Reference documentation and code samples for the Access Context Manager V1 API class Google::Identity::AccessContextManager::V1::AccessContextManager::Client.
Client for the AccessContextManager service.
API for setting [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] and [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] for Google Cloud projects. Each organization has one [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that contains the [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] and [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]. This [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is applicable to all resources in the organization. AccessPolicies
Inherits
- Object
Methods
.configure
def self.configure() { |config| ... } -> Client::Configuration
Configure the AccessContextManager Client class.
See Configuration for a description of the configuration fields.
- (config) — Configure the Client client.
- config (Client::Configuration)
# Modify the configuration for all AccessContextManager clients ::Google::Identity::AccessContextManager::V1::AccessContextManager::Client.configure do |config| config.timeout = 10.0 end
#commit_service_perimeters
def commit_service_perimeters(request, options = nil) -> ::Gapic::Operation
def commit_service_perimeters(parent: nil, etag: nil) -> ::Gapic::Operation
Commits the dry-run specification for all the [service perimeters]
[google.identity.accesscontextmanager.v1.ServicePerimeter] in an
access policy.
A commit operation on a service perimeter involves copying its spec
field
to the status
field of the service perimeter. Only [service perimeters]
[google.identity.accesscontextmanager.v1.ServicePerimeter] with
use_explicit_dry_run_spec
field set to true are affected by a commit
operation. The long-running operation from this RPC has a successful
status after the dry-run specifications for all the [service perimeters]
[google.identity.accesscontextmanager.v1.ServicePerimeter] have been
committed. If a commit fails, it causes the long-running operation to
return an error response and the entire commit operation is cancelled.
When successful, the Operation.response field contains
CommitServicePerimetersResponse. The dry_run
and the spec
fields are
cleared after a successful commit operation.
def commit_service_perimeters(request, options = nil) -> ::Gapic::Operation
commit_service_perimeters
via a request object, either of type
CommitServicePerimetersRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::CommitServicePerimetersRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def commit_service_perimeters(parent: nil, etag: nil) -> ::Gapic::Operation
commit_service_perimeters
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
parent (::String) — Required. Resource name for the parent [Access Policy]
[google.identity.accesscontextmanager.v1.AccessPolicy] which owns all
[Service Perimeters]
[google.identity.accesscontextmanager.v1.ServicePerimeter] in scope for
the commit operation.
Format:
accessPolicies/{policy_id}
- etag (::String) — Optional. The etag for the version of the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that this commit operation is to be performed on. If, at the time of commit, the etag for the Access Policy stored in Access Context Manager is different from the specified etag, then the commit operation will not be performed and the call will fail. This field is not required. If etag is not provided, the operation will be performed as if a valid etag is provided.
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::CommitServicePerimetersRequest.new # Call the commit_service_perimeters method. result = client.commit_service_perimeters request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end
#configure
def configure() { |config| ... } -> Client::Configuration
Configure the AccessContextManager Client instance.
The configuration is set to the derived mode, meaning that values can be changed, but structural changes (adding new fields, etc.) are not allowed. Structural changes should be made on Client.configure.
See Configuration for a description of the configuration fields.
- (config) — Configure the Client client.
- config (Client::Configuration)
#create_access_level
def create_access_level(request, options = nil) -> ::Gapic::Operation
def create_access_level(parent: nil, access_level: nil) -> ::Gapic::Operation
Creates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagates to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.
def create_access_level(request, options = nil) -> ::Gapic::Operation
create_access_level
via a request object, either of type
CreateAccessLevelRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::CreateAccessLevelRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def create_access_level(parent: nil, access_level: nil) -> ::Gapic::Operation
create_access_level
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
parent (::String) — Required. Resource name for the access policy which owns this [Access
Level] [google.identity.accesscontextmanager.v1.AccessLevel].
Format:
accessPolicies/{policy_id}
- access_level (::Google::Identity::AccessContextManager::V1::AccessLevel, ::Hash) — Required. The [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] to create. Syntactic correctness of the [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] is a precondition for creation.
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::CreateAccessLevelRequest.new # Call the create_access_level method. result = client.create_access_level request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end
#create_access_policy
def create_access_policy(request, options = nil) -> ::Gapic::Operation
def create_access_policy(name: nil, parent: nil, title: nil, scopes: nil, create_time: nil, update_time: nil, etag: nil) -> ::Gapic::Operation
Creates an access policy. This method fails if the organization already has
an access policy. The long-running operation has a successful status
after the access policy propagates to long-lasting storage.
