Class: Google::Identity::AccessContextManager::V1::AccessContextManager::Client

Inherits:

Object

• Object
• Google::Identity::AccessContextManager::V1::AccessContextManager::Client

Includes:

Paths

Defined in:

lib/google/identity/access_context_manager/v1/access_context_manager/client.rb

Overview

Client for the AccessContextManager service.

API for setting [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] and [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] for Google Cloud projects. Each organization has one [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that contains the [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] and [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]. This [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is applicable to all resources in the organization. AccessPolicies

Defined Under Namespace

Classes: Configuration

Instance Attribute Summary

• #operations_client ⇒ ::Google::Identity::AccessContextManager::V1::AccessContextManager::Operations readonly

  Get the associated client for long-running operations.

Class Method Summary

• .configure {|config| ... } ⇒ Client::Configuration

  Configure the AccessContextManager Client class.

Instance Method Summary

• #commit_service_perimeters(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Commits the dry-run specification for all the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an access policy.

• #configure {|config| ... } ⇒ Client::Configuration

  Configure the AccessContextManager Client instance.

• #create_access_level(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Creates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel].

• #create_access_policy(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Creates an access policy.

• #create_gcp_user_access_binding(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Creates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding].

• #create_service_perimeter(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Creates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter].

• #delete_access_level(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Deletes an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name.

• #delete_access_policy(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Deletes an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the resource name.

• #delete_gcp_user_access_binding(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Deletes a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding].

• #delete_service_perimeter(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Deletes a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name.

• #get_access_level(request, options = nil) {|response, operation| ... } ⇒ ::Google::Identity::AccessContextManager::V1::AccessLevel

  Gets an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name.

• #get_access_policy(request, options = nil) {|response, operation| ... } ⇒ ::Google::Identity::AccessContextManager::V1::AccessPolicy

  Returns an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the name.

• #get_gcp_user_access_binding(request, options = nil) {|response, operation| ... } ⇒ ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding

  Gets the [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] with the given name.

• #get_iam_policy(request, options = nil) {|response, operation| ... } ⇒ ::Google::Iam::V1::Policy

  Gets the IAM policy for the specified Access Context Manager access policy.

• #get_service_perimeter(request, options = nil) {|response, operation| ... } ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeter

  Gets a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name.

• #initialize {|config| ... } ⇒ Client constructor

  Create a new AccessContextManager client object.

• #list_access_levels(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>

  Lists all [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] for an access policy.

• #list_access_policies(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>

  Lists all [access policies] [google.identity.accesscontextmanager.v1.AccessPolicy] in an organization.

• #list_gcp_user_access_bindings(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>

  Lists all [GcpUserAccessBindings] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] for a Google Cloud organization.

• #list_service_perimeters(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>

  Lists all [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] for an access policy.

• #replace_access_levels(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Replaces all existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] provided.

• #replace_service_perimeters(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Replace all existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] provided.

• #set_iam_policy(request, options = nil) {|response, operation| ... } ⇒ ::Google::Iam::V1::Policy

  Sets the IAM policy for the specified Access Context Manager access policy.

• #test_iam_permissions(request, options = nil) {|response, operation| ... } ⇒ ::Google::Iam::V1::TestIamPermissionsResponse

  Returns the IAM permissions that the caller has on the specified Access Context Manager resource.

• #universe_domain ⇒ String

  The effective universe domain.

• #update_access_level(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Updates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel].

• #update_access_policy(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Updates an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy].

• #update_gcp_user_access_binding(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Updates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding].

• #update_service_perimeter(request, options = nil) {|response, operation| ... } ⇒ ::Gapic::Operation

  Updates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter].

Methods included from Paths

#access_level_path, #access_policy_path, #gcp_user_access_binding_path, #organization_path, #service_perimeter_path

Constructor Details

#initialize {|config| ... } ⇒ Client

Create a new AccessContextManager client object.

Examples:

# Create a client using the default configuration
client = ::Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a client using a custom configuration
client = ::Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new do |config|
  config.timeout = 10.0
end

Yields:

• (config) —

  Configure the AccessContextManager client.

Yield Parameters:

• config (Client::Configuration)

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 136

def initialize
  # These require statements are intentionally placed here to initialize
  # the gRPC module only when it's required.
  # See https://github.com/googleapis/toolkit/issues/446
  require "gapic/grpc"
  require "google/identity/accesscontextmanager/v1/access_context_manager_services_pb"

  # Create the configuration object
  @config = Configuration.new Client.configure

  # Yield the configuration if needed
  yield @config if block_given?

  # Create credentials
  credentials = @config.credentials
  # Use self-signed JWT if the endpoint is unchanged from default,
  # but only if the default endpoint does not have a region prefix.
  enable_self_signed_jwt = @config.endpoint.nil? ||
                           (@config.endpoint == Configuration::DEFAULT_ENDPOINT &&
                           !@config.endpoint.split(".").first.include?("-"))
  credentials ||= Credentials.default scope: @config.scope,
                                      enable_self_signed_jwt: enable_self_signed_jwt
  if credentials.is_a?(::String) || credentials.is_a?(::Hash)
    credentials = Credentials.new credentials, scope: @config.scope
  end
  @quota_project_id = @config.quota_project
  @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id

  @operations_client = Operations.new do |config|
    config.credentials = credentials
    config.quota_project = @quota_project_id
    config.endpoint = @config.endpoint
    config.universe_domain = @config.universe_domain
  end

  @access_context_manager_stub = ::Gapic::ServiceStub.new(
    ::Google::Identity::AccessContextManager::V1::AccessContextManager::Stub,
    credentials: credentials,
    endpoint: @config.endpoint,
    endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
    universe_domain: @config.universe_domain,
    channel_args: @config.channel_args,
    interceptors: @config.interceptors,
    channel_pool_config: @config.channel_pool
  )
end

Instance Attribute Details

#operations_client ⇒ ::Google::Identity::AccessContextManager::V1::AccessContextManager::Operations (readonly)

Get the associated client for long-running operations.

