// Copyright 2024 Google LLC. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. // Code generated file. DO NOT EDIT. // Package bigquerydatapolicy provides access to the BigQuery Data Policy API. // // For product documentation, see: https://cloud.google.com/bigquery/docs/column-data-masking // // # Library status // // These client libraries are officially supported by Google. However, this // library is considered complete and is in maintenance mode. This means // that we will address critical bugs and security issues but will not add // any new features. // // When possible, we recommend using our newer // [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go) // that are still actively being worked and iterated on. // // # Creating a client // // Usage example: // // import "google.golang.org/api/bigquerydatapolicy/v1" // ... // ctx := context.Background() // bigquerydatapolicyService, err := bigquerydatapolicy.NewService(ctx) // // In this example, Google Application Default Credentials are used for // authentication. For information on how to create and obtain Application // Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials. // // # Other authentication options // // By default, all available scopes (see "Constants") are used to authenticate. // To restrict scopes, use [google.golang.org/api/option.WithScopes]: // // bigquerydatapolicyService, err := bigquerydatapolicy.NewService(ctx, option.WithScopes(bigquerydatapolicy.CloudPlatformScope)) // // To use an API key for authentication (note: some APIs do not support API // keys), use [google.golang.org/api/option.WithAPIKey]: // // bigquerydatapolicyService, err := bigquerydatapolicy.NewService(ctx, option.WithAPIKey("AIza...")) // // To use an OAuth token (e.g., a user token obtained via a three-legged OAuth // flow, use [google.golang.org/api/option.WithTokenSource]: // // config := &oauth2.Config{...} // // ... // token, err := config.Exchange(ctx, ...) // bigquerydatapolicyService, err := bigquerydatapolicy.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token))) // // See [google.golang.org/api/option.ClientOption] for details on options. package bigquerydatapolicy // import "google.golang.org/api/bigquerydatapolicy/v1" import ( "bytes" "context" "encoding/json" "errors" "fmt" "io" "net/http" "net/url" "strconv" "strings" googleapi "google.golang.org/api/googleapi" internal "google.golang.org/api/internal" gensupport "google.golang.org/api/internal/gensupport" option "google.golang.org/api/option" internaloption "google.golang.org/api/option/internaloption" htransport "google.golang.org/api/transport/http" ) // Always reference these packages, just in case the auto-generated code // below doesn't. var _ = bytes.NewBuffer var _ = strconv.Itoa var _ = fmt.Sprintf var _ = json.NewDecoder var _ = io.Copy var _ = url.Parse var _ = gensupport.MarshalJSON var _ = googleapi.Version var _ = errors.New var _ = strings.Replace var _ = context.Canceled var _ = internaloption.WithDefaultEndpoint var _ = internal.Version const apiId = "bigquerydatapolicy:v1" const apiName = "bigquerydatapolicy" const apiVersion = "v1" const basePath = "https://bigquerydatapolicy.googleapis.com/" const basePathTemplate = "https://bigquerydatapolicy.UNIVERSE_DOMAIN/" const mtlsBasePath = "https://bigquerydatapolicy.mtls.googleapis.com/" // OAuth2 scopes used by this API. const ( // View and manage your data in Google BigQuery and see the email address for // your Google Account BigqueryScope = "https://www.googleapis.com/auth/bigquery" // See, edit, configure, and delete your Google Cloud data and see the email // address for your Google Account. CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform" ) // NewService creates a new Service. func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) { scopesOption := internaloption.WithDefaultScopes( "https://www.googleapis.com/auth/bigquery", "https://www.googleapis.com/auth/cloud-platform", ) // NOTE: prepend, so we don't override user-specified scopes. opts = append([]option.ClientOption{scopesOption}, opts...) opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) opts = append(opts, internaloption.WithDefaultEndpointTemplate(basePathTemplate)) opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) opts = append(opts, internaloption.EnableNewAuthLibrary()) client, endpoint, err := htransport.NewClient(ctx, opts...) if err != nil { return nil, err } s, err := New(client) if err != nil { return nil, err } if endpoint != "" { s.BasePath = endpoint } return s, nil } // New creates a new Service. It uses the provided http.Client for requests. // // Deprecated: please use NewService instead. // To provide a custom HTTP client, use option.WithHTTPClient. // If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead. func New(client *http.Client) (*Service, error) { if client == nil { return nil, errors.New("client is nil") } s := &Service{client: client, BasePath: basePath} s.Projects = NewProjectsService(s) return s, nil } type Service struct { client *http.Client BasePath string // API endpoint base URL UserAgent string // optional additional User-Agent fragment Projects *ProjectsService } func (s *Service) userAgent() string { if s.UserAgent == "" { return googleapi.UserAgent } return googleapi.UserAgent + " " + s.UserAgent } func NewProjectsService(s *Service) *ProjectsService { rs := &ProjectsService{s: s} rs.Locations = NewProjectsLocationsService(s) return rs } type ProjectsService struct { s *Service Locations *ProjectsLocationsService } func NewProjectsLocationsService(s *Service) *ProjectsLocationsService { rs := &ProjectsLocationsService{s: s} rs.DataPolicies = NewProjectsLocationsDataPoliciesService(s) return rs } type ProjectsLocationsService struct { s *Service DataPolicies *ProjectsLocationsDataPoliciesService } func NewProjectsLocationsDataPoliciesService(s *Service) *ProjectsLocationsDataPoliciesService { rs := &ProjectsLocationsDataPoliciesService{s: s} return rs } type ProjectsLocationsDataPoliciesService struct { s *Service } // AuditConfig: Specifies the audit configuration for a service. The // configuration determines which permission types are logged, and what // identities, if any, are exempted from logging. An AuditConfig must have one // or more AuditLogConfigs. If there are AuditConfigs for both `allServices` // and a specific service, the union of the two AuditConfigs is used for that // service: the log_types specified in each AuditConfig are enabled, and the // exempted_members in each AuditLogConfig are exempted. Example Policy with // multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", // "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ // "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": // "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", // "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": // "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For // sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ // logging. It also exempts `jose@example.com` from DATA_READ logging, and // `aliya@example.com` from DATA_WRITE logging. type AuditConfig struct { // AuditLogConfigs: The configuration for logging of each type of permission. AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"` // Service: Specifies a service that will be enabled for audit logging. For // example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` // is a special value that covers all services. Service string `json:"service,omitempty"` // ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "AuditLogConfigs") to include in // API requests with the JSON null value. By default, fields with empty values // are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } func (s *AuditConfig) MarshalJSON() ([]byte, error) { type NoMethod AuditConfig return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } // AuditLogConfig: Provides the configuration for logging a type of // permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", // "exempted_members": [ "user:jose@example.com" ] }, { "log_type": // "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while // exempting jose@example.com from DATA_READ logging. type AuditLogConfig struct { // ExemptedMembers: Specifies the identities that do not cause logging for this // type of permission. Follows the same format of Binding.members. ExemptedMembers []string `json:"exemptedMembers,omitempty"` // LogType: The log type that this config enables. // // Possible values: // "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this. // "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy // "DATA_WRITE" - Data writes. Example: CloudSQL Users create // "DATA_READ" - Data reads. Example: CloudSQL Users list LogType string `json:"logType,omitempty"` // ForceSendFields is a list of field names (e.g. "ExemptedMembers") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "ExemptedMembers") to include in // API requests with the JSON null value. By default, fields with empty values // are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { type NoMethod AuditLogConfig return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } // Binding: Associates `members`, or principals, with a `role`. type Binding struct { // Condition: The condition that is associated with this binding. If the // condition evaluates to `true`, then this binding applies to the current // request. If the condition evaluates to `false`, then this binding does not // apply to the current request. However, a different role binding might grant // the same role to one or more of the principals in this binding. To learn // which resources support conditions in their IAM policies, see the IAM // documentation // (https://cloud.google.com/iam/help/conditions/resource-policies). Condition *Expr `json:"condition,omitempty"` // Members: Specifies the principals requesting access for a Google Cloud // resource. `members` can have the following values: * `allUsers`: A special // identifier that represents anyone who is on the internet; with or without a // Google account. * `allAuthenticatedUsers`: A special identifier that // represents anyone who is authenticated with a Google account or a service // account. Does not include identities that come from external identity // providers (IdPs) through identity federation. * `user:{emailid}`: An email // address that represents a specific Google account. For example, // `alice@example.com` . * `serviceAccount:{emailid}`: An email address that // represents a Google service account. For example, // `my-other-app@appspot.gserviceaccount.com`. * // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An // identifier for a Kubernetes service account // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * // `group:{emailid}`: An email address that represents a Google group. For // example, `admins@example.com`. * `domain:{domain}`: The G Suite domain // (primary) that represents all the users of that domain. For example, // `google.com` or `example.com`. * // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/sub // ject/{subject_attribute_value}`: A single identity in a workforce identity // pool. * // `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/ // group/{group_id}`: All workforce identities in a group. * // `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/ // attribute.{attribute_name}/{attribute_value}`: All workforce identities with // a specific attribute value. * // `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/ // *`: All identities in a workforce identity pool. * // `principal://iam.googleapis.com/projects/{project_number}/locations/global/wo // rkloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single // identity in a workload identity pool. * // `principalSet://iam.googleapis.com/projects/{project_number}/locations/global // /workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool // group. * // `principalSet://iam.googleapis.com/projects/{project_number}/locations/global // /workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value} // `: All identities in a workload identity pool with a certain attribute. * // `principalSet://iam.googleapis.com/projects/{project_number}/locations/global // /workloadIdentityPools/{pool_id}/*`: All identities in a workload identity // pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus // unique identifier) representing a user that has been recently deleted. For // example, `alice@example.com?uid=123456789012345678901`. If the user is // recovered, this value reverts to `user:{emailid}` and the recovered user // retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus // unique identifier) representing a service account that has been recently // deleted. For example, // `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the // service account is undeleted, this value reverts to // `serviceAccount:{emailid}` and the undeleted service account retains the // role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email // address (plus unique identifier) representing a Google group that has been // recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is recovered, // this value reverts to `group:{emailid}` and the recovered group retains the // role in the binding. * // `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool // _id}/subject/{subject_attribute_value}`: Deleted single identity in a // workforce identity pool. For example, // `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-po // ol-id/subject/my-subject-attribute-value`. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. For // example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an overview // of the IAM roles and permissions, see the IAM documentation // (https://cloud.google.com/iam/docs/roles-overview). For a list of the // available pre-defined roles, see here // (https://cloud.google.com/iam/docs/understanding-roles). Role string `json:"role,omitempty"` // ForceSendFields is a list of field names (e.g. "Condition") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "Condition") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } func (s *Binding) MarshalJSON() ([]byte, error) { type NoMethod Binding return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } // DataMaskingPolicy: The data masking policy that is used to specify data // masking rule. type DataMaskingPolicy struct { // PredefinedExpression: A predefined masking expression. // // Possible values: // "PREDEFINED_EXPRESSION_UNSPECIFIED" - Default, unspecified predefined // expression. No masking will take place since no expression is specified. // "SHA256" - Masking expression to replace data with SHA-256 hash. // "ALWAYS_NULL" - Masking expression to replace data with NULLs. // "DEFAULT_MASKING_VALUE" - Masking expression to replace data with their // default masking values. The default masking values for each type listed as // below: * STRING: "" * BYTES: b'' * INTEGER: 0 * FLOAT: 0.0 * NUMERIC: 0 * // BOOLEAN: FALSE * TIMESTAMP: 1970-01-01 