blob: 3331e5ecebc31bb3e8af0f5125258d131da54d8a [file] [log] [blame]
// Copyright 2020 Google LLC.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// Code generated file. DO NOT EDIT.
// Package cloudasset provides access to the Cloud Asset API.
//
// For product documentation, see: https://cloud.google.com/asset-inventory/docs/quickstart
//
// Creating a client
//
// Usage example:
//
// import "google.golang.org/api/cloudasset/v1p1beta1"
// ...
// ctx := context.Background()
// cloudassetService, err := cloudasset.NewService(ctx)
//
// In this example, Google Application Default Credentials are used for authentication.
//
// For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.
//
// Other authentication options
//
// To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey:
//
// cloudassetService, err := cloudasset.NewService(ctx, option.WithAPIKey("AIza..."))
//
// To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource:
//
// config := &oauth2.Config{...}
// // ...
// token, err := config.Exchange(ctx, ...)
// cloudassetService, err := cloudasset.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))
//
// See https://godoc.org/google.golang.org/api/option/ for details on options.
package cloudasset // import "google.golang.org/api/cloudasset/v1p1beta1"
import (
"bytes"
"context"
"encoding/json"
"errors"
"fmt"
"io"
"net/http"
"net/url"
"strconv"
"strings"
googleapi "google.golang.org/api/googleapi"
gensupport "google.golang.org/api/internal/gensupport"
option "google.golang.org/api/option"
internaloption "google.golang.org/api/option/internaloption"
htransport "google.golang.org/api/transport/http"
)
// Always reference these packages, just in case the auto-generated code
// below doesn't.
var _ = bytes.NewBuffer
var _ = strconv.Itoa
var _ = fmt.Sprintf
var _ = json.NewDecoder
var _ = io.Copy
var _ = url.Parse
var _ = gensupport.MarshalJSON
var _ = googleapi.Version
var _ = errors.New
var _ = strings.Replace
var _ = context.Canceled
var _ = internaloption.WithDefaultEndpoint
const apiId = "cloudasset:v1p1beta1"
const apiName = "cloudasset"
const apiVersion = "v1p1beta1"
const basePath = "https://cloudasset.googleapis.com/"
const mtlsBasePath = "https://cloudasset.mtls.googleapis.com/"
// OAuth2 scopes used by this API.
const (
// View and manage your data across Google Cloud Platform services
CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
)
// NewService creates a new Service.
func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) {
scopesOption := option.WithScopes(
"https://www.googleapis.com/auth/cloud-platform",
)
// NOTE: prepend, so we don't override user-specified scopes.
opts = append([]option.ClientOption{scopesOption}, opts...)
opts = append(opts, internaloption.WithDefaultEndpoint(basePath))
opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath))
client, endpoint, err := htransport.NewClient(ctx, opts...)
if err != nil {
return nil, err
}
s, err := New(client)
if err != nil {
return nil, err
}
if endpoint != "" {
s.BasePath = endpoint
}
return s, nil
}
// New creates a new Service. It uses the provided http.Client for requests.
//
// Deprecated: please use NewService instead.
// To provide a custom HTTP client, use option.WithHTTPClient.
// If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.
func New(client *http.Client) (*Service, error) {
if client == nil {
return nil, errors.New("client is nil")
}
s := &Service{client: client, BasePath: basePath}
s.IamPolicies = NewIamPoliciesService(s)
s.Resources = NewResourcesService(s)
return s, nil
}
type Service struct {
client *http.Client
BasePath string // API endpoint base URL
UserAgent string // optional additional User-Agent fragment
IamPolicies *IamPoliciesService
Resources *ResourcesService
}
func (s *Service) userAgent() string {
if s.UserAgent == "" {
return googleapi.UserAgent
}
return googleapi.UserAgent + " " + s.UserAgent
}
func NewIamPoliciesService(s *Service) *IamPoliciesService {
rs := &IamPoliciesService{s: s}
return rs
}
type IamPoliciesService struct {
s *Service
}
func NewResourcesService(s *Service) *ResourcesService {
rs := &ResourcesService{s: s}
return rs
}
type ResourcesService struct {
s *Service
}
// AuditConfig: Specifies the audit configuration for a service.
// The configuration determines which permission types are logged, and
// what
// identities, if any, are exempted from logging.
// An AuditConfig must have one or more AuditLogConfigs.
//
// If there are AuditConfigs for both `allServices` and a specific
// service,
// the union of the two AuditConfigs is used for that service: the
// log_types
// specified in each AuditConfig are enabled, and the exempted_members
// in each
// AuditLogConfig are exempted.
