2017-05-11 14:39:54 +00:00
// Package iam provides access to the Google Identity and Access Management (IAM) API.
//
// See https://cloud.google.com/iam/
//
// Usage example:
//
// import "google.golang.org/api/iam/v1"
// ...
// iamService, err := iam.New(oauthHttpClient)
package iam // import "google.golang.org/api/iam/v1"
import (
"bytes"
"encoding/json"
"errors"
"fmt"
context "golang.org/x/net/context"
ctxhttp "golang.org/x/net/context/ctxhttp"
gensupport "google.golang.org/api/gensupport"
googleapi "google.golang.org/api/googleapi"
"io"
"net/http"
"net/url"
"strconv"
"strings"
)
// Always reference these packages, just in case the auto-generated code
// below doesn't.
var _ = bytes . NewBuffer
var _ = strconv . Itoa
var _ = fmt . Sprintf
var _ = json . NewDecoder
var _ = io . Copy
var _ = url . Parse
var _ = gensupport . MarshalJSON
var _ = googleapi . Version
var _ = errors . New
var _ = strings . Replace
var _ = context . Canceled
var _ = ctxhttp . Do
const apiId = "iam:v1"
const apiName = "iam"
const apiVersion = "v1"
const basePath = "https://iam.googleapis.com/"
// OAuth2 scopes used by this API.
const (
// View and manage your data across Google Cloud Platform services
CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
)
func New ( client * http . Client ) ( * Service , error ) {
if client == nil {
return nil , errors . New ( "client is nil" )
}
s := & Service { client : client , BasePath : basePath }
s . Projects = NewProjectsService ( s )
s . Roles = NewRolesService ( s )
return s , nil
}
type Service struct {
client * http . Client
BasePath string // API endpoint base URL
UserAgent string // optional additional User-Agent fragment
Projects * ProjectsService
Roles * RolesService
}
func ( s * Service ) userAgent ( ) string {
if s . UserAgent == "" {
return googleapi . UserAgent
}
return googleapi . UserAgent + " " + s . UserAgent
}
func NewProjectsService ( s * Service ) * ProjectsService {
rs := & ProjectsService { s : s }
rs . ServiceAccounts = NewProjectsServiceAccountsService ( s )
return rs
}
type ProjectsService struct {
s * Service
ServiceAccounts * ProjectsServiceAccountsService
}
func NewProjectsServiceAccountsService ( s * Service ) * ProjectsServiceAccountsService {
rs := & ProjectsServiceAccountsService { s : s }
rs . Keys = NewProjectsServiceAccountsKeysService ( s )
return rs
}
type ProjectsServiceAccountsService struct {
s * Service
Keys * ProjectsServiceAccountsKeysService
}
func NewProjectsServiceAccountsKeysService ( s * Service ) * ProjectsServiceAccountsKeysService {
rs := & ProjectsServiceAccountsKeysService { s : s }
return rs
}
type ProjectsServiceAccountsKeysService struct {
s * Service
}
func NewRolesService ( s * Service ) * RolesService {
rs := & RolesService { s : s }
return rs
}
type RolesService struct {
s * Service
}
// AuditData: Audit log information specific to Cloud IAM. This message
// is serialized
// as an `Any` type in the `ServiceData` message of an
// `AuditLog` message.
type AuditData struct {
// PolicyDelta: Policy delta between the original policy and the newly
// set policy.
PolicyDelta * PolicyDelta ` json:"policyDelta,omitempty" `
// ForceSendFields is a list of field names (e.g. "PolicyDelta") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "PolicyDelta") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * AuditData ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod AuditData
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// Binding: Associates `members` with a `role`.
type Binding struct {
// Members: Specifies the identities requesting access for a Cloud
// Platform resource.
// `members` can have the following values:
//
// * `allUsers`: A special identifier that represents anyone who is
// on the internet; with or without a Google account.
//
// * `allAuthenticatedUsers`: A special identifier that represents
// anyone
// who is authenticated with a Google account or a service
// account.
//
// * `user:{emailid}`: An email address that represents a specific
// Google
// account. For example, `alice@gmail.com` or `joe@example.com`.
//
//
// * `serviceAccount:{emailid}`: An email address that represents a
// service
// account. For example,
// `my-other-app@appspot.gserviceaccount.com`.
//
// * `group:{emailid}`: An email address that represents a Google
// group.
// For example, `admins@example.com`.
//
2017-07-23 07:51:42 +00:00
//
2017-05-11 14:39:54 +00:00
// * `domain:{domain}`: A Google Apps domain name that represents all
// the
// users of that domain. For example, `google.com` or
// `example.com`.
//
//
Members [ ] string ` json:"members,omitempty" `
// Role: Role that is assigned to `members`.
// For example, `roles/viewer`, `roles/editor`, or
// `roles/owner`.
// Required
Role string ` json:"role,omitempty" `
// ForceSendFields is a list of field names (e.g. "Members") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "Members") to include in
// API requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * Binding ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod Binding
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// BindingDelta: One delta entry for Binding. Each individual change
// (only one member in each
// entry) to a binding will be a separate entry.
type BindingDelta struct {
// Action: The action that was performed on a Binding.
// Required
//
// Possible values:
// "ACTION_UNSPECIFIED" - Unspecified.
// "ADD" - Addition of a Binding.
// "REMOVE" - Removal of a Binding.
Action string ` json:"action,omitempty" `
// Member: A single identity requesting access for a Cloud Platform
// resource.
// Follows the same format of Binding.members.
// Required
Member string ` json:"member,omitempty" `
// Role: Role that is assigned to `members`.
// For example, `roles/viewer`, `roles/editor`, or
// `roles/owner`.
// Required
Role string ` json:"role,omitempty" `
// ForceSendFields is a list of field names (e.g. "Action") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "Action") to include in API
// requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * BindingDelta ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod BindingDelta
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// CreateServiceAccountKeyRequest: The service account key create
// request.
type CreateServiceAccountKeyRequest struct {
2017-07-23 07:51:42 +00:00
IncludePublicKeyData bool ` json:"includePublicKeyData,omitempty" `
2017-05-11 14:39:54 +00:00
// KeyAlgorithm: Which type of key and algorithm to use for the key.
// The default is currently a 2K RSA key. However this may change in
// the
// future.
//
// Possible values:
// "KEY_ALG_UNSPECIFIED" - An unspecified key algorithm.
// "KEY_ALG_RSA_1024" - 1k RSA Key.
// "KEY_ALG_RSA_2048" - 2k RSA Key.
KeyAlgorithm string ` json:"keyAlgorithm,omitempty" `
// PrivateKeyType: The output format of the private key.
// `GOOGLE_CREDENTIALS_FILE` is the
// default output format.
//
// Possible values:
// "TYPE_UNSPECIFIED" - Unspecified. Equivalent to
// `TYPE_GOOGLE_CREDENTIALS_FILE`.
// "TYPE_PKCS12_FILE" - PKCS12 format.
// The password for the PKCS12 file is `notasecret`.
// For more information, see https://tools.ietf.org/html/rfc7292.
// "TYPE_GOOGLE_CREDENTIALS_FILE" - Google Credentials File format.
PrivateKeyType string ` json:"privateKeyType,omitempty" `
2017-07-23 07:51:42 +00:00
// ForceSendFields is a list of field names (e.g.
// "IncludePublicKeyData") to unconditionally include in API requests.
// By default, fields with empty values are omitted from API requests.
// However, any non-pointer, non-interface field appearing in
// ForceSendFields will be sent to the server regardless of whether the
// field is empty or not. This may be used to include empty fields in
// Patch requests.
2017-05-11 14:39:54 +00:00
ForceSendFields [ ] string ` json:"-" `
2017-07-23 07:51:42 +00:00
// NullFields is a list of field names (e.g. "IncludePublicKeyData") to
// include in API requests with the JSON null value. By default, fields
// with empty values are omitted from API requests. However, any field
// with an empty value appearing in NullFields will be sent to the
// server as null. It is an error if a field in this list has a
// non-empty value. This may be used to include null fields in Patch
// requests.
2017-05-11 14:39:54 +00:00
NullFields [ ] string ` json:"-" `
}
func ( s * CreateServiceAccountKeyRequest ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod CreateServiceAccountKeyRequest
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// CreateServiceAccountRequest: The service account create request.
type CreateServiceAccountRequest struct {
// AccountId: Required. The account id that is used to generate the
// service account
// email address and a stable unique id. It is unique within a
// project,
// must be 6-30 characters long, and match the regular
// expression
// `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035.
AccountId string ` json:"accountId,omitempty" `
// ServiceAccount: The ServiceAccount resource to create.
// Currently, only the following values are user
// assignable:
// `display_name` .
