api: google.golang.org/api/iap/v1beta1 Index | Files

package iap

import "google.golang.org/api/iap/v1beta1"

Package iap provides access to the Cloud Identity-Aware Proxy API.

For product documentation, see: https://cloud.google.com/iap

Creating a client

Usage example:

import "google.golang.org/api/iap/v1beta1"
...
ctx := context.Background()
iapService, err := iap.NewService(ctx)

In this example, Google Application Default Credentials are used for authentication.

For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.

Other authentication options

To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey:

iapService, err := iap.NewService(ctx, option.WithAPIKey("AIza..."))

To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource:

config := &oauth2.Config{...}
// ...
token, err := config.Exchange(ctx, ...)
iapService, err := iap.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))

See https://godoc.org/google.golang.org/api/option/ for details on options.

Index

Package Files

iap-gen.go

Constants

const (
    // View and manage your data across Google Cloud Platform services
    CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
)

OAuth2 scopes used by this API.

type Binding Uses

type Binding struct {
    // Condition: The condition that is associated with this binding.
    // NOTE: An unsatisfied condition will not allow user access via
    // current
    // binding. Different bindings, including their conditions, are
    // examined
    // independently.
    Condition *Expr `json:"condition,omitempty"`

    // Members: Specifies the identities requesting access for a Cloud
    // Platform resource.
    // `members` can have the following values:
    //
    // * `allUsers`: A special identifier that represents anyone who is
    //    on the internet; with or without a Google account.
    //
    // * `allAuthenticatedUsers`: A special identifier that represents
    // anyone
    //    who is authenticated with a Google account or a service
    // account.
    //
    // * `user:{emailid}`: An email address that represents a specific
    // Google
    //    account. For example, `alice@example.com` .
    //
    //
    // * `serviceAccount:{emailid}`: An email address that represents a
    // service
    //    account. For example,
    // `my-other-app@appspot.gserviceaccount.com`.
    //
    // * `group:{emailid}`: An email address that represents a Google
    // group.
    //    For example, `admins@example.com`.
    //
    //
    // * `domain:{domain}`: The G Suite domain (primary) that represents all
    // the
    //    users of that domain. For example, `google.com` or
    // `example.com`.
    //
    //
    Members []string `json:"members,omitempty"`

    // Role: Role that is assigned to `members`.
    // For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
    Role string `json:"role,omitempty"`

    // ForceSendFields is a list of field names (e.g. "Condition") to
    // unconditionally include in API requests. By default, fields with
    // empty values are omitted from API requests. However, any non-pointer,
    // non-interface field appearing in ForceSendFields will be sent to the
    // server regardless of whether the field is empty or not. This may be
    // used to include empty fields in Patch requests.
    ForceSendFields []string `json:"-"`

    // NullFields is a list of field names (e.g. "Condition") to include in
    // API requests with the JSON null value. By default, fields with empty
    // values are omitted from API requests. However, any field with an
    // empty value appearing in NullFields will be sent to the server as
    // null. It is an error if a field in this list has a non-empty value.
    // This may be used to include null fields in Patch requests.
    NullFields []string `json:"-"`
}

Binding: Associates `members` with a `role`.

func (*Binding) MarshalJSON Uses

func (s *Binding) MarshalJSON() ([]byte, error)

type Expr Uses

type Expr struct {
    // Description: An optional description of the expression. This is a
    // longer text which
    // describes the expression, e.g. when hovered over it in a UI.
    Description string `json:"description,omitempty"`

    // Expression: Textual representation of an expression in
    // Common Expression Language syntax.
    //
    // The application context of the containing message determines
    // which
    // well-known feature set of CEL is supported.
    Expression string `json:"expression,omitempty"`

    // Location: An optional string indicating the location of the
    // expression for error
    // reporting, e.g. a file name and a position in the file.
    Location string `json:"location,omitempty"`

