Access Context Manager V1 API - Class Google::Identity::AccessContextManager::V1::AccessContextManager::Client (v0.3.0)

Reference documentation and code samples for the Access Context Manager V1 API class Google::Identity::AccessContextManager::V1::AccessContextManager::Client.

Client for the AccessContextManager service.

API for setting [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] and [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] for Google Cloud projects. Each organization has one [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that contains the [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] and [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]. This [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is applicable to all resources in the organization. AccessPolicies

Inherits

  • Object

Methods

.configure

def self.configure() { |config| ... } -> Client::Configuration

Configure the AccessContextManager Client class.

See Configuration for a description of the configuration fields.

Yields
  • (config) — Configure the Client client.
Yield Parameter
Example
# Modify the configuration for all AccessContextManager clients
::Google::Identity::AccessContextManager::V1::AccessContextManager::Client.configure do |config|
  config.timeout = 10.0
end

#commit_service_perimeters

def commit_service_perimeters(request, options = nil) -> ::Gapic::Operation
def commit_service_perimeters(parent: nil, etag: nil) -> ::Gapic::Operation

Commits the dry-run specification for all the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an access policy. A commit operation on a service perimeter involves copying its spec field to the status field of the service perimeter. Only [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] with use_explicit_dry_run_spec field set to true are affected by a commit operation. The long-running operation from this RPC has a successful status after the dry-run specifications for all the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] have been committed. If a commit fails, it causes the long-running operation to return an error response and the entire commit operation is cancelled. When successful, the Operation.response field contains CommitServicePerimetersResponse. The dry_run and the spec fields are cleared after a successful commit operation.

Overloads
def commit_service_perimeters(request, options = nil) -> ::Gapic::Operation
Pass arguments to commit_service_perimeters via a request object, either of type CommitServicePerimetersRequest or an equivalent Hash.
Parameters
def commit_service_perimeters(parent: nil, etag: nil) -> ::Gapic::Operation
Pass arguments to commit_service_perimeters via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • parent (::String) — Required. Resource name for the parent [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] which owns all [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in scope for the commit operation.

    Format: accessPolicies/{policy_id}

  • etag (::String) — Optional. The etag for the version of the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that this commit operation is to be performed on. If, at the time of commit, the etag for the Access Policy stored in Access Context Manager is different from the specified etag, then the commit operation will not be performed and the call will fail. This field is not required. If etag is not provided, the operation will be performed as if a valid etag is provided.
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::CommitServicePerimetersRequest.new

# Call the commit_service_perimeters method.
result = client.commit_service_perimeters request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end

#configure

def configure() { |config| ... } -> Client::Configuration

Configure the AccessContextManager Client instance.

The configuration is set to the derived mode, meaning that values can be changed, but structural changes (adding new fields, etc.) are not allowed. Structural changes should be made on Client.configure.

See Configuration for a description of the configuration fields.

Yields
  • (config) — Configure the Client client.
Yield Parameter

#create_access_level

def create_access_level(request, options = nil) -> ::Gapic::Operation
def create_access_level(parent: nil, access_level: nil) -> ::Gapic::Operation

Creates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagates to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.

Overloads
def create_access_level(request, options = nil) -> ::Gapic::Operation
Pass arguments to create_access_level via a request object, either of type CreateAccessLevelRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::CreateAccessLevelRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def create_access_level(parent: nil, access_level: nil) -> ::Gapic::Operation
Pass arguments to create_access_level via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • parent (::String) — Required. Resource name for the access policy which owns this [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel].

    Format: accessPolicies/{policy_id}

  • access_level (::Google::Identity::AccessContextManager::V1::AccessLevel, ::Hash) — Required. The [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] to create. Syntactic correctness of the [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] is a precondition for creation.
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::CreateAccessLevelRequest.new

# Call the create_access_level method.
result = client.create_access_level request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end

#create_access_policy

def create_access_policy(request, options = nil) -> ::Gapic::Operation
def create_access_policy(name: nil, parent: nil, title: nil, scopes: nil, create_time: nil, update_time: nil, etag: nil) -> ::Gapic::Operation

Creates an access policy. This method fails if the organization already has an access policy. The long-running operation has a successful status after the access policy propagates to long-lasting storage. Syntactic and basic semantic errors are returned in metadata as a BadRequest proto.

