Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / google-api-python-client / e833b79ffee531ae64e11175718bb2fffc504950 / . / docs / dyn / sourcerepo_v1.projects.repos.html
blob: 12a375ab3cbde21264e0cdd1822d8d57c34db583 [file] [log] [blame]
Sai Cheemalapatic30d2b52017-03-13 12:12:03 -0400[diff] [blame]1<html><body>
2<style>
3
4body, h1, h2, h3, div, span, p, pre, a {
5 margin: 0;
6 padding: 0;
7 border: 0;
8 font-weight: inherit;
9 font-style: inherit;
10 font-size: 100%;
11 font-family: inherit;
12 vertical-align: baseline;
13}
14
15body {
16 font-size: 13px;
17 padding: 1em;
18}
19
20h1 {
21 font-size: 26px;
22 margin-bottom: 1em;
23}
24
25h2 {
26 font-size: 24px;
27 margin-bottom: 1em;
28}
29
30h3 {
31 font-size: 20px;
32 margin-bottom: 1em;
33 margin-top: 1em;
34}
35
36pre, code {
37 line-height: 1.5;
38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
39}
40
41pre {
42 margin-top: 0.5em;
43}
44
45h1, h2, h3, p {
46 font-family: Arial, sans serif;
47}
48
49h1, h2, h3 {
50 border-bottom: solid #CCC 1px;
51}
52
53.toc_element {
54 margin-top: 0.5em;
55}
56
57.firstline {
58 margin-left: 2 em;
59}
60
61.method {
62 margin-top: 1em;
63 border: solid 1px #CCC;
64 padding: 1em;
65 background: #EEE;
66}
67
68.details {
69 font-weight: bold;
70 font-size: 14px;
71}
72
73</style>
74
75<h1><a href="sourcerepo_v1.html">Cloud Source Repositories API</a> . <a href="sourcerepo_v1.projects.html">projects</a> . <a href="sourcerepo_v1.projects.repos.html">repos</a></h1>
76<h2>Instance Methods</h2>
77<p class="toc_element">
78 <code><a href="#create">create(parent=None, body, x__xgafv=None)</a></code></p>
79<p class="firstline">Creates a repo in the given project with the given name..</p>
80<p class="toc_element">
81 <code><a href="#delete">delete(name=None, x__xgafv=None)</a></code></p>
82<p class="firstline">Deletes a repo.</p>
83<p class="toc_element">
84 <code><a href="#get">get(name=None, x__xgafv=None)</a></code></p>
85<p class="firstline">Returns information about a repo.</p>
86<p class="toc_element">
87 <code><a href="#getIamPolicy">getIamPolicy(resource=None, x__xgafv=None)</a></code></p>
88<p class="firstline">Gets the access control policy for a resource.</p>
89<p class="toc_element">
90 <code><a href="#list">list(name=None, x__xgafv=None)</a></code></p>
91<p class="firstline">Returns all repos belonging to a project.</p>
92<p class="toc_element">
93 <code><a href="#setIamPolicy">setIamPolicy(resource=None, body, x__xgafv=None)</a></code></p>
94<p class="firstline">Sets the access control policy on the specified resource. Replaces any</p>
95<p class="toc_element">
96 <code><a href="#testIamPermissions">testIamPermissions(resource=None, body, x__xgafv=None)</a></code></p>
97<p class="firstline">Returns permissions that a caller has on the specified resource.</p>
98<h3>Method Details</h3>
99<div class="method">
100 <code class="details" id="create">create(parent=None, body, x__xgafv=None)</code>
101 <pre>Creates a repo in the given project with the given name..
102
103If the named repository already exists, `CreateRepo` returns
104`ALREADY_EXISTS`.
105
106Args:
107 parent: string, The project in which to create the repo. Values are of the form
108`projects/<project>`. (required)
109 body: object, The request body. (required)
110 The object takes the form of:
111
112{ # A repository (or repo) is a Git repository storing versioned source content.
113 "url": "A String", # URL to clone the repository from Google Cloud Source Repositories.
114 "size": "A String", # The size in bytes of the repo.
115 "name": "A String", # Resource name of the repository, of the form
116 # `projects/<project>/repos/<repo>`.
117 "mirrorConfig": { # Configuration to automatically mirror a repository from another # How this repository mirrors a repository managed by another service.
118 # hosting service, for example GitHub or BitBucket.
119 "url": "A String", # URL of the main repository at the other hosting service.
120 "webhookId": "A String", # ID of the webhook listening to updates to trigger mirroring.
