iam - ActiveState ActiveGo 1.8
...

Package iam

import "google.golang.org/genproto/googleapis/iam/v1"
Overview
Index

Overview ▾

Package iam is a generated protocol buffer package.

It is generated from these files:

google/iam/v1/iam_policy.proto
google/iam/v1/policy.proto

It has these top-level messages:

SetIamPolicyRequest
GetIamPolicyRequest
TestIamPermissionsRequest
TestIamPermissionsResponse
Policy
Binding
PolicyDelta
BindingDelta

Index ▾

Variables
func RegisterIAMPolicyServer(s *grpc.Server, srv IAMPolicyServer)
type Binding
    func (*Binding) Descriptor() ([]byte, []int)
    func (m *Binding) GetMembers() []string
    func (m *Binding) GetRole() string
    func (*Binding) ProtoMessage()
    func (m *Binding) Reset()
    func (m *Binding) String() string
type BindingDelta
    func (*BindingDelta) Descriptor() ([]byte, []int)
    func (m *BindingDelta) GetAction() BindingDelta_Action
    func (m *BindingDelta) GetMember() string
    func (m *BindingDelta) GetRole() string
    func (*BindingDelta) ProtoMessage()
    func (m *BindingDelta) Reset()
    func (m *BindingDelta) String() string
type BindingDelta_Action
    func (BindingDelta_Action) EnumDescriptor() ([]byte, []int)
    func (x BindingDelta_Action) String() string
type GetIamPolicyRequest
    func (*GetIamPolicyRequest) Descriptor() ([]byte, []int)
    func (m *GetIamPolicyRequest) GetResource() string
    func (*GetIamPolicyRequest) ProtoMessage()
    func (m *GetIamPolicyRequest) Reset()
    func (m *GetIamPolicyRequest) String() string
type IAMPolicyClient
    func NewIAMPolicyClient(cc *grpc.ClientConn) IAMPolicyClient
type IAMPolicyServer
type Policy
    func (*Policy) Descriptor() ([]byte, []int)
    func (m *Policy) GetBindings() []*Binding
    func (m *Policy) GetEtag() []byte
    func (m *Policy) GetVersion() int32
    func (*Policy) ProtoMessage()
    func (m *Policy) Reset()
    func (m *Policy) String() string
type PolicyDelta
    func (*PolicyDelta) Descriptor() ([]byte, []int)
    func (m *PolicyDelta) GetBindingDeltas() []*BindingDelta
    func (*PolicyDelta) ProtoMessage()
    func (m *PolicyDelta) Reset()
    func (m *PolicyDelta) String() string
type SetIamPolicyRequest
    func (*SetIamPolicyRequest) Descriptor() ([]byte, []int)
    func (m *SetIamPolicyRequest) GetPolicy() *Policy
    func (m *SetIamPolicyRequest) GetResource() string
    func (*SetIamPolicyRequest) ProtoMessage()
    func (m *SetIamPolicyRequest) Reset()
    func (m *SetIamPolicyRequest) String() string
type TestIamPermissionsRequest
    func (*TestIamPermissionsRequest) Descriptor() ([]byte, []int)
    func (m *TestIamPermissionsRequest) GetPermissions() []string
    func (m *TestIamPermissionsRequest) GetResource() string
    func (*TestIamPermissionsRequest) ProtoMessage()
    func (m *TestIamPermissionsRequest) Reset()
    func (m *TestIamPermissionsRequest) String() string
type TestIamPermissionsResponse
    func (*TestIamPermissionsResponse) Descriptor() ([]byte, []int)
    func (m *TestIamPermissionsResponse) GetPermissions() []string
    func (*TestIamPermissionsResponse) ProtoMessage()
    func (m *TestIamPermissionsResponse) Reset()
    func (m *TestIamPermissionsResponse) String() string

Package files

iam_policy.pb.go policy.pb.go

Variables

var BindingDelta_Action_name = map[int32]string{
    0: "ACTION_UNSPECIFIED",
    1: "ADD",
    2: "REMOVE",
}
var BindingDelta_Action_value = map[string]int32{
    "ACTION_UNSPECIFIED": 0,
    "ADD":                1,
    "REMOVE":             2,
}

func RegisterIAMPolicyServer

func RegisterIAMPolicyServer(s *grpc.Server, srv IAMPolicyServer)

type Binding

Associates `members` with a `role`.

