-
Notifications
You must be signed in to change notification settings - Fork 1.1k
/
servicecontrol-gen.go
1612 lines (1409 loc) · 70.6 KB
/
servicecontrol-gen.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
// Copyright 2021 Google LLC.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// Code generated file. DO NOT EDIT.
// Package servicecontrol provides access to the Service Control API.
//
// For product documentation, see: https://cloud.google.com/service-control/
//
// Creating a client
//
// Usage example:
//
// import "google.golang.org/api/servicecontrol/v2"
// ...
// ctx := context.Background()
// servicecontrolService, err := servicecontrol.NewService(ctx)
//
// In this example, Google Application Default Credentials are used for authentication.
//
// For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.
//
// Other authentication options
//
// By default, all available scopes (see "Constants") are used to authenticate. To restrict scopes, use option.WithScopes:
//
// servicecontrolService, err := servicecontrol.NewService(ctx, option.WithScopes(servicecontrol.ServicecontrolScope))
//
// To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey:
//
// servicecontrolService, err := servicecontrol.NewService(ctx, option.WithAPIKey("AIza..."))
//
// To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource:
//
// config := &oauth2.Config{...}
// // ...
// token, err := config.Exchange(ctx, ...)
// servicecontrolService, err := servicecontrol.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))
//
// See https://godoc.org/google.golang.org/api/option/ for details on options.
package servicecontrol // import "google.golang.org/api/servicecontrol/v2"
import (
"bytes"
"context"
"encoding/json"
"errors"
"fmt"
"io"
"net/http"
"net/url"
"strconv"
"strings"
googleapi "google.golang.org/api/googleapi"
gensupport "google.golang.org/api/internal/gensupport"
option "google.golang.org/api/option"
internaloption "google.golang.org/api/option/internaloption"
htransport "google.golang.org/api/transport/http"
)
// Always reference these packages, just in case the auto-generated code
// below doesn't.
var _ = bytes.NewBuffer
var _ = strconv.Itoa
var _ = fmt.Sprintf
var _ = json.NewDecoder
var _ = io.Copy
var _ = url.Parse
var _ = gensupport.MarshalJSON
var _ = googleapi.Version
var _ = errors.New
var _ = strings.Replace
var _ = context.Canceled
var _ = internaloption.WithDefaultEndpoint
const apiId = "servicecontrol:v2"
const apiName = "servicecontrol"
const apiVersion = "v2"
const basePath = "https://servicecontrol.googleapis.com/"
const mtlsBasePath = "https://servicecontrol.mtls.googleapis.com/"
// OAuth2 scopes used by this API.
const (
// See, edit, configure, and delete your Google Cloud data and see the
// email address for your Google Account.
CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
// Manage your Google Service Control data
ServicecontrolScope = "https://www.googleapis.com/auth/servicecontrol"
)
// NewService creates a new Service.
func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) {
scopesOption := option.WithScopes(
"https://www.googleapis.com/auth/cloud-platform",
"https://www.googleapis.com/auth/servicecontrol",
)
// NOTE: prepend, so we don't override user-specified scopes.
opts = append([]option.ClientOption{scopesOption}, opts...)
opts = append(opts, internaloption.WithDefaultEndpoint(basePath))
opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath))
client, endpoint, err := htransport.NewClient(ctx, opts...)
if err != nil {
return nil, err
}
s, err := New(client)
if err != nil {
return nil, err
}
if endpoint != "" {
s.BasePath = endpoint
}
return s, nil
}
// New creates a new Service. It uses the provided http.Client for requests.
//
// Deprecated: please use NewService instead.
// To provide a custom HTTP client, use option.WithHTTPClient.
// If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.
func New(client *http.Client) (*Service, error) {
if client == nil {
return nil, errors.New("client is nil")
}
s := &Service{client: client, BasePath: basePath}
s.Services = NewServicesService(s)
return s, nil
}
type Service struct {
client *http.Client
BasePath string // API endpoint base URL
UserAgent string // optional additional User-Agent fragment
Services *ServicesService
}
func (s *Service) userAgent() string {
if s.UserAgent == "" {
return googleapi.UserAgent
}
return googleapi.UserAgent + " " + s.UserAgent
}
func NewServicesService(s *Service) *ServicesService {
rs := &ServicesService{s: s}
return rs
}
type ServicesService struct {
s *Service
}
// Api: This message defines attributes associated with API operations,
// such as a network API request. The terminology is based on the
// conventions used by Google APIs, Istio, and OpenAPI.
type Api struct {
// Operation: The API operation name. For gRPC requests, it is the fully
// qualified API method name, such as
// "google.pubsub.v1.Publisher.Publish". For OpenAPI requests, it is the
// `operationId`, such as "getPet".
