: The log type that this config enables. 429 // 430 // Possible values: 431 // "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this. 432 // "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy 433 // "DATA_WRITE" - Data writes. Example: CloudSQL Users create 434 // "DATA_READ" - Data reads. Example: CloudSQL Users list 435 LogType string `json:"logType,omitempty"` 436 437 // ForceSendFields is a list of field names (e.g. "ExemptedMembers") to 438 // unconditionally include in API requests. By default, fields with 439 // empty values are omitted from API requests. However, any non-pointer, 440 // non-interface field appearing in ForceSendFields will be sent to the 441 // server regardless of whether the field is empty or not. This may be 442 // used to include empty fields in Patch requests. 443 ForceSendFields []string `json:"-"` 444 445 // NullFields is a list of field names (e.g. "ExemptedMembers") to 446 // include in API requests with the JSON null value. By default, fields 447 // with empty values are omitted from API requests. However, any field 448 // with an empty value appearing in NullFields will be sent to the 449 // server as null. It is an error if a field in this list has a 450 // non-empty value. This may be used to include null fields in Patch 451 // requests. 452 NullFields []string `json:"-"` 453} 454 455func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { 456 type NoMethod AuditLogConfig 457 raw := NoMethod(*s) 458 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 459} 460 461// AuditableService: Contains information about an auditable service. 462type AuditableService struct { 463 // Name: Public name of the service. 464 // For example, the service name for Cloud IAM is 'iam.googleapis.com'. 465 Name string `json:"name,omitempty"` 466 467 // ForceSendFields is a list of field names (e.g. "Name") to 468 // unconditionally include in API requests. By default, fields with 469 // empty values are omitted from API requests. However, any non-pointer, 470 // non-interface field appearing in ForceSendFields will be sent to the 471 // server regardless of whether the field is empty or not. This may be 472 // used to include empty fields in Patch requests. 473 ForceSendFields []string `json:"-"` 474 475 // NullFields is a list of field names (e.g. "Name") to include in API 476 // requests with the JSON null value. By default, fields with empty 477 // values are omitted from API requests. However, any field with an 478 // empty value appearing in NullFields will be sent to the server as 479 // null. It is an error if a field in this list has a non-empty value. 480 // This may be used to include null fields in Patch requests. 481 NullFields []string `json:"-"` 482} 483 484func (s *AuditableService) MarshalJSON() ([]byte, error) { 485 type NoMethod AuditableService 486 raw := NoMethod(*s) 487 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 488} 489 490// Binding: Associates `members` with a `role`. 491type Binding struct { 492 // Condition: The condition that is associated with this binding. 493 // NOTE: An unsatisfied condition will not allow user access via 494 // current 495 // binding. Different bindings, including their conditions, are 496 // examined 497 // independently. 498 Condition *Expr `json:"condition,omitempty"` 499 500 // Members: Specifies the identities requesting access for a Cloud 501 // Platform resource. 502 // `members` can have the following values: 503 // 504 // * `allUsers`: A special identifier that represents anyone who is 505 // on the internet; with or without a Google account. 506 // 507 // * `allAuthenticatedUsers`: A special identifier that represents 508 // anyone 509 // who is authenticated with a Google account or a service 510 // account. 511 // 512 // * `user:{emailid}`: An email address that represents a specific 513 // Google 514 // account. For example, `alice@example.com` . 515 // 516 // 517 // * `serviceAccount:{emailid}`: An email address that represents a 518 // service 519 // account. For example, 520 // `my-other-app@appspot.gserviceaccount.com`. 521 // 522 // * `group:{emailid}`: An email address that represents a Google 523 // group. 524 // For example, `admins@example.com`. 525 // 526 // * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus 527 // unique 528 // identifier) representing a user that has been recently deleted. 529 // For 530 // example, `alice@example.com?uid=123456789012345678901`. If the 531 // user is 532 // recovered, this value reverts to `user:{emailid}` and the 533 // recovered user 534 // retains the role in the binding. 535 // 536 // * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address 537 // (plus 538 // unique identifier) representing a service account that has been 539 // recently 540 // deleted. For example, 541 // 542 // `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. 543 // 544 // If the service account is undeleted, this value reverts to 545 // `serviceAccount:{emailid}` and the undeleted service account 546 // retains the 547 // role in the binding. 548 // 549 // * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus 550 // unique 551 // identifier) representing a Google group that has been recently 552 // deleted. For example, 553 // `admins@example.com?uid=123456789012345678901`. If 554 // the group is recovered, this value reverts to `group:{emailid}` 555 // and the 556 // recovered group retains the role in the binding. 557 // 558 // 559 // * `domain:{domain}`: The G Suite domain (primary) that represents all 560 // the 561 // users of that domain. For example, `google.com` or 562 // `example.com`. 563 // 564 // 565 Members []string `json:"members,omitempty"` 566 567 // Role: Role that is assigned to `members`. 568 // For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 569 Role string `json:"role,omitempty"` 570 571 // ForceSendFields is a list of field names (e.g. "Condition") to 572 // unconditionally include in API requests. By default, fields with 573 // empty values are omitted from API requests. However, any non-pointer, 574 // non-interface field appearing in ForceSendFields will be sent to the 575 // server regardless of whether the field is empty or not. This may be 576 // used to include empty fields in Patch requests. 577 ForceSendFields []string `json:"-"` 578 579 // NullFields is a list of field names (e.g. "Condition") to include in 580 // API requests with the JSON null value. By default, fields with empty 581 // values are omitted from API requests. However, any field with an 582 // empty value appearing in NullFields will be sent to the server as 583 // null. It is an error if a field in this list has a non-empty value. 584 // This may be used to include null fields in Patch requests. 585 NullFields []string `json:"-"` 586} 587 588func (s *Binding) MarshalJSON() ([]byte, error) { 589 type NoMethod Binding 590 raw := NoMethod(*s) 591 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 592} 593 594// BindingDelta: One delta entry for Binding. Each individual change 595// (only one member in each 596// entry) to a binding will be a separate entry. 597type BindingDelta struct { 598 // Action: The action that was performed on a Binding. 599 // Required 600 // 601 // Possible values: 602 // "ACTION_UNSPECIFIED" - Unspecified. 603 // "ADD" - Addition of a Binding. 604 // "REMOVE" - Removal of a Binding. 605 Action string `json:"action,omitempty"` 606 607 // Condition: The condition that is associated with this binding. 608 Condition *Expr `json:"condition,omitempty"` 609 610 // Member: A single identity requesting access for a Cloud Platform 611 // resource. 612 // Follows the same format of Binding.members. 613 // Required 614 Member string `json:"member,omitempty"` 615 616 // Role: Role that is assigned to `members`. 617 // For example, `roles/viewer`, `roles/editor`, or 618 // `roles/owner`. 619 // Required 620 Role string `json:"role,omitempty"` 621 622 // ForceSendFields is a list of field names (e.g. "Action") to 623 // unconditionally include in API requests. By default, fields with 624 // empty values are omitted from API requests. However, any non-pointer, 625 // non-interface field appearing in ForceSendFields will be sent to the 626 // server regardless of whether the field is empty or not. This may be 627 // used to include empty fields in Patch requests. 628 ForceSendFields []string `json:"-"` 629 630 // NullFields is a list of field names (e.g. "Action") to include in API 631 // requests with the JSON null value. By default, fields with empty 632 // values are omitted from API requests. However, any field with an 633 // empty value appearing in NullFields will be sent to the server as 634 // null. It is an error if a field in this list has a non-empty value. 635 // This may be used to include null fields in Patch requests. 636 NullFields []string `json:"-"` 637} 638 639func (s *BindingDelta) MarshalJSON() ([]byte, error) { 640 type NoMethod BindingDelta 641 raw := NoMethod(*s) 642 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 643} 644 645// CreateRoleRequest: The request to create a new role. 646type CreateRoleRequest struct { 647 // Role: The Role resource to create. 648 Role *Role `json:"role,omitempty"` 649 650 // RoleId: The role ID to use for this role. 651 RoleId string `json:"roleId,omitempty"` 652 653 // ForceSendFields is a list of field names (e.g. "Role") to 654 // unconditionally include in API requests. By default, fields with 655 // empty values are omitted from API requests. However, any non-pointer, 656 // non-interface field appearing in ForceSendFields will be sent to the 657 // server regardless of whether the field is empty or not. This may be 658 // used to include empty fields in Patch requests. 659 ForceSendFields []string `json:"-"` 660 661 // NullFields is a list of field names (e.g. "Role") to include in API 662 // requests with the JSON null value. By default, fields with empty 663 // values are omitted from API requests. However, any field with an 664 // empty value appearing in NullFields will be sent to the server as 665 // null. It is an error if a field in this list has a non-empty value. 666 // This may be used to include null fields in Patch requests. 667 NullFields []string `json:"-"` 668} 669 670func (s *CreateRoleRequest) MarshalJSON() ([]byte, error) { 671 type NoMethod CreateRoleRequest 672 raw := NoMethod(*s) 673 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 674} 675 676// CreateServiceAccountKeyRequest: The service account key create 677// request. 678type CreateServiceAccountKeyRequest struct { 679 // KeyAlgorithm: Which type of key and algorithm to use for the key. 680 // The default is currently a 2K RSA key. However this may change in 681 // the 682 // future. 683 // 684 // Possible values: 685 // "KEY_ALG_UNSPECIFIED" - An unspecified key algorithm. 686 // "KEY_ALG_RSA_1024" - 1k RSA Key. 687 // "KEY_ALG_RSA_2048" - 2k RSA Key. 688 KeyAlgorithm string `json:"keyAlgorithm,omitempty"` 689 690 // PrivateKeyType: The output format of the private key. The default 691 // value is 692 // `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google Credentials 693 // File 694 // format. 695 // 696 // Possible values: 697 // "TYPE_UNSPECIFIED" - Unspecified. Equivalent to 698 // `TYPE_GOOGLE_CREDENTIALS_FILE`. 699 // "TYPE_PKCS12_FILE" - PKCS12 format. 700 // The password for the PKCS12 file is `notasecret`. 701 // For more information, see https://tools.ietf.org/html/rfc7292. 702 // "TYPE_GOOGLE_CREDENTIALS_FILE" - Google Credentials File format. 703 PrivateKeyType string `json:"privateKeyType,omitempty"` 704 705 // ForceSendFields is a list of field names (e.g. "KeyAlgorithm") to 706 // unconditionally include in API requests. By default, fields with 707 // empty values are omitted from API requests. However, any non-pointer, 708 // non-interface field appearing in ForceSendFields will be sent to the 709 // server regardless of whether the field is empty or not. This may be 710 // used to include empty fields in Patch requests. 711 ForceSendFields []string `json:"-"` 712 713 // NullFields is a list of field names (e.g. "KeyAlgorithm") to include 714 // in API requests with the JSON null value. By default, fields with 715 // empty values are omitted from API requests. However, any field with 716 // an empty value appearing in NullFields will be sent to the server as 717 // null. It is an error if a field in this list has a non-empty value. 718 // This may be used to include null fields in Patch requests. 719 NullFields []string `json:"-"` 720} 721 722func (s *CreateServiceAccountKeyRequest) MarshalJSON() ([]byte, error) { 723 type NoMethod CreateServiceAccountKeyRequest 724 raw := NoMethod(*s) 725 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 726} 727 728// CreateServiceAccountRequest: The service account create request. 729type CreateServiceAccountRequest struct { 730 // AccountId: Required. The account id that is used to generate the 731 // service account 732 // email address and a stable unique id. It is unique within a 733 // project, 734 // must be 6-30 characters long, and match the regular 735 // expression 736 // `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035. 737 AccountId string `json:"accountId,omitempty"` 738 739 // ServiceAccount: The ServiceAccount resource to 740 // create. Currently, only the following values are user 741 // assignable: 742 // `display_name` and `description`. 743 ServiceAccount *ServiceAccount `json:"serviceAccount,omitempty"` 744 745 // ForceSendFields is a list of field names (e.g. "AccountId") to 746 // unconditionally include in API requests. By default, fields with 747 // empty values are omitted from API requests. However, any non-pointer, 748 // non-interface field appearing in ForceSendFields will be sent to the 749 // server regardless of whether the field is empty or not. This may be 750 // used to include empty fields in Patch requests. 751 ForceSendFields []string `json:"-"` 752 753 // NullFields is a list of field names (e.g. "AccountId") to include in 754 // API requests with the JSON null value. By default, fields with empty 755 // values are omitted from API requests. However, any field with an 756 // empty value appearing in NullFields will be sent to the server as 757 // null. It is an error if a field in this list has a non-empty value. 758 // This may be used to include null fields in Patch requests. 759 NullFields []string `json:"-"` 760} 761 762func (s *CreateServiceAccountRequest) MarshalJSON() ([]byte, error) { 763 type NoMethod CreateServiceAccountRequest 764 raw := NoMethod(*s) 765 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 766} 767 768// DisableServiceAccountRequest: The service account disable request. 769type DisableServiceAccountRequest struct { 770} 771 772// Empty: A generic empty message that you can re-use to avoid defining 773// duplicated 774// empty messages in your APIs. A typical example is to use it as the 775// request 776// or the response type of an API method. For instance: 777// 778// service Foo { 779// rpc Bar(google.protobuf.Empty) returns 780// (google.protobuf.Empty); 781// } 782// 783// The JSON representation for `Empty` is empty JSON object `{}`. 784type Empty struct { 785 // ServerResponse contains the HTTP response code and headers from the 786 // server. 787 googleapi.ServerResponse `json:"-"` 788} 789 790// EnableServiceAccountRequest: The service account enable request. 791type EnableServiceAccountRequest struct { 792} 793 794// Expr: Represents a textual expression in the Common Expression 795// Language (CEL) 796// syntax. CEL is a C-like expression language. The syntax and semantics 797// of CEL 798// are documented at https://github.com/google/cel-spec. 799// 800// Example (Comparison): 801// 802// title: "Summary size limit" 803// description: "Determines if a summary is less than 100 chars" 804// expression: "document.summary.size() < 100" 805// 806// Example (Equality): 807// 808// title: "Requestor is owner" 809// description: "Determines if requestor is the document owner" 810// expression: "document.owner == 811// request.auth.claims.email" 812// 813// Example (Logic): 814// 815// title: "Public documents" 816// description: "Determine whether the document should be publicly 817// visible" 818// expression: "document.type != 'private' && document.type != 819// 'internal'" 820// 821// Example (Data Manipulation): 822// 823// title: "Notification string" 824// description: "Create a notification string with a timestamp." 825// expression: "'New message received at ' + 826// string(document.create_time)" 827// 828// The exact variables and functions that may be referenced within an 829// expression 830// are determined by the service that evaluates it. See the 831// service 832// documentation for additional information. 833type Expr struct { 834 // Description: Optional. Description of the expression. This is a 835 // longer text which 836 // describes the expression, e.g. when hovered over it in a UI. 837 Description string `json:"description,omitempty"` 838 839 // Expression: Textual representation of an expression in Common 840 // Expression Language 841 // syntax. 842 Expression string `json:"expression,omitempty"` 843 844 // Location: Optional. String indicating the location of the expression 845 // for error 846 // reporting, e.g. a file name and a position in the file. 847 Location string `json:"location,omitempty"` 848 849 // Title: Optional. Title for the expression, i.e. a short string 850 // describing 851 // its purpose. This can be used e.g. in UIs which allow to enter 852 // the 853 // expression. 854 Title string `json:"title,omitempty"` 855 856 // ForceSendFields is a list of field names (e.g. "Description") to 857 // unconditionally include in API requests. By default, fields with 858 // empty values are omitted from API requests. However, any non-pointer, 859 // non-interface field appearing in ForceSendFields will be sent to the 860 // server regardless of whether the field is empty or not. This may be 861 // used to include empty fields in Patch requests. 862 ForceSendFields []string `json:"-"` 863 864 // NullFields is a list of field names (e.g. "Description") to include 865 // in API requests with the JSON null value. By default, fields with 866 // empty values are omitted from API requests. However, any field with 867 // an empty value appearing in NullFields will be sent to the server as 868 // null. It is an error if a field in this list has a non-empty value. 869 // This may be used to include null fields in Patch requests. 870 NullFields []string `json:"-"` 871} 872 873func (s *Expr) MarshalJSON() ([]byte, error) { 874 type NoMethod Expr 875 raw := NoMethod(*s) 876 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 877} 878 879// LintPolicyRequest: The request to lint a Cloud IAM policy object. 880type LintPolicyRequest struct { 881 // Condition: google.iam.v1.Binding.condition object to be linted. 882 Condition *Expr `json:"condition,omitempty"` 883 884 // FullResourceName: The full resource name of the policy this lint 885 // request is about. 886 // 887 // The name follows the Google Cloud Platform (GCP) resource format. 888 // For example, a GCP project with ID `my-project` will be 889 // named 890 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 891 // 892 // Th 893 // e resource name is not used to read the policy instance from the 894 // Cloud 895 // IAM database. The candidate policy for lint has to be provided in the 896 // same 897 // request object. 898 FullResourceName string `json:"fullResourceName,omitempty"` 899 900 // ForceSendFields is a list of field names (e.g. "Condition") to 901 // unconditionally include in API requests. By default, fields with 902 // empty values are omitted from API requests. However, any non-pointer, 903 // non-interface field appearing in ForceSendFields will be sent to the 904 // server regardless of whether the field is empty or not. This may be 905 // used to include empty fields in Patch requests. 906 ForceSendFields []string `json:"-"` 907 908 // NullFields is a list of field names (e.g. "Condition") to include in 909 // API requests with the JSON null value. By default, fields with empty 910 // values are omitted from API requests. However, any field with an 911 // empty value appearing in NullFields will be sent to the server as 912 // null. It is an error if a field in this list has a non-empty value. 913 // This may be used to include null fields in Patch requests. 914 NullFields []string `json:"-"` 915} 916 917func (s *LintPolicyRequest) MarshalJSON() ([]byte, error) { 918 type NoMethod LintPolicyRequest 919 raw := NoMethod(*s) 920 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 921} 922 923// LintPolicyResponse: The response of a lint operation. An empty 924// response indicates 925// the operation was able to fully execute and no lint issue was found. 926type LintPolicyResponse struct { 927 // LintResults: List of lint results sorted by `severity` in descending 928 // order. 929 LintResults []*LintResult `json:"lintResults,omitempty"` 930 931 // ServerResponse contains the HTTP response code and headers from the 932 // server. 933 googleapi.ServerResponse `json:"-"` 934 935 // ForceSendFields is a list of field names (e.g. "LintResults") to 936 // unconditionally include in API requests. By default, fields with 937 // empty values are omitted from API requests. However, any non-pointer, 938 // non-interface field appearing in ForceSendFields will be sent to the 939 // server regardless of whether the field is empty or not. This may be 940 // used to include empty fields in Patch requests. 941 ForceSendFields []string `json:"-"` 942 943 // NullFields is a list of field names (e.g. "LintResults") to include 944 // in API requests with the JSON null value. By default, fields with 945 // empty values are omitted from API requests. However, any field with 946 // an empty value appearing in NullFields will be sent to the server as 947 // null. It is an error if a field in this list has a non-empty value. 948 // This may be used to include null fields in Patch requests. 949 NullFields []string `json:"-"` 950} 951 952func (s *LintPolicyResponse) MarshalJSON() ([]byte, error) { 953 type NoMethod LintPolicyResponse 954 raw := NoMethod(*s) 955 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 956} 957 958// LintResult: Structured response of a single validation unit. 959type LintResult struct { 960 // DebugMessage: Human readable debug message associated with the issue. 961 DebugMessage string `json:"debugMessage,omitempty"` 962 963 // FieldName: The name of the field for which this lint result is 964 // about. 965 // 966 // For nested messages `field_name` consists of names of the embedded 967 // fields 968 // separated by period character. The top-level qualifier is the input 969 // object 970 // to lint in the request. For example, the `field_name` 971 // value 972 // `condition.expression` identifies a lint result for the `expression` 973 // field 974 // of the provided condition. 975 FieldName string `json:"fieldName,omitempty"` 976 977 // Level: The validation unit level. 978 // 979 // Possible values: 980 // "LEVEL_UNSPECIFIED" - Level is unspecified. 981 // "CONDITION" - A validation unit which operates on an individual 982 // condition within a 983 // binding. 984 Level string `json:"level,omitempty"` 985 986 // LocationOffset: 0-based character position of problematic construct 987 // within the object 988 // identified by `field_name`. Currently, this is populated only for 989 // condition 990 // expression. 991 LocationOffset int64 `json:"locationOffset,omitempty"` 992 993 // Severity: The validation unit severity. 994 // 995 // Possible values: 996 // "SEVERITY_UNSPECIFIED" - Severity is unspecified. 997 // "ERROR" - A validation unit returns an error only for critical 998 // issues. If an 999 // attempt is made to set the problematic policy without rectifying 1000 // the 1001 // critical issue, it causes the `setPolicy` operation to fail. 1002 // "WARNING" - Any issue which is severe enough but does not cause an 1003 // error. 1004 // For example, suspicious constructs in the input object will 1005 // not 1006 // necessarily fail `setPolicy`, but there is a high likelihood that 1007 // they 1008 // won't behave as expected during policy evaluation in 1009 // `checkPolicy`. 1010 // This includes the following common scenarios: 1011 // 1012 // - Unsatisfiable condition: Expired timestamp in date/time 1013 // condition. 1014 // - Ineffective condition: Condition on a <member, role> pair which is 1015 // granted unconditionally in another binding of the same policy. 1016 // "NOTICE" - Reserved for the issues that are not severe as 1017 // `ERROR`/`WARNING`, but 1018 // need special handling. For instance, messages about skipped 1019 // validation 1020 // units are issued as `NOTICE`. 1021 // "INFO" - Any informative statement which is not severe enough to 1022 // raise 1023 // `ERROR`/`WARNING`/`NOTICE`, like auto-correction recommendations on 1024 // the 1025 // input content. Note that current version of the linter does not 1026 // utilize 1027 // `INFO`. 1028 // "DEPRECATED" - Deprecated severity level. 1029 Severity string `json:"severity,omitempty"` 1030 1031 // ValidationUnitName: The validation unit name, for 1032 // instance 1033 // "lintValidationUnits/ConditionComplexityCheck". 1034 ValidationUnitName string `json:"validationUnitName,omitempty"` 1035 1036 // ForceSendFields is a list of field names (e.g. "DebugMessage") to 1037 // unconditionally include in API requests. By default, fields with 1038 // empty values are omitted from API requests. However, any non-pointer, 1039 // non-interface field appearing in ForceSendFields will be sent to the 1040 // server regardless of whether the field is empty or not. This may be 1041 // used to include empty fields in Patch requests. 1042 ForceSendFields []string `json:"-"` 1043 1044 // NullFields is a list of field names (e.g. "DebugMessage") to include 1045 // in API requests with the JSON null value. By default, fields with 1046 // empty values are omitted from API requests. However, any field with 1047 // an empty value appearing in NullFields will be sent to the server as 1048 // null. It is an error if a field in this list has a non-empty value. 1049 // This may be used to include null fields in Patch requests. 1050 NullFields []string `json:"-"` 1051} 1052 1053func (s *LintResult) MarshalJSON() ([]byte, error) { 1054 type NoMethod LintResult 1055 raw := NoMethod(*s) 1056 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1057} 1058 1059// ListRolesResponse: The response containing the roles defined under a 1060// resource. 1061type ListRolesResponse struct { 1062 // NextPageToken: To retrieve the next page of results, 1063 // set 1064 // `ListRolesRequest.page_token` to this value. 1065 NextPageToken string `json:"nextPageToken,omitempty"` 1066 1067 // Roles: The Roles defined on this resource. 1068 Roles []*Role `json:"roles,omitempty"` 1069 1070 // ServerResponse contains the HTTP response code and headers from the 1071 // server. 1072 googleapi.ServerResponse `json:"-"` 1073 1074 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1075 // unconditionally include in API requests. By default, fields with 1076 // empty values are omitted from API requests. However, any non-pointer, 1077 // non-interface field appearing in ForceSendFields will be sent to the 1078 // server regardless of whether the field is empty or not. This may be 1079 // used to include empty fields in Patch requests. 1080 ForceSendFields []string `json:"-"` 1081 1082 // NullFields is a list of field names (e.g. "NextPageToken") to include 1083 // in API requests with the JSON null value. By default, fields with 1084 // empty values are omitted from API requests. However, any field with 1085 // an empty value appearing in NullFields will be sent to the server as 1086 // null. It is an error if a field in this list has a non-empty value. 1087 // This may be used to include null fields in Patch requests. 1088 NullFields []string `json:"-"` 1089} 1090 1091func (s *ListRolesResponse) MarshalJSON() ([]byte, error) { 1092 type NoMethod ListRolesResponse 1093 raw := NoMethod(*s) 1094 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1095} 1096 1097// ListServiceAccountKeysResponse: The service account keys list 1098// response. 1099type ListServiceAccountKeysResponse struct { 1100 // Keys: The public keys for the service account. 1101 Keys []*ServiceAccountKey `json:"keys,omitempty"` 1102 1103 // ServerResponse contains the HTTP response code and headers from the 1104 // server. 1105 googleapi.ServerResponse `json:"-"` 1106 1107 // ForceSendFields is a list of field names (e.g. "Keys") to 1108 // unconditionally include in API requests. By default, fields with 1109 // empty values are omitted from API requests. However, any non-pointer, 1110 // non-interface field appearing in ForceSendFields will be sent to the 1111 // server regardless of whether the field is empty or not. This may be 1112 // used to include empty fields in Patch requests. 1113 ForceSendFields []string `json:"-"` 1114 1115 // NullFields is a list of field names (e.g. "Keys") to include in API 1116 // requests with the JSON null value. By default, fields with empty 1117 // values are omitted from API requests. However, any field with an 1118 // empty value appearing in NullFields will be sent to the server as 1119 // null. It is an error if a field in this list has a non-empty value. 1120 // This may be used to include null fields in Patch requests. 1121 NullFields []string `json:"-"` 1122} 1123 1124func (s *ListServiceAccountKeysResponse) MarshalJSON() ([]byte, error) { 1125 type NoMethod ListServiceAccountKeysResponse 1126 raw := NoMethod(*s) 1127 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1128} 1129 1130// ListServiceAccountsResponse: The service account list response. 1131type ListServiceAccountsResponse struct { 1132 // Accounts: The list of matching service accounts. 1133 Accounts []*ServiceAccount `json:"accounts,omitempty"` 1134 1135 // NextPageToken: To retrieve the next page of results, 1136 // set 1137 // ListServiceAccountsRequest.page_token 1138 // to this value. 1139 NextPageToken string `json:"nextPageToken,omitempty"` 1140 1141 // ServerResponse contains the HTTP response code and headers from the 1142 // server. 1143 googleapi.ServerResponse `json:"-"` 1144 1145 // ForceSendFields is a list of field names (e.g. "Accounts") to 1146 // unconditionally include in API requests. By default, fields with 1147 // empty values are omitted from API requests. However, any non-pointer, 1148 // non-interface field appearing in ForceSendFields will be sent to the 1149 // server regardless of whether the field is empty or not. This may be 1150 // used to include empty fields in Patch requests. 1151 ForceSendFields []string `json:"-"` 1152 1153 // NullFields is a list of field names (e.g. "Accounts") to include in 1154 // API requests with the JSON null value. By default, fields with empty 1155 // values are omitted from API requests. However, any field with an 1156 // empty value appearing in NullFields will be sent to the server as 1157 // null. It is an error if a field in this list has a non-empty value. 1158 // This may be used to include null fields in Patch requests. 1159 NullFields []string `json:"-"` 1160} 1161 1162func (s *ListServiceAccountsResponse) MarshalJSON() ([]byte, error) { 1163 type NoMethod ListServiceAccountsResponse 1164 raw := NoMethod(*s) 1165 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1166} 1167 1168// PatchServiceAccountRequest: The patch service account request. 1169type PatchServiceAccountRequest struct { 1170 ServiceAccount *ServiceAccount `json:"serviceAccount,omitempty"` 1171 1172 UpdateMask string `json:"updateMask,omitempty"` 1173 1174 // ForceSendFields is a list of field names (e.g. "ServiceAccount") to 1175 // unconditionally include in API requests. By default, fields with 1176 // empty values are omitted from API requests. However, any non-pointer, 1177 // non-interface field appearing in ForceSendFields will be sent to the 1178 // server regardless of whether the field is empty or not. This may be 1179 // used to include empty fields in Patch requests. 1180 ForceSendFields []string `json:"-"` 1181 1182 // NullFields is a list of field names (e.g. "ServiceAccount") to 1183 // include in API requests with the JSON null value. By default, fields 1184 // with empty values are omitted from API requests. However, any field 1185 // with an empty value appearing in NullFields will be sent to the 1186 // server as null. It is an error if a field in this list has a 1187 // non-empty value. This may be used to include null fields in Patch 1188 // requests. 1189 NullFields []string `json:"-"` 1190} 1191 1192func (s *PatchServiceAccountRequest) MarshalJSON() ([]byte, error) { 1193 type NoMethod PatchServiceAccountRequest 1194 raw := NoMethod(*s) 1195 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1196} 1197 1198// Permission: A permission which can be included by a role. 1199type Permission struct { 1200 // ApiDisabled: The service API associated with the permission is not 1201 // enabled. 1202 ApiDisabled bool `json:"apiDisabled,omitempty"` 1203 1204 // CustomRolesSupportLevel: The current custom role support level. 1205 // 1206 // Possible values: 1207 // "SUPPORTED" - Permission is fully supported for custom role use. 1208 // "TESTING" - Permission is being tested to check custom role 1209 // compatibility. 1210 // "NOT_SUPPORTED" - Permission is not supported for custom role use. 1211 CustomRolesSupportLevel string `json:"customRolesSupportLevel,omitempty"` 1212 1213 // Description: A brief description of what this Permission is used 1214 // for. 1215 // This permission can ONLY be used in predefined roles. 1216 Description string `json:"description,omitempty"` 1217 1218 // Name: The name of this Permission. 1219 Name string `json:"name,omitempty"` 1220 1221 OnlyInPredefinedRoles bool `json:"onlyInPredefinedRoles,omitempty"` 1222 1223 // PrimaryPermission: The preferred name for this permission. If 1224 // present, then this permission is 1225 // an alias of, and equivalent to, the listed primary_permission. 1226 PrimaryPermission string `json:"primaryPermission,omitempty"` 1227 1228 // Stage: The current launch stage of the permission. 1229 // 1230 // Possible values: 1231 // "ALPHA" - The permission is currently in an alpha phase. 1232 // "BETA" - The permission is currently in a beta phase. 1233 // "GA" - The permission is generally available. 1234 // "DEPRECATED" - The permission is being deprecated. 1235 Stage string `json:"stage,omitempty"` 1236 1237 // Title: The title of this Permission. 1238 Title string `json:"title,omitempty"` 1239 1240 // ForceSendFields is a list of field names (e.g. "ApiDisabled") to 1241 // unconditionally include in API requests. By default, fields with 1242 // empty values are omitted from API requests. However, any non-pointer, 1243 // non-interface field appearing in ForceSendFields will be sent to the 1244 // server regardless of whether the field is empty or not. This may be 1245 // used to include empty fields in Patch requests. 1246 ForceSendFields []string `json:"-"` 1247 1248 // NullFields is a list of field names (e.g. "ApiDisabled") to include 1249 // in API requests with the JSON null value. By default, fields with 1250 // empty values are omitted from API requests. However, any field with 1251 // an empty value appearing in NullFields will be sent to the server as 1252 // null. It is an error if a field in this list has a non-empty value. 1253 // This may be used to include null fields in Patch requests. 1254 NullFields []string `json:"-"` 1255} 1256 1257func (s *Permission) MarshalJSON() ([]byte, error) { 1258 type NoMethod Permission 1259 raw := NoMethod(*s) 1260 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1261} 1262 1263// PermissionDelta: A PermissionDelta message to record the 1264// added_permissions and 1265// removed_permissions inside a role. 1266type PermissionDelta struct { 1267 // AddedPermissions: Added permissions. 1268 AddedPermissions []string `json:"addedPermissions,omitempty"` 1269 1270 // RemovedPermissions: Removed permissions. 1271 RemovedPermissions []string `json:"removedPermissions,omitempty"` 1272 1273 // ForceSendFields is a list of field names (e.g. "AddedPermissions") to 1274 // unconditionally include in API requests. By default, fields with 1275 // empty values are omitted from API requests. However, any non-pointer, 1276 // non-interface field appearing in ForceSendFields will be sent to the 1277 // server regardless of whether the field is empty or not. This may be 1278 // used to include empty fields in Patch requests. 1279 ForceSendFields []string `json:"-"` 1280 1281 // NullFields is a list of field names (e.g. "AddedPermissions") to 1282 // include in API requests with the JSON null value. By default, fields 1283 // with empty values are omitted from API requests. However, any field 1284 // with an empty value appearing in NullFields will be sent to the 1285 // server as null. It is an error if a field in this list has a 1286 // non-empty value. This may be used to include null fields in Patch 1287 // requests. 