//
// Example Policy with multiple AuditConfigs:
//
// {
// "audit_configs": [
// {
// "service": "allServices",
// "audit_log_configs": [
// {
// "log_type": "DATA_READ",
// "exempted_members": [
// "user:jose@example.com"
// ]
// },
// {
// "log_type": "DATA_WRITE"
// },
// {
// "log_type": "ADMIN_READ"
// }
// ]
// },
// {
// "service": "sampleservice.googleapis.com",
// "audit_log_configs": [
// {
// "log_type": "DATA_READ"
// },
// {
// "log_type": "DATA_WRITE",
// "exempted_members": [
// "user:aliya@example.com"
// ]
// }
// ]
// }
// ]
// }
//
// For sampleservice, this policy enables DATA_READ, DATA_WRITE and
// ADMIN_READ
// logging. It also exempts jose@example.com from DATA_READ logging,
// and
// aliya@example.com from DATA_WRITE logging.
type AuditConfig struct {
// AuditLogConfigs: The configuration for logging of each type of
// permission.
AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"`
// Service: Specifies a service that will be enabled for audit
// logging.
// For example, `storage.googleapis.com`,
// `cloudsql.googleapis.com`.
// `allServices` is a special value that covers all services.
Service string `json:"service,omitempty"`
// ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "AuditLogConfigs") to
// include in API requests with the JSON null value. By default, fields
// with empty values are omitted from API requests. However, any field
// with an empty value appearing in NullFields will be sent to the
// server as null. It is an error if a field in this list has a
// non-empty value. This may be used to include null fields in Patch
// requests.
NullFields []string `json:"-"`
}
func (s *AuditConfig) MarshalJSON() ([]byte, error) {
type NoMethod AuditConfig
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// AuditLogConfig: Provides the configuration for logging a type of
// permissions.
// Example:
//
// {
// "audit_log_configs": [
// {
// "log_type": "DATA_READ",
// "exempted_members": [
// "user:jose@example.com"
// ]
// },
// {
// "log_type": "DATA_WRITE"
// }
// ]
// }
//
// This enables 'DATA_READ' and 'DATA_WRITE' logging, while
// exempting
// jose@example.com from DATA_READ logging.
type AuditLogConfig struct {
// ExemptedMembers: Specifies the identities that do not cause logging
// for this type of
// permission.
// Follows the same format of Binding.members.
ExemptedMembers []string `json:"exemptedMembers,omitempty"`
// LogType: The log type that this config enables.
//
// Possible values:
// "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this.
// "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy
// "DATA_WRITE" - Data writes. Example: CloudSQL Users create
// "DATA_READ" - Data reads. Example: CloudSQL Users list
LogType string `json:"logType,omitempty"`
// ForceSendFields is a list of field names (e.g. "ExemptedMembers") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "ExemptedMembers") to
// include in API requests with the JSON null value. By default, fields
// with empty values are omitted from API requests. However, any field
// with an empty value appearing in NullFields will be sent to the
// server as null. It is an error if a field in this list has a
// non-empty value. This may be used to include null fields in Patch
// requests.
NullFields []string `json:"-"`
}
func (s *AuditLogConfig) MarshalJSON() ([]byte, error) {
type NoMethod AuditLogConfig
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// Binding: Associates `members` with a `role`.
type Binding struct {
// Condition: The condition that is associated with this binding.
//
// If the condition evaluates to `true`, then this binding applies to
// the
// current request.
//
// If the condition evaluates to `false`, then this binding does not
// apply to
// the current request. However, a different role binding might grant
// the same
// role to one or more of the members in this binding.
//
// To learn which resources support conditions in their IAM policies,
// see
// the
// [IAM
// documentation](https://cloud.google.com/iam/help/conditions/r
// esource-policies).
Condition *Expr `json:"condition,omitempty"`
// Members: Specifies the identities requesting access for a Cloud
// Platform resource.
// `members` can have the following values:
//
// * `allUsers`: A special identifier that represents anyone who is
// on the internet; with or without a Google account.
//
// * `allAuthenticatedUsers`: A special identifier that represents
// anyone
// who is authenticated with a Google account or a service
// account.
//
// * `user:{emailid}`: An email address that represents a specific
// Google
// account. For example, `alice@example.com` .
//
//
// * `serviceAccount:{emailid}`: An email address that represents a
// service
// account. For example,
// `my-other-app@appspot.gserviceaccount.com`.
//
// * `group:{emailid}`: An email address that represents a Google
// group.
// For example, `admins@example.com`.
//
// * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus
// unique
// identifier) representing a user that has been recently deleted.
// For
// example, `alice@example.com?uid=123456789012345678901`. If the
// user is
// recovered, this value reverts to `user:{emailid}` and the
// recovered user
// retains the role in the binding.
//
// * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address
// (plus
// unique identifier) representing a service account that has been
// recently
// deleted. For example,
//
// `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
//
// If the service account is undeleted, this value reverts to
// `serviceAccount:{emailid}` and the undeleted service account
// retains the
// role in the binding.
//
// * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus
// unique
// identifier) representing a Google group that has been recently
// deleted. For example,
// `admins@example.com?uid=123456789012345678901`. If
// the group is recovered, this value reverts to `group:{emailid}`
// and the
// recovered group retains the role in the binding.
//
//
// * `domain:{domain}`: The G Suite domain (primary) that represents all
// the
// users of that domain. For example, `google.com` or
// `example.com`.
//
//
Members []string `json:"members,omitempty"`
// Role: Role that is assigned to `members`.
