Class: Google::Apis::IamV1::IamService

Inherits:

Core::BaseService

• Object
• Core::BaseService
• Google::Apis::IamV1::IamService

Defined in:

lib/google/apis/iam_v1/service.rb

Overview

Identity and Access Management (IAM) API

Manages identity and access control for Google Cloud Platform resources, including the creation of service accounts, which you can use to authenticate to Google and make API calls.

Examples:

require 'google/apis/iam_v1'

Iam = Google::Apis::IamV1 # Alias the module
service = Iam::IamService.new

See Also:

• https://cloud.google.com/iam/

Instance Attribute Summary

• #key ⇒ String

  API key.

• #quota_user ⇒ String

  Available to use for quota purposes for server-side applications.

Instance Method Summary

• #create_location_workforce_pool(location, workforce_pool_object = nil, workforce_pool_id: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Creates a new WorkforcePool.

• #create_location_workforce_pool_provider(parent, workforce_pool_provider_object = nil, workforce_pool_provider_id: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Creates a new WorkforcePoolProvider in a WorkforcePool.

• #create_location_workforce_pool_provider_key(parent, workforce_pool_provider_key_object = nil, workforce_pool_provider_key_id: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Creates a new WorkforcePoolProviderKey in a WorkforcePoolProvider.

• #create_organization_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

  Creates a new custom Role.

• #create_project_location_workload_identity_pool(parent, workload_identity_pool_object = nil, workload_identity_pool_id: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Creates a new WorkloadIdentityPool.

• #create_project_location_workload_identity_pool_provider(parent, workload_identity_pool_provider_object = nil, workload_identity_pool_provider_id: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Creates a new WorkloadIdentityPoolProvider in a WorkloadIdentityPool.

• #create_project_location_workload_identity_pool_provider_key(parent, workload_identity_pool_provider_key_object = nil, workload_identity_pool_provider_key_id: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Create a new WorkloadIdentityPoolProviderKey in a WorkloadIdentityPoolProvider.

• #create_project_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

  Creates a new custom Role.

• #create_service_account(name, create_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount

  Creates a ServiceAccount.

• #create_service_account_key(name, create_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccountKey

  Creates a ServiceAccountKey.

• #delete_location_workforce_pool(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Deletes a WorkforcePool.

• #delete_location_workforce_pool_provider(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Deletes a WorkforcePoolProvider.

• #delete_location_workforce_pool_provider_key(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Deletes a WorkforcePoolProviderKey.

• #delete_location_workforce_pool_subject(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Deletes a WorkforcePoolSubject.

• #delete_organization_role(name, etag: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

  Deletes a custom Role.

• #delete_project_location_workload_identity_pool(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Deletes a WorkloadIdentityPool.

• #delete_project_location_workload_identity_pool_provider(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Deletes a WorkloadIdentityPoolProvider.

• #delete_project_location_workload_identity_pool_provider_key(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Deletes an WorkloadIdentityPoolProviderKey.

• #delete_project_role(name, etag: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

  Deletes a custom Role.

• #delete_project_service_account(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty

  Deletes a ServiceAccount.

• #delete_project_service_account_key(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty

  Deletes a ServiceAccountKey.

• #disable_service_account(name, disable_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty

  Disables a ServiceAccount immediately.

• #disable_service_account_key(name, disable_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty

  Disable a ServiceAccountKey.

• #enable_service_account(name, enable_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty

  Enables a ServiceAccount that was disabled by DisableServiceAccount.

• #enable_service_account_key(name, enable_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty

  Enable a ServiceAccountKey.

• #get_location_workforce_pool(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::WorkforcePool

  Gets an individual WorkforcePool.

• #get_location_workforce_pool_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Gets the latest state of a long-running operation.

• #get_location_workforce_pool_provider(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::WorkforcePoolProvider

  Gets an individual WorkforcePoolProvider.

• #get_location_workforce_pool_provider_key(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::WorkforcePoolProviderKey

  Gets a WorkforcePoolProviderKey.

• #get_location_workforce_pool_provider_key_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Gets the latest state of a long-running operation.

• #get_location_workforce_pool_provider_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Gets the latest state of a long-running operation.

• #get_location_workforce_pool_subject_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Gets the latest state of a long-running operation.

• #get_organization_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

  Gets the definition of a Role.

• #get_project_location_workload_identity_pool(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::WorkloadIdentityPool

  Gets an individual WorkloadIdentityPool.

• #get_project_location_workload_identity_pool_namespace_managed_identity_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Gets the latest state of a long-running operation.

• #get_project_location_workload_identity_pool_namespace_managed_identity_workload_source_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Gets the latest state of a long-running operation.

• #get_project_location_workload_identity_pool_namespace_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Gets the latest state of a long-running operation.

• #get_project_location_workload_identity_pool_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Gets the latest state of a long-running operation.

• #get_project_location_workload_identity_pool_provider(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::WorkloadIdentityPoolProvider

  Gets an individual WorkloadIdentityPoolProvider.

• #get_project_location_workload_identity_pool_provider_key(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::WorkloadIdentityPoolProviderKey

  Gets an individual WorkloadIdentityPoolProviderKey.

• #get_project_location_workload_identity_pool_provider_key_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Gets the latest state of a long-running operation.

• #get_project_location_workload_identity_pool_provider_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Gets the latest state of a long-running operation.

• #get_project_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

  Gets the definition of a Role.

• #get_project_service_account(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount

  Gets a ServiceAccount.

• #get_project_service_account_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Policy

  Gets the IAM policy that is attached to a ServiceAccount.

• #get_project_service_account_key(name, public_key_type: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccountKey

  Gets a ServiceAccountKey.

• #get_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

  Gets the definition of a Role.

• #get_workforce_pool_iam_policy(resource, get_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Policy

  Gets IAM policies on a WorkforcePool.

• #initialize ⇒ IamService constructor

  A new instance of IamService.

• #lint_iam_policy_policy(lint_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::LintPolicyResponse

  Lints, or validates, an IAM policy.

• #list_location_workforce_pool_provider_keys(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListWorkforcePoolProviderKeysResponse

  Lists all non-deleted WorkforcePoolProviderKeys in a WorkforcePoolProvider.

• #list_location_workforce_pool_providers(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListWorkforcePoolProvidersResponse

  Lists all non-deleted WorkforcePoolProviders in a WorkforcePool.

• #list_location_workforce_pools(location, page_size: nil, page_token: nil, parent: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListWorkforcePoolsResponse

  Lists all non-deleted WorkforcePools under the specified parent.

• #list_organization_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse

  Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.

• #list_project_location_workload_identity_pool_provider_keys(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListWorkloadIdentityPoolProviderKeysResponse

  Lists all non-deleted WorkloadIdentityPoolProviderKeys in a project.

• #list_project_location_workload_identity_pool_providers(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListWorkloadIdentityPoolProvidersResponse

  Lists all non-deleted WorkloadIdentityPoolProviders in a WorkloadIdentityPool.

• #list_project_location_workload_identity_pools(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListWorkloadIdentityPoolsResponse

  Lists all non-deleted WorkloadIdentityPools in a project.

• #list_project_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse

  Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.

• #list_project_service_account_keys(name, key_types: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListServiceAccountKeysResponse

  Lists every ServiceAccountKey for a service account.

• #list_project_service_accounts(name, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListServiceAccountsResponse

  Lists every ServiceAccount that belongs to a specific project.

• #list_roles(page_size: nil, page_token: nil, parent: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse

  Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.

• #patch_location_workforce_pool(name, workforce_pool_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Updates an existing WorkforcePool.

• #patch_location_workforce_pool_provider(name, workforce_pool_provider_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Updates an existing WorkforcePoolProvider.

• #patch_organization_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

  Updates the definition of a custom Role.

• #patch_project_location_workload_identity_pool(name, workload_identity_pool_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Updates an existing WorkloadIdentityPool.

• #patch_project_location_workload_identity_pool_provider(name, workload_identity_pool_provider_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Updates an existing WorkloadIdentityPoolProvider.

• #patch_project_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

  Updates the definition of a custom Role.

• #patch_service_account(name, patch_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount

  Patches a ServiceAccount.

• #query_grantable_roles(query_grantable_roles_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryGrantableRolesResponse

  Lists roles that can be granted on a Google Cloud resource.

• #query_iam_policy_auditable_services(query_auditable_services_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryAuditableServicesResponse

  Returns a list of services that allow you to opt into audit logs that are not generated by default.

• #query_testable_permissions(query_testable_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryTestablePermissionsResponse

  Lists every permission that you can test on a resource.

• #set_service_account_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Policy

  Sets the IAM policy that is attached to a ServiceAccount.

• #set_workforce_pool_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Policy

  Sets IAM policies on a WorkforcePool.

• #sign_service_account_blob(name, sign_blob_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::SignBlobResponse

  Note: This method is deprecated.

• #sign_service_account_jwt(name, sign_jwt_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::SignJwtResponse

  Note: This method is deprecated.

• #test_service_account_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::TestIamPermissionsResponse

  Tests whether the caller has the specified permissions on a ServiceAccount.

• #test_workforce_pool_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::TestIamPermissionsResponse

  Returns the caller's permissions on the WorkforcePool.

• #undelete_organization_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

  Undeletes a custom Role.

• #undelete_project_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

  Undeletes a custom Role.

• #undelete_service_account(name, undelete_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::UndeleteServiceAccountResponse

  Restores a deleted ServiceAccount.

• #undelete_workforce_pool(name, undelete_workforce_pool_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Undeletes a WorkforcePool, as long as it was deleted fewer than 30 days ago.

• #undelete_workforce_pool_provider(name, undelete_workforce_pool_provider_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Undeletes a WorkforcePoolProvider, as long as it was deleted fewer than 30 days ago.

• #undelete_workforce_pool_provider_key(name, undelete_workforce_pool_provider_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Undeletes a WorkforcePoolProviderKey, as long as it was deleted fewer than 30 days ago.

• #undelete_workforce_pool_subject(name, undelete_workforce_pool_subject_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Undeletes a WorkforcePoolSubject, as long as it was deleted fewer than 30 days ago.

• #undelete_workload_identity_pool(name, undelete_workload_identity_pool_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Undeletes a WorkloadIdentityPool, as long as it was deleted fewer than 30 days ago.

• #undelete_workload_identity_pool_provider(name, undelete_workload_identity_pool_provider_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Undeletes a WorkloadIdentityPoolProvider, as long as it was deleted fewer than 30 days ago.

• #undelete_workload_identity_pool_provider_key(name, undelete_workload_identity_pool_provider_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

  Undeletes an WorkloadIdentityPoolProviderKey, as long as it was deleted fewer than 30 days ago.