1288 NullFields []string `json:"-"` 1289} 1290 1291func (s *PermissionDelta) MarshalJSON() ([]byte, error) { 1292 type NoMethod PermissionDelta 1293 raw := NoMethod(*s) 1294 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1295} 1296 1297// Policy: An Identity and Access Management (IAM) policy, which 1298// specifies access 1299// controls for Google Cloud resources. 1300// 1301// 1302// A `Policy` is a collection of `bindings`. A `binding` binds one or 1303// more 1304// `members` to a single `role`. Members can be user accounts, service 1305// accounts, 1306// Google groups, and domains (such as G Suite). A `role` is a named 1307// list of 1308// permissions; each `role` can be an IAM predefined role or a 1309// user-created 1310// custom role. 1311// 1312// Optionally, a `binding` can specify a `condition`, which is a 1313// logical 1314// expression that allows access to a resource only if the expression 1315// evaluates 1316// to `true`. A condition can add constraints based on attributes of 1317// the 1318// request, the resource, or both. 1319// 1320// **JSON example:** 1321// 1322// { 1323// "bindings": [ 1324// { 1325// "role": "roles/resourcemanager.organizationAdmin", 1326// "members": [ 1327// "user:mike@example.com", 1328// "group:admins@example.com", 1329// "domain:google.com", 1330// 1331// "serviceAccount:my-project-id@appspot.gserviceaccount.com" 1332// ] 1333// }, 1334// { 1335// "role": "roles/resourcemanager.organizationViewer", 1336// "members": ["user:eve@example.com"], 1337// "condition": { 1338// "title": "expirable access", 1339// "description": "Does not grant access after Sep 2020", 1340// "expression": "request.time < 1341// timestamp('2020-10-01T00:00:00.000Z')", 1342// } 1343// } 1344// ], 1345// "etag": "BwWWja0YfJA=", 1346// "version": 3 1347// } 1348// 1349// **YAML example:** 1350// 1351// bindings: 1352// - members: 1353// - user:mike@example.com 1354// - group:admins@example.com 1355// - domain:google.com 1356// - serviceAccount:my-project-id@appspot.gserviceaccount.com 1357// role: roles/resourcemanager.organizationAdmin 1358// - members: 1359// - user:eve@example.com 1360// role: roles/resourcemanager.organizationViewer 1361// condition: 1362// title: expirable access 1363// description: Does not grant access after Sep 2020 1364// expression: request.time < 1365// timestamp('2020-10-01T00:00:00.000Z') 1366// - etag: BwWWja0YfJA= 1367// - version: 3 1368// 1369// For a description of IAM and its features, see the 1370// [IAM documentation](https://cloud.google.com/iam/docs/). 1371type Policy struct { 1372 // AuditConfigs: Specifies cloud audit logging configuration for this 1373 // policy. 1374 AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"` 1375 1376 // Bindings: Associates a list of `members` to a `role`. Optionally, may 1377 // specify a 1378 // `condition` that determines how and when the `bindings` are applied. 1379 // Each 1380 // of the `bindings` must contain at least one member. 1381 Bindings []*Binding `json:"bindings,omitempty"` 1382 1383 // Etag: `etag` is used for optimistic concurrency control as a way to 1384 // help 1385 // prevent simultaneous updates of a policy from overwriting each 1386 // other. 1387 // It is strongly suggested that systems make use of the `etag` in 1388 // the 1389 // read-modify-write cycle to perform policy updates in order to avoid 1390 // race 1391 // conditions: An `etag` is returned in the response to `getIamPolicy`, 1392 // and 1393 // systems are expected to put that etag in the request to 1394 // `setIamPolicy` to 1395 // ensure that their change will be applied to the same version of the 1396 // policy. 1397 // 1398 // **Important:** If you use IAM Conditions, you must include the `etag` 1399 // field 1400 // whenever you call `setIamPolicy`. If you omit this field, then IAM 1401 // allows 1402 // you to overwrite a version `3` policy with a version `1` policy, and 1403 // all of 1404 // the conditions in the version `3` policy are lost. 1405 Etag string `json:"etag,omitempty"` 1406 1407 // Version: Specifies the format of the policy. 1408 // 1409 // Valid values are `0`, `1`, and `3`. Requests that specify an invalid 1410 // value 1411 // are rejected. 1412 // 1413 // Any operation that affects conditional role bindings must specify 1414 // version 1415 // `3`. This requirement applies to the following operations: 1416 // 1417 // * Getting a policy that includes a conditional role binding 1418 // * Adding a conditional role binding to a policy 1419 // * Changing a conditional role binding in a policy 1420 // * Removing any role binding, with or without a condition, from a 1421 // policy 1422 // that includes conditions 1423 // 1424 // **Important:** If you use IAM Conditions, you must include the `etag` 1425 // field 1426 // whenever you call `setIamPolicy`. If you omit this field, then IAM 1427 // allows 1428 // you to overwrite a version `3` policy with a version `1` policy, and 1429 // all of 1430 // the conditions in the version `3` policy are lost. 1431 // 1432 // If a policy does not include any conditions, operations on that 1433 // policy may 1434 // specify any valid version or leave the field unset. 1435 Version int64 `json:"version,omitempty"` 1436 1437 // ServerResponse contains the HTTP response code and headers from the 1438 // server. 1439 googleapi.ServerResponse `json:"-"` 1440 1441 // ForceSendFields is a list of field names (e.g. "AuditConfigs") to 1442 // unconditionally include in API requests. By default, fields with 1443 // empty values are omitted from API requests. However, any non-pointer, 1444 // non-interface field appearing in ForceSendFields will be sent to the 1445 // server regardless of whether the field is empty or not. This may be 1446 // used to include empty fields in Patch requests. 1447 ForceSendFields []string `json:"-"` 1448 1449 // NullFields is a list of field names (e.g. "AuditConfigs") to include 1450 // in API requests with the JSON null value. By default, fields with 1451 // empty values are omitted from API requests. However, any field with 1452 // an empty value appearing in NullFields will be sent to the server as 1453 // null. It is an error if a field in this list has a non-empty value. 1454 // This may be used to include null fields in Patch requests. 1455 NullFields []string `json:"-"` 1456} 1457 1458func (s *Policy) MarshalJSON() ([]byte, error) { 1459 type NoMethod Policy 1460 raw := NoMethod(*s) 1461 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1462} 1463 1464// PolicyDelta: The difference delta between two policies. 1465type PolicyDelta struct { 1466 // BindingDeltas: The delta for Bindings between two policies. 1467 BindingDeltas []*BindingDelta `json:"bindingDeltas,omitempty"` 1468 1469 // ForceSendFields is a list of field names (e.g. "BindingDeltas") to 1470 // unconditionally include in API requests. By default, fields with 1471 // empty values are omitted from API requests. However, any non-pointer, 1472 // non-interface field appearing in ForceSendFields will be sent to the 1473 // server regardless of whether the field is empty or not. This may be 1474 // used to include empty fields in Patch requests. 1475 ForceSendFields []string `json:"-"` 1476 1477 // NullFields is a list of field names (e.g. "BindingDeltas") to include 1478 // in API requests with the JSON null value. By default, fields with 1479 // empty values are omitted from API requests. However, any field with 1480 // an empty value appearing in NullFields will be sent to the server as 1481 // null. It is an error if a field in this list has a non-empty value. 1482 // This may be used to include null fields in Patch requests. 1483 NullFields []string `json:"-"` 1484} 1485 1486func (s *PolicyDelta) MarshalJSON() ([]byte, error) { 1487 type NoMethod PolicyDelta 1488 raw := NoMethod(*s) 1489 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1490} 1491 1492// QueryAuditableServicesRequest: A request to get the list of auditable 1493// services for a resource. 1494type QueryAuditableServicesRequest struct { 1495 // FullResourceName: Required. The full resource name to query from the 1496 // list of auditable 1497 // services. 1498 // 1499 // The name follows the Google Cloud Platform resource format. 1500 // For example, a Cloud Platform project with id `my-project` will be 1501 // named 1502 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1503 FullResourceName string `json:"fullResourceName,omitempty"` 1504 1505 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1506 // unconditionally include in API requests. By default, fields with 1507 // empty values are omitted from API requests. However, any non-pointer, 1508 // non-interface field appearing in ForceSendFields will be sent to the 1509 // server regardless of whether the field is empty or not. This may be 1510 // used to include empty fields in Patch requests. 1511 ForceSendFields []string `json:"-"` 1512 1513 // NullFields is a list of field names (e.g. "FullResourceName") to 1514 // include in API requests with the JSON null value. By default, fields 1515 // with empty values are omitted from API requests. However, any field 1516 // with an empty value appearing in NullFields will be sent to the 1517 // server as null. It is an error if a field in this list has a 1518 // non-empty value. This may be used to include null fields in Patch 1519 // requests. 1520 NullFields []string `json:"-"` 1521} 1522 1523func (s *QueryAuditableServicesRequest) MarshalJSON() ([]byte, error) { 1524 type NoMethod QueryAuditableServicesRequest 1525 raw := NoMethod(*s) 1526 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1527} 1528 1529// QueryAuditableServicesResponse: A response containing a list of 1530// auditable services for a resource. 1531type QueryAuditableServicesResponse struct { 1532 // Services: The auditable services for a resource. 1533 Services []*AuditableService `json:"services,omitempty"` 1534 1535 // ServerResponse contains the HTTP response code and headers from the 1536 // server. 1537 googleapi.ServerResponse `json:"-"` 1538 1539 // ForceSendFields is a list of field names (e.g. "Services") to 1540 // unconditionally include in API requests. By default, fields with 1541 // empty values are omitted from API requests. However, any non-pointer, 1542 // non-interface field appearing in ForceSendFields will be sent to the 1543 // server regardless of whether the field is empty or not. This may be 1544 // used to include empty fields in Patch requests. 1545 ForceSendFields []string `json:"-"` 1546 1547 // NullFields is a list of field names (e.g. "Services") to include in 1548 // API requests with the JSON null value. By default, fields with empty 1549 // values are omitted from API requests. However, any field with an 1550 // empty value appearing in NullFields will be sent to the server as 1551 // null. It is an error if a field in this list has a non-empty value. 1552 // This may be used to include null fields in Patch requests. 1553 NullFields []string `json:"-"` 1554} 1555 1556func (s *QueryAuditableServicesResponse) MarshalJSON() ([]byte, error) { 1557 type NoMethod QueryAuditableServicesResponse 1558 raw := NoMethod(*s) 1559 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1560} 1561 1562// QueryGrantableRolesRequest: The grantable role query request. 1563type QueryGrantableRolesRequest struct { 1564 // FullResourceName: Required. The full resource name to query from the 1565 // list of grantable roles. 1566 // 1567 // The name follows the Google Cloud Platform resource format. 1568 // For example, a Cloud Platform project with id `my-project` will be 1569 // named 1570 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1571 FullResourceName string `json:"fullResourceName,omitempty"` 1572 1573 // PageSize: Optional limit on the number of roles to include in the 1574 // response. 1575 PageSize int64 `json:"pageSize,omitempty"` 1576 1577 // PageToken: Optional pagination token returned in an 1578 // earlier 1579 // QueryGrantableRolesResponse. 1580 PageToken string `json:"pageToken,omitempty"` 1581 1582 // Possible values: 1583 // "BASIC" - Omits the `included_permissions` field. 1584 // This is the default value. 1585 // "FULL" - Returns all fields. 1586 View string `json:"view,omitempty"` 1587 1588 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1589 // unconditionally include in API requests. By default, fields with 1590 // empty values are omitted from API requests. However, any non-pointer, 1591 // non-interface field appearing in ForceSendFields will be sent to the 1592 // server regardless of whether the field is empty or not. This may be 1593 // used to include empty fields in Patch requests. 1594 ForceSendFields []string `json:"-"` 1595 1596 // NullFields is a list of field names (e.g. "FullResourceName") to 1597 // include in API requests with the JSON null value. By default, fields 1598 // with empty values are omitted from API requests. However, any field 1599 // with an empty value appearing in NullFields will be sent to the 1600 // server as null. It is an error if a field in this list has a 1601 // non-empty value. This may be used to include null fields in Patch 1602 // requests. 1603 NullFields []string `json:"-"` 1604} 1605 1606func (s *QueryGrantableRolesRequest) MarshalJSON() ([]byte, error) { 1607 type NoMethod QueryGrantableRolesRequest 1608 raw := NoMethod(*s) 1609 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1610} 1611 1612// QueryGrantableRolesResponse: The grantable role query response. 1613type QueryGrantableRolesResponse struct { 1614 // NextPageToken: To retrieve the next page of results, 1615 // set 1616 // `QueryGrantableRolesRequest.page_token` to this value. 1617 NextPageToken string `json:"nextPageToken,omitempty"` 1618 1619 // Roles: The list of matching roles. 1620 Roles []*Role `json:"roles,omitempty"` 1621 1622 // ServerResponse contains the HTTP response code and headers from the 1623 // server. 1624 googleapi.ServerResponse `json:"-"` 1625 1626 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1627 // unconditionally include in API requests. By default, fields with 1628 // empty values are omitted from API requests. However, any non-pointer, 1629 // non-interface field appearing in ForceSendFields will be sent to the 1630 // server regardless of whether the field is empty or not. This may be 1631 // used to include empty fields in Patch requests. 1632 ForceSendFields []string `json:"-"` 1633 1634 // NullFields is a list of field names (e.g. "NextPageToken") to include 1635 // in API requests with the JSON null value. By default, fields with 1636 // empty values are omitted from API requests. However, any field with 1637 // an empty value appearing in NullFields will be sent to the server as 1638 // null. It is an error if a field in this list has a non-empty value. 1639 // This may be used to include null fields in Patch requests. 1640 NullFields []string `json:"-"` 1641} 1642 1643func (s *QueryGrantableRolesResponse) MarshalJSON() ([]byte, error) { 1644 type NoMethod QueryGrantableRolesResponse 1645 raw := NoMethod(*s) 1646 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1647} 1648 1649// QueryTestablePermissionsRequest: A request to get permissions which 1650// can be tested on a resource. 1651type QueryTestablePermissionsRequest struct { 1652 // FullResourceName: Required. The full resource name to query from the 1653 // list of testable 1654 // permissions. 1655 // 1656 // The name follows the Google Cloud Platform resource format. 1657 // For example, a Cloud Platform project with id `my-project` will be 1658 // named 1659 // `//cloudresourcemanager.googleapis.com/projects/my-project`. 1660 FullResourceName string `json:"fullResourceName,omitempty"` 1661 1662 // PageSize: Optional limit on the number of permissions to include in 1663 // the response. 1664 PageSize int64 `json:"pageSize,omitempty"` 1665 1666 // PageToken: Optional pagination token returned in an 1667 // earlier 1668 // QueryTestablePermissionsRequest. 1669 PageToken string `json:"pageToken,omitempty"` 1670 1671 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1672 // unconditionally include in API requests. By default, fields with 1673 // empty values are omitted from API requests. However, any non-pointer, 1674 // non-interface field appearing in ForceSendFields will be sent to the 1675 // server regardless of whether the field is empty or not. This may be 1676 // used to include empty fields in Patch requests. 1677 ForceSendFields []string `json:"-"` 1678 1679 // NullFields is a list of field names (e.g. "FullResourceName") to 1680 // include in API requests with the JSON null value. By default, fields 1681 // with empty values are omitted from API requests. However, any field 1682 // with an empty value appearing in NullFields will be sent to the 1683 // server as null. It is an error if a field in this list has a 1684 // non-empty value. This may be used to include null fields in Patch 1685 // requests. 1686 NullFields []string `json:"-"` 1687} 1688 1689func (s *QueryTestablePermissionsRequest) MarshalJSON() ([]byte, error) { 1690 type NoMethod QueryTestablePermissionsRequest 1691 raw := NoMethod(*s) 1692 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1693} 1694 1695// QueryTestablePermissionsResponse: The response containing permissions 1696// which can be tested on a resource. 1697type QueryTestablePermissionsResponse struct { 1698 // NextPageToken: To retrieve the next page of results, 1699 // set 1700 // `QueryTestableRolesRequest.page_token` to this value. 1701 NextPageToken string `json:"nextPageToken,omitempty"` 1702 1703 // Permissions: The Permissions testable on the requested resource. 1704 Permissions []*Permission `json:"permissions,omitempty"` 1705 1706 // ServerResponse contains the HTTP response code and headers from the 1707 // server. 1708 googleapi.ServerResponse `json:"-"` 1709 1710 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 1711 // unconditionally include in API requests. By default, fields with 1712 // empty values are omitted from API requests. However, any non-pointer, 1713 // non-interface field appearing in ForceSendFields will be sent to the 1714 // server regardless of whether the field is empty or not. This may be 1715 // used to include empty fields in Patch requests. 1716 ForceSendFields []string `json:"-"` 1717 1718 // NullFields is a list of field names (e.g. "NextPageToken") to include 1719 // in API requests with the JSON null value. By default, fields with 1720 // empty values are omitted from API requests. However, any field with 1721 // an empty value appearing in NullFields will be sent to the server as 1722 // null. It is an error if a field in this list has a non-empty value. 1723 // This may be used to include null fields in Patch requests. 1724 NullFields []string `json:"-"` 1725} 1726 1727func (s *QueryTestablePermissionsResponse) MarshalJSON() ([]byte, error) { 1728 type NoMethod QueryTestablePermissionsResponse 1729 raw := NoMethod(*s) 1730 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1731} 1732 1733// Role: A role in the Identity and Access Management API. 1734type Role struct { 1735 // Deleted: The current deleted state of the role. This field is read 1736 // only. 1737 // It will be ignored in calls to CreateRole and UpdateRole. 1738 Deleted bool `json:"deleted,omitempty"` 1739 1740 // Description: Optional. A human-readable description for the role. 1741 Description string `json:"description,omitempty"` 1742 1743 // Etag: Used to perform a consistent read-modify-write. 1744 Etag string `json:"etag,omitempty"` 1745 1746 // IncludedPermissions: The names of the permissions this role grants 1747 // when bound in an IAM policy. 1748 IncludedPermissions []string `json:"includedPermissions,omitempty"` 1749 1750 // Name: The name of the role. 1751 // 1752 // When Role is used in CreateRole, the role name must not be set. 1753 // 1754 // When Role is used in output and other input such as UpdateRole, the 1755 // role 1756 // name is the complete path, e.g., roles/logging.viewer for predefined 1757 // roles 1758 // and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom 1759 // roles. 1760 Name string `json:"name,omitempty"` 1761 1762 // Stage: The current launch stage of the role. If the `ALPHA` launch 1763 // stage has been 1764 // selected for a role, the `stage` field will not be included in 1765 // the 1766 // returned definition for the role. 1767 // 1768 // Possible values: 1769 // "ALPHA" - The user has indicated this role is currently in an Alpha 1770 // phase. If this 1771 // launch stage is selected, the `stage` field will not be included 1772 // when 1773 // requesting the definition for a given role. 1774 // "BETA" - The user has indicated this role is currently in a Beta 1775 // phase. 1776 // "GA" - The user has indicated this role is generally available. 1777 // "DEPRECATED" - The user has indicated this role is being 1778 // deprecated. 1779 // "DISABLED" - This role is disabled and will not contribute 1780 // permissions to any members 1781 // it is granted to in policies. 1782 // "EAP" - The user has indicated this role is currently in an EAP 1783 // phase. 1784 Stage string `json:"stage,omitempty"` 1785 1786 // Title: Optional. A human-readable title for the role. Typically 1787 // this 1788 // is limited to 100 UTF-8 bytes. 1789 Title string `json:"title,omitempty"` 1790 1791 // ServerResponse contains the HTTP response code and headers from the 1792 // server. 1793 googleapi.ServerResponse `json:"-"` 1794 1795 // ForceSendFields is a list of field names (e.g. "Deleted") to 1796 // unconditionally include in API requests. By default, fields with 1797 // empty values are omitted from API requests. However, any non-pointer, 1798 // non-interface field appearing in ForceSendFields will be sent to the 1799 // server regardless of whether the field is empty or not. This may be 1800 // used to include empty fields in Patch requests. 1801 ForceSendFields []string `json:"-"` 1802 1803 // NullFields is a list of field names (e.g. "Deleted") to include in 1804 // API requests with the JSON null value. By default, fields with empty 1805 // values are omitted from API requests. However, any field with an 1806 // empty value appearing in NullFields will be sent to the server as 1807 // null. It is an error if a field in this list has a non-empty value. 1808 // This may be used to include null fields in Patch requests. 1809 NullFields []string `json:"-"` 1810} 1811 1812func (s *Role) MarshalJSON() ([]byte, error) { 1813 type NoMethod Role 1814 raw := NoMethod(*s) 1815 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1816} 1817 1818// ServiceAccount: A service account in the Identity and Access 1819// Management API. 1820// 1821// To create a service account, specify the `project_id` and the 1822// `account_id` 1823// for the account. The `account_id` is unique within the project, and 1824// is used 1825// to generate the service account email address and a 1826// stable 1827// `unique_id`. 1828// 1829// If the account already exists, the account's resource name is 1830// returned 1831// in the format of projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}. The 1832// caller 1833// can use the name in other methods to access the account. 1834// 1835// All other methods can identify the service account using the 1836// format 1837// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. 1838// Using `-` as a wildcard for the `PROJECT_ID` will infer the project 1839// from 1840// the account. The `ACCOUNT` value can be the `email` address or 1841// the 1842// `unique_id` of the service account. 1843type ServiceAccount struct { 1844 // Description: Optional. A user-specified opaque description of the 1845 // service account. 1846 // Must be less than or equal to 256 UTF-8 bytes. 1847 Description string `json:"description,omitempty"` 1848 1849 // Disabled: @OutputOnly A bool indicate if the service account is 1850 // disabled. 1851 // The field is currently in alpha phase. 1852 Disabled bool `json:"disabled,omitempty"` 1853 1854 // DisplayName: Optional. A user-specified name for the service 1855 // account. 1856 // Must be less than or equal to 100 UTF-8 bytes. 1857 DisplayName string `json:"displayName,omitempty"` 1858 1859 // Email: @OutputOnly The email address of the service account. 1860 Email string `json:"email,omitempty"` 1861 1862 // Etag: Optional. Note: `etag` is an inoperable legacy field that is 1863 // only returned 1864 // for backwards compatibility. 1865 Etag string `json:"etag,omitempty"` 1866 1867 // Name: The resource name of the service account in the following 1868 // format: 1869 // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. 1870 // 1871 // Requests using `-` as a wildcard for the `PROJECT_ID` will infer 1872 // the 1873 // project from the `account` and the `ACCOUNT` value can be the 1874 // `email` 1875 // address or the `unique_id` of the service account. 1876 // 1877 // In responses the resource name will always be in the 1878 // format 1879 // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. 1880 Name string `json:"name,omitempty"` 1881 1882 // Oauth2ClientId: @OutputOnly The OAuth2 client id for the service 1883 // account. 1884 // This is used in conjunction with the OAuth2 clientconfig API to 1885 // make 1886 // three legged OAuth2 (3LO) flows to access the data of Google users. 1887 Oauth2ClientId string `json:"oauth2ClientId,omitempty"` 1888 1889 // ProjectId: @OutputOnly The id of the project that owns the service 1890 // account. 1891 ProjectId string `json:"projectId,omitempty"` 1892 1893 // UniqueId: @OutputOnly The unique and stable id of the service 1894 // account. 1895 UniqueId string `json:"uniqueId,omitempty"` 1896 1897 // ServerResponse contains the HTTP response code and headers from the 1898 // server. 1899 googleapi.ServerResponse `json:"-"` 1900 1901 // ForceSendFields is a list of field names (e.g. "Description") to 1902 // unconditionally include in API requests. By default, fields with 1903 // empty values are omitted from API requests. However, any non-pointer, 1904 // non-interface field appearing in ForceSendFields will be sent to the 1905 // server regardless of whether the field is empty or not. This may be 1906 // used to include empty fields in Patch requests. 1907 ForceSendFields []string `json:"-"` 1908 1909 // NullFields is a list of field names (e.g. "Description") to include 1910 // in API requests with the JSON null value. By default, fields with 1911 // empty values are omitted from API requests. However, any field with 1912 // an empty value appearing in NullFields will be sent to the server as 1913 // null. It is an error if a field in this list has a non-empty value. 1914 // This may be used to include null fields in Patch requests. 1915 NullFields []string `json:"-"` 1916} 1917 1918func (s *ServiceAccount) MarshalJSON() ([]byte, error) { 1919 type NoMethod ServiceAccount 1920 raw := NoMethod(*s) 1921 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1922} 1923 1924// ServiceAccountKey: Represents a service account key. 1925// 1926// A service account has two sets of key-pairs: user-managed, 1927// and 1928// system-managed. 1929// 1930// User-managed key-pairs can be created and deleted by users. Users 1931// are 1932// responsible for rotating these keys periodically to ensure security 1933// of 1934// their service accounts. Users retain the private key of these 1935// key-pairs, 1936// and Google retains ONLY the public key. 1937// 1938// System-managed keys are automatically rotated by Google, and are used 1939// for 1940// signing for a maximum of two weeks. The rotation process is 1941// probabilistic, 1942// and usage of the new key will gradually ramp up and down over the 1943// key's 1944// lifetime. We recommend caching the public key set for a service 1945// account for 1946// no more than 24 hours to ensure you have access to the latest 1947// keys. 1948// 1949// Public keys for all service accounts are also published at the 1950// OAuth2 1951// Service Account API. 1952type ServiceAccountKey struct { 1953 // KeyAlgorithm: Specifies the algorithm (and possibly key size) for the 1954 // key. 1955 // 1956 // Possible values: 1957 // "KEY_ALG_UNSPECIFIED" - An unspecified key algorithm. 1958 // "KEY_ALG_RSA_1024" - 1k RSA Key. 1959 // "KEY_ALG_RSA_2048" - 2k RSA Key. 1960 KeyAlgorithm string `json:"keyAlgorithm,omitempty"` 1961 1962 // KeyOrigin: The key origin. 1963 // 1964 // Possible values: 1965 // "ORIGIN_UNSPECIFIED" - Unspecified key origin. 1966 // "USER_PROVIDED" - Key is provided by user. 1967 // "GOOGLE_PROVIDED" - Key is provided by Google. 1968 KeyOrigin string `json:"keyOrigin,omitempty"` 1969 1970 // KeyType: The key type. 1971 // 1972 // Possible values: 1973 // "KEY_TYPE_UNSPECIFIED" - Unspecified key type. The presence of this 1974 // in the 1975 // message will immediately result in an error. 1976 // "USER_MANAGED" - User-managed keys (managed and rotated by the 1977 // user). 1978 // "SYSTEM_MANAGED" - System-managed keys (managed and rotated by 1979 // Google). 1980 KeyType string `json:"keyType,omitempty"` 1981 1982 // Name: The resource name of the service account key in the following 1983 // format 1984 // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. 1985 Name string `json:"name,omitempty"` 1986 1987 // PrivateKeyData: The private key data. Only provided in 1988 // `CreateServiceAccountKey` 1989 // responses. Make sure to keep the private key data secure because 1990 // it 1991 // allows for the assertion of the service account identity. 1992 // When base64 decoded, the private key data can be used to authenticate 1993 // with 1994 // Google API client libraries and with 1995 // <a 1996 // href="/sdk/gcloud/reference/auth/activate-service-account">gcloud 1997 // auth 1998 // activate-service-account</a>. 1999 PrivateKeyData string `json:"privateKeyData,omitempty"` 2000 2001 // PrivateKeyType: The output format for the private key. 2002 // Only provided in `CreateServiceAccountKey` responses, not 2003 // in `GetServiceAccountKey` or `ListServiceAccountKey` 2004 // responses. 2005 // 2006 // Google never exposes system-managed private keys, and never 2007 // retains 2008 // user-managed private keys. 2009 // 2010 // Possible values: 2011 // "TYPE_UNSPECIFIED" - Unspecified. Equivalent to 2012 // `TYPE_GOOGLE_CREDENTIALS_FILE`. 2013 // "TYPE_PKCS12_FILE" - PKCS12 format. 2014 // The password for the PKCS12 file is `notasecret`. 2015 // For more information, see https://tools.ietf.org/html/rfc7292. 2016 // "TYPE_GOOGLE_CREDENTIALS_FILE" - Google Credentials File format. 2017 PrivateKeyType string `json:"privateKeyType,omitempty"` 2018 2019 // PublicKeyData: The public key data. Only provided in 2020 // `GetServiceAccountKey` responses. 2021 PublicKeyData string `json:"publicKeyData,omitempty"` 2022 2023 // ValidAfterTime: The key can be used after this timestamp. 2024 ValidAfterTime string `json:"validAfterTime,omitempty"` 2025 2026 // ValidBeforeTime: The key can be used before this timestamp. 2027 // For system-managed key pairs, this timestamp is the end time for 2028 // the 2029 // private key signing operation. The public key could still be used 2030 // for verification for a few hours after this time. 2031 ValidBeforeTime string `json:"validBeforeTime,omitempty"` 2032 2033 // ServerResponse contains the HTTP response code and headers from the 2034 // server. 2035 googleapi.ServerResponse `json:"-"` 2036 2037 // ForceSendFields is a list of field names (e.g. "KeyAlgorithm") to 2038 // unconditionally include in API requests. By default, fields with 2039 // empty values are omitted from API requests. However, any non-pointer, 2040 // non-interface field appearing in ForceSendFields will be sent to the 2041 // server regardless of whether the field is empty or not. This may be 2042 // used to include empty fields in Patch requests. 2043 ForceSendFields []string `json:"-"` 2044 2045 // NullFields is a list of field names (e.g. "KeyAlgorithm") to include 2046 // in API requests with the JSON null value. By default, fields with 2047 // empty values are omitted from API requests. However, any field with 2048 // an empty value appearing in NullFields will be sent to the server as 2049 // null. It is an error if a field in this list has a non-empty value. 2050 // This may be used to include null fields in Patch requests. 2051 NullFields []string `json:"-"` 2052} 2053 2054func (s *ServiceAccountKey) MarshalJSON() ([]byte, error) { 2055 type NoMethod ServiceAccountKey 2056 raw := NoMethod(*s) 2057 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2058} 2059 2060// SetIamPolicyRequest: Request message for `SetIamPolicy` method. 2061type SetIamPolicyRequest struct { 2062 // Policy: REQUIRED: The complete policy to be applied to the 2063 // `resource`. The size of 2064 // the policy is limited to a few 10s of KB. An empty policy is a 2065 // valid policy but certain Cloud Platform services (such as 2066 // Projects) 2067 // might reject them. 2068 Policy *Policy `json:"policy,omitempty"` 2069 2070 // UpdateMask: OPTIONAL: A FieldMask specifying which fields of the 2071 // policy to modify. Only 2072 // the fields in the mask will be modified. If no mask is provided, 2073 // the 2074 // following default mask is used: 2075 // paths: "bindings, etag" 2076 // This field is only used by Cloud IAM. 2077 UpdateMask string `json:"updateMask,omitempty"` 2078 2079 // ForceSendFields is a list of field names (e.g. "Policy") to 2080 // unconditionally include in API requests. By default, fields with 2081 // empty values are omitted from API requests. However, any non-pointer, 2082 // non-interface field appearing in ForceSendFields will be sent to the 2083 // server regardless of whether the field is empty or not. This may be 2084 // used to include empty fields in Patch requests. 2085 ForceSendFields []string `json:"-"` 2086 2087 // NullFields is a list of field names (e.g. "Policy") to include in API 2088 // requests with the JSON null value. By default, fields with empty 2089 // values are omitted from API requests. However, any field with an 2090 // empty value appearing in NullFields will be sent to the server as 2091 // null. It is an error if a field in this list has a non-empty value. 2092 // This may be used to include null fields in Patch requests. 2093 NullFields []string `json:"-"` 2094} 2095 2096func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) { 2097 type NoMethod SetIamPolicyRequest 2098 raw := NoMethod(*s) 2099 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2100} 2101 2102// SignBlobRequest: The service account sign blob request. 2103type SignBlobRequest struct { 2104 // BytesToSign: Required. The bytes to sign. 2105 BytesToSign string `json:"bytesToSign,omitempty"` 2106 2107 // ForceSendFields is a list of field names (e.g. "BytesToSign") to 2108 // unconditionally include in API requests. By default, fields with 2109 // empty values are omitted from API requests. However, any non-pointer, 2110 // non-interface field appearing in ForceSendFields will be sent to the 2111 // server regardless of whether the field is empty or not. This may be 2112 // used to include empty fields in Patch requests. 2113 ForceSendFields []string `json:"-"` 2114 2115 // NullFields is a list of field names (e.g. "BytesToSign") to include 2116 // in API requests with the JSON null value. By default, fields with 2117 // empty values are omitted from API requests. However, any field with 2118 // an empty value appearing in NullFields will be sent to the server as 2119 // null. It is an error if a field in this list has a non-empty value. 2120 // This may be used to include null fields in Patch requests. 2121 NullFields []string `json:"-"` 2122} 2123 2124func (s *SignBlobRequest) MarshalJSON() ([]byte, error) { 2125 type NoMethod SignBlobRequest 2126 raw := NoMethod(*s) 2127 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2128} 2129 2130// SignBlobResponse: The service account sign blob response. 2131type SignBlobResponse struct { 2132 // KeyId: The id of the key used to sign the blob. 2133 KeyId string `json:"keyId,omitempty"` 2134 2135 // Signature: The signed blob. 2136 Signature string `json:"signature,omitempty"` 2137 2138 // ServerResponse contains the HTTP response code and headers from the 2139 // server. 2140 googleapi.ServerResponse `json:"-"` 2141 2142 // ForceSendFields is a list of field names (e.g. "KeyId") to 2143 // unconditionally include in API requests. By default, fields with 2144 // empty values are omitted from API requests. However, any non-pointer, 2145 // non-interface field appearing in ForceSendFields will be sent to the 2146 // server regardless of whether the field is empty or not. This may be 2147 // used to include empty fields in Patch requests. 2148 ForceSendFields []string `json:"-"` 2149 2150 // NullFields is a list of field names (e.g. "KeyId") to include in API 2151 // requests with the JSON null value. By default, fields with empty 2152 // values are omitted from API requests. However, any field with an 2153 // empty value appearing in NullFields will be sent to the server as 2154 // null. It is an error if a field in this list has a non-empty value. 2155 // This may be used to include null fields in Patch requests. 