// For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
Role string `json:"role,omitempty"`
// ForceSendFields is a list of field names (e.g. "Condition") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "Condition") to include in
// API requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *Binding) MarshalJSON() ([]byte, error) {
type NoMethod Binding
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// Explanation: Explanation about the IAM policy search result.
type Explanation struct {
// MatchedPermissions: The map from roles to their included permission
// matching the permission
// query (e.g. containing `policy.role.permissions:`). A sample role
// string:
// "roles/compute.instanceAdmin". The roles can also be found in
// the
// returned `policy` bindings. Note that the map is populated only
// if
// requesting with a permission query.
MatchedPermissions map[string]Permissions `json:"matchedPermissions,omitempty"`
// ForceSendFields is a list of field names (e.g. "MatchedPermissions")
// to unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "MatchedPermissions") to
// include in API requests with the JSON null value. By default, fields
// with empty values are omitted from API requests. However, any field
// with an empty value appearing in NullFields will be sent to the
// server as null. It is an error if a field in this list has a
// non-empty value. This may be used to include null fields in Patch
// requests.
NullFields []string `json:"-"`
}
func (s *Explanation) MarshalJSON() ([]byte, error) {
type NoMethod Explanation
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// Expr: Represents a textual expression in the Common Expression
// Language (CEL)
// syntax. CEL is a C-like expression language. The syntax and semantics
// of CEL
// are documented at https://github.com/google/cel-spec.
//
// Example (Comparison):
//
// title: "Summary size limit"
// description: "Determines if a summary is less than 100 chars"
// expression: "document.summary.size() < 100"
//
// Example (Equality):
//
// title: "Requestor is owner"
// description: "Determines if requestor is the document owner"
// expression: "document.owner ==
// request.auth.claims.email"
//
// Example (Logic):
//
// title: "Public documents"
// description: "Determine whether the document should be publicly
// visible"
// expression: "document.type != 'private' && document.type !=
// 'internal'"
//
// Example (Data Manipulation):
//
// title: "Notification string"
// description: "Create a notification string with a timestamp."
// expression: "'New message received at ' +
// string(document.create_time)"
//
// The exact variables and functions that may be referenced within an
// expression
// are determined by the service that evaluates it. See the
// service
// documentation for additional information.
type Expr struct {
// Description: Optional. Description of the expression. This is a
// longer text which
// describes the expression, e.g. when hovered over it in a UI.
Description string `json:"description,omitempty"`
// Expression: Textual representation of an expression in Common
// Expression Language
// syntax.
Expression string `json:"expression,omitempty"`
// Location: Optional. String indicating the location of the expression
// for error
// reporting, e.g. a file name and a position in the file.
Location string `json:"location,omitempty"`
// Title: Optional. Title for the expression, i.e. a short string
// describing
// its purpose. This can be used e.g. in UIs which allow to enter
// the
// expression.
Title string `json:"title,omitempty"`
// ForceSendFields is a list of field names (e.g. "Description") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "Description") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *Expr) MarshalJSON() ([]byte, error) {
type NoMethod Expr
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// IamPolicySearchResult: The result for a IAM Policy search.
type IamPolicySearchResult struct {
// Explanation: Explanation about the IAM policy search result. It
// contains additional
// information to explain why the search result matches the query.
Explanation *Explanation `json:"explanation,omitempty"`
// Policy: The IAM policy directly set on the given resource. Note that
// the original
// IAM policy can contain multiple bindings. This only contains the
// bindings
// that match the given query. For queries that don't contain a
// constrain on
// policies (e.g. an empty query), this contains all the bindings.
Policy *Policy `json:"policy,omitempty"`
// Project: The project that the associated GCP resource belongs to, in
// the form of
// `projects/{project_number}`. If an IAM policy is set on a resource
// (like VM
// instance, Cloud Storage bucket), the project field will indicate
// the
// project that contains the resource. If an IAM policy is set on a
// folder or
// orgnization, the project field will be empty.
Project string `json:"project,omitempty"`
// Resource: The [full
// resource
// name](https://cloud.google.com/apis/design/resource_names#ful
// l_resource_name)
// of the resource associated with this IAM policy.
Resource string `json:"resource,omitempty"`
// ForceSendFields is a list of field names (e.g. "Explanation") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "Explanation") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *IamPolicySearchResult) MarshalJSON() ([]byte, error) {
type NoMethod IamPolicySearchResult
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// Permissions: IAM permissions
type Permissions struct {
// Permissions: A list of permissions. A sample permission string:
// "compute.disk.get".
Permissions []string `json:"permissions,omitempty"`
// ForceSendFields is a list of field names (e.g. "Permissions") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "Permissions") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *Permissions) MarshalJSON() ([]byte, error) {
type NoMethod Permissions
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// Policy: An Identity and Access Management (IAM) policy, which
// specifies access
// controls for Google Cloud resources.
//
//
// A `Policy` is a collection of `bindings`. A `binding` binds one or
// more
// `members` to a single `role`. Members can be user accounts, service
// accounts,
// Google groups, and domains (such as G Suite). A `role` is a named
// list of
// permissions; each `role` can be an IAM predefined role or a
// user-created
// custom role.
