Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 1 | <html><body> |
| 2 | <style> |
| 3 | |
| 4 | body, h1, h2, h3, div, span, p, pre, a { |
| 5 | margin: 0; |
| 6 | padding: 0; |
| 7 | border: 0; |
| 8 | font-weight: inherit; |
| 9 | font-style: inherit; |
| 10 | font-size: 100%; |
| 11 | font-family: inherit; |
| 12 | vertical-align: baseline; |
| 13 | } |
| 14 | |
| 15 | body { |
| 16 | font-size: 13px; |
| 17 | padding: 1em; |
| 18 | } |
| 19 | |
| 20 | h1 { |
| 21 | font-size: 26px; |
| 22 | margin-bottom: 1em; |
| 23 | } |
| 24 | |
| 25 | h2 { |
| 26 | font-size: 24px; |
| 27 | margin-bottom: 1em; |
| 28 | } |
| 29 | |
| 30 | h3 { |
| 31 | font-size: 20px; |
| 32 | margin-bottom: 1em; |
| 33 | margin-top: 1em; |
| 34 | } |
| 35 | |
| 36 | pre, code { |
| 37 | line-height: 1.5; |
| 38 | font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; |
| 39 | } |
| 40 | |
| 41 | pre { |
| 42 | margin-top: 0.5em; |
| 43 | } |
| 44 | |
| 45 | h1, h2, h3, p { |
| 46 | font-family: Arial, sans serif; |
| 47 | } |
| 48 | |
| 49 | h1, h2, h3 { |
| 50 | border-bottom: solid #CCC 1px; |
| 51 | } |
| 52 | |
| 53 | .toc_element { |
| 54 | margin-top: 0.5em; |
| 55 | } |
| 56 | |
| 57 | .firstline { |
| 58 | margin-left: 2 em; |
| 59 | } |
| 60 | |
| 61 | .method { |
| 62 | margin-top: 1em; |
| 63 | border: solid 1px #CCC; |
| 64 | padding: 1em; |
| 65 | background: #EEE; |
| 66 | } |
| 67 | |
| 68 | .details { |
| 69 | font-weight: bold; |
| 70 | font-size: 14px; |
| 71 | } |
| 72 | |
| 73 | </style> |
| 74 | |
| 75 | <h1><a href="iam_v1.html">Identity and Access Management (IAM) API</a> . <a href="iam_v1.iamPolicies.html">iamPolicies</a></h1> |
| 76 | <h2>Instance Methods</h2> |
| 77 | <p class="toc_element"> |
Dan O'Meara | dd49464 | 2020-05-01 07:42:23 -0700 | [diff] [blame] | 78 | <code><a href="#lintPolicy">lintPolicy(body=None, x__xgafv=None)</a></code></p> |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 79 | <p class="firstline">Lints a Cloud IAM policy object or its sub fields. Currently supports</p> |
| 80 | <p class="toc_element"> |
Dan O'Meara | dd49464 | 2020-05-01 07:42:23 -0700 | [diff] [blame] | 81 | <code><a href="#queryAuditableServices">queryAuditableServices(body=None, x__xgafv=None)</a></code></p> |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 82 | <p class="firstline">Returns a list of services that support service level audit logging</p> |
| 83 | <h3>Method Details</h3> |
| 84 | <div class="method"> |
Dan O'Meara | dd49464 | 2020-05-01 07:42:23 -0700 | [diff] [blame] | 85 | <code class="details" id="lintPolicy">lintPolicy(body=None, x__xgafv=None)</code> |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 86 | <pre>Lints a Cloud IAM policy object or its sub fields. Currently supports |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 87 | google.iam.v1.Binding.condition. |
| 88 | |
| 89 | Each lint operation consists of multiple lint validation units. |
Dan O'Meara | dd49464 | 2020-05-01 07:42:23 -0700 | [diff] [blame] | 90 | Each unit inspects the input object in regard to a particular linting |
| 91 | aspect and issues a google.iam.admin.v1.LintResult disclosing the |
| 92 | result. |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 93 | |
| 94 | The set of applicable validation units is determined by the Cloud IAM |
| 95 | server and is not configurable. |
| 96 | |
| 97 | Regardless of any lint issues or their severities, successful calls to |
| 98 | `lintPolicy` return an HTTP 200 OK status code. |
| 99 | |
| 100 | Args: |
Dan O'Meara | dd49464 | 2020-05-01 07:42:23 -0700 | [diff] [blame] | 101 | body: object, The request body. |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 102 | The object takes the form of: |
| 103 | |