Operation string `json:"operation,omitempty"`
// Protocol: The API protocol used for sending the request, such as
// "http", "https", "grpc", or "internal".
Protocol string `json:"protocol,omitempty"`
// Service: The API service name. It is a logical identifier for a
// networked API, such as "pubsub.googleapis.com". The naming syntax
// depends on the API management system being used for handling the
// request.
Service string `json:"service,omitempty"`
// Version: The API version associated with the API operation above,
// such as "v1" or "v1alpha1".
Version string `json:"version,omitempty"`
// ForceSendFields is a list of field names (e.g. "Operation") to
// unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "Operation") to include in
// API requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *Api) MarshalJSON() ([]byte, error) {
type NoMethod Api
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// AttributeContext: This message defines the standard attribute
// vocabulary for Google APIs. An attribute is a piece of metadata that
// describes an activity on a network service. For example, the size of
// an HTTP request, or the status code of an HTTP response. Each
// attribute has a type and a name, which is logically defined as a
// proto message field in `AttributeContext`. The field type becomes the
// attribute type, and the field path becomes the attribute name. For
// example, the attribute `source.ip` maps to field
// `AttributeContext.source.ip`. This message definition is guaranteed
// not to have any wire breaking change. So you can use it directly for
// passing attributes across different systems. NOTE: Different system
// may generate different subset of attributes. Please verify the system
// specification before relying on an attribute generated a system.
type AttributeContext struct {
// Api: Represents an API operation that is involved to a network
// activity.
Api *Api `json:"api,omitempty"`
// Destination: The destination of a network activity, such as accepting
// a TCP connection. In a multi hop network activity, the destination
// represents the receiver of the last hop.
Destination *Peer `json:"destination,omitempty"`
// Extensions: Supports extensions for advanced use cases, such as logs
// and metrics.
Extensions []googleapi.RawMessage `json:"extensions,omitempty"`
// Origin: The origin of a network activity. In a multi hop network
// activity, the origin represents the sender of the first hop. For the
// first hop, the `source` and the `origin` must have the same content.
Origin *Peer `json:"origin,omitempty"`
// Request: Represents a network request, such as an HTTP request.
Request *Request `json:"request,omitempty"`
// Resource: Represents a target resource that is involved with a
// network activity. If multiple resources are involved with an
// activity, this must be the primary one.
Resource *Resource `json:"resource,omitempty"`
// Response: Represents a network response, such as an HTTP response.
Response *Response `json:"response,omitempty"`
// Source: The source of a network activity, such as starting a TCP
// connection. In a multi hop network activity, the source represents
// the sender of the last hop.
Source *Peer `json:"source,omitempty"`
// ForceSendFields is a list of field names (e.g. "Api") to
// unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "Api") to include in API
// requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *AttributeContext) MarshalJSON() ([]byte, error) {
type NoMethod AttributeContext
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// AuditLog: Common audit log format for Google Cloud Platform API
// operations.
type AuditLog struct {
// AuthenticationInfo: Authentication information.
AuthenticationInfo *AuthenticationInfo `json:"authenticationInfo,omitempty"`
// AuthorizationInfo: Authorization information. If there are multiple
// resources or permissions involved, then there is one
// AuthorizationInfo element for each {resource, permission} tuple.
AuthorizationInfo []*AuthorizationInfo `json:"authorizationInfo,omitempty"`
// Metadata: Other service-specific data about the request, response,
// and other information associated with the current audited event.
Metadata googleapi.RawMessage `json:"metadata,omitempty"`
// MethodName: The name of the service method or operation. For API
// calls, this should be the name of the API method. For example,
// "google.cloud.bigquery.v2.TableService.InsertTable"
// "google.logging.v2.ConfigServiceV2.CreateSink"
MethodName string `json:"methodName,omitempty"`
// NumResponseItems: The number of items returned from a List or Query
// API method, if applicable.
