From c2b14cbca850e60440971171f9db32d035d4da66 Mon Sep 17 00:00:00 2001 From: Carlos O'Ryan Date: Fri, 24 Jan 2025 16:29:27 -0500 Subject: [PATCH] feat(iam-admin-v1): generate library --- Cargo.lock | 18 + Cargo.toml | 1 + src/generated/iam/admin/v1/.sidekick.toml | 21 + src/generated/iam/admin/v1/Cargo.toml | 43 + src/generated/iam/admin/v1/README.md | 22 + src/generated/iam/admin/v1/src/builders.rs | 1723 ++++++++++ src/generated/iam/admin/v1/src/client.rs | 531 +++ src/generated/iam/admin/v1/src/lib.rs | 68 + src/generated/iam/admin/v1/src/model.rs | 2894 +++++++++++++++++ src/generated/iam/admin/v1/src/tracing.rs | 318 ++ .../iam/admin/v1/src/traits/dyntraits.rs | 488 +++ src/generated/iam/admin/v1/src/traits/mod.rs | 584 ++++ src/generated/iam/admin/v1/src/transport.rs | 658 ++++ 13 files changed, 7369 insertions(+) create mode 100644 src/generated/iam/admin/v1/.sidekick.toml create mode 100644 src/generated/iam/admin/v1/Cargo.toml create mode 100755 src/generated/iam/admin/v1/README.md create mode 100755 src/generated/iam/admin/v1/src/builders.rs create mode 100755 src/generated/iam/admin/v1/src/client.rs create mode 100644 src/generated/iam/admin/v1/src/lib.rs create mode 100755 src/generated/iam/admin/v1/src/model.rs create mode 100755 src/generated/iam/admin/v1/src/tracing.rs create mode 100755 src/generated/iam/admin/v1/src/traits/dyntraits.rs create mode 100755 src/generated/iam/admin/v1/src/traits/mod.rs create mode 100755 src/generated/iam/admin/v1/src/transport.rs diff --git a/Cargo.lock b/Cargo.lock index 914e24703..b5a1c1fc1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -823,6 +823,24 @@ dependencies = [ "tokio", ] +[[package]] +name = "gcp-sdk-iam-admin-v1" +version = "0.1.0" +dependencies = [ + "async-trait", + "bytes", + "gcp-sdk-gax", + "gcp-sdk-iam-v1", + "gcp-sdk-type", + "gcp-sdk-wkt", + "lazy_static", + "reqwest", + "serde", + "serde_json", + "serde_with", + "tracing", +] + [[package]] name = "gcp-sdk-iam-credentials-v1" version = "0.1.0" diff --git a/Cargo.toml b/Cargo.toml index d86147605..26e633347 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -32,6 +32,7 @@ members = [ "src/generated/cloud/workflows/v1", "src/generated/devtools/cloudbuild/v2", "src/generated/devtools/cloudtrace/v2", + "src/generated/iam/admin/v1", "src/generated/iam/credentials/v1", "src/generated/iam/v1", "src/generated/iam/v2", diff --git a/src/generated/iam/admin/v1/.sidekick.toml b/src/generated/iam/admin/v1/.sidekick.toml new file mode 100644 index 000000000..14884ce21 --- /dev/null +++ b/src/generated/iam/admin/v1/.sidekick.toml @@ -0,0 +1,21 @@ +# Copyright 2025 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +[general] +language = 'rust' +specification-source = 'google/iam/admin/v1' +service-config = 'google/iam/admin/v1/iam.yaml' + +[codec] +copyright-year = '2025' diff --git a/src/generated/iam/admin/v1/Cargo.toml b/src/generated/iam/admin/v1/Cargo.toml new file mode 100644 index 000000000..ac4a2d638 --- /dev/null +++ b/src/generated/iam/admin/v1/Cargo.toml @@ -0,0 +1,43 @@ +# Copyright 2025 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Code generated by sidekick. DO NOT EDIT. + +[package] +name = "gcp-sdk-iam-admin-v1" +version = "0.1.0" +description = "Google Cloud Client Libraries for Rust - Identity and Access Management (IAM) API" +edition.workspace = true +authors.workspace = true +license.workspace = true +repository.workspace = true +keywords.workspace = true +categories.workspace = true + +[dependencies] +async-trait = { version = "0.1" } +bytes = { version = "1", features = ["serde"] } +gax = { version = "0.1", path = "../../../../../src/gax", package = "gcp-sdk-gax", features = ["unstable-sdk-client"] } +gtype = { version = "0.1", path = "../../../../../src/generated/type", package = "gcp-sdk-type" } +iam_v1 = { version = "0.1", path = "../../../../../src/generated/iam/v1", package = "gcp-sdk-iam-v1" } +lazy_static = { version = "1" } +reqwest = { version = "0.12", features = ["json"] } +serde = { version = "1", features = ["serde_derive"] } +serde_json = { version = "1" } +serde_with = { version = "3", default-features = false, features = ["base64", "macros", "std"] } +tracing = { version = "0.1" } +wkt = { version = "0.1", path = "../../../../../src/wkt", package = "gcp-sdk-wkt" } + +[features] +unstable-stream = ["gax/unstable-stream"] diff --git a/src/generated/iam/admin/v1/README.md b/src/generated/iam/admin/v1/README.md new file mode 100755 index 000000000..8a76b6212 --- /dev/null +++ b/src/generated/iam/admin/v1/README.md @@ -0,0 +1,22 @@ +# Google Cloud Client Libraries for Rust - Identity and Access Management (IAM) API + + + +**WARNING:** this crate is under active development. We expect multiple breaking +changes in the upcoming releases. Testing is also incomplete, we do **not** +recommend that you use this crate in production. We welcome feedback about the +APIs, documentation, missing features, bugs, etc. + +Manages identity and access control for Google Cloud Platform resources, +including the creation of service accounts, which you can use to +authenticate to Google and make API calls. + +## Quickstart + +The main types to work with this crate are the clients: + +* [Iam](https://docs.rs/gcp-sdk-iam-admin-v1/latest/gcp_sdk_iam_admin_v1/client/struct.Iam.html) + +## More Information + +* Read the [crate's documentation](https://docs.rs/gcp-sdk-iam-admin-v1/latest/gcp-sdk-iam-admin-v1) diff --git a/src/generated/iam/admin/v1/src/builders.rs b/src/generated/iam/admin/v1/src/builders.rs new file mode 100755 index 000000000..4460e7a94 --- /dev/null +++ b/src/generated/iam/admin/v1/src/builders.rs @@ -0,0 +1,1723 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by sidekick. DO NOT EDIT. + +pub mod iam { + use crate::Result; + use std::sync::Arc; + + /// Common implementation for [crate::client::Iam] request builders. + #[derive(Clone, Debug)] + pub struct RequestBuilder { + stub: Arc, + request: R, + options: gax::options::RequestOptions, + } + + impl RequestBuilder + where + R: std::default::Default, + { + pub(crate) fn new(stub: Arc) -> Self { + Self { + stub, + request: R::default(), + options: gax::options::RequestOptions::default(), + } + } + } + + /// The request builder for a Iam::list_service_accounts call. + #[derive(Clone, Debug)] + pub struct ListServiceAccounts(RequestBuilder); + + impl ListServiceAccounts { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .list_service_accounts(self.0.request, self.0.options) + .await + } + + /// Streams the responses back. + #[cfg(feature = "unstable-stream")] + pub async fn stream( + self, + ) -> gax::paginator::Paginator + { + let token = gax::paginator::extract_token(&self.0.request.page_token); + let execute = move |token: String| { + let builder = self.clone(); + builder.0.request.clone().set_page_token(token); + builder.send() + }; + gax::paginator::Paginator::new(token, execute) + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + + /// Sets the value of `page_size`. + pub fn set_page_size>(mut self, v: T) -> Self { + self.0.request.page_size = v.into(); + self + } + + /// Sets the value of `page_token`. + pub fn set_page_token>(mut self, v: T) -> Self { + self.0.request.page_token = v.into(); + self + } + } + + impl gax::options::RequestBuilder for ListServiceAccounts { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::get_service_account call. + #[derive(Clone, Debug)] + pub struct GetServiceAccount(RequestBuilder); + + impl GetServiceAccount { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .get_service_account(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + } + + impl gax::options::RequestBuilder for GetServiceAccount { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::create_service_account call. + #[derive(Clone, Debug)] + pub struct CreateServiceAccount(RequestBuilder); + + impl CreateServiceAccount { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .create_service_account(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + + /// Sets the value of `account_id`. + pub fn set_account_id>(mut self, v: T) -> Self { + self.0.request.account_id = v.into(); + self + } + + /// Sets the value of `service_account`. + pub fn set_service_account>>( + mut self, + v: T, + ) -> Self { + self.0.request.service_account = v.into(); + self + } + } + + impl gax::options::RequestBuilder for CreateServiceAccount { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::update_service_account call. + #[derive(Clone, Debug)] + pub struct UpdateServiceAccount(RequestBuilder); + + impl UpdateServiceAccount { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>(mut self, v: V) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .update_service_account(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + + /// Sets the value of `project_id`. + pub fn set_project_id>(mut self, v: T) -> Self { + self.0.request.project_id = v.into(); + self + } + + /// Sets the value of `unique_id`. + pub fn set_unique_id>(mut self, v: T) -> Self { + self.0.request.unique_id = v.into(); + self + } + + /// Sets the value of `email`. + pub fn set_email>(mut self, v: T) -> Self { + self.0.request.email = v.into(); + self + } + + /// Sets the value of `display_name`. + pub fn set_display_name>(mut self, v: T) -> Self { + self.0.request.display_name = v.into(); + self + } + + /// Sets the value of `etag`. + pub fn set_etag>(mut self, v: T) -> Self { + self.0.request.etag = v.into(); + self + } + + /// Sets the value of `description`. + pub fn set_description>(mut self, v: T) -> Self { + self.0.request.description = v.into(); + self + } + + /// Sets the value of `oauth2_client_id`. + pub fn set_oauth2_client_id>(mut self, v: T) -> Self { + self.0.request.oauth2_client_id = v.into(); + self + } + + /// Sets the value of `disabled`. + pub fn set_disabled>(mut self, v: T) -> Self { + self.0.request.disabled = v.into(); + self + } + } + + impl gax::options::RequestBuilder for UpdateServiceAccount { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::patch_service_account call. + #[derive(Clone, Debug)] + pub struct PatchServiceAccount(RequestBuilder); + + impl PatchServiceAccount { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .patch_service_account(self.0.request, self.0.options) + .await + } + + /// Sets the value of `service_account`. + pub fn set_service_account>>( + mut self, + v: T, + ) -> Self { + self.0.request.service_account = v.into(); + self + } + + /// Sets the value of `update_mask`. + pub fn set_update_mask>>( + mut self, + v: T, + ) -> Self { + self.0.request.update_mask = v.into(); + self + } + } + + impl gax::options::RequestBuilder for PatchServiceAccount { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::delete_service_account call. + #[derive(Clone, Debug)] + pub struct DeleteServiceAccount(RequestBuilder); + + impl DeleteServiceAccount { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .delete_service_account(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + } + + impl gax::options::RequestBuilder for DeleteServiceAccount { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::undelete_service_account call. + #[derive(Clone, Debug)] + pub struct UndeleteServiceAccount(RequestBuilder); + + impl UndeleteServiceAccount { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .undelete_service_account(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + } + + impl gax::options::RequestBuilder for UndeleteServiceAccount { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::enable_service_account call. + #[derive(Clone, Debug)] + pub struct EnableServiceAccount(RequestBuilder); + + impl EnableServiceAccount { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .enable_service_account(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + } + + impl gax::options::RequestBuilder for EnableServiceAccount { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::disable_service_account call. + #[derive(Clone, Debug)] + pub struct DisableServiceAccount(RequestBuilder); + + impl DisableServiceAccount { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .disable_service_account(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + } + + impl gax::options::RequestBuilder for DisableServiceAccount { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::list_service_account_keys call. + #[derive(Clone, Debug)] + pub struct ListServiceAccountKeys(RequestBuilder); + + impl ListServiceAccountKeys { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .list_service_account_keys(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + + /// Sets the value of `key_types`. + pub fn set_key_types< + T: Into>, + >( + mut self, + v: T, + ) -> Self { + self.0.request.key_types = v.into(); + self + } + } + + impl gax::options::RequestBuilder for ListServiceAccountKeys { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::get_service_account_key call. + #[derive(Clone, Debug)] + pub struct GetServiceAccountKey(RequestBuilder); + + impl GetServiceAccountKey { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .get_service_account_key(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + + /// Sets the value of `public_key_type`. + pub fn set_public_key_type>( + mut self, + v: T, + ) -> Self { + self.0.request.public_key_type = v.into(); + self + } + } + + impl gax::options::RequestBuilder for GetServiceAccountKey { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::create_service_account_key call. + #[derive(Clone, Debug)] + pub struct CreateServiceAccountKey( + RequestBuilder, + ); + + impl CreateServiceAccountKey { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .create_service_account_key(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + + /// Sets the value of `private_key_type`. + pub fn set_private_key_type>( + mut self, + v: T, + ) -> Self { + self.0.request.private_key_type = v.into(); + self + } + + /// Sets the value of `key_algorithm`. + pub fn set_key_algorithm>( + mut self, + v: T, + ) -> Self { + self.0.request.key_algorithm = v.into(); + self + } + } + + impl gax::options::RequestBuilder for CreateServiceAccountKey { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::upload_service_account_key call. + #[derive(Clone, Debug)] + pub struct UploadServiceAccountKey( + RequestBuilder, + ); + + impl UploadServiceAccountKey { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .upload_service_account_key(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + + /// Sets the value of `public_key_data`. + pub fn set_public_key_data>(mut self, v: T) -> Self { + self.0.request.public_key_data = v.into(); + self + } + } + + impl gax::options::RequestBuilder for UploadServiceAccountKey { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::delete_service_account_key call. + #[derive(Clone, Debug)] + pub struct DeleteServiceAccountKey( + RequestBuilder, + ); + + impl DeleteServiceAccountKey { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .delete_service_account_key(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + } + + impl gax::options::RequestBuilder for DeleteServiceAccountKey { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::disable_service_account_key call. + #[derive(Clone, Debug)] + pub struct DisableServiceAccountKey( + RequestBuilder, + ); + + impl DisableServiceAccountKey { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .disable_service_account_key(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + } + + impl gax::options::RequestBuilder for DisableServiceAccountKey { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::enable_service_account_key call. + #[derive(Clone, Debug)] + pub struct EnableServiceAccountKey( + RequestBuilder, + ); + + impl EnableServiceAccountKey { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .enable_service_account_key(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + } + + impl gax::options::RequestBuilder for EnableServiceAccountKey { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::sign_blob call. + #[derive(Clone, Debug)] + pub struct SignBlob(RequestBuilder); + + impl SignBlob { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>(mut self, v: V) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .sign_blob(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + + /// Sets the value of `bytes_to_sign`. + pub fn set_bytes_to_sign>(mut self, v: T) -> Self { + self.0.request.bytes_to_sign = v.into(); + self + } + } + + impl gax::options::RequestBuilder for SignBlob { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::sign_jwt call. + #[derive(Clone, Debug)] + pub struct SignJwt(RequestBuilder); + + impl SignJwt { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>(mut self, v: V) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .sign_jwt(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + + /// Sets the value of `payload`. + pub fn set_payload>(mut self, v: T) -> Self { + self.0.request.payload = v.into(); + self + } + } + + impl gax::options::RequestBuilder for SignJwt { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::get_iam_policy call. + #[derive(Clone, Debug)] + pub struct GetIamPolicy(RequestBuilder); + + impl GetIamPolicy { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>(mut self, v: V) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .get_iam_policy(self.0.request, self.0.options) + .await + } + + /// Sets the value of `resource`. + pub fn set_resource>(mut self, v: T) -> Self { + self.0.request.resource = v.into(); + self + } + + /// Sets the value of `options`. + pub fn set_options>>( + mut self, + v: T, + ) -> Self { + self.0.request.options = v.into(); + self + } + } + + impl gax::options::RequestBuilder for GetIamPolicy { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::set_iam_policy call. + #[derive(Clone, Debug)] + pub struct SetIamPolicy(RequestBuilder); + + impl SetIamPolicy { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>(mut self, v: V) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .set_iam_policy(self.0.request, self.0.options) + .await + } + + /// Sets the value of `resource`. + pub fn set_resource>(mut self, v: T) -> Self { + self.0.request.resource = v.into(); + self + } + + /// Sets the value of `policy`. + pub fn set_policy>>( + mut self, + v: T, + ) -> Self { + self.0.request.policy = v.into(); + self + } + + /// Sets the value of `update_mask`. + pub fn set_update_mask>>( + mut self, + v: T, + ) -> Self { + self.0.request.update_mask = v.into(); + self + } + } + + impl gax::options::RequestBuilder for SetIamPolicy { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::test_iam_permissions call. + #[derive(Clone, Debug)] + pub struct TestIamPermissions(RequestBuilder); + + impl TestIamPermissions { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .test_iam_permissions(self.0.request, self.0.options) + .await + } + + /// Sets the value of `resource`. + pub fn set_resource>(mut self, v: T) -> Self { + self.0.request.resource = v.into(); + self + } + + /// Sets the value of `permissions`. + pub fn set_permissions>>( + mut self, + v: T, + ) -> Self { + self.0.request.permissions = v.into(); + self + } + } + + impl gax::options::RequestBuilder for TestIamPermissions { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::query_grantable_roles call. + #[derive(Clone, Debug)] + pub struct QueryGrantableRoles(RequestBuilder); + + impl QueryGrantableRoles { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .query_grantable_roles(self.0.request, self.0.options) + .await + } + + /// Streams the responses back. + #[cfg(feature = "unstable-stream")] + pub async fn stream( + self, + ) -> gax::paginator::Paginator + { + let token = gax::paginator::extract_token(&self.0.request.page_token); + let execute = move |token: String| { + let builder = self.clone(); + builder.0.request.clone().set_page_token(token); + builder.send() + }; + gax::paginator::Paginator::new(token, execute) + } + + /// Sets the value of `full_resource_name`. + pub fn set_full_resource_name>(mut self, v: T) -> Self { + self.0.request.full_resource_name = v.into(); + self + } + + /// Sets the value of `view`. + pub fn set_view>(mut self, v: T) -> Self { + self.0.request.view = v.into(); + self + } + + /// Sets the value of `page_size`. + pub fn set_page_size>(mut self, v: T) -> Self { + self.0.request.page_size = v.into(); + self + } + + /// Sets the value of `page_token`. + pub fn set_page_token>(mut self, v: T) -> Self { + self.0.request.page_token = v.into(); + self + } + } + + impl gax::options::RequestBuilder for QueryGrantableRoles { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::list_roles call. + #[derive(Clone, Debug)] + pub struct ListRoles(RequestBuilder); + + impl ListRoles { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>(mut self, v: V) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .list_roles(self.0.request, self.0.options) + .await + } + + /// Streams the responses back. + #[cfg(feature = "unstable-stream")] + pub async fn stream( + self, + ) -> gax::paginator::Paginator { + let token = gax::paginator::extract_token(&self.0.request.page_token); + let execute = move |token: String| { + let builder = self.clone(); + builder.0.request.clone().set_page_token(token); + builder.send() + }; + gax::paginator::Paginator::new(token, execute) + } + + /// Sets the value of `parent`. + pub fn set_parent>(mut self, v: T) -> Self { + self.0.request.parent = v.into(); + self + } + + /// Sets the value of `page_size`. + pub fn set_page_size>(mut self, v: T) -> Self { + self.0.request.page_size = v.into(); + self + } + + /// Sets the value of `page_token`. + pub fn set_page_token>(mut self, v: T) -> Self { + self.0.request.page_token = v.into(); + self + } + + /// Sets the value of `view`. + pub fn set_view>(mut self, v: T) -> Self { + self.0.request.view = v.into(); + self + } + + /// Sets the value of `show_deleted`. + pub fn set_show_deleted>(mut self, v: T) -> Self { + self.0.request.show_deleted = v.into(); + self + } + } + + impl gax::options::RequestBuilder for ListRoles { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::get_role call. + #[derive(Clone, Debug)] + pub struct GetRole(RequestBuilder); + + impl GetRole { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>(mut self, v: V) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .get_role(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + } + + impl gax::options::RequestBuilder for GetRole { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::create_role call. + #[derive(Clone, Debug)] + pub struct CreateRole(RequestBuilder); + + impl CreateRole { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>(mut self, v: V) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .create_role(self.0.request, self.0.options) + .await + } + + /// Sets the value of `parent`. + pub fn set_parent>(mut self, v: T) -> Self { + self.0.request.parent = v.into(); + self + } + + /// Sets the value of `role_id`. + pub fn set_role_id>(mut self, v: T) -> Self { + self.0.request.role_id = v.into(); + self + } + + /// Sets the value of `role`. + pub fn set_role>>(mut self, v: T) -> Self { + self.0.request.role = v.into(); + self + } + } + + impl gax::options::RequestBuilder for CreateRole { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::update_role call. + #[derive(Clone, Debug)] + pub struct UpdateRole(RequestBuilder); + + impl UpdateRole { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>(mut self, v: V) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .update_role(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + + /// Sets the value of `role`. + pub fn set_role>>(mut self, v: T) -> Self { + self.0.request.role = v.into(); + self + } + + /// Sets the value of `update_mask`. + pub fn set_update_mask>>( + mut self, + v: T, + ) -> Self { + self.0.request.update_mask = v.into(); + self + } + } + + impl gax::options::RequestBuilder for UpdateRole { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::delete_role call. + #[derive(Clone, Debug)] + pub struct DeleteRole(RequestBuilder); + + impl DeleteRole { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>(mut self, v: V) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .delete_role(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + + /// Sets the value of `etag`. + pub fn set_etag>(mut self, v: T) -> Self { + self.0.request.etag = v.into(); + self + } + } + + impl gax::options::RequestBuilder for DeleteRole { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::undelete_role call. + #[derive(Clone, Debug)] + pub struct UndeleteRole(RequestBuilder); + + impl UndeleteRole { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>(mut self, v: V) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .undelete_role(self.0.request, self.0.options) + .await + } + + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.0.request.name = v.into(); + self + } + + /// Sets the value of `etag`. + pub fn set_etag>(mut self, v: T) -> Self { + self.0.request.etag = v.into(); + self + } + } + + impl gax::options::RequestBuilder for UndeleteRole { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::query_testable_permissions call. + #[derive(Clone, Debug)] + pub struct QueryTestablePermissions( + RequestBuilder, + ); + + impl QueryTestablePermissions { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .query_testable_permissions(self.0.request, self.0.options) + .await + } + + /// Streams the responses back. + #[cfg(feature = "unstable-stream")] + pub async fn stream( + self, + ) -> gax::paginator::Paginator< + crate::model::QueryTestablePermissionsResponse, + gax::error::Error, + > { + let token = gax::paginator::extract_token(&self.0.request.page_token); + let execute = move |token: String| { + let builder = self.clone(); + builder.0.request.clone().set_page_token(token); + builder.send() + }; + gax::paginator::Paginator::new(token, execute) + } + + /// Sets the value of `full_resource_name`. + pub fn set_full_resource_name>(mut self, v: T) -> Self { + self.0.request.full_resource_name = v.into(); + self + } + + /// Sets the value of `page_size`. + pub fn set_page_size>(mut self, v: T) -> Self { + self.0.request.page_size = v.into(); + self + } + + /// Sets the value of `page_token`. + pub fn set_page_token>(mut self, v: T) -> Self { + self.0.request.page_token = v.into(); + self + } + } + + impl gax::options::RequestBuilder for QueryTestablePermissions { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::query_auditable_services call. + #[derive(Clone, Debug)] + pub struct QueryAuditableServices(RequestBuilder); + + impl QueryAuditableServices { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>( + mut self, + v: V, + ) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .query_auditable_services(self.0.request, self.0.options) + .await + } + + /// Sets the value of `full_resource_name`. + pub fn set_full_resource_name>(mut self, v: T) -> Self { + self.0.request.full_resource_name = v.into(); + self + } + } + + impl gax::options::RequestBuilder for QueryAuditableServices { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } + + /// The request builder for a Iam::lint_policy call. + #[derive(Clone, Debug)] + pub struct LintPolicy(RequestBuilder); + + impl LintPolicy { + pub(crate) fn new(stub: Arc) -> Self { + Self(RequestBuilder::new(stub)) + } + + /// Sets the full request, replacing any prior values. + pub fn with_request>(mut self, v: V) -> Self { + self.0.request = v.into(); + self + } + + /// Sets all the options, replacing any prior values. + pub fn with_options>(mut self, v: V) -> Self { + self.0.options = v.into(); + self + } + + /// Sends the request. + pub async fn send(self) -> Result { + (*self.0.stub) + .lint_policy(self.0.request, self.0.options) + .await + } + + /// Sets the value of `full_resource_name`. + pub fn set_full_resource_name>(mut self, v: T) -> Self { + self.0.request.full_resource_name = v.into(); + self + } + + /// Sets the value of `lint_object`. + pub fn set_lint_object>>( + mut self, + v: T, + ) -> Self { + self.0.request.lint_object = v.into(); + self + } + } + + impl gax::options::RequestBuilder for LintPolicy { + fn request_options(&mut self) -> &mut gax::options::RequestOptions { + &mut self.0.options + } + } +} diff --git a/src/generated/iam/admin/v1/src/client.rs b/src/generated/iam/admin/v1/src/client.rs new file mode 100755 index 000000000..aef05b520 --- /dev/null +++ b/src/generated/iam/admin/v1/src/client.rs @@ -0,0 +1,531 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by sidekick. DO NOT EDIT. + +use crate::Result; +use std::sync::Arc; + +/// An implementation of [crate::traits::Iam] to make requests with. +/// +/// `Iam` has various configuration parameters, but the defaults +/// are set to work with most applications. +/// +/// `Iam` holds a connection pool internally, it is advised to +/// create one and the reuse it. You do not need to wrap `Iam` in +/// an [Rc](std::rc::Rc) or [Arc] to reuse it, because it already uses an `Arc` +/// internally. +/// +/// Creates and manages Identity and Access Management (IAM) resources. +/// +/// You can use this service to work with all of the following resources: +/// +/// * **Service accounts**, which identify an application or a virtual machine +/// (VM) instance rather than a person +/// * **Service account keys**, which service accounts use to authenticate with +/// Google APIs +/// * **IAM policies for service accounts**, which specify the roles that a +/// principal has for the service account +/// * **IAM custom roles**, which help you limit the number of permissions that +/// you grant to principals +/// +/// In addition, you can use this service to complete the following tasks, among +/// others: +/// +/// * Test whether a service account can use specific permissions +/// * Check which roles you can grant for a specific resource +/// * Lint, or validate, condition expressions in an IAM policy +/// +/// When you read data from the IAM API, each read is eventually consistent. In +/// other words, if you write data with the IAM API, then immediately read that +/// data, the read operation might return an older version of the data. To deal +/// with this behavior, your application can retry the request with truncated +/// exponential backoff. +/// +/// In contrast, writing data to the IAM API is sequentially consistent. In other +/// words, write operations are always processed in the order in which they were +/// received. +#[derive(Clone, Debug)] +pub struct Iam { + inner: Arc, +} + +impl Iam { + /// Creates a new client with the default configuration. + pub async fn new() -> Result { + Self::new_with_config(gax::options::ClientConfig::default()).await + } + + /// Creates a new client with the specified configuration. + pub async fn new_with_config(conf: gax::options::ClientConfig) -> Result { + let inner = Self::build_inner(conf).await?; + Ok(Self { inner }) + } + + /// Creates a new client from the provided stub. + /// + /// The most common case for calling this function is when mocking the + /// client. + pub fn from_stub(stub: T) -> Self + where + T: crate::traits::Iam + 'static, + { + Self { + inner: Arc::new(stub), + } + } + + async fn build_inner( + conf: gax::options::ClientConfig, + ) -> Result> { + if conf.tracing_enabled() { + return Ok(Arc::new(Self::build_with_tracing(conf).await?)); + } + Ok(Arc::new(Self::build_transport(conf).await?)) + } + + async fn build_transport(conf: gax::options::ClientConfig) -> Result { + crate::transport::Iam::new(conf).await + } + + async fn build_with_tracing( + conf: gax::options::ClientConfig, + ) -> Result { + Self::build_transport(conf) + .await + .map(crate::tracing::Iam::new) + } + + /// Lists every [ServiceAccount][google.iam.admin.v1.ServiceAccount] that belongs to a specific project. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn list_service_accounts( + &self, + name: impl Into, + ) -> crate::builders::iam::ListServiceAccounts { + crate::builders::iam::ListServiceAccounts::new(self.inner.clone()).set_name(name.into()) + } + + /// Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn get_service_account( + &self, + name: impl Into, + ) -> crate::builders::iam::GetServiceAccount { + crate::builders::iam::GetServiceAccount::new(self.inner.clone()).set_name(name.into()) + } + + /// Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn create_service_account( + &self, + name: impl Into, + ) -> crate::builders::iam::CreateServiceAccount { + crate::builders::iam::CreateServiceAccount::new(self.inner.clone()).set_name(name.into()) + } + + /// **Note:** We are in the process of deprecating this method. Use + /// [PatchServiceAccount][google.iam.admin.v1.IAM.PatchServiceAccount] instead. + /// + /// Updates a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// You can update only the `display_name` field. + /// + /// [google.iam.admin.v1.IAM.PatchServiceAccount]: crate::client::Iam::patch_service_account + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn update_service_account( + &self, + name: impl Into, + ) -> crate::builders::iam::UpdateServiceAccount { + crate::builders::iam::UpdateServiceAccount::new(self.inner.clone()).set_name(name.into()) + } + + /// Patches a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn patch_service_account( + &self, + service_account: impl Into, + ) -> crate::builders::iam::PatchServiceAccount { + crate::builders::iam::PatchServiceAccount::new(self.inner.clone()) + .set_service_account(service_account.into()) + } + + /// Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// **Warning:** After you delete a service account, you might not be able to + /// undelete it. If you know that you need to re-enable the service account in + /// the future, use [DisableServiceAccount][google.iam.admin.v1.IAM.DisableServiceAccount] instead. + /// + /// If you delete a service account, IAM permanently removes the service + /// account 30 days later. Google Cloud cannot recover the service account + /// after it is permanently removed, even if you file a support request. + /// + /// To help avoid unplanned outages, we recommend that you disable the service + /// account before you delete it. Use [DisableServiceAccount][google.iam.admin.v1.IAM.DisableServiceAccount] to disable the + /// service account, then wait at least 24 hours and watch for unintended + /// consequences. If there are no unintended consequences, you can delete the + /// service account. + /// + /// [google.iam.admin.v1.IAM.DisableServiceAccount]: crate::client::Iam::disable_service_account + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn delete_service_account( + &self, + name: impl Into, + ) -> crate::builders::iam::DeleteServiceAccount { + crate::builders::iam::DeleteServiceAccount::new(self.inner.clone()).set_name(name.into()) + } + + /// Restores a deleted [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// **Important:** It is not always possible to restore a deleted service + /// account. Use this method only as a last resort. + /// + /// After you delete a service account, IAM permanently removes the service + /// account 30 days later. There is no way to restore a deleted service account + /// that has been permanently removed. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn undelete_service_account( + &self, + name: impl Into, + ) -> crate::builders::iam::UndeleteServiceAccount { + crate::builders::iam::UndeleteServiceAccount::new(self.inner.clone()).set_name(name.into()) + } + + /// Enables a [ServiceAccount][google.iam.admin.v1.ServiceAccount] that was disabled by + /// [DisableServiceAccount][google.iam.admin.v1.IAM.DisableServiceAccount]. + /// + /// If the service account is already enabled, then this method has no effect. + /// + /// If the service account was disabled by other means—for example, if Google + /// disabled the service account because it was compromised—you cannot use this + /// method to enable the service account. + /// + /// [google.iam.admin.v1.IAM.DisableServiceAccount]: crate::client::Iam::disable_service_account + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn enable_service_account( + &self, + name: impl Into, + ) -> crate::builders::iam::EnableServiceAccount { + crate::builders::iam::EnableServiceAccount::new(self.inner.clone()).set_name(name.into()) + } + + /// Disables a [ServiceAccount][google.iam.admin.v1.ServiceAccount] immediately. + /// + /// If an application uses the service account to authenticate, that + /// application can no longer call Google APIs or access Google Cloud + /// resources. Existing access tokens for the service account are rejected, and + /// requests for new access tokens will fail. + /// + /// To re-enable the service account, use [EnableServiceAccount][google.iam.admin.v1.IAM.EnableServiceAccount]. After you + /// re-enable the service account, its existing access tokens will be accepted, + /// and you can request new access tokens. + /// + /// To help avoid unplanned outages, we recommend that you disable the service + /// account before you delete it. Use this method to disable the service + /// account, then wait at least 24 hours and watch for unintended consequences. + /// If there are no unintended consequences, you can delete the service account + /// with [DeleteServiceAccount][google.iam.admin.v1.IAM.DeleteServiceAccount]. + /// + /// [google.iam.admin.v1.IAM.DeleteServiceAccount]: crate::client::Iam::delete_service_account + /// [google.iam.admin.v1.IAM.EnableServiceAccount]: crate::client::Iam::enable_service_account + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn disable_service_account( + &self, + name: impl Into, + ) -> crate::builders::iam::DisableServiceAccount { + crate::builders::iam::DisableServiceAccount::new(self.inner.clone()).set_name(name.into()) + } + + /// Lists every [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey] for a service account. + /// + /// [google.iam.admin.v1.ServiceAccountKey]: crate::model::ServiceAccountKey + pub fn list_service_account_keys( + &self, + name: impl Into, + ) -> crate::builders::iam::ListServiceAccountKeys { + crate::builders::iam::ListServiceAccountKeys::new(self.inner.clone()).set_name(name.into()) + } + + /// Gets a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. + /// + /// [google.iam.admin.v1.ServiceAccountKey]: crate::model::ServiceAccountKey + pub fn get_service_account_key( + &self, + name: impl Into, + ) -> crate::builders::iam::GetServiceAccountKey { + crate::builders::iam::GetServiceAccountKey::new(self.inner.clone()).set_name(name.into()) + } + + /// Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. + /// + /// [google.iam.admin.v1.ServiceAccountKey]: crate::model::ServiceAccountKey + pub fn create_service_account_key( + &self, + name: impl Into, + ) -> crate::builders::iam::CreateServiceAccountKey { + crate::builders::iam::CreateServiceAccountKey::new(self.inner.clone()).set_name(name.into()) + } + + /// Uploads the public key portion of a key pair that you manage, and + /// associates the public key with a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// After you upload the public key, you can use the private key from the key + /// pair as a service account key. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn upload_service_account_key( + &self, + name: impl Into, + ) -> crate::builders::iam::UploadServiceAccountKey { + crate::builders::iam::UploadServiceAccountKey::new(self.inner.clone()).set_name(name.into()) + } + + /// Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. Deleting a service account key does not + /// revoke short-lived credentials that have been issued based on the service + /// account key. + /// + /// [google.iam.admin.v1.ServiceAccountKey]: crate::model::ServiceAccountKey + pub fn delete_service_account_key( + &self, + name: impl Into, + ) -> crate::builders::iam::DeleteServiceAccountKey { + crate::builders::iam::DeleteServiceAccountKey::new(self.inner.clone()).set_name(name.into()) + } + + /// Disable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. A disabled service account key can be + /// re-enabled with [EnableServiceAccountKey][google.iam.admin.v1.IAM.EnableServiceAccountKey]. + /// + /// [google.iam.admin.v1.IAM.EnableServiceAccountKey]: crate::client::Iam::enable_service_account_key + /// [google.iam.admin.v1.ServiceAccountKey]: crate::model::ServiceAccountKey + pub fn disable_service_account_key( + &self, + name: impl Into, + ) -> crate::builders::iam::DisableServiceAccountKey { + crate::builders::iam::DisableServiceAccountKey::new(self.inner.clone()) + .set_name(name.into()) + } + + /// Enable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. + /// + /// [google.iam.admin.v1.ServiceAccountKey]: crate::model::ServiceAccountKey + pub fn enable_service_account_key( + &self, + name: impl Into, + ) -> crate::builders::iam::EnableServiceAccountKey { + crate::builders::iam::EnableServiceAccountKey::new(self.inner.clone()).set_name(name.into()) + } + + /// **Note:** This method is deprecated. Use the + /// [`signBlob`](https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signBlob) + /// method in the IAM Service Account Credentials API instead. If you currently + /// use this method, see the [migration + /// guide](https://cloud.google.com/iam/help/credentials/migrate-api) for + /// instructions. + /// + /// Signs a blob using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn sign_blob( + &self, + name: impl Into, + ) -> crate::builders::iam::SignBlob { + crate::builders::iam::SignBlob::new(self.inner.clone()).set_name(name.into()) + } + + /// **Note:** This method is deprecated. Use the + /// [`signJwt`](https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signJwt) + /// method in the IAM Service Account Credentials API instead. If you currently + /// use this method, see the [migration + /// guide](https://cloud.google.com/iam/help/credentials/migrate-api) for + /// instructions. + /// + /// Signs a JSON Web Token (JWT) using the system-managed private key for a + /// [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn sign_jwt(&self, name: impl Into) -> crate::builders::iam::SignJwt { + crate::builders::iam::SignJwt::new(self.inner.clone()).set_name(name.into()) + } + + /// Gets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. This IAM + /// policy specifies which principals have access to the service account. + /// + /// This method does not tell you whether the service account has been granted + /// any roles on other resources. To check whether a service account has role + /// grants on a resource, use the `getIamPolicy` method for that resource. For + /// example, to view the role grants for a project, call the Resource Manager + /// API's + /// [`projects.getIamPolicy`](https://cloud.google.com/resource-manager/reference/rest/v1/projects/getIamPolicy) + /// method. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn get_iam_policy( + &self, + resource: impl Into, + ) -> crate::builders::iam::GetIamPolicy { + crate::builders::iam::GetIamPolicy::new(self.inner.clone()).set_resource(resource.into()) + } + + /// Sets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// Use this method to grant or revoke access to the service account. For + /// example, you could grant a principal the ability to impersonate the service + /// account. + /// + /// This method does not enable the service account to access other resources. + /// To grant roles to a service account on a resource, follow these steps: + /// + /// . Call the resource's `getIamPolicy` method to get its current IAM policy. + /// . Edit the policy so that it binds the service account to an IAM role for + /// the resource. + /// . Call the resource's `setIamPolicy` method to update its IAM policy. + /// + /// For detailed instructions, see + /// [Manage access to project, folders, and + /// organizations](https://cloud.google.com/iam/help/service-accounts/granting-access-to-service-accounts) + /// or [Manage access to other + /// resources](https://cloud.google.com/iam/help/access/manage-other-resources). + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn set_iam_policy( + &self, + resource: impl Into, + ) -> crate::builders::iam::SetIamPolicy { + crate::builders::iam::SetIamPolicy::new(self.inner.clone()).set_resource(resource.into()) + } + + /// Tests whether the caller has the specified permissions on a + /// [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + pub fn test_iam_permissions( + &self, + resource: impl Into, + ) -> crate::builders::iam::TestIamPermissions { + crate::builders::iam::TestIamPermissions::new(self.inner.clone()) + .set_resource(resource.into()) + } + + /// Lists roles that can be granted on a Google Cloud resource. A role is + /// grantable if the IAM policy for the resource can contain bindings to the + /// role. + pub fn query_grantable_roles(&self) -> crate::builders::iam::QueryGrantableRoles { + crate::builders::iam::QueryGrantableRoles::new(self.inner.clone()) + } + + /// Lists every predefined [Role][google.iam.admin.v1.Role] that IAM supports, or every custom role + /// that is defined for an organization or project. + /// + /// [google.iam.admin.v1.Role]: crate::model::Role + pub fn list_roles(&self) -> crate::builders::iam::ListRoles { + crate::builders::iam::ListRoles::new(self.inner.clone()) + } + + /// Gets the definition of a [Role][google.iam.admin.v1.Role]. + /// + /// [google.iam.admin.v1.Role]: crate::model::Role + pub fn get_role(&self, name: impl Into) -> crate::builders::iam::GetRole { + crate::builders::iam::GetRole::new(self.inner.clone()).set_name(name.into()) + } + + /// Creates a new custom [Role][google.iam.admin.v1.Role]. + /// + /// [google.iam.admin.v1.Role]: crate::model::Role + pub fn create_role( + &self, + parent: impl Into, + ) -> crate::builders::iam::CreateRole { + crate::builders::iam::CreateRole::new(self.inner.clone()).set_parent(parent.into()) + } + + /// Updates the definition of a custom [Role][google.iam.admin.v1.Role]. + /// + /// [google.iam.admin.v1.Role]: crate::model::Role + pub fn update_role( + &self, + name: impl Into, + ) -> crate::builders::iam::UpdateRole { + crate::builders::iam::UpdateRole::new(self.inner.clone()).set_name(name.into()) + } + + /// Deletes a custom [Role][google.iam.admin.v1.Role]. + /// + /// When you delete a custom role, the following changes occur immediately: + /// + /// * You cannot bind a principal to the custom role in an IAM + /// [Policy][google.iam.v1.Policy]. + /// * Existing bindings to the custom role are not changed, but they have no + /// effect. + /// * By default, the response from [ListRoles][google.iam.admin.v1.IAM.ListRoles] does not include the custom + /// role. + /// + /// You have 7 days to undelete the custom role. After 7 days, the following + /// changes occur: + /// + /// * The custom role is permanently deleted and cannot be recovered. + /// * If an IAM policy contains a binding to the custom role, the binding is + /// permanently removed. + /// + /// [google.iam.admin.v1.IAM.ListRoles]: crate::client::Iam::list_roles + /// [google.iam.admin.v1.Role]: crate::model::Role + /// [google.iam.v1.Policy]: iam_v1::model::Policy + pub fn delete_role( + &self, + name: impl Into, + ) -> crate::builders::iam::DeleteRole { + crate::builders::iam::DeleteRole::new(self.inner.clone()).set_name(name.into()) + } + + /// Undeletes a custom [Role][google.iam.admin.v1.Role]. + /// + /// [google.iam.admin.v1.Role]: crate::model::Role + pub fn undelete_role( + &self, + name: impl Into, + ) -> crate::builders::iam::UndeleteRole { + crate::builders::iam::UndeleteRole::new(self.inner.clone()).set_name(name.into()) + } + + /// Lists every permission that you can test on a resource. A permission is + /// testable if you can check whether a principal has that permission on the + /// resource. + pub fn query_testable_permissions(&self) -> crate::builders::iam::QueryTestablePermissions { + crate::builders::iam::QueryTestablePermissions::new(self.inner.clone()) + } + + /// Returns a list of services that allow you to opt into audit logs that are + /// not generated by default. + /// + /// To learn more about audit logs, see the [Logging + /// documentation](https://cloud.google.com/logging/docs/audit). + pub fn query_auditable_services(&self) -> crate::builders::iam::QueryAuditableServices { + crate::builders::iam::QueryAuditableServices::new(self.inner.clone()) + } + + /// Lints, or validates, an IAM policy. Currently checks the + /// [google.iam.v1.Binding.condition][google.iam.v1.Binding.condition] field, which contains a condition + /// expression for a role binding. + /// + /// Successful calls to this method always return an HTTP `200 OK` status code, + /// even if the linter detects an issue in the IAM policy. + /// + /// [google.iam.v1.Binding.condition]: iam_v1::model::Binding::condition + pub fn lint_policy(&self) -> crate::builders::iam::LintPolicy { + crate::builders::iam::LintPolicy::new(self.inner.clone()) + } +} diff --git a/src/generated/iam/admin/v1/src/lib.rs b/src/generated/iam/admin/v1/src/lib.rs new file mode 100644 index 000000000..a79682718 --- /dev/null +++ b/src/generated/iam/admin/v1/src/lib.rs @@ -0,0 +1,68 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by sidekick. DO NOT EDIT. + +//! Google Cloud Client Libraries for Rust - Identity and Access Management (IAM) API +//! +//! **WARNING:** this crate is under active development. We expect multiple +//! breaking changes in the upcoming releases. Testing is also incomplete, we do +//! **not** recommend that you use this crate in production. We welcome feedback +//! about the APIs, documentation, missing features, bugs, etc. +//! +//! This crate contains traits, types, and functions to interact with Identity and Access Management (IAM) API +//! Most applications will use the structs defined in the [client] module. +//! More specifically: +//! +//! * [Iam](client/struct.Iam.html) + +/// The messages and enums that are part of this client library. +pub mod model; + +pub(crate) use gax::Result; + +/// The traits implemented by this client library. +#[allow(rustdoc::invalid_html_tags)] +#[allow(rustdoc::redundant_explicit_links)] +pub mod traits; + +/// Concrete implementations of this client library traits. +pub mod client; + +/// Request builders. +pub mod builders; + +#[doc(hidden)] +pub(crate) mod tracing; + +#[doc(hidden)] +pub(crate) mod transport; + +/// The default host used by the service. +const DEFAULT_HOST: &str = "https://iam.googleapis.com/"; + +pub(crate) mod info { + const NAME: &str = env!("CARGO_PKG_NAME"); + const VERSION: &str = env!("CARGO_PKG_VERSION"); + lazy_static::lazy_static! { + pub(crate) static ref X_GOOG_API_CLIENT_HEADER: String = { + let ac = gax::api_header::XGoogApiClient{ + name: NAME, + version: VERSION, + library_type: gax::api_header::GAPIC, + }; + ac.header_value() + }; + } +} diff --git a/src/generated/iam/admin/v1/src/model.rs b/src/generated/iam/admin/v1/src/model.rs new file mode 100755 index 000000000..3d80e922c --- /dev/null +++ b/src/generated/iam/admin/v1/src/model.rs @@ -0,0 +1,2894 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by sidekick. DO NOT EDIT. + +#![allow(rustdoc::invalid_html_tags)] +#![allow(rustdoc::redundant_explicit_links)] +#![allow(rustdoc::broken_intra_doc_links)] +#![no_implicit_prelude] +extern crate async_trait; +extern crate bytes; +extern crate gax; +extern crate gtype; +extern crate iam_v1; +extern crate lazy_static; +extern crate reqwest; +extern crate serde; +extern crate serde_json; +extern crate serde_with; +extern crate std; +extern crate tracing; +extern crate wkt; + +/// Audit log information specific to Cloud IAM admin APIs. This message is +/// serialized as an `Any` type in the `ServiceData` message of an +/// `AuditLog` message. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct AuditData { + /// The permission_delta when when creating or updating a Role. + #[serde(skip_serializing_if = "std::option::Option::is_none")] + pub permission_delta: std::option::Option, +} + +impl AuditData { + /// Sets the value of `permission_delta`. + pub fn set_permission_delta< + T: std::convert::Into>, + >( + mut self, + v: T, + ) -> Self { + self.permission_delta = v.into(); + self + } +} + +impl wkt::message::Message for AuditData { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.AuditData" + } +} + +/// Defines additional types related to AuditData +pub mod audit_data { + #[allow(unused_imports)] + use super::*; + + /// A PermissionDelta message to record the added_permissions and + /// removed_permissions inside a role. + #[serde_with::serde_as] + #[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] + #[serde(default, rename_all = "camelCase")] + #[non_exhaustive] + pub struct PermissionDelta { + /// Added permissions. + #[serde(skip_serializing_if = "std::vec::Vec::is_empty")] + pub added_permissions: std::vec::Vec, + + /// Removed permissions. + #[serde(skip_serializing_if = "std::vec::Vec::is_empty")] + pub removed_permissions: std::vec::Vec, + } + + impl PermissionDelta { + /// Sets the value of `added_permissions`. + pub fn set_added_permissions>>( + mut self, + v: T, + ) -> Self { + self.added_permissions = v.into(); + self + } + + /// Sets the value of `removed_permissions`. + pub fn set_removed_permissions< + T: std::convert::Into>, + >( + mut self, + v: T, + ) -> Self { + self.removed_permissions = v.into(); + self + } + } + + impl wkt::message::Message for PermissionDelta { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.AuditData.PermissionDelta" + } + } +} + +/// An IAM service account. +/// +/// A service account is an account for an application or a virtual machine (VM) +/// instance, not a person. You can use a service account to call Google APIs. To +/// learn more, read the [overview of service +/// accounts](https://cloud.google.com/iam/help/service-accounts/overview). +/// +/// When you create a service account, you specify the project ID that owns the +/// service account, as well as a name that must be unique within the project. +/// IAM uses these values to create an email address that identifies the service +/// account. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct ServiceAccount { + /// The resource name of the service account. + /// + /// Use one of the following formats: + /// + /// * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` + /// * `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` + /// + /// As an alternative, you can use the `-` wildcard character instead of the + /// project ID: + /// + /// * `projects/-/serviceAccounts/{EMAIL_ADDRESS}` + /// * `projects/-/serviceAccounts/{UNIQUE_ID}` + /// + /// When possible, avoid using the `-` wildcard character, because it can cause + /// response messages to contain misleading error codes. For example, if you + /// try to get the service account + /// `projects/-/serviceAccounts/fake@example.com`, which does not exist, the + /// response contains an HTTP `403 Forbidden` error instead of a `404 Not + /// Found` error. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// Output only. The ID of the project that owns the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub project_id: std::string::String, + + /// Output only. The unique, stable numeric ID for the service account. + /// + /// Each service account retains its unique ID even if you delete the service + /// account. For example, if you delete a service account, then create a new + /// service account with the same name, the new service account has a different + /// unique ID than the deleted service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub unique_id: std::string::String, + + /// Output only. The email address of the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub email: std::string::String, + + /// Optional. A user-specified, human-readable name for the service account. The maximum + /// length is 100 UTF-8 bytes. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub display_name: std::string::String, + + /// Deprecated. Do not use. + #[serde(skip_serializing_if = "bytes::Bytes::is_empty")] + #[serde_as(as = "serde_with::base64::Base64")] + pub etag: bytes::Bytes, + + /// Optional. A user-specified, human-readable description of the service account. The + /// maximum length is 256 UTF-8 bytes. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub description: std::string::String, + + /// Output only. The OAuth 2.0 client ID for the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub oauth2_client_id: std::string::String, + + /// Output only. Whether the service account is disabled. + pub disabled: bool, +} + +impl ServiceAccount { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `project_id`. + pub fn set_project_id>(mut self, v: T) -> Self { + self.project_id = v.into(); + self + } + + /// Sets the value of `unique_id`. + pub fn set_unique_id>(mut self, v: T) -> Self { + self.unique_id = v.into(); + self + } + + /// Sets the value of `email`. + pub fn set_email>(mut self, v: T) -> Self { + self.email = v.into(); + self + } + + /// Sets the value of `display_name`. + pub fn set_display_name>(mut self, v: T) -> Self { + self.display_name = v.into(); + self + } + + /// Sets the value of `etag`. + pub fn set_etag>(mut self, v: T) -> Self { + self.etag = v.into(); + self + } + + /// Sets the value of `description`. + pub fn set_description>(mut self, v: T) -> Self { + self.description = v.into(); + self + } + + /// Sets the value of `oauth2_client_id`. + pub fn set_oauth2_client_id>( + mut self, + v: T, + ) -> Self { + self.oauth2_client_id = v.into(); + self + } + + /// Sets the value of `disabled`. + pub fn set_disabled>(mut self, v: T) -> Self { + self.disabled = v.into(); + self + } +} + +impl wkt::message::Message for ServiceAccount { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.ServiceAccount" + } +} + +/// The service account create request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct CreateServiceAccountRequest { + /// Required. The resource name of the project associated with the service + /// accounts, such as `projects/my-project-123`. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// Required. The account id that is used to generate the service account + /// email address and a stable unique id. It is unique within a project, + /// must be 6-30 characters long, and match the regular expression + /// `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub account_id: std::string::String, + + /// The [ServiceAccount][google.iam.admin.v1.ServiceAccount] resource to + /// create. Currently, only the following values are user assignable: + /// `display_name` and `description`. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + #[serde(skip_serializing_if = "std::option::Option::is_none")] + pub service_account: std::option::Option, +} + +impl CreateServiceAccountRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `account_id`. + pub fn set_account_id>(mut self, v: T) -> Self { + self.account_id = v.into(); + self + } + + /// Sets the value of `service_account`. + pub fn set_service_account< + T: std::convert::Into>, + >( + mut self, + v: T, + ) -> Self { + self.service_account = v.into(); + self + } +} + +impl wkt::message::Message for CreateServiceAccountRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.CreateServiceAccountRequest" + } +} + +/// The service account list request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct ListServiceAccountsRequest { + /// Required. The resource name of the project associated with the service + /// accounts, such as `projects/my-project-123`. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// Optional limit on the number of service accounts to include in the + /// response. Further accounts can subsequently be obtained by including the + /// [ListServiceAccountsResponse.next_page_token][google.iam.admin.v1.ListServiceAccountsResponse.next_page_token] + /// in a subsequent request. + /// + /// The default is 20, and the maximum is 100. + /// + /// [google.iam.admin.v1.ListServiceAccountsResponse.next_page_token]: crate::model::ListServiceAccountsResponse::next_page_token + pub page_size: i32, + + /// Optional pagination token returned in an earlier + /// [ListServiceAccountsResponse.next_page_token][google.iam.admin.v1.ListServiceAccountsResponse.next_page_token]. + /// + /// [google.iam.admin.v1.ListServiceAccountsResponse.next_page_token]: crate::model::ListServiceAccountsResponse::next_page_token + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub page_token: std::string::String, +} + +impl ListServiceAccountsRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `page_size`. + pub fn set_page_size>(mut self, v: T) -> Self { + self.page_size = v.into(); + self + } + + /// Sets the value of `page_token`. + pub fn set_page_token>(mut self, v: T) -> Self { + self.page_token = v.into(); + self + } +} + +impl wkt::message::Message for ListServiceAccountsRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.ListServiceAccountsRequest" + } +} + +/// The service account list response. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct ListServiceAccountsResponse { + /// The list of matching service accounts. + #[serde(skip_serializing_if = "std::vec::Vec::is_empty")] + pub accounts: std::vec::Vec, + + /// To retrieve the next page of results, set + /// [ListServiceAccountsRequest.page_token][google.iam.admin.v1.ListServiceAccountsRequest.page_token] + /// to this value. + /// + /// [google.iam.admin.v1.ListServiceAccountsRequest.page_token]: crate::model::ListServiceAccountsRequest::page_token + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub next_page_token: std::string::String, +} + +impl ListServiceAccountsResponse { + /// Sets the value of `accounts`. + pub fn set_accounts>>( + mut self, + v: T, + ) -> Self { + self.accounts = v.into(); + self + } + + /// Sets the value of `next_page_token`. + pub fn set_next_page_token>(mut self, v: T) -> Self { + self.next_page_token = v.into(); + self + } +} + +impl wkt::message::Message for ListServiceAccountsResponse { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.ListServiceAccountsResponse" + } +} + +#[cfg(feature = "unstable-stream")] +impl gax::paginator::PageableResponse for ListServiceAccountsResponse { + type PageItem = crate::model::ServiceAccount; + + fn items(self) -> std::vec::Vec { + self.accounts + } + + fn next_page_token(&self) -> std::string::String { + gax::paginator::extract_token(&self.next_page_token) + } +} + +/// The service account get request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct GetServiceAccountRequest { + /// Required. The resource name of the service account in the following format: + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + /// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + /// the account. The `ACCOUNT` value can be the `email` address or the + /// `unique_id` of the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, +} + +impl GetServiceAccountRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } +} + +impl wkt::message::Message for GetServiceAccountRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.GetServiceAccountRequest" + } +} + +/// The service account delete request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct DeleteServiceAccountRequest { + /// Required. The resource name of the service account in the following format: + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + /// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + /// the account. The `ACCOUNT` value can be the `email` address or the + /// `unique_id` of the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, +} + +impl DeleteServiceAccountRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } +} + +impl wkt::message::Message for DeleteServiceAccountRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.DeleteServiceAccountRequest" + } +} + +/// The service account patch request. +/// +/// You can patch only the `display_name` and `description` fields. You must use +/// the `update_mask` field to specify which of these fields you want to patch. +/// +/// Only the fields specified in the request are guaranteed to be returned in +/// the response. Other fields may be empty in the response. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct PatchServiceAccountRequest { + #[serde(skip_serializing_if = "std::option::Option::is_none")] + pub service_account: std::option::Option, + + #[serde(skip_serializing_if = "std::option::Option::is_none")] + pub update_mask: std::option::Option, +} + +impl PatchServiceAccountRequest { + /// Sets the value of `service_account`. + pub fn set_service_account< + T: std::convert::Into>, + >( + mut self, + v: T, + ) -> Self { + self.service_account = v.into(); + self + } + + /// Sets the value of `update_mask`. + pub fn set_update_mask>>( + mut self, + v: T, + ) -> Self { + self.update_mask = v.into(); + self + } +} + +impl wkt::message::Message for PatchServiceAccountRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.PatchServiceAccountRequest" + } +} + +/// The service account undelete request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct UndeleteServiceAccountRequest { + /// The resource name of the service account in the following format: + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT_UNIQUE_ID}`. + /// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + /// the account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, +} + +impl UndeleteServiceAccountRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } +} + +impl wkt::message::Message for UndeleteServiceAccountRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.UndeleteServiceAccountRequest" + } +} + +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct UndeleteServiceAccountResponse { + /// Metadata for the restored service account. + #[serde(skip_serializing_if = "std::option::Option::is_none")] + pub restored_account: std::option::Option, +} + +impl UndeleteServiceAccountResponse { + /// Sets the value of `restored_account`. + pub fn set_restored_account< + T: std::convert::Into>, + >( + mut self, + v: T, + ) -> Self { + self.restored_account = v.into(); + self + } +} + +impl wkt::message::Message for UndeleteServiceAccountResponse { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.UndeleteServiceAccountResponse" + } +} + +/// The service account enable request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct EnableServiceAccountRequest { + /// The resource name of the service account in the following format: + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + /// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + /// the account. The `ACCOUNT` value can be the `email` address or the + /// `unique_id` of the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, +} + +impl EnableServiceAccountRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } +} + +impl wkt::message::Message for EnableServiceAccountRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.EnableServiceAccountRequest" + } +} + +/// The service account disable request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct DisableServiceAccountRequest { + /// The resource name of the service account in the following format: + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + /// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + /// the account. The `ACCOUNT` value can be the `email` address or the + /// `unique_id` of the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, +} + +impl DisableServiceAccountRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } +} + +impl wkt::message::Message for DisableServiceAccountRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.DisableServiceAccountRequest" + } +} + +/// The service account keys list request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct ListServiceAccountKeysRequest { + /// Required. The resource name of the service account in the following format: + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + /// + /// Using `-` as a wildcard for the `PROJECT_ID`, will infer the project from + /// the account. The `ACCOUNT` value can be the `email` address or the + /// `unique_id` of the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// Filters the types of keys the user wants to include in the list + /// response. Duplicate key types are not allowed. If no key type + /// is provided, all keys are returned. + #[serde(skip_serializing_if = "std::vec::Vec::is_empty")] + pub key_types: std::vec::Vec, +} + +impl ListServiceAccountKeysRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `key_types`. + pub fn set_key_types< + T: std::convert::Into>, + >( + mut self, + v: T, + ) -> Self { + self.key_types = v.into(); + self + } +} + +impl wkt::message::Message for ListServiceAccountKeysRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.ListServiceAccountKeysRequest" + } +} + +/// Defines additional types related to ListServiceAccountKeysRequest +pub mod list_service_account_keys_request { + #[allow(unused_imports)] + use super::*; + + /// `KeyType` filters to selectively retrieve certain varieties + /// of keys. + #[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] + pub struct KeyType(std::string::String); + + impl KeyType { + /// Sets the enum value. + pub fn set_value>(mut self, v: T) -> Self { + self.0 = v.into(); + self + } + + /// Gets the enum value. + pub fn value(&self) -> &str { + &self.0 + } + } + + /// Useful constants to work with [KeyType](KeyType) + pub mod key_type { + + /// Unspecified key type. The presence of this in the + /// message will immediately result in an error. + pub const KEY_TYPE_UNSPECIFIED: &str = "KEY_TYPE_UNSPECIFIED"; + + /// User-managed keys (managed and rotated by the user). + pub const USER_MANAGED: &str = "USER_MANAGED"; + + /// System-managed keys (managed and rotated by Google). + pub const SYSTEM_MANAGED: &str = "SYSTEM_MANAGED"; + } +} + +/// The service account keys list response. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct ListServiceAccountKeysResponse { + /// The public keys for the service account. + #[serde(skip_serializing_if = "std::vec::Vec::is_empty")] + pub keys: std::vec::Vec, +} + +impl ListServiceAccountKeysResponse { + /// Sets the value of `keys`. + pub fn set_keys>>( + mut self, + v: T, + ) -> Self { + self.keys = v.into(); + self + } +} + +impl wkt::message::Message for ListServiceAccountKeysResponse { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.ListServiceAccountKeysResponse" + } +} + +/// The service account key get by id request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct GetServiceAccountKeyRequest { + /// Required. The resource name of the service account key in the following format: + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. + /// + /// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + /// the account. The `ACCOUNT` value can be the `email` address or the + /// `unique_id` of the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// Optional. The output format of the public key. The default is `TYPE_NONE`, which + /// means that the public key is not returned. + pub public_key_type: crate::model::ServiceAccountPublicKeyType, +} + +impl GetServiceAccountKeyRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `public_key_type`. + pub fn set_public_key_type>( + mut self, + v: T, + ) -> Self { + self.public_key_type = v.into(); + self + } +} + +impl wkt::message::Message for GetServiceAccountKeyRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.GetServiceAccountKeyRequest" + } +} + +/// Represents a service account key. +/// +/// A service account has two sets of key-pairs: user-managed, and +/// system-managed. +/// +/// User-managed key-pairs can be created and deleted by users. Users are +/// responsible for rotating these keys periodically to ensure security of +/// their service accounts. Users retain the private key of these key-pairs, +/// and Google retains ONLY the public key. +/// +/// System-managed keys are automatically rotated by Google, and are used for +/// signing for a maximum of two weeks. The rotation process is probabilistic, +/// and usage of the new key will gradually ramp up and down over the key's +/// lifetime. +/// +/// If you cache the public key set for a service account, we recommend that you +/// update the cache every 15 minutes. User-managed keys can be added and removed +/// at any time, so it is important to update the cache frequently. For +/// Google-managed keys, Google will publish a key at least 6 hours before it is +/// first used for signing and will keep publishing it for at least 6 hours after +/// it was last used for signing. +/// +/// Public keys for all service accounts are also published at the OAuth2 +/// Service Account API. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct ServiceAccountKey { + /// The resource name of the service account key in the following format + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// The output format for the private key. + /// Only provided in `CreateServiceAccountKey` responses, not + /// in `GetServiceAccountKey` or `ListServiceAccountKey` responses. + /// + /// Google never exposes system-managed private keys, and never retains + /// user-managed private keys. + pub private_key_type: crate::model::ServiceAccountPrivateKeyType, + + /// Specifies the algorithm (and possibly key size) for the key. + pub key_algorithm: crate::model::ServiceAccountKeyAlgorithm, + + /// The private key data. Only provided in `CreateServiceAccountKey` + /// responses. Make sure to keep the private key data secure because it + /// allows for the assertion of the service account identity. + /// When base64 decoded, the private key data can be used to authenticate with + /// Google API client libraries and with + /// gcloud + /// auth activate-service-account. + #[serde(skip_serializing_if = "bytes::Bytes::is_empty")] + #[serde_as(as = "serde_with::base64::Base64")] + pub private_key_data: bytes::Bytes, + + /// The public key data. Only provided in `GetServiceAccountKey` responses. + #[serde(skip_serializing_if = "bytes::Bytes::is_empty")] + #[serde_as(as = "serde_with::base64::Base64")] + pub public_key_data: bytes::Bytes, + + /// The key can be used after this timestamp. + #[serde(skip_serializing_if = "std::option::Option::is_none")] + pub valid_after_time: std::option::Option, + + /// The key can be used before this timestamp. + /// For system-managed key pairs, this timestamp is the end time for the + /// private key signing operation. The public key could still be used + /// for verification for a few hours after this time. + #[serde(skip_serializing_if = "std::option::Option::is_none")] + pub valid_before_time: std::option::Option, + + /// The key origin. + pub key_origin: crate::model::ServiceAccountKeyOrigin, + + /// The key type. + pub key_type: crate::model::list_service_account_keys_request::KeyType, + + /// The key status. + pub disabled: bool, +} + +impl ServiceAccountKey { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `private_key_type`. + pub fn set_private_key_type< + T: std::convert::Into, + >( + mut self, + v: T, + ) -> Self { + self.private_key_type = v.into(); + self + } + + /// Sets the value of `key_algorithm`. + pub fn set_key_algorithm>( + mut self, + v: T, + ) -> Self { + self.key_algorithm = v.into(); + self + } + + /// Sets the value of `private_key_data`. + pub fn set_private_key_data>(mut self, v: T) -> Self { + self.private_key_data = v.into(); + self + } + + /// Sets the value of `public_key_data`. + pub fn set_public_key_data>(mut self, v: T) -> Self { + self.public_key_data = v.into(); + self + } + + /// Sets the value of `valid_after_time`. + pub fn set_valid_after_time>>( + mut self, + v: T, + ) -> Self { + self.valid_after_time = v.into(); + self + } + + /// Sets the value of `valid_before_time`. + pub fn set_valid_before_time>>( + mut self, + v: T, + ) -> Self { + self.valid_before_time = v.into(); + self + } + + /// Sets the value of `key_origin`. + pub fn set_key_origin>( + mut self, + v: T, + ) -> Self { + self.key_origin = v.into(); + self + } + + /// Sets the value of `key_type`. + pub fn set_key_type< + T: std::convert::Into, + >( + mut self, + v: T, + ) -> Self { + self.key_type = v.into(); + self + } + + /// Sets the value of `disabled`. + pub fn set_disabled>(mut self, v: T) -> Self { + self.disabled = v.into(); + self + } +} + +impl wkt::message::Message for ServiceAccountKey { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.ServiceAccountKey" + } +} + +/// The service account key create request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct CreateServiceAccountKeyRequest { + /// Required. The resource name of the service account in the following format: + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + /// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + /// the account. The `ACCOUNT` value can be the `email` address or the + /// `unique_id` of the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// The output format of the private key. The default value is + /// `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google Credentials File + /// format. + pub private_key_type: crate::model::ServiceAccountPrivateKeyType, + + /// Which type of key and algorithm to use for the key. + /// The default is currently a 2K RSA key. However this may change in the + /// future. + pub key_algorithm: crate::model::ServiceAccountKeyAlgorithm, +} + +impl CreateServiceAccountKeyRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `private_key_type`. + pub fn set_private_key_type< + T: std::convert::Into, + >( + mut self, + v: T, + ) -> Self { + self.private_key_type = v.into(); + self + } + + /// Sets the value of `key_algorithm`. + pub fn set_key_algorithm>( + mut self, + v: T, + ) -> Self { + self.key_algorithm = v.into(); + self + } +} + +impl wkt::message::Message for CreateServiceAccountKeyRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.CreateServiceAccountKeyRequest" + } +} + +/// The service account key upload request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct UploadServiceAccountKeyRequest { + /// The resource name of the service account in the following format: + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + /// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + /// the account. The `ACCOUNT` value can be the `email` address or the + /// `unique_id` of the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// The public key to associate with the service account. Must be an RSA public + /// key that is wrapped in an X.509 v3 certificate. Include the first line, + /// `-----BEGIN CERTIFICATE-----`, and the last line, + /// `-----END CERTIFICATE-----`. + #[serde(skip_serializing_if = "bytes::Bytes::is_empty")] + #[serde_as(as = "serde_with::base64::Base64")] + pub public_key_data: bytes::Bytes, +} + +impl UploadServiceAccountKeyRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `public_key_data`. + pub fn set_public_key_data>(mut self, v: T) -> Self { + self.public_key_data = v.into(); + self + } +} + +impl wkt::message::Message for UploadServiceAccountKeyRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.UploadServiceAccountKeyRequest" + } +} + +/// The service account key delete request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct DeleteServiceAccountKeyRequest { + /// Required. The resource name of the service account key in the following format: + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. + /// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + /// the account. The `ACCOUNT` value can be the `email` address or the + /// `unique_id` of the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, +} + +impl DeleteServiceAccountKeyRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } +} + +impl wkt::message::Message for DeleteServiceAccountKeyRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.DeleteServiceAccountKeyRequest" + } +} + +/// The service account key disable request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct DisableServiceAccountKeyRequest { + /// Required. The resource name of the service account key in the following format: + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. + /// + /// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + /// the account. The `ACCOUNT` value can be the `email` address or the + /// `unique_id` of the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, +} + +impl DisableServiceAccountKeyRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } +} + +impl wkt::message::Message for DisableServiceAccountKeyRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.DisableServiceAccountKeyRequest" + } +} + +/// The service account key enable request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct EnableServiceAccountKeyRequest { + /// Required. The resource name of the service account key in the following format: + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. + /// + /// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + /// the account. The `ACCOUNT` value can be the `email` address or the + /// `unique_id` of the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, +} + +impl EnableServiceAccountKeyRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } +} + +impl wkt::message::Message for EnableServiceAccountKeyRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.EnableServiceAccountKeyRequest" + } +} + +/// Deprecated. [Migrate to Service Account Credentials +/// API](https://cloud.google.com/iam/help/credentials/migrate-api). +/// +/// The service account sign blob request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct SignBlobRequest { + /// Required. Deprecated. [Migrate to Service Account Credentials + /// API](https://cloud.google.com/iam/help/credentials/migrate-api). + /// + /// The resource name of the service account in the following format: + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + /// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + /// the account. The `ACCOUNT` value can be the `email` address or the + /// `unique_id` of the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// Required. Deprecated. [Migrate to Service Account Credentials + /// API](https://cloud.google.com/iam/help/credentials/migrate-api). + /// + /// The bytes to sign. + #[serde(skip_serializing_if = "bytes::Bytes::is_empty")] + #[serde_as(as = "serde_with::base64::Base64")] + pub bytes_to_sign: bytes::Bytes, +} + +impl SignBlobRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `bytes_to_sign`. + pub fn set_bytes_to_sign>(mut self, v: T) -> Self { + self.bytes_to_sign = v.into(); + self + } +} + +impl wkt::message::Message for SignBlobRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.SignBlobRequest" + } +} + +/// Deprecated. [Migrate to Service Account Credentials +/// API](https://cloud.google.com/iam/help/credentials/migrate-api). +/// +/// The service account sign blob response. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct SignBlobResponse { + /// Deprecated. [Migrate to Service Account Credentials + /// API](https://cloud.google.com/iam/help/credentials/migrate-api). + /// + /// The id of the key used to sign the blob. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub key_id: std::string::String, + + /// Deprecated. [Migrate to Service Account Credentials + /// API](https://cloud.google.com/iam/help/credentials/migrate-api). + /// + /// The signed blob. + #[serde(skip_serializing_if = "bytes::Bytes::is_empty")] + #[serde_as(as = "serde_with::base64::Base64")] + pub signature: bytes::Bytes, +} + +impl SignBlobResponse { + /// Sets the value of `key_id`. + pub fn set_key_id>(mut self, v: T) -> Self { + self.key_id = v.into(); + self + } + + /// Sets the value of `signature`. + pub fn set_signature>(mut self, v: T) -> Self { + self.signature = v.into(); + self + } +} + +impl wkt::message::Message for SignBlobResponse { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.SignBlobResponse" + } +} + +/// Deprecated. [Migrate to Service Account Credentials +/// API](https://cloud.google.com/iam/help/credentials/migrate-api). +/// +/// The service account sign JWT request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct SignJwtRequest { + /// Required. Deprecated. [Migrate to Service Account Credentials + /// API](https://cloud.google.com/iam/help/credentials/migrate-api). + /// + /// The resource name of the service account in the following format: + /// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + /// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + /// the account. The `ACCOUNT` value can be the `email` address or the + /// `unique_id` of the service account. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// Required. Deprecated. [Migrate to Service Account Credentials + /// API](https://cloud.google.com/iam/help/credentials/migrate-api). + /// + /// The JWT payload to sign. Must be a serialized JSON object that contains a + /// JWT Claims Set. For example: `{"sub": "user@example.com", "iat": 313435}` + /// + /// If the JWT Claims Set contains an expiration time (`exp`) claim, it must be + /// an integer timestamp that is not in the past and no more than 12 hours in + /// the future. + /// + /// If the JWT Claims Set does not contain an expiration time (`exp`) claim, + /// this claim is added automatically, with a timestamp that is 1 hour in the + /// future. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub payload: std::string::String, +} + +impl SignJwtRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `payload`. + pub fn set_payload>(mut self, v: T) -> Self { + self.payload = v.into(); + self + } +} + +impl wkt::message::Message for SignJwtRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.SignJwtRequest" + } +} + +/// Deprecated. [Migrate to Service Account Credentials +/// API](https://cloud.google.com/iam/help/credentials/migrate-api). +/// +/// The service account sign JWT response. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct SignJwtResponse { + /// Deprecated. [Migrate to Service Account Credentials + /// API](https://cloud.google.com/iam/help/credentials/migrate-api). + /// + /// The id of the key used to sign the JWT. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub key_id: std::string::String, + + /// Deprecated. [Migrate to Service Account Credentials + /// API](https://cloud.google.com/iam/help/credentials/migrate-api). + /// + /// The signed JWT. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub signed_jwt: std::string::String, +} + +impl SignJwtResponse { + /// Sets the value of `key_id`. + pub fn set_key_id>(mut self, v: T) -> Self { + self.key_id = v.into(); + self + } + + /// Sets the value of `signed_jwt`. + pub fn set_signed_jwt>(mut self, v: T) -> Self { + self.signed_jwt = v.into(); + self + } +} + +impl wkt::message::Message for SignJwtResponse { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.SignJwtResponse" + } +} + +/// A role in the Identity and Access Management API. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct Role { + /// The name of the role. + /// + /// When Role is used in CreateRole, the role name must not be set. + /// + /// When Role is used in output and other input such as UpdateRole, the role + /// name is the complete path, e.g., roles/logging.viewer for predefined roles + /// and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// Optional. A human-readable title for the role. Typically this + /// is limited to 100 UTF-8 bytes. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub title: std::string::String, + + /// Optional. A human-readable description for the role. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub description: std::string::String, + + /// The names of the permissions this role grants when bound in an IAM policy. + #[serde(skip_serializing_if = "std::vec::Vec::is_empty")] + pub included_permissions: std::vec::Vec, + + /// The current launch stage of the role. If the `ALPHA` launch stage has been + /// selected for a role, the `stage` field will not be included in the + /// returned definition for the role. + pub stage: crate::model::role::RoleLaunchStage, + + /// Used to perform a consistent read-modify-write. + #[serde(skip_serializing_if = "bytes::Bytes::is_empty")] + #[serde_as(as = "serde_with::base64::Base64")] + pub etag: bytes::Bytes, + + /// The current deleted state of the role. This field is read only. + /// It will be ignored in calls to CreateRole and UpdateRole. + pub deleted: bool, +} + +impl Role { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `title`. + pub fn set_title>(mut self, v: T) -> Self { + self.title = v.into(); + self + } + + /// Sets the value of `description`. + pub fn set_description>(mut self, v: T) -> Self { + self.description = v.into(); + self + } + + /// Sets the value of `included_permissions`. + pub fn set_included_permissions>>( + mut self, + v: T, + ) -> Self { + self.included_permissions = v.into(); + self + } + + /// Sets the value of `stage`. + pub fn set_stage>( + mut self, + v: T, + ) -> Self { + self.stage = v.into(); + self + } + + /// Sets the value of `etag`. + pub fn set_etag>(mut self, v: T) -> Self { + self.etag = v.into(); + self + } + + /// Sets the value of `deleted`. + pub fn set_deleted>(mut self, v: T) -> Self { + self.deleted = v.into(); + self + } +} + +impl wkt::message::Message for Role { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.Role" + } +} + +/// Defines additional types related to Role +pub mod role { + #[allow(unused_imports)] + use super::*; + + /// A stage representing a role's lifecycle phase. + #[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] + pub struct RoleLaunchStage(std::string::String); + + impl RoleLaunchStage { + /// Sets the enum value. + pub fn set_value>(mut self, v: T) -> Self { + self.0 = v.into(); + self + } + + /// Gets the enum value. + pub fn value(&self) -> &str { + &self.0 + } + } + + /// Useful constants to work with [RoleLaunchStage](RoleLaunchStage) + pub mod role_launch_stage { + + /// The user has indicated this role is currently in an Alpha phase. If this + /// launch stage is selected, the `stage` field will not be included when + /// requesting the definition for a given role. + pub const ALPHA: &str = "ALPHA"; + + /// The user has indicated this role is currently in a Beta phase. + pub const BETA: &str = "BETA"; + + /// The user has indicated this role is generally available. + pub const GA: &str = "GA"; + + /// The user has indicated this role is being deprecated. + pub const DEPRECATED: &str = "DEPRECATED"; + + /// This role is disabled and will not contribute permissions to any + /// principals it is granted to in policies. + pub const DISABLED: &str = "DISABLED"; + + /// The user has indicated this role is currently in an EAP phase. + pub const EAP: &str = "EAP"; + } +} + +/// The grantable role query request. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct QueryGrantableRolesRequest { + /// Required. The full resource name to query from the list of grantable roles. + /// + /// The name follows the Google Cloud Platform resource format. + /// For example, a Cloud Platform project with id `my-project` will be named + /// `//cloudresourcemanager.googleapis.com/projects/my-project`. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub full_resource_name: std::string::String, + + pub view: crate::model::RoleView, + + /// Optional limit on the number of roles to include in the response. + /// + /// The default is 300, and the maximum is 1,000. + pub page_size: i32, + + /// Optional pagination token returned in an earlier + /// QueryGrantableRolesResponse. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub page_token: std::string::String, +} + +impl QueryGrantableRolesRequest { + /// Sets the value of `full_resource_name`. + pub fn set_full_resource_name>( + mut self, + v: T, + ) -> Self { + self.full_resource_name = v.into(); + self + } + + /// Sets the value of `view`. + pub fn set_view>(mut self, v: T) -> Self { + self.view = v.into(); + self + } + + /// Sets the value of `page_size`. + pub fn set_page_size>(mut self, v: T) -> Self { + self.page_size = v.into(); + self + } + + /// Sets the value of `page_token`. + pub fn set_page_token>(mut self, v: T) -> Self { + self.page_token = v.into(); + self + } +} + +impl wkt::message::Message for QueryGrantableRolesRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.QueryGrantableRolesRequest" + } +} + +/// The grantable role query response. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct QueryGrantableRolesResponse { + /// The list of matching roles. + #[serde(skip_serializing_if = "std::vec::Vec::is_empty")] + pub roles: std::vec::Vec, + + /// To retrieve the next page of results, set + /// `QueryGrantableRolesRequest.page_token` to this value. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub next_page_token: std::string::String, +} + +impl QueryGrantableRolesResponse { + /// Sets the value of `roles`. + pub fn set_roles>>( + mut self, + v: T, + ) -> Self { + self.roles = v.into(); + self + } + + /// Sets the value of `next_page_token`. + pub fn set_next_page_token>(mut self, v: T) -> Self { + self.next_page_token = v.into(); + self + } +} + +impl wkt::message::Message for QueryGrantableRolesResponse { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.QueryGrantableRolesResponse" + } +} + +#[cfg(feature = "unstable-stream")] +impl gax::paginator::PageableResponse for QueryGrantableRolesResponse { + type PageItem = crate::model::Role; + + fn items(self) -> std::vec::Vec { + self.roles + } + + fn next_page_token(&self) -> std::string::String { + gax::paginator::extract_token(&self.next_page_token) + } +} + +/// The request to get all roles defined under a resource. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct ListRolesRequest { + /// The `parent` parameter's value depends on the target resource for the + /// request, namely + /// [`roles`](https://cloud.google.com/iam/reference/rest/v1/roles), + /// [`projects`](https://cloud.google.com/iam/reference/rest/v1/projects.roles), + /// or + /// [`organizations`](https://cloud.google.com/iam/reference/rest/v1/organizations.roles). + /// Each resource type's `parent` value format is described below: + /// + /// * [`roles.list()`](https://cloud.google.com/iam/reference/rest/v1/roles/list): An empty string. + /// This method doesn't require a resource; it simply returns all + /// [predefined + /// roles](https://cloud.google.com/iam/docs/understanding-roles#predefined_roles) + /// in Cloud IAM. Example request URL: `` + /// + /// * [`projects.roles.list()`](https://cloud.google.com/iam/reference/rest/v1/projects.roles/list): + /// `projects/{PROJECT_ID}`. This method lists all project-level + /// [custom + /// roles](https://cloud.google.com/iam/docs/understanding-custom-roles). + /// Example request URL: + /// `{PROJECT_ID}/roles` + /// + /// * [`organizations.roles.list()`](https://cloud.google.com/iam/reference/rest/v1/organizations.roles/list): + /// `organizations/{ORGANIZATION_ID}`. This method lists all + /// organization-level [custom + /// roles](https://cloud.google.com/iam/docs/understanding-custom-roles). + /// Example request URL: + /// `{ORGANIZATION_ID}/roles` + /// + /// + /// Note: Wildcard (*) values are invalid; you must specify a complete project + /// ID or organization ID. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub parent: std::string::String, + + /// Optional limit on the number of roles to include in the response. + /// + /// The default is 300, and the maximum is 1,000. + pub page_size: i32, + + /// Optional pagination token returned in an earlier ListRolesResponse. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub page_token: std::string::String, + + /// Optional view for the returned Role objects. When `FULL` is specified, + /// the `includedPermissions` field is returned, which includes a list of all + /// permissions in the role. The default value is `BASIC`, which does not + /// return the `includedPermissions` field. + pub view: crate::model::RoleView, + + /// Include Roles that have been deleted. + pub show_deleted: bool, +} + +impl ListRolesRequest { + /// Sets the value of `parent`. + pub fn set_parent>(mut self, v: T) -> Self { + self.parent = v.into(); + self + } + + /// Sets the value of `page_size`. + pub fn set_page_size>(mut self, v: T) -> Self { + self.page_size = v.into(); + self + } + + /// Sets the value of `page_token`. + pub fn set_page_token>(mut self, v: T) -> Self { + self.page_token = v.into(); + self + } + + /// Sets the value of `view`. + pub fn set_view>(mut self, v: T) -> Self { + self.view = v.into(); + self + } + + /// Sets the value of `show_deleted`. + pub fn set_show_deleted>(mut self, v: T) -> Self { + self.show_deleted = v.into(); + self + } +} + +impl wkt::message::Message for ListRolesRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.ListRolesRequest" + } +} + +/// The response containing the roles defined under a resource. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct ListRolesResponse { + /// The Roles defined on this resource. + #[serde(skip_serializing_if = "std::vec::Vec::is_empty")] + pub roles: std::vec::Vec, + + /// To retrieve the next page of results, set + /// `ListRolesRequest.page_token` to this value. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub next_page_token: std::string::String, +} + +impl ListRolesResponse { + /// Sets the value of `roles`. + pub fn set_roles>>( + mut self, + v: T, + ) -> Self { + self.roles = v.into(); + self + } + + /// Sets the value of `next_page_token`. + pub fn set_next_page_token>(mut self, v: T) -> Self { + self.next_page_token = v.into(); + self + } +} + +impl wkt::message::Message for ListRolesResponse { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.ListRolesResponse" + } +} + +#[cfg(feature = "unstable-stream")] +impl gax::paginator::PageableResponse for ListRolesResponse { + type PageItem = crate::model::Role; + + fn items(self) -> std::vec::Vec { + self.roles + } + + fn next_page_token(&self) -> std::string::String { + gax::paginator::extract_token(&self.next_page_token) + } +} + +/// The request to get the definition of an existing role. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct GetRoleRequest { + /// The `name` parameter's value depends on the target resource for the + /// request, namely + /// [`roles`](https://cloud.google.com/iam/reference/rest/v1/roles), + /// [`projects`](https://cloud.google.com/iam/reference/rest/v1/projects.roles), + /// or + /// [`organizations`](https://cloud.google.com/iam/reference/rest/v1/organizations.roles). + /// Each resource type's `name` value format is described below: + /// + /// * [`roles.get()`](https://cloud.google.com/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`. + /// This method returns results from all + /// [predefined + /// roles](https://cloud.google.com/iam/docs/understanding-roles#predefined_roles) + /// in Cloud IAM. Example request URL: + /// `{ROLE_NAME}` + /// + /// * [`projects.roles.get()`](https://cloud.google.com/iam/reference/rest/v1/projects.roles/get): + /// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only + /// [custom + /// roles](https://cloud.google.com/iam/docs/understanding-custom-roles) that + /// have been created at the project level. Example request URL: + /// `{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` + /// + /// * [`organizations.roles.get()`](https://cloud.google.com/iam/reference/rest/v1/organizations.roles/get): + /// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method + /// returns only [custom + /// roles](https://cloud.google.com/iam/docs/understanding-custom-roles) that + /// have been created at the organization level. Example request URL: + /// `{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` + /// + /// + /// Note: Wildcard (*) values are invalid; you must specify a complete project + /// ID or organization ID. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, +} + +impl GetRoleRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } +} + +impl wkt::message::Message for GetRoleRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.GetRoleRequest" + } +} + +/// The request to create a new role. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct CreateRoleRequest { + /// The `parent` parameter's value depends on the target resource for the + /// request, namely + /// [`projects`](https://cloud.google.com/iam/reference/rest/v1/projects.roles) + /// or + /// [`organizations`](https://cloud.google.com/iam/reference/rest/v1/organizations.roles). + /// Each resource type's `parent` value format is described below: + /// + /// * [`projects.roles.create()`](https://cloud.google.com/iam/reference/rest/v1/projects.roles/create): + /// `projects/{PROJECT_ID}`. This method creates project-level + /// [custom + /// roles](https://cloud.google.com/iam/docs/understanding-custom-roles). + /// Example request URL: + /// `{PROJECT_ID}/roles` + /// + /// * [`organizations.roles.create()`](https://cloud.google.com/iam/reference/rest/v1/organizations.roles/create): + /// `organizations/{ORGANIZATION_ID}`. This method creates organization-level + /// [custom + /// roles](https://cloud.google.com/iam/docs/understanding-custom-roles). + /// Example request URL: + /// `{ORGANIZATION_ID}/roles` + /// + /// + /// Note: Wildcard (*) values are invalid; you must specify a complete project + /// ID or organization ID. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub parent: std::string::String, + + /// The role ID to use for this role. + /// + /// A role ID may contain alphanumeric characters, underscores (`_`), and + /// periods (`.`). It must contain a minimum of 3 characters and a maximum of + /// 64 characters. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub role_id: std::string::String, + + /// The Role resource to create. + #[serde(skip_serializing_if = "std::option::Option::is_none")] + pub role: std::option::Option, +} + +impl CreateRoleRequest { + /// Sets the value of `parent`. + pub fn set_parent>(mut self, v: T) -> Self { + self.parent = v.into(); + self + } + + /// Sets the value of `role_id`. + pub fn set_role_id>(mut self, v: T) -> Self { + self.role_id = v.into(); + self + } + + /// Sets the value of `role`. + pub fn set_role>>( + mut self, + v: T, + ) -> Self { + self.role = v.into(); + self + } +} + +impl wkt::message::Message for CreateRoleRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.CreateRoleRequest" + } +} + +/// The request to update a role. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct UpdateRoleRequest { + /// The `name` parameter's value depends on the target resource for the + /// request, namely + /// [`projects`](https://cloud.google.com/iam/reference/rest/v1/projects.roles) + /// or + /// [`organizations`](https://cloud.google.com/iam/reference/rest/v1/organizations.roles). + /// Each resource type's `name` value format is described below: + /// + /// * [`projects.roles.patch()`](https://cloud.google.com/iam/reference/rest/v1/projects.roles/patch): + /// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only + /// [custom + /// roles](https://cloud.google.com/iam/docs/understanding-custom-roles) that + /// have been created at the project level. Example request URL: + /// `{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` + /// + /// * [`organizations.roles.patch()`](https://cloud.google.com/iam/reference/rest/v1/organizations.roles/patch): + /// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method + /// updates only [custom + /// roles](https://cloud.google.com/iam/docs/understanding-custom-roles) that + /// have been created at the organization level. Example request URL: + /// `{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` + /// + /// + /// Note: Wildcard (*) values are invalid; you must specify a complete project + /// ID or organization ID. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// The updated role. + #[serde(skip_serializing_if = "std::option::Option::is_none")] + pub role: std::option::Option, + + /// A mask describing which fields in the Role have changed. + #[serde(skip_serializing_if = "std::option::Option::is_none")] + pub update_mask: std::option::Option, +} + +impl UpdateRoleRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `role`. + pub fn set_role>>( + mut self, + v: T, + ) -> Self { + self.role = v.into(); + self + } + + /// Sets the value of `update_mask`. + pub fn set_update_mask>>( + mut self, + v: T, + ) -> Self { + self.update_mask = v.into(); + self + } +} + +impl wkt::message::Message for UpdateRoleRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.UpdateRoleRequest" + } +} + +/// The request to delete an existing role. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct DeleteRoleRequest { + /// The `name` parameter's value depends on the target resource for the + /// request, namely + /// [`projects`](https://cloud.google.com/iam/reference/rest/v1/projects.roles) + /// or + /// [`organizations`](https://cloud.google.com/iam/reference/rest/v1/organizations.roles). + /// Each resource type's `name` value format is described below: + /// + /// * [`projects.roles.delete()`](https://cloud.google.com/iam/reference/rest/v1/projects.roles/delete): + /// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only + /// [custom + /// roles](https://cloud.google.com/iam/docs/understanding-custom-roles) that + /// have been created at the project level. Example request URL: + /// `{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` + /// + /// * [`organizations.roles.delete()`](https://cloud.google.com/iam/reference/rest/v1/organizations.roles/delete): + /// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method + /// deletes only [custom + /// roles](https://cloud.google.com/iam/docs/understanding-custom-roles) that + /// have been created at the organization level. Example request URL: + /// `{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` + /// + /// + /// Note: Wildcard (*) values are invalid; you must specify a complete project + /// ID or organization ID. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// Used to perform a consistent read-modify-write. + #[serde(skip_serializing_if = "bytes::Bytes::is_empty")] + #[serde_as(as = "serde_with::base64::Base64")] + pub etag: bytes::Bytes, +} + +impl DeleteRoleRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `etag`. + pub fn set_etag>(mut self, v: T) -> Self { + self.etag = v.into(); + self + } +} + +impl wkt::message::Message for DeleteRoleRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.DeleteRoleRequest" + } +} + +/// The request to undelete an existing role. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct UndeleteRoleRequest { + /// The `name` parameter's value depends on the target resource for the + /// request, namely + /// [`projects`](https://cloud.google.com/iam/reference/rest/v1/projects.roles) + /// or + /// [`organizations`](https://cloud.google.com/iam/reference/rest/v1/organizations.roles). + /// Each resource type's `name` value format is described below: + /// + /// * [`projects.roles.undelete()`](https://cloud.google.com/iam/reference/rest/v1/projects.roles/undelete): + /// `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes + /// only [custom + /// roles](https://cloud.google.com/iam/docs/understanding-custom-roles) that + /// have been created at the project level. Example request URL: + /// `{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` + /// + /// * [`organizations.roles.undelete()`](https://cloud.google.com/iam/reference/rest/v1/organizations.roles/undelete): + /// `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method + /// undeletes only [custom + /// roles](https://cloud.google.com/iam/docs/understanding-custom-roles) that + /// have been created at the organization level. Example request URL: + /// `{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` + /// + /// + /// Note: Wildcard (*) values are invalid; you must specify a complete project + /// ID or organization ID. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// Used to perform a consistent read-modify-write. + #[serde(skip_serializing_if = "bytes::Bytes::is_empty")] + #[serde_as(as = "serde_with::base64::Base64")] + pub etag: bytes::Bytes, +} + +impl UndeleteRoleRequest { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `etag`. + pub fn set_etag>(mut self, v: T) -> Self { + self.etag = v.into(); + self + } +} + +impl wkt::message::Message for UndeleteRoleRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.UndeleteRoleRequest" + } +} + +/// A permission which can be included by a role. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct Permission { + /// The name of this Permission. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + + /// The title of this Permission. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub title: std::string::String, + + /// A brief description of what this Permission is used for. + /// This permission can ONLY be used in predefined roles. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub description: std::string::String, + + pub only_in_predefined_roles: bool, + + /// The current launch stage of the permission. + pub stage: crate::model::permission::PermissionLaunchStage, + + /// The current custom role support level. + pub custom_roles_support_level: crate::model::permission::CustomRolesSupportLevel, + + /// The service API associated with the permission is not enabled. + pub api_disabled: bool, + + /// The preferred name for this permission. If present, then this permission is + /// an alias of, and equivalent to, the listed primary_permission. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub primary_permission: std::string::String, +} + +impl Permission { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + + /// Sets the value of `title`. + pub fn set_title>(mut self, v: T) -> Self { + self.title = v.into(); + self + } + + /// Sets the value of `description`. + pub fn set_description>(mut self, v: T) -> Self { + self.description = v.into(); + self + } + + /// Sets the value of `only_in_predefined_roles`. + pub fn set_only_in_predefined_roles>(mut self, v: T) -> Self { + self.only_in_predefined_roles = v.into(); + self + } + + /// Sets the value of `stage`. + pub fn set_stage>( + mut self, + v: T, + ) -> Self { + self.stage = v.into(); + self + } + + /// Sets the value of `custom_roles_support_level`. + pub fn set_custom_roles_support_level< + T: std::convert::Into, + >( + mut self, + v: T, + ) -> Self { + self.custom_roles_support_level = v.into(); + self + } + + /// Sets the value of `api_disabled`. + pub fn set_api_disabled>(mut self, v: T) -> Self { + self.api_disabled = v.into(); + self + } + + /// Sets the value of `primary_permission`. + pub fn set_primary_permission>( + mut self, + v: T, + ) -> Self { + self.primary_permission = v.into(); + self + } +} + +impl wkt::message::Message for Permission { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.Permission" + } +} + +/// Defines additional types related to Permission +pub mod permission { + #[allow(unused_imports)] + use super::*; + + /// A stage representing a permission's lifecycle phase. + #[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] + pub struct PermissionLaunchStage(std::string::String); + + impl PermissionLaunchStage { + /// Sets the enum value. + pub fn set_value>(mut self, v: T) -> Self { + self.0 = v.into(); + self + } + + /// Gets the enum value. + pub fn value(&self) -> &str { + &self.0 + } + } + + /// Useful constants to work with [PermissionLaunchStage](PermissionLaunchStage) + pub mod permission_launch_stage { + + /// The permission is currently in an alpha phase. + pub const ALPHA: &str = "ALPHA"; + + /// The permission is currently in a beta phase. + pub const BETA: &str = "BETA"; + + /// The permission is generally available. + pub const GA: &str = "GA"; + + /// The permission is being deprecated. + pub const DEPRECATED: &str = "DEPRECATED"; + } + + /// The state of the permission with regards to custom roles. + #[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] + pub struct CustomRolesSupportLevel(std::string::String); + + impl CustomRolesSupportLevel { + /// Sets the enum value. + pub fn set_value>(mut self, v: T) -> Self { + self.0 = v.into(); + self + } + + /// Gets the enum value. + pub fn value(&self) -> &str { + &self.0 + } + } + + /// Useful constants to work with [CustomRolesSupportLevel](CustomRolesSupportLevel) + pub mod custom_roles_support_level { + + /// Default state. Permission is fully supported for custom role use. + pub const SUPPORTED: &str = "SUPPORTED"; + + /// Permission is being tested to check custom role compatibility. + pub const TESTING: &str = "TESTING"; + + /// Permission is not supported for custom role use. + pub const NOT_SUPPORTED: &str = "NOT_SUPPORTED"; + } +} + +/// A request to get permissions which can be tested on a resource. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct QueryTestablePermissionsRequest { + /// Required. The full resource name to query from the list of testable + /// permissions. + /// + /// The name follows the Google Cloud Platform resource format. + /// For example, a Cloud Platform project with id `my-project` will be named + /// `//cloudresourcemanager.googleapis.com/projects/my-project`. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub full_resource_name: std::string::String, + + /// Optional limit on the number of permissions to include in the response. + /// + /// The default is 100, and the maximum is 1,000. + pub page_size: i32, + + /// Optional pagination token returned in an earlier + /// QueryTestablePermissionsRequest. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub page_token: std::string::String, +} + +impl QueryTestablePermissionsRequest { + /// Sets the value of `full_resource_name`. + pub fn set_full_resource_name>( + mut self, + v: T, + ) -> Self { + self.full_resource_name = v.into(); + self + } + + /// Sets the value of `page_size`. + pub fn set_page_size>(mut self, v: T) -> Self { + self.page_size = v.into(); + self + } + + /// Sets the value of `page_token`. + pub fn set_page_token>(mut self, v: T) -> Self { + self.page_token = v.into(); + self + } +} + +impl wkt::message::Message for QueryTestablePermissionsRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.QueryTestablePermissionsRequest" + } +} + +/// The response containing permissions which can be tested on a resource. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct QueryTestablePermissionsResponse { + /// The Permissions testable on the requested resource. + #[serde(skip_serializing_if = "std::vec::Vec::is_empty")] + pub permissions: std::vec::Vec, + + /// To retrieve the next page of results, set + /// `QueryTestableRolesRequest.page_token` to this value. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub next_page_token: std::string::String, +} + +impl QueryTestablePermissionsResponse { + /// Sets the value of `permissions`. + pub fn set_permissions>>( + mut self, + v: T, + ) -> Self { + self.permissions = v.into(); + self + } + + /// Sets the value of `next_page_token`. + pub fn set_next_page_token>(mut self, v: T) -> Self { + self.next_page_token = v.into(); + self + } +} + +impl wkt::message::Message for QueryTestablePermissionsResponse { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.QueryTestablePermissionsResponse" + } +} + +#[cfg(feature = "unstable-stream")] +impl gax::paginator::PageableResponse for QueryTestablePermissionsResponse { + type PageItem = crate::model::Permission; + + fn items(self) -> std::vec::Vec { + self.permissions + } + + fn next_page_token(&self) -> std::string::String { + gax::paginator::extract_token(&self.next_page_token) + } +} + +/// A request to get the list of auditable services for a resource. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct QueryAuditableServicesRequest { + /// Required. The full resource name to query from the list of auditable + /// services. + /// + /// The name follows the Google Cloud Platform resource format. + /// For example, a Cloud Platform project with id `my-project` will be named + /// `//cloudresourcemanager.googleapis.com/projects/my-project`. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub full_resource_name: std::string::String, +} + +impl QueryAuditableServicesRequest { + /// Sets the value of `full_resource_name`. + pub fn set_full_resource_name>( + mut self, + v: T, + ) -> Self { + self.full_resource_name = v.into(); + self + } +} + +impl wkt::message::Message for QueryAuditableServicesRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.QueryAuditableServicesRequest" + } +} + +/// A response containing a list of auditable services for a resource. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct QueryAuditableServicesResponse { + /// The auditable services for a resource. + #[serde(skip_serializing_if = "std::vec::Vec::is_empty")] + pub services: std::vec::Vec, +} + +impl QueryAuditableServicesResponse { + /// Sets the value of `services`. + pub fn set_services< + T: std::convert::Into< + std::vec::Vec, + >, + >( + mut self, + v: T, + ) -> Self { + self.services = v.into(); + self + } +} + +impl wkt::message::Message for QueryAuditableServicesResponse { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.QueryAuditableServicesResponse" + } +} + +/// Defines additional types related to QueryAuditableServicesResponse +pub mod query_auditable_services_response { + #[allow(unused_imports)] + use super::*; + + /// Contains information about an auditable service. + #[serde_with::serde_as] + #[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] + #[serde(default, rename_all = "camelCase")] + #[non_exhaustive] + pub struct AuditableService { + /// Public name of the service. + /// For example, the service name for Cloud IAM is 'iam.googleapis.com'. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub name: std::string::String, + } + + impl AuditableService { + /// Sets the value of `name`. + pub fn set_name>(mut self, v: T) -> Self { + self.name = v.into(); + self + } + } + + impl wkt::message::Message for AuditableService { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.QueryAuditableServicesResponse.AuditableService" + } + } +} + +/// The request to lint a Cloud IAM policy object. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct LintPolicyRequest { + /// The full resource name of the policy this lint request is about. + /// + /// The name follows the Google Cloud Platform (GCP) resource format. + /// For example, a GCP project with ID `my-project` will be named + /// `//cloudresourcemanager.googleapis.com/projects/my-project`. + /// + /// The resource name is not used to read the policy instance from the Cloud + /// IAM database. The candidate policy for lint has to be provided in the same + /// request object. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub full_resource_name: std::string::String, + + /// Required. The Cloud IAM object to be linted. + #[serde(flatten, skip_serializing_if = "std::option::Option::is_none")] + pub lint_object: std::option::Option, +} + +impl LintPolicyRequest { + /// Sets the value of `full_resource_name`. + pub fn set_full_resource_name>( + mut self, + v: T, + ) -> Self { + self.full_resource_name = v.into(); + self + } + + /// Sets the value of `lint_object`. + pub fn set_lint_object< + T: std::convert::Into>, + >( + mut self, + v: T, + ) -> Self { + self.lint_object = v.into(); + self + } +} + +impl wkt::message::Message for LintPolicyRequest { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.LintPolicyRequest" + } +} + +/// Defines additional types related to LintPolicyRequest +pub mod lint_policy_request { + #[allow(unused_imports)] + use super::*; + + /// Required. The Cloud IAM object to be linted. + #[derive(Clone, Debug, PartialEq, serde::Deserialize, serde::Serialize)] + #[serde(rename_all = "camelCase")] + #[non_exhaustive] + pub enum LintObject { + /// [google.iam.v1.Binding.condition] [google.iam.v1.Binding.condition] object to be linted. + Condition(gtype::model::Expr), + } +} + +/// Structured response of a single validation unit. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct LintResult { + /// The validation unit level. + pub level: crate::model::lint_result::Level, + + /// The validation unit name, for instance + /// "lintValidationUnits/ConditionComplexityCheck". + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub validation_unit_name: std::string::String, + + /// The validation unit severity. + pub severity: crate::model::lint_result::Severity, + + /// The name of the field for which this lint result is about. + /// + /// For nested messages `field_name` consists of names of the embedded fields + /// separated by period character. The top-level qualifier is the input object + /// to lint in the request. For example, the `field_name` value + /// `condition.expression` identifies a lint result for the `expression` field + /// of the provided condition. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub field_name: std::string::String, + + /// 0-based character position of problematic construct within the object + /// identified by `field_name`. Currently, this is populated only for condition + /// expression. + pub location_offset: i32, + + /// Human readable debug message associated with the issue. + #[serde(skip_serializing_if = "std::string::String::is_empty")] + pub debug_message: std::string::String, +} + +impl LintResult { + /// Sets the value of `level`. + pub fn set_level>( + mut self, + v: T, + ) -> Self { + self.level = v.into(); + self + } + + /// Sets the value of `validation_unit_name`. + pub fn set_validation_unit_name>( + mut self, + v: T, + ) -> Self { + self.validation_unit_name = v.into(); + self + } + + /// Sets the value of `severity`. + pub fn set_severity>( + mut self, + v: T, + ) -> Self { + self.severity = v.into(); + self + } + + /// Sets the value of `field_name`. + pub fn set_field_name>(mut self, v: T) -> Self { + self.field_name = v.into(); + self + } + + /// Sets the value of `location_offset`. + pub fn set_location_offset>(mut self, v: T) -> Self { + self.location_offset = v.into(); + self + } + + /// Sets the value of `debug_message`. + pub fn set_debug_message>(mut self, v: T) -> Self { + self.debug_message = v.into(); + self + } +} + +impl wkt::message::Message for LintResult { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.LintResult" + } +} + +/// Defines additional types related to LintResult +pub mod lint_result { + #[allow(unused_imports)] + use super::*; + + /// Possible Level values of a validation unit corresponding to its domain + /// of discourse. + #[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] + pub struct Level(std::string::String); + + impl Level { + /// Sets the enum value. + pub fn set_value>(mut self, v: T) -> Self { + self.0 = v.into(); + self + } + + /// Gets the enum value. + pub fn value(&self) -> &str { + &self.0 + } + } + + /// Useful constants to work with [Level](Level) + pub mod level { + + /// Level is unspecified. + pub const LEVEL_UNSPECIFIED: &str = "LEVEL_UNSPECIFIED"; + + /// A validation unit which operates on an individual condition within a + /// binding. + pub const CONDITION: &str = "CONDITION"; + } + + /// Possible Severity values of an issued result. + #[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] + pub struct Severity(std::string::String); + + impl Severity { + /// Sets the enum value. + pub fn set_value>(mut self, v: T) -> Self { + self.0 = v.into(); + self + } + + /// Gets the enum value. + pub fn value(&self) -> &str { + &self.0 + } + } + + /// Useful constants to work with [Severity](Severity) + pub mod severity { + + /// Severity is unspecified. + pub const SEVERITY_UNSPECIFIED: &str = "SEVERITY_UNSPECIFIED"; + + /// A validation unit returns an error only for critical issues. If an + /// attempt is made to set the problematic policy without rectifying the + /// critical issue, it causes the `setPolicy` operation to fail. + pub const ERROR: &str = "ERROR"; + + /// Any issue which is severe enough but does not cause an error. + /// For example, suspicious constructs in the input object will not + /// necessarily fail `setPolicy`, but there is a high likelihood that they + /// won't behave as expected during policy evaluation in `checkPolicy`. + /// This includes the following common scenarios: + /// + /// - Unsatisfiable condition: Expired timestamp in date/time condition. + /// - Ineffective condition: Condition on a pair which is + /// granted unconditionally in another binding of the same policy. + pub const WARNING: &str = "WARNING"; + + /// Reserved for the issues that are not severe as `ERROR`/`WARNING`, but + /// need special handling. For instance, messages about skipped validation + /// units are issued as `NOTICE`. + pub const NOTICE: &str = "NOTICE"; + + /// Any informative statement which is not severe enough to raise + /// `ERROR`/`WARNING`/`NOTICE`, like auto-correction recommendations on the + /// input content. Note that current version of the linter does not utilize + /// `INFO`. + pub const INFO: &str = "INFO"; + + /// Deprecated severity level. + pub const DEPRECATED: &str = "DEPRECATED"; + } +} + +/// The response of a lint operation. An empty response indicates +/// the operation was able to fully execute and no lint issue was found. +#[serde_with::serde_as] +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +#[serde(default, rename_all = "camelCase")] +#[non_exhaustive] +pub struct LintPolicyResponse { + /// List of lint results sorted by `severity` in descending order. + #[serde(skip_serializing_if = "std::vec::Vec::is_empty")] + pub lint_results: std::vec::Vec, +} + +impl LintPolicyResponse { + /// Sets the value of `lint_results`. + pub fn set_lint_results>>( + mut self, + v: T, + ) -> Self { + self.lint_results = v.into(); + self + } +} + +impl wkt::message::Message for LintPolicyResponse { + fn typename() -> &'static str { + "type.googleapis.com/google.iam.admin.v1.LintPolicyResponse" + } +} + +/// Supported key algorithms. +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +pub struct ServiceAccountKeyAlgorithm(std::string::String); + +impl ServiceAccountKeyAlgorithm { + /// Sets the enum value. + pub fn set_value>(mut self, v: T) -> Self { + self.0 = v.into(); + self + } + + /// Gets the enum value. + pub fn value(&self) -> &str { + &self.0 + } +} + +/// Useful constants to work with [ServiceAccountKeyAlgorithm](ServiceAccountKeyAlgorithm) +pub mod service_account_key_algorithm { + + /// An unspecified key algorithm. + pub const KEY_ALG_UNSPECIFIED: &str = "KEY_ALG_UNSPECIFIED"; + + /// 1k RSA Key. + pub const KEY_ALG_RSA_1024: &str = "KEY_ALG_RSA_1024"; + + /// 2k RSA Key. + pub const KEY_ALG_RSA_2048: &str = "KEY_ALG_RSA_2048"; +} + +/// Supported private key output formats. +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +pub struct ServiceAccountPrivateKeyType(std::string::String); + +impl ServiceAccountPrivateKeyType { + /// Sets the enum value. + pub fn set_value>(mut self, v: T) -> Self { + self.0 = v.into(); + self + } + + /// Gets the enum value. + pub fn value(&self) -> &str { + &self.0 + } +} + +/// Useful constants to work with [ServiceAccountPrivateKeyType](ServiceAccountPrivateKeyType) +pub mod service_account_private_key_type { + + /// Unspecified. Equivalent to `TYPE_GOOGLE_CREDENTIALS_FILE`. + pub const TYPE_UNSPECIFIED: &str = "TYPE_UNSPECIFIED"; + + /// PKCS12 format. + /// The password for the PKCS12 file is `notasecret`. + /// For more information, see . + pub const TYPE_PKCS12_FILE: &str = "TYPE_PKCS12_FILE"; + + /// Google Credentials File format. + pub const TYPE_GOOGLE_CREDENTIALS_FILE: &str = "TYPE_GOOGLE_CREDENTIALS_FILE"; +} + +/// Supported public key output formats. +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +pub struct ServiceAccountPublicKeyType(std::string::String); + +impl ServiceAccountPublicKeyType { + /// Sets the enum value. + pub fn set_value>(mut self, v: T) -> Self { + self.0 = v.into(); + self + } + + /// Gets the enum value. + pub fn value(&self) -> &str { + &self.0 + } +} + +/// Useful constants to work with [ServiceAccountPublicKeyType](ServiceAccountPublicKeyType) +pub mod service_account_public_key_type { + + /// Do not return the public key. + pub const TYPE_NONE: &str = "TYPE_NONE"; + + /// X509 PEM format. + pub const TYPE_X509_PEM_FILE: &str = "TYPE_X509_PEM_FILE"; + + /// Raw public key. + pub const TYPE_RAW_PUBLIC_KEY: &str = "TYPE_RAW_PUBLIC_KEY"; +} + +/// Service Account Key Origin. +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +pub struct ServiceAccountKeyOrigin(std::string::String); + +impl ServiceAccountKeyOrigin { + /// Sets the enum value. + pub fn set_value>(mut self, v: T) -> Self { + self.0 = v.into(); + self + } + + /// Gets the enum value. + pub fn value(&self) -> &str { + &self.0 + } +} + +/// Useful constants to work with [ServiceAccountKeyOrigin](ServiceAccountKeyOrigin) +pub mod service_account_key_origin { + + /// Unspecified key origin. + pub const ORIGIN_UNSPECIFIED: &str = "ORIGIN_UNSPECIFIED"; + + /// Key is provided by user. + pub const USER_PROVIDED: &str = "USER_PROVIDED"; + + /// Key is provided by Google. + pub const GOOGLE_PROVIDED: &str = "GOOGLE_PROVIDED"; +} + +/// A view for Role objects. +#[derive(Clone, Debug, Default, PartialEq, serde::Deserialize, serde::Serialize)] +pub struct RoleView(std::string::String); + +impl RoleView { + /// Sets the enum value. + pub fn set_value>(mut self, v: T) -> Self { + self.0 = v.into(); + self + } + + /// Gets the enum value. + pub fn value(&self) -> &str { + &self.0 + } +} + +/// Useful constants to work with [RoleView](RoleView) +pub mod role_view { + + /// Omits the `included_permissions` field. + /// This is the default value. + pub const BASIC: &str = "BASIC"; + + /// Returns all fields. + pub const FULL: &str = "FULL"; +} diff --git a/src/generated/iam/admin/v1/src/tracing.rs b/src/generated/iam/admin/v1/src/tracing.rs new file mode 100755 index 000000000..f75819a17 --- /dev/null +++ b/src/generated/iam/admin/v1/src/tracing.rs @@ -0,0 +1,318 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by sidekick. DO NOT EDIT. +use crate::Result; + +/// Implements a [Iam](crate::traits::) decorator for logging and tracing. +#[derive(Clone, Debug)] +pub struct Iam +where + T: crate::traits::Iam + std::fmt::Debug + Send + Sync, +{ + inner: T, +} + +impl Iam +where + T: crate::traits::Iam + std::fmt::Debug + Send + Sync, +{ + pub fn new(inner: T) -> Self { + Self { inner } + } +} + +impl crate::traits::Iam for Iam +where + T: crate::traits::Iam + std::fmt::Debug + Send + Sync, +{ + #[tracing::instrument(ret)] + async fn list_service_accounts( + &self, + req: crate::model::ListServiceAccountsRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.list_service_accounts(req, options).await + } + + #[tracing::instrument(ret)] + async fn get_service_account( + &self, + req: crate::model::GetServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.get_service_account(req, options).await + } + + #[tracing::instrument(ret)] + async fn create_service_account( + &self, + req: crate::model::CreateServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.create_service_account(req, options).await + } + + #[tracing::instrument(ret)] + async fn update_service_account( + &self, + req: crate::model::ServiceAccount, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.update_service_account(req, options).await + } + + #[tracing::instrument(ret)] + async fn patch_service_account( + &self, + req: crate::model::PatchServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.patch_service_account(req, options).await + } + + #[tracing::instrument(ret)] + async fn delete_service_account( + &self, + req: crate::model::DeleteServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.delete_service_account(req, options).await + } + + #[tracing::instrument(ret)] + async fn undelete_service_account( + &self, + req: crate::model::UndeleteServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.undelete_service_account(req, options).await + } + + #[tracing::instrument(ret)] + async fn enable_service_account( + &self, + req: crate::model::EnableServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.enable_service_account(req, options).await + } + + #[tracing::instrument(ret)] + async fn disable_service_account( + &self, + req: crate::model::DisableServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.disable_service_account(req, options).await + } + + #[tracing::instrument(ret)] + async fn list_service_account_keys( + &self, + req: crate::model::ListServiceAccountKeysRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.list_service_account_keys(req, options).await + } + + #[tracing::instrument(ret)] + async fn get_service_account_key( + &self, + req: crate::model::GetServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.get_service_account_key(req, options).await + } + + #[tracing::instrument(ret)] + async fn create_service_account_key( + &self, + req: crate::model::CreateServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.create_service_account_key(req, options).await + } + + #[tracing::instrument(ret)] + async fn