Google Git
Sign in
flutter/third_party/googleapis.dart.git/refs/heads/master/./generated/googleapis/lib/cloudresourcemanager/v2.dart
blob: ed4e09a92a58d069647e1ec573b823032174f809 [file] [log] [blame] [edit]
// This is a generated file (see the discoveryapis_generator project).
// ignore_for_file: camel_case_types
// ignore_for_file: comment_references
// ignore_for_file: deprecated_member_use_from_same_package
// ignore_for_file: doc_directive_unknown
// ignore_for_file: lines_longer_than_80_chars
// ignore_for_file: non_constant_identifier_names
// ignore_for_file: prefer_interpolation_to_compose_strings
// ignore_for_file: unintended_html_in_doc_comment
// ignore_for_file: unnecessary_brace_in_string_interps
// ignore_for_file: unnecessary_lambdas
// ignore_for_file: unnecessary_string_interpolations
/// Cloud Resource Manager API - v2
///
/// Creates, reads, and updates metadata for Google Cloud Platform resource
/// containers.
///
/// For more information, see <https://cloud.google.com/resource-manager>
///
/// Create an instance of [CloudResourceManagerApi] to access these resources:
///
/// - [FoldersResource]
/// - [OperationsResource]
library;
import 'dart:async' as async;
import 'dart:convert' as convert;
import 'dart:core' as core;
import 'package:_discoveryapis_commons/_discoveryapis_commons.dart' as commons;
import 'package:http/http.dart' as http;
import '../shared.dart';
import '../src/user_agent.dart';
export 'package:_discoveryapis_commons/_discoveryapis_commons.dart'
show ApiRequestError, DetailedApiRequestError;
/// Creates, reads, and updates metadata for Google Cloud Platform resource
/// containers.
class CloudResourceManagerApi {
/// See, edit, configure, and delete your Google Cloud data and see the email
/// address for your Google Account.
static const cloudPlatformScope =
'https://www.googleapis.com/auth/cloud-platform';
/// View your data across Google Cloud services and see the email address of
/// your Google Account
static const cloudPlatformReadOnlyScope =
'https://www.googleapis.com/auth/cloud-platform.read-only';
final commons.ApiRequester _requester;
FoldersResource get folders => FoldersResource(_requester);
OperationsResource get operations => OperationsResource(_requester);
CloudResourceManagerApi(
http.Client client, {
core.String rootUrl = 'https://cloudresourcemanager.googleapis.com/',
core.String servicePath = '',
}) : _requester = commons.ApiRequester(
client,
rootUrl,
servicePath,
requestHeaders,
);
}
class FoldersResource {
final commons.ApiRequester _requester;
FoldersResource(commons.ApiRequester client) : _requester = client;
/// Creates a Folder in the resource hierarchy.
///
/// Returns an Operation which can be used to track the progress of the folder
/// creation workflow. Upon success the Operation.response field will be
/// populated with the created Folder. In order to succeed, the addition of
/// this new Folder must not violate the Folder naming, height or fanout
/// constraints. + The Folder's display_name must be distinct from all other
/// Folders that share its parent. + The addition of the Folder must not cause
/// the active Folder hierarchy to exceed a height of 10. Note, the full
/// active + deleted Folder hierarchy is allowed to reach a height of 20; this
/// provides additional headroom when moving folders that contain deleted
/// folders. + The addition of the Folder must not cause the total number of
/// Folders under its parent to exceed 300. If the operation fails due to a
/// folder constraint violation, some errors may be returned by the
/// CreateFolder request, with status code FAILED_PRECONDITION and an error
/// description. Other folder constraint violations will be communicated in
/// the Operation, with the specific PreconditionFailure returned via the
/// details list in the Operation.error field. The caller must have
/// `resourcemanager.folders.create` permission on the identified parent.
///
/// [request] - The metadata request object.
///
/// Request parameters:
///
/// [parent] - Required. The resource name of the new Folder's parent. Must be
/// of the form `folders/{folder_id}` or `organizations/{org_id}`.
///
/// [$fields] - Selector specifying which fields to include in a partial
/// response.
///
/// Completes with a [Operation].
///
/// Completes with a [commons.ApiRequestError] if the API endpoint returned an
/// error.
///
/// If the used [http.Client] completes with an error when making a REST call,
/// this method will complete with the same error.
async.Future<Operation> create(
Folder request, {
core.String? parent,
core.String? $fields,
}) async {
final body_ = convert.json.encode(request);
final queryParams_ = <core.String, core.List<core.String>>{
'parent': ?parent == null ? null : [parent],
'fields': ?$fields == null ? null : [$fields],
};
const url_ = 'v2/folders';
final response_ = await _requester.request(
url_,
'POST',
body: body_,
queryParams: queryParams_,
);
return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>);
}
/// Requests deletion of a Folder.
///
/// The Folder is moved into the DELETE_REQUESTED state immediately, and is
/// deleted approximately 30 days later. This method may only be called on an
/// empty Folder in the ACTIVE state, where a Folder is empty if it doesn't
/// contain any Folders or Projects in the ACTIVE state. The caller must have
/// `resourcemanager.folders.delete` permission on the identified folder.
///
/// Request parameters:
///
/// [name] - Required. the resource name of the Folder to be deleted. Must be
/// of the form `folders/{folder_id}`.
/// Value must have pattern `^folders/\[^/\]+$`.
///
/// [$fields] - Selector specifying which fields to include in a partial
/// response.
///
/// Completes with a [Folder].
///
/// Completes with a [commons.ApiRequestError] if the API endpoint returned an
/// error.