type Binding struct {
    // Role that is assigned to `members`.
    // For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
    // Required
    Role string `protobuf:"bytes,1,opt,name=role" json:"role,omitempty"`
    // Specifies the identities requesting access for a Cloud Platform resource.
    // `members` can have the following values:
    //
    // * `allUsers`: A special identifier that represents anyone who is
    //    on the internet; with or without a Google account.
    //
    // * `allAuthenticatedUsers`: A special identifier that represents anyone
    //    who is authenticated with a Google account or a service account.
    //
    // * `user:{emailid}`: An email address that represents a specific Google
    //    account. For example, `alice@gmail.com` or `joe@example.com`.
    //
    //
    // * `serviceAccount:{emailid}`: An email address that represents a service
    //    account. For example, `my-other-app@appspot.gserviceaccount.com`.
    //
    // * `group:{emailid}`: An email address that represents a Google group.
    //    For example, `admins@example.com`.
    //
    // * `domain:{domain}`: A Google Apps domain name that represents all the
    //    users of that domain. For example, `google.com` or `example.com`.
    //
    //
    Members []string `protobuf:"bytes,2,rep,name=members" json:"members,omitempty"`
}

func (*Binding) Descriptor

func (*Binding) Descriptor() ([]byte, []int)

func (*Binding) GetMembers

func (m *Binding) GetMembers() []string

func (*Binding) GetRole

func (m *Binding) GetRole() string

func (*Binding) ProtoMessage

func (*Binding) ProtoMessage()

func (*Binding) Reset

func (m *Binding) Reset()

func (*Binding) String

func (m *Binding) String() string

type BindingDelta

One delta entry for Binding. Each individual change (only one member in each entry) to a binding will be a separate entry.

type BindingDelta struct {
    // The action that was performed on a Binding.
    // Required
    Action BindingDelta_Action `protobuf:"varint,1,opt,name=action,enum=google.iam.v1.BindingDelta_Action" json:"action,omitempty"`
    // Role that is assigned to `members`.
    // For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
    // Required
    Role string `protobuf:"bytes,2,opt,name=role" json:"role,omitempty"`
    // A single identity requesting access for a Cloud Platform resource.
    // Follows the same format of Binding.members.
    // Required
    Member string `protobuf:"bytes,3,opt,name=member" json:"member,omitempty"`
}

func (*BindingDelta) Descriptor

func (*BindingDelta) Descriptor() ([]byte, []int)

func (*BindingDelta) GetAction

func (m *BindingDelta) GetAction() BindingDelta_Action

func (*BindingDelta) GetMember

func (m *BindingDelta) GetMember() string

func (*BindingDelta) GetRole

func (m *BindingDelta) GetRole() string

func (*BindingDelta) ProtoMessage

func (*BindingDelta) ProtoMessage()

func (*BindingDelta) Reset

func (m *BindingDelta) Reset()

func (*BindingDelta) String

func (m *BindingDelta) String() string

type BindingDelta_Action

The type of action performed on a Binding in a policy.

type BindingDelta_Action int32
const (
    // Unspecified.
    BindingDelta_ACTION_UNSPECIFIED BindingDelta_Action = 0
    // Addition of a Binding.
    BindingDelta_ADD BindingDelta_Action = 1
    // Removal of a Binding.
    BindingDelta_REMOVE BindingDelta_Action = 2
)

func (BindingDelta_Action) EnumDescriptor

func (BindingDelta_Action) EnumDescriptor() ([]byte, []int)

func (BindingDelta_Action) String

func (x BindingDelta_Action) String() string

type GetIamPolicyRequest

Request message for `GetIamPolicy` method.

type GetIamPolicyRequest struct {
    // REQUIRED: The resource for which the policy is being requested.
    // `resource` is usually specified as a path. For example, a Project
    // resource is specified as `projects/{project}`.
    Resource string `protobuf:"bytes,1,opt,name=resource" json:"resource,omitempty"`
}

func (*GetIamPolicyRequest) Descriptor

func (*GetIamPolicyRequest) Descriptor() ([]byte, []int)

func (*GetIamPolicyRequest) GetResource

func (m *GetIamPolicyRequest) GetResource() string

func (*GetIamPolicyRequest) ProtoMessage

func (*GetIamPolicyRequest) ProtoMessage()

