...
ActiveGo 1.8Package admin
Overview ▹
Index ▹
Variables
var ListServiceAccountKeysRequest_KeyType_name = map[int32]string{
0: "KEY_TYPE_UNSPECIFIED",
1: "USER_MANAGED",
2: "SYSTEM_MANAGED",
}
var ListServiceAccountKeysRequest_KeyType_value = map[string]int32{
"KEY_TYPE_UNSPECIFIED": 0,
"USER_MANAGED": 1,
"SYSTEM_MANAGED": 2,
}
var ServiceAccountKeyAlgorithm_name = map[int32]string{
0: "KEY_ALG_UNSPECIFIED",
1: "KEY_ALG_RSA_1024",
2: "KEY_ALG_RSA_2048",
}
var ServiceAccountKeyAlgorithm_value = map[string]int32{
"KEY_ALG_UNSPECIFIED": 0,
"KEY_ALG_RSA_1024": 1,
"KEY_ALG_RSA_2048": 2,
}
var ServiceAccountPrivateKeyType_name = map[int32]string{
0: "TYPE_UNSPECIFIED",
1: "TYPE_PKCS12_FILE",
2: "TYPE_GOOGLE_CREDENTIALS_FILE",
}
var ServiceAccountPrivateKeyType_value = map[string]int32{
"TYPE_UNSPECIFIED": 0,
"TYPE_PKCS12_FILE": 1,
"TYPE_GOOGLE_CREDENTIALS_FILE": 2,
}
var ServiceAccountPublicKeyType_name = map[int32]string{
0: "TYPE_NONE",
1: "TYPE_X509_PEM_FILE",
2: "TYPE_RAW_PUBLIC_KEY",
}
var ServiceAccountPublicKeyType_value = map[string]int32{
"TYPE_NONE": 0,
"TYPE_X509_PEM_FILE": 1,
"TYPE_RAW_PUBLIC_KEY": 2,
}
func RegisterIAMServer ¶
func RegisterIAMServer(s *grpc.Server, srv IAMServer)
type CreateServiceAccountKeyRequest ¶
The service account key create request.
type CreateServiceAccountKeyRequest struct {
// The resource name of the service account in the following format:
// `projects/{project}/serviceAccounts/{account}`.
// Using `-` as a wildcard for the project will infer the project from
// the account. The `account` value can be the `email` address or the
// `unique_id` of the service account.
Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
// The output format of the private key. `GOOGLE_CREDENTIALS_FILE` is the
// default output format.
PrivateKeyType ServiceAccountPrivateKeyType `protobuf:"varint,2,opt,name=private_key_type,json=privateKeyType,enum=google.iam.admin.v1.ServiceAccountPrivateKeyType" json:"private_key_type,omitempty"`
// Which type of key and algorithm to use for the key.
// The default is currently a 4K RSA key. However this may change in the
// future.
KeyAlgorithm ServiceAccountKeyAlgorithm `protobuf:"varint,3,opt,name=key_algorithm,json=keyAlgorithm,enum=google.iam.admin.v1.ServiceAccountKeyAlgorithm" json:"key_algorithm,omitempty"`
}
func (*CreateServiceAccountKeyRequest) Descriptor ¶
func (*CreateServiceAccountKeyRequest) Descriptor() ([]byte, []int)
func (*CreateServiceAccountKeyRequest) GetKeyAlgorithm ¶
func (m *CreateServiceAccountKeyRequest) GetKeyAlgorithm() ServiceAccountKeyAlgorithm
func (*CreateServiceAccountKeyRequest) GetName ¶
func (m *CreateServiceAccountKeyRequest) GetName() string
func (*CreateServiceAccountKeyRequest) GetPrivateKeyType ¶
func (m *CreateServiceAccountKeyRequest) GetPrivateKeyType() ServiceAccountPrivateKeyType
func (*CreateServiceAccountKeyRequest) ProtoMessage ¶
func (*CreateServiceAccountKeyRequest) ProtoMessage()
func (*CreateServiceAccountKeyRequest) Reset ¶
func (m *CreateServiceAccountKeyRequest) Reset()
func (*CreateServiceAccountKeyRequest) String ¶
func (m *CreateServiceAccountKeyRequest) String() string
type CreateServiceAccountRequest ¶
The service account create request.
type CreateServiceAccountRequest struct {
// Required. The resource name of the project associated with the service
// accounts, such as `projects/my-project-123`.
Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
// Required. The account id that is used to generate the service account
// email address and a stable unique id. It is unique within a project,
// must be 6-30 characters long, and match the regular expression
// `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035.
AccountId string `protobuf:"bytes,2,opt,name=account_id,json=accountId" json:"account_id,omitempty"`
// The [ServiceAccount][google.iam.admin.v1.ServiceAccount] resource to create.
// Currently, only the following values are user assignable:
// `display_name` .