Returns:

• (::Google::Identity::AccessContextManager::V1::AccessContextManager::Operations)

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 188

def operations_client
  @operations_client
end

Class Method Details

.configure {|config| ... } ⇒ Client::Configuration

Configure the AccessContextManager Client class.

See Configuration for a description of the configuration fields.

Examples:

# Modify the configuration for all AccessContextManager clients
::Google::Identity::AccessContextManager::V1::AccessContextManager::Client.configure do |config|
  config.timeout = 10.0
end

Yields:

• (config) —

  Configure the Client client.

Yield Parameters:

• config (Client::Configuration)

Returns:

• (Client::Configuration)

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 72

def self.configure
  @configure ||= begin
    namespace = ["Google", "Identity", "AccessContextManager", "V1"]
    parent_config = while namespace.any?
                      parent_name = namespace.join "::"
                      parent_const = const_get parent_name
                      break parent_const.configure if parent_const.respond_to? :configure
                      namespace.pop
                    end
    default_config = Client::Configuration.new parent_config

    default_config.timeout = 60.0

    default_config
  end
  yield @configure if block_given?
  @configure
end

Instance Method Details

#commit_service_perimeters(request, options = nil) ⇒ ::Gapic::Operation #commit_service_perimeters(parent: nil, etag: nil) ⇒ ::Gapic::Operation

Commits the dry-run specification for all the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an access policy. A commit operation on a service perimeter involves copying its spec field to the status field of the service perimeter. Only [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] with use_explicit_dry_run_spec field set to true are affected by a commit operation. The long-running operation from this RPC has a successful status after the dry-run specifications for all the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] have been committed. If a commit fails, it causes the long-running operation to return an error response and the entire commit operation is cancelled. When successful, the Operation.response field contains CommitServicePerimetersResponse. The dry_run and the spec fields are cleared after a successful commit operation.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::CommitServicePerimetersRequest.new

# Call the commit_service_perimeters method.
result = client.commit_service_perimeters request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #commit_service_perimeters(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to commit_service_perimeters via a request object, either of type CommitServicePerimetersRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::CommitServicePerimetersRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #commit_service_perimeters(parent: nil, etag: nil) ⇒ ::Gapic::Operation

  Pass arguments to commit_service_perimeters via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • parent (::String) (defaults to: nil) —

    Required. Resource name for the parent [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] which owns all [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in scope for the commit operation.

    Format: accessPolicies/{policy_id}

  • etag (::String) (defaults to: nil) —

    Optional. The etag for the version of the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that this commit operation is to be performed on. If, at the time of commit, the etag for the Access Policy stored in Access Context Manager is different from the specified etag, then the commit operation will not be performed and the call will fail. This field is not required. If etag is not provided, the operation will be performed as if a valid etag is provided.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 2073

def commit_service_perimeters request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::CommitServicePerimetersRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.commit_service_perimeters.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.parent
    header_params["parent"] = request.parent
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.commit_service_perimeters.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.commit_service_perimeters.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :commit_service_perimeters, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#configure {|config| ... } ⇒ Client::Configuration

Configure the AccessContextManager Client instance.

The configuration is set to the derived mode, meaning that values can be changed, but structural changes (adding new fields, etc.) are not allowed. Structural changes should be made on configure.

See Configuration for a description of the configuration fields.

Yields:

• (config) —

  Configure the Client client.

Yield Parameters:

• config (Client::Configuration)

Returns:

• (Client::Configuration)

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 106

def configure
  yield @config if block_given?
  @config
end

#create_access_level(request, options = nil) ⇒ ::Gapic::Operation #create_access_level(parent: nil, access_level: nil) ⇒ ::Gapic::Operation

Creates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagates to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::CreateAccessLevelRequest.new

# Call the create_access_level method.
result = client.create_access_level request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #create_access_level(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to create_access_level via a request object, either of type CreateAccessLevelRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::CreateAccessLevelRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #create_access_level(parent: nil, access_level: nil) ⇒ ::Gapic::Operation

  Pass arguments to create_access_level via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • parent (::String) (defaults to: nil) —

    Required. Resource name for the access policy which owns this [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel].

    Format: accessPolicies/{policy_id}

  • access_level (::Google::Identity::AccessContextManager::V1::AccessLevel, ::Hash) (defaults to: nil) —

    Required. The [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] to create. Syntactic correctness of the [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] is a precondition for creation.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 973

def create_access_level request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::CreateAccessLevelRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.create_access_level.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.parent
    header_params["parent"] = request.parent
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.create_access_level.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.create_access_level.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :create_access_level, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#create_access_policy(request, options = nil) ⇒ ::Gapic::Operation #create_access_policy(name: nil, parent: nil, title: nil, scopes: nil, create_time: nil, update_time: nil, etag: nil) ⇒ ::Gapic::Operation

Creates an access policy. This method fails if the organization already has an access policy. The long-running operation has a successful status after the access policy propagates to long-lasting storage. Syntactic and basic semantic errors are returned in metadata as a BadRequest proto.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::AccessPolicy.new

# Call the create_access_policy method.
result = client.create_access_policy request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #create_access_policy(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to create_access_policy via a request object, either of type Google::Identity::AccessContextManager::V1::AccessPolicy or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::AccessPolicy, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #create_access_policy(name: nil, parent: nil, title: nil, scopes: nil, create_time: nil, update_time: nil, etag: nil) ⇒ ::Gapic::Operation

  Pass arguments to create_access_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • name (::String) (defaults to: nil) —

    Output only. Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}

  • parent (::String) (defaults to: nil) —

    Required. The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}

  • title (::String) (defaults to: nil) —

    Required. Human readable title. Does not affect behavior.

