Constants
Policies_ListPolicies_FullMethodName, Policies_GetPolicy_FullMethodName, Policies_CreatePolicy_FullMethodName, Policies_UpdatePolicy_FullMethodName, Policies_DeletePolicy_FullMethodName
const
(
Policies_ListPolicies_FullMethodName
=
"/google.iam.v2.Policies/ListPolicies"
Policies_GetPolicy_FullMethodName
=
"/google.iam.v2.Policies/GetPolicy"
Policies_CreatePolicy_FullMethodName
=
"/google.iam.v2.Policies/CreatePolicy"
Policies_UpdatePolicy_FullMethodName
=
"/google.iam.v2.Policies/UpdatePolicy"
Policies_DeletePolicy_FullMethodName
=
"/google.iam.v2.Policies/DeletePolicy"
)
Variables
File_google_iam_v2_deny_proto
var
File_google_iam_v2_deny_proto
protoreflect
.
FileDescriptor
File_google_iam_v2_policy_proto
var
File_google_iam_v2_policy_proto
protoreflect
.
FileDescriptor
Policies_ServiceDesc
var
Policies_ServiceDesc
=
grpc
.
ServiceDesc
{
ServiceName
:
"google.iam.v2.Policies"
,
HandlerType
:
(
*
PoliciesServer
)(
nil
),
Methods
:
[]
grpc
.
MethodDesc
{
{
MethodName
:
"ListPolicies"
,
Handler
:
_Policies_ListPolicies_Handler
,
},
{
MethodName
:
"GetPolicy"
,
Handler
:
_Policies_GetPolicy_Handler
,
},
{
MethodName
:
"CreatePolicy"
,
Handler
:
_Policies_CreatePolicy_Handler
,
},
{
MethodName
:
"UpdatePolicy"
,
Handler
:
_Policies_UpdatePolicy_Handler
,
},
{
MethodName
:
"DeletePolicy"
,
Handler
:
_Policies_DeletePolicy_Handler
,
},
},
Streams
:
[]
grpc
.
StreamDesc
{},
Metadata
:
"google/iam/v2/policy.proto"
,
}
Policies_ServiceDesc is the grpc.ServiceDesc for Policies service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)
Functions
func RegisterPoliciesServer
func
RegisterPoliciesServer
(
s
grpc
.
ServiceRegistrar
,
srv
PoliciesServer
)
CreatePolicyRequest
type
CreatePolicyRequest
struct
{
// Required. The resource that the policy is attached to, along with the kind of policy
// to create. Format: `policies/{attachment_point}/denypolicies`
//
// The attachment point is identified by its URL-encoded full resource name,
// which means that the forward-slash character, `/`, must be written as
// `%2F`. For example,
// `policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies`.
//
// For organizations and folders, use the numeric ID in the full resource
// name. For projects, you can use the alphanumeric or the numeric ID.
Parent
string
`protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Required. The policy to create.
Policy
*
Policy
`protobuf:"bytes,2,opt,name=policy,proto3" json:"policy,omitempty"`
// The ID to use for this policy, which will become the final component of
// the policy's resource name. The ID must contain 3 to 63 characters. It can
// contain lowercase letters and numbers, as well as dashes (`-`) and periods
// (`.`). The first character must be a lowercase letter.
PolicyId
string
`protobuf:"bytes,3,opt,name=policy_id,json=policyId,proto3" json:"policy_id,omitempty"`
// contains filtered or unexported fields
}
Request message for CreatePolicy
.
func (*CreatePolicyRequest) Descriptor
func
(
*
CreatePolicyRequest
)
Descriptor
()
([]
byte
,
[]
int
)
Deprecated: Use CreatePolicyRequest.ProtoReflect.Descriptor instead.
func (*CreatePolicyRequest) GetParent
func
(
x
*
CreatePolicyRequest
)
GetParent
()
string
func (*CreatePolicyRequest) GetPolicy
func
(
x
*
CreatePolicyRequest
)
GetPolicy
()
*
Policy
func (*CreatePolicyRequest) GetPolicyId
func
(
x
*
CreatePolicyRequest
)
GetPolicyId
()
string
func (*CreatePolicyRequest) ProtoMessage
func
(
*
CreatePolicyRequest
)
ProtoMessage
()
func (*CreatePolicyRequest) ProtoReflect
func
(
x
*
CreatePolicyRequest
)
ProtoReflect
()
protoreflect
.
