Class: Google::Apis::IamV1::IamService
- Inherits:
-
Core::BaseService
- Object
- Core::BaseService
- Google::Apis::IamV1::IamService
- Defined in:
- generated/google/apis/iam_v1/service.rb
Overview
Identity and Access Management (IAM) API
Manages identity and access control for Google Cloud Platform resources, including the creation of service accounts, which you can use to authenticate to Google and make API calls.
Instance Attribute Summary collapse
-
#key ⇒ String
API key.
-
#quota_user ⇒ String
Available to use for quota purposes for server-side applications.
Attributes inherited from Core::BaseService
#authorization, #base_path, #batch_path, #client, #client_options, #request_options, #root_url, #upload_path
Instance Method Summary collapse
-
#create_organization_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Creates a new Role.
-
#create_project_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Creates a new Role.
-
#create_service_account(name, create_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount
Creates a ServiceAccount and returns it.
-
#create_service_account_key(name, create_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccountKey
Creates a ServiceAccountKey and returns it.
-
#delete_organization_role(name, etag: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Soft deletes a role.
-
#delete_project_role(name, etag: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Soft deletes a role.
-
#delete_project_service_account(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty
Deletes a ServiceAccount.
-
#delete_project_service_account_key(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty
Deletes a ServiceAccountKey.
-
#get_organization_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Gets a Role definition.
-
#get_project_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Gets a Role definition.
-
#get_project_service_account(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount
Gets a ServiceAccount.
-
#get_project_service_account_iam_policy(resource, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Policy
Returns the IAM access control policy for a ServiceAccount.
-
#get_project_service_account_key(name, public_key_type: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccountKey
Gets the ServiceAccountKey by key id.
-
#get_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Gets a Role definition.
-
#initialize ⇒ IamService
constructor
A new instance of IamService.
-
#lint_iam_policy_policy(lint_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::LintPolicyResponse
Lints a Cloud IAM policy object or its sub fields.
-
#list_organization_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse
Lists the Roles defined on a resource.
-
#list_project_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse
Lists the Roles defined on a resource.
-
#list_project_service_account_keys(name, key_types: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListServiceAccountKeysResponse
Lists ServiceAccountKeys.
-
#list_project_service_accounts(name, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListServiceAccountsResponse
Lists ServiceAccounts for a project.
-
#list_roles(page_size: nil, page_token: nil, parent: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse
Lists the Roles defined on a resource.
-
#patch_organization_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Updates a Role definition.
-
#patch_project_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Updates a Role definition.
-
#patch_service_account(name, patch_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount
Patches a ServiceAccount.
-
#query_grantable_roles(query_grantable_roles_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryGrantableRolesResponse
Queries roles that can be granted on a particular resource.
-
#query_iam_policy_auditable_services(query_auditable_services_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryAuditableServicesResponse
Returns a list of services that support service level audit logging configuration for the given resource.
-
#query_testable_permissions(query_testable_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryTestablePermissionsResponse
Lists the permissions testable on a resource.
-
#set_service_account_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Policy
Sets the IAM access control policy for a ServiceAccount.
-
#sign_service_account_blob(name, sign_blob_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::SignBlobResponse
Note: This method is in the process of being deprecated.
-
#sign_service_account_jwt(name, sign_jwt_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::SignJwtResponse
Note: This method is in the process of being deprecated.
-
#test_service_account_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::TestIamPermissionsResponse
Tests the specified permissions against the IAM access control policy for a ServiceAccount.
-
#undelete_organization_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Undelete a Role, bringing it back in its previous state.
-
#undelete_project_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Undelete a Role, bringing it back in its previous state.
-
#update_project_service_account(name, service_account_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount
Updates a ServiceAccount.
Methods inherited from Core::BaseService
#batch, #batch_upload, #fetch_all, #http
Methods included from Core::Logging
Constructor Details
#initialize ⇒ IamService
Returns a new instance of IamService
47 48 49 50 |
# File 'generated/google/apis/iam_v1/service.rb', line 47 def initialize super('https://iam.googleapis.com/', '') @batch_path = 'batch' end |
Instance Attribute Details
#key ⇒ String
Returns API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.
40 41 42 |
# File 'generated/google/apis/iam_v1/service.rb', line 40 def key @key end |
#quota_user ⇒ String
Returns Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
45 46 47 |
# File 'generated/google/apis/iam_v1/service.rb', line 45 def quota_user @quota_user end |
Instance Method Details
#create_organization_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Creates a new Role.
