#[derive(Clone, PartialEq, ::prost::Message)]
pub struct AccessLocations {
#[prost(string, tag = "1")]
pub principal_office_country: ::prost::alloc::string::String,
#[prost(string, tag = "2")]
pub principal_physical_location_country: ::prost::alloc::string::String,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct AccessReason {
#[prost(enumeration = "access_reason::Type", tag = "1")]
pub r#type: i32,
#[prost(string, tag = "2")]
pub detail: ::prost::alloc::string::String,
}
pub mod access_reason {
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)]
#[repr(i32)]
pub enum Type {
Unspecified = 0,
CustomerInitiatedSupport = 1,
GoogleInitiatedService = 2,
GoogleInitiatedReview = 3,
}
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ApproveDecision {
#[prost(message, optional, tag = "1")]
pub approve_time: ::core::option::Option<::prost_types::Timestamp>,
#[prost(message, optional, tag = "2")]
pub expire_time: ::core::option::Option<::prost_types::Timestamp>,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DismissDecision {
#[prost(message, optional, tag = "1")]
pub dismiss_time: ::core::option::Option<::prost_types::Timestamp>,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ResourceProperties {
#[prost(bool, tag = "1")]
pub excludes_descendants: bool,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ApprovalRequest {
#[prost(string, tag = "1")]
pub name: ::prost::alloc::string::String,
#[prost(string, tag = "2")]
pub requested_resource_name: ::prost::alloc::string::String,
#[prost(message, optional, tag = "9")]
pub requested_resource_properties: ::core::option::Option<ResourceProperties>,
#[prost(message, optional, tag = "3")]
pub requested_reason: ::core::option::Option<AccessReason>,
#[prost(message, optional, tag = "4")]
pub requested_locations: ::core::option::Option<AccessLocations>,
#[prost(message, optional, tag = "5")]
pub request_time: ::core::option::Option<::prost_types::Timestamp>,
#[prost(message, optional, tag = "6")]
pub requested_expiration: ::core::option::Option<::prost_types::Timestamp>,
#[prost(oneof = "approval_request::Decision", tags = "7, 8")]
pub decision: ::core::option::Option<approval_request::Decision>,
}
pub mod approval_request {
#[derive(Clone, PartialEq, ::prost::Oneof)]
pub enum Decision {
#[prost(message, tag = "7")]
Approve(super::ApproveDecision),
#[prost(message, tag = "8")]
Dismiss(super::DismissDecision),
}
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct EnrolledService {
#[prost(string, tag = "1")]
pub cloud_product: ::prost::alloc::string::String,
#[prost(enumeration = "EnrollmentLevel", tag = "2")]
pub enrollment_level: i32,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct AccessApprovalSettings {
#[prost(string, tag = "1")]
pub name: ::prost::alloc::string::String,
#[prost(string, repeated, tag = "2")]
pub notification_emails: ::prost::alloc::vec::Vec<::prost::alloc::string::String>,
#[prost(message, repeated, tag = "3")]
pub enrolled_services: ::prost::alloc::vec::Vec<EnrolledService>,
#[prost(bool, tag = "4")]
pub enrolled_ancestor: bool,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ListApprovalRequestsMessage {
#[prost(string, tag = "1")]
pub parent: ::prost::alloc::string::String,
#[prost(string, tag = "2")]
pub filter: ::prost::alloc::string::String,
#[prost(int32, tag = "3")]
pub page_size: i32,
#[prost(string, tag = "4")]
pub page_token: ::prost::alloc::string::String,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ListApprovalRequestsResponse {
#[prost(message, repeated, tag = "1")]
pub approval_requests: ::prost::alloc::vec::Vec<ApprovalRequest>,
#[prost(string, tag = "2")]
pub next_page_token: ::prost::alloc::string::String,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct GetApprovalRequestMessage {
#[prost(string, tag = "1")]
pub name: ::prost::alloc::string::String,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ApproveApprovalRequestMessage {
#[prost(string, tag = "1")]
pub name: ::prost::alloc::string::String,
#[prost(message, optional, tag = "2")]
pub expire_time: ::core::option::Option<::prost_types::Timestamp>,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DismissApprovalRequestMessage {
#[prost(string, tag = "1")]
pub name: ::prost::alloc::string::String,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct GetAccessApprovalSettingsMessage {
#[prost(string, tag = "1")]
pub name: ::prost::alloc::string::String,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct UpdateAccessApprovalSettingsMessage {
#[prost(message, optional, tag = "1")]
pub settings: ::core::option::Option<AccessApprovalSettings>,
#[prost(message, optional, tag = "2")]
pub update_mask: ::core::option::Option<::prost_types::FieldMask>,
}
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct DeleteAccessApprovalSettingsMessage {
#[prost(string, tag = "1")]
pub name: ::prost::alloc::string::String,
}
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)]
#[repr(i32)]
pub enum EnrollmentLevel {
Unspecified = 0,
BlockAll = 1,
}
#[doc = r" Generated client implementations."]
