Class: Google::Apis::IamV2::IamService

Inherits:
Core::BaseService
  • Object
show all
Defined in:
lib/google/apis/iam_v2/service.rb

Overview

Identity and Access Management (IAM) API

Manages identity and access control for Google Cloud resources, including the creation of service accounts, which you can use to authenticate to Google and make API calls. Enabling this API also enables the IAM Service Account Credentials API (iamcredentials.googleapis.com). However, disabling this API doesn't disable the IAM Service Account Credentials API.

Examples:

require 'google/apis/iam_v2'

Iam = Google::Apis::IamV2 # Alias the module
service = Iam::IamService.new

See Also:

Constant Summary collapse

DEFAULT_ENDPOINT_TEMPLATE = 
"https://iam.$UNIVERSE_DOMAIN$/"

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeIamService

Returns a new instance of IamService.



51
52
53
54
55
56
 
# File 'lib/google/apis/iam_v2/service.rb', line 51

def initialize
  super(DEFAULT_ENDPOINT_TEMPLATE, '',
        client_name: 'google-apis-iam_v2',
        client_version: Google::Apis::IamV2::GEM_VERSION)
  @batch_path = 'batch'
end

Instance Attribute Details

#keyString

Returns API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.

Returns:

  • (String)

    API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.



44
45
46
 
# File 'lib/google/apis/iam_v2/service.rb', line 44

def key
  @key
end

#quota_userString

Returns Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

Returns:

  • (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.



49
50
51
 
# File 'lib/google/apis/iam_v2/service.rb', line 49

def quota_user
  @quota_user
end

Instance Method Details

#create_policy_policy(parent, google_iam_v2_policy_object = nil, policy_id: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV2::GoogleLongrunningOperation

Creates a policy.

Parameters:

  • parent (String)

    Required. The resource that the policy is attached to, along with the kind of policy to create. Format: policies/attachment_point/denypolicies The attachment point is identified by its URL-encoded full resource name, which means that the forward-slash character, /, must be written as %2F. For example, policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/ denypolicies. For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.

  • google_iam_v2_policy_object (Google::Apis::IamV2::GoogleIamV2Policy) (defaults to: nil)
  • policy_id (String) (defaults to: nil)

    The ID to use for this policy, which will become the final component of the policy's resource name. The ID must contain 3 to 63 characters. It can contain lowercase letters and numbers, as well as dashes (-) and periods (.). The first character must be a lowercase letter.

  • fields (String) (defaults to: nil)

    Selector specifying which fields to include in a partial response.

  • quota_user (String) (defaults to: nil)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions) (defaults to: nil)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:

  • (Google::Apis::ServerError)

    An error occurred on the server and the request can be retried

  • (Google::Apis::ClientError)

    The request is invalid and should not be retried without modification

  • (Google::Apis::AuthorizationError)

    Authorization is required



90
91
92
93
94
95
96
97
98
99
100
101
 
# File 'lib/google/apis/iam_v2/service.rb', line 90

def create_policy_policy(parent, google_iam_v2_policy_object = nil, policy_id: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v2/{+parent}', options)
  command.request_representation = Google::Apis::IamV2::GoogleIamV2Policy::Representation
  command.request_object = google_iam_v2_policy_object
  command.response_representation = Google::Apis::IamV2::GoogleLongrunningOperation::Representation
  command.response_class = Google::Apis::IamV2::GoogleLongrunningOperation
  command.params['parent'] = parent unless parent.nil?
  command.query['policyId'] = policy_id unless policy_id.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_policy(name, etag: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV2::GoogleLongrunningOperation

Deletes a policy. This action is permanent.

Parameters:

  • name (String)

    Required. The resource name of the policy to delete. Format: policies/ attachment_point/denypolicies/policy_id`Use the URL-encoded full resource name, which means that the forward-slash character,/, must be written as% 2F. For example,policies/cloudresourcemanager.googleapis.com%2Fprojects% 2Fmy-project/denypolicies/my-policy`. For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.

  • etag (String) (defaults to: nil)

    Optional. The expected etag of the policy to delete. If the value does not match the value that is stored in IAM, the request fails with a 409 error code and ABORTED status. If you omit this field, the policy is deleted regardless of its current etag.

  • fields (String) (defaults to: nil)

    Selector specifying which fields to include in a partial response.

  • quota_user (String) (defaults to: nil)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions) (defaults to: nil)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:

  • (Google::Apis::ServerError)

    An error occurred on the server and the request can be retried

  • (Google::Apis::ClientError)

    The request is invalid and should not be retried without modification

  • (Google::Apis::AuthorizationError)

    Authorization is required



134
135
136
137
138
139
140
141
142
143
 
# File 'lib/google/apis/iam_v2/service.rb', line 134

def delete_policy(name, etag: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:delete, 'v2/{+name}', options)
  command.response_representation = Google::Apis::IamV2::GoogleLongrunningOperation::Representation
  command.response_class = Google::Apis::IamV2::GoogleLongrunningOperation
  command.params['name'] = name unless name.nil?
  command.query['etag'] = etag unless etag.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_policy(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV2::GoogleIamV2Policy

Gets a policy.

Parameters:

  • name (String)

    Required. The resource name of the policy to retrieve. Format: policies/ attachment_point/denypolicies/policy_id`Use the URL-encoded full resource name, which means that the forward-slash character,/, must be written as% 2F. For example,policies/cloudresourcemanager.googleapis.com%2Fprojects% 2Fmy-project/denypolicies/my-policy`. For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.