    // Title: An optional title for the expression, i.e. a short string
    // describing
    // its purpose. This can be used e.g. in UIs which allow to enter
    // the
    // expression.
    Title string `json:"title,omitempty"`

    // ForceSendFields is a list of field names (e.g. "Description") to
    // unconditionally include in API requests. By default, fields with
    // empty values are omitted from API requests. However, any non-pointer,
    // non-interface field appearing in ForceSendFields will be sent to the
    // server regardless of whether the field is empty or not. This may be
    // used to include empty fields in Patch requests.
    ForceSendFields []string `json:"-"`

    // NullFields is a list of field names (e.g. "Description") to include
    // in API requests with the JSON null value. By default, fields with
    // empty values are omitted from API requests. However, any field with
    // an empty value appearing in NullFields will be sent to the server as
    // null. It is an error if a field in this list has a non-empty value.
    // This may be used to include null fields in Patch requests.
    NullFields []string `json:"-"`
}

Expr: Represents an expression text. Example:

title: "User account presence"
description: "Determines whether the request has a user account"
expression: "size(request.user) > 0"

func (*Expr) MarshalJSON Uses

func (s *Expr) MarshalJSON() ([]byte, error)

type GetIamPolicyRequest Uses

type GetIamPolicyRequest struct {
    // Options: OPTIONAL: A `GetPolicyOptions` object for specifying options
    // to
    // `GetIamPolicy`. This field is only used by Cloud IAM.
    Options *GetPolicyOptions `json:"options,omitempty"`

    // ForceSendFields is a list of field names (e.g. "Options") to
    // unconditionally include in API requests. By default, fields with
    // empty values are omitted from API requests. However, any non-pointer,
    // non-interface field appearing in ForceSendFields will be sent to the
    // server regardless of whether the field is empty or not. This may be
    // used to include empty fields in Patch requests.
    ForceSendFields []string `json:"-"`

    // NullFields is a list of field names (e.g. "Options") to include in
    // API requests with the JSON null value. By default, fields with empty
    // values are omitted from API requests. However, any field with an
    // empty value appearing in NullFields will be sent to the server as
    // null. It is an error if a field in this list has a non-empty value.
    // This may be used to include null fields in Patch requests.
    NullFields []string `json:"-"`
}

GetIamPolicyRequest: Request message for `GetIamPolicy` method.

func (*GetIamPolicyRequest) MarshalJSON Uses

func (s *GetIamPolicyRequest) MarshalJSON() ([]byte, error)

type GetPolicyOptions Uses

type GetPolicyOptions struct {
    // RequestedPolicyVersion: Optional. The policy format version to be
    // returned.
    //
    // Valid values are 0, 1, and 3. Requests specifying an invalid value
    // will be
    // rejected.
    //
    // Requests for policies with any conditional bindings must specify
    // version 3.
    // Policies without any conditional bindings may specify any valid value
    // or
    // leave the field unset.
    RequestedPolicyVersion int64 `json:"requestedPolicyVersion,omitempty"`

    // ForceSendFields is a list of field names (e.g.
    // "RequestedPolicyVersion") to unconditionally include in API requests.
    // By default, fields with empty values are omitted from API requests.
    // However, any non-pointer, non-interface field appearing in
    // ForceSendFields will be sent to the server regardless of whether the
    // field is empty or not. This may be used to include empty fields in
    // Patch requests.
    ForceSendFields []string `json:"-"`

    // NullFields is a list of field names (e.g. "RequestedPolicyVersion")
    // to include in API requests with the JSON null value. By default,
    // fields with empty values are omitted from API requests. However, any
    // field with an empty value appearing in NullFields will be sent to the
    // server as null. It is an error if a field in this list has a
    // non-empty value. This may be used to include null fields in Patch
    // requests.
    NullFields []string `json:"-"`
}

GetPolicyOptions: Encapsulates settings provided to GetIamPolicy.

