Class: Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client

Inherits:
Object
  • Object
show all
Includes:
Paths
Defined in:
lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb

Overview

REST client for the AccessContextManager service.

API for setting [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] and [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] for Google Cloud projects. Each organization has one [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that contains the [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] and [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]. This [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is applicable to all resources in the organization. AccessPolicies

Defined Under Namespace

Classes: Configuration

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Paths

#access_level_path, #access_policy_path, #gcp_user_access_binding_path, #organization_path, #service_perimeter_path

Constructor Details

#initialize {|config| ... } ⇒ Client

Create a new AccessContextManager REST client object.

Examples:


# Create a client using the default configuration
client = ::Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a client using a custom configuration
client = ::Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new do |config|
  config.timeout = 10.0
end

Yields:

  • (config)

    Configure the AccessContextManager client.

Yield Parameters:



135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 135

def initialize
  # Create the configuration object
  @config = Configuration.new Client.configure

  # Yield the configuration if needed
  yield @config if block_given?

  # Create credentials
  credentials = @config.credentials
  # Use self-signed JWT if the endpoint is unchanged from default,
  # but only if the default endpoint does not have a region prefix.
  enable_self_signed_jwt = @config.endpoint.nil? ||
                           (@config.endpoint == Configuration::DEFAULT_ENDPOINT &&
                           !@config.endpoint.split(".").first.include?("-"))
  credentials ||= Credentials.default scope: @config.scope,
                                      enable_self_signed_jwt: enable_self_signed_jwt
  if credentials.is_a?(::String) || credentials.is_a?(::Hash)
    credentials = Credentials.new credentials, scope: @config.scope
  end

  @quota_project_id = @config.quota_project
  @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id

  @operations_client = ::Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Operations.new do |config|
    config.credentials = credentials
    config.quota_project = @quota_project_id
    config.endpoint = @config.endpoint
    config.universe_domain = @config.universe_domain
  end

  @access_context_manager_stub = ::Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::ServiceStub.new(
    endpoint: @config.endpoint,
    endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
    universe_domain: @config.universe_domain,
    credentials: credentials
  )
end

Instance Attribute Details

#operations_client::Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Operations (readonly)

Get the associated client for long-running operations.

Returns:



178
179
180
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 178

def operations_client
  @operations_client
end

Class Method Details

.configure {|config| ... } ⇒ Client::Configuration

Configure the AccessContextManager Client class.

See Configuration for a description of the configuration fields.

Examples:


# Modify the configuration for all AccessContextManager clients
::Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.configure do |config|
  config.timeout = 10.0
end

Yields:

  • (config)

    Configure the Client client.

Yield Parameters:

Returns:



71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 71

def self.configure
  @configure ||= begin
    namespace = ["Google", "Identity", "AccessContextManager", "V1"]
    parent_config = while namespace.any?
                      parent_name = namespace.join "::"
                      parent_const = const_get parent_name
                      break parent_const.configure if parent_const.respond_to? :configure
                      namespace.pop
                    end
    default_config = Client::Configuration.new parent_config

    default_config.timeout = 60.0

    default_config
  end
  yield @configure if block_given?
  @configure
end

Instance Method Details

#commit_service_perimeters(request, options = nil) ⇒ ::Gapic::Operation #commit_service_perimeters(parent: nil, etag: nil) ⇒ ::Gapic::Operation

Commits the dry-run specification for all the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an access policy. A commit operation on a service perimeter involves copying its spec field to the status field of the service perimeter. Only [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] with use_explicit_dry_run_spec field set to true are affected by a commit operation. The long-running operation from this RPC has a successful status after the dry-run specifications for all the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] have been committed. If a commit fails, it causes the long-running operation to return an error response and the entire commit operation is cancelled. When successful, the Operation.response field contains CommitServicePerimetersResponse. The dry_run and the spec fields are cleared after a successful commit operation.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::CommitServicePerimetersRequest.new

# Call the commit_service_perimeters method.
result = client.commit_service_perimeters request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #commit_service_perimeters(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to commit_service_perimeters via a request object, either of type CommitServicePerimetersRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::CommitServicePerimetersRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #commit_service_perimeters(parent: nil, etag: nil) ⇒ ::Gapic::Operation

    Pass arguments to commit_service_perimeters via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. Resource name for the parent [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] which owns all [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in scope for the commit operation.

      Format: accessPolicies/{policy_id}

    • etag (::String) (defaults to: nil)

      Optional. The etag for the version of the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that this commit operation is to be performed on. If, at the time of commit, the etag for the Access Policy stored in Access Context Manager is different from the specified etag, then the commit operation will not be performed and the call will fail. This field is not required. If etag is not provided, the operation will be performed as if a valid etag is provided.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 1942

def commit_service_perimeters request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::CommitServicePerimetersRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.commit_service_perimeters.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.commit_service_perimeters.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.commit_service_perimeters.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.commit_service_perimeters request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#configure {|config| ... } ⇒ Client::Configuration

Configure the AccessContextManager Client instance.