155 156 157 158 159 160 161 162 163 164 165 |
# File 'generated/google/apis/iam_v1/service.rb', line 155 def create_organization_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/roles', ) command.request_representation = Google::Apis::IamV1::CreateRoleRequest::Representation command.request_object = create_role_request_object command.response_representation = Google::Apis::IamV1::Role::Representation command.response_class = Google::Apis::IamV1::Role command.params['parent'] = parent unless parent.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#create_project_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Creates a new Role.
414 415 416 417 418 419 420 421 422 423 424 |
# File 'generated/google/apis/iam_v1/service.rb', line 414 def create_project_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/roles', ) command.request_representation = Google::Apis::IamV1::CreateRoleRequest::Representation command.request_object = create_role_request_object command.response_representation = Google::Apis::IamV1::Role::Representation command.response_class = Google::Apis::IamV1::Role command.params['parent'] = parent unless parent.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#create_service_account(name, create_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount
Creates a ServiceAccount and returns it.
642 643 644 645 646 647 648 649 650 651 652 |
# File 'generated/google/apis/iam_v1/service.rb', line 642 def create_service_account(name, create_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}/serviceAccounts', ) command.request_representation = Google::Apis::IamV1::CreateServiceAccountRequest::Representation command.request_object = create_service_account_request_object command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation command.response_class = Google::Apis::IamV1::ServiceAccount command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#create_service_account_key(name, create_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccountKey
Creates a ServiceAccountKey and returns it.
1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 |
# File 'generated/google/apis/iam_v1/service.rb', line 1062 def create_service_account_key(name, create_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}/keys', ) command.request_representation = Google::Apis::IamV1::CreateServiceAccountKeyRequest::Representation command.request_object = create_service_account_key_request_object command.response_representation = Google::Apis::IamV1::ServiceAccountKey::Representation command.response_class = Google::Apis::IamV1::ServiceAccountKey command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#delete_organization_role(name, etag: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Soft deletes a role. The role is suspended and cannot be used to create new
IAM Policy Bindings.
The Role will not be included in ListRoles()
unless show_deleted
is set
in the ListRolesRequest
. The Role contains the deleted boolean set.
Existing Bindings remains, but are inactive. The Role can be undeleted
within 7 days. After 7 days the Role is deleted and all Bindings associated
with the role are removed.
197 198 199 200 201 202 203 204 205 206 |
# File 'generated/google/apis/iam_v1/service.rb', line 197 def delete_organization_role(name, etag: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:delete, 'v1/{+name}', ) command.response_representation = Google::Apis::IamV1::Role::Representation command.response_class = Google::Apis::IamV1::Role command.params['name'] = name unless name.nil? command.query['etag'] = etag unless etag.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#delete_project_role(name, etag: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Soft deletes a role. The role is suspended and cannot be used to create new
IAM Policy Bindings.
The Role will not be included in ListRoles()
unless show_deleted
is set
in the ListRolesRequest
. The Role contains the deleted boolean set.
Existing Bindings remains, but are inactive. The Role can be undeleted
within 7 days. After 7 days the Role is deleted and all Bindings associated
with the role are removed.
456 457 458 459 460 461 462 463 464 465 |
# File 'generated/google/apis/iam_v1/service.rb', line 456 def delete_project_role(name, etag: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:delete, 'v1/{+name}', ) command.response_representation = Google::Apis::IamV1::Role::Representation command.response_class = Google::Apis::IamV1::Role command.params['name'] = name unless name.nil? command.query['etag'] = etag unless etag.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#delete_project_service_account(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty
Deletes a ServiceAccount.
678 679 680 681 682 683 684 685 686 |
# File 'generated/google/apis/iam_v1/service.rb', line 678 def delete_project_service_account(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:delete, 'v1/{+name}', ) command.response_representation = Google::Apis::IamV1::Empty::Representation command.response_class = Google::Apis::IamV1::Empty command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#delete_project_service_account_key(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty
Deletes a ServiceAccountKey.
1098 1099 1100 1101 1102 1103 1104 1105 1106 |
# File 'generated/google/apis/iam_v1/service.rb', line 1098 def delete_project_service_account_key(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:delete, 'v1/{+name}', ) command.response_representation = Google::Apis::IamV1::Empty::Representation command.response_class = Google::Apis::IamV1::Empty command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#get_organization_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Gets a Role definition.
231 232 233 234 235 236 237 238 239 |
# File 'generated/google/apis/iam_v1/service.rb', line 231 def get_organization_role(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', ) command.response_representation = Google::Apis::IamV1::Role::Representation command.response_class = Google::Apis::IamV1::Role command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#get_project_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Gets a Role definition.