  • scopes (::Array<::String>) (defaults to: nil) —

    The scopes of a policy define which resources an ACM policy can restrict, and where ACM resources can be referenced. For example, a policy with scopes=["folders/123"] has the following behavior:

    • vpcsc perimeters can only restrict projects within folders/123
    • access levels can only be referenced by resources within folders/123. If empty, there are no limitations on which resources can be restricted by an ACM policy, and there are no limitations on where ACM resources can be referenced. Only one policy can include a given scope (attempting to create a second policy which includes "folders/123" will result in an error). Currently, scopes cannot be modified after a policy is created. Currently, policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}
  • create_time (::Google::Protobuf::Timestamp, ::Hash) (defaults to: nil) —

    Output only. Time the AccessPolicy was created in UTC.

  • update_time (::Google::Protobuf::Timestamp, ::Hash) (defaults to: nil) —

    Output only. Time the AccessPolicy was updated in UTC.

  • etag (::String) (defaults to: nil) —

    Output only. An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 461

def create_access_policy request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::AccessPolicy

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.create_access_policy.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.create_access_policy.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.create_access_policy.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :create_access_policy, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#create_gcp_user_access_binding(request, options = nil) ⇒ ::Gapic::Operation #create_gcp_user_access_binding(parent: nil, gcp_user_access_binding: nil) ⇒ ::Gapic::Operation

Creates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. If the client specifies a [name] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.name], the server ignores it. Fails if a resource already exists with the same [group_key] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.group_key]. Completion of this long-running operation does not necessarily signify that the new binding is deployed onto all affected users, which may take more time.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::CreateGcpUserAccessBindingRequest.new

# Call the create_gcp_user_access_binding method.
result = client.create_gcp_user_access_binding request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #create_gcp_user_access_binding(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to create_gcp_user_access_binding via a request object, either of type CreateGcpUserAccessBindingRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::CreateGcpUserAccessBindingRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #create_gcp_user_access_binding(parent: nil, gcp_user_access_binding: nil) ⇒ ::Gapic::Operation

  Pass arguments to create_gcp_user_access_binding via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • parent (::String) (defaults to: nil) —

    Required. Example: "organizations/256"

  • gcp_user_access_binding (::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding, ::Hash) (defaults to: nil) —

    Required. [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 2368

def create_gcp_user_access_binding request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::CreateGcpUserAccessBindingRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.create_gcp_user_access_binding.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.parent
    header_params["parent"] = request.parent
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.create_gcp_user_access_binding.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.create_gcp_user_access_binding.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :create_gcp_user_access_binding, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#create_service_perimeter(request, options = nil) ⇒ ::Gapic::Operation #create_service_perimeter(parent: nil, service_perimeter: nil) ⇒ ::Gapic::Operation

Creates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::CreateServicePerimeterRequest.new

# Call the create_service_perimeter method.
result = client.create_service_perimeter request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #create_service_perimeter(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to create_service_perimeter via a request object, either of type CreateServicePerimeterRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::CreateServicePerimeterRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #create_service_perimeter(parent: nil, service_perimeter: nil) ⇒ ::Gapic::Operation

  Pass arguments to create_service_perimeter via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • parent (::String) (defaults to: nil) —

    Required. Resource name for the access policy which owns this [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter].

    Format: accessPolicies/{policy_id}

  • service_perimeter (::Google::Identity::AccessContextManager::V1::ServicePerimeter, ::Hash) (defaults to: nil) —

    Required. The [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] to create. Syntactic correctness of the [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] is a precondition for creation.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 1619

def create_service_perimeter request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::CreateServicePerimeterRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.create_service_perimeter.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.parent
    header_params["parent"] = request.parent
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.create_service_perimeter.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.create_service_perimeter.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :create_service_perimeter, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#delete_access_level(request, options = nil) ⇒ ::Gapic::Operation #delete_access_level(name: nil) ⇒ ::Gapic::Operation

Deletes an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] has been removed from long-lasting storage.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::DeleteAccessLevelRequest.new

# Call the delete_access_level method.
result = client.delete_access_level request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #delete_access_level(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to delete_access_level via a request object, either of type DeleteAccessLevelRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::DeleteAccessLevelRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #delete_access_level(name: nil) ⇒ ::Gapic::Operation

  Pass arguments to delete_access_level via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • name (::String) (defaults to: nil) —

    Required. Resource name for the [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel].

    Format: accessPolicies/{policy_id}/accessLevels/{access_level_id}

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 1183

def delete_access_level request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::DeleteAccessLevelRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.delete_access_level.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.name
    header_params["name"] = request.name
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.delete_access_level.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.delete_access_level.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :delete_access_level, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#delete_access_policy(request, options = nil) ⇒ ::Gapic::Operation #delete_access_policy(name: nil) ⇒ ::Gapic::Operation

Deletes an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the resource name. The long-running operation has a successful status after the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is removed from long-lasting storage.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::DeleteAccessPolicyRequest.new

# Call the delete_access_policy method.
result = client.delete_access_policy request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #delete_access_policy(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to delete_access_policy via a request object, either of type DeleteAccessPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::DeleteAccessPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #delete_access_policy(name: nil) ⇒ ::Gapic::Operation

  Pass arguments to delete_access_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • name (::String) (defaults to: nil) —

    Required. Resource name for the access policy to delete.