• #update_project_service_account(name, service_account_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount

  Note: We are in the process of deprecating this method.

• #upload_service_account_key(name, upload_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccountKey

  Uploads the public key portion of a key pair that you manage, and associates the public key with a ServiceAccount.

Constructor Details

#initialize ⇒ IamService

Returns a new instance of IamService.

# File 'lib/google/apis/iam_v1/service.rb', line 47

def initialize
  super('https://iam.googleapis.com/', '',
        client_name: 'google-apis-iam_v1',
        client_version: Google::Apis::IamV1::GEM_VERSION)
  @batch_path = 'batch'
end

Instance Attribute Details

#key ⇒ String

Returns API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.

Returns:

• (String) —

  API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.

# File 'lib/google/apis/iam_v1/service.rb', line 40

def key
  @key
end

#quota_user ⇒ String

Returns Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

Returns:

• (String) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

# File 'lib/google/apis/iam_v1/service.rb', line 45

def quota_user
  @quota_user
end

Instance Method Details

#create_location_workforce_pool(location, workforce_pool_object = nil, workforce_pool_id: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Creates a new WorkforcePool. You cannot reuse the name of a deleted pool until 30 days after deletion.

Parameters:

• location (String) —

  The location of the pool to create. Format: locations/location``.

• workforce_pool_object (Google::Apis::IamV1::WorkforcePool) (defaults to: nil)
• workforce_pool_id (String) (defaults to: nil) —

  The ID to use for the pool, which becomes the final component of the resource name. The IDs must be a globally unique string of 6 to 63 lowercase letters, digits, or hyphens. It must start with a letter, and cannot have a trailing hyphen. The prefix gcp- is reserved for use by Google, and may not be specified.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 147

def create_location_workforce_pool(location, workforce_pool_object = nil, workforce_pool_id: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+location}/workforcePools', options)
  command.request_representation = Google::Apis::IamV1::WorkforcePool::Representation
  command.request_object = workforce_pool_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['location'] = location unless location.nil?
  command.query['workforcePoolId'] = workforce_pool_id unless workforce_pool_id.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#create_location_workforce_pool_provider(parent, workforce_pool_provider_object = nil, workforce_pool_provider_id: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Creates a new WorkforcePoolProvider in a WorkforcePool. You cannot reuse the name of a deleted provider until 30 days after deletion.

Parameters:

• parent (String) —

  Required. The pool to create this provider in. Format: locations/location/ workforcePools/workforce_pool_id``

• workforce_pool_provider_object (Google::Apis::IamV1::WorkforcePoolProvider) (defaults to: nil)
• workforce_pool_provider_id (String) (defaults to: nil) —

  Required. The ID for the provider, which becomes the final component of the resource name. This value must be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix gcp- is reserved for use by Google, and may not be specified.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 511

def create_location_workforce_pool_provider(parent, workforce_pool_provider_object = nil, workforce_pool_provider_id: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+parent}/providers', options)
  command.request_representation = Google::Apis::IamV1::WorkforcePoolProvider::Representation
  command.request_object = workforce_pool_provider_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['parent'] = parent unless parent.nil?
  command.query['workforcePoolProviderId'] = workforce_pool_provider_id unless workforce_pool_provider_id.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#create_location_workforce_pool_provider_key(parent, workforce_pool_provider_key_object = nil, workforce_pool_provider_key_id: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Creates a new WorkforcePoolProviderKey in a WorkforcePoolProvider.

Parameters:

• parent (String) —

  Required. The provider to create this key in.

• workforce_pool_provider_key_object (Google::Apis::IamV1::WorkforcePoolProviderKey) (defaults to: nil)
• workforce_pool_provider_key_id (String) (defaults to: nil) —

  Required. The ID to use for the key, which becomes the final component of the resource name. This value must be 4-32 characters, and may contain the characters [a-z0-9-].

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 730

def create_location_workforce_pool_provider_key(parent, workforce_pool_provider_key_object = nil, workforce_pool_provider_key_id: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+parent}/keys', options)
  command.request_representation = Google::Apis::IamV1::WorkforcePoolProviderKey::Representation
  command.request_object = workforce_pool_provider_key_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['parent'] = parent unless parent.nil?
  command.query['workforcePoolProviderKeyId'] = workforce_pool_provider_key_id unless workforce_pool_provider_key_id.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#create_organization_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Creates a new custom Role.

Parameters:

• parent (String) —

  The parent parameter's value depends on the target resource for the request, namely projects or organizations. Each resource type's parent value format is described below: * projects.roles.create(): projects/PROJECT_ID. This method creates project-level [custom roles](https://cloud.google.com/iam/docs/understanding- custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/` PROJECT_ID`/roles` * [`organizations.roles.create()`](https://cloud.google.com/ iam/reference/rest/v1/organizations.roles/create): `organizations/` ORGANIZATION_ID. This method creates organization-level custom roles. Example request URL: https://iam.googleapis.com/v1/organizations/ORGANIZATION_ID/roles Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

• create_role_request_object (Google::Apis::IamV1::CreateRoleRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Role) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Role)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1090

def create_organization_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+parent}/roles', options)
  command.request_representation = Google::Apis::IamV1::CreateRoleRequest::Representation
  command.request_object = create_role_request_object
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['parent'] = parent unless parent.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#create_project_location_workload_identity_pool(parent, workload_identity_pool_object = nil, workload_identity_pool_id: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Creates a new WorkloadIdentityPool. You cannot reuse the name of a deleted pool until 30 days after deletion.

Parameters:

• parent (String) —

  Required. The parent resource to create the pool in. The only supported location is global.

• workload_identity_pool_object (Google::Apis::IamV1::WorkloadIdentityPool) (defaults to: nil)
• workload_identity_pool_id (String) (defaults to: nil) —

  Required. The ID to use for the pool, which becomes the final component of the resource name. This value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix gcp- is reserved for use by Google, and may not be specified.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1435

def create_project_location_workload_identity_pool(parent, workload_identity_pool_object = nil, workload_identity_pool_id: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+parent}/workloadIdentityPools', options)
  command.request_representation = Google::Apis::IamV1::WorkloadIdentityPool::Representation
  command.request_object = workload_identity_pool_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['parent'] = parent unless parent.nil?
  command.query['workloadIdentityPoolId'] = workload_identity_pool_id unless workload_identity_pool_id.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#create_project_location_workload_identity_pool_provider(parent, workload_identity_pool_provider_object = nil, workload_identity_pool_provider_id: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Creates a new WorkloadIdentityPoolProvider in a WorkloadIdentityPool. You cannot reuse the name of a deleted provider until 30 days after deletion.

Parameters:

• parent (String) —

  Required. The pool to create this provider in.

• workload_identity_pool_provider_object (Google::Apis::IamV1::WorkloadIdentityPoolProvider) (defaults to: nil)
• workload_identity_pool_provider_id (String) (defaults to: nil) —

  Required. The ID for the provider, which becomes the final component of the resource name. This value must be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix gcp- is reserved for use by Google, and may not be specified.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1777

def create_project_location_workload_identity_pool_provider(parent, workload_identity_pool_provider_object = nil, workload_identity_pool_provider_id: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+parent}/providers', options)
  command.request_representation = Google::Apis::IamV1::WorkloadIdentityPoolProvider::Representation
  command.request_object = workload_identity_pool_provider_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['parent'] = parent unless parent.nil?
  command.query['workloadIdentityPoolProviderId'] = workload_identity_pool_provider_id unless workload_identity_pool_provider_id.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#create_project_location_workload_identity_pool_provider_key(parent, workload_identity_pool_provider_key_object = nil, workload_identity_pool_provider_key_id: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Create a new WorkloadIdentityPoolProviderKey in a WorkloadIdentityPoolProvider.

Parameters:

• parent (String) —

  Required. The parent provider resource to create the key in.

• workload_identity_pool_provider_key_object (Google::Apis::IamV1::WorkloadIdentityPoolProviderKey) (defaults to: nil)
• workload_identity_pool_provider_key_id (String) (defaults to: nil) —

  Required. The ID to use for the key, which becomes the final component of the resource name. This value should be 4-32 characters, and may contain the characters [a-z0-9-].

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1991

def create_project_location_workload_identity_pool_provider_key(parent, workload_identity_pool_provider_key_object = nil, workload_identity_pool_provider_key_id: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+parent}/keys', options)
  command.request_representation = Google::Apis::IamV1::WorkloadIdentityPoolProviderKey::Representation
  command.request_object = workload_identity_pool_provider_key_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['parent'] = parent unless parent.nil?
  command.query['workloadIdentityPoolProviderKeyId'] = workload_identity_pool_provider_key_id unless workload_identity_pool_provider_key_id.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#create_project_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Creates a new custom Role.

Parameters:

• parent (String) —

  The parent parameter's value depends on the target resource for the request, namely projects or organizations. Each resource type's parent value format is described below: * projects.roles.create(): projects/PROJECT_ID. This method creates project-level [custom roles](https://cloud.google.com/iam/docs/understanding- custom-roles). Example request URL: `https://iam.googleapis.com/v1/projects/` PROJECT_ID`/roles` * [`organizations.roles.create()`](https://cloud.google.com/ iam/reference/rest/v1/organizations.roles/create): `organizations/` ORGANIZATION_ID. This method creates organization-level custom roles. Example request URL: https://iam.googleapis.com/v1/organizations/ORGANIZATION_ID/roles Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

• create_role_request_object (Google::Apis::IamV1::CreateRoleRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Role) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Role)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2238

def create_project_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+parent}/roles', options)
  command.request_representation = Google::Apis::IamV1::CreateRoleRequest::Representation
  command.request_object = create_role_request_object
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['parent'] = parent unless parent.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#create_service_account(name, create_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount

Creates a ServiceAccount.

Parameters:

• name (String) —

  Required. The resource name of the project associated with the service accounts, such as projects/my-project-123.

• create_service_account_request_object (Google::Apis::IamV1::CreateServiceAccountRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ServiceAccount) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ServiceAccount)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2545

def create_service_account(name, create_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}/serviceAccounts', options)
  command.request_representation = Google::Apis::IamV1::CreateServiceAccountRequest::Representation
  command.request_object = create_service_account_request_object
  command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccount
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#create_service_account_key(name, create_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccountKey

Creates a ServiceAccountKey.