Message
func (*CreatePolicyRequest) Reset
func
(
x
*
CreatePolicyRequest
)
Reset
()
func (*CreatePolicyRequest) String
func
(
x
*
CreatePolicyRequest
)
String
()
string
DeletePolicyRequest
type
DeletePolicyRequest
struct
{
// Required. The resource name of the policy to delete. Format:
// `policies/{attachment_point}/denypolicies/{policy_id}`
//
// Use the URL-encoded full resource name, which means that the forward-slash
// character, `/`, must be written as `%2F`. For example,
// `policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my-policy`.
//
// For organizations and folders, use the numeric ID in the full resource
// name. For projects, you can use the alphanumeric or the numeric ID.
Name
string
`protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Optional. The expected `etag` of the policy to delete. If the value does not match
// the value that is stored in IAM, the request fails with a `409` error code
// and `ABORTED` status.
//
// If you omit this field, the policy is deleted regardless of its current
// `etag`.
Etag
string
`protobuf:"bytes,2,opt,name=etag,proto3" json:"etag,omitempty"`
// contains filtered or unexported fields
}
Request message for DeletePolicy
.
func (*DeletePolicyRequest) Descriptor
func
(
*
DeletePolicyRequest
)
Descriptor
()
([]
byte
,
[]
int
)
Deprecated: Use DeletePolicyRequest.ProtoReflect.Descriptor instead.
func (*DeletePolicyRequest) GetEtag
func
(
x
*
DeletePolicyRequest
)
GetEtag
()
string
func (*DeletePolicyRequest) GetName
func
(
x
*
DeletePolicyRequest
)
GetName
()
string
func (*DeletePolicyRequest) ProtoMessage
func
(
*
DeletePolicyRequest
)
ProtoMessage
()
func (*DeletePolicyRequest) ProtoReflect
func
(
x
*
DeletePolicyRequest
)
ProtoReflect
()
protoreflect
.
Message
func (*DeletePolicyRequest) Reset
func
(
x
*
DeletePolicyRequest
)
Reset
()
func (*DeletePolicyRequest) String
func
(
x
*
DeletePolicyRequest
)
String
()
string
DenyRule
type
DenyRule
struct
{
// The identities that are prevented from using one or more permissions on
// Google Cloud resources. This field can contain the following values:
//
// - `principalSet://goog/public:all`: A special identifier that represents
// any principal that is on the internet, even if they do not have a Google
// Account or are not logged in.
//
// - `principal://goog/subject/{email_id}`: A specific Google Account.
// Includes Gmail, Cloud Identity, and Google Workspace user accounts. For
// example, `principal://goog/subject/alice@example.com`.
//
// - `deleted:principal://goog/subject/{email_id}?uid={uid}`: A specific
// Google Account that was deleted recently. For example,
// `deleted:principal://goog/subject/alice@example.com?uid=1234567890`. If
// the Google Account is recovered, this identifier reverts to the standard
// identifier for a Google Account.
//
// - `principalSet://goog/group/{group_id}`: A Google group. For example,
// `principalSet://goog/group/admins@example.com`.
//
// - `deleted:principalSet://goog/group/{group_id}?uid={uid}`: A Google group
// that was deleted recently. For example,
// `deleted:principalSet://goog/group/admins@example.com?uid=1234567890`. If
// the Google group is restored, this identifier reverts to the standard
// identifier for a Google group.
//
// - `principal://iam.googleapis.com/projects/-/serviceAccounts/{service_account_id}`:
// A Google Cloud service account. For example,
// `principal://iam.googleapis.com/projects/-/serviceAccounts/my-service-account@iam.gserviceaccount.com`.
//
// - `deleted:principal://iam.googleapis.com/projects/-/serviceAccounts/{service_account_id}?uid={uid}`:
// A Google Cloud service account that was deleted recently. For example,
// `deleted:principal://iam.googleapis.com/projects/-/serviceAccounts/my-service-account@iam.gserviceaccount.com?uid=1234567890`.
// If the service account is undeleted, this identifier reverts to the
// standard identifier for a service account.
//
// - `principalSet://goog/cloudIdentityCustomerId/{customer_id}`: All of the
// principals associated with the specified Google Workspace or Cloud
// Identity customer ID. For example,
// `principalSet://goog/cloudIdentityCustomerId/C01Abc35`.