pub mod access_approval_client {
#![allow(unused_variables, dead_code, missing_docs, clippy::let_unit_value)]
use tonic::codegen::*;
#[doc = " This API allows a customer to manage accesses to cloud resources by"]
#[doc = " Google personnel. It defines the following resource model:"]
#[doc = ""]
#[doc = " - The API has a collection of"]
#[doc = " [ApprovalRequest][google.cloud.accessapproval.v1.ApprovalRequest]"]
#[doc = " resources, named `approvalRequests/{approval_request_id}`"]
#[doc = " - The API has top-level settings per Project/Folder/Organization, named"]
#[doc = " `accessApprovalSettings`"]
#[doc = ""]
#[doc = " The service also periodically emails a list of recipients, defined at the"]
#[doc = " Project/Folder/Organization level in the accessApprovalSettings, when there"]
#[doc = " is a pending ApprovalRequest for them to act on. The ApprovalRequests can"]
#[doc = " also optionally be published to a Cloud Pub/Sub topic owned by the customer"]
#[doc = " (for Beta, the Pub/Sub setup is managed manually)."]
#[doc = ""]
#[doc = " ApprovalRequests can be approved or dismissed. Google personel can only"]
#[doc = " access the indicated resource or resources if the request is approved"]
#[doc = " (subject to some exclusions:"]
#[doc = " https://cloud.google.com/access-approval/docs/overview#exclusions)."]
#[doc = ""]
#[doc = " Note: Using Access Approval functionality will mean that Google may not be"]
#[doc = " able to meet the SLAs for your chosen products, as any support response times"]
#[doc = " may be dramatically increased. As such the SLAs do not apply to any service"]
#[doc = " disruption to the extent impacted by Customer's use of Access Approval. Do"]
#[doc = " not enable Access Approval for projects where you may require high service"]
#[doc = " availability and rapid response by Google Cloud Support."]
#[doc = ""]
#[doc = " After a request is approved or dismissed, no further action may be taken on"]
#[doc = " it. Requests with the requested_expiration in the past or with no activity"]
#[doc = " for 14 days are considered dismissed. When an approval expires, the request"]
#[doc = " is considered dismissed."]
#[doc = ""]
#[doc = " If a request is not approved or dismissed, we call it pending."]
#[derive(Debug, Clone)]
pub struct AccessApprovalClient<T> {
inner: tonic::client::Grpc<T>,
}
impl<T> AccessApprovalClient<T>
where
T: tonic::client::GrpcService<tonic::body::BoxBody>,
T::ResponseBody: Body + Send + 'static,
T::Error: Into<StdError>,
<T::ResponseBody as Body>::Error: Into<StdError> + Send,
{
pub fn new(inner: T) -> Self {
let inner = tonic::client::Grpc::new(inner);
Self { inner }
}
pub fn with_interceptor<F>(
inner: T,
interceptor: F,
) -> AccessApprovalClient<InterceptedService<T, F>>
where
F: tonic::service::Interceptor,
T: tonic::codegen::Service<
http::Request<tonic::body::BoxBody>,
Response = http::Response<
<T as tonic::client::GrpcService<tonic::body::BoxBody>>::ResponseBody,
>,
>,
<T as tonic::codegen::Service<http::Request<tonic::body::BoxBody>>>::Error:
Into<StdError> + Send + Sync,
{
AccessApprovalClient::new(InterceptedService::new(inner, interceptor))
}
#[doc = r" Compress requests with `gzip`."]
#[doc = r""]
#[doc = r" This requires the server to support it otherwise it might respond with an"]
#[doc = r" error."]
pub fn send_gzip(mut self) -> Self {
self.inner = self.inner.send_gzip();
self
}
#[doc = r" Enable decompressing responses with `gzip`."]
pub fn accept_gzip(mut self) -> Self {
self.inner = self.inner.accept_gzip();
self
}
#[doc = " Lists approval requests associated with a project, folder, or organization."]
#[doc = " Approval requests can be filtered by state (pending, active, dismissed)."]
#[doc = " The order is reverse chronological."]
pub async fn list_approval_requests(
&mut self,
request: impl tonic::IntoRequest<super::ListApprovalRequestsMessage>,
) -> Result<tonic::Response<super::ListApprovalRequestsResponse>, tonic::Status> {
self.inner.ready().await.map_err(|e| {
tonic::Status::new(
tonic::Code::Unknown,
format!("Service was not ready: {}", e.into()),
)
})?;
let codec = tonic::codec::ProstCodec::default();
let path = http::uri::PathAndQuery::from_static(
"/google.cloud.accessapproval.v1.AccessApproval/ListApprovalRequests",
);
self.inner.unary(request.into_request(), path, codec).await
}
#[doc = " Gets an approval request. Returns NOT_FOUND if the request does not exist."]
pub async fn get_approval_request(
&mut self,
request: impl tonic::IntoRequest<super::GetApprovalRequestMessage>,
) -> Result<tonic::Response<super::ApprovalRequest>, tonic::Status> {
self.inner.ready().await.map_err(|e| {
tonic::Status::new(
tonic::Code::Unknown,
format!("Service was not ready: {}", e.into()),
)
})?;
let codec = tonic::codec::ProstCodec::default();
let path = http::uri::PathAndQuery::from_static(
"/google.cloud.accessapproval.v1.AccessApproval/GetApprovalRequest",
);
self.inner.unary(request.into_request(), path, codec).await
}
#[doc = " Approves a request and returns the updated ApprovalRequest."]