Syntactic and basic semantic errors are returned in metadata
as a
BadRequest proto.
def create_access_policy(request, options = nil) -> ::Gapic::Operation
create_access_policy
via a request object, either of type
Google::Identity::AccessContextManager::V1::AccessPolicy or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::AccessPolicy, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def create_access_policy(name: nil, parent: nil, title: nil, scopes: nil, create_time: nil, update_time: nil, etag: nil) -> ::Gapic::Operation
create_access_policy
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
name (::String) — Output only. Resource name of the
AccessPolicy
. Format:accessPolicies/{access_policy}
-
parent (::String) — Required. The parent of this
AccessPolicy
in the Cloud Resource Hierarchy. Currently immutable once created. Format:organizations/{organization_id}
- title (::String) — Required. Human readable title. Does not affect behavior.
-
scopes (::Array<::String>) —
The scopes of a policy define which resources an ACM policy can restrict, and where ACM resources can be referenced. For example, a policy with scopes=["folders/123"] has the following behavior:
- vpcsc perimeters can only restrict projects within folders/123
- access levels can only be referenced by resources within folders/123.
If empty, there are no limitations on which resources can be restricted by
an ACM policy, and there are no limitations on where ACM resources can be
referenced.
Only one policy can include a given scope (attempting to create a second
policy which includes "folders/123" will result in an error).
Currently, scopes cannot be modified after a policy is created.
Currently, policies can only have a single scope.
Format: list of
folders/{folder_number}
orprojects/{project_number}
-
create_time (::Google::Protobuf::Timestamp, ::Hash) — Output only. Time the
AccessPolicy
was created in UTC. -
update_time (::Google::Protobuf::Timestamp, ::Hash) — Output only. Time the
AccessPolicy
was updated in UTC. -
etag (::String) — Output only. An opaque identifier for the current version of the
AccessPolicy
. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::AccessPolicy.new # Call the create_access_policy method. result = client.create_access_policy request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end
#create_gcp_user_access_binding
def create_gcp_user_access_binding(request, options = nil) -> ::Gapic::Operation
def create_gcp_user_access_binding(parent: nil, gcp_user_access_binding: nil) -> ::Gapic::Operation
Creates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. If the client specifies a [name] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.name], the server ignores it. Fails if a resource already exists with the same [group_key] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.group_key]. Completion of this long-running operation does not necessarily signify that the new binding is deployed onto all affected users, which may take more time.
def create_gcp_user_access_binding(request, options = nil) -> ::Gapic::Operation
create_gcp_user_access_binding
via a request object, either of type
CreateGcpUserAccessBindingRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::CreateGcpUserAccessBindingRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def create_gcp_user_access_binding(parent: nil, gcp_user_access_binding: nil) -> ::Gapic::Operation
create_gcp_user_access_binding
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
- parent (::String) — Required. Example: "organizations/256"
- gcp_user_access_binding (::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding, ::Hash) — Required. [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::CreateGcpUserAccessBindingRequest.new # Call the create_gcp_user_access_binding method. result = client.create_gcp_user_access_binding request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end
#create_service_perimeter
def create_service_perimeter(request, options = nil) -> ::Gapic::Operation
def create_service_perimeter(parent: nil, service_perimeter: nil) -> ::Gapic::Operation
Creates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.
def create_service_perimeter(request, options = nil) -> ::Gapic::Operation
create_service_perimeter
via a request object, either of type
CreateServicePerimeterRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::CreateServicePerimeterRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def create_service_perimeter(parent: nil, service_perimeter: nil) -> ::Gapic::Operation
create_service_perimeter
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
parent (::String) — Required. Resource name for the access policy which owns this [Service
Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter].
Format:
accessPolicies/{policy_id}
- service_perimeter (::Google::Identity::AccessContextManager::V1::ServicePerimeter, ::Hash) — Required. The [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] to create. Syntactic correctness of the [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] is a precondition for creation.
