diff --git a/beyondcorp/v1/beyondcorp-api.json b/beyondcorp/v1/beyondcorp-api.json index 0db407900c2..36749036447 100644 --- a/beyondcorp/v1/beyondcorp-api.json +++ b/beyondcorp/v1/beyondcorp-api.json @@ -109,6 +109,194 @@ "resources": { "locations": { "resources": { + "global": { + "resources": { + "partnerTenants": { + "methods": { + "getIamPolicy": { + "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", + "flatPath": "v1/organizations/{organizationsId}/locations/global/partnerTenants/{partnerTenantsId}:getIamPolicy", + "httpMethod": "GET", + "id": "beyondcorp.organizations.locations.global.partnerTenants.getIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "options.requestedPolicyVersion": { + "description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", + "format": "int32", + "location": "query", + "type": "integer" + }, + "resource": { + "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^organizations/[^/]+/locations/global/partnerTenants/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+resource}:getIamPolicy", + "response": { + "$ref": "GoogleIamV1Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "setIamPolicy": { + "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.", + "flatPath": "v1/organizations/{organizationsId}/locations/global/partnerTenants/{partnerTenantsId}:setIamPolicy", + "httpMethod": "POST", + "id": "beyondcorp.organizations.locations.global.partnerTenants.setIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^organizations/[^/]+/locations/global/partnerTenants/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+resource}:setIamPolicy", + "request": { + "$ref": "GoogleIamV1SetIamPolicyRequest" + }, + "response": { + "$ref": "GoogleIamV1Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "testIamPermissions": { + "description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.", + "flatPath": "v1/organizations/{organizationsId}/locations/global/partnerTenants/{partnerTenantsId}:testIamPermissions", + "httpMethod": "POST", + "id": "beyondcorp.organizations.locations.global.partnerTenants.testIamPermissions", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^organizations/[^/]+/locations/global/partnerTenants/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+resource}:testIamPermissions", + "request": { + "$ref": "GoogleIamV1TestIamPermissionsRequest" + }, + "response": { + "$ref": "GoogleIamV1TestIamPermissionsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + } + }, + "resources": { + "proxyConfigs": { + "methods": { + "getIamPolicy": { + "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", + "flatPath": "v1/organizations/{organizationsId}/locations/global/partnerTenants/{partnerTenantsId}/proxyConfigs/{proxyConfigsId}:getIamPolicy", + "httpMethod": "GET", + "id": "beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.getIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "options.requestedPolicyVersion": { + "description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", + "format": "int32", + "location": "query", + "type": "integer" + }, + "resource": { + "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^organizations/[^/]+/locations/global/partnerTenants/[^/]+/proxyConfigs/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+resource}:getIamPolicy", + "response": { + "$ref": "GoogleIamV1Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "setIamPolicy": { + "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.", + "flatPath": "v1/organizations/{organizationsId}/locations/global/partnerTenants/{partnerTenantsId}/proxyConfigs/{proxyConfigsId}:setIamPolicy", + "httpMethod": "POST", + "id": "beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.setIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^organizations/[^/]+/locations/global/partnerTenants/[^/]+/proxyConfigs/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+resource}:setIamPolicy", + "request": { + "$ref": "GoogleIamV1SetIamPolicyRequest" + }, + "response": { + "$ref": "GoogleIamV1Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "testIamPermissions": { + "description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.", + "flatPath": "v1/organizations/{organizationsId}/locations/global/partnerTenants/{partnerTenantsId}/proxyConfigs/{proxyConfigsId}:testIamPermissions", + "httpMethod": "POST", + "id": "beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.testIamPermissions", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^organizations/[^/]+/locations/global/partnerTenants/[^/]+/proxyConfigs/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+resource}:testIamPermissions", + "request": { + "$ref": "GoogleIamV1TestIamPermissionsRequest" + }, + "response": { + "$ref": "GoogleIamV1TestIamPermissionsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + } + } + } + } + } + } + }, "operations": { "methods": { "cancel": { @@ -1525,7 +1713,7 @@ } } }, - "revision": "20230802", + "revision": "20230823", "rootUrl": "https://beyondcorp.googleapis.com/", "schemas": { "AllocatedConnection": { diff --git a/beyondcorp/v1/beyondcorp-gen.go b/beyondcorp/v1/beyondcorp-gen.go index f2ebed1ae0f..bb206e7afeb 100644 --- a/beyondcorp/v1/beyondcorp-gen.go +++ b/beyondcorp/v1/beyondcorp-gen.go @@ -168,6 +168,7 @@ type OrganizationsService struct { func NewOrganizationsLocationsService(s *Service) *OrganizationsLocationsService { rs := &OrganizationsLocationsService{s: s} + rs.Global = NewOrganizationsLocationsGlobalService(s) rs.Operations = NewOrganizationsLocationsOperationsService(s) return rs } @@ -175,9 +176,44 @@ func NewOrganizationsLocationsService(s *Service) *OrganizationsLocationsService type OrganizationsLocationsService struct { s *Service + Global *OrganizationsLocationsGlobalService + Operations *OrganizationsLocationsOperationsService } +func NewOrganizationsLocationsGlobalService(s *Service) *OrganizationsLocationsGlobalService { + rs := &OrganizationsLocationsGlobalService{s: s} + rs.PartnerTenants = NewOrganizationsLocationsGlobalPartnerTenantsService(s) + return rs +} + +type OrganizationsLocationsGlobalService struct { + s *Service + + PartnerTenants *OrganizationsLocationsGlobalPartnerTenantsService +} + +func NewOrganizationsLocationsGlobalPartnerTenantsService(s *Service) *OrganizationsLocationsGlobalPartnerTenantsService { + rs := &OrganizationsLocationsGlobalPartnerTenantsService{s: s} + rs.ProxyConfigs = NewOrganizationsLocationsGlobalPartnerTenantsProxyConfigsService(s) + return rs +} + +type OrganizationsLocationsGlobalPartnerTenantsService struct { + s *Service + + ProxyConfigs *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsService +} + +func NewOrganizationsLocationsGlobalPartnerTenantsProxyConfigsService(s *Service) *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsService { + rs := &OrganizationsLocationsGlobalPartnerTenantsProxyConfigsService{s: s} + return rs +} + +type OrganizationsLocationsGlobalPartnerTenantsProxyConfigsService struct { + s *Service +} + func NewOrganizationsLocationsOperationsService(s *Service) *OrganizationsLocationsOperationsService { rs := &OrganizationsLocationsOperationsService{s: s} return rs @@ -2756,6 +2792,952 @@ func (s *Tunnelv1ProtoTunnelerInfo) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// method id "beyondcorp.organizations.locations.global.partnerTenants.getIamPolicy": + +type OrganizationsLocationsGlobalPartnerTenantsGetIamPolicyCall struct { + s *Service + resource string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// GetIamPolicy: Gets the access control policy for a resource. Returns +// an empty policy if the resource exists and does not have a policy +// set. +// +// - resource: REQUIRED: The resource for which the policy is being +// requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *OrganizationsLocationsGlobalPartnerTenantsService) GetIamPolicy(resource string) *OrganizationsLocationsGlobalPartnerTenantsGetIamPolicyCall { + c := &OrganizationsLocationsGlobalPartnerTenantsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + return c +} + +// OptionsRequestedPolicyVersion sets the optional parameter +// "options.requestedPolicyVersion": The maximum policy version that +// will be used to format the policy. Valid values are 0, 1, and 3. +// Requests specifying an invalid value will be rejected. Requests for +// policies with any conditional role bindings must specify version 3. +// Policies with no conditional role bindings may specify any valid +// value or leave the field unset. The policy in the response might use +// the policy version that you specified, or it might use a lower policy +// version. For example, if you specify version 3, but the policy has no +// conditional role bindings, the response uses version 1. To learn +// which resources support conditions in their IAM policies, see the IAM +// documentation +// (https://cloud.google.com/iam/help/conditions/resource-policies). +func (c *OrganizationsLocationsGlobalPartnerTenantsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *OrganizationsLocationsGlobalPartnerTenantsGetIamPolicyCall { + c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *OrganizationsLocationsGlobalPartnerTenantsGetIamPolicyCall) Fields(s ...googleapi.Field) *OrganizationsLocationsGlobalPartnerTenantsGetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *OrganizationsLocationsGlobalPartnerTenantsGetIamPolicyCall) IfNoneMatch(entityTag string) *OrganizationsLocationsGlobalPartnerTenantsGetIamPolicyCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *OrganizationsLocationsGlobalPartnerTenantsGetIamPolicyCall) Context(ctx context.Context) *OrganizationsLocationsGlobalPartnerTenantsGetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *OrganizationsLocationsGlobalPartnerTenantsGetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *OrganizationsLocationsGlobalPartnerTenantsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "beyondcorp.organizations.locations.global.partnerTenants.getIamPolicy" call. +// Exactly one of *GoogleIamV1Policy or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *GoogleIamV1Policy.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *OrganizationsLocationsGlobalPartnerTenantsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*GoogleIamV1Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleIamV1Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", + // "flatPath": "v1/organizations/{organizationsId}/locations/global/partnerTenants/{partnerTenantsId}:getIamPolicy", + // "httpMethod": "GET", + // "id": "beyondcorp.organizations.locations.global.partnerTenants.getIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "options.requestedPolicyVersion": { + // "description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^organizations/[^/]+/locations/global/partnerTenants/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1/{+resource}:getIamPolicy", + // "response": { + // "$ref": "GoogleIamV1Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "beyondcorp.organizations.locations.global.partnerTenants.setIamPolicy": + +type OrganizationsLocationsGlobalPartnerTenantsSetIamPolicyCall struct { + s *Service + resource string + googleiamv1setiampolicyrequest *GoogleIamV1SetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// SetIamPolicy: Sets the access control policy on the specified +// resource. Replaces any existing policy. Can return `NOT_FOUND`, +// `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. +// +// - resource: REQUIRED: The resource for which the policy is being +// specified. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *OrganizationsLocationsGlobalPartnerTenantsService) SetIamPolicy(resource string, googleiamv1setiampolicyrequest *GoogleIamV1SetIamPolicyRequest) *OrganizationsLocationsGlobalPartnerTenantsSetIamPolicyCall { + c := &OrganizationsLocationsGlobalPartnerTenantsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.googleiamv1setiampolicyrequest = googleiamv1setiampolicyrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *OrganizationsLocationsGlobalPartnerTenantsSetIamPolicyCall) Fields(s ...googleapi.Field) *OrganizationsLocationsGlobalPartnerTenantsSetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *OrganizationsLocationsGlobalPartnerTenantsSetIamPolicyCall) Context(ctx context.Context) *OrganizationsLocationsGlobalPartnerTenantsSetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *OrganizationsLocationsGlobalPartnerTenantsSetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *OrganizationsLocationsGlobalPartnerTenantsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.googleiamv1setiampolicyrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "beyondcorp.organizations.locations.global.partnerTenants.setIamPolicy" call. +// Exactly one of *GoogleIamV1Policy or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *GoogleIamV1Policy.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *OrganizationsLocationsGlobalPartnerTenantsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*GoogleIamV1Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleIamV1Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.", + // "flatPath": "v1/organizations/{organizationsId}/locations/global/partnerTenants/{partnerTenantsId}:setIamPolicy", + // "httpMethod": "POST", + // "id": "beyondcorp.organizations.locations.global.partnerTenants.setIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^organizations/[^/]+/locations/global/partnerTenants/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1/{+resource}:setIamPolicy", + // "request": { + // "$ref": "GoogleIamV1SetIamPolicyRequest" + // }, + // "response": { + // "$ref": "GoogleIamV1Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "beyondcorp.organizations.locations.global.partnerTenants.testIamPermissions": + +type OrganizationsLocationsGlobalPartnerTenantsTestIamPermissionsCall struct { + s *Service + resource string + googleiamv1testiampermissionsrequest *GoogleIamV1TestIamPermissionsRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// TestIamPermissions: Returns permissions