490 491 492 493 494 495 496 497 498 |
# File 'generated/google/apis/iam_v1/service.rb', line 490 def get_project_role(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', ) command.response_representation = Google::Apis::IamV1::Role::Representation command.response_class = Google::Apis::IamV1::Role command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#get_project_service_account(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount
Gets a ServiceAccount.
712 713 714 715 716 717 718 719 720 |
# File 'generated/google/apis/iam_v1/service.rb', line 712 def get_project_service_account(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', ) command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation command.response_class = Google::Apis::IamV1::ServiceAccount command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#get_project_service_account_iam_policy(resource, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Policy
Returns the IAM access control policy for a ServiceAccount.
744 745 746 747 748 749 750 751 752 |
# File 'generated/google/apis/iam_v1/service.rb', line 744 def get_project_service_account_iam_policy(resource, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:getIamPolicy', ) command.response_representation = Google::Apis::IamV1::Policy::Representation command.response_class = Google::Apis::IamV1::Policy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#get_project_service_account_key(name, public_key_type: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccountKey
Gets the ServiceAccountKey by key id.
1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 |
# File 'generated/google/apis/iam_v1/service.rb', line 1136 def get_project_service_account_key(name, public_key_type: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', ) command.response_representation = Google::Apis::IamV1::ServiceAccountKey::Representation command.response_class = Google::Apis::IamV1::ServiceAccountKey command.params['name'] = name unless name.nil? command.query['publicKeyType'] = public_key_type unless public_key_type.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#get_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Gets a Role definition.
1209 1210 1211 1212 1213 1214 1215 1216 1217 |
# File 'generated/google/apis/iam_v1/service.rb', line 1209 def get_role(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', ) command.response_representation = Google::Apis::IamV1::Role::Representation command.response_class = Google::Apis::IamV1::Role command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#lint_iam_policy_policy(lint_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::LintPolicyResponse
Lints a Cloud IAM policy object or its sub fields. Currently supports google.iam.v1.Policy, google.iam.v1.Binding and google.iam.v1.Binding.condition. Each lint operation consists of multiple lint validation units. Validation units have the following properties:
- Each unit inspects the input object in regard to a particular linting aspect and issues a google.iam.admin.v1.LintResult disclosing the result.
- Domain of discourse of each unit can be either google.iam.v1.Policy, google.iam.v1.Binding, or google.iam.v1.Binding.condition depending on the purpose of the validation.
- A unit may require additional data (like the list of all possible
enumerable values of a particular attribute used in the policy instance)
which shall be provided by the caller. Refer to the comments of
google.iam.admin.v1.LintPolicyRequest.context for more details.
The set of applicable validation units is determined by the Cloud IAM
server and is not configurable.
Regardless of any lint issues or their severities, successful calls to
lintPolicy
return an HTTP 200 OK status code.
90 91 92 93 94 95 96 97 98 99 |
# File 'generated/google/apis/iam_v1/service.rb', line 90 def lint_iam_policy_policy(lint_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/iamPolicies:lintPolicy', ) command.request_representation = Google::Apis::IamV1::LintPolicyRequest::Representation command.request_object = lint_policy_request_object command.response_representation = Google::Apis::IamV1::LintPolicyResponse::Representation command.response_class = Google::Apis::IamV1::LintPolicyResponse command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#list_organization_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse
Lists the Roles defined on a resource.
272 273 274 275 276 277 278 279 280 281 282 283 284 |
# File 'generated/google/apis/iam_v1/service.rb', line 272 def list_organization_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/roles', ) command.response_representation = Google::Apis::IamV1::ListRolesResponse::Representation command.response_class = Google::Apis::IamV1::ListRolesResponse command.params['parent'] = parent unless parent.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['showDeleted'] = show_deleted unless show_deleted.nil? command.query['view'] = view unless view.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#list_project_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse
Lists the Roles defined on a resource.
531 532 533 534 535 536 537 538 539 540 541 542 543 |
# File 'generated/google/apis/iam_v1/service.rb', line 531 def list_project_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/roles', ) command.response_representation = Google::Apis::IamV1::ListRolesResponse::Representation command.response_class = Google::Apis::IamV1::ListRolesResponse command.params['parent'] = parent unless parent.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['showDeleted'] = show_deleted unless show_deleted.nil? command.query['view'] = view unless view.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#list_project_service_account_keys(name, key_types: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListServiceAccountKeysResponse
Lists ServiceAccountKeys.