ServiceAccount *ServiceAccount `protobuf:"bytes,3,opt,name=service_account,json=serviceAccount" json:"service_account,omitempty"`
}
func (*CreateServiceAccountRequest) Descriptor ¶
func (*CreateServiceAccountRequest) Descriptor() ([]byte, []int)
func (*CreateServiceAccountRequest) GetAccountId ¶
func (m *CreateServiceAccountRequest) GetAccountId() string
func (*CreateServiceAccountRequest) GetName ¶
func (m *CreateServiceAccountRequest) GetName() string
func (*CreateServiceAccountRequest) GetServiceAccount ¶
func (m *CreateServiceAccountRequest) GetServiceAccount() *ServiceAccount
func (*CreateServiceAccountRequest) ProtoMessage ¶
func (*CreateServiceAccountRequest) ProtoMessage()
func (*CreateServiceAccountRequest) Reset ¶
func (m *CreateServiceAccountRequest) Reset()
func (*CreateServiceAccountRequest) String ¶
func (m *CreateServiceAccountRequest) String() string
type DeleteServiceAccountKeyRequest ¶
The service account key delete request.
type DeleteServiceAccountKeyRequest struct {
// The resource name of the service account key in the following format:
// `projects/{project}/serviceAccounts/{account}/keys/{key}`.
// Using `-` as a wildcard for the project will infer the project from
// the account. The `account` value can be the `email` address or the
// `unique_id` of the service account.
Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
}
func (*DeleteServiceAccountKeyRequest) Descriptor ¶
func (*DeleteServiceAccountKeyRequest) Descriptor() ([]byte, []int)
func (*DeleteServiceAccountKeyRequest) GetName ¶
func (m *DeleteServiceAccountKeyRequest) GetName() string
func (*DeleteServiceAccountKeyRequest) ProtoMessage ¶
func (*DeleteServiceAccountKeyRequest) ProtoMessage()
func (*DeleteServiceAccountKeyRequest) Reset ¶
func (m *DeleteServiceAccountKeyRequest) Reset()
func (*DeleteServiceAccountKeyRequest) String ¶
func (m *DeleteServiceAccountKeyRequest) String() string
type DeleteServiceAccountRequest ¶
The service account delete request.
type DeleteServiceAccountRequest struct {
// The resource name of the service account in the following format:
// `projects/{project}/serviceAccounts/{account}`.
// Using `-` as a wildcard for the project will infer the project from
// the account. The `account` value can be the `email` address or the
// `unique_id` of the service account.
Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
}
func (*DeleteServiceAccountRequest) Descriptor ¶
func (*DeleteServiceAccountRequest) Descriptor() ([]byte, []int)
func (*DeleteServiceAccountRequest) GetName ¶
func (m *DeleteServiceAccountRequest) GetName() string
func (*DeleteServiceAccountRequest) ProtoMessage ¶
func (*DeleteServiceAccountRequest) ProtoMessage()
func (*DeleteServiceAccountRequest) Reset ¶
func (m *DeleteServiceAccountRequest) Reset()
func (*DeleteServiceAccountRequest) String ¶
func (m *DeleteServiceAccountRequest) String() string
type GetServiceAccountKeyRequest ¶
The service account key get by id request.
type GetServiceAccountKeyRequest struct {
// The resource name of the service account key in the following format:
// `projects/{project}/serviceAccounts/{account}/keys/{key}`.
//
// Using `-` as a wildcard for the project will infer the project from
// the account. The `account` value can be the `email` address or the
// `unique_id` of the service account.
Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
// The output format of the public key requested.
// X509_PEM is the default output format.
PublicKeyType ServiceAccountPublicKeyType `protobuf:"varint,2,opt,name=public_key_type,json=publicKeyType,enum=google.iam.admin.v1.ServiceAccountPublicKeyType" json:"public_key_type,omitempty"`
}
func (*GetServiceAccountKeyRequest) Descriptor ¶
func (*GetServiceAccountKeyRequest) Descriptor() ([]byte, []int)
func (*GetServiceAccountKeyRequest) GetName ¶
func (m *GetServiceAccountKeyRequest) GetName() string
func (*GetServiceAccountKeyRequest) GetPublicKeyType ¶
func (m *GetServiceAccountKeyRequest) GetPublicKeyType() ServiceAccountPublicKeyType
func (*GetServiceAccountKeyRequest) ProtoMessage ¶
func (*GetServiceAccountKeyRequest) ProtoMessage()
func (*GetServiceAccountKeyRequest) Reset ¶
func (m *GetServiceAccountKeyRequest) Reset()
func (*GetServiceAccountKeyRequest) String ¶
func (m *GetServiceAccountKeyRequest) String() string
type GetServiceAccountRequest ¶
The service account get request.
type GetServiceAccountRequest struct {
// The resource name of the service account in the following format:
// `projects/{project}/serviceAccounts/{account}`.