121 # Removing this webook from the other hosting service will stop
122 # Google Cloud Source Repositories from receiving notifications,
123 # and thereby disabling mirroring.
124 "deployKeyId": "A String", # ID of the SSH deploy key at the other hosting service.
125 # Removing this key from the other service would deauthorize
126 # Google Cloud Source Repositories from mirroring.
127 },
128}
129
130 x__xgafv: string, V1 error format.
131 Allowed values
132 1 - v1 error format
133 2 - v2 error format
134
135Returns:
136 An object of the form:
137
138 { # A repository (or repo) is a Git repository storing versioned source content.
139 "url": "A String", # URL to clone the repository from Google Cloud Source Repositories.
140 "size": "A String", # The size in bytes of the repo.
141 "name": "A String", # Resource name of the repository, of the form
142 # `projects/<project>/repos/<repo>`.
143 "mirrorConfig": { # Configuration to automatically mirror a repository from another # How this repository mirrors a repository managed by another service.
144 # hosting service, for example GitHub or BitBucket.
145 "url": "A String", # URL of the main repository at the other hosting service.
146 "webhookId": "A String", # ID of the webhook listening to updates to trigger mirroring.
147 # Removing this webook from the other hosting service will stop
148 # Google Cloud Source Repositories from receiving notifications,
149 # and thereby disabling mirroring.
150 "deployKeyId": "A String", # ID of the SSH deploy key at the other hosting service.
151 # Removing this key from the other service would deauthorize
152 # Google Cloud Source Repositories from mirroring.
153 },
154 }</pre>
155</div>
156
157<div class="method">
158 <code class="details" id="delete">delete(name=None, x__xgafv=None)</code>
159 <pre>Deletes a repo.
160
161Args:
162 name: string, The name of the repo to delete. Values are of the form
163`projects/<project>/repos/<repo>`. (required)
164 x__xgafv: string, V1 error format.
165 Allowed values
166 1 - v1 error format
167 2 - v2 error format
168
169Returns:
170 An object of the form:
171
172 { # A generic empty message that you can re-use to avoid defining duplicated
173 # empty messages in your APIs. A typical example is to use it as the request
174 # or the response type of an API method. For instance:
175 #
176 # service Foo {
177 # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
178 # }
179 #
180 # The JSON representation for `Empty` is empty JSON object `{}`.
181 }</pre>
182</div>
183
184<div class="method">
185 <code class="details" id="get">get(name=None, x__xgafv=None)</code>
186 <pre>Returns information about a repo.
187
188Args:
189 name: string, The name of the requested repository. Values are of the form
190`projects/<project>/repos/<repo>`. (required)
191 x__xgafv: string, V1 error format.
192 Allowed values
193 1 - v1 error format
194 2 - v2 error format
195
196Returns:
197 An object of the form:
198
199 { # A repository (or repo) is a Git repository storing versioned source content.
200 "url": "A String", # URL to clone the repository from Google Cloud Source Repositories.
201 "size": "A String", # The size in bytes of the repo.
202 "name": "A String", # Resource name of the repository, of the form
203 # `projects/<project>/repos/<repo>`.
204 "mirrorConfig": { # Configuration to automatically mirror a repository from another # How this repository mirrors a repository managed by another service.
205 # hosting service, for example GitHub or BitBucket.
206 "url": "A String", # URL of the main repository at the other hosting service.
207 "webhookId": "A String", # ID of the webhook listening to updates to trigger mirroring.
208 # Removing this webook from the other hosting service will stop
209 # Google Cloud Source Repositories from receiving notifications,
210 # and thereby disabling mirroring.
211 "deployKeyId": "A String", # ID of the SSH deploy key at the other hosting service.
212 # Removing this key from the other service would deauthorize
213 # Google Cloud Source Repositories from mirroring.
214 },
215 }</pre>
216</div>
217
218<div class="method">
219 <code class="details" id="getIamPolicy">getIamPolicy(resource=None, x__xgafv=None)</code>
220 <pre>Gets the access control policy for a resource.
221Returns an empty policy if the resource exists and does not have a policy
222set.
223
224Args:
225 resource: string, REQUIRED: The resource for which the policy is being requested.
226See the operation documentation for the appropriate value for this field. (required)
227 x__xgafv: string, V1 error format.
228 Allowed values
229 1 - v1 error format
230 2 - v2 error format
231
232Returns:
233 An object of the form:
234
235 { # Defines an Identity and Access Management (IAM) policy. It is used to
236 # specify access control policies for Cloud Platform resources.
237 #
238 #
239 # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
240 # `members` to a `role`, where the members can be user accounts, Google groups,
241 # Google domains, and service accounts. A `role` is a named list of permissions
242 # defined by IAM.