#[doc = ""]
#[doc = " Returns NOT_FOUND if the request does not exist. Returns"]
#[doc = " FAILED_PRECONDITION if the request exists but is not in a pending state."]
pub async fn approve_approval_request(
&mut self,
request: impl tonic::IntoRequest<super::ApproveApprovalRequestMessage>,
) -> Result<tonic::Response<super::ApprovalRequest>, tonic::Status> {
self.inner.ready().await.map_err(|e| {
tonic::Status::new(
tonic::Code::Unknown,
format!("Service was not ready: {}", e.into()),
)
})?;
let codec = tonic::codec::ProstCodec::default();
let path = http::uri::PathAndQuery::from_static(
"/google.cloud.accessapproval.v1.AccessApproval/ApproveApprovalRequest",
);
self.inner.unary(request.into_request(), path, codec).await
}
#[doc = " Dismisses a request. Returns the updated ApprovalRequest."]
#[doc = ""]
#[doc = " NOTE: This does not deny access to the resource if another request has been"]
#[doc = " made and approved. It is equivalent in effect to ignoring the request"]
#[doc = " altogether."]
#[doc = ""]
#[doc = " Returns NOT_FOUND if the request does not exist."]
#[doc = ""]
#[doc = " Returns FAILED_PRECONDITION if the request exists but is not in a pending"]
#[doc = " state."]
pub async fn dismiss_approval_request(
&mut self,
request: impl tonic::IntoRequest<super::DismissApprovalRequestMessage>,
) -> Result<tonic::Response<super::ApprovalRequest>, tonic::Status> {
self.inner.ready().await.map_err(|e| {
tonic::Status::new(
tonic::Code::Unknown,
format!("Service was not ready: {}", e.into()),
)
})?;
let codec = tonic::codec::ProstCodec::default();
let path = http::uri::PathAndQuery::from_static(
"/google.cloud.accessapproval.v1.AccessApproval/DismissApprovalRequest",
);
self.inner.unary(request.into_request(), path, codec).await
}
#[doc = " Gets the settings associated with a project, folder, or organization."]
pub async fn get_access_approval_settings(
&mut self,
request: impl tonic::IntoRequest<super::GetAccessApprovalSettingsMessage>,
) -> Result<tonic::Response<super::AccessApprovalSettings>, tonic::Status> {
self.inner.ready().await.map_err(|e| {
tonic::Status::new(
tonic::Code::Unknown,
format!("Service was not ready: {}", e.into()),
)
})?;
let codec = tonic::codec::ProstCodec::default();
let path = http::uri::PathAndQuery::from_static(
"/google.cloud.accessapproval.v1.AccessApproval/GetAccessApprovalSettings",
);
self.inner.unary(request.into_request(), path, codec).await
}
#[doc = " Updates the settings associated with a project, folder, or organization."]
#[doc = " Settings to update are determined by the value of field_mask."]
pub async fn update_access_approval_settings(
&mut self,
request: impl tonic::IntoRequest<super::UpdateAccessApprovalSettingsMessage>,
) -> Result<tonic::Response<super::AccessApprovalSettings>, tonic::Status> {
self.inner.ready().await.map_err(|e| {
tonic::Status::new(
tonic::Code::Unknown,
format!("Service was not ready: {}", e.into()),
)
})?;
let codec = tonic::codec::ProstCodec::default();
let path = http::uri::PathAndQuery::from_static(
"/google.cloud.accessapproval.v1.AccessApproval/UpdateAccessApprovalSettings",
);
self.inner.unary(request.into_request(), path, codec).await
}
#[doc = " Deletes the settings associated with a project, folder, or organization."]
#[doc = " This will have the effect of disabling Access Approval for the project,"]
#[doc = " folder, or organization, but only if all ancestors also have Access"]
#[doc = " Approval disabled. If Access Approval is enabled at a higher level of the"]
#[doc = " hierarchy, then Access Approval will still be enabled at this level as"]
#[doc = " the settings are inherited."]
pub async fn delete_access_approval_settings(
&mut self,
request: impl tonic::IntoRequest<super::DeleteAccessApprovalSettingsMessage>,
) -> Result<tonic::Response<()>, tonic::Status> {
self.inner.ready().await.map_err(|e| {
tonic::Status::new(
tonic::Code::Unknown,
format!("Service was not ready: {}", e.into()),
)
})?;
let codec = tonic::codec::ProstCodec::default();
let path = http::uri::PathAndQuery::from_static(
"/google.cloud.accessapproval.v1.AccessApproval/DeleteAccessApprovalSettings",
);
self.inner.unary(request.into_request(), path, codec).await
}
}
}