// Using `-` as a wildcard for the project will infer the project from
// the account. The `account` value can be the `email` address or the
// `unique_id` of the service account.
Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
}
func (*GetServiceAccountRequest) Descriptor ¶
func (*GetServiceAccountRequest) Descriptor() ([]byte, []int)
func (*GetServiceAccountRequest) GetName ¶
func (m *GetServiceAccountRequest) GetName() string
func (*GetServiceAccountRequest) ProtoMessage ¶
func (*GetServiceAccountRequest) ProtoMessage()
func (*GetServiceAccountRequest) Reset ¶
func (m *GetServiceAccountRequest) Reset()
func (*GetServiceAccountRequest) String ¶
func (m *GetServiceAccountRequest) String() string
type IAMClient ¶
type IAMClient interface {
// Lists [ServiceAccounts][google.iam.admin.v1.ServiceAccount] for a project.
ListServiceAccounts(ctx context.Context, in *ListServiceAccountsRequest, opts ...grpc.CallOption) (*ListServiceAccountsResponse, error)
// Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
GetServiceAccount(ctx context.Context, in *GetServiceAccountRequest, opts ...grpc.CallOption) (*ServiceAccount, error)
// Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount]
// and returns it.
CreateServiceAccount(ctx context.Context, in *CreateServiceAccountRequest, opts ...grpc.CallOption) (*ServiceAccount, error)
// Updates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
//
// Currently, only the following fields are updatable:
// `display_name` .
// The `etag` is mandatory.
UpdateServiceAccount(ctx context.Context, in *ServiceAccount, opts ...grpc.CallOption) (*ServiceAccount, error)
// Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
DeleteServiceAccount(ctx context.Context, in *DeleteServiceAccountRequest, opts ...grpc.CallOption) (*google_protobuf1.Empty, error)
// Lists [ServiceAccountKeys][google.iam.admin.v1.ServiceAccountKey].
ListServiceAccountKeys(ctx context.Context, in *ListServiceAccountKeysRequest, opts ...grpc.CallOption) (*ListServiceAccountKeysResponse, error)
// Gets the [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]
// by key id.
GetServiceAccountKey(ctx context.Context, in *GetServiceAccountKeyRequest, opts ...grpc.CallOption) (*ServiceAccountKey, error)
// Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]
// and returns it.
CreateServiceAccountKey(ctx context.Context, in *CreateServiceAccountKeyRequest, opts ...grpc.CallOption) (*ServiceAccountKey, error)
// Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].
DeleteServiceAccountKey(ctx context.Context, in *DeleteServiceAccountKeyRequest, opts ...grpc.CallOption) (*google_protobuf1.Empty, error)
// Signs a blob using a service account's system-managed private key.
SignBlob(ctx context.Context, in *SignBlobRequest, opts ...grpc.CallOption) (*SignBlobResponse, error)
// Returns the IAM access control policy for a
// [ServiceAccount][google.iam.admin.v1.ServiceAccount].
GetIamPolicy(ctx context.Context, in *google_iam_v11.GetIamPolicyRequest, opts ...grpc.CallOption) (*google_iam_v1.Policy, error)
// Sets the IAM access control policy for a
// [ServiceAccount][google.iam.admin.v1.ServiceAccount].
SetIamPolicy(ctx context.Context, in *google_iam_v11.SetIamPolicyRequest, opts ...grpc.CallOption) (*google_iam_v1.Policy, error)
// Tests the specified permissions against the IAM access control policy
// for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
TestIamPermissions(ctx context.Context, in *google_iam_v11.TestIamPermissionsRequest, opts ...grpc.CallOption) (*google_iam_v11.TestIamPermissionsResponse, error)
// Queries roles that can be granted on a particular resource.
// A role is grantable if it can be used as the role in a binding for a policy
// for that resource.
QueryGrantableRoles(ctx context.Context, in *QueryGrantableRolesRequest, opts ...grpc.CallOption) (*QueryGrantableRolesResponse, error)
}
func NewIAMClient ¶
func NewIAMClient(cc *grpc.ClientConn) IAMClient
type IAMServer ¶
type IAMServer interface {
// Lists [ServiceAccounts][google.iam.admin.v1.ServiceAccount] for a project.
ListServiceAccounts(context.Context, *ListServiceAccountsRequest) (*ListServiceAccountsResponse, error)
// Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
GetServiceAccount(context.Context, *GetServiceAccountRequest) (*ServiceAccount, error)
// Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount]
// and returns it.
CreateServiceAccount(context.Context, *CreateServiceAccountRequest) (*ServiceAccount, error)
// Updates a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
//
// Currently, only the following fields are updatable:
// `display_name` .
// The `etag` is mandatory.