that a caller has on the +// specified resource. If the resource does not exist, this will return +// an empty set of permissions, not a `NOT_FOUND` error. Note: This +// operation is designed to be used for building permission-aware UIs +// and command-line tools, not for authorization checking. This +// operation may "fail open" without warning. +// +// - resource: REQUIRED: The resource for which the policy detail is +// being requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *OrganizationsLocationsGlobalPartnerTenantsService) TestIamPermissions(resource string, googleiamv1testiampermissionsrequest *GoogleIamV1TestIamPermissionsRequest) *OrganizationsLocationsGlobalPartnerTenantsTestIamPermissionsCall { + c := &OrganizationsLocationsGlobalPartnerTenantsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.googleiamv1testiampermissionsrequest = googleiamv1testiampermissionsrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *OrganizationsLocationsGlobalPartnerTenantsTestIamPermissionsCall) Fields(s ...googleapi.Field) *OrganizationsLocationsGlobalPartnerTenantsTestIamPermissionsCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *OrganizationsLocationsGlobalPartnerTenantsTestIamPermissionsCall) Context(ctx context.Context) *OrganizationsLocationsGlobalPartnerTenantsTestIamPermissionsCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *OrganizationsLocationsGlobalPartnerTenantsTestIamPermissionsCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *OrganizationsLocationsGlobalPartnerTenantsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.googleiamv1testiampermissionsrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "beyondcorp.organizations.locations.global.partnerTenants.testIamPermissions" call. +// Exactly one of *GoogleIamV1TestIamPermissionsResponse or error will +// be non-nil. Any non-2xx status code is an error. Response headers are +// in either +// *GoogleIamV1TestIamPermissionsResponse.ServerResponse.Header or (if a +// response was returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *OrganizationsLocationsGlobalPartnerTenantsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*GoogleIamV1TestIamPermissionsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleIamV1TestIamPermissionsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.", + // "flatPath": "v1/organizations/{organizationsId}/locations/global/partnerTenants/{partnerTenantsId}:testIamPermissions", + // "httpMethod": "POST", + // "id": "beyondcorp.organizations.locations.global.partnerTenants.testIamPermissions", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^organizations/[^/]+/locations/global/partnerTenants/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1/{+resource}:testIamPermissions", + // "request": { + // "$ref": "GoogleIamV1TestIamPermissionsRequest" + // }, + // "response": { + // "$ref": "GoogleIamV1TestIamPermissionsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.getIamPolicy": + +type OrganizationsLocationsGlobalPartnerTenantsProxyConfigsGetIamPolicyCall struct { + s *Service + resource string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// GetIamPolicy: Gets the access control policy for a resource. Returns +// an empty policy if the resource exists and does not have a policy +// set. +// +// - resource: REQUIRED: The resource for which the policy is being +// requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsService) GetIamPolicy(resource string) *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsGetIamPolicyCall { + c := &OrganizationsLocationsGlobalPartnerTenantsProxyConfigsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + return c +} + +// OptionsRequestedPolicyVersion sets the optional parameter +// "options.requestedPolicyVersion": The maximum policy version that +// will be used to format the policy. Valid values are 0, 1, and 3. +// Requests specifying an invalid value will be rejected. Requests for +// policies with any conditional role bindings must specify version 3. +// Policies with no conditional role bindings may specify any valid +// value or leave the field unset. The policy in the response might use +// the policy version that you specified, or it might use a lower policy +// version. For example, if you specify version 3, but the policy has no +// conditional role bindings, the response uses version 1. To learn +// which resources support conditions in their IAM policies, see the IAM +// documentation +// (https://cloud.google.com/iam/help/conditions/resource-policies). +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsGetIamPolicyCall { + c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsGetIamPolicyCall) Fields(s ...googleapi.Field) *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsGetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsGetIamPolicyCall) IfNoneMatch(entityTag string) *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsGetIamPolicyCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsGetIamPolicyCall) Context(ctx context.Context) *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsGetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsGetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.getIamPolicy" call. +// Exactly one of *GoogleIamV1Policy or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *GoogleIamV1Policy.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*GoogleIamV1Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleIamV1Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", + // "flatPath": "v1/organizations/{organizationsId}/locations/global/partnerTenants/{partnerTenantsId}/proxyConfigs/{proxyConfigsId}:getIamPolicy", + // "httpMethod": "GET", + // "id": "beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.getIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "options.requestedPolicyVersion": { + // "description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^organizations/[^/]+/locations/global/partnerTenants/[^/]+/proxyConfigs/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1/{+resource}:getIamPolicy", + // "response": { + // "$ref": "GoogleIamV1Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.setIamPolicy": + +type OrganizationsLocationsGlobalPartnerTenantsProxyConfigsSetIamPolicyCall struct { + s *Service + resource string + googleiamv1setiampolicyrequest *GoogleIamV1SetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// SetIamPolicy: Sets the access control policy on the specified +// resource. Replaces any existing policy. Can return `NOT_FOUND`, +// `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. +// +// - resource: REQUIRED: The resource for which the policy is being +// specified. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsService) SetIamPolicy(resource string, googleiamv1setiampolicyrequest *GoogleIamV1SetIamPolicyRequest) *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsSetIamPolicyCall { + c := &OrganizationsLocationsGlobalPartnerTenantsProxyConfigsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.googleiamv1setiampolicyrequest = googleiamv1setiampolicyrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsSetIamPolicyCall) Fields(s ...googleapi.Field) *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsSetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsSetIamPolicyCall) Context(ctx context.Context) *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsSetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsSetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.googleiamv1setiampolicyrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.setIamPolicy" call. +// Exactly one of *GoogleIamV1Policy or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *GoogleIamV1Policy.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*GoogleIamV1Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleIamV1Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.", + // "flatPath": "v1/organizations/{organizationsId}/locations/global/partnerTenants/{partnerTenantsId}/proxyConfigs/{proxyConfigsId}:setIamPolicy", + // "httpMethod": "POST", + // "id": "beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.setIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^organizations/[^/]+/locations/global/partnerTenants/[^/]+/proxyConfigs/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1/{+resource}:setIamPolicy", + // "request": { + // "$ref": "GoogleIamV1SetIamPolicyRequest" + // }, + // "response": { + // "$ref": "GoogleIamV1Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.testIamPermissions": + +type OrganizationsLocationsGlobalPartnerTenantsProxyConfigsTestIamPermissionsCall struct { + s *Service + resource string + googleiamv1testiampermissionsrequest *GoogleIamV1TestIamPermissionsRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// TestIamPermissions: Returns permissions that a caller has on the +// specified resource. If the resource does not exist, this will return +// an empty set of permissions, not a `NOT_FOUND` error. Note: This +// operation is designed to be used for building permission-aware UIs +// and command-line tools, not for authorization checking. This +// operation may "fail open" without warning. +// +// - resource: REQUIRED: The resource for which the policy detail is +// being requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsService) TestIamPermissions(resource string, googleiamv1testiampermissionsrequest *GoogleIamV1TestIamPermissionsRequest) *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsTestIamPermissionsCall { + c := &OrganizationsLocationsGlobalPartnerTenantsProxyConfigsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.googleiamv1testiampermissionsrequest = googleiamv1testiampermissionsrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsTestIamPermissionsCall) Fields(s ...googleapi.Field) *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsTestIamPermissionsCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsTestIamPermissionsCall) Context(ctx context.Context) *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsTestIamPermissionsCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsTestIamPermissionsCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.googleiamv1testiampermissionsrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.testIamPermissions" call. +// Exactly one of *GoogleIamV1TestIamPermissionsResponse or error will +// be non-nil. Any non-2xx status code is an error. Response headers are +// in either +// *GoogleIamV1TestIamPermissionsResponse.ServerResponse.Header or (if a +// response was returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *OrganizationsLocationsGlobalPartnerTenantsProxyConfigsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*GoogleIamV1TestIamPermissionsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleIamV1TestIamPermissionsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.", + // "flatPath": "v1/organizations/{organizationsId}/locations/global/partnerTenants/{partnerTenantsId}/proxyConfigs/{proxyConfigsId}:testIamPermissions", + // "httpMethod": "POST", + // "id": "beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.testIamPermissions", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^organizations/[^/]+/locations/global/partnerTenants/[^/]+/proxyConfigs/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1/{+resource}:testIamPermissions", + // "request": { + // "$ref": "GoogleIamV1TestIamPermissionsRequest" + // }, + // "response": { + // "$ref": "GoogleIamV1TestIamPermissionsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + // method id "beyondcorp.organizations.locations.operations.cancel": type OrganizationsLocationsOperationsCancelCall struct { diff --git a/beyondcorp/v1alpha/beyondcorp-api.json b/beyondcorp/v1alpha/beyondcorp-api.json index 85b257bbffa..b78cc9fbf90 100644 --- a/beyondcorp/v1alpha/beyondcorp-api.json +++ b/beyondcorp/v1alpha/beyondcorp-api.json @@ -2229,6 +2229,97 @@ } } }, + "applicationDomains": { + "methods": { + "getIamPolicy": { + "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", + "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/applicationDomains/{applicationDomainsId}:getIamPolicy", + "httpMethod": "GET", + "id": "beyondcorp.projects.locations.applicationDomains.getIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "options.requestedPolicyVersion": { + "description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", + "format": "int32", + "location": "query", + "type": "integer" + }, + "resource": { + "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/applicationDomains/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1alpha/{+resource}:getIamPolicy", + "response": { + "$ref": "GoogleIamV1Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "setIamPolicy": { + "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.", + "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/applicationDomains/{applicationDomainsId}:setIamPolicy", + "httpMethod": "POST", + "id": "beyondcorp.projects.locations.applicationDomains.setIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/applicationDomains/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1alpha/{+resource}:setIamPolicy", + "request": { + "$ref": "GoogleIamV1SetIamPolicyRequest" + }, + "response": { + "$ref": "GoogleIamV1Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "testIamPermissions": { + "description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.", + "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/applicationDomains/{applicationDomainsId}:testIamPermissions", + "httpMethod": "POST", + "id": "beyondcorp.projects.locations.applicationDomains.testIamPermissions", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/applicationDomains/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1alpha/{+resource}:testIamPermissions", + "request": { + "$ref": "GoogleIamV1TestIamPermissionsRequest" + }, + "response": { + "$ref": "GoogleIamV1TestIamPermissionsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + } + } + }, "applications": { "methods": { "getIamPolicy": { @@ -3583,7 +3674,7 @@ } } }, - "revision": "20230802", + "revision": "20230823", "rootUrl": "https://beyondcorp.googleapis.com/", "schemas": { "AllocatedConnection": { diff --git a/beyondcorp/v1alpha/beyondcorp-gen.go b/beyondcorp/v1alpha/beyondcorp-gen.go index 8bbde01c1c5..7bceed283f0 100644 --- a/beyondcorp/v1alpha/beyondcorp-gen.go +++ b/beyondcorp/v1alpha/beyondcorp-gen.go @@ -276,6 +276,7 @@ func NewProjectsLocationsService(s *Service) *ProjectsLocationsService { rs.AppConnections = NewProjectsLocationsAppConnectionsService(s) rs.AppConnectors = NewProjectsLocationsAppConnectorsService(s) rs.AppGateways = NewProjectsLocationsAppGatewaysService(s) + rs.ApplicationDomains = NewProjectsLocationsApplicationDomainsService(s) rs.Applications = NewProjectsLocationsApplicationsService(s) rs.ClientConnectorServices = NewProjectsLocationsClientConnectorServicesService(s) rs.ClientGateways = NewProjectsLocationsClientGatewaysService(s) @@ -296,6 +297,8 @@ type ProjectsLocationsService struct { AppGateways *ProjectsLocationsAppGatewaysService + ApplicationDomains *ProjectsLocationsApplicationDomainsService + Applications *ProjectsLocationsApplicationsService ClientConnectorServices *ProjectsLocationsClientConnectorServicesService @@ -340,6 +343,15 @@ type ProjectsLocationsAppGatewaysService struct { s *Service } +func NewProjectsLocationsApplicationDomainsService(s *Service) *ProjectsLocationsApplicationDomainsService { + rs := &ProjectsLocationsApplicationDomainsService{s: s} + return rs +} + +type ProjectsLocationsApplicationDomainsService struct { + s *Service +} + func NewProjectsLocationsApplicationsService(s *Service) *ProjectsLocationsApplicationsService { rs := &ProjectsLocationsApplicationsService{s: s} return rs @@ -15269,6 +15281,479 @@ func (c *ProjectsLocationsAppGatewaysTestIamPermissionsCall) Do(opts ...googleap } +// method id "beyondcorp.projects.locations.applicationDomains.getIamPolicy": + +type ProjectsLocationsApplicationDomainsGetIamPolicyCall struct { + s *Service + resource string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// GetIamPolicy: Gets the access control policy for a resource. Returns +// an empty policy if the resource exists and does not have a policy +// set. +// +// - resource: REQUIRED: The resource for which the policy is being +// requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *ProjectsLocationsApplicationDomainsService) GetIamPolicy(resource string) *ProjectsLocationsApplicationDomainsGetIamPolicyCall { + c := &ProjectsLocationsApplicationDomainsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + return c +} + +// OptionsRequestedPolicyVersion sets the optional parameter +// "options.requestedPolicyVersion": The maximum policy version that +// will be used to format the policy. Valid values are 0, 1, and 3. +// Requests specifying an invalid value will be rejected. Requests for +// policies with any conditional role bindings must specify version 3. +// Policies with no conditional role bindings may specify any valid +// value or leave the field unset. The policy in the response might use +// the policy version that you specified, or it might use a lower policy +// version. For example, if you specify version 3, but the policy has no +// conditional role bindings, the response uses version 1. To learn +// which resources support conditions in their IAM policies, see the IAM +// documentation +// (https://cloud.google.com/iam/help/conditions/resource-policies). +func (c *ProjectsLocationsApplicationDomainsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsLocationsApplicationDomainsGetIamPolicyCall { + c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsLocationsApplicationDomainsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsApplicationDomainsGetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *ProjectsLocationsApplicationDomainsGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsLocationsApplicationDomainsGetIamPolicyCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsLocationsApplicationDomainsGetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsApplicationDomainsGetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsLocationsApplicationDomainsGetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsApplicationDomainsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha/{+resource}:getIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "beyondcorp.projects.locations.applicationDomains.getIamPolicy" call. +// Exactly one of *GoogleIamV1Policy or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *GoogleIamV1Policy.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *ProjectsLocationsApplicationDomainsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*GoogleIamV1Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleIamV1Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", + // "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/applicationDomains/{applicationDomainsId}:getIamPolicy", + // "httpMethod": "GET", + // "id": "beyondcorp.projects.locations.applicationDomains.getIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "options.requestedPolicyVersion": { + // "description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^projects/[^/]+/locations/[^/]+/applicationDomains/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1alpha/{+resource}:getIamPolicy", + // "response": { + // "$ref": "GoogleIamV1Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "beyondcorp.projects.locations.applicationDomains.setIamPolicy": + +type ProjectsLocationsApplicationDomainsSetIamPolicyCall struct { + s *Service + resource string + googleiamv1setiampolicyrequest *GoogleIamV1SetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// SetIamPolicy: Sets the access control policy on the specified +// resource. Replaces any existing policy. Can return `NOT_FOUND`, +// `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. +// +// - resource: REQUIRED: The resource for which the policy is being +// specified. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *ProjectsLocationsApplicationDomainsService) SetIamPolicy(resource string, googleiamv1setiampolicyrequest *GoogleIamV1SetIamPolicyRequest) *ProjectsLocationsApplicationDomainsSetIamPolicyCall { + c := &ProjectsLocationsApplicationDomainsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.googleiamv1setiampolicyrequest = googleiamv1setiampolicyrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsLocationsApplicationDomainsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsApplicationDomainsSetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsLocationsApplicationDomainsSetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsApplicationDomainsSetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsLocationsApplicationDomainsSetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsApplicationDomainsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.googleiamv1setiampolicyrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha/{+resource}:setIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "beyondcorp.projects.locations.applicationDomains.setIamPolicy" call. +// Exactly one of *GoogleIamV1Policy or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *GoogleIamV1Policy.