Module google_accesscontextmanager1_beta::api

Structs

AccessContextManager	Central instance to access all AccessContextManager related resource activities
AccessLevel	An AccessLevel is a label that can be applied to requests to Google Cloud services, along with a list of requirements necessary for the label to be applied.
AccessPolicy	AccessPolicy is a container for AccessLevels (which define the necessary attributes to use Google Cloud services) and ServicePerimeters (which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization.
AccessPolicyAccessLevelCreateCall	Create an Access Level. The longrunning operation from this RPC will have a successful status once the Access Level has propagated to long-lasting storage. Access Levels containing errors will result in an error response for the first error encountered.
AccessPolicyAccessLevelDeleteCall	Delete an Access Level by resource name. The longrunning operation from this RPC will have a successful status once the Access Level has been removed from long-lasting storage.
AccessPolicyAccessLevelGetCall	Get an Access Level by resource name.
AccessPolicyAccessLevelListCall	List all Access Levels for an access policy.
AccessPolicyAccessLevelPatchCall	Update an Access Level. The longrunning operation from this RPC will have a successful status once the changes to the Access Level have propagated to long-lasting storage. Access Levels containing errors will result in an error response for the first error encountered.
AccessPolicyCreateCall	Create an AccessPolicy. Fails if this organization already has a AccessPolicy. The longrunning Operation will have a successful status once the AccessPolicy has propagated to long-lasting storage. Syntactic and basic semantic errors will be returned in metadata as a BadRequest proto.
AccessPolicyDeleteCall	Delete an AccessPolicy by resource name. The longrunning Operation will have a successful status once the AccessPolicy has been removed from long-lasting storage.
AccessPolicyGetCall	Get an AccessPolicy by name.
AccessPolicyListCall	List all AccessPolicies under a container.
AccessPolicyMethods	A builder providing access to all methods supported on accessPolicy resources. It is not used directly, but through the AccessContextManager hub.
AccessPolicyPatchCall	Update an AccessPolicy. The longrunning Operation from this RPC will have a successful status once the changes to the AccessPolicy have propagated to long-lasting storage. Syntactic and basic semantic errors will be returned in metadata as a BadRequest proto.
AccessPolicyServicePerimeterCreateCall	Create a Service Perimeter. The longrunning operation from this RPC will have a successful status once the Service Perimeter has propagated to long-lasting storage. Service Perimeters containing errors will result in an error response for the first error encountered.
AccessPolicyServicePerimeterDeleteCall	Delete a Service Perimeter by resource name. The longrunning operation from this RPC will have a successful status once the Service Perimeter has been removed from long-lasting storage.
AccessPolicyServicePerimeterGetCall	Get a Service Perimeter by resource name.
AccessPolicyServicePerimeterListCall	List all Service Perimeters for an access policy.
AccessPolicyServicePerimeterPatchCall	Update a Service Perimeter. The longrunning operation from this RPC will have a successful status once the changes to the Service Perimeter have propagated to long-lasting storage. Service Perimeter containing errors will result in an error response for the first error encountered.
BasicLevel	BasicLevel is an AccessLevel using a set of recommended features.
Condition	A condition necessary for an AccessLevel to be granted. The Condition is an AND over its fields. So a Condition is true if: 1) the request IP is from one of the listed subnetworks AND 2) the originating device complies with the listed device policy AND 3) all listed access levels are granted AND 4) the request was sent at a time allowed by the DateTimeRestriction.
CustomLevel	CustomLevel is an AccessLevel using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec
DevicePolicy	DevicePolicy specifies device specific restrictions necessary to acquire a given access level. A DevicePolicy specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. DevicePolicy acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.
Expr	Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: “Summary size limit” description: “Determines if a summary is less than 100 chars” expression: “document.summary.size() < 100” Example (Equality): title: “Requestor is owner” description: “Determines if requestor is the document owner” expression: “document.owner == request.auth.claims.email” Example (Logic): title: “Public documents” description: “Determine whether the document should be publicly visible” expression: “document.type != ‘private’ && document.type != ‘internal’” Example (Data Manipulation): title: “Notification string” description: “Create a notification string with a timestamp.” expression: “’New message received at ’ + string(document.create_time)” The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
ListAccessLevelsResponse	A response to ListAccessLevelsRequest.
ListAccessPoliciesResponse	A response to ListAccessPoliciesRequest.
ListServicePerimetersResponse	A response to ListServicePerimetersRequest.
Operation	This resource represents a long-running operation that is the result of a network API call.
OperationGetCall	Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.
OperationMethods	A builder providing access to all methods supported on operation resources. It is not used directly, but through the AccessContextManager hub.
OsConstraint	A restriction on the OS type and version of devices making requests.
ServicePerimeter	ServicePerimeter describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the ServicePerimeter. If a request with a source within this ServicePerimeter has a target outside of the ServicePerimeter, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google Cloud project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as members, a single Google Cloud project may belong to multiple Service Perimeter Bridges.
ServicePerimeterConfig	ServicePerimeterConfig specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.
Status	The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by gRPC. Each Status message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the API Design Guide.
VpcAccessibleServices	Specifies how APIs are allowed to communicate within the Service Perimeter.

Enums

Scope

Identifies the an OAuth2 authorization scope. A scope is needed when requesting an authorization token.