[][src]Crate google_accesscontextmanager1_beta

This documentation was generated from Access Context Manager crate version 1.0.10+20190626, where 20190626 is the exact revision of the accesscontextmanager:v1beta schema built by the mako code generator v1.0.10.

Everything else about the Access Context Manager v1_beta API can be found at the official documentation site. The original source code is on github.

Features

Handle the following Resources with ease from the central hub ...

Not what you are looking for ? Find all other Google APIs in their Rust documentation index.

Structure of this Library

The API is structured into the following primary items:

  • Hub
    • a central object to maintain state and allow accessing all Activities
    • creates Method Builders which in turn allow access to individual Call Builders
  • Resources
    • primary types that you can apply Activities to
    • a collection of properties and Parts
    • Parts
      • a collection of properties
      • never directly used in Activities
  • Activities
    • operations to apply to Resources

All structures are marked with applicable traits to further categorize them and ease browsing.

Generally speaking, you can invoke Activities like this:

let r = hub.resource().activity(...).doit()

Or specifically ...

This example is not tested
let r = hub.operations().get(...).doit()
let r = hub.access_policies().access_levels_create(...).doit()
let r = hub.access_policies().service_perimeters_create(...).doit()
let r = hub.access_policies().service_perimeters_delete(...).doit()
let r = hub.access_policies().access_levels_patch(...).doit()
let r = hub.access_policies().create(...).doit()
let r = hub.access_policies().delete(...).doit()
let r = hub.access_policies().service_perimeters_patch(...).doit()
let r = hub.access_policies().patch(...).doit()
let r = hub.access_policies().access_levels_delete(...).doit()

The resource() and activity(...) calls create builders. The second one dealing with Activities supports various methods to configure the impending operation (not shown here). It is made such that all required arguments have to be specified right away (i.e. (...)), whereas all optional ones can be build up as desired. The doit() method performs the actual communication with the server and returns the respective result.

Usage

Setting up your Project

To use this library, you would put the following lines into your Cargo.toml file:

[dependencies]
google-accesscontextmanager1_beta = "*"
# This project intentionally uses an old version of Hyper. See
# https://github.com/Byron/google-apis-rs/issues/173 for more
# information.
hyper = "^0.10"
hyper-rustls = "^0.6"
serde = "^1.0"
serde_json = "^1.0"
yup-oauth2 = "^1.0"

A complete example

extern crate hyper;
extern crate hyper_rustls;
extern crate yup_oauth2 as oauth2;
extern crate google_accesscontextmanager1_beta as accesscontextmanager1_beta;
use accesscontextmanager1_beta::AccessLevel;
use accesscontextmanager1_beta::{Result, Error};
use std::default::Default;
use oauth2::{Authenticator, DefaultAuthenticatorDelegate, ApplicationSecret, MemoryStorage};
use accesscontextmanager1_beta::AccessContextManager;
 
// Get an ApplicationSecret instance by some means. It contains the `client_id` and 
// `client_secret`, among other things.
let secret: ApplicationSecret = Default::default();
// Instantiate the authenticator. It will choose a suitable authentication flow for you, 
// unless you replace  `None` with the desired Flow.
// Provide your own `AuthenticatorDelegate` to adjust the way it operates and get feedback about 
// what's going on. You probably want to bring in your own `TokenStorage` to persist tokens and
// retrieve them from storage.
let auth = Authenticator::new(&secret, DefaultAuthenticatorDelegate,
                              hyper::Client::with_connector(hyper::net::HttpsConnector::new(hyper_rustls::TlsClient::new())),
                              <MemoryStorage as Default>::default(), None);
let mut hub = AccessContextManager::new(hyper::Client::with_connector(hyper::net::HttpsConnector::new(hyper_rustls::TlsClient::new())), auth);
// As the method needs a request, you would usually fill it with the desired information
// into the respective structure. Some of the parts shown here might not be applicable !
// Values shown here are possibly random and not representative !
let mut req = AccessLevel::default();
 
// You can configure optional parameters by calling the respective setters at will, and
// execute the final call using `doit()`.
// Values shown here are possibly random and not representative !
let result = hub.access_policies().access_levels_patch(req, "name")
             .update_mask("sed")
             .doit();
 
match result {
    Err(e) => match e {
        // The Error enum provides details about what exactly happened.
        // You can also just use its `Debug`, `Display` or `Error` traits
         Error::HttpError(_)
        |Error::MissingAPIKey
        |Error::MissingToken(_)
        |Error::Cancelled
        |Error::UploadSizeLimitExceeded(_, _)
        |Error::Failure(_)
        |Error::BadRequest(_)
        |Error::FieldClash(_)
        |Error::JsonDecodeError(_, _) => println!("{}", e),
    },
    Ok(res) => println!("Success: {:?}", res),
}

Handling Errors

All errors produced by the system are provided either as Result enumeration as return value of the doit() methods, or handed as possibly intermediate results to either the Hub Delegate, or the Authenticator Delegate.

