# Generated by the protocol buffer compiler. DO NOT EDIT!
# source: google/iam/v1/iam_policy.proto
import sys
_b=sys.version_info[0]<3 and (lambda x:x) or (lambda x:x.encode('latin1'))
from google.protobuf import descriptor as _descriptor
from google.protobuf import message as _message
from google.protobuf import reflection as _reflection
from google.protobuf import symbol_database as _symbol_database
from google.protobuf import descriptor_pb2
# @@protoc_insertion_point(imports)
_sym_db = _symbol_database.Default()
from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2
from google.iam.v1 import policy_pb2 as google_dot_iam_dot_v1_dot_policy__pb2
DESCRIPTOR = _descriptor.FileDescriptor(
name='google/iam/v1/iam_policy.proto',
package='google.iam.v1',
syntax='proto3',
serialized_pb=_b('\n\x1egoogle/iam/v1/iam_policy.proto\x12\rgoogle.iam.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x1agoogle/iam/v1/policy.proto\"N\n\x13SetIamPolicyRequest\x12\x10\n\x08resource\x18\x01 \x01(\t\x12%\n\x06policy\x18\x02 \x01(\x0b\x32\x15.google.iam.v1.Policy\"\'\n\x13GetIamPolicyRequest\x12\x10\n\x08resource\x18\x01 \x01(\t\"B\n\x19TestIamPermissionsRequest\x12\x10\n\x08resource\x18\x01 \x01(\t\x12\x13\n\x0bpermissions\x18\x02 \x03(\t\"1\n\x1aTestIamPermissionsResponse\x12\x13\n\x0bpermissions\x18\x01 \x03(\t2\x94\x03\n\tIAMPolicy\x12t\n\x0cSetIamPolicy\x12\".google.iam.v1.SetIamPolicyRequest\x1a\x15.google.iam.v1.Policy\")\x82\xd3\xe4\x93\x02#\"\x1e/v1/{resource=**}:setIamPolicy:\x01*\x12t\n\x0cGetIamPolicy\x12\".google.iam.v1.GetIamPolicyRequest\x1a\x15.google.iam.v1.Policy\")\x82\xd3\xe4\x93\x02#\"\x1e/v1/{resource=**}:getIamPolicy:\x01*\x12\x9a\x01\n\x12TestIamPermissions\x12(.google.iam.v1.TestIamPermissionsRequest\x1a).google.iam.v1.TestIamPermissionsResponse\"/\x82\xd3\xe4\x93\x02)\"$/v1/{resource=**}:testIamPermissions:\x01*Bp\n\x11\x63om.google.iam.v1B\x0eIamPolicyProtoP\x01Z0google.golang.org/genproto/googleapis/iam/v1;iam\xf8\x01\x01\xaa\x02\x13Google.Cloud.Iam.V1b\x06proto3')
,
dependencies=[google_dot_api_dot_annotations__pb2.DESCRIPTOR,google_dot_iam_dot_v1_dot_policy__pb2.DESCRIPTOR,])
_SETIAMPOLICYREQUEST = _descriptor.Descriptor(
name='SetIamPolicyRequest',
full_name='google.iam.v1.SetIamPolicyRequest',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
_descriptor.FieldDescriptor(
name='resource', full_name='google.iam.v1.SetIamPolicyRequest.resource', index=0,
number=1, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=_b("").decode('utf-8'),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
_descriptor.FieldDescriptor(
name='policy', full_name='google.iam.v1.SetIamPolicyRequest.policy', index=1,
number=2, type=11, cpp_type=10, label=1,
has_default_value=False, default_value=None,
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[],
enum_types=[
],
options=None,
is_extendable=False,
syntax='proto3',
extension_ranges=[],
oneofs=[
],
serialized_start=107,
serialized_end=185,
)
_GETIAMPOLICYREQUEST = _descriptor.Descriptor(
name='GetIamPolicyRequest',
full_name='google.iam.v1.GetIamPolicyRequest',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
_descriptor.FieldDescriptor(
name='resource', full_name='google.iam.v1.GetIamPolicyRequest.resource', index=0,
number=1, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=_b("").decode('utf-8'),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[],
enum_types=[
],
options=None,
is_extendable=False,
