1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct Subject {
/// ID of the subject.
///
/// It can contain one of the following values:
/// * `allAuthenticatedUsers`: A special public group that represents anyone
/// who is authenticated. It can be used only if the \[type\] is `system`.
/// * `allUsers`: A special public group that represents anyone. No authentication is required.
/// For example, you don't need to specify the IAM token in an API query.
/// It can be used only if the \[type\] is `system`.
/// * `group:organization:<id>:users`: A special system group that represents all members of organization
/// with given <id>. It can be used only if the \[type\] is `system`.
/// * `group:federation:<id>:users`: A special system group that represents all users of federation
/// with given <id>. It can be used only if the \[type\] is `system`.
/// * `<cloud generated id>`: An identifier that represents a user account.
/// It can be used only if the \[type\] is `userAccount`, `federatedUser` or `serviceAccount`.
#[prost(string, tag = "1")]
pub id: ::prost::alloc::string::String,
/// Type of the subject.
///
/// It can contain one of the following values:
/// * `userAccount`: An account on Yandex or Yandex Connect, added to Yandex Cloud.
/// * `serviceAccount`: A service account. This type represents the \[yandex.cloud.iam.v1.ServiceAccount\] resource.
/// * `federatedUser`: A federated account. This type represents a user from an identity federation, like Active Directory.
/// * `system`: System group. This type represents several accounts with a common system identifier.
///
/// For more information, see [Subject to which the role is assigned](/docs/iam/concepts/access-control/#subject).
#[prost(string, tag = "2")]
pub r#type: ::prost::alloc::string::String,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct AccessBinding {
/// ID of the \[yandex.cloud.iam.v1.Role\] that is assigned to the \[subject\].
#[prost(string, tag = "1")]
pub role_id: ::prost::alloc::string::String,
/// Identity for which access binding is being created.
/// It can represent an account with a unique ID or several accounts with a system identifier.
#[prost(message, optional, tag = "2")]
pub subject: ::core::option::Option<Subject>,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ListAccessBindingsRequest {
/// ID of the resource to list access bindings for.
///
/// To get the resource ID, use a corresponding List request.
/// For example, use the \[yandex.cloud.resourcemanager.v1.CloudService.List\] request to get the Cloud resource ID.
#[prost(string, tag = "1")]
pub resource_id: ::prost::alloc::string::String,
/// The maximum number of results per page that should be returned. If the number of available
/// results is larger than \[page_size\],
/// the service returns a \[ListAccessBindingsResponse.next_page_token\]
/// that can be used to get the next page of results in subsequent list requests.
/// Default value: 100.
#[prost(int64, tag = "2")]
pub page_size: i64,
/// Page token. Set \[page_token\]
/// to the \[ListAccessBindingsResponse.next_page_token\]
/// returned by a previous list request to get the next page of results.
#[prost(string, tag = "3")]
pub page_token: ::prost::alloc::string::String,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ListAccessBindingsResponse {
/// List of access bindings for the specified resource.
#[prost(message, repeated, tag = "1")]
pub access_bindings: ::prost::alloc::vec::Vec<AccessBinding>,
/// This token allows you to get the next page of results for list requests. If the number of results
/// is larger than \[ListAccessBindingsRequest.page_size\], use
/// the \[next_page_token\] as the value
/// for the \[ListAccessBindingsRequest.page_token\] query parameter
/// in the next list request. Each subsequent list request will have its own
/// \[next_page_token\] to continue paging through the results.
#[prost(string, tag = "2")]
pub next_page_token: ::prost::alloc::string::String,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct SetAccessBindingsRequest {
/// ID of the resource for which access bindings are being set.
///
/// To get the resource ID, use a corresponding List request.
#[prost(string, tag = "1")]
pub resource_id: ::prost::alloc::string::String,
/// Access bindings to be set. For more information, see [Access Bindings](/docs/iam/concepts/access-control/#access-bindings).
#[prost(message, repeated, tag = "2")]
pub access_bindings: ::prost::alloc::vec::Vec<AccessBinding>,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct SetAccessBindingsMetadata {
/// ID of the resource for which access bindings are being set.
#[prost(string, tag = "1")]
pub resource_id: ::prost::alloc::string::String,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct UpdateAccessBindingsRequest {
/// ID of the resource for which access bindings are being updated.
#[prost(string, tag = "1")]
pub resource_id: ::prost::alloc::string::String,
/// Updates to access bindings.
#[prost(message, repeated, tag = "2")]
pub access_binding_deltas: ::prost::alloc::vec::Vec<AccessBindingDelta>,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct UpdateAccessBindingsMetadata {
/// ID of the resource for which access bindings are being updated.
#[prost(string, tag = "1")]
pub resource_id: ::prost::alloc::string::String,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct AccessBindingDelta {
/// The action that is being performed on an access binding.
#[prost(enumeration = "AccessBindingAction", tag = "1")]
pub action: i32,
/// Access binding. For more information, see [Access Bindings](/docs/iam/concepts/access-control/#access-bindings).
#[prost(message, optional, tag = "2")]
pub access_binding: ::core::option::Option<AccessBinding>,
}
#[allow(clippy::derive_partial_eq_without_eq)]
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct AccessBindingsOperationResult {
/// Result access binding deltas.
#[prost(message, repeated, tag = "1")]
pub effective_deltas: ::prost::alloc::vec::Vec<AccessBindingDelta>,
}
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)]
#[repr(i32)]
pub enum AccessBindingAction {
Unspecified = 0,
/// Addition of an access binding.
Add = 1,
/// Removal of an access binding.
Remove = 2,
}
impl AccessBindingAction {
/// String value of the enum field names used in the ProtoBuf definition.
///
/// The values are not transformed in any way and thus are considered stable
/// (if the ProtoBuf definition does not change) and safe for programmatic use.
pub fn as_str_name(&self) -> &'static str {
match self {
AccessBindingAction::Unspecified => "ACCESS_BINDING_ACTION_UNSPECIFIED",
AccessBindingAction::Add => "ADD",
AccessBindingAction::Remove => "REMOVE",
}
}
/// Creates an enum from field names used in the ProtoBuf definition.
pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
match value {
"ACCESS_BINDING_ACTION_UNSPECIFIED" => Some(Self::Unspecified),
"ADD" => Some(Self::Add),
"REMOVE" => Some(Self::Remove),
_ => None,
}
}
}