Parameters:

• name (String) —

  Required. The resource name of the service account. Use one of the following formats: * projects/PROJECT_ID/serviceAccounts/EMAIL_ADDRESS* `projects/ `PROJECT_ID`/serviceAccounts/`UNIQUE_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/ EMAIL_ADDRESS* `projects/-/serviceAccounts/`UNIQUE_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account projects/-/serviceAccounts/fake@example.com, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• create_service_account_key_request_object (Google::Apis::IamV1::CreateServiceAccountKeyRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ServiceAccountKey) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ServiceAccountKey)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 3173

def create_service_account_key(name, create_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}/keys', options)
  command.request_representation = Google::Apis::IamV1::CreateServiceAccountKeyRequest::Representation
  command.request_object = create_service_account_key_request_object
  command.response_representation = Google::Apis::IamV1::ServiceAccountKey::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccountKey
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_location_workforce_pool(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Deletes a WorkforcePool. You cannot use a deleted WorkforcePool to exchange external credentials for Google Cloud credentials. However, deletion does not revoke credentials that have already been issued. Credentials issued for a deleted pool do not grant access to resources. If the pool is undeleted, and the credentials are not expired, they grant access again. You can undelete a pool for 30 days. After 30 days, deletion is permanent. You cannot update deleted pools. However, you can view and list them.

Parameters:

• name (String) —

  Required. The name of the pool to delete. Format: locations/location/ workforcePools/workforce_pool_id``

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 187

def delete_location_workforce_pool(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_location_workforce_pool_provider(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Deletes a WorkforcePoolProvider. Deleting a provider does not revoke credentials that have already been\ issued; they continue to grant access. You can undelete a provider for 30 days. After 30 days, deletion is permanent. You cannot update deleted providers. However, you can view and list them.

Parameters:

• name (String) —

  Required. The name of the provider to delete. Format: locations/location/ workforcePools/workforce_pool_id/providers/provider_id``

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 548

def delete_location_workforce_pool_provider(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_location_workforce_pool_provider_key(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Deletes a WorkforcePoolProviderKey. You can undelete a key for 30 days. After 30 days, deletion is permanent.

Parameters:

• name (String) —

  Required. The name of the key to delete.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 764

def delete_location_workforce_pool_provider_key(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_location_workforce_pool_subject(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Deletes a WorkforcePoolSubject. Subject must not already be in a deleted state. A WorkforcePoolSubject is automatically created the first time an external credential is exchanged for a Google Cloud credential with a mapped google. subject attribute. There is no path to manually create WorkforcePoolSubjects. Once deleted, the WorkforcePoolSubject may not be used for 30 days. After 30 days, the WorkforcePoolSubject will be deleted forever and can be reused in token exchanges with Google Cloud STS. This will automatically create a new WorkforcePoolSubject that is independent of the previously deleted WorkforcePoolSubject with the same google.subject value.

Parameters:

• name (String) —

  Required. The resource name of the WorkforcePoolSubject. Special characters, like '/' and ':', must be escaped, because all URLs need to conform to the " When to Escape and Unescape" section of RFC3986. Format: locations/location/workforcePools/workforce_pool_id/ subjects/subject_id``

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 976

def delete_location_workforce_pool_subject(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_organization_role(name, etag: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Deletes a custom Role. When you delete a custom role, the following changes occur immediately: * You cannot bind a principal to the custom role in an IAM Policy. * Existing bindings to the custom role are not changed, but they have no effect. * By default, the response from ListRoles does not include the custom role. You have 7 days to undelete the custom role. After 7 days, the following changes occur: * The custom role is permanently deleted and cannot be recovered. * If an IAM policy contains a binding to the custom role, the binding is permanently removed.

Parameters:

• name (String) —

  The name parameter's value depends on the target resource for the request, namely projects or organizations. Each resource type's name value format is described below: * projects.roles.delete(): projects/PROJECT_ID/roles/CUSTOM_ROLE_ID. This method deletes only [custom roles](https://cloud.google.com/iam/docs/ understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/`PROJECT_ID`/ roles/`CUSTOM_ROLE_ID * organizations.roles.delete(): organizations/ ORGANIZATION_ID/roles/CUSTOM_ROLE_ID. This method deletes only [custom roles](https://cloud.google.com/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam. googleapis.com/v1/organizations/`ORGANIZATION_ID`/roles/`CUSTOM_ROLE_ID Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

• etag (String) (defaults to: nil) —

  Used to perform a consistent read-modify-write.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Role) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Role)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1147

def delete_organization_role(name, etag: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['etag'] = etag unless etag.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_project_location_workload_identity_pool(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Deletes a WorkloadIdentityPool. You cannot use a deleted pool to exchange external credentials for Google Cloud credentials. However, deletion does not revoke credentials that have already been issued. Credentials issued for a deleted pool do not grant access to resources. If the pool is undeleted, and the credentials are not expired, they grant access again. You can undelete a pool for 30 days. After 30 days, deletion is permanent. You cannot update deleted pools. However, you can view and list them.

Parameters:

• name (String) —

  Required. The name of the pool to delete.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1474

def delete_project_location_workload_identity_pool(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_project_location_workload_identity_pool_provider(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Deletes a WorkloadIdentityPoolProvider. Deleting a provider does not revoke credentials that have already been issued; they continue to grant access. You can undelete a provider for 30 days. After 30 days, deletion is permanent. You cannot update deleted providers. However, you can view and list them.

Parameters:

• name (String) —

  Required. The name of the provider to delete.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1813

def delete_project_location_workload_identity_pool_provider(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_project_location_workload_identity_pool_provider_key(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Deletes an WorkloadIdentityPoolProviderKey. You can undelete a key for 30 days. After 30 days, deletion is permanent.

Parameters:

• name (String) —

  Required. The name of the encryption key to delete.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2025

def delete_project_location_workload_identity_pool_provider_key(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_project_role(name, etag: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Deletes a custom Role. When you delete a custom role, the following changes occur immediately: * You cannot bind a principal to the custom role in an IAM Policy. * Existing bindings to the custom role are not changed, but they have no effect. * By default, the response from ListRoles does not include the custom role. You have 7 days to undelete the custom role. After 7 days, the following changes occur: * The custom role is permanently deleted and cannot be recovered. * If an IAM policy contains a binding to the custom role, the binding is permanently removed.

Parameters:

• name (String) —

  The name parameter's value depends on the target resource for the request, namely projects or organizations. Each resource type's name value format is described below: * projects.roles.delete(): projects/PROJECT_ID/roles/CUSTOM_ROLE_ID. This method deletes only [custom roles](https://cloud.google.com/iam/docs/ understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/`PROJECT_ID`/ roles/`CUSTOM_ROLE_ID * organizations.roles.delete(): organizations/ ORGANIZATION_ID/roles/CUSTOM_ROLE_ID. This method deletes only [custom roles](https://cloud.google.com/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam. googleapis.com/v1/organizations/`ORGANIZATION_ID`/roles/`CUSTOM_ROLE_ID Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

• etag (String) (defaults to: nil) —

  Used to perform a consistent read-modify-write.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Role) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Role)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2295

def delete_project_role(name, etag: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['etag'] = etag unless etag.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_project_service_account(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty

Deletes a ServiceAccount. Warning: After you delete a service account, you might not be able to undelete it. If you know that you need to re-enable the service account in the future, use DisableServiceAccount instead. If you delete a service account, IAM permanently removes the service account 30 days later. Google Cloud cannot recover the service account after it is permanently removed, even if you file a support request. To help avoid unplanned outages, we recommend that you disable the service account before you delete it. Use DisableServiceAccount to disable the service account, then wait at least 24 hours and watch for unintended consequences. If there are no unintended consequences, you can delete the service account.

Parameters:

• name (String) —

  Required. The resource name of the service account. Use one of the following formats: * projects/PROJECT_ID/serviceAccounts/EMAIL_ADDRESS* `projects/ `PROJECT_ID`/serviceAccounts/`UNIQUE_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/ EMAIL_ADDRESS* `projects/-/serviceAccounts/`UNIQUE_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account projects/-/serviceAccounts/fake@example.com, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Empty) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Empty)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2595

def delete_project_service_account(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Empty::Representation
  command.response_class = Google::Apis::IamV1::Empty
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_project_service_account_key(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty

Deletes a ServiceAccountKey. Deleting a service account key does not revoke short-lived credentials that have been issued based on the service account key.

Parameters:

• name (String) —

  Required. The resource name of the service account key. Use one of the following formats: * projects/PROJECT_ID/serviceAccounts/EMAIL_ADDRESS/ keys/KEY_ID* `projects/`PROJECT_ID`/serviceAccounts/`UNIQUE_ID`/keys/` KEY_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/EMAIL_ADDRESS/keys/KEY_ID* `projects/-/serviceAccounts/`UNIQUE_ID`/keys/`KEY_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account key projects/-/serviceAccounts/fake@example.com/keys/fake-key, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Empty) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Empty)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 3216

def delete_project_service_account_key(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Empty::Representation
  command.response_class = Google::Apis::IamV1::Empty
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#disable_service_account(name, disable_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty

Disables a ServiceAccount immediately. If an application uses the service account to authenticate, that application can no longer call Google APIs or access Google Cloud resources. Existing access tokens for the service account are rejected, and requests for new access tokens will fail. To re-enable the service account, use EnableServiceAccount. After you re-enable the service account, its existing access tokens will be accepted, and you can request new access tokens. To help avoid unplanned outages, we recommend that you disable the service account before you delete it. Use this method to disable the service account, then wait at least 24 hours and watch for unintended consequences. If there are no unintended consequences, you can delete the service account with DeleteServiceAccount.

Parameters:

• name (String) —

  The resource name of the service account. Use one of the following formats: * projects/PROJECT_ID/serviceAccounts/EMAIL_ADDRESS* `projects/`PROJECT_ID` /serviceAccounts/`UNIQUE_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/ EMAIL_ADDRESS* `projects/-/serviceAccounts/`UNIQUE_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account projects/-/serviceAccounts/fake@example.com, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• disable_service_account_request_object (Google::Apis::IamV1::DisableServiceAccountRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Empty) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Empty)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2645

def disable_service_account(name, disable_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:disable', options)
  command.request_representation = Google::Apis::IamV1::DisableServiceAccountRequest::Representation
  command.request_object = disable_service_account_request_object
  command.response_representation = Google::Apis::IamV1::Empty::Representation
  command.response_class = Google::Apis::IamV1::Empty
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#disable_service_account_key(name, disable_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty

Disable a ServiceAccountKey. A disabled service account key can be re-enabled with EnableServiceAccountKey.