243 #
244 # **Example**
245 #
246 # {
247 # "bindings": [
248 # {
249 # "role": "roles/owner",
250 # "members": [
251 # "user:mike@example.com",
252 # "group:admins@example.com",
253 # "domain:google.com",
254 # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
255 # ]
256 # },
257 # {
258 # "role": "roles/viewer",
259 # "members": ["user:sean@example.com"]
260 # }
261 # ]
262 # }
263 #
264 # For a description of IAM and its features, see the
265 # [IAM developer's guide](https://cloud.google.com/iam).
266 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
267 { # Specifies the audit configuration for a service.
Sai Cheemalapatie833b792017-03-24 15:06:46 -0700[diff] [blame^]268 # The configuration determines which permission types are logged, and what
269 # identities, if any, are exempted from logging.
Sai Cheemalapatic30d2b52017-03-13 12:12:03 -0400[diff] [blame]270 # An AuditConifg must have one or more AuditLogConfigs.
271 #
272 # If there are AuditConfigs for both `allServices` and a specific service,
273 # the union of the two AuditConfigs is used for that service: the log_types
274 # specified in each AuditConfig are enabled, and the exempted_members in each
275 # AuditConfig are exempted.
276 # Example Policy with multiple AuditConfigs:
277 # {
278 # "audit_configs": [
279 # {
280 # "service": "allServices"
281 # "audit_log_configs": [
282 # {
283 # "log_type": "DATA_READ",
284 # "exempted_members": [
285 # "user:foo@gmail.com"
286 # ]
287 # },
288 # {
289 # "log_type": "DATA_WRITE",
290 # },
291 # {
292 # "log_type": "ADMIN_READ",
293 # }
294 # ]
295 # },
296 # {
297 # "service": "fooservice@googleapis.com"
298 # "audit_log_configs": [
299 # {
300 # "log_type": "DATA_READ",
301 # },
302 # {
303 # "log_type": "DATA_WRITE",
304 # "exempted_members": [
305 # "user:bar@gmail.com"
306 # ]
307 # }
308 # ]
309 # }
310 # ]
311 # }
312 # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
313 # logging. It also exempts foo@gmail.com from DATA_READ logging, and
314 # bar@gmail.com from DATA_WRITE logging.
315 "exemptedMembers": [
316 "A String",
317 ],
318 "auditLogConfigs": [ # The configuration for logging of each type of permission.
319 # Next ID: 4
320 { # Provides the configuration for logging a type of permissions.
321 # Example:
322 #
323 # {
324 # "audit_log_configs": [
325 # {
326 # "log_type": "DATA_READ",
327 # "exempted_members": [
328 # "user:foo@gmail.com"
329 # ]
330 # },
331 # {
332 # "log_type": "DATA_WRITE",
333 # }
334 # ]
335 # }
336 #
337 # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
338 # foo@gmail.com from DATA_READ logging.
339 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of
340 # permission.
341 # Follows the same format of Binding.members.
342 "A String",
343 ],
344 "logType": "A String", # The log type that this config enables.
345 },
346 ],
347 "service": "A String", # Specifies a service that will be enabled for audit logging.
Sai Cheemalapatie833b792017-03-24 15:06:46 -0700[diff] [blame^]348 # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
Sai Cheemalapatic30d2b52017-03-13 12:12:03 -0400[diff] [blame]349 # `allServices` is a special value that covers all services.
350 },
351 ],
352 "rules": [ # If more than one rule is specified, the rules are applied in the following
353 # manner:
354 # - All matching LOG rules are always applied.
355 # - If any DENY/DENY_WITH_LOG rule matches, permission is denied.
356 # Logging will be applied if one or more matching rule requires logging.
357 # - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is
358 # granted.
359 # Logging will be applied if one or more matching rule requires logging.
360 # - Otherwise, if no rule applies, permission is denied.
361 { # A rule to be applied in a Policy.
362 "notIn": [ # If one or more 'not_in' clauses are specified, the rule matches
363 # if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
364 # The format for in and not_in entries is the same as for members in a
365 # Binding (see google/iam/v1/policy.proto).
366 "A String",
367 ],
368 "description": "A String", # Human-readable description of the rule.
369 "in": [ # If one or more 'in' clauses are specified, the rule matches if
370 # the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
371 "A String",
372 ],
373 "action": "A String", # Required
374 "conditions": [ # Additional restrictions that must be met
375 { # A condition to be met.
376 "iam": "A String", # Trusted attributes supplied by the IAM system.