///
/// If the used [http.Client] completes with an error when making a REST call,
/// this method will complete with the same error.
async.Future<Folder> delete(core.String name, {core.String? $fields}) async {
final queryParams_ = <core.String, core.List<core.String>>{
'fields': ?$fields == null ? null : [$fields],
};
final url_ = 'v2/' + core.Uri.encodeFull('$name');
final response_ = await _requester.request(
url_,
'DELETE',
queryParams: queryParams_,
);
return Folder.fromJson(response_ as core.Map<core.String, core.dynamic>);
}
/// Retrieves a Folder identified by the supplied resource name.
///
/// Valid Folder resource names have the format `folders/{folder_id}` (for
/// example, `folders/1234`). The caller must have
/// `resourcemanager.folders.get` permission on the identified folder.
///
/// Request parameters:
///
/// [name] - Required. The resource name of the Folder to retrieve. Must be of
/// the form `folders/{folder_id}`.
/// Value must have pattern `^folders/\[^/\]+$`.
///
/// [$fields] - Selector specifying which fields to include in a partial
/// response.
///
/// Completes with a [Folder].
///
/// Completes with a [commons.ApiRequestError] if the API endpoint returned an
/// error.
///
/// If the used [http.Client] completes with an error when making a REST call,
/// this method will complete with the same error.
async.Future<Folder> get(core.String name, {core.String? $fields}) async {
final queryParams_ = <core.String, core.List<core.String>>{
'fields': ?$fields == null ? null : [$fields],
};
final url_ = 'v2/' + core.Uri.encodeFull('$name');
final response_ = await _requester.request(
url_,
'GET',
queryParams: queryParams_,
);
return Folder.fromJson(response_ as core.Map<core.String, core.dynamic>);
}
/// Gets the access control policy for a Folder.
///
/// The returned policy may be empty if no such policy or resource exists. The
/// `resource` field should be the Folder's resource name, e.g.
/// "folders/1234". The caller must have
/// `resourcemanager.folders.getIamPolicy` permission on the identified
/// folder.
///
/// [request] - The metadata request object.
///
/// Request parameters:
///
/// [resource] - REQUIRED: The resource for which the policy is being
/// requested. See
/// [Resource names](https://cloud.google.com/apis/design/resource_names) for
/// the appropriate value for this field.
/// Value must have pattern `^folders/\[^/\]+$`.
///
/// [$fields] - Selector specifying which fields to include in a partial
/// response.
///
/// Completes with a [Policy].
///
/// Completes with a [commons.ApiRequestError] if the API endpoint returned an
/// error.
///
/// If the used [http.Client] completes with an error when making a REST call,
/// this method will complete with the same error.
async.Future<Policy> getIamPolicy(
GetIamPolicyRequest request,
core.String resource, {
core.String? $fields,
}) async {
final body_ = convert.json.encode(request);
final queryParams_ = <core.String, core.List<core.String>>{
'fields': ?$fields == null ? null : [$fields],
};
final url_ = 'v2/' + core.Uri.encodeFull('$resource') + ':getIamPolicy';
final response_ = await _requester.request(
url_,
'POST',
body: body_,
queryParams: queryParams_,
);
return Policy.fromJson(response_ as core.Map<core.String, core.dynamic>);
}
/// Lists the Folders that are direct descendants of supplied parent resource.
///
/// List provides a strongly consistent view of the Folders underneath the
/// specified parent resource. List returns Folders sorted based upon the
/// (ascending) lexical ordering of their display_name. The caller must have
/// `resourcemanager.folders.list` permission on the identified parent.
///
/// Request parameters:
///
/// [pageSize] - Optional. The maximum number of Folders to return in the
/// response. The server can return fewer folders than requested. If
/// unspecified, server picks an appropriate default.
///
/// [pageToken] - Optional. A pagination token returned from a previous call
/// to `ListFolders` that indicates where this listing should continue from.
///
/// [parent] - Required. The resource name of the Organization or Folder whose
/// Folders are being listed. Must be of the form `folders/{folder_id}` or
/// `organizations/{org_id}`. Access to this method is controlled by checking
/// the `resourcemanager.folders.list` permission on the `parent`.
///
/// [showDeleted] - Optional. Controls whether Folders in the DELETE_REQUESTED
/// state should be returned. Defaults to false.
///
/// [$fields] - Selector specifying which fields to include in a partial
/// response.
///
/// Completes with a [ListFoldersResponse].
///
/// Completes with a [commons.ApiRequestError] if the API endpoint returned an
/// error.
///
/// If the used [http.Client] completes with an error when making a REST call,
/// this method will complete with the same error.
async.Future<ListFoldersResponse> list({
core.int? pageSize,
core.String? pageToken,
core.String? parent,
core.bool? showDeleted,
core.String? $fields,
}) async {
final queryParams_ = <core.String, core.List<core.String>>{
'pageSize': ?pageSize == null ? null : ['${pageSize}'],
'pageToken': ?pageToken == null ? null : [pageToken],
'parent': ?parent == null ? null : [parent],
'showDeleted': ?showDeleted == null ? null : ['${showDeleted}'],
'fields': ?$fields == null ? null : [$fields],
};
const url_ = 'v2/folders';
final response_ = await _requester.request(
url_,
'GET',
queryParams: queryParams_,
);
return ListFoldersResponse.fromJson(
response_ as core.Map<core.String, core.dynamic>,
);
}
/// Moves a Folder under a new resource parent.
///
/// Returns an Operation which can be used to track the progress of the folder
/// move workflow. Upon success the Operation.response field will be populated
/// with the moved Folder. Upon failure, a FolderOperationError categorizing
/// the failure cause will be returned - if the failure occurs synchronously
/// then the FolderOperationError will be returned via the Status.details
/// field and if it occurs asynchronously then the FolderOperation will be
/// returned via the Operation.error field. In addition, the
/// Operation.metadata field will be populated with a FolderOperation message
/// as an aid to stateless clients. Folder moves will be rejected if they
/// violate either the naming, height or fanout constraints described in the
/// CreateFolder documentation. The caller must have
/// `resourcemanager.folders.move` permission on the folder's current and
/// proposed new parent.