    Format accessPolicies/{policy_id}

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 654

def delete_access_policy request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::DeleteAccessPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.delete_access_policy.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.name
    header_params["name"] = request.name
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.delete_access_policy.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.delete_access_policy.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :delete_access_policy, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#delete_gcp_user_access_binding(request, options = nil) ⇒ ::Gapic::Operation #delete_gcp_user_access_binding(name: nil) ⇒ ::Gapic::Operation

Deletes a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the binding deletion is deployed onto all affected users, which may take more time.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::DeleteGcpUserAccessBindingRequest.new

# Call the delete_gcp_user_access_binding method.
result = client.delete_gcp_user_access_binding request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #delete_gcp_user_access_binding(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to delete_gcp_user_access_binding via a request object, either of type DeleteGcpUserAccessBindingRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::DeleteGcpUserAccessBindingRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #delete_gcp_user_access_binding(name: nil) ⇒ ::Gapic::Operation

  Pass arguments to delete_gcp_user_access_binding via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • name (::String) (defaults to: nil) —

    Required. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 2572

def delete_gcp_user_access_binding request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::DeleteGcpUserAccessBindingRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.delete_gcp_user_access_binding.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.name
    header_params["name"] = request.name
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.delete_gcp_user_access_binding.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.delete_gcp_user_access_binding.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :delete_gcp_user_access_binding, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#delete_service_perimeter(request, options = nil) ⇒ ::Gapic::Operation #delete_service_perimeter(name: nil) ⇒ ::Gapic::Operation

Deletes a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] is removed from long-lasting storage.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::DeleteServicePerimeterRequest.new

# Call the delete_service_perimeter method.
result = client.delete_service_perimeter request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #delete_service_perimeter(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to delete_service_perimeter via a request object, either of type DeleteServicePerimeterRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::DeleteServicePerimeterRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #delete_service_perimeter(name: nil) ⇒ ::Gapic::Operation

  Pass arguments to delete_service_perimeter via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • name (::String) (defaults to: nil) —

    Required. Resource name for the [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter].

    Format: accessPolicies/{policy_id}/servicePerimeters/{service_perimeter_id}

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 1826

def delete_service_perimeter request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::DeleteServicePerimeterRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.delete_service_perimeter.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.name
    header_params["name"] = request.name
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.delete_service_perimeter.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.delete_service_perimeter.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :delete_service_perimeter, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_access_level(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessLevel #get_access_level(name: nil, access_level_format: nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessLevel

Gets an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::GetAccessLevelRequest.new

# Call the get_access_level method.
result = client.get_access_level request

# The returned object is of type Google::Identity::AccessContextManager::V1::AccessLevel.
p result

Overloads:

• #get_access_level(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessLevel

  Pass arguments to get_access_level via a request object, either of type GetAccessLevelRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::GetAccessLevelRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #get_access_level(name: nil, access_level_format: nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessLevel

  Pass arguments to get_access_level via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • name (::String) (defaults to: nil) —

    Required. Resource name for the [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel].

    Format: accessPolicies/{policy_id}/accessLevels/{access_level_id}

  • access_level_format (::Google::Identity::AccessContextManager::V1::LevelFormat) (defaults to: nil) —

    Whether to return BasicLevels in the Cloud Common Expression Language rather than as BasicLevels. Defaults to AS_DEFINED, where [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] are returned as BasicLevels or CustomLevels based on how they were created. If set to CEL, all [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] are returned as CustomLevels. In the CEL case, BasicLevels are translated to equivalent CustomLevels.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Google::Identity::AccessContextManager::V1::AccessLevel)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Google::Identity::AccessContextManager::V1::AccessLevel)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 865

def get_access_level request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::GetAccessLevelRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.get_access_level.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.name
    header_params["name"] = request.name
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.get_access_level.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.get_access_level.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :get_access_level, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_access_policy(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessPolicy #get_access_policy(name: nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessPolicy

Returns an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the name.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::GetAccessPolicyRequest.new

# Call the get_access_policy method.
result = client.get_access_policy request

# The returned object is of type Google::Identity::AccessContextManager::V1::AccessPolicy.
p result

Overloads:

• #get_access_policy(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessPolicy

  Pass arguments to get_access_policy via a request object, either of type GetAccessPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::GetAccessPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #get_access_policy(name: nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessPolicy

  Pass arguments to get_access_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • name (::String) (defaults to: nil) —

    Required. Resource name for the access policy to get.

    Format accessPolicies/{policy_id}

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Google::Identity::AccessContextManager::V1::AccessPolicy)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Google::Identity::AccessContextManager::V1::AccessPolicy)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 333

def get_access_policy request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::GetAccessPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.get_access_policy.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.name
    header_params["name"] = request.name
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.get_access_policy.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.get_access_policy.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :get_access_policy, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_gcp_user_access_binding(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding #get_gcp_user_access_binding(name: nil) ⇒ ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding

Gets the [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] with the given name.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::GetGcpUserAccessBindingRequest.new

# Call the get_gcp_user_access_binding method.
result = client.get_gcp_user_access_binding request

# The returned object is of type Google::Identity::AccessContextManager::V1::GcpUserAccessBinding.
p result

Overloads:

• #get_gcp_user_access_binding(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding

  Pass arguments to get_gcp_user_access_binding via a request object, either of type GetGcpUserAccessBindingRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::GetGcpUserAccessBindingRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #get_gcp_user_access_binding(name: nil) ⇒ ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding

  Pass arguments to get_gcp_user_access_binding via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • name (::String) (defaults to: nil) —