Overloads
def create_access_policy(request, options = nil) -> ::Gapic::Operation
Pass arguments to create_access_policy via a request object, either of type Google::Identity::AccessContextManager::V1::AccessPolicy or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::AccessPolicy, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def create_access_policy(name: nil, parent: nil, title: nil, scopes: nil, create_time: nil, update_time: nil, etag: nil) -> ::Gapic::Operation
Pass arguments to create_access_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • name (::String) — Output only. Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}
  • parent (::String) — Required. The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}
  • title (::String) — Required. Human readable title. Does not affect behavior.
  • scopes (::Array<::String>) —

    The scopes of a policy define which resources an ACM policy can restrict, and where ACM resources can be referenced. For example, a policy with scopes=["folders/123"] has the following behavior:

    • vpcsc perimeters can only restrict projects within folders/123
    • access levels can only be referenced by resources within folders/123. If empty, there are no limitations on which resources can be restricted by an ACM policy, and there are no limitations on where ACM resources can be referenced. Only one policy can include a given scope (attempting to create a second policy which includes "folders/123" will result in an error). Currently, scopes cannot be modified after a policy is created. Currently, policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}
  • create_time (::Google::Protobuf::Timestamp, ::Hash) — Output only. Time the AccessPolicy was created in UTC.
  • update_time (::Google::Protobuf::Timestamp, ::Hash) — Output only. Time the AccessPolicy was updated in UTC.
  • etag (::String) — Output only. An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::AccessPolicy.new

# Call the create_access_policy method.
result = client.create_access_policy request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end

#create_gcp_user_access_binding

def create_gcp_user_access_binding(request, options = nil) -> ::Gapic::Operation
def create_gcp_user_access_binding(parent: nil, gcp_user_access_binding: nil) -> ::Gapic::Operation

Creates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. If the client specifies a [name] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.name], the server ignores it. Fails if a resource already exists with the same [group_key] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.group_key]. Completion of this long-running operation does not necessarily signify that the new binding is deployed onto all affected users, which may take more time.

Overloads
def create_gcp_user_access_binding(request, options = nil) -> ::Gapic::Operation
Pass arguments to create_gcp_user_access_binding via a request object, either of type CreateGcpUserAccessBindingRequest or an equivalent Hash.
Parameters
def create_gcp_user_access_binding(parent: nil, gcp_user_access_binding: nil) -> ::Gapic::Operation
Pass arguments to create_gcp_user_access_binding via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::CreateGcpUserAccessBindingRequest.new

# Call the create_gcp_user_access_binding method.
result = client.create_gcp_user_access_binding request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end

#create_service_perimeter

def create_service_perimeter(request, options = nil) -> ::Gapic::Operation
def create_service_perimeter(parent: nil, service_perimeter: nil) -> ::Gapic::Operation

Creates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.

Overloads
def create_service_perimeter(request, options = nil) -> ::Gapic::Operation
Pass arguments to create_service_perimeter via a request object, either of type CreateServicePerimeterRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::CreateServicePerimeterRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def create_service_perimeter(parent: nil, service_perimeter: nil) -> ::Gapic::Operation
Pass arguments to create_service_perimeter via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • parent (::String) — Required. Resource name for the access policy which owns this [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter].

    Format: accessPolicies/{policy_id}

  • service_perimeter (::Google::Identity::AccessContextManager::V1::ServicePerimeter, ::Hash) — Required. The [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] to create. Syntactic correctness of the [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] is a precondition for creation.
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::CreateServicePerimeterRequest.new

# Call the create_service_perimeter method.
result = client.create_service_perimeter request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end

#delete_access_level

def delete_access_level(request, options = nil) -> ::Gapic::Operation
def delete_access_level(name: nil) -> ::Gapic::Operation

Deletes an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] has been removed from long-lasting storage.