syntax='proto3',
extension_ranges=[],
oneofs=[
],
serialized_start=187,
serialized_end=226,
)
_TESTIAMPERMISSIONSREQUEST = _descriptor.Descriptor(
name='TestIamPermissionsRequest',
full_name='google.iam.v1.TestIamPermissionsRequest',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
_descriptor.FieldDescriptor(
name='resource', full_name='google.iam.v1.TestIamPermissionsRequest.resource', index=0,
number=1, type=9, cpp_type=9, label=1,
has_default_value=False, default_value=_b("").decode('utf-8'),
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
_descriptor.FieldDescriptor(
name='permissions', full_name='google.iam.v1.TestIamPermissionsRequest.permissions', index=1,
number=2, type=9, cpp_type=9, label=3,
has_default_value=False, default_value=[],
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[],
enum_types=[
],
options=None,
is_extendable=False,
syntax='proto3',
extension_ranges=[],
oneofs=[
],
serialized_start=228,
serialized_end=294,
)
_TESTIAMPERMISSIONSRESPONSE = _descriptor.Descriptor(
name='TestIamPermissionsResponse',
full_name='google.iam.v1.TestIamPermissionsResponse',
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
_descriptor.FieldDescriptor(
name='permissions', full_name='google.iam.v1.TestIamPermissionsResponse.permissions', index=0,
number=1, type=9, cpp_type=9, label=3,
has_default_value=False, default_value=[],
message_type=None, enum_type=None, containing_type=None,
is_extension=False, extension_scope=None,
options=None),
],
extensions=[
],
nested_types=[],
enum_types=[
],
options=None,
is_extendable=False,
syntax='proto3',
extension_ranges=[],
oneofs=[
],
serialized_start=296,
serialized_end=345,
)
_SETIAMPOLICYREQUEST.fields_by_name['policy'].message_type = google_dot_iam_dot_v1_dot_policy__pb2._POLICY
DESCRIPTOR.message_types_by_name['SetIamPolicyRequest'] = _SETIAMPOLICYREQUEST
DESCRIPTOR.message_types_by_name['GetIamPolicyRequest'] = _GETIAMPOLICYREQUEST
DESCRIPTOR.message_types_by_name['TestIamPermissionsRequest'] = _TESTIAMPERMISSIONSREQUEST
DESCRIPTOR.message_types_by_name['TestIamPermissionsResponse'] = _TESTIAMPERMISSIONSRESPONSE
_sym_db.RegisterFileDescriptor(DESCRIPTOR)
SetIamPolicyRequest = _reflection.GeneratedProtocolMessageType('SetIamPolicyRequest', (_message.Message,), dict(
DESCRIPTOR = _SETIAMPOLICYREQUEST,
__module__ = 'google.iam.v1.iam_policy_pb2'
,
__doc__ = """Request message for ``SetIamPolicy`` method.
Attributes:
resource:
REQUIRED: The resource for which the policy is being
specified. ``resource`` is usually specified as a path. For
example, a Project resource is specified as
``projects/{project}``.
policy:
REQUIRED: The complete policy to be applied to the
``resource``. The size of the policy is limited to a few 10s
of KB. An empty policy is a valid policy but certain Cloud
Platform services (such as Projects) might reject them.
""",
# @@protoc_insertion_point(class_scope:google.iam.v1.SetIamPolicyRequest)
))
_sym_db.RegisterMessage(SetIamPolicyRequest)
GetIamPolicyRequest = _reflection.GeneratedProtocolMessageType('GetIamPolicyRequest', (_message.Message,), dict(
DESCRIPTOR = _GETIAMPOLICYREQUEST,
__module__ = 'google.iam.v1.iam_policy_pb2'
,
__doc__ = """Request message for ``GetIamPolicy`` method.
Attributes:
resource:
REQUIRED: The resource for which the policy is being
requested. ``resource`` is usually specified as a path. For
example, a Project resource is specified as
``projects/{project}``.