When delegates handle errors or intermediate values, they may have a chance to instruct the system to retry. This makes the system potentially resilient to all kinds of errors.

Uploads and Downloads

If a method supports downloads, the response body, which is part of the Result, should be read by you to obtain the media. If such a method also supports a Response Result, it will return that by default. You can see it as meta-data for the actual media. To trigger a media download, you will have to set up the builder by making this call: .param("alt", "media").

Methods supporting uploads can do so using up to 2 different protocols: simple and resumable. The distinctiveness of each is represented by customized doit(...) methods, which are then named upload(...) and upload_resumable(...) respectively.

Customization and Callbacks

You may alter the way an doit() method is called by providing a delegate to the Method Builder before making the final doit() call. Respective methods will be called to provide progress information, as well as determine whether the system should retry on failure.

The delegate trait is default-implemented, allowing you to customize it with minimal effort.

Optional Parts in Server-Requests

All structures provided by this library are made to be enocodable and decodable via json. Optionals are used to indicate that partial requests are responses are valid. Most optionals are are considered Parts which are identifiable by name, which will be sent to the server to indicate either the set parts of the request or the desired parts in the response.

Builder Arguments

Using method builders, you are able to prepare an action call by repeatedly calling it's methods. These will always take a single argument, for which the following statements are true.

Arguments will always be copied or cloned into the builder, to make them independent of their original life times.

Structs

AccessContextManager

Central instance to access all AccessContextManager related resource activities

AccessLevel

An AccessLevel is a label that can be applied to requests to GCP services, along with a list of requirements necessary for the label to be applied.

AccessPolicy

AccessPolicy is a container for AccessLevels (which define the necessary attributes to use GCP services) and ServicePerimeters (which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization.

AccessPolicyAccessLevelCreateCall

Create an Access Level. The longrunning operation from this RPC will have a successful status once the Access Level has propagated to long-lasting storage. Access Levels containing errors will result in an error response for the first error encountered.

AccessPolicyAccessLevelDeleteCall

Delete an Access Level by resource name. The longrunning operation from this RPC will have a successful status once the Access Level has been removed from long-lasting storage.

AccessPolicyAccessLevelGetCall

Get an Access Level by resource name.

AccessPolicyAccessLevelListCall

List all Access Levels for an access policy.

AccessPolicyAccessLevelPatchCall

Update an Access Level. The longrunning operation from this RPC will have a successful status once the changes to the Access Level have propagated to long-lasting storage. Access Levels containing errors will result in an error response for the first error encountered.

AccessPolicyCreateCall

Create an AccessPolicy. Fails if this organization already has a AccessPolicy. The longrunning Operation will have a successful status once the AccessPolicy has propagated to long-lasting storage. Syntactic and basic semantic errors will be returned in metadata as a BadRequest proto.

AccessPolicyDeleteCall

Delete an AccessPolicy by resource name. The longrunning Operation will have a successful status once the AccessPolicy has been removed from long-lasting storage.

AccessPolicyGetCall

Get an AccessPolicy by name.

AccessPolicyListCall

List all AccessPolicies under a container.

AccessPolicyMethods

A builder providing access to all methods supported on accessPolicy resources. It is not used directly, but through the AccessContextManager hub.

AccessPolicyPatchCall

Update an AccessPolicy. The longrunning Operation from this RPC will have a successful status once the changes to the AccessPolicy have propagated to long-lasting storage. Syntactic and basic semantic errors will be returned in metadata as a BadRequest proto.

AccessPolicyServicePerimeterCreateCall

Create an Service Perimeter. The longrunning operation from this RPC will have a successful status once the Service Perimeter has propagated to long-lasting storage. Service Perimeters containing errors will result in an error response for the first error encountered.

AccessPolicyServicePerimeterDeleteCall

Delete an Service Perimeter by resource name. The longrunning operation from this RPC will have a successful status once the Service Perimeter has been removed from long-lasting storage.