377 "svc": "A String", # Trusted attributes discharged by the service.
378 "value": "A String", # DEPRECATED. Use 'values' instead.
379 "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses
380 # the IAM system for access control.
381 "values": [ # The objects of the condition. This is mutually exclusive with 'value'.
382 "A String",
383 ],
384 "op": "A String", # An operator to apply the subject with.
385 },
386 ],
387 "logConfig": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries
388 # that match the LOG action.
389 { # Specifies what kind of log the caller must write
Sai Cheemalapatic30d2b52017-03-13 12:12:03 -0400[diff] [blame]390 "counter": { # Options for counters # Counter options.
391 "field": "A String", # The field value to attribute.
392 "metric": "A String", # The metric to update.
393 },
394 "dataAccess": { # Write a Data Access (Gin) log # Data access options.
395 },
396 "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
397 },
398 },
399 ],
400 "permissions": [ # A permission is a string of form '<service>.<resource type>.<verb>'
401 # (e.g., 'storage.buckets.list'). A value of '*' matches all permissions,
402 # and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
403 "A String",
404 ],
405 },
406 ],
407 "version": 42, # Version of the `Policy`. The default version is 0.
408 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
409 # prevent simultaneous updates of a policy from overwriting each other.
410 # It is strongly suggested that systems make use of the `etag` in the
411 # read-modify-write cycle to perform policy updates in order to avoid race
412 # conditions: An `etag` is returned in the response to `getIamPolicy`, and
413 # systems are expected to put that etag in the request to `setIamPolicy` to
414 # ensure that their change will be applied to the same version of the policy.
415 #
416 # If no `etag` is provided in the call to `setIamPolicy`, then the existing
417 # policy is overwritten blindly.
418 "bindings": [ # Associates a list of `members` to a `role`.
419 # Multiple `bindings` must not be specified for the same `role`.
420 # `bindings` with no members will result in an error.
421 { # Associates `members` with a `role`.
422 "role": "A String", # Role that is assigned to `members`.
423 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
424 # Required
425 "members": [ # Specifies the identities requesting access for a Cloud Platform resource.
426 # `members` can have the following values:
427 #
428 # * `allUsers`: A special identifier that represents anyone who is
429 # on the internet; with or without a Google account.
430 #
431 # * `allAuthenticatedUsers`: A special identifier that represents anyone
432 # who is authenticated with a Google account or a service account.
433 #
434 # * `user:{emailid}`: An email address that represents a specific Google
435 # account. For example, `alice@gmail.com` or `joe@example.com`.
436 #
437 #
438 # * `serviceAccount:{emailid}`: An email address that represents a service
439 # account. For example, `my-other-app@appspot.gserviceaccount.com`.
440 #
441 # * `group:{emailid}`: An email address that represents a Google group.
442 # For example, `admins@example.com`.
443 #
444 # * `domain:{domain}`: A Google Apps domain name that represents all the
445 # users of that domain. For example, `google.com` or `example.com`.
446 #
447 "A String",
448 ],
449 },
450 ],
451 "iamOwned": True or False,
452 }</pre>
453</div>
454
455<div class="method">
456 <code class="details" id="list">list(name=None, x__xgafv=None)</code>
457 <pre>Returns all repos belonging to a project.
458
459Args:
460 name: string, The project ID whose repos should be listed. Values are of the form
461`projects/<project>`. (required)
462 x__xgafv: string, V1 error format.
463 Allowed values
464 1 - v1 error format
465 2 - v2 error format
466
467Returns:
468 An object of the form:
469
470 { # Response for ListRepos.
471 "repos": [ # The listed repos.
472 { # A repository (or repo) is a Git repository storing versioned source content.
473 "url": "A String", # URL to clone the repository from Google Cloud Source Repositories.
474 "size": "A String", # The size in bytes of the repo.
475 "name": "A String", # Resource name of the repository, of the form
476 # `projects/<project>/repos/<repo>`.
477 "mirrorConfig": { # Configuration to automatically mirror a repository from another # How this repository mirrors a repository managed by another service.
478 # hosting service, for example GitHub or BitBucket.
479 "url": "A String", # URL of the main repository at the other hosting service.
480 "webhookId": "A String", # ID of the webhook listening to updates to trigger mirroring.
481 # Removing this webook from the other hosting service will stop
482 # Google Cloud Source Repositories from receiving notifications,
483 # and thereby disabling mirroring.
484 "deployKeyId": "A String", # ID of the SSH deploy key at the other hosting service.
485 # Removing this key from the other service would deauthorize
486 # Google Cloud Source Repositories from mirroring.