Parameters:

• name (String) —

  Required. The resource name of the service account key. Use one of the following formats: * projects/PROJECT_ID/serviceAccounts/EMAIL_ADDRESS/ keys/KEY_ID* `projects/`PROJECT_ID`/serviceAccounts/`UNIQUE_ID`/keys/` KEY_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/EMAIL_ADDRESS/keys/KEY_ID* `projects/-/serviceAccounts/`UNIQUE_ID`/keys/`KEY_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account key projects/-/serviceAccounts/fake@example.com/keys/fake-key, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• disable_service_account_key_request_object (Google::Apis::IamV1::DisableServiceAccountKeyRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Empty) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Empty)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 3258

def disable_service_account_key(name, disable_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:disable', options)
  command.request_representation = Google::Apis::IamV1::DisableServiceAccountKeyRequest::Representation
  command.request_object = disable_service_account_key_request_object
  command.response_representation = Google::Apis::IamV1::Empty::Representation
  command.response_class = Google::Apis::IamV1::Empty
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#enable_service_account(name, enable_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty

Enables a ServiceAccount that was disabled by DisableServiceAccount. If the service account is already enabled, then this method has no effect. If the service account was disabled by other means—for example, if Google disabled the service account because it was compromised—you cannot use this method to enable the service account.

Parameters:

• name (String) —

  The resource name of the service account. Use one of the following formats: * projects/PROJECT_ID/serviceAccounts/EMAIL_ADDRESS* `projects/`PROJECT_ID` /serviceAccounts/`UNIQUE_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/ EMAIL_ADDRESS* `projects/-/serviceAccounts/`UNIQUE_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account projects/-/serviceAccounts/fake@example.com, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• enable_service_account_request_object (Google::Apis::IamV1::EnableServiceAccountRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Empty) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Empty)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2691

def enable_service_account(name, enable_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:enable', options)
  command.request_representation = Google::Apis::IamV1::EnableServiceAccountRequest::Representation
  command.request_object = enable_service_account_request_object
  command.response_representation = Google::Apis::IamV1::Empty::Representation
  command.response_class = Google::Apis::IamV1::Empty
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#enable_service_account_key(name, enable_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty

Enable a ServiceAccountKey.

Parameters:

• name (String) —

  Required. The resource name of the service account key. Use one of the following formats: * projects/PROJECT_ID/serviceAccounts/EMAIL_ADDRESS/ keys/KEY_ID* `projects/`PROJECT_ID`/serviceAccounts/`UNIQUE_ID`/keys/` KEY_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/EMAIL_ADDRESS/keys/KEY_ID* `projects/-/serviceAccounts/`UNIQUE_ID`/keys/`KEY_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account key projects/-/serviceAccounts/fake@example.com/keys/fake-key, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• enable_service_account_key_request_object (Google::Apis::IamV1::EnableServiceAccountKeyRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Empty) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Empty)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 3301

def enable_service_account_key(name, enable_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:enable', options)
  command.request_representation = Google::Apis::IamV1::EnableServiceAccountKeyRequest::Representation
  command.request_object = enable_service_account_key_request_object
  command.response_representation = Google::Apis::IamV1::Empty::Representation
  command.response_class = Google::Apis::IamV1::Empty
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_location_workforce_pool(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::WorkforcePool

Gets an individual WorkforcePool.

Parameters:

• name (String) —

  Required. The name of the pool to retrieve. Format: locations/location/ workforcePools/workforce_pool_id``

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::WorkforcePool) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::WorkforcePool)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 218

def get_location_workforce_pool(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::WorkforcePool::Representation
  command.response_class = Google::Apis::IamV1::WorkforcePool
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_location_workforce_pool_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

Parameters:

• name (String) —

  The name of the operation resource.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 473

def get_location_workforce_pool_operation(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_location_workforce_pool_provider(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::WorkforcePoolProvider

Gets an individual WorkforcePoolProvider.

Parameters:

• name (String) —

  Required. The name of the provider to retrieve. Format: locations/location/ workforcePools/workforce_pool_id/providers/provider_id``

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::WorkforcePoolProvider) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::WorkforcePoolProvider)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 579

def get_location_workforce_pool_provider(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::WorkforcePoolProvider::Representation
  command.response_class = Google::Apis::IamV1::WorkforcePoolProvider
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_location_workforce_pool_provider_key(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::WorkforcePoolProviderKey

Gets a WorkforcePoolProviderKey.

Parameters:

• name (String) —

  Required. The name of the key to retrieve.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::WorkforcePoolProviderKey) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::WorkforcePoolProviderKey)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 794

def get_location_workforce_pool_provider_key(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::WorkforcePoolProviderKey::Representation
  command.response_class = Google::Apis::IamV1::WorkforcePoolProviderKey
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_location_workforce_pool_provider_key_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

Parameters:

• name (String) —

  The name of the operation resource.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 903

def get_location_workforce_pool_provider_key_operation(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_location_workforce_pool_provider_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

Parameters:

• name (String) —

  The name of the operation resource.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 934

def get_location_workforce_pool_provider_operation(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_location_workforce_pool_subject_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

Parameters:

• name (String) —

  The name of the operation resource.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1045

def get_location_workforce_pool_subject_operation(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_organization_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Gets the definition of a Role.

Parameters:

• name (String) —

  The name parameter's value depends on the target resource for the request, namely roles, projects, or organizations. Each resource type's name value format is described below: * roles. get(): roles/ ROLE_NAME. This method returns results from all [predefined roles](https:// cloud.google.com/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles/`ROLE_NAME * projects.roles.get(): projects/PROJECT_ID/roles/CUSTOM_ROLE_ID. This method returns only [custom roles](https://cloud.google.com/iam/docs/understanding- custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/`PROJECT_ID`/roles/`CUSTOM_ROLE_ID * organizations.roles.get(): organizations/ORGANIZATION_ID/roles/ CUSTOM_ROLE_ID. This method returns only [custom roles](https://cloud.google. com/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/ organizations/`ORGANIZATION_ID`/roles/`CUSTOM_ROLE_ID Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Role) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Role)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1198

def get_organization_role(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_location_workload_identity_pool(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::WorkloadIdentityPool

Gets an individual WorkloadIdentityPool.

Parameters:

• name (String) —

  Required. The name of the pool to retrieve.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::WorkloadIdentityPool) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::WorkloadIdentityPool)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1504

def get_project_location_workload_identity_pool(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::WorkloadIdentityPool::Representation
  command.response_class = Google::Apis::IamV1::WorkloadIdentityPool
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_location_workload_identity_pool_namespace_managed_identity_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

Parameters:

• name (String) —

  The name of the operation resource.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1647

def get_project_location_workload_identity_pool_namespace_managed_identity_operation(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_location_workload_identity_pool_namespace_managed_identity_workload_source_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

Parameters:

• name (String) —

  The name of the operation resource.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1678

def get_project_location_workload_identity_pool_namespace_managed_identity_workload_source_operation(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_location_workload_identity_pool_namespace_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

Parameters:

• name (String) —

  The name of the operation resource.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1709

def get_project_location_workload_identity_pool_namespace_operation(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_location_workload_identity_pool_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

Parameters:

• name (String) —

  The name of the operation resource.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1740

def get_project_location_workload_identity_pool_operation(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_location_workload_identity_pool_provider(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::WorkloadIdentityPoolProvider

Gets an individual WorkloadIdentityPoolProvider.

Parameters:

• name (String) —

  Required. The name of the provider to retrieve.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::WorkloadIdentityPoolProvider) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::WorkloadIdentityPoolProvider)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1843

def get_project_location_workload_identity_pool_provider(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::WorkloadIdentityPoolProvider::Representation
  command.response_class = Google::Apis::IamV1::WorkloadIdentityPoolProvider
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_location_workload_identity_pool_provider_key(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::WorkloadIdentityPoolProviderKey

Gets an individual WorkloadIdentityPoolProviderKey.

Parameters:

• name (String) —

  Required. The name of the key to retrieve.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::WorkloadIdentityPoolProviderKey) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::WorkloadIdentityPoolProviderKey)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2055

def get_project_location_workload_identity_pool_provider_key(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::WorkloadIdentityPoolProviderKey::Representation
  command.response_class = Google::Apis::IamV1::WorkloadIdentityPoolProviderKey
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_location_workload_identity_pool_provider_key_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

Parameters:

• name (String) —

  The name of the operation resource.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2162

def get_project_location_workload_identity_pool_provider_key_operation(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_location_workload_identity_pool_provider_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

Parameters:

• name (String) —

  The name of the operation resource.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2193

def get_project_location_workload_identity_pool_provider_operation(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Gets the definition of a Role.

Parameters:

• name (String) —

  The name parameter's value depends on the target resource for the request, namely roles, projects, or organizations. Each resource type's name value format is described below: * roles. get(): roles/ ROLE_NAME. This method returns results from all [predefined roles](https:// cloud.google.com/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles/`ROLE_NAME * projects.roles.get(): projects/PROJECT_ID/roles/CUSTOM_ROLE_ID. This method returns only [custom roles](https://cloud.google.com/iam/docs/understanding- custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/`PROJECT_ID`/roles/`CUSTOM_ROLE_ID * organizations.roles.get(): organizations/ORGANIZATION_ID/roles/ CUSTOM_ROLE_ID. This method returns only [custom roles](https://cloud.google. com/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/ organizations/`ORGANIZATION_ID`/roles/`CUSTOM_ROLE_ID Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Role) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Role)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2346

def get_project_role(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_service_account(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount

Gets a ServiceAccount.

Parameters:

• name (String) —

  Required. The resource name of the service account. Use one of the following formats: * projects/PROJECT_ID/serviceAccounts/EMAIL_ADDRESS* `projects/ `PROJECT_ID`/serviceAccounts/`UNIQUE_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/ EMAIL_ADDRESS* `projects/-/serviceAccounts/`UNIQUE_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account projects/-/serviceAccounts/fake@example.com, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ServiceAccount) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ServiceAccount)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2732

def get_project_service_account(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccount
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_service_account_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Policy

Gets the IAM policy that is attached to a ServiceAccount. This IAM policy specifies which principals have access to the service account. This method does not tell you whether the service account has been granted any roles on other resources. To check whether a service account has role grants on a resource, use the getIamPolicy method for that resource. For example, to view the role grants for a project, call the Resource Manager API's projects. getIamPolicy method.

Parameters:

• resource (String) —

  REQUIRED: The resource for which the policy is being requested. See Resource names for the appropriate value for this field.

• options_requested_policy_version (Fixnum) (defaults to: nil) —

  Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the IAM documentation.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Policy) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Policy)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2782

def get_project_service_account_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+resource}:getIamPolicy', options)
  command.response_representation = Google::Apis::IamV1::Policy::Representation
  command.response_class = Google::Apis::IamV1::Policy
  command.params['resource'] = resource unless resource.nil?
  command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_service_account_key(name, public_key_type: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccountKey

Gets a ServiceAccountKey.