Overloads
def delete_access_level(request, options = nil) -> ::Gapic::Operation
Pass arguments to delete_access_level via a request object, either of type DeleteAccessLevelRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::DeleteAccessLevelRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def delete_access_level(name: nil) -> ::Gapic::Operation
Pass arguments to delete_access_level via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameter
  • name (::String) — Required. Resource name for the [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel].

    Format: accessPolicies/{policy_id}/accessLevels/{access_level_id}

Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::DeleteAccessLevelRequest.new

# Call the delete_access_level method.
result = client.delete_access_level request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end

#delete_access_policy

def delete_access_policy(request, options = nil) -> ::Gapic::Operation
def delete_access_policy(name: nil) -> ::Gapic::Operation

Deletes an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the resource name. The long-running operation has a successful status after the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is removed from long-lasting storage.

Overloads
def delete_access_policy(request, options = nil) -> ::Gapic::Operation
Pass arguments to delete_access_policy via a request object, either of type DeleteAccessPolicyRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::DeleteAccessPolicyRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def delete_access_policy(name: nil) -> ::Gapic::Operation
Pass arguments to delete_access_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameter
  • name (::String) — Required. Resource name for the access policy to delete.

    Format accessPolicies/{policy_id}

Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::DeleteAccessPolicyRequest.new

# Call the delete_access_policy method.
result = client.delete_access_policy request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end

#delete_gcp_user_access_binding

def delete_gcp_user_access_binding(request, options = nil) -> ::Gapic::Operation
def delete_gcp_user_access_binding(name: nil) -> ::Gapic::Operation

Deletes a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the binding deletion is deployed onto all affected users, which may take more time.

Overloads
def delete_gcp_user_access_binding(request, options = nil) -> ::Gapic::Operation
Pass arguments to delete_gcp_user_access_binding via a request object, either of type DeleteGcpUserAccessBindingRequest or an equivalent Hash.
Parameters
def delete_gcp_user_access_binding(name: nil) -> ::Gapic::Operation
Pass arguments to delete_gcp_user_access_binding via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameter
  • name (::String) — Required. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::DeleteGcpUserAccessBindingRequest.new

# Call the delete_gcp_user_access_binding method.
result = client.delete_gcp_user_access_binding request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end

#delete_service_perimeter

def delete_service_perimeter(request, options = nil) -> ::Gapic::Operation
def delete_service_perimeter(name: nil) -> ::Gapic::Operation

Deletes a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] is removed from long-lasting storage.

Overloads
def delete_service_perimeter(request, options = nil) -> ::Gapic::Operation
Pass arguments to delete_service_perimeter via a request object, either of type DeleteServicePerimeterRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::DeleteServicePerimeterRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def delete_service_perimeter(name: nil) -> ::Gapic::Operation
Pass arguments to delete_service_perimeter via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameter
  • name (::String) — Required. Resource name for the [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter].

    Format: accessPolicies/{policy_id}/servicePerimeters/{service_perimeter_id}

Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::DeleteServicePerimeterRequest.new

# Call the delete_service_perimeter method.
result = client.delete_service_perimeter request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end

#get_access_level

def get_access_level(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::AccessLevel
def get_access_level(name: nil, access_level_format: nil) -> ::Google::Identity::AccessContextManager::V1::AccessLevel

Gets an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name.

Overloads
def get_access_level(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::AccessLevel
Pass arguments to get_access_level via a request object, either of type GetAccessLevelRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::GetAccessLevelRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def get_access_level(name: nil, access_level_format: nil) -> ::Google::Identity::AccessContextManager::V1::AccessLevel
Pass arguments to get_access_level via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • name (::String) — Required. Resource name for the [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel].