487 },
488 },
489 ],
490 }</pre>
491</div>
492
493<div class="method">
494 <code class="details" id="setIamPolicy">setIamPolicy(resource=None, body, x__xgafv=None)</code>
495 <pre>Sets the access control policy on the specified resource. Replaces any
496existing policy.
497
498Args:
499 resource: string, REQUIRED: The resource for which the policy is being specified.
500See the operation documentation for the appropriate value for this field. (required)
501 body: object, The request body. (required)
502 The object takes the form of:
503
504{ # Request message for `SetIamPolicy` method.
505 "policy": { # Defines an Identity and Access Management (IAM) policy. It is used to # REQUIRED: The complete policy to be applied to the `resource`. The size of
506 # the policy is limited to a few 10s of KB. An empty policy is a
507 # valid policy but certain Cloud Platform services (such as Projects)
508 # might reject them.
509 # specify access control policies for Cloud Platform resources.
510 #
511 #
512 # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
513 # `members` to a `role`, where the members can be user accounts, Google groups,
514 # Google domains, and service accounts. A `role` is a named list of permissions
515 # defined by IAM.
516 #
517 # **Example**
518 #
519 # {
520 # "bindings": [
521 # {
522 # "role": "roles/owner",
523 # "members": [
524 # "user:mike@example.com",
525 # "group:admins@example.com",
526 # "domain:google.com",
527 # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
528 # ]
529 # },
530 # {
531 # "role": "roles/viewer",
532 # "members": ["user:sean@example.com"]
533 # }
534 # ]
535 # }
536 #
537 # For a description of IAM and its features, see the
538 # [IAM developer's guide](https://cloud.google.com/iam).
539 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
540 { # Specifies the audit configuration for a service.
Sai Cheemalapatie833b792017-03-24 15:06:46 -0700[diff] [blame^]541 # The configuration determines which permission types are logged, and what
542 # identities, if any, are exempted from logging.
Sai Cheemalapatic30d2b52017-03-13 12:12:03 -0400[diff] [blame]543 # An AuditConifg must have one or more AuditLogConfigs.
544 #
545 # If there are AuditConfigs for both `allServices` and a specific service,
546 # the union of the two AuditConfigs is used for that service: the log_types
547 # specified in each AuditConfig are enabled, and the exempted_members in each
548 # AuditConfig are exempted.
549 # Example Policy with multiple AuditConfigs:
550 # {
551 # "audit_configs": [
552 # {
553 # "service": "allServices"
554 # "audit_log_configs": [
555 # {
556 # "log_type": "DATA_READ",
557 # "exempted_members": [
558 # "user:foo@gmail.com"
559 # ]
560 # },
561 # {
562 # "log_type": "DATA_WRITE",
563 # },
564 # {
565 # "log_type": "ADMIN_READ",
566 # }
567 # ]
568 # },
569 # {
570 # "service": "fooservice@googleapis.com"
571 # "audit_log_configs": [
572 # {
573 # "log_type": "DATA_READ",
574 # },
575 # {
576 # "log_type": "DATA_WRITE",
577 # "exempted_members": [
578 # "user:bar@gmail.com"
579 # ]
580 # }
581 # ]
582 # }
583 # ]
584 # }
585 # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
586 # logging. It also exempts foo@gmail.com from DATA_READ logging, and
587 # bar@gmail.com from DATA_WRITE logging.
588 "exemptedMembers": [
589 "A String",
590 ],
591 "auditLogConfigs": [ # The configuration for logging of each type of permission.
592 # Next ID: 4
593 { # Provides the configuration for logging a type of permissions.
594 # Example:
595 #
596 # {
597 # "audit_log_configs": [
598 # {
599 # "log_type": "DATA_READ",
600 # "exempted_members": [
601 # "user:foo@gmail.com"
602 # ]
603 # },
604 # {
605 # "log_type": "DATA_WRITE",
606 # }
607 # ]
608 # }
609 #
610 # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
611 # foo@gmail.com from DATA_READ logging.
612 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of
613 # permission.
614 # Follows the same format of Binding.members.
615 "A String",
616 ],
617 "logType": "A String", # The log type that this config enables.
618 },
619 ],
620 "service": "A String", # Specifies a service that will be enabled for audit logging.
Sai Cheemalapatie833b792017-03-24 15:06:46 -0700[diff] [blame^]621 # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
Sai Cheemalapatic30d2b52017-03-13 12:12:03 -0400[diff] [blame]622 # `allServices` is a special value that covers all services.
623 },
624 ],
625 "rules": [ # If more than one rule is specified, the rules are applied in the following
626 # manner:
627 # - All matching LOG rules are always applied.