DeniedPrincipals
[]
string
`protobuf:"bytes,1,rep,name=denied_principals,json=deniedPrincipals,proto3" json:"denied_principals,omitempty"`
// The identities that are excluded from the deny rule, even if they are
// listed in the `denied_principals`. For example, you could add a Google
// group to the `denied_principals`, then exclude specific users who belong to
// that group.
//
// This field can contain the same values as the `denied_principals` field,
// excluding `principalSet://goog/public:all`, which represents all users on
// the internet.
ExceptionPrincipals
[]
string
`protobuf:"bytes,2,rep,name=exception_principals,json=exceptionPrincipals,proto3" json:"exception_principals,omitempty"`
// The permissions that are explicitly denied by this rule. Each permission
// uses the format `{service_fqdn}/{resource}.{verb}`, where `{service_fqdn}`
// is the fully qualified domain name for the service. For example,
// `iam.googleapis.com/roles.list`.
DeniedPermissions
[]
string
`protobuf:"bytes,3,rep,name=denied_permissions,json=deniedPermissions,proto3" json:"denied_permissions,omitempty"`
// Specifies the permissions that this rule excludes from the set of denied
// permissions given by `denied_permissions`. If a permission appears in
// `denied_permissions` _and_ in `exception_permissions` then it will _not_ be
// denied.
//
// The excluded permissions can be specified using the same syntax as
// `denied_permissions`.
ExceptionPermissions
[]
string
`protobuf:"bytes,4,rep,name=exception_permissions,json=exceptionPermissions,proto3" json:"exception_permissions,omitempty"`
// The condition that determines whether this deny rule applies to a request.
// If the condition expression evaluates to `true`, then the deny rule is
// applied; otherwise, the deny rule is not applied.
//
// Each deny rule is evaluated independently. If this deny rule does not apply
// to a request, other deny rules might still apply.
//
// The condition can use CEL functions that evaluate
// [resource
// tags](https://cloud.google.com/iam/help/conditions/resource-tags). Other
// functions and operators are not supported.
DenialCondition
*
expr
.
Expr
`protobuf:"bytes,5,opt,name=denial_condition,json=denialCondition,proto3" json:"denial_condition,omitempty"`
// contains filtered or unexported fields
}
A deny rule in an IAM deny policy.
func (*DenyRule) Descriptor
Deprecated: Use DenyRule.ProtoReflect.Descriptor instead.
func (*DenyRule) GetDenialCondition
func (*DenyRule) GetDeniedPermissions
func (*DenyRule) GetDeniedPrincipals
func (*DenyRule) GetExceptionPermissions
func (*DenyRule) GetExceptionPrincipals
func (*DenyRule) ProtoMessage
func
(
*
DenyRule
)
ProtoMessage
()
func (*DenyRule) ProtoReflect
func
(
x
*
DenyRule
)
ProtoReflect
()
protoreflect
.
Message
func (*DenyRule) Reset
func
(
x
*
DenyRule
)
Reset
()
func (*DenyRule) String
GetPolicyRequest
type
GetPolicyRequest
struct
{
// Required. The resource name of the policy to retrieve. Format:
// `policies/{attachment_point}/denypolicies/{policy_id}`
//
// Use the URL-encoded full resource name, which means that the forward-slash
// character, `/`, must be written as `%2F`. For example,
// `policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my-policy`.
//
// For organizations and folders, use the numeric ID in the full resource
// name. For projects, you can use the alphanumeric or the numeric ID.
Name
string
`protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// contains filtered or unexported fields
}
Request message for GetPolicy
.
func (*GetPolicyRequest) Descriptor
func
(
*
GetPolicyRequest
)
Descriptor
()
([]
byte
,
[]
int
)
Deprecated: Use GetPolicyRequest.ProtoReflect.Descriptor instead.
func (*GetPolicyRequest) GetName
func
(
x
*
GetPolicyRequest
)
GetName
()
string
func (*GetPolicyRequest) ProtoMessage
func
(
*
GetPolicyRequest
)
ProtoMessage
()
func (*GetPolicyRequest) ProtoReflect
func
(
x
*
GetPolicyRequest
)
ProtoReflect
()
protoreflect
.