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *ProjectsLocationsApplicationDomainsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*GoogleIamV1Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleIamV1Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.", + // "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/applicationDomains/{applicationDomainsId}:setIamPolicy", + // "httpMethod": "POST", + // "id": "beyondcorp.projects.locations.applicationDomains.setIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^projects/[^/]+/locations/[^/]+/applicationDomains/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1alpha/{+resource}:setIamPolicy", + // "request": { + // "$ref": "GoogleIamV1SetIamPolicyRequest" + // }, + // "response": { + // "$ref": "GoogleIamV1Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "beyondcorp.projects.locations.applicationDomains.testIamPermissions": + +type ProjectsLocationsApplicationDomainsTestIamPermissionsCall struct { + s *Service + resource string + googleiamv1testiampermissionsrequest *GoogleIamV1TestIamPermissionsRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// TestIamPermissions: Returns permissions that a caller has on the +// specified resource. If the resource does not exist, this will return +// an empty set of permissions, not a `NOT_FOUND` error. Note: This +// operation is designed to be used for building permission-aware UIs +// and command-line tools, not for authorization checking. This +// operation may "fail open" without warning. +// +// - resource: REQUIRED: The resource for which the policy detail is +// being requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *ProjectsLocationsApplicationDomainsService) TestIamPermissions(resource string, googleiamv1testiampermissionsrequest *GoogleIamV1TestIamPermissionsRequest) *ProjectsLocationsApplicationDomainsTestIamPermissionsCall { + c := &ProjectsLocationsApplicationDomainsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.googleiamv1testiampermissionsrequest = googleiamv1testiampermissionsrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsLocationsApplicationDomainsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsLocationsApplicationDomainsTestIamPermissionsCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsLocationsApplicationDomainsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsLocationsApplicationDomainsTestIamPermissionsCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsLocationsApplicationDomainsTestIamPermissionsCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsLocationsApplicationDomainsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.googleiamv1testiampermissionsrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha/{+resource}:testIamPermissions") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "beyondcorp.projects.locations.applicationDomains.testIamPermissions" call. +// Exactly one of *GoogleIamV1TestIamPermissionsResponse or error will +// be non-nil. Any non-2xx status code is an error. Response headers are +// in either +// *GoogleIamV1TestIamPermissionsResponse.ServerResponse.Header or (if a +// response was returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *ProjectsLocationsApplicationDomainsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*GoogleIamV1TestIamPermissionsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleIamV1TestIamPermissionsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may \"fail open\" without warning.", + // "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/applicationDomains/{applicationDomainsId}:testIamPermissions", + // "httpMethod": "POST", + // "id": "beyondcorp.projects.locations.applicationDomains.testIamPermissions", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^projects/[^/]+/locations/[^/]+/applicationDomains/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1alpha/{+resource}:testIamPermissions", + // "request": { + // "$ref": "GoogleIamV1TestIamPermissionsRequest" + // }, + // "response": { + // "$ref": "GoogleIamV1TestIamPermissionsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + // method id "beyondcorp.projects.locations.applications.getIamPolicy": type ProjectsLocationsApplicationsGetIamPolicyCall struct { diff --git a/workstations/v1/workstations-api.json b/workstations/v1/workstations-api.json index f92dbc51b41..81ae5a11d8f 100644 --- a/workstations/v1/workstations-api.json +++ b/workstations/v1/workstations-api.json @@ -1195,7 +1195,7 @@ } } }, - "revision": "20230802", + "revision": "20230904", "rootUrl": "https://workstations.googleapis.com/", "schemas": { "AuditConfig": { @@ -1404,6 +1404,13 @@ "description": "Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has `logginglogEntries.create` permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have permissions to pull the specified image. If you as the administrator want to be able to `ssh` into the underlying VM, you need to set this value to a service account for which you have the `iam.serviceAccounts.actAs` permission. Conversely, if you don't want anyone to be able to `ssh` into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.", "type": "string" }, + "serviceAccountScopes": { + "description": "Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have `iam.serviceAccounts.actAs` on the service account.", + "items": { + "type": "string" + }, + "type": "array" + }, "shieldedInstanceConfig": { "$ref": "GceShieldedInstanceConfig", "description": "Optional. A set of Compute Engine Shielded instance options." @@ -2042,6 +2049,12 @@ "readOnly": true, "type": "boolean" }, + "startTime": { + "description": "Output only. Time when this workstation was most recently successfully started, regardless of the workstation's initial state.