628 # - If any DENY/DENY_WITH_LOG rule matches, permission is denied.
629 # Logging will be applied if one or more matching rule requires logging.
630 # - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is
631 # granted.
632 # Logging will be applied if one or more matching rule requires logging.
633 # - Otherwise, if no rule applies, permission is denied.
634 { # A rule to be applied in a Policy.
635 "notIn": [ # If one or more 'not_in' clauses are specified, the rule matches
636 # if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
637 # The format for in and not_in entries is the same as for members in a
638 # Binding (see google/iam/v1/policy.proto).
639 "A String",
640 ],
641 "description": "A String", # Human-readable description of the rule.
642 "in": [ # If one or more 'in' clauses are specified, the rule matches if
643 # the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
644 "A String",
645 ],
646 "action": "A String", # Required
647 "conditions": [ # Additional restrictions that must be met
648 { # A condition to be met.
649 "iam": "A String", # Trusted attributes supplied by the IAM system.
650 "svc": "A String", # Trusted attributes discharged by the service.
651 "value": "A String", # DEPRECATED. Use 'values' instead.
652 "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses
653 # the IAM system for access control.
654 "values": [ # The objects of the condition. This is mutually exclusive with 'value'.
655 "A String",
656 ],
657 "op": "A String", # An operator to apply the subject with.
658 },
659 ],
660 "logConfig": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries
661 # that match the LOG action.
662 { # Specifies what kind of log the caller must write
Sai Cheemalapatic30d2b52017-03-13 12:12:03 -0400[diff] [blame]663 "counter": { # Options for counters # Counter options.
664 "field": "A String", # The field value to attribute.
665 "metric": "A String", # The metric to update.
666 },
667 "dataAccess": { # Write a Data Access (Gin) log # Data access options.
668 },
669 "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
670 },
671 },
672 ],
673 "permissions": [ # A permission is a string of form '<service>.<resource type>.<verb>'
674 # (e.g., 'storage.buckets.list'). A value of '*' matches all permissions,
675 # and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
676 "A String",
677 ],
678 },
679 ],
680 "version": 42, # Version of the `Policy`. The default version is 0.
681 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
682 # prevent simultaneous updates of a policy from overwriting each other.
683 # It is strongly suggested that systems make use of the `etag` in the
684 # read-modify-write cycle to perform policy updates in order to avoid race
685 # conditions: An `etag` is returned in the response to `getIamPolicy`, and
686 # systems are expected to put that etag in the request to `setIamPolicy` to
687 # ensure that their change will be applied to the same version of the policy.
688 #
689 # If no `etag` is provided in the call to `setIamPolicy`, then the existing
690 # policy is overwritten blindly.
691 "bindings": [ # Associates a list of `members` to a `role`.
692 # Multiple `bindings` must not be specified for the same `role`.
693 # `bindings` with no members will result in an error.
694 { # Associates `members` with a `role`.
695 "role": "A String", # Role that is assigned to `members`.
696 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
697 # Required
698 "members": [ # Specifies the identities requesting access for a Cloud Platform resource.
699 # `members` can have the following values:
700 #
701 # * `allUsers`: A special identifier that represents anyone who is
702 # on the internet; with or without a Google account.
703 #
704 # * `allAuthenticatedUsers`: A special identifier that represents anyone
705 # who is authenticated with a Google account or a service account.
706 #
707 # * `user:{emailid}`: An email address that represents a specific Google
708 # account. For example, `alice@gmail.com` or `joe@example.com`.
709 #
710 #
711 # * `serviceAccount:{emailid}`: An email address that represents a service
712 # account. For example, `my-other-app@appspot.gserviceaccount.com`.
713 #
714 # * `group:{emailid}`: An email address that represents a Google group.
715 # For example, `admins@example.com`.
716 #
717 # * `domain:{domain}`: A Google Apps domain name that represents all the
718 # users of that domain. For example, `google.com` or `example.com`.
719 #
720 "A String",
721 ],
722 },
723 ],
724 "iamOwned": True or False,
725 },
726 "updateMask": "A String", # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
Sai Cheemalapatie833b792017-03-24 15:06:46 -0700[diff] [blame^]727 # the fields in the mask will be modified. If no mask is provided, the
728 # following default mask is used:
Sai Cheemalapatic30d2b52017-03-13 12:12:03 -0400[diff] [blame]729 # paths: "bindings, etag"
730 # This field is only used by Cloud IAM.
731 }
732
733 x__xgafv: string, V1 error format.