Dan O'Meara | dd49464 | 2020-05-01 07:42:23 -0700 | [diff] [blame] | 104 | { # The request to lint a Cloud IAM policy object. |
Bu Sun Kim | 4ed7d3f | 2020-05-27 12:20:54 -0700 | [diff] [blame] | 105 | "fullResourceName": "A String", # The full resource name of the policy this lint request is about. |
| 106 | # |
| 107 | # The name follows the Google Cloud Platform (GCP) resource format. |
| 108 | # For example, a GCP project with ID `my-project` will be named |
| 109 | # `//cloudresourcemanager.googleapis.com/projects/my-project`. |
| 110 | # |
| 111 | # The resource name is not used to read the policy instance from the Cloud |
| 112 | # IAM database. The candidate policy for lint has to be provided in the same |
| 113 | # request object. |
Bu Sun Kim | 6502091 | 2020-05-20 12:08:20 -0700 | [diff] [blame] | 114 | "condition": { # Represents a textual expression in the Common Expression Language (CEL) # google.iam.v1.Binding.condition object to be linted. |
| 115 | # syntax. CEL is a C-like expression language. The syntax and semantics of CEL |
| 116 | # are documented at https://github.com/google/cel-spec. |
| 117 | # |
| 118 | # Example (Comparison): |
| 119 | # |
| 120 | # title: "Summary size limit" |
| 121 | # description: "Determines if a summary is less than 100 chars" |
| 122 | # expression: "document.summary.size() < 100" |
| 123 | # |
| 124 | # Example (Equality): |
| 125 | # |
| 126 | # title: "Requestor is owner" |
| 127 | # description: "Determines if requestor is the document owner" |
| 128 | # expression: "document.owner == request.auth.claims.email" |
| 129 | # |
| 130 | # Example (Logic): |
| 131 | # |
| 132 | # title: "Public documents" |
| 133 | # description: "Determine whether the document should be publicly visible" |
| 134 | # expression: "document.type != 'private' && document.type != 'internal'" |
| 135 | # |
| 136 | # Example (Data Manipulation): |
| 137 | # |
| 138 | # title: "Notification string" |
| 139 | # description: "Create a notification string with a timestamp." |
| 140 | # expression: "'New message received at ' + string(document.create_time)" |
| 141 | # |
| 142 | # The exact variables and functions that may be referenced within an expression |
| 143 | # are determined by the service that evaluates it. See the service |
| 144 | # documentation for additional information. |
Bu Sun Kim | 4ed7d3f | 2020-05-27 12:20:54 -0700 | [diff] [blame] | 145 | "description": "A String", # Optional. Description of the expression. This is a longer text which |
| 146 | # describes the expression, e.g. when hovered over it in a UI. |
| 147 | "expression": "A String", # Textual representation of an expression in Common Expression Language |
| 148 | # syntax. |
Bu Sun Kim | 6502091 | 2020-05-20 12:08:20 -0700 | [diff] [blame] | 149 | "title": "A String", # Optional. Title for the expression, i.e. a short string describing |
| 150 | # its purpose. This can be used e.g. in UIs which allow to enter the |
| 151 | # expression. |
| 152 | "location": "A String", # Optional. String indicating the location of the expression for error |
| 153 | # reporting, e.g. a file name and a position in the file. |
Bu Sun Kim | 6502091 | 2020-05-20 12:08:20 -0700 | [diff] [blame] | 154 | }, |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 155 | } |
| 156 | |
| 157 | x__xgafv: string, V1 error format. |
| 158 | Allowed values |
| 159 | 1 - v1 error format |
| 160 | 2 - v2 error format |
| 161 | |
| 162 | Returns: |
| 163 | An object of the form: |
| 164 | |
| 165 | { # The response of a lint operation. An empty response indicates |
| 166 | # the operation was able to fully execute and no lint issue was found. |
Bu Sun Kim | 6502091 | 2020-05-20 12:08:20 -0700 | [diff] [blame] | 167 | "lintResults": [ # List of lint results sorted by `severity` in descending order. |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 168 | { # Structured response of a single validation unit. |