Parameters:

• name (String) —

  Required. The resource name of the service account key. Use one of the following formats: * projects/PROJECT_ID/serviceAccounts/EMAIL_ADDRESS/ keys/KEY_ID* `projects/`PROJECT_ID`/serviceAccounts/`UNIQUE_ID`/keys/` KEY_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/EMAIL_ADDRESS/keys/KEY_ID* `projects/-/serviceAccounts/`UNIQUE_ID`/keys/`KEY_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account key projects/-/serviceAccounts/fake@example.com/keys/fake-key, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• public_key_type (String) (defaults to: nil) —

  Optional. The output format of the public key. The default is TYPE_NONE, which means that the public key is not returned.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ServiceAccountKey) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ServiceAccountKey)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 3346

def get_project_service_account_key(name, public_key_type: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::ServiceAccountKey::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccountKey
  command.params['name'] = name unless name.nil?
  command.query['publicKeyType'] = public_key_type unless public_key_type.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Gets the definition of a Role.

Parameters:

• name (String) —

  The name parameter's value depends on the target resource for the request, namely roles, projects, or organizations. Each resource type's name value format is described below: * roles. get(): roles/ ROLE_NAME. This method returns results from all [predefined roles](https:// cloud.google.com/iam/docs/understanding-roles#predefined_roles) in Cloud IAM. Example request URL: `https://iam.googleapis.com/v1/roles/`ROLE_NAME * projects.roles.get(): projects/PROJECT_ID/roles/CUSTOM_ROLE_ID. This method returns only [custom roles](https://cloud.google.com/iam/docs/understanding- custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/`PROJECT_ID`/roles/`CUSTOM_ROLE_ID * organizations.roles.get(): organizations/ORGANIZATION_ID/roles/ CUSTOM_ROLE_ID. This method returns only [custom roles](https://cloud.google. com/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam.googleapis.com/v1/ organizations/`ORGANIZATION_ID`/roles/`CUSTOM_ROLE_ID Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Role) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Role)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 3485

def get_role(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_workforce_pool_iam_policy(resource, get_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Policy

Gets IAM policies on a WorkforcePool.

Parameters:

• resource (String) —

  REQUIRED: The resource for which the policy is being requested. See Resource names for the appropriate value for this field.

• get_iam_policy_request_object (Google::Apis::IamV1::GetIamPolicyRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Policy) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Policy)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 251

def get_workforce_pool_iam_policy(resource, get_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+resource}:getIamPolicy', options)
  command.request_representation = Google::Apis::IamV1::GetIamPolicyRequest::Representation
  command.request_object = get_iam_policy_request_object
  command.response_representation = Google::Apis::IamV1::Policy::Representation
  command.response_class = Google::Apis::IamV1::Policy
  command.params['resource'] = resource unless resource.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#lint_iam_policy_policy(lint_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::LintPolicyResponse

Lints, or validates, an IAM policy. Currently checks the google.iam.v1.Binding. condition field, which contains a condition expression for a role binding. Successful calls to this method always return an HTTP 200 OK status code, even if the linter detects an issue in the IAM policy.

Parameters:

• lint_policy_request_object (Google::Apis::IamV1::LintPolicyRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::LintPolicyResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::LintPolicyResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 76

def lint_iam_policy_policy(lint_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/iamPolicies:lintPolicy', options)
  command.request_representation = Google::Apis::IamV1::LintPolicyRequest::Representation
  command.request_object = lint_policy_request_object
  command.response_representation = Google::Apis::IamV1::LintPolicyResponse::Representation
  command.response_class = Google::Apis::IamV1::LintPolicyResponse
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_location_workforce_pool_provider_keys(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListWorkforcePoolProviderKeysResponse

Lists all non-deleted WorkforcePoolProviderKeys in a WorkforcePoolProvider. If show_deleted is set to true, then deleted keys are also listed.

Parameters:

• parent (String) —

  Required. The provider resource to list encryption keys for. Format: locations/location/workforcePools/workforce_pool_id/providers/provider_id

• page_size (Fixnum) (defaults to: nil) —

  The maximum number of keys to return. If unspecified, all keys are returned. The maximum value is 10; values above 10 are truncated to 10.

• page_token (String) (defaults to: nil) —

  A page token, received from a previous ListWorkforcePoolProviderKeys call. Provide this to retrieve the subsequent page.

• show_deleted (Boolean) (defaults to: nil) —

  Whether to return soft-deleted keys.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ListWorkforcePoolProviderKeysResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ListWorkforcePoolProviderKeysResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 835

def list_location_workforce_pool_provider_keys(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+parent}/keys', options)
  command.response_representation = Google::Apis::IamV1::ListWorkforcePoolProviderKeysResponse::Representation
  command.response_class = Google::Apis::IamV1::ListWorkforcePoolProviderKeysResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['showDeleted'] = show_deleted unless show_deleted.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_location_workforce_pool_providers(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListWorkforcePoolProvidersResponse

Lists all non-deleted WorkforcePoolProviders in a WorkforcePool. If show_deleted is set to true, then deleted providers are also listed.

Parameters:

• parent (String) —

  Required. The pool to list providers for. Format: locations/location/ workforcePools/workforce_pool_id``

• page_size (Fixnum) (defaults to: nil) —

  The maximum number of providers to return. If unspecified, at most 50 providers are returned. The maximum value is 100; values above 100 are truncated to 100.

• page_token (String) (defaults to: nil) —

  A page token, received from a previous ListWorkforcePoolProviders call. Provide this to retrieve the subsequent page.

• show_deleted (Boolean) (defaults to: nil) —

  Whether to return soft-deleted providers.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ListWorkforcePoolProvidersResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ListWorkforcePoolProvidersResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 620

def list_location_workforce_pool_providers(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+parent}/providers', options)
  command.response_representation = Google::Apis::IamV1::ListWorkforcePoolProvidersResponse::Representation
  command.response_class = Google::Apis::IamV1::ListWorkforcePoolProvidersResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['showDeleted'] = show_deleted unless show_deleted.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_location_workforce_pools(location, page_size: nil, page_token: nil, parent: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListWorkforcePoolsResponse

Lists all non-deleted WorkforcePools under the specified parent. If show_deleted is set to true, then deleted pools are also listed.

Parameters:

• location (String) —

  The location of the pool. Format: locations/location``.

• page_size (Fixnum) (defaults to: nil) —

  The maximum number of pools to return. If unspecified, at most 50 pools will be returned. The maximum value is 1000; values above 1000 are truncated to 1000.

• page_token (String) (defaults to: nil) —

  A page token, received from a previous ListWorkforcePools call. Provide this to retrieve the subsequent page.

• parent (String) (defaults to: nil) —

  Required. The parent resource to list pools for. Format: organizations/org- id``.

• show_deleted (Boolean) (defaults to: nil) —

  Whether to return soft-deleted pools.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ListWorkforcePoolsResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ListWorkforcePoolsResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 296

def list_location_workforce_pools(location, page_size: nil, page_token: nil, parent: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+location}/workforcePools', options)
  command.response_representation = Google::Apis::IamV1::ListWorkforcePoolsResponse::Representation
  command.response_class = Google::Apis::IamV1::ListWorkforcePoolsResponse
  command.params['location'] = location unless location.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['parent'] = parent unless parent.nil?
  command.query['showDeleted'] = show_deleted unless show_deleted.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_organization_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse

Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.

Parameters:

• parent (String) —

  The parent parameter's value depends on the target resource for the request, namely roles, projects, or organizations. Each resource type's parent value format is described below: * roles.list(): An empty string. This method doesn't require a resource; it simply returns all predefined roles in Cloud IAM. Example request URL: https://iam.googleapis. com/v1/roles * projects.roles.list(): projects/PROJECT_ID. This method lists all project-level [custom roles](https://cloud.google.com/iam/docs/ understanding-custom-roles). Example request URL: `https://iam.googleapis.com/ v1/projects/`PROJECT_ID`/roles` * [`organizations.roles.list()`](https://cloud. google.com/iam/reference/rest/v1/organizations.roles/list): `organizations/` ORGANIZATION_ID. This method lists all organization-level custom roles. Example request URL: https://iam.googleapis.com/v1/organizations/ORGANIZATION_ID/roles Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

• page_size (Fixnum) (defaults to: nil) —

  Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000.

• page_token (String) (defaults to: nil) —

  Optional pagination token returned in an earlier ListRolesResponse.

• show_deleted (Boolean) (defaults to: nil) —

  Include Roles that have been deleted.

• view (String) (defaults to: nil) —

  Optional view for the returned Role objects. When FULL is specified, the includedPermissions field is returned, which includes a list of all permissions in the role. The default value is BASIC, which does not return the includedPermissions field.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ListRolesResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ListRolesResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1260

def list_organization_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+parent}/roles', options)
  command.response_representation = Google::Apis::IamV1::ListRolesResponse::Representation
  command.response_class = Google::Apis::IamV1::ListRolesResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['showDeleted'] = show_deleted unless show_deleted.nil?
  command.query['view'] = view unless view.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_project_location_workload_identity_pool_provider_keys(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListWorkloadIdentityPoolProviderKeysResponse

Lists all non-deleted WorkloadIdentityPoolProviderKeys in a project. If show_deleted is set to true, then deleted pools are also listed.

Parameters:

• parent (String) —

  Required. The parent provider resource to list encryption keys for.

• page_size (Fixnum) (defaults to: nil) —

  The maximum number of keys to return. If unspecified, all keys are returned. The maximum value is 10; values above 10 are truncated to 10.

• page_token (String) (defaults to: nil) —

  A page token, received from a previous ListWorkloadIdentityPoolProviderKeys call. Provide this to retrieve the subsequent page.

• show_deleted (Boolean) (defaults to: nil) —

  Whether to return soft deleted resources as well.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ListWorkloadIdentityPoolProviderKeysResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ListWorkloadIdentityPoolProviderKeysResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2094

def list_project_location_workload_identity_pool_provider_keys(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+parent}/keys', options)
  command.response_representation = Google::Apis::IamV1::ListWorkloadIdentityPoolProviderKeysResponse::Representation
  command.response_class = Google::Apis::IamV1::ListWorkloadIdentityPoolProviderKeysResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['showDeleted'] = show_deleted unless show_deleted.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_project_location_workload_identity_pool_providers(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListWorkloadIdentityPoolProvidersResponse

Lists all non-deleted WorkloadIdentityPoolProviders in a WorkloadIdentityPool. If show_deleted is set to true, then deleted providers are also listed.

Parameters:

• parent (String) —

  Required. The pool to list providers for.

• page_size (Fixnum) (defaults to: nil) —

  The maximum number of providers to return. If unspecified, at most 50 providers are returned. The maximum value is 100; values above 100 are truncated to 100.

• page_token (String) (defaults to: nil) —

  A page token, received from a previous ListWorkloadIdentityPoolProviders call. Provide this to retrieve the subsequent page.