00:00:00 UTC * DATE: 1970-01-01 * // TIME: 00:00:00 * DATETIME: 1970-01-01T00:00:00 * GEOGRAPHY: POINT(0 0) * // BIGNUMERIC: 0 * ARRAY: [] * STRUCT: NOT_APPLICABLE * JSON: NULL // "LAST_FOUR_CHARACTERS" - Masking expression shows the last four characters // of text. The masking behavior is as follows: * If text length > 4 // characters: Replace text with XXXXX, append last four characters of original // text. * If text length <= 4 characters: Apply SHA-256 hash. // "FIRST_FOUR_CHARACTERS" - Masking expression shows the first four // characters of text. The masking behavior is as follows: * If text length > 4 // characters: Replace text with XXXXX, prepend first four characters of // original text. * If text length <= 4 characters: Apply SHA-256 hash. // "EMAIL_MASK" - Masking expression for email addresses. The masking // behavior is as follows: * Syntax-valid email address: Replace username with // XXXXX. For example, cloudysanfrancisco@gmail.com becomes XXXXX@gmail.com. * // Syntax-invalid email address: Apply SHA-256 hash. For more information, see // Email mask. // "DATE_YEAR_MASK" - Masking expression to only show the *year* of `Date`, // `DateTime` and `TimeStamp`. For example, with the year 2076: * DATE : // 2076-01-01 * DATETIME : 2076-01-01T00:00:00 * TIMESTAMP : 2076-01-01 // 00:00:00 UTC Truncation occurs according to the UTC time zone. To change // this, adjust the default time zone using the `time_zone` system variable. // For more information, see the System variables reference. PredefinedExpression string `json:"predefinedExpression,omitempty"` // Routine: The name of the BigQuery routine that contains the custom masking // routine, in the format of // `projects/{project_number}/datasets/{dataset_id}/routines/{routine_id}`. Routine string `json:"routine,omitempty"` // ForceSendFields is a list of field names (e.g. "PredefinedExpression") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "PredefinedExpression") to include // in API requests with the JSON null value. By default, fields with empty // values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } func (s *DataMaskingPolicy) MarshalJSON() ([]byte, error) { type NoMethod DataMaskingPolicy return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } // DataPolicy: Represents the label-policy binding. type DataPolicy struct { // DataMaskingPolicy: The data masking policy that specifies the data masking // rule to use. DataMaskingPolicy *DataMaskingPolicy `json:"dataMaskingPolicy,omitempty"` // DataPolicyId: User-assigned (human readable) ID of the data policy that // needs to be unique within a project. Used as {data_policy_id} in part of the // resource name. DataPolicyId string `json:"dataPolicyId,omitempty"` // DataPolicyType: Type of data policy. // // Possible values: // "DATA_POLICY_TYPE_UNSPECIFIED" - Default value for the data policy type. // This should not be used. // "COLUMN_LEVEL_SECURITY_POLICY" - Used to create a data policy for // column-level security, without data masking. // "DATA_MASKING_POLICY" - Used to create a data policy for data masking. DataPolicyType string `json:"dataPolicyType,omitempty"` // Name: Output only. Resource name of this data policy, in the format of // `projects/{project_number}/locations/{location_id}/dataPolicies/{data_policy_ // id}`. Name string `json:"name,omitempty"` // PolicyTag: Policy tag resource name, in the format of // `projects/{project_number}/locations/{location_id}/taxonomies/{taxonomy_id}/p // olicyTags/{policyTag_id}`. PolicyTag string `json:"policyTag,omitempty"` // ServerResponse contains the HTTP response code and headers from the server. googleapi.ServerResponse `json:"-"` // ForceSendFields is a list of field names (e.g. "DataMaskingPolicy") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "DataMaskingPolicy") to include in // API requests with the JSON null value. By default, fields with empty values // are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } func (s *DataPolicy) MarshalJSON() ([]byte, error) { type NoMethod DataPolicy return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } // Empty: A generic empty message that you can re-use to avoid defining // duplicated empty messages in your APIs. A typical example is to use it as // the request or the response type of an API method. For instance: service Foo // { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } type Empty struct { // ServerResponse contains the HTTP response code and headers from the server. googleapi.ServerResponse `json:"-"` } // Expr: Represents a textual expression in the Common Expression Language // (CEL) syntax. CEL is a C-like expression language. The syntax and semantics // of CEL are documented at https://github.com/google/cel-spec. Example // (Comparison): title: "Summary size limit" description: "Determines if a // summary is less than 100 chars" expression: "document.summary.size() < 100" // Example (Equality): title: "Requestor is owner" description: "Determines if // requestor is the document owner" expression: "document.owner == // request.auth.claims.email" Example (Logic): title: "Public documents" // description: "Determine whether the document should be publicly visible" // expression: "document.type != 'private' && document.type != 'internal'" // Example (Data Manipulation): title: "Notification string" description: // "Create a notification string with a timestamp." expression: "'New message // received at ' + string(document.create_time)" The exact variables and // functions that may be referenced within an expression are determined by the // service that evaluates it. See the service documentation for additional // information. type Expr struct { // Description: Optional. Description of the expression. This is a longer text // which describes the expression, e.g. when hovered over it in a UI. Description string `json:"description,omitempty"` // Expression: Textual representation of an expression in Common Expression // Language syntax. Expression string `json:"expression,omitempty"` // Location: Optional. String indicating the location of the expression for // error reporting, e.g. a file name and a position in the file. Location string `json:"location,omitempty"` // Title: Optional. Title for the expression, i.e. a short string describing // its purpose. This can be used e.g. in UIs which allow to enter the // expression. Title string `json:"title,omitempty"` // ForceSendFields is a list of field names (e.g. "Description") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "Description") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } func (s *Expr) MarshalJSON() ([]byte, error) { type NoMethod Expr return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } // GetIamPolicyRequest: Request message for `GetIamPolicy` method. type GetIamPolicyRequest struct { // Options: OPTIONAL: A `GetPolicyOptions` object for specifying options to // `GetIamPolicy`. Options *GetPolicyOptions `json:"options,omitempty"` // ForceSendFields is a list of field names (e.g. "Options") to unconditionally // include in API requests. By default, fields with empty or default values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "Options") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } func (s *GetIamPolicyRequest) MarshalJSON() ([]byte, error) { type NoMethod GetIamPolicyRequest return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } // GetPolicyOptions: Encapsulates settings provided to GetIamPolicy. type GetPolicyOptions struct { // RequestedPolicyVersion: Optional. The maximum policy version that will be // used to format the policy. Valid values are 0, 1, and 3. Requests specifying // an invalid value will be rejected. Requests for policies with any // conditional role bindings must specify version 3. Policies with no // conditional role bindings may specify any valid value or leave the field // unset. The policy in the response might use the policy version that you // specified, or it might use a lower policy version. For example, if you // specify version 3, but the policy has no conditional role bindings, the // response uses version 1. To learn which resources support conditions in // their IAM policies, see the IAM documentation // (https://cloud.google.com/iam/help/conditions/resource-policies). RequestedPolicyVersion int64 `json:"requestedPolicyVersion,omitempty"` // ForceSendFields is a list of field names (e.g. "RequestedPolicyVersion") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "RequestedPolicyVersion") to // include in API requests with the JSON null value. By default, fields with // empty values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } func (s *GetPolicyOptions) MarshalJSON() ([]byte, error) { type NoMethod GetPolicyOptions return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } // ListDataPoliciesResponse: Response message for the ListDataPolicies method. type ListDataPoliciesResponse struct { // DataPolicies: Data policies that belong to the requested project. DataPolicies []*DataPolicy `json:"dataPolicies,omitempty"` // NextPageToken: Token used to retrieve the next page of results, or empty if // there are no more results. NextPageToken string `json:"nextPageToken,omitempty"` // ServerResponse contains the HTTP response code and headers from the server. googleapi.ServerResponse `json:"-"` // ForceSendFields is a list of field names (e.g. "DataPolicies") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "DataPolicies") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } func (s *ListDataPoliciesResponse) MarshalJSON() ([]byte, error) { type NoMethod ListDataPoliciesResponse return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } // Policy: An Identity and Access Management (IAM) policy, which specifies // access controls for Google Cloud resources. A `Policy` is a collection of // `bindings`. A `binding` binds one or more `members`, or principals, to a // single `role`. Principals can be user accounts, service accounts, Google // groups, and domains (such as G Suite). A `role` is a named list of // permissions; each `role` can be an IAM predefined role or a user-created // custom role. For some types of Google Cloud resources, a `binding` can also // specify a `condition`, which is a logical expression that allows access to a // resource only if the expression evaluates to `true`. A condition can add // constraints based on attributes of the request, the resource, or both. To // learn which resources support conditions in their IAM policies, see the IAM // documentation // (https://cloud.google.com/iam/help/conditions/resource-policies). **JSON // example:** ``` { "bindings": [ { "role": // "roles/resourcemanager.organizationAdmin", "members": [ // "user:mike@example.com", "group:admins@example.com", "domain:google.com", // "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": // "roles/resourcemanager.organizationViewer", "members": [ // "user:eve@example.com" ], "condition": { "title": "expirable access", // "description": "Does not grant access after Sep 2020", "expression": // "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": // "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - // members: - user:mike@example.com - group:admins@example.com - // domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com // role: roles/resourcemanager.organizationAdmin - members: - // user:eve@example.com role: roles/resourcemanager.organizationViewer // condition: title: expirable access description: Does not grant access after // Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') // etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, // see the IAM documentation (https://cloud.google.com/iam/docs/). type Policy struct { // AuditConfigs: Specifies cloud audit logging configuration for this policy. AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"` // Bindings: Associates a list of `members`, or principals, with a `role`. // Optionally, may specify a `condition` that determines how and when the // `bindings` are applied. Each of the `bindings` must contain at least one // principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; // up to 250 of these principals can be Google groups. Each occurrence of a // principal counts towards these limits. For example, if the `bindings` grant // 50 different roles to `user:alice@example.com`, and not to any other // principal, then you can add another 1,450 principals to the `bindings` in // the `Policy`. Bindings []*Binding `json:"bindings,omitempty"` // Etag: `etag` is used for optimistic concurrency control as a way to help // prevent simultaneous updates of a policy from overwriting each other. It is // strongly suggested that systems make use of the `etag` in the // read-modify-write cycle to perform policy updates in order to avoid race // conditions: An `etag` is returned in the response to `getIamPolicy`, and // systems are expected to put that etag in the request to `setIamPolicy` to // ensure that their change will be applied to the same version of the policy. // **Important:** If you use IAM Conditions, you must include the `etag` field // whenever you call `setIamPolicy`. If you omit this field, then IAM allows // you to overwrite a version `3` policy with a version `1` policy, and all of // the conditions in the version `3` policy are lost. Etag string `json:"etag,omitempty"` // Version: Specifies the format of the policy. Valid values are `0`, `1`, and // `3`. Requests that specify an invalid value are rejected. Any operation that // affects conditional role bindings must specify version `3`. This requirement // applies to the following operations: * Getting a policy that includes a // conditional role binding * Adding a conditional role binding to a policy * // Changing a conditional role binding in a policy * Removing any role binding, // with or without a condition, from a policy that includes conditions // **Important:** If you use IAM Conditions, you must include the `etag` field // whenever you call `setIamPolicy`. If you omit this field, then IAM allows // you to overwrite a version `3` policy with a version `1` policy, and all of // the conditions in the version `3` policy are lost. If a policy does not // include any conditions, operations on that policy may specify any valid // version or leave the field unset. To learn which resources support // conditions in their IAM policies, see the IAM documentation // (https://cloud.google.com/iam/help/conditions/resource-policies). Version int64 `json:"version,omitempty"` // ServerResponse contains the HTTP response code and headers from the server. googleapi.ServerResponse `json:"-"` // ForceSendFields is a list of field names (e.g. "AuditConfigs") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "AuditConfigs") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } func (s *Policy) MarshalJSON() ([]byte, error) { type NoMethod Policy return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } // RenameDataPolicyRequest: Request message for the