    Format: accessPolicies/{policy_id}/accessLevels/{access_level_id}

  • access_level_format (::Google::Identity::AccessContextManager::V1::LevelFormat) — Whether to return BasicLevels in the Cloud Common Expression Language rather than as BasicLevels. Defaults to AS_DEFINED, where [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] are returned as BasicLevels or CustomLevels based on how they were created. If set to CEL, all [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] are returned as CustomLevels. In the CEL case, BasicLevels are translated to equivalent CustomLevels.
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::GetAccessLevelRequest.new

# Call the get_access_level method.
result = client.get_access_level request

# The returned object is of type Google::Identity::AccessContextManager::V1::AccessLevel.
p result

#get_access_policy

def get_access_policy(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::AccessPolicy
def get_access_policy(name: nil) -> ::Google::Identity::AccessContextManager::V1::AccessPolicy

Returns an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the name.

Overloads
def get_access_policy(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::AccessPolicy
Pass arguments to get_access_policy via a request object, either of type GetAccessPolicyRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::GetAccessPolicyRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def get_access_policy(name: nil) -> ::Google::Identity::AccessContextManager::V1::AccessPolicy
Pass arguments to get_access_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameter
  • name (::String) — Required. Resource name for the access policy to get.

    Format accessPolicies/{policy_id}

Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::GetAccessPolicyRequest.new

# Call the get_access_policy method.
result = client.get_access_policy request

# The returned object is of type Google::Identity::AccessContextManager::V1::AccessPolicy.
p result

#get_gcp_user_access_binding

def get_gcp_user_access_binding(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding
def get_gcp_user_access_binding(name: nil) -> ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding

Gets the [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] with the given name.

Overloads
def get_gcp_user_access_binding(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding
Pass arguments to get_gcp_user_access_binding via a request object, either of type GetGcpUserAccessBindingRequest or an equivalent Hash.
Parameters
def get_gcp_user_access_binding(name: nil) -> ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding
Pass arguments to get_gcp_user_access_binding via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameter
  • name (::String) — Required. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::GetGcpUserAccessBindingRequest.new

# Call the get_gcp_user_access_binding method.
result = client.get_gcp_user_access_binding request

# The returned object is of type Google::Identity::AccessContextManager::V1::GcpUserAccessBinding.
p result

#get_iam_policy

def get_iam_policy(request, options = nil) -> ::Google::Iam::V1::Policy
def get_iam_policy(resource: nil, options: nil) -> ::Google::Iam::V1::Policy

Gets the IAM policy for the specified Access Context Manager access policy.

Overloads
def get_iam_policy(request, options = nil) -> ::Google::Iam::V1::Policy
Pass arguments to get_iam_policy via a request object, either of type Google::Iam::V1::GetIamPolicyRequest or an equivalent Hash.
Parameters
  • request (::Google::Iam::V1::GetIamPolicyRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def get_iam_policy(resource: nil, options: nil) -> ::Google::Iam::V1::Policy
Pass arguments to get_iam_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • resource (::String) — REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
  • options (::Google::Iam::V1::GetPolicyOptions, ::Hash) — OPTIONAL: A GetPolicyOptions object for specifying options to GetIamPolicy.
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Iam::V1::GetIamPolicyRequest.new

# Call the get_iam_policy method.
result = client.get_iam_policy request

# The returned object is of type Google::Iam::V1::Policy.
p result

#get_service_perimeter

def get_service_perimeter(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::ServicePerimeter
def get_service_perimeter(name: nil) -> ::Google::Identity::AccessContextManager::V1::ServicePerimeter

Gets a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name.

Overloads
def get_service_perimeter(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::ServicePerimeter
Pass arguments to get_service_perimeter via a request object, either of type GetServicePerimeterRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::GetServicePerimeterRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def get_service_perimeter(name: nil) -> ::Google::Identity::AccessContextManager::V1::ServicePerimeter
Pass arguments to get_service_perimeter via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameter
  • name (::String) — Required. Resource name for the [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter].