UpdateServiceAccount(context.Context, *ServiceAccount) (*ServiceAccount, error)
// Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
DeleteServiceAccount(context.Context, *DeleteServiceAccountRequest) (*google_protobuf1.Empty, error)
// Lists [ServiceAccountKeys][google.iam.admin.v1.ServiceAccountKey].
ListServiceAccountKeys(context.Context, *ListServiceAccountKeysRequest) (*ListServiceAccountKeysResponse, error)
// Gets the [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]
// by key id.
GetServiceAccountKey(context.Context, *GetServiceAccountKeyRequest) (*ServiceAccountKey, error)
// Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]
// and returns it.
CreateServiceAccountKey(context.Context, *CreateServiceAccountKeyRequest) (*ServiceAccountKey, error)
// Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey].
DeleteServiceAccountKey(context.Context, *DeleteServiceAccountKeyRequest) (*google_protobuf1.Empty, error)
// Signs a blob using a service account's system-managed private key.
SignBlob(context.Context, *SignBlobRequest) (*SignBlobResponse, error)
// Returns the IAM access control policy for a
// [ServiceAccount][google.iam.admin.v1.ServiceAccount].
GetIamPolicy(context.Context, *google_iam_v11.GetIamPolicyRequest) (*google_iam_v1.Policy, error)
// Sets the IAM access control policy for a
// [ServiceAccount][google.iam.admin.v1.ServiceAccount].
SetIamPolicy(context.Context, *google_iam_v11.SetIamPolicyRequest) (*google_iam_v1.Policy, error)
// Tests the specified permissions against the IAM access control policy
// for a [ServiceAccount][google.iam.admin.v1.ServiceAccount].
TestIamPermissions(context.Context, *google_iam_v11.TestIamPermissionsRequest) (*google_iam_v11.TestIamPermissionsResponse, error)
// Queries roles that can be granted on a particular resource.
// A role is grantable if it can be used as the role in a binding for a policy
// for that resource.
QueryGrantableRoles(context.Context, *QueryGrantableRolesRequest) (*QueryGrantableRolesResponse, error)
}
type ListServiceAccountKeysRequest ¶
The service account keys list request.
type ListServiceAccountKeysRequest struct {
// The resource name of the service account in the following format:
// `projects/{project}/serviceAccounts/{account}`.
//
// Using `-` as a wildcard for the project, will infer the project from
// the account. The `account` value can be the `email` address or the
// `unique_id` of the service account.
Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
// Filters the types of keys the user wants to include in the list
// response. Duplicate key types are not allowed. If no key type
// is provided, all keys are returned.
KeyTypes []ListServiceAccountKeysRequest_KeyType `protobuf:"varint,2,rep,packed,name=key_types,json=keyTypes,enum=google.iam.admin.v1.ListServiceAccountKeysRequest_KeyType" json:"key_types,omitempty"`
}
func (*ListServiceAccountKeysRequest) Descriptor ¶
func (*ListServiceAccountKeysRequest) Descriptor() ([]byte, []int)
func (*ListServiceAccountKeysRequest) GetKeyTypes ¶
func (m *ListServiceAccountKeysRequest) GetKeyTypes() []ListServiceAccountKeysRequest_KeyType
func (*ListServiceAccountKeysRequest) GetName ¶
func (m *ListServiceAccountKeysRequest) GetName() string
func (*ListServiceAccountKeysRequest) ProtoMessage ¶
func (*ListServiceAccountKeysRequest) ProtoMessage()
func (*ListServiceAccountKeysRequest) Reset ¶
func (m *ListServiceAccountKeysRequest) Reset()
func (*ListServiceAccountKeysRequest) String ¶
func (m *ListServiceAccountKeysRequest) String() string
type ListServiceAccountKeysRequest_KeyType ¶
`KeyType` filters to selectively retrieve certain varieties of keys.
type ListServiceAccountKeysRequest_KeyType int32
const (
// Unspecified key type. The presence of this in the
// message will immediately result in an error.
ListServiceAccountKeysRequest_KEY_TYPE_UNSPECIFIED ListServiceAccountKeysRequest_KeyType = 0
// User-managed keys (managed and rotated by the user).
ListServiceAccountKeysRequest_USER_MANAGED ListServiceAccountKeysRequest_KeyType = 1
// System-managed keys (managed and rotated by Google).
ListServiceAccountKeysRequest_SYSTEM_MANAGED ListServiceAccountKeysRequest_KeyType = 2
)
func (ListServiceAccountKeysRequest_KeyType) EnumDescriptor ¶
func (ListServiceAccountKeysRequest_KeyType) EnumDescriptor() ([]byte, []int)
func (ListServiceAccountKeysRequest_KeyType) String ¶
func (x ListServiceAccountKeysRequest_KeyType) String() string
type ListServiceAccountKeysResponse ¶
The service account keys list response.
type ListServiceAccountKeysResponse struct {
// The public keys for the service account.