///
/// [request] - The metadata request object.
///
/// Request parameters:
///
/// [name] - Required. The resource name of the Folder to move. Must be of the
/// form folders/{folder_id}
/// Value must have pattern `^folders/\[^/\]+$`.
///
/// [$fields] - Selector specifying which fields to include in a partial
/// response.
///
/// Completes with a [Operation].
///
/// Completes with a [commons.ApiRequestError] if the API endpoint returned an
/// error.
///
/// If the used [http.Client] completes with an error when making a REST call,
/// this method will complete with the same error.
async.Future<Operation> move(
MoveFolderRequest request,
core.String name, {
core.String? $fields,
}) async {
final body_ = convert.json.encode(request);
final queryParams_ = <core.String, core.List<core.String>>{
'fields': ?$fields == null ? null : [$fields],
};
final url_ = 'v2/' + core.Uri.encodeFull('$name') + ':move';
final response_ = await _requester.request(
url_,
'POST',
body: body_,
queryParams: queryParams_,
);
return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>);
}
/// Updates a Folder, changing its display_name.
///
/// Changes to the folder display_name will be rejected if they violate either
/// the display_name formatting rules or naming constraints described in the
/// CreateFolder documentation. The Folder's display name must start and end
/// with a letter or digit, may contain letters, digits, spaces, hyphens and
/// underscores and can be between 3 and 30 characters. This is captured by
/// the regular expression: `\p{L}\p{N}{1,28}[\p{L}\p{N}]`. The caller must
/// have `resourcemanager.folders.update` permission on the identified folder.
/// If the update fails due to the unique name constraint then a
/// PreconditionFailure explaining this violation will be returned in the
/// Status.details field.
///
/// [request] - The metadata request object.
///
/// Request parameters:
///
/// [name] - Output only. The resource name of the Folder. Its format is
/// `folders/{folder_id}`, for example: "folders/1234".
/// Value must have pattern `^folders/\[^/\]+$`.
///
/// [updateMask] - Required. Fields to be updated. Only the `display_name` can
/// be updated.
///
/// [$fields] - Selector specifying which fields to include in a partial
/// response.
///
/// Completes with a [Folder].
///
/// Completes with a [commons.ApiRequestError] if the API endpoint returned an
/// error.
///
/// If the used [http.Client] completes with an error when making a REST call,
/// this method will complete with the same error.
async.Future<Folder> patch(
Folder request,
core.String name, {
core.String? updateMask,
core.String? $fields,
}) async {
final body_ = convert.json.encode(request);
final queryParams_ = <core.String, core.List<core.String>>{
'updateMask': ?updateMask == null ? null : [updateMask],
'fields': ?$fields == null ? null : [$fields],
};
final url_ = 'v2/' + core.Uri.encodeFull('$name');
final response_ = await _requester.request(
url_,
'PATCH',
body: body_,
queryParams: queryParams_,
);
return Folder.fromJson(response_ as core.Map<core.String, core.dynamic>);
}
/// Search for folders that match specific filter criteria.
///
/// Search provides an eventually consistent view of the folders a user has
/// access to which meet the specified filter criteria. This will only return
/// folders on which the caller has the permission
/// `resourcemanager.folders.get`.
///
/// [request] - The metadata request object.
///
/// Request parameters:
///
/// [$fields] - Selector specifying which fields to include in a partial
/// response.
///
/// Completes with a [SearchFoldersResponse].
///
/// Completes with a [commons.ApiRequestError] if the API endpoint returned an
/// error.
///
/// If the used [http.Client] completes with an error when making a REST call,
/// this method will complete with the same error.
async.Future<SearchFoldersResponse> search(
SearchFoldersRequest request, {
core.String? $fields,
}) async {
final body_ = convert.json.encode(request);
final queryParams_ = <core.String, core.List<core.String>>{
'fields': ?$fields == null ? null : [$fields],
};
const url_ = 'v2/folders:search';
final response_ = await _requester.request(
url_,
'POST',
body: body_,
queryParams: queryParams_,
);
return SearchFoldersResponse.fromJson(
response_ as core.Map<core.String, core.dynamic>,
);
}
/// Sets the access control policy on a Folder, replacing any existing policy.
///
/// The `resource` field should be the Folder's resource name, e.g.
/// "folders/1234". The caller must have
/// `resourcemanager.folders.setIamPolicy` permission on the identified
/// folder.
///
/// [request] - The metadata request object.
///
/// Request parameters:
///
/// [resource] - REQUIRED: The resource for which the policy is being
/// specified. See
/// [Resource names](https://cloud.google.com/apis/design/resource_names) for
/// the appropriate value for this field.
/// Value must have pattern `^folders/\[^/\]+$`.
///
/// [$fields] - Selector specifying which fields to include in a partial
/// response.
///
/// Completes with a [Policy].
///
/// Completes with a [commons.ApiRequestError] if the API endpoint returned an
/// error.
///
/// If the used [http.Client] completes with an error when making a REST call,
/// this method will complete with the same error.
async.Future<Policy> setIamPolicy(
SetIamPolicyRequest request,
core.String resource, {
core.String? $fields,
}) async {
final body_ = convert.json.encode(request);
final queryParams_ = <core.String, core.List<core.String>>{
'fields': ?$fields == null ? null : [$fields],
};
final url_ = 'v2/' + core.Uri.encodeFull('$resource') + ':setIamPolicy';
final response_ = await _requester.request(
url_,
'POST',
body: body_,
queryParams: queryParams_,
);
return Policy.fromJson(response_ as core.Map<core.String, core.dynamic>);
}
/// Returns permissions that a caller has on the specified Folder.