2156 NullFields []string `json:"-"` 2157} 2158 2159func (s *SignBlobResponse) MarshalJSON() ([]byte, error) { 2160 type NoMethod SignBlobResponse 2161 raw := NoMethod(*s) 2162 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2163} 2164 2165// SignJwtRequest: The service account sign JWT request. 2166type SignJwtRequest struct { 2167 // Payload: Required. The JWT payload to sign, a JSON JWT Claim set. 2168 Payload string `json:"payload,omitempty"` 2169 2170 // ForceSendFields is a list of field names (e.g. "Payload") to 2171 // unconditionally include in API requests. By default, fields with 2172 // empty values are omitted from API requests. However, any non-pointer, 2173 // non-interface field appearing in ForceSendFields will be sent to the 2174 // server regardless of whether the field is empty or not. This may be 2175 // used to include empty fields in Patch requests. 2176 ForceSendFields []string `json:"-"` 2177 2178 // NullFields is a list of field names (e.g. "Payload") to include in 2179 // API requests with the JSON null value. By default, fields with empty 2180 // values are omitted from API requests. However, any field with an 2181 // empty value appearing in NullFields will be sent to the server as 2182 // null. It is an error if a field in this list has a non-empty value. 2183 // This may be used to include null fields in Patch requests. 2184 NullFields []string `json:"-"` 2185} 2186 2187func (s *SignJwtRequest) MarshalJSON() ([]byte, error) { 2188 type NoMethod SignJwtRequest 2189 raw := NoMethod(*s) 2190 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2191} 2192 2193// SignJwtResponse: The service account sign JWT response. 2194type SignJwtResponse struct { 2195 // KeyId: The id of the key used to sign the JWT. 2196 KeyId string `json:"keyId,omitempty"` 2197 2198 // SignedJwt: The signed JWT. 2199 SignedJwt string `json:"signedJwt,omitempty"` 2200 2201 // ServerResponse contains the HTTP response code and headers from the 2202 // server. 2203 googleapi.ServerResponse `json:"-"` 2204 2205 // ForceSendFields is a list of field names (e.g. "KeyId") to 2206 // unconditionally include in API requests. By default, fields with 2207 // empty values are omitted from API requests. However, any non-pointer, 2208 // non-interface field appearing in ForceSendFields will be sent to the 2209 // server regardless of whether the field is empty or not. This may be 2210 // used to include empty fields in Patch requests. 2211 ForceSendFields []string `json:"-"` 2212 2213 // NullFields is a list of field names (e.g. "KeyId") to include in API 2214 // requests with the JSON null value. By default, fields with empty 2215 // values are omitted from API requests. However, any field with an 2216 // empty value appearing in NullFields will be sent to the server as 2217 // null. It is an error if a field in this list has a non-empty value. 2218 // This may be used to include null fields in Patch requests. 2219 NullFields []string `json:"-"` 2220} 2221 2222func (s *SignJwtResponse) MarshalJSON() ([]byte, error) { 2223 type NoMethod SignJwtResponse 2224 raw := NoMethod(*s) 2225 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2226} 2227 2228// TestIamPermissionsRequest: Request message for `TestIamPermissions` 2229// method. 2230type TestIamPermissionsRequest struct { 2231 // Permissions: The set of permissions to check for the `resource`. 2232 // Permissions with 2233 // wildcards (such as '*' or 'storage.*') are not allowed. For 2234 // more 2235 // information see 2236 // [IAM 2237 // Overview](https://cloud.google.com/iam/docs/overview#permissions). 2238 Permissions []string `json:"permissions,omitempty"` 2239 2240 // ForceSendFields is a list of field names (e.g. "Permissions") to 2241 // unconditionally include in API requests. By default, fields with 2242 // empty values are omitted from API requests. However, any non-pointer, 2243 // non-interface field appearing in ForceSendFields will be sent to the 2244 // server regardless of whether the field is empty or not. This may be 2245 // used to include empty fields in Patch requests. 2246 ForceSendFields []string `json:"-"` 2247 2248 // NullFields is a list of field names (e.g. "Permissions") to include 2249 // in API requests with the JSON null value. By default, fields with 2250 // empty values are omitted from API requests. However, any field with 2251 // an empty value appearing in NullFields will be sent to the server as 2252 // null. It is an error if a field in this list has a non-empty value. 2253 // This may be used to include null fields in Patch requests. 2254 NullFields []string `json:"-"` 2255} 2256 2257func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error) { 2258 type NoMethod TestIamPermissionsRequest 2259 raw := NoMethod(*s) 2260 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2261} 2262 2263// TestIamPermissionsResponse: Response message for `TestIamPermissions` 2264// method. 2265type TestIamPermissionsResponse struct { 2266 // Permissions: A subset of `TestPermissionsRequest.permissions` that 2267 // the caller is 2268 // allowed. 2269 Permissions []string `json:"permissions,omitempty"` 2270 2271 // ServerResponse contains the HTTP response code and headers from the 2272 // server. 2273 googleapi.ServerResponse `json:"-"` 2274 2275 // ForceSendFields is a list of field names (e.g. "Permissions") to 2276 // unconditionally include in API requests. By default, fields with 2277 // empty values are omitted from API requests. However, any non-pointer, 2278 // non-interface field appearing in ForceSendFields will be sent to the 2279 // server regardless of whether the field is empty or not. This may be 2280 // used to include empty fields in Patch requests. 2281 ForceSendFields []string `json:"-"` 2282 2283 // NullFields is a list of field names (e.g. "Permissions") to include 2284 // in API requests with the JSON null value. By default, fields with 2285 // empty values are omitted from API requests. However, any field with 2286 // an empty value appearing in NullFields will be sent to the server as 2287 // null. It is an error if a field in this list has a non-empty value. 2288 // This may be used to include null fields in Patch requests. 2289 NullFields []string `json:"-"` 2290} 2291 2292func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) { 2293 type NoMethod TestIamPermissionsResponse 2294 raw := NoMethod(*s) 2295 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2296} 2297 2298// UndeleteRoleRequest: The request to undelete an existing role. 2299type UndeleteRoleRequest struct { 2300 // Etag: Used to perform a consistent read-modify-write. 2301 Etag string `json:"etag,omitempty"` 2302 2303 // ForceSendFields is a list of field names (e.g. "Etag") to 2304 // unconditionally include in API requests. By default, fields with 2305 // empty values are omitted from API requests. However, any non-pointer, 2306 // non-interface field appearing in ForceSendFields will be sent to the 2307 // server regardless of whether the field is empty or not. This may be 2308 // used to include empty fields in Patch requests. 2309 ForceSendFields []string `json:"-"` 2310 2311 // NullFields is a list of field names (e.g. "Etag") to include in API 2312 // requests with the JSON null value. By default, fields with empty 2313 // values are omitted from API requests. However, any field with an 2314 // empty value appearing in NullFields will be sent to the server as 2315 // null. It is an error if a field in this list has a non-empty value. 2316 // This may be used to include null fields in Patch requests. 2317 NullFields []string `json:"-"` 2318} 2319 2320func (s *UndeleteRoleRequest) MarshalJSON() ([]byte, error) { 2321 type NoMethod UndeleteRoleRequest 2322 raw := NoMethod(*s) 2323 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2324} 2325 2326// UndeleteServiceAccountRequest: The service account undelete request. 2327type UndeleteServiceAccountRequest struct { 2328} 2329 2330type UndeleteServiceAccountResponse struct { 2331 // RestoredAccount: Metadata for the restored service account. 2332 RestoredAccount *ServiceAccount `json:"restoredAccount,omitempty"` 2333 2334 // ServerResponse contains the HTTP response code and headers from the 2335 // server. 2336 googleapi.ServerResponse `json:"-"` 2337 2338 // ForceSendFields is a list of field names (e.g. "RestoredAccount") to 2339 // unconditionally include in API requests. By default, fields with 2340 // empty values are omitted from API requests. However, any non-pointer, 2341 // non-interface field appearing in ForceSendFields will be sent to the 2342 // server regardless of whether the field is empty or not. This may be 2343 // used to include empty fields in Patch requests. 2344 ForceSendFields []string `json:"-"` 2345 2346 // NullFields is a list of field names (e.g. "RestoredAccount") to 2347 // include in API requests with the JSON null value. By default, fields 2348 // with empty values are omitted from API requests. However, any field 2349 // with an empty value appearing in NullFields will be sent to the 2350 // server as null. It is an error if a field in this list has a 2351 // non-empty value. This may be used to include null fields in Patch 2352 // requests. 2353 NullFields []string `json:"-"` 2354} 2355 2356func (s *UndeleteServiceAccountResponse) MarshalJSON() ([]byte, error) { 2357 type NoMethod UndeleteServiceAccountResponse 2358 raw := NoMethod(*s) 2359 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2360} 2361 2362// UploadServiceAccountKeyRequest: The service account key upload 2363// request. 2364type UploadServiceAccountKeyRequest struct { 2365 // PublicKeyData: A field that allows clients to upload their own public 2366 // key. If set, 2367 // use this public key data to create a service account key for 2368 // given 2369 // service account. 2370 // Please note, the expected format for this field is X509_PEM. 2371 PublicKeyData string `json:"publicKeyData,omitempty"` 2372 2373 // ForceSendFields is a list of field names (e.g. "PublicKeyData") to 2374 // unconditionally include in API requests. By default, fields with 2375 // empty values are omitted from API requests. However, any non-pointer, 2376 // non-interface field appearing in ForceSendFields will be sent to the 2377 // server regardless of whether the field is empty or not. This may be 2378 // used to include empty fields in Patch requests. 2379 ForceSendFields []string `json:"-"` 2380 2381 // NullFields is a list of field names (e.g. "PublicKeyData") to include 2382 // in API requests with the JSON null value. By default, fields with 2383 // empty values are omitted from API requests. However, any field with 2384 // an empty value appearing in NullFields will be sent to the server as 2385 // null. It is an error if a field in this list has a non-empty value. 2386 // This may be used to include null fields in Patch requests. 2387 NullFields []string `json:"-"` 2388} 2389 2390func (s *UploadServiceAccountKeyRequest) MarshalJSON() ([]byte, error) { 2391 type NoMethod UploadServiceAccountKeyRequest 2392 raw := NoMethod(*s) 2393 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2394} 2395 2396// method id "iam.iamPolicies.lintPolicy": 2397 2398type IamPoliciesLintPolicyCall struct { 2399 s *Service 2400 lintpolicyrequest *LintPolicyRequest 2401 urlParams_ gensupport.URLParams 2402 ctx_ context.Context 2403 header_ http.Header 2404} 2405 2406// LintPolicy: Lints a Cloud IAM policy object or its sub fields. 2407// Currently supports 2408// google.iam.v1.Binding.condition. 2409// 2410// Each lint operation consists of multiple lint validation units. 2411// Each unit inspects the input object in regard to a particular 2412// linting 2413// aspect and issues a google.iam.admin.v1.LintResult disclosing 2414// the 2415// result. 2416// 2417// The set of applicable validation units is determined by the Cloud 2418// IAM 2419// server and is not configurable. 2420// 2421// Regardless of any lint issues or their severities, successful calls 2422// to 2423// `lintPolicy` return an HTTP 200 OK status code. 2424func (r *IamPoliciesService) LintPolicy(lintpolicyrequest *LintPolicyRequest) *IamPoliciesLintPolicyCall { 2425 c := &IamPoliciesLintPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2426 c.lintpolicyrequest = lintpolicyrequest 2427 return c 2428} 2429 2430// Fields allows partial responses to be retrieved. See 2431// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2432// for more information. 2433func (c *IamPoliciesLintPolicyCall) Fields(s ...googleapi.Field) *IamPoliciesLintPolicyCall { 2434 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2435 return c 2436} 2437 2438// Context sets the context to be used in this call's Do method. Any 2439// pending HTTP request will be aborted if the provided context is 2440// canceled. 2441func (c *IamPoliciesLintPolicyCall) Context(ctx context.Context) *IamPoliciesLintPolicyCall { 2442 c.ctx_ = ctx 2443 return c 2444} 2445 2446// Header returns an http.Header that can be modified by the caller to 2447// add HTTP headers to the request. 2448func (c *IamPoliciesLintPolicyCall) Header() http.Header { 2449 if c.header_ == nil { 2450 c.header_ = make(http.Header) 2451 } 2452 return c.header_ 2453} 2454 2455func (c *IamPoliciesLintPolicyCall) doRequest(alt string) (*http.Response, error) { 2456 reqHeaders := make(http.Header) 2457 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 2458 for k, v := range c.header_ { 2459 reqHeaders[k] = v 2460 } 2461 reqHeaders.Set("User-Agent", c.s.userAgent()) 2462 var body io.Reader = nil 2463 body, err := googleapi.WithoutDataWrapper.JSONReader(c.lintpolicyrequest) 2464 if err != nil { 2465 return nil, err 2466 } 2467 reqHeaders.Set("Content-Type", "application/json") 2468 c.urlParams_.Set("alt", alt) 2469 c.urlParams_.Set("prettyPrint", "false") 2470 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/iamPolicies:lintPolicy") 2471 urls += "?" + c.urlParams_.Encode() 2472 req, err := http.NewRequest("POST", urls, body) 2473 if err != nil { 2474 return nil, err 2475 } 2476 req.Header = reqHeaders 2477 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2478} 2479 2480// Do executes the "iam.iamPolicies.lintPolicy" call. 2481// Exactly one of *LintPolicyResponse or error will be non-nil. Any 2482// non-2xx status code is an error. Response headers are in either 2483// *LintPolicyResponse.ServerResponse.Header or (if a response was 2484// returned at all) in error.(*googleapi.Error).Header. Use 2485// googleapi.IsNotModified to check whether the returned error was 2486// because http.StatusNotModified was returned. 2487func (c *IamPoliciesLintPolicyCall) Do(opts ...googleapi.CallOption) (*LintPolicyResponse, error) { 2488 gensupport.SetOptions(c.urlParams_, opts...) 2489 res, err := c.doRequest("json") 2490 if res != nil && res.StatusCode == http.StatusNotModified { 2491 if res.Body != nil { 2492 res.Body.Close() 2493 } 2494 return nil, &googleapi.Error{ 2495 Code: res.StatusCode, 2496 Header: res.Header, 2497 } 2498 } 2499 if err != nil { 2500 return nil, err 2501 } 2502 defer googleapi.CloseBody(res) 2503 if err := googleapi.CheckResponse(res); err != nil { 2504 return nil, err 2505 } 2506 ret := &LintPolicyResponse{ 2507 ServerResponse: googleapi.ServerResponse{ 2508 Header: res.Header, 2509 HTTPStatusCode: res.StatusCode, 2510 }, 2511 } 2512 target := &ret 2513 if err := gensupport.DecodeResponse(target, res); err != nil { 2514 return nil, err 2515 } 2516 return ret, nil 2517 // { 2518 // "description": "Lints a Cloud IAM policy object or its sub fields. Currently supports\ngoogle.iam.v1.Binding.condition.\n\nEach lint operation consists of multiple lint validation units.\nEach unit inspects the input object in regard to a particular linting\naspect and issues a google.iam.admin.v1.LintResult disclosing the\nresult.\n\nThe set of applicable validation units is determined by the Cloud IAM\nserver and is not configurable.\n\nRegardless of any lint issues or their severities, successful calls to\n`lintPolicy` return an HTTP 200 OK status code.", 2519 // "flatPath": "v1/iamPolicies:lintPolicy", 2520 // "httpMethod": "POST", 2521 // "id": "iam.iamPolicies.lintPolicy", 2522 // "parameterOrder": [], 2523 // "parameters": {}, 2524 // "path": "v1/iamPolicies:lintPolicy", 2525 // "request": { 2526 // "$ref": "LintPolicyRequest" 2527 // }, 2528 // "response": { 2529 // "$ref": "LintPolicyResponse" 2530 // }, 2531 // "scopes": [ 2532 // "https://www.googleapis.com/auth/cloud-platform" 2533 // ] 2534 // } 2535 2536} 2537 2538// method id "iam.iamPolicies.queryAuditableServices": 2539 2540type IamPoliciesQueryAuditableServicesCall struct { 2541 s *Service 2542 queryauditableservicesrequest *QueryAuditableServicesRequest 2543 urlParams_ gensupport.URLParams 2544 ctx_ context.Context 2545 header_ http.Header 2546} 2547 2548// QueryAuditableServices: Returns a list of services that support 2549// service level audit logging 2550// configuration for the given resource. 2551func (r *IamPoliciesService) QueryAuditableServices(queryauditableservicesrequest *QueryAuditableServicesRequest) *IamPoliciesQueryAuditableServicesCall { 2552 c := &IamPoliciesQueryAuditableServicesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2553 c.queryauditableservicesrequest = queryauditableservicesrequest 2554 return c 2555} 2556 2557// Fields allows partial responses to be retrieved. See 2558// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2559// for more information. 2560func (c *IamPoliciesQueryAuditableServicesCall) Fields(s ...googleapi.Field) *IamPoliciesQueryAuditableServicesCall { 2561 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2562 return c 2563} 2564 2565// Context sets the context to be used in this call's Do method. Any 2566// pending HTTP request will be aborted if the provided context is 2567// canceled. 2568func (c *IamPoliciesQueryAuditableServicesCall) Context(ctx context.Context) *IamPoliciesQueryAuditableServicesCall { 2569 c.ctx_ = ctx 2570 return c 2571} 2572 2573// Header returns an http.Header that can be modified by the caller to 2574// add HTTP headers to the request. 2575func (c *IamPoliciesQueryAuditableServicesCall) Header() http.Header { 2576 if c.header_ == nil { 2577 c.header_ = make(http.Header) 2578 } 2579 return c.header_ 2580} 2581 2582func (c *IamPoliciesQueryAuditableServicesCall) doRequest(alt string) (*http.Response, error) { 2583 reqHeaders := make(http.Header) 2584 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 2585 for k, v := range c.header_ { 2586 reqHeaders[k] = v 2587 } 2588 reqHeaders.Set("User-Agent", c.s.userAgent()) 2589 var body io.Reader = nil 2590 body, err := googleapi.WithoutDataWrapper.JSONReader(c.queryauditableservicesrequest) 2591 if err != nil { 2592 return nil, err 2593 } 2594 reqHeaders.Set("Content-Type", "application/json") 2595 c.urlParams_.Set("alt", alt) 2596 c.urlParams_.Set("prettyPrint", "false") 2597 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/iamPolicies:queryAuditableServices") 2598 urls += "?" + c.urlParams_.Encode() 2599 req, err := http.NewRequest("POST", urls, body) 2600 if err != nil { 2601 return nil, err 2602 } 2603 req.Header = reqHeaders 2604 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2605} 2606 2607// Do executes the "iam.iamPolicies.queryAuditableServices" call. 2608// Exactly one of *QueryAuditableServicesResponse or error will be 2609// non-nil. Any non-2xx status code is an error. Response headers are in 2610// either *QueryAuditableServicesResponse.ServerResponse.Header or (if a 2611// response was returned at all) in error.(*googleapi.Error).Header. Use 2612// googleapi.IsNotModified to check whether the returned error was 2613// because http.StatusNotModified was returned. 2614func (c *IamPoliciesQueryAuditableServicesCall) Do(opts ...googleapi.CallOption) (*QueryAuditableServicesResponse, error) { 2615 gensupport.SetOptions(c.urlParams_, opts...) 2616 res, err := c.doRequest("json") 2617 if res != nil && res.StatusCode == http.StatusNotModified { 2618 if res.Body != nil { 2619 res.Body.Close() 2620 } 2621 return nil, &googleapi.Error{ 2622 Code: res.StatusCode, 2623 Header: res.Header, 2624 } 2625 } 2626 if err != nil { 2627 return nil, err 2628 } 2629 defer googleapi.CloseBody(res) 2630 if err := googleapi.CheckResponse(res); err != nil { 2631 return nil, err 2632 } 2633 ret := &QueryAuditableServicesResponse{ 2634 ServerResponse: googleapi.ServerResponse{ 2635 Header: res.Header, 2636 HTTPStatusCode: res.StatusCode, 2637 }, 2638 } 2639 target := &ret 2640 if err := gensupport.DecodeResponse(target, res); err != nil { 2641 return nil, err 2642 } 2643 return ret, nil 2644 // { 2645 // "description": "Returns a list of services that support service level audit logging\nconfiguration for the given resource.", 2646 // "flatPath": "v1/iamPolicies:queryAuditableServices", 2647 // "httpMethod": "POST", 2648 // "id": "iam.iamPolicies.queryAuditableServices", 2649 // "parameterOrder": [], 2650 // "parameters": {}, 2651 // "path": "v1/iamPolicies:queryAuditableServices", 2652 // "request": { 2653 // "$ref": "QueryAuditableServicesRequest" 2654 // }, 2655 // "response": { 2656 // "$ref": "QueryAuditableServicesResponse" 2657 // }, 2658 // "scopes": [ 2659 // "https://www.googleapis.com/auth/cloud-platform" 2660 // ] 2661 // } 2662 2663} 2664 2665// method id "iam.organizations.roles.create": 2666 2667type OrganizationsRolesCreateCall struct { 2668 s *Service 2669 parent string 2670 createrolerequest *CreateRoleRequest 2671 urlParams_ gensupport.URLParams 2672 ctx_ context.Context 2673 header_ http.Header 2674} 2675 2676// Create: Creates a new Role. 2677func (r *OrganizationsRolesService) Create(parent string, createrolerequest *CreateRoleRequest) *OrganizationsRolesCreateCall { 2678 c := &OrganizationsRolesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2679 c.parent = parent 2680 c.createrolerequest = createrolerequest 2681 return c 2682} 2683 2684// Fields allows partial responses to be retrieved. See 2685// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2686// for more information. 2687func (c *OrganizationsRolesCreateCall) Fields(s ...googleapi.Field) *OrganizationsRolesCreateCall { 2688 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2689 return c 2690} 2691 2692// Context sets the context to be used in this call's Do method. Any 2693// pending HTTP request will be aborted if the provided context is 2694// canceled. 2695func (c *OrganizationsRolesCreateCall) Context(ctx context.Context) *OrganizationsRolesCreateCall { 2696 c.ctx_ = ctx 2697 return c 2698} 2699 2700// Header returns an http.Header that can be modified by the caller to 2701// add HTTP headers to the request. 2702func (c *OrganizationsRolesCreateCall) Header() http.Header { 2703 if c.header_ == nil { 2704 c.header_ = make(http.Header) 2705 } 2706 return c.header_ 2707} 2708 2709func (c *OrganizationsRolesCreateCall) doRequest(alt string) (*http.Response, error) { 2710 reqHeaders := make(http.Header) 2711 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 2712 for k, v := range c.header_ { 2713 reqHeaders[k] = v 2714 } 2715 reqHeaders.Set("User-Agent", c.s.userAgent()) 2716 var body io.Reader = nil 2717 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createrolerequest) 2718 if err != nil { 2719 return nil, err 2720 } 2721 reqHeaders.Set("Content-Type", "application/json") 2722 c.urlParams_.Set("alt", alt) 2723 c.urlParams_.Set("prettyPrint", "false") 2724 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 2725 urls += "?" + c.urlParams_.Encode() 2726 req, err := http.NewRequest("POST", urls, body) 2727 if err != nil { 2728 return nil, err 2729 } 2730 req.Header = reqHeaders 2731 googleapi.Expand(req.URL, map[string]string{ 2732 "parent": c.parent, 2733 }) 2734 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2735} 2736 2737// Do executes the "iam.organizations.roles.create" call. 2738// Exactly one of *Role or error will be non-nil. Any non-2xx status 2739// code is an error. Response headers are in either 2740// *Role.ServerResponse.Header or (if a response was returned at all) in 2741// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 2742// whether the returned error was because http.StatusNotModified was 2743// returned. 2744func (c *OrganizationsRolesCreateCall) Do(opts ...googleapi.CallOption) (*Role, error) { 2745 gensupport.SetOptions(c.urlParams_, opts...) 2746 res, err := c.doRequest("json") 2747 if res != nil && res.StatusCode == http.StatusNotModified { 2748 if res.Body != nil { 2749 res.Body.Close() 2750 } 2751 return nil, &googleapi.Error{ 2752 Code: res.StatusCode, 2753 Header: res.Header, 2754 } 2755 } 2756 if err != nil { 2757 return nil, err 2758 } 2759 defer googleapi.CloseBody(res) 2760 if err := googleapi.CheckResponse(res); err != nil { 2761 return nil, err 2762 } 2763 ret := &Role{ 2764 ServerResponse: googleapi.ServerResponse{ 2765 Header: res.Header, 2766 HTTPStatusCode: res.StatusCode, 2767 }, 2768 } 2769 target := &ret 2770 if err := gensupport.DecodeResponse(target, res); err != nil { 2771 return nil, err 2772 } 2773 return ret, nil 2774 // { 2775 // "description": "Creates a new Role.", 2776 // "flatPath": "v1/organizations/{organizationsId}/roles", 2777 // "httpMethod": "POST", 2778 // "id": "iam.organizations.roles.create", 2779 // "parameterOrder": [ 2780 // "parent" 2781 // ], 2782 // "parameters": { 2783 // "parent": { 2784 // "description": "The `parent` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `parent` value format is described below:\n\n* [`projects.roles.create()`](/iam/reference/rest/v1/projects.roles/create):\n `projects/{PROJECT_ID}`. This method creates project-level\n [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles`\n\n* [`organizations.roles.create()`](/iam/reference/rest/v1/organizations.roles/create):\n `organizations/{ORGANIZATION_ID}`. This method creates organization-level\n [custom roles](/iam/docs/understanding-custom-roles). Example request\n URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 2785 // "location": "path", 2786 // "pattern": "^organizations/[^/]+$", 2787 // "required": true, 2788 // "type": "string" 2789 // } 2790 // }, 2791 // "path": "v1/{+parent}/roles", 2792 // "request": { 2793 // "$ref": "CreateRoleRequest" 2794 // }, 2795 // "response": { 2796 // "$ref": "Role" 2797 // }, 2798 // "scopes": [ 2799 // "https://www.googleapis.com/auth/cloud-platform" 2800 // ] 2801 // } 2802 2803} 2804 2805// method id "iam.organizations.roles.delete": 2806 2807type OrganizationsRolesDeleteCall struct { 2808 s *Service 2809 name string 2810 urlParams_ gensupport.URLParams 2811 ctx_ context.Context 2812 header_ http.Header 2813} 2814 2815// Delete: Soft deletes a role. The role is suspended and cannot be used 2816// to create new 2817// IAM Policy Bindings. 2818// The Role will not be included in `ListRoles()` unless `show_deleted` 2819// is set 2820// in the `ListRolesRequest`. The Role contains the deleted boolean 2821// set. 2822// Existing Bindings remains, but are inactive. The Role can be 2823// undeleted 2824// within 7 days. After 7 days the Role is deleted and all Bindings 2825// associated 2826// with the role are removed. 2827func (r *OrganizationsRolesService) Delete(name string) *OrganizationsRolesDeleteCall { 2828 c := &OrganizationsRolesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2829 c.name = name 2830 return c 2831} 2832 2833// Etag sets the optional parameter "etag": Used to perform a consistent 2834// read-modify-write. 2835func (c *OrganizationsRolesDeleteCall) Etag(etag string) *OrganizationsRolesDeleteCall { 2836 c.urlParams_.Set("etag", etag) 2837 return c 2838} 2839 2840// Fields allows partial responses to be retrieved. See 2841// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2842// for more information. 2843func (c *OrganizationsRolesDeleteCall) Fields(s ...googleapi.Field) *OrganizationsRolesDeleteCall { 2844 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2845 return c 2846} 2847 2848// Context sets the context to be used in this call's Do method. Any 2849// pending HTTP request will be aborted if the provided context is 2850// canceled. 2851func (c *OrganizationsRolesDeleteCall) Context(ctx context.Context) *OrganizationsRolesDeleteCall { 2852 c.ctx_ = ctx 2853 return c 2854} 2855 2856// Header returns an http.Header that can be modified by the caller to 2857// add HTTP headers to the request. 2858func (c *OrganizationsRolesDeleteCall) Header() http.Header { 2859 if c.header_ == nil { 2860 c.header_ = make(http.Header) 2861 } 2862 return c.header_ 2863} 2864 2865func (c *OrganizationsRolesDeleteCall) doRequest(alt string) (*http.Response, error) { 2866 reqHeaders := make(http.Header) 2867 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 2868 for k, v := range c.header_ { 2869 reqHeaders[k] = v 2870 } 2871 reqHeaders.Set("User-Agent", c.s.userAgent()) 2872 var body io.Reader = nil 2873 c.urlParams_.Set("alt", alt) 2874 c.urlParams_.Set("prettyPrint", "false") 2875 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 2876 urls += "?" + c.urlParams_.Encode() 2877 req, err := http.NewRequest("DELETE", urls, body) 2878 if err != nil { 2879 return nil, err 2880 } 2881 req.Header = reqHeaders 2882 googleapi.Expand(req.URL, map[string]string{ 2883 "name": c.name, 2884 }) 2885 return gensupport.SendRequest(c.ctx_, c.s.client, req) 2886} 2887 2888// Do executes the "iam.organizations.roles.delete" call. 2889// Exactly one of *Role or error will be non-nil. Any non-2xx status 2890// code is an error. Response headers are in either 2891// *Role.ServerResponse.Header or (if a response was returned at all) in 2892// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 2893// whether the returned error was because http.StatusNotModified was 2894// returned. 2895func (c *OrganizationsRolesDeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 2896 gensupport.SetOptions(c.urlParams_, opts...) 2897 res, err := c.doRequest("json") 2898 if res != nil && res.StatusCode == http.StatusNotModified { 2899 if res.Body != nil { 2900 res.Body.Close() 2901 } 2902 return nil, &googleapi.Error{ 2903 Code: res.StatusCode, 2904 Header: res.Header, 2905 } 2906 } 2907 if err != nil { 2908 return nil, err 2909 } 2910 defer googleapi.CloseBody(res) 2911 if err := googleapi.CheckResponse(res); err != nil { 2912 return nil, err 2913 } 2914 ret := &Role{ 2915 ServerResponse: googleapi.ServerResponse{ 2916 Header: res.Header, 2917 HTTPStatusCode: res.StatusCode, 2918 }, 2919 } 2920 target := &ret 2921 if err := gensupport.DecodeResponse(target, res); err != nil { 2922 return nil, err 2923 } 2924 return ret, nil 2925 // { 2926 // "description": "Soft deletes a role. The role is suspended and cannot be used to create new\nIAM Policy Bindings.\nThe Role will not be included in `ListRoles()` unless `show_deleted` is set\nin the `ListRolesRequest`. The Role contains the deleted boolean set.\nExisting Bindings remains, but are inactive. The Role can be undeleted\nwithin 7 days. After 7 days the Role is deleted and all Bindings associated\nwith the role are removed.", 2927 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 2928 // "httpMethod": "DELETE", 2929 // "id": "iam.organizations.roles.delete", 2930 // "parameterOrder": [ 2931 // "name" 2932 // ], 2933 // "parameters": { 2934 // "etag": { 2935 // "description": "Used to perform a consistent read-modify-write.", 2936 // "format": "byte", 2937 // "location": "query", 2938 // "type": "string" 2939 // }, 2940 // "name": { 2941 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`projects.roles.delete()`](/iam/reference/rest/v1/projects.roles/delete):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only\n [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.delete()`](/iam/reference/rest/v1/organizations.roles/delete):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n deletes only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 2942 // "location": "path", 2943 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 2944 // "required": true, 2945 // "type": "string" 2946 // } 2947 // }, 2948 // "path": "v1/{+name}", 2949 // "response": { 2950 // "$ref": "Role" 2951 // }, 2952 // "scopes": [ 2953 // "https://www.googleapis.com/auth/cloud-platform" 2954 // ] 2955 // } 2956 2957} 2958 2959// method id "iam.organizations.roles.get": 2960 2961type OrganizationsRolesGetCall struct { 2962 s *Service 2963 name string 2964 urlParams_ gensupport.URLParams 2965 ifNoneMatch_ string 2966 ctx_ context.Context 2967 header_ http.Header 2968} 2969 2970// Get: Gets a Role definition. 2971func (r *OrganizationsRolesService) Get(name string) *OrganizationsRolesGetCall { 2972 c := &OrganizationsRolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 2973 c.name = name 2974 return c 2975} 2976 2977// Fields allows partial responses to be retrieved. See 2978// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 2979// for more information. 2980func (c *OrganizationsRolesGetCall) Fields(s ...googleapi.Field) *OrganizationsRolesGetCall { 2981 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 2982 return c 2983} 2984 2985// IfNoneMatch sets the optional parameter which makes the operation 2986// fail if the object's ETag matches the given value. This is useful for 2987// getting updates only after the object has changed since the last 2988// request. Use googleapi.IsNotModified to check whether the response 2989// error from Do is the result of In-None-Match. 2990func (c *OrganizationsRolesGetCall) IfNoneMatch(entityTag string) *OrganizationsRolesGetCall { 2991 c.ifNoneMatch_ = entityTag 2992 return c 2993} 2994 2995// Context sets the context to be used in this call's Do method. Any 2996// pending HTTP request will be aborted if the provided context is 2997// canceled. 2998func (c *OrganizationsRolesGetCall) Context(ctx context.Context) *OrganizationsRolesGetCall { 2999 c.ctx_ = ctx 3000 return c 3001} 3002 3003// Header returns an http.Header that can be modified by the caller to 3004// add HTTP headers to the request. 3005func (c *OrganizationsRolesGetCall) Header() http.Header { 3006 if c.header_ == nil { 3007 c.header_ = make(http.Header) 3008 } 3009 return c.header_ 3010} 3011 3012func (c *OrganizationsRolesGetCall) doRequest(alt string) (*http.Response, error) { 3013 reqHeaders := make(http.Header) 3014 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 3015 for k, v := range c.header_ { 3016 reqHeaders[k] = v 3017 } 3018 reqHeaders.Set("User-Agent", c.s.userAgent()) 3019 if c.ifNoneMatch_ != "" { 3020 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3021 } 3022 var body io.Reader = nil 3023 c.urlParams_.Set("alt", alt) 3024 c.urlParams_.Set("prettyPrint", "false") 3025 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3026 urls += "?" + c.urlParams_.Encode() 3027 req, err := http.NewRequest("GET", urls, body) 3028 if err != nil { 3029 return nil, err 3030 } 3031 req.Header = reqHeaders 3032 googleapi.Expand(req.URL, map[string]string{ 3033 "name": c.name, 3034 }) 3035 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3036} 3037 3038// Do executes the "iam.organizations.roles.get" call. 3039// Exactly one of *Role or error will be non-nil. Any non-2xx status 3040// code is an error. Response headers are in either 3041// *Role.ServerResponse.Header or (if a response was returned at all) in 3042// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3043// whether the returned error was because http.StatusNotModified was 3044// returned. 3045func (c *OrganizationsRolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3046 gensupport.SetOptions(c.urlParams_, opts...) 3047 res, err := c.doRequest("json") 3048 if res != nil && res.StatusCode == http.StatusNotModified { 3049 if res.Body != nil { 3050 res.Body.Close() 3051 } 3052 return nil, &googleapi.Error{ 3053 Code: res.StatusCode, 3054 Header: res.Header, 3055 } 3056 } 3057 if err != nil { 3058 return nil, err 3059 } 3060 defer googleapi.CloseBody(res) 3061 if err := googleapi.CheckResponse(res); err != nil { 3062 return nil, err 3063 } 3064 ret := &Role{ 3065 ServerResponse: googleapi.ServerResponse{ 3066 Header: res.Header, 3067 HTTPStatusCode: res.StatusCode, 3068 }, 3069 } 3070 target := &ret 3071 if err := gensupport.DecodeResponse(target, res); err != nil { 3072 return nil, err 3073 } 3074 return ret, nil 3075 // { 3076 // "description": "Gets a Role definition.", 3077 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 3078 // "httpMethod": "GET", 3079 // "id": "iam.organizations.roles.get", 3080 // "parameterOrder": [ 3081 // "name" 3082 // ], 3083 // "parameters": { 3084 // "name": { 3085 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`roles`](/iam/reference/rest/v1/roles),\n[`projects`](/iam/reference/rest/v1/projects.roles), or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`.\n This method returns results from all\n [predefined roles](/iam/docs/understanding-roles#predefined_roles) in\n Cloud IAM. Example request URL:\n `https://iam.googleapis.com/v1/roles/{ROLE_NAME}`\n\n* [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only\n [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n returns only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 3086 // "location": "path", 3087 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3088 // "required": true, 3089 // "type": "string" 3090 // } 3091 // }, 3092 // "path": "v1/{+name}", 3093 // "response": { 3094 // "$ref": "Role" 3095 // }, 3096 // "scopes": [ 3097 // "https://www.googleapis.com/auth/cloud-platform" 3098 // ] 3099 // } 3100 3101} 3102 3103// method id "iam.organizations.roles.list": 3104 3105type OrganizationsRolesListCall struct { 3106 s *Service 3107 parent string 3108 urlParams_ gensupport.URLParams 3109 ifNoneMatch_ string 3110 ctx_ context.Context 3111 header_ http.Header 3112} 3113 3114// List: Lists the Roles defined on a resource. 