Keys []*ServiceAccountKey `protobuf:"bytes,1,rep,name=keys" json:"keys,omitempty"`
}
func (*ListServiceAccountKeysResponse) Descriptor ¶
func (*ListServiceAccountKeysResponse) Descriptor() ([]byte, []int)
func (*ListServiceAccountKeysResponse) GetKeys ¶
func (m *ListServiceAccountKeysResponse) GetKeys() []*ServiceAccountKey
func (*ListServiceAccountKeysResponse) ProtoMessage ¶
func (*ListServiceAccountKeysResponse) ProtoMessage()
func (*ListServiceAccountKeysResponse) Reset ¶
func (m *ListServiceAccountKeysResponse) Reset()
func (*ListServiceAccountKeysResponse) String ¶
func (m *ListServiceAccountKeysResponse) String() string
type ListServiceAccountsRequest ¶
The service account list request.
type ListServiceAccountsRequest struct {
// Required. The resource name of the project associated with the service
// accounts, such as `projects/my-project-123`.
Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
// Optional limit on the number of service accounts to include in the
// response. Further accounts can subsequently be obtained by including the
// [ListServiceAccountsResponse.next_page_token][google.iam.admin.v1.ListServiceAccountsResponse.next_page_token]
// in a subsequent request.
PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize" json:"page_size,omitempty"`
// Optional pagination token returned in an earlier
// [ListServiceAccountsResponse.next_page_token][google.iam.admin.v1.ListServiceAccountsResponse.next_page_token].
PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken" json:"page_token,omitempty"`
}
func (*ListServiceAccountsRequest) Descriptor ¶
func (*ListServiceAccountsRequest) Descriptor() ([]byte, []int)
func (*ListServiceAccountsRequest) GetName ¶
func (m *ListServiceAccountsRequest) GetName() string
func (*ListServiceAccountsRequest) GetPageSize ¶
func (m *ListServiceAccountsRequest) GetPageSize() int32
func (*ListServiceAccountsRequest) GetPageToken ¶
func (m *ListServiceAccountsRequest) GetPageToken() string
func (*ListServiceAccountsRequest) ProtoMessage ¶
func (*ListServiceAccountsRequest) ProtoMessage()
func (*ListServiceAccountsRequest) Reset ¶
func (m *ListServiceAccountsRequest) Reset()
func (*ListServiceAccountsRequest) String ¶
func (m *ListServiceAccountsRequest) String() string
type ListServiceAccountsResponse ¶
The service account list response.
type ListServiceAccountsResponse struct {
// The list of matching service accounts.
Accounts []*ServiceAccount `protobuf:"bytes,1,rep,name=accounts" json:"accounts,omitempty"`
// To retrieve the next page of results, set
// [ListServiceAccountsRequest.page_token][google.iam.admin.v1.ListServiceAccountsRequest.page_token]
// to this value.
NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken" json:"next_page_token,omitempty"`
}
func (*ListServiceAccountsResponse) Descriptor ¶
func (*ListServiceAccountsResponse) Descriptor() ([]byte, []int)
func (*ListServiceAccountsResponse) GetAccounts ¶
func (m *ListServiceAccountsResponse) GetAccounts() []*ServiceAccount
func (*ListServiceAccountsResponse) GetNextPageToken ¶
func (m *ListServiceAccountsResponse) GetNextPageToken() string
func (*ListServiceAccountsResponse) ProtoMessage ¶
func (*ListServiceAccountsResponse) ProtoMessage()
func (*ListServiceAccountsResponse) Reset ¶
func (m *ListServiceAccountsResponse) Reset()
func (*ListServiceAccountsResponse) String ¶
func (m *ListServiceAccountsResponse) String() string
type QueryGrantableRolesRequest ¶
The grantable role query request.
type QueryGrantableRolesRequest struct {
// Required. The full resource name to query from the list of grantable roles.
//
// The name follows the Google Cloud Platform resource format.
// For example, a Cloud Platform project with id `my-project` will be named
// `//cloudresourcemanager.googleapis.com/projects/my-project`.
FullResourceName string `protobuf:"bytes,1,opt,name=full_resource_name,json=fullResourceName" json:"full_resource_name,omitempty"`
}
func (*QueryGrantableRolesRequest) Descriptor ¶
func (*QueryGrantableRolesRequest) Descriptor() ([]byte, []int)
func (*QueryGrantableRolesRequest) GetFullResourceName ¶
func (m *QueryGrantableRolesRequest) GetFullResourceName() string
func (*QueryGrantableRolesRequest) ProtoMessage ¶
func (*QueryGrantableRolesRequest) ProtoMessage()
func (*QueryGrantableRolesRequest) Reset ¶
func (m *QueryGrantableRolesRequest) Reset()
func (*QueryGrantableRolesRequest) String ¶
func (m *QueryGrantableRolesRequest) String() string
type QueryGrantableRolesResponse ¶
The grantable role query response.
type QueryGrantableRolesResponse struct {
// The list of matching roles.