///
/// The `resource` field should be the Folder's resource name, e.g.
/// "folders/1234". There are no permissions required for making this API
/// call.
///
/// [request] - The metadata request object.
///
/// Request parameters:
///
/// [resource] - REQUIRED: The resource for which the policy detail is being
/// requested. See
/// [Resource names](https://cloud.google.com/apis/design/resource_names) for
/// the appropriate value for this field.
/// Value must have pattern `^folders/\[^/\]+$`.
///
/// [$fields] - Selector specifying which fields to include in a partial
/// response.
///
/// Completes with a [TestIamPermissionsResponse].
///
/// Completes with a [commons.ApiRequestError] if the API endpoint returned an
/// error.
///
/// If the used [http.Client] completes with an error when making a REST call,
/// this method will complete with the same error.
async.Future<TestIamPermissionsResponse> testIamPermissions(
TestIamPermissionsRequest request,
core.String resource, {
core.String? $fields,
}) async {
final body_ = convert.json.encode(request);
final queryParams_ = <core.String, core.List<core.String>>{
'fields': ?$fields == null ? null : [$fields],
};
final url_ =
'v2/' + core.Uri.encodeFull('$resource') + ':testIamPermissions';
final response_ = await _requester.request(
url_,
'POST',
body: body_,
queryParams: queryParams_,
);
return TestIamPermissionsResponse.fromJson(
response_ as core.Map<core.String, core.dynamic>,
);
}
/// Cancels the deletion request for a Folder.
///
/// This method may only be called on a Folder in the DELETE_REQUESTED state.
/// In order to succeed, the Folder's parent must be in the ACTIVE state. In
/// addition, reintroducing the folder into the tree must not violate folder
/// naming, height and fanout constraints described in the CreateFolder
/// documentation. The caller must have `resourcemanager.folders.undelete`
/// permission on the identified folder.
///
/// [request] - The metadata request object.
///
/// Request parameters:
///
/// [name] - Required. The resource name of the Folder to undelete. Must be of
/// the form `folders/{folder_id}`.
/// Value must have pattern `^folders/\[^/\]+$`.
///
/// [$fields] - Selector specifying which fields to include in a partial
/// response.
///
/// Completes with a [Folder].
///
/// Completes with a [commons.ApiRequestError] if the API endpoint returned an
/// error.
///
/// If the used [http.Client] completes with an error when making a REST call,
/// this method will complete with the same error.
async.Future<Folder> undelete(
UndeleteFolderRequest request,
core.String name, {
core.String? $fields,
}) async {
final body_ = convert.json.encode(request);
final queryParams_ = <core.String, core.List<core.String>>{
'fields': ?$fields == null ? null : [$fields],
};
final url_ = 'v2/' + core.Uri.encodeFull('$name') + ':undelete';
final response_ = await _requester.request(
url_,
'POST',
body: body_,
queryParams: queryParams_,
);
return Folder.fromJson(response_ as core.Map<core.String, core.dynamic>);
}
}
class OperationsResource {
final commons.ApiRequester _requester;
OperationsResource(commons.ApiRequester client) : _requester = client;
/// Gets the latest state of a long-running operation.
///
/// Clients can use this method to poll the operation result at intervals as
/// recommended by the API service.
///
/// Request parameters:
///
/// [name] - The name of the operation resource.
/// Value must have pattern `^operations/.*$`.
///
/// [$fields] - Selector specifying which fields to include in a partial
/// response.
///
/// Completes with a [Operation].
///
/// Completes with a [commons.ApiRequestError] if the API endpoint returned an
/// error.
///
/// If the used [http.Client] completes with an error when making a REST call,
/// this method will complete with the same error.
async.Future<Operation> get(core.String name, {core.String? $fields}) async {
final queryParams_ = <core.String, core.List<core.String>>{
'fields': ?$fields == null ? null : [$fields],
};
final url_ = 'v1/' + core.Uri.encodeFull('$name');
final response_ = await _requester.request(
url_,
'GET',
queryParams: queryParams_,
);
return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>);
}
}
/// Specifies the audit configuration for a service.
///
/// The configuration determines which permission types are logged, and what
/// identities, if any, are exempted from logging. An AuditConfig must have one
/// or more AuditLogConfigs. If there are AuditConfigs for both `allServices`
/// and a specific service, the union of the two AuditConfigs is used for that
/// service: the log_types specified in each AuditConfig are enabled, and the
/// exempted_members in each AuditLogConfig are exempted. Example Policy with
/// multiple AuditConfigs: { "audit_configs": \[ { "service": "allServices",
/// "audit_log_configs": \[ { "log_type": "DATA_READ", "exempted_members": \[
/// "user:jose@example.com" \] }, { "log_type": "DATA_WRITE" }, { "log_type":
/// "ADMIN_READ" } \] }, { "service": "sampleservice.googleapis.com",
/// "audit_log_configs": \[ { "log_type": "DATA_READ" }, { "log_type":
/// "DATA_WRITE", "exempted_members": \[ "user:aliya@example.com" \] } \] } \] }
/// For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
/// logging. It also exempts `jose@example.com` from DATA_READ logging, and
/// `aliya@example.com` from DATA_WRITE logging.
class AuditConfig {
/// The configuration for logging of each type of permission.
core.List<AuditLogConfig>? auditLogConfigs;
/// Specifies a service that will be enabled for audit logging.
///
/// For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
/// `allServices` is a special value that covers all services.
core.String? service;
AuditConfig({this.auditLogConfigs, this.service});
AuditConfig.fromJson(core.Map json_)
: this(
auditLogConfigs: (json_['auditLogConfigs'] as core.List?)