ServiceAccount * ServiceAccount ` json:"serviceAccount,omitempty" `
// ForceSendFields is a list of field names (e.g. "AccountId") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "AccountId") to include in
// API requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * CreateServiceAccountRequest ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod CreateServiceAccountRequest
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// Empty: A generic empty message that you can re-use to avoid defining
// duplicated
// empty messages in your APIs. A typical example is to use it as the
// request
// or the response type of an API method. For instance:
//
// service Foo {
// rpc Bar(google.protobuf.Empty) returns
// (google.protobuf.Empty);
// }
//
// The JSON representation for `Empty` is empty JSON object `{}`.
type Empty struct {
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi . ServerResponse ` json:"-" `
}
// ListServiceAccountKeysResponse: The service account keys list
// response.
type ListServiceAccountKeysResponse struct {
// Keys: The public keys for the service account.
Keys [ ] * ServiceAccountKey ` json:"keys,omitempty" `
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi . ServerResponse ` json:"-" `
// ForceSendFields is a list of field names (e.g. "Keys") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "Keys") to include in API
// requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * ListServiceAccountKeysResponse ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod ListServiceAccountKeysResponse
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// ListServiceAccountsResponse: The service account list response.
type ListServiceAccountsResponse struct {
// Accounts: The list of matching service accounts.
Accounts [ ] * ServiceAccount ` json:"accounts,omitempty" `
// NextPageToken: To retrieve the next page of results,
// set
// ListServiceAccountsRequest.page_token
// to this value.
NextPageToken string ` json:"nextPageToken,omitempty" `
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi . ServerResponse ` json:"-" `
// ForceSendFields is a list of field names (e.g. "Accounts") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "Accounts") to include in
// API requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * ListServiceAccountsResponse ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod ListServiceAccountsResponse
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// Policy: Defines an Identity and Access Management (IAM) policy. It is
// used to
// specify access control policies for Cloud Platform resources.
//
//
// A `Policy` consists of a list of `bindings`. A `Binding` binds a list
// of
// `members` to a `role`, where the members can be user accounts, Google
// groups,
// Google domains, and service accounts. A `role` is a named list of
// permissions
// defined by IAM.
//
// **Example**
//
// {
// "bindings": [
// {
// "role": "roles/owner",
// "members": [
// "user:mike@example.com",
// "group:admins@example.com",
// "domain:google.com",
//
// "serviceAccount:my-other-app@appspot.gserviceaccount.com",
// ]
// },
// {
// "role": "roles/viewer",
// "members": ["user:sean@example.com"]
// }
// ]
// }
//
// For a description of IAM and its features, see the
// [IAM developer's guide](https://cloud.google.com/iam).
type Policy struct {
// Bindings: Associates a list of `members` to a `role`.
// `bindings` with no members will result in an error.
Bindings [ ] * Binding ` json:"bindings,omitempty" `
// Etag: `etag` is used for optimistic concurrency control as a way to
// help
// prevent simultaneous updates of a policy from overwriting each
// other.
// It is strongly suggested that systems make use of the `etag` in
// the
// read-modify-write cycle to perform policy updates in order to avoid
// race
// conditions: An `etag` is returned in the response to `getIamPolicy`,
// and
// systems are expected to put that etag in the request to
// `setIamPolicy` to
// ensure that their change will be applied to the same version of the
// policy.
//
// If no `etag` is provided in the call to `setIamPolicy`, then the
// existing
// policy is overwritten blindly.
Etag string ` json:"etag,omitempty" `
// Version: Version of the `Policy`. The default version is 0.
Version int64 ` json:"version,omitempty" `
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi . ServerResponse ` json:"-" `
// ForceSendFields is a list of field names (e.g. "Bindings") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "Bindings") to include in
// API requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * Policy ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod Policy
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// PolicyDelta: The difference delta between two policies.
type PolicyDelta struct {
// BindingDeltas: The delta for Bindings between two policies.
BindingDeltas [ ] * BindingDelta ` json:"bindingDeltas,omitempty" `
// ForceSendFields is a list of field names (e.g. "BindingDeltas") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "BindingDeltas") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * PolicyDelta ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod PolicyDelta
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// QueryGrantableRolesRequest: The grantable role query request.
type QueryGrantableRolesRequest struct {
// FullResourceName: Required. The full resource name to query from the
// list of grantable roles.
//
// The name follows the Google Cloud Platform resource format.
// For example, a Cloud Platform project with id `my-project` will be
// named
// `//cloudresourcemanager.googleapis.com/projects/my-project`.
FullResourceName string ` json:"fullResourceName,omitempty" `
// PageSize: Optional limit on the number of roles to include in the
// response.
PageSize int64 ` json:"pageSize,omitempty" `
// PageToken: Optional pagination token returned in an
// earlier
// QueryGrantableRolesResponse.
PageToken string ` json:"pageToken,omitempty" `
// ForceSendFields is a list of field names (e.g. "FullResourceName") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "FullResourceName") to
// include in API requests with the JSON null value. By default, fields
// with empty values are omitted from API requests. However, any field
// with an empty value appearing in NullFields will be sent to the
// server as null. It is an error if a field in this list has a
// non-empty value. This may be used to include null fields in Patch
// requests.
NullFields [ ] string ` json:"-" `
}
func ( s * QueryGrantableRolesRequest ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod QueryGrantableRolesRequest
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// QueryGrantableRolesResponse: The grantable role query response.
type QueryGrantableRolesResponse struct {
// NextPageToken: To retrieve the next page of results,
// set
// `QueryGrantableRolesRequest.page_token` to this value.
NextPageToken string ` json:"nextPageToken,omitempty" `
// Roles: The list of matching roles.
Roles [ ] * Role ` json:"roles,omitempty" `
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi . ServerResponse ` json:"-" `
// ForceSendFields is a list of field names (e.g. "NextPageToken") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "NextPageToken") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * QueryGrantableRolesResponse ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod QueryGrantableRolesResponse
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// Role: A role in the Identity and Access Management API.
type Role struct {
// Description: Optional. A human-readable description for the role.
Description string ` json:"description,omitempty" `
// Name: The name of the role.
//
// When Role is used in CreateRole, the role name must not be set.
//
// When Role is used in output and other input such as UpdateRole, the
// role
// name is the complete path, e.g., roles/logging.viewer for curated
// roles
// and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom
// roles.
Name string ` json:"name,omitempty" `
// Title: Optional. A human-readable title for the role. Typically
// this
// is limited to 100 UTF-8 bytes.
Title string ` json:"title,omitempty" `
// ForceSendFields is a list of field names (e.g. "Description") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "Description") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * Role ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod Role
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// ServiceAccount: A service account in the Identity and Access
// Management API.
//
// To create a service account, specify the `project_id` and the
// `account_id`
// for the account. The `account_id` is unique within the project, and
// is used
// to generate the service account email address and a
// stable
// `unique_id`.
//
// If the account already exists, the account's resource name is
// returned
// in util::Status's ResourceInfo.resource_name in the format
// of
// projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}. The
// caller can
// use the name in other methods to access the account.
//
// All other methods can identify the service account using the
// format
// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`
// .
// Using `-` as a wildcard for the project will infer the project
// from
// the account. The `account` value can be the `email` address or
// the
// `unique_id` of the service account.
type ServiceAccount struct {
// DisplayName: Optional. A user-specified description of the service
// account. Must be
// fewer than 100 UTF-8 bytes.
DisplayName string ` json:"displayName,omitempty" `
// Email: @OutputOnly The email address of the service account.
Email string ` json:"email,omitempty" `
// Etag: Used to perform a consistent read-modify-write.
Etag string ` json:"etag,omitempty" `
// Name: The resource name of the service account in the following
// format:
// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}
// `.
//
// Requests using `-` as a wildcard for the project will infer the
// project
// from the `account` and the `account` value can be the `email` address
// or
// the `unique_id` of the service account.
//
// In responses the resource name will always be in the
// format
// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`
// .
Name string ` json:"name,omitempty" `
// Oauth2ClientId: @OutputOnly. The OAuth2 client id for the service
// account.
// This is used in conjunction with the OAuth2 clientconfig API to
// make
// three legged OAuth2 (3LO) flows to access the data of Google users.
Oauth2ClientId string ` json:"oauth2ClientId,omitempty" `
// ProjectId: @OutputOnly The id of the project that owns the service
// account.
ProjectId string ` json:"projectId,omitempty" `
// UniqueId: @OutputOnly The unique and stable id of the service
// account.
UniqueId string ` json:"uniqueId,omitempty" `
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi . ServerResponse ` json:"-" `
// ForceSendFields is a list of field names (e.g. "DisplayName") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "DisplayName") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * ServiceAccount ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod ServiceAccount
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// ServiceAccountKey: Represents a service account key.
//
// A service account has two sets of key-pairs: user-managed,
// and
// system-managed.
//
// User-managed key-pairs can be created and deleted by users. Users
// are
// responsible for rotating these keys periodically to ensure security
// of
// their service accounts. Users retain the private key of these
// key-pairs,
// and Google retains ONLY the public key.