//
// For some types of Google Cloud resources, a `binding` can also
// specify a
// `condition`, which is a logical expression that allows access to a
// resource
// only if the expression evaluates to `true`. A condition can add
// constraints
// based on attributes of the request, the resource, or both. To learn
// which
// resources support conditions in their IAM policies, see the
// [IAM
// documentation](https://cloud.google.com/iam/help/conditions/resource-p
// olicies).
//
// **JSON example:**
//
// {
// "bindings": [
// {
// "role": "roles/resourcemanager.organizationAdmin",
// "members": [
// "user:mike@example.com",
// "group:admins@example.com",
// "domain:google.com",
//
// "serviceAccount:my-project-id@appspot.gserviceaccount.com"
// ]
// },
// {
// "role": "roles/resourcemanager.organizationViewer",
// "members": [
// "user:eve@example.com"
// ],
// "condition": {
// "title": "expirable access",
// "description": "Does not grant access after Sep 2020",
// "expression": "request.time <
// timestamp('2020-10-01T00:00:00.000Z')",
// }
// }
// ],
// "etag": "BwWWja0YfJA=",
// "version": 3
// }
//
// **YAML example:**
//
// bindings:
// - members:
// - user:mike@example.com
// - group:admins@example.com
// - domain:google.com
// - serviceAccount:my-project-id@appspot.gserviceaccount.com
// role: roles/resourcemanager.organizationAdmin
// - members:
// - user:eve@example.com
// role: roles/resourcemanager.organizationViewer
// condition:
// title: expirable access
// description: Does not grant access after Sep 2020
// expression: request.time <
// timestamp('2020-10-01T00:00:00.000Z')
// - etag: BwWWja0YfJA=
// - version: 3
//
// For a description of IAM and its features, see the
// [IAM documentation](https://cloud.google.com/iam/docs/).
type Policy struct {
// AuditConfigs: Specifies cloud audit logging configuration for this
// policy.
AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"`
// Bindings: Associates a list of `members` to a `role`. Optionally, may
// specify a
// `condition` that determines how and when the `bindings` are applied.
// Each
// of the `bindings` must contain at least one member.
Bindings []*Binding `json:"bindings,omitempty"`
// Etag: `etag` is used for optimistic concurrency control as a way to
// help
// prevent simultaneous updates of a policy from overwriting each
// other.
// It is strongly suggested that systems make use of the `etag` in
// the
// read-modify-write cycle to perform policy updates in order to avoid
// race
// conditions: An `etag` is returned in the response to `getIamPolicy`,
// and
// systems are expected to put that etag in the request to
// `setIamPolicy` to
// ensure that their change will be applied to the same version of the
// policy.
//
// **Important:** If you use IAM Conditions, you must include the `etag`
// field
// whenever you call `setIamPolicy`. If you omit this field, then IAM
// allows
// you to overwrite a version `3` policy with a version `1` policy, and
// all of
// the conditions in the version `3` policy are lost.
Etag string `json:"etag,omitempty"`
// Version: Specifies the format of the policy.
//
// Valid values are `0`, `1`, and `3`. Requests that specify an invalid
// value
// are rejected.
//
// Any operation that affects conditional role bindings must specify
// version
// `3`. This requirement applies to the following operations:
//
// * Getting a policy that includes a conditional role binding
// * Adding a conditional role binding to a policy
// * Changing a conditional role binding in a policy
// * Removing any role binding, with or without a condition, from a
// policy
// that includes conditions
//
// **Important:** If you use IAM Conditions, you must include the `etag`
// field
// whenever you call `setIamPolicy`. If you omit this field, then IAM
// allows
// you to overwrite a version `3` policy with a version `1` policy, and
// all of
// the conditions in the version `3` policy are lost.
//
// If a policy does not include any conditions, operations on that
// policy may
// specify any valid version or leave the field unset.
//
// To learn which resources support conditions in their IAM policies,
// see the
// [IAM
// documentation](https://cloud.google.com/iam/help/conditions/resource-p
// olicies).
Version int64 `json:"version,omitempty"`
// ForceSendFields is a list of field names (e.g. "AuditConfigs") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "AuditConfigs") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *Policy) MarshalJSON() ([]byte, error) {
type NoMethod Policy
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// SearchAllIamPoliciesResponse: Search all IAM policies response.
type SearchAllIamPoliciesResponse struct {
// NextPageToken: Set if there are more results than those appearing in
// this response; to get
// the next set of results, call this method again, using this value as
// the
// `page_token`.
NextPageToken string `json:"nextPageToken,omitempty"`
// Results: A list of IamPolicy that match the search query. Related
// information such
// as the associated resource is returned along with the policy.