func (*GetPolicyOptions) MarshalJSON Uses

func (s *GetPolicyOptions) MarshalJSON() ([]byte, error)

type Policy Uses

type Policy struct {
    // Bindings: Associates a list of `members` to a `role`.
    // `bindings` with no members will result in an error.
    Bindings []*Binding `json:"bindings,omitempty"`

    // Etag: `etag` is used for optimistic concurrency control as a way to
    // help
    // prevent simultaneous updates of a policy from overwriting each
    // other.
    // It is strongly suggested that systems make use of the `etag` in
    // the
    // read-modify-write cycle to perform policy updates in order to avoid
    // race
    // conditions: An `etag` is returned in the response to `getIamPolicy`,
    // and
    // systems are expected to put that etag in the request to
    // `setIamPolicy` to
    // ensure that their change will be applied to the same version of the
    // policy.
    //
    // If no `etag` is provided in the call to `setIamPolicy`, then the
    // existing
    // policy is overwritten.
    Etag string `json:"etag,omitempty"`

    // Version: Specifies the format of the policy.
    //
    // Valid values are 0, 1, and 3. Requests specifying an invalid value
    // will be
    // rejected.
    //
    // Policies with any conditional bindings must specify version 3.
    // Policies
    // without any conditional bindings may specify any valid value or leave
    // the
    // field unset.
    Version int64 `json:"version,omitempty"`

    // ServerResponse contains the HTTP response code and headers from the
    // server.
    googleapi.ServerResponse `json:"-"`

    // ForceSendFields is a list of field names (e.g. "Bindings") to
    // unconditionally include in API requests. By default, fields with
    // empty values are omitted from API requests. However, any non-pointer,
    // non-interface field appearing in ForceSendFields will be sent to the
    // server regardless of whether the field is empty or not. This may be
    // used to include empty fields in Patch requests.
    ForceSendFields []string `json:"-"`

    // NullFields is a list of field names (e.g. "Bindings") to include in
    // API requests with the JSON null value. By default, fields with empty
    // values are omitted from API requests. However, any field with an
    // empty value appearing in NullFields will be sent to the server as
    // null. It is an error if a field in this list has a non-empty value.
    // This may be used to include null fields in Patch requests.
    NullFields []string `json:"-"`
}

Policy: Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources.

A `Policy` consists of a list of `bindings`. A `binding` binds a list of `members` to a `role`, where the members can be user accounts, Google groups, Google domains, and service accounts. A `role` is a named list of permissions defined by IAM.

**JSON Example**

{
  "bindings": [
    {
      "role": "roles/owner",
      "members": [
        "user:mike@example.com",
        "group:admins@example.com",
        "domain:google.com",

"serviceAccount:my-other-app@appspot.gserviceaccount.com"

      ]
    },
    {
      "role": "roles/viewer",
      "members": ["user:sean@example.com"]
    }
  ]
}

**YAML Example**

bindings:
- members:
  - user:mike@example.com
  - group:admins@example.com
  - domain:google.com
  - serviceAccount:my-other-app@appspot.gserviceaccount.com
  role: roles/owner
- members:
  - user:sean@example.com
  role: roles/viewer

For a description of IAM and its features, see the [IAM developer's guide](https://cloud.google.com/iam/docs).

func (*Policy) MarshalJSON Uses

func (s *Policy) MarshalJSON() ([]byte, error)

type Service Uses

type Service struct {
    BasePath  string // API endpoint base URL
    UserAgent string // optional additional User-Agent fragment

    V1beta1 *V1beta1Service
    // contains filtered or unexported fields
}

func New Uses

func New(client *http.Client) (*Service, error)

New creates a new Service. It uses the provided http.Client for requests.