734 Allowed values
735 1 - v1 error format
736 2 - v2 error format
737
738Returns:
739 An object of the form:
740
741 { # Defines an Identity and Access Management (IAM) policy. It is used to
742 # specify access control policies for Cloud Platform resources.
743 #
744 #
745 # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
746 # `members` to a `role`, where the members can be user accounts, Google groups,
747 # Google domains, and service accounts. A `role` is a named list of permissions
748 # defined by IAM.
749 #
750 # **Example**
751 #
752 # {
753 # "bindings": [
754 # {
755 # "role": "roles/owner",
756 # "members": [
757 # "user:mike@example.com",
758 # "group:admins@example.com",
759 # "domain:google.com",
760 # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
761 # ]
762 # },
763 # {
764 # "role": "roles/viewer",
765 # "members": ["user:sean@example.com"]
766 # }
767 # ]
768 # }
769 #
770 # For a description of IAM and its features, see the
771 # [IAM developer's guide](https://cloud.google.com/iam).
772 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
773 { # Specifies the audit configuration for a service.
Sai Cheemalapatie833b792017-03-24 15:06:46 -0700[diff] [blame^]774 # The configuration determines which permission types are logged, and what
775 # identities, if any, are exempted from logging.
Sai Cheemalapatic30d2b52017-03-13 12:12:03 -0400[diff] [blame]776 # An AuditConifg must have one or more AuditLogConfigs.
777 #
778 # If there are AuditConfigs for both `allServices` and a specific service,
779 # the union of the two AuditConfigs is used for that service: the log_types
780 # specified in each AuditConfig are enabled, and the exempted_members in each
781 # AuditConfig are exempted.
782 # Example Policy with multiple AuditConfigs:
783 # {
784 # "audit_configs": [
785 # {
786 # "service": "allServices"
787 # "audit_log_configs": [
788 # {
789 # "log_type": "DATA_READ",
790 # "exempted_members": [
791 # "user:foo@gmail.com"
792 # ]
793 # },
794 # {
795 # "log_type": "DATA_WRITE",
796 # },
797 # {
798 # "log_type": "ADMIN_READ",
799 # }
800 # ]
801 # },
802 # {
803 # "service": "fooservice@googleapis.com"
804 # "audit_log_configs": [
805 # {
806 # "log_type": "DATA_READ",
807 # },
808 # {
809 # "log_type": "DATA_WRITE",
810 # "exempted_members": [
811 # "user:bar@gmail.com"
812 # ]
813 # }
814 # ]
815 # }
816 # ]
817 # }
818 # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
819 # logging. It also exempts foo@gmail.com from DATA_READ logging, and
820 # bar@gmail.com from DATA_WRITE logging.
821 "exemptedMembers": [
822 "A String",
823 ],
824 "auditLogConfigs": [ # The configuration for logging of each type of permission.
825 # Next ID: 4
826 { # Provides the configuration for logging a type of permissions.
827 # Example:
828 #
829 # {
830 # "audit_log_configs": [
831 # {
832 # "log_type": "DATA_READ",
833 # "exempted_members": [
834 # "user:foo@gmail.com"
835 # ]
836 # },
837 # {
838 # "log_type": "DATA_WRITE",
839 # }
840 # ]
841 # }
842 #
843 # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
844 # foo@gmail.com from DATA_READ logging.
845 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of
846 # permission.
847 # Follows the same format of Binding.members.
848 "A String",
849 ],
850 "logType": "A String", # The log type that this config enables.
851 },
852 ],
853 "service": "A String", # Specifies a service that will be enabled for audit logging.
Sai Cheemalapatie833b792017-03-24 15:06:46 -0700[diff] [blame^]854 # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
Sai Cheemalapatic30d2b52017-03-13 12:12:03 -0400[diff] [blame]855 # `allServices` is a special value that covers all services.
856 },
857 ],
858 "rules": [ # If more than one rule is specified, the rules are applied in the following
859 # manner:
860 # - All matching LOG rules are always applied.
861 # - If any DENY/DENY_WITH_LOG rule matches, permission is denied.
862 # Logging will be applied if one or more matching rule requires logging.
863 # - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is
864 # granted.
865 # Logging will be applied if one or more matching rule requires logging.
866 # - Otherwise, if no rule applies, permission is denied.
867 { # A rule to be applied in a Policy.
868 "notIn": [ # If one or more 'not_in' clauses are specified, the rule matches
869 # if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
870 # The format for in and not_in entries is the same as for members in a
871 # Binding (see google/iam/v1/policy.proto).
872 "A String",
873 ],
874 "description": "A String", # Human-readable description of the rule.