Roles []*Role `protobuf:"bytes,1,rep,name=roles" json:"roles,omitempty"`
}
func (*QueryGrantableRolesResponse) Descriptor ¶
func (*QueryGrantableRolesResponse) Descriptor() ([]byte, []int)
func (*QueryGrantableRolesResponse) GetRoles ¶
func (m *QueryGrantableRolesResponse) GetRoles() []*Role
func (*QueryGrantableRolesResponse) ProtoMessage ¶
func (*QueryGrantableRolesResponse) ProtoMessage()
func (*QueryGrantableRolesResponse) Reset ¶
func (m *QueryGrantableRolesResponse) Reset()
func (*QueryGrantableRolesResponse) String ¶
func (m *QueryGrantableRolesResponse) String() string
type Role ¶
A role in the Identity and Access Management API.
type Role struct {
// The name of the role.
//
// When Role is used in CreateRole, the role name must not be set.
//
// When Role is used in output and other input such as UpdateRole, the role
// name is the complete path, e.g., roles/logging.viewer for curated roles
// and organizations/{organization-id}/roles/logging.viewer for custom roles.
Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
// Optional. A human-readable title for the role. Typically this
// is limited to 100 UTF-8 bytes.
Title string `protobuf:"bytes,2,opt,name=title" json:"title,omitempty"`
// Optional. A human-readable description for the role.
Description string `protobuf:"bytes,3,opt,name=description" json:"description,omitempty"`
}
func (*Role) Descriptor ¶
func (*Role) Descriptor() ([]byte, []int)
func (*Role) GetDescription ¶
func (m *Role) GetDescription() string
func (*Role) GetName ¶
func (m *Role) GetName() string
func (*Role) GetTitle ¶
func (m *Role) GetTitle() string
func (*Role) ProtoMessage ¶
func (*Role) ProtoMessage()
func (*Role) Reset ¶
func (m *Role) Reset()
func (*Role) String ¶
func (m *Role) String() string
type ServiceAccount ¶
A service account in the Identity and Access Management API.
To create a service account, specify the `project_id` and the `account_id` for the account. The `account_id` is unique within the project, and is used to generate the service account email address and a stable `unique_id`.
If the account already exists, the account's resource name is returned in util::Status's ResourceInfo.resource_name in the format of projects/{project}/serviceAccounts/{email}. The caller can use the name in other methods to access the account.
All other methods can identify the service account using the format `projects/{project}/serviceAccounts/{account}`. Using `-` as a wildcard for the project will infer the project from the account. The `account` value can be the `email` address or the `unique_id` of the service account.
type ServiceAccount struct {
// The resource name of the service account in the following format:
// `projects/{project}/serviceAccounts/{account}`.
//
// Requests using `-` as a wildcard for the project will infer the project
// from the `account` and the `account` value can be the `email` address or
// the `unique_id` of the service account.
//
// In responses the resource name will always be in the format
// `projects/{project}/serviceAccounts/{email}`.
Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
// @OutputOnly The id of the project that owns the service account.
ProjectId string `protobuf:"bytes,2,opt,name=project_id,json=projectId" json:"project_id,omitempty"`
// @OutputOnly The unique and stable id of the service account.
UniqueId string `protobuf:"bytes,4,opt,name=unique_id,json=uniqueId" json:"unique_id,omitempty"`
// @OutputOnly The email address of the service account.
Email string `protobuf:"bytes,5,opt,name=email" json:"email,omitempty"`
// Optional. A user-specified description of the service account. Must be
// fewer than 100 UTF-8 bytes.
DisplayName string `protobuf:"bytes,6,opt,name=display_name,json=displayName" json:"display_name,omitempty"`
// Used to perform a consistent read-modify-write.
Etag []byte `protobuf:"bytes,7,opt,name=etag,proto3" json:"etag,omitempty"`
// @OutputOnly. The OAuth2 client id for the service account.
// This is used in conjunction with the OAuth2 clientconfig API to make
// three legged OAuth2 (3LO) flows to access the data of Google users.