Bu Sun Kim | 6502091 | 2020-05-20 12:08:20 -0700 | [diff] [blame] | 169 | "locationOffset": 42, # 0-based character position of problematic construct within the object |
| 170 | # identified by `field_name`. Currently, this is populated only for condition |
| 171 | # expression. |
| 172 | "debugMessage": "A String", # Human readable debug message associated with the issue. |
| 173 | "fieldName": "A String", # The name of the field for which this lint result is about. |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 174 | # |
Dan O'Meara | dd49464 | 2020-05-01 07:42:23 -0700 | [diff] [blame] | 175 | # For nested messages `field_name` consists of names of the embedded fields |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 176 | # separated by period character. The top-level qualifier is the input object |
Dan O'Meara | dd49464 | 2020-05-01 07:42:23 -0700 | [diff] [blame] | 177 | # to lint in the request. For example, the `field_name` value |
| 178 | # `condition.expression` identifies a lint result for the `expression` field |
| 179 | # of the provided condition. |
Bu Sun Kim | 4ed7d3f | 2020-05-27 12:20:54 -0700 | [diff] [blame] | 180 | "level": "A String", # The validation unit level. |
| 181 | "severity": "A String", # The validation unit severity. |
| 182 | "validationUnitName": "A String", # The validation unit name, for instance |
| 183 | # "lintValidationUnits/ConditionComplexityCheck". |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 184 | }, |
| 185 | ], |
| 186 | }</pre> |
| 187 | </div> |
| 188 | |
| 189 | <div class="method"> |
Dan O'Meara | dd49464 | 2020-05-01 07:42:23 -0700 | [diff] [blame] | 190 | <code class="details" id="queryAuditableServices">queryAuditableServices(body=None, x__xgafv=None)</code> |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 191 | <pre>Returns a list of services that support service level audit logging |
| 192 | configuration for the given resource. |
| 193 | |
| 194 | Args: |
Dan O'Meara | dd49464 | 2020-05-01 07:42:23 -0700 | [diff] [blame] | 195 | body: object, The request body. |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 196 | The object takes the form of: |
| 197 | |
| 198 | { # A request to get the list of auditable services for a resource. |
Bu Sun Kim | 6502091 | 2020-05-20 12:08:20 -0700 | [diff] [blame] | 199 | "fullResourceName": "A String", # Required. The full resource name to query from the list of auditable |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 200 | # services. |
| 201 | # |
| 202 | # The name follows the Google Cloud Platform resource format. |
| 203 | # For example, a Cloud Platform project with id `my-project` will be named |
| 204 | # `//cloudresourcemanager.googleapis.com/projects/my-project`. |
| 205 | } |
| 206 | |
| 207 | x__xgafv: string, V1 error format. |
| 208 | Allowed values |
| 209 | 1 - v1 error format |
| 210 | 2 - v2 error format |
| 211 | |
| 212 | Returns: |
| 213 | An object of the form: |
| 214 | |
| 215 | { # A response containing a list of auditable services for a resource. |
Bu Sun Kim | 6502091 | 2020-05-20 12:08:20 -0700 | [diff] [blame] | 216 | "services": [ # The auditable services for a resource. |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 217 | { # Contains information about an auditable service. |
Bu Sun Kim | 6502091 | 2020-05-20 12:08:20 -0700 | [diff] [blame] | 218 | "name": "A String", # Public name of the service. |
| 219 | # For example, the service name for Cloud IAM is 'iam.googleapis.com'. |
Bu Sun Kim | 715bd7f | 2019-06-14 16:50:42 -0700 | [diff] [blame] | 220 | }, |
| 221 | ], |
| 222 | }</pre> |
| 223 | </div> |
| 224 | |
| 225 | </body></html> |