    Format: accessPolicies/{policy_id}/servicePerimeters/{service_perimeters_id}

Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::GetServicePerimeterRequest.new

# Call the get_service_perimeter method.
result = client.get_service_perimeter request

# The returned object is of type Google::Identity::AccessContextManager::V1::ServicePerimeter.
p result

#initialize

def initialize() { |config| ... } -> Client

Create a new AccessContextManager client object.

Yields
  • (config) — Configure the AccessContextManager client.
Yield Parameter
Returns
  • (Client) — a new instance of Client
Example
# Create a client using the default configuration
client = ::Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a client using a custom configuration
client = ::Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new do |config|
  config.timeout = 10.0
end

#list_access_levels

def list_access_levels(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>
def list_access_levels(parent: nil, page_size: nil, page_token: nil, access_level_format: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>

Lists all [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] for an access policy.

Overloads
def list_access_levels(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>
Pass arguments to list_access_levels via a request object, either of type ListAccessLevelsRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::ListAccessLevelsRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def list_access_levels(parent: nil, page_size: nil, page_token: nil, access_level_format: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>
Pass arguments to list_access_levels via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • parent (::String) — Required. Resource name for the access policy to list [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] from.

    Format: accessPolicies/{policy_id}

  • page_size (::Integer) — Number of [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] to include in the list. Default 100.
  • page_token (::String) — Next page token for the next batch of [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] instances. Defaults to the first page of results.
  • access_level_format (::Google::Identity::AccessContextManager::V1::LevelFormat) — Whether to return BasicLevels in the Cloud Common Expression language, as CustomLevels, rather than as BasicLevels. Defaults to returning AccessLevels in the format they were defined.
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
Returns
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ListAccessLevelsRequest.new

# Call the list_access_levels method.
result = client.list_access_levels request

# The returned object is of type Gapic::PagedEnumerable. You can
# iterate over all elements by calling #each, and the enumerable
# will lazily make API calls to fetch subsequent pages. Other
# methods are also available for managing paging directly.
result.each do |response|
  # Each element is of type ::Google::Identity::AccessContextManager::V1::AccessLevel.
  p response
end

#list_access_policies

def list_access_policies(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>
def list_access_policies(parent: nil, page_size: nil, page_token: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>

Lists all [access policies] [google.identity.accesscontextmanager.v1.AccessPolicy] in an organization.

Overloads
def list_access_policies(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>
Pass arguments to list_access_policies via a request object, either of type ListAccessPoliciesRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::ListAccessPoliciesRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def list_access_policies(parent: nil, page_size: nil, page_token: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>
Pass arguments to list_access_policies via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • parent (::String) — Required. Resource name for the container to list AccessPolicy instances from.

    Format: organizations/{org_id}

  • page_size (::Integer) — Number of AccessPolicy instances to include in the list. Default 100.
  • page_token (::String) — Next page token for the next batch of AccessPolicy instances. Defaults to the first page of results.
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ListAccessPoliciesRequest.new

# Call the list_access_policies method.
result = client.list_access_policies request

# The returned object is of type Gapic::PagedEnumerable. You can
# iterate over all elements by calling #each, and the enumerable
# will lazily make API calls to fetch subsequent pages. Other
# methods are also available for managing paging directly.
result.each do |response|
  # Each element is of type ::Google::Identity::AccessContextManager::V1::AccessPolicy.
  p response
end

#list_gcp_user_access_bindings

def list_gcp_user_access_bindings(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>
def list_gcp_user_access_bindings(parent: nil, page_size: nil, page_token: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>

Lists all [GcpUserAccessBindings] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] for a Google Cloud organization.