//
// System-managed key-pairs are managed automatically by Google, and
// rotated
// daily without user intervention. The private key never leaves
// Google's
// servers to maximize security.
//
// Public keys for all service accounts are also published at the
// OAuth2
// Service Account API.
type ServiceAccountKey struct {
// KeyAlgorithm: Specifies the algorithm (and possibly key size) for the
// key.
//
// Possible values:
// "KEY_ALG_UNSPECIFIED" - An unspecified key algorithm.
// "KEY_ALG_RSA_1024" - 1k RSA Key.
// "KEY_ALG_RSA_2048" - 2k RSA Key.
KeyAlgorithm string ` json:"keyAlgorithm,omitempty" `
// Name: The resource name of the service account key in the following
// format
// `projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}/
// keys/{key}`.
Name string ` json:"name,omitempty" `
// PrivateKeyData: The private key data. Only provided in
// `CreateServiceAccountKey`
2017-07-23 07:51:42 +00:00
// responses. Make sure to keep the private key data secure because
// it
// allows for the assertion of the service account identity.
2017-05-11 14:39:54 +00:00
PrivateKeyData string ` json:"privateKeyData,omitempty" `
// PrivateKeyType: The output format for the private key.
// Only provided in `CreateServiceAccountKey` responses, not
// in `GetServiceAccountKey` or `ListServiceAccountKey`
// responses.
//
// Google never exposes system-managed private keys, and never
// retains
// user-managed private keys.
//
// Possible values:
// "TYPE_UNSPECIFIED" - Unspecified. Equivalent to
// `TYPE_GOOGLE_CREDENTIALS_FILE`.
// "TYPE_PKCS12_FILE" - PKCS12 format.
// The password for the PKCS12 file is `notasecret`.
// For more information, see https://tools.ietf.org/html/rfc7292.
// "TYPE_GOOGLE_CREDENTIALS_FILE" - Google Credentials File format.
PrivateKeyType string ` json:"privateKeyType,omitempty" `
// PublicKeyData: The public key data. Only provided in
// `GetServiceAccountKey` responses.
PublicKeyData string ` json:"publicKeyData,omitempty" `
// ValidAfterTime: The key can be used after this timestamp.
ValidAfterTime string ` json:"validAfterTime,omitempty" `
// ValidBeforeTime: The key can be used before this timestamp.
ValidBeforeTime string ` json:"validBeforeTime,omitempty" `
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi . ServerResponse ` json:"-" `
// ForceSendFields is a list of field names (e.g. "KeyAlgorithm") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "KeyAlgorithm") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * ServiceAccountKey ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod ServiceAccountKey
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// SetIamPolicyRequest: Request message for `SetIamPolicy` method.
type SetIamPolicyRequest struct {
// Policy: REQUIRED: The complete policy to be applied to the
// `resource`. The size of
// the policy is limited to a few 10s of KB. An empty policy is a
// valid policy but certain Cloud Platform services (such as
// Projects)
// might reject them.
Policy * Policy ` json:"policy,omitempty" `
// ForceSendFields is a list of field names (e.g. "Policy") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "Policy") to include in API
// requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * SetIamPolicyRequest ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod SetIamPolicyRequest
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// SignBlobRequest: The service account sign blob request.
type SignBlobRequest struct {
// BytesToSign: The bytes to sign.
BytesToSign string ` json:"bytesToSign,omitempty" `
// ForceSendFields is a list of field names (e.g. "BytesToSign") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "BytesToSign") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * SignBlobRequest ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod SignBlobRequest
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// SignBlobResponse: The service account sign blob response.
type SignBlobResponse struct {
// KeyId: The id of the key used to sign the blob.
KeyId string ` json:"keyId,omitempty" `
// Signature: The signed blob.
Signature string ` json:"signature,omitempty" `
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi . ServerResponse ` json:"-" `
// ForceSendFields is a list of field names (e.g. "KeyId") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "KeyId") to include in API
// requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * SignBlobResponse ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod SignBlobResponse
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// SignJwtRequest: The service account sign JWT request.
type SignJwtRequest struct {
// Payload: The JWT payload to sign, a JSON JWT Claim set.
Payload string ` json:"payload,omitempty" `
// ForceSendFields is a list of field names (e.g. "Payload") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "Payload") to include in
// API requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * SignJwtRequest ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod SignJwtRequest
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// SignJwtResponse: The service account sign JWT response.
type SignJwtResponse struct {
// KeyId: The id of the key used to sign the JWT.
KeyId string ` json:"keyId,omitempty" `
// SignedJwt: The signed JWT.
SignedJwt string ` json:"signedJwt,omitempty" `
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi . ServerResponse ` json:"-" `
// ForceSendFields is a list of field names (e.g. "KeyId") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "KeyId") to include in API
// requests with the JSON null value. By default, fields with empty
// values are omitted from API requests. However, any field with an
// empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * SignJwtResponse ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod SignJwtResponse
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// TestIamPermissionsRequest: Request message for `TestIamPermissions`
// method.
type TestIamPermissionsRequest struct {
// Permissions: The set of permissions to check for the `resource`.
// Permissions with
// wildcards (such as '*' or 'storage.*') are not allowed. For
// more
// information see
// [IAM
// Overview](https://cloud.google.com/iam/docs/overview#permissions).
Permissions [ ] string ` json:"permissions,omitempty" `
// ForceSendFields is a list of field names (e.g. "Permissions") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "Permissions") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * TestIamPermissionsRequest ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod TestIamPermissionsRequest
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// TestIamPermissionsResponse: Response message for `TestIamPermissions`
// method.
type TestIamPermissionsResponse struct {
// Permissions: A subset of `TestPermissionsRequest.permissions` that
// the caller is
// allowed.
Permissions [ ] string ` json:"permissions,omitempty" `
// ServerResponse contains the HTTP response code and headers from the
// server.
googleapi . ServerResponse ` json:"-" `
// ForceSendFields is a list of field names (e.g. "Permissions") to
// unconditionally include in API requests. By default, fields with
// empty values are omitted from API requests. However, any non-pointer,
// non-interface field appearing in ForceSendFields will be sent to the
// server regardless of whether the field is empty or not. This may be
// used to include empty fields in Patch requests.
ForceSendFields [ ] string ` json:"-" `
// NullFields is a list of field names (e.g. "Permissions") to include
// in API requests with the JSON null value. By default, fields with
// empty values are omitted from API requests. However, any field with
// an empty value appearing in NullFields will be sent to the server as
// null. It is an error if a field in this list has a non-empty value.
// This may be used to include null fields in Patch requests.
NullFields [ ] string ` json:"-" `
}
func ( s * TestIamPermissionsResponse ) MarshalJSON ( ) ( [ ] byte , error ) {
type noMethod TestIamPermissionsResponse
raw := noMethod ( * s )
return gensupport . MarshalJSON ( raw , s . ForceSendFields , s . NullFields )
}
// method id "iam.projects.serviceAccounts.create":
type ProjectsServiceAccountsCreateCall struct {
s * Service
name string
createserviceaccountrequest * CreateServiceAccountRequest
urlParams_ gensupport . URLParams
ctx_ context . Context
header_ http . Header
}
// Create: Creates a ServiceAccount
// and returns it.
func ( r * ProjectsServiceAccountsService ) Create ( name string , createserviceaccountrequest * CreateServiceAccountRequest ) * ProjectsServiceAccountsCreateCall {
c := & ProjectsServiceAccountsCreateCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . name = name
c . createserviceaccountrequest = createserviceaccountrequest
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * ProjectsServiceAccountsCreateCall ) Fields ( s ... googleapi . Field ) * ProjectsServiceAccountsCreateCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * ProjectsServiceAccountsCreateCall ) Context ( ctx context . Context ) * ProjectsServiceAccountsCreateCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * ProjectsServiceAccountsCreateCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * ProjectsServiceAccountsCreateCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
var body io . Reader = nil
body , err := googleapi . WithoutDataWrapper . JSONReader ( c . createserviceaccountrequest )
if err != nil {
return nil , err
}
reqHeaders . Set ( "Content-Type" , "application/json" )
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/{+name}/serviceAccounts" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "POST" , urls , body )
req . Header = reqHeaders
googleapi . Expand ( req . URL , map [ string ] string {
"name" : c . name ,
} )
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.projects.serviceAccounts.create" call.
// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx
// status code is an error. Response headers are in either
// *ServiceAccount.ServerResponse.Header or (if a response was returned
// at all) in error.(*googleapi.Error).Header. Use
// googleapi.IsNotModified to check whether the returned error was
// because http.StatusNotModified was returned.
func ( c * ProjectsServiceAccountsCreateCall ) Do ( opts ... googleapi . CallOption ) ( * ServiceAccount , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & ServiceAccount {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Creates a ServiceAccount\nand returns it.",
// "flatPath": "v1/projects/{projectsId}/serviceAccounts",
// "httpMethod": "POST",
// "id": "iam.projects.serviceAccounts.create",
// "parameterOrder": [
// "name"
// ],
// "parameters": {
// "name": {
// "description": "Required. The resource name of the project associated with the service\naccounts, such as `projects/my-project-123`.",
// "location": "path",
// "pattern": "^projects/[^/]+$",
// "required": true,
// "type": "string"
// }
// },
// "path": "v1/{+name}/serviceAccounts",
// "request": {
// "$ref": "CreateServiceAccountRequest"
// },
// "response": {
// "$ref": "ServiceAccount"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// method id "iam.projects.serviceAccounts.delete":
type ProjectsServiceAccountsDeleteCall struct {
s * Service
name string
urlParams_ gensupport . URLParams
ctx_ context . Context
header_ http . Header
}
// Delete: Deletes a ServiceAccount.
func ( r * ProjectsServiceAccountsService ) Delete ( name string ) * ProjectsServiceAccountsDeleteCall {
c := & ProjectsServiceAccountsDeleteCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . name = name
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * ProjectsServiceAccountsDeleteCall ) Fields ( s ... googleapi . Field ) * ProjectsServiceAccountsDeleteCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * ProjectsServiceAccountsDeleteCall ) Context ( ctx context . Context ) * ProjectsServiceAccountsDeleteCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * ProjectsServiceAccountsDeleteCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * ProjectsServiceAccountsDeleteCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
var body io . Reader = nil
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/{+name}" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "DELETE" , urls , body )
req . Header = reqHeaders
googleapi . Expand ( req . URL , map [ string ] string {
"name" : c . name ,
} )
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.projects.serviceAccounts.delete" call.
// Exactly one of *Empty or error will be non-nil. Any non-2xx status
// code is an error. Response headers are in either
// *Empty.ServerResponse.Header or (if a response was returned at all)
// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
// check whether the returned error was because http.StatusNotModified
// was returned.
func ( c * ProjectsServiceAccountsDeleteCall ) Do ( opts ... googleapi . CallOption ) ( * Empty , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & Empty {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Deletes a ServiceAccount.",
// "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}",
// "httpMethod": "DELETE",
// "id": "iam.projects.serviceAccounts.delete",
// "parameterOrder": [
// "name"
// ],
// "parameters": {
// "name": {
// "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.\nUsing `-` as a wildcard for the project will infer the project from\nthe account. The `account` value can be the `email` address or the\n`unique_id` of the service account.",
// "location": "path",
// "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$",
// "required": true,
// "type": "string"
// }
// },
// "path": "v1/{+name}",
// "response": {
// "$ref": "Empty"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// method id "iam.projects.serviceAccounts.get":
type ProjectsServiceAccountsGetCall struct {
s * Service
name string
urlParams_ gensupport . URLParams
ifNoneMatch_ string
ctx_ context . Context
header_ http . Header
}
// Get: Gets a ServiceAccount.
func ( r * ProjectsServiceAccountsService ) Get ( name string ) * ProjectsServiceAccountsGetCall {
c := & ProjectsServiceAccountsGetCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . name = name
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * ProjectsServiceAccountsGetCall ) Fields ( s ... googleapi . Field ) * ProjectsServiceAccountsGetCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// IfNoneMatch sets the optional parameter which makes the operation
// fail if the object's ETag matches the given value. This is useful for
// getting updates only after the object has changed since the last
// request. Use googleapi.IsNotModified to check whether the response
// error from Do is the result of In-None-Match.
func ( c * ProjectsServiceAccountsGetCall ) IfNoneMatch ( entityTag string ) * ProjectsServiceAccountsGetCall {
c . ifNoneMatch_ = entityTag
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * ProjectsServiceAccountsGetCall ) Context ( ctx context . Context ) * ProjectsServiceAccountsGetCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * ProjectsServiceAccountsGetCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * ProjectsServiceAccountsGetCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
if c . ifNoneMatch_ != "" {
reqHeaders . Set ( "If-None-Match" , c . ifNoneMatch_ )
}
var body io . Reader = nil
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/{+name}" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "GET" , urls , body )
req . Header = reqHeaders
googleapi . Expand ( req . URL , map [ string ] string {
"name" : c . name ,
} )
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.projects.serviceAccounts.get" call.
// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx
// status code is an error. Response headers are in either
// *ServiceAccount.ServerResponse.Header or (if a response was returned
// at all) in error.(*googleapi.Error).Header. Use
// googleapi.IsNotModified to check whether the returned error was
// because http.StatusNotModified was returned.
func ( c * ProjectsServiceAccountsGetCall ) Do ( opts ... googleapi . CallOption ) ( * ServiceAccount , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & ServiceAccount {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Gets a ServiceAccount.",
// "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}",
// "httpMethod": "GET",
// "id": "iam.projects.serviceAccounts.get",
// "parameterOrder": [
// "name"
// ],
// "parameters": {
// "name": {
// "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.\nUsing `-` as a wildcard for the project will infer the project from\nthe account. The `account` value can be the `email` address or the\n`unique_id` of the service account.",
// "location": "path",
// "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$",
// "required": true,
// "type": "string"
// }
// },
// "path": "v1/{+name}",
// "response": {
// "$ref": "ServiceAccount"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// method id "iam.projects.serviceAccounts.getIamPolicy":
type ProjectsServiceAccountsGetIamPolicyCall struct {
s * Service
resource string
urlParams_ gensupport . URLParams
ctx_ context . Context
header_ http . Header
}
// GetIamPolicy: Returns the IAM access control policy for
// a
// ServiceAccount.
func ( r * ProjectsServiceAccountsService ) GetIamPolicy ( resource string ) * ProjectsServiceAccountsGetIamPolicyCall {
c := & ProjectsServiceAccountsGetIamPolicyCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . resource = resource
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * ProjectsServiceAccountsGetIamPolicyCall ) Fields ( s ... googleapi . Field ) * ProjectsServiceAccountsGetIamPolicyCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * ProjectsServiceAccountsGetIamPolicyCall ) Context ( ctx context . Context ) * ProjectsServiceAccountsGetIamPolicyCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * ProjectsServiceAccountsGetIamPolicyCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * ProjectsServiceAccountsGetIamPolicyCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
var body io . Reader = nil
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/{+resource}:getIamPolicy" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "POST" , urls , body )
req . Header = reqHeaders
googleapi . Expand ( req . URL , map [ string ] string {
"resource" : c . resource ,
} )
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.projects.serviceAccounts.getIamPolicy" call.
// Exactly one of *Policy or error will be non-nil. Any non-2xx status
// code is an error. Response headers are in either
// *Policy.ServerResponse.Header or (if a response was returned at all)
// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
// check whether the returned error was because http.StatusNotModified
// was returned.
func ( c * ProjectsServiceAccountsGetIamPolicyCall ) Do ( opts ... googleapi . CallOption ) ( * Policy , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & Policy {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Returns the IAM access control policy for a\nServiceAccount.",
// "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:getIamPolicy",
// "httpMethod": "POST",
// "id": "iam.projects.serviceAccounts.getIamPolicy",
// "parameterOrder": [
// "resource"
// ],
// "parameters": {
// "resource": {
// "description": "REQUIRED: The resource for which the policy is being requested.\nSee the operation documentation for the appropriate value for this field.",
// "location": "path",
// "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$",
// "required": true,
// "type": "string"
// }
// },
// "path": "v1/{+resource}:getIamPolicy",
// "response": {
// "$ref": "Policy"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// method id "iam.projects.serviceAccounts.list":
type ProjectsServiceAccountsListCall struct {
s * Service
name string
urlParams_ gensupport . URLParams
ifNoneMatch_ string
ctx_ context . Context
header_ http . Header
}
// List: Lists ServiceAccounts for a project.
func ( r * ProjectsServiceAccountsService ) List ( name string ) * ProjectsServiceAccountsListCall {
c := & ProjectsServiceAccountsListCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . name = name
return c
}
// PageSize sets the optional parameter "pageSize": Optional limit on
// the number of service accounts to include in the
// response. Further accounts can subsequently be obtained by including
// the
// ListServiceAccountsResponse.next_page_token
// in a subsequent request.
func ( c * ProjectsServiceAccountsListCall ) PageSize ( pageSize int64 ) * ProjectsServiceAccountsListCall {
c . urlParams_ . Set ( "pageSize" , fmt . Sprint ( pageSize ) )
return c
}
// PageToken sets the optional parameter "pageToken": Optional
// pagination token returned in an
// earlier
// ListServiceAccountsResponse.next_page_token.
func ( c * ProjectsServiceAccountsListCall ) PageToken ( pageToken string ) * ProjectsServiceAccountsListCall {
c . urlParams_ . Set ( "pageToken" , pageToken )
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * ProjectsServiceAccountsListCall ) Fields ( s ... googleapi . Field ) * ProjectsServiceAccountsListCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// IfNoneMatch sets the optional parameter which makes the operation
// fail if the object's ETag matches the given value. This is useful for
// getting updates only after the object has changed since the last
// request. Use googleapi.IsNotModified to check whether the response
// error from Do is the result of In-None-Match.
func ( c * ProjectsServiceAccountsListCall ) IfNoneMatch ( entityTag string ) * ProjectsServiceAccountsListCall {
c . ifNoneMatch_ = entityTag
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * ProjectsServiceAccountsListCall ) Context ( ctx context . Context ) * ProjectsServiceAccountsListCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * ProjectsServiceAccountsListCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * ProjectsServiceAccountsListCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
if c . ifNoneMatch_ != "" {
reqHeaders . Set ( "If-None-Match" , c . ifNoneMatch_ )
}
var body io . Reader = nil
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/{+name}/serviceAccounts" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "GET" , urls , body )
req . Header = reqHeaders
googleapi . Expand ( req . URL , map [ string ] string {
"name" : c . name ,
} )
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.projects.serviceAccounts.list" call.