• show_deleted (Boolean) (defaults to: nil) —

  Whether to return soft-deleted providers.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ListWorkloadIdentityPoolProvidersResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ListWorkloadIdentityPoolProvidersResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1883

def list_project_location_workload_identity_pool_providers(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+parent}/providers', options)
  command.response_representation = Google::Apis::IamV1::ListWorkloadIdentityPoolProvidersResponse::Representation
  command.response_class = Google::Apis::IamV1::ListWorkloadIdentityPoolProvidersResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['showDeleted'] = show_deleted unless show_deleted.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_project_location_workload_identity_pools(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListWorkloadIdentityPoolsResponse

Lists all non-deleted WorkloadIdentityPools in a project. If show_deleted is set to true, then deleted pools are also listed.

Parameters:

• parent (String) —

  Required. The parent resource to list pools for.

• page_size (Fixnum) (defaults to: nil) —

  The maximum number of pools to return. If unspecified, at most 50 pools are returned. The maximum value is 1000; values above are 1000 truncated to 1000.

• page_token (String) (defaults to: nil) —

  A page token, received from a previous ListWorkloadIdentityPools call. Provide this to retrieve the subsequent page.

• show_deleted (Boolean) (defaults to: nil) —

  Whether to return soft-deleted pools.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ListWorkloadIdentityPoolsResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ListWorkloadIdentityPoolsResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1543

def list_project_location_workload_identity_pools(parent, page_size: nil, page_token: nil, show_deleted: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+parent}/workloadIdentityPools', options)
  command.response_representation = Google::Apis::IamV1::ListWorkloadIdentityPoolsResponse::Representation
  command.response_class = Google::Apis::IamV1::ListWorkloadIdentityPoolsResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['showDeleted'] = show_deleted unless show_deleted.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_project_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse

Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.

Parameters:

• parent (String) —

  The parent parameter's value depends on the target resource for the request, namely roles, projects, or organizations. Each resource type's parent value format is described below: * roles.list(): An empty string. This method doesn't require a resource; it simply returns all predefined roles in Cloud IAM. Example request URL: https://iam.googleapis. com/v1/roles * projects.roles.list(): projects/PROJECT_ID. This method lists all project-level [custom roles](https://cloud.google.com/iam/docs/ understanding-custom-roles). Example request URL: `https://iam.googleapis.com/ v1/projects/`PROJECT_ID`/roles` * [`organizations.roles.list()`](https://cloud. google.com/iam/reference/rest/v1/organizations.roles/list): `organizations/` ORGANIZATION_ID. This method lists all organization-level custom roles. Example request URL: https://iam.googleapis.com/v1/organizations/ORGANIZATION_ID/roles Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

• page_size (Fixnum) (defaults to: nil) —

  Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000.

• page_token (String) (defaults to: nil) —

  Optional pagination token returned in an earlier ListRolesResponse.

• show_deleted (Boolean) (defaults to: nil) —

  Include Roles that have been deleted.

• view (String) (defaults to: nil) —

  Optional view for the returned Role objects. When FULL is specified, the includedPermissions field is returned, which includes a list of all permissions in the role. The default value is BASIC, which does not return the includedPermissions field.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ListRolesResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ListRolesResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2408

def list_project_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+parent}/roles', options)
  command.response_representation = Google::Apis::IamV1::ListRolesResponse::Representation
  command.response_class = Google::Apis::IamV1::ListRolesResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['showDeleted'] = show_deleted unless show_deleted.nil?
  command.query['view'] = view unless view.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_project_service_account_keys(name, key_types: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListServiceAccountKeysResponse

Lists every ServiceAccountKey for a service account.

Parameters:

• name (String) —

  Required. The resource name of the service account. Use one of the following formats: * projects/PROJECT_ID/serviceAccounts/EMAIL_ADDRESS* `projects/ `PROJECT_ID`/serviceAccounts/`UNIQUE_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/ EMAIL_ADDRESS* `projects/-/serviceAccounts/`UNIQUE_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account projects/-/serviceAccounts/fake@example.com, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• key_types (Array<String>, String) (defaults to: nil) —

  Filters the types of keys the user wants to include in the list response. Duplicate key types are not allowed. If no key type is provided, all keys are returned.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ListServiceAccountKeysResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ListServiceAccountKeysResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 3390

def list_project_service_account_keys(name, key_types: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}/keys', options)
  command.response_representation = Google::Apis::IamV1::ListServiceAccountKeysResponse::Representation
  command.response_class = Google::Apis::IamV1::ListServiceAccountKeysResponse
  command.params['name'] = name unless name.nil?
  command.query['keyTypes'] = key_types unless key_types.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_project_service_accounts(name, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListServiceAccountsResponse

Lists every ServiceAccount that belongs to a specific project.

Parameters:

• name (String) —

  Required. The resource name of the project associated with the service accounts, such as projects/my-project-123.

• page_size (Fixnum) (defaults to: nil) —

  Optional limit on the number of service accounts to include in the response. Further accounts can subsequently be obtained by including the ListServiceAccountsResponse.next_page_token in a subsequent request. The default is 20, and the maximum is 100.

• page_token (String) (defaults to: nil) —

  Optional pagination token returned in an earlier ListServiceAccountsResponse. next_page_token.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ListServiceAccountsResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ListServiceAccountsResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2822

def list_project_service_accounts(name, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}/serviceAccounts', options)
  command.response_representation = Google::Apis::IamV1::ListServiceAccountsResponse::Representation
  command.response_class = Google::Apis::IamV1::ListServiceAccountsResponse
  command.params['name'] = name unless name.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_roles(page_size: nil, page_token: nil, parent: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse

Lists every predefined Role that IAM supports, or every custom role that is defined for an organization or project.

Parameters:

• page_size (Fixnum) (defaults to: nil) —

  Optional limit on the number of roles to include in the response. The default is 300, and the maximum is 1,000.

• page_token (String) (defaults to: nil) —

  Optional pagination token returned in an earlier ListRolesResponse.

• parent (String) (defaults to: nil) —

  The parent parameter's value depends on the target resource for the request, namely roles, projects, or organizations. Each resource type's parent value format is described below: * roles.list(): An empty string. This method doesn't require a resource; it simply returns all predefined roles in Cloud IAM. Example request URL: https://iam.googleapis. com/v1/roles * projects.roles.list(): projects/PROJECT_ID. This method lists all project-level [custom roles](https://cloud.google.com/iam/docs/ understanding-custom-roles). Example request URL: `https://iam.googleapis.com/ v1/projects/`PROJECT_ID`/roles` * [`organizations.roles.list()`](https://cloud. google.com/iam/reference/rest/v1/organizations.roles/list): `organizations/` ORGANIZATION_ID. This method lists all organization-level custom roles. Example request URL: https://iam.googleapis.com/v1/organizations/ORGANIZATION_ID/roles Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

• show_deleted (Boolean) (defaults to: nil) —

  Include Roles that have been deleted.

• view (String) (defaults to: nil) —

  Optional view for the returned Role objects. When FULL is specified, the includedPermissions field is returned, which includes a list of all permissions in the role. The default value is BASIC, which does not return the includedPermissions field.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ListRolesResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ListRolesResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 3547

def list_roles(page_size: nil, page_token: nil, parent: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/roles', options)
  command.response_representation = Google::Apis::IamV1::ListRolesResponse::Representation
  command.response_class = Google::Apis::IamV1::ListRolesResponse
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['parent'] = parent unless parent.nil?
  command.query['showDeleted'] = show_deleted unless show_deleted.nil?
  command.query['view'] = view unless view.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#patch_location_workforce_pool(name, workforce_pool_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Updates an existing WorkforcePool.

Parameters:

• name (String) —

  Output only. The resource name of the pool. Format: locations/location/ workforcePools/workforce_pool_id``

• workforce_pool_object (Google::Apis::IamV1::WorkforcePool) (defaults to: nil)
• update_mask (String) (defaults to: nil) —

  Required. The list of fields to update.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 334

def patch_location_workforce_pool(name, workforce_pool_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::IamV1::WorkforcePool::Representation
  command.request_object = workforce_pool_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['updateMask'] = update_mask unless update_mask.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#patch_location_workforce_pool_provider(name, workforce_pool_provider_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Updates an existing WorkforcePoolProvider.

Parameters:

• name (String) —

  Output only. The resource name of the provider. Format: locations/location/ workforcePools/workforce_pool_id/providers/provider_id``

• workforce_pool_provider_object (Google::Apis::IamV1::WorkforcePoolProvider) (defaults to: nil)
• update_mask (String) (defaults to: nil) —

  Required. The list of fields to update.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 657

def patch_location_workforce_pool_provider(name, workforce_pool_provider_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::IamV1::WorkforcePoolProvider::Representation
  command.request_object = workforce_pool_provider_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['updateMask'] = update_mask unless update_mask.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#patch_organization_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Updates the definition of a custom Role.

Parameters:

• name (String) —

  The name parameter's value depends on the target resource for the request, namely projects or organizations. Each resource type's name value format is described below: * projects.roles.patch(): projects/PROJECT_ID/roles/CUSTOM_ROLE_ID. This method updates only [custom roles](https://cloud.google.com/iam/docs/ understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/`PROJECT_ID`/ roles/`CUSTOM_ROLE_ID * organizations.roles.patch(): organizations/ ORGANIZATION_ID/roles/CUSTOM_ROLE_ID. This method updates only [custom roles](https://cloud.google.com/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam. googleapis.com/v1/organizations/`ORGANIZATION_ID`/roles/`CUSTOM_ROLE_ID Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

• role_object (Google::Apis::IamV1::Role) (defaults to: nil)
• update_mask (String) (defaults to: nil) —

  A mask describing which fields in the Role have changed.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Role) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Role)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1313

def patch_organization_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::IamV1::Role::Representation
  command.request_object = role_object
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['updateMask'] = update_mask unless update_mask.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#patch_project_location_workload_identity_pool(name, workload_identity_pool_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Updates an existing WorkloadIdentityPool.

Parameters:

• name (String) —

  Output only. The resource name of the pool.

• workload_identity_pool_object (Google::Apis::IamV1::WorkloadIdentityPool) (defaults to: nil)
• update_mask (String) (defaults to: nil) —

  Required. The list of fields to update.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1579

def patch_project_location_workload_identity_pool(name, workload_identity_pool_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::IamV1::WorkloadIdentityPool::Representation
  command.request_object = workload_identity_pool_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['updateMask'] = update_mask unless update_mask.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#patch_project_location_workload_identity_pool_provider(name, workload_identity_pool_provider_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Updates an existing WorkloadIdentityPoolProvider.

Parameters:

• name (String) —

  Output only. The resource name of the provider.

