google_cloud_policytroubleshooter_v1/
client.rs

1// Copyright 2025 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//     https://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15// Code generated by sidekick. DO NOT EDIT.
16#![allow(rustdoc::redundant_explicit_links)]
17#![allow(rustdoc::broken_intra_doc_links)]
18
19/// Implements a client for the Policy Troubleshooter API.
20///
21/// # Example
22/// ```
23/// # tokio_test::block_on(async {
24/// # use google_cloud_policytroubleshooter_v1::client::IamChecker;
25/// let client = IamChecker::builder().build().await?;
26/// // use `client` to make requests to the Policy Troubleshooter API.
27/// # gax::client_builder::Result::<()>::Ok(()) });
28/// ```
29///
30/// # Service Description
31///
32/// IAM Policy Troubleshooter service.
33///
34/// This service helps you troubleshoot access issues for Google Cloud resources.
35///
36/// # Configuration
37///
38/// To configure `IamChecker` use the `with_*` methods in the type returned
39/// by [builder()][IamChecker::builder]. The default configuration should
40/// work for most applications. Common configuration changes include
41///
42/// * [with_endpoint()]: by default this client uses the global default endpoint
43///   (`https://policytroubleshooter.googleapis.com`). Applications using regional
44///   endpoints or running in restricted networks (e.g. a network configured
45//    with [Private Google Access with VPC Service Controls]) may want to
46///   override this default.
47/// * [with_credentials()]: by default this client uses
48///   [Application Default Credentials]. Applications using custom
49///   authentication may need to override this default.
50///
51/// [with_endpoint()]: super::builder::iam_checker::ClientBuilder::with_endpoint
52/// [with_credentials()]: super::builder::iam_checker::ClientBuilder::credentials
53/// [Private Google Access with VPC Service Controls]: https://cloud.google.com/vpc-service-controls/docs/private-connectivity
54/// [Application Default Credentials]: https://cloud.google.com/docs/authentication#adc
55///
56/// # Pooling and Cloning
57///
58/// `IamChecker` holds a connection pool internally, it is advised to
59/// create one and the reuse it.  You do not need to wrap `IamChecker` in
60/// an [Rc](std::rc::Rc) or [Arc](std::sync::Arc) to reuse it, because it
61/// already uses an `Arc` internally.
62#[derive(Clone, Debug)]
63pub struct IamChecker {
64    inner: std::sync::Arc<dyn super::stub::dynamic::IamChecker>,
65}
66
67impl IamChecker {
68    /// Returns a builder for [IamChecker].
69    ///
70    /// ```
71    /// # tokio_test::block_on(async {
72    /// # use google_cloud_policytroubleshooter_v1::client::IamChecker;
73    /// let client = IamChecker::builder().build().await?;
74    /// # gax::client_builder::Result::<()>::Ok(()) });
75    /// ```
76    pub fn builder() -> super::builder::iam_checker::ClientBuilder {
77        gax::client_builder::internal::new_builder(super::builder::iam_checker::client::Factory)
78    }
79
80    /// Creates a new client from the provided stub.
81    ///
82    /// The most common case for calling this function is in tests mocking the
83    /// client's behavior.
84    pub fn from_stub<T>(stub: T) -> Self
85    where
86        T: super::stub::IamChecker + 'static,
87    {
88        Self {
89            inner: std::sync::Arc::new(stub),
90        }
91    }
92
93    pub(crate) async fn new(
94        config: gaxi::options::ClientConfig,
95    ) -> gax::client_builder::Result<Self> {
96        let inner = Self::build_inner(config).await?;
97        Ok(Self { inner })
98    }
99
100    async fn build_inner(
101        conf: gaxi::options::ClientConfig,
102    ) -> gax::client_builder::Result<std::sync::Arc<dyn super::stub::dynamic::IamChecker>> {
103        if gaxi::options::tracing_enabled(&conf) {
104            return Ok(std::sync::Arc::new(Self::build_with_tracing(conf).await?));
105        }
106        Ok(std::sync::Arc::new(Self::build_transport(conf).await?))
107    }
108
109    async fn build_transport(
110        conf: gaxi::options::ClientConfig,
111    ) -> gax::client_builder::Result<impl super::stub::IamChecker> {
112        super::transport::IamChecker::new(conf).await
113    }
114
115    async fn build_with_tracing(
116        conf: gaxi::options::ClientConfig,
117    ) -> gax::client_builder::Result<impl super::stub::IamChecker> {
118        Self::build_transport(conf)
119            .await
120            .map(super::tracing::IamChecker::new)
121    }
122
123    /// Checks whether a principal has a specific permission for a specific
124    /// resource, and explains why the principal does or does not have that
125    /// permission.
126    pub fn troubleshoot_iam_policy(&self) -> super::builder::iam_checker::TroubleshootIamPolicy {
127        super::builder::iam_checker::TroubleshootIamPolicy::new(self.inner.clone())
128    }
129}