RenameDataPolicy method. type RenameDataPolicyRequest struct { // NewDataPolicyId: Required. The new data policy id. NewDataPolicyId string `json:"newDataPolicyId,omitempty"` // ForceSendFields is a list of field names (e.g. "NewDataPolicyId") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "NewDataPolicyId") to include in // API requests with the JSON null value. By default, fields with empty values // are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } func (s *RenameDataPolicyRequest) MarshalJSON() ([]byte, error) { type NoMethod RenameDataPolicyRequest return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } // SetIamPolicyRequest: Request message for `SetIamPolicy` method. type SetIamPolicyRequest struct { // Policy: REQUIRED: The complete policy to be applied to the `resource`. The // size of the policy is limited to a few 10s of KB. An empty policy is a valid // policy but certain Google Cloud services (such as Projects) might reject // them. Policy *Policy `json:"policy,omitempty"` // UpdateMask: OPTIONAL: A FieldMask specifying which fields of the policy to // modify. Only the fields in the mask will be modified. If no mask is // provided, the following default mask is used: `paths: "bindings, etag" UpdateMask string `json:"updateMask,omitempty"` // ForceSendFields is a list of field names (e.g. "Policy") to unconditionally // include in API requests. By default, fields with empty or default values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "Policy") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) { type NoMethod SetIamPolicyRequest return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } // TestIamPermissionsRequest: Request message for `TestIamPermissions` method. type TestIamPermissionsRequest struct { // Permissions: The set of permissions to check for the `resource`. Permissions // with wildcards (such as `*` or `storage.*`) are not allowed. For more // information see IAM Overview // (https://cloud.google.com/iam/docs/overview#permissions). Permissions []string `json:"permissions,omitempty"` // ForceSendFields is a list of field names (e.g. "Permissions") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "Permissions") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error) { type NoMethod TestIamPermissionsRequest return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } // TestIamPermissionsResponse: Response message for `TestIamPermissions` // method. type TestIamPermissionsResponse struct { // Permissions: A subset of `TestPermissionsRequest.permissions` that the // caller is allowed. Permissions []string `json:"permissions,omitempty"` // ServerResponse contains the HTTP response code and headers from the server. googleapi.ServerResponse `json:"-"` // ForceSendFields is a list of field names (e.g. "Permissions") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "Permissions") to include in API // requests with the JSON null value. By default, fields with empty values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` } func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) { type NoMethod TestIamPermissionsResponse return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) } type ProjectsLocationsDataPoliciesCreateCall struct { s *Service parent string datapolicy *DataPolicy urlParams_ gensupport.URLParams ctx_ context.Context header_ http.Header } // Create: Creates a new data policy under a project with the given // `dataPolicyId` (used as the display name), policy tag, and data policy type. // // - parent: Resource name of the project that the data policy will belong to. // The format is `projects/{project_number}/locations/{location_id}`. func (r *ProjectsLocationsDataPoliciesService) Create(parent string, datapolicy *DataPolicy) *ProjectsLocationsDataPoliciesCreateCall { c := &ProjectsLocationsDataPoliciesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.parent = parent c.datapolicy = datapolicy return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. func (c *ProjectsLocationsDataPoliciesCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsDataPoliciesCreateCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } // Context sets the context to be used in this call's Do method. func (c *ProjectsLocationsDataPoliciesCreateCall) Context(ctx context.Context) *ProjectsLocationsDataPoliciesCreateCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. func (c *ProjectsLocationsDataPoliciesCreateCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } func (c *ProjectsLocationsDataPoliciesCreateCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) var body io.Reader = nil body, err := googleapi.WithoutDataWrapper.JSONReader(c.datapolicy) if err != nil { return nil, err } c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/dataPolicies") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("POST", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ "parent": c.parent, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } // Do executes the "bigquerydatapolicy.projects.locations.dataPolicies.create" call. // Any non-2xx status code is an error. Response headers are in either // *DataPolicy.ServerResponse.Header or (if a response was returned at all) in // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check // whether the returned error was because http.StatusNotModified was returned. func (c *ProjectsLocationsDataPoliciesCreateCall) Do(opts ...googleapi.CallOption) (*DataPolicy, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { if res.Body != nil { res.Body.Close() } return nil, gensupport.WrapError(&googleapi.Error{ Code: res.StatusCode, Header: res.Header, }) } if err != nil { return nil, err } defer googleapi.CloseBody(res) if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } ret := &DataPolicy{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, }, } target := &ret if err := gensupport.DecodeResponse(target, res); err != nil { return nil, err } return ret, nil } type ProjectsLocationsDataPoliciesDeleteCall struct { s *Service name string urlParams_ gensupport.URLParams ctx_ context.Context header_ http.Header } // Delete: Deletes the data policy specified by its resource name. // // - name: Resource name of the data policy to delete. Format is // `projects/{project_number}/locations/{location_id}/dataPolicies/{data_polic // y_id}`. func (r *ProjectsLocationsDataPoliciesService) Delete(name string) *ProjectsLocationsDataPoliciesDeleteCall { c := &ProjectsLocationsDataPoliciesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.name = name return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. func (c *ProjectsLocationsDataPoliciesDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsDataPoliciesDeleteCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } // Context sets the context to be used in this call's Do method. func (c *ProjectsLocationsDataPoliciesDeleteCall) Context(ctx context.Context) *ProjectsLocationsDataPoliciesDeleteCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. func (c *ProjectsLocationsDataPoliciesDeleteCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } func (c *ProjectsLocationsDataPoliciesDeleteCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("DELETE", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ "name": c.name, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } // Do executes the "bigquerydatapolicy.projects.locations.dataPolicies.delete" call. // Any non-2xx status code is an error. Response headers are in either // *Empty.ServerResponse.Header