Message
func (*GetPolicyRequest) Reset
func
(
x
*
GetPolicyRequest
)
Reset
()
func (*GetPolicyRequest) String
func
(
x
*
GetPolicyRequest
)
String
()
string
ListPoliciesRequest
type
ListPoliciesRequest
struct
{
// Required. The resource that the policy is attached to, along with the kind of policy
// to list. Format:
// `policies/{attachment_point}/denypolicies`
//
// The attachment point is identified by its URL-encoded full resource name,
// which means that the forward-slash character, `/`, must be written as
// `%2F`. For example,
// `policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies`.
//
// For organizations and folders, use the numeric ID in the full resource
// name. For projects, you can use the alphanumeric or the numeric ID.
Parent
string
`protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// The maximum number of policies to return. IAM ignores this value and uses
// the value 1000.
PageSize
int32
`protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
// A page token received in a [ListPoliciesResponse][google.iam.v2.ListPoliciesResponse]. Provide this token to
// retrieve the next page.
PageToken
string
`protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
// contains filtered or unexported fields
}
Request message for ListPolicies
.
func (*ListPoliciesRequest) Descriptor
func
(
*
ListPoliciesRequest
)
Descriptor
()
([]
byte
,
[]
int
)
Deprecated: Use ListPoliciesRequest.ProtoReflect.Descriptor instead.
func (*ListPoliciesRequest) GetPageSize
func
(
x
*
ListPoliciesRequest
)
GetPageSize
()
int32
func (*ListPoliciesRequest) GetPageToken
func
(
x
*
ListPoliciesRequest
)
GetPageToken
()
string
func (*ListPoliciesRequest) GetParent
func
(
x
*
ListPoliciesRequest
)
GetParent
()
string
func (*ListPoliciesRequest) ProtoMessage
func
(
*
ListPoliciesRequest
)
ProtoMessage
()
func (*ListPoliciesRequest) ProtoReflect
func
(
x
*
ListPoliciesRequest
)
ProtoReflect
()
protoreflect
.
Message
func (*ListPoliciesRequest) Reset
func
(
x
*
ListPoliciesRequest
)
Reset
()
func (*ListPoliciesRequest) String
func
(
x
*
ListPoliciesRequest
)
String
()
string
ListPoliciesResponse
type
ListPoliciesResponse
struct
{
// Metadata for the policies that are attached to the resource.
Policies
[]
*
Policy
`protobuf:"bytes,1,rep,name=policies,proto3" json:"policies,omitempty"`
// A page token that you can use in a [ListPoliciesRequest][google.iam.v2.ListPoliciesRequest] to retrieve the
// next page. If this field is omitted, there are no additional pages.
NextPageToken
string
`protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
// contains filtered or unexported fields
}
Response message for ListPolicies
.
func (*ListPoliciesResponse) Descriptor
func
(
*
ListPoliciesResponse
)
Descriptor
()
([]
byte
,
[]
int
)
Deprecated: Use ListPoliciesResponse.ProtoReflect.Descriptor instead.
func (*ListPoliciesResponse) GetNextPageToken
func
(
x
*
ListPoliciesResponse
)
GetNextPageToken
()
string
func (*ListPoliciesResponse) GetPolicies
func
(
x
*
ListPoliciesResponse
)
GetPolicies
()
[]
*
Policy
func (*ListPoliciesResponse) ProtoMessage
func
(
*
ListPoliciesResponse
)
ProtoMessage
()
func (*ListPoliciesResponse) ProtoReflect
func
(
x
*
ListPoliciesResponse
)
ProtoReflect
()
protoreflect
.
Message
func (*ListPoliciesResponse) Reset
func
(
x
*
ListPoliciesResponse
)
Reset
()
func (*ListPoliciesResponse) String
func
(
x
*
ListPoliciesResponse
)
String
()
string
PoliciesClient
type
PoliciesClient
interface
{
// Retrieves the policies of the specified kind that are attached to a
// resource.
//
// The response lists only policy metadata. In particular, policy rules are
// omitted.
ListPolicies
(
ctx
context
.
Context
,
in
*
ListPoliciesRequest
,
opts
...
grpc
.
CallOption
)
(
*
ListPoliciesResponse
,
error
)
// Gets a policy.
GetPolicy
(
ctx
context
.
Context
,
in
*
GetPolicyRequest
,
opts
...
grpc
.