Deprecated: please use NewService instead. To provide a custom HTTP client, use option.WithHTTPClient. If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.

func NewService Uses

func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error)

NewService creates a new Service.

type SetIamPolicyRequest Uses

type SetIamPolicyRequest struct {
    // Policy: REQUIRED: The complete policy to be applied to the
    // `resource`. The size of
    // the policy is limited to a few 10s of KB. An empty policy is a
    // valid policy but certain Cloud Platform services (such as
    // Projects)
    // might reject them.
    Policy *Policy `json:"policy,omitempty"`

    // ForceSendFields is a list of field names (e.g. "Policy") to
    // unconditionally include in API requests. By default, fields with
    // empty values are omitted from API requests. However, any non-pointer,
    // non-interface field appearing in ForceSendFields will be sent to the
    // server regardless of whether the field is empty or not. This may be
    // used to include empty fields in Patch requests.
    ForceSendFields []string `json:"-"`

    // NullFields is a list of field names (e.g. "Policy") to include in API
    // requests with the JSON null value. By default, fields with empty
    // values are omitted from API requests. However, any field with an
    // empty value appearing in NullFields will be sent to the server as
    // null. It is an error if a field in this list has a non-empty value.
    // This may be used to include null fields in Patch requests.
    NullFields []string `json:"-"`
}

SetIamPolicyRequest: Request message for `SetIamPolicy` method.

func (*SetIamPolicyRequest) MarshalJSON Uses

func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error)

type TestIamPermissionsRequest Uses

type TestIamPermissionsRequest struct {
    // Permissions: The set of permissions to check for the `resource`.
    // Permissions with
    // wildcards (such as '*' or 'storage.*') are not allowed. For
    // more
    // information see
    // [IAM
    // Overview](https://cloud.google.com/iam/docs/overview#permissions).
    Permissions []string `json:"permissions,omitempty"`

    // ForceSendFields is a list of field names (e.g. "Permissions") to
    // unconditionally include in API requests. By default, fields with
    // empty values are omitted from API requests. However, any non-pointer,
    // non-interface field appearing in ForceSendFields will be sent to the
    // server regardless of whether the field is empty or not. This may be
    // used to include empty fields in Patch requests.
    ForceSendFields []string `json:"-"`

    // NullFields is a list of field names (e.g. "Permissions") to include
    // in API requests with the JSON null value. By default, fields with
    // empty values are omitted from API requests. However, any field with
    // an empty value appearing in NullFields will be sent to the server as
    // null. It is an error if a field in this list has a non-empty value.
    // This may be used to include null fields in Patch requests.
    NullFields []string `json:"-"`
}

TestIamPermissionsRequest: Request message for `TestIamPermissions` method.

func (*TestIamPermissionsRequest) MarshalJSON Uses

func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error)

type TestIamPermissionsResponse Uses

type TestIamPermissionsResponse struct {
    // Permissions: A subset of `TestPermissionsRequest.permissions` that
    // the caller is
    // allowed.
    Permissions []string `json:"permissions,omitempty"`

    // ServerResponse contains the HTTP response code and headers from the
    // server.
    googleapi.ServerResponse `json:"-"`

    // ForceSendFields is a list of field names (e.g. "Permissions") to
    // unconditionally include in API requests. By default, fields with
    // empty values are omitted from API requests. However, any non-pointer,
    // non-interface field appearing in ForceSendFields will be sent to the
    // server regardless of whether the field is empty or not. This may be
    // used to include empty fields in Patch requests.
    ForceSendFields []string `json:"-"`

    // NullFields is a list of field names (e.g. "Permissions") to include
    // in API requests with the JSON null value. By default, fields with
    // empty values are omitted from API requests. However, any field with
    // an empty value appearing in NullFields will be sent to the server as
    // null. It is an error if a field in this list has a non-empty value.
    // This may be used to include null fields in Patch requests.
    NullFields []string `json:"-"`
}

TestIamPermissionsResponse: Response message for `TestIamPermissions` method.

func (*TestIamPermissionsResponse) MarshalJSON Uses

func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error)

type V1beta1GetIamPolicyCall Uses

type V1beta1GetIamPolicyCall struct {
    // contains filtered or unexported fields
}

func (*V1beta1GetIamPolicyCall) Context Uses

func (c *V1beta1GetIamPolicyCall) Context(ctx context.Context) *V1beta1GetIamPolicyCall