""",
# @@protoc_insertion_point(class_scope:google.iam.v1.GetIamPolicyRequest)
))
_sym_db.RegisterMessage(GetIamPolicyRequest)
TestIamPermissionsRequest = _reflection.GeneratedProtocolMessageType('TestIamPermissionsRequest', (_message.Message,), dict(
DESCRIPTOR = _TESTIAMPERMISSIONSREQUEST,
__module__ = 'google.iam.v1.iam_policy_pb2'
,
__doc__ = """Request message for ``TestIamPermissions`` method.
Attributes:
resource:
REQUIRED: The resource for which the policy detail is being
requested. ``resource`` is usually specified as a path. For
example, a Project resource is specified as
``projects/{project}``.
permissions:
The set of permissions to check for the ``resource``.
Permissions with wildcards (such as '*' or 'storage.*\ ') are
not allowed. For more information see `IAM Overview
<https://cloud.google.com/iam/docs/overview#permissions>`__.
""",
# @@protoc_insertion_point(class_scope:google.iam.v1.TestIamPermissionsRequest)
))
_sym_db.RegisterMessage(TestIamPermissionsRequest)
TestIamPermissionsResponse = _reflection.GeneratedProtocolMessageType('TestIamPermissionsResponse', (_message.Message,), dict(
DESCRIPTOR = _TESTIAMPERMISSIONSRESPONSE,
__module__ = 'google.iam.v1.iam_policy_pb2'
,
__doc__ = """Response message for ``TestIamPermissions`` method.
Attributes:
permissions:
A subset of ``TestPermissionsRequest.permissions`` that the
caller is allowed.
""",
# @@protoc_insertion_point(class_scope:google.iam.v1.TestIamPermissionsResponse)
))
_sym_db.RegisterMessage(TestIamPermissionsResponse)
DESCRIPTOR.has_options = True
DESCRIPTOR._options = _descriptor._ParseOptions(descriptor_pb2.FileOptions(), _b('\n\021com.google.iam.v1B\016IamPolicyProtoP\001Z0google.golang.org/genproto/googleapis/iam/v1;iam\370\001\001\252\002\023Google.Cloud.Iam.V1'))
_IAMPOLICY = _descriptor.ServiceDescriptor(
name='IAMPolicy',
full_name='google.iam.v1.IAMPolicy',
file=DESCRIPTOR,
index=0,
options=None,
serialized_start=348,
serialized_end=752,
methods=[
_descriptor.MethodDescriptor(
name='SetIamPolicy',
full_name='google.iam.v1.IAMPolicy.SetIamPolicy',
index=0,
containing_service=None,
input_type=_SETIAMPOLICYREQUEST,
output_type=google_dot_iam_dot_v1_dot_policy__pb2._POLICY,
options=_descriptor._ParseOptions(descriptor_pb2.MethodOptions(), _b('\202\323\344\223\002#\"\036/v1/{resource=**}:setIamPolicy:\001*')),
),
_descriptor.MethodDescriptor(
name='GetIamPolicy',
full_name='google.iam.v1.IAMPolicy.GetIamPolicy',
index=1,
containing_service=None,
input_type=_GETIAMPOLICYREQUEST,
output_type=google_dot_iam_dot_v1_dot_policy__pb2._POLICY,
options=_descriptor._ParseOptions(descriptor_pb2.MethodOptions(), _b('\202\323\344\223\002#\"\036/v1/{resource=**}:getIamPolicy:\001*')),
),
_descriptor.MethodDescriptor(
name='TestIamPermissions',
full_name='google.iam.v1.IAMPolicy.TestIamPermissions',
index=2,
containing_service=None,
input_type=_TESTIAMPERMISSIONSREQUEST,
output_type=_TESTIAMPERMISSIONSRESPONSE,
options=_descriptor._ParseOptions(descriptor_pb2.MethodOptions(), _b('\202\323\344\223\002)\"$/v1/{resource=**}:testIamPermissions:\001*')),
),
])
_sym_db.RegisterServiceDescriptor(_IAMPOLICY)
DESCRIPTOR.services_by_name['IAMPolicy'] = _IAMPOLICY
try:
# THESE ELEMENTS WILL BE DEPRECATED.
# Please use the generated *_pb2_grpc.py files instead.
import grpc
from grpc.beta import implementations as beta_implementations
from grpc.beta import interfaces as beta_interfaces
from grpc.framework.common import cardinality
from grpc.framework.interfaces.face import utilities as face_utilities
class IAMPolicyStub(object):
"""## API Overview
Manages Identity and Access Management (IAM) policies.