3115func (r *OrganizationsRolesService) List(parent string) *OrganizationsRolesListCall { 3116 c := &OrganizationsRolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3117 c.parent = parent 3118 return c 3119} 3120 3121// PageSize sets the optional parameter "pageSize": Optional limit on 3122// the number of roles to include in the response. 3123func (c *OrganizationsRolesListCall) PageSize(pageSize int64) *OrganizationsRolesListCall { 3124 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 3125 return c 3126} 3127 3128// PageToken sets the optional parameter "pageToken": Optional 3129// pagination token returned in an earlier ListRolesResponse. 3130func (c *OrganizationsRolesListCall) PageToken(pageToken string) *OrganizationsRolesListCall { 3131 c.urlParams_.Set("pageToken", pageToken) 3132 return c 3133} 3134 3135// ShowDeleted sets the optional parameter "showDeleted": Include Roles 3136// that have been deleted. 3137func (c *OrganizationsRolesListCall) ShowDeleted(showDeleted bool) *OrganizationsRolesListCall { 3138 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 3139 return c 3140} 3141 3142// View sets the optional parameter "view": Optional view for the 3143// returned Role objects. When `FULL` is specified, 3144// the `includedPermissions` field is returned, which includes a list of 3145// all 3146// permissions in the role. The default value is `BASIC`, which does 3147// not 3148// return the `includedPermissions` field. 3149// 3150// Possible values: 3151// "BASIC" 3152// "FULL" 3153func (c *OrganizationsRolesListCall) View(view string) *OrganizationsRolesListCall { 3154 c.urlParams_.Set("view", view) 3155 return c 3156} 3157 3158// Fields allows partial responses to be retrieved. See 3159// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3160// for more information. 3161func (c *OrganizationsRolesListCall) Fields(s ...googleapi.Field) *OrganizationsRolesListCall { 3162 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3163 return c 3164} 3165 3166// IfNoneMatch sets the optional parameter which makes the operation 3167// fail if the object's ETag matches the given value. This is useful for 3168// getting updates only after the object has changed since the last 3169// request. Use googleapi.IsNotModified to check whether the response 3170// error from Do is the result of In-None-Match. 3171func (c *OrganizationsRolesListCall) IfNoneMatch(entityTag string) *OrganizationsRolesListCall { 3172 c.ifNoneMatch_ = entityTag 3173 return c 3174} 3175 3176// Context sets the context to be used in this call's Do method. Any 3177// pending HTTP request will be aborted if the provided context is 3178// canceled. 3179func (c *OrganizationsRolesListCall) Context(ctx context.Context) *OrganizationsRolesListCall { 3180 c.ctx_ = ctx 3181 return c 3182} 3183 3184// Header returns an http.Header that can be modified by the caller to 3185// add HTTP headers to the request. 3186func (c *OrganizationsRolesListCall) Header() http.Header { 3187 if c.header_ == nil { 3188 c.header_ = make(http.Header) 3189 } 3190 return c.header_ 3191} 3192 3193func (c *OrganizationsRolesListCall) doRequest(alt string) (*http.Response, error) { 3194 reqHeaders := make(http.Header) 3195 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 3196 for k, v := range c.header_ { 3197 reqHeaders[k] = v 3198 } 3199 reqHeaders.Set("User-Agent", c.s.userAgent()) 3200 if c.ifNoneMatch_ != "" { 3201 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 3202 } 3203 var body io.Reader = nil 3204 c.urlParams_.Set("alt", alt) 3205 c.urlParams_.Set("prettyPrint", "false") 3206 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 3207 urls += "?" + c.urlParams_.Encode() 3208 req, err := http.NewRequest("GET", urls, body) 3209 if err != nil { 3210 return nil, err 3211 } 3212 req.Header = reqHeaders 3213 googleapi.Expand(req.URL, map[string]string{ 3214 "parent": c.parent, 3215 }) 3216 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3217} 3218 3219// Do executes the "iam.organizations.roles.list" call. 3220// Exactly one of *ListRolesResponse or error will be non-nil. Any 3221// non-2xx status code is an error. Response headers are in either 3222// *ListRolesResponse.ServerResponse.Header or (if a response was 3223// returned at all) in error.(*googleapi.Error).Header. Use 3224// googleapi.IsNotModified to check whether the returned error was 3225// because http.StatusNotModified was returned. 3226func (c *OrganizationsRolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 3227 gensupport.SetOptions(c.urlParams_, opts...) 3228 res, err := c.doRequest("json") 3229 if res != nil && res.StatusCode == http.StatusNotModified { 3230 if res.Body != nil { 3231 res.Body.Close() 3232 } 3233 return nil, &googleapi.Error{ 3234 Code: res.StatusCode, 3235 Header: res.Header, 3236 } 3237 } 3238 if err != nil { 3239 return nil, err 3240 } 3241 defer googleapi.CloseBody(res) 3242 if err := googleapi.CheckResponse(res); err != nil { 3243 return nil, err 3244 } 3245 ret := &ListRolesResponse{ 3246 ServerResponse: googleapi.ServerResponse{ 3247 Header: res.Header, 3248 HTTPStatusCode: res.StatusCode, 3249 }, 3250 } 3251 target := &ret 3252 if err := gensupport.DecodeResponse(target, res); err != nil { 3253 return nil, err 3254 } 3255 return ret, nil 3256 // { 3257 // "description": "Lists the Roles defined on a resource.", 3258 // "flatPath": "v1/organizations/{organizationsId}/roles", 3259 // "httpMethod": "GET", 3260 // "id": "iam.organizations.roles.list", 3261 // "parameterOrder": [ 3262 // "parent" 3263 // ], 3264 // "parameters": { 3265 // "pageSize": { 3266 // "description": "Optional limit on the number of roles to include in the response.", 3267 // "format": "int32", 3268 // "location": "query", 3269 // "type": "integer" 3270 // }, 3271 // "pageToken": { 3272 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 3273 // "location": "query", 3274 // "type": "string" 3275 // }, 3276 // "parent": { 3277 // "description": "The `parent` parameter's value depends on the target resource for the\nrequest, namely\n[`roles`](/iam/reference/rest/v1/roles),\n[`projects`](/iam/reference/rest/v1/projects.roles), or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `parent` value format is described below:\n\n* [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string.\n This method doesn't require a resource; it simply returns all\n [predefined roles](/iam/docs/understanding-roles#predefined_roles) in\n Cloud IAM. Example request URL:\n `https://iam.googleapis.com/v1/roles`\n\n* [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list):\n `projects/{PROJECT_ID}`. This method lists all project-level\n [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles`\n\n* [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list):\n `organizations/{ORGANIZATION_ID}`. This method lists all\n organization-level [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 3278 // "location": "path", 3279 // "pattern": "^organizations/[^/]+$", 3280 // "required": true, 3281 // "type": "string" 3282 // }, 3283 // "showDeleted": { 3284 // "description": "Include Roles that have been deleted.", 3285 // "location": "query", 3286 // "type": "boolean" 3287 // }, 3288 // "view": { 3289 // "description": "Optional view for the returned Role objects. When `FULL` is specified,\nthe `includedPermissions` field is returned, which includes a list of all\npermissions in the role. The default value is `BASIC`, which does not\nreturn the `includedPermissions` field.", 3290 // "enum": [ 3291 // "BASIC", 3292 // "FULL" 3293 // ], 3294 // "location": "query", 3295 // "type": "string" 3296 // } 3297 // }, 3298 // "path": "v1/{+parent}/roles", 3299 // "response": { 3300 // "$ref": "ListRolesResponse" 3301 // }, 3302 // "scopes": [ 3303 // "https://www.googleapis.com/auth/cloud-platform" 3304 // ] 3305 // } 3306 3307} 3308 3309// Pages invokes f for each page of results. 3310// A non-nil error returned from f will halt the iteration. 3311// The provided context supersedes any context provided to the Context method. 3312func (c *OrganizationsRolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 3313 c.ctx_ = ctx 3314 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 3315 for { 3316 x, err := c.Do() 3317 if err != nil { 3318 return err 3319 } 3320 if err := f(x); err != nil { 3321 return err 3322 } 3323 if x.NextPageToken == "" { 3324 return nil 3325 } 3326 c.PageToken(x.NextPageToken) 3327 } 3328} 3329 3330// method id "iam.organizations.roles.patch": 3331 3332type OrganizationsRolesPatchCall struct { 3333 s *Service 3334 name string 3335 role *Role 3336 urlParams_ gensupport.URLParams 3337 ctx_ context.Context 3338 header_ http.Header 3339} 3340 3341// Patch: Updates a Role definition. 3342func (r *OrganizationsRolesService) Patch(name string, role *Role) *OrganizationsRolesPatchCall { 3343 c := &OrganizationsRolesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3344 c.name = name 3345 c.role = role 3346 return c 3347} 3348 3349// UpdateMask sets the optional parameter "updateMask": A mask 3350// describing which fields in the Role have changed. 3351func (c *OrganizationsRolesPatchCall) UpdateMask(updateMask string) *OrganizationsRolesPatchCall { 3352 c.urlParams_.Set("updateMask", updateMask) 3353 return c 3354} 3355 3356// Fields allows partial responses to be retrieved. See 3357// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3358// for more information. 3359func (c *OrganizationsRolesPatchCall) Fields(s ...googleapi.Field) *OrganizationsRolesPatchCall { 3360 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3361 return c 3362} 3363 3364// Context sets the context to be used in this call's Do method. Any 3365// pending HTTP request will be aborted if the provided context is 3366// canceled. 3367func (c *OrganizationsRolesPatchCall) Context(ctx context.Context) *OrganizationsRolesPatchCall { 3368 c.ctx_ = ctx 3369 return c 3370} 3371 3372// Header returns an http.Header that can be modified by the caller to 3373// add HTTP headers to the request. 3374func (c *OrganizationsRolesPatchCall) Header() http.Header { 3375 if c.header_ == nil { 3376 c.header_ = make(http.Header) 3377 } 3378 return c.header_ 3379} 3380 3381func (c *OrganizationsRolesPatchCall) doRequest(alt string) (*http.Response, error) { 3382 reqHeaders := make(http.Header) 3383 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 3384 for k, v := range c.header_ { 3385 reqHeaders[k] = v 3386 } 3387 reqHeaders.Set("User-Agent", c.s.userAgent()) 3388 var body io.Reader = nil 3389 body, err := googleapi.WithoutDataWrapper.JSONReader(c.role) 3390 if err != nil { 3391 return nil, err 3392 } 3393 reqHeaders.Set("Content-Type", "application/json") 3394 c.urlParams_.Set("alt", alt) 3395 c.urlParams_.Set("prettyPrint", "false") 3396 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3397 urls += "?" + c.urlParams_.Encode() 3398 req, err := http.NewRequest("PATCH", urls, body) 3399 if err != nil { 3400 return nil, err 3401 } 3402 req.Header = reqHeaders 3403 googleapi.Expand(req.URL, map[string]string{ 3404 "name": c.name, 3405 }) 3406 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3407} 3408 3409// Do executes the "iam.organizations.roles.patch" call. 3410// Exactly one of *Role or error will be non-nil. Any non-2xx status 3411// code is an error. Response headers are in either 3412// *Role.ServerResponse.Header or (if a response was returned at all) in 3413// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3414// whether the returned error was because http.StatusNotModified was 3415// returned. 3416func (c *OrganizationsRolesPatchCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3417 gensupport.SetOptions(c.urlParams_, opts...) 3418 res, err := c.doRequest("json") 3419 if res != nil && res.StatusCode == http.StatusNotModified { 3420 if res.Body != nil { 3421 res.Body.Close() 3422 } 3423 return nil, &googleapi.Error{ 3424 Code: res.StatusCode, 3425 Header: res.Header, 3426 } 3427 } 3428 if err != nil { 3429 return nil, err 3430 } 3431 defer googleapi.CloseBody(res) 3432 if err := googleapi.CheckResponse(res); err != nil { 3433 return nil, err 3434 } 3435 ret := &Role{ 3436 ServerResponse: googleapi.ServerResponse{ 3437 Header: res.Header, 3438 HTTPStatusCode: res.StatusCode, 3439 }, 3440 } 3441 target := &ret 3442 if err := gensupport.DecodeResponse(target, res); err != nil { 3443 return nil, err 3444 } 3445 return ret, nil 3446 // { 3447 // "description": "Updates a Role definition.", 3448 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}", 3449 // "httpMethod": "PATCH", 3450 // "id": "iam.organizations.roles.patch", 3451 // "parameterOrder": [ 3452 // "name" 3453 // ], 3454 // "parameters": { 3455 // "name": { 3456 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`projects.roles.patch()`](/iam/reference/rest/v1/projects.roles/patch):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only\n [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.patch()`](/iam/reference/rest/v1/organizations.roles/patch):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n updates only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 3457 // "location": "path", 3458 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3459 // "required": true, 3460 // "type": "string" 3461 // }, 3462 // "updateMask": { 3463 // "description": "A mask describing which fields in the Role have changed.", 3464 // "format": "google-fieldmask", 3465 // "location": "query", 3466 // "type": "string" 3467 // } 3468 // }, 3469 // "path": "v1/{+name}", 3470 // "request": { 3471 // "$ref": "Role" 3472 // }, 3473 // "response": { 3474 // "$ref": "Role" 3475 // }, 3476 // "scopes": [ 3477 // "https://www.googleapis.com/auth/cloud-platform" 3478 // ] 3479 // } 3480 3481} 3482 3483// method id "iam.organizations.roles.undelete": 3484 3485type OrganizationsRolesUndeleteCall struct { 3486 s *Service 3487 name string 3488 undeleterolerequest *UndeleteRoleRequest 3489 urlParams_ gensupport.URLParams 3490 ctx_ context.Context 3491 header_ http.Header 3492} 3493 3494// Undelete: Undelete a Role, bringing it back in its previous state. 3495func (r *OrganizationsRolesService) Undelete(name string, undeleterolerequest *UndeleteRoleRequest) *OrganizationsRolesUndeleteCall { 3496 c := &OrganizationsRolesUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3497 c.name = name 3498 c.undeleterolerequest = undeleterolerequest 3499 return c 3500} 3501 3502// Fields allows partial responses to be retrieved. See 3503// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3504// for more information. 3505func (c *OrganizationsRolesUndeleteCall) Fields(s ...googleapi.Field) *OrganizationsRolesUndeleteCall { 3506 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3507 return c 3508} 3509 3510// Context sets the context to be used in this call's Do method. Any 3511// pending HTTP request will be aborted if the provided context is 3512// canceled. 3513func (c *OrganizationsRolesUndeleteCall) Context(ctx context.Context) *OrganizationsRolesUndeleteCall { 3514 c.ctx_ = ctx 3515 return c 3516} 3517 3518// Header returns an http.Header that can be modified by the caller to 3519// add HTTP headers to the request. 3520func (c *OrganizationsRolesUndeleteCall) Header() http.Header { 3521 if c.header_ == nil { 3522 c.header_ = make(http.Header) 3523 } 3524 return c.header_ 3525} 3526 3527func (c *OrganizationsRolesUndeleteCall) doRequest(alt string) (*http.Response, error) { 3528 reqHeaders := make(http.Header) 3529 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 3530 for k, v := range c.header_ { 3531 reqHeaders[k] = v 3532 } 3533 reqHeaders.Set("User-Agent", c.s.userAgent()) 3534 var body io.Reader = nil 3535 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleterolerequest) 3536 if err != nil { 3537 return nil, err 3538 } 3539 reqHeaders.Set("Content-Type", "application/json") 3540 c.urlParams_.Set("alt", alt) 3541 c.urlParams_.Set("prettyPrint", "false") 3542 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 3543 urls += "?" + c.urlParams_.Encode() 3544 req, err := http.NewRequest("POST", urls, body) 3545 if err != nil { 3546 return nil, err 3547 } 3548 req.Header = reqHeaders 3549 googleapi.Expand(req.URL, map[string]string{ 3550 "name": c.name, 3551 }) 3552 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3553} 3554 3555// Do executes the "iam.organizations.roles.undelete" call. 3556// Exactly one of *Role or error will be non-nil. Any non-2xx status 3557// code is an error. Response headers are in either 3558// *Role.ServerResponse.Header or (if a response was returned at all) in 3559// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3560// whether the returned error was because http.StatusNotModified was 3561// returned. 3562func (c *OrganizationsRolesUndeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3563 gensupport.SetOptions(c.urlParams_, opts...) 3564 res, err := c.doRequest("json") 3565 if res != nil && res.StatusCode == http.StatusNotModified { 3566 if res.Body != nil { 3567 res.Body.Close() 3568 } 3569 return nil, &googleapi.Error{ 3570 Code: res.StatusCode, 3571 Header: res.Header, 3572 } 3573 } 3574 if err != nil { 3575 return nil, err 3576 } 3577 defer googleapi.CloseBody(res) 3578 if err := googleapi.CheckResponse(res); err != nil { 3579 return nil, err 3580 } 3581 ret := &Role{ 3582 ServerResponse: googleapi.ServerResponse{ 3583 Header: res.Header, 3584 HTTPStatusCode: res.StatusCode, 3585 }, 3586 } 3587 target := &ret 3588 if err := gensupport.DecodeResponse(target, res); err != nil { 3589 return nil, err 3590 } 3591 return ret, nil 3592 // { 3593 // "description": "Undelete a Role, bringing it back in its previous state.", 3594 // "flatPath": "v1/organizations/{organizationsId}/roles/{rolesId}:undelete", 3595 // "httpMethod": "POST", 3596 // "id": "iam.organizations.roles.undelete", 3597 // "parameterOrder": [ 3598 // "name" 3599 // ], 3600 // "parameters": { 3601 // "name": { 3602 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`projects.roles.undelete()`](/iam/reference/rest/v1/projects.roles/undelete):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes\n only [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.undelete()`](/iam/reference/rest/v1/organizations.roles/undelete):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n undeletes only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 3603 // "location": "path", 3604 // "pattern": "^organizations/[^/]+/roles/[^/]+$", 3605 // "required": true, 3606 // "type": "string" 3607 // } 3608 // }, 3609 // "path": "v1/{+name}:undelete", 3610 // "request": { 3611 // "$ref": "UndeleteRoleRequest" 3612 // }, 3613 // "response": { 3614 // "$ref": "Role" 3615 // }, 3616 // "scopes": [ 3617 // "https://www.googleapis.com/auth/cloud-platform" 3618 // ] 3619 // } 3620 3621} 3622 3623// method id "iam.permissions.queryTestablePermissions": 3624 3625type PermissionsQueryTestablePermissionsCall struct { 3626 s *Service 3627 querytestablepermissionsrequest *QueryTestablePermissionsRequest 3628 urlParams_ gensupport.URLParams 3629 ctx_ context.Context 3630 header_ http.Header 3631} 3632 3633// QueryTestablePermissions: Lists the permissions testable on a 3634// resource. 3635// A permission is testable if it can be tested for an identity on a 3636// resource. 3637func (r *PermissionsService) QueryTestablePermissions(querytestablepermissionsrequest *QueryTestablePermissionsRequest) *PermissionsQueryTestablePermissionsCall { 3638 c := &PermissionsQueryTestablePermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3639 c.querytestablepermissionsrequest = querytestablepermissionsrequest 3640 return c 3641} 3642 3643// Fields allows partial responses to be retrieved. See 3644// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3645// for more information. 3646func (c *PermissionsQueryTestablePermissionsCall) Fields(s ...googleapi.Field) *PermissionsQueryTestablePermissionsCall { 3647 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3648 return c 3649} 3650 3651// Context sets the context to be used in this call's Do method. Any 3652// pending HTTP request will be aborted if the provided context is 3653// canceled. 3654func (c *PermissionsQueryTestablePermissionsCall) Context(ctx context.Context) *PermissionsQueryTestablePermissionsCall { 3655 c.ctx_ = ctx 3656 return c 3657} 3658 3659// Header returns an http.Header that can be modified by the caller to 3660// add HTTP headers to the request. 3661func (c *PermissionsQueryTestablePermissionsCall) Header() http.Header { 3662 if c.header_ == nil { 3663 c.header_ = make(http.Header) 3664 } 3665 return c.header_ 3666} 3667 3668func (c *PermissionsQueryTestablePermissionsCall) doRequest(alt string) (*http.Response, error) { 3669 reqHeaders := make(http.Header) 3670 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 3671 for k, v := range c.header_ { 3672 reqHeaders[k] = v 3673 } 3674 reqHeaders.Set("User-Agent", c.s.userAgent()) 3675 var body io.Reader = nil 3676 body, err := googleapi.WithoutDataWrapper.JSONReader(c.querytestablepermissionsrequest) 3677 if err != nil { 3678 return nil, err 3679 } 3680 reqHeaders.Set("Content-Type", "application/json") 3681 c.urlParams_.Set("alt", alt) 3682 c.urlParams_.Set("prettyPrint", "false") 3683 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/permissions:queryTestablePermissions") 3684 urls += "?" + c.urlParams_.Encode() 3685 req, err := http.NewRequest("POST", urls, body) 3686 if err != nil { 3687 return nil, err 3688 } 3689 req.Header = reqHeaders 3690 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3691} 3692 3693// Do executes the "iam.permissions.queryTestablePermissions" call. 3694// Exactly one of *QueryTestablePermissionsResponse or error will be 3695// non-nil. Any non-2xx status code is an error. Response headers are in 3696// either *QueryTestablePermissionsResponse.ServerResponse.Header or (if 3697// a response was returned at all) in error.(*googleapi.Error).Header. 3698// Use googleapi.IsNotModified to check whether the returned error was 3699// because http.StatusNotModified was returned. 3700func (c *PermissionsQueryTestablePermissionsCall) Do(opts ...googleapi.CallOption) (*QueryTestablePermissionsResponse, error) { 3701 gensupport.SetOptions(c.urlParams_, opts...) 3702 res, err := c.doRequest("json") 3703 if res != nil && res.StatusCode == http.StatusNotModified { 3704 if res.Body != nil { 3705 res.Body.Close() 3706 } 3707 return nil, &googleapi.Error{ 3708 Code: res.StatusCode, 3709 Header: res.Header, 3710 } 3711 } 3712 if err != nil { 3713 return nil, err 3714 } 3715 defer googleapi.CloseBody(res) 3716 if err := googleapi.CheckResponse(res); err != nil { 3717 return nil, err 3718 } 3719 ret := &QueryTestablePermissionsResponse{ 3720 ServerResponse: googleapi.ServerResponse{ 3721 Header: res.Header, 3722 HTTPStatusCode: res.StatusCode, 3723 }, 3724 } 3725 target := &ret 3726 if err := gensupport.DecodeResponse(target, res); err != nil { 3727 return nil, err 3728 } 3729 return ret, nil 3730 // { 3731 // "description": "Lists the permissions testable on a resource.\nA permission is testable if it can be tested for an identity on a resource.", 3732 // "flatPath": "v1/permissions:queryTestablePermissions", 3733 // "httpMethod": "POST", 3734 // "id": "iam.permissions.queryTestablePermissions", 3735 // "parameterOrder": [], 3736 // "parameters": {}, 3737 // "path": "v1/permissions:queryTestablePermissions", 3738 // "request": { 3739 // "$ref": "QueryTestablePermissionsRequest" 3740 // }, 3741 // "response": { 3742 // "$ref": "QueryTestablePermissionsResponse" 3743 // }, 3744 // "scopes": [ 3745 // "https://www.googleapis.com/auth/cloud-platform" 3746 // ] 3747 // } 3748 3749} 3750 3751// Pages invokes f for each page of results. 3752// A non-nil error returned from f will halt the iteration. 3753// The provided context supersedes any context provided to the Context method. 3754func (c *PermissionsQueryTestablePermissionsCall) Pages(ctx context.Context, f func(*QueryTestablePermissionsResponse) error) error { 3755 c.ctx_ = ctx 3756 defer func(pt string) { c.querytestablepermissionsrequest.PageToken = pt }(c.querytestablepermissionsrequest.PageToken) // reset paging to original point 3757 for { 3758 x, err := c.Do() 3759 if err != nil { 3760 return err 3761 } 3762 if err := f(x); err != nil { 3763 return err 3764 } 3765 if x.NextPageToken == "" { 3766 return nil 3767 } 3768 c.querytestablepermissionsrequest.PageToken = x.NextPageToken 3769 } 3770} 3771 3772// method id "iam.projects.roles.create": 3773 3774type ProjectsRolesCreateCall struct { 3775 s *Service 3776 parent string 3777 createrolerequest *CreateRoleRequest 3778 urlParams_ gensupport.URLParams 3779 ctx_ context.Context 3780 header_ http.Header 3781} 3782 3783// Create: Creates a new Role. 3784func (r *ProjectsRolesService) Create(parent string, createrolerequest *CreateRoleRequest) *ProjectsRolesCreateCall { 3785 c := &ProjectsRolesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3786 c.parent = parent 3787 c.createrolerequest = createrolerequest 3788 return c 3789} 3790 3791// Fields allows partial responses to be retrieved. See 3792// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3793// for more information. 3794func (c *ProjectsRolesCreateCall) Fields(s ...googleapi.Field) *ProjectsRolesCreateCall { 3795 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3796 return c 3797} 3798 3799// Context sets the context to be used in this call's Do method. Any 3800// pending HTTP request will be aborted if the provided context is 3801// canceled. 3802func (c *ProjectsRolesCreateCall) Context(ctx context.Context) *ProjectsRolesCreateCall { 3803 c.ctx_ = ctx 3804 return c 3805} 3806 3807// Header returns an http.Header that can be modified by the caller to 3808// add HTTP headers to the request. 3809func (c *ProjectsRolesCreateCall) Header() http.Header { 3810 if c.header_ == nil { 3811 c.header_ = make(http.Header) 3812 } 3813 return c.header_ 3814} 3815 3816func (c *ProjectsRolesCreateCall) doRequest(alt string) (*http.Response, error) { 3817 reqHeaders := make(http.Header) 3818 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 3819 for k, v := range c.header_ { 3820 reqHeaders[k] = v 3821 } 3822 reqHeaders.Set("User-Agent", c.s.userAgent()) 3823 var body io.Reader = nil 3824 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createrolerequest) 3825 if err != nil { 3826 return nil, err 3827 } 3828 reqHeaders.Set("Content-Type", "application/json") 3829 c.urlParams_.Set("alt", alt) 3830 c.urlParams_.Set("prettyPrint", "false") 3831 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 3832 urls += "?" + c.urlParams_.Encode() 3833 req, err := http.NewRequest("POST", urls, body) 3834 if err != nil { 3835 return nil, err 3836 } 3837 req.Header = reqHeaders 3838 googleapi.Expand(req.URL, map[string]string{ 3839 "parent": c.parent, 3840 }) 3841 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3842} 3843 3844// Do executes the "iam.projects.roles.create" call. 3845// Exactly one of *Role or error will be non-nil. Any non-2xx status 3846// code is an error. Response headers are in either 3847// *Role.ServerResponse.Header or (if a response was returned at all) in 3848// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 3849// whether the returned error was because http.StatusNotModified was 3850// returned. 3851func (c *ProjectsRolesCreateCall) Do(opts ...googleapi.CallOption) (*Role, error) { 3852 gensupport.SetOptions(c.urlParams_, opts...) 3853 res, err := c.doRequest("json") 3854 if res != nil && res.StatusCode == http.StatusNotModified { 3855 if res.Body != nil { 3856 res.Body.Close() 3857 } 3858 return nil, &googleapi.Error{ 3859 Code: res.StatusCode, 3860 Header: res.Header, 3861 } 3862 } 3863 if err != nil { 3864 return nil, err 3865 } 3866 defer googleapi.CloseBody(res) 3867 if err := googleapi.CheckResponse(res); err != nil { 3868 return nil, err 3869 } 3870 ret := &Role{ 3871 ServerResponse: googleapi.ServerResponse{ 3872 Header: res.Header, 3873 HTTPStatusCode: res.StatusCode, 3874 }, 3875 } 3876 target := &ret 3877 if err := gensupport.DecodeResponse(target, res); err != nil { 3878 return nil, err 3879 } 3880 return ret, nil 3881 // { 3882 // "description": "Creates a new Role.", 3883 // "flatPath": "v1/projects/{projectsId}/roles", 3884 // "httpMethod": "POST", 3885 // "id": "iam.projects.roles.create", 3886 // "parameterOrder": [ 3887 // "parent" 3888 // ], 3889 // "parameters": { 3890 // "parent": { 3891 // "description": "The `parent` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `parent` value format is described below:\n\n* [`projects.roles.create()`](/iam/reference/rest/v1/projects.roles/create):\n `projects/{PROJECT_ID}`. This method creates project-level\n [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles`\n\n* [`organizations.roles.create()`](/iam/reference/rest/v1/organizations.roles/create):\n `organizations/{ORGANIZATION_ID}`. This method creates organization-level\n [custom roles](/iam/docs/understanding-custom-roles). Example request\n URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 3892 // "location": "path", 3893 // "pattern": "^projects/[^/]+$", 3894 // "required": true, 3895 // "type": "string" 3896 // } 3897 // }, 3898 // "path": "v1/{+parent}/roles", 3899 // "request": { 3900 // "$ref": "CreateRoleRequest" 3901 // }, 3902 // "response": { 3903 // "$ref": "Role" 3904 // }, 3905 // "scopes": [ 3906 // "https://www.googleapis.com/auth/cloud-platform" 3907 // ] 3908 // } 3909 3910} 3911 3912// method id "iam.projects.roles.delete": 3913 3914type ProjectsRolesDeleteCall struct { 3915 s *Service 3916 name string 3917 urlParams_ gensupport.URLParams 3918 ctx_ context.Context 3919 header_ http.Header 3920} 3921 3922// Delete: Soft deletes a role. The role is suspended and cannot be used 3923// to create new 3924// IAM Policy Bindings. 3925// The Role will not be included in `ListRoles()` unless `show_deleted` 3926// is set 3927// in the `ListRolesRequest`. The Role contains the deleted boolean 3928// set. 3929// Existing Bindings remains, but are inactive. The Role can be 3930// undeleted 3931// within 7 days. After 7 days the Role is deleted and all Bindings 3932// associated 3933// with the role are removed. 3934func (r *ProjectsRolesService) Delete(name string) *ProjectsRolesDeleteCall { 3935 c := &ProjectsRolesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 3936 c.name = name 3937 return c 3938} 3939 3940// Etag sets the optional parameter "etag": Used to perform a consistent 3941// read-modify-write. 3942func (c *ProjectsRolesDeleteCall) Etag(etag string) *ProjectsRolesDeleteCall { 3943 c.urlParams_.Set("etag", etag) 3944 return c 3945} 3946 3947// Fields allows partial responses to be retrieved. See 3948// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 3949// for more information. 3950func (c *ProjectsRolesDeleteCall) Fields(s ...googleapi.Field) *ProjectsRolesDeleteCall { 3951 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 3952 return c 3953} 3954 3955// Context sets the context to be used in this call's Do method. Any 3956// pending HTTP request will be aborted if the provided context is 3957// canceled. 3958func (c *ProjectsRolesDeleteCall) Context(ctx context.Context) *ProjectsRolesDeleteCall { 3959 c.ctx_ = ctx 3960 return c 3961} 3962 3963// Header returns an http.Header that can be modified by the caller to 3964// add HTTP headers to the request. 3965func (c *ProjectsRolesDeleteCall) Header() http.Header { 3966 if c.header_ == nil { 3967 c.header_ = make(http.Header) 3968 } 3969 return c.header_ 3970} 3971 3972func (c *ProjectsRolesDeleteCall) doRequest(alt string) (*http.Response, error) { 3973 reqHeaders := make(http.Header) 3974 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 3975 for k, v := range c.header_ { 3976 reqHeaders[k] = v 3977 } 3978 reqHeaders.Set("User-Agent", c.s.userAgent()) 3979 var body io.Reader = nil 3980 c.urlParams_.Set("alt", alt) 3981 c.urlParams_.Set("prettyPrint", "false") 3982 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 3983 urls += "?" + c.urlParams_.Encode() 3984 req, err := http.NewRequest("DELETE", urls, body) 3985 if err != nil { 3986 return nil, err 3987 } 3988 req.Header = reqHeaders 3989 googleapi.Expand(req.URL, map[string]string{ 3990 "name": c.name, 3991 }) 3992 return gensupport.SendRequest(c.ctx_, c.s.client, req) 3993} 3994 3995// Do executes the "iam.projects.roles.delete" call. 3996// Exactly one of *Role or error will be non-nil. Any non-2xx status 3997// code is an error. Response headers are in either 3998// *Role.ServerResponse.Header or (if a response was returned at all) in 3999// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 4000// whether the returned error was because http.StatusNotModified was 4001// returned. 4002func (c *ProjectsRolesDeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 4003 gensupport.SetOptions(c.urlParams_, opts...) 4004 res, err := c.doRequest("json") 4005 if res != nil && res.StatusCode == http.StatusNotModified { 4006 if res.Body != nil { 4007 res.Body.Close() 4008 } 4009 return nil, &googleapi.Error{ 4010 Code: res.StatusCode, 4011 Header: res.Header, 4012 } 4013 } 4014 if err != nil { 4015 return nil, err 4016 } 4017 defer googleapi.CloseBody(res) 4018 if err := googleapi.CheckResponse(res); err != nil { 4019 return nil, err 4020 } 4021 ret := &Role{ 4022 ServerResponse: googleapi.ServerResponse{ 4023 Header: res.Header, 4024 HTTPStatusCode: res.StatusCode, 4025 }, 4026 } 4027 target := &ret 4028 if err := gensupport.DecodeResponse(target, res); err != nil { 4029 return nil, err 4030 } 4031 return ret, nil 4032 // { 4033 // "description": "Soft deletes a role. The role is suspended and cannot be used to create new\nIAM Policy Bindings.\nThe Role will not be included in `ListRoles()` unless `show_deleted` is set\nin the `ListRolesRequest`. The Role contains the deleted boolean set.\nExisting Bindings remains, but are inactive. The Role can be undeleted\nwithin 7 days. After 7 days the Role is deleted and all Bindings associated\nwith the role are removed.", 4034 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 4035 // "httpMethod": "DELETE", 4036 // "id": "iam.projects.roles.delete", 4037 // "parameterOrder": [ 4038 // "name" 4039 // ], 4040 // "parameters": { 4041 // "etag": { 4042 // "description": "Used to perform a consistent read-modify-write.", 4043 // "format": "byte", 4044 // "location": "query", 4045 // "type": "string" 4046 // }, 4047 // "name": { 4048 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`projects.roles.delete()`](/iam/reference/rest/v1/projects.roles/delete):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only\n [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.delete()`](/iam/reference/rest/v1/organizations.roles/delete):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n deletes only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 4049 // "location": "path", 4050 // "pattern": "^projects/[^/]+/roles/[^/]+$", 4051 // "required": true, 4052 // "type": "string" 4053 // } 4054 // }, 4055 // "path": "v1/{+name}", 4056 // "response": { 4057 // "$ref": "Role" 4058 // }, 4059 // "scopes": [ 4060 // "https://www.googleapis.com/auth/cloud-platform" 4061 // ] 4062 // } 4063 4064} 4065 4066// method id "iam.projects.roles.get": 4067 4068type ProjectsRolesGetCall struct { 4069 s *Service 4070 name string 4071 urlParams_ gensupport.URLParams 4072 ifNoneMatch_ string 4073 ctx_ context.Context 4074 header_ http.Header 4075} 4076 4077// Get: Gets a Role definition. 4078func (r *ProjectsRolesService) Get(name string) *ProjectsRolesGetCall { 4079 c := &ProjectsRolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4080 c.name = name 4081 return c 4082} 4083 4084// Fields allows partial responses to be retrieved. See 4085// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4086// for more information. 4087func (c *ProjectsRolesGetCall) Fields(s ...googleapi.Field) *ProjectsRolesGetCall { 4088 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4089 return c 4090} 4091 4092// IfNoneMatch sets the optional parameter which makes the operation 4093// fail if the object's ETag matches the given value. This is useful for 4094// getting updates only after the object has changed since the last 4095// request. Use googleapi.IsNotModified to check whether the response 4096// error from Do is the result of In-None-Match. 4097func (c *ProjectsRolesGetCall) IfNoneMatch(entityTag string) *ProjectsRolesGetCall { 4098 c.ifNoneMatch_ = entityTag 4099 return c 4100} 4101 4102// Context sets the context to be used in this call's Do method. Any 4103// pending HTTP request will be aborted if the provided context is 4104// canceled. 4105func (c *ProjectsRolesGetCall) Context(ctx context.Context) *ProjectsRolesGetCall { 4106 c.ctx_ = ctx 4107 return c 4108} 4109 4110// Header returns an http.Header that can be modified by the caller to 4111// add HTTP headers to the request. 