AccessPolicyServicePerimeterGetCall

Get an Service Perimeter by resource name.

AccessPolicyServicePerimeterListCall

List all Service Perimeters for an access policy.

AccessPolicyServicePerimeterPatchCall

Update an Service Perimeter. The longrunning operation from this RPC will have a successful status once the changes to the Service Perimeter have propagated to long-lasting storage. Service Perimeter containing errors will result in an error response for the first error encountered.

BasicLevel

BasicLevel is an AccessLevel using a set of recommended features.

BridgeServiceRestriction

Alpha. Specifies which services are granted access via this Bridge Service Perimeter.

Chunk
Condition

A condition necessary for an AccessLevel to be granted. The Condition is an AND over its fields. So a Condition is true if: 1) the request IP is from one of the listed subnetworks AND 2) the originating device complies with the listed device policy AND 3) all listed access levels are granted AND 4) the request was sent at a time allowed by the DateTimeRestriction.

ContentRange

Implements the Content-Range header, for serialization only

DefaultDelegate

A delegate with a conservative default implementation, which is used if no other delegate is set.

DevicePolicy

DevicePolicy specifies device specific restrictions necessary to acquire a given access level. A DevicePolicy specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. DevicePolicy acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.

DummyNetworkStream
ErrorResponse

A utility to represent detailed errors we might see in case there are BadRequests. The latter happen if the sent parameters or request structures are unsound

IngressServiceRestriction

Alpha. Specifies how Access Levels are to be used for accessing the Service Perimeter.

JsonServerError

A utility type which can decode a server response that indicates error

ListAccessLevelsResponse

A response to ListAccessLevelsRequest.

ListAccessPoliciesResponse

A response to ListAccessPoliciesRequest.

ListServicePerimetersResponse

A response to ListServicePerimetersRequest.

MethodInfo

Contains information about an API request.

MultiPartReader

Provides a Read interface that converts multiple parts into the protocol identified by RFC2387. Note: This implementation is just as rich as it needs to be to perform uploads to google APIs, and might not be a fully-featured implementation.

Operation

This resource represents a long-running operation that is the result of a network API call.

OperationGetCall

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

OperationMethods

A builder providing access to all methods supported on operation resources. It is not used directly, but through the AccessContextManager hub.

OsConstraint

A restriction on the OS type and version of devices making requests.

RangeResponseHeader
ResumableUploadHelper

A utility type to perform a resumable upload from start to end.

ServerError
ServerMessage
ServicePerimeter

ServicePerimeter describes a set of GCP resources which can freely import and export data amongst themselves, but not export outside of the ServicePerimeter. If a request with a source within this ServicePerimeter has a target outside of the ServicePerimeter, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single GCP project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only GCP projects as members, a single GCP project may belong to multiple Service Perimeter Bridges.

ServicePerimeterConfig

ServicePerimeterConfig specifies a set of GCP resources that describe specific Service Perimeter configuration.

Status

The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by gRPC. Each Status message contains three pieces of data: error code, error message, and error details.

VpcServiceRestriction

Alpha. Specifies how APIs are allowed to communicate within the Service Perimeter.

XUploadContentType

The X-Upload-Content-Type header.

Enums

Error
Scope

Identifies the an OAuth2 authorization scope. A scope is needed when requesting an authorization token.

Traits

CallBuilder

Identifies types which represent builders for a particular resource method

Delegate

A trait specifying functionality to help controlling any request performed by the API. The trait has a conservative default implementation.

Hub

Identifies the Hub. There is only one per library, this trait is supposed to make intended use more explicit. The hub allows to access all resource methods more easily.

MethodsBuilder

Identifies types for building methods of a particular resource type

NestedType

Identifies types which are only used by other types internally. They have no special meaning, this trait just marks them for completeness.

Part

Identifies types which are only used as part of other types, which usually are carrying the Resource trait.

ReadSeek

A utility to specify reader types which provide seeking capabilities too

RequestValue

Identifies types which are used in API requests.

Resource

Identifies types which can be inserted and deleted. Types with this trait are most commonly used by clients of this API.

ResponseResult

Identifies types which are used in API responses.

ToParts

A trait for all types that can convert themselves into a parts string

UnusedType

Identifies types which are not actually used by the API This might be a bug within the google API schema.

Functions

remove_json_null_values

Type Definitions

Result

A universal result type used as return for all calls.