Oauth2ClientId string `protobuf:"bytes,9,opt,name=oauth2_client_id,json=oauth2ClientId" json:"oauth2_client_id,omitempty"`
}
func (*ServiceAccount) Descriptor ¶
func (*ServiceAccount) Descriptor() ([]byte, []int)
func (*ServiceAccount) GetDisplayName ¶
func (m *ServiceAccount) GetDisplayName() string
func (*ServiceAccount) GetEmail ¶
func (m *ServiceAccount) GetEmail() string
func (*ServiceAccount) GetEtag ¶
func (m *ServiceAccount) GetEtag() []byte
func (*ServiceAccount) GetName ¶
func (m *ServiceAccount) GetName() string
func (*ServiceAccount) GetOauth2ClientId ¶
func (m *ServiceAccount) GetOauth2ClientId() string
func (*ServiceAccount) GetProjectId ¶
func (m *ServiceAccount) GetProjectId() string
func (*ServiceAccount) GetUniqueId ¶
func (m *ServiceAccount) GetUniqueId() string
func (*ServiceAccount) ProtoMessage ¶
func (*ServiceAccount) ProtoMessage()
func (*ServiceAccount) Reset ¶
func (m *ServiceAccount) Reset()
func (*ServiceAccount) String ¶
func (m *ServiceAccount) String() string
type ServiceAccountKey ¶
Represents a service account key.
A service account has two sets of key-pairs: user-managed, and system-managed.
User-managed key-pairs can be created and deleted by users. Users are responsible for rotating these keys periodically to ensure security of their service accounts. Users retain the private key of these key-pairs, and Google retains ONLY the public key.
System-managed key-pairs are managed automatically by Google, and rotated daily without user intervention. The private key never leaves Google's servers to maximize security.
Public keys for all service accounts are also published at the OAuth2 Service Account API.
type ServiceAccountKey struct {
// The resource name of the service account key in the following format
// `projects/{project}/serviceAccounts/{account}/keys/{key}`.
Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
// The output format for the private key.
// Only provided in `CreateServiceAccountKey` responses, not
// in `GetServiceAccountKey` or `ListServiceAccountKey` responses.
//
// Google never exposes system-managed private keys, and never retains
// user-managed private keys.
PrivateKeyType ServiceAccountPrivateKeyType `protobuf:"varint,2,opt,name=private_key_type,json=privateKeyType,enum=google.iam.admin.v1.ServiceAccountPrivateKeyType" json:"private_key_type,omitempty"`
// Specifies the algorithm (and possibly key size) for the key.
KeyAlgorithm ServiceAccountKeyAlgorithm `protobuf:"varint,8,opt,name=key_algorithm,json=keyAlgorithm,enum=google.iam.admin.v1.ServiceAccountKeyAlgorithm" json:"key_algorithm,omitempty"`
// The private key data. Only provided in `CreateServiceAccountKey`
// responses.
PrivateKeyData []byte `protobuf:"bytes,3,opt,name=private_key_data,json=privateKeyData,proto3" json:"private_key_data,omitempty"`
// The public key data. Only provided in `GetServiceAccountKey` responses.
PublicKeyData []byte `protobuf:"bytes,7,opt,name=public_key_data,json=publicKeyData,proto3" json:"public_key_data,omitempty"`
// The key can be used after this timestamp.
ValidAfterTime *google_protobuf3.Timestamp `protobuf:"bytes,4,opt,name=valid_after_time,json=validAfterTime" json:"valid_after_time,omitempty"`
// The key can be used before this timestamp.
ValidBeforeTime *google_protobuf3.Timestamp `protobuf:"bytes,5,opt,name=valid_before_time,json=validBeforeTime" json:"valid_before_time,omitempty"`
}
func (*ServiceAccountKey) Descriptor ¶
func (*ServiceAccountKey) Descriptor() ([]byte, []int)
func (*ServiceAccountKey) GetKeyAlgorithm ¶
func (m *ServiceAccountKey) GetKeyAlgorithm() ServiceAccountKeyAlgorithm
func (*ServiceAccountKey) GetName ¶
func (m *ServiceAccountKey) GetName() string
func (*ServiceAccountKey) GetPrivateKeyData ¶
func (m *ServiceAccountKey) GetPrivateKeyData() []byte
func (*ServiceAccountKey) GetPrivateKeyType ¶
func (m *ServiceAccountKey) GetPrivateKeyType() ServiceAccountPrivateKeyType
func (*ServiceAccountKey) GetPublicKeyData ¶
func (m *ServiceAccountKey) GetPublicKeyData() []byte
func (*ServiceAccountKey) GetValidAfterTime ¶
func (m *ServiceAccountKey) GetValidAfterTime() *google_protobuf3.Timestamp
func (*ServiceAccountKey) GetValidBeforeTime ¶
func (m *ServiceAccountKey) GetValidBeforeTime() *google_protobuf3.Timestamp
func (*ServiceAccountKey) ProtoMessage ¶
func (*ServiceAccountKey) ProtoMessage()
func (*ServiceAccountKey) Reset ¶
func (m *ServiceAccountKey) Reset()
func (*ServiceAccountKey) String ¶
func (m *ServiceAccountKey) String() string
type ServiceAccountKeyAlgorithm ¶
Supported key algorithms.
type ServiceAccountKeyAlgorithm int32
const (
// An unspecified key algorithm.