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::CreateServicePerimeterRequest.new # Call the create_service_perimeter method. result = client.create_service_perimeter request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end
#delete_access_level
def delete_access_level(request, options = nil) -> ::Gapic::Operation
def delete_access_level(name: nil) -> ::Gapic::Operation
Deletes an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] has been removed from long-lasting storage.
def delete_access_level(request, options = nil) -> ::Gapic::Operation
delete_access_level
via a request object, either of type
DeleteAccessLevelRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::DeleteAccessLevelRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def delete_access_level(name: nil) -> ::Gapic::Operation
delete_access_level
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
name (::String) — Required. Resource name for the [Access Level]
[google.identity.accesscontextmanager.v1.AccessLevel].
Format:
accessPolicies/{policy_id}/accessLevels/{access_level_id}
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::DeleteAccessLevelRequest.new # Call the delete_access_level method. result = client.delete_access_level request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end
#delete_access_policy
def delete_access_policy(request, options = nil) -> ::Gapic::Operation
def delete_access_policy(name: nil) -> ::Gapic::Operation
Deletes an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the resource name. The long-running operation has a successful status after the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is removed from long-lasting storage.
def delete_access_policy(request, options = nil) -> ::Gapic::Operation
delete_access_policy
via a request object, either of type
DeleteAccessPolicyRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::DeleteAccessPolicyRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def delete_access_policy(name: nil) -> ::Gapic::Operation
delete_access_policy
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
name (::String) — Required. Resource name for the access policy to delete.
Format
accessPolicies/{policy_id}
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::DeleteAccessPolicyRequest.new # Call the delete_access_policy method. result = client.delete_access_policy request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end
#delete_gcp_user_access_binding
def delete_gcp_user_access_binding(request, options = nil) -> ::Gapic::Operation
def delete_gcp_user_access_binding(name: nil) -> ::Gapic::Operation
Deletes a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the binding deletion is deployed onto all affected users, which may take more time.
def delete_gcp_user_access_binding(request, options = nil) -> ::Gapic::Operation
delete_gcp_user_access_binding
via a request object, either of type
DeleteGcpUserAccessBindingRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::DeleteGcpUserAccessBindingRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def delete_gcp_user_access_binding(name: nil) -> ::Gapic::Operation
delete_gcp_user_access_binding
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
- name (::String) — Required. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::DeleteGcpUserAccessBindingRequest.new # Call the delete_gcp_user_access_binding method. result = client.delete_gcp_user_access_binding request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end
#delete_service_perimeter
def delete_service_perimeter(request, options = nil) -> ::Gapic::Operation
def delete_service_perimeter(name: nil) -> ::Gapic::Operation
Deletes a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] is removed from long-lasting storage.
def delete_service_perimeter(request, options = nil) -> ::Gapic::Operation
delete_service_perimeter
via a request object, either of type
DeleteServicePerimeterRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::DeleteServicePerimeterRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def delete_service_perimeter(name: nil) -> ::Gapic::Operation
delete_service_perimeter
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
name (::String) — Required. Resource name for the [Service Perimeter]
[google.identity.accesscontextmanager.v1.ServicePerimeter].
Format:
accessPolicies/{policy_id}/servicePerimeters/{service_perimeter_id}
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::DeleteServicePerimeterRequest.new # Call the delete_service_perimeter method. result = client.delete_service_perimeter request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end
#get_access_level
def get_access_level(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::AccessLevel
def get_access_level(name: nil, access_level_format: nil) -> ::Google::Identity::AccessContextManager::V1::AccessLevel
Gets an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name.
def get_access_level(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::AccessLevel
get_access_level
via a request object, either of type
GetAccessLevelRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::GetAccessLevelRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def get_access_level(name: nil, access_level_format: nil) -> ::Google::Identity::AccessContextManager::V1::AccessLevel
get_access_level
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
name (::String) — Required. Resource name for the [Access Level]
[google.identity.accesscontextmanager.v1.AccessLevel].
Format:
accessPolicies/{policy_id}/accessLevels/{access_level_id}
-
access_level_format (::Google::Identity::AccessContextManager::V1::LevelFormat) — Whether to return
BasicLevels
in the Cloud Common Expression Language rather than asBasicLevels
. Defaults to AS_DEFINED, where [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] are returned asBasicLevels
orCustomLevels
based on how they were created. If set to CEL, all [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] are returned asCustomLevels
. In the CEL case,BasicLevels
are translated to equivalentCustomLevels
.
