2018-08-22 21:14:52 +00:00
|
|
|
# Copyright 2015 Google Inc.
|
|
|
|
#
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
#
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
# limitations under the License.
|
|
|
|
|
|
|
|
require 'google/apis/core/base_service'
|
|
|
|
require 'google/apis/core/json_representation'
|
|
|
|
require 'google/apis/core/hashable'
|
|
|
|
require 'google/apis/errors'
|
|
|
|
|
|
|
|
module Google
|
|
|
|
module Apis
|
|
|
|
module BinaryauthorizationV1beta1
|
|
|
|
# Binary Authorization API
|
|
|
|
#
|
|
|
|
# The management interface for Binary Authorization, a system providing policy
|
|
|
|
# control for images deployed to Kubernetes Engine clusters.
|
|
|
|
#
|
|
|
|
# @example
|
|
|
|
# require 'google/apis/binaryauthorization_v1beta1'
|
|
|
|
#
|
|
|
|
# Binaryauthorization = Google::Apis::BinaryauthorizationV1beta1 # Alias the module
|
|
|
|
# service = Binaryauthorization::BinaryAuthorizationService.new
|
|
|
|
#
|
|
|
|
# @see https://cloud.google.com/binary-authorization/
|
|
|
|
class BinaryAuthorizationService < Google::Apis::Core::BaseService
|
|
|
|
# @return [String]
|
|
|
|
# API key. Your API key identifies your project and provides you with API access,
|
|
|
|
# quota, and reports. Required unless you provide an OAuth 2.0 token.
|
|
|
|
attr_accessor :key
|
|
|
|
|
|
|
|
# @return [String]
|
|
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
|
|
attr_accessor :quota_user
|
|
|
|
|
|
|
|
def initialize
|
|
|
|
super('https://binaryauthorization.googleapis.com/', '')
|
|
|
|
@batch_path = 'batch'
|
|
|
|
end
|
|
|
|
|
2019-05-15 00:38:02 +00:00
|
|
|
# A policy specifies the attestors that must attest to
|
|
|
|
# a container image, before the project is allowed to deploy that
|
|
|
|
# image. There is at most one policy per project. All image admission
|
|
|
|
# requests are permitted if a project has no policy.
|
2018-08-22 21:14:52 +00:00
|
|
|
# Gets the policy for this project. Returns a default
|
|
|
|
# policy if the project does not have one.
|
|
|
|
# @param [String] name
|
|
|
|
# Required. The resource name of the policy to retrieve,
|
|
|
|
# in the format `projects/*/policy`.
|
|
|
|
# @param [String] fields
|
|
|
|
# Selector specifying which fields to include in a partial response.
|
|
|
|
# @param [String] quota_user
|
|
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
|
|
# @param [Google::Apis::RequestOptions] options
|
|
|
|
# Request-specific options
|
|
|
|
#
|
|
|
|
# @yield [result, err] Result & error if block supplied
|
|
|
|
# @yieldparam result [Google::Apis::BinaryauthorizationV1beta1::Policy] parsed result object
|
|
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
|
|
#
|
|
|
|
# @return [Google::Apis::BinaryauthorizationV1beta1::Policy]
|
|
|
|
#
|
|
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
|
|
|
def get_project_policy(name, fields: nil, quota_user: nil, options: nil, &block)
|
2019-05-10 00:37:26 +00:00
|
|
|
command = make_simple_command(:get, 'v1beta1/{+name}', options)
|
2018-08-22 21:14:52 +00:00
|
|
|
command.response_representation = Google::Apis::BinaryauthorizationV1beta1::Policy::Representation
|
|
|
|
command.response_class = Google::Apis::BinaryauthorizationV1beta1::Policy
|
|
|
|
command.params['name'] = name unless name.nil?
|
|
|
|
command.query['fields'] = fields unless fields.nil?