upload_service_account_key( + &self, + req: crate::model::UploadServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.upload_service_account_key(req, options).await + } + + #[tracing::instrument(ret)] + async fn delete_service_account_key( + &self, + req: crate::model::DeleteServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.delete_service_account_key(req, options).await + } + + #[tracing::instrument(ret)] + async fn disable_service_account_key( + &self, + req: crate::model::DisableServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.disable_service_account_key(req, options).await + } + + #[tracing::instrument(ret)] + async fn enable_service_account_key( + &self, + req: crate::model::EnableServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.enable_service_account_key(req, options).await + } + + #[tracing::instrument(ret)] + async fn sign_blob( + &self, + req: crate::model::SignBlobRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.sign_blob(req, options).await + } + + #[tracing::instrument(ret)] + async fn sign_jwt( + &self, + req: crate::model::SignJwtRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.sign_jwt(req, options).await + } + + #[tracing::instrument(ret)] + async fn get_iam_policy( + &self, + req: iam_v1::model::GetIamPolicyRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.get_iam_policy(req, options).await + } + + #[tracing::instrument(ret)] + async fn set_iam_policy( + &self, + req: iam_v1::model::SetIamPolicyRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.set_iam_policy(req, options).await + } + + #[tracing::instrument(ret)] + async fn test_iam_permissions( + &self, + req: iam_v1::model::TestIamPermissionsRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.test_iam_permissions(req, options).await + } + + #[tracing::instrument(ret)] + async fn query_grantable_roles( + &self, + req: crate::model::QueryGrantableRolesRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.query_grantable_roles(req, options).await + } + + #[tracing::instrument(ret)] + async fn list_roles( + &self, + req: crate::model::ListRolesRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.list_roles(req, options).await + } + + #[tracing::instrument(ret)] + async fn get_role( + &self, + req: crate::model::GetRoleRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.get_role(req, options).await + } + + #[tracing::instrument(ret)] + async fn create_role( + &self, + req: crate::model::CreateRoleRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.create_role(req, options).await + } + + #[tracing::instrument(ret)] + async fn update_role( + &self, + req: crate::model::UpdateRoleRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.update_role(req, options).await + } + + #[tracing::instrument(ret)] + async fn delete_role( + &self, + req: crate::model::DeleteRoleRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.delete_role(req, options).await + } + + #[tracing::instrument(ret)] + async fn undelete_role( + &self, + req: crate::model::UndeleteRoleRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.undelete_role(req, options).await + } + + #[tracing::instrument(ret)] + async fn query_testable_permissions( + &self, + req: crate::model::QueryTestablePermissionsRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.query_testable_permissions(req, options).await + } + + #[tracing::instrument(ret)] + async fn query_auditable_services( + &self, + req: crate::model::QueryAuditableServicesRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.query_auditable_services(req, options).await + } + + #[tracing::instrument(ret)] + async fn lint_policy( + &self, + req: crate::model::LintPolicyRequest, + options: gax::options::RequestOptions, + ) -> Result { + self.inner.lint_policy(req, options).await + } +} diff --git a/src/generated/iam/admin/v1/src/traits/dyntraits.rs b/src/generated/iam/admin/v1/src/traits/dyntraits.rs new file mode 100755 index 000000000..2cdba91be --- /dev/null +++ b/src/generated/iam/admin/v1/src/traits/dyntraits.rs @@ -0,0 +1,488 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by sidekick. DO NOT EDIT. + +/// A dyn-compatible, crate-private version of `Iam`. +#[async_trait::async_trait] +pub trait Iam: std::fmt::Debug + Send + Sync { + async fn list_service_accounts( + &self, + req: crate::model::ListServiceAccountsRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn get_service_account( + &self, + req: crate::model::GetServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn create_service_account( + &self, + req: crate::model::CreateServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn update_service_account( + &self, + req: crate::model::ServiceAccount, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn patch_service_account( + &self, + req: crate::model::PatchServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn delete_service_account( + &self, + req: crate::model::DeleteServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn undelete_service_account( + &self, + req: crate::model::UndeleteServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn enable_service_account( + &self, + req: crate::model::EnableServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn disable_service_account( + &self, + req: crate::model::DisableServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn list_service_account_keys( + &self, + req: crate::model::ListServiceAccountKeysRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn get_service_account_key( + &self, + req: crate::model::GetServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn create_service_account_key( + &self, + req: crate::model::CreateServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn upload_service_account_key( + &self, + req: crate::model::UploadServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn delete_service_account_key( + &self, + req: crate::model::DeleteServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn disable_service_account_key( + &self, + req: crate::model::DisableServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn enable_service_account_key( + &self, + req: crate::model::EnableServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn sign_blob( + &self, + req: crate::model::SignBlobRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn sign_jwt( + &self, + req: crate::model::SignJwtRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn get_iam_policy( + &self, + req: iam_v1::model::GetIamPolicyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn set_iam_policy( + &self, + req: iam_v1::model::SetIamPolicyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn test_iam_permissions( + &self, + req: iam_v1::model::TestIamPermissionsRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn query_grantable_roles( + &self, + req: crate::model::QueryGrantableRolesRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn list_roles( + &self, + req: crate::model::ListRolesRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn get_role( + &self, + req: crate::model::GetRoleRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn create_role( + &self, + req: crate::model::CreateRoleRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn update_role( + &self, + req: crate::model::UpdateRoleRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn delete_role( + &self, + req: crate::model::DeleteRoleRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn undelete_role( + &self, + req: crate::model::UndeleteRoleRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn query_testable_permissions( + &self, + req: crate::model::QueryTestablePermissionsRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn query_auditable_services( + &self, + req: crate::model::QueryAuditableServicesRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; + + async fn lint_policy( + &self, + req: crate::model::LintPolicyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result; +} + +/// All implementations of [crate::traits::Iam] also implement [Iam]. +#[async_trait::async_trait] +impl Iam for T { + /// Forwards the call to the implementation provided by `T`. + async fn list_service_accounts( + &self, + req: crate::model::ListServiceAccountsRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::list_service_accounts(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn get_service_account( + &self, + req: crate::model::GetServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::get_service_account(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn create_service_account( + &self, + req: crate::model::CreateServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::create_service_account(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn update_service_account( + &self, + req: crate::model::ServiceAccount, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::update_service_account(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn patch_service_account( + &self, + req: crate::model::PatchServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::patch_service_account(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn delete_service_account( + &self, + req: crate::model::DeleteServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::delete_service_account(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn undelete_service_account( + &self, + req: crate::model::UndeleteServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::undelete_service_account(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn enable_service_account( + &self, + req: crate::model::EnableServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::enable_service_account(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn disable_service_account( + &self, + req: crate::model::DisableServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::disable_service_account(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn list_service_account_keys( + &self, + req: crate::model::ListServiceAccountKeysRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::list_service_account_keys(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn get_service_account_key( + &self, + req: crate::model::GetServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::get_service_account_key(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn create_service_account_key( + &self, + req: crate::model::CreateServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::create_service_account_key(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn upload_service_account_key( + &self, + req: crate::model::UploadServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::upload_service_account_key(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn delete_service_account_key( + &self, + req: crate::model::DeleteServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::delete_service_account_key(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn disable_service_account_key( + &self, + req: crate::model::DisableServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::disable_service_account_key(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn enable_service_account_key( + &self, + req: crate::model::EnableServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::enable_service_account_key(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn sign_blob( + &self, + req: crate::model::SignBlobRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::sign_blob(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn sign_jwt( + &self, + req: crate::model::SignJwtRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::sign_jwt(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn get_iam_policy( + &self, + req: iam_v1::model::GetIamPolicyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::get_iam_policy(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn set_iam_policy( + &self, + req: iam_v1::model::SetIamPolicyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::set_iam_policy(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn test_iam_permissions( + &self, + req: iam_v1::model::TestIamPermissionsRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::test_iam_permissions(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn query_grantable_roles( + &self, + req: crate::model::QueryGrantableRolesRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::query_grantable_roles(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn list_roles( + &self, + req: crate::model::ListRolesRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::list_roles(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn get_role( + &self, + req: crate::model::GetRoleRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::get_role(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn create_role( + &self, + req: crate::model::CreateRoleRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::create_role(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn update_role( + &self, + req: crate::model::UpdateRoleRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::update_role(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn delete_role( + &self, + req: crate::model::DeleteRoleRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::delete_role(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn undelete_role( + &self, + req: crate::model::UndeleteRoleRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::undelete_role(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn query_testable_permissions( + &self, + req: crate::model::QueryTestablePermissionsRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::query_testable_permissions(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn query_auditable_services( + &self, + req: crate::model::QueryAuditableServicesRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::query_auditable_services(self, req, options).await + } + + /// Forwards the call to the implementation provided by `T`. + async fn lint_policy( + &self, + req: crate::model::LintPolicyRequest, + options: gax::options::RequestOptions, + ) -> crate::Result { + T::lint_policy(self, req, options).await + } +} diff --git a/src/generated/iam/admin/v1/src/traits/mod.rs b/src/generated/iam/admin/v1/src/traits/mod.rs new file mode 100755 index 000000000..a83c6b3ec --- /dev/null +++ b/src/generated/iam/admin/v1/src/traits/mod.rs @@ -0,0 +1,584 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by sidekick. DO NOT EDIT. + +use gax::error::Error; + +pub(crate) mod dyntraits; + +/// Creates and manages Identity and Access Management (IAM) resources. +/// +/// You can use this service to work with all of the following resources: +/// +/// * **Service accounts**, which identify an application or a virtual machine +/// (VM) instance rather than a person +/// * **Service account keys**, which service accounts use to authenticate with +/// Google APIs +/// * **IAM policies for service accounts**, which specify the roles that a +/// principal has for the service account +/// * **IAM custom roles**, which help you limit the number of permissions that +/// you grant to principals +/// +/// In addition, you can use this service to complete the following tasks, among +/// others: +/// +/// * Test whether a service account can use specific permissions +/// * Check which roles you can grant for a specific resource +/// * Lint, or validate, condition expressions in an IAM policy +/// +/// When you read data from the IAM API, each read is eventually consistent. In +/// other words, if you write data with the IAM API, then immediately read that +/// data, the read operation might return an older version of the data. To deal +/// with this behavior, your application can retry the request with truncated +/// exponential backoff. +/// +/// In contrast, writing data to the IAM API is sequentially consistent. In other +/// words, write operations are always processed in the order in which they were +/// received. +/// +/// # Mocking +/// +/// Application developers may use this trait to mock the iam clients. +/// +/// Services gain new RPCs routinely. Consequently, this trait gains new methods +/// too. To avoid breaking applications the trait provides a default +/// implementation for each method. These implementations return an error. +pub trait Iam: std::fmt::Debug + Send + Sync { + /// Lists every [ServiceAccount][google.iam.admin.v1.ServiceAccount] that belongs to a specific project. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn list_service_accounts( + &self, + _req: crate::model::ListServiceAccountsRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send + { + std::future::ready::>(Err( + Error::other("unimplemented"), + )) + } + + /// Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn get_service_account( + &self, + _req: crate::model::GetServiceAccountRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other( + "unimplemented", + ))) + } + + /// Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn create_service_account( + &self, + _req: crate::model::CreateServiceAccountRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other( + "unimplemented", + ))) + } + + /// **Note:** We are in the process of deprecating this method. Use + /// [PatchServiceAccount][google.iam.admin.v1.IAM.PatchServiceAccount] instead. + /// + /// Updates a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// You can update only the `display_name` field. + /// + /// [google.iam.admin.v1.IAM.PatchServiceAccount]: crate::client::Iam::patch_service_account + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn update_service_account( + &self, + _req: crate::model::ServiceAccount, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other( + "unimplemented", + ))) + } + + /// Patches a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn patch_service_account( + &self, + _req: crate::model::PatchServiceAccountRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other( + "unimplemented", + ))) + } + + /// Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// **Warning:** After you delete a service account, you might not be able to + /// undelete it. If you know that you need to re-enable the service account in + /// the future, use [DisableServiceAccount][google.iam.admin.v1.IAM.DisableServiceAccount] instead. + /// + /// If you delete a service account, IAM permanently removes the service + /// account 30 days later. Google Cloud cannot recover the service account + /// after it is permanently removed, even if you file a support request. + /// + /// To help avoid unplanned outages, we recommend that you disable the service + /// account before you delete it. Use [DisableServiceAccount][google.iam.admin.v1.IAM.DisableServiceAccount] to disable the + /// service account, then wait at least 24 hours and watch for unintended + /// consequences. If there are no unintended consequences, you can delete the + /// service account. + /// + /// [google.iam.admin.v1.IAM.DisableServiceAccount]: crate::client::Iam::disable_service_account + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn delete_service_account( + &self, + _req: crate::model::DeleteServiceAccountRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other("unimplemented"))) + } + + /// Restores a deleted [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// **Important:** It is not always possible to restore a deleted service + /// account. Use this method only as a last resort. + /// + /// After you delete a service account, IAM permanently removes the service + /// account 30 days later. There is no way to restore a deleted service account + /// that has been permanently removed. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn undelete_service_account( + &self, + _req: crate::model::UndeleteServiceAccountRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + + Send { + std::future::ready::>(Err( + Error::other("unimplemented"), + )) + } + + /// Enables a [ServiceAccount][google.iam.admin.v1.ServiceAccount] that was disabled by + /// [DisableServiceAccount][google.iam.admin.v1.IAM.DisableServiceAccount]. + /// + /// If the service account is already enabled, then this method has no effect. + /// + /// If the service account was disabled by other means—for example, if Google + /// disabled the service account because it was compromised—you cannot use this + /// method to enable the service account. + /// + /// [google.iam.admin.v1.IAM.DisableServiceAccount]: crate::client::Iam::disable_service_account + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn enable_service_account( + &self, + _req: crate::model::EnableServiceAccountRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other("unimplemented"))) + } + + /// Disables a [ServiceAccount][google.iam.admin.v1.ServiceAccount] immediately. + /// + /// If an application uses the service account to authenticate, that + /// application can no longer call Google APIs or access Google Cloud + /// resources. Existing access tokens for the service account are rejected, and + /// requests for new access tokens will fail. + /// + /// To re-enable the service account, use [EnableServiceAccount][google.iam.admin.v1.IAM.EnableServiceAccount]. After you + /// re-enable the service account, its existing access tokens will be accepted, + /// and you can request new access tokens. + /// + /// To help avoid unplanned outages, we recommend that you disable the service + /// account before you delete it. Use this method to disable the service + /// account, then wait at least 24 hours and watch for unintended consequences. + /// If there are no unintended consequences, you can delete the service account + /// with [DeleteServiceAccount][google.iam.admin.v1.IAM.DeleteServiceAccount]. + /// + /// [google.iam.admin.v1.IAM.DeleteServiceAccount]: crate::client::Iam::delete_service_account + /// [google.iam.admin.v1.IAM.EnableServiceAccount]: crate::client::Iam::enable_service_account + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn disable_service_account( + &self, + _req: crate::model::DisableServiceAccountRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other("unimplemented"))) + } + + /// Lists every [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey] for a service account. + /// + /// [google.iam.admin.v1.ServiceAccountKey]: crate::model::ServiceAccountKey + fn list_service_account_keys( + &self, + _req: crate::model::ListServiceAccountKeysRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + + Send { + std::future::ready::>(Err( + Error::other("unimplemented"), + )) + } + + /// Gets a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. + /// + /// [google.iam.admin.v1.ServiceAccountKey]: crate::model::ServiceAccountKey + fn get_service_account_key( + &self, + _req: crate::model::GetServiceAccountKeyRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send + { + std::future::ready::>(Err(Error::other( + "unimplemented", + ))) + } + + /// Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. + /// + /// [google.iam.admin.v1.ServiceAccountKey]: crate::model::ServiceAccountKey + fn create_service_account_key( + &self, + _req: crate::model::CreateServiceAccountKeyRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send + { + std::future::ready::>(Err(Error::other( + "unimplemented", + ))) + } + + /// Uploads the public key portion of a key pair that you manage, and + /// associates the public key with a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// After you upload the public key, you can use the private key from the key + /// pair as a service account key. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn upload_service_account_key( + &self, + _req: crate::model::UploadServiceAccountKeyRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send + { + std::future::ready::>(Err(Error::other( + "unimplemented", + ))) + } + + /// Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. Deleting a service account key does not + /// revoke short-lived credentials that have been issued based on the service + /// account key. + /// + /// [google.iam.admin.v1.ServiceAccountKey]: crate::model::ServiceAccountKey + fn delete_service_account_key( + &self, + _req: crate::model::DeleteServiceAccountKeyRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other("unimplemented"))) + } + + /// Disable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. A disabled service account key can be + /// re-enabled with [EnableServiceAccountKey][google.iam.admin.v1.IAM.EnableServiceAccountKey]. + /// + /// [google.iam.admin.v1.IAM.EnableServiceAccountKey]: crate::client::Iam::enable_service_account_key + /// [google.iam.admin.v1.ServiceAccountKey]: crate::model::ServiceAccountKey + fn disable_service_account_key( + &self, + _req: crate::model::DisableServiceAccountKeyRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other("unimplemented"))) + } + + /// Enable a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. + /// + /// [google.iam.admin.v1.ServiceAccountKey]: crate::model::ServiceAccountKey + fn enable_service_account_key( + &self, + _req: crate::model::EnableServiceAccountKeyRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other("unimplemented"))) + } + + /// **Note:** This method is deprecated. Use the + /// [`signBlob`](https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signBlob) + /// method in the IAM Service Account Credentials API instead. If you currently + /// use this method, see the [migration + /// guide](https://cloud.google.com/iam/help/credentials/migrate-api) for + /// instructions. + /// + /// Signs a blob using the system-managed private key for a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn sign_blob( + &self, + _req: crate::model::SignBlobRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send + { + std::future::ready::>(Err(Error::other( + "unimplemented", + ))) + } + + /// **Note:** This method is deprecated. Use the + /// [`signJwt`](https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signJwt) + /// method in the IAM Service Account Credentials API instead. If you currently + /// use this method, see the [migration + /// guide](https://cloud.google.com/iam/help/credentials/migrate-api) for + /// instructions. + /// + /// Signs a JSON Web Token (JWT) using the system-managed private key for a + /// [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn sign_jwt( + &self, + _req: crate::model::SignJwtRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send + { + std::future::ready::>(Err(Error::other( + "unimplemented", + ))) + } + + /// Gets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. This IAM + /// policy specifies which principals have access to the service account. + /// + /// This method does not tell you whether the service account has been granted + /// any roles on other resources. To check whether a service account has role + /// grants on a resource, use the `getIamPolicy` method for that resource. For + /// example, to view the role grants for a project, call the Resource Manager + /// API's + /// [`projects.getIamPolicy`](https://cloud.google.com/resource-manager/reference/rest/v1/projects/getIamPolicy) + /// method. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn get_iam_policy( + &self, + _req: iam_v1::model::GetIamPolicyRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other( + "unimplemented", + ))) + } + + /// Sets the IAM policy that is attached to a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// Use this method to grant or revoke access to the service account. For + /// example, you could grant a principal the ability to impersonate the service + /// account. + /// + /// This method does not enable the service account to access other resources. + /// To grant roles to a service account on a resource, follow these steps: + /// + /// . Call the resource's `getIamPolicy` method to get its current IAM policy. + /// . Edit the policy so that it binds the service account to an IAM role for + /// the resource. + /// . Call the resource's `setIamPolicy` method to update its IAM policy. + /// + /// For detailed instructions, see + /// [Manage access to project, folders, and + /// organizations](https://cloud.google.com/iam/help/service-accounts/granting-access-to-service-accounts) + /// or [Manage access to other + /// resources](https://cloud.google.com/iam/help/access/manage-other-resources). + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn set_iam_policy( + &self, + _req: iam_v1::model::SetIamPolicyRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other( + "unimplemented", + ))) + } + + /// Tests whether the caller has the specified permissions on a + /// [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + /// + /// [google.iam.admin.v1.ServiceAccount]: crate::model::ServiceAccount + fn test_iam_permissions( + &self, + _req: iam_v1::model::TestIamPermissionsRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send + { + std::future::ready::>(Err( + Error::other("unimplemented"), + )) + } + + /// Lists roles that can be granted on a Google Cloud resource. A role is + /// grantable if the IAM policy for the resource can contain bindings to the + /// role. + fn query_grantable_roles( + &self, + _req: crate::model::QueryGrantableRolesRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send + { + std::future::ready::>(Err( + Error::other("unimplemented"), + )) + } + + /// Lists every predefined [Role][google.iam.admin.v1.Role] that IAM supports, or every custom role + /// that is defined for an organization or project. + /// + /// [google.iam.admin.v1.Role]: crate::model::Role + fn list_roles( + &self, + _req: crate::model::ListRolesRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send + { + std::future::ready::>(Err(Error::other( + "unimplemented", + ))) + } + + /// Gets the definition of a [Role][google.iam.admin.v1.Role]. + /// + /// [google.iam.admin.v1.Role]: crate::model::Role + fn get_role( + &self, + _req: crate::model::GetRoleRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other("unimplemented"))) + } + + /// Creates a new custom [Role][google.iam.admin.v1.Role]. + /// + /// [google.iam.admin.v1.Role]: crate::model::Role + fn create_role( + &self, + _req: crate::model::CreateRoleRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other("unimplemented"))) + } + + /// Updates the definition of a custom [Role][google.iam.admin.v1.Role]. + /// + /// [google.iam.admin.v1.Role]: crate::model::Role + fn update_role( + &self, + _req: crate::model::UpdateRoleRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other("unimplemented"))) + } + + /// Deletes a custom [Role][google.iam.admin.v1.Role]. + /// + /// When you delete a custom role, the following changes occur immediately: + /// + /// * You cannot bind a principal to the custom role in an IAM + /// [Policy][google.iam.v1.Policy]. + /// * Existing bindings to the custom role are not changed, but they have no + /// effect. + /// * By default, the response from [ListRoles][google.iam.admin.v1.IAM.ListRoles] does not include the custom + /// role. + /// + /// You have 7 days to undelete the custom role. After 7 days, the following + /// changes occur: + /// + /// * The custom role is permanently deleted and cannot be recovered. + /// * If an IAM policy contains a binding to the custom role, the binding is + /// permanently removed. + /// + /// [google.iam.admin.v1.IAM.ListRoles]: crate::client::Iam::list_roles + /// [google.iam.admin.v1.Role]: crate::model::Role + /// [google.iam.v1.Policy]: iam_v1::model::Policy + fn delete_role( + &self, + _req: crate::model::DeleteRoleRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other("unimplemented"))) + } + + /// Undeletes a custom [Role][google.iam.admin.v1.Role]. + /// + /// [google.iam.admin.v1.Role]: crate::model::Role + fn undelete_role( + &self, + _req: crate::model::UndeleteRoleRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send { + std::future::ready::>(Err(Error::other("unimplemented"))) + } + + /// Lists every permission that you can test on a resource. A permission is + /// testable if you can check whether a principal has that permission on the + /// resource. + fn query_testable_permissions( + &self, + _req: crate::model::QueryTestablePermissionsRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future< + Output = crate::Result, + > + Send { + std::future::ready::>(Err( + Error::other("unimplemented"), + )) + } + + /// Returns a list of services that allow you to opt into audit logs that are + /// not generated by default. + /// + /// To learn more about audit logs, see the [Logging + /// documentation](https://cloud.google.com/logging/docs/audit). + fn query_auditable_services( + &self, + _req: crate::model::QueryAuditableServicesRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + + Send { + std::future::ready::>(Err( + Error::other("unimplemented"), + )) + } + + /// Lints, or validates, an IAM policy. Currently checks the + /// [google.iam.v1.Binding.condition][google.iam.v1.Binding.condition] field, which contains a condition + /// expression for a role binding. + /// + /// Successful calls to this method always return an HTTP `200 OK` status code, + /// even if the linter detects an issue in the IAM policy. + /// + /// [google.iam.v1.Binding.condition]: iam_v1::model::Binding::condition + fn lint_policy( + &self, + _req: crate::model::LintPolicyRequest, + _options: gax::options::RequestOptions, + ) -> impl std::future::Future> + Send + { + std::future::ready::>(Err(Error::other( + "unimplemented", + ))) + } +} diff --git a/src/generated/iam/admin/v1/src/transport.rs b/src/generated/iam/admin/v1/src/transport.rs new file mode 100755 index 000000000..c55ea0ad4 --- /dev/null +++ b/src/generated/iam/admin/v1/src/transport.rs @@ -0,0 +1,658 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by sidekick. DO NOT EDIT. + +use crate::Result; +#[allow(unused_imports)] +use gax::error::Error; + +/// Implements [Iam](crate::traits::Iam) using a [gax::http_client::ReqwestClient]. +#[derive(Clone)] +pub struct Iam { + inner: gax::http_client::ReqwestClient, +} + +impl std::fmt::Debug for Iam { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> { + f.debug_struct("Iam").field("inner", &self.inner).finish() + } +} + +impl Iam { + pub async fn new(config: gax::http_client::ClientConfig) -> Result { + let inner = gax::http_client::ReqwestClient::new(config, crate::DEFAULT_HOST).await?; + Ok(Self { inner }) + } +} + +impl crate::traits::Iam for Iam { + async fn list_service_accounts( + &self, + req: crate::model::ListServiceAccountsRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::GET.is_idempotent()); + let builder = self + .inner + .builder( + reqwest::Method::GET, + format!("/v1/{}/serviceAccounts", req.name), + ) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + let builder = builder.query(&[("pageSize", &req.page_size)]); + let builder = builder.query(&[("pageToken", &req.page_token)]); + self.inner + .execute(builder, None::, options) + .await + } + + async fn get_service_account( + &self, + req: crate::model::GetServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::GET.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::GET, format!("/v1/{}", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner + .execute(builder, None::, options) + .await + } + + async fn create_service_account( + &self, + req: crate::model::CreateServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder( + reqwest::Method::POST, + format!("/v1/{}/serviceAccounts", req.name), + ) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn update_service_account( + &self, + req: crate::model::ServiceAccount, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::PUT.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::PUT, format!("/v1/{}", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn patch_service_account( + &self, + req: crate::model::PatchServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::PATCH.is_idempotent()); + let builder = self + .inner + .builder( + reqwest::Method::PATCH, + format!( + "/v1/{}", + req.service_account + .as_ref() + .ok_or_else(|| gax::path_parameter::missing("service_account"))? + .name + ), + ) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn delete_service_account( + &self, + req: crate::model::DeleteServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::DELETE.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::DELETE, format!("/v1/{}", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner + .execute(builder, None::, options) + .await + } + + async fn undelete_service_account( + &self, + req: crate::model::UndeleteServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::POST, format!("/v1/{}:undelete", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn enable_service_account( + &self, + req: crate::model::EnableServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::POST, format!("/v1/{}:enable", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn disable_service_account( + &self, + req: crate::model::DisableServiceAccountRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::POST, format!("/v1/{}:disable", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn list_service_account_keys( + &self, + req: crate::model::ListServiceAccountKeysRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::GET.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::GET, format!("/v1/{}/keys", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + let builder = req.key_types.iter().fold(builder, |builder, p| { + builder.query(&[("keyTypes", p.value())]) + }); + self.inner + .execute(builder, None::, options) + .await + } + + async fn get_service_account_key( + &self, + req: crate::model::GetServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::GET.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::GET, format!("/v1/{}", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + let builder = builder.query(&[("publicKeyType", &req.public_key_type.value())]); + self.inner + .execute(builder, None::, options) + .await + } + + async fn create_service_account_key( + &self, + req: crate::model::CreateServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::POST, format!("/v1/{}/keys", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn upload_service_account_key( + &self, + req: crate::model::UploadServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder( + reqwest::Method::POST, + format!("/v1/{}/keys:upload", req.name), + ) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn delete_service_account_key( + &self, + req: crate::model::DeleteServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::DELETE.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::DELETE, format!("/v1/{}", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner + .execute(builder, None::, options) + .await + } + + async fn disable_service_account_key( + &self, + req: crate::model::DisableServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::POST, format!("/v1/{}:disable", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn enable_service_account_key( + &self, + req: crate::model::EnableServiceAccountKeyRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::POST, format!("/v1/{}:enable", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn sign_blob( + &self, + req: crate::model::SignBlobRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::POST, format!("/v1/{}:signBlob", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn sign_jwt( + &self, + req: crate::model::SignJwtRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::POST, format!("/v1/{}:signJwt", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn get_iam_policy( + &self, + req: iam_v1::model::GetIamPolicyRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder( + reqwest::Method::POST, + format!("/v1/{}:getIamPolicy", req.resource), + ) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + let builder = req + .options + .as_ref() + .map(|p| serde_json::to_value(p).map_err(Error::serde)) + .transpose()? + .into_iter() + .fold(builder, |builder, v| { + use gax::query_parameter::QueryParameter; + v.add(builder, "options") + }); + self.inner + .execute(builder, None::, options) + .await + } + + async fn set_iam_policy( + &self, + req: iam_v1::model::SetIamPolicyRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder( + reqwest::Method::POST, + format!("/v1/{}:setIamPolicy", req.resource), + ) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn test_iam_permissions( + &self, + req: iam_v1::model::TestIamPermissionsRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder( + reqwest::Method::POST, + format!("/v1/{}:testIamPermissions", req.resource), + ) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn query_grantable_roles( + &self, + req: crate::model::QueryGrantableRolesRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder( + reqwest::Method::POST, + "/v1/roles:queryGrantableRoles".to_string(), + ) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn list_roles( + &self, + req: crate::model::ListRolesRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::GET.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::GET, "/v1/roles".to_string()) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + let builder = builder.query(&[("parent", &req.parent)]); + let builder = builder.query(&[("pageSize", &req.page_size)]); + let builder = builder.query(&[("pageToken", &req.page_token)]); + let builder = builder.query(&[("view", &req.view.value())]); + let builder = builder.query(&[("showDeleted", &req.show_deleted)]); + self.inner + .execute(builder, None::, options) + .await + } + + async fn get_role( + &self, + req: crate::model::GetRoleRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::GET.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::GET, format!("/v1/{}", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner + .execute(builder, None::, options) + .await + } + + async fn create_role( + &self, + req: crate::model::CreateRoleRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::POST, format!("/v1/{}/roles", req.parent)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn update_role( + &self, + req: crate::model::UpdateRoleRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::PATCH.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::PATCH, format!("/v1/{}", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + let builder = req + .update_mask + .as_ref() + .map(|p| serde_json::to_value(p).map_err(Error::serde)) + .transpose()? + .into_iter() + .fold(builder, |builder, v| { + use gax::query_parameter::QueryParameter; + v.add(builder, "updateMask") + }); + self.inner.execute(builder, Some(req.role), options).await + } + + async fn delete_role( + &self, + req: crate::model::DeleteRoleRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::DELETE.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::DELETE, format!("/v1/{}", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + let builder = builder.query(&[("etag", &req.etag)]); + self.inner + .execute(builder, None::, options) + .await + } + + async fn undelete_role( + &self, + req: crate::model::UndeleteRoleRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder(reqwest::Method::POST, format!("/v1/{}:undelete", req.name)) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn query_testable_permissions( + &self, + req: crate::model::QueryTestablePermissionsRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder( + reqwest::Method::POST, + "/v1/permissions:queryTestablePermissions".to_string(), + ) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn query_auditable_services( + &self, + req: crate::model::QueryAuditableServicesRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder( + reqwest::Method::POST, + "/v1/iamPolicies:queryAuditableServices".to_string(), + ) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } + + async fn lint_policy( + &self, + req: crate::model::LintPolicyRequest, + options: gax::options::RequestOptions, + ) -> Result { + let options = options.set_default_idempotency(reqwest::Method::POST.is_idempotent()); + let builder = self + .inner + .builder( + reqwest::Method::POST, + "/v1/iamPolicies:lintPolicy".to_string(), + ) + .query(&[("alt", "json")]) + .header( + "x-goog-api-client", + reqwest::header::HeaderValue::from_static(&crate::info::X_GOOG_API_CLIENT_HEADER), + ); + self.inner.execute(builder, Some(req), options).await + } +}