- (response, operation) — Access the result along with the RPC operation
- response (::Google::Identity::AccessContextManager::V1::AccessLevel)
- operation (::GRPC::ActiveCall::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::GetAccessLevelRequest.new # Call the get_access_level method. result = client.get_access_level request # The returned object is of type Google::Identity::AccessContextManager::V1::AccessLevel. p result
#get_access_policy
def get_access_policy(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::AccessPolicy
def get_access_policy(name: nil) -> ::Google::Identity::AccessContextManager::V1::AccessPolicy
Returns an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the name.
def get_access_policy(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::AccessPolicy
get_access_policy
via a request object, either of type
GetAccessPolicyRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::GetAccessPolicyRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def get_access_policy(name: nil) -> ::Google::Identity::AccessContextManager::V1::AccessPolicy
get_access_policy
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
name (::String) — Required. Resource name for the access policy to get.
Format
accessPolicies/{policy_id}
- (response, operation) — Access the result along with the RPC operation
- response (::Google::Identity::AccessContextManager::V1::AccessPolicy)
- operation (::GRPC::ActiveCall::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::GetAccessPolicyRequest.new # Call the get_access_policy method. result = client.get_access_policy request # The returned object is of type Google::Identity::AccessContextManager::V1::AccessPolicy. p result
#get_gcp_user_access_binding
def get_gcp_user_access_binding(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding
def get_gcp_user_access_binding(name: nil) -> ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding
Gets the [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] with the given name.
def get_gcp_user_access_binding(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding
get_gcp_user_access_binding
via a request object, either of type
GetGcpUserAccessBindingRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::GetGcpUserAccessBindingRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def get_gcp_user_access_binding(name: nil) -> ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding
get_gcp_user_access_binding
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
- name (::String) — Required. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"
- (response, operation) — Access the result along with the RPC operation
- response (::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding)
- operation (::GRPC::ActiveCall::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::GetGcpUserAccessBindingRequest.new # Call the get_gcp_user_access_binding method. result = client.get_gcp_user_access_binding request # The returned object is of type Google::Identity::AccessContextManager::V1::GcpUserAccessBinding. p result
#get_iam_policy
def get_iam_policy(request, options = nil) -> ::Google::Iam::V1::Policy
def get_iam_policy(resource: nil, options: nil) -> ::Google::Iam::V1::Policy
Gets the IAM policy for the specified Access Context Manager access policy.
def get_iam_policy(request, options = nil) -> ::Google::Iam::V1::Policy
get_iam_policy
via a request object, either of type
Google::Iam::V1::GetIamPolicyRequest or an equivalent Hash.
- request (::Google::Iam::V1::GetIamPolicyRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def get_iam_policy(resource: nil, options: nil) -> ::Google::Iam::V1::Policy
get_iam_policy
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
- resource (::String) — REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
-
options (::Google::Iam::V1::GetPolicyOptions, ::Hash) — OPTIONAL: A
GetPolicyOptions
object for specifying options toGetIamPolicy
.
- (response, operation) — Access the result along with the RPC operation
- response (::Google::Iam::V1::Policy)
- operation (::GRPC::ActiveCall::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Iam::V1::GetIamPolicyRequest.new # Call the get_iam_policy method. result = client.get_iam_policy request # The returned object is of type Google::Iam::V1::Policy. p result
#get_service_perimeter
def get_service_perimeter(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::ServicePerimeter
def get_service_perimeter(name: nil) -> ::Google::Identity::AccessContextManager::V1::ServicePerimeter
Gets a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name.
def get_service_perimeter(request, options = nil) -> ::Google::Identity::AccessContextManager::V1::ServicePerimeter
get_service_perimeter
via a request object, either of type
GetServicePerimeterRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::GetServicePerimeterRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def get_service_perimeter(name: nil) -> ::Google::Identity::AccessContextManager::V1::ServicePerimeter
get_service_perimeter
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
name (::String) — Required. Resource name for the [Service Perimeter]
[google.identity.accesscontextmanager.v1.ServicePerimeter].