• workload_identity_pool_provider_object (Google::Apis::IamV1::WorkloadIdentityPoolProvider) (defaults to: nil)
• update_mask (String) (defaults to: nil) —

  Required. The list of fields to update.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1919

def patch_project_location_workload_identity_pool_provider(name, workload_identity_pool_provider_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::IamV1::WorkloadIdentityPoolProvider::Representation
  command.request_object = workload_identity_pool_provider_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['updateMask'] = update_mask unless update_mask.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#patch_project_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Updates the definition of a custom Role.

Parameters:

• name (String) —

  The name parameter's value depends on the target resource for the request, namely projects or organizations. Each resource type's name value format is described below: * projects.roles.patch(): projects/PROJECT_ID/roles/CUSTOM_ROLE_ID. This method updates only [custom roles](https://cloud.google.com/iam/docs/ understanding-custom-roles) that have been created at the project level. Example request URL: `https://iam.googleapis.com/v1/projects/`PROJECT_ID`/ roles/`CUSTOM_ROLE_ID * organizations.roles.patch(): organizations/ ORGANIZATION_ID/roles/CUSTOM_ROLE_ID. This method updates only [custom roles](https://cloud.google.com/iam/docs/understanding-custom-roles) that have been created at the organization level. Example request URL: `https://iam. googleapis.com/v1/organizations/`ORGANIZATION_ID`/roles/`CUSTOM_ROLE_ID Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

• role_object (Google::Apis::IamV1::Role) (defaults to: nil)
• update_mask (String) (defaults to: nil) —

  A mask describing which fields in the Role have changed.

• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Role) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Role)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2461

def patch_project_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::IamV1::Role::Representation
  command.request_object = role_object
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['updateMask'] = update_mask unless update_mask.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#patch_service_account(name, patch_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount

Patches a ServiceAccount.

Parameters:

• name (String) —

  The resource name of the service account. Use one of the following formats: * projects/PROJECT_ID/serviceAccounts/EMAIL_ADDRESS* `projects/`PROJECT_ID` /serviceAccounts/`UNIQUE_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/ EMAIL_ADDRESS* `projects/-/serviceAccounts/`UNIQUE_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account projects/-/serviceAccounts/fake@example.com, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• patch_service_account_request_object (Google::Apis::IamV1::PatchServiceAccountRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ServiceAccount) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ServiceAccount)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2864

def patch_service_account(name, patch_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::IamV1::PatchServiceAccountRequest::Representation
  command.request_object = patch_service_account_request_object
  command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccount
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#query_grantable_roles(query_grantable_roles_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryGrantableRolesResponse

Lists roles that can be granted on a Google Cloud resource. A role is grantable if the IAM policy for the resource can contain bindings to the role.

Parameters:

• query_grantable_roles_request_object (Google::Apis::IamV1::QueryGrantableRolesRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::QueryGrantableRolesResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::QueryGrantableRolesResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 3581

def query_grantable_roles(query_grantable_roles_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/roles:queryGrantableRoles', options)
  command.request_representation = Google::Apis::IamV1::QueryGrantableRolesRequest::Representation
  command.request_object = query_grantable_roles_request_object
  command.response_representation = Google::Apis::IamV1::QueryGrantableRolesResponse::Representation
  command.response_class = Google::Apis::IamV1::QueryGrantableRolesResponse
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#query_iam_policy_auditable_services(query_auditable_services_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryAuditableServicesResponse

Returns a list of services that allow you to opt into audit logs that are not generated by default. To learn more about audit logs, see the Logging documentation.

Parameters:

• query_auditable_services_request_object (Google::Apis::IamV1::QueryAuditableServicesRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::QueryAuditableServicesResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::QueryAuditableServicesResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 108

def query_iam_policy_auditable_services(query_auditable_services_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/iamPolicies:queryAuditableServices', options)
  command.request_representation = Google::Apis::IamV1::QueryAuditableServicesRequest::Representation
  command.request_object = query_auditable_services_request_object
  command.response_representation = Google::Apis::IamV1::QueryAuditableServicesResponse::Representation
  command.response_class = Google::Apis::IamV1::QueryAuditableServicesResponse
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#query_testable_permissions(query_testable_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryTestablePermissionsResponse

Lists every permission that you can test on a resource. A permission is testable if you can check whether a principal has that permission on the resource.

Parameters:

• query_testable_permissions_request_object (Google::Apis::IamV1::QueryTestablePermissionsRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::QueryTestablePermissionsResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::QueryTestablePermissionsResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1396

def query_testable_permissions(query_testable_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/permissions:queryTestablePermissions', options)
  command.request_representation = Google::Apis::IamV1::QueryTestablePermissionsRequest::Representation
  command.request_object = query_testable_permissions_request_object
  command.response_representation = Google::Apis::IamV1::QueryTestablePermissionsResponse::Representation
  command.response_class = Google::Apis::IamV1::QueryTestablePermissionsResponse
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#set_service_account_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Policy

Sets the IAM policy that is attached to a ServiceAccount. Use this method to grant or revoke access to the service account. For example, you could grant a principal the ability to impersonate the service account. This method does not enable the service account to access other resources. To grant roles to a service account on a resource, follow these steps: 1. Call the resource's getIamPolicy method to get its current IAM policy. 2. Edit the policy so that it binds the service account to an IAM role for the resource. 3. Call the resource's setIamPolicy method to update its IAM policy. For detailed instructions, see Manage access to project, folders, and organizations or Manage access to other resources.

Parameters:

• resource (String) —

  REQUIRED: The resource for which the policy is being specified. See Resource names for the appropriate value for this field.

• set_iam_policy_request_object (Google::Apis::IamV1::SetIamPolicyRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Policy) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Policy)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2910

def set_service_account_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options)
  command.request_representation = Google::Apis::IamV1::SetIamPolicyRequest::Representation
  command.request_object = set_iam_policy_request_object
  command.response_representation = Google::Apis::IamV1::Policy::Representation
  command.response_class = Google::Apis::IamV1::Policy
  command.params['resource'] = resource unless resource.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#set_workforce_pool_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Policy

Sets IAM policies on a WorkforcePool.

Parameters:

• resource (String) —

  REQUIRED: The resource for which the policy is being specified. See Resource names for the appropriate value for this field.

• set_iam_policy_request_object (Google::Apis::IamV1::SetIamPolicyRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Policy) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Policy)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 370

def set_workforce_pool_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options)
  command.request_representation = Google::Apis::IamV1::SetIamPolicyRequest::Representation
  command.request_object = set_iam_policy_request_object
  command.response_representation = Google::Apis::IamV1::Policy::Representation
  command.response_class = Google::Apis::IamV1::Policy
  command.params['resource'] = resource unless resource.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#sign_service_account_blob(name, sign_blob_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::SignBlobResponse

Note: This method is deprecated. Use the signBlob method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions. Signs a blob using the system- managed private key for a ServiceAccount.

Parameters:

• name (String) —

  Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account. Use one of the following formats: * projects/PROJECT_ID/ serviceAccounts/EMAIL_ADDRESS* `projects/`PROJECT_ID`/serviceAccounts/` UNIQUE_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/EMAIL_ADDRESS* `projects/- /serviceAccounts/`UNIQUE_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account projects/-/ serviceAccounts/fake@example.com, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• sign_blob_request_object (Google::Apis::IamV1::SignBlobRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::SignBlobResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::SignBlobResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2958

def sign_service_account_blob(name, sign_blob_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:signBlob', options)
  command.request_representation = Google::Apis::IamV1::SignBlobRequest::Representation
  command.request_object = sign_blob_request_object
  command.response_representation = Google::Apis::IamV1::SignBlobResponse::Representation
  command.response_class = Google::Apis::IamV1::SignBlobResponse
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#sign_service_account_jwt(name, sign_jwt_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::SignJwtResponse

Note: This method is deprecated. Use the signJwt method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions. Signs a JSON Web Token (JWT) using the system-managed private key for a ServiceAccount.

Parameters:

• name (String) —

  Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account. Use one of the following formats: * projects/PROJECT_ID/ serviceAccounts/EMAIL_ADDRESS* `projects/`PROJECT_ID`/serviceAccounts/` UNIQUE_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/EMAIL_ADDRESS* `projects/- /serviceAccounts/`UNIQUE_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account projects/-/ serviceAccounts/fake@example.com, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• sign_jwt_request_object (Google::Apis::IamV1::SignJwtRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::SignJwtResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::SignJwtResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 3006

def sign_service_account_jwt(name, sign_jwt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:signJwt', options)
  command.request_representation = Google::Apis::IamV1::SignJwtRequest::Representation
  command.request_object = sign_jwt_request_object
  command.response_representation = Google::Apis::IamV1::SignJwtResponse::Representation
  command.response_class = Google::Apis::IamV1::SignJwtResponse
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#test_service_account_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::TestIamPermissionsResponse

Tests whether the caller has the specified permissions on a ServiceAccount.

Parameters:

• resource (String) —

  REQUIRED: The resource for which the policy detail is being requested. See Resource names for the appropriate value for this field.

• test_iam_permissions_request_object (Google::Apis::IamV1::TestIamPermissionsRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::TestIamPermissionsResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::TestIamPermissionsResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 3041

def test_service_account_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options)
  command.request_representation = Google::Apis::IamV1::TestIamPermissionsRequest::Representation
  command.request_object = test_iam_permissions_request_object
  command.response_representation = Google::Apis::IamV1::TestIamPermissionsResponse::Representation
  command.response_class = Google::Apis::IamV1::TestIamPermissionsResponse
  command.params['resource'] = resource unless resource.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#test_workforce_pool_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::TestIamPermissionsResponse

Returns the caller's permissions on the WorkforcePool. If the pool does not exist, this will return an empty set of permissions, not a NOT_FOUND error.

Parameters:

• resource (String) —

  REQUIRED: The resource for which the policy detail is being requested. See Resource names for the appropriate value for this field.

• test_iam_permissions_request_object (Google::Apis::IamV1::TestIamPermissionsRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::TestIamPermissionsResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::TestIamPermissionsResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 406

def test_workforce_pool_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options)
  command.request_representation = Google::Apis::IamV1::TestIamPermissionsRequest::Representation
  command.request_object = test_iam_permissions_request_object
  command.response_representation = Google::Apis::IamV1::TestIamPermissionsResponse::Representation
  command.response_class = Google::Apis::IamV1::TestIamPermissionsResponse
  command.params['resource'] = resource unless resource.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#undelete_organization_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Undeletes a custom Role.