The configuration is set to the derived mode, meaning that values can be changed, but structural changes (adding new fields, etc.) are not allowed. Structural changes should be made on configure.

See Configuration for a description of the configuration fields.

Yields:

  • (config)

    Configure the Client client.

Yield Parameters:

Returns:



105
106
107
108
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 105

def configure
  yield @config if block_given?
  @config
end

#create_access_level(request, options = nil) ⇒ ::Gapic::Operation #create_access_level(parent: nil, access_level: nil) ⇒ ::Gapic::Operation

Creates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagates to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::CreateAccessLevelRequest.new

# Call the create_access_level method.
result = client.create_access_level request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #create_access_level(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to create_access_level via a request object, either of type CreateAccessLevelRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::CreateAccessLevelRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #create_access_level(parent: nil, access_level: nil) ⇒ ::Gapic::Operation

    Pass arguments to create_access_level via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. Resource name for the access policy which owns this [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel].

      Format: accessPolicies/{policy_id}

    • access_level (::Google::Identity::AccessContextManager::V1::AccessLevel, ::Hash) (defaults to: nil)

      Required. The [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] to create. Syntactic correctness of the [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] is a precondition for creation.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 922

def create_access_level request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::CreateAccessLevelRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.create_access_level.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.create_access_level.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.create_access_level.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.create_access_level request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#create_access_policy(request, options = nil) ⇒ ::Gapic::Operation #create_access_policy(name: nil, parent: nil, title: nil, scopes: nil, create_time: nil, update_time: nil, etag: nil) ⇒ ::Gapic::Operation

Creates an access policy. This method fails if the organization already has an access policy. The long-running operation has a successful status after the access policy propagates to long-lasting storage. Syntactic and basic semantic errors are returned in metadata as a BadRequest proto.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::AccessPolicy.new

# Call the create_access_policy method.
result = client.create_access_policy request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #create_access_policy(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to create_access_policy via a request object, either of type Google::Identity::AccessContextManager::V1::AccessPolicy or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::AccessPolicy, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #create_access_policy(name: nil, parent: nil, title: nil, scopes: nil, create_time: nil, update_time: nil, etag: nil) ⇒ ::Gapic::Operation

    Pass arguments to create_access_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Output only. Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}

    • parent (::String) (defaults to: nil)

      Required. The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}

    • title (::String) (defaults to: nil)

      Required. Human readable title. Does not affect behavior.

    • scopes (::Array<::String>) (defaults to: nil)

      The scopes of a policy define which resources an ACM policy can restrict, and where ACM resources can be referenced. For example, a policy with scopes=["folders/123"] has the following behavior:

      • vpcsc perimeters can only restrict projects within folders/123
      • access levels can only be referenced by resources within folders/123. If empty, there are no limitations on which resources can be restricted by an ACM policy, and there are no limitations on where ACM resources can be referenced. Only one policy can include a given scope (attempting to create a second policy which includes "folders/123" will result in an error). Currently, scopes cannot be modified after a policy is created. Currently, policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}
    • create_time (::Google::Protobuf::Timestamp, ::Hash) (defaults to: nil)

      Output only. Time the AccessPolicy was created in UTC.

    • update_time (::Google::Protobuf::Timestamp, ::Hash) (defaults to: nil)

      Output only. Time the AccessPolicy was updated in UTC.

    • etag (::String) (defaults to: nil)

      Output only. An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 442

def create_access_policy request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::AccessPolicy

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.create_access_policy.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.create_access_policy.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.create_access_policy.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.create_access_policy request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#create_gcp_user_access_binding(request, options = nil) ⇒ ::Gapic::Operation #create_gcp_user_access_binding(parent: nil, gcp_user_access_binding: nil) ⇒ ::Gapic::Operation

Creates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. If the client specifies a [name] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.name], the server ignores it. Fails if a resource already exists with the same [group_key] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.group_key]. Completion of this long-running operation does not necessarily signify that the new binding is deployed onto all affected users, which may take more time.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::CreateGcpUserAccessBindingRequest.new

# Call the create_gcp_user_access_binding method.
result = client.create_gcp_user_access_binding request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #create_gcp_user_access_binding(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to create_gcp_user_access_binding via a request object, either of type CreateGcpUserAccessBindingRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::CreateGcpUserAccessBindingRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #create_gcp_user_access_binding(parent: nil, gcp_user_access_binding: nil) ⇒ ::Gapic::Operation

    Pass arguments to create_gcp_user_access_binding via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 2213

def create_gcp_user_access_binding request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::CreateGcpUserAccessBindingRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.create_gcp_user_access_binding.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.create_gcp_user_access_binding.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.create_gcp_user_access_binding.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.create_gcp_user_access_binding request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#create_service_perimeter(request, options = nil) ⇒ ::Gapic::Operation #create_service_perimeter(parent: nil, service_perimeter: nil) ⇒ ::Gapic::Operation

Creates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::CreateServicePerimeterRequest.new

# Call the create_service_perimeter method.
result = client.create_service_perimeter request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #create_service_perimeter(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to create_service_perimeter via a request object, either of type CreateServicePerimeterRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::CreateServicePerimeterRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #create_service_perimeter(parent: nil, service_perimeter: nil) ⇒ ::Gapic::Operation

    Pass arguments to create_service_perimeter via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. Resource name for the access policy which owns this [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter].

