ErrorReason

google_cloud_api::model

Enum ErrorReason 

Source 
#[non_exhaustive]
pub enum ErrorReason {

Show 34 variants    Unspecified,
    ServiceDisabled,
    BillingDisabled,
    ApiKeyInvalid,
    ApiKeyServiceBlocked,
    ApiKeyHttpReferrerBlocked,
    ApiKeyIpAddressBlocked,
    ApiKeyAndroidAppBlocked,
    ApiKeyIosAppBlocked,
    RateLimitExceeded,
    ResourceQuotaExceeded,
    LocationTaxPolicyViolated,
    UserProjectDenied,
    ConsumerSuspended,
    ConsumerInvalid,
    SecurityPolicyViolated,
    AccessTokenExpired,
    AccessTokenScopeInsufficient,
    AccountStateInvalid,
    AccessTokenTypeUnsupported,
    CredentialsMissing,
    ResourceProjectInvalid,
    SessionCookieInvalid,
    UserBlockedByAdmin,
    ResourceUsageRestrictionViolated,
    SystemParameterUnsupported,
    OrgRestrictionViolation,
    OrgRestrictionHeaderInvalid,
    ServiceNotVisible,
    GcpSuspended,
    LocationPolicyViolated,
    MissingOrigin,
    OverloadedCredentials,
    UnknownValue(UnknownValue),

}
Expand description

Defines the supported values for google.rpc.ErrorInfo.reason for the googleapis.com error domain. This error domain is reserved for Service Infrastructure. For each error info of this domain, the metadata key “service” refers to the logical identifier of an API service, such as “pubsub.googleapis.com”. The “consumer” refers to the entity that consumes an API Service. It typically is a Google project that owns the client application or the server resource, such as “projects/123”. Other metadata keys are specific to each error reason. For more information, see the definition of the specific error reason.

§Working with unknown values

This enum is defined as #[non_exhaustive] because Google Cloud may add additional enum variants at any time. Adding new variants is not considered a breaking change. Applications should write their code in anticipation of:

  • New values appearing in future releases of the client library, and
  • New values received dynamically, without application changes.

Please consult the Working with enums section in the user guide for some guidelines.

Variants (Non-exhaustive)§

This enum is marked as non-exhaustive
Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.
§

Unspecified

Do not use this default value.

§

ServiceDisabled

The request is calling a disabled service for a consumer.

Example of an ErrorInfo when the consumer “projects/123” contacting “pubsub.googleapis.com” service which is disabled:

{ "reason": "SERVICE_DISABLED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "pubsub.googleapis.com"
  }
}

This response indicates the “pubsub.googleapis.com” has been disabled in “projects/123”.

§

BillingDisabled

The request whose associated billing account is disabled.

Example of an ErrorInfo when the consumer “projects/123” fails to contact “pubsub.googleapis.com” service because the associated billing account is disabled:

{ "reason": "BILLING_DISABLED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "pubsub.googleapis.com"
  }
}

This response indicates the billing account associated has been disabled.

§

ApiKeyInvalid

The request is denied because the provided API key is invalid. It may be in a bad format, cannot be found, or has been expired).

Example of an ErrorInfo when the request is contacting “storage.googleapis.com” service with an invalid API key:

{ "reason": "API_KEY_INVALID",
  "domain": "googleapis.com",
  "metadata": {
    "service": "storage.googleapis.com",
  }
}
§

ApiKeyServiceBlocked

The request is denied because it violates API key API restrictions.

Example of an ErrorInfo when the consumer “projects/123” fails to call the “storage.googleapis.com” service because this service is restricted in the API key:

{ "reason": "API_KEY_SERVICE_BLOCKED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "storage.googleapis.com"
  }
}
§

ApiKeyHttpReferrerBlocked

The request is denied because it violates API key HTTP restrictions.

Example of an ErrorInfo when the consumer “projects/123” fails to call “storage.googleapis.com” service because the http referrer of the request violates API key HTTP restrictions:

{ "reason": "API_KEY_HTTP_REFERRER_BLOCKED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "storage.googleapis.com",
  }
}
§

ApiKeyIpAddressBlocked

The request is denied because it violates API key IP address restrictions.

Example of an ErrorInfo when the consumer “projects/123” fails to call “storage.googleapis.com” service because the caller IP of the request violates API key IP address restrictions:

{ "reason": "API_KEY_IP_ADDRESS_BLOCKED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "storage.googleapis.com",
  }
}
§

ApiKeyAndroidAppBlocked

The request is denied because it violates API key Android application restrictions.

Example of an ErrorInfo when the consumer “projects/123” fails to call “storage.googleapis.com” service because the request from the Android apps violates the API key Android application restrictions:

{ "reason": "API_KEY_ANDROID_APP_BLOCKED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "storage.googleapis.com"
  }
}
§

ApiKeyIosAppBlocked

The request is denied because it violates API key iOS application restrictions.