Format:
accessPolicies/{policy_id}/servicePerimeters/{service_perimeters_id}
- (response, operation) — Access the result along with the RPC operation
- response (::Google::Identity::AccessContextManager::V1::ServicePerimeter)
- operation (::GRPC::ActiveCall::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::GetServicePerimeterRequest.new # Call the get_service_perimeter method. result = client.get_service_perimeter request # The returned object is of type Google::Identity::AccessContextManager::V1::ServicePerimeter. p result
#initialize
def initialize() { |config| ... } -> Client
Create a new AccessContextManager client object.
- (config) — Configure the AccessContextManager client.
- config (Client::Configuration)
- (Client) — a new instance of Client
# Create a client using the default configuration client = ::Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a client using a custom configuration client = ::Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new do |config| config.timeout = 10.0 end
#list_access_levels
def list_access_levels(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>
def list_access_levels(parent: nil, page_size: nil, page_token: nil, access_level_format: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>
Lists all [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] for an access policy.
def list_access_levels(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>
list_access_levels
via a request object, either of type
ListAccessLevelsRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::ListAccessLevelsRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def list_access_levels(parent: nil, page_size: nil, page_token: nil, access_level_format: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>
list_access_levels
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
parent (::String) — Required. Resource name for the access policy to list [Access Levels]
[google.identity.accesscontextmanager.v1.AccessLevel] from.
Format:
accessPolicies/{policy_id}
- page_size (::Integer) — Number of [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] to include in the list. Default 100.
- page_token (::String) — Next page token for the next batch of [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] instances. Defaults to the first page of results.
-
access_level_format (::Google::Identity::AccessContextManager::V1::LevelFormat) — Whether to return
BasicLevels
in the Cloud Common Expression language, asCustomLevels
, rather than asBasicLevels
. Defaults to returningAccessLevels
in the format they were defined.
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::ListAccessLevelsRequest.new # Call the list_access_levels method. result = client.list_access_levels request # The returned object is of type Gapic::PagedEnumerable. You can # iterate over all elements by calling #each, and the enumerable # will lazily make API calls to fetch subsequent pages. Other # methods are also available for managing paging directly. result.each do |response| # Each element is of type ::Google::Identity::AccessContextManager::V1::AccessLevel. p response end
#list_access_policies
def list_access_policies(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>
def list_access_policies(parent: nil, page_size: nil, page_token: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>
Lists all [access policies] [google.identity.accesscontextmanager.v1.AccessPolicy] in an organization.
def list_access_policies(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>
list_access_policies
via a request object, either of type
ListAccessPoliciesRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::ListAccessPoliciesRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def list_access_policies(parent: nil, page_size: nil, page_token: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>
list_access_policies
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
parent (::String) — Required. Resource name for the container to list AccessPolicy instances
from.
Format:
organizations/{org_id}
- page_size (::Integer) — Number of AccessPolicy instances to include in the list. Default 100.
- page_token (::String) — Next page token for the next batch of AccessPolicy instances. Defaults to the first page of results.
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::ListAccessPoliciesRequest.new # Call the list_access_policies method. result = client.list_access_policies request # The returned object is of type Gapic::PagedEnumerable. You can # iterate over all elements by calling #each, and the enumerable # will lazily make API calls to fetch subsequent pages. Other # methods are also available for managing paging directly. result.each do |response| # Each element is of type ::Google::Identity::AccessContextManager::V1::AccessPolicy. p response end
#list_gcp_user_access_bindings
def list_gcp_user_access_bindings(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>
def list_gcp_user_access_bindings(parent: nil, page_size: nil, page_token: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>
Lists all [GcpUserAccessBindings] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] for a Google Cloud organization.
def list_gcp_user_access_bindings(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>
list_gcp_user_access_bindings
via a request object, either of type
ListGcpUserAccessBindingsRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::ListGcpUserAccessBindingsRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def list_gcp_user_access_bindings(parent: nil, page_size: nil, page_token: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>
list_gcp_user_access_bindings
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
- parent (::String) — Required. Example: "organizations/256"
- page_size (::Integer) — Optional. Maximum number of items to return. The server may return fewer items. If left blank, the server may return any number of items.
- page_token (::String) — Optional. If left blank, returns the first page. To enumerate all items, use the [next_page_token] [google.identity.accesscontextmanager.v1.ListGcpUserAccessBindingsResponse.next_page_token] from your previous list operation.