|
|
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
|
|
execute_or_queue_command(command, &block)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Creates or updates a project's policy, and returns a copy of the
|
|
|
|
# new policy. A policy is always updated as a whole, to avoid race
|
|
|
|
# conditions with concurrent policy enforcement (or management!)
|
|
|
|
# requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT
|
|
|
|
# if the request is malformed.
|
|
|
|
# @param [String] name
|
|
|
|
# Output only. The resource name, in the format `projects/*/policy`. There is
|
|
|
|
# at most one policy per project.
|
|
|
|
# @param [Google::Apis::BinaryauthorizationV1beta1::Policy] policy_object
|
|
|
|
# @param [String] fields
|
|
|
|
# Selector specifying which fields to include in a partial response.
|
|
|
|
# @param [String] quota_user
|
|
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
|
|
# @param [Google::Apis::RequestOptions] options
|
|
|
|
# Request-specific options
|
|
|
|
#
|
|
|
|
# @yield [result, err] Result & error if block supplied
|
|
|
|
# @yieldparam result [Google::Apis::BinaryauthorizationV1beta1::Policy] parsed result object
|
|
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
|
|
#
|
|
|
|
# @return [Google::Apis::BinaryauthorizationV1beta1::Policy]
|
|
|
|
#
|
|
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
|
|
|
def update_project_policy(name, policy_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
2019-05-10 00:37:26 +00:00
|
|
|
command = make_simple_command(:put, 'v1beta1/{+name}', options)
|
2018-08-22 21:14:52 +00:00
|
|
|
command.request_representation = Google::Apis::BinaryauthorizationV1beta1::Policy::Representation
|
|
|
|
command.request_object = policy_object
|
|
|
|
command.response_representation = Google::Apis::BinaryauthorizationV1beta1::Policy::Representation
|
|
|
|
command.response_class = Google::Apis::BinaryauthorizationV1beta1::Policy
|
|
|
|
command.params['name'] = name unless name.nil?
|
|
|
|
command.query['fields'] = fields unless fields.nil?
|
|
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
|
|
execute_or_queue_command(command, &block)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Creates an attestor, and returns a copy of the new
|
|
|
|
# attestor. Returns NOT_FOUND if the project does not exist,
|
|
|
|
# INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the
|
|
|
|
# attestor already exists.
|
|
|
|
# @param [String] parent
|
|
|
|
# Required. The parent of this attestor.
|
|
|
|
# @param [Google::Apis::BinaryauthorizationV1beta1::Attestor] attestor_object
|
|
|
|
# @param [String] attestor_id
|
|
|
|
# Required. The attestors ID.
|
|
|
|
# @param [String] fields
|
|
|
|
# Selector specifying which fields to include in a partial response.
|
|
|
|
# @param [String] quota_user
|
|
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
|
|
# @param [Google::Apis::RequestOptions] options
|
|
|
|
# Request-specific options
|
|
|
|
#
|
|
|
|
# @yield [result, err] Result & error if block supplied
|
|
|
|
# @yieldparam result [Google::Apis::BinaryauthorizationV1beta1::Attestor] parsed result object
|
|
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
|
|
#
|
|
|
|
# @return [Google::Apis::BinaryauthorizationV1beta1::Attestor]
|
|
|
|
#
|
|
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
|
|
|
def create_project_attestor(parent, attestor_object = nil, attestor_id: nil, fields: nil, quota_user: nil, options: nil, &block)
|
2019-05-10 00:37:26 +00:00
|
|
|
command = make_simple_command(:post, 'v1beta1/{+parent}/attestors', options)
|
2018-08-22 21:14:52 +00:00
|
|
|
command.request_representation = Google::Apis::BinaryauthorizationV1beta1::Attestor::Representation
|
|
|
|
command.request_object = attestor_object
|
|
|
|
command.response_representation = Google::Apis::BinaryauthorizationV1beta1::Attestor::Representation
|
|
|
|
command.response_class = Google::Apis::BinaryauthorizationV1beta1::Attestor
|
|
|
|
command.params['parent'] = parent unless parent.nil?
|
|
|
|
command.query['attestorId'] = attestor_id unless attestor_id.nil?
|
|
|
|
command.query['fields'] = fields unless fields.nil?