or (if a response was returned at all) in // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check // whether the returned error was because http.StatusNotModified was returned. func (c *ProjectsLocationsDataPoliciesDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { if res.Body != nil { res.Body.Close() } return nil, gensupport.WrapError(&googleapi.Error{ Code: res.StatusCode, Header: res.Header, }) } if err != nil { return nil, err } defer googleapi.CloseBody(res) if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } ret := &Empty{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, }, } target := &ret if err := gensupport.DecodeResponse(target, res); err != nil { return nil, err } return ret, nil } type ProjectsLocationsDataPoliciesGetCall struct { s *Service name string urlParams_ gensupport.URLParams ifNoneMatch_ string ctx_ context.Context header_ http.Header } // Get: Gets the data policy specified by its resource name. // // - name: Resource name of the requested data policy. Format is // `projects/{project_number}/locations/{location_id}/dataPolicies/{data_polic // y_id}`. func (r *ProjectsLocationsDataPoliciesService) Get(name string) *ProjectsLocationsDataPoliciesGetCall { c := &ProjectsLocationsDataPoliciesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.name = name return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. func (c *ProjectsLocationsDataPoliciesGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsDataPoliciesGetCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } // IfNoneMatch sets an optional parameter which makes the operation fail if the // object's ETag matches the given value. This is useful for getting updates // only after the object has changed since the last request. func (c *ProjectsLocationsDataPoliciesGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsDataPoliciesGetCall { c.ifNoneMatch_ = entityTag return c } // Context sets the context to be used in this call's Do method. func (c *ProjectsLocationsDataPoliciesGetCall) Context(ctx context.Context) *ProjectsLocationsDataPoliciesGetCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. func (c *ProjectsLocationsDataPoliciesGetCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } func (c *ProjectsLocationsDataPoliciesGetCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) if c.ifNoneMatch_ != "" { reqHeaders.Set("If-None-Match", c.ifNoneMatch_) } var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("GET", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ "name": c.name, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } // Do executes the "bigquerydatapolicy.projects.locations.dataPolicies.get" call. // Any non-2xx status code is an error. Response headers are in either // *DataPolicy.ServerResponse.Header or (if a response was returned at all) in // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check // whether the returned error was because http.StatusNotModified was returned. func (c *ProjectsLocationsDataPoliciesGetCall) Do(opts ...googleapi.CallOption) (*DataPolicy, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { if res.Body != nil { res.Body.Close() } return nil, gensupport.WrapError(&googleapi.Error{ Code: res.StatusCode, Header: res.Header, }) } if err != nil { return nil, err } defer googleapi.CloseBody(res) if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } ret := &DataPolicy{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, }, } target := &ret if err := gensupport.DecodeResponse(target, res); err != nil { return nil, err } return ret, nil } type ProjectsLocationsDataPoliciesGetIamPolicyCall struct { s *Service resource string getiampolicyrequest *GetIamPolicyRequest urlParams_ gensupport.URLParams ctx_ context.Context header_ http.Header } // GetIamPolicy: Gets the IAM policy for the specified data policy. // // - resource: REQUIRED: The resource for which the policy is being requested. // See Resource names (https://cloud.google.com/apis/design/resource_names) // for the appropriate value for this field. func (r *ProjectsLocationsDataPoliciesService) GetIamPolicy(resource string, getiampolicyrequest *GetIamPolicyRequest) *ProjectsLocationsDataPoliciesGetIamPolicyCall { c := &ProjectsLocationsDataPoliciesGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.resource = resource c.getiampolicyrequest = getiampolicyrequest return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. func (c *ProjectsLocationsDataPoliciesGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsDataPoliciesGetIamPolicyCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } // Context sets the context to be used in this call's Do method. func (c *ProjectsLocationsDataPoliciesGetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsDataPoliciesGetIamPolicyCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. func (c *ProjectsLocationsDataPoliciesGetIamPolicyCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } func (c *ProjectsLocationsDataPoliciesGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) var body io.Reader = nil body, err := googleapi.WithoutDataWrapper.JSONReader(c.getiampolicyrequest) if err != nil { return nil, err } c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("POST", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ "resource": c.resource, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } // Do executes the "bigquerydatapolicy.projects.locations.dataPolicies.getIamPolicy" call. // Any non-2xx status code is an error. Response headers are in either // *Policy.ServerResponse.Header or (if a response was returned at all) in // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check // whether the returned error was because http.StatusNotModified was returned. func (c *ProjectsLocationsDataPoliciesGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { if res.Body != nil { res.Body.Close() } return nil, gensupport.WrapError(&googleapi.Error{ Code: res.StatusCode, Header: res.Header, }) } if err != nil { return nil, err } defer googleapi.CloseBody(res) if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } ret := &Policy{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, }, } target := &ret if err := gensupport.DecodeResponse(target, res); err != nil { return nil, err } return ret, nil } type ProjectsLocationsDataPoliciesListCall struct { s *Service parent string urlParams_ gensupport.URLParams ifNoneMatch_ string ctx_ context.Context header_ http.Header } // List: List all of the data policies in the specified parent project. // // - parent: Resource name of the project for which to list data policies. // Format is `projects/{project_number}/locations/{location_id}`. func (r *ProjectsLocationsDataPoliciesService) List(parent string) *ProjectsLocationsDataPoliciesListCall { c := &ProjectsLocationsDataPoliciesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.parent = parent return c } // Filter sets the optional parameter "filter": Filters the data policies by // policy tags that they are associated with. Currently filter only supports // "policy_tag" based filtering and OR based predicates. Sample filter can be // "policy_tag: projects/1/locations/us/taxonomies/2/policyTags/3". You may // also use wildcard such as "policy_tag: // projects/1/locations/us/taxonomies/2*". Please note that OR predicates // cannot be used with wildcard filters. func (c *ProjectsLocationsDataPoliciesListCall) Filter(filter string) *ProjectsLocationsDataPoliciesListCall { c.urlParams_.Set("filter", filter) return