func (*GetIamPolicyRequest) Reset

func (m *GetIamPolicyRequest) Reset()

func (*GetIamPolicyRequest) String

func (m *GetIamPolicyRequest) String() string

type IAMPolicyClient

type IAMPolicyClient interface {
    // Sets the access control policy on the specified resource. Replaces any
    // existing policy.
    SetIamPolicy(ctx context.Context, in *SetIamPolicyRequest, opts ...grpc.CallOption) (*Policy, error)
    // Gets the access control policy for a resource.
    // Returns an empty policy if the resource exists and does not have a policy
    // set.
    GetIamPolicy(ctx context.Context, in *GetIamPolicyRequest, opts ...grpc.CallOption) (*Policy, error)
    // Returns permissions that a caller has on the specified resource.
    // If the resource does not exist, this will return an empty set of
    // permissions, not a NOT_FOUND error.
    TestIamPermissions(ctx context.Context, in *TestIamPermissionsRequest, opts ...grpc.CallOption) (*TestIamPermissionsResponse, error)
}

func NewIAMPolicyClient

func NewIAMPolicyClient(cc *grpc.ClientConn) IAMPolicyClient

type IAMPolicyServer

type IAMPolicyServer interface {
    // Sets the access control policy on the specified resource. Replaces any
    // existing policy.
    SetIamPolicy(context.Context, *SetIamPolicyRequest) (*Policy, error)
    // Gets the access control policy for a resource.
    // Returns an empty policy if the resource exists and does not have a policy
    // set.
    GetIamPolicy(context.Context, *GetIamPolicyRequest) (*Policy, error)
    // Returns permissions that a caller has on the specified resource.
    // If the resource does not exist, this will return an empty set of
    // permissions, not a NOT_FOUND error.
    TestIamPermissions(context.Context, *TestIamPermissionsRequest) (*TestIamPermissionsResponse, error)
}

type Policy

Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources.

A `Policy` consists of a list of `bindings`. A `Binding` binds a list of `members` to a `role`, where the members can be user accounts, Google groups, Google domains, and service accounts. A `role` is a named list of permissions defined by IAM.

**Example**

{
  "bindings": [
    {
      "role": "roles/owner",
      "members": [
        "user:mike@example.com",
        "group:admins@example.com",
        "domain:google.com",
        "serviceAccount:my-other-app@appspot.gserviceaccount.com",
      ]
    },
    {
      "role": "roles/viewer",
      "members": ["user:sean@example.com"]
    }
  ]
}

For a description of IAM and its features, see the [IAM developer's guide](https://cloud.google.com/iam).

type Policy struct {
    // Version of the `Policy`. The default version is 0.
    Version int32 `protobuf:"varint,1,opt,name=version" json:"version,omitempty"`
    // Associates a list of `members` to a `role`.
    // Multiple `bindings` must not be specified for the same `role`.
    // `bindings` with no members will result in an error.
    Bindings []*Binding `protobuf:"bytes,4,rep,name=bindings" json:"bindings,omitempty"`
    // `etag` is used for optimistic concurrency control as a way to help
    // prevent simultaneous updates of a policy from overwriting each other.
    // It is strongly suggested that systems make use of the `etag` in the
    // read-modify-write cycle to perform policy updates in order to avoid race
    // conditions: An `etag` is returned in the response to `getIamPolicy`, and
    // systems are expected to put that etag in the request to `setIamPolicy` to
    // ensure that their change will be applied to the same version of the policy.
    //
    // If no `etag` is provided in the call to `setIamPolicy`, then the existing
    // policy is overwritten blindly.
    Etag []byte `protobuf:"bytes,3,opt,name=etag,proto3" json:"etag,omitempty"`
}

func (*Policy) Descriptor

func (*Policy) Descriptor() ([]byte, []int)

func (*Policy) GetBindings

func (m *Policy) GetBindings() []*Binding

func (*Policy) GetEtag

func (m *Policy) GetEtag() []byte

func (*Policy) GetVersion

func (m *Policy) GetVersion() int32

func (*Policy) ProtoMessage

func (*Policy) ProtoMessage()

func (*Policy) Reset

func (m *Policy) Reset()

func (*Policy) String

func (m *Policy) String() string

type PolicyDelta

The difference delta between two policies.