4112func (c *ProjectsRolesGetCall) Header() http.Header { 4113 if c.header_ == nil { 4114 c.header_ = make(http.Header) 4115 } 4116 return c.header_ 4117} 4118 4119func (c *ProjectsRolesGetCall) doRequest(alt string) (*http.Response, error) { 4120 reqHeaders := make(http.Header) 4121 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 4122 for k, v := range c.header_ { 4123 reqHeaders[k] = v 4124 } 4125 reqHeaders.Set("User-Agent", c.s.userAgent()) 4126 if c.ifNoneMatch_ != "" { 4127 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 4128 } 4129 var body io.Reader = nil 4130 c.urlParams_.Set("alt", alt) 4131 c.urlParams_.Set("prettyPrint", "false") 4132 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4133 urls += "?" + c.urlParams_.Encode() 4134 req, err := http.NewRequest("GET", urls, body) 4135 if err != nil { 4136 return nil, err 4137 } 4138 req.Header = reqHeaders 4139 googleapi.Expand(req.URL, map[string]string{ 4140 "name": c.name, 4141 }) 4142 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4143} 4144 4145// Do executes the "iam.projects.roles.get" call. 4146// Exactly one of *Role or error will be non-nil. Any non-2xx status 4147// code is an error. Response headers are in either 4148// *Role.ServerResponse.Header or (if a response was returned at all) in 4149// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 4150// whether the returned error was because http.StatusNotModified was 4151// returned. 4152func (c *ProjectsRolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 4153 gensupport.SetOptions(c.urlParams_, opts...) 4154 res, err := c.doRequest("json") 4155 if res != nil && res.StatusCode == http.StatusNotModified { 4156 if res.Body != nil { 4157 res.Body.Close() 4158 } 4159 return nil, &googleapi.Error{ 4160 Code: res.StatusCode, 4161 Header: res.Header, 4162 } 4163 } 4164 if err != nil { 4165 return nil, err 4166 } 4167 defer googleapi.CloseBody(res) 4168 if err := googleapi.CheckResponse(res); err != nil { 4169 return nil, err 4170 } 4171 ret := &Role{ 4172 ServerResponse: googleapi.ServerResponse{ 4173 Header: res.Header, 4174 HTTPStatusCode: res.StatusCode, 4175 }, 4176 } 4177 target := &ret 4178 if err := gensupport.DecodeResponse(target, res); err != nil { 4179 return nil, err 4180 } 4181 return ret, nil 4182 // { 4183 // "description": "Gets a Role definition.", 4184 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 4185 // "httpMethod": "GET", 4186 // "id": "iam.projects.roles.get", 4187 // "parameterOrder": [ 4188 // "name" 4189 // ], 4190 // "parameters": { 4191 // "name": { 4192 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`roles`](/iam/reference/rest/v1/roles),\n[`projects`](/iam/reference/rest/v1/projects.roles), or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`.\n This method returns results from all\n [predefined roles](/iam/docs/understanding-roles#predefined_roles) in\n Cloud IAM. Example request URL:\n `https://iam.googleapis.com/v1/roles/{ROLE_NAME}`\n\n* [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only\n [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n returns only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 4193 // "location": "path", 4194 // "pattern": "^projects/[^/]+/roles/[^/]+$", 4195 // "required": true, 4196 // "type": "string" 4197 // } 4198 // }, 4199 // "path": "v1/{+name}", 4200 // "response": { 4201 // "$ref": "Role" 4202 // }, 4203 // "scopes": [ 4204 // "https://www.googleapis.com/auth/cloud-platform" 4205 // ] 4206 // } 4207 4208} 4209 4210// method id "iam.projects.roles.list": 4211 4212type ProjectsRolesListCall struct { 4213 s *Service 4214 parent string 4215 urlParams_ gensupport.URLParams 4216 ifNoneMatch_ string 4217 ctx_ context.Context 4218 header_ http.Header 4219} 4220 4221// List: Lists the Roles defined on a resource. 4222func (r *ProjectsRolesService) List(parent string) *ProjectsRolesListCall { 4223 c := &ProjectsRolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4224 c.parent = parent 4225 return c 4226} 4227 4228// PageSize sets the optional parameter "pageSize": Optional limit on 4229// the number of roles to include in the response. 4230func (c *ProjectsRolesListCall) PageSize(pageSize int64) *ProjectsRolesListCall { 4231 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 4232 return c 4233} 4234 4235// PageToken sets the optional parameter "pageToken": Optional 4236// pagination token returned in an earlier ListRolesResponse. 4237func (c *ProjectsRolesListCall) PageToken(pageToken string) *ProjectsRolesListCall { 4238 c.urlParams_.Set("pageToken", pageToken) 4239 return c 4240} 4241 4242// ShowDeleted sets the optional parameter "showDeleted": Include Roles 4243// that have been deleted. 4244func (c *ProjectsRolesListCall) ShowDeleted(showDeleted bool) *ProjectsRolesListCall { 4245 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 4246 return c 4247} 4248 4249// View sets the optional parameter "view": Optional view for the 4250// returned Role objects. When `FULL` is specified, 4251// the `includedPermissions` field is returned, which includes a list of 4252// all 4253// permissions in the role. The default value is `BASIC`, which does 4254// not 4255// return the `includedPermissions` field. 4256// 4257// Possible values: 4258// "BASIC" 4259// "FULL" 4260func (c *ProjectsRolesListCall) View(view string) *ProjectsRolesListCall { 4261 c.urlParams_.Set("view", view) 4262 return c 4263} 4264 4265// Fields allows partial responses to be retrieved. See 4266// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4267// for more information. 4268func (c *ProjectsRolesListCall) Fields(s ...googleapi.Field) *ProjectsRolesListCall { 4269 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4270 return c 4271} 4272 4273// IfNoneMatch sets the optional parameter which makes the operation 4274// fail if the object's ETag matches the given value. This is useful for 4275// getting updates only after the object has changed since the last 4276// request. Use googleapi.IsNotModified to check whether the response 4277// error from Do is the result of In-None-Match. 4278func (c *ProjectsRolesListCall) IfNoneMatch(entityTag string) *ProjectsRolesListCall { 4279 c.ifNoneMatch_ = entityTag 4280 return c 4281} 4282 4283// Context sets the context to be used in this call's Do method. Any 4284// pending HTTP request will be aborted if the provided context is 4285// canceled. 4286func (c *ProjectsRolesListCall) Context(ctx context.Context) *ProjectsRolesListCall { 4287 c.ctx_ = ctx 4288 return c 4289} 4290 4291// Header returns an http.Header that can be modified by the caller to 4292// add HTTP headers to the request. 4293func (c *ProjectsRolesListCall) Header() http.Header { 4294 if c.header_ == nil { 4295 c.header_ = make(http.Header) 4296 } 4297 return c.header_ 4298} 4299 4300func (c *ProjectsRolesListCall) doRequest(alt string) (*http.Response, error) { 4301 reqHeaders := make(http.Header) 4302 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 4303 for k, v := range c.header_ { 4304 reqHeaders[k] = v 4305 } 4306 reqHeaders.Set("User-Agent", c.s.userAgent()) 4307 if c.ifNoneMatch_ != "" { 4308 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 4309 } 4310 var body io.Reader = nil 4311 c.urlParams_.Set("alt", alt) 4312 c.urlParams_.Set("prettyPrint", "false") 4313 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles") 4314 urls += "?" + c.urlParams_.Encode() 4315 req, err := http.NewRequest("GET", urls, body) 4316 if err != nil { 4317 return nil, err 4318 } 4319 req.Header = reqHeaders 4320 googleapi.Expand(req.URL, map[string]string{ 4321 "parent": c.parent, 4322 }) 4323 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4324} 4325 4326// Do executes the "iam.projects.roles.list" call. 4327// Exactly one of *ListRolesResponse or error will be non-nil. Any 4328// non-2xx status code is an error. Response headers are in either 4329// *ListRolesResponse.ServerResponse.Header or (if a response was 4330// returned at all) in error.(*googleapi.Error).Header. Use 4331// googleapi.IsNotModified to check whether the returned error was 4332// because http.StatusNotModified was returned. 4333func (c *ProjectsRolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 4334 gensupport.SetOptions(c.urlParams_, opts...) 4335 res, err := c.doRequest("json") 4336 if res != nil && res.StatusCode == http.StatusNotModified { 4337 if res.Body != nil { 4338 res.Body.Close() 4339 } 4340 return nil, &googleapi.Error{ 4341 Code: res.StatusCode, 4342 Header: res.Header, 4343 } 4344 } 4345 if err != nil { 4346 return nil, err 4347 } 4348 defer googleapi.CloseBody(res) 4349 if err := googleapi.CheckResponse(res); err != nil { 4350 return nil, err 4351 } 4352 ret := &ListRolesResponse{ 4353 ServerResponse: googleapi.ServerResponse{ 4354 Header: res.Header, 4355 HTTPStatusCode: res.StatusCode, 4356 }, 4357 } 4358 target := &ret 4359 if err := gensupport.DecodeResponse(target, res); err != nil { 4360 return nil, err 4361 } 4362 return ret, nil 4363 // { 4364 // "description": "Lists the Roles defined on a resource.", 4365 // "flatPath": "v1/projects/{projectsId}/roles", 4366 // "httpMethod": "GET", 4367 // "id": "iam.projects.roles.list", 4368 // "parameterOrder": [ 4369 // "parent" 4370 // ], 4371 // "parameters": { 4372 // "pageSize": { 4373 // "description": "Optional limit on the number of roles to include in the response.", 4374 // "format": "int32", 4375 // "location": "query", 4376 // "type": "integer" 4377 // }, 4378 // "pageToken": { 4379 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 4380 // "location": "query", 4381 // "type": "string" 4382 // }, 4383 // "parent": { 4384 // "description": "The `parent` parameter's value depends on the target resource for the\nrequest, namely\n[`roles`](/iam/reference/rest/v1/roles),\n[`projects`](/iam/reference/rest/v1/projects.roles), or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `parent` value format is described below:\n\n* [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string.\n This method doesn't require a resource; it simply returns all\n [predefined roles](/iam/docs/understanding-roles#predefined_roles) in\n Cloud IAM. Example request URL:\n `https://iam.googleapis.com/v1/roles`\n\n* [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list):\n `projects/{PROJECT_ID}`. This method lists all project-level\n [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles`\n\n* [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list):\n `organizations/{ORGANIZATION_ID}`. This method lists all\n organization-level [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 4385 // "location": "path", 4386 // "pattern": "^projects/[^/]+$", 4387 // "required": true, 4388 // "type": "string" 4389 // }, 4390 // "showDeleted": { 4391 // "description": "Include Roles that have been deleted.", 4392 // "location": "query", 4393 // "type": "boolean" 4394 // }, 4395 // "view": { 4396 // "description": "Optional view for the returned Role objects. When `FULL` is specified,\nthe `includedPermissions` field is returned, which includes a list of all\npermissions in the role. The default value is `BASIC`, which does not\nreturn the `includedPermissions` field.", 4397 // "enum": [ 4398 // "BASIC", 4399 // "FULL" 4400 // ], 4401 // "location": "query", 4402 // "type": "string" 4403 // } 4404 // }, 4405 // "path": "v1/{+parent}/roles", 4406 // "response": { 4407 // "$ref": "ListRolesResponse" 4408 // }, 4409 // "scopes": [ 4410 // "https://www.googleapis.com/auth/cloud-platform" 4411 // ] 4412 // } 4413 4414} 4415 4416// Pages invokes f for each page of results. 4417// A non-nil error returned from f will halt the iteration. 4418// The provided context supersedes any context provided to the Context method. 4419func (c *ProjectsRolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 4420 c.ctx_ = ctx 4421 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 4422 for { 4423 x, err := c.Do() 4424 if err != nil { 4425 return err 4426 } 4427 if err := f(x); err != nil { 4428 return err 4429 } 4430 if x.NextPageToken == "" { 4431 return nil 4432 } 4433 c.PageToken(x.NextPageToken) 4434 } 4435} 4436 4437// method id "iam.projects.roles.patch": 4438 4439type ProjectsRolesPatchCall struct { 4440 s *Service 4441 name string 4442 role *Role 4443 urlParams_ gensupport.URLParams 4444 ctx_ context.Context 4445 header_ http.Header 4446} 4447 4448// Patch: Updates a Role definition. 4449func (r *ProjectsRolesService) Patch(name string, role *Role) *ProjectsRolesPatchCall { 4450 c := &ProjectsRolesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4451 c.name = name 4452 c.role = role 4453 return c 4454} 4455 4456// UpdateMask sets the optional parameter "updateMask": A mask 4457// describing which fields in the Role have changed. 4458func (c *ProjectsRolesPatchCall) UpdateMask(updateMask string) *ProjectsRolesPatchCall { 4459 c.urlParams_.Set("updateMask", updateMask) 4460 return c 4461} 4462 4463// Fields allows partial responses to be retrieved. See 4464// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4465// for more information. 4466func (c *ProjectsRolesPatchCall) Fields(s ...googleapi.Field) *ProjectsRolesPatchCall { 4467 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4468 return c 4469} 4470 4471// Context sets the context to be used in this call's Do method. Any 4472// pending HTTP request will be aborted if the provided context is 4473// canceled. 4474func (c *ProjectsRolesPatchCall) Context(ctx context.Context) *ProjectsRolesPatchCall { 4475 c.ctx_ = ctx 4476 return c 4477} 4478 4479// Header returns an http.Header that can be modified by the caller to 4480// add HTTP headers to the request. 4481func (c *ProjectsRolesPatchCall) Header() http.Header { 4482 if c.header_ == nil { 4483 c.header_ = make(http.Header) 4484 } 4485 return c.header_ 4486} 4487 4488func (c *ProjectsRolesPatchCall) doRequest(alt string) (*http.Response, error) { 4489 reqHeaders := make(http.Header) 4490 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 4491 for k, v := range c.header_ { 4492 reqHeaders[k] = v 4493 } 4494 reqHeaders.Set("User-Agent", c.s.userAgent()) 4495 var body io.Reader = nil 4496 body, err := googleapi.WithoutDataWrapper.JSONReader(c.role) 4497 if err != nil { 4498 return nil, err 4499 } 4500 reqHeaders.Set("Content-Type", "application/json") 4501 c.urlParams_.Set("alt", alt) 4502 c.urlParams_.Set("prettyPrint", "false") 4503 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4504 urls += "?" + c.urlParams_.Encode() 4505 req, err := http.NewRequest("PATCH", urls, body) 4506 if err != nil { 4507 return nil, err 4508 } 4509 req.Header = reqHeaders 4510 googleapi.Expand(req.URL, map[string]string{ 4511 "name": c.name, 4512 }) 4513 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4514} 4515 4516// Do executes the "iam.projects.roles.patch" call. 4517// Exactly one of *Role or error will be non-nil. Any non-2xx status 4518// code is an error. Response headers are in either 4519// *Role.ServerResponse.Header or (if a response was returned at all) in 4520// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 4521// whether the returned error was because http.StatusNotModified was 4522// returned. 4523func (c *ProjectsRolesPatchCall) Do(opts ...googleapi.CallOption) (*Role, error) { 4524 gensupport.SetOptions(c.urlParams_, opts...) 4525 res, err := c.doRequest("json") 4526 if res != nil && res.StatusCode == http.StatusNotModified { 4527 if res.Body != nil { 4528 res.Body.Close() 4529 } 4530 return nil, &googleapi.Error{ 4531 Code: res.StatusCode, 4532 Header: res.Header, 4533 } 4534 } 4535 if err != nil { 4536 return nil, err 4537 } 4538 defer googleapi.CloseBody(res) 4539 if err := googleapi.CheckResponse(res); err != nil { 4540 return nil, err 4541 } 4542 ret := &Role{ 4543 ServerResponse: googleapi.ServerResponse{ 4544 Header: res.Header, 4545 HTTPStatusCode: res.StatusCode, 4546 }, 4547 } 4548 target := &ret 4549 if err := gensupport.DecodeResponse(target, res); err != nil { 4550 return nil, err 4551 } 4552 return ret, nil 4553 // { 4554 // "description": "Updates a Role definition.", 4555 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}", 4556 // "httpMethod": "PATCH", 4557 // "id": "iam.projects.roles.patch", 4558 // "parameterOrder": [ 4559 // "name" 4560 // ], 4561 // "parameters": { 4562 // "name": { 4563 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`projects.roles.patch()`](/iam/reference/rest/v1/projects.roles/patch):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only\n [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.patch()`](/iam/reference/rest/v1/organizations.roles/patch):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n updates only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 4564 // "location": "path", 4565 // "pattern": "^projects/[^/]+/roles/[^/]+$", 4566 // "required": true, 4567 // "type": "string" 4568 // }, 4569 // "updateMask": { 4570 // "description": "A mask describing which fields in the Role have changed.", 4571 // "format": "google-fieldmask", 4572 // "location": "query", 4573 // "type": "string" 4574 // } 4575 // }, 4576 // "path": "v1/{+name}", 4577 // "request": { 4578 // "$ref": "Role" 4579 // }, 4580 // "response": { 4581 // "$ref": "Role" 4582 // }, 4583 // "scopes": [ 4584 // "https://www.googleapis.com/auth/cloud-platform" 4585 // ] 4586 // } 4587 4588} 4589 4590// method id "iam.projects.roles.undelete": 4591 4592type ProjectsRolesUndeleteCall struct { 4593 s *Service 4594 name string 4595 undeleterolerequest *UndeleteRoleRequest 4596 urlParams_ gensupport.URLParams 4597 ctx_ context.Context 4598 header_ http.Header 4599} 4600 4601// Undelete: Undelete a Role, bringing it back in its previous state. 4602func (r *ProjectsRolesService) Undelete(name string, undeleterolerequest *UndeleteRoleRequest) *ProjectsRolesUndeleteCall { 4603 c := &ProjectsRolesUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4604 c.name = name 4605 c.undeleterolerequest = undeleterolerequest 4606 return c 4607} 4608 4609// Fields allows partial responses to be retrieved. See 4610// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4611// for more information. 4612func (c *ProjectsRolesUndeleteCall) Fields(s ...googleapi.Field) *ProjectsRolesUndeleteCall { 4613 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4614 return c 4615} 4616 4617// Context sets the context to be used in this call's Do method. Any 4618// pending HTTP request will be aborted if the provided context is 4619// canceled. 4620func (c *ProjectsRolesUndeleteCall) Context(ctx context.Context) *ProjectsRolesUndeleteCall { 4621 c.ctx_ = ctx 4622 return c 4623} 4624 4625// Header returns an http.Header that can be modified by the caller to 4626// add HTTP headers to the request. 4627func (c *ProjectsRolesUndeleteCall) Header() http.Header { 4628 if c.header_ == nil { 4629 c.header_ = make(http.Header) 4630 } 4631 return c.header_ 4632} 4633 4634func (c *ProjectsRolesUndeleteCall) doRequest(alt string) (*http.Response, error) { 4635 reqHeaders := make(http.Header) 4636 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 4637 for k, v := range c.header_ { 4638 reqHeaders[k] = v 4639 } 4640 reqHeaders.Set("User-Agent", c.s.userAgent()) 4641 var body io.Reader = nil 4642 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleterolerequest) 4643 if err != nil { 4644 return nil, err 4645 } 4646 reqHeaders.Set("Content-Type", "application/json") 4647 c.urlParams_.Set("alt", alt) 4648 c.urlParams_.Set("prettyPrint", "false") 4649 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 4650 urls += "?" + c.urlParams_.Encode() 4651 req, err := http.NewRequest("POST", urls, body) 4652 if err != nil { 4653 return nil, err 4654 } 4655 req.Header = reqHeaders 4656 googleapi.Expand(req.URL, map[string]string{ 4657 "name": c.name, 4658 }) 4659 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4660} 4661 4662// Do executes the "iam.projects.roles.undelete" call. 4663// Exactly one of *Role or error will be non-nil. Any non-2xx status 4664// code is an error. Response headers are in either 4665// *Role.ServerResponse.Header or (if a response was returned at all) in 4666// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 4667// whether the returned error was because http.StatusNotModified was 4668// returned. 4669func (c *ProjectsRolesUndeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) { 4670 gensupport.SetOptions(c.urlParams_, opts...) 4671 res, err := c.doRequest("json") 4672 if res != nil && res.StatusCode == http.StatusNotModified { 4673 if res.Body != nil { 4674 res.Body.Close() 4675 } 4676 return nil, &googleapi.Error{ 4677 Code: res.StatusCode, 4678 Header: res.Header, 4679 } 4680 } 4681 if err != nil { 4682 return nil, err 4683 } 4684 defer googleapi.CloseBody(res) 4685 if err := googleapi.CheckResponse(res); err != nil { 4686 return nil, err 4687 } 4688 ret := &Role{ 4689 ServerResponse: googleapi.ServerResponse{ 4690 Header: res.Header, 4691 HTTPStatusCode: res.StatusCode, 4692 }, 4693 } 4694 target := &ret 4695 if err := gensupport.DecodeResponse(target, res); err != nil { 4696 return nil, err 4697 } 4698 return ret, nil 4699 // { 4700 // "description": "Undelete a Role, bringing it back in its previous state.", 4701 // "flatPath": "v1/projects/{projectsId}/roles/{rolesId}:undelete", 4702 // "httpMethod": "POST", 4703 // "id": "iam.projects.roles.undelete", 4704 // "parameterOrder": [ 4705 // "name" 4706 // ], 4707 // "parameters": { 4708 // "name": { 4709 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`projects`](/iam/reference/rest/v1/projects.roles) or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`projects.roles.undelete()`](/iam/reference/rest/v1/projects.roles/undelete):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes\n only [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.undelete()`](/iam/reference/rest/v1/organizations.roles/undelete):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n undeletes only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 4710 // "location": "path", 4711 // "pattern": "^projects/[^/]+/roles/[^/]+$", 4712 // "required": true, 4713 // "type": "string" 4714 // } 4715 // }, 4716 // "path": "v1/{+name}:undelete", 4717 // "request": { 4718 // "$ref": "UndeleteRoleRequest" 4719 // }, 4720 // "response": { 4721 // "$ref": "Role" 4722 // }, 4723 // "scopes": [ 4724 // "https://www.googleapis.com/auth/cloud-platform" 4725 // ] 4726 // } 4727 4728} 4729 4730// method id "iam.projects.serviceAccounts.create": 4731 4732type ProjectsServiceAccountsCreateCall struct { 4733 s *Service 4734 name string 4735 createserviceaccountrequest *CreateServiceAccountRequest 4736 urlParams_ gensupport.URLParams 4737 ctx_ context.Context 4738 header_ http.Header 4739} 4740 4741// Create: Creates a ServiceAccount 4742// and returns it. 4743func (r *ProjectsServiceAccountsService) Create(name string, createserviceaccountrequest *CreateServiceAccountRequest) *ProjectsServiceAccountsCreateCall { 4744 c := &ProjectsServiceAccountsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4745 c.name = name 4746 c.createserviceaccountrequest = createserviceaccountrequest 4747 return c 4748} 4749 4750// Fields allows partial responses to be retrieved. See 4751// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4752// for more information. 4753func (c *ProjectsServiceAccountsCreateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsCreateCall { 4754 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4755 return c 4756} 4757 4758// Context sets the context to be used in this call's Do method. Any 4759// pending HTTP request will be aborted if the provided context is 4760// canceled. 4761func (c *ProjectsServiceAccountsCreateCall) Context(ctx context.Context) *ProjectsServiceAccountsCreateCall { 4762 c.ctx_ = ctx 4763 return c 4764} 4765 4766// Header returns an http.Header that can be modified by the caller to 4767// add HTTP headers to the request. 4768func (c *ProjectsServiceAccountsCreateCall) Header() http.Header { 4769 if c.header_ == nil { 4770 c.header_ = make(http.Header) 4771 } 4772 return c.header_ 4773} 4774 4775func (c *ProjectsServiceAccountsCreateCall) doRequest(alt string) (*http.Response, error) { 4776 reqHeaders := make(http.Header) 4777 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 4778 for k, v := range c.header_ { 4779 reqHeaders[k] = v 4780 } 4781 reqHeaders.Set("User-Agent", c.s.userAgent()) 4782 var body io.Reader = nil 4783 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createserviceaccountrequest) 4784 if err != nil { 4785 return nil, err 4786 } 4787 reqHeaders.Set("Content-Type", "application/json") 4788 c.urlParams_.Set("alt", alt) 4789 c.urlParams_.Set("prettyPrint", "false") 4790 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/serviceAccounts") 4791 urls += "?" + c.urlParams_.Encode() 4792 req, err := http.NewRequest("POST", urls, body) 4793 if err != nil { 4794 return nil, err 4795 } 4796 req.Header = reqHeaders 4797 googleapi.Expand(req.URL, map[string]string{ 4798 "name": c.name, 4799 }) 4800 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4801} 4802 4803// Do executes the "iam.projects.serviceAccounts.create" call. 4804// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 4805// status code is an error. Response headers are in either 4806// *ServiceAccount.ServerResponse.Header or (if a response was returned 4807// at all) in error.(*googleapi.Error).Header. Use 4808// googleapi.IsNotModified to check whether the returned error was 4809// because http.StatusNotModified was returned. 4810func (c *ProjectsServiceAccountsCreateCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 4811 gensupport.SetOptions(c.urlParams_, opts...) 4812 res, err := c.doRequest("json") 4813 if res != nil && res.StatusCode == http.StatusNotModified { 4814 if res.Body != nil { 4815 res.Body.Close() 4816 } 4817 return nil, &googleapi.Error{ 4818 Code: res.StatusCode, 4819 Header: res.Header, 4820 } 4821 } 4822 if err != nil { 4823 return nil, err 4824 } 4825 defer googleapi.CloseBody(res) 4826 if err := googleapi.CheckResponse(res); err != nil { 4827 return nil, err 4828 } 4829 ret := &ServiceAccount{ 4830 ServerResponse: googleapi.ServerResponse{ 4831 Header: res.Header, 4832 HTTPStatusCode: res.StatusCode, 4833 }, 4834 } 4835 target := &ret 4836 if err := gensupport.DecodeResponse(target, res); err != nil { 4837 return nil, err 4838 } 4839 return ret, nil 4840 // { 4841 // "description": "Creates a ServiceAccount\nand returns it.", 4842 // "flatPath": "v1/projects/{projectsId}/serviceAccounts", 4843 // "httpMethod": "POST", 4844 // "id": "iam.projects.serviceAccounts.create", 4845 // "parameterOrder": [ 4846 // "name" 4847 // ], 4848 // "parameters": { 4849 // "name": { 4850 // "description": "Required. The resource name of the project associated with the service\naccounts, such as `projects/my-project-123`.", 4851 // "location": "path", 4852 // "pattern": "^projects/[^/]+$", 4853 // "required": true, 4854 // "type": "string" 4855 // } 4856 // }, 4857 // "path": "v1/{+name}/serviceAccounts", 4858 // "request": { 4859 // "$ref": "CreateServiceAccountRequest" 4860 // }, 4861 // "response": { 4862 // "$ref": "ServiceAccount" 4863 // }, 4864 // "scopes": [ 4865 // "https://www.googleapis.com/auth/cloud-platform" 4866 // ] 4867 // } 4868 4869} 4870 4871// method id "iam.projects.serviceAccounts.delete": 4872 4873type ProjectsServiceAccountsDeleteCall struct { 4874 s *Service 4875 name string 4876 urlParams_ gensupport.URLParams 4877 ctx_ context.Context 4878 header_ http.Header 4879} 4880 4881// Delete: Deletes a ServiceAccount. 4882func (r *ProjectsServiceAccountsService) Delete(name string) *ProjectsServiceAccountsDeleteCall { 4883 c := &ProjectsServiceAccountsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 4884 c.name = name 4885 return c 4886} 4887 4888// Fields allows partial responses to be retrieved. See 4889// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 4890// for more information. 4891func (c *ProjectsServiceAccountsDeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsDeleteCall { 4892 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 4893 return c 4894} 4895 4896// Context sets the context to be used in this call's Do method. Any 4897// pending HTTP request will be aborted if the provided context is 4898// canceled. 4899func (c *ProjectsServiceAccountsDeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsDeleteCall { 4900 c.ctx_ = ctx 4901 return c 4902} 4903 4904// Header returns an http.Header that can be modified by the caller to 4905// add HTTP headers to the request. 4906func (c *ProjectsServiceAccountsDeleteCall) Header() http.Header { 4907 if c.header_ == nil { 4908 c.header_ = make(http.Header) 4909 } 4910 return c.header_ 4911} 4912 4913func (c *ProjectsServiceAccountsDeleteCall) doRequest(alt string) (*http.Response, error) { 4914 reqHeaders := make(http.Header) 4915 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 4916 for k, v := range c.header_ { 4917 reqHeaders[k] = v 4918 } 4919 reqHeaders.Set("User-Agent", c.s.userAgent()) 4920 var body io.Reader = nil 4921 c.urlParams_.Set("alt", alt) 4922 c.urlParams_.Set("prettyPrint", "false") 4923 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 4924 urls += "?" + c.urlParams_.Encode() 4925 req, err := http.NewRequest("DELETE", urls, body) 4926 if err != nil { 4927 return nil, err 4928 } 4929 req.Header = reqHeaders 4930 googleapi.Expand(req.URL, map[string]string{ 4931 "name": c.name, 4932 }) 4933 return gensupport.SendRequest(c.ctx_, c.s.client, req) 4934} 4935 4936// Do executes the "iam.projects.serviceAccounts.delete" call. 4937// Exactly one of *Empty or error will be non-nil. Any non-2xx status 4938// code is an error. Response headers are in either 4939// *Empty.ServerResponse.Header or (if a response was returned at all) 4940// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 4941// check whether the returned error was because http.StatusNotModified 4942// was returned. 4943func (c *ProjectsServiceAccountsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 4944 gensupport.SetOptions(c.urlParams_, opts...) 4945 res, err := c.doRequest("json") 4946 if res != nil && res.StatusCode == http.StatusNotModified { 4947 if res.Body != nil { 4948 res.Body.Close() 4949 } 4950 return nil, &googleapi.Error{ 4951 Code: res.StatusCode, 4952 Header: res.Header, 4953 } 4954 } 4955 if err != nil { 4956 return nil, err 4957 } 4958 defer googleapi.CloseBody(res) 4959 if err := googleapi.CheckResponse(res); err != nil { 4960 return nil, err 4961 } 4962 ret := &Empty{ 4963 ServerResponse: googleapi.ServerResponse{ 4964 Header: res.Header, 4965 HTTPStatusCode: res.StatusCode, 4966 }, 4967 } 4968 target := &ret 4969 if err := gensupport.DecodeResponse(target, res); err != nil { 4970 return nil, err 4971 } 4972 return ret, nil 4973 // { 4974 // "description": "Deletes a ServiceAccount.", 4975 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 4976 // "httpMethod": "DELETE", 4977 // "id": "iam.projects.serviceAccounts.delete", 4978 // "parameterOrder": [ 4979 // "name" 4980 // ], 4981 // "parameters": { 4982 // "name": { 4983 // "description": "Required. The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 4984 // "location": "path", 4985 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 4986 // "required": true, 4987 // "type": "string" 4988 // } 4989 // }, 4990 // "path": "v1/{+name}", 4991 // "response": { 4992 // "$ref": "Empty" 4993 // }, 4994 // "scopes": [ 4995 // "https://www.googleapis.com/auth/cloud-platform" 4996 // ] 4997 // } 4998 4999} 5000 5001// method id "iam.projects.serviceAccounts.disable": 5002 5003type ProjectsServiceAccountsDisableCall struct { 5004 s *Service 5005 name string 5006 disableserviceaccountrequest *DisableServiceAccountRequest 5007 urlParams_ gensupport.URLParams 5008 ctx_ context.Context 5009 header_ http.Header 5010} 5011 5012// Disable: DisableServiceAccount is currently in the alpha launch 5013// stage. 5014// 5015// Disables a ServiceAccount, 5016// which immediately prevents the service account from authenticating 5017// and 5018// gaining access to APIs. 5019// 5020// Disabled service accounts can be safely restored by 5021// using 5022// EnableServiceAccount at any point. Deleted service accounts cannot 5023// be 5024// restored using this method. 5025// 5026// Disabling a service account that is bound to VMs, Apps, Functions, 5027// or 5028// other jobs will cause those jobs to lose access to resources if they 5029// are 5030// using the disabled service account. 5031// 5032// To improve reliability of your services and avoid unexpected outages, 5033// it 5034// is recommended to first disable a service account rather than delete 5035// it. 5036// After disabling the service account, wait at least 24 hours to verify 5037// there 5038// are no unintended consequences, and then delete the service account. 5039func (r *ProjectsServiceAccountsService) Disable(name string, disableserviceaccountrequest *DisableServiceAccountRequest) *ProjectsServiceAccountsDisableCall { 5040 c := &ProjectsServiceAccountsDisableCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5041 c.name = name 5042 c.disableserviceaccountrequest = disableserviceaccountrequest 5043 return c 5044} 5045 5046// Fields allows partial responses to be retrieved. See 5047// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5048// for more information. 5049func (c *ProjectsServiceAccountsDisableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsDisableCall { 5050 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5051 return c 5052} 5053 5054// Context sets the context to be used in this call's Do method. Any 5055// pending HTTP request will be aborted if the provided context is 5056// canceled. 5057func (c *ProjectsServiceAccountsDisableCall) Context(ctx context.Context) *ProjectsServiceAccountsDisableCall { 5058 c.ctx_ = ctx 5059 return c 5060} 5061 5062// Header returns an http.Header that can be modified by the caller to 5063// add HTTP headers to the request. 5064func (c *ProjectsServiceAccountsDisableCall) Header() http.Header { 5065 if c.header_ == nil { 5066 c.header_ = make(http.Header) 5067 } 5068 return c.header_ 5069} 5070 5071func (c *ProjectsServiceAccountsDisableCall) doRequest(alt string) (*http.Response, error) { 5072 reqHeaders := make(http.Header) 5073 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 5074 for k, v := range c.header_ { 5075 reqHeaders[k] = v 5076 } 5077 reqHeaders.Set("User-Agent", c.s.userAgent()) 5078 var body io.Reader = nil 5079 body, err := googleapi.WithoutDataWrapper.JSONReader(c.disableserviceaccountrequest) 5080 if err != nil { 5081 return nil, err 5082 } 5083 reqHeaders.Set("Content-Type", "application/json") 5084 c.urlParams_.Set("alt", alt) 5085 c.urlParams_.Set("prettyPrint", "false") 5086 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:disable") 5087 urls += "?" + c.urlParams_.Encode() 5088 req, err := http.NewRequest("POST", urls, body) 5089 if err != nil { 5090 return nil, err 5091 } 5092 req.Header = reqHeaders 5093 googleapi.Expand(req.URL, map[string]string{ 5094 "name": c.name, 5095 }) 5096 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5097} 5098 5099// Do executes the "iam.projects.serviceAccounts.disable" call. 5100// Exactly one of *Empty or error will be non-nil. Any non-2xx status 5101// code is an error. Response headers are in either 5102// *Empty.ServerResponse.Header or (if a response was returned at all) 5103// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 5104// check whether the returned error was because http.StatusNotModified 5105// was returned. 5106func (c *ProjectsServiceAccountsDisableCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 5107 gensupport.SetOptions(c.urlParams_, opts...) 5108 res, err := c.doRequest("json") 5109 if res != nil && res.StatusCode == http.StatusNotModified { 5110 if res.Body != nil { 5111 res.Body.Close() 5112 } 5113 return nil, &googleapi.Error{ 5114 Code: res.StatusCode, 5115 Header: res.Header, 5116 } 5117 } 5118 if err != nil { 5119 return nil, err 5120 } 5121 defer googleapi.CloseBody(res) 5122 if err := googleapi.CheckResponse(res); err != nil { 5123 return nil, err 5124 } 5125 ret := &Empty{ 5126 ServerResponse: googleapi.ServerResponse{ 5127 Header: res.Header, 5128 HTTPStatusCode: res.StatusCode, 5129 }, 5130 } 5131 target := &ret 5132 if err := gensupport.DecodeResponse(target, res); err != nil { 5133 return nil, err 5134 } 5135 return ret, nil 5136 // { 5137 // "description": "DisableServiceAccount is currently in the alpha launch stage.\n\nDisables a ServiceAccount,\nwhich immediately prevents the service account from authenticating and\ngaining access to APIs.\n\nDisabled service accounts can be safely restored by using\nEnableServiceAccount at any point. Deleted service accounts cannot be\nrestored using this method.\n\nDisabling a service account that is bound to VMs, Apps, Functions, or\nother jobs will cause those jobs to lose access to resources if they are\nusing the disabled service account.\n\nTo improve reliability of your services and avoid unexpected outages, it\nis recommended to first disable a service account rather than delete it.