Results []*IamPolicySearchResult `json:"results,omitempty"`
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi.ServerResponse `json:"-"`
// ForceSendFields is a list of field names (e.g. "NextPageToken") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "NextPageToken") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *SearchAllIamPoliciesResponse) MarshalJSON() ([]byte, error) {
type NoMethod SearchAllIamPoliciesResponse
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// SearchAllResourcesResponse: Search all resources response.
type SearchAllResourcesResponse struct {
// NextPageToken: If there are more results than those appearing in this
// response, then
// `next_page_token` is included. To get the next set of results, call
// this
// method again using the value of `next_page_token` as `page_token`.
NextPageToken string `json:"nextPageToken,omitempty"`
// Results: A list of resource that match the search query.
Results []*StandardResourceMetadata `json:"results,omitempty"`
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi.ServerResponse `json:"-"`
// ForceSendFields is a list of field names (e.g. "NextPageToken") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "NextPageToken") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *SearchAllResourcesResponse) MarshalJSON() ([]byte, error) {
type NoMethod SearchAllResourcesResponse
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// StandardResourceMetadata: The standard metadata of a cloud resource.
type StandardResourceMetadata struct {
// AdditionalAttributes: Additional searchable attributes of this
// resource.
// Informational only. The exact set of attributes is subject to
// change.
// For example: project id, DNS name etc.
AdditionalAttributes []string `json:"additionalAttributes,omitempty"`
// AssetType: The type of this resource.
// For example: "compute.googleapis.com/Disk".
AssetType string `json:"assetType,omitempty"`
// Description: One or more paragraphs of text description of this
// resource. Maximum length
// could be up to 1M bytes.
Description string `json:"description,omitempty"`
// DisplayName: The display name of this resource.
DisplayName string `json:"displayName,omitempty"`
// Labels: Labels associated with this resource. See [Labelling and
// grouping
// GCP
// resources](https://cloud.google.com/blog/products/gcp/labelling-an
// d-grouping-your-google-cloud-platform-resources)
// for more information.
Labels map[string]string `json:"labels,omitempty"`
// Location: Location can be "global", regional like "us-east1", or
// zonal like
// "us-west1-b".
Location string `json:"location,omitempty"`
// Name: The full resource name. For
// example:
// `//compute.googleapis.com/projects/my_project_123/zones/zone1
// /instances/instance1`.
// See
// [Resource
// Names](https://cloud.google.com/apis/design/resource_names#f
// ull_resource_name)
// for more information.
Name string `json:"name,omitempty"`
// NetworkTags: Network tags associated with this resource. Like labels,
// network tags are a
// type of annotations used to group GCP resources. See [Labelling
// GCP
// resources](lhttps://cloud.google.com/blog/products/gcp/labelling-a
// nd-grouping-your-google-cloud-platform-resources)
// for more information.
NetworkTags []string `json:"networkTags,omitempty"`
// Project: The project that this resource belongs to, in the form
// of
// `projects/{project_number}`.
Project string `json:"project,omitempty"`
// ForceSendFields is a list of field names (e.g.
// "AdditionalAttributes") to unconditionally include in API requests.
// By default, fields with empty values are omitted from API requests.
// However, any non-pointer, non-interface field appearing in
// ForceSendFields will be sent to the server regardless of whether the
// field is empty or not. This may be used to include empty fields in
// Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "AdditionalAttributes") to
// include in API requests with the JSON null value. By default, fields
// with empty values are omitted from API requests. However, any field
// with an empty value appearing in NullFields will be sent to the
// server as null. It is an error if a field in this list has a
// non-empty value. This may be used to include null fields in Patch
// requests.
NullFields []string `json:"-"`
}
func (s *StandardResourceMetadata) MarshalJSON() ([]byte, error) {
type NoMethod StandardResourceMetadata
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// method id "cloudasset.iamPolicies.searchAll":
type IamPoliciesSearchAllCall struct {
s *Service
scope string
urlParams_ gensupport.URLParams
ifNoneMatch_ string
ctx_ context.Context
header_ http.Header
}
// SearchAll: Searches all the IAM policies within a given accessible
// CRM scope
// (project/folder/organization). This RPC gives callers
// especially
// administrators the ability to search all the IAM policies within a
// scope,
// even if they don't have `.getIamPolicy` permission of all the IAM
// policies.
// Callers should have `cloud.assets.SearchAllIamPolicies` permission on
// the
// requested scope, otherwise the request will be rejected.
func (r *IamPoliciesService) SearchAll(scope string) *IamPoliciesSearchAllCall {
c := &IamPoliciesSearchAllCall{s: r.s, urlParams_: make(gensupport.URLParams)}
c.scope = scope
return c
}
// PageSize sets the optional parameter "pageSize": The page size for
// search result pagination. Page size is capped at 500 even
// if a larger value is given. If set to zero, server will pick an
// appropriate
// default. Returned results may be fewer than requested. When this
// happens,
// there could be more results as long as `next_page_token` is returned.
func (c *IamPoliciesSearchAllCall) PageSize(pageSize int64) *IamPoliciesSearchAllCall {
c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
return c
}
// PageToken sets the optional parameter "pageToken": If present,
// retrieve the next batch of results from the preceding call to
// this method. `page_token` must be the value of `next_page_token` from
// the
// previous response. The values of all other method parameters must
// be
// identical to those in the previous call.
func (c *IamPoliciesSearchAllCall) PageToken(pageToken string) *IamPoliciesSearchAllCall {
c.urlParams_.Set("pageToken", pageToken)
return c
}
// Query sets the optional parameter "query": The query statement.