// Exactly one of *ListServiceAccountsResponse or error will be non-nil.
// Any non-2xx status code is an error. Response headers are in either
// *ListServiceAccountsResponse.ServerResponse.Header or (if a response
// was returned at all) in error.(*googleapi.Error).Header. Use
// googleapi.IsNotModified to check whether the returned error was
// because http.StatusNotModified was returned.
func ( c * ProjectsServiceAccountsListCall ) Do ( opts ... googleapi . CallOption ) ( * ListServiceAccountsResponse , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & ListServiceAccountsResponse {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Lists ServiceAccounts for a project.",
// "flatPath": "v1/projects/{projectsId}/serviceAccounts",
// "httpMethod": "GET",
// "id": "iam.projects.serviceAccounts.list",
// "parameterOrder": [
// "name"
// ],
// "parameters": {
// "name": {
// "description": "Required. The resource name of the project associated with the service\naccounts, such as `projects/my-project-123`.",
// "location": "path",
// "pattern": "^projects/[^/]+$",
// "required": true,
// "type": "string"
// },
// "pageSize": {
// "description": "Optional limit on the number of service accounts to include in the\nresponse. Further accounts can subsequently be obtained by including the\nListServiceAccountsResponse.next_page_token\nin a subsequent request.",
// "format": "int32",
// "location": "query",
// "type": "integer"
// },
// "pageToken": {
// "description": "Optional pagination token returned in an earlier\nListServiceAccountsResponse.next_page_token.",
// "location": "query",
// "type": "string"
// }
// },
// "path": "v1/{+name}/serviceAccounts",
// "response": {
// "$ref": "ListServiceAccountsResponse"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// Pages invokes f for each page of results.
// A non-nil error returned from f will halt the iteration.
// The provided context supersedes any context provided to the Context method.
func ( c * ProjectsServiceAccountsListCall ) Pages ( ctx context . Context , f func ( * ListServiceAccountsResponse ) error ) error {
c . ctx_ = ctx
defer c . PageToken ( c . urlParams_ . Get ( "pageToken" ) ) // reset paging to original point
for {
x , err := c . Do ( )
if err != nil {
return err
}
if err := f ( x ) ; err != nil {
return err
}
if x . NextPageToken == "" {
return nil
}
c . PageToken ( x . NextPageToken )
}
}
// method id "iam.projects.serviceAccounts.setIamPolicy":
type ProjectsServiceAccountsSetIamPolicyCall struct {
s * Service
resource string
setiampolicyrequest * SetIamPolicyRequest
urlParams_ gensupport . URLParams
ctx_ context . Context
header_ http . Header
}
// SetIamPolicy: Sets the IAM access control policy for
// a
// ServiceAccount.
func ( r * ProjectsServiceAccountsService ) SetIamPolicy ( resource string , setiampolicyrequest * SetIamPolicyRequest ) * ProjectsServiceAccountsSetIamPolicyCall {
c := & ProjectsServiceAccountsSetIamPolicyCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . resource = resource
c . setiampolicyrequest = setiampolicyrequest
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * ProjectsServiceAccountsSetIamPolicyCall ) Fields ( s ... googleapi . Field ) * ProjectsServiceAccountsSetIamPolicyCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * ProjectsServiceAccountsSetIamPolicyCall ) Context ( ctx context . Context ) * ProjectsServiceAccountsSetIamPolicyCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * ProjectsServiceAccountsSetIamPolicyCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * ProjectsServiceAccountsSetIamPolicyCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
var body io . Reader = nil
body , err := googleapi . WithoutDataWrapper . JSONReader ( c . setiampolicyrequest )
if err != nil {
return nil , err
}
reqHeaders . Set ( "Content-Type" , "application/json" )
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/{+resource}:setIamPolicy" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "POST" , urls , body )
req . Header = reqHeaders
googleapi . Expand ( req . URL , map [ string ] string {
"resource" : c . resource ,
} )
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.projects.serviceAccounts.setIamPolicy" call.
// Exactly one of *Policy or error will be non-nil. Any non-2xx status
// code is an error. Response headers are in either
// *Policy.ServerResponse.Header or (if a response was returned at all)
// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
// check whether the returned error was because http.StatusNotModified
// was returned.
func ( c * ProjectsServiceAccountsSetIamPolicyCall ) Do ( opts ... googleapi . CallOption ) ( * Policy , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & Policy {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Sets the IAM access control policy for a\nServiceAccount.",
// "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:setIamPolicy",
// "httpMethod": "POST",
// "id": "iam.projects.serviceAccounts.setIamPolicy",
// "parameterOrder": [
// "resource"
// ],
// "parameters": {
// "resource": {
// "description": "REQUIRED: The resource for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.",
// "location": "path",
// "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$",
// "required": true,
// "type": "string"
// }
// },
// "path": "v1/{+resource}:setIamPolicy",
// "request": {
// "$ref": "SetIamPolicyRequest"
// },
// "response": {
// "$ref": "Policy"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// method id "iam.projects.serviceAccounts.signBlob":
type ProjectsServiceAccountsSignBlobCall struct {
s * Service
name string
signblobrequest * SignBlobRequest
urlParams_ gensupport . URLParams
ctx_ context . Context
header_ http . Header
}
// SignBlob: Signs a blob using a service account's system-managed
// private key.
func ( r * ProjectsServiceAccountsService ) SignBlob ( name string , signblobrequest * SignBlobRequest ) * ProjectsServiceAccountsSignBlobCall {
c := & ProjectsServiceAccountsSignBlobCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . name = name
c . signblobrequest = signblobrequest
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * ProjectsServiceAccountsSignBlobCall ) Fields ( s ... googleapi . Field ) * ProjectsServiceAccountsSignBlobCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * ProjectsServiceAccountsSignBlobCall ) Context ( ctx context . Context ) * ProjectsServiceAccountsSignBlobCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * ProjectsServiceAccountsSignBlobCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * ProjectsServiceAccountsSignBlobCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
var body io . Reader = nil
body , err := googleapi . WithoutDataWrapper . JSONReader ( c . signblobrequest )
if err != nil {
return nil , err
}
reqHeaders . Set ( "Content-Type" , "application/json" )
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/{+name}:signBlob" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "POST" , urls , body )
req . Header = reqHeaders
googleapi . Expand ( req . URL , map [ string ] string {
"name" : c . name ,
} )
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.projects.serviceAccounts.signBlob" call.
// Exactly one of *SignBlobResponse or error will be non-nil. Any
// non-2xx status code is an error. Response headers are in either
// *SignBlobResponse.ServerResponse.Header or (if a response was
// returned at all) in error.(*googleapi.Error).Header. Use
// googleapi.IsNotModified to check whether the returned error was
// because http.StatusNotModified was returned.
func ( c * ProjectsServiceAccountsSignBlobCall ) Do ( opts ... googleapi . CallOption ) ( * SignBlobResponse , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & SignBlobResponse {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Signs a blob using a service account's system-managed private key.",
// "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signBlob",
// "httpMethod": "POST",
// "id": "iam.projects.serviceAccounts.signBlob",
// "parameterOrder": [
// "name"
// ],
// "parameters": {
// "name": {
// "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.\nUsing `-` as a wildcard for the project will infer the project from\nthe account. The `account` value can be the `email` address or the\n`unique_id` of the service account.",
// "location": "path",
// "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$",
// "required": true,
// "type": "string"
// }
// },
// "path": "v1/{+name}:signBlob",
// "request": {
// "$ref": "SignBlobRequest"
// },
// "response": {
// "$ref": "SignBlobResponse"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// method id "iam.projects.serviceAccounts.signJwt":
type ProjectsServiceAccountsSignJwtCall struct {
s * Service
name string
signjwtrequest * SignJwtRequest
urlParams_ gensupport . URLParams
ctx_ context . Context
header_ http . Header
}
// SignJwt: Signs a JWT using a service account's system-managed private
// key.