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::ListGcpUserAccessBindingsRequest.new # Call the list_gcp_user_access_bindings method. result = client.list_gcp_user_access_bindings request # The returned object is of type Gapic::PagedEnumerable. You can # iterate over all elements by calling #each, and the enumerable # will lazily make API calls to fetch subsequent pages. Other # methods are also available for managing paging directly. result.each do |response| # Each element is of type ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding. p response end
#list_service_perimeters
def list_service_perimeters(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>
def list_service_perimeters(parent: nil, page_size: nil, page_token: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>
Lists all [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] for an access policy.
def list_service_perimeters(request, options = nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>
list_service_perimeters
via a request object, either of type
ListServicePerimetersRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::ListServicePerimetersRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def list_service_perimeters(parent: nil, page_size: nil, page_token: nil) -> ::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>
list_service_perimeters
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
parent (::String) — Required. Resource name for the access policy to list [Service Perimeters]
[google.identity.accesscontextmanager.v1.ServicePerimeter] from.
Format:
accessPolicies/{policy_id}
- page_size (::Integer) — Number of [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] to include in the list. Default 100.
- page_token (::String) — Next page token for the next batch of [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] instances. Defaults to the first page of results.
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::ListServicePerimetersRequest.new # Call the list_service_perimeters method. result = client.list_service_perimeters request # The returned object is of type Gapic::PagedEnumerable. You can # iterate over all elements by calling #each, and the enumerable # will lazily make API calls to fetch subsequent pages. Other # methods are also available for managing paging directly. result.each do |response| # Each element is of type ::Google::Identity::AccessContextManager::V1::ServicePerimeter. p response end
#operations_client
def operations_client() -> ::Google::Identity::AccessContextManager::V1::AccessContextManager::Operations
Get the associated client for long-running operations.
#replace_access_levels
def replace_access_levels(request, options = nil) -> ::Gapic::Operation
def replace_access_levels(parent: nil, access_levels: nil, etag: nil) -> ::Gapic::Operation
Replaces all existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. If the replacement contains errors, an error response is returned for the first error encountered. Upon error, the replacement is cancelled, and existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] are not affected. The Operation.response field contains ReplaceAccessLevelsResponse. Removing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contained in existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] result in an error.
def replace_access_levels(request, options = nil) -> ::Gapic::Operation
replace_access_levels
via a request object, either of type
ReplaceAccessLevelsRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::ReplaceAccessLevelsRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def replace_access_levels(parent: nil, access_levels: nil, etag: nil) -> ::Gapic::Operation
replace_access_levels
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
parent (::String) — Required. Resource name for the access policy which owns these
[Access Levels]
[google.identity.accesscontextmanager.v1.AccessLevel].
Format:
accessPolicies/{policy_id}
- access_levels (::Array<::Google::Identity::AccessContextManager::V1::AccessLevel, ::Hash>) — Required. The desired [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] that should replace all existing [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] in the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy].
- etag (::String) — Optional. The etag for the version of the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that this replace operation is to be performed on. If, at the time of replace, the etag for the Access Policy stored in Access Context Manager is different from the specified etag, then the replace operation will not be performed and the call will fail. This field is not required. If etag is not provided, the operation will be performed as if a valid etag is provided.
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::ReplaceAccessLevelsRequest.new # Call the replace_access_levels method. result = client.replace_access_levels request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end
#replace_service_perimeters
def replace_service_perimeters(request, options = nil) -> ::Gapic::Operation
def replace_service_perimeters(parent: nil, service_perimeters: nil, etag: nil) -> ::Gapic::Operation
Replace all existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. Replacements containing errors result in an error response for the first error encountered. Upon an error, replacement are cancelled and existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] are not affected. The Operation.response field contains ReplaceServicePerimetersResponse.
def replace_service_perimeters(request, options = nil) -> ::Gapic::Operation
replace_service_perimeters
via a request object, either of type
ReplaceServicePerimetersRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::ReplaceServicePerimetersRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def replace_service_perimeters(parent: nil, service_perimeters: nil, etag: nil) -> ::Gapic::Operation
replace_service_perimeters
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
parent (::String) — Required. Resource name for the access policy which owns these
[Service Perimeters]
[google.identity.accesscontextmanager.v1.ServicePerimeter].
Format:
accessPolicies/{policy_id}
- service_perimeters (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeter, ::Hash>) — Required. The desired [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] that should replace all existing [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy].