Parameters:

• name (String) —

  The name parameter's value depends on the target resource for the request, namely projects or organizations. Each resource type's name value format is described below: * projects.roles.undelete(): projects/PROJECT_ID/roles/CUSTOM_ROLE_ID . This method undeletes only custom roles that have been created at the project level. Example request URL: https://iam.googleapis.com/v1/projects/PROJECT_ID/ roles/CUSTOM_ROLE_ID* [`organizations.roles.undelete()`](https://cloud. google.com/iam/reference/rest/v1/organizations.roles/undelete): `organizations/ `ORGANIZATION_ID`/roles/`CUSTOM_ROLE_ID. This method undeletes only custom roles that have been created at the organization level. Example request URL: https://iam. googleapis.com/v1/organizations/ORGANIZATION_ID/roles/CUSTOM_ROLE_ID`` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

• undelete_role_request_object (Google::Apis::IamV1::UndeleteRoleRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Role) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Role)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1363

def undelete_organization_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:undelete', options)
  command.request_representation = Google::Apis::IamV1::UndeleteRoleRequest::Representation
  command.request_object = undelete_role_request_object
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#undelete_project_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Undeletes a custom Role.

Parameters:

• name (String) —

  The name parameter's value depends on the target resource for the request, namely projects or organizations. Each resource type's name value format is described below: * projects.roles.undelete(): projects/PROJECT_ID/roles/CUSTOM_ROLE_ID . This method undeletes only custom roles that have been created at the project level. Example request URL: https://iam.googleapis.com/v1/projects/PROJECT_ID/ roles/CUSTOM_ROLE_ID* [`organizations.roles.undelete()`](https://cloud. google.com/iam/reference/rest/v1/organizations.roles/undelete): `organizations/ `ORGANIZATION_ID`/roles/`CUSTOM_ROLE_ID. This method undeletes only custom roles that have been created at the organization level. Example request URL: https://iam. googleapis.com/v1/organizations/ORGANIZATION_ID/roles/CUSTOM_ROLE_ID`` Note: Wildcard (*) values are invalid; you must specify a complete project ID or organization ID.

• undelete_role_request_object (Google::Apis::IamV1::UndeleteRoleRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Role) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Role)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2511

def undelete_project_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:undelete', options)
  command.request_representation = Google::Apis::IamV1::UndeleteRoleRequest::Representation
  command.request_object = undelete_role_request_object
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#undelete_service_account(name, undelete_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::UndeleteServiceAccountResponse

Restores a deleted ServiceAccount. Important: It is not always possible to restore a deleted service account. Use this method only as a last resort. After you delete a service account, IAM permanently removes the service account 30 days later. There is no way to restore a deleted service account that has been permanently removed.

Parameters:

• name (String) —

  The resource name of the service account. Use one of the following formats: * projects/PROJECT_ID/serviceAccounts/EMAIL_ADDRESS* `projects/`PROJECT_ID` /serviceAccounts/`UNIQUE_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/ EMAIL_ADDRESS* `projects/-/serviceAccounts/`UNIQUE_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account projects/-/serviceAccounts/fake@example.com, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• undelete_service_account_request_object (Google::Apis::IamV1::UndeleteServiceAccountRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::UndeleteServiceAccountResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::UndeleteServiceAccountResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 3087

def undelete_service_account(name, undelete_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:undelete', options)
  command.request_representation = Google::Apis::IamV1::UndeleteServiceAccountRequest::Representation
  command.request_object = undelete_service_account_request_object
  command.response_representation = Google::Apis::IamV1::UndeleteServiceAccountResponse::Representation
  command.response_class = Google::Apis::IamV1::UndeleteServiceAccountResponse
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#undelete_workforce_pool(name, undelete_workforce_pool_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Undeletes a WorkforcePool, as long as it was deleted fewer than 30 days ago.

Parameters:

• name (String) —

  Required. The name of the pool to undelete. Format: locations/location/ workforcePools/workforce_pool_id``

• undelete_workforce_pool_request_object (Google::Apis::IamV1::UndeleteWorkforcePoolRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 440

def undelete_workforce_pool(name, undelete_workforce_pool_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:undelete', options)
  command.request_representation = Google::Apis::IamV1::UndeleteWorkforcePoolRequest::Representation
  command.request_object = undelete_workforce_pool_request_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#undelete_workforce_pool_provider(name, undelete_workforce_pool_provider_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Undeletes a WorkforcePoolProvider, as long as it was deleted fewer than 30 days ago.

Parameters:

• name (String) —

  Required. The name of the provider to undelete. Format: locations/location/ workforcePools/workforce_pool_id/providers/provider_id``

• undelete_workforce_pool_provider_request_object (Google::Apis::IamV1::UndeleteWorkforcePoolProviderRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 693

def undelete_workforce_pool_provider(name, undelete_workforce_pool_provider_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:undelete', options)
  command.request_representation = Google::Apis::IamV1::UndeleteWorkforcePoolProviderRequest::Representation
  command.request_object = undelete_workforce_pool_provider_request_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#undelete_workforce_pool_provider_key(name, undelete_workforce_pool_provider_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Undeletes a WorkforcePoolProviderKey, as long as it was deleted fewer than 30 days ago.

Parameters:

• name (String) —

  Required. The name of the key to undelete.

• undelete_workforce_pool_provider_key_request_object (Google::Apis::IamV1::UndeleteWorkforcePoolProviderKeyRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 870

def undelete_workforce_pool_provider_key(name, undelete_workforce_pool_provider_key_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:undelete', options)
  command.request_representation = Google::Apis::IamV1::UndeleteWorkforcePoolProviderKeyRequest::Representation
  command.request_object = undelete_workforce_pool_provider_key_request_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#undelete_workforce_pool_subject(name, undelete_workforce_pool_subject_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Undeletes a WorkforcePoolSubject, as long as it was deleted fewer than 30 days ago.

Parameters:

• name (String) —

  Required. The resource name of the WorkforcePoolSubject. Special characters, like '/' and ':', must be escaped, because all URLs need to conform to the " When to Escape and Unescape" section of RFC3986. Format: locations/location/workforcePools/workforce_pool_id/ subjects/subject_id``

• undelete_workforce_pool_subject_request_object (Google::Apis::IamV1::UndeleteWorkforcePoolSubjectRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1012

def undelete_workforce_pool_subject(name, undelete_workforce_pool_subject_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:undelete', options)
  command.request_representation = Google::Apis::IamV1::UndeleteWorkforcePoolSubjectRequest::Representation
  command.request_object = undelete_workforce_pool_subject_request_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#undelete_workload_identity_pool(name, undelete_workload_identity_pool_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Undeletes a WorkloadIdentityPool, as long as it was deleted fewer than 30 days ago.

Parameters:

• name (String) —

  Required. The name of the pool to undelete.

• undelete_workload_identity_pool_request_object (Google::Apis::IamV1::UndeleteWorkloadIdentityPoolRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1614

def undelete_workload_identity_pool(name, undelete_workload_identity_pool_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:undelete', options)
  command.request_representation = Google::Apis::IamV1::UndeleteWorkloadIdentityPoolRequest::Representation
  command.request_object = undelete_workload_identity_pool_request_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#undelete_workload_identity_pool_provider(name, undelete_workload_identity_pool_provider_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Undeletes a WorkloadIdentityPoolProvider, as long as it was deleted fewer than 30 days ago.

Parameters:

• name (String) —

  Required. The name of the provider to undelete.

• undelete_workload_identity_pool_provider_request_object (Google::Apis::IamV1::UndeleteWorkloadIdentityPoolProviderRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 1954

def undelete_workload_identity_pool_provider(name, undelete_workload_identity_pool_provider_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:undelete', options)
  command.request_representation = Google::Apis::IamV1::UndeleteWorkloadIdentityPoolProviderRequest::Representation
  command.request_object = undelete_workload_identity_pool_provider_request_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#undelete_workload_identity_pool_provider_key(name, undelete_workload_identity_pool_provider_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Operation

Undeletes an WorkloadIdentityPoolProviderKey, as long as it was deleted fewer than 30 days ago.

Parameters:

• name (String) —

  Required. The name of the encryption key to undelete.

• undelete_workload_identity_pool_provider_key_request_object (Google::Apis::IamV1::UndeleteWorkloadIdentityPoolProviderKeyRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::Operation) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::Operation)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 2129

def undelete_workload_identity_pool_provider_key(name, undelete_workload_identity_pool_provider_key_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:undelete', options)
  command.request_representation = Google::Apis::IamV1::UndeleteWorkloadIdentityPoolProviderKeyRequest::Representation
  command.request_object = undelete_workload_identity_pool_provider_key_request_object
  command.response_representation = Google::Apis::IamV1::Operation::Representation
  command.response_class = Google::Apis::IamV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#update_project_service_account(name, service_account_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount

Note: We are in the process of deprecating this method. Use PatchServiceAccount instead. Updates a ServiceAccount. You can update only the display_name field.

Parameters:

• name (String) —

  The resource name of the service account. Use one of the following formats: * projects/PROJECT_ID/serviceAccounts/EMAIL_ADDRESS* `projects/`PROJECT_ID` /serviceAccounts/`UNIQUE_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/ EMAIL_ADDRESS* `projects/-/serviceAccounts/`UNIQUE_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account projects/-/serviceAccounts/fake@example.com, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.

• service_account_object (Google::Apis::IamV1::ServiceAccount) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ServiceAccount) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ServiceAccount)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 3131

def update_project_service_account(name, service_account_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:put, 'v1/{+name}', options)
  command.request_representation = Google::Apis::IamV1::ServiceAccount::Representation
  command.request_object = service_account_object
  command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccount
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#upload_service_account_key(name, upload_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccountKey

Uploads the public key portion of a key pair that you manage, and associates the public key with a ServiceAccount. After you upload the public key, you can use the private key from the key pair as a service account key.

Parameters:

• name (String) —

  The resource name of the service account key. Use one of the following formats:

  • projects/PROJECT_ID/serviceAccounts/EMAIL_ADDRESS* `projects/` PROJECT_ID`/serviceAccounts/`UNIQUE_ID As an alternative, you can use the - wildcard character instead of the project ID: * projects/-/serviceAccounts/ EMAIL_ADDRESS* `projects/-/serviceAccounts/`UNIQUE_ID When possible, avoid using the - wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service account projects/-/serviceAccounts/fake@example.com, which does not exist, the response contains an HTTP 403 Forbidden error instead of a 404 Not Found error.
• upload_service_account_key_request_object (Google::Apis::IamV1::UploadServiceAccountKeyRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::IamV1::ServiceAccountKey) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::IamV1::ServiceAccountKey)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/iam_v1/service.rb', line 3433

def upload_service_account_key(name, upload_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}/keys:upload', options)
  command.request_representation = Google::Apis::IamV1::UploadServiceAccountKeyRequest::Representation
  command.request_object = upload_service_account_key_request_object
  command.response_representation = Google::Apis::IamV1::ServiceAccountKey::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccountKey
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end