accesscontextmanager/v1 library

Access Context Manager API - v1

An API for setting attribute based access control to requests to Google Cloud services.

For more information, see cloud.google.com/access-context-manager/docs/reference/rest/

Create an instance of AccessContextManagerApi to access these resources:

• AccessPoliciesResource
  • AccessPoliciesAccessLevelsResource
  • AccessPoliciesAuthorizedOrgsDescsResource
  • AccessPoliciesServicePerimetersResource
• OperationsResource
• OrganizationsResource
  • OrganizationsGcpUserAccessBindingsResource

Classes

AccessContextManagerApi

An API for setting attribute based access control to requests to Google Cloud services.

AccessLevel

An AccessLevel is a label that can be applied to requests to Google Cloud services, along with a list of requirements necessary for the label to be applied.

AccessPoliciesAccessLevelsResource

AccessPoliciesAuthorizedOrgsDescsResource

AccessPoliciesResource

AccessPoliciesServicePerimetersResource

ApiOperation

Identification for an API Operation.

AuditConfig

Specifies the audit configuration for a service.

AuthorizedOrgsDesc

AuthorizedOrgsDesc contains data for an organization's authorization policy.

BasicLevel

BasicLevel is an AccessLevel using a set of recommended features.

Binding

Associates members, or principals, with a role.

CommitServicePerimetersRequest

A request to commit dry-run specs in all Service Perimeters belonging to an Access Policy.

Condition

A condition necessary for an AccessLevel to be granted.

CustomLevel

CustomLevel is an AccessLevel using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request.

DevicePolicy

DevicePolicy specifies device specific restrictions necessary to acquire a given access level.

EgressPolicy

Policy for egress from perimeter.

EgressTo

Defines the conditions under which an EgressPolicy matches a request.

GcpUserAccessBinding

Restricts access to Cloud Console and Google Cloud APIs for a set of users using Context-Aware Access.

GetIamPolicyRequest

Request message for GetIamPolicy method.

IngressFrom

Defines the conditions under which an IngressPolicy matches a request.

IngressPolicy

Policy for ingress into ServicePerimeter.

IngressTo

Defines the conditions under which an IngressPolicy matches a request.

ListAccessLevelsResponse

A response to ListAccessLevelsRequest.

ListAccessPoliciesResponse

A response to ListAccessPoliciesRequest.

ListAuthorizedOrgsDescsResponse

A response to ListAuthorizedOrgsDescsRequest.

ListGcpUserAccessBindingsResponse

Response of ListGcpUserAccessBindings.

ListOperationsResponse

The response message for Operations.ListOperations.

ListServicePerimetersResponse

A response to ListServicePerimetersRequest.

Operation

This resource represents a long-running operation that is the result of a network API call.

OperationsResource

OrganizationsGcpUserAccessBindingsResource

OrganizationsResource

Policy

An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.

ReplaceAccessLevelsRequest

A request to replace all existing Access Levels in an Access Policy with the Access Levels provided.

ReplaceServicePerimetersRequest

A request to replace all existing Service Perimeters in an Access Policy with the Service Perimeters provided.

ServicePerimeter

ServicePerimeter describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the ServicePerimeter.

ServicePerimeterConfig

ServicePerimeterConfig specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.

SetIamPolicyRequest

Request message for SetIamPolicy method.

Typedefs

AccessPolicy = $AccessPolicy

AccessPolicy is a container for AccessLevels (which define the necessary attributes to use Google Cloud services) and ServicePerimeters (which define regions of services able to freely pass data within a perimeter).

AuditLogConfig = $AuditLogConfig

Provides the configuration for logging a type of permissions.

CancelOperationRequest = $Empty

The request message for Operations.CancelOperation.

EgressFrom = $EgressFrom

Defines the conditions under which an EgressPolicy matches a request.

Empty = $Empty

A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs.

Expr = $Expr

Represents a textual expression in the Common Expression Language (CEL) syntax.

GetPolicyOptions = $GetPolicyOptions

Encapsulates settings provided to GetIamPolicy.

IngressSource = $IngressSource

The source that IngressPolicy authorizes access from.

MethodSelector = $MethodSelector

An allowed method or permission of a service specified in ApiOperation.

OsConstraint = $OsConstraint

A restriction on the OS type and version of devices making requests.

Status = $Status

The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs.

TestIamPermissionsRequest = $TestIamPermissionsRequest00

Request message for TestIamPermissions method.

TestIamPermissionsResponse = $PermissionsResponse

Response message for TestIamPermissions method.

VpcAccessibleServices = $VpcAccessibleServices

Specifies how APIs are allowed to communicate within the Service Perimeter.

Exceptions / Errors

ApiRequestError

Represents a general error reported by the API endpoint.

DetailedApiRequestError

Represents a specific error reported by the API endpoint.