?.map(
(value) => AuditLogConfig.fromJson(
value as core.Map<core.String, core.dynamic>,
),
)
.toList(),
service: json_['service'] as core.String?,
);
core.Map<core.String, core.dynamic> toJson() {
final auditLogConfigs = this.auditLogConfigs;
final service = this.service;
return {'auditLogConfigs': ?auditLogConfigs, 'service': ?service};
}
}
/// Provides the configuration for logging a type of permissions.
///
/// Example: { "audit_log_configs": \[ { "log_type": "DATA_READ",
/// "exempted_members": \[ "user:jose@example.com" \] }, { "log_type":
/// "DATA_WRITE" } \] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while
/// exempting jose@example.com from DATA_READ logging.
typedef AuditLogConfig = $AuditLogConfig;
/// Associates `members`, or principals, with a `role`.
class Binding {
/// The condition that is associated with this binding.
///
/// If the condition evaluates to `true`, then this binding applies to the
/// current request. If the condition evaluates to `false`, then this binding
/// does not apply to the current request. However, a different role binding
/// might grant the same role to one or more of the principals in this
/// binding. To learn which resources support conditions in their IAM
/// policies, see the
/// [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
Expr? condition;
/// Specifies the principals requesting access for a Google Cloud resource.
///
/// `members` can have the following values: * `allUsers`: A special
/// identifier that represents anyone who is on the internet; with or without
/// a Google account. * `allAuthenticatedUsers`: A special identifier that
/// represents anyone who is authenticated with a Google account or a service
/// account. Does not include identities that come from external identity
/// providers (IdPs) through identity federation. * `user:{emailid}`: An email
/// address that represents a specific Google account. For example,
/// `alice@example.com` . * `serviceAccount:{emailid}`: An email address that
/// represents a Google service account. For example,
/// `my-other-app@appspot.gserviceaccount.com`. *
/// `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An
/// identifier for a
/// [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts).
/// For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. *
/// `group:{emailid}`: An email address that represents a Google group. For
/// example, `admins@example.com`. * `domain:{domain}`: The G Suite domain
/// (primary) that represents all the users of that domain. For example,
/// `google.com` or `example.com`. *
/// `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`:
/// A single identity in a workforce identity pool. *
/// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`:
/// All workforce identities in a group. *
/// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`:
/// All workforce identities with a specific attribute value. *
/// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}
/// / * `: All identities in a workforce identity pool. *
/// `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`:
/// A single identity in a workload identity pool. *
/// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`:
/// A workload identity pool group. *
/// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`:
/// All identities in a workload identity pool with a certain attribute. *
/// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}
/// / * `: All identities in a workload identity pool. *
/// `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique
/// identifier) representing a user that has been recently deleted. For
/// example, `alice@example.com?uid=123456789012345678901`. If the user is
/// recovered, this value reverts to `user:{emailid}` and the recovered user
/// retains the role in the binding. *
/// `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus
/// unique identifier) representing a service account that has been recently
/// deleted. For example,
/// `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If
/// the service account is undeleted, this value reverts to
/// `serviceAccount:{emailid}` and the undeleted service account retains the
/// role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email
/// address (plus unique identifier) representing a Google group that has been
/// recently deleted. For example,
/// `admins@example.com?uid=123456789012345678901`. If the group is recovered,
/// this value reverts to `group:{emailid}` and the recovered group retains
/// the role in the binding. *
/// `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`:
/// Deleted single identity in a workforce identity pool. For example,
/// `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.
core.List<core.String>? members;
/// Role that is assigned to the list of `members`, or principals.
///
/// For example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an
/// overview of the IAM roles and permissions, see the
/// [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For
/// a list of the available pre-defined roles, see
/// [here](https://cloud.google.com/iam/docs/understanding-roles).
core.String? role;
Binding({this.condition, this.members, this.role});
Binding.fromJson(core.Map json_)
: this(
condition: json_.containsKey('condition')
? Expr.fromJson(
json_['condition'] as core.Map<core.String, core.dynamic>,
)
: null,
members: (json_['members'] as core.List?)
?.map((value) => value as core.String)
.toList(),
role: json_['role'] as core.String?,
);
core.Map<core.String, core.dynamic> toJson() {
final condition = this.condition;
final members = this.members;
final role = this.role;
return {'condition': ?condition, 'members': ?members, 'role': ?role};
}
}
/// Represents a textual expression in the Common Expression Language (CEL)
/// syntax.
///
/// CEL is a C-like expression language. The syntax and semantics of CEL are
/// documented at https://github.com/google/cel-spec. Example (Comparison):
/// title: "Summary size limit" description: "Determines if a summary is less
/// than 100 chars" expression: "document.summary.size() \< 100" Example
/// (Equality): title: "Requestor is owner" description: "Determines if
/// requestor is the document owner" expression: "document.owner ==
/// request.auth.claims.email" Example (Logic): title: "Public documents"
/// description: "Determine whether the document should be publicly visible"
/// expression: "document.type != 'private' && document.type != 'internal'"
/// Example (Data Manipulation): title: "Notification string" description:
/// "Create a notification string with a timestamp." expression: "'New message
/// received at ' + string(document.create_time)" The exact variables and
/// functions that may be referenced within an expression are determined by the
/// service that evaluates it. See the service documentation for additional
/// information.
typedef Expr = $Expr;
/// A Folder in an Organization's resource hierarchy, used to organize that
/// Organization's resources.
class Folder {
/// Optional capabilities configured for this folder (via UpdateCapability
/// API).
///
/// Example: `folders/123/capabilities/app-management`.
///
/// Output only.
core.List<core.String>? configuredCapabilities;
/// Timestamp when the Folder was created.
///
/// Assigned by the server.
