AccessContextManager

google_cloud_identity_accesscontextmanager_v1::client

Struct AccessContextManager 

Source 
pub struct AccessContextManager { /* private fields */ }
Expand description

Implements a client for the Access Context Manager API.

§Example

let client = AccessContextManager::builder().build().await?;
// use `client` to make requests to the Access Context Manager API.

§Service Description

API for setting [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] and [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] for Google Cloud projects. Each organization has one [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] that contains the [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] and [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]. This [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is applicable to all resources in the organization. AccessPolicies

§Configuration

To configure AccessContextManager use the with_* methods in the type returned by builder(). The default configuration should work for most applications. Common configuration changes include

  • with_endpoint(): by default this client uses the global default endpoint (https://accesscontextmanager.googleapis.com). Applications using regional endpoints or running in restricted networks (e.g. a network configured override this default.
  • with_credentials(): by default this client uses Application Default Credentials. Applications using custom authentication may need to override this default.

§Pooling and Cloning

AccessContextManager holds a connection pool internally, it is advised to create one and the reuse it. You do not need to wrap AccessContextManager in an Rc or Arc to reuse it, because it already uses an Arc internally.

Implementations§

Source§

impl AccessContextManager

Source

pub fn builder() -> ClientBuilder

Returns a builder for AccessContextManager.

let client = AccessContextManager::builder().build().await?;
Source

pub fn from_stub<T>(stub: T) -> Self
where T: AccessContextManager + 'static,

Creates a new client from the provided stub.

The most common case for calling this function is in tests mocking the client’s behavior.

Source

pub fn list_access_policies(&self) -> ListAccessPolicies

Lists all [access policies] [google.identity.accesscontextmanager.v1.AccessPolicy] in an organization.

Source

pub fn get_access_policy(&self) -> GetAccessPolicy

Returns an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the name.

Source

pub fn create_access_policy(&self) -> CreateAccessPolicy

Creates an access policy. This method fails if the organization already has an access policy. The long-running operation has a successful status after the access policy propagates to long-lasting storage. Syntactic and basic semantic errors are returned in metadata as a BadRequest proto.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn update_access_policy(&self) -> UpdateAccessPolicy

Updates an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy]. The long-running operation from this RPC has a successful status after the changes to the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] propagate to long-lasting storage.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn delete_access_policy(&self) -> DeleteAccessPolicy

Deletes an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the resource name. The long-running operation has a successful status after the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is removed from long-lasting storage.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn list_access_levels(&self) -> ListAccessLevels

Lists all [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] for an access policy.

Source

pub fn get_access_level(&self) -> GetAccessLevel

Gets an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name.

Source

pub fn create_access_level(&self) -> CreateAccessLevel

Creates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagates to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn update_access_level(&self) -> UpdateAccessLevel

Updates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the changes to the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagate to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn delete_access_level(&self) -> DeleteAccessLevel

Deletes an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] has been removed from long-lasting storage.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn replace_access_levels(&self) -> ReplaceAccessLevels

Replaces all existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. If the replacement contains errors, an error response is returned for the first error encountered. Upon error, the replacement is cancelled, and existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] are not affected. The Operation.response field contains ReplaceAccessLevelsResponse. Removing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contained in existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] result in an error.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn list_service_perimeters(&self) -> ListServicePerimeters

Lists all [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] for an access policy.

Source

pub fn get_service_perimeter(&self) -> GetServicePerimeter

Gets a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name.

Source

pub fn create_service_perimeter(&self) -> CreateServicePerimeter

Creates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn update_service_perimeter(&self) -> UpdateServicePerimeter

Updates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn delete_service_perimeter(&self) -> DeleteServicePerimeter

Deletes a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] is removed from long-lasting storage.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn replace_service_perimeters(&self) -> ReplaceServicePerimeters

Replace all existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. Replacements containing errors result in an error response for the first error encountered. Upon an error, replacement are cancelled and existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] are not affected. The Operation.response field contains ReplaceServicePerimetersResponse.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn commit_service_perimeters(&self) -> CommitServicePerimeters

Commits the dry-run specification for all the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an access policy. A commit operation on a service perimeter involves copying its spec field to the status field of the service perimeter. Only [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] with use_explicit_dry_run_spec field set to true are affected by a commit operation. The long-running operation from this RPC has a successful status after the dry-run specifications for all the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] have been committed. If a commit fails, it causes the long-running operation to return an error response and the entire commit operation is cancelled. When successful, the Operation.response field contains CommitServicePerimetersResponse. The dry_run and the spec fields are cleared after a successful commit operation.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn list_gcp_user_access_bindings(&self) -> ListGcpUserAccessBindings

Lists all [GcpUserAccessBindings] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] for a Google Cloud organization.

Source

pub fn get_gcp_user_access_binding(&self) -> GetGcpUserAccessBinding

Gets the [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] with the given name.

Source

pub fn create_gcp_user_access_binding(&self) -> CreateGcpUserAccessBinding

Creates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. If the client specifies a [name] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.name], the server ignores it. Fails if a resource already exists with the same [group_key] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.group_key]. Completion of this long-running operation does not necessarily signify that the new binding is deployed onto all affected users, which may take more time.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn update_gcp_user_access_binding(&self) -> UpdateGcpUserAccessBinding

Updates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the changed binding is deployed onto all affected users, which may take more time.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn delete_gcp_user_access_binding(&self) -> DeleteGcpUserAccessBinding

Deletes a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the binding deletion is deployed onto all affected users, which may take more time.

§Long running operations

This method is used to start, and/or poll a long-running Operation. The Working with long-running operations chapter in the user guide covers these operations in detail.

Source

pub fn set_iam_policy(&self) -> SetIamPolicy

Sets the IAM policy for the specified Access Context Manager access policy. This method replaces the existing IAM policy on the access policy. The IAM policy controls the set of users who can perform specific operations on the Access Context Manager access policy.

Source

pub fn get_iam_policy(&self) -> GetIamPolicy

Gets the IAM policy for the specified Access Context Manager access policy.

Source

pub fn test_iam_permissions(&self) -> TestIamPermissions

Returns the IAM permissions that the caller has on the specified Access Context Manager resource. The resource can be an AccessPolicy, AccessLevel, or [ServicePerimeter][google.identity.accesscontextmanager.v1.ServicePerimeter ]. This method does not support other resources.

Source

pub fn get_operation(&self) -> GetOperation

Provides the Operations service functionality in this service.

Trait Implementations§

Source§

impl Clone for AccessContextManager

Source§

fn clone(&self) -> AccessContextManager

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for AccessContextManager

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> ErasedDestructor for T
where T: 'static,