//
// If no expiry time (`exp`) is provided in the `SignJwtRequest`, IAM
// sets an
// an expiry time of one hour by default. If you request an expiry time
// of
// more than one hour, the request will fail.
func ( r * ProjectsServiceAccountsService ) SignJwt ( name string , signjwtrequest * SignJwtRequest ) * ProjectsServiceAccountsSignJwtCall {
c := & ProjectsServiceAccountsSignJwtCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . name = name
c . signjwtrequest = signjwtrequest
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * ProjectsServiceAccountsSignJwtCall ) Fields ( s ... googleapi . Field ) * ProjectsServiceAccountsSignJwtCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * ProjectsServiceAccountsSignJwtCall ) Context ( ctx context . Context ) * ProjectsServiceAccountsSignJwtCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * ProjectsServiceAccountsSignJwtCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * ProjectsServiceAccountsSignJwtCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
var body io . Reader = nil
body , err := googleapi . WithoutDataWrapper . JSONReader ( c . signjwtrequest )
if err != nil {
return nil , err
}
reqHeaders . Set ( "Content-Type" , "application/json" )
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/{+name}:signJwt" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "POST" , urls , body )
req . Header = reqHeaders
googleapi . Expand ( req . URL , map [ string ] string {
"name" : c . name ,
} )
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.projects.serviceAccounts.signJwt" call.
// Exactly one of *SignJwtResponse or error will be non-nil. Any non-2xx
// status code is an error. Response headers are in either
// *SignJwtResponse.ServerResponse.Header or (if a response was returned
// at all) in error.(*googleapi.Error).Header. Use
// googleapi.IsNotModified to check whether the returned error was
// because http.StatusNotModified was returned.
func ( c * ProjectsServiceAccountsSignJwtCall ) Do ( opts ... googleapi . CallOption ) ( * SignJwtResponse , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & SignJwtResponse {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Signs a JWT using a service account's system-managed private key.\n\nIf no expiry time (`exp`) is provided in the `SignJwtRequest`, IAM sets an\nan expiry time of one hour by default. If you request an expiry time of\nmore than one hour, the request will fail.",
// "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signJwt",
// "httpMethod": "POST",
// "id": "iam.projects.serviceAccounts.signJwt",
// "parameterOrder": [
// "name"
// ],
// "parameters": {
// "name": {
// "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.\nUsing `-` as a wildcard for the project will infer the project from\nthe account. The `account` value can be the `email` address or the\n`unique_id` of the service account.",
// "location": "path",
// "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$",
// "required": true,
// "type": "string"
// }
// },
// "path": "v1/{+name}:signJwt",
// "request": {
// "$ref": "SignJwtRequest"
// },
// "response": {
// "$ref": "SignJwtResponse"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// method id "iam.projects.serviceAccounts.testIamPermissions":
type ProjectsServiceAccountsTestIamPermissionsCall struct {
s * Service
resource string
testiampermissionsrequest * TestIamPermissionsRequest
urlParams_ gensupport . URLParams
ctx_ context . Context
header_ http . Header
}
// TestIamPermissions: Tests the specified permissions against the IAM
// access control policy
// for a ServiceAccount.
func ( r * ProjectsServiceAccountsService ) TestIamPermissions ( resource string , testiampermissionsrequest * TestIamPermissionsRequest ) * ProjectsServiceAccountsTestIamPermissionsCall {
c := & ProjectsServiceAccountsTestIamPermissionsCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . resource = resource
c . testiampermissionsrequest = testiampermissionsrequest
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * ProjectsServiceAccountsTestIamPermissionsCall ) Fields ( s ... googleapi . Field ) * ProjectsServiceAccountsTestIamPermissionsCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * ProjectsServiceAccountsTestIamPermissionsCall ) Context ( ctx context . Context ) * ProjectsServiceAccountsTestIamPermissionsCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * ProjectsServiceAccountsTestIamPermissionsCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * ProjectsServiceAccountsTestIamPermissionsCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
var body io . Reader = nil
body , err := googleapi . WithoutDataWrapper . JSONReader ( c . testiampermissionsrequest )
if err != nil {
return nil , err
}
reqHeaders . Set ( "Content-Type" , "application/json" )
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/{+resource}:testIamPermissions" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "POST" , urls , body )
req . Header = reqHeaders
googleapi . Expand ( req . URL , map [ string ] string {
"resource" : c . resource ,
} )
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.projects.serviceAccounts.testIamPermissions" call.
// Exactly one of *TestIamPermissionsResponse or error will be non-nil.
// Any non-2xx status code is an error. Response headers are in either
// *TestIamPermissionsResponse.ServerResponse.Header or (if a response
// was returned at all) in error.(*googleapi.Error).Header. Use
// googleapi.IsNotModified to check whether the returned error was
// because http.StatusNotModified was returned.
func ( c * ProjectsServiceAccountsTestIamPermissionsCall ) Do ( opts ... googleapi . CallOption ) ( * TestIamPermissionsResponse , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & TestIamPermissionsResponse {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Tests the specified permissions against the IAM access control policy\nfor a ServiceAccount.",
// "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:testIamPermissions",
// "httpMethod": "POST",
// "id": "iam.projects.serviceAccounts.testIamPermissions",
// "parameterOrder": [
// "resource"
// ],
// "parameters": {
// "resource": {
// "description": "REQUIRED: The resource for which the policy detail is being requested.\nSee the operation documentation for the appropriate value for this field.",
// "location": "path",
// "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$",
// "required": true,
// "type": "string"
// }
// },
// "path": "v1/{+resource}:testIamPermissions",
// "request": {
// "$ref": "TestIamPermissionsRequest"
// },
// "response": {
// "$ref": "TestIamPermissionsResponse"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// method id "iam.projects.serviceAccounts.update":
type ProjectsServiceAccountsUpdateCall struct {
s * Service
name string
serviceaccount * ServiceAccount
urlParams_ gensupport . URLParams
ctx_ context . Context
header_ http . Header
}
// Update: Updates a ServiceAccount.
//
// Currently, only the following fields are updatable:
// `display_name` .
// The `etag` is mandatory.
func ( r * ProjectsServiceAccountsService ) Update ( name string , serviceaccount * ServiceAccount ) * ProjectsServiceAccountsUpdateCall {
c := & ProjectsServiceAccountsUpdateCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . name = name
c . serviceaccount = serviceaccount
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * ProjectsServiceAccountsUpdateCall ) Fields ( s ... googleapi . Field ) * ProjectsServiceAccountsUpdateCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * ProjectsServiceAccountsUpdateCall ) Context ( ctx context . Context ) * ProjectsServiceAccountsUpdateCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * ProjectsServiceAccountsUpdateCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * ProjectsServiceAccountsUpdateCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
var body io . Reader = nil
body , err := googleapi . WithoutDataWrapper . JSONReader ( c . serviceaccount )
if err != nil {
return nil , err
}
reqHeaders . Set ( "Content-Type" , "application/json" )
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/{+name}" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "PUT" , urls , body )
req . Header = reqHeaders
googleapi . Expand ( req . URL , map [ string ] string {
"name" : c . name ,
} )
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.projects.serviceAccounts.update" call.
// Exactly one of *ServiceAccount or error will be non-nil. Any non-2xx
// status code is an error. Response headers are in either
// *ServiceAccount.ServerResponse.Header or (if a response was returned
// at all) in error.(*googleapi.Error).Header. Use
// googleapi.IsNotModified to check whether the returned error was
// because http.StatusNotModified was returned.
func ( c * ProjectsServiceAccountsUpdateCall ) Do ( opts ... googleapi . CallOption ) ( * ServiceAccount , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & ServiceAccount {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Updates a ServiceAccount.\n\nCurrently, only the following fields are updatable:\n`display_name` .\nThe `etag` is mandatory.",
// "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}",
// "httpMethod": "PUT",
// "id": "iam.projects.serviceAccounts.update",
// "parameterOrder": [
// "name"
// ],
// "parameters": {
// "name": {
// "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.\n\nRequests using `-` as a wildcard for the project will infer the project\nfrom the `account` and the `account` value can be the `email` address or\nthe `unique_id` of the service account.\n\nIn responses the resource name will always be in the format\n`projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.",
// "location": "path",
// "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$",
// "required": true,
// "type": "string"
// }
// },
// "path": "v1/{+name}",
// "request": {
// "$ref": "ServiceAccount"
// },
// "response": {
// "$ref": "ServiceAccount"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// method id "iam.projects.serviceAccounts.keys.create":
type ProjectsServiceAccountsKeysCreateCall struct {
s * Service
name string
createserviceaccountkeyrequest * CreateServiceAccountKeyRequest
urlParams_ gensupport . URLParams
ctx_ context . Context
header_ http . Header
}
// Create: Creates a ServiceAccountKey
// and returns it.
func ( r * ProjectsServiceAccountsKeysService ) Create ( name string , createserviceaccountkeyrequest * CreateServiceAccountKeyRequest ) * ProjectsServiceAccountsKeysCreateCall {
c := & ProjectsServiceAccountsKeysCreateCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . name = name
c . createserviceaccountkeyrequest = createserviceaccountkeyrequest
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * ProjectsServiceAccountsKeysCreateCall ) Fields ( s ... googleapi . Field ) * ProjectsServiceAccountsKeysCreateCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * ProjectsServiceAccountsKeysCreateCall ) Context ( ctx context . Context ) * ProjectsServiceAccountsKeysCreateCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * ProjectsServiceAccountsKeysCreateCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * ProjectsServiceAccountsKeysCreateCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
var body io . Reader = nil
body , err := googleapi . WithoutDataWrapper . JSONReader ( c . createserviceaccountkeyrequest )
if err != nil {
return nil , err
}
reqHeaders . Set ( "Content-Type" , "application/json" )
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/{+name}/keys" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "POST" , urls , body )
req . Header = reqHeaders
googleapi . Expand ( req . URL , map [ string ] string {
"name" : c . name ,
} )
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.projects.serviceAccounts.keys.create" call.