  • fields (String) (defaults to: nil)

    Selector specifying which fields to include in a partial response.

  • quota_user (String) (defaults to: nil)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions) (defaults to: nil)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:

  • (Google::Apis::ServerError)

    An error occurred on the server and the request can be retried

  • (Google::Apis::ClientError)

    The request is invalid and should not be retried without modification

  • (Google::Apis::AuthorizationError)

    Authorization is required



171
172
173
174
175
176
177
178
179
 
# File 'lib/google/apis/iam_v2/service.rb', line 171

def get_policy(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v2/{+name}', options)
  command.response_representation = Google::Apis::IamV2::GoogleIamV2Policy::Representation
  command.response_class = Google::Apis::IamV2::GoogleIamV2Policy
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_policy_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV2::GoogleLongrunningOperation

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

Parameters:

  • name (String)

    The name of the operation resource.

  • fields (String) (defaults to: nil)

    Selector specifying which fields to include in a partial response.

  • quota_user (String) (defaults to: nil)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions) (defaults to: nil)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:

  • (Google::Apis::ServerError)

    An error occurred on the server and the request can be retried

  • (Google::Apis::ClientError)

    The request is invalid and should not be retried without modification

  • (Google::Apis::AuthorizationError)

    Authorization is required



292
293
294
295
296
297
298
299
300
 
# File 'lib/google/apis/iam_v2/service.rb', line 292

def get_policy_operation(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v2/{+name}', options)
  command.response_representation = Google::Apis::IamV2::GoogleLongrunningOperation::Representation
  command.response_class = Google::Apis::IamV2::GoogleLongrunningOperation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_policy_policies(parent, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV2::GoogleIamV2ListPoliciesResponse

Retrieves the policies of the specified kind that are attached to a resource. The response lists only policy metadata. In particular, policy rules are omitted.

Parameters:

  • parent (String)

    Required. The resource that the policy is attached to, along with the kind of policy to list. Format: policies/attachment_point/denypolicies The attachment point is identified by its URL-encoded full resource name, which means that the forward-slash character, /, must be written as %2F. For example, policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/ denypolicies. For organizations and folders, use the numeric ID in the full resource name. For projects, you can use the alphanumeric or the numeric ID.

  • page_size (Fixnum) (defaults to: nil)

    The maximum number of policies to return. IAM ignores this value and uses the value 1000.

  • page_token (String) (defaults to: nil)

    A page token received in a ListPoliciesResponse. Provide this token to retrieve the next page.

  • fields (String) (defaults to: nil)

    Selector specifying which fields to include in a partial response.

  • quota_user (String) (defaults to: nil)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions) (defaults to: nil)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:

  • (Google::Apis::ServerError)

    An error occurred on the server and the request can be retried

  • (Google::Apis::ClientError)

    The request is invalid and should not be retried without modification

  • (Google::Apis::AuthorizationError)

    Authorization is required



215
216
217
218
219
220
221
222
223
224
225
 
# File 'lib/google/apis/iam_v2/service.rb', line 215

def list_policy_policies(parent, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v2/{+parent}', options)
  command.response_representation = Google::Apis::IamV2::GoogleIamV2ListPoliciesResponse::Representation
  command.response_class = Google::Apis::IamV2::GoogleIamV2ListPoliciesResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#update_policy(name, google_iam_v2_policy_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV2::GoogleLongrunningOperation

Updates the specified policy. You can update only the rules and the display name for the policy. To update a policy, you should use a read-modify-write loop: 1. Use GetPolicy to read the current version of the policy. 2. Modify the policy as needed. 3. Use UpdatePolicy to write the updated policy. This pattern helps prevent conflicts between concurrent updates.

Parameters:

  • name (String)

    Immutable. The resource name of the Policy, which must be unique. Format: policies/attachment_point/denypolicies/policy_id`The attachment point is identified by its URL-encoded full resource name, which means that the forward- slash character,/, must be written as%2F. For example,policies/ cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my- deny-policy`. For organizations and folders, use the numeric ID in the full resource name. For projects, requests can use the alphanumeric or the numeric ID. Responses always contain the numeric ID.

  • google_iam_v2_policy_object (Google::Apis::IamV2::GoogleIamV2Policy) (defaults to: nil)
  • fields (String) (defaults to: nil)

    Selector specifying which fields to include in a partial response.

  • quota_user (String) (defaults to: nil)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions) (defaults to: nil)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:

  • (Google::Apis::ServerError)

    An error occurred on the server and the request can be retried

  • (Google::Apis::ClientError)

    The request is invalid and should not be retried without modification

  • (Google::Apis::AuthorizationError)

    Authorization is required



259
260
261
262
263
264
265
266
267
268
269
 
# File 'lib/google/apis/iam_v2/service.rb', line 259

def update_policy(name, google_iam_v2_policy_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:put, 'v2/{+name}', options)
  command.request_representation = Google::Apis::IamV2::GoogleIamV2Policy::Representation
  command.request_object = google_iam_v2_policy_object
  command.response_representation = Google::Apis::IamV2::GoogleLongrunningOperation::Representation
  command.response_class = Google::Apis::IamV2::GoogleLongrunningOperation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end