875 "in": [ # If one or more 'in' clauses are specified, the rule matches if
876 # the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
877 "A String",
878 ],
879 "action": "A String", # Required
880 "conditions": [ # Additional restrictions that must be met
881 { # A condition to be met.
882 "iam": "A String", # Trusted attributes supplied by the IAM system.
883 "svc": "A String", # Trusted attributes discharged by the service.
884 "value": "A String", # DEPRECATED. Use 'values' instead.
885 "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses
886 # the IAM system for access control.
887 "values": [ # The objects of the condition. This is mutually exclusive with 'value'.
888 "A String",
889 ],
890 "op": "A String", # An operator to apply the subject with.
891 },
892 ],
893 "logConfig": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries
894 # that match the LOG action.
895 { # Specifies what kind of log the caller must write
Sai Cheemalapatic30d2b52017-03-13 12:12:03 -0400[diff] [blame]896 "counter": { # Options for counters # Counter options.
897 "field": "A String", # The field value to attribute.
898 "metric": "A String", # The metric to update.
899 },
900 "dataAccess": { # Write a Data Access (Gin) log # Data access options.
901 },
902 "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
903 },
904 },
905 ],
906 "permissions": [ # A permission is a string of form '<service>.<resource type>.<verb>'
907 # (e.g., 'storage.buckets.list'). A value of '*' matches all permissions,
908 # and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
909 "A String",
910 ],
911 },
912 ],
913 "version": 42, # Version of the `Policy`. The default version is 0.
914 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
915 # prevent simultaneous updates of a policy from overwriting each other.
916 # It is strongly suggested that systems make use of the `etag` in the
917 # read-modify-write cycle to perform policy updates in order to avoid race
918 # conditions: An `etag` is returned in the response to `getIamPolicy`, and
919 # systems are expected to put that etag in the request to `setIamPolicy` to
920 # ensure that their change will be applied to the same version of the policy.
921 #
922 # If no `etag` is provided in the call to `setIamPolicy`, then the existing
923 # policy is overwritten blindly.
924 "bindings": [ # Associates a list of `members` to a `role`.
925 # Multiple `bindings` must not be specified for the same `role`.
926 # `bindings` with no members will result in an error.
927 { # Associates `members` with a `role`.
928 "role": "A String", # Role that is assigned to `members`.
929 # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
930 # Required
931 "members": [ # Specifies the identities requesting access for a Cloud Platform resource.
932 # `members` can have the following values:
933 #
934 # * `allUsers`: A special identifier that represents anyone who is
935 # on the internet; with or without a Google account.
936 #
937 # * `allAuthenticatedUsers`: A special identifier that represents anyone
938 # who is authenticated with a Google account or a service account.
939 #
940 # * `user:{emailid}`: An email address that represents a specific Google
941 # account. For example, `alice@gmail.com` or `joe@example.com`.
942 #
943 #
944 # * `serviceAccount:{emailid}`: An email address that represents a service
945 # account. For example, `my-other-app@appspot.gserviceaccount.com`.
946 #
947 # * `group:{emailid}`: An email address that represents a Google group.
948 # For example, `admins@example.com`.
949 #
950 # * `domain:{domain}`: A Google Apps domain name that represents all the
951 # users of that domain. For example, `google.com` or `example.com`.
952 #
953 "A String",
954 ],
955 },
956 ],
957 "iamOwned": True or False,
958 }</pre>
959</div>
960
961<div class="method">
962 <code class="details" id="testIamPermissions">testIamPermissions(resource=None, body, x__xgafv=None)</code>
963 <pre>Returns permissions that a caller has on the specified resource.
964If the resource does not exist, this will return an empty set of
965permissions, not a NOT_FOUND error.
966
967Args:
968 resource: string, REQUIRED: The resource for which the policy detail is being requested.
969See the operation documentation for the appropriate value for this field. (required)
970 body: object, The request body. (required)
971 The object takes the form of:
972
973{ # Request message for `TestIamPermissions` method.
974 "permissions": [ # The set of permissions to check for the `resource`. Permissions with
975 # wildcards (such as '*' or 'storage.*') are not allowed. For more
976 # information see
977 # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
978 "A String",
979 ],
980 }
981
982 x__xgafv: string, V1 error format.
983 Allowed values
984 1 - v1 error format
985 2 - v2 error format
986
987Returns:
988 An object of the form:
989
990 { # Response message for `TestIamPermissions` method.
991 "permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is
992 # allowed.
993 "A String",
994 ],
995 }</pre>
996</div>
997
998</body></html>