Any implementation of an API that offers access control features
implements the google.iam.v1.IAMPolicy interface.
## Data model
Access control is applied when a principal (user or service account), takes
some action on a resource exposed by a service. Resources, identified by
URI-like names, are the unit of access control specification. Service
implementations can choose the granularity of access control and the
supported permissions for their resources.
For example one database service may allow access control to be
specified only at the Table level, whereas another might allow access control
to also be specified at the Column level.
## Policy Structure
See google.iam.v1.Policy
This is intentionally not a CRUD style API because access control policies
are created and deleted implicitly with the resources to which they are
attached.
"""
def __init__(self, channel):
"""Constructor.
Args:
channel: A grpc.Channel.
"""
self.SetIamPolicy = channel.unary_unary(
'/google.iam.v1.IAMPolicy/SetIamPolicy',
request_serializer=SetIamPolicyRequest.SerializeToString,
response_deserializer=google_dot_iam_dot_v1_dot_policy__pb2.Policy.FromString,
)
self.GetIamPolicy = channel.unary_unary(
'/google.iam.v1.IAMPolicy/GetIamPolicy',
request_serializer=GetIamPolicyRequest.SerializeToString,
response_deserializer=google_dot_iam_dot_v1_dot_policy__pb2.Policy.FromString,
)
self.TestIamPermissions = channel.unary_unary(
'/google.iam.v1.IAMPolicy/TestIamPermissions',
request_serializer=TestIamPermissionsRequest.SerializeToString,
response_deserializer=TestIamPermissionsResponse.FromString,
)
class IAMPolicyServicer(object):
"""## API Overview
Manages Identity and Access Management (IAM) policies.
Any implementation of an API that offers access control features
implements the google.iam.v1.IAMPolicy interface.
## Data model
Access control is applied when a principal (user or service account), takes
some action on a resource exposed by a service. Resources, identified by
URI-like names, are the unit of access control specification. Service
implementations can choose the granularity of access control and the
supported permissions for their resources.
For example one database service may allow access control to be
specified only at the Table level, whereas another might allow access control
to also be specified at the Column level.
## Policy Structure
See google.iam.v1.Policy
This is intentionally not a CRUD style API because access control policies
are created and deleted implicitly with the resources to which they are
attached.
"""
def SetIamPolicy(self, request, context):
"""Sets the access control policy on the specified resource. Replaces any
existing policy.
"""
context.set_code(grpc.StatusCode.UNIMPLEMENTED)
context.set_details('Method not implemented!')
raise NotImplementedError('Method not implemented!')
def GetIamPolicy(self, request, context):
"""Gets the access control policy for a resource.
Returns an empty policy if the resource exists and does not have a policy
set.
"""
context.set_code(grpc.StatusCode.UNIMPLEMENTED)
context.set_details('Method not implemented!')
raise NotImplementedError('Method not implemented!')
def TestIamPermissions(self, request, context):
"""Returns permissions that a caller has on the specified resource.
If the resource does not exist, this will return an empty set of
permissions, not a NOT_FOUND error.