CallOption
)
(
*
Policy
,
error
)
// Creates a policy.
CreatePolicy
(
ctx
context
.
Context
,
in
*
CreatePolicyRequest
,
opts
...
grpc
.
CallOption
)
(
*
longrunningpb
.
Operation
,
error
)
// Updates the specified policy.
//
// You can update only the rules and the display name for the policy.
//
// To update a policy, you should use a read-modify-write loop:
//
// 1. Use [GetPolicy][google.iam.v2.Policies.GetPolicy] to read the current version of the policy.
// 2. Modify the policy as needed.
// 3. Use `UpdatePolicy` to write the updated policy.
//
// This pattern helps prevent conflicts between concurrent updates.
UpdatePolicy
(
ctx
context
.
Context
,
in
*
UpdatePolicyRequest
,
opts
...
grpc
.
CallOption
)
(
*
longrunningpb
.
Operation
,
error
)
// Deletes a policy. This action is permanent.
DeletePolicy
(
ctx
context
.
Context
,
in
*
DeletePolicyRequest
,
opts
...
grpc
.
CallOption
)
(
*
longrunningpb
.
Operation
,
error
)
}
PoliciesClient is the client API for Policies service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream .
func NewPoliciesClient
func
NewPoliciesClient
(
cc
grpc
.
ClientConnInterface
)
PoliciesClient
PoliciesServer
type
PoliciesServer
interface
{
// Retrieves the policies of the specified kind that are attached to a
// resource.
//
// The response lists only policy metadata. In particular, policy rules are
// omitted.
ListPolicies
(
context
.
Context
,
*
ListPoliciesRequest
)
(
*
ListPoliciesResponse
,
error
)
// Gets a policy.
GetPolicy
(
context
.
Context
,
*
GetPolicyRequest
)
(
*
Policy
,
error
)
// Creates a policy.
CreatePolicy
(
context
.
Context
,
*
CreatePolicyRequest
)
(
*
longrunningpb
.
Operation
,
error
)
// Updates the specified policy.
//
// You can update only the rules and the display name for the policy.
//
// To update a policy, you should use a read-modify-write loop:
//
// 1. Use [GetPolicy][google.iam.v2.Policies.GetPolicy] to read the current version of the policy.
// 2. Modify the policy as needed.
// 3. Use `UpdatePolicy` to write the updated policy.
//
// This pattern helps prevent conflicts between concurrent updates.
UpdatePolicy
(
context
.
Context
,
*
UpdatePolicyRequest
)
(
*
longrunningpb
.
Operation
,
error
)
// Deletes a policy. This action is permanent.
DeletePolicy
(
context
.
Context
,
*
DeletePolicyRequest
)
(
*
longrunningpb
.
Operation
,
error
)
}
PoliciesServer is the server API for Policies service. All implementations should embed UnimplementedPoliciesServer for forward compatibility
Policy
type
Policy
struct
{
// Immutable. The resource name of the `Policy`, which must be unique. Format:
// `policies/{attachment_point}/denypolicies/{policy_id}`
//
// The attachment point is identified by its URL-encoded full resource name,
// which means that the forward-slash character, `/`, must be written as
// `%2F`. For example,
// `policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my-deny-policy`.
//
// For organizations and folders, use the numeric ID in the full resource
// name. For projects, requests can use the alphanumeric or the numeric ID.
// Responses always contain the numeric ID.
Name
string
`protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Immutable. The globally unique ID of the `Policy`. Assigned automatically when the
// `Policy` is created.
Uid
string
`protobuf:"bytes,2,opt,name=uid,proto3" json:"uid,omitempty"`
// Output only. The kind of the `Policy`. Always contains the value `DenyPolicy`.
Kind
string
`protobuf:"bytes,3,opt,name=kind,proto3" json:"kind,omitempty"`
// A user-specified description of the `Policy`. This value can be up to 63
// characters.
DisplayName
string
`protobuf:"bytes,4,opt,name=display_name,json=displayName,proto3" json:"display_name,omitempty"`
// A key-value map to store arbitrary metadata for the `Policy`. Keys
// can be up to 63 characters. Values can be up to 255 characters.
Annotations
map
[
string
]
string
`protobuf:"bytes,5,rep,name=annotations,proto3" json:"annotations,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
// An opaque tag that identifies the current version of the `Policy`. IAM uses
// this value to help manage concurrent updates, so they do not cause one
// update to be overwritten by another.