NumResponseItems int64 `json:"numResponseItems,omitempty,string"`
// Request: The operation request. This may not include all request
// parameters, such as those that are too large, privacy-sensitive, or
// duplicated elsewhere in the log record. It should never include
// user-generated data, such as file contents. When the JSON object
// represented here has a proto equivalent, the proto name will be
// indicated in the `@type` property.
Request googleapi.RawMessage `json:"request,omitempty"`
// RequestMetadata: Metadata about the operation.
RequestMetadata *RequestMetadata `json:"requestMetadata,omitempty"`
// ResourceLocation: The resource location information.
ResourceLocation *ResourceLocation `json:"resourceLocation,omitempty"`
// ResourceName: The resource or collection that is the target of the
// operation. The name is a scheme-less URI, not including the API
// service name. For example:
// "projects/PROJECT_ID/zones/us-central1-a/instances"
// "projects/PROJECT_ID/datasets/DATASET_ID"
ResourceName string `json:"resourceName,omitempty"`
// ResourceOriginalState: The resource's original state before mutation.
// Present only for operations which have successfully modified the
// targeted resource(s). In general, this field should contain all
// changed fields, except those that are already been included in
// `request`, `response`, `metadata` or `service_data` fields. When the
// JSON object represented here has a proto equivalent, the proto name
// will be indicated in the `@type` property.
ResourceOriginalState googleapi.RawMessage `json:"resourceOriginalState,omitempty"`
// Response: The operation response. This may not include all response
// elements, such as those that are too large, privacy-sensitive, or
// duplicated elsewhere in the log record. It should never include
// user-generated data, such as file contents. When the JSON object
// represented here has a proto equivalent, the proto name will be
// indicated in the `@type` property.
Response googleapi.RawMessage `json:"response,omitempty"`
// ServiceData: Deprecated. Use the `metadata` field instead. Other
// service-specific data about the request, response, and other
// activities.
ServiceData googleapi.RawMessage `json:"serviceData,omitempty"`
// ServiceName: The name of the API service performing the operation.
// For example, "compute.googleapis.com".
ServiceName string `json:"serviceName,omitempty"`
// Status: The status of the overall operation.
Status *Status `json:"status,omitempty"`
// ForceSendFields is a list of field names (e.g. "AuthenticationInfo")
// to unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "AuthenticationInfo") to
// include in API requests with the JSON null value. By default, fields
// with empty values are omitted from API requests. However, any field
// with an empty value appearing in NullFields will be sent to the
// server as null. It is an error if a field in this list has a
// non-empty value. This may be used to include null fields in Patch
// requests.
NullFields []string `json:"-"`
}
func (s *AuditLog) MarshalJSON() ([]byte, error) {
type NoMethod AuditLog
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// Auth: This message defines request authentication attributes.
// Terminology is based on the JSON Web Token (JWT) standard, but the
// terms also correlate to concepts in other standards.
type Auth struct {
// AccessLevels: A list of access level resource names that allow
// resources to be accessed by authenticated requester. It is part of
// Secure GCP processing for the incoming request. An access level
// string has the format:
// "//{api_service_name}/accessPolicies/{policy_id}/accessLevels/{short_n
// ame}" Example:
// "//accesscontextmanager.googleapis.com/accessPolicies/MY_POLICY_ID/acc
// essLevels/MY_LEVEL"
AccessLevels []string `json:"accessLevels,omitempty"`
// Audiences: The intended audience(s) for this authentication
// information. Reflects the audience (`aud`) claim within a JWT. The
// audience value(s) depends on the `issuer`, but typically include one
// or more of the following pieces of information: * The services
// intended to receive the credential. For example,
// ["https://pubsub.googleapis.com/",
// "https://storage.googleapis.com/"]. * A set of service-based scopes.
// For example, ["https://www.googleapis.com/auth/cloud-platform"]. *
// The client id of an app, such as the Firebase project id for JWTs
// from Firebase Auth. Consult the documentation for the credential
// issuer to determine the information provided.
Audiences []string `json:"audiences,omitempty"`
// Claims: Structured claims presented with the credential. JWTs include
// `{key: value}` pairs for standard and private claims. The following
// is a subset of the standard required and optional claims that would
// typically be presented for a Google-based JWT: {'iss':
// 'accounts.google.com', 'sub': '113289723416554971153', 'aud':
// ['123456789012', 'pubsub.googleapis.com'], 'azp':
// '123456789012.apps.googleusercontent.com', 'email':
// 'jsmith@example.com', 'iat': 1353601026, 'exp': 1353604926} SAML
// assertions are similarly specified, but with an identity provider
// dependent structure.