Overloads
def list_gcp_user_access_bindings(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>
Pass arguments to list_gcp_user_access_bindings via a request object, either of type ListGcpUserAccessBindingsRequest or an equivalent Hash.
Parameters
def list_gcp_user_access_bindings(parent: nil, page_size: nil, page_token: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>
Pass arguments to list_gcp_user_access_bindings via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • parent (::String) — Required. Example: "organizations/256"
  • page_size (::Integer) — Optional. Maximum number of items to return. The server may return fewer items. If left blank, the server may return any number of items.
  • page_token (::String) — Optional. If left blank, returns the first page. To enumerate all items, use the [next_page_token] [google.identity.accesscontextmanager.v1.ListGcpUserAccessBindingsResponse.next_page_token] from your previous list operation.
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ListGcpUserAccessBindingsRequest.new

# Call the list_gcp_user_access_bindings method.
result = client.list_gcp_user_access_bindings request

# The returned object is of type Gapic::PagedEnumerable. You can
# iterate over all elements by calling #each, and the enumerable
# will lazily make API calls to fetch subsequent pages. Other
# methods are also available for managing paging directly.
result.each do |response|
  # Each element is of type ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding.
  p response
end

#list_service_perimeters

def list_service_perimeters(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>
def list_service_perimeters(parent: nil, page_size: nil, page_token: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>

Lists all [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] for an access policy.

Overloads
def list_service_perimeters(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>
Pass arguments to list_service_perimeters via a request object, either of type ListServicePerimetersRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::ListServicePerimetersRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def list_service_perimeters(parent: nil, page_size: nil, page_token: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>
Pass arguments to list_service_perimeters via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • parent (::String) — Required. Resource name for the access policy to list [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] from.

    Format: accessPolicies/{policy_id}

  • page_size (::Integer) — Number of [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] to include in the list. Default 100.
  • page_token (::String) — Next page token for the next batch of [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] instances. Defaults to the first page of results.
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ListServicePerimetersRequest.new

# Call the list_service_perimeters method.
result = client.list_service_perimeters request

# The returned object is of type Gapic::PagedEnumerable. You can
# iterate over all elements by calling #each, and the enumerable
# will lazily make API calls to fetch subsequent pages. Other
# methods are also available for managing paging directly.
result.each do |response|
  # Each element is of type ::Google::Identity::AccessContextManager::V1::ServicePerimeter.
  p response
end

#operations_client

def operations_client() -> ::Google::Identity::AccessContextManager::V1::AccessContextManager::Operations

Get the associated client for long-running operations.

#replace_access_levels

def replace_access_levels(request, options = nil) -> ::Gapic::Operation
def replace_access_levels(parent: nil, access_levels: nil, etag: nil) -> ::Gapic::Operation

Replaces all existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. If the replacement contains errors, an error response is returned for the first error encountered. Upon error, the replacement is cancelled, and existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] are not affected. The Operation.response field contains ReplaceAccessLevelsResponse. Removing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contained in existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] result in an error.

Overloads
def replace_access_levels(request, options = nil) -> ::Gapic::Operation
Pass arguments to replace_access_levels via a request object, either of type ReplaceAccessLevelsRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::ReplaceAccessLevelsRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def replace_access_levels(parent: nil, access_levels: nil, etag: nil) -> ::Gapic::Operation
Pass arguments to replace_access_levels via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • parent (::String) — Required. Resource name for the access policy which owns these [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel].

    Format: accessPolicies/{policy_id}

  • access_levels (::Array<::Google::Identity::AccessContextManager::V1::AccessLevel, ::Hash>) — Required. The desired [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] that should replace all existing [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] in the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy].
  • etag (::String) — Optional. The etag for the version of the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that this replace operation is to be performed on. If, at the time of replace, the etag for the Access Policy stored in Access Context Manager is different from the specified etag, then the replace operation will not be performed and the call will fail. This field is not required. If etag is not provided, the operation will be performed as if a valid etag is provided.
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ReplaceAccessLevelsRequest.new

# Call the replace_access_levels method.
result = client.replace_access_levels request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end

#replace_service_perimeters

def replace_service_perimeters(request, options = nil) -> ::Gapic::Operation
def replace_service_perimeters(parent: nil, service_perimeters: nil, etag: nil) -> ::Gapic::Operation

Replace all existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. Replacements containing errors result in an error response for the first error encountered. Upon an error, replacement are cancelled and existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] are not affected. The Operation.response field contains ReplaceServicePerimetersResponse.