    Required. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 2263

def get_gcp_user_access_binding request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::GetGcpUserAccessBindingRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.get_gcp_user_access_binding.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.name
    header_params["name"] = request.name
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.get_gcp_user_access_binding.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.get_gcp_user_access_binding.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :get_gcp_user_access_binding, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_iam_policy(request, options = nil) ⇒ ::Google::Iam::V1::Policy #get_iam_policy(resource: nil, options: nil) ⇒ ::Google::Iam::V1::Policy

Gets the IAM policy for the specified Access Context Manager access policy.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Iam::V1::GetIamPolicyRequest.new

# Call the get_iam_policy method.
result = client.get_iam_policy request

# The returned object is of type Google::Iam::V1::Policy.
p result

Overloads:

• #get_iam_policy(request, options = nil) ⇒ ::Google::Iam::V1::Policy

  Pass arguments to get_iam_policy via a request object, either of type Google::Iam::V1::GetIamPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Iam::V1::GetIamPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #get_iam_policy(resource: nil, options: nil) ⇒ ::Google::Iam::V1::Policy

  Pass arguments to get_iam_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • resource (::String) (defaults to: nil) —

    REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.

  • options (::Google::Iam::V1::GetPolicyOptions, ::Hash) (defaults to: nil) —

    OPTIONAL: A GetPolicyOptions object for specifying options to GetIamPolicy.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Google::Iam::V1::Policy)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Google::Iam::V1::Policy)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 2767

def get_iam_policy request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V1::GetIamPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.get_iam_policy.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.resource
    header_params["resource"] = request.resource
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.get_iam_policy.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.get_iam_policy.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :get_iam_policy, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_service_perimeter(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeter #get_service_perimeter(name: nil) ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeter

Gets a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::GetServicePerimeterRequest.new

# Call the get_service_perimeter method.
result = client.get_service_perimeter request

# The returned object is of type Google::Identity::AccessContextManager::V1::ServicePerimeter.
p result

Overloads:

• #get_service_perimeter(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeter

  Pass arguments to get_service_perimeter via a request object, either of type GetServicePerimeterRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::GetServicePerimeterRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #get_service_perimeter(name: nil) ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeter

  Pass arguments to get_service_perimeter via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • name (::String) (defaults to: nil) —

    Required. Resource name for the [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter].

    Format: accessPolicies/{policy_id}/servicePerimeters/{service_perimeters_id}

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Google::Identity::AccessContextManager::V1::ServicePerimeter)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Google::Identity::AccessContextManager::V1::ServicePerimeter)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 1510

def get_service_perimeter request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::GetServicePerimeterRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.get_service_perimeter.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.name
    header_params["name"] = request.name
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.get_service_perimeter.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.get_service_perimeter.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :get_service_perimeter, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_access_levels(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel> #list_access_levels(parent: nil, page_size: nil, page_token: nil, access_level_format: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>

Lists all [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] for an access policy.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ListAccessLevelsRequest.new

# Call the list_access_levels method.
result = client.list_access_levels request

# The returned object is of type Gapic::PagedEnumerable. You can iterate
# over elements, and API calls will be issued to fetch pages as needed.
result.each do |item|
  # Each element is of type ::Google::Identity::AccessContextManager::V1::AccessLevel.
  p item
end

Overloads:

• #list_access_levels(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>

  Pass arguments to list_access_levels via a request object, either of type ListAccessLevelsRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::ListAccessLevelsRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #list_access_levels(parent: nil, page_size: nil, page_token: nil, access_level_format: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>

  Pass arguments to list_access_levels via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • parent (::String) (defaults to: nil) —

    Required. Resource name for the access policy to list [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] from.

    Format: accessPolicies/{policy_id}

  • page_size (::Integer) (defaults to: nil) —

    Number of [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] to include in the list. Default 100.

  • page_token (::String) (defaults to: nil) —

    Next page token for the next batch of [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] instances. Defaults to the first page of results.

  • access_level_format (::Google::Identity::AccessContextManager::V1::LevelFormat) (defaults to: nil) —

    Whether to return BasicLevels in the Cloud Common Expression language, as CustomLevels, rather than as BasicLevels. Defaults to returning AccessLevels in the format they were defined.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 763

def list_access_levels request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::ListAccessLevelsRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.list_access_levels.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.parent
    header_params["parent"] = request.parent
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.list_access_levels.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.list_access_levels.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :list_access_levels, request, options: options do |response, operation|
    response = ::Gapic::PagedEnumerable.new @access_context_manager_stub, :list_access_levels, request, response, operation, options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_access_policies(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy> #list_access_policies(parent: nil, page_size: nil, page_token: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>

Lists all [access policies] [google.identity.accesscontextmanager.v1.AccessPolicy] in an organization.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ListAccessPoliciesRequest.new

# Call the list_access_policies method.
result = client.list_access_policies request

# The returned object is of type Gapic::PagedEnumerable. You can iterate
# over elements, and API calls will be issued to fetch pages as needed.
result.each do |item|
  # Each element is of type ::Google::Identity::AccessContextManager::V1::AccessPolicy.
  p item
end

Overloads:

• #list_access_policies(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>

  Pass arguments to list_access_policies via a request object, either of type ListAccessPoliciesRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::ListAccessPoliciesRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #list_access_policies(parent: nil, page_size: nil, page_token: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>

  Pass arguments to list_access_policies via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • parent (::String) (defaults to: nil) —

    Required. Resource name for the container to list AccessPolicy instances from.

    Format: organizations/{org_id}

  • page_size (::Integer) (defaults to: nil) —

    Number of AccessPolicy instances to include in the list. Default 100.