// Examples:
//
// * "policy:myuser@mydomain.com"
// * "policy:(myuser@mydomain.com viewer)"
func (c *IamPoliciesSearchAllCall) Query(query string) *IamPoliciesSearchAllCall {
c.urlParams_.Set("query", query)
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func (c *IamPoliciesSearchAllCall) Fields(s ...googleapi.Field) *IamPoliciesSearchAllCall {
c.urlParams_.Set("fields", googleapi.CombineFields(s))
return c
}
// IfNoneMatch sets the optional parameter which makes the operation
// fail if the object's ETag matches the given value. This is useful for
// getting updates only after the object has changed since the last
// request. Use googleapi.IsNotModified to check whether the response
// error from Do is the result of In-None-Match.
func (c *IamPoliciesSearchAllCall) IfNoneMatch(entityTag string) *IamPoliciesSearchAllCall {
c.ifNoneMatch_ = entityTag
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func (c *IamPoliciesSearchAllCall) Context(ctx context.Context) *IamPoliciesSearchAllCall {
c.ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func (c *IamPoliciesSearchAllCall) Header() http.Header {
if c.header_ == nil {
c.header_ = make(http.Header)
}
return c.header_
}
func (c *IamPoliciesSearchAllCall) doRequest(alt string) (*http.Response, error) {
reqHeaders := make(http.Header)
reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200708")
for k, v := range c.header_ {
reqHeaders[k] = v
}
reqHeaders.Set("User-Agent", c.s.userAgent())
if c.ifNoneMatch_ != "" {
reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
}
var body io.Reader = nil
c.urlParams_.Set("alt", alt)
c.urlParams_.Set("prettyPrint", "false")
urls := googleapi.ResolveRelative(c.s.BasePath, "v1p1beta1/{+scope}/iamPolicies:searchAll")
urls += "?" + c.urlParams_.Encode()
req, err := http.NewRequest("GET", urls, body)
if err != nil {
return nil, err
}
req.Header = reqHeaders
googleapi.Expand(req.URL, map[string]string{
"scope": c.scope,
})
return gensupport.SendRequest(c.ctx_, c.s.client, req)
}
// Do executes the "cloudasset.iamPolicies.searchAll" call.
// Exactly one of *SearchAllIamPoliciesResponse or error will be
// non-nil. Any non-2xx status code is an error. Response headers are in
// either *SearchAllIamPoliciesResponse.ServerResponse.Header or (if a
// response was returned at all) in error.(*googleapi.Error).Header. Use
// googleapi.IsNotModified to check whether the returned error was
// because http.StatusNotModified was returned.
func (c *IamPoliciesSearchAllCall) Do(opts ...googleapi.CallOption) (*SearchAllIamPoliciesResponse, error) {
gensupport.SetOptions(c.urlParams_, opts...)
res, err := c.doRequest("json")
if res != nil && res.StatusCode == http.StatusNotModified {
if res.Body != nil {
res.Body.Close()
}
return nil, &googleapi.Error{
Code: res.StatusCode,
Header: res.Header,
}
}
if err != nil {
return nil, err
}
defer googleapi.CloseBody(res)
if err := googleapi.CheckResponse(res); err != nil {
return nil, err
}
ret := &SearchAllIamPoliciesResponse{
ServerResponse: googleapi.ServerResponse{
Header: res.Header,
HTTPStatusCode: res.StatusCode,
},
}
target := &ret
if err := gensupport.DecodeResponse(target, res); err != nil {
return nil, err
}
return ret, nil
// {
// "description": "Searches all the IAM policies within a given accessible CRM scope\n(project/folder/organization). This RPC gives callers especially\nadministrators the ability to search all the IAM policies within a scope,\neven if they don't have `.getIamPolicy` permission of all the IAM policies.\nCallers should have `cloud.assets.SearchAllIamPolicies` permission on the\nrequested scope, otherwise the request will be rejected.",
// "flatPath": "v1p1beta1/{v1p1beta1Id}/{v1p1beta1Id1}/iamPolicies:searchAll",
// "httpMethod": "GET",
// "id": "cloudasset.iamPolicies.searchAll",
// "parameterOrder": [
// "scope"
// ],
// "parameters": {
// "pageSize": {
// "description": "Optional. The page size for search result pagination. Page size is capped at 500 even\nif a larger value is given. If set to zero, server will pick an appropriate\ndefault. Returned results may be fewer than requested. When this happens,\nthere could be more results as long as `next_page_token` is returned.",
// "format": "int32",
// "location": "query",
// "type": "integer"
// },
// "pageToken": {
// "description": "Optional. If present, retrieve the next batch of results from the preceding call to\nthis method. `page_token` must be the value of `next_page_token` from the\nprevious response. The values of all other method parameters must be\nidentical to those in the previous call.",
// "location": "query",
// "type": "string"
// },
// "query": {
// "description": "Optional. The query statement. Examples:\n\n* \"policy:myuser@mydomain.com\"\n* \"policy:(myuser@mydomain.com viewer)\"",
// "location": "query",
// "type": "string"
// },
// "scope": {
// "description": "Required. The relative name of an asset. The search is limited to the resources\nwithin the `scope`. The allowed value must be:\n\n* Organization number (such as \"organizations/123\")\n* Folder number(such as \"folders/1234\")\n* Project number (such as \"projects/12345\")\n* Project id (such as \"projects/abc\")",
// "location": "path",
// "pattern": "^[^/]+/[^/]+$",
// "required": true,
// "type": "string"
// }
// },
// "path": "v1p1beta1/{+scope}/iamPolicies:searchAll",
// "response": {
// "$ref": "SearchAllIamPoliciesResponse"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// Pages invokes f for each page of results.