|
|
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
|
|
execute_or_queue_command(command, &block)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Deletes an attestor. Returns NOT_FOUND if the
|
|
|
|
# attestor does not exist.
|
|
|
|
# @param [String] name
|
|
|
|
# Required. The name of the attestors to delete, in the format
|
|
|
|
# `projects/*/attestors/*`.
|
|
|
|
# @param [String] fields
|
|
|
|
# Selector specifying which fields to include in a partial response.
|
|
|
|
# @param [String] quota_user
|
|
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
|
|
# @param [Google::Apis::RequestOptions] options
|
|
|
|
# Request-specific options
|
|
|
|
#
|
|
|
|
# @yield [result, err] Result & error if block supplied
|
|
|
|
# @yieldparam result [Google::Apis::BinaryauthorizationV1beta1::Empty] parsed result object
|
|
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
|
|
#
|
|
|
|
# @return [Google::Apis::BinaryauthorizationV1beta1::Empty]
|
|
|
|
#
|
|
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
|
|
|
def delete_project_attestor(name, fields: nil, quota_user: nil, options: nil, &block)
|
2019-05-10 00:37:26 +00:00
|
|
|
command = make_simple_command(:delete, 'v1beta1/{+name}', options)
|
2018-08-22 21:14:52 +00:00
|
|
|
command.response_representation = Google::Apis::BinaryauthorizationV1beta1::Empty::Representation
|
|
|
|
command.response_class = Google::Apis::BinaryauthorizationV1beta1::Empty
|
|
|
|
command.params['name'] = name unless name.nil?
|
|
|
|
command.query['fields'] = fields unless fields.nil?
|
|
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
|
|
execute_or_queue_command(command, &block)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Gets an attestor.
|
|
|
|
# Returns NOT_FOUND if the attestor does not exist.
|
|
|
|
# @param [String] name
|
|
|
|
# Required. The name of the attestor to retrieve, in the format
|
|
|
|
# `projects/*/attestors/*`.
|
|
|
|
# @param [String] fields
|
|
|
|
# Selector specifying which fields to include in a partial response.
|
|
|
|
# @param [String] quota_user
|
|
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
|
|
# @param [Google::Apis::RequestOptions] options
|
|
|
|
# Request-specific options
|
|
|
|
#
|
|
|
|
# @yield [result, err] Result & error if block supplied
|
|
|
|
# @yieldparam result [Google::Apis::BinaryauthorizationV1beta1::Attestor] parsed result object
|
|
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
|
|
#
|
|
|
|
# @return [Google::Apis::BinaryauthorizationV1beta1::Attestor]
|
|
|
|
#
|
|
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
|
|
|
def get_project_attestor(name, fields: nil, quota_user: nil, options: nil, &block)
|
2019-05-10 00:37:26 +00:00
|
|
|
command = make_simple_command(:get, 'v1beta1/{+name}', options)
|
2018-08-22 21:14:52 +00:00
|
|
|
command.response_representation = Google::Apis::BinaryauthorizationV1beta1::Attestor::Representation
|
|
|
|
command.response_class = Google::Apis::BinaryauthorizationV1beta1::Attestor
|
|
|
|
command.params['name'] = name unless name.nil?
|
|
|
|
command.query['fields'] = fields unless fields.nil?
|
|
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
|
|
execute_or_queue_command(command, &block)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Gets the access control policy for a resource.