  • page_token (::String) (defaults to: nil) —

    Next page token for the next batch of AccessPolicy instances. Defaults to the first page of results.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 251

def list_access_policies request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::ListAccessPoliciesRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.list_access_policies.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.list_access_policies.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.list_access_policies.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :list_access_policies, request, options: options do |response, operation|
    response = ::Gapic::PagedEnumerable.new @access_context_manager_stub, :list_access_policies, request, response, operation, options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_gcp_user_access_bindings(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding> #list_gcp_user_access_bindings(parent: nil, page_size: nil, page_token: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>

Lists all [GcpUserAccessBindings] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] for a Google Cloud organization.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ListGcpUserAccessBindingsRequest.new

# Call the list_gcp_user_access_bindings method.
result = client.list_gcp_user_access_bindings request

# The returned object is of type Gapic::PagedEnumerable. You can iterate
# over elements, and API calls will be issued to fetch pages as needed.
result.each do |item|
  # Each element is of type ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding.
  p item
end

Overloads:

• #list_gcp_user_access_bindings(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>

  Pass arguments to list_gcp_user_access_bindings via a request object, either of type ListGcpUserAccessBindingsRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::ListGcpUserAccessBindingsRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #list_gcp_user_access_bindings(parent: nil, page_size: nil, page_token: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>

  Pass arguments to list_gcp_user_access_bindings via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • parent (::String) (defaults to: nil) —

    Required. Example: "organizations/256"

  • page_size (::Integer) (defaults to: nil) —

    Optional. Maximum number of items to return. The server may return fewer items. If left blank, the server may return any number of items.

  • page_token (::String) (defaults to: nil) —

    Optional. If left blank, returns the first page. To enumerate all items, use the [next_page_token] [google.identity.accesscontextmanager.v1.ListGcpUserAccessBindingsResponse.next_page_token] from your previous list operation.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 2174

def list_gcp_user_access_bindings request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::ListGcpUserAccessBindingsRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.list_gcp_user_access_bindings.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.parent
    header_params["parent"] = request.parent
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.list_gcp_user_access_bindings.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.list_gcp_user_access_bindings.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :list_gcp_user_access_bindings, request, options: options do |response, operation|
    response = ::Gapic::PagedEnumerable.new @access_context_manager_stub, :list_gcp_user_access_bindings, request, response, operation, options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_service_perimeters(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter> #list_service_perimeters(parent: nil, page_size: nil, page_token: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>

Lists all [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] for an access policy.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ListServicePerimetersRequest.new

# Call the list_service_perimeters method.
result = client.list_service_perimeters request

# The returned object is of type Gapic::PagedEnumerable. You can iterate
# over elements, and API calls will be issued to fetch pages as needed.
result.each do |item|
  # Each element is of type ::Google::Identity::AccessContextManager::V1::ServicePerimeter.
  p item
end

Overloads:

• #list_service_perimeters(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>

  Pass arguments to list_service_perimeters via a request object, either of type ListServicePerimetersRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::ListServicePerimetersRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #list_service_perimeters(parent: nil, page_size: nil, page_token: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>

  Pass arguments to list_service_perimeters via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • parent (::String) (defaults to: nil) —

    Required. Resource name for the access policy to list [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] from.

    Format: accessPolicies/{policy_id}

  • page_size (::Integer) (defaults to: nil) —

    Number of [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] to include in the list. Default 100.

  • page_token (::String) (defaults to: nil) —

    Next page token for the next batch of [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] instances. Defaults to the first page of results.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 1417

def list_service_perimeters request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::ListServicePerimetersRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.list_service_perimeters.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.parent
    header_params["parent"] = request.parent
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.list_service_perimeters.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.list_service_perimeters.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :list_service_perimeters, request, options: options do |response, operation|
    response = ::Gapic::PagedEnumerable.new @access_context_manager_stub, :list_service_perimeters, request, response, operation, options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#replace_access_levels(request, options = nil) ⇒ ::Gapic::Operation #replace_access_levels(parent: nil, access_levels: nil, etag: nil) ⇒ ::Gapic::Operation

Replaces all existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. If the replacement contains errors, an error response is returned for the first error encountered. Upon error, the replacement is cancelled, and existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] are not affected. The Operation.response field contains ReplaceAccessLevelsResponse. Removing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contained in existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] result in an error.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ReplaceAccessLevelsRequest.new

# Call the replace_access_levels method.
result = client.replace_access_levels request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #replace_access_levels(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to replace_access_levels via a request object, either of type ReplaceAccessLevelsRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::ReplaceAccessLevelsRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #replace_access_levels(parent: nil, access_levels: nil, etag: nil) ⇒ ::Gapic::Operation

  Pass arguments to replace_access_levels via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • parent (::String) (defaults to: nil) —

    Required. Resource name for the access policy which owns these [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel].

    Format: accessPolicies/{policy_id}

  • access_levels (::Array<::Google::Identity::AccessContextManager::V1::AccessLevel, ::Hash>) (defaults to: nil) —

    Required. The desired [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] that should replace all existing [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] in the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy].