Example of an ErrorInfo when the consumer “projects/123” fails to call “storage.googleapis.com” service because the request from the iOS apps violates the API key iOS application restrictions:

{ "reason": "API_KEY_IOS_APP_BLOCKED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "storage.googleapis.com"
  }
}
§

RateLimitExceeded

The request is denied because there is not enough rate quota for the consumer.

Example of an ErrorInfo when the consumer “projects/123” fails to contact “pubsub.googleapis.com” service because consumer’s rate quota usage has reached the maximum value set for the quota limit “ReadsPerMinutePerProject” on the quota metric “pubsub.googleapis.com/read_requests”:

{ "reason": "RATE_LIMIT_EXCEEDED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "pubsub.googleapis.com",
    "quota_metric": "pubsub.googleapis.com/read_requests",
    "quota_limit": "ReadsPerMinutePerProject"
  }
}

Example of an ErrorInfo when the consumer “projects/123” checks quota on the service “dataflow.googleapis.com” and hits the organization quota limit “DefaultRequestsPerMinutePerOrganization” on the metric “dataflow.googleapis.com/default_requests”.

{ "reason": "RATE_LIMIT_EXCEEDED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "dataflow.googleapis.com",
    "quota_metric": "dataflow.googleapis.com/default_requests",
    "quota_limit": "DefaultRequestsPerMinutePerOrganization"
  }
}
§

ResourceQuotaExceeded

The request is denied because there is not enough resource quota for the consumer.

Example of an ErrorInfo when the consumer “projects/123” fails to contact “compute.googleapis.com” service because consumer’s resource quota usage has reached the maximum value set for the quota limit “VMsPerProject” on the quota metric “compute.googleapis.com/vms”:

{ "reason": "RESOURCE_QUOTA_EXCEEDED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "compute.googleapis.com",
    "quota_metric": "compute.googleapis.com/vms",
    "quota_limit": "VMsPerProject"
  }
}

Example of an ErrorInfo when the consumer “projects/123” checks resource quota on the service “dataflow.googleapis.com” and hits the organization quota limit “jobs-per-organization” on the metric “dataflow.googleapis.com/job_count”.

{ "reason": "RESOURCE_QUOTA_EXCEEDED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "dataflow.googleapis.com",
    "quota_metric": "dataflow.googleapis.com/job_count",
    "quota_limit": "jobs-per-organization"
  }
}
§

LocationTaxPolicyViolated

The request whose associated billing account address is in a tax restricted location, violates the local tax restrictions when creating resources in the restricted region.

Example of an ErrorInfo when creating the Cloud Storage Bucket in the container “projects/123” under a tax restricted region “locations/asia-northeast3”:

{ "reason": "LOCATION_TAX_POLICY_VIOLATED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "storage.googleapis.com",
    "location": "locations/asia-northeast3"
  }
}

This response indicates creating the Cloud Storage Bucket in “locations/asia-northeast3” violates the location tax restriction.

§

UserProjectDenied

The request is denied because the caller does not have required permission on the user project “projects/123” or the user project is invalid. For more information, check the userProject System Parameters.

Example of an ErrorInfo when the caller is calling Cloud Storage service with insufficient permissions on the user project:

{ "reason": "USER_PROJECT_DENIED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "storage.googleapis.com"
  }
}
§

ConsumerSuspended

The request is denied because the consumer “projects/123” is suspended due to Terms of Service(Tos) violations. Check Project suspension guidelines for more information.

Example of an ErrorInfo when calling Cloud Storage service with the suspended consumer “projects/123”:

{ "reason": "CONSUMER_SUSPENDED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "storage.googleapis.com"
  }
}
§

ConsumerInvalid

The request is denied because the associated consumer is invalid. It may be in a bad format, cannot be found, or have been deleted.

Example of an ErrorInfo when calling Cloud Storage service with the invalid consumer “projects/123”:

{ "reason": "CONSUMER_INVALID",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "storage.googleapis.com"
  }
}
§

SecurityPolicyViolated

The request is denied because it violates VPC Service Controls. The ‘uid’ field is a random generated identifier that customer can use it to search the audit log for a request rejected by VPC Service Controls. For more information, please refer VPC Service Controls Troubleshooting

Example of an ErrorInfo when the consumer “projects/123” fails to call Cloud Storage service because the request is prohibited by the VPC Service Controls.

{ "reason": "SECURITY_POLICY_VIOLATED",
  "domain": "googleapis.com",
  "metadata": {
    "uid": "123456789abcde",
    "consumer": "projects/123",
    "service": "storage.googleapis.com"
  }
}
§

AccessTokenExpired

The request is denied because the provided access token has expired.