      Format: accessPolicies/{policy_id}

    • service_perimeter (::Google::Identity::AccessContextManager::V1::ServicePerimeter, ::Hash) (defaults to: nil)

      Required. The [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] to create. Syntactic correctness of the [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] is a precondition for creation.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 1520

def create_service_perimeter request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::CreateServicePerimeterRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.create_service_perimeter.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.create_service_perimeter.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.create_service_perimeter.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.create_service_perimeter request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#delete_access_level(request, options = nil) ⇒ ::Gapic::Operation #delete_access_level(name: nil) ⇒ ::Gapic::Operation

Deletes an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] has been removed from long-lasting storage.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::DeleteAccessLevelRequest.new

# Call the delete_access_level method.
result = client.delete_access_level request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #delete_access_level(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to delete_access_level via a request object, either of type DeleteAccessLevelRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::DeleteAccessLevelRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #delete_access_level(name: nil) ⇒ ::Gapic::Operation

    Pass arguments to delete_access_level via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. Resource name for the [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel].

      Format: accessPolicies/{policy_id}/accessLevels/{access_level_id}

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 1116

def delete_access_level request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::DeleteAccessLevelRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.delete_access_level.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.delete_access_level.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.delete_access_level.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.delete_access_level request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#delete_access_policy(request, options = nil) ⇒ ::Gapic::Operation #delete_access_policy(name: nil) ⇒ ::Gapic::Operation

Deletes an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the resource name. The long-running operation has a successful status after the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is removed from long-lasting storage.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::DeleteAccessPolicyRequest.new

# Call the delete_access_policy method.
result = client.delete_access_policy request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #delete_access_policy(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to delete_access_policy via a request object, either of type DeleteAccessPolicyRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::DeleteAccessPolicyRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #delete_access_policy(name: nil) ⇒ ::Gapic::Operation

    Pass arguments to delete_access_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. Resource name for the access policy to delete.

      Format accessPolicies/{policy_id}

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 627

def delete_access_policy request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::DeleteAccessPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.delete_access_policy.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.delete_access_policy.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.delete_access_policy.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.delete_access_policy request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#delete_gcp_user_access_binding(request, options = nil) ⇒ ::Gapic::Operation #delete_gcp_user_access_binding(name: nil) ⇒ ::Gapic::Operation

Deletes a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the binding deletion is deployed onto all affected users, which may take more time.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::DeleteGcpUserAccessBindingRequest.new

# Call the delete_gcp_user_access_binding method.
result = client.delete_gcp_user_access_binding request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #delete_gcp_user_access_binding(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to delete_gcp_user_access_binding via a request object, either of type DeleteGcpUserAccessBindingRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::DeleteGcpUserAccessBindingRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #delete_gcp_user_access_binding(name: nil) ⇒ ::Gapic::Operation

    Pass arguments to delete_gcp_user_access_binding via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 2401

def delete_gcp_user_access_binding request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::DeleteGcpUserAccessBindingRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.delete_gcp_user_access_binding.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.delete_gcp_user_access_binding.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.delete_gcp_user_access_binding.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.delete_gcp_user_access_binding request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#delete_service_perimeter(request, options = nil) ⇒ ::Gapic::Operation #delete_service_perimeter(name: nil) ⇒ ::Gapic::Operation

Deletes a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] is removed from long-lasting storage.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::DeleteServicePerimeterRequest.new

# Call the delete_service_perimeter method.
result = client.delete_service_perimeter request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #delete_service_perimeter(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to delete_service_perimeter via a request object, either of type DeleteServicePerimeterRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::DeleteServicePerimeterRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #delete_service_perimeter(name: nil) ⇒ ::Gapic::Operation

    Pass arguments to delete_service_perimeter via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. Resource name for the [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter].

      Format: accessPolicies/{policy_id}/servicePerimeters/{service_perimeter_id}

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 1711

def delete_service_perimeter request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::DeleteServicePerimeterRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.delete_service_perimeter.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.delete_service_perimeter.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.delete_service_perimeter.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.delete_service_perimeter request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_access_level(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessLevel #get_access_level(name: nil, access_level_format: nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessLevel

Gets an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::GetAccessLevelRequest.new

# Call the get_access_level method.
result = client.get_access_level request

# The returned object is of type Google::Identity::AccessContextManager::V1::AccessLevel.
p result

Overloads:

  • #get_access_level(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessLevel

    Pass arguments to get_access_level via a request object, either of type GetAccessLevelRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::GetAccessLevelRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #get_access_level(name: nil, access_level_format: nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessLevel

    Pass arguments to get_access_level via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. Resource name for the [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel].