"""
context.set_code(grpc.StatusCode.UNIMPLEMENTED)
context.set_details('Method not implemented!')
raise NotImplementedError('Method not implemented!')
def add_IAMPolicyServicer_to_server(servicer, server):
rpc_method_handlers = {
'SetIamPolicy': grpc.unary_unary_rpc_method_handler(
servicer.SetIamPolicy,
request_deserializer=SetIamPolicyRequest.FromString,
response_serializer=google_dot_iam_dot_v1_dot_policy__pb2.Policy.SerializeToString,
),
'GetIamPolicy': grpc.unary_unary_rpc_method_handler(
servicer.GetIamPolicy,
request_deserializer=GetIamPolicyRequest.FromString,
response_serializer=google_dot_iam_dot_v1_dot_policy__pb2.Policy.SerializeToString,
),
'TestIamPermissions': grpc.unary_unary_rpc_method_handler(
servicer.TestIamPermissions,
request_deserializer=TestIamPermissionsRequest.FromString,
response_serializer=TestIamPermissionsResponse.SerializeToString,
),
}
generic_handler = grpc.method_handlers_generic_handler(
'google.iam.v1.IAMPolicy', rpc_method_handlers)
server.add_generic_rpc_handlers((generic_handler,))
class BetaIAMPolicyServicer(object):
"""The Beta API is deprecated for 0.15.0 and later.
It is recommended to use the GA API (classes and functions in this
file not marked beta) for all further purposes. This class was generated
only to ease transition from grpcio<0.15.0 to grpcio>=0.15.0."""
"""## API Overview
Manages Identity and Access Management (IAM) policies.
Any implementation of an API that offers access control features
implements the google.iam.v1.IAMPolicy interface.
## Data model
Access control is applied when a principal (user or service account), takes
some action on a resource exposed by a service. Resources, identified by
URI-like names, are the unit of access control specification. Service
implementations can choose the granularity of access control and the
supported permissions for their resources.
For example one database service may allow access control to be
specified only at the Table level, whereas another might allow access control
to also be specified at the Column level.
## Policy Structure
See google.iam.v1.Policy
This is intentionally not a CRUD style API because access control policies
are created and deleted implicitly with the resources to which they are
attached.
"""
def SetIamPolicy(self, request, context):
"""Sets the access control policy on the specified resource. Replaces any
existing policy.
"""
context.code(beta_interfaces.StatusCode.UNIMPLEMENTED)
def GetIamPolicy(self, request, context):
"""Gets the access control policy for a resource.
Returns an empty policy if the resource exists and does not have a policy
set.
"""
context.code(beta_interfaces.StatusCode.UNIMPLEMENTED)
def TestIamPermissions(self, request, context):
"""Returns permissions that a caller has on the specified resource.
If the resource does not exist, this will return an empty set of
permissions, not a NOT_FOUND error.
"""
context.code(beta_interfaces.StatusCode.UNIMPLEMENTED)
class BetaIAMPolicyStub(object):
"""The Beta API is deprecated for 0.15.0 and later.
It is recommended to use the GA API (classes and functions in this
file not marked beta) for all further purposes. This class was generated
only to ease transition from grpcio<0.15.0 to grpcio>=0.15.0."""
"""## API Overview
Manages Identity and Access Management (IAM) policies.
Any implementation of an API that offers access control features
implements the google.iam.v1.IAMPolicy interface.
## Data model
Access control is applied when a principal (user or service account), takes
some action on a resource exposed by a service. Resources, identified by
URI-like names, are the unit of access control specification. Service
implementations can choose the granularity of access control and the
supported permissions for their resources.
For example one database service may allow access control to be
specified only at the Table level, whereas another might allow access control
to also be specified at the Column level.
## Policy Structure
See google.iam.v1.Policy
This is intentionally not a CRUD style API because access control policies
are created and deleted implicitly with the resources to which they are
attached.
"""
def SetIamPolicy(self, request, timeout, metadata=None, with_call=False, protocol_options=None):
"""Sets the access control policy on the specified resource. Replaces any
existing policy.
"""
raise NotImplementedError()
SetIamPolicy.future = None
def GetIamPolicy(self, request, timeout, metadata=None, with_call=False, protocol_options=None):
"""Gets the access control policy for a resource.
Returns an empty policy if the resource exists and does not have a policy
set.
"""
raise NotImplementedError()
GetIamPolicy.future = None
def TestIamPermissions(self, request, timeout, metadata=None, with_call=False, protocol_options=None):
"""Returns permissions that a caller has on the specified resource.