///
/// Output only.
core.String? createTime;
/// The folder's display name.
///
/// A folder's display name must be unique amongst its siblings, e.g. no two
/// folders with the same parent can share the same display name. The display
/// name must start and end with a letter or digit, may contain letters,
/// digits, spaces, hyphens and underscores and can be no longer than 30
/// characters. This is captured by the regular expression:
/// `[\p{L}\p{N}]([\p{L}\p{N}_- ]{0,28}[\p{L}\p{N}])?`.
core.String? displayName;
/// The lifecycle state of the folder.
///
/// Updates to the lifecycle_state must be performed via DeleteFolder and
/// UndeleteFolder.
///
/// Output only.
/// Possible string values are:
/// - "LIFECYCLE_STATE_UNSPECIFIED" : Unspecified state.
/// - "ACTIVE" : The normal and active state.
/// - "DELETE_REQUESTED" : The folder has been marked for deletion by the
/// user.
core.String? lifecycleState;
/// Management Project associated with this folder (if app-management
/// capability is enabled).
///
/// Example: `projects/google-mp-123` OUTPUT ONLY.
///
/// Output only.
core.String? managementProject;
/// The resource name of the Folder.
///
/// Its format is `folders/{folder_id}`, for example: "folders/1234".
///
/// Output only.
core.String? name;
/// The Folder's parent's resource name.
///
/// Updates to the folder's parent must be performed via MoveFolder.
///
/// Required.
core.String? parent;
/// Input only.
///
/// Immutable. Tag keys/values directly bound to this folder. Each item in the
/// map must be expressed as " : ". For example: "123/environment" :
/// "production", "123/costCenter" : "marketing" Note: Currently this field is
/// in Preview.
///
/// Optional.
core.Map<core.String, core.String>? tags;
Folder({
this.configuredCapabilities,
this.createTime,
this.displayName,
this.lifecycleState,
this.managementProject,
this.name,
this.parent,
this.tags,
});
Folder.fromJson(core.Map json_)
: this(
configuredCapabilities: (json_['configuredCapabilities'] as core.List?)
?.map((value) => value as core.String)
.toList(),
createTime: json_['createTime'] as core.String?,
displayName: json_['displayName'] as core.String?,
lifecycleState: json_['lifecycleState'] as core.String?,
managementProject: json_['managementProject'] as core.String?,
name: json_['name'] as core.String?,
parent: json_['parent'] as core.String?,
tags: (json_['tags'] as core.Map<core.String, core.dynamic>?)?.map(
(key, value) => core.MapEntry(key, value as core.String),
),
);
core.Map<core.String, core.dynamic> toJson() {
final configuredCapabilities = this.configuredCapabilities;
final createTime = this.createTime;
final displayName = this.displayName;
final lifecycleState = this.lifecycleState;
final managementProject = this.managementProject;
final name = this.name;
final parent = this.parent;
final tags = this.tags;
return {
'configuredCapabilities': ?configuredCapabilities,
'createTime': ?createTime,
'displayName': ?displayName,
'lifecycleState': ?lifecycleState,
'managementProject': ?managementProject,
'name': ?name,
'parent': ?parent,
'tags': ?tags,
};
}
}
/// Request message for `GetIamPolicy` method.
class GetIamPolicyRequest {
/// OPTIONAL: A `GetPolicyOptions` object for specifying options to
/// `GetIamPolicy`.
GetPolicyOptions? options;
GetIamPolicyRequest({this.options});
GetIamPolicyRequest.fromJson(core.Map json_)
: this(
options: json_.containsKey('options')
? GetPolicyOptions.fromJson(
json_['options'] as core.Map<core.String, core.dynamic>,
)
: null,
);
core.Map<core.String, core.dynamic> toJson() {
final options = this.options;
return {'options': ?options};
}
}
/// Encapsulates settings provided to GetIamPolicy.
typedef GetPolicyOptions = $GetPolicyOptions00;
/// The ListFolders response message.
class ListFoldersResponse {
/// A possibly paginated list of Folders that are direct descendants of the
/// specified parent resource.
core.List<Folder>? folders;
/// A pagination token returned from a previous call to `ListFolders` that
/// indicates from where listing should continue.
core.String? nextPageToken;
ListFoldersResponse({this.folders, this.nextPageToken});
ListFoldersResponse.fromJson(core.Map json_)
: this(
folders: (json_['folders'] as core.List?)
?.map(
(value) =>
Folder.fromJson(value as core.Map<core.String, core.dynamic>),
)
.toList(),
nextPageToken: json_['nextPageToken'] as core.String?,
);
core.Map<core.String, core.dynamic> toJson() {
final folders = this.folders;
final nextPageToken = this.nextPageToken;
return {'folders': ?folders, 'nextPageToken': ?nextPageToken};
}
}
/// The MoveFolder request message.
class MoveFolderRequest {
/// The resource name of the Folder or Organization to reparent the folder
/// under.
///
/// Must be of the form `folders/{folder_id}` or `organizations/{org_id}`.
///
/// Required.
core.String? destinationParent;
MoveFolderRequest({this.destinationParent});
MoveFolderRequest.fromJson(core.Map json_)
: this(destinationParent: json_['destinationParent'] as core.String?);
core.Map<core.String, core.dynamic> toJson() {
final destinationParent = this.destinationParent;
return {'destinationParent': ?destinationParent};
}
}
/// This resource represents a long-running operation that is the result of a
/// network API call.
class Operation {
/// If the value is `false`, it means the operation is still in progress.
///
/// If `true`, the operation is completed, and either `error` or `response` is
/// available.
core.bool? done;
/// The error result of the operation in case of failure or cancellation.
Status? error;
/// Service-specific metadata associated with the operation.