\nAfter disabling the service account, wait at least 24 hours to verify there\nare no unintended consequences, and then delete the service account.", 5138 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:disable", 5139 // "httpMethod": "POST", 5140 // "id": "iam.projects.serviceAccounts.disable", 5141 // "parameterOrder": [ 5142 // "name" 5143 // ], 5144 // "parameters": { 5145 // "name": { 5146 // "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 5147 // "location": "path", 5148 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 5149 // "required": true, 5150 // "type": "string" 5151 // } 5152 // }, 5153 // "path": "v1/{+name}:disable", 5154 // "request": { 5155 // "$ref": "DisableServiceAccountRequest" 5156 // }, 5157 // "response": { 5158 // "$ref": "Empty" 5159 // }, 5160 // "scopes": [ 5161 // "https://www.googleapis.com/auth/cloud-platform" 5162 // ] 5163 // } 5164 5165} 5166 5167// method id "iam.projects.serviceAccounts.enable": 5168 5169type ProjectsServiceAccountsEnableCall struct { 5170 s *Service 5171 name string 5172 enableserviceaccountrequest *EnableServiceAccountRequest 5173 urlParams_ gensupport.URLParams 5174 ctx_ context.Context 5175 header_ http.Header 5176} 5177 5178// Enable: EnableServiceAccount is currently in the alpha launch 5179// stage. 5180// 5181// Restores a disabled ServiceAccount 5182// that has been manually disabled by using DisableServiceAccount. 5183// Service 5184// accounts that have been disabled by other means or for other 5185// reasons, 5186// such as abuse, cannot be restored using this method. 5187// 5188// EnableServiceAccount will have no effect on a service account that 5189// is 5190// not disabled. Enabling an already enabled service account will have 5191// no 5192// effect. 5193func (r *ProjectsServiceAccountsService) Enable(name string, enableserviceaccountrequest *EnableServiceAccountRequest) *ProjectsServiceAccountsEnableCall { 5194 c := &ProjectsServiceAccountsEnableCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5195 c.name = name 5196 c.enableserviceaccountrequest = enableserviceaccountrequest 5197 return c 5198} 5199 5200// Fields allows partial responses to be retrieved. See 5201// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5202// for more information. 5203func (c *ProjectsServiceAccountsEnableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsEnableCall { 5204 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5205 return c 5206} 5207 5208// Context sets the context to be used in this call's Do method. Any 5209// pending HTTP request will be aborted if the provided context is 5210// canceled. 5211func (c *ProjectsServiceAccountsEnableCall) Context(ctx context.Context) *ProjectsServiceAccountsEnableCall { 5212 c.ctx_ = ctx 5213 return c 5214} 5215 5216// Header returns an http.Header that can be modified by the caller to 5217// add HTTP headers to the request. 5218func (c *ProjectsServiceAccountsEnableCall) Header() http.Header { 5219 if c.header_ == nil { 5220 c.header_ = make(http.Header) 5221 } 5222 return c.header_ 5223} 5224 5225func (c *ProjectsServiceAccountsEnableCall) doRequest(alt string) (*http.Response, error) { 5226 reqHeaders := make(http.Header) 5227 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 5228 for k, v := range c.header_ { 5229 reqHeaders[k] = v 5230 } 5231 reqHeaders.Set("User-Agent", c.s.userAgent()) 5232 var body io.Reader = nil 5233 body, err := googleapi.WithoutDataWrapper.JSONReader(c.enableserviceaccountrequest) 5234 if err != nil { 5235 return nil, err 5236 } 5237 reqHeaders.Set("Content-Type", "application/json") 5238 c.urlParams_.Set("alt", alt) 5239 c.urlParams_.Set("prettyPrint", "false") 5240 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:enable") 5241 urls += "?" + c.urlParams_.Encode() 5242 req, err := http.NewRequest("POST", urls, body) 5243 if err != nil { 5244 return nil, err 5245 } 5246 req.Header = reqHeaders 5247 googleapi.Expand(req.URL, map[string]string{ 5248 "name": c.name, 5249 }) 5250 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5251} 5252 5253// Do executes the "iam.projects.serviceAccounts.enable" call. 5254// Exactly one of *Empty or error will be non-nil. Any non-2xx status 5255// code is an error. Response headers are in either 5256// *Empty.ServerResponse.Header or (if a response was returned at all) 5257// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 5258// check whether the returned error was because http.StatusNotModified 5259// was returned. 5260func (c *ProjectsServiceAccountsEnableCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 5261 gensupport.SetOptions(c.urlParams_, opts...) 5262 res, err := c.doRequest("json") 5263 if res != nil && res.StatusCode == http.StatusNotModified { 5264 if res.Body != nil { 5265 res.Body.Close() 5266 } 5267 return nil, &googleapi.Error{ 5268 Code: res.StatusCode, 5269 Header: res.Header, 5270 } 5271 } 5272 if err != nil { 5273 return nil, err 5274 } 5275 defer googleapi.CloseBody(res) 5276 if err := googleapi.CheckResponse(res); err != nil { 5277 return nil, err 5278 } 5279 ret := &Empty{ 5280 ServerResponse: googleapi.ServerResponse{ 5281 Header: res.Header, 5282 HTTPStatusCode: res.StatusCode, 5283 }, 5284 } 5285 target := &ret 5286 if err := gensupport.DecodeResponse(target, res); err != nil { 5287 return nil, err 5288 } 5289 return ret, nil 5290 // { 5291 // "description": "EnableServiceAccount is currently in the alpha launch stage.\n\n Restores a disabled ServiceAccount\n that has been manually disabled by using DisableServiceAccount. Service\n accounts that have been disabled by other means or for other reasons,\n such as abuse, cannot be restored using this method.\n\n EnableServiceAccount will have no effect on a service account that is\n not disabled. Enabling an already enabled service account will have no\n effect.", 5292 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:enable", 5293 // "httpMethod": "POST", 5294 // "id": "iam.projects.serviceAccounts.enable", 5295 // "parameterOrder": [ 5296 // "name" 5297 // ], 5298 // "parameters": { 5299 // "name": { 5300 // "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 5301 // "location": "path", 5302 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 5303 // "required": true, 5304 // "type": "string" 5305 // } 5306 // }, 5307 // "path": "v1/{+name}:enable", 5308 // "request": { 5309 // "$ref": "EnableServiceAccountRequest" 5310 // }, 5311 // "response": { 5312 // "$ref": "Empty" 5313 // }, 5314 // "scopes": [ 5315 // "https://www.googleapis.com/auth/cloud-platform" 5316 // ] 5317 // } 5318 5319} 5320 5321// method id "iam.projects.serviceAccounts.get": 5322 5323type ProjectsServiceAccountsGetCall struct { 5324 s *Service 5325 name string 5326 urlParams_ gensupport.URLParams 5327 ifNoneMatch_ string 5328 ctx_ context.Context 5329 header_ http.Header 5330} 5331 5332// Get: Gets a ServiceAccount. 5333func (r *ProjectsServiceAccountsService) Get(name string) *ProjectsServiceAccountsGetCall { 5334 c := &ProjectsServiceAccountsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5335 c.name = name 5336 return c 5337} 5338 5339// Fields allows partial responses to be retrieved. See 5340// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5341// for more information. 5342func (c *ProjectsServiceAccountsGetCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGetCall { 5343 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5344 return c 5345} 5346 5347// IfNoneMatch sets the optional parameter which makes the operation 5348// fail if the object's ETag matches the given value. This is useful for 5349// getting updates only after the object has changed since the last 5350// request. Use googleapi.IsNotModified to check whether the response 5351// error from Do is the result of In-None-Match. 5352func (c *ProjectsServiceAccountsGetCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsGetCall { 5353 c.ifNoneMatch_ = entityTag 5354 return c 5355} 5356 5357// Context sets the context to be used in this call's Do method. Any 5358// pending HTTP request will be aborted if the provided context is 5359// canceled. 5360func (c *ProjectsServiceAccountsGetCall) Context(ctx context.Context) *ProjectsServiceAccountsGetCall { 5361 c.ctx_ = ctx 5362 return c 5363} 5364 5365// Header returns an http.Header that can be modified by the caller to 5366// add HTTP headers to the request. 5367func (c *ProjectsServiceAccountsGetCall) Header() http.Header { 5368 if c.header_ == nil { 5369 c.header_ = make(http.Header) 5370 } 5371 return c.header_ 5372} 5373 5374func (c *ProjectsServiceAccountsGetCall) doRequest(alt string) (*http.Response, error) { 5375 reqHeaders := make(http.Header) 5376 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 5377 for k, v := range c.header_ { 5378 reqHeaders[k] = v 5379 } 5380 reqHeaders.Set("User-Agent", c.s.userAgent()) 5381 if c.ifNoneMatch_ != "" { 5382 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5383 } 5384 var body io.Reader = nil 5385 c.urlParams_.Set("alt", alt) 5386 c.urlParams_.Set("prettyPrint", "false") 5387 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5388 urls += "?" + c.urlParams_.Encode() 5389 req, err := http.NewRequest("GET", urls, body) 5390 if err != nil { 5391 return nil, err 5392 } 5393 req.Header = reqHeaders 5394 googleapi.Expand(req.URL, map[string]string{ 5395 "name": c.name, 5396 }) 5397 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5398} 5399 5400// Do executes the "iam.projects.serviceAccounts.get" call. 5401// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 5402// status code is an error. Response headers are in either 5403// *ServiceAccount.ServerResponse.Header or (if a response was returned 5404// at all) in error.(*googleapi.Error).Header. Use 5405// googleapi.IsNotModified to check whether the returned error was 5406// because http.StatusNotModified was returned. 5407func (c *ProjectsServiceAccountsGetCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 5408 gensupport.SetOptions(c.urlParams_, opts...) 5409 res, err := c.doRequest("json") 5410 if res != nil && res.StatusCode == http.StatusNotModified { 5411 if res.Body != nil { 5412 res.Body.Close() 5413 } 5414 return nil, &googleapi.Error{ 5415 Code: res.StatusCode, 5416 Header: res.Header, 5417 } 5418 } 5419 if err != nil { 5420 return nil, err 5421 } 5422 defer googleapi.CloseBody(res) 5423 if err := googleapi.CheckResponse(res); err != nil { 5424 return nil, err 5425 } 5426 ret := &ServiceAccount{ 5427 ServerResponse: googleapi.ServerResponse{ 5428 Header: res.Header, 5429 HTTPStatusCode: res.StatusCode, 5430 }, 5431 } 5432 target := &ret 5433 if err := gensupport.DecodeResponse(target, res); err != nil { 5434 return nil, err 5435 } 5436 return ret, nil 5437 // { 5438 // "description": "Gets a ServiceAccount.", 5439 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 5440 // "httpMethod": "GET", 5441 // "id": "iam.projects.serviceAccounts.get", 5442 // "parameterOrder": [ 5443 // "name" 5444 // ], 5445 // "parameters": { 5446 // "name": { 5447 // "description": "Required. The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 5448 // "location": "path", 5449 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 5450 // "required": true, 5451 // "type": "string" 5452 // } 5453 // }, 5454 // "path": "v1/{+name}", 5455 // "response": { 5456 // "$ref": "ServiceAccount" 5457 // }, 5458 // "scopes": [ 5459 // "https://www.googleapis.com/auth/cloud-platform" 5460 // ] 5461 // } 5462 5463} 5464 5465// method id "iam.projects.serviceAccounts.getIamPolicy": 5466 5467type ProjectsServiceAccountsGetIamPolicyCall struct { 5468 s *Service 5469 resource string 5470 urlParams_ gensupport.URLParams 5471 ctx_ context.Context 5472 header_ http.Header 5473} 5474 5475// GetIamPolicy: Returns the Cloud IAM access control policy for 5476// a 5477// ServiceAccount. 5478// 5479// Note: Service accounts are both 5480// [resources 5481// and 5482// identities](/iam/docs/service-accounts#service_account_permissions 5483// ). This 5484// method treats the service account as a resource. It returns the Cloud 5485// IAM 5486// policy that reflects what members have access to the service 5487// account. 5488// 5489// This method does not return what resources the service account has 5490// access 5491// to. To see if a service account has access to a resource, call 5492// the 5493// `getIamPolicy` method on the target resource. For example, to view 5494// grants 5495// for a project, call 5496// the 5497// [projects.getIamPolicy](/resource-manager/reference/rest/v1/projec 5498// ts/getIamPolicy) 5499// method. 5500func (r *ProjectsServiceAccountsService) GetIamPolicy(resource string) *ProjectsServiceAccountsGetIamPolicyCall { 5501 c := &ProjectsServiceAccountsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5502 c.resource = resource 5503 return c 5504} 5505 5506// OptionsRequestedPolicyVersion sets the optional parameter 5507// "options.requestedPolicyVersion": The policy format version to be 5508// returned. 5509// 5510// Valid values are 0, 1, and 3. Requests specifying an invalid value 5511// will be 5512// rejected. 5513// 5514// Requests for policies with any conditional bindings must specify 5515// version 3. 5516// Policies without any conditional bindings may specify any valid value 5517// or 5518// leave the field unset. 5519func (c *ProjectsServiceAccountsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsServiceAccountsGetIamPolicyCall { 5520 c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) 5521 return c 5522} 5523 5524// Fields allows partial responses to be retrieved. See 5525// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5526// for more information. 5527func (c *ProjectsServiceAccountsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGetIamPolicyCall { 5528 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5529 return c 5530} 5531 5532// Context sets the context to be used in this call's Do method. Any 5533// pending HTTP request will be aborted if the provided context is 5534// canceled. 5535func (c *ProjectsServiceAccountsGetIamPolicyCall) Context(ctx context.Context) *ProjectsServiceAccountsGetIamPolicyCall { 5536 c.ctx_ = ctx 5537 return c 5538} 5539 5540// Header returns an http.Header that can be modified by the caller to 5541// add HTTP headers to the request. 5542func (c *ProjectsServiceAccountsGetIamPolicyCall) Header() http.Header { 5543 if c.header_ == nil { 5544 c.header_ = make(http.Header) 5545 } 5546 return c.header_ 5547} 5548 5549func (c *ProjectsServiceAccountsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { 5550 reqHeaders := make(http.Header) 5551 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 5552 for k, v := range c.header_ { 5553 reqHeaders[k] = v 5554 } 5555 reqHeaders.Set("User-Agent", c.s.userAgent()) 5556 var body io.Reader = nil 5557 c.urlParams_.Set("alt", alt) 5558 c.urlParams_.Set("prettyPrint", "false") 5559 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy") 5560 urls += "?" + c.urlParams_.Encode() 5561 req, err := http.NewRequest("POST", urls, body) 5562 if err != nil { 5563 return nil, err 5564 } 5565 req.Header = reqHeaders 5566 googleapi.Expand(req.URL, map[string]string{ 5567 "resource": c.resource, 5568 }) 5569 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5570} 5571 5572// Do executes the "iam.projects.serviceAccounts.getIamPolicy" call. 5573// Exactly one of *Policy or error will be non-nil. Any non-2xx status 5574// code is an error. Response headers are in either 5575// *Policy.ServerResponse.Header or (if a response was returned at all) 5576// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 5577// check whether the returned error was because http.StatusNotModified 5578// was returned. 5579func (c *ProjectsServiceAccountsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { 5580 gensupport.SetOptions(c.urlParams_, opts...) 5581 res, err := c.doRequest("json") 5582 if res != nil && res.StatusCode == http.StatusNotModified { 5583 if res.Body != nil { 5584 res.Body.Close() 5585 } 5586 return nil, &googleapi.Error{ 5587 Code: res.StatusCode, 5588 Header: res.Header, 5589 } 5590 } 5591 if err != nil { 5592 return nil, err 5593 } 5594 defer googleapi.CloseBody(res) 5595 if err := googleapi.CheckResponse(res); err != nil { 5596 return nil, err 5597 } 5598 ret := &Policy{ 5599 ServerResponse: googleapi.ServerResponse{ 5600 Header: res.Header, 5601 HTTPStatusCode: res.StatusCode, 5602 }, 5603 } 5604 target := &ret 5605 if err := gensupport.DecodeResponse(target, res); err != nil { 5606 return nil, err 5607 } 5608 return ret, nil 5609 // { 5610 // "description": "Returns the Cloud IAM access control policy for a\nServiceAccount.\n\nNote: Service accounts are both\n[resources and\nidentities](/iam/docs/service-accounts#service_account_permissions). This\nmethod treats the service account as a resource. It returns the Cloud IAM\npolicy that reflects what members have access to the service account.\n\nThis method does not return what resources the service account has access\nto. To see if a service account has access to a resource, call the\n`getIamPolicy` method on the target resource. For example, to view grants\nfor a project, call the\n[projects.getIamPolicy](/resource-manager/reference/rest/v1/projects/getIamPolicy)\nmethod.", 5611 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:getIamPolicy", 5612 // "httpMethod": "POST", 5613 // "id": "iam.projects.serviceAccounts.getIamPolicy", 5614 // "parameterOrder": [ 5615 // "resource" 5616 // ], 5617 // "parameters": { 5618 // "options.requestedPolicyVersion": { 5619 // "description": "Optional. The policy format version to be returned.\n\nValid values are 0, 1, and 3. Requests specifying an invalid value will be\nrejected.\n\nRequests for policies with any conditional bindings must specify version 3.\nPolicies without any conditional bindings may specify any valid value or\nleave the field unset.", 5620 // "format": "int32", 5621 // "location": "query", 5622 // "type": "integer" 5623 // }, 5624 // "resource": { 5625 // "description": "REQUIRED: The resource for which the policy is being requested.\nSee the operation documentation for the appropriate value for this field.", 5626 // "location": "path", 5627 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 5628 // "required": true, 5629 // "type": "string" 5630 // } 5631 // }, 5632 // "path": "v1/{+resource}:getIamPolicy", 5633 // "response": { 5634 // "$ref": "Policy" 5635 // }, 5636 // "scopes": [ 5637 // "https://www.googleapis.com/auth/cloud-platform" 5638 // ] 5639 // } 5640 5641} 5642 5643// method id "iam.projects.serviceAccounts.list": 5644 5645type ProjectsServiceAccountsListCall struct { 5646 s *Service 5647 name string 5648 urlParams_ gensupport.URLParams 5649 ifNoneMatch_ string 5650 ctx_ context.Context 5651 header_ http.Header 5652} 5653 5654// List: Lists ServiceAccounts for a project. 5655func (r *ProjectsServiceAccountsService) List(name string) *ProjectsServiceAccountsListCall { 5656 c := &ProjectsServiceAccountsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5657 c.name = name 5658 return c 5659} 5660 5661// PageSize sets the optional parameter "pageSize": Optional limit on 5662// the number of service accounts to include in the 5663// response. Further accounts can subsequently be obtained by including 5664// the 5665// ListServiceAccountsResponse.next_page_token 5666// in a subsequent request. 5667func (c *ProjectsServiceAccountsListCall) PageSize(pageSize int64) *ProjectsServiceAccountsListCall { 5668 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 5669 return c 5670} 5671 5672// PageToken sets the optional parameter "pageToken": Optional 5673// pagination token returned in an 5674// earlier 5675// ListServiceAccountsResponse.next_page_token. 5676func (c *ProjectsServiceAccountsListCall) PageToken(pageToken string) *ProjectsServiceAccountsListCall { 5677 c.urlParams_.Set("pageToken", pageToken) 5678 return c 5679} 5680 5681// Fields allows partial responses to be retrieved. See 5682// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5683// for more information. 5684func (c *ProjectsServiceAccountsListCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsListCall { 5685 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5686 return c 5687} 5688 5689// IfNoneMatch sets the optional parameter which makes the operation 5690// fail if the object's ETag matches the given value. This is useful for 5691// getting updates only after the object has changed since the last 5692// request. Use googleapi.IsNotModified to check whether the response 5693// error from Do is the result of In-None-Match. 5694func (c *ProjectsServiceAccountsListCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsListCall { 5695 c.ifNoneMatch_ = entityTag 5696 return c 5697} 5698 5699// Context sets the context to be used in this call's Do method. Any 5700// pending HTTP request will be aborted if the provided context is 5701// canceled. 5702func (c *ProjectsServiceAccountsListCall) Context(ctx context.Context) *ProjectsServiceAccountsListCall { 5703 c.ctx_ = ctx 5704 return c 5705} 5706 5707// Header returns an http.Header that can be modified by the caller to 5708// add HTTP headers to the request. 5709func (c *ProjectsServiceAccountsListCall) Header() http.Header { 5710 if c.header_ == nil { 5711 c.header_ = make(http.Header) 5712 } 5713 return c.header_ 5714} 5715 5716func (c *ProjectsServiceAccountsListCall) doRequest(alt string) (*http.Response, error) { 5717 reqHeaders := make(http.Header) 5718 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 5719 for k, v := range c.header_ { 5720 reqHeaders[k] = v 5721 } 5722 reqHeaders.Set("User-Agent", c.s.userAgent()) 5723 if c.ifNoneMatch_ != "" { 5724 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5725 } 5726 var body io.Reader = nil 5727 c.urlParams_.Set("alt", alt) 5728 c.urlParams_.Set("prettyPrint", "false") 5729 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/serviceAccounts") 5730 urls += "?" + c.urlParams_.Encode() 5731 req, err := http.NewRequest("GET", urls, body) 5732 if err != nil { 5733 return nil, err 5734 } 5735 req.Header = reqHeaders 5736 googleapi.Expand(req.URL, map[string]string{ 5737 "name": c.name, 5738 }) 5739 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5740} 5741 5742// Do executes the "iam.projects.serviceAccounts.list" call. 5743// Exactly one of *ListServiceAccountsResponse or error will be non-nil. 5744// Any non-2xx status code is an error. Response headers are in either 5745// *ListServiceAccountsResponse.ServerResponse.Header or (if a response 5746// was returned at all) in error.(*googleapi.Error).Header. Use 5747// googleapi.IsNotModified to check whether the returned error was 5748// because http.StatusNotModified was returned. 5749func (c *ProjectsServiceAccountsListCall) Do(opts ...googleapi.CallOption) (*ListServiceAccountsResponse, error) { 5750 gensupport.SetOptions(c.urlParams_, opts...) 5751 res, err := c.doRequest("json") 5752 if res != nil && res.StatusCode == http.StatusNotModified { 5753 if res.Body != nil { 5754 res.Body.Close() 5755 } 5756 return nil, &googleapi.Error{ 5757 Code: res.StatusCode, 5758 Header: res.Header, 5759 } 5760 } 5761 if err != nil { 5762 return nil, err 5763 } 5764 defer googleapi.CloseBody(res) 5765 if err := googleapi.CheckResponse(res); err != nil { 5766 return nil, err 5767 } 5768 ret := &ListServiceAccountsResponse{ 5769 ServerResponse: googleapi.ServerResponse{ 5770 Header: res.Header, 5771 HTTPStatusCode: res.StatusCode, 5772 }, 5773 } 5774 target := &ret 5775 if err := gensupport.DecodeResponse(target, res); err != nil { 5776 return nil, err 5777 } 5778 return ret, nil 5779 // { 5780 // "description": "Lists ServiceAccounts for a project.", 5781 // "flatPath": "v1/projects/{projectsId}/serviceAccounts", 5782 // "httpMethod": "GET", 5783 // "id": "iam.projects.serviceAccounts.list", 5784 // "parameterOrder": [ 5785 // "name" 5786 // ], 5787 // "parameters": { 5788 // "name": { 5789 // "description": "Required. The resource name of the project associated with the service\naccounts, such as `projects/my-project-123`.", 5790 // "location": "path", 5791 // "pattern": "^projects/[^/]+$", 5792 // "required": true, 5793 // "type": "string" 5794 // }, 5795 // "pageSize": { 5796 // "description": "Optional limit on the number of service accounts to include in the\nresponse. Further accounts can subsequently be obtained by including the\nListServiceAccountsResponse.next_page_token\nin a subsequent request.", 5797 // "format": "int32", 5798 // "location": "query", 5799 // "type": "integer" 5800 // }, 5801 // "pageToken": { 5802 // "description": "Optional pagination token returned in an earlier\nListServiceAccountsResponse.next_page_token.", 5803 // "location": "query", 5804 // "type": "string" 5805 // } 5806 // }, 5807 // "path": "v1/{+name}/serviceAccounts", 5808 // "response": { 5809 // "$ref": "ListServiceAccountsResponse" 5810 // }, 5811 // "scopes": [ 5812 // "https://www.googleapis.com/auth/cloud-platform" 5813 // ] 5814 // } 5815 5816} 5817 5818// Pages invokes f for each page of results. 5819// A non-nil error returned from f will halt the iteration. 5820// The provided context supersedes any context provided to the Context method. 5821func (c *ProjectsServiceAccountsListCall) Pages(ctx context.Context, f func(*ListServiceAccountsResponse) error) error { 5822 c.ctx_ = ctx 5823 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 5824 for { 5825 x, err := c.Do() 5826 if err != nil { 5827 return err 5828 } 5829 if err := f(x); err != nil { 5830 return err 5831 } 5832 if x.NextPageToken == "" { 5833 return nil 5834 } 5835 c.PageToken(x.NextPageToken) 5836 } 5837} 5838 5839// method id "iam.projects.serviceAccounts.patch": 5840 5841type ProjectsServiceAccountsPatchCall struct { 5842 s *Service 5843 name string 5844 patchserviceaccountrequest *PatchServiceAccountRequest 5845 urlParams_ gensupport.URLParams 5846 ctx_ context.Context 5847 header_ http.Header 5848} 5849 5850// Patch: Patches a ServiceAccount. 5851// 5852// Currently, only the following fields are updatable: 5853// `display_name` and `description`. 5854// 5855// Only fields specified in the request are guaranteed to be returned 5856// in 5857// the response. Other fields in the response may be empty. 5858// 5859// Note: The field mask is required. 5860func (r *ProjectsServiceAccountsService) Patch(name string, patchserviceaccountrequest *PatchServiceAccountRequest) *ProjectsServiceAccountsPatchCall { 5861 c := &ProjectsServiceAccountsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5862 c.name = name 5863 c.patchserviceaccountrequest = patchserviceaccountrequest 5864 return c 5865} 5866 5867// Fields allows partial responses to be retrieved. See 5868// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5869// for more information. 5870func (c *ProjectsServiceAccountsPatchCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsPatchCall { 5871 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5872 return c 5873} 5874 5875// Context sets the context to be used in this call's Do method. Any 5876// pending HTTP request will be aborted if the provided context is 5877// canceled. 5878func (c *ProjectsServiceAccountsPatchCall) Context(ctx context.Context) *ProjectsServiceAccountsPatchCall { 5879 c.ctx_ = ctx 5880 return c 5881} 5882 5883// Header returns an http.Header that can be modified by the caller to 5884// add HTTP headers to the request. 5885func (c *ProjectsServiceAccountsPatchCall) Header() http.Header { 5886 if c.header_ == nil { 5887 c.header_ = make(http.Header) 5888 } 5889 return c.header_ 5890} 5891 5892func (c *ProjectsServiceAccountsPatchCall) doRequest(alt string) (*http.Response, error) { 5893 reqHeaders := make(http.Header) 5894 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 5895 for k, v := range c.header_ { 5896 reqHeaders[k] = v 5897 } 5898 reqHeaders.Set("User-Agent", c.s.userAgent()) 5899 var body io.Reader = nil 5900 body, err := googleapi.WithoutDataWrapper.JSONReader(c.patchserviceaccountrequest) 5901 if err != nil { 5902 return nil, err 5903 } 5904 reqHeaders.Set("Content-Type", "application/json") 5905 c.urlParams_.Set("alt", alt) 5906 c.urlParams_.Set("prettyPrint", "false") 5907 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5908 urls += "?" + c.urlParams_.Encode() 5909 req, err := http.NewRequest("PATCH", urls, body) 5910 if err != nil { 5911 return nil, err 5912 } 5913 req.Header = reqHeaders 5914 googleapi.Expand(req.URL, map[string]string{ 5915 "name": c.name, 5916 }) 5917 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5918} 5919 5920// Do executes the "iam.projects.serviceAccounts.patch" call. 5921// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 5922// status code is an error. Response headers are in either 5923// *ServiceAccount.ServerResponse.Header or (if a response was returned 5924// at all) in error.(*googleapi.Error).Header. Use 5925// googleapi.IsNotModified to check whether the returned error was 5926// because http.StatusNotModified was returned. 5927func (c *ProjectsServiceAccountsPatchCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 5928 gensupport.SetOptions(c.urlParams_, opts...) 5929 res, err := c.doRequest("json") 5930 if res != nil && res.StatusCode == http.StatusNotModified { 5931 if res.Body != nil { 5932 res.Body.Close() 5933 } 5934 return nil, &googleapi.Error{ 5935 Code: res.StatusCode, 5936 Header: res.Header, 5937 } 5938 } 5939 if err != nil { 5940 return nil, err 5941 } 5942 defer googleapi.CloseBody(res) 5943 if err := googleapi.CheckResponse(res); err != nil { 5944 return nil, err 5945 } 5946 ret := &ServiceAccount{ 5947 ServerResponse: googleapi.ServerResponse{ 5948 Header: res.Header, 5949 HTTPStatusCode: res.StatusCode, 5950 }, 5951 } 5952 target := &ret 5953 if err := gensupport.DecodeResponse(target, res); err != nil { 5954 return nil, err 5955 } 5956 return ret, nil 5957 // { 5958 // "description": "Patches a ServiceAccount.\n\nCurrently, only the following fields are updatable:\n`display_name` and `description`.\n\nOnly fields specified in the request are guaranteed to be returned in\nthe response. Other fields in the response may be empty.\n\nNote: The field mask is required.", 5959 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 5960 // "httpMethod": "PATCH", 5961 // "id": "iam.projects.serviceAccounts.patch", 5962 // "parameterOrder": [ 5963 // "name" 5964 // ], 5965 // "parameters": { 5966 // "name": { 5967 // "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\n\nRequests using `-` as a wildcard for the `PROJECT_ID` will infer the\nproject from the `account` and the `ACCOUNT` value can be the `email`\naddress or the `unique_id` of the service account.\n\nIn responses the resource name will always be in the format\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.", 5968 // "location": "path", 5969 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 5970 // "required": true, 5971 // "type": "string" 5972 // } 5973 // }, 5974 // "path": "v1/{+name}", 5975 // "request": { 5976 // "$ref": "PatchServiceAccountRequest" 5977 // }, 5978 // "response": { 5979 // "$ref": "ServiceAccount" 5980 // }, 5981 // "scopes": [ 5982 // "https://www.googleapis.com/auth/cloud-platform" 5983 // ] 5984 // } 5985 5986} 5987 5988// method id "iam.projects.serviceAccounts.setIamPolicy": 5989 5990type ProjectsServiceAccountsSetIamPolicyCall struct { 5991 s *Service 5992 resource string 5993 setiampolicyrequest *SetIamPolicyRequest 5994 urlParams_ gensupport.URLParams 5995 ctx_ context.Context 5996 header_ http.Header 5997} 5998 5999// SetIamPolicy: Sets the Cloud IAM access control policy for 6000// a 6001// ServiceAccount. 6002// 6003// Note: Service accounts are both 6004// [resources 6005// and 6006// identities](/iam/docs/service-accounts#service_account_permissions 6007// ). This 6008// method treats the service account as a resource. Use it to grant 6009// members 6010// access to the service account, such as when they need to impersonate 6011// it. 6012// 6013// This method does not grant the service account access to other 6014// resources, 6015// such as projects. To grant a service account access to resources, 6016// include 6017// the service account in the Cloud IAM policy for the desired resource, 6018// then 6019// call the appropriate `setIamPolicy` method on the target resource. 6020// For 6021// example, to grant a service account access to a project, call 6022// the 6023// [projects.setIamPolicy](/resource-manager/reference/rest/v1/projec 6024// ts/setIamPolicy) 6025// method. 6026func (r *ProjectsServiceAccountsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsServiceAccountsSetIamPolicyCall { 6027 c := &ProjectsServiceAccountsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6028 c.resource = resource 6029 c.setiampolicyrequest = setiampolicyrequest 6030 return c 6031} 6032 6033// Fields allows partial responses to be retrieved. See 6034// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6035// for more information. 6036func (c *ProjectsServiceAccountsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSetIamPolicyCall { 6037 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6038 return c 6039} 6040 6041// Context sets the context to be used in this call's Do method. Any 6042// pending HTTP request will be aborted if the provided context is 6043// canceled. 6044func (c *ProjectsServiceAccountsSetIamPolicyCall) Context(ctx context.Context) *ProjectsServiceAccountsSetIamPolicyCall { 6045 c.ctx_ = ctx 6046 return c 6047} 6048 6049// Header returns an http.Header that can be modified by the caller to 6050// add HTTP headers to the request. 6051func (c *ProjectsServiceAccountsSetIamPolicyCall) Header() http.Header { 6052 if c.header_ == nil { 6053 c.header_ = make(http.Header) 6054 } 6055 return c.header_ 6056} 6057 6058func (c *ProjectsServiceAccountsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { 6059 reqHeaders := make(http.Header) 6060 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 6061 for k, v := range c.header_ { 6062 reqHeaders[k] = v 6063 } 6064 reqHeaders.Set("User-Agent", c.s.userAgent()) 6065 var body io.Reader = nil 6066 body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) 6067 if err != nil { 6068 return nil, err 6069 } 6070 reqHeaders.Set("Content-Type", "application/json") 6071 c.urlParams_.Set("alt", alt) 6072 c.urlParams_.Set("prettyPrint", "false") 6073 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy") 6074 urls += "?" + c.urlParams_.Encode() 6075 req, err := http.NewRequest("POST", urls, body) 6076 if err != nil { 6077 return nil, err 6078 } 6079 req.Header = reqHeaders 6080 googleapi.Expand(req.URL, map[string]string{ 6081 "resource": c.resource, 6082 }) 6083 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6084} 6085 6086// Do executes the "iam.projects.serviceAccounts.setIamPolicy" call. 6087// Exactly one of *Policy or error will be non-nil. Any non-2xx status 6088// code is an error. Response headers are in either 6089// *Policy.ServerResponse.Header or (if a response was returned at all) 6090// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 6091// check whether the returned error was because http.StatusNotModified 6092// was returned. 6093func (c *ProjectsServiceAccountsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { 6094 gensupport.SetOptions(c.urlParams_, opts...) 6095 res, err := c.doRequest("json") 6096 if res != nil && res.StatusCode == http.StatusNotModified { 6097 if res.Body != nil { 6098 res.Body.Close() 6099 } 6100 return nil, &googleapi.Error{ 6101 Code: res.StatusCode, 6102 Header: res.Header, 6103 } 6104 } 6105 if err != nil { 6106 return nil, err 6107 } 6108 defer googleapi.CloseBody(res) 6109 if err := googleapi.CheckResponse(res); err != nil { 6110 return nil, err 6111 } 6112 ret := &Policy{ 6113 ServerResponse: googleapi.ServerResponse{ 6114 Header: res.Header, 6115 HTTPStatusCode: res.StatusCode, 6116 }, 6117 } 6118 target := &ret 6119 if err := gensupport.DecodeResponse(target, res); err != nil { 6120 return nil, err 6121 } 6122 return ret, nil 6123 // { 6124 // "description": "Sets the Cloud IAM access control policy for a\nServiceAccount.\n\nNote: Service accounts are both\n[resources and\nidentities](/iam/docs/service-accounts#service_account_permissions). This\nmethod treats the service account as a resource. Use it to grant members\naccess to the service account, such as when they need to impersonate it.\n\nThis method does not grant the service account access to other resources,\nsuch as projects. To grant a service account access to resources, include\nthe service account in the Cloud IAM policy for the desired resource, then\ncall the appropriate `setIamPolicy` method on the target resource. For\nexample, to grant a service account access to a project, call the\n[projects.setIamPolicy](/resource-manager/reference/rest/v1/projects/setIamPolicy)\nmethod.", 6125 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:setIamPolicy", 6126 // "httpMethod": "POST", 6127 // "id": "iam.projects.serviceAccounts.setIamPolicy", 6128 // "parameterOrder": [ 6129 // "resource" 6130 // ], 6131 // "parameters": { 6132 // "resource": { 6133 // "description": "REQUIRED: The resource for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.", 6134 // "location": "path", 6135 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 6136 // "required": true, 6137 // "type": "string" 6138 // } 6139 // }, 6140 // "path": "v1/{+resource}:setIamPolicy", 6141 // "request": { 6142 // "$ref": "SetIamPolicyRequest" 6143 // }, 6144 // "response": { 6145 // "$ref": "Policy" 6146 // }, 6147 // "scopes": [ 6148 // "https://www.googleapis.com/auth/cloud-platform" 6149 // ] 6150 // } 6151 6152} 6153 6154// method id "iam.projects.serviceAccounts.signBlob": 6155 6156type ProjectsServiceAccountsSignBlobCall struct { 6157 s *Service 6158 name string 6159 signblobrequest *SignBlobRequest 6160 urlParams_ gensupport.URLParams 6161 ctx_ context.Context 6162 header_ http.Header 6163} 6164 6165// SignBlob: **Note**: This method is in the process of being 6166// deprecated. Call 6167// the 6168// [`signBlob()`](/iam/credentials/reference/rest/v1/projects.service 6169// Accounts/signBlob) 6170// method of the Cloud IAM Service Account Credentials API 6171// instead. 