// A non-nil error returned from f will halt the iteration.
// The provided context supersedes any context provided to the Context method.
func (c *IamPoliciesSearchAllCall) Pages(ctx context.Context, f func(*SearchAllIamPoliciesResponse) error) error {
c.ctx_ = ctx
defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
for {
x, err := c.Do()
if err != nil {
return err
}
if err := f(x); err != nil {
return err
}
if x.NextPageToken == "" {
return nil
}
c.PageToken(x.NextPageToken)
}
}
// method id "cloudasset.resources.searchAll":
type ResourcesSearchAllCall struct {
s *Service
scope string
urlParams_ gensupport.URLParams
ifNoneMatch_ string
ctx_ context.Context
header_ http.Header
}
// SearchAll: Searches all the resources within a given accessible CRM
// scope
// (project/folder/organization). This RPC gives callers
// especially
// administrators the ability to search all the resources within a
// scope, even
// if they don't have `.get` permission of all the resources. Callers
// should
// have `cloud.assets.SearchAllResources` permission on the requested
// scope,
// otherwise the request will be rejected.
func (r *ResourcesService) SearchAll(scope string) *ResourcesSearchAllCall {
c := &ResourcesSearchAllCall{s: r.s, urlParams_: make(gensupport.URLParams)}
c.scope = scope
return c
}
// AssetTypes sets the optional parameter "assetTypes": A list of asset
// types that this request searches for. If empty, it will
// search all the supported asset types.
func (c *ResourcesSearchAllCall) AssetTypes(assetTypes ...string) *ResourcesSearchAllCall {
c.urlParams_.SetMulti("assetTypes", append([]string{}, assetTypes...))
return c
}
// OrderBy sets the optional parameter "orderBy": A comma separated list
// of fields specifying the sorting order of the
// results. The default order is ascending. Add ` DESC` after the field
// name
// to indicate descending order. Redundant space characters are ignored.
// For
// example, ` location DESC , name `.
func (c *ResourcesSearchAllCall) OrderBy(orderBy string) *ResourcesSearchAllCall {
c.urlParams_.Set("orderBy", orderBy)
return c
}
// PageSize sets the optional parameter "pageSize": The page size for
// search result pagination. Page size is capped at 500 even
// if a larger value is given. If set to zero, server will pick an
// appropriate
// default. Returned results may be fewer than requested. When this
// happens,
// there could be more results as long as `next_page_token` is returned.
func (c *ResourcesSearchAllCall) PageSize(pageSize int64) *ResourcesSearchAllCall {
c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
return c
}
// PageToken sets the optional parameter "pageToken": If present, then
// retrieve the next batch of results from the preceding call
// to this method. `page_token` must be the value of `next_page_token`
// from
// the previous response. The values of all other method parameters,
// must be
// identical to those in the previous call.
func (c *ResourcesSearchAllCall) PageToken(pageToken string) *ResourcesSearchAllCall {
c.urlParams_.Set("pageToken", pageToken)
return c
}
// Query sets the optional parameter "query": The query statement.
func (c *ResourcesSearchAllCall) Query(query string) *ResourcesSearchAllCall {
c.urlParams_.Set("query", query)
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func (c *ResourcesSearchAllCall) Fields(s ...googleapi.Field) *ResourcesSearchAllCall {
c.urlParams_.Set("fields", googleapi.CombineFields(s))
return c
}
// IfNoneMatch sets the optional parameter which makes the operation
// fail if the object's ETag matches the given value. This is useful for
// getting updates only after the object has changed since the last
// request. Use googleapi.IsNotModified to check whether the response
// error from Do is the result of In-None-Match.