//
// If this field is present in a [CreatePolicy][] request, the value is
// ignored.
Etag
string
`protobuf:"bytes,6,opt,name=etag,proto3" json:"etag,omitempty"`
// Output only. The time when the `Policy` was created.
CreateTime
*
timestamppb
.
Timestamp
`protobuf:"bytes,7,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
// Output only. The time when the `Policy` was last updated.
UpdateTime
*
timestamppb
.
Timestamp
`protobuf:"bytes,8,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`
// Output only. The time when the `Policy` was deleted. Empty if the policy is not deleted.
DeleteTime
*
timestamppb
.
Timestamp
`protobuf:"bytes,9,opt,name=delete_time,json=deleteTime,proto3" json:"delete_time,omitempty"`
// A list of rules that specify the behavior of the `Policy`. All of the rules
// should be of the `kind` specified in the `Policy`.
Rules
[]
*
PolicyRule
`protobuf:"bytes,10,rep,name=rules,proto3" json:"rules,omitempty"`
// Immutable. Specifies that this policy is managed by an authority and can only be
// modified by that authority. Usage is restricted.
ManagingAuthority
string
`protobuf:"bytes,11,opt,name=managing_authority,json=managingAuthority,proto3" json:"managing_authority,omitempty"`
// contains filtered or unexported fields
}
Data for an IAM policy.
func (*Policy) Descriptor
Deprecated: Use Policy.ProtoReflect.Descriptor instead.
func (*Policy) GetAnnotations
func (*Policy) GetCreateTime
func
(
x
*
Policy
)
GetCreateTime
()
*
timestamppb
.
Timestamp
func (*Policy) GetDeleteTime
func
(
x
*
Policy
)
GetDeleteTime
()
*
timestamppb
.
Timestamp
func (*Policy) GetDisplayName
func (*Policy) GetEtag
func (*Policy) GetKind
func (*Policy) GetManagingAuthority
func (*Policy) GetName
func (*Policy) GetRules
func
(
x
*
Policy
)
GetRules
()
[]
*
PolicyRule
func (*Policy) GetUid
func (*Policy) GetUpdateTime
func
(
x
*
Policy
)
GetUpdateTime
()
*
timestamppb
.
Timestamp
func (*Policy) ProtoMessage
func
(
*
Policy
)
ProtoMessage
()
func (*Policy) ProtoReflect
func
(
x
*
Policy
)
ProtoReflect
()
protoreflect
.
Message
func (*Policy) Reset
func
(
x
*
Policy
)
Reset
()
func (*Policy) String
PolicyOperationMetadata
type
PolicyOperationMetadata
struct
{
// Timestamp when the `google.longrunning.Operation` was created.
CreateTime
*
timestamppb
.
Timestamp
`protobuf:"bytes,1,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
// contains filtered or unexported fields
}
Metadata for long-running Policy
operations.
func (*PolicyOperationMetadata) Descriptor
func
(
*
PolicyOperationMetadata
)
Descriptor
()
([]
byte
,
[]
int
)
Deprecated: Use PolicyOperationMetadata.ProtoReflect.Descriptor instead.
func (*PolicyOperationMetadata) GetCreateTime
func
(
x
*
PolicyOperationMetadata
)
GetCreateTime
()
*
timestamppb
.
Timestamp
func (*PolicyOperationMetadata) ProtoMessage
func
(
*
PolicyOperationMetadata
)
ProtoMessage
()
func (*PolicyOperationMetadata) ProtoReflect
func
(
x
*
PolicyOperationMetadata
)
ProtoReflect
()
protoreflect
.
Message
func (*PolicyOperationMetadata) Reset
func
(
x
*
PolicyOperationMetadata
)
Reset
()
func (*PolicyOperationMetadata) String
func
(
x
*
PolicyOperationMetadata
)
String
()
string
PolicyRule
type
PolicyRule
struct
{
// Types that are assignable to Kind:
//
// *PolicyRule_DenyRule
Kind
isPolicyRule_Kind
`protobuf_oneof:"kind"`
// A user-specified description of the rule. This value can be up to 256
// characters.