Example of an ErrorInfo when the request is calling Cloud Storage service with an expired access token:

{ "reason": "ACCESS_TOKEN_EXPIRED",
  "domain": "googleapis.com",
  "metadata": {
    "service": "storage.googleapis.com",
    "method": "google.storage.v1.Storage.GetObject"
  }
}
§

AccessTokenScopeInsufficient

The request is denied because the provided access token doesn’t have at least one of the acceptable scopes required for the API. Please check OAuth 2.0 Scopes for Google APIs for the list of the OAuth 2.0 scopes that you might need to request to access the API.

Example of an ErrorInfo when the request is calling Cloud Storage service with an access token that is missing required scopes:

{ "reason": "ACCESS_TOKEN_SCOPE_INSUFFICIENT",
  "domain": "googleapis.com",
  "metadata": {
    "service": "storage.googleapis.com",
    "method": "google.storage.v1.Storage.GetObject"
  }
}
§

AccountStateInvalid

The request is denied because the account associated with the provided access token is in an invalid state, such as disabled or deleted. For more information, see https://cloud.google.com/docs/authentication.

Warning: For privacy reasons, the server may not be able to disclose the email address for some accounts. The client MUST NOT depend on the availability of the email attribute.

Example of an ErrorInfo when the request is to the Cloud Storage API with an access token that is associated with a disabled or deleted service account:

{ "reason": "ACCOUNT_STATE_INVALID",
  "domain": "googleapis.com",
  "metadata": {
    "service": "storage.googleapis.com",
    "method": "google.storage.v1.Storage.GetObject",
    "email": "user@123.iam.gserviceaccount.com"
  }
}
§

AccessTokenTypeUnsupported

The request is denied because the type of the provided access token is not supported by the API being called.

Example of an ErrorInfo when the request is to the Cloud Storage API with an unsupported token type.

{ "reason": "ACCESS_TOKEN_TYPE_UNSUPPORTED",
  "domain": "googleapis.com",
  "metadata": {
    "service": "storage.googleapis.com",
    "method": "google.storage.v1.Storage.GetObject"
  }
}
§

CredentialsMissing

The request is denied because the request doesn’t have any authentication credentials. For more information regarding the supported authentication strategies for Google Cloud APIs, see https://cloud.google.com/docs/authentication.

Example of an ErrorInfo when the request is to the Cloud Storage API without any authentication credentials.

{ "reason": "CREDENTIALS_MISSING",
  "domain": "googleapis.com",
  "metadata": {
    "service": "storage.googleapis.com",
    "method": "google.storage.v1.Storage.GetObject"
  }
}
§

ResourceProjectInvalid

The request is denied because the provided project owning the resource which acts as the API consumer is invalid. It may be in a bad format or empty.

Example of an ErrorInfo when the request is to the Cloud Functions API, but the offered resource project in the request in a bad format which can’t perform the ListFunctions method.

{ "reason": "RESOURCE_PROJECT_INVALID",
  "domain": "googleapis.com",
  "metadata": {
    "service": "cloudfunctions.googleapis.com",
    "method":
    "google.cloud.functions.v1.CloudFunctionsService.ListFunctions"
  }
}
§

SessionCookieInvalid

The request is denied because the provided session cookie is missing, invalid or failed to decode.

Example of an ErrorInfo when the request is calling Cloud Storage service with a SID cookie which can’t be decoded.

{ "reason": "SESSION_COOKIE_INVALID",
  "domain": "googleapis.com",
  "metadata": {
    "service": "storage.googleapis.com",
    "method": "google.storage.v1.Storage.GetObject",
    "cookie": "SID"
  }
}
§

UserBlockedByAdmin

The request is denied because the user is from a Google Workspace customer that blocks their users from accessing a particular service.

Example scenario: https://support.google.com/a/answer/9197205?hl=en

Example of an ErrorInfo when access to Google Cloud Storage service is blocked by the Google Workspace administrator:

{ "reason": "USER_BLOCKED_BY_ADMIN",
  "domain": "googleapis.com",
  "metadata": {
    "service": "storage.googleapis.com",
    "method": "google.storage.v1.Storage.GetObject",
  }
}
§

ResourceUsageRestrictionViolated

The request is denied because the resource service usage is restricted by administrators according to the organization policy constraint. For more information see https://cloud.google.com/resource-manager/docs/organization-policy/restricting-services.

Example of an ErrorInfo when access to Google Cloud Storage service is restricted by Resource Usage Restriction policy:

{ "reason": "RESOURCE_USAGE_RESTRICTION_VIOLATED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/project-123",
    "service": "storage.googleapis.com"
  }
}
§

SystemParameterUnsupported

Unimplemented. Do not use.