- etag (::String) — Optional. The etag for the version of the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that this replace operation is to be performed on. If, at the time of replace, the etag for the Access Policy stored in Access Context Manager is different from the specified etag, then the replace operation will not be performed and the call will fail. This field is not required. If etag is not provided, the operation will be performed as if a valid etag is provided.
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::ReplaceServicePerimetersRequest.new # Call the replace_service_perimeters method. result = client.replace_service_perimeters request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end
#set_iam_policy
def set_iam_policy(request, options = nil) -> ::Google::Iam::V1::Policy
def set_iam_policy(resource: nil, policy: nil, update_mask: nil) -> ::Google::Iam::V1::Policy
Sets the IAM policy for the specified Access Context Manager access policy. This method replaces the existing IAM policy on the access policy. The IAM policy controls the set of users who can perform specific operations on the Access Context Manager [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].
def set_iam_policy(request, options = nil) -> ::Google::Iam::V1::Policy
set_iam_policy
via a request object, either of type
Google::Iam::V1::SetIamPolicyRequest or an equivalent Hash.
- request (::Google::Iam::V1::SetIamPolicyRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def set_iam_policy(resource: nil, policy: nil, update_mask: nil) -> ::Google::Iam::V1::Policy
set_iam_policy
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
- resource (::String) — REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
-
policy (::Google::Iam::V1::Policy, ::Hash) — REQUIRED: The complete policy to be applied to the
resource
. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them. -
update_mask (::Google::Protobuf::FieldMask, ::Hash) — OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
the fields in the mask will be modified. If no mask is provided, the
following default mask is used:
paths: "bindings, etag"
- (response, operation) — Access the result along with the RPC operation
- response (::Google::Iam::V1::Policy)
- operation (::GRPC::ActiveCall::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Iam::V1::SetIamPolicyRequest.new # Call the set_iam_policy method. result = client.set_iam_policy request # The returned object is of type Google::Iam::V1::Policy. p result
#test_iam_permissions
def test_iam_permissions(request, options = nil) -> ::Google::Iam::V1::TestIamPermissionsResponse
def test_iam_permissions(resource: nil, permissions: nil) -> ::Google::Iam::V1::TestIamPermissionsResponse
Returns the IAM permissions that the caller has on the specified Access Context Manager resource. The resource can be an AccessPolicy, AccessLevel, or [ServicePerimeter][google.identity.accesscontextmanager.v1.ServicePerimeter ]. This method does not support other resources.
def test_iam_permissions(request, options = nil) -> ::Google::Iam::V1::TestIamPermissionsResponse
test_iam_permissions
via a request object, either of type
Google::Iam::V1::TestIamPermissionsRequest or an equivalent Hash.
- request (::Google::Iam::V1::TestIamPermissionsRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def test_iam_permissions(resource: nil, permissions: nil) -> ::Google::Iam::V1::TestIamPermissionsResponse
test_iam_permissions
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
- resource (::String) — REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
-
permissions (::Array<::String>) — The set of permissions to check for the
resource
. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.
- (response, operation) — Access the result along with the RPC operation
- response (::Google::Iam::V1::TestIamPermissionsResponse)
- operation (::GRPC::ActiveCall::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Iam::V1::TestIamPermissionsRequest.new # Call the test_iam_permissions method. result = client.test_iam_permissions request # The returned object is of type Google::Iam::V1::TestIamPermissionsResponse. p result
#update_access_level
def update_access_level(request, options = nil) -> ::Gapic::Operation
def update_access_level(access_level: nil, update_mask: nil) -> ::Gapic::Operation
Updates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the changes to the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagate to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.
def update_access_level(request, options = nil) -> ::Gapic::Operation
update_access_level
via a request object, either of type
UpdateAccessLevelRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::UpdateAccessLevelRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def update_access_level(access_level: nil, update_mask: nil) -> ::Gapic::Operation
update_access_level
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
- access_level (::Google::Identity::AccessContextManager::V1::AccessLevel, ::Hash) — Required. The updated [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel]. Syntactic correctness of the [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] is a precondition for creation.
- update_mask (::Google::Protobuf::FieldMask, ::Hash) — Required. Mask to control which fields get updated. Must be non-empty.