  • etag (::String) (defaults to: nil) —

    Optional. The etag for the version of the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that this replace operation is to be performed on. If, at the time of replace, the etag for the Access Policy stored in Access Context Manager is different from the specified etag, then the replace operation will not be performed and the call will fail. This field is not required. If etag is not provided, the operation will be performed as if a valid etag is provided.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 1312

def replace_access_levels request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::ReplaceAccessLevelsRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.replace_access_levels.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.parent
    header_params["parent"] = request.parent
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.replace_access_levels.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.replace_access_levels.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :replace_access_levels, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#replace_service_perimeters(request, options = nil) ⇒ ::Gapic::Operation #replace_service_perimeters(parent: nil, service_perimeters: nil, etag: nil) ⇒ ::Gapic::Operation

Replace all existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. Replacements containing errors result in an error response for the first error encountered. Upon an error, replacement are cancelled and existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] are not affected. The Operation.response field contains ReplaceServicePerimetersResponse.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ReplaceServicePerimetersRequest.new

# Call the replace_service_perimeters method.
result = client.replace_service_perimeters request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #replace_service_perimeters(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to replace_service_perimeters via a request object, either of type ReplaceServicePerimetersRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::ReplaceServicePerimetersRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #replace_service_perimeters(parent: nil, service_perimeters: nil, etag: nil) ⇒ ::Gapic::Operation

  Pass arguments to replace_service_perimeters via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • parent (::String) (defaults to: nil) —

    Required. Resource name for the access policy which owns these [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter].

    Format: accessPolicies/{policy_id}

  • service_perimeters (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeter, ::Hash>) (defaults to: nil) —

    Required. The desired [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] that should replace all existing [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy].

  • etag (::String) (defaults to: nil) —

    Optional. The etag for the version of the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that this replace operation is to be performed on. If, at the time of replace, the etag for the Access Policy stored in Access Context Manager is different from the specified etag, then the replace operation will not be performed and the call will fail. This field is not required. If etag is not provided, the operation will be performed as if a valid etag is provided.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 1951

def replace_service_perimeters request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::ReplaceServicePerimetersRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.replace_service_perimeters.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.parent
    header_params["parent"] = request.parent
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.replace_service_perimeters.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.replace_service_perimeters.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :replace_service_perimeters, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#set_iam_policy(request, options = nil) ⇒ ::Google::Iam::V1::Policy #set_iam_policy(resource: nil, policy: nil, update_mask: nil) ⇒ ::Google::Iam::V1::Policy

Sets the IAM policy for the specified Access Context Manager access policy. This method replaces the existing IAM policy on the access policy. The IAM policy controls the set of users who can perform specific operations on the Access Context Manager [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Iam::V1::SetIamPolicyRequest.new

# Call the set_iam_policy method.
result = client.set_iam_policy request

# The returned object is of type Google::Iam::V1::Policy.
p result

Overloads:

• #set_iam_policy(request, options = nil) ⇒ ::Google::Iam::V1::Policy

  Pass arguments to set_iam_policy via a request object, either of type Google::Iam::V1::SetIamPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Iam::V1::SetIamPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #set_iam_policy(resource: nil, policy: nil, update_mask: nil) ⇒ ::Google::Iam::V1::Policy

  Pass arguments to set_iam_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • resource (::String) (defaults to: nil) —

    REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.

  • policy (::Google::Iam::V1::Policy, ::Hash) (defaults to: nil) —

    REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.

  • update_mask (::Google::Protobuf::FieldMask, ::Hash) (defaults to: nil) —

    OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used:

    paths: "bindings, etag"

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Google::Iam::V1::Policy)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Google::Iam::V1::Policy)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 2676

def set_iam_policy request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V1::SetIamPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.set_iam_policy.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.resource
    header_params["resource"] = request.resource
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.set_iam_policy.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.set_iam_policy.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :set_iam_policy, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#test_iam_permissions(request, options = nil) ⇒ ::Google::Iam::V1::TestIamPermissionsResponse #test_iam_permissions(resource: nil, permissions: nil) ⇒ ::Google::Iam::V1::TestIamPermissionsResponse

Returns the IAM permissions that the caller has on the specified Access Context Manager resource. The resource can be an AccessPolicy, AccessLevel, or [ServicePerimeter][google.identity.accesscontextmanager.v1.ServicePerimeter ]. This method does not support other resources.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Iam::V1::TestIamPermissionsRequest.new

# Call the test_iam_permissions method.
result = client.test_iam_permissions request

# The returned object is of type Google::Iam::V1::TestIamPermissionsResponse.
p result

Overloads:

• #test_iam_permissions(request, options = nil) ⇒ ::Google::Iam::V1::TestIamPermissionsResponse

  Pass arguments to test_iam_permissions via a request object, either of type Google::Iam::V1::TestIamPermissionsRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Iam::V1::TestIamPermissionsRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #test_iam_permissions(resource: nil, permissions: nil) ⇒ ::Google::Iam::V1::TestIamPermissionsResponse

  Pass arguments to test_iam_permissions via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • resource (::String) (defaults to: nil) —

    REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.

  • permissions (::Array<::String>) (defaults to: nil) —

    The set of permissions to check for the resource. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Google::Iam::V1::TestIamPermissionsResponse)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Google::Iam::V1::TestIamPermissionsResponse)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 2864

def test_iam_permissions request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V1::TestIamPermissionsRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.test_iam_permissions.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.resource
    header_params["resource"] = request.resource
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.test_iam_permissions.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.test_iam_permissions.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :test_iam_permissions, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#universe_domain ⇒ String

The effective universe domain

Returns:

• (String)

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 116

def universe_domain
  @access_context_manager_stub.universe_domain
end

#update_access_level(request, options = nil) ⇒ ::Gapic::Operation #update_access_level(access_level: nil, update_mask: nil) ⇒ ::Gapic::Operation

Updates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the changes to the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagate to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::UpdateAccessLevelRequest.new

# Call the update_access_level method.
result = client.update_access_level request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #update_access_level(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to update_access_level via a request object, either of type UpdateAccessLevelRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::UpdateAccessLevelRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #update_access_level(access_level: nil, update_mask: nil) ⇒ ::Gapic::Operation

  Pass arguments to update_access_level via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • access_level (::Google::Identity::AccessContextManager::V1::AccessLevel, ::Hash) (defaults to: nil) —

    Required. The updated [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel]. Syntactic correctness of the [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] is a precondition for creation.