Claims googleapi.RawMessage `json:"claims,omitempty"`
// Presenter: The authorized presenter of the credential. Reflects the
// optional Authorized Presenter (`azp`) claim within a JWT or the OAuth
// client id. For example, a Google Cloud Platform client id looks as
// follows: "123456789012.apps.googleusercontent.com".
Presenter string `json:"presenter,omitempty"`
// Principal: The authenticated principal. Reflects the issuer (`iss`)
// and subject (`sub`) claims within a JWT. The issuer and subject
// should be `/` delimited, with `/` percent-encoded within the subject
// fragment. For Google accounts, the principal format is:
// "https://accounts.google.com/{id}"
Principal string `json:"principal,omitempty"`
// ForceSendFields is a list of field names (e.g. "AccessLevels") to
// unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "AccessLevels") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *Auth) MarshalJSON() ([]byte, error) {
type NoMethod Auth
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// AuthenticationInfo: Authentication information for the operation.
type AuthenticationInfo struct {
// AuthoritySelector: The authority selector specified by the requestor,
// if any. It is not guaranteed that the principal was allowed to use
// this authority.
AuthoritySelector string `json:"authoritySelector,omitempty"`
// PrincipalEmail: The email address of the authenticated user (or
// service account on behalf of third party principal) making the
// request. For third party identity callers, the `principal_subject`
// field is populated instead of this field. For privacy reasons, the
// principal email address is sometimes redacted. For more information,
// see Caller identities in audit logs
// (https://cloud.google.com/logging/docs/audit#user-id).
PrincipalEmail string `json:"principalEmail,omitempty"`
// PrincipalSubject: String representation of identity of requesting
// party. Populated for both first and third party identities.
PrincipalSubject string `json:"principalSubject,omitempty"`
// ServiceAccountDelegationInfo: Identity delegation history of an
// authenticated service account that makes the request. It contains
// information on the real authorities that try to access GCP resources
// by delegating on a service account. When multiple authorities
// present, they are guaranteed to be sorted based on the original
// ordering of the identity delegation events.
ServiceAccountDelegationInfo []*ServiceAccountDelegationInfo `json:"serviceAccountDelegationInfo,omitempty"`
// ServiceAccountKeyName: The name of the service account key used to
// create or exchange credentials for authenticating the service account
// making the request. This is a scheme-less URI full resource name. For
// example:
// "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/
// keys/{key}"
ServiceAccountKeyName string `json:"serviceAccountKeyName,omitempty"`
// ThirdPartyPrincipal: The third party identification (if any) of the
// authenticated user making the request. When the JSON object
// represented here has a proto equivalent, the proto name will be
// indicated in the `@type` property.
ThirdPartyPrincipal googleapi.RawMessage `json:"thirdPartyPrincipal,omitempty"`
// ForceSendFields is a list of field names (e.g. "AuthoritySelector")
// to unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "AuthoritySelector") to
// include in API requests with the JSON null value. By default, fields
// with empty values are omitted from API requests. However, any field
// with an empty value appearing in NullFields will be sent to the
// server as null. It is an error if a field in this list has a
// non-empty value. This may be used to include null fields in Patch
// requests.
NullFields []string `json:"-"`
}
func (s *AuthenticationInfo) MarshalJSON() ([]byte, error) {
type NoMethod AuthenticationInfo
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// AuthorizationInfo: Authorization information for the operation.
type AuthorizationInfo struct {
// Granted: Whether or not authorization for `resource` and `permission`
// was granted.
Granted bool `json:"granted,omitempty"`
// Permission: The required IAM permission.
Permission string `json:"permission,omitempty"`
// Resource: The resource being accessed, as a REST-style or cloud
// resource string. For example:
// bigquery.googleapis.com/projects/PROJECTID/datasets/DATASETID or
// projects/PROJECTID/datasets/DATASETID
Resource string `json:"resource,omitempty"`
// ResourceAttributes: Resource attributes used in IAM condition
// evaluation. This field contains resource attributes like resource
// type and resource name. To get the whole view of the attributes used
// in IAM condition evaluation, the user must also look into
// `AuditLog.request_metadata.request_attributes`.