If the resource does not exist, this will return an empty set of
permissions, not a NOT_FOUND error.
"""
raise NotImplementedError()
TestIamPermissions.future = None
def beta_create_IAMPolicy_server(servicer, pool=None, pool_size=None, default_timeout=None, maximum_timeout=None):
"""The Beta API is deprecated for 0.15.0 and later.
It is recommended to use the GA API (classes and functions in this
file not marked beta) for all further purposes. This function was
generated only to ease transition from grpcio<0.15.0 to grpcio>=0.15.0"""
request_deserializers = {
('google.iam.v1.IAMPolicy', 'GetIamPolicy'): GetIamPolicyRequest.FromString,
('google.iam.v1.IAMPolicy', 'SetIamPolicy'): SetIamPolicyRequest.FromString,
('google.iam.v1.IAMPolicy', 'TestIamPermissions'): TestIamPermissionsRequest.FromString,
}
response_serializers = {
('google.iam.v1.IAMPolicy', 'GetIamPolicy'): google_dot_iam_dot_v1_dot_policy__pb2.Policy.SerializeToString,
('google.iam.v1.IAMPolicy', 'SetIamPolicy'): google_dot_iam_dot_v1_dot_policy__pb2.Policy.SerializeToString,
('google.iam.v1.IAMPolicy', 'TestIamPermissions'): TestIamPermissionsResponse.SerializeToString,
}
method_implementations = {
('google.iam.v1.IAMPolicy', 'GetIamPolicy'): face_utilities.unary_unary_inline(servicer.GetIamPolicy),
('google.iam.v1.IAMPolicy', 'SetIamPolicy'): face_utilities.unary_unary_inline(servicer.SetIamPolicy),
('google.iam.v1.IAMPolicy', 'TestIamPermissions'): face_utilities.unary_unary_inline(servicer.TestIamPermissions),
}
server_options = beta_implementations.server_options(request_deserializers=request_deserializers, response_serializers=response_serializers, thread_pool=pool, thread_pool_size=pool_size, default_timeout=default_timeout, maximum_timeout=maximum_timeout)
return beta_implementations.server(method_implementations, options=server_options)
def beta_create_IAMPolicy_stub(channel, host=None, metadata_transformer=None, pool=None, pool_size=None):
"""The Beta API is deprecated for 0.15.0 and later.
It is recommended to use the GA API (classes and functions in this
file not marked beta) for all further purposes. This function was
generated only to ease transition from grpcio<0.15.0 to grpcio>=0.15.0"""
request_serializers = {
('google.iam.v1.IAMPolicy', 'GetIamPolicy'): GetIamPolicyRequest.SerializeToString,
('google.iam.v1.IAMPolicy', 'SetIamPolicy'): SetIamPolicyRequest.SerializeToString,
('google.iam.v1.IAMPolicy', 'TestIamPermissions'): TestIamPermissionsRequest.SerializeToString,
}
response_deserializers = {
('google.iam.v1.IAMPolicy', 'GetIamPolicy'): google_dot_iam_dot_v1_dot_policy__pb2.Policy.FromString,
('google.iam.v1.IAMPolicy', 'SetIamPolicy'): google_dot_iam_dot_v1_dot_policy__pb2.Policy.FromString,
('google.iam.v1.IAMPolicy', 'TestIamPermissions'): TestIamPermissionsResponse.FromString,
}
cardinalities = {
'GetIamPolicy': cardinality.Cardinality.UNARY_UNARY,
'SetIamPolicy': cardinality.Cardinality.UNARY_UNARY,
'TestIamPermissions': cardinality.Cardinality.UNARY_UNARY,
}
stub_options = beta_implementations.stub_options(host=host, metadata_transformer=metadata_transformer, request_serializers=request_serializers, response_deserializers=response_deserializers, thread_pool=pool, thread_pool_size=pool_size)
return beta_implementations.dynamic_stub(channel, 'google.iam.v1.IAMPolicy', cardinalities, options=stub_options)
except ImportError:
pass
# @@protoc_insertion_point(module_scope)