  • update_mask (::Google::Protobuf::FieldMask, ::Hash) (defaults to: nil) —

    Required. Mask to control which fields get updated. Must be non-empty.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 1080

def update_access_level request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::UpdateAccessLevelRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.update_access_level.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.access_level&.name
    header_params["access_level.name"] = request.access_level.name
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.update_access_level.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.update_access_level.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :update_access_level, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#update_access_policy(request, options = nil) ⇒ ::Gapic::Operation #update_access_policy(policy: nil, update_mask: nil) ⇒ ::Gapic::Operation

Updates an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy]. The long-running operation from this RPC has a successful status after the changes to the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] propagate to long-lasting storage.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::UpdateAccessPolicyRequest.new

# Call the update_access_policy method.
result = client.update_access_policy request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #update_access_policy(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to update_access_policy via a request object, either of type UpdateAccessPolicyRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::UpdateAccessPolicyRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #update_access_policy(policy: nil, update_mask: nil) ⇒ ::Gapic::Operation

  Pass arguments to update_access_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • policy (::Google::Identity::AccessContextManager::V1::AccessPolicy, ::Hash) (defaults to: nil) —

    Required. The updated AccessPolicy.

  • update_mask (::Google::Protobuf::FieldMask, ::Hash) (defaults to: nil) —

    Required. Mask to control which fields get updated. Must be non-empty.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 554

def update_access_policy request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::UpdateAccessPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.update_access_policy.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.policy&.name
    header_params["policy.name"] = request.policy.name
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.update_access_policy.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.update_access_policy.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :update_access_policy, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#update_gcp_user_access_binding(request, options = nil) ⇒ ::Gapic::Operation #update_gcp_user_access_binding(gcp_user_access_binding: nil, update_mask: nil) ⇒ ::Gapic::Operation

Updates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the changed binding is deployed onto all affected users, which may take more time.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::UpdateGcpUserAccessBindingRequest.new

# Call the update_gcp_user_access_binding method.
result = client.update_gcp_user_access_binding request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #update_gcp_user_access_binding(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to update_gcp_user_access_binding via a request object, either of type UpdateGcpUserAccessBindingRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::UpdateGcpUserAccessBindingRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #update_gcp_user_access_binding(gcp_user_access_binding: nil, update_mask: nil) ⇒ ::Gapic::Operation

  Pass arguments to update_gcp_user_access_binding via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • gcp_user_access_binding (::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding, ::Hash) (defaults to: nil) —

    Required. [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]

  • update_mask (::Google::Protobuf::FieldMask, ::Hash) (defaults to: nil) —

    Required. Only the fields specified in this mask are updated. Because name and group_key cannot be changed, update_mask is required and must always be:

    update_mask { paths: "access_levels" }

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 2474

def update_gcp_user_access_binding request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::UpdateGcpUserAccessBindingRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.update_gcp_user_access_binding.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.gcp_user_access_binding&.name
    header_params["gcp_user_access_binding.name"] = request.gcp_user_access_binding.name
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.update_gcp_user_access_binding.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.update_gcp_user_access_binding.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :update_gcp_user_access_binding, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#update_service_perimeter(request, options = nil) ⇒ ::Gapic::Operation #update_service_perimeter(service_perimeter: nil, update_mask: nil) ⇒ ::Gapic::Operation

Updates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::UpdateServicePerimeterRequest.new

# Call the update_service_perimeter method.
result = client.update_service_perimeter request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

• #update_service_perimeter(request, options = nil) ⇒ ::Gapic::Operation

  Pass arguments to update_service_perimeter via a request object, either of type UpdateServicePerimeterRequest or an equivalent Hash.

  Parameters:

  • request (::Google::Identity::AccessContextManager::V1::UpdateServicePerimeterRequest, ::Hash) —

    A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

  • options (::Gapic::CallOptions, ::Hash) (defaults to: nil) —

    Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

• #update_service_perimeter(service_perimeter: nil, update_mask: nil) ⇒ ::Gapic::Operation

  Pass arguments to update_service_perimeter via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

  Parameters:

  • service_perimeter (::Google::Identity::AccessContextManager::V1::ServicePerimeter, ::Hash) (defaults to: nil) —

    Required. The updated ServicePerimeter. Syntactic correctness of the ServicePerimeter is a precondition for creation.

  • update_mask (::Google::Protobuf::FieldMask, ::Hash) (defaults to: nil) —

    Required. Mask to control which fields get updated. Must be non-empty.

Yields:

• (response, operation) —

  Access the result along with the RPC operation

Yield Parameters:

• response (::Gapic::Operation)
• operation (::GRPC::ActiveCall::Operation)

Returns:

• (::Gapic::Operation)

Raises:

• (::Google::Cloud::Error) —

  if the RPC is aborted.

# File 'lib/google/identity/access_context_manager/v1/access_context_manager/client.rb', line 1723

def update_service_perimeter request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::UpdateServicePerimeterRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  metadata = @config.rpcs.update_service_perimeter.metadata.to_h

  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION
  metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {}
  if request.service_perimeter&.name
    header_params["service_perimeter.name"] = request.service_perimeter.name
  end

  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  metadata[:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.update_service_perimeter.timeout,
                         metadata:     metadata,
                         retry_policy: @config.rpcs.update_service_perimeter.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.call_rpc :update_service_perimeter, request, options: options do |response, operation|
    response = ::Gapic::Operation.new response, @operations_client, options: options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end