ResourceAttributes *Resource `json:"resourceAttributes,omitempty"`
// ForceSendFields is a list of field names (e.g. "Granted") to
// unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "Granted") to include in
// API requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *AuthorizationInfo) MarshalJSON() ([]byte, error) {
type NoMethod AuthorizationInfo
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// CheckRequest: Request message for the Check method.
type CheckRequest struct {
// Attributes: Describes attributes about the operation being executed
// by the service.
Attributes *AttributeContext `json:"attributes,omitempty"`
// Flags: Optional. Contains a comma-separated list of flags.
Flags string `json:"flags,omitempty"`
// Resources: Describes the resources and the policies applied to each
// resource.
Resources []*ResourceInfo `json:"resources,omitempty"`
// ServiceConfigId: Specifies the version of the service configuration
// that should be used to process the request. Must not be empty. Set
// this field to 'latest' to specify using the latest configuration.
ServiceConfigId string `json:"serviceConfigId,omitempty"`
// ForceSendFields is a list of field names (e.g. "Attributes") to
// unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "Attributes") to include in
// API requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *CheckRequest) MarshalJSON() ([]byte, error) {
type NoMethod CheckRequest
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// CheckResponse: Response message for the Check method.
type CheckResponse struct {
// Headers: Returns a set of request contexts generated from the
// `CheckRequest`.
Headers map[string]string `json:"headers,omitempty"`
// Status: Operation is allowed when this field is not set. Any non-'OK'
// status indicates a denial; google.rpc.Status.details () would contain
// additional details about the denial.
Status *Status `json:"status,omitempty"`
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi.ServerResponse `json:"-"`
// ForceSendFields is a list of field names (e.g. "Headers") to
// unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "Headers") to include in
// API requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *CheckResponse) MarshalJSON() ([]byte, error) {
type NoMethod CheckResponse
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// FirstPartyPrincipal: First party identity principal.
type FirstPartyPrincipal struct {
// PrincipalEmail: The email address of a Google account. .
PrincipalEmail string `json:"principalEmail,omitempty"`
// ServiceMetadata: Metadata about the service that uses the service
// account. .
ServiceMetadata googleapi.RawMessage `json:"serviceMetadata,omitempty"`
// ForceSendFields is a list of field names (e.g. "PrincipalEmail") to
// unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "PrincipalEmail") to
// include in API requests with the JSON null value. By default, fields
// with empty values are omitted from API requests. However, any field
// with an empty value appearing in NullFields will be sent to the
// server as null. It is an error if a field in this list has a
// non-empty value. This may be used to include null fields in Patch
// requests.
NullFields []string `json:"-"`
}
func (s *FirstPartyPrincipal) MarshalJSON() ([]byte, error) {
type NoMethod FirstPartyPrincipal
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// Peer: This message defines attributes for a node that handles a
// network request. The node can be either a service or an application
// that sends, forwards, or receives the request. Service peers should
// fill in `principal` and `labels` as appropriate.
type Peer struct {
// Ip: The IP address of the peer.
Ip string `json:"ip,omitempty"`
// Labels: The labels associated with the peer.
Labels map[string]string `json:"labels,omitempty"`
// Port: The network port of the peer.
Port int64 `json:"port,omitempty,string"`
// Principal: The identity of this peer. Similar to
// `Request.auth.principal`, but relative to the peer instead of the
// request. For example, the idenity associated with a load balancer
// that forwared the request.
Principal string `json:"principal,omitempty"`
// RegionCode: The CLDR country/region code associated with the above IP
// address. If the IP address is private, the `region_code` should
// reflect the physical location where this peer is running.
RegionCode string `json:"regionCode,omitempty"`
// ForceSendFields is a list of field names (e.g. "Ip") to
// unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "Ip") to include in API
// requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *Peer) MarshalJSON() ([]byte, error) {
type NoMethod Peer
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// ReportRequest: Request message for the Report method.
type ReportRequest struct {
// Operations: Describes the list of operations to be reported. Each
// operation is represented as an AttributeContext, and contains all
// attributes around an API access.
Operations []*AttributeContext `json:"operations,omitempty"`
// ServiceConfigId: Specifies the version of the service configuration
// that should be used to process the request. Must not be empty. Set
// this field to 'latest' to specify using the latest configuration.