Overloads
def replace_service_perimeters(request, options = nil) -> ::Gapic::Operation
Pass arguments to replace_service_perimeters via a request object, either of type ReplaceServicePerimetersRequest or an equivalent Hash.
Parameters
def replace_service_perimeters(parent: nil, service_perimeters: nil, etag: nil) -> ::Gapic::Operation
Pass arguments to replace_service_perimeters via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • parent (::String) — Required. Resource name for the access policy which owns these [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter].

    Format: accessPolicies/{policy_id}

  • service_perimeters (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeter, ::Hash>) — Required. The desired [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] that should replace all existing [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy].
  • etag (::String) — Optional. The etag for the version of the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that this replace operation is to be performed on. If, at the time of replace, the etag for the Access Policy stored in Access Context Manager is different from the specified etag, then the replace operation will not be performed and the call will fail. This field is not required. If etag is not provided, the operation will be performed as if a valid etag is provided.
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ReplaceServicePerimetersRequest.new

# Call the replace_service_perimeters method.
result = client.replace_service_perimeters request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end

#set_iam_policy

def set_iam_policy(request, options = nil) -> ::Google::Iam::V1::Policy
def set_iam_policy(resource: nil, policy: nil, update_mask: nil) -> ::Google::Iam::V1::Policy

Sets the IAM policy for the specified Access Context Manager access policy. This method replaces the existing IAM policy on the access policy. The IAM policy controls the set of users who can perform specific operations on the Access Context Manager [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].

Overloads
def set_iam_policy(request, options = nil) -> ::Google::Iam::V1::Policy
Pass arguments to set_iam_policy via a request object, either of type Google::Iam::V1::SetIamPolicyRequest or an equivalent Hash.
Parameters
  • request (::Google::Iam::V1::SetIamPolicyRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def set_iam_policy(resource: nil, policy: nil, update_mask: nil) -> ::Google::Iam::V1::Policy
Pass arguments to set_iam_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • resource (::String) — REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
  • policy (::Google::Iam::V1::Policy, ::Hash) — REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
  • update_mask (::Google::Protobuf::FieldMask, ::Hash) — OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used:

    paths: "bindings, etag"

Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Iam::V1::SetIamPolicyRequest.new

# Call the set_iam_policy method.
result = client.set_iam_policy request

# The returned object is of type Google::Iam::V1::Policy.
p result

#test_iam_permissions

def test_iam_permissions(request, options = nil) -> ::Google::Iam::V1::TestIamPermissionsResponse
def test_iam_permissions(resource: nil, permissions: nil) -> ::Google::Iam::V1::TestIamPermissionsResponse

Returns the IAM permissions that the caller has on the specified Access Context Manager resource. The resource can be an AccessPolicy, AccessLevel, or [ServicePerimeter][google.identity.accesscontextmanager.v1.ServicePerimeter ]. This method does not support other resources.

Overloads
def test_iam_permissions(request, options = nil) -> ::Google::Iam::V1::TestIamPermissionsResponse
Pass arguments to test_iam_permissions via a request object, either of type Google::Iam::V1::TestIamPermissionsRequest or an equivalent Hash.
Parameters
  • request (::Google::Iam::V1::TestIamPermissionsRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def test_iam_permissions(resource: nil, permissions: nil) -> ::Google::Iam::V1::TestIamPermissionsResponse
Pass arguments to test_iam_permissions via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • resource (::String) — REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
  • permissions (::Array<::String>) — The set of permissions to check for the resource. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Iam::V1::TestIamPermissionsRequest.new

# Call the test_iam_permissions method.
result = client.test_iam_permissions request

# The returned object is of type Google::Iam::V1::TestIamPermissionsResponse.
p result

#update_access_level

def update_access_level(request, options = nil) -> ::Gapic::Operation
def update_access_level(access_level: nil, update_mask: nil) -> ::Gapic::Operation

Updates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the changes to the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagate to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.