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*V1beta1GetIamPolicyCall) Do Uses

func (c *V1beta1GetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error)

Do executes the "iap.getIamPolicy" call. Exactly one of *Policy or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Policy.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*V1beta1GetIamPolicyCall) Fields Uses

func (c *V1beta1GetIamPolicyCall) Fields(s ...googleapi.Field) *V1beta1GetIamPolicyCall

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*V1beta1GetIamPolicyCall) Header Uses

func (c *V1beta1GetIamPolicyCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type V1beta1Service Uses

type V1beta1Service struct {
    // contains filtered or unexported fields
}

func NewV1beta1Service Uses

func NewV1beta1Service(s *Service) *V1beta1Service

func (*V1beta1Service) GetIamPolicy Uses

func (r *V1beta1Service) GetIamPolicy(resource string, getiampolicyrequest *GetIamPolicyRequest) *V1beta1GetIamPolicyCall

GetIamPolicy: Gets the access control policy for an Identity-Aware Proxy protected resource. More information about managing access via IAP can be found at: https://cloud.google.com/iap/docs/managing-access#managing_access_ via_the_api

func (*V1beta1Service) SetIamPolicy Uses

func (r *V1beta1Service) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *V1beta1SetIamPolicyCall

SetIamPolicy: Sets the access control policy for an Identity-Aware Proxy protected resource. Replaces any existing policy. More information about managing access via IAP can be found at: https://cloud.google.com/iap/docs/managing-access#managing_access_ via_the_api

func (*V1beta1Service) TestIamPermissions Uses

func (r *V1beta1Service) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *V1beta1TestIamPermissionsCall

TestIamPermissions: Returns permissions that a caller has on the Identity-Aware Proxy protected resource. If the resource does not exist or the caller does not have Identity-Aware Proxy permissions a [google.rpc.Code.PERMISSION_DENIED] will be returned. More information about managing access via IAP can be found at: https://cloud.google.com/iap/docs/managing-access#managing_access_ via_the_api

type V1beta1SetIamPolicyCall Uses

type V1beta1SetIamPolicyCall struct {
    // contains filtered or unexported fields
}

func (*V1beta1SetIamPolicyCall) Context Uses

func (c *V1beta1SetIamPolicyCall) Context(ctx context.Context) *V1beta1SetIamPolicyCall

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*V1beta1SetIamPolicyCall) Do Uses

func (c *V1beta1SetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error)

Do executes the "iap.setIamPolicy" call. Exactly one of *Policy or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Policy.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*V1beta1SetIamPolicyCall) Fields Uses

func (c *V1beta1SetIamPolicyCall) Fields(s ...googleapi.Field) *V1beta1SetIamPolicyCall

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*V1beta1SetIamPolicyCall) Header Uses

func (c *V1beta1SetIamPolicyCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type V1beta1TestIamPermissionsCall Uses

type V1beta1TestIamPermissionsCall struct {
    // contains filtered or unexported fields
}

func (*V1beta1TestIamPermissionsCall) Context Uses

func (c *V1beta1TestIamPermissionsCall) Context(ctx context.Context) *V1beta1TestIamPermissionsCall

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*V1beta1TestIamPermissionsCall) Do Uses

func (c *V1beta1TestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error)

Do executes the "iap.testIamPermissions" call. Exactly one of *TestIamPermissionsResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *TestIamPermissionsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*V1beta1TestIamPermissionsCall) Fields Uses

func (c *V1beta1TestIamPermissionsCall) Fields(s ...googleapi.Field) *V1beta1TestIamPermissionsCall

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*V1beta1TestIamPermissionsCall) Header Uses

func (c *V1beta1TestIamPermissionsCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

Package iap imports 14 packages (graph). Updated 2019-09-17. Refresh now. Tools for package owners.