ServiceConfigId string `json:"serviceConfigId,omitempty"`
// ForceSendFields is a list of field names (e.g. "Operations") to
// unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "Operations") to include in
// API requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *ReportRequest) MarshalJSON() ([]byte, error) {
type NoMethod ReportRequest
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// ReportResponse: Response message for the Report method. If the
// request contains any invalid data, the server returns an RPC error.
type ReportResponse struct {
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi.ServerResponse `json:"-"`
}
// Request: This message defines attributes for an HTTP request. If the
// actual request is not an HTTP request, the runtime system should try
// to map the actual request to an equivalent HTTP request.
type Request struct {
// Auth: The request authentication. May be absent for unauthenticated
// requests. Derived from the HTTP request `Authorization` header or
// equivalent.
Auth *Auth `json:"auth,omitempty"`
// Headers: The HTTP request headers. If multiple headers share the same
// key, they must be merged according to the HTTP spec. All header keys
// must be lowercased, because HTTP header keys are case-insensitive.
Headers map[string]string `json:"headers,omitempty"`
// Host: The HTTP request `Host` header value.
Host string `json:"host,omitempty"`
// Id: The unique ID for a request, which can be propagated to
// downstream systems. The ID should have low probability of collision
// within a single day for a specific service.
Id string `json:"id,omitempty"`
// Method: The HTTP request method, such as `GET`, `POST`.
Method string `json:"method,omitempty"`
// Path: The HTTP URL path, excluding the query parameters.
Path string `json:"path,omitempty"`
// Protocol: The network protocol used with the request, such as
// "http/1.1", "spdy/3", "h2", "h2c", "webrtc", "tcp", "udp", "quic".
// See
// https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids
// for details.
Protocol string `json:"protocol,omitempty"`
// Query: The HTTP URL query in the format of
// `name1=value1&name2=value2`, as it appears in the first line of the
// HTTP request. No decoding is performed.
Query string `json:"query,omitempty"`
// Reason: A special parameter for request reason. It is used by
// security systems to associate auditing information with a request.
Reason string `json:"reason,omitempty"`
// Scheme: The HTTP URL scheme, such as `http` and `https`.
Scheme string `json:"scheme,omitempty"`
// Size: The HTTP request size in bytes. If unknown, it must be -1.
Size int64 `json:"size,omitempty,string"`
// Time: The timestamp when the `destination` service receives the last
// byte of the request.
Time string `json:"time,omitempty"`
// ForceSendFields is a list of field names (e.g. "Auth") to
// unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "Auth") to include in API
// requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *Request) MarshalJSON() ([]byte, error) {
type NoMethod Request
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// RequestMetadata: Metadata about the request.
type RequestMetadata struct {
// CallerIp: The IP address of the caller. For caller from internet,
// this will be public IPv4 or IPv6 address. For caller from a Compute
// Engine VM with external IP address, this will be the VM's external IP
// address. For caller from a Compute Engine VM without external IP
// address, if the VM is in the same organization (or project) as the
// accessed resource, `caller_ip` will be the VM's internal IPv4
// address, otherwise the `caller_ip` will be redacted to
// "gce-internal-ip". See https://cloud.google.com/compute/docs/vpc/ for
// more information.
CallerIp string `json:"callerIp,omitempty"`
// CallerNetwork: The network of the caller. Set only if the network
// host project is part of the same GCP organization (or project) as the
// accessed resource. See https://cloud.google.com/compute/docs/vpc/ for
// more information. This is a scheme-less URI full resource name. For
// example:
// "//compute.googleapis.com/projects/PROJECT_ID/global/networks/NETWORK_
// ID"
CallerNetwork string `json:"callerNetwork,omitempty"`
// CallerSuppliedUserAgent: The user agent of the caller. This
// information is not authenticated and should be treated accordingly.
// For example: + `google-api-python-client/1.4.0`: The request was made
// by the Google API client for Python. + `Cloud SDK Command Line Tool
// apitools-client/1.0 gcloud/0.9.62`: The request was made by the
// Google Cloud SDK CLI (gcloud). + `AppEngine-Google;
// (+http://code.google.com/appengine; appid: s~my-project`: The request
// was made from the `my-project` App Engine app. NOLINT
CallerSuppliedUserAgent string `json:"callerSuppliedUserAgent,omitempty"`
// DestinationAttributes: The destination of a network activity, such as
// accepting a TCP connection. In a multi hop network activity, the
// destination represents the receiver of the last hop. Only two fields
// are used in this message, Peer.port and Peer.ip. These fields are
// optionally populated by those services utilizing the IAM condition
// feature.