Overloads
def update_access_level(request, options = nil) -> ::Gapic::Operation
Pass arguments to update_access_level via a request object, either of type UpdateAccessLevelRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::UpdateAccessLevelRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def update_access_level(access_level: nil, update_mask: nil) -> ::Gapic::Operation
Pass arguments to update_access_level via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
  • access_level (::Google::Identity::AccessContextManager::V1::AccessLevel, ::Hash) — Required. The updated [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel]. Syntactic correctness of the [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] is a precondition for creation.
  • update_mask (::Google::Protobuf::FieldMask, ::Hash) — Required. Mask to control which fields get updated. Must be non-empty.
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::UpdateAccessLevelRequest.new

# Call the update_access_level method.
result = client.update_access_level request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end

#update_access_policy

def update_access_policy(request, options = nil) -> ::Gapic::Operation
def update_access_policy(policy: nil, update_mask: nil) -> ::Gapic::Operation

Updates an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy]. The long-running operation from this RPC has a successful status after the changes to the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] propagate to long-lasting storage.

Overloads
def update_access_policy(request, options = nil) -> ::Gapic::Operation
Pass arguments to update_access_policy via a request object, either of type UpdateAccessPolicyRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::UpdateAccessPolicyRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def update_access_policy(policy: nil, update_mask: nil) -> ::Gapic::Operation
Pass arguments to update_access_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::UpdateAccessPolicyRequest.new

# Call the update_access_policy method.
result = client.update_access_policy request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end

#update_gcp_user_access_binding

def update_gcp_user_access_binding(request, options = nil) -> ::Gapic::Operation
def update_gcp_user_access_binding(gcp_user_access_binding: nil, update_mask: nil) -> ::Gapic::Operation

Updates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the changed binding is deployed onto all affected users, which may take more time.

Overloads
def update_gcp_user_access_binding(request, options = nil) -> ::Gapic::Operation
Pass arguments to update_gcp_user_access_binding via a request object, either of type UpdateGcpUserAccessBindingRequest or an equivalent Hash.
Parameters
def update_gcp_user_access_binding(gcp_user_access_binding: nil, update_mask: nil) -> ::Gapic::Operation
Pass arguments to update_gcp_user_access_binding via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::UpdateGcpUserAccessBindingRequest.new

# Call the update_gcp_user_access_binding method.
result = client.update_gcp_user_access_binding request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end

#update_service_perimeter

def update_service_perimeter(request, options = nil) -> ::Gapic::Operation
def update_service_perimeter(service_perimeter: nil, update_mask: nil) -> ::Gapic::Operation

Updates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.

Overloads
def update_service_perimeter(request, options = nil) -> ::Gapic::Operation
Pass arguments to update_service_perimeter via a request object, either of type UpdateServicePerimeterRequest or an equivalent Hash.
Parameters
  • request (::Google::Identity::AccessContextManager::V1::UpdateServicePerimeterRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
  • options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def update_service_perimeter(service_perimeter: nil, update_mask: nil) -> ::Gapic::Operation
Pass arguments to update_service_perimeter via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).
Parameters
Yields
  • (response, operation) — Access the result along with the RPC operation
Yield Parameters
  • response (::Gapic::Operation)
  • operation (::GRPC::ActiveCall::Operation)
Returns
  • (::Gapic::Operation)
Raises
  • (::Google::Cloud::Error) — if the RPC is aborted.
Example

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::UpdateServicePerimeterRequest.new

# Call the update_service_perimeter method.
result = client.update_service_perimeter request

# The returned object is of type Gapic::Operation. You can use this
# object to check the status of an operation, cancel it, or wait
# for results. Here is how to block until completion:
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "Error!"
end