type PolicyDelta struct {
    // The delta for Bindings between two policies.
    BindingDeltas []*BindingDelta `protobuf:"bytes,1,rep,name=binding_deltas,json=bindingDeltas" json:"binding_deltas,omitempty"`
}

func (*PolicyDelta) Descriptor

func (*PolicyDelta) Descriptor() ([]byte, []int)

func (*PolicyDelta) GetBindingDeltas

func (m *PolicyDelta) GetBindingDeltas() []*BindingDelta

func (*PolicyDelta) ProtoMessage

func (*PolicyDelta) ProtoMessage()

func (*PolicyDelta) Reset

func (m *PolicyDelta) Reset()

func (*PolicyDelta) String

func (m *PolicyDelta) String() string

type SetIamPolicyRequest

Request message for `SetIamPolicy` method.

type SetIamPolicyRequest struct {
    // REQUIRED: The resource for which the policy is being specified.
    // `resource` is usually specified as a path. For example, a Project
    // resource is specified as `projects/{project}`.
    Resource string `protobuf:"bytes,1,opt,name=resource" json:"resource,omitempty"`
    // REQUIRED: The complete policy to be applied to the `resource`. The size of
    // the policy is limited to a few 10s of KB. An empty policy is a
    // valid policy but certain Cloud Platform services (such as Projects)
    // might reject them.
    Policy *Policy `protobuf:"bytes,2,opt,name=policy" json:"policy,omitempty"`
}

func (*SetIamPolicyRequest) Descriptor

func (*SetIamPolicyRequest) Descriptor() ([]byte, []int)

func (*SetIamPolicyRequest) GetPolicy

func (m *SetIamPolicyRequest) GetPolicy() *Policy

func (*SetIamPolicyRequest) GetResource

func (m *SetIamPolicyRequest) GetResource() string

func (*SetIamPolicyRequest) ProtoMessage

func (*SetIamPolicyRequest) ProtoMessage()

func (*SetIamPolicyRequest) Reset

func (m *SetIamPolicyRequest) Reset()

func (*SetIamPolicyRequest) String

func (m *SetIamPolicyRequest) String() string

type TestIamPermissionsRequest

Request message for `TestIamPermissions` method.

type TestIamPermissionsRequest struct {
    // REQUIRED: The resource for which the policy detail is being requested.
    // `resource` is usually specified as a path. For example, a Project
    // resource is specified as `projects/{project}`.
    Resource string `protobuf:"bytes,1,opt,name=resource" json:"resource,omitempty"`
    // The set of permissions to check for the `resource`. Permissions with
    // wildcards (such as '*' or 'storage.*') are not allowed. For more
    // information see
    // [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
    Permissions []string `protobuf:"bytes,2,rep,name=permissions" json:"permissions,omitempty"`
}

func (*TestIamPermissionsRequest) Descriptor

func (*TestIamPermissionsRequest) Descriptor() ([]byte, []int)

func (*TestIamPermissionsRequest) GetPermissions

func (m *TestIamPermissionsRequest) GetPermissions() []string

func (*TestIamPermissionsRequest) GetResource

func (m *TestIamPermissionsRequest) GetResource() string

func (*TestIamPermissionsRequest) ProtoMessage

func (*TestIamPermissionsRequest) ProtoMessage()

func (*TestIamPermissionsRequest) Reset

func (m *TestIamPermissionsRequest) Reset()

func (*TestIamPermissionsRequest) String

func (m *TestIamPermissionsRequest) String() string

type TestIamPermissionsResponse

Response message for `TestIamPermissions` method.

type TestIamPermissionsResponse struct {
    // A subset of `TestPermissionsRequest.permissions` that the caller is
    // allowed.
    Permissions []string `protobuf:"bytes,1,rep,name=permissions" json:"permissions,omitempty"`
}

func (*TestIamPermissionsResponse) Descriptor

func (*TestIamPermissionsResponse) Descriptor() ([]byte, []int)

func (*TestIamPermissionsResponse) GetPermissions

func (m *TestIamPermissionsResponse) GetPermissions() []string

func (*TestIamPermissionsResponse) ProtoMessage

func (*TestIamPermissionsResponse) ProtoMessage()

func (*TestIamPermissionsResponse) Reset

func (m *TestIamPermissionsResponse) Reset()

func (*TestIamPermissionsResponse) String

func (m *TestIamPermissionsResponse) String() string