DestinationAttributes *Peer `json:"destinationAttributes,omitempty"`
// RequestAttributes: Request attributes used in IAM condition
// evaluation. This field contains request attributes like request time
// and access levels associated with the request. To get the whole view
// of the attributes used in IAM condition evaluation, the user must
// also look into `AuditLog.authentication_info.resource_attributes`.
RequestAttributes *Request `json:"requestAttributes,omitempty"`
// ForceSendFields is a list of field names (e.g. "CallerIp") to
// unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "CallerIp") to include in
// API requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`
}
func (s *RequestMetadata) MarshalJSON() ([]byte, error) {
type NoMethod RequestMetadata
raw := NoMethod(*s)
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
}
// Resource: This message defines core attributes for a resource. A
// resource is an addressable (named) entity provided by the destination
// service. For example, a file stored on a network storage service.
type Resource struct {
// Annotations: Annotations is an unstructured key-value map stored with
// a resource that may be set by external tools to store and retrieve
// arbitrary metadata. They are not queryable and should be preserved
// when modifying objects. More info:
// https://kubernetes.io/docs/user-guide/annotations
Annotations map[string]string `json:"annotations,omitempty"`
// CreateTime: Output only. The timestamp when the resource was created.
// This may be either the time creation was initiated or when it was
// completed.
CreateTime string `json:"createTime,omitempty"`
// DeleteTime: Output only. The timestamp when the resource was deleted.
// If the resource is not deleted, this must be empty.
DeleteTime string `json:"deleteTime,omitempty"`
// DisplayName: Mutable. The display name set by clients. Must be <= 63
// characters.
DisplayName string `json:"displayName,omitempty"`
// Etag: Output only. An opaque value that uniquely identifies a version
// or generation of a resource. It can be used to confirm that the
// client and server agree on the ordering of a resource being written.
Etag string `json:"etag,omitempty"`
// Labels: The labels or tags on the resource, such as AWS resource tags
// and Kubernetes resource labels.
Labels map[string]string `json:"labels,omitempty"`
// Location: Immutable. The location of the resource. The location
// encoding is specific to the service provider, and new encoding may be
// introduced as the service evolves. For Google Cloud products, the
// encoding is what is used by Google Cloud APIs, such as `us-east1`,
// `aws-us-east-1`, and `azure-eastus2`. The semantics of `location` is
// identical to the `cloud.googleapis.com/location` label used by some
// Google Cloud APIs.
Location string `json:"location,omitempty"`
// Name: The stable identifier (name) of a resource on the `service`. A
// resource can be logically identified as
// "//{resource.service}/{resource.name}". The differences between a
// resource name and a URI are: * Resource name is a logical identifier,
// independent of network protocol and API version. For example,
// `//pubsub.googleapis.com/projects/123/topics/news-feed`. * URI often
// includes protocol and version information, so it can be used directly
// by applications. For example,
// `https://pubsub.googleapis.com/v1/projects/123/topics/news-feed`. See
// https://cloud.google.com/apis/design/resource_names for details.
Name string `json:"name,omitempty"`
// Service: The name of the service that this resource belongs to, such
// as `pubsub.googleapis.com`. The service may be different from the DNS
// hostname that actually serves the request.
Service string `json:"service,omitempty"`
// Type: The type of the resource. The syntax is platform-specific
// because different platforms define their resources differently. For
// Google APIs, the type format must be "{service}/{kind}".
Type string `json:"type,omitempty"`
// Uid: The unique identifier of the resource. UID is unique in the time
// and space for this resource within the scope of the service. It is
// typically generated by the server on successful creation of a
// resource and must not be changed. UID is used to uniquely identify
// resources with resource name reuses. This should be a UUID4.
Uid string `json:"uid,omitempty"`
// UpdateTime: Output only. The timestamp when the resource was last
// updated. Any change to the resource made by users must refresh this
// value. Changes to a resource made by the service should refresh this
// value.
UpdateTime string `json:"updateTime,omitempty"`
// ForceSendFields is a list of field names (e.g. "Annotations") to
// unconditionally include in API requests. By default, fields with
// empty or default values are omitted from API requests. However, any
// non-pointer, non-interface field appearing in ForceSendFields will be
// sent to the server regardless of whether the field is empty or not.
// This may be used to include empty fields in Patch requests.
ForceSendFields []string `json:"-"`
// NullFields is a list of field names (e.g. "Annotations") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields []string `json:"-"`