1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 |
# File 'generated/google/apis/iam_v1/service.rb', line 1175 def list_project_service_account_keys(name, key_types: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/keys', ) command.response_representation = Google::Apis::IamV1::ListServiceAccountKeysResponse::Representation command.response_class = Google::Apis::IamV1::ListServiceAccountKeysResponse command.params['name'] = name unless name.nil? command.query['keyTypes'] = key_types unless key_types.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#list_project_service_accounts(name, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListServiceAccountsResponse
Lists ServiceAccounts for a project.
783 784 785 786 787 788 789 790 791 792 793 |
# File 'generated/google/apis/iam_v1/service.rb', line 783 def list_project_service_accounts(name, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/serviceAccounts', ) command.response_representation = Google::Apis::IamV1::ListServiceAccountsResponse::Representation command.response_class = Google::Apis::IamV1::ListServiceAccountsResponse command.params['name'] = name unless name.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#list_roles(page_size: nil, page_token: nil, parent: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse
Lists the Roles defined on a resource.
1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 |
# File 'generated/google/apis/iam_v1/service.rb', line 1250 def list_roles(page_size: nil, page_token: nil, parent: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/roles', ) command.response_representation = Google::Apis::IamV1::ListRolesResponse::Representation command.response_class = Google::Apis::IamV1::ListRolesResponse command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['parent'] = parent unless parent.nil? command.query['showDeleted'] = show_deleted unless show_deleted.nil? command.query['view'] = view unless view.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#patch_organization_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Updates a Role definition.
312 313 314 315 316 317 318 319 320 321 322 323 |
# File 'generated/google/apis/iam_v1/service.rb', line 312 def patch_organization_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:patch, 'v1/{+name}', ) command.request_representation = Google::Apis::IamV1::Role::Representation command.request_object = role_object command.response_representation = Google::Apis::IamV1::Role::Representation command.response_class = Google::Apis::IamV1::Role command.params['name'] = name unless name.nil? command.query['updateMask'] = update_mask unless update_mask.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#patch_project_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Updates a Role definition.
571 572 573 574 575 576 577 578 579 580 581 582 |
# File 'generated/google/apis/iam_v1/service.rb', line 571 def patch_project_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:patch, 'v1/{+name}', ) command.request_representation = Google::Apis::IamV1::Role::Representation command.request_object = role_object command.response_representation = Google::Apis::IamV1::Role::Representation command.response_class = Google::Apis::IamV1::Role command.params['name'] = name unless name.nil? command.query['updateMask'] = update_mask unless update_mask.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#patch_service_account(name, patch_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount
Patches a ServiceAccount.
Currently, only the following fields are updatable:
display_name
and description
.
Only fields specified in the request are garaunteed to be returned in
the response. Other fields in the response may be empty.
Note: The field mask is required.
827 828 829 830 831 832 833 834 835 836 837 |
# File 'generated/google/apis/iam_v1/service.rb', line 827 def patch_service_account(name, patch_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:patch, 'v1/{+name}', ) command.request_representation = Google::Apis::IamV1::PatchServiceAccountRequest::Representation command.request_object = patch_service_account_request_object command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation command.response_class = Google::Apis::IamV1::ServiceAccount command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#query_grantable_roles(query_grantable_roles_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryGrantableRolesResponse
Queries roles that can be granted on a particular resource. A role is grantable if it can be used as the role in a binding for a policy for that resource.
1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 |
# File 'generated/google/apis/iam_v1/service.rb', line 1285 def query_grantable_roles(query_grantable_roles_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/roles:queryGrantableRoles', ) command.request_representation = Google::Apis::IamV1::QueryGrantableRolesRequest::Representation command.request_object = query_grantable_roles_request_object command.response_representation = Google::Apis::IamV1::QueryGrantableRolesResponse::Representation command.response_class = Google::Apis::IamV1::QueryGrantableRolesResponse command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#query_iam_policy_auditable_services(query_auditable_services_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryAuditableServicesResponse
Returns a list of services that support service level audit logging configuration for the given resource.
121 122 123 124 125 126 127 128 129 130 |
# File 'generated/google/apis/iam_v1/service.rb', line 121 def query_iam_policy_auditable_services(query_auditable_services_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/iamPolicies:queryAuditableServices', ) command.request_representation = Google::Apis::IamV1::QueryAuditableServicesRequest::Representation command.request_object = query_auditable_services_request_object command.response_representation = Google::Apis::IamV1::QueryAuditableServicesResponse::Representation command.response_class = Google::Apis::IamV1::QueryAuditableServicesResponse command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#query_testable_permissions(query_testable_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryTestablePermissionsResponse
Lists the permissions testable on a resource. A permission is testable if it can be tested for an identity on a resource.