The request is denied because it contains unsupported system parameters in URL query parameters or HTTP headers. For more information, see https://cloud.google.com/apis/docs/system-parameters

Example of an ErrorInfo when access “pubsub.googleapis.com” service with a request header of “x-goog-user-ip”:

{ "reason": "SYSTEM_PARAMETER_UNSUPPORTED",
  "domain": "googleapis.com",
  "metadata": {
    "service": "pubsub.googleapis.com"
    "parameter": "x-goog-user-ip"
  }
}
§

OrgRestrictionViolation

The request is denied because it violates Org Restriction: the requested resource does not belong to allowed organizations specified in “X-Goog-Allowed-Resources” header.

Example of an ErrorInfo when accessing a GCP resource that is restricted by Org Restriction for “pubsub.googleapis.com” service.

{ reason: “ORG_RESTRICTION_VIOLATION” domain: “googleapis.com” metadata { “consumer”:“projects/123456” “service”: “pubsub.googleapis.com” } }

§

OrgRestrictionHeaderInvalid

The request is denied because “X-Goog-Allowed-Resources” header is in a bad format.

Example of an ErrorInfo when accessing “pubsub.googleapis.com” service with an invalid “X-Goog-Allowed-Resources” request header.

{ reason: “ORG_RESTRICTION_HEADER_INVALID” domain: “googleapis.com” metadata { “consumer”:“projects/123456” “service”: “pubsub.googleapis.com” } }

§

ServiceNotVisible

Unimplemented. Do not use.

The request is calling a service that is not visible to the consumer.

Example of an ErrorInfo when the consumer “projects/123” contacting “pubsub.googleapis.com” service which is not visible to the consumer.

{ "reason": "SERVICE_NOT_VISIBLE",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "pubsub.googleapis.com"
  }
}

This response indicates the “pubsub.googleapis.com” is not visible to “projects/123” (or it may not exist).

§

GcpSuspended

The request is related to a project for which GCP access is suspended.

Example of an ErrorInfo when the consumer “projects/123” fails to contact “pubsub.googleapis.com” service because GCP access is suspended:

{ "reason": "GCP_SUSPENDED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "pubsub.googleapis.com"
  }
}

This response indicates the associated GCP account has been suspended.

§

LocationPolicyViolated

The request violates the location policies when creating resources in the restricted region.

Example of an ErrorInfo when creating the Cloud Storage Bucket by “projects/123” for service storage.googleapis.com:

{ "reason": "LOCATION_POLICY_VIOLATED",
  "domain": "googleapis.com",
  "metadata": {
    "consumer": "projects/123",
    "service": "storage.googleapis.com",
  }
}

This response indicates creating the Cloud Storage Bucket in “locations/asia-northeast3” violates at least one location policy. The troubleshooting guidance is provided in the Help links.

§

MissingOrigin

The request is denied because origin request header is missing.

Example of an ErrorInfo when accessing “pubsub.googleapis.com” service with an empty “Origin” request header.

{ reason: “MISSING_ORIGIN” domain: “googleapis.com” metadata { “consumer”:“projects/123456” “service”: “pubsub.googleapis.com” } }

§

OverloadedCredentials

The request is denied because the request contains more than one credential type that are individually acceptable, but not together. The customer should retry their request with only one set of credentials.

Example of an ErrorInfo when accessing “pubsub.googleapis.com” service with overloaded credentials.

{ reason: “OVERLOADED_CREDENTIALS” domain: “googleapis.com” metadata { “consumer”:“projects/123456” “service”: “pubsub.googleapis.com” } }

§

UnknownValue(UnknownValue)

If set, the enum was initialized with an unknown value.

Applications can examine the value using ErrorReason::value or ErrorReason::name.

Implementations§

Source§

impl ErrorReason

Source

pub fn value(&self) -> Option<i32>

Gets the enum value.

Returns None if the enum contains an unknown value deserialized from the string representation of enums.

Source

pub fn name(&self) -> Option<&str>

Gets the enum value as a string.

Returns None if the enum contains an unknown value deserialized from the integer representation of enums.

Trait Implementations§

Source§

impl Clone for ErrorReason

Source§

fn clone(&self) -> ErrorReason

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for ErrorReason

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for ErrorReason

Source§

fn default() -> Self

Returns the “default value” for a type. Read more
Source§

impl<'de> Deserialize<'de> for ErrorReason

Source§

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl Display for ErrorReason

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl From<&str> for ErrorReason

Source§

fn from(value: &str) -> Self

Converts to this type from the input type.
Source§

impl From<i32> for ErrorReason

Source§

fn from(value: i32) -> Self

Converts to this type from the input type.
Source§

impl PartialEq for ErrorReason

Source§

fn eq(&self, other: &ErrorReason) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Serialize for ErrorReason

Source§

fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl StructuralPartialEq for ErrorReason

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,

Source§

impl<T> ErasedDestructor for T
where T: 'static,