6172// 6173// Signs a blob using a service account's system-managed private key. 6174func (r *ProjectsServiceAccountsService) SignBlob(name string, signblobrequest *SignBlobRequest) *ProjectsServiceAccountsSignBlobCall { 6175 c := &ProjectsServiceAccountsSignBlobCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6176 c.name = name 6177 c.signblobrequest = signblobrequest 6178 return c 6179} 6180 6181// Fields allows partial responses to be retrieved. See 6182// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6183// for more information. 6184func (c *ProjectsServiceAccountsSignBlobCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignBlobCall { 6185 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6186 return c 6187} 6188 6189// Context sets the context to be used in this call's Do method. Any 6190// pending HTTP request will be aborted if the provided context is 6191// canceled. 6192func (c *ProjectsServiceAccountsSignBlobCall) Context(ctx context.Context) *ProjectsServiceAccountsSignBlobCall { 6193 c.ctx_ = ctx 6194 return c 6195} 6196 6197// Header returns an http.Header that can be modified by the caller to 6198// add HTTP headers to the request. 6199func (c *ProjectsServiceAccountsSignBlobCall) Header() http.Header { 6200 if c.header_ == nil { 6201 c.header_ = make(http.Header) 6202 } 6203 return c.header_ 6204} 6205 6206func (c *ProjectsServiceAccountsSignBlobCall) doRequest(alt string) (*http.Response, error) { 6207 reqHeaders := make(http.Header) 6208 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 6209 for k, v := range c.header_ { 6210 reqHeaders[k] = v 6211 } 6212 reqHeaders.Set("User-Agent", c.s.userAgent()) 6213 var body io.Reader = nil 6214 body, err := googleapi.WithoutDataWrapper.JSONReader(c.signblobrequest) 6215 if err != nil { 6216 return nil, err 6217 } 6218 reqHeaders.Set("Content-Type", "application/json") 6219 c.urlParams_.Set("alt", alt) 6220 c.urlParams_.Set("prettyPrint", "false") 6221 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:signBlob") 6222 urls += "?" + c.urlParams_.Encode() 6223 req, err := http.NewRequest("POST", urls, body) 6224 if err != nil { 6225 return nil, err 6226 } 6227 req.Header = reqHeaders 6228 googleapi.Expand(req.URL, map[string]string{ 6229 "name": c.name, 6230 }) 6231 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6232} 6233 6234// Do executes the "iam.projects.serviceAccounts.signBlob" call. 6235// Exactly one of *SignBlobResponse or error will be non-nil. Any 6236// non-2xx status code is an error. Response headers are in either 6237// *SignBlobResponse.ServerResponse.Header or (if a response was 6238// returned at all) in error.(*googleapi.Error).Header. Use 6239// googleapi.IsNotModified to check whether the returned error was 6240// because http.StatusNotModified was returned. 6241func (c *ProjectsServiceAccountsSignBlobCall) Do(opts ...googleapi.CallOption) (*SignBlobResponse, error) { 6242 gensupport.SetOptions(c.urlParams_, opts...) 6243 res, err := c.doRequest("json") 6244 if res != nil && res.StatusCode == http.StatusNotModified { 6245 if res.Body != nil { 6246 res.Body.Close() 6247 } 6248 return nil, &googleapi.Error{ 6249 Code: res.StatusCode, 6250 Header: res.Header, 6251 } 6252 } 6253 if err != nil { 6254 return nil, err 6255 } 6256 defer googleapi.CloseBody(res) 6257 if err := googleapi.CheckResponse(res); err != nil { 6258 return nil, err 6259 } 6260 ret := &SignBlobResponse{ 6261 ServerResponse: googleapi.ServerResponse{ 6262 Header: res.Header, 6263 HTTPStatusCode: res.StatusCode, 6264 }, 6265 } 6266 target := &ret 6267 if err := gensupport.DecodeResponse(target, res); err != nil { 6268 return nil, err 6269 } 6270 return ret, nil 6271 // { 6272 // "description": "**Note**: This method is in the process of being deprecated. Call the\n[`signBlob()`](/iam/credentials/reference/rest/v1/projects.serviceAccounts/signBlob)\nmethod of the Cloud IAM Service Account Credentials API instead.\n\nSigns a blob using a service account's system-managed private key.", 6273 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signBlob", 6274 // "httpMethod": "POST", 6275 // "id": "iam.projects.serviceAccounts.signBlob", 6276 // "parameterOrder": [ 6277 // "name" 6278 // ], 6279 // "parameters": { 6280 // "name": { 6281 // "description": "Required. The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 6282 // "location": "path", 6283 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 6284 // "required": true, 6285 // "type": "string" 6286 // } 6287 // }, 6288 // "path": "v1/{+name}:signBlob", 6289 // "request": { 6290 // "$ref": "SignBlobRequest" 6291 // }, 6292 // "response": { 6293 // "$ref": "SignBlobResponse" 6294 // }, 6295 // "scopes": [ 6296 // "https://www.googleapis.com/auth/cloud-platform" 6297 // ] 6298 // } 6299 6300} 6301 6302// method id "iam.projects.serviceAccounts.signJwt": 6303 6304type ProjectsServiceAccountsSignJwtCall struct { 6305 s *Service 6306 name string 6307 signjwtrequest *SignJwtRequest 6308 urlParams_ gensupport.URLParams 6309 ctx_ context.Context 6310 header_ http.Header 6311} 6312 6313// SignJwt: **Note**: This method is in the process of being deprecated. 6314// Call 6315// the 6316// [`signJwt()`](/iam/credentials/reference/rest/v1/projects.serviceA 6317// ccounts/signJwt) 6318// method of the Cloud IAM Service Account Credentials API 6319// instead. 6320// 6321// Signs a JWT using a service account's system-managed private key. 6322// 6323// If no expiry time (`exp`) is provided in the `SignJwtRequest`, IAM 6324// sets an 6325// an expiry time of one hour by default. If you request an expiry time 6326// of 6327// more than one hour, the request will fail. 6328func (r *ProjectsServiceAccountsService) SignJwt(name string, signjwtrequest *SignJwtRequest) *ProjectsServiceAccountsSignJwtCall { 6329 c := &ProjectsServiceAccountsSignJwtCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6330 c.name = name 6331 c.signjwtrequest = signjwtrequest 6332 return c 6333} 6334 6335// Fields allows partial responses to be retrieved. See 6336// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6337// for more information. 6338func (c *ProjectsServiceAccountsSignJwtCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignJwtCall { 6339 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6340 return c 6341} 6342 6343// Context sets the context to be used in this call's Do method. Any 6344// pending HTTP request will be aborted if the provided context is 6345// canceled. 6346func (c *ProjectsServiceAccountsSignJwtCall) Context(ctx context.Context) *ProjectsServiceAccountsSignJwtCall { 6347 c.ctx_ = ctx 6348 return c 6349} 6350 6351// Header returns an http.Header that can be modified by the caller to 6352// add HTTP headers to the request. 6353func (c *ProjectsServiceAccountsSignJwtCall) Header() http.Header { 6354 if c.header_ == nil { 6355 c.header_ = make(http.Header) 6356 } 6357 return c.header_ 6358} 6359 6360func (c *ProjectsServiceAccountsSignJwtCall) doRequest(alt string) (*http.Response, error) { 6361 reqHeaders := make(http.Header) 6362 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 6363 for k, v := range c.header_ { 6364 reqHeaders[k] = v 6365 } 6366 reqHeaders.Set("User-Agent", c.s.userAgent()) 6367 var body io.Reader = nil 6368 body, err := googleapi.WithoutDataWrapper.JSONReader(c.signjwtrequest) 6369 if err != nil { 6370 return nil, err 6371 } 6372 reqHeaders.Set("Content-Type", "application/json") 6373 c.urlParams_.Set("alt", alt) 6374 c.urlParams_.Set("prettyPrint", "false") 6375 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:signJwt") 6376 urls += "?" + c.urlParams_.Encode() 6377 req, err := http.NewRequest("POST", urls, body) 6378 if err != nil { 6379 return nil, err 6380 } 6381 req.Header = reqHeaders 6382 googleapi.Expand(req.URL, map[string]string{ 6383 "name": c.name, 6384 }) 6385 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6386} 6387 6388// Do executes the "iam.projects.serviceAccounts.signJwt" call. 6389// Exactly one of *SignJwtResponse or error will be non-nil. Any non-2xx 6390// status code is an error. Response headers are in either 6391// *SignJwtResponse.ServerResponse.Header or (if a response was returned 6392// at all) in error.(*googleapi.Error).Header. Use 6393// googleapi.IsNotModified to check whether the returned error was 6394// because http.StatusNotModified was returned. 6395func (c *ProjectsServiceAccountsSignJwtCall) Do(opts ...googleapi.CallOption) (*SignJwtResponse, error) { 6396 gensupport.SetOptions(c.urlParams_, opts...) 6397 res, err := c.doRequest("json") 6398 if res != nil && res.StatusCode == http.StatusNotModified { 6399 if res.Body != nil { 6400 res.Body.Close() 6401 } 6402 return nil, &googleapi.Error{ 6403 Code: res.StatusCode, 6404 Header: res.Header, 6405 } 6406 } 6407 if err != nil { 6408 return nil, err 6409 } 6410 defer googleapi.CloseBody(res) 6411 if err := googleapi.CheckResponse(res); err != nil { 6412 return nil, err 6413 } 6414 ret := &SignJwtResponse{ 6415 ServerResponse: googleapi.ServerResponse{ 6416 Header: res.Header, 6417 HTTPStatusCode: res.StatusCode, 6418 }, 6419 } 6420 target := &ret 6421 if err := gensupport.DecodeResponse(target, res); err != nil { 6422 return nil, err 6423 } 6424 return ret, nil 6425 // { 6426 // "description": "**Note**: This method is in the process of being deprecated. Call the\n[`signJwt()`](/iam/credentials/reference/rest/v1/projects.serviceAccounts/signJwt)\nmethod of the Cloud IAM Service Account Credentials API instead.\n\nSigns a JWT using a service account's system-managed private key.\n\nIf no expiry time (`exp`) is provided in the `SignJwtRequest`, IAM sets an\nan expiry time of one hour by default. If you request an expiry time of\nmore than one hour, the request will fail.", 6427 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signJwt", 6428 // "httpMethod": "POST", 6429 // "id": "iam.projects.serviceAccounts.signJwt", 6430 // "parameterOrder": [ 6431 // "name" 6432 // ], 6433 // "parameters": { 6434 // "name": { 6435 // "description": "Required. The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 6436 // "location": "path", 6437 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 6438 // "required": true, 6439 // "type": "string" 6440 // } 6441 // }, 6442 // "path": "v1/{+name}:signJwt", 6443 // "request": { 6444 // "$ref": "SignJwtRequest" 6445 // }, 6446 // "response": { 6447 // "$ref": "SignJwtResponse" 6448 // }, 6449 // "scopes": [ 6450 // "https://www.googleapis.com/auth/cloud-platform" 6451 // ] 6452 // } 6453 6454} 6455 6456// method id "iam.projects.serviceAccounts.testIamPermissions": 6457 6458type ProjectsServiceAccountsTestIamPermissionsCall struct { 6459 s *Service 6460 resource string 6461 testiampermissionsrequest *TestIamPermissionsRequest 6462 urlParams_ gensupport.URLParams 6463 ctx_ context.Context 6464 header_ http.Header 6465} 6466 6467// TestIamPermissions: Tests the specified permissions against the IAM 6468// access control policy 6469// for a ServiceAccount. 6470func (r *ProjectsServiceAccountsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsServiceAccountsTestIamPermissionsCall { 6471 c := &ProjectsServiceAccountsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6472 c.resource = resource 6473 c.testiampermissionsrequest = testiampermissionsrequest 6474 return c 6475} 6476 6477// Fields allows partial responses to be retrieved. See 6478// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6479// for more information. 6480func (c *ProjectsServiceAccountsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsTestIamPermissionsCall { 6481 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6482 return c 6483} 6484 6485// Context sets the context to be used in this call's Do method. Any 6486// pending HTTP request will be aborted if the provided context is 6487// canceled. 6488func (c *ProjectsServiceAccountsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsServiceAccountsTestIamPermissionsCall { 6489 c.ctx_ = ctx 6490 return c 6491} 6492 6493// Header returns an http.Header that can be modified by the caller to 6494// add HTTP headers to the request. 6495func (c *ProjectsServiceAccountsTestIamPermissionsCall) Header() http.Header { 6496 if c.header_ == nil { 6497 c.header_ = make(http.Header) 6498 } 6499 return c.header_ 6500} 6501 6502func (c *ProjectsServiceAccountsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { 6503 reqHeaders := make(http.Header) 6504 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 6505 for k, v := range c.header_ { 6506 reqHeaders[k] = v 6507 } 6508 reqHeaders.Set("User-Agent", c.s.userAgent()) 6509 var body io.Reader = nil 6510 body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) 6511 if err != nil { 6512 return nil, err 6513 } 6514 reqHeaders.Set("Content-Type", "application/json") 6515 c.urlParams_.Set("alt", alt) 6516 c.urlParams_.Set("prettyPrint", "false") 6517 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions") 6518 urls += "?" + c.urlParams_.Encode() 6519 req, err := http.NewRequest("POST", urls, body) 6520 if err != nil { 6521 return nil, err 6522 } 6523 req.Header = reqHeaders 6524 googleapi.Expand(req.URL, map[string]string{ 6525 "resource": c.resource, 6526 }) 6527 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6528} 6529 6530// Do executes the "iam.projects.serviceAccounts.testIamPermissions" call. 6531// Exactly one of *TestIamPermissionsResponse or error will be non-nil. 6532// Any non-2xx status code is an error. Response headers are in either 6533// *TestIamPermissionsResponse.ServerResponse.Header or (if a response 6534// was returned at all) in error.(*googleapi.Error).Header. Use 6535// googleapi.IsNotModified to check whether the returned error was 6536// because http.StatusNotModified was returned. 6537func (c *ProjectsServiceAccountsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { 6538 gensupport.SetOptions(c.urlParams_, opts...) 6539 res, err := c.doRequest("json") 6540 if res != nil && res.StatusCode == http.StatusNotModified { 6541 if res.Body != nil { 6542 res.Body.Close() 6543 } 6544 return nil, &googleapi.Error{ 6545 Code: res.StatusCode, 6546 Header: res.Header, 6547 } 6548 } 6549 if err != nil { 6550 return nil, err 6551 } 6552 defer googleapi.CloseBody(res) 6553 if err := googleapi.CheckResponse(res); err != nil { 6554 return nil, err 6555 } 6556 ret := &TestIamPermissionsResponse{ 6557 ServerResponse: googleapi.ServerResponse{ 6558 Header: res.Header, 6559 HTTPStatusCode: res.StatusCode, 6560 }, 6561 } 6562 target := &ret 6563 if err := gensupport.DecodeResponse(target, res); err != nil { 6564 return nil, err 6565 } 6566 return ret, nil 6567 // { 6568 // "description": "Tests the specified permissions against the IAM access control policy\nfor a ServiceAccount.", 6569 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:testIamPermissions", 6570 // "httpMethod": "POST", 6571 // "id": "iam.projects.serviceAccounts.testIamPermissions", 6572 // "parameterOrder": [ 6573 // "resource" 6574 // ], 6575 // "parameters": { 6576 // "resource": { 6577 // "description": "REQUIRED: The resource for which the policy detail is being requested.\nSee the operation documentation for the appropriate value for this field.", 6578 // "location": "path", 6579 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 6580 // "required": true, 6581 // "type": "string" 6582 // } 6583 // }, 6584 // "path": "v1/{+resource}:testIamPermissions", 6585 // "request": { 6586 // "$ref": "TestIamPermissionsRequest" 6587 // }, 6588 // "response": { 6589 // "$ref": "TestIamPermissionsResponse" 6590 // }, 6591 // "scopes": [ 6592 // "https://www.googleapis.com/auth/cloud-platform" 6593 // ] 6594 // } 6595 6596} 6597 6598// method id "iam.projects.serviceAccounts.undelete": 6599 6600type ProjectsServiceAccountsUndeleteCall struct { 6601 s *Service 6602 name string 6603 undeleteserviceaccountrequest *UndeleteServiceAccountRequest 6604 urlParams_ gensupport.URLParams 6605 ctx_ context.Context 6606 header_ http.Header 6607} 6608 6609// Undelete: Restores a deleted ServiceAccount. 6610// This is to be used as an action of last resort. A service account 6611// may 6612// not always be restorable. 6613func (r *ProjectsServiceAccountsService) Undelete(name string, undeleteserviceaccountrequest *UndeleteServiceAccountRequest) *ProjectsServiceAccountsUndeleteCall { 6614 c := &ProjectsServiceAccountsUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6615 c.name = name 6616 c.undeleteserviceaccountrequest = undeleteserviceaccountrequest 6617 return c 6618} 6619 6620// Fields allows partial responses to be retrieved. See 6621// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6622// for more information. 6623func (c *ProjectsServiceAccountsUndeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsUndeleteCall { 6624 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6625 return c 6626} 6627 6628// Context sets the context to be used in this call's Do method. Any 6629// pending HTTP request will be aborted if the provided context is 6630// canceled. 6631func (c *ProjectsServiceAccountsUndeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsUndeleteCall { 6632 c.ctx_ = ctx 6633 return c 6634} 6635 6636// Header returns an http.Header that can be modified by the caller to 6637// add HTTP headers to the request. 6638func (c *ProjectsServiceAccountsUndeleteCall) Header() http.Header { 6639 if c.header_ == nil { 6640 c.header_ = make(http.Header) 6641 } 6642 return c.header_ 6643} 6644 6645func (c *ProjectsServiceAccountsUndeleteCall) doRequest(alt string) (*http.Response, error) { 6646 reqHeaders := make(http.Header) 6647 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 6648 for k, v := range c.header_ { 6649 reqHeaders[k] = v 6650 } 6651 reqHeaders.Set("User-Agent", c.s.userAgent()) 6652 var body io.Reader = nil 6653 body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteserviceaccountrequest) 6654 if err != nil { 6655 return nil, err 6656 } 6657 reqHeaders.Set("Content-Type", "application/json") 6658 c.urlParams_.Set("alt", alt) 6659 c.urlParams_.Set("prettyPrint", "false") 6660 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete") 6661 urls += "?" + c.urlParams_.Encode() 6662 req, err := http.NewRequest("POST", urls, body) 6663 if err != nil { 6664 return nil, err 6665 } 6666 req.Header = reqHeaders 6667 googleapi.Expand(req.URL, map[string]string{ 6668 "name": c.name, 6669 }) 6670 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6671} 6672 6673// Do executes the "iam.projects.serviceAccounts.undelete" call. 6674// Exactly one of *UndeleteServiceAccountResponse or error will be 6675// non-nil. Any non-2xx status code is an error. Response headers are in 6676// either *UndeleteServiceAccountResponse.ServerResponse.Header or (if a 6677// response was returned at all) in error.(*googleapi.Error).Header. Use 6678// googleapi.IsNotModified to check whether the returned error was 6679// because http.StatusNotModified was returned. 6680func (c *ProjectsServiceAccountsUndeleteCall) Do(opts ...googleapi.CallOption) (*UndeleteServiceAccountResponse, error) { 6681 gensupport.SetOptions(c.urlParams_, opts...) 6682 res, err := c.doRequest("json") 6683 if res != nil && res.StatusCode == http.StatusNotModified { 6684 if res.Body != nil { 6685 res.Body.Close() 6686 } 6687 return nil, &googleapi.Error{ 6688 Code: res.StatusCode, 6689 Header: res.Header, 6690 } 6691 } 6692 if err != nil { 6693 return nil, err 6694 } 6695 defer googleapi.CloseBody(res) 6696 if err := googleapi.CheckResponse(res); err != nil { 6697 return nil, err 6698 } 6699 ret := &UndeleteServiceAccountResponse{ 6700 ServerResponse: googleapi.ServerResponse{ 6701 Header: res.Header, 6702 HTTPStatusCode: res.StatusCode, 6703 }, 6704 } 6705 target := &ret 6706 if err := gensupport.DecodeResponse(target, res); err != nil { 6707 return nil, err 6708 } 6709 return ret, nil 6710 // { 6711 // "description": "Restores a deleted ServiceAccount.\nThis is to be used as an action of last resort. A service account may\nnot always be restorable.", 6712 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:undelete", 6713 // "httpMethod": "POST", 6714 // "id": "iam.projects.serviceAccounts.undelete", 6715 // "parameterOrder": [ 6716 // "name" 6717 // ], 6718 // "parameters": { 6719 // "name": { 6720 // "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT_UNIQUE_ID}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account.", 6721 // "location": "path", 6722 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 6723 // "required": true, 6724 // "type": "string" 6725 // } 6726 // }, 6727 // "path": "v1/{+name}:undelete", 6728 // "request": { 6729 // "$ref": "UndeleteServiceAccountRequest" 6730 // }, 6731 // "response": { 6732 // "$ref": "UndeleteServiceAccountResponse" 6733 // }, 6734 // "scopes": [ 6735 // "https://www.googleapis.com/auth/cloud-platform" 6736 // ] 6737 // } 6738 6739} 6740 6741// method id "iam.projects.serviceAccounts.update": 6742 6743type ProjectsServiceAccountsUpdateCall struct { 6744 s *Service 6745 name string 6746 serviceaccount *ServiceAccount 6747 urlParams_ gensupport.URLParams 6748 ctx_ context.Context 6749 header_ http.Header 6750} 6751 6752// Update: Note: This method is in the process of being deprecated. 6753// Use 6754// PatchServiceAccount instead. 6755// 6756// Updates a ServiceAccount. 6757// 6758// Currently, only the following fields are updatable: 6759// `display_name` and `description`. 6760func (r *ProjectsServiceAccountsService) Update(name string, serviceaccount *ServiceAccount) *ProjectsServiceAccountsUpdateCall { 6761 c := &ProjectsServiceAccountsUpdateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6762 c.name = name 6763 c.serviceaccount = serviceaccount 6764 return c 6765} 6766 6767// Fields allows partial responses to be retrieved. See 6768// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6769// for more information. 6770func (c *ProjectsServiceAccountsUpdateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsUpdateCall { 6771 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6772 return c 6773} 6774 6775// Context sets the context to be used in this call's Do method. Any 6776// pending HTTP request will be aborted if the provided context is 6777// canceled. 6778func (c *ProjectsServiceAccountsUpdateCall) Context(ctx context.Context) *ProjectsServiceAccountsUpdateCall { 6779 c.ctx_ = ctx 6780 return c 6781} 6782 6783// Header returns an http.Header that can be modified by the caller to 6784// add HTTP headers to the request. 6785func (c *ProjectsServiceAccountsUpdateCall) Header() http.Header { 6786 if c.header_ == nil { 6787 c.header_ = make(http.Header) 6788 } 6789 return c.header_ 6790} 6791 6792func (c *ProjectsServiceAccountsUpdateCall) doRequest(alt string) (*http.Response, error) { 6793 reqHeaders := make(http.Header) 6794 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 6795 for k, v := range c.header_ { 6796 reqHeaders[k] = v 6797 } 6798 reqHeaders.Set("User-Agent", c.s.userAgent()) 6799 var body io.Reader = nil 6800 body, err := googleapi.WithoutDataWrapper.JSONReader(c.serviceaccount) 6801 if err != nil { 6802 return nil, err 6803 } 6804 reqHeaders.Set("Content-Type", "application/json") 6805 c.urlParams_.Set("alt", alt) 6806 c.urlParams_.Set("prettyPrint", "false") 6807 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6808 urls += "?" + c.urlParams_.Encode() 6809 req, err := http.NewRequest("PUT", urls, body) 6810 if err != nil { 6811 return nil, err 6812 } 6813 req.Header = reqHeaders 6814 googleapi.Expand(req.URL, map[string]string{ 6815 "name": c.name, 6816 }) 6817 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6818} 6819 6820// Do executes the "iam.projects.serviceAccounts.update" call. 6821// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx 6822// status code is an error. Response headers are in either 6823// *ServiceAccount.ServerResponse.Header or (if a response was returned 6824// at all) in error.(*googleapi.Error).Header. Use 6825// googleapi.IsNotModified to check whether the returned error was 6826// because http.StatusNotModified was returned. 6827func (c *ProjectsServiceAccountsUpdateCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) { 6828 gensupport.SetOptions(c.urlParams_, opts...) 6829 res, err := c.doRequest("json") 6830 if res != nil && res.StatusCode == http.StatusNotModified { 6831 if res.Body != nil { 6832 res.Body.Close() 6833 } 6834 return nil, &googleapi.Error{ 6835 Code: res.StatusCode, 6836 Header: res.Header, 6837 } 6838 } 6839 if err != nil { 6840 return nil, err 6841 } 6842 defer googleapi.CloseBody(res) 6843 if err := googleapi.CheckResponse(res); err != nil { 6844 return nil, err 6845 } 6846 ret := &ServiceAccount{ 6847 ServerResponse: googleapi.ServerResponse{ 6848 Header: res.Header, 6849 HTTPStatusCode: res.StatusCode, 6850 }, 6851 } 6852 target := &ret 6853 if err := gensupport.DecodeResponse(target, res); err != nil { 6854 return nil, err 6855 } 6856 return ret, nil 6857 // { 6858 // "description": "Note: This method is in the process of being deprecated. Use\nPatchServiceAccount instead.\n\nUpdates a ServiceAccount.\n\nCurrently, only the following fields are updatable:\n`display_name` and `description`.", 6859 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}", 6860 // "httpMethod": "PUT", 6861 // "id": "iam.projects.serviceAccounts.update", 6862 // "parameterOrder": [ 6863 // "name" 6864 // ], 6865 // "parameters": { 6866 // "name": { 6867 // "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\n\nRequests using `-` as a wildcard for the `PROJECT_ID` will infer the\nproject from the `account` and the `ACCOUNT` value can be the `email`\naddress or the `unique_id` of the service account.\n\nIn responses the resource name will always be in the format\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.", 6868 // "location": "path", 6869 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 6870 // "required": true, 6871 // "type": "string" 6872 // } 6873 // }, 6874 // "path": "v1/{+name}", 6875 // "request": { 6876 // "$ref": "ServiceAccount" 6877 // }, 6878 // "response": { 6879 // "$ref": "ServiceAccount" 6880 // }, 6881 // "scopes": [ 6882 // "https://www.googleapis.com/auth/cloud-platform" 6883 // ] 6884 // } 6885 6886} 6887 6888// method id "iam.projects.serviceAccounts.keys.create": 6889 6890type ProjectsServiceAccountsKeysCreateCall struct { 6891 s *Service 6892 name string 6893 createserviceaccountkeyrequest *CreateServiceAccountKeyRequest 6894 urlParams_ gensupport.URLParams 6895 ctx_ context.Context 6896 header_ http.Header 6897} 6898 6899// Create: Creates a ServiceAccountKey 6900// and returns it. 6901func (r *ProjectsServiceAccountsKeysService) Create(name string, createserviceaccountkeyrequest *CreateServiceAccountKeyRequest) *ProjectsServiceAccountsKeysCreateCall { 6902 c := &ProjectsServiceAccountsKeysCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6903 c.name = name 6904 c.createserviceaccountkeyrequest = createserviceaccountkeyrequest 6905 return c 6906} 6907 6908// Fields allows partial responses to be retrieved. See 6909// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6910// for more information. 6911func (c *ProjectsServiceAccountsKeysCreateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysCreateCall { 6912 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6913 return c 6914} 6915 6916// Context sets the context to be used in this call's Do method. Any 6917// pending HTTP request will be aborted if the provided context is 6918// canceled. 6919func (c *ProjectsServiceAccountsKeysCreateCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysCreateCall { 6920 c.ctx_ = ctx 6921 return c 6922} 6923 6924// Header returns an http.Header that can be modified by the caller to 6925// add HTTP headers to the request. 6926func (c *ProjectsServiceAccountsKeysCreateCall) Header() http.Header { 6927 if c.header_ == nil { 6928 c.header_ = make(http.Header) 6929 } 6930 return c.header_ 6931} 6932 6933func (c *ProjectsServiceAccountsKeysCreateCall) doRequest(alt string) (*http.Response, error) { 6934 reqHeaders := make(http.Header) 6935 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 6936 for k, v := range c.header_ { 6937 reqHeaders[k] = v 6938 } 6939 reqHeaders.Set("User-Agent", c.s.userAgent()) 6940 var body io.Reader = nil 6941 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createserviceaccountkeyrequest) 6942 if err != nil { 6943 return nil, err 6944 } 6945 reqHeaders.Set("Content-Type", "application/json") 6946 c.urlParams_.Set("alt", alt) 6947 c.urlParams_.Set("prettyPrint", "false") 6948 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys") 6949 urls += "?" + c.urlParams_.Encode() 6950 req, err := http.NewRequest("POST", urls, body) 6951 if err != nil { 6952 return nil, err 6953 } 6954 req.Header = reqHeaders 6955 googleapi.Expand(req.URL, map[string]string{ 6956 "name": c.name, 6957 }) 6958 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6959} 6960 6961// Do executes the "iam.projects.serviceAccounts.keys.create" call. 6962// Exactly one of *ServiceAccountKey or error will be non-nil. Any 6963// non-2xx status code is an error. Response headers are in either 6964// *ServiceAccountKey.ServerResponse.Header or (if a response was 6965// returned at all) in error.(*googleapi.Error).Header. Use 6966// googleapi.IsNotModified to check whether the returned error was 6967// because http.StatusNotModified was returned. 6968func (c *ProjectsServiceAccountsKeysCreateCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 6969 gensupport.SetOptions(c.urlParams_, opts...) 6970 res, err := c.doRequest("json") 6971 if res != nil && res.StatusCode == http.StatusNotModified { 6972 if res.Body != nil { 6973 res.Body.Close() 6974 } 6975 return nil, &googleapi.Error{ 6976 Code: res.StatusCode, 6977 Header: res.Header, 6978 } 6979 } 6980 if err != nil { 6981 return nil, err 6982 } 6983 defer googleapi.CloseBody(res) 6984 if err := googleapi.CheckResponse(res); err != nil { 6985 return nil, err 6986 } 6987 ret := &ServiceAccountKey{ 6988 ServerResponse: googleapi.ServerResponse{ 6989 Header: res.Header, 6990 HTTPStatusCode: res.StatusCode, 6991 }, 6992 } 6993 target := &ret 6994 if err := gensupport.DecodeResponse(target, res); err != nil { 6995 return nil, err 6996 } 6997 return ret, nil 6998 // { 6999 // "description": "Creates a ServiceAccountKey\nand returns it.", 7000 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys", 7001 // "httpMethod": "POST", 7002 // "id": "iam.projects.serviceAccounts.keys.create", 7003 // "parameterOrder": [ 7004 // "name" 7005 // ], 7006 // "parameters": { 7007 // "name": { 7008 // "description": "Required. The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 7009 // "location": "path", 7010 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 7011 // "required": true, 7012 // "type": "string" 7013 // } 7014 // }, 7015 // "path": "v1/{+name}/keys", 7016 // "request": { 7017 // "$ref": "CreateServiceAccountKeyRequest" 7018 // }, 7019 // "response": { 7020 // "$ref": "ServiceAccountKey" 7021 // }, 7022 // "scopes": [ 7023 // "https://www.googleapis.com/auth/cloud-platform" 7024 // ] 7025 // } 7026 7027} 7028 7029// method id "iam.projects.serviceAccounts.keys.delete": 7030 7031type ProjectsServiceAccountsKeysDeleteCall struct { 7032 s *Service 7033 name string 7034 urlParams_ gensupport.URLParams 7035 ctx_ context.Context 7036 header_ http.Header 7037} 7038 7039// Delete: Deletes a ServiceAccountKey. 7040func (r *ProjectsServiceAccountsKeysService) Delete(name string) *ProjectsServiceAccountsKeysDeleteCall { 7041 c := &ProjectsServiceAccountsKeysDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7042 c.name = name 7043 return c 7044} 7045 7046// Fields allows partial responses to be retrieved. See 7047// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7048// for more information. 7049func (c *ProjectsServiceAccountsKeysDeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysDeleteCall { 7050 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7051 return c 7052} 7053 7054// Context sets the context to be used in this call's Do method. Any 7055// pending HTTP request will be aborted if the provided context is 7056// canceled. 7057func (c *ProjectsServiceAccountsKeysDeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysDeleteCall { 7058 c.ctx_ = ctx 7059 return c 7060} 7061 7062// Header returns an http.Header that can be modified by the caller to 7063// add HTTP headers to the request. 7064func (c *ProjectsServiceAccountsKeysDeleteCall) Header() http.Header { 7065 if c.header_ == nil { 7066 c.header_ = make(http.Header) 7067 } 7068 return c.header_ 7069} 7070 7071func (c *ProjectsServiceAccountsKeysDeleteCall) doRequest(alt string) (*http.Response, error) { 7072 reqHeaders := make(http.Header) 7073 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 7074 for k, v := range c.header_ { 7075 reqHeaders[k] = v 7076 } 7077 reqHeaders.Set("User-Agent", c.s.userAgent()) 7078 var body io.Reader = nil 7079 c.urlParams_.Set("alt", alt) 7080 c.urlParams_.Set("prettyPrint", "false") 7081 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 7082 urls += "?" + c.urlParams_.Encode() 7083 req, err := http.NewRequest("DELETE", urls, body) 7084 if err != nil { 7085 return nil, err 7086 } 7087 req.Header = reqHeaders 7088 googleapi.Expand(req.URL, map[string]string{ 7089 "name": c.name, 7090 }) 7091 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7092} 7093 7094// Do executes the "iam.projects.serviceAccounts.keys.delete" call. 7095// Exactly one of *Empty or error will be non-nil. Any non-2xx status 7096// code is an error. Response headers are in either 7097// *Empty.ServerResponse.Header or (if a response was returned at all) 7098// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 7099// check whether the returned error was because http.StatusNotModified 7100// was returned. 7101func (c *ProjectsServiceAccountsKeysDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 7102 gensupport.SetOptions(c.urlParams_, opts...) 7103 res, err := c.doRequest("json") 7104 if res != nil && res.StatusCode == http.StatusNotModified { 7105 if res.Body != nil { 7106 res.Body.Close() 7107 } 7108 return nil, &googleapi.Error{ 7109 Code: res.StatusCode, 7110 Header: res.Header, 7111 } 7112 } 7113 if err != nil { 7114 return nil, err 7115 } 7116 defer googleapi.CloseBody(res) 7117 if err := googleapi.CheckResponse(res); err != nil { 7118 return nil, err 7119 } 7120 ret := &Empty{ 7121 ServerResponse: googleapi.ServerResponse{ 7122 Header: res.Header, 7123 HTTPStatusCode: res.StatusCode, 7124 }, 7125 } 7126 target := &ret 7127 if err := gensupport.DecodeResponse(target, res); err != nil { 7128 return nil, err 7129 } 7130 return ret, nil 7131 // { 7132 // "description": "Deletes a ServiceAccountKey.", 7133 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}", 7134 // "httpMethod": "DELETE", 7135 // "id": "iam.projects.serviceAccounts.keys.delete", 7136 // "parameterOrder": [ 7137 // "name" 7138 // ], 7139 // "parameters": { 7140 // "name": { 7141 // "description": "Required. The resource name of the service account key in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 7142 // "location": "path", 7143 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$", 7144 // "required": true, 7145 // "type": "string" 7146 // } 7147 // }, 7148 // "path": "v1/{+name}", 7149 // "response": { 7150 // "$ref": "Empty" 7151 // }, 7152 // "scopes": [ 7153 // "https://www.googleapis.com/auth/cloud-platform" 7154 // ] 7155 // } 7156 7157} 7158 7159// method id "iam.projects.serviceAccounts.keys.get": 7160 7161type ProjectsServiceAccountsKeysGetCall struct { 7162 s *Service 7163 name string 7164 urlParams_ gensupport.URLParams 7165 ifNoneMatch_ string 7166 ctx_ context.Context 7167 header_ http.Header 7168} 7169 7170// Get: Gets the ServiceAccountKey 7171// by key id. 7172func (r *ProjectsServiceAccountsKeysService) Get(name string) *ProjectsServiceAccountsKeysGetCall { 7173 c := &ProjectsServiceAccountsKeysGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7174 c.name = name 7175 return c 7176} 7177 7178// PublicKeyType sets the optional parameter "publicKeyType": The output 7179// format of the public key requested. 7180// X509_PEM is the default output format. 7181// 7182// Possible values: 7183// "TYPE_NONE" 7184// "TYPE_X509_PEM_FILE" 7185// "TYPE_RAW_PUBLIC_KEY" 7186func (c *ProjectsServiceAccountsKeysGetCall) PublicKeyType(publicKeyType string) *ProjectsServiceAccountsKeysGetCall { 7187 c.urlParams_.Set("publicKeyType", publicKeyType) 7188 return c 7189} 7190 7191// Fields allows partial responses to be retrieved. See 7192// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7193// for more information. 