      Format: accessPolicies/{policy_id}/accessLevels/{access_level_id}

    • access_level_format (::Google::Identity::AccessContextManager::V1::LevelFormat) (defaults to: nil)

      Whether to return BasicLevels in the Cloud Common Expression Language rather than as BasicLevels. Defaults to AS_DEFINED, where [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] are returned as BasicLevels or CustomLevels based on how they were created. If set to CEL, all [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] are returned as CustomLevels. In the CEL case, BasicLevels are translated to equivalent CustomLevels.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 822

def get_access_level request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::GetAccessLevelRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.get_access_level.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.get_access_level.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.get_access_level.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.get_access_level request, options do |result, operation|
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_access_policy(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessPolicy #get_access_policy(name: nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessPolicy

Returns an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the name.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::GetAccessPolicyRequest.new

# Call the get_access_policy method.
result = client.get_access_policy request

# The returned object is of type Google::Identity::AccessContextManager::V1::AccessPolicy.
p result

Overloads:

  • #get_access_policy(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessPolicy

    Pass arguments to get_access_policy via a request object, either of type GetAccessPolicyRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::GetAccessPolicyRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #get_access_policy(name: nil) ⇒ ::Google::Identity::AccessContextManager::V1::AccessPolicy

    Pass arguments to get_access_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. Resource name for the access policy to get.

      Format accessPolicies/{policy_id}

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 322

def get_access_policy request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::GetAccessPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.get_access_policy.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.get_access_policy.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.get_access_policy.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.get_access_policy request, options do |result, operation|
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_gcp_user_access_binding(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding #get_gcp_user_access_binding(name: nil) ⇒ ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding

Gets the [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] with the given name.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::GetGcpUserAccessBindingRequest.new

# Call the get_gcp_user_access_binding method.
result = client.get_gcp_user_access_binding request

# The returned object is of type Google::Identity::AccessContextManager::V1::GcpUserAccessBinding.
p result

Overloads:

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 2116

def get_gcp_user_access_binding request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::GetGcpUserAccessBindingRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.get_gcp_user_access_binding.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.get_gcp_user_access_binding.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.get_gcp_user_access_binding.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.get_gcp_user_access_binding request, options do |result, operation|
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_iam_policy(request, options = nil) ⇒ ::Google::Iam::V1::Policy #get_iam_policy(resource: nil, options: nil) ⇒ ::Google::Iam::V1::Policy

Gets the IAM policy for the specified Access Context Manager access policy.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Iam::V1::GetIamPolicyRequest.new

# Call the get_iam_policy method.
result = client.get_iam_policy request

# The returned object is of type Google::Iam::V1::Policy.
p result

Overloads:

  • #get_iam_policy(request, options = nil) ⇒ ::Google::Iam::V1::Policy

    Pass arguments to get_iam_policy via a request object, either of type Google::Iam::V1::GetIamPolicyRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Iam::V1::GetIamPolicyRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #get_iam_policy(resource: nil, options: nil) ⇒ ::Google::Iam::V1::Policy

    Pass arguments to get_iam_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • resource (::String) (defaults to: nil)

      REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.

    • options (::Google::Iam::V1::GetPolicyOptions, ::Hash) (defaults to: nil)

      OPTIONAL: A GetPolicyOptions object for specifying options to GetIamPolicy.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 2580

def get_iam_policy request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V1::GetIamPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.get_iam_policy.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.get_iam_policy.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.get_iam_policy.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.get_iam_policy request, options do |result, operation|
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_service_perimeter(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeter #get_service_perimeter(name: nil) ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeter

Gets a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::GetServicePerimeterRequest.new

# Call the get_service_perimeter method.
result = client.get_service_perimeter request

# The returned object is of type Google::Identity::AccessContextManager::V1::ServicePerimeter.
p result

Overloads:

  • #get_service_perimeter(request, options = nil) ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeter

    Pass arguments to get_service_perimeter via a request object, either of type GetServicePerimeterRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::GetServicePerimeterRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #get_service_perimeter(name: nil) ⇒ ::Google::Identity::AccessContextManager::V1::ServicePerimeter

    Pass arguments to get_service_perimeter via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. Resource name for the [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter].

      Format: accessPolicies/{policy_id}/servicePerimeters/{service_perimeters_id}

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 1419

def get_service_perimeter request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::GetServicePerimeterRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.get_service_perimeter.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.get_service_perimeter.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.get_service_perimeter.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.get_service_perimeter request, options do |result, operation|
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_access_levels(request, options = nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel> #list_access_levels(parent: nil, page_size: nil, page_token: nil, access_level_format: nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>

Lists all [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] for an access policy.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ListAccessLevelsRequest.new

# Call the list_access_levels method.
result = client.list_access_levels request

# The returned object is of type Gapic::PagedEnumerable. You can iterate
# over elements, and API calls will be issued to fetch pages as needed.
result.each do |item|
  # Each element is of type ::Google::Identity::AccessContextManager::V1::AccessLevel.
  p item
end

Overloads:

  • #list_access_levels(request, options = nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>

    Pass arguments to list_access_levels via a request object, either of type ListAccessLevelsRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::ListAccessLevelsRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #list_access_levels(parent: nil, page_size: nil, page_token: nil, access_level_format: nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessLevel>

    Pass arguments to list_access_levels via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. Resource name for the access policy to list [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] from.

      Format: accessPolicies/{policy_id}

    • page_size (::Integer) (defaults to: nil)

      Number of [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] to include in the list. Default 100.

    • page_token (::String) (defaults to: nil)

      Next page token for the next batch of [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] instances. Defaults to the first page of results.

    • access_level_format (::Google::Identity::AccessContextManager::V1::LevelFormat) (defaults to: nil)

      Whether to return BasicLevels in the Cloud Common Expression language, as CustomLevels, rather than as BasicLevels. Defaults to returning AccessLevels in the format they were defined.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 728

def list_access_levels request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::ListAccessLevelsRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.list_access_levels.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.list_access_levels.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.list_access_levels.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.list_access_levels request, options do |result, operation|
    result = ::Gapic::Rest::PagedEnumerable.new @access_context_manager_stub, :list_access_levels, "access_levels", request, result, options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_access_policies(request, options = nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy> #list_access_policies(parent: nil, page_size: nil, page_token: nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>

Lists all [access policies] [google.identity.accesscontextmanager.v1.AccessPolicy] in an organization.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ListAccessPoliciesRequest.new

# Call the list_access_policies method.
result = client.list_access_policies request

# The returned object is of type Gapic::PagedEnumerable. You can iterate
# over elements, and API calls will be issued to fetch pages as needed.
result.each do |item|
  # Each element is of type ::Google::Identity::AccessContextManager::V1::AccessPolicy.
  p item
end

Overloads:

  • #list_access_policies(request, options = nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>

    Pass arguments to list_access_policies via a request object, either of type ListAccessPoliciesRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::ListAccessPoliciesRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #list_access_policies(parent: nil, page_size: nil, page_token: nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::AccessPolicy>

    Pass arguments to list_access_policies via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. Resource name for the container to list AccessPolicy instances from.

      Format: organizations/{org_id}

    • page_size (::Integer) (defaults to: nil)

      Number of AccessPolicy instances to include in the list. Default 100.

    • page_token (::String) (defaults to: nil)

      Next page token for the next batch of AccessPolicy instances. Defaults to the first page of results.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 240

def list_access_policies request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::ListAccessPoliciesRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.list_access_policies.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.list_access_policies.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.list_access_policies.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.list_access_policies request, options do |result, operation|
    result = ::Gapic::Rest::PagedEnumerable.new @access_context_manager_stub, :list_access_policies, "access_policies", request, result, options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_gcp_user_access_bindings(request, options = nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding> #list_gcp_user_access_bindings(parent: nil, page_size: nil, page_token: nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>

Lists all [GcpUserAccessBindings] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] for a Google Cloud organization.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ListGcpUserAccessBindingsRequest.new

# Call the list_gcp_user_access_bindings method.
result = client.list_gcp_user_access_bindings request

# The returned object is of type Gapic::PagedEnumerable. You can iterate
# over elements, and API calls will be issued to fetch pages as needed.
result.each do |item|
  # Each element is of type ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding.
  p item
end

Overloads:

  • #list_gcp_user_access_bindings(request, options = nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>

    Pass arguments to list_gcp_user_access_bindings via a request object, either of type ListGcpUserAccessBindingsRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::ListGcpUserAccessBindingsRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #list_gcp_user_access_bindings(parent: nil, page_size: nil, page_token: nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding>

    Pass arguments to list_gcp_user_access_bindings via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. Example: "organizations/256"

    • page_size (::Integer) (defaults to: nil)

      Optional. Maximum number of items to return. The server may return fewer items. If left blank, the server may return any number of items.

    • page_token (::String) (defaults to: nil)

      Optional. If left blank, returns the first page. To enumerate all items, use the [next_page_token] [google.identity.accesscontextmanager.v1.ListGcpUserAccessBindingsResponse.next_page_token] from your previous list operation.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 2035

def list_gcp_user_access_bindings request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::ListGcpUserAccessBindingsRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.list_gcp_user_access_bindings.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.list_gcp_user_access_bindings.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.list_gcp_user_access_bindings.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.list_gcp_user_access_bindings request, options do |result, operation|
    result = ::Gapic::Rest::PagedEnumerable.new @access_context_manager_stub, :list_gcp_user_access_bindings, "gcp_user_access_bindings", request, result, options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_service_perimeters(request, options = nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter> #list_service_perimeters(parent: nil, page_size: nil, page_token: nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>

Lists all [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] for an access policy.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ListServicePerimetersRequest.new

# Call the list_service_perimeters method.
result = client.list_service_perimeters request

# The returned object is of type Gapic::PagedEnumerable. You can iterate
# over elements, and API calls will be issued to fetch pages as needed.
result.each do |item|
  # Each element is of type ::Google::Identity::AccessContextManager::V1::ServicePerimeter.
  p item
end

Overloads:

  • #list_service_perimeters(request, options = nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>

    Pass arguments to list_service_perimeters via a request object, either of type ListServicePerimetersRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::ListServicePerimetersRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #list_service_perimeters(parent: nil, page_size: nil, page_token: nil) ⇒ ::Gapic::Rest::PagedEnumerable<::Google::Identity::AccessContextManager::V1::ServicePerimeter>

    Pass arguments to list_service_perimeters via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. Resource name for the access policy to list [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] from.

      Format: accessPolicies/{policy_id}

    • page_size (::Integer) (defaults to: nil)

      Number of [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] to include in the list. Default 100.

    • page_token (::String) (defaults to: nil)

      Next page token for the next batch of [Service Perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] instances. Defaults to the first page of results.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 1334

def list_service_perimeters request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::ListServicePerimetersRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.list_service_perimeters.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.list_service_perimeters.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.list_service_perimeters.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.list_service_perimeters request, options do |result, operation|
    result = ::Gapic::Rest::PagedEnumerable.new @access_context_manager_stub, :list_service_perimeters, "service_perimeters", request, result, options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#replace_access_levels(request, options = nil) ⇒ ::Gapic::Operation #replace_access_levels(parent: nil, access_levels: nil, etag: nil) ⇒ ::Gapic::Operation

Replaces all existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. If the replacement contains errors, an error response is returned for the first error encountered. Upon error, the replacement is cancelled, and existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] are not affected. The Operation.response field contains ReplaceAccessLevelsResponse. Removing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contained in existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] result in an error.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ReplaceAccessLevelsRequest.new

# Call the replace_access_levels method.
result = client.replace_access_levels request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #replace_access_levels(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to replace_access_levels via a request object, either of type ReplaceAccessLevelsRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::ReplaceAccessLevelsRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #replace_access_levels(parent: nil, access_levels: nil, etag: nil) ⇒ ::Gapic::Operation

    Pass arguments to replace_access_levels via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. Resource name for the access policy which owns these [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel].

      Format: accessPolicies/{policy_id}

    • access_levels (::Array<::Google::Identity::AccessContextManager::V1::AccessLevel, ::Hash>) (defaults to: nil)

      Required. The desired [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] that should replace all existing [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel] in the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy].

    • etag (::String) (defaults to: nil)

      Optional. The etag for the version of the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that this replace operation is to be performed on. If, at the time of replace, the etag for the Access Policy stored in Access Context Manager is different from the specified etag, then the replace operation will not be performed and the call will fail. This field is not required. If etag is not provided, the operation will be performed as if a valid etag is provided.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 1237

def replace_access_levels request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::ReplaceAccessLevelsRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.replace_access_levels.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.replace_access_levels.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.replace_access_levels.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.replace_access_levels request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#replace_service_perimeters(request, options = nil) ⇒ ::Gapic::Operation #replace_service_perimeters(parent: nil, service_perimeters: nil, etag: nil) ⇒ ::Gapic::Operation

Replace all existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. Replacements containing errors result in an error response for the first error encountered. Upon an error, replacement are cancelled and existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] are not affected. The Operation.response field contains ReplaceServicePerimetersResponse.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::ReplaceServicePerimetersRequest.new

# Call the replace_service_perimeters method.
result = client.replace_service_perimeters request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #replace_service_perimeters(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to replace_service_perimeters via a request object, either of type ReplaceServicePerimetersRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::ReplaceServicePerimetersRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #replace_service_perimeters(parent: nil, service_perimeters: nil, etag: nil) ⇒ ::Gapic::Operation

    Pass arguments to replace_service_perimeters via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. Resource name for the access policy which owns these [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter].

      Format: accessPolicies/{policy_id}

    • service_perimeters (::Array<::Google::Identity::AccessContextManager::V1::ServicePerimeter, ::Hash>) (defaults to: nil)

      Required. The desired [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] that should replace all existing [Service Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy].

    • etag (::String) (defaults to: nil)

      Optional. The etag for the version of the [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that this replace operation is to be performed on. If, at the time of replace, the etag for the Access Policy stored in Access Context Manager is different from the specified etag, then the replace operation will not be performed and the call will fail. This field is not required. If etag is not provided, the operation will be performed as if a valid etag is provided.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 1828

def replace_service_perimeters request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::ReplaceServicePerimetersRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.replace_service_perimeters.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.replace_service_perimeters.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.replace_service_perimeters.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.replace_service_perimeters request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#set_iam_policy(request, options = nil) ⇒ ::Google::Iam::V1::Policy #set_iam_policy(resource: nil, policy: nil, update_mask: nil) ⇒ ::Google::Iam::V1::Policy

Sets the IAM policy for the specified Access Context Manager access policy. This method replaces the existing IAM policy on the access policy. The IAM policy controls the set of users who can perform specific operations on the Access Context Manager [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Iam::V1::SetIamPolicyRequest.new

# Call the set_iam_policy method.
result = client.set_iam_policy request

# The returned object is of type Google::Iam::V1::Policy.
p result

Overloads:

  • #set_iam_policy(request, options = nil) ⇒ ::Google::Iam::V1::Policy

    Pass arguments to set_iam_policy via a request object, either of type Google::Iam::V1::SetIamPolicyRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Iam::V1::SetIamPolicyRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #set_iam_policy(resource: nil, policy: nil, update_mask: nil) ⇒ ::Google::Iam::V1::Policy

    Pass arguments to set_iam_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • resource (::String) (defaults to: nil)

      REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.

    • policy (::Google::Iam::V1::Policy, ::Hash) (defaults to: nil)

      REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.

    • update_mask (::Google::Protobuf::FieldMask, ::Hash) (defaults to: nil)

      OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used:

      paths: "bindings, etag"

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 2497

def set_iam_policy request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V1::SetIamPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.set_iam_policy.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.set_iam_policy.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.set_iam_policy.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.set_iam_policy request, options do |result, operation|
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#test_iam_permissions(request, options = nil) ⇒ ::Google::Iam::V1::TestIamPermissionsResponse #test_iam_permissions(resource: nil, permissions: nil) ⇒ ::Google::Iam::V1::TestIamPermissionsResponse

Returns the IAM permissions that the caller has on the specified Access Context Manager resource. The resource can be an AccessPolicy, AccessLevel, or [ServicePerimeter][google.identity.accesscontextmanager.v1.ServicePerimeter ]. This method does not support other resources.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Iam::V1::TestIamPermissionsRequest.new

# Call the test_iam_permissions method.
result = client.test_iam_permissions request

# The returned object is of type Google::Iam::V1::TestIamPermissionsResponse.
p result

Overloads:

  • #test_iam_permissions(request, options = nil) ⇒ ::Google::Iam::V1::TestIamPermissionsResponse

    Pass arguments to test_iam_permissions via a request object, either of type Google::Iam::V1::TestIamPermissionsRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Iam::V1::TestIamPermissionsRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #test_iam_permissions(resource: nil, permissions: nil) ⇒ ::Google::Iam::V1::TestIamPermissionsResponse

    Pass arguments to test_iam_permissions via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • resource (::String) (defaults to: nil)

      REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.

    • permissions (::Array<::String>) (defaults to: nil)

      The set of permissions to check for the resource. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 2669

def test_iam_permissions request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V1::TestIamPermissionsRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.test_iam_permissions.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.test_iam_permissions.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.test_iam_permissions.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.test_iam_permissions request, options do |result, operation|
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#universe_domainString

The effective universe domain

Returns:

  • (String) 


115
116
117
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 115

def universe_domain
  @access_context_manager_stub.universe_domain
end

#update_access_level(request, options = nil) ⇒ ::Gapic::Operation #update_access_level(access_level: nil, update_mask: nil) ⇒ ::Gapic::Operation

Updates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the changes to the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagate to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::UpdateAccessLevelRequest.new

# Call the update_access_level method.
result = client.update_access_level request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #update_access_level(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to update_access_level via a request object, either of type UpdateAccessLevelRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::UpdateAccessLevelRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #update_access_level(access_level: nil, update_mask: nil) ⇒ ::Gapic::Operation

    Pass arguments to update_access_level via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • access_level (::Google::Identity::AccessContextManager::V1::AccessLevel, ::Hash) (defaults to: nil)

      Required. The updated [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel]. Syntactic correctness of the [Access Level] [google.identity.accesscontextmanager.v1.AccessLevel] is a precondition for creation.

    • update_mask (::Google::Protobuf::FieldMask, ::Hash) (defaults to: nil)

      Required. Mask to control which fields get updated. Must be non-empty.