///
/// It typically contains progress information and common metadata such as
/// create time. Some services might not provide such metadata. Any method
/// that returns a long-running operation should document the metadata type,
/// if any.
///
/// The values for Object must be JSON objects. It can consist of `num`,
/// `String`, `bool` and `null` as well as `Map` and `List` values.
core.Map<core.String, core.Object?>? metadata;
/// The server-assigned name, which is only unique within the same service
/// that originally returns it.
///
/// If you use the default HTTP mapping, the `name` should be a resource name
/// ending with `operations/{unique_id}`.
core.String? name;
/// The normal, successful response of the operation.
///
/// If the original method returns no data on success, such as `Delete`, the
/// response is `google.protobuf.Empty`. If the original method is standard
/// `Get`/`Create`/`Update`, the response should be the resource. For other
/// methods, the response should have the type `XxxResponse`, where `Xxx` is
/// the original method name. For example, if the original method name is
/// `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
///
/// The values for Object must be JSON objects. It can consist of `num`,
/// `String`, `bool` and `null` as well as `Map` and `List` values.
core.Map<core.String, core.Object?>? response;
Operation({this.done, this.error, this.metadata, this.name, this.response});
Operation.fromJson(core.Map json_)
: this(
done: json_['done'] as core.bool?,
error: json_.containsKey('error')
? Status.fromJson(
json_['error'] as core.Map<core.String, core.dynamic>,
)
: null,
metadata: json_.containsKey('metadata')
? json_['metadata'] as core.Map<core.String, core.dynamic>
: null,
name: json_['name'] as core.String?,
response: json_.containsKey('response')
? json_['response'] as core.Map<core.String, core.dynamic>
: null,
);
core.Map<core.String, core.dynamic> toJson() {
final done = this.done;
final error = this.error;
final metadata = this.metadata;
final name = this.name;
final response = this.response;
return {
'done': ?done,
'error': ?error,
'metadata': ?metadata,
'name': ?name,
'response': ?response,
};
}
}
/// An Identity and Access Management (IAM) policy, which specifies access
/// controls for Google Cloud resources.
///
/// A `Policy` is a collection of `bindings`. A `binding` binds one or more
/// `members`, or principals, to a single `role`. Principals can be user
/// accounts, service accounts, Google groups, and domains (such as G Suite). A
/// `role` is a named list of permissions; each `role` can be an IAM predefined
/// role or a user-created custom role. For some types of Google Cloud
/// resources, a `binding` can also specify a `condition`, which is a logical
/// expression that allows access to a resource only if the expression evaluates
/// to `true`. A condition can add constraints based on attributes of the
/// request, the resource, or both. To learn which resources support conditions
/// in their IAM policies, see the
/// [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
/// **JSON example:** ``` { "bindings": [ { "role":
/// "roles/resourcemanager.organizationAdmin", "members": [
/// "user:mike@example.com", "group:admins@example.com", "domain:google.com",
/// "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role":
/// "roles/resourcemanager.organizationViewer", "members": [
/// "user:eve@example.com" ], "condition": { "title": "expirable access",
/// "description": "Does not grant access after Sep 2020", "expression":
/// "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag":
/// "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: -
/// members: - user:mike@example.com - group:admins@example.com -
/// domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
/// role: roles/resourcemanager.organizationAdmin - members: -
/// user:eve@example.com role: roles/resourcemanager.organizationViewer
/// condition: title: expirable access description: Does not grant access after
/// Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
/// etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features,
/// see the [IAM documentation](https://cloud.google.com/iam/docs/).
class Policy {
/// Specifies cloud audit logging configuration for this policy.
core.List<AuditConfig>? auditConfigs;
/// Associates a list of `members`, or principals, with a `role`.
///
/// Optionally, may specify a `condition` that determines how and when the
/// `bindings` are applied. Each of the `bindings` must contain at least one
/// principal. The `bindings` in a `Policy` can refer to up to 1,500
/// principals; up to 250 of these principals can be Google groups. Each
/// occurrence of a principal counts towards these limits. For example, if the
/// `bindings` grant 50 different roles to `user:alice@example.com`, and not
/// to any other principal, then you can add another 1,450 principals to the
/// `bindings` in the `Policy`.
core.List<Binding>? bindings;
/// `etag` is used for optimistic concurrency control as a way to help prevent
/// simultaneous updates of a policy from overwriting each other.
///
/// It is strongly suggested that systems make use of the `etag` in the
/// read-modify-write cycle to perform policy updates in order to avoid race
/// conditions: An `etag` is returned in the response to `getIamPolicy`, and
/// systems are expected to put that etag in the request to `setIamPolicy` to
/// ensure that their change will be applied to the same version of the
/// policy. **Important:** If you use IAM Conditions, you must include the
/// `etag` field whenever you call `setIamPolicy`. If you omit this field,
/// then IAM allows you to overwrite a version `3` policy with a version `1`
/// policy, and all of the conditions in the version `3` policy are lost.
core.String? etag;
core.List<core.int> get etagAsBytes => convert.base64.decode(etag!);
set etagAsBytes(core.List<core.int> bytes_) {
etag = convert.base64
.encode(bytes_)
.replaceAll('/', '_')
.replaceAll('+', '-');
}
/// Specifies the format of the policy.
///
/// Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
/// are rejected. Any operation that affects conditional role bindings must
/// specify version `3`. This requirement applies to the following operations:
/// * Getting a policy that includes a conditional role binding * Adding a
/// conditional role binding to a policy * Changing a conditional role binding
/// in a policy * Removing any role binding, with or without a condition, from
/// a policy that includes conditions **Important:** If you use IAM
/// Conditions, you must include the `etag` field whenever you call
/// `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a
/// version `3` policy with a version `1` policy, and all of the conditions in
/// the version `3` policy are lost. If a policy does not include any
/// conditions, operations on that policy may specify any valid version or
/// leave the field unset. To learn which resources support conditions in
/// their IAM policies, see the
/// [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
core.int? version;
Policy({this.auditConfigs, this.bindings, this.etag, this.version});
Policy.fromJson(core.Map json_)
: this(
auditConfigs: (json_['auditConfigs'] as core.List?)