7194func (c *ProjectsServiceAccountsKeysGetCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysGetCall { 7195 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7196 return c 7197} 7198 7199// IfNoneMatch sets the optional parameter which makes the operation 7200// fail if the object's ETag matches the given value. This is useful for 7201// getting updates only after the object has changed since the last 7202// request. Use googleapi.IsNotModified to check whether the response 7203// error from Do is the result of In-None-Match. 7204func (c *ProjectsServiceAccountsKeysGetCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsKeysGetCall { 7205 c.ifNoneMatch_ = entityTag 7206 return c 7207} 7208 7209// Context sets the context to be used in this call's Do method. Any 7210// pending HTTP request will be aborted if the provided context is 7211// canceled. 7212func (c *ProjectsServiceAccountsKeysGetCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysGetCall { 7213 c.ctx_ = ctx 7214 return c 7215} 7216 7217// Header returns an http.Header that can be modified by the caller to 7218// add HTTP headers to the request. 7219func (c *ProjectsServiceAccountsKeysGetCall) Header() http.Header { 7220 if c.header_ == nil { 7221 c.header_ = make(http.Header) 7222 } 7223 return c.header_ 7224} 7225 7226func (c *ProjectsServiceAccountsKeysGetCall) doRequest(alt string) (*http.Response, error) { 7227 reqHeaders := make(http.Header) 7228 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 7229 for k, v := range c.header_ { 7230 reqHeaders[k] = v 7231 } 7232 reqHeaders.Set("User-Agent", c.s.userAgent()) 7233 if c.ifNoneMatch_ != "" { 7234 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7235 } 7236 var body io.Reader = nil 7237 c.urlParams_.Set("alt", alt) 7238 c.urlParams_.Set("prettyPrint", "false") 7239 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 7240 urls += "?" + c.urlParams_.Encode() 7241 req, err := http.NewRequest("GET", urls, body) 7242 if err != nil { 7243 return nil, err 7244 } 7245 req.Header = reqHeaders 7246 googleapi.Expand(req.URL, map[string]string{ 7247 "name": c.name, 7248 }) 7249 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7250} 7251 7252// Do executes the "iam.projects.serviceAccounts.keys.get" call. 7253// Exactly one of *ServiceAccountKey or error will be non-nil. Any 7254// non-2xx status code is an error. Response headers are in either 7255// *ServiceAccountKey.ServerResponse.Header or (if a response was 7256// returned at all) in error.(*googleapi.Error).Header. Use 7257// googleapi.IsNotModified to check whether the returned error was 7258// because http.StatusNotModified was returned. 7259func (c *ProjectsServiceAccountsKeysGetCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 7260 gensupport.SetOptions(c.urlParams_, opts...) 7261 res, err := c.doRequest("json") 7262 if res != nil && res.StatusCode == http.StatusNotModified { 7263 if res.Body != nil { 7264 res.Body.Close() 7265 } 7266 return nil, &googleapi.Error{ 7267 Code: res.StatusCode, 7268 Header: res.Header, 7269 } 7270 } 7271 if err != nil { 7272 return nil, err 7273 } 7274 defer googleapi.CloseBody(res) 7275 if err := googleapi.CheckResponse(res); err != nil { 7276 return nil, err 7277 } 7278 ret := &ServiceAccountKey{ 7279 ServerResponse: googleapi.ServerResponse{ 7280 Header: res.Header, 7281 HTTPStatusCode: res.StatusCode, 7282 }, 7283 } 7284 target := &ret 7285 if err := gensupport.DecodeResponse(target, res); err != nil { 7286 return nil, err 7287 } 7288 return ret, nil 7289 // { 7290 // "description": "Gets the ServiceAccountKey\nby key id.", 7291 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}", 7292 // "httpMethod": "GET", 7293 // "id": "iam.projects.serviceAccounts.keys.get", 7294 // "parameterOrder": [ 7295 // "name" 7296 // ], 7297 // "parameters": { 7298 // "name": { 7299 // "description": "Required. The resource name of the service account key in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`.\n\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 7300 // "location": "path", 7301 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$", 7302 // "required": true, 7303 // "type": "string" 7304 // }, 7305 // "publicKeyType": { 7306 // "description": "The output format of the public key requested.\nX509_PEM is the default output format.", 7307 // "enum": [ 7308 // "TYPE_NONE", 7309 // "TYPE_X509_PEM_FILE", 7310 // "TYPE_RAW_PUBLIC_KEY" 7311 // ], 7312 // "location": "query", 7313 // "type": "string" 7314 // } 7315 // }, 7316 // "path": "v1/{+name}", 7317 // "response": { 7318 // "$ref": "ServiceAccountKey" 7319 // }, 7320 // "scopes": [ 7321 // "https://www.googleapis.com/auth/cloud-platform" 7322 // ] 7323 // } 7324 7325} 7326 7327// method id "iam.projects.serviceAccounts.keys.list": 7328 7329type ProjectsServiceAccountsKeysListCall struct { 7330 s *Service 7331 name string 7332 urlParams_ gensupport.URLParams 7333 ifNoneMatch_ string 7334 ctx_ context.Context 7335 header_ http.Header 7336} 7337 7338// List: Lists ServiceAccountKeys. 7339func (r *ProjectsServiceAccountsKeysService) List(name string) *ProjectsServiceAccountsKeysListCall { 7340 c := &ProjectsServiceAccountsKeysListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7341 c.name = name 7342 return c 7343} 7344 7345// KeyTypes sets the optional parameter "keyTypes": Filters the types of 7346// keys the user wants to include in the list 7347// response. Duplicate key types are not allowed. If no key type 7348// is provided, all keys are returned. 7349// 7350// Possible values: 7351// "KEY_TYPE_UNSPECIFIED" 7352// "USER_MANAGED" 7353// "SYSTEM_MANAGED" 7354func (c *ProjectsServiceAccountsKeysListCall) KeyTypes(keyTypes ...string) *ProjectsServiceAccountsKeysListCall { 7355 c.urlParams_.SetMulti("keyTypes", append([]string{}, keyTypes...)) 7356 return c 7357} 7358 7359// Fields allows partial responses to be retrieved. See 7360// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7361// for more information. 7362func (c *ProjectsServiceAccountsKeysListCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysListCall { 7363 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7364 return c 7365} 7366 7367// IfNoneMatch sets the optional parameter which makes the operation 7368// fail if the object's ETag matches the given value. This is useful for 7369// getting updates only after the object has changed since the last 7370// request. Use googleapi.IsNotModified to check whether the response 7371// error from Do is the result of In-None-Match. 7372func (c *ProjectsServiceAccountsKeysListCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsKeysListCall { 7373 c.ifNoneMatch_ = entityTag 7374 return c 7375} 7376 7377// Context sets the context to be used in this call's Do method. Any 7378// pending HTTP request will be aborted if the provided context is 7379// canceled. 7380func (c *ProjectsServiceAccountsKeysListCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysListCall { 7381 c.ctx_ = ctx 7382 return c 7383} 7384 7385// Header returns an http.Header that can be modified by the caller to 7386// add HTTP headers to the request. 7387func (c *ProjectsServiceAccountsKeysListCall) Header() http.Header { 7388 if c.header_ == nil { 7389 c.header_ = make(http.Header) 7390 } 7391 return c.header_ 7392} 7393 7394func (c *ProjectsServiceAccountsKeysListCall) doRequest(alt string) (*http.Response, error) { 7395 reqHeaders := make(http.Header) 7396 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 7397 for k, v := range c.header_ { 7398 reqHeaders[k] = v 7399 } 7400 reqHeaders.Set("User-Agent", c.s.userAgent()) 7401 if c.ifNoneMatch_ != "" { 7402 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7403 } 7404 var body io.Reader = nil 7405 c.urlParams_.Set("alt", alt) 7406 c.urlParams_.Set("prettyPrint", "false") 7407 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys") 7408 urls += "?" + c.urlParams_.Encode() 7409 req, err := http.NewRequest("GET", urls, body) 7410 if err != nil { 7411 return nil, err 7412 } 7413 req.Header = reqHeaders 7414 googleapi.Expand(req.URL, map[string]string{ 7415 "name": c.name, 7416 }) 7417 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7418} 7419 7420// Do executes the "iam.projects.serviceAccounts.keys.list" call. 7421// Exactly one of *ListServiceAccountKeysResponse or error will be 7422// non-nil. Any non-2xx status code is an error. Response headers are in 7423// either *ListServiceAccountKeysResponse.ServerResponse.Header or (if a 7424// response was returned at all) in error.(*googleapi.Error).Header. Use 7425// googleapi.IsNotModified to check whether the returned error was 7426// because http.StatusNotModified was returned. 7427func (c *ProjectsServiceAccountsKeysListCall) Do(opts ...googleapi.CallOption) (*ListServiceAccountKeysResponse, error) { 7428 gensupport.SetOptions(c.urlParams_, opts...) 7429 res, err := c.doRequest("json") 7430 if res != nil && res.StatusCode == http.StatusNotModified { 7431 if res.Body != nil { 7432 res.Body.Close() 7433 } 7434 return nil, &googleapi.Error{ 7435 Code: res.StatusCode, 7436 Header: res.Header, 7437 } 7438 } 7439 if err != nil { 7440 return nil, err 7441 } 7442 defer googleapi.CloseBody(res) 7443 if err := googleapi.CheckResponse(res); err != nil { 7444 return nil, err 7445 } 7446 ret := &ListServiceAccountKeysResponse{ 7447 ServerResponse: googleapi.ServerResponse{ 7448 Header: res.Header, 7449 HTTPStatusCode: res.StatusCode, 7450 }, 7451 } 7452 target := &ret 7453 if err := gensupport.DecodeResponse(target, res); err != nil { 7454 return nil, err 7455 } 7456 return ret, nil 7457 // { 7458 // "description": "Lists ServiceAccountKeys.", 7459 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys", 7460 // "httpMethod": "GET", 7461 // "id": "iam.projects.serviceAccounts.keys.list", 7462 // "parameterOrder": [ 7463 // "name" 7464 // ], 7465 // "parameters": { 7466 // "keyTypes": { 7467 // "description": "Filters the types of keys the user wants to include in the list\nresponse. Duplicate key types are not allowed. If no key type\nis provided, all keys are returned.", 7468 // "enum": [ 7469 // "KEY_TYPE_UNSPECIFIED", 7470 // "USER_MANAGED", 7471 // "SYSTEM_MANAGED" 7472 // ], 7473 // "location": "query", 7474 // "repeated": true, 7475 // "type": "string" 7476 // }, 7477 // "name": { 7478 // "description": "Required. The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\n\nUsing `-` as a wildcard for the `PROJECT_ID`, will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 7479 // "location": "path", 7480 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 7481 // "required": true, 7482 // "type": "string" 7483 // } 7484 // }, 7485 // "path": "v1/{+name}/keys", 7486 // "response": { 7487 // "$ref": "ListServiceAccountKeysResponse" 7488 // }, 7489 // "scopes": [ 7490 // "https://www.googleapis.com/auth/cloud-platform" 7491 // ] 7492 // } 7493 7494} 7495 7496// method id "iam.projects.serviceAccounts.keys.upload": 7497 7498type ProjectsServiceAccountsKeysUploadCall struct { 7499 s *Service 7500 name string 7501 uploadserviceaccountkeyrequest *UploadServiceAccountKeyRequest 7502 urlParams_ gensupport.URLParams 7503 ctx_ context.Context 7504 header_ http.Header 7505} 7506 7507// Upload: Upload public key for a given service account. 7508// This rpc will create a 7509// ServiceAccountKey that has the 7510// provided public key and returns it. 7511func (r *ProjectsServiceAccountsKeysService) Upload(name string, uploadserviceaccountkeyrequest *UploadServiceAccountKeyRequest) *ProjectsServiceAccountsKeysUploadCall { 7512 c := &ProjectsServiceAccountsKeysUploadCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7513 c.name = name 7514 c.uploadserviceaccountkeyrequest = uploadserviceaccountkeyrequest 7515 return c 7516} 7517 7518// Fields allows partial responses to be retrieved. See 7519// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7520// for more information. 7521func (c *ProjectsServiceAccountsKeysUploadCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysUploadCall { 7522 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7523 return c 7524} 7525 7526// Context sets the context to be used in this call's Do method. Any 7527// pending HTTP request will be aborted if the provided context is 7528// canceled. 7529func (c *ProjectsServiceAccountsKeysUploadCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysUploadCall { 7530 c.ctx_ = ctx 7531 return c 7532} 7533 7534// Header returns an http.Header that can be modified by the caller to 7535// add HTTP headers to the request. 7536func (c *ProjectsServiceAccountsKeysUploadCall) Header() http.Header { 7537 if c.header_ == nil { 7538 c.header_ = make(http.Header) 7539 } 7540 return c.header_ 7541} 7542 7543func (c *ProjectsServiceAccountsKeysUploadCall) doRequest(alt string) (*http.Response, error) { 7544 reqHeaders := make(http.Header) 7545 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 7546 for k, v := range c.header_ { 7547 reqHeaders[k] = v 7548 } 7549 reqHeaders.Set("User-Agent", c.s.userAgent()) 7550 var body io.Reader = nil 7551 body, err := googleapi.WithoutDataWrapper.JSONReader(c.uploadserviceaccountkeyrequest) 7552 if err != nil { 7553 return nil, err 7554 } 7555 reqHeaders.Set("Content-Type", "application/json") 7556 c.urlParams_.Set("alt", alt) 7557 c.urlParams_.Set("prettyPrint", "false") 7558 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys:upload") 7559 urls += "?" + c.urlParams_.Encode() 7560 req, err := http.NewRequest("POST", urls, body) 7561 if err != nil { 7562 return nil, err 7563 } 7564 req.Header = reqHeaders 7565 googleapi.Expand(req.URL, map[string]string{ 7566 "name": c.name, 7567 }) 7568 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7569} 7570 7571// Do executes the "iam.projects.serviceAccounts.keys.upload" call. 7572// Exactly one of *ServiceAccountKey or error will be non-nil. Any 7573// non-2xx status code is an error. Response headers are in either 7574// *ServiceAccountKey.ServerResponse.Header or (if a response was 7575// returned at all) in error.(*googleapi.Error).Header. Use 7576// googleapi.IsNotModified to check whether the returned error was 7577// because http.StatusNotModified was returned. 7578func (c *ProjectsServiceAccountsKeysUploadCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) { 7579 gensupport.SetOptions(c.urlParams_, opts...) 7580 res, err := c.doRequest("json") 7581 if res != nil && res.StatusCode == http.StatusNotModified { 7582 if res.Body != nil { 7583 res.Body.Close() 7584 } 7585 return nil, &googleapi.Error{ 7586 Code: res.StatusCode, 7587 Header: res.Header, 7588 } 7589 } 7590 if err != nil { 7591 return nil, err 7592 } 7593 defer googleapi.CloseBody(res) 7594 if err := googleapi.CheckResponse(res); err != nil { 7595 return nil, err 7596 } 7597 ret := &ServiceAccountKey{ 7598 ServerResponse: googleapi.ServerResponse{ 7599 Header: res.Header, 7600 HTTPStatusCode: res.StatusCode, 7601 }, 7602 } 7603 target := &ret 7604 if err := gensupport.DecodeResponse(target, res); err != nil { 7605 return nil, err 7606 } 7607 return ret, nil 7608 // { 7609 // "description": "Upload public key for a given service account.\nThis rpc will create a\nServiceAccountKey that has the\nprovided public key and returns it.", 7610 // "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys:upload", 7611 // "httpMethod": "POST", 7612 // "id": "iam.projects.serviceAccounts.keys.upload", 7613 // "parameterOrder": [ 7614 // "name" 7615 // ], 7616 // "parameters": { 7617 // "name": { 7618 // "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`.\nUsing `-` as a wildcard for the `PROJECT_ID` will infer the project from\nthe account. The `ACCOUNT` value can be the `email` address or the\n`unique_id` of the service account.", 7619 // "location": "path", 7620 // "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$", 7621 // "required": true, 7622 // "type": "string" 7623 // } 7624 // }, 7625 // "path": "v1/{+name}/keys:upload", 7626 // "request": { 7627 // "$ref": "UploadServiceAccountKeyRequest" 7628 // }, 7629 // "response": { 7630 // "$ref": "ServiceAccountKey" 7631 // }, 7632 // "scopes": [ 7633 // "https://www.googleapis.com/auth/cloud-platform" 7634 // ] 7635 // } 7636 7637} 7638 7639// method id "iam.roles.get": 7640 7641type RolesGetCall struct { 7642 s *Service 7643 name string 7644 urlParams_ gensupport.URLParams 7645 ifNoneMatch_ string 7646 ctx_ context.Context 7647 header_ http.Header 7648} 7649 7650// Get: Gets a Role definition. 7651func (r *RolesService) Get(name string) *RolesGetCall { 7652 c := &RolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7653 c.name = name 7654 return c 7655} 7656 7657// Fields allows partial responses to be retrieved. See 7658// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7659// for more information. 7660func (c *RolesGetCall) Fields(s ...googleapi.Field) *RolesGetCall { 7661 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7662 return c 7663} 7664 7665// IfNoneMatch sets the optional parameter which makes the operation 7666// fail if the object's ETag matches the given value. This is useful for 7667// getting updates only after the object has changed since the last 7668// request. Use googleapi.IsNotModified to check whether the response 7669// error from Do is the result of In-None-Match. 7670func (c *RolesGetCall) IfNoneMatch(entityTag string) *RolesGetCall { 7671 c.ifNoneMatch_ = entityTag 7672 return c 7673} 7674 7675// Context sets the context to be used in this call's Do method. Any 7676// pending HTTP request will be aborted if the provided context is 7677// canceled. 7678func (c *RolesGetCall) Context(ctx context.Context) *RolesGetCall { 7679 c.ctx_ = ctx 7680 return c 7681} 7682 7683// Header returns an http.Header that can be modified by the caller to 7684// add HTTP headers to the request. 7685func (c *RolesGetCall) Header() http.Header { 7686 if c.header_ == nil { 7687 c.header_ = make(http.Header) 7688 } 7689 return c.header_ 7690} 7691 7692func (c *RolesGetCall) doRequest(alt string) (*http.Response, error) { 7693 reqHeaders := make(http.Header) 7694 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 7695 for k, v := range c.header_ { 7696 reqHeaders[k] = v 7697 } 7698 reqHeaders.Set("User-Agent", c.s.userAgent()) 7699 if c.ifNoneMatch_ != "" { 7700 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7701 } 7702 var body io.Reader = nil 7703 c.urlParams_.Set("alt", alt) 7704 c.urlParams_.Set("prettyPrint", "false") 7705 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 7706 urls += "?" + c.urlParams_.Encode() 7707 req, err := http.NewRequest("GET", urls, body) 7708 if err != nil { 7709 return nil, err 7710 } 7711 req.Header = reqHeaders 7712 googleapi.Expand(req.URL, map[string]string{ 7713 "name": c.name, 7714 }) 7715 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7716} 7717 7718// Do executes the "iam.roles.get" call. 7719// Exactly one of *Role or error will be non-nil. Any non-2xx status 7720// code is an error. Response headers are in either 7721// *Role.ServerResponse.Header or (if a response was returned at all) in 7722// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 7723// whether the returned error was because http.StatusNotModified was 7724// returned. 7725func (c *RolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) { 7726 gensupport.SetOptions(c.urlParams_, opts...) 7727 res, err := c.doRequest("json") 7728 if res != nil && res.StatusCode == http.StatusNotModified { 7729 if res.Body != nil { 7730 res.Body.Close() 7731 } 7732 return nil, &googleapi.Error{ 7733 Code: res.StatusCode, 7734 Header: res.Header, 7735 } 7736 } 7737 if err != nil { 7738 return nil, err 7739 } 7740 defer googleapi.CloseBody(res) 7741 if err := googleapi.CheckResponse(res); err != nil { 7742 return nil, err 7743 } 7744 ret := &Role{ 7745 ServerResponse: googleapi.ServerResponse{ 7746 Header: res.Header, 7747 HTTPStatusCode: res.StatusCode, 7748 }, 7749 } 7750 target := &ret 7751 if err := gensupport.DecodeResponse(target, res); err != nil { 7752 return nil, err 7753 } 7754 return ret, nil 7755 // { 7756 // "description": "Gets a Role definition.", 7757 // "flatPath": "v1/roles/{rolesId}", 7758 // "httpMethod": "GET", 7759 // "id": "iam.roles.get", 7760 // "parameterOrder": [ 7761 // "name" 7762 // ], 7763 // "parameters": { 7764 // "name": { 7765 // "description": "The `name` parameter's value depends on the target resource for the\nrequest, namely\n[`roles`](/iam/reference/rest/v1/roles),\n[`projects`](/iam/reference/rest/v1/projects.roles), or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `name` value format is described below:\n\n* [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`.\n This method returns results from all\n [predefined roles](/iam/docs/understanding-roles#predefined_roles) in\n Cloud IAM. Example request URL:\n `https://iam.googleapis.com/v1/roles/{ROLE_NAME}`\n\n* [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get):\n `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only\n [custom roles](/iam/docs/understanding-custom-roles) that have been\n created at the project level. Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`\n\n* [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get):\n `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method\n returns only [custom roles](/iam/docs/understanding-custom-roles) that\n have been created at the organization level. Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 7766 // "location": "path", 7767 // "pattern": "^roles/[^/]+$", 7768 // "required": true, 7769 // "type": "string" 7770 // } 7771 // }, 7772 // "path": "v1/{+name}", 7773 // "response": { 7774 // "$ref": "Role" 7775 // }, 7776 // "scopes": [ 7777 // "https://www.googleapis.com/auth/cloud-platform" 7778 // ] 7779 // } 7780 7781} 7782 7783// method id "iam.roles.list": 7784 7785type RolesListCall struct { 7786 s *Service 7787 urlParams_ gensupport.URLParams 7788 ifNoneMatch_ string 7789 ctx_ context.Context 7790 header_ http.Header 7791} 7792 7793// List: Lists the Roles defined on a resource. 7794func (r *RolesService) List() *RolesListCall { 7795 c := &RolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7796 return c 7797} 7798 7799// PageSize sets the optional parameter "pageSize": Optional limit on 7800// the number of roles to include in the response. 7801func (c *RolesListCall) PageSize(pageSize int64) *RolesListCall { 7802 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 7803 return c 7804} 7805 7806// PageToken sets the optional parameter "pageToken": Optional 7807// pagination token returned in an earlier ListRolesResponse. 7808func (c *RolesListCall) PageToken(pageToken string) *RolesListCall { 7809 c.urlParams_.Set("pageToken", pageToken) 7810 return c 7811} 7812 7813// Parent sets the optional parameter "parent": The `parent` parameter's 7814// value depends on the target resource for the 7815// request, 7816// namely 7817// [`roles`](/iam/reference/rest/v1/roles), 7818// [`projects`](/iam/refe 7819// rence/rest/v1/projects.roles), 7820// or 7821// [`organizations`](/iam/reference/rest/v1/organizations.roles). 7822// Each 7823// resource type's `parent` value format is described below: 7824// 7825// * [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty 7826// string. 7827// This method doesn't require a resource; it simply returns all 7828// [predefined roles](/iam/docs/understanding-roles#predefined_roles) 7829// in 7830// Cloud IAM. Example request URL: 7831// `https://iam.googleapis.com/v1/roles` 7832// 7833// * 7834// [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list): 7835// 7836// `projects/{PROJECT_ID}`. This method lists all project-level 7837// [custom roles](/iam/docs/understanding-custom-roles). 7838// Example request URL: 7839// `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` 7840// 7841// * 7842// [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.ro 7843// les/list): 7844// `organizations/{ORGANIZATION_ID}`. This method lists all 7845// organization-level [custom 7846// roles](/iam/docs/understanding-custom-roles). 7847// Example request URL: 7848// 7849// `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` 7850// 7851// 7852// Note: Wildcard (*) values are invalid; you must specify a complete 7853// project 7854// ID or organization ID. 7855func (c *RolesListCall) Parent(parent string) *RolesListCall { 7856 c.urlParams_.Set("parent", parent) 7857 return c 7858} 7859 7860// ShowDeleted sets the optional parameter "showDeleted": Include Roles 7861// that have been deleted. 7862func (c *RolesListCall) ShowDeleted(showDeleted bool) *RolesListCall { 7863 c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) 7864 return c 7865} 7866 7867// View sets the optional parameter "view": Optional view for the 7868// returned Role objects. When `FULL` is specified, 7869// the `includedPermissions` field is returned, which includes a list of 7870// all 7871// permissions in the role. The default value is `BASIC`, which does 7872// not 7873// return the `includedPermissions` field. 7874// 7875// Possible values: 7876// "BASIC" 7877// "FULL" 7878func (c *RolesListCall) View(view string) *RolesListCall { 7879 c.urlParams_.Set("view", view) 7880 return c 7881} 7882 7883// Fields allows partial responses to be retrieved. See 7884// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7885// for more information. 7886func (c *RolesListCall) Fields(s ...googleapi.Field) *RolesListCall { 7887 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7888 return c 7889} 7890 7891// IfNoneMatch sets the optional parameter which makes the operation 7892// fail if the object's ETag matches the given value. This is useful for 7893// getting updates only after the object has changed since the last 7894// request. Use googleapi.IsNotModified to check whether the response 7895// error from Do is the result of In-None-Match. 7896func (c *RolesListCall) IfNoneMatch(entityTag string) *RolesListCall { 7897 c.ifNoneMatch_ = entityTag 7898 return c 7899} 7900 7901// Context sets the context to be used in this call's Do method. Any 7902// pending HTTP request will be aborted if the provided context is 7903// canceled. 7904func (c *RolesListCall) Context(ctx context.Context) *RolesListCall { 7905 c.ctx_ = ctx 7906 return c 7907} 7908 7909// Header returns an http.Header that can be modified by the caller to 7910// add HTTP headers to the request. 7911func (c *RolesListCall) Header() http.Header { 7912 if c.header_ == nil { 7913 c.header_ = make(http.Header) 7914 } 7915 return c.header_ 7916} 7917 7918func (c *RolesListCall) doRequest(alt string) (*http.Response, error) { 7919 reqHeaders := make(http.Header) 7920 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 7921 for k, v := range c.header_ { 7922 reqHeaders[k] = v 7923 } 7924 reqHeaders.Set("User-Agent", c.s.userAgent()) 7925 if c.ifNoneMatch_ != "" { 7926 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7927 } 7928 var body io.Reader = nil 7929 c.urlParams_.Set("alt", alt) 7930 c.urlParams_.Set("prettyPrint", "false") 7931 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/roles") 7932 urls += "?" + c.urlParams_.Encode() 7933 req, err := http.NewRequest("GET", urls, body) 7934 if err != nil { 7935 return nil, err 7936 } 7937 req.Header = reqHeaders 7938 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7939} 7940 7941// Do executes the "iam.roles.list" call. 7942// Exactly one of *ListRolesResponse or error will be non-nil. Any 7943// non-2xx status code is an error. Response headers are in either 7944// *ListRolesResponse.ServerResponse.Header or (if a response was 7945// returned at all) in error.(*googleapi.Error).Header. Use 7946// googleapi.IsNotModified to check whether the returned error was 7947// because http.StatusNotModified was returned. 7948func (c *RolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) { 7949 gensupport.SetOptions(c.urlParams_, opts...) 7950 res, err := c.doRequest("json") 7951 if res != nil && res.StatusCode == http.StatusNotModified { 7952 if res.Body != nil { 7953 res.Body.Close() 7954 } 7955 return nil, &googleapi.Error{ 7956 Code: res.StatusCode, 7957 Header: res.Header, 7958 } 7959 } 7960 if err != nil { 7961 return nil, err 7962 } 7963 defer googleapi.CloseBody(res) 7964 if err := googleapi.CheckResponse(res); err != nil { 7965 return nil, err 7966 } 7967 ret := &ListRolesResponse{ 7968 ServerResponse: googleapi.ServerResponse{ 7969 Header: res.Header, 7970 HTTPStatusCode: res.StatusCode, 7971 }, 7972 } 7973 target := &ret 7974 if err := gensupport.DecodeResponse(target, res); err != nil { 7975 return nil, err 7976 } 7977 return ret, nil 7978 // { 7979 // "description": "Lists the Roles defined on a resource.", 7980 // "flatPath": "v1/roles", 7981 // "httpMethod": "GET", 7982 // "id": "iam.roles.list", 7983 // "parameterOrder": [], 7984 // "parameters": { 7985 // "pageSize": { 7986 // "description": "Optional limit on the number of roles to include in the response.", 7987 // "format": "int32", 7988 // "location": "query", 7989 // "type": "integer" 7990 // }, 7991 // "pageToken": { 7992 // "description": "Optional pagination token returned in an earlier ListRolesResponse.", 7993 // "location": "query", 7994 // "type": "string" 7995 // }, 7996 // "parent": { 7997 // "description": "The `parent` parameter's value depends on the target resource for the\nrequest, namely\n[`roles`](/iam/reference/rest/v1/roles),\n[`projects`](/iam/reference/rest/v1/projects.roles), or\n[`organizations`](/iam/reference/rest/v1/organizations.roles). Each\nresource type's `parent` value format is described below:\n\n* [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string.\n This method doesn't require a resource; it simply returns all\n [predefined roles](/iam/docs/understanding-roles#predefined_roles) in\n Cloud IAM. Example request URL:\n `https://iam.googleapis.com/v1/roles`\n\n* [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list):\n `projects/{PROJECT_ID}`. This method lists all project-level\n [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles`\n\n* [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list):\n `organizations/{ORGANIZATION_ID}`. This method lists all\n organization-level [custom roles](/iam/docs/understanding-custom-roles).\n Example request URL:\n `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles`\n\nNote: Wildcard (*) values are invalid; you must specify a complete project\nID or organization ID.", 7998 // "location": "query", 7999 // "type": "string" 8000 // }, 8001 // "showDeleted": { 8002 // "description": "Include Roles that have been deleted.", 8003 // "location": "query", 8004 // "type": "boolean" 8005 // }, 8006 // "view": { 8007 // "description": "Optional view for the returned Role objects. When `FULL` is specified,\nthe `includedPermissions` field is returned, which includes a list of all\npermissions in the role. The default value is `BASIC`, which does not\nreturn the `includedPermissions` field.", 8008 // "enum": [ 8009 // "BASIC", 8010 // "FULL" 8011 // ], 8012 // "location": "query", 8013 // "type": "string" 8014 // } 8015 // }, 8016 // "path": "v1/roles", 8017 // "response": { 8018 // "$ref": "ListRolesResponse" 8019 // }, 8020 // "scopes": [ 8021 // "https://www.googleapis.com/auth/cloud-platform" 8022 // ] 8023 // } 8024 8025} 8026 8027// Pages invokes f for each page of results. 8028// A non-nil error returned from f will halt the iteration. 8029// The provided context supersedes any context provided to the Context method. 8030func (c *RolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error { 8031 c.ctx_ = ctx 8032 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 8033 for { 8034 x, err := c.Do() 8035 if err != nil { 8036 return err 8037 } 8038 if err := f(x); err != nil { 8039 return err 8040 } 8041 if x.NextPageToken == "" { 8042 return nil 8043 } 8044 c.PageToken(x.NextPageToken) 8045 } 8046} 8047 8048// method id "iam.roles.queryGrantableRoles": 8049 8050type RolesQueryGrantableRolesCall struct { 8051 s *Service 8052 querygrantablerolesrequest *QueryGrantableRolesRequest 8053 urlParams_ gensupport.URLParams 8054 ctx_ context.Context 8055 header_ http.Header 8056} 8057 8058// QueryGrantableRoles: Queries roles that can be granted on a 8059// particular resource. 8060// A role is grantable if it can be used as the role in a binding for a 8061// policy 8062// for that resource. 8063func (r *RolesService) QueryGrantableRoles(querygrantablerolesrequest *QueryGrantableRolesRequest) *RolesQueryGrantableRolesCall { 8064 c := &RolesQueryGrantableRolesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8065 c.querygrantablerolesrequest = querygrantablerolesrequest 8066 return c 8067} 8068 8069// Fields allows partial responses to be retrieved. See 8070// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8071// for more information. 8072func (c *RolesQueryGrantableRolesCall) Fields(s ...googleapi.Field) *RolesQueryGrantableRolesCall { 8073 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8074 return c 8075} 8076 8077// Context sets the context to be used in this call's Do method. Any 8078// pending HTTP request will be aborted if the provided context is 8079// canceled. 8080func (c *RolesQueryGrantableRolesCall) Context(ctx context.Context) *RolesQueryGrantableRolesCall { 8081 c.ctx_ = ctx 8082 return c 8083} 8084 8085// Header returns an http.Header that can be modified by the caller to 8086// add HTTP headers to the request. 8087func (c *RolesQueryGrantableRolesCall) Header() http.Header { 8088 if c.header_ == nil { 8089 c.header_ = make(http.Header) 8090 } 8091 return c.header_ 8092} 8093 8094func (c *RolesQueryGrantableRolesCall) doRequest(alt string) (*http.Response, error) { 8095 reqHeaders := make(http.Header) 8096 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200503") 8097 for k, v := range c.header_ { 8098 reqHeaders[k] = v 8099 } 8100 reqHeaders.Set("User-Agent", c.s.userAgent()) 8101 var body io.Reader = nil 8102 body, err := googleapi.WithoutDataWrapper.JSONReader(c.querygrantablerolesrequest) 8103 if err != nil { 8104 return nil, err 8105 } 8106 reqHeaders.Set("Content-Type", "application/json") 8107 c.urlParams_.Set("alt", alt) 8108 c.urlParams_.Set("prettyPrint", "false") 8109 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/roles:queryGrantableRoles") 8110 urls += "?" + c.urlParams_.Encode() 8111 req, err := http.NewRequest("POST", urls, body) 8112 if err != nil { 8113 return nil, err 8114 } 8115 req.Header = reqHeaders 8116 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8117} 8118 8119// Do executes the "iam.roles.queryGrantableRoles" call. 8120// Exactly one of *QueryGrantableRolesResponse or error will be non-nil. 8121// Any non-2xx status code is an error. Response headers are in either 8122// *QueryGrantableRolesResponse.ServerResponse.Header or (if a response 8123// was returned at all) in error.(*googleapi.Error).Header. Use 8124// googleapi.IsNotModified to check whether the returned error was 8125// because http.StatusNotModified was returned. 8126func (c *RolesQueryGrantableRolesCall) Do(opts ...googleapi.CallOption) (*QueryGrantableRolesResponse, error) { 8127 gensupport.SetOptions(c.urlParams_, opts...) 8128 res, err := c.doRequest("json") 8129 if res != nil && res.StatusCode == http.StatusNotModified { 8130 if res.Body != nil { 8131 res.Body.Close() 8132 } 8133 return nil, &googleapi.Error{ 8134 Code: res.StatusCode, 8135 Header: res.Header, 8136 } 8137 } 8138 if err != nil { 8139 return nil, err 8140 } 8141 defer googleapi.CloseBody(res) 8142 if err := googleapi.CheckResponse(res); err != nil { 8143 return nil, err 8144 } 8145 ret := &QueryGrantableRolesResponse{ 8146 ServerResponse: googleapi.ServerResponse{ 8147 Header: res.Header, 8148 HTTPStatusCode: res.StatusCode, 8149 }, 8150 } 8151 target := &ret 8152 if err := gensupport.DecodeResponse(target, res); err != nil { 8153 return nil, err 8154 } 8155 return ret, nil 8156 // { 8157 // "description": "Queries roles that can be granted on a particular resource.\nA role is grantable if it can be used as the role in a binding for a policy\nfor that resource.", 8158 // "flatPath": "v1/roles:queryGrantableRoles", 8159 // "httpMethod": "POST", 8160 // "id": "iam.roles.queryGrantableRoles", 8161 // "parameterOrder": [], 8162 // "parameters": {}, 8163 // "path": "v1/roles:queryGrantableRoles", 8164 // "request": { 8165 // "$ref": "QueryGrantableRolesRequest" 8166 // }, 8167 // "response": { 8168 // "$ref": "QueryGrantableRolesResponse" 8169 // }, 8170 // "scopes": [ 8171 // "https://www.googleapis.com/auth/cloud-platform" 8172 // ] 8173 // } 8174 8175} 8176 8177// Pages invokes f for each page of results. 8178// A non-nil error returned from f will halt the iteration. 8179// The provided context supersedes any context provided to the Context method. 8180func (c *RolesQueryGrantableRolesCall) Pages(ctx context.Context, f func(*QueryGrantableRolesResponse) error) error { 8181 c.ctx_ = ctx 8182 defer func(pt string) { c.querygrantablerolesrequest.PageToken = pt }(c.querygrantablerolesrequest.PageToken) // reset paging to original point 8183 for { 8184 x, err := c.Do() 8185 if err != nil { 8186 return err 8187 } 8188 if err := f(x); err != nil { 8189 return err 8190 } 8191 if x.NextPageToken == "" { 8192 return nil 8193 } 8194 c.querygrantablerolesrequest.PageToken = x.NextPageToken 8195 } 8196} 8197