// Exactly one of *ServiceAccountKey or error will be non-nil. Any
// non-2xx status code is an error. Response headers are in either
// *ServiceAccountKey.ServerResponse.Header or (if a response was
// returned at all) in error.(*googleapi.Error).Header. Use
// googleapi.IsNotModified to check whether the returned error was
// because http.StatusNotModified was returned.
func ( c * ProjectsServiceAccountsKeysCreateCall ) Do ( opts ... googleapi . CallOption ) ( * ServiceAccountKey , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & ServiceAccountKey {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Creates a ServiceAccountKey\nand returns it.",
// "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys",
// "httpMethod": "POST",
// "id": "iam.projects.serviceAccounts.keys.create",
// "parameterOrder": [
// "name"
// ],
// "parameters": {
// "name": {
// "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.\nUsing `-` as a wildcard for the project will infer the project from\nthe account. The `account` value can be the `email` address or the\n`unique_id` of the service account.",
// "location": "path",
// "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$",
// "required": true,
// "type": "string"
// }
// },
// "path": "v1/{+name}/keys",
// "request": {
// "$ref": "CreateServiceAccountKeyRequest"
// },
// "response": {
// "$ref": "ServiceAccountKey"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// method id "iam.projects.serviceAccounts.keys.delete":
type ProjectsServiceAccountsKeysDeleteCall struct {
s * Service
name string
urlParams_ gensupport . URLParams
ctx_ context . Context
header_ http . Header
}
// Delete: Deletes a ServiceAccountKey.
func ( r * ProjectsServiceAccountsKeysService ) Delete ( name string ) * ProjectsServiceAccountsKeysDeleteCall {
c := & ProjectsServiceAccountsKeysDeleteCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . name = name
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * ProjectsServiceAccountsKeysDeleteCall ) Fields ( s ... googleapi . Field ) * ProjectsServiceAccountsKeysDeleteCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * ProjectsServiceAccountsKeysDeleteCall ) Context ( ctx context . Context ) * ProjectsServiceAccountsKeysDeleteCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * ProjectsServiceAccountsKeysDeleteCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * ProjectsServiceAccountsKeysDeleteCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
var body io . Reader = nil
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/{+name}" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "DELETE" , urls , body )
req . Header = reqHeaders
googleapi . Expand ( req . URL , map [ string ] string {
"name" : c . name ,
} )
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.projects.serviceAccounts.keys.delete" call.
// Exactly one of *Empty or error will be non-nil. Any non-2xx status
// code is an error. Response headers are in either
// *Empty.ServerResponse.Header or (if a response was returned at all)
// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
// check whether the returned error was because http.StatusNotModified
// was returned.
func ( c * ProjectsServiceAccountsKeysDeleteCall ) Do ( opts ... googleapi . CallOption ) ( * Empty , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & Empty {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Deletes a ServiceAccountKey.",
// "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}",
// "httpMethod": "DELETE",
// "id": "iam.projects.serviceAccounts.keys.delete",
// "parameterOrder": [
// "name"
// ],
// "parameters": {
// "name": {
// "description": "The resource name of the service account key in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}/keys/{key}`.\nUsing `-` as a wildcard for the project will infer the project from\nthe account. The `account` value can be the `email` address or the\n`unique_id` of the service account.",
// "location": "path",
// "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$",
// "required": true,
// "type": "string"
// }
// },
// "path": "v1/{+name}",
// "response": {
// "$ref": "Empty"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// method id "iam.projects.serviceAccounts.keys.get":
type ProjectsServiceAccountsKeysGetCall struct {
s * Service
name string
urlParams_ gensupport . URLParams
ifNoneMatch_ string
ctx_ context . Context
header_ http . Header
}
// Get: Gets the ServiceAccountKey
// by key id.
func ( r * ProjectsServiceAccountsKeysService ) Get ( name string ) * ProjectsServiceAccountsKeysGetCall {
c := & ProjectsServiceAccountsKeysGetCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . name = name
return c
}
// PublicKeyType sets the optional parameter "publicKeyType": The output
// format of the public key requested.
// X509_PEM is the default output format.
//
// Possible values:
// "TYPE_NONE"
// "TYPE_X509_PEM_FILE"
// "TYPE_RAW_PUBLIC_KEY"
func ( c * ProjectsServiceAccountsKeysGetCall ) PublicKeyType ( publicKeyType string ) * ProjectsServiceAccountsKeysGetCall {
c . urlParams_ . Set ( "publicKeyType" , publicKeyType )
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * ProjectsServiceAccountsKeysGetCall ) Fields ( s ... googleapi . Field ) * ProjectsServiceAccountsKeysGetCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// IfNoneMatch sets the optional parameter which makes the operation
// fail if the object's ETag matches the given value. This is useful for
// getting updates only after the object has changed since the last
// request. Use googleapi.IsNotModified to check whether the response
// error from Do is the result of In-None-Match.
func ( c * ProjectsServiceAccountsKeysGetCall ) IfNoneMatch ( entityTag string ) * ProjectsServiceAccountsKeysGetCall {
c . ifNoneMatch_ = entityTag
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * ProjectsServiceAccountsKeysGetCall ) Context ( ctx context . Context ) * ProjectsServiceAccountsKeysGetCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * ProjectsServiceAccountsKeysGetCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * ProjectsServiceAccountsKeysGetCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
if c . ifNoneMatch_ != "" {
reqHeaders . Set ( "If-None-Match" , c . ifNoneMatch_ )
}
var body io . Reader = nil
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/{+name}" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "GET" , urls , body )
req . Header = reqHeaders
googleapi . Expand ( req . URL , map [ string ] string {
"name" : c . name ,
} )
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.projects.serviceAccounts.keys.get" call.
// Exactly one of *ServiceAccountKey or error will be non-nil. Any
// non-2xx status code is an error. Response headers are in either
// *ServiceAccountKey.ServerResponse.Header or (if a response was
// returned at all) in error.(*googleapi.Error).Header. Use
// googleapi.IsNotModified to check whether the returned error was
// because http.StatusNotModified was returned.
func ( c * ProjectsServiceAccountsKeysGetCall ) Do ( opts ... googleapi . CallOption ) ( * ServiceAccountKey , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & ServiceAccountKey {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Gets the ServiceAccountKey\nby key id.",
// "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys/{keysId}",
// "httpMethod": "GET",
// "id": "iam.projects.serviceAccounts.keys.get",
// "parameterOrder": [
// "name"
// ],
// "parameters": {
// "name": {
// "description": "The resource name of the service account key in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}/keys/{key}`.\n\nUsing `-` as a wildcard for the project will infer the project from\nthe account. The `account` value can be the `email` address or the\n`unique_id` of the service account.",
// "location": "path",
// "pattern": "^projects/[^/]+/serviceAccounts/[^/]+/keys/[^/]+$",
// "required": true,
// "type": "string"
// },
// "publicKeyType": {
// "description": "The output format of the public key requested.\nX509_PEM is the default output format.",
// "enum": [
// "TYPE_NONE",
// "TYPE_X509_PEM_FILE",
// "TYPE_RAW_PUBLIC_KEY"
// ],
// "location": "query",
// "type": "string"
// }
// },
// "path": "v1/{+name}",
// "response": {
// "$ref": "ServiceAccountKey"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// method id "iam.projects.serviceAccounts.keys.list":
type ProjectsServiceAccountsKeysListCall struct {
s * Service
name string
urlParams_ gensupport . URLParams
ifNoneMatch_ string
ctx_ context . Context
header_ http . Header
}
// List: Lists ServiceAccountKeys.
func ( r * ProjectsServiceAccountsKeysService ) List ( name string ) * ProjectsServiceAccountsKeysListCall {
c := & ProjectsServiceAccountsKeysListCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . name = name
return c
}
// KeyTypes sets the optional parameter "keyTypes": Filters the types of
// keys the user wants to include in the list
// response. Duplicate key types are not allowed. If no key type
// is provided, all keys are returned.