Description
string
`protobuf:"bytes,1,opt,name=description,proto3" json:"description,omitempty"`
// contains filtered or unexported fields
}
A single rule in a Policy
.
func (*PolicyRule) Descriptor
func
(
*
PolicyRule
)
Descriptor
()
([]
byte
,
[]
int
)
Deprecated: Use PolicyRule.ProtoReflect.Descriptor instead.
func (*PolicyRule) GetDenyRule
func
(
x
*
PolicyRule
)
GetDenyRule
()
*
DenyRule
func (*PolicyRule) GetDescription
func
(
x
*
PolicyRule
)
GetDescription
()
string
func (*PolicyRule) GetKind
func
(
m
*
PolicyRule
)
GetKind
()
isPolicyRule_Kind
func (*PolicyRule) ProtoMessage
func
(
*
PolicyRule
)
ProtoMessage
()
func (*PolicyRule) ProtoReflect
func
(
x
*
PolicyRule
)
ProtoReflect
()
protoreflect
.
Message
func (*PolicyRule) Reset
func
(
x
*
PolicyRule
)
Reset
()
func (*PolicyRule) String
func
(
x
*
PolicyRule
)
String
()
string
PolicyRule_DenyRule
type
PolicyRule_DenyRule
struct
{
// A rule for a deny policy.
DenyRule
*
DenyRule
`protobuf:"bytes,2,opt,name=deny_rule,json=denyRule,proto3,oneof"`
}
UnimplementedPoliciesServer
type
UnimplementedPoliciesServer
struct
{
}
UnimplementedPoliciesServer should be embedded to have forward compatible implementations.
func (UnimplementedPoliciesServer) CreatePolicy
func
(
UnimplementedPoliciesServer
)
CreatePolicy
(
context
.
Context
,
*
CreatePolicyRequest
)
(
*
longrunningpb
.
Operation
,
error
)
func (UnimplementedPoliciesServer) DeletePolicy
func
(
UnimplementedPoliciesServer
)
DeletePolicy
(
context
.
Context
,
*
DeletePolicyRequest
)
(
*
longrunningpb
.
Operation
,
error
)
func (UnimplementedPoliciesServer) GetPolicy
func
(
UnimplementedPoliciesServer
)
GetPolicy
(
context
.
Context
,
*
GetPolicyRequest
)
(
*
Policy
,
error
)
func (UnimplementedPoliciesServer) ListPolicies
func
(
UnimplementedPoliciesServer
)
ListPolicies
(
context
.
Context
,
*
ListPoliciesRequest
)
(
*
ListPoliciesResponse
,
error
)
func (UnimplementedPoliciesServer) UpdatePolicy
func
(
UnimplementedPoliciesServer
)
UpdatePolicy
(
context
.
Context
,
*
UpdatePolicyRequest
)
(
*
longrunningpb
.
Operation
,
error
)
UnsafePoliciesServer
type
UnsafePoliciesServer
interface
{
// contains filtered or unexported methods
}
UnsafePoliciesServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to PoliciesServer will result in compilation errors.
UpdatePolicyRequest
type
UpdatePolicyRequest
struct
{
// Required. The policy to update.
//
// To prevent conflicting updates, the `etag` value must match the value that
// is stored in IAM. If the `etag` values do not match, the request fails with
// a `409` error code and `ABORTED` status.
Policy
*
Policy
`protobuf:"bytes,1,opt,name=policy,proto3" json:"policy,omitempty"`
// contains filtered or unexported fields
}
Request message for UpdatePolicy
.
func (*UpdatePolicyRequest) Descriptor
func
(
*
UpdatePolicyRequest
)
Descriptor
()
([]
byte
,
[]
int
)
Deprecated: Use UpdatePolicyRequest.ProtoReflect.Descriptor instead.
func (*UpdatePolicyRequest) GetPolicy
func
(
x
*
UpdatePolicyRequest
)
GetPolicy
()
*
Policy
func (*UpdatePolicyRequest) ProtoMessage
func
(
*
UpdatePolicyRequest
)
ProtoMessage
()
func (*UpdatePolicyRequest) ProtoReflect
func
(
x
*
UpdatePolicyRequest
)
ProtoReflect
()
protoreflect
.
Message
func (*UpdatePolicyRequest) Reset
func
(
x
*
UpdatePolicyRequest
)
Reset
()
func (*UpdatePolicyRequest) String
func
(
x
*
UpdatePolicyRequest
)
String
()
string