|
|
|
|
# Returns an empty policy if the resource exists and does not have a policy
|
|
|
|
# set.
|
|
|
|
# @param [String] resource
|
|
|
|
# REQUIRED: The resource for which the policy is being requested.
|
|
|
|
# See the operation documentation for the appropriate value for this field.
|
2019-07-02 00:37:58 +00:00
|
|
|
# @param [Fixnum] options_requested_policy_version
|
|
|
|
# Optional. The policy format version to be returned.
|
2019-09-10 21:25:47 +00:00
|
|
|
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
|
|
|
# rejected.
|
|
|
|
# Requests for policies with any conditional bindings must specify version 3.
|
|
|
|
# Policies without any conditional bindings may specify any valid value or
|
|
|
|
# leave the field unset.
|
2020-05-07 20:07:42 +00:00
|
|
|
# To learn which resources support conditions in their IAM policies, see the
|
|
|
|
# [IAM
|
|
|
|
# documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
|
2018-08-22 21:14:52 +00:00
|
|
|
# @param [String] fields
|
|
|
|
# Selector specifying which fields to include in a partial response.
|
|
|
|
# @param [String] quota_user
|
|
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
|
|
# @param [Google::Apis::RequestOptions] options
|
|
|
|
# Request-specific options
|
|
|
|
#
|
|
|
|
# @yield [result, err] Result & error if block supplied
|
|
|
|
# @yieldparam result [Google::Apis::BinaryauthorizationV1beta1::IamPolicy] parsed result object
|
|
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
|
|
#
|
|
|
|
# @return [Google::Apis::BinaryauthorizationV1beta1::IamPolicy]
|
|
|
|
#
|
|
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
2019-07-02 00:37:58 +00:00
|
|
|
def get_project_attestor_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block)
|
2019-05-10 00:37:26 +00:00
|
|
|
command = make_simple_command(:get, 'v1beta1/{+resource}:getIamPolicy', options)
|
2018-08-22 21:14:52 +00:00
|
|
|
command.response_representation = Google::Apis::BinaryauthorizationV1beta1::IamPolicy::Representation
|
|
|
|
command.response_class = Google::Apis::BinaryauthorizationV1beta1::IamPolicy
|
|
|
|
command.params['resource'] = resource unless resource.nil?
|
2019-07-02 00:37:58 +00:00
|
|
|
command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil?
|
2018-08-22 21:14:52 +00:00
|
|
|
command.query['fields'] = fields unless fields.nil?
|
|
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
|
|
execute_or_queue_command(command, &block)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Lists attestors.
|
|
|
|
# Returns INVALID_ARGUMENT if the project does not exist.
|
|
|
|
# @param [String] parent
|
|
|
|
# Required. The resource name of the project associated with the
|
|
|
|
# attestors, in the format `projects/*`.
|
|
|
|
# @param [Fixnum] page_size
|
|
|
|
# Requested page size. The server may return fewer results than requested. If
|
|
|
|
# unspecified, the server will pick an appropriate default.
|
|
|
|
# @param [String] page_token
|
|
|
|
# A token identifying a page of results the server should return. Typically,
|
|
|
|
# this is the value of ListAttestorsResponse.next_page_token returned
|
|
|
|
# from the previous call to the `ListAttestors` method.
|
|
|
|
# @param [String] fields
|
|
|
|
# Selector specifying which fields to include in a partial response.
|
|
|
|
# @param [String] quota_user
|
|
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
|
|
# @param [Google::Apis::RequestOptions] options
|
|
|
|
# Request-specific options
|
|
|
|
#
|
|
|
|
# @yield [result, err] Result & error if block supplied
|
|
|
|
# @yieldparam result [Google::Apis::BinaryauthorizationV1beta1::ListAttestorsResponse] parsed result object
|
|
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
|
|
#
|
|
|
|
# @return [Google::Apis::BinaryauthorizationV1beta1::ListAttestorsResponse]
|
|
|
|
#
|
|
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
|
|
|
def list_project_attestors(parent, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
|
2019-05-10 00:37:26 +00:00
|
|
|
command = make_simple_command(:get, 'v1beta1/{+parent}/attestors', options)
|
2018-08-22 21:14:52 +00:00
|
|
|
command.response_representation = Google::Apis::BinaryauthorizationV1beta1::ListAttestorsResponse::Representation
|
|
|
|
command.response_class = Google::Apis::BinaryauthorizationV1beta1::ListAttestorsResponse
|
|
|
|
command.params['parent'] = parent unless parent.nil?
|
|
|
|
command.query['pageSize'] = page_size unless page_size.nil?
|
|
|
|
command.query['pageToken'] = page_token unless page_token.nil?
|
|
|
|
command.query['fields'] = fields unless fields.nil?
|
|
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
|
|
execute_or_queue_command(command, &block)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Sets the access control policy on the specified resource. Replaces any
|
|
|
|
# existing policy.
|
2020-05-07 20:07:42 +00:00
|
|
|
# Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.