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::UpdateAccessLevelRequest.new # Call the update_access_level method. result = client.update_access_level request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end
#update_access_policy
def update_access_policy(request, options = nil) -> ::Gapic::Operation
def update_access_policy(policy: nil, update_mask: nil) -> ::Gapic::Operation
Updates an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy]. The long-running operation from this RPC has a successful status after the changes to the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] propagate to long-lasting storage.
def update_access_policy(request, options = nil) -> ::Gapic::Operation
update_access_policy
via a request object, either of type
UpdateAccessPolicyRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::UpdateAccessPolicyRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def update_access_policy(policy: nil, update_mask: nil) -> ::Gapic::Operation
update_access_policy
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
- policy (::Google::Identity::AccessContextManager::V1::AccessPolicy, ::Hash) — Required. The updated AccessPolicy.
- update_mask (::Google::Protobuf::FieldMask, ::Hash) — Required. Mask to control which fields get updated. Must be non-empty.
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::UpdateAccessPolicyRequest.new # Call the update_access_policy method. result = client.update_access_policy request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end
#update_gcp_user_access_binding
def update_gcp_user_access_binding(request, options = nil) -> ::Gapic::Operation
def update_gcp_user_access_binding(gcp_user_access_binding: nil, update_mask: nil) -> ::Gapic::Operation
Updates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the changed binding is deployed onto all affected users, which may take more time.
def update_gcp_user_access_binding(request, options = nil) -> ::Gapic::Operation
update_gcp_user_access_binding
via a request object, either of type
UpdateGcpUserAccessBindingRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::UpdateGcpUserAccessBindingRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def update_gcp_user_access_binding(gcp_user_access_binding: nil, update_mask: nil) -> ::Gapic::Operation
update_gcp_user_access_binding
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
- gcp_user_access_binding (::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding, ::Hash) — Required. [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]
-
update_mask (::Google::Protobuf::FieldMask, ::Hash) — Required. Only the fields specified in this mask are updated. Because name and
group_key cannot be changed, update_mask is required and must always be:
update_mask { paths: "access_levels" }
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::UpdateGcpUserAccessBindingRequest.new # Call the update_gcp_user_access_binding method. result = client.update_gcp_user_access_binding request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end
#update_service_perimeter
def update_service_perimeter(request, options = nil) -> ::Gapic::Operation
def update_service_perimeter(service_perimeter: nil, update_mask: nil) -> ::Gapic::Operation
Updates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.
def update_service_perimeter(request, options = nil) -> ::Gapic::Operation
update_service_perimeter
via a request object, either of type
UpdateServicePerimeterRequest or an equivalent Hash.
- request (::Google::Identity::AccessContextManager::V1::UpdateServicePerimeterRequest, ::Hash) — A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.
- options (::Gapic::CallOptions, ::Hash) — Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
def update_service_perimeter(service_perimeter: nil, update_mask: nil) -> ::Gapic::Operation
update_service_perimeter
via keyword arguments. Note that at
least one keyword argument is required. To specify no parameters, or to keep all
the default parameter values, pass an empty Hash as a request object (see above).
-
service_perimeter (::Google::Identity::AccessContextManager::V1::ServicePerimeter, ::Hash) — Required. The updated
ServicePerimeter
. Syntactic correctness of theServicePerimeter
is a precondition for creation. - update_mask (::Google::Protobuf::FieldMask, ::Hash) — Required. Mask to control which fields get updated. Must be non-empty.
- (response, operation) — Access the result along with the RPC operation
- response (::Gapic::Operation)
- operation (::GRPC::ActiveCall::Operation)
- (::Gapic::Operation)
- (::Google::Cloud::Error) — if the RPC is aborted.
Basic example
require "google/identity/access_context_manager/v1" # Create a client object. The client can be reused for multiple calls. client = Google::Identity::AccessContextManager::V1::AccessContextManager::Client.new # Create a request. To set request fields, pass in keyword arguments. request = Google::Identity::AccessContextManager::V1::UpdateServicePerimeterRequest.new # Call the update_service_perimeter method. result = client.update_service_perimeter request # The returned object is of type Gapic::Operation. You can use this # object to check the status of an operation, cancel it, or wait # for results. Here is how to block until completion: result.wait_until_done! timeout: 60 if result.response? p result.response else puts "Error!" end