ServiceAccountKeyAlgorithm_KEY_ALG_UNSPECIFIED ServiceAccountKeyAlgorithm = 0
// 1k RSA Key.
ServiceAccountKeyAlgorithm_KEY_ALG_RSA_1024 ServiceAccountKeyAlgorithm = 1
// 2k RSA Key.
ServiceAccountKeyAlgorithm_KEY_ALG_RSA_2048 ServiceAccountKeyAlgorithm = 2
)
func (ServiceAccountKeyAlgorithm) EnumDescriptor ¶
func (ServiceAccountKeyAlgorithm) EnumDescriptor() ([]byte, []int)
func (ServiceAccountKeyAlgorithm) String ¶
func (x ServiceAccountKeyAlgorithm) String() string
type ServiceAccountPrivateKeyType ¶
Supported private key output formats.
type ServiceAccountPrivateKeyType int32
const (
// Unspecified. Equivalent to `TYPE_GOOGLE_CREDENTIALS_FILE`.
ServiceAccountPrivateKeyType_TYPE_UNSPECIFIED ServiceAccountPrivateKeyType = 0
// PKCS12 format.
// The password for the PKCS12 file is `notasecret`.
// For more information, see https://tools.ietf.org/html/rfc7292.
ServiceAccountPrivateKeyType_TYPE_PKCS12_FILE ServiceAccountPrivateKeyType = 1
// Google Credentials File format.
ServiceAccountPrivateKeyType_TYPE_GOOGLE_CREDENTIALS_FILE ServiceAccountPrivateKeyType = 2
)
func (ServiceAccountPrivateKeyType) EnumDescriptor ¶
func (ServiceAccountPrivateKeyType) EnumDescriptor() ([]byte, []int)
func (ServiceAccountPrivateKeyType) String ¶
func (x ServiceAccountPrivateKeyType) String() string
type ServiceAccountPublicKeyType ¶
Supported public key output formats.
type ServiceAccountPublicKeyType int32
const (
// Unspecified. Returns nothing here.
ServiceAccountPublicKeyType_TYPE_NONE ServiceAccountPublicKeyType = 0
// X509 PEM format.
ServiceAccountPublicKeyType_TYPE_X509_PEM_FILE ServiceAccountPublicKeyType = 1
// Raw public key.
ServiceAccountPublicKeyType_TYPE_RAW_PUBLIC_KEY ServiceAccountPublicKeyType = 2
)
func (ServiceAccountPublicKeyType) EnumDescriptor ¶
func (ServiceAccountPublicKeyType) EnumDescriptor() ([]byte, []int)
func (ServiceAccountPublicKeyType) String ¶
func (x ServiceAccountPublicKeyType) String() string
type SignBlobRequest ¶
The service account sign blob request.
type SignBlobRequest struct {
// The resource name of the service account in the following format:
// `projects/{project}/serviceAccounts/{account}`.
// Using `-` as a wildcard for the project will infer the project from
// the account. The `account` value can be the `email` address or the
// `unique_id` of the service account.
Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
// The bytes to sign.
BytesToSign []byte `protobuf:"bytes,2,opt,name=bytes_to_sign,json=bytesToSign,proto3" json:"bytes_to_sign,omitempty"`
}
func (*SignBlobRequest) Descriptor ¶
func (*SignBlobRequest) Descriptor() ([]byte, []int)
func (*SignBlobRequest) GetBytesToSign ¶
func (m *SignBlobRequest) GetBytesToSign() []byte
func (*SignBlobRequest) GetName ¶
func (m *SignBlobRequest) GetName() string
func (*SignBlobRequest) ProtoMessage ¶
func (*SignBlobRequest) ProtoMessage()
func (*SignBlobRequest) Reset ¶
func (m *SignBlobRequest) Reset()
func (*SignBlobRequest) String ¶
func (m *SignBlobRequest) String() string
type SignBlobResponse ¶
The service account sign blob response.
type SignBlobResponse struct {
// The id of the key used to sign the blob.
KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId" json:"key_id,omitempty"`
// The signed blob.
Signature []byte `protobuf:"bytes,2,opt,name=signature,proto3" json:"signature,omitempty"`
}
func (*SignBlobResponse) Descriptor ¶
func (*SignBlobResponse) Descriptor() ([]byte, []int)
func (*SignBlobResponse) GetKeyId ¶
func (m *SignBlobResponse) GetKeyId() string
func (*SignBlobResponse) GetSignature ¶
func (m *SignBlobResponse) GetSignature() []byte
func (*SignBlobResponse) ProtoMessage ¶
func (*SignBlobResponse) ProtoMessage()
func (*SignBlobResponse) Reset ¶
func (m *SignBlobResponse) Reset()
func (*SignBlobResponse) String ¶
func (m *SignBlobResponse) String() string