|
2018-08-22 21:14:52 +00:00
|
|
|
# @param [String] resource
|
|
|
|
# REQUIRED: The resource for which the policy is being specified.
|
|
|
|
# See the operation documentation for the appropriate value for this field.
|
|
|
|
# @param [Google::Apis::BinaryauthorizationV1beta1::SetIamPolicyRequest] set_iam_policy_request_object
|
|
|
|
# @param [String] fields
|
|
|
|
# Selector specifying which fields to include in a partial response.
|
|
|
|
# @param [String] quota_user
|
|
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
|
|
# @param [Google::Apis::RequestOptions] options
|
|
|
|
# Request-specific options
|
|
|
|
#
|
|
|
|
# @yield [result, err] Result & error if block supplied
|
|
|
|
# @yieldparam result [Google::Apis::BinaryauthorizationV1beta1::IamPolicy] parsed result object
|
|
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
|
|
#
|
|
|
|
# @return [Google::Apis::BinaryauthorizationV1beta1::IamPolicy]
|
|
|
|
#
|
|
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
|
|
|
def set_attestor_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
2019-05-10 00:37:26 +00:00
|
|
|
command = make_simple_command(:post, 'v1beta1/{+resource}:setIamPolicy', options)
|
2018-08-22 21:14:52 +00:00
|
|
|
command.request_representation = Google::Apis::BinaryauthorizationV1beta1::SetIamPolicyRequest::Representation
|
|
|
|
command.request_object = set_iam_policy_request_object
|
|
|
|
command.response_representation = Google::Apis::BinaryauthorizationV1beta1::IamPolicy::Representation
|
|
|
|
command.response_class = Google::Apis::BinaryauthorizationV1beta1::IamPolicy
|
|
|
|
command.params['resource'] = resource unless resource.nil?
|
|
|
|
command.query['fields'] = fields unless fields.nil?
|
|
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
|
|
execute_or_queue_command(command, &block)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Returns permissions that a caller has on the specified resource.
|
|
|
|
# If the resource does not exist, this will return an empty set of
|
2020-05-07 20:07:42 +00:00
|
|
|
# permissions, not a `NOT_FOUND` error.
|
2018-08-22 21:14:52 +00:00
|
|
|
# Note: This operation is designed to be used for building permission-aware
|
|
|
|
# UIs and command-line tools, not for authorization checking. This operation
|
|
|
|
# may "fail open" without warning.
|
|
|
|
# @param [String] resource
|
|
|
|
# REQUIRED: The resource for which the policy detail is being requested.
|
|
|
|
# See the operation documentation for the appropriate value for this field.
|
|
|
|
# @param [Google::Apis::BinaryauthorizationV1beta1::TestIamPermissionsRequest] test_iam_permissions_request_object
|
|
|
|
# @param [String] fields
|
|
|
|
# Selector specifying which fields to include in a partial response.
|
|
|
|
# @param [String] quota_user
|
|
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
|
|
# @param [Google::Apis::RequestOptions] options
|
|
|
|
# Request-specific options
|
|
|
|
#
|
|
|
|
# @yield [result, err] Result & error if block supplied
|
|
|
|
# @yieldparam result [Google::Apis::BinaryauthorizationV1beta1::TestIamPermissionsResponse] parsed result object
|
|
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
|
|
#
|
|
|
|
# @return [Google::Apis::BinaryauthorizationV1beta1::TestIamPermissionsResponse]
|
|
|
|
#
|
|
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
|
|
|
def test_attestor_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
2019-05-10 00:37:26 +00:00
|
|
|
command = make_simple_command(:post, 'v1beta1/{+resource}:testIamPermissions', options)
|
2018-08-22 21:14:52 +00:00
|
|
|
command.request_representation = Google::Apis::BinaryauthorizationV1beta1::TestIamPermissionsRequest::Representation
|
|
|
|
command.request_object = test_iam_permissions_request_object
|
|
|
|
command.response_representation = Google::Apis::BinaryauthorizationV1beta1::TestIamPermissionsResponse::Representation
|
|
|
|
command.response_class = Google::Apis::BinaryauthorizationV1beta1::TestIamPermissionsResponse
|
|
|
|
command.params['resource'] = resource unless resource.nil?
|
|
|
|
command.query['fields'] = fields unless fields.nil?
|
|
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
|
|
execute_or_queue_command(command, &block)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Updates an attestor.