380 381 382 383 384 385 386 387 388 389 |
# File 'generated/google/apis/iam_v1/service.rb', line 380 def ( = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/permissions:queryTestablePermissions', ) command.request_representation = Google::Apis::IamV1::QueryTestablePermissionsRequest::Representation command.request_object = command.response_representation = Google::Apis::IamV1::QueryTestablePermissionsResponse::Representation command.response_class = Google::Apis::IamV1::QueryTestablePermissionsResponse command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#set_service_account_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Policy
Sets the IAM access control policy for a ServiceAccount.
862 863 864 865 866 867 868 869 870 871 872 |
# File 'generated/google/apis/iam_v1/service.rb', line 862 def set_service_account_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', ) command.request_representation = Google::Apis::IamV1::SetIamPolicyRequest::Representation command.request_object = set_iam_policy_request_object command.response_representation = Google::Apis::IamV1::Policy::Representation command.response_class = Google::Apis::IamV1::Policy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#sign_service_account_blob(name, sign_blob_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::SignBlobResponse
Note: This method is in the process of being deprecated. Call the
signBlob()
method of the Cloud IAM Service Account Credentials API instead.
Signs a blob using a service account's system-managed private key.
903 904 905 906 907 908 909 910 911 912 913 |
# File 'generated/google/apis/iam_v1/service.rb', line 903 def sign_service_account_blob(name, sign_blob_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:signBlob', ) command.request_representation = Google::Apis::IamV1::SignBlobRequest::Representation command.request_object = sign_blob_request_object command.response_representation = Google::Apis::IamV1::SignBlobResponse::Representation command.response_class = Google::Apis::IamV1::SignBlobResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#sign_service_account_jwt(name, sign_jwt_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::SignJwtResponse
Note: This method is in the process of being deprecated. Call the
signJwt()
method of the Cloud IAM Service Account Credentials API instead.
Signs a JWT using a service account's system-managed private key.
If no expiry time (exp
) is provided in the SignJwtRequest
, IAM sets an
an expiry time of one hour by default. If you request an expiry time of
more than one hour, the request will fail.
947 948 949 950 951 952 953 954 955 956 957 |
# File 'generated/google/apis/iam_v1/service.rb', line 947 def sign_service_account_jwt(name, sign_jwt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:signJwt', ) command.request_representation = Google::Apis::IamV1::SignJwtRequest::Representation command.request_object = sign_jwt_request_object command.response_representation = Google::Apis::IamV1::SignJwtResponse::Representation command.response_class = Google::Apis::IamV1::SignJwtResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#test_service_account_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::TestIamPermissionsResponse
Tests the specified permissions against the IAM access control policy for a ServiceAccount.
982 983 984 985 986 987 988 989 990 991 992 |
# File 'generated/google/apis/iam_v1/service.rb', line 982 def (resource, = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', ) command.request_representation = Google::Apis::IamV1::TestIamPermissionsRequest::Representation command.request_object = command.response_representation = Google::Apis::IamV1::TestIamPermissionsResponse::Representation command.response_class = Google::Apis::IamV1::TestIamPermissionsResponse command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#undelete_organization_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Undelete a Role, bringing it back in its previous state.
348 349 350 351 352 353 354 355 356 357 358 |
# File 'generated/google/apis/iam_v1/service.rb', line 348 def undelete_organization_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:undelete', ) command.request_representation = Google::Apis::IamV1::UndeleteRoleRequest::Representation command.request_object = undelete_role_request_object command.response_representation = Google::Apis::IamV1::Role::Representation command.response_class = Google::Apis::IamV1::Role command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#undelete_project_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role
Undelete a Role, bringing it back in its previous state.
607 608 609 610 611 612 613 614 615 616 617 |
# File 'generated/google/apis/iam_v1/service.rb', line 607 def undelete_project_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:undelete', ) command.request_representation = Google::Apis::IamV1::UndeleteRoleRequest::Representation command.request_object = undelete_role_request_object command.response_representation = Google::Apis::IamV1::Role::Representation command.response_class = Google::Apis::IamV1::Role command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#update_project_service_account(name, service_account_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount
Updates a ServiceAccount.
Currently, only the following fields are updatable:
display_name
.
The etag
is mandatory.
1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 |
# File 'generated/google/apis/iam_v1/service.rb', line 1024 def update_project_service_account(name, service_account_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:put, 'v1/{+name}', ) command.request_representation = Google::Apis::IamV1::ServiceAccount::Representation command.request_object = service_account_object command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation command.response_class = Google::Apis::IamV1::ServiceAccount command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |