Class: Google::Apis::IamV1::IamService

Inherits:
Core::BaseService show all
Defined in:
generated/google/apis/iam_v1/service.rb

Overview

Identity and Access Management (IAM) API

Manages identity and access control for Google Cloud Platform resources, including the creation of service accounts, which you can use to authenticate to Google and make API calls.

Examples:

require 'google/apis/iam_v1'

Iam = Google::Apis::IamV1 # Alias the module
service = Iam::IamService.new

See Also:

Instance Attribute Summary collapse

Attributes inherited from Core::BaseService

#authorization, #base_path, #batch_path, #client, #client_options, #request_options, #root_url, #upload_path

Instance Method Summary collapse

Methods inherited from Core::BaseService

#batch, #batch_upload, #fetch_all, #http

Methods included from Core::Logging

#logger

Constructor Details

#initializeIamService

Returns a new instance of IamService


47
48
49
50
# File 'generated/google/apis/iam_v1/service.rb', line 47

def initialize
  super('https://iam.googleapis.com/', '')
  @batch_path = 'batch'
end

Instance Attribute Details

#keyString

Returns API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.

Returns:

  • (String)

    API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.


40
41
42
# File 'generated/google/apis/iam_v1/service.rb', line 40

def key
  @key
end

#quota_userString

Returns Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

Returns:

  • (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.


45
46
47
# File 'generated/google/apis/iam_v1/service.rb', line 45

def quota_user
  @quota_user
end

Instance Method Details

#create_organization_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Creates a new Role.

Parameters:

  • parent (String)

    The resource name of the parent resource in one of the following formats: organizations/ORGANIZATION_ID `projects/`PROJECT_ID

  • create_role_request_object (Google::Apis::IamV1::CreateRoleRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


155
156
157
158
159
160
161
162
163
164
165
# File 'generated/google/apis/iam_v1/service.rb', line 155

def create_organization_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+parent}/roles', options)
  command.request_representation = Google::Apis::IamV1::CreateRoleRequest::Representation
  command.request_object = create_role_request_object
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['parent'] = parent unless parent.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#create_project_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Creates a new Role.

Parameters:

  • parent (String)

    The resource name of the parent resource in one of the following formats: organizations/ORGANIZATION_ID `projects/`PROJECT_ID

  • create_role_request_object (Google::Apis::IamV1::CreateRoleRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


414
415
416
417
418
419
420
421
422
423
424
# File 'generated/google/apis/iam_v1/service.rb', line 414

def create_project_role(parent, create_role_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+parent}/roles', options)
  command.request_representation = Google::Apis::IamV1::CreateRoleRequest::Representation
  command.request_object = create_role_request_object
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['parent'] = parent unless parent.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#create_service_account(name, create_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount

Creates a ServiceAccount and returns it.

Parameters:

  • name (String)

    Required. The resource name of the project associated with the service accounts, such as projects/my-project-123.

  • create_service_account_request_object (Google::Apis::IamV1::CreateServiceAccountRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


642
643
644
645
646
647
648
649
650
651
652
# File 'generated/google/apis/iam_v1/service.rb', line 642

def (name,  = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+name}/serviceAccounts', options)
  command.request_representation = Google::Apis::IamV1::CreateServiceAccountRequest::Representation
  command.request_object = 
  command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccount
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#create_service_account_key(name, create_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccountKey

Creates a ServiceAccountKey and returns it.

Parameters:

  • name (String)

    The resource name of the service account in the following format: projects/PROJECT_ID/serviceAccounts/ACCOUNT`. Using-as a wildcard for thePROJECT_IDwill infer the project from the account. TheACCOUNTvalue can be theemailaddress or the unique_id` of the service account.

  • create_service_account_key_request_object (Google::Apis::IamV1::CreateServiceAccountKeyRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
# File 'generated/google/apis/iam_v1/service.rb', line 1054

def (name,  = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+name}/keys', options)
  command.request_representation = Google::Apis::IamV1::CreateServiceAccountKeyRequest::Representation
  command.request_object = 
  command.response_representation = Google::Apis::IamV1::ServiceAccountKey::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccountKey
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_organization_role(name, etag: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Soft deletes a role. The role is suspended and cannot be used to create new IAM Policy Bindings. The Role will not be included in ListRoles() unless show_deleted is set in the ListRolesRequest. The Role contains the deleted boolean set. Existing Bindings remains, but are inactive. The Role can be undeleted within 7 days. After 7 days the Role is deleted and all Bindings associated with the role are removed.

Parameters:

  • name (String)

    The resource name of the role in one of the following formats: organizations/ORGANIZATION_ID/roles/ROLE_NAME `projects/`PROJECT_ID`/roles/`ROLE_NAME

  • etag (String)

    Used to perform a consistent read-modify-write.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


197
198
199
200
201
202
203
204
205
206
# File 'generated/google/apis/iam_v1/service.rb', line 197

def delete_organization_role(name, etag: nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['etag'] = etag unless etag.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_project_role(name, etag: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Soft deletes a role. The role is suspended and cannot be used to create new IAM Policy Bindings. The Role will not be included in ListRoles() unless show_deleted is set in the ListRolesRequest. The Role contains the deleted boolean set. Existing Bindings remains, but are inactive. The Role can be undeleted within 7 days. After 7 days the Role is deleted and all Bindings associated with the role are removed.

Parameters:

  • name (String)

    The resource name of the role in one of the following formats: organizations/ORGANIZATION_ID/roles/ROLE_NAME `projects/`PROJECT_ID`/roles/`ROLE_NAME

  • etag (String)

    Used to perform a consistent read-modify-write.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


456
457
458
459
460
461
462
463
464
465
# File 'generated/google/apis/iam_v1/service.rb', line 456

def delete_project_role(name, etag: nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['etag'] = etag unless etag.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_project_service_account(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty

Deletes a ServiceAccount.

Parameters:

  • name (String)

    The resource name of the service account in the following format: projects/PROJECT_ID/serviceAccounts/ACCOUNT`. Using-as a wildcard for thePROJECT_IDwill infer the project from the account. TheACCOUNTvalue can be theemailaddress or the unique_id` of the service account.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


678
679
680
681
682
683
684
685
686
# File 'generated/google/apis/iam_v1/service.rb', line 678

def (name, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Empty::Representation
  command.response_class = Google::Apis::IamV1::Empty
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_project_service_account_key(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Empty

Deletes a ServiceAccountKey.

Parameters:

  • name (String)

    The resource name of the service account key in the following format: projects/PROJECT_ID/serviceAccounts/ACCOUNT/keys/key`. Using-as a wildcard for thePROJECT_IDwill infer the project from the account. TheACCOUNTvalue can be theemailaddress or the unique_id` of the service account.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


1090
1091
1092
1093
1094
1095
1096
1097
1098
# File 'generated/google/apis/iam_v1/service.rb', line 1090

def (name, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Empty::Representation
  command.response_class = Google::Apis::IamV1::Empty
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_organization_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Gets a Role definition.

Parameters:

  • name (String)

    The resource name of the role in one of the following formats: roles/ROLE_NAME `organizations/`ORGANIZATION_ID`/roles/`ROLE_NAME projects/PROJECT_ID/roles/ROLE_NAME``

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


231
232
233
234
235
236
237
238
239
# File 'generated/google/apis/iam_v1/service.rb', line 231

def get_organization_role(name, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Gets a Role definition.

Parameters:

  • name (String)

    The resource name of the role in one of the following formats: roles/ROLE_NAME `organizations/`ORGANIZATION_ID`/roles/`ROLE_NAME projects/PROJECT_ID/roles/ROLE_NAME``

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


490
491
492
493
494
495
496
497
498
# File 'generated/google/apis/iam_v1/service.rb', line 490

def get_project_role(name, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_service_account(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount

Gets a ServiceAccount.

Parameters:

  • name (String)

    The resource name of the service account in the following format: projects/PROJECT_ID/serviceAccounts/ACCOUNT`. Using-as a wildcard for thePROJECT_IDwill infer the project from the account. TheACCOUNTvalue can be theemailaddress or the unique_id` of the service account.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


712
713
714
715
716
717
718
719
720
# File 'generated/google/apis/iam_v1/service.rb', line 712

def (name, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccount
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_service_account_iam_policy(resource, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Policy

Returns the IAM access control policy for a ServiceAccount.

Parameters:

  • resource (String)

    REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


744
745
746
747
748
749
750
751
752
# File 'generated/google/apis/iam_v1/service.rb', line 744

def (resource, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+resource}:getIamPolicy', options)
  command.response_representation = Google::Apis::IamV1::Policy::Representation
  command.response_class = Google::Apis::IamV1::Policy
  command.params['resource'] = resource unless resource.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_project_service_account_key(name, public_key_type: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccountKey

Gets the ServiceAccountKey by key id.

Parameters:

  • name (String)

    The resource name of the service account key in the following format: projects/PROJECT_ID/serviceAccounts/ACCOUNT/keys/key`. Using-as a wildcard for thePROJECT_IDwill infer the project from the account. TheACCOUNTvalue can be theemailaddress or the unique_id` of the service account.

  • public_key_type (String)

    The output format of the public key requested. X509_PEM is the default output format.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
# File 'generated/google/apis/iam_v1/service.rb', line 1128

def (name, public_key_type: nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::ServiceAccountKey::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccountKey
  command.params['name'] = name unless name.nil?
  command.query['publicKeyType'] = public_key_type unless public_key_type.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_role(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Gets a Role definition.

Parameters:

  • name (String)

    The resource name of the role in one of the following formats: roles/ROLE_NAME `organizations/`ORGANIZATION_ID`/roles/`ROLE_NAME projects/PROJECT_ID/roles/ROLE_NAME``

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


1201
1202
1203
1204
1205
1206
1207
1208
1209
# File 'generated/google/apis/iam_v1/service.rb', line 1201

def get_role(name, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#lint_iam_policy_policy(lint_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::LintPolicyResponse

Lints a Cloud IAM policy object or its sub fields. Currently supports google.iam.v1.Policy, google.iam.v1.Binding and google.iam.v1.Binding.condition. Each lint operation consists of multiple lint validation units. Validation units have the following properties:

  • Each unit inspects the input object in regard to a particular linting aspect and issues a google.iam.admin.v1.LintResult disclosing the result.
  • Domain of discourse of each unit can be either google.iam.v1.Policy, google.iam.v1.Binding, or google.iam.v1.Binding.condition depending on the purpose of the validation.
  • A unit may require additional data (like the list of all possible enumerable values of a particular attribute used in the policy instance) which shall be provided by the caller. Refer to the comments of google.iam.admin.v1.LintPolicyRequest.context for more details. The set of applicable validation units is determined by the Cloud IAM server and is not configurable. Regardless of any lint issues or their severities, successful calls to lintPolicy return an HTTP 200 OK status code.

Parameters:

  • lint_policy_request_object (Google::Apis::IamV1::LintPolicyRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


90
91
92
93
94
95
96
97
98
99
# File 'generated/google/apis/iam_v1/service.rb', line 90

def lint_iam_policy_policy(lint_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/iamPolicies:lintPolicy', options)
  command.request_representation = Google::Apis::IamV1::LintPolicyRequest::Representation
  command.request_object = lint_policy_request_object
  command.response_representation = Google::Apis::IamV1::LintPolicyResponse::Representation
  command.response_class = Google::Apis::IamV1::LintPolicyResponse
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_organization_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse

Lists the Roles defined on a resource.

Parameters:

  • parent (String)

    The resource name of the parent resource in one of the following formats: (empty string) -- this refers to curated roles. `organizations/`ORGANIZATION_ID projects/PROJECT_ID``

  • page_size (Fixnum)

    Optional limit on the number of roles to include in the response.

  • page_token (String)

    Optional pagination token returned in an earlier ListRolesResponse.

  • show_deleted (Boolean)

    Include Roles that have been deleted.

  • view (String)

    Optional view for the returned Role objects.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


272
273
274
275
276
277
278
279
280
281
282
283
284
# File 'generated/google/apis/iam_v1/service.rb', line 272

def list_organization_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:get, 'v1/{+parent}/roles', options)
  command.response_representation = Google::Apis::IamV1::ListRolesResponse::Representation
  command.response_class = Google::Apis::IamV1::ListRolesResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['showDeleted'] = show_deleted unless show_deleted.nil?
  command.query['view'] = view unless view.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_project_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse

Lists the Roles defined on a resource.

Parameters:

  • parent (String)

    The resource name of the parent resource in one of the following formats: (empty string) -- this refers to curated roles. `organizations/`ORGANIZATION_ID projects/PROJECT_ID``

  • page_size (Fixnum)

    Optional limit on the number of roles to include in the response.

  • page_token (String)

    Optional pagination token returned in an earlier ListRolesResponse.

  • show_deleted (Boolean)

    Include Roles that have been deleted.

  • view (String)

    Optional view for the returned Role objects.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


531
532
533
534
535
536
537
538
539
540
541
542
543
# File 'generated/google/apis/iam_v1/service.rb', line 531

def list_project_roles(parent, page_size: nil, page_token: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:get, 'v1/{+parent}/roles', options)
  command.response_representation = Google::Apis::IamV1::ListRolesResponse::Representation
  command.response_class = Google::Apis::IamV1::ListRolesResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['showDeleted'] = show_deleted unless show_deleted.nil?
  command.query['view'] = view unless view.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_project_service_account_keys(name, key_types: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListServiceAccountKeysResponse

Lists ServiceAccountKeys.

Parameters:

  • name (String)

    The resource name of the service account in the following format: projects/PROJECT_ID/serviceAccounts/ACCOUNT`. Using-as a wildcard for thePROJECT_ID, will infer the project from the account. TheACCOUNTvalue can be theemailaddress or the unique_id` of the service account.

  • key_types (Array<String>, String)

    Filters the types of keys the user wants to include in the list response. Duplicate key types are not allowed. If no key type is provided, all keys are returned.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
# File 'generated/google/apis/iam_v1/service.rb', line 1167

def (name, key_types: nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:get, 'v1/{+name}/keys', options)
  command.response_representation = Google::Apis::IamV1::ListServiceAccountKeysResponse::Representation
  command.response_class = Google::Apis::IamV1::ListServiceAccountKeysResponse
  command.params['name'] = name unless name.nil?
  command.query['keyTypes'] = key_types unless key_types.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_project_service_accounts(name, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListServiceAccountsResponse

Lists ServiceAccounts for a project.

Parameters:

  • name (String)

    Required. The resource name of the project associated with the service accounts, such as projects/my-project-123.

  • page_size (Fixnum)

    Optional limit on the number of service accounts to include in the response. Further accounts can subsequently be obtained by including the ListServiceAccountsResponse.next_page_token in a subsequent request.

  • page_token (String)

    Optional pagination token returned in an earlier ListServiceAccountsResponse.next_page_token.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


783
784
785
786
787
788
789
790
791
792
793
# File 'generated/google/apis/iam_v1/service.rb', line 783

def list_project_service_accounts(name, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:get, 'v1/{+name}/serviceAccounts', options)
  command.response_representation = Google::Apis::IamV1::ListServiceAccountsResponse::Representation
  command.response_class = Google::Apis::IamV1::ListServiceAccountsResponse
  command.params['name'] = name unless name.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_roles(page_size: nil, page_token: nil, parent: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ListRolesResponse

Lists the Roles defined on a resource.

Parameters:

  • page_size (Fixnum)

    Optional limit on the number of roles to include in the response.

  • page_token (String)

    Optional pagination token returned in an earlier ListRolesResponse.

  • parent (String)

    The resource name of the parent resource in one of the following formats: (empty string) -- this refers to curated roles. `organizations/`ORGANIZATION_ID projects/PROJECT_ID``

  • show_deleted (Boolean)

    Include Roles that have been deleted.

  • view (String)

    Optional view for the returned Role objects.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
# File 'generated/google/apis/iam_v1/service.rb', line 1242

def list_roles(page_size: nil, page_token: nil, parent: nil, show_deleted: nil, view: nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:get, 'v1/roles', options)
  command.response_representation = Google::Apis::IamV1::ListRolesResponse::Representation
  command.response_class = Google::Apis::IamV1::ListRolesResponse
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['parent'] = parent unless parent.nil?
  command.query['showDeleted'] = show_deleted unless show_deleted.nil?
  command.query['view'] = view unless view.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#patch_organization_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Updates a Role definition.

Parameters:

  • name (String)

    The resource name of the role in one of the following formats: roles/ROLE_NAME `organizations/`ORGANIZATION_ID`/roles/`ROLE_NAME projects/PROJECT_ID/roles/ROLE_NAME``

  • role_object (Google::Apis::IamV1::Role) (defaults to: nil)
  • update_mask (String)

    A mask describing which fields in the Role have changed.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


312
313
314
315
316
317
318
319
320
321
322
323
# File 'generated/google/apis/iam_v1/service.rb', line 312

def patch_organization_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::IamV1::Role::Representation
  command.request_object = role_object
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['updateMask'] = update_mask unless update_mask.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#patch_project_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Updates a Role definition.

Parameters:

  • name (String)

    The resource name of the role in one of the following formats: roles/ROLE_NAME `organizations/`ORGANIZATION_ID`/roles/`ROLE_NAME projects/PROJECT_ID/roles/ROLE_NAME``

  • role_object (Google::Apis::IamV1::Role) (defaults to: nil)
  • update_mask (String)

    A mask describing which fields in the Role have changed.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


571
572
573
574
575
576
577
578
579
580
581
582
# File 'generated/google/apis/iam_v1/service.rb', line 571

def patch_project_role(name, role_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::IamV1::Role::Representation
  command.request_object = role_object
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['updateMask'] = update_mask unless update_mask.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#patch_service_account(name, patch_service_account_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount

Patches a ServiceAccount. Currently, only the following fields are updatable: display_name and description. Only fields specified in the request are garaunteed to be returned in the response. Other fields in the response may be empty. Note: The field mask is required.

Parameters:

  • name (String)

    The resource name of the service account in the following format: projects/PROJECT_ID/serviceAccounts/ACCOUNT. Requests using `-` as a wildcard for the `PROJECT_ID` will infer the project from the `account` and the `ACCOUNT` value can be the `email` address or the `unique_id` of the service account. In responses the resource name will always be in the format `projects/`PROJECT_ID`/serviceAccounts/`ACCOUNT.

  • patch_service_account_request_object (Google::Apis::IamV1::PatchServiceAccountRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


827
828
829
830
831
832
833
834
835
836
837
# File 'generated/google/apis/iam_v1/service.rb', line 827

def (name,  = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::IamV1::PatchServiceAccountRequest::Representation
  command.request_object = 
  command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccount
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#query_grantable_roles(query_grantable_roles_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryGrantableRolesResponse

Queries roles that can be granted on a particular resource. A role is grantable if it can be used as the role in a binding for a policy for that resource.

Parameters:

  • query_grantable_roles_request_object (Google::Apis::IamV1::QueryGrantableRolesRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
# File 'generated/google/apis/iam_v1/service.rb', line 1277

def query_grantable_roles(query_grantable_roles_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/roles:queryGrantableRoles', options)
  command.request_representation = Google::Apis::IamV1::QueryGrantableRolesRequest::Representation
  command.request_object = query_grantable_roles_request_object
  command.response_representation = Google::Apis::IamV1::QueryGrantableRolesResponse::Representation
  command.response_class = Google::Apis::IamV1::QueryGrantableRolesResponse
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#query_iam_policy_auditable_services(query_auditable_services_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryAuditableServicesResponse

Returns a list of services that support service level audit logging configuration for the given resource.

Parameters:

  • query_auditable_services_request_object (Google::Apis::IamV1::QueryAuditableServicesRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


121
122
123
124
125
126
127
128
129
130
# File 'generated/google/apis/iam_v1/service.rb', line 121

def query_iam_policy_auditable_services(query_auditable_services_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/iamPolicies:queryAuditableServices', options)
  command.request_representation = Google::Apis::IamV1::QueryAuditableServicesRequest::Representation
  command.request_object = query_auditable_services_request_object
  command.response_representation = Google::Apis::IamV1::QueryAuditableServicesResponse::Representation
  command.response_class = Google::Apis::IamV1::QueryAuditableServicesResponse
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#query_testable_permissions(query_testable_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::QueryTestablePermissionsResponse

Lists the permissions testable on a resource. A permission is testable if it can be tested for an identity on a resource.

Parameters:

  • query_testable_permissions_request_object (Google::Apis::IamV1::QueryTestablePermissionsRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


380
381
382
383
384
385
386
387
388
389
# File 'generated/google/apis/iam_v1/service.rb', line 380

def query_testable_permissions(query_testable_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/permissions:queryTestablePermissions', options)
  command.request_representation = Google::Apis::IamV1::QueryTestablePermissionsRequest::Representation
  command.request_object = query_testable_permissions_request_object
  command.response_representation = Google::Apis::IamV1::QueryTestablePermissionsResponse::Representation
  command.response_class = Google::Apis::IamV1::QueryTestablePermissionsResponse
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#set_service_account_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Policy

Sets the IAM access control policy for a ServiceAccount.

Parameters:

  • resource (String)

    REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.

  • set_iam_policy_request_object (Google::Apis::IamV1::SetIamPolicyRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


862
863
864
865
866
867
868
869
870
871
872
# File 'generated/google/apis/iam_v1/service.rb', line 862

def (resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options)
  command.request_representation = Google::Apis::IamV1::SetIamPolicyRequest::Representation
  command.request_object = set_iam_policy_request_object
  command.response_representation = Google::Apis::IamV1::Policy::Representation
  command.response_class = Google::Apis::IamV1::Policy
  command.params['resource'] = resource unless resource.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#sign_service_account_blob(name, sign_blob_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::SignBlobResponse

Signs a blob using a service account's system-managed private key.

Parameters:

  • name (String)

    The resource name of the service account in the following format: projects/PROJECT_ID/serviceAccounts/ACCOUNT`. Using-as a wildcard for thePROJECT_IDwill infer the project from the account. TheACCOUNTvalue can be theemailaddress or the unique_id` of the service account.

  • sign_blob_request_object (Google::Apis::IamV1::SignBlobRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


899
900
901
902
903
904
905
906
907
908
909
# File 'generated/google/apis/iam_v1/service.rb', line 899

def (name, sign_blob_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+name}:signBlob', options)
  command.request_representation = Google::Apis::IamV1::SignBlobRequest::Representation
  command.request_object = sign_blob_request_object
  command.response_representation = Google::Apis::IamV1::SignBlobResponse::Representation
  command.response_class = Google::Apis::IamV1::SignBlobResponse
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#sign_service_account_jwt(name, sign_jwt_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::SignJwtResponse

Signs a JWT using a service account's system-managed private key. If no expiry time (exp) is provided in the SignJwtRequest, IAM sets an an expiry time of one hour by default. If you request an expiry time of more than one hour, the request will fail.

Parameters:

  • name (String)

    The resource name of the service account in the following format: projects/PROJECT_ID/serviceAccounts/ACCOUNT`. Using-as a wildcard for thePROJECT_IDwill infer the project from the account. TheACCOUNTvalue can be theemailaddress or the unique_id` of the service account.

  • sign_jwt_request_object (Google::Apis::IamV1::SignJwtRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


939
940
941
942
943
944
945
946
947
948
949
# File 'generated/google/apis/iam_v1/service.rb', line 939

def (name, sign_jwt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+name}:signJwt', options)
  command.request_representation = Google::Apis::IamV1::SignJwtRequest::Representation
  command.request_object = sign_jwt_request_object
  command.response_representation = Google::Apis::IamV1::SignJwtResponse::Representation
  command.response_class = Google::Apis::IamV1::SignJwtResponse
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#test_service_account_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::TestIamPermissionsResponse

Tests the specified permissions against the IAM access control policy for a ServiceAccount.

Parameters:

  • resource (String)

    REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.

  • test_iam_permissions_request_object (Google::Apis::IamV1::TestIamPermissionsRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


974
975
976
977
978
979
980
981
982
983
984
# File 'generated/google/apis/iam_v1/service.rb', line 974

def (resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options)
  command.request_representation = Google::Apis::IamV1::TestIamPermissionsRequest::Representation
  command.request_object = test_iam_permissions_request_object
  command.response_representation = Google::Apis::IamV1::TestIamPermissionsResponse::Representation
  command.response_class = Google::Apis::IamV1::TestIamPermissionsResponse
  command.params['resource'] = resource unless resource.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#undelete_organization_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Undelete a Role, bringing it back in its previous state.

Parameters:

  • name (String)

    The resource name of the role in one of the following formats: organizations/ORGANIZATION_ID/roles/ROLE_NAME `projects/`PROJECT_ID`/roles/`ROLE_NAME

  • undelete_role_request_object (Google::Apis::IamV1::UndeleteRoleRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


348
349
350
351
352
353
354
355
356
357
358
# File 'generated/google/apis/iam_v1/service.rb', line 348

def undelete_organization_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+name}:undelete', options)
  command.request_representation = Google::Apis::IamV1::UndeleteRoleRequest::Representation
  command.request_object = undelete_role_request_object
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#undelete_project_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::Role

Undelete a Role, bringing it back in its previous state.

Parameters:

  • name (String)

    The resource name of the role in one of the following formats: organizations/ORGANIZATION_ID/roles/ROLE_NAME `projects/`PROJECT_ID`/roles/`ROLE_NAME

  • undelete_role_request_object (Google::Apis::IamV1::UndeleteRoleRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


607
608
609
610
611
612
613
614
615
616
617
# File 'generated/google/apis/iam_v1/service.rb', line 607

def undelete_project_role(name, undelete_role_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:post, 'v1/{+name}:undelete', options)
  command.request_representation = Google::Apis::IamV1::UndeleteRoleRequest::Representation
  command.request_object = undelete_role_request_object
  command.response_representation = Google::Apis::IamV1::Role::Representation
  command.response_class = Google::Apis::IamV1::Role
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#update_project_service_account(name, service_account_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::IamV1::ServiceAccount

Updates a ServiceAccount. Currently, only the following fields are updatable: display_name . The etag is mandatory.

Parameters:

  • name (String)

    The resource name of the service account in the following format: projects/PROJECT_ID/serviceAccounts/ACCOUNT. Requests using `-` as a wildcard for the `PROJECT_ID` will infer the project from the `account` and the `ACCOUNT` value can be the `email` address or the `unique_id` of the service account. In responses the resource name will always be in the format `projects/`PROJECT_ID`/serviceAccounts/`ACCOUNT.

  • service_account_object (Google::Apis::IamV1::ServiceAccount) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:


1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
# File 'generated/google/apis/iam_v1/service.rb', line 1016

def (name,  = nil, fields: nil, quota_user: nil, options: nil, &block)
  command =  make_simple_command(:put, 'v1/{+name}', options)
  command.request_representation = Google::Apis::IamV1::ServiceAccount::Representation
  command.request_object = 
  command.response_representation = Google::Apis::IamV1::ServiceAccount::Representation
  command.response_class = Google::Apis::IamV1::ServiceAccount
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end