func (c *ResourcesSearchAllCall) IfNoneMatch(entityTag string) *ResourcesSearchAllCall {
c.ifNoneMatch_ = entityTag
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func (c *ResourcesSearchAllCall) Context(ctx context.Context) *ResourcesSearchAllCall {
c.ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func (c *ResourcesSearchAllCall) Header() http.Header {
if c.header_ == nil {
c.header_ = make(http.Header)
}
return c.header_
}
func (c *ResourcesSearchAllCall) doRequest(alt string) (*http.Response, error) {
reqHeaders := make(http.Header)
reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20200708")
for k, v := range c.header_ {
reqHeaders[k] = v
}
reqHeaders.Set("User-Agent", c.s.userAgent())
if c.ifNoneMatch_ != "" {
reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
}
var body io.Reader = nil
c.urlParams_.Set("alt", alt)
c.urlParams_.Set("prettyPrint", "false")
urls := googleapi.ResolveRelative(c.s.BasePath, "v1p1beta1/{+scope}/resources:searchAll")
urls += "?" + c.urlParams_.Encode()
req, err := http.NewRequest("GET", urls, body)
if err != nil {
return nil, err
}
req.Header = reqHeaders
googleapi.Expand(req.URL, map[string]string{
"scope": c.scope,
})
return gensupport.SendRequest(c.ctx_, c.s.client, req)
}
// Do executes the "cloudasset.resources.searchAll" call.
// Exactly one of *SearchAllResourcesResponse or error will be non-nil.
// Any non-2xx status code is an error. Response headers are in either
// *SearchAllResourcesResponse.ServerResponse.Header or (if a response
// was returned at all) in error.(*googleapi.Error).Header. Use
// googleapi.IsNotModified to check whether the returned error was
// because http.StatusNotModified was returned.
func (c *ResourcesSearchAllCall) Do(opts ...googleapi.CallOption) (*SearchAllResourcesResponse, error) {
gensupport.SetOptions(c.urlParams_, opts...)
res, err := c.doRequest("json")
if res != nil && res.StatusCode == http.StatusNotModified {
if res.Body != nil {
res.Body.Close()
}
return nil, &googleapi.Error{
Code: res.StatusCode,
Header: res.Header,
}
}
if err != nil {
return nil, err
}
defer googleapi.CloseBody(res)
if err := googleapi.CheckResponse(res); err != nil {
return nil, err
}
ret := &SearchAllResourcesResponse{
ServerResponse: googleapi.ServerResponse{
Header: res.Header,
HTTPStatusCode: res.StatusCode,
},
}
target := &ret
if err := gensupport.DecodeResponse(target, res); err != nil {
return nil, err
}
return ret, nil
// {
// "description": "Searches all the resources within a given accessible CRM scope\n(project/folder/organization). This RPC gives callers especially\nadministrators the ability to search all the resources within a scope, even\nif they don't have `.get` permission of all the resources. Callers should\nhave `cloud.assets.SearchAllResources` permission on the requested scope,\notherwise the request will be rejected.",
// "flatPath": "v1p1beta1/{v1p1beta1Id}/{v1p1beta1Id1}/resources:searchAll",
// "httpMethod": "GET",
// "id": "cloudasset.resources.searchAll",
// "parameterOrder": [
// "scope"
// ],
// "parameters": {
// "assetTypes": {
// "description": "Optional. A list of asset types that this request searches for. If empty, it will\nsearch all the supported asset types.",
// "location": "query",
// "repeated": true,
// "type": "string"
// },
// "orderBy": {
// "description": "Optional. A comma separated list of fields specifying the sorting order of the\nresults. The default order is ascending. Add ` DESC` after the field name\nto indicate descending order. Redundant space characters are ignored. For\nexample, ` location DESC , name `.",
// "location": "query",
// "type": "string"
// },
// "pageSize": {
// "description": "Optional. The page size for search result pagination. Page size is capped at 500 even\nif a larger value is given. If set to zero, server will pick an appropriate\ndefault. Returned results may be fewer than requested. When this happens,\nthere could be more results as long as `next_page_token` is returned.",
// "format": "int32",
// "location": "query",
// "type": "integer"
// },
// "pageToken": {
// "description": "Optional. If present, then retrieve the next batch of results from the preceding call\nto this method. `page_token` must be the value of `next_page_token` from\nthe previous response. The values of all other method parameters, must be\nidentical to those in the previous call.",
// "location": "query",
// "type": "string"
// },
// "query": {
// "description": "Optional. The query statement.",
// "location": "query",
// "type": "string"
// },
// "scope": {
// "description": "Required. The relative name of an asset. The search is limited to the resources\nwithin the `scope`. The allowed value must be:\n\n* Organization number (such as \"organizations/123\")\n* Folder number(such as \"folders/1234\")\n* Project number (such as \"projects/12345\")\n* Project id (such as \"projects/abc\")",
// "location": "path",
// "pattern": "^[^/]+/[^/]+$",
// "required": true,
// "type": "string"
// }
// },
// "path": "v1p1beta1/{+scope}/resources:searchAll",
// "response": {
// "$ref": "SearchAllResourcesResponse"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// Pages invokes f for each page of results.
// A non-nil error returned from f will halt the iteration.
// The provided context supersedes any context provided to the Context method.
func (c *ResourcesSearchAllCall) Pages(ctx context.Context, f func(*SearchAllResourcesResponse) error) error {
c.ctx_ = ctx
defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
for {
x, err := c.Do()
if err != nil {
return err
}
if err := f(x); err != nil {
return err
}
if x.NextPageToken == "" {
return nil
}
c.PageToken(x.NextPageToken)
}
}