//
// Possible values:
// "KEY_TYPE_UNSPECIFIED"
// "USER_MANAGED"
// "SYSTEM_MANAGED"
func ( c * ProjectsServiceAccountsKeysListCall ) KeyTypes ( keyTypes ... string ) * ProjectsServiceAccountsKeysListCall {
c . urlParams_ . SetMulti ( "keyTypes" , append ( [ ] string { } , keyTypes ... ) )
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * ProjectsServiceAccountsKeysListCall ) Fields ( s ... googleapi . Field ) * ProjectsServiceAccountsKeysListCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// IfNoneMatch sets the optional parameter which makes the operation
// fail if the object's ETag matches the given value. This is useful for
// getting updates only after the object has changed since the last
// request. Use googleapi.IsNotModified to check whether the response
// error from Do is the result of In-None-Match.
func ( c * ProjectsServiceAccountsKeysListCall ) IfNoneMatch ( entityTag string ) * ProjectsServiceAccountsKeysListCall {
c . ifNoneMatch_ = entityTag
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * ProjectsServiceAccountsKeysListCall ) Context ( ctx context . Context ) * ProjectsServiceAccountsKeysListCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * ProjectsServiceAccountsKeysListCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * ProjectsServiceAccountsKeysListCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
if c . ifNoneMatch_ != "" {
reqHeaders . Set ( "If-None-Match" , c . ifNoneMatch_ )
}
var body io . Reader = nil
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/{+name}/keys" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "GET" , urls , body )
req . Header = reqHeaders
googleapi . Expand ( req . URL , map [ string ] string {
"name" : c . name ,
} )
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.projects.serviceAccounts.keys.list" call.
// Exactly one of *ListServiceAccountKeysResponse or error will be
// non-nil. Any non-2xx status code is an error. Response headers are in
// either *ListServiceAccountKeysResponse.ServerResponse.Header or (if a
// response was returned at all) in error.(*googleapi.Error).Header. Use
// googleapi.IsNotModified to check whether the returned error was
// because http.StatusNotModified was returned.
func ( c * ProjectsServiceAccountsKeysListCall ) Do ( opts ... googleapi . CallOption ) ( * ListServiceAccountKeysResponse , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & ListServiceAccountKeysResponse {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Lists ServiceAccountKeys.",
// "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/keys",
// "httpMethod": "GET",
// "id": "iam.projects.serviceAccounts.keys.list",
// "parameterOrder": [
// "name"
// ],
// "parameters": {
// "keyTypes": {
// "description": "Filters the types of keys the user wants to include in the list\nresponse. Duplicate key types are not allowed. If no key type\nis provided, all keys are returned.",
// "enum": [
// "KEY_TYPE_UNSPECIFIED",
// "USER_MANAGED",
// "SYSTEM_MANAGED"
// ],
// "location": "query",
// "repeated": true,
// "type": "string"
// },
// "name": {
// "description": "The resource name of the service account in the following format:\n`projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}`.\n\nUsing `-` as a wildcard for the project, will infer the project from\nthe account. The `account` value can be the `email` address or the\n`unique_id` of the service account.",
// "location": "path",
// "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$",
// "required": true,
// "type": "string"
// }
// },
// "path": "v1/{+name}/keys",
// "response": {
// "$ref": "ListServiceAccountKeysResponse"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// method id "iam.roles.queryGrantableRoles":
type RolesQueryGrantableRolesCall struct {
s * Service
querygrantablerolesrequest * QueryGrantableRolesRequest
urlParams_ gensupport . URLParams
ctx_ context . Context
header_ http . Header
}
// QueryGrantableRoles: Queries roles that can be granted on a
// particular resource.
// A role is grantable if it can be used as the role in a binding for a
// policy
// for that resource.
func ( r * RolesService ) QueryGrantableRoles ( querygrantablerolesrequest * QueryGrantableRolesRequest ) * RolesQueryGrantableRolesCall {
c := & RolesQueryGrantableRolesCall { s : r . s , urlParams_ : make ( gensupport . URLParams ) }
c . querygrantablerolesrequest = querygrantablerolesrequest
return c
}
// Fields allows partial responses to be retrieved. See
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
// for more information.
func ( c * RolesQueryGrantableRolesCall ) Fields ( s ... googleapi . Field ) * RolesQueryGrantableRolesCall {
c . urlParams_ . Set ( "fields" , googleapi . CombineFields ( s ) )
return c
}
// Context sets the context to be used in this call's Do method. Any
// pending HTTP request will be aborted if the provided context is
// canceled.
func ( c * RolesQueryGrantableRolesCall ) Context ( ctx context . Context ) * RolesQueryGrantableRolesCall {
c . ctx_ = ctx
return c
}
// Header returns an http.Header that can be modified by the caller to
// add HTTP headers to the request.
func ( c * RolesQueryGrantableRolesCall ) Header ( ) http . Header {
if c . header_ == nil {
c . header_ = make ( http . Header )
}
return c . header_
}
func ( c * RolesQueryGrantableRolesCall ) doRequest ( alt string ) ( * http . Response , error ) {
reqHeaders := make ( http . Header )
for k , v := range c . header_ {
reqHeaders [ k ] = v
}
reqHeaders . Set ( "User-Agent" , c . s . userAgent ( ) )
var body io . Reader = nil
body , err := googleapi . WithoutDataWrapper . JSONReader ( c . querygrantablerolesrequest )
if err != nil {
return nil , err
}
reqHeaders . Set ( "Content-Type" , "application/json" )
c . urlParams_ . Set ( "alt" , alt )
urls := googleapi . ResolveRelative ( c . s . BasePath , "v1/roles:queryGrantableRoles" )
urls += "?" + c . urlParams_ . Encode ( )
req , _ := http . NewRequest ( "POST" , urls , body )
req . Header = reqHeaders
return gensupport . SendRequest ( c . ctx_ , c . s . client , req )
}
// Do executes the "iam.roles.queryGrantableRoles" call.
// Exactly one of *QueryGrantableRolesResponse or error will be non-nil.
// Any non-2xx status code is an error. Response headers are in either
// *QueryGrantableRolesResponse.ServerResponse.Header or (if a response
// was returned at all) in error.(*googleapi.Error).Header. Use
// googleapi.IsNotModified to check whether the returned error was
// because http.StatusNotModified was returned.
func ( c * RolesQueryGrantableRolesCall ) Do ( opts ... googleapi . CallOption ) ( * QueryGrantableRolesResponse , error ) {
gensupport . SetOptions ( c . urlParams_ , opts ... )
res , err := c . doRequest ( "json" )
if res != nil && res . StatusCode == http . StatusNotModified {
if res . Body != nil {
res . Body . Close ( )
}
return nil , & googleapi . Error {
Code : res . StatusCode ,
Header : res . Header ,
}
}
if err != nil {
return nil , err
}
defer googleapi . CloseBody ( res )
if err := googleapi . CheckResponse ( res ) ; err != nil {
return nil , err
}
ret := & QueryGrantableRolesResponse {
ServerResponse : googleapi . ServerResponse {
Header : res . Header ,
HTTPStatusCode : res . StatusCode ,
} ,
}
target := & ret
if err := json . NewDecoder ( res . Body ) . Decode ( target ) ; err != nil {
return nil , err
}
return ret , nil
// {
// "description": "Queries roles that can be granted on a particular resource.\nA role is grantable if it can be used as the role in a binding for a policy\nfor that resource.",
// "flatPath": "v1/roles:queryGrantableRoles",
// "httpMethod": "POST",
// "id": "iam.roles.queryGrantableRoles",
// "parameterOrder": [],
// "parameters": {},
// "path": "v1/roles:queryGrantableRoles",
// "request": {
// "$ref": "QueryGrantableRolesRequest"
// },
// "response": {
// "$ref": "QueryGrantableRolesResponse"
// },
// "scopes": [
// "https://www.googleapis.com/auth/cloud-platform"
// ]
// }
}
// Pages invokes f for each page of results.
// A non-nil error returned from f will halt the iteration.
// The provided context supersedes any context provided to the Context method.
func ( c * RolesQueryGrantableRolesCall ) Pages ( ctx context . Context , f func ( * QueryGrantableRolesResponse ) error ) error {
c . ctx_ = ctx
defer func ( pt string ) { c . querygrantablerolesrequest . PageToken = pt } ( c . querygrantablerolesrequest . PageToken ) // reset paging to original point
for {
x , err := c . Do ( )
if err != nil {
return err
}
if err := f ( x ) ; err != nil {
return err
}
if x . NextPageToken == "" {
return nil
}
c . querygrantablerolesrequest . PageToken = x . NextPageToken
}
}