|
|
|
|
# Returns NOT_FOUND if the attestor does not exist.
|
|
|
|
# @param [String] name
|
|
|
|
# Required. The resource name, in the format:
|
|
|
|
# `projects/*/attestors/*`. This field may not be updated.
|
|
|
|
# @param [Google::Apis::BinaryauthorizationV1beta1::Attestor] attestor_object
|
|
|
|
# @param [String] fields
|
|
|
|
# Selector specifying which fields to include in a partial response.
|
|
|
|
# @param [String] quota_user
|
|
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
|
|
# @param [Google::Apis::RequestOptions] options
|
|
|
|
# Request-specific options
|
|
|
|
#
|
|
|
|
# @yield [result, err] Result & error if block supplied
|
|
|
|
# @yieldparam result [Google::Apis::BinaryauthorizationV1beta1::Attestor] parsed result object
|
|
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
|
|
#
|
|
|
|
# @return [Google::Apis::BinaryauthorizationV1beta1::Attestor]
|
|
|
|
#
|
|
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
|
|
|
def update_project_attestor(name, attestor_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
2019-05-10 00:37:26 +00:00
|
|
|
command = make_simple_command(:put, 'v1beta1/{+name}', options)
|
2018-08-22 21:14:52 +00:00
|
|
|
command.request_representation = Google::Apis::BinaryauthorizationV1beta1::Attestor::Representation
|
|
|
|
command.request_object = attestor_object
|
|
|
|
command.response_representation = Google::Apis::BinaryauthorizationV1beta1::Attestor::Representation
|
|
|
|
command.response_class = Google::Apis::BinaryauthorizationV1beta1::Attestor
|
|
|
|
command.params['name'] = name unless name.nil?
|
|
|
|
command.query['fields'] = fields unless fields.nil?
|
|
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
|
|
execute_or_queue_command(command, &block)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Gets the access control policy for a resource.
|
|
|
|
# Returns an empty policy if the resource exists and does not have a policy
|
|
|
|
# set.
|
|
|
|
# @param [String] resource
|
|
|
|
# REQUIRED: The resource for which the policy is being requested.
|
|
|
|
# See the operation documentation for the appropriate value for this field.
|
2019-07-02 00:37:58 +00:00
|
|
|
# @param [Fixnum] options_requested_policy_version
|
|
|
|
# Optional. The policy format version to be returned.
|
2019-09-10 21:25:47 +00:00
|
|
|
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
|
|
|
# rejected.
|
|
|
|
# Requests for policies with any conditional bindings must specify version 3.
|
|
|
|
# Policies without any conditional bindings may specify any valid value or
|
|
|
|
# leave the field unset.
|
2020-05-07 20:07:42 +00:00
|
|
|
# To learn which resources support conditions in their IAM policies, see the
|
|
|
|
# [IAM
|
|
|
|
# documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
|
2018-08-22 21:14:52 +00:00
|
|
|
# @param [String] fields
|
|
|
|
# Selector specifying which fields to include in a partial response.
|
|
|
|
# @param [String] quota_user
|
|
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
|
|
# @param [Google::Apis::RequestOptions] options
|
|
|
|
# Request-specific options
|
|
|
|
#
|
|
|
|
# @yield [result, err] Result & error if block supplied
|
|
|
|
# @yieldparam result [Google::Apis::BinaryauthorizationV1beta1::IamPolicy] parsed result object
|
|
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
|
|
#
|
|
|
|
# @return [Google::Apis::BinaryauthorizationV1beta1::IamPolicy]
|
|
|
|
#
|
|
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
2019-07-02 00:37:58 +00:00
|
|
|
def get_project_policy_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block)
|
2019-05-10 00:37:26 +00:00
|
|
|
command = make_simple_command(:get, 'v1beta1/{+resource}:getIamPolicy', options)
|
2018-08-22 21:14:52 +00:00
|
|
|
command.response_representation = Google::Apis::BinaryauthorizationV1beta1::IamPolicy::Representation
|
|
|
|
command.response_class = Google::Apis::BinaryauthorizationV1beta1::IamPolicy
|
|
|
|
command.params['resource'] = resource unless resource.nil?
|
2019-07-02 00:37:58 +00:00
|
|
|
command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil?
|
2018-08-22 21:14:52 +00:00
|
|
|
command.query['fields'] = fields unless fields.nil?
|
|
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
|
|
execute_or_queue_command(command, &block)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Sets the access control policy on the specified resource. Replaces any
|
|
|
|
# existing policy.
|
2020-05-07 20:07:42 +00:00
|
|
|
# Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.