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, "state": { "description": "Output only. Current state of the workstation.", "enum": [ @@ -2257,6 +2270,13 @@ "readOnly": true, "type": "boolean" }, + "replicaZones": { + "description": "Optional. Immutable. Specifies the zones used to replicate the VM and disk resources within the region. If set, exactly two zones within the workstation cluster's region must be specified—for example, `['us-central1-a', 'us-central1-f']`. If this field is empty, two default zones within the region are used. Immutable after the workstation configuration is created.", + "items": { + "type": "string" + }, + "type": "array" + }, "runningTimeout": { "description": "Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle. Provide duration terminated by `s` for seconds—for example, `\"54000s\"` (15 hours). Defaults to `\"43200s\"` (12 hours). A value of `\"0s\"` indicates that workstations using this configuration should never time out. If encryption_key is set, it must be greater than `\"0s\"` and less than `\"86400s\"` (24 hours). Warning: A value of `\"0s\"` indicates that Cloud Workstations VMs created with this configuration have no maximum running time. This is strongly discouraged because you incur costs and will not pick up security updates.", "format": "google-duration", diff --git a/workstations/v1/workstations-gen.go b/workstations/v1/workstations-gen.go index d9decbcae71..2a0db3f950f 100644 --- a/workstations/v1/workstations-gen.go +++ b/workstations/v1/workstations-gen.go @@ -676,6 +676,13 @@ type GceInstance struct { // and the image must be publicly accessible. ServiceAccount string `json:"serviceAccount,omitempty"` + // ServiceAccountScopes: Optional. Scopes to grant to the + // service_account. Various scopes are automatically added based on + // feature usage. When specified, users of workstations under this + // configuration must have `iam.serviceAccounts.actAs` on the service + // account. + ServiceAccountScopes []string `json:"serviceAccountScopes,omitempty"` + // ShieldedInstanceConfig: Optional. A set of Compute Engine Shielded // instance options. ShieldedInstanceConfig *GceShieldedInstanceConfig `json:"shieldedInstanceConfig,omitempty"` @@ -1844,6 +1851,10 @@ type Workstation struct { // currently being updated to match its intended state. Reconciling bool `json:"reconciling,omitempty"` + // StartTime: Output only. Time when this workstation was most recently + // successfully started, regardless of the workstation's initial state. + StartTime string `json:"startTime,omitempty"` + // State: Output only. Current state of the workstation. // // Possible values: @@ -2086,6 +2097,14 @@ type WorkstationConfig struct { // configuration is currently being updated to match its intended state. Reconciling bool `json:"reconciling,omitempty"` + // ReplicaZones: Optional. Immutable. Specifies the zones used to + // replicate the VM and disk resources within the region. If set, + // exactly two zones within the workstation cluster's region must be + // specified—for example, `['us-central1-a', 'us-central1-f']`. If + // this field is empty, two default zones within the region are used. + // Immutable after the workstation configuration is created. + ReplicaZones []string `json:"replicaZones,omitempty"` + // RunningTimeout: Optional. Number of seconds that a workstation can // run until it is automatically shut down. We recommend that // workstations be shut down daily to reduce costs and so that security diff --git a/workstations/v1beta/workstations-api.json b/workstations/v1beta/workstations-api.json index a57b49a96a4..414171f2e1a 100644 --- a/workstations/v1beta/workstations-api.json +++ b/workstations/v1beta/workstations-api.json @@ -1127,7 +1127,7 @@ } } }, - "revision": "20230802", + "revision": "20230904", "rootUrl": "https://workstations.googleapis.com/", "schemas": { "Accelerator": { @@ -1278,6 +1278,21 @@ }, "type": "object" }, + "EphemeralDirectory": { + "description": "An ephemeral directory which won't persist across workstation sessions. It is freshly created on every workstation start operation.", + "id": "EphemeralDirectory", + "properties": { + "gcePd": { + "$ref": "GcePersistentDisk", + "description": "An EphemeralDirectory backed by a Compute Engine persistent disk." + }, + "mountPath": { + "description": "Required. Location of this directory in the running workstation.", + "type": "string" + } + }, + "type": "object" + }, "Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() \u003c 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' \u0026\u0026 document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "id": "Expr", @@ -1359,6 +1374,13 @@ "description": "Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has `logginglogEntries.create` permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have permissions to pull the specified image. If you as the administrator want to be able to `ssh` into the underlying VM, you need to set this value to a service account for which you have the `iam.serviceAccounts.actAs` permission. Conversely, if you don't want anyone to be able to `ssh` into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.", "type": "string" }, + "serviceAccountScopes": { + "description": "Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have `iam.serviceAccounts.actAs` on the service account.", + "items": { + "type": "string" + }, + "type": "array" + }, "shieldedInstanceConfig": { "$ref": "GceShieldedInstanceConfig", "description": "Optional. A set of Compute Engine Shielded instance options." @@ -1373,6 +1395,29 @@ }, "type": "object" }, + "GcePersistentDisk": { + "description": "An EphemeralDirectory is backed by a Compute Engine persistent disk.", + "id": "GcePersistentDisk", + "properties": { + "diskType": { + "description": "Optional. Type of the disk to use. Defaults to `\"pd-standard\"`.", + "type": "string" + }, + "readOnly": { + "description": "Optional. Whether the disk is read only. If true, the disk may be shared by multiple VMs and source_snapshot must be set.", + "type": "boolean" + }, + "sourceImage": { + "description": "Optional. Name of the disk image to use as the source for the disk. Must be empty if source_snapshot is set. Updating source_image will update content in the ephemeral directory after the workstation is restarted. This field is mutable.", + "type": "string" + }, + "sourceSnapshot": { + "description": "Optional. Name of the snapshot to use as the source for the disk. Must be empty if source_image is set. Updating source_snapshot will update content in the ephemeral directory after the workstation is restarted. This field is mutable.", + "type": "string" + } + }, + "type": "object" + }, "GceRegionalPersistentDisk": { "description": "A PersistentDirectory backed by a Compute Engine regional persistent disk. The persistent_directories field is repeated, but it may contain only one entry. It creates a [persistent disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that mounts to the workstation VM at `/home` when the session starts and detaches when the session ends. If this field is empty, workstations created with this configuration do not have a persistent home directory.", "id": "GceRegionalPersistentDisk", @@ -1952,6 +1997,12 @@ "readOnly": true, "type": "boolean" }, + "startTime": { + "description": "Output only. Time when this workstation was most recently successfully started, regardless of the workstation's initial state.