?.map(
(value) => AuditConfig.fromJson(
value as core.Map<core.String, core.dynamic>,
),
)
.toList(),
bindings: (json_['bindings'] as core.List?)
?.map(
(value) => Binding.fromJson(
value as core.Map<core.String, core.dynamic>,
),
)
.toList(),
etag: json_['etag'] as core.String?,
version: json_['version'] as core.int?,
);
core.Map<core.String, core.dynamic> toJson() {
final auditConfigs = this.auditConfigs;
final bindings = this.bindings;
final etag = this.etag;
final version = this.version;
return {
'auditConfigs': ?auditConfigs,
'bindings': ?bindings,
'etag': ?etag,
'version': ?version,
};
}
}
/// The request message for searching folders.
class SearchFoldersRequest {
/// The maximum number of folders to return in the response.
///
/// The server can return fewer folders than requested. If unspecified, server
/// picks an appropriate default.
///
/// Optional.
core.int? pageSize;
/// A pagination token returned from a previous call to `SearchFolders` that
/// indicates from where search should continue.
///
/// Optional.
core.String? pageToken;
/// Search criteria used to select the Folders to return.
///
/// If no search criteria is specified then all accessible folders will be
/// returned. Query expressions can be used to restrict results based upon
/// displayName, lifecycleState and parent, where the operators `=`, `NOT`,
/// `AND` and `OR` can be used along with the suffix wildcard symbol `*`. The
/// displayName field in a query expression should use escaped quotes for
/// values that include whitespace to prevent unexpected behavior. Some
/// example queries are: * Query `displayName=Test*` returns Folder resources
/// whose display name starts with "Test". * Query `lifecycleState=ACTIVE`
/// returns Folder resources with `lifecycleState` set to `ACTIVE`. * Query
/// `parent=folders/123` returns Folder resources that have `folders/123` as a
/// parent resource. * Query `parent=folders/123 AND lifecycleState=ACTIVE`
/// returns active Folder resources that have `folders/123` as a parent
/// resource. * Query `displayName=\\"Test String\\"` returns Folder resources
/// with display names that include both "Test" and "String".
core.String? query;
SearchFoldersRequest({this.pageSize, this.pageToken, this.query});
SearchFoldersRequest.fromJson(core.Map json_)
: this(
pageSize: json_['pageSize'] as core.int?,
pageToken: json_['pageToken'] as core.String?,
query: json_['query'] as core.String?,
);
core.Map<core.String, core.dynamic> toJson() {
final pageSize = this.pageSize;
final pageToken = this.pageToken;
final query = this.query;
return {'pageSize': ?pageSize, 'pageToken': ?pageToken, 'query': ?query};
}
}
/// The response message for searching folders.
class SearchFoldersResponse {
/// A possibly paginated folder search results.
///
/// the specified parent resource.
core.List<Folder>? folders;
/// A pagination token returned from a previous call to `SearchFolders` that
/// indicates from where searching should continue.
core.String? nextPageToken;
SearchFoldersResponse({this.folders, this.nextPageToken});
SearchFoldersResponse.fromJson(core.Map json_)
: this(
folders: (json_['folders'] as core.List?)
?.map(
(value) =>
Folder.fromJson(value as core.Map<core.String, core.dynamic>),
)
.toList(),
nextPageToken: json_['nextPageToken'] as core.String?,
);
core.Map<core.String, core.dynamic> toJson() {
final folders = this.folders;
final nextPageToken = this.nextPageToken;
return {'folders': ?folders, 'nextPageToken': ?nextPageToken};
}
}
/// Request message for `SetIamPolicy` method.
class SetIamPolicyRequest {
/// REQUIRED: The complete policy to be applied to the `resource`.
///
/// The size of the policy is limited to a few 10s of KB. An empty policy is a
/// valid policy but certain Google Cloud services (such as Projects) might
/// reject them.
Policy? policy;
/// OPTIONAL: A FieldMask specifying which fields of the policy to modify.
///
/// Only the fields in the mask will be modified. If no mask is provided, the
/// following default mask is used: `paths: "bindings, etag"`
core.String? updateMask;
SetIamPolicyRequest({this.policy, this.updateMask});
SetIamPolicyRequest.fromJson(core.Map json_)
: this(
policy: json_.containsKey('policy')
? Policy.fromJson(
json_['policy'] as core.Map<core.String, core.dynamic>,
)
: null,
updateMask: json_['updateMask'] as core.String?,
);
core.Map<core.String, core.dynamic> toJson() {
final policy = this.policy;
final updateMask = this.updateMask;
return {'policy': ?policy, 'updateMask': ?updateMask};
}
}
/// The `Status` type defines a logical error model that is suitable for
/// different programming environments, including REST APIs and RPC APIs.
///
/// It is used by [gRPC](https://github.com/grpc). Each `Status` message
/// contains three pieces of data: error code, error message, and error details.
/// You can find out more about this error model and how to work with it in the
/// [API Design Guide](https://cloud.google.com/apis/design/errors).
typedef Status = $Status00;
/// Request message for `TestIamPermissions` method.
typedef TestIamPermissionsRequest = $TestIamPermissionsRequest00;
/// Response message for `TestIamPermissions` method.
typedef TestIamPermissionsResponse = $PermissionsResponse;
/// The UndeleteFolder request message.
typedef UndeleteFolderRequest = $Empty;