|
2018-08-22 21:14:52 +00:00
|
|
|
# @param [String] resource
|
|
|
|
# REQUIRED: The resource for which the policy is being specified.
|
|
|
|
# See the operation documentation for the appropriate value for this field.
|
|
|
|
# @param [Google::Apis::BinaryauthorizationV1beta1::SetIamPolicyRequest] set_iam_policy_request_object
|
|
|
|
# @param [String] fields
|
|
|
|
# Selector specifying which fields to include in a partial response.
|
|
|
|
# @param [String] quota_user
|
|
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
|
|
# @param [Google::Apis::RequestOptions] options
|
|
|
|
# Request-specific options
|
|
|
|
#
|
|
|
|
# @yield [result, err] Result & error if block supplied
|
|
|
|
# @yieldparam result [Google::Apis::BinaryauthorizationV1beta1::IamPolicy] parsed result object
|
|
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
|
|
#
|
|
|
|
# @return [Google::Apis::BinaryauthorizationV1beta1::IamPolicy]
|
|
|
|
#
|
|
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
|
|
|
def set_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
2019-05-10 00:37:26 +00:00
|
|
|
command = make_simple_command(:post, 'v1beta1/{+resource}:setIamPolicy', options)
|
2018-08-22 21:14:52 +00:00
|
|
|
command.request_representation = Google::Apis::BinaryauthorizationV1beta1::SetIamPolicyRequest::Representation
|
|
|
|
command.request_object = set_iam_policy_request_object
|
|
|
|
command.response_representation = Google::Apis::BinaryauthorizationV1beta1::IamPolicy::Representation
|
|
|
|
command.response_class = Google::Apis::BinaryauthorizationV1beta1::IamPolicy
|
|
|
|
command.params['resource'] = resource unless resource.nil?
|
|
|
|
command.query['fields'] = fields unless fields.nil?
|
|
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
|
|
execute_or_queue_command(command, &block)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Returns permissions that a caller has on the specified resource.
|
|
|
|
# If the resource does not exist, this will return an empty set of
|
2020-05-07 20:07:42 +00:00
|
|
|
# permissions, not a `NOT_FOUND` error.
|
2018-08-22 21:14:52 +00:00
|
|
|
# Note: This operation is designed to be used for building permission-aware
|
|
|
|
# UIs and command-line tools, not for authorization checking. This operation
|
|
|
|
# may "fail open" without warning.
|
|
|
|
# @param [String] resource
|
|
|
|
# REQUIRED: The resource for which the policy detail is being requested.
|
|
|
|
# See the operation documentation for the appropriate value for this field.
|
|
|
|
# @param [Google::Apis::BinaryauthorizationV1beta1::TestIamPermissionsRequest] test_iam_permissions_request_object
|
|
|
|
# @param [String] fields
|
|
|
|
# Selector specifying which fields to include in a partial response.
|
|
|
|
# @param [String] quota_user
|
|
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
|
|
# @param [Google::Apis::RequestOptions] options
|
|
|
|
# Request-specific options
|
|
|
|
#
|
|
|
|
# @yield [result, err] Result & error if block supplied
|
|
|
|
# @yieldparam result [Google::Apis::BinaryauthorizationV1beta1::TestIamPermissionsResponse] parsed result object
|
|
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
|
|
#
|
|
|
|
# @return [Google::Apis::BinaryauthorizationV1beta1::TestIamPermissionsResponse]
|
|
|
|
#
|
|
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
|
|
|
def test_policy_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
2019-05-10 00:37:26 +00:00
|
|
|
command = make_simple_command(:post, 'v1beta1/{+resource}:testIamPermissions', options)
|
2018-08-22 21:14:52 +00:00
|
|
|
command.request_representation = Google::Apis::BinaryauthorizationV1beta1::TestIamPermissionsRequest::Representation
|
|
|
|
command.request_object = test_iam_permissions_request_object
|
|
|
|
command.response_representation = Google::Apis::BinaryauthorizationV1beta1::TestIamPermissionsResponse::Representation
|
|
|
|
command.response_class = Google::Apis::BinaryauthorizationV1beta1::TestIamPermissionsResponse
|
|
|
|
command.params['resource'] = resource unless resource.nil?
|
|
|
|
command.query['fields'] = fields unless fields.nil?
|
|
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
|
|
execute_or_queue_command(command, &block)
|
|
|
|
end
|
|
|
|
|
|
|
|
protected
|
|
|
|
|
|
|
|
def apply_command_defaults(command)
|
|
|
|
command.query['key'] = key unless key.nil?
|
|
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|