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, "state": { "description": "Output only. Current state of the workstation.", "enum": [ @@ -2128,6 +2179,13 @@ "$ref": "CustomerEncryptionKey", "description": "Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK). If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata. If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost. If the encryption key is revoked, the workstation session automatically stops within 7 hours. Immutable after the workstation configuration is created." }, + "ephemeralDirectories": { + "description": "Optional. Ephemeral directories which won't persist across workstation sessions.", + "items": { + "$ref": "EphemeralDirectory" + }, + "type": "array" + }, "etag": { "description": "Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding.", "type": "string" @@ -2171,6 +2229,13 @@ "readOnly": true, "type": "boolean" }, + "replicaZones": { + "description": "Optional. Immutable. Specifies the zones used to replicate the VM and disk resources within the region. If set, exactly two zones within the workstation cluster's region must be specified—for example, `['us-central1-a', 'us-central1-f']`. If this field is empty, two default zones within the region are used. Immutable after the workstation configuration is created.", + "items": { + "type": "string" + }, + "type": "array" + }, "runningTimeout": { "description": "Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle. Provide duration terminated by `s` for seconds—for example, `\"54000s\"` (15 hours). Defaults to `\"43200s\"` (12 hours). A value of `\"0s\"` indicates that workstations using this configuration should never time out. If encryption_key is set, it must be greater than `\"0s\"` and less than `\"86400s\"` (24 hours). Warning: A value of `\"0s\"` indicates that Cloud Workstations VMs created with this configuration have no maximum running time. This is strongly discouraged because you incur costs and will not pick up security updates.", "format": "google-duration", diff --git a/workstations/v1beta/workstations-gen.go b/workstations/v1beta/workstations-gen.go index e0ee23b9b33..3b3c9d8c024 100644 --- a/workstations/v1beta/workstations-gen.go +++ b/workstations/v1beta/workstations-gen.go @@ -534,6 +534,41 @@ func (s *CustomerEncryptionKey) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// EphemeralDirectory: An ephemeral directory which won't persist across +// workstation sessions. It is freshly created on every workstation +// start operation. +type EphemeralDirectory struct { + // GcePd: An EphemeralDirectory backed by a Compute Engine persistent + // disk. + GcePd *GcePersistentDisk `json:"gcePd,omitempty"` + + // MountPath: Required. Location of this directory in the running + // workstation. + MountPath string `json:"mountPath,omitempty"` + + // ForceSendFields is a list of field names (e.g. "GcePd") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "GcePd") to include in API + // requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *EphemeralDirectory) MarshalJSON() ([]byte, error) { + type NoMethod EphemeralDirectory + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // Expr: Represents a textual expression in the Common Expression // Language (CEL) syntax. CEL is a C-like expression language. The // syntax and semantics of CEL are documented at @@ -712,6 +747,13 @@ type GceInstance struct { // and the image must be publicly accessible. ServiceAccount string `json:"serviceAccount,omitempty"` + // ServiceAccountScopes: Optional. Scopes to grant to the + // service_account. Various scopes are automatically added based on + // feature usage. When specified, users of workstations under this + // configuration must have `iam.serviceAccounts.actAs` on the service + // account. + ServiceAccountScopes []string `json:"serviceAccountScopes,omitempty"` + // ShieldedInstanceConfig: Optional. A set of Compute Engine Shielded // instance options. ShieldedInstanceConfig *GceShieldedInstanceConfig `json:"shieldedInstanceConfig,omitempty"` @@ -747,6 +789,52 @@ func (s *GceInstance) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// GcePersistentDisk: An EphemeralDirectory is backed by a Compute +// Engine persistent disk. +type GcePersistentDisk struct { + // DiskType: Optional. Type of the disk to use. Defaults to + // "pd-standard". + DiskType string `json:"diskType,omitempty"` + + // ReadOnly: Optional. Whether the disk is read only. If true, the disk + // may be shared by multiple VMs and source_snapshot must be set. + ReadOnly bool `json:"readOnly,omitempty"` + + // SourceImage: Optional. Name of the disk image to use as the source + // for the disk. Must be empty if source_snapshot is set. Updating + // source_image will update content in the ephemeral directory after the + // workstation is restarted. This field is mutable. + SourceImage string `json:"sourceImage,omitempty"` + + // SourceSnapshot: Optional. Name of the snapshot to use as the source + // for the disk. Must be empty if source_image is set. Updating + // source_snapshot will update content in the ephemeral directory after + // the workstation is restarted. This field is mutable. + SourceSnapshot string `json:"sourceSnapshot,omitempty"` + + // ForceSendFields is a list of field names (e.g. "DiskType") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "DiskType") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *GcePersistentDisk) MarshalJSON() ([]byte, error) { + type NoMethod GcePersistentDisk + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // GceRegionalPersistentDisk: A PersistentDirectory backed by a Compute // Engine regional persistent disk. The persistent_directories field is // repeated, but it may contain only one entry. It creates a persistent @@ -1796,6 +1884,10 @@ type Workstation struct { // currently being updated to match its intended state. Reconciling bool `json:"reconciling,omitempty"` + // StartTime: Output only. Time when this workstation was most recently + // successfully started, regardless of the workstation's initial state. + StartTime string `json:"startTime,omitempty"` + // State: Output only. Current state of the workstation. // // Possible values: @@ -2005,6 +2097,10 @@ type WorkstationConfig struct { // after the workstation configuration is created. EncryptionKey *CustomerEncryptionKey `json:"encryptionKey,omitempty"` + // EphemeralDirectories: Optional. Ephemeral directories which won't + // persist across workstation sessions. + EphemeralDirectories []*EphemeralDirectory `json:"ephemeralDirectories,omitempty"` + // Etag: Optional. Checksum computed by the server. May be sent on // update and delete requests to make sure that the client has an // up-to-date value before proceeding. @@ -2045,6 +2141,14 @@ type WorkstationConfig struct { // configuration is currently being updated to match its intended state. Reconciling bool `json:"reconciling,omitempty"` + // ReplicaZones: Optional. Immutable. Specifies the zones used to + // replicate the VM and disk resources within the region. If set, + // exactly two zones within the workstation cluster's region must be + // specified—for example, `['us-central1-a', 'us-central1-f']`. If + // this field is empty, two default zones within the region are used. + // Immutable after the workstation configuration is created. + ReplicaZones []string `json:"replicaZones,omitempty"` + // RunningTimeout: Optional. Number of seconds that a workstation can // run until it is automatically shut down. We recommend that // workstations be shut down daily to reduce costs and so that security