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 1021

def update_access_level request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::UpdateAccessLevelRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.update_access_level.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.update_access_level.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.update_access_level.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.update_access_level request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#update_access_policy(request, options = nil) ⇒ ::Gapic::Operation #update_access_policy(policy: nil, update_mask: nil) ⇒ ::Gapic::Operation

Updates an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy]. The long-running operation from this RPC has a successful status after the changes to the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] propagate to long-lasting storage.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::UpdateAccessPolicyRequest.new

# Call the update_access_policy method.
result = client.update_access_policy request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #update_access_policy(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to update_access_policy via a request object, either of type UpdateAccessPolicyRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::UpdateAccessPolicyRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #update_access_policy(policy: nil, update_mask: nil) ⇒ ::Gapic::Operation

    Pass arguments to update_access_policy via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 535

def update_access_policy request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::UpdateAccessPolicyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.update_access_policy.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.update_access_policy.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.update_access_policy.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.update_access_policy request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#update_gcp_user_access_binding(request, options = nil) ⇒ ::Gapic::Operation #update_gcp_user_access_binding(gcp_user_access_binding: nil, update_mask: nil) ⇒ ::Gapic::Operation

Updates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the changed binding is deployed onto all affected users, which may take more time.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::UpdateGcpUserAccessBindingRequest.new

# Call the update_gcp_user_access_binding method.
result = client.update_gcp_user_access_binding request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #update_gcp_user_access_binding(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to update_gcp_user_access_binding via a request object, either of type UpdateGcpUserAccessBindingRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::UpdateGcpUserAccessBindingRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #update_gcp_user_access_binding(gcp_user_access_binding: nil, update_mask: nil) ⇒ ::Gapic::Operation

    Pass arguments to update_gcp_user_access_binding via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • gcp_user_access_binding (::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding, ::Hash) (defaults to: nil)

      Required. [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]

    • update_mask (::Google::Protobuf::FieldMask, ::Hash) (defaults to: nil)

      Required. Only the fields specified in this mask are updated. Because name and group_key cannot be changed, update_mask is required and must always be:

      update_mask { paths: "access_levels" }

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 2311

def update_gcp_user_access_binding request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::UpdateGcpUserAccessBindingRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.update_gcp_user_access_binding.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.update_gcp_user_access_binding.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.update_gcp_user_access_binding.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.update_gcp_user_access_binding request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end

#update_service_perimeter(request, options = nil) ⇒ ::Gapic::Operation #update_service_perimeter(service_perimeter: nil, update_mask: nil) ⇒ ::Gapic::Operation

Updates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.

Examples:

Basic example

require "google/identity/access_context_manager/v1"

# Create a client object. The client can be reused for multiple calls.
client = Google::Identity::AccessContextManager::V1::AccessContextManager::Rest::Client.new

# Create a request. To set request fields, pass in keyword arguments.
request = Google::Identity::AccessContextManager::V1::UpdateServicePerimeterRequest.new

# Call the update_service_perimeter method.
result = client.update_service_perimeter request

# The returned object is of type Gapic::Operation. You can use it to
# check the status of an operation, cancel it, or wait for results.
# Here is how to wait for a response.
result.wait_until_done! timeout: 60
if result.response?
  p result.response
else
  puts "No response received."
end

Overloads:

  • #update_service_perimeter(request, options = nil) ⇒ ::Gapic::Operation

    Pass arguments to update_service_perimeter via a request object, either of type UpdateServicePerimeterRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Identity::AccessContextManager::V1::UpdateServicePerimeterRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries etc. Optional.

  • #update_service_perimeter(service_perimeter: nil, update_mask: nil) ⇒ ::Gapic::Operation

    Pass arguments to update_service_perimeter via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

Yields:

  • (result, operation)

    Access the result along with the TransportOperation object

Yield Parameters:

  • result (::Gapic::Operation)
  • operation (::Gapic::Rest::TransportOperation)

Returns:

  • (::Gapic::Operation)

Raises:

  • (::Google::Cloud::Error)

    if the REST call is aborted.



1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
 
# File 'lib/google/identity/access_context_manager/v1/access_context_manager/rest/client.rb', line 1616

def update_service_perimeter request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Identity::AccessContextManager::V1::UpdateServicePerimeterRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
  call_metadata = @config.rpcs.update_service_perimeter.metadata.to_h

  # Set x-goog-api-client and x-goog-user-project headers
  call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Identity::AccessContextManager::V1::VERSION,
    transports_version_send: [:rest]

  call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  options.apply_defaults timeout:      @config.rpcs.update_service_perimeter.timeout,
                         metadata:     call_metadata,
                         retry_policy: @config.rpcs.update_service_perimeter.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.metadata,
                         retry_policy: @config.retry_policy

  @access_context_manager_stub.update_service_perimeter request, options do |result, operation|
    result = ::Gapic::Operation.new result, @operations_client, options: options
    yield result, operation if block_given?
    return result
  end
rescue ::Gapic::Rest::Error => e
  raise ::Google::Cloud::Error.from_error(e)
end