c } // PageSize sets the optional parameter "pageSize": The maximum number of data // policies to return. Must be a value between 1 and 1000. If not set, defaults // to 50. func (c *ProjectsLocationsDataPoliciesListCall) PageSize(pageSize int64) *ProjectsLocationsDataPoliciesListCall { c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) return c } // PageToken sets the optional parameter "pageToken": The `nextPageToken` value // returned from a previous list request, if any. If not set, defaults to an // empty string. func (c *ProjectsLocationsDataPoliciesListCall) PageToken(pageToken string) *ProjectsLocationsDataPoliciesListCall { c.urlParams_.Set("pageToken", pageToken) return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. func (c *ProjectsLocationsDataPoliciesListCall) Fields(s ...googleapi.Field) *ProjectsLocationsDataPoliciesListCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } // IfNoneMatch sets an optional parameter which makes the operation fail if the // object's ETag matches the given value. This is useful for getting updates // only after the object has changed since the last request. func (c *ProjectsLocationsDataPoliciesListCall) IfNoneMatch(entityTag string) *ProjectsLocationsDataPoliciesListCall { c.ifNoneMatch_ = entityTag return c } // Context sets the context to be used in this call's Do method. func (c *ProjectsLocationsDataPoliciesListCall) Context(ctx context.Context) *ProjectsLocationsDataPoliciesListCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. func (c *ProjectsLocationsDataPoliciesListCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } func (c *ProjectsLocationsDataPoliciesListCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) if c.ifNoneMatch_ != "" { reqHeaders.Set("If-None-Match", c.ifNoneMatch_) } var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/dataPolicies") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("GET", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ "parent": c.parent, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } // Do executes the "bigquerydatapolicy.projects.locations.dataPolicies.list" call. // Any non-2xx status code is an error. Response headers are in either // *ListDataPoliciesResponse.ServerResponse.Header or (if a response was // returned at all) in error.(*googleapi.Error).Header. Use // googleapi.IsNotModified to check whether the returned error was because // http.StatusNotModified was returned. func (c *ProjectsLocationsDataPoliciesListCall) Do(opts ...googleapi.CallOption) (*ListDataPoliciesResponse, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { if res.Body != nil { res.Body.Close() } return nil, gensupport.WrapError(&googleapi.Error{ Code: res.StatusCode, Header: res.Header, }) } if err != nil { return nil, err } defer googleapi.CloseBody(res) if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } ret := &ListDataPoliciesResponse{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, }, } target := &ret if err := gensupport.DecodeResponse(target, res); err != nil { return nil, err } return ret, nil } // Pages invokes f for each page of results. // A non-nil error returned from f will halt the iteration. // The provided context supersedes any context provided to the Context method. func (c *ProjectsLocationsDataPoliciesListCall) Pages(ctx context.Context, f func(*ListDataPoliciesResponse) error) error { c.ctx_ = ctx defer c.PageToken(c.urlParams_.Get("pageToken")) for { x, err := c.Do() if err != nil { return err } if err := f(x); err != nil { return err } if x.NextPageToken == "" { return nil } c.PageToken(x.NextPageToken) } } type ProjectsLocationsDataPoliciesPatchCall struct { s *Service name string datapolicy *DataPolicy urlParams_ gensupport.URLParams ctx_ context.Context header_ http.Header } // Patch: Updates the metadata for an existing data policy. The target data // policy can be specified by the resource name. // // - name: Output only. Resource name of this data policy, in the format of // `projects/{project_number}/locations/{location_id}/dataPolicies/{data_polic // y_id}`. func (r *ProjectsLocationsDataPoliciesService) Patch(name string, datapolicy *DataPolicy) *ProjectsLocationsDataPoliciesPatchCall { c := &ProjectsLocationsDataPoliciesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.name = name c.datapolicy = datapolicy return c } // UpdateMask sets the optional parameter "updateMask": The update mask applies // to the resource. For the `FieldMask` definition, see // https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask // If not set, defaults to all of the fields that are allowed to update. // Updates to the `name` and `dataPolicyId` fields are not allowed. func (c *ProjectsLocationsDataPoliciesPatchCall) UpdateMask(updateMask string) *ProjectsLocationsDataPoliciesPatchCall { c.urlParams_.Set("updateMask", updateMask) return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. func (c *ProjectsLocationsDataPoliciesPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsDataPoliciesPatchCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } // Context sets the context to be used in this call's Do method. func (c *ProjectsLocationsDataPoliciesPatchCall) Context(ctx context.Context) *ProjectsLocationsDataPoliciesPatchCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. func (c *ProjectsLocationsDataPoliciesPatchCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } func (c *ProjectsLocationsDataPoliciesPatchCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) var body io.Reader = nil body, err := googleapi.WithoutDataWrapper.JSONReader(c.datapolicy) if err != nil { return nil, err } c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("PATCH", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ "name": c.name, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } // Do executes the "bigquerydatapolicy.projects.locations.dataPolicies.patch" call. // Any non-2xx status code is an error. Response headers are in either // *DataPolicy.ServerResponse.Header or (if a response was returned at all) in // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check // whether the returned error was because http.StatusNotModified was returned. func (c *ProjectsLocationsDataPoliciesPatchCall) Do(opts ...googleapi.CallOption) (*DataPolicy, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { if res.Body != nil { res.Body.Close() } return nil, gensupport.WrapError(&googleapi.Error{ Code: res.StatusCode, Header: res.Header, }) } if err != nil { return nil, err } defer googleapi.CloseBody(res) if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } ret := &DataPolicy{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, }, } target := &ret if err := gensupport.DecodeResponse(target, res); err != nil { return nil, err } return ret, nil } type ProjectsLocationsDataPoliciesRenameCall struct { s *Service name string renamedatapolicyrequest *RenameDataPolicyRequest urlParams_ gensupport.URLParams ctx_ context.Context header_ http.Header } // Rename: Renames the id (display name) of the specified data policy. // // - name: Resource name of the data policy to rename. The format is // `projects/{project_number}/locations/{location_id}/dataPolicies/{data_polic // y_id}`. func (r *ProjectsLocationsDataPoliciesService) Rename(name string, renamedatapolicyrequest *RenameDataPolicyRequest) *ProjectsLocationsDataPoliciesRenameCall { c := &ProjectsLocationsDataPoliciesRenameCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.name = name c.renamedatapolicyrequest = renamedatapolicyrequest return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. func (c *ProjectsLocationsDataPoliciesRenameCall) Fields(s ...googleapi.Field) *ProjectsLocationsDataPoliciesRenameCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } // Context sets the context to be used in this call's Do method. func (c *ProjectsLocationsDataPoliciesRenameCall) Context(ctx context.Context) *ProjectsLocationsDataPoliciesRenameCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. func (c *ProjectsLocationsDataPoliciesRenameCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } func (c *ProjectsLocationsDataPoliciesRenameCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) var body io.Reader = nil body, err := googleapi.WithoutDataWrapper.JSONReader(c.renamedatapolicyrequest) if err != nil { return nil, err } c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:rename") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("POST", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ "name": c.name, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } // Do executes the "bigquerydatapolicy.projects.locations.dataPolicies.rename" call. // Any non-2xx status code is an error. Response headers are in either // *DataPolicy.ServerResponse.Header or (if a response was returned at all) in // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check // whether the returned error was because http.StatusNotModified was returned. func (c *ProjectsLocationsDataPoliciesRenameCall) Do(opts ...googleapi.CallOption) (*DataPolicy, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { if res.Body != nil { res.Body.Close() } return nil, gensupport.WrapError(&googleapi.Error{ Code: res.StatusCode, Header: res.Header, }) } if err != nil { return nil, err } defer googleapi.CloseBody(res) if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } ret := &DataPolicy{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, }, } target := &ret if err := gensupport.DecodeResponse(target, res); err != nil { return nil, err } return ret, nil } type ProjectsLocationsDataPoliciesSetIamPolicyCall struct { s *Service resource string setiampolicyrequest *SetIamPolicyRequest urlParams_ gensupport.URLParams ctx_ context.Context header_ http.Header } // SetIamPolicy: Sets the IAM policy for the specified data policy. // // - resource: REQUIRED: The resource for which the policy is being specified. // See Resource names (https://cloud.google.com/apis/design/resource_names) // for the appropriate value for this field. func (r *ProjectsLocationsDataPoliciesService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsLocationsDataPoliciesSetIamPolicyCall { c := &ProjectsLocationsDataPoliciesSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.resource = resource c.setiampolicyrequest = setiampolicyrequest return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. func (c *ProjectsLocationsDataPoliciesSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsDataPoliciesSetIamPolicyCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } // Context sets the context to be used in this call's Do method. func (c *ProjectsLocationsDataPoliciesSetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsDataPoliciesSetIamPolicyCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. func (c *ProjectsLocationsDataPoliciesSetIamPolicyCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } func (c *ProjectsLocationsDataPoliciesSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) var body io.Reader = nil body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) if err != nil { return nil, err } c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("POST", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ "resource": c.resource, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } // Do executes the "bigquerydatapolicy.projects.locations.dataPolicies.setIamPolicy" call. // Any non-2xx status code is an error. Response headers are in either // *Policy.ServerResponse.Header or (if a response was returned at all) in // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check // whether the returned error was because http.StatusNotModified was returned. func (c *ProjectsLocationsDataPoliciesSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { if res.Body != nil { res.Body.Close() } return nil, gensupport.WrapError(&googleapi.Error{ Code: res.StatusCode, Header: res.Header, }) } if err != nil { return nil, err } defer googleapi.CloseBody(res) if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } ret := &Policy{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, }, } target := &ret if err := gensupport.DecodeResponse(target, res); err != nil { return nil, err } return ret, nil } type ProjectsLocationsDataPoliciesTestIamPermissionsCall struct { s *Service resource string testiampermissionsrequest *TestIamPermissionsRequest urlParams_ gensupport.URLParams ctx_ context.Context header_ http.Header } // TestIamPermissions: Returns the caller's permission on the specified data // policy resource. // // - resource: REQUIRED: The resource for which the policy detail is being // requested. See Resource names // (https://cloud.google.com/apis/design/resource_names) for the appropriate // value for this field. func (r *ProjectsLocationsDataPoliciesService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsLocationsDataPoliciesTestIamPermissionsCall { c := &ProjectsLocationsDataPoliciesTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.resource = resource c.testiampermissionsrequest = testiampermissionsrequest return c } // Fields allows partial responses to be retrieved. See // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more // details. func (c *ProjectsLocationsDataPoliciesTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsLocationsDataPoliciesTestIamPermissionsCall { c.urlParams_.Set("fields", googleapi.CombineFields(s)) return c } // Context sets the context to be used in this call's Do method. func (c *ProjectsLocationsDataPoliciesTestIamPermissionsCall) Context(ctx context.Context) *ProjectsLocationsDataPoliciesTestIamPermissionsCall { c.ctx_ = ctx return c } // Header returns a http.Header that can be modified by the caller to add // headers to the request. func (c *ProjectsLocationsDataPoliciesTestIamPermissionsCall) Header() http.Header { if c.header_ == nil { c.header_ = make(http.Header) } return c.header_ } func (c *ProjectsLocationsDataPoliciesTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) var body io.Reader = nil body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) if err != nil { return nil, err } c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("POST", urls, body) if err != nil { return nil, err } req.Header = reqHeaders googleapi.Expand(req.URL, map[string]string{ "resource": c.resource, }) return gensupport.SendRequest(c.ctx_, c.s.client, req) } // Do executes the "bigquerydatapolicy.projects.locations.dataPolicies.testIamPermissions" call. // Any non-2xx status code is an error. Response headers are in either // *TestIamPermissionsResponse.ServerResponse.Header or (if a response was // returned at all) in error.(*googleapi.Error).Header. Use // googleapi.IsNotModified to check whether the returned error was because // http.StatusNotModified was returned. func (c *ProjectsLocationsDataPoliciesTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { gensupport.SetOptions(c.urlParams_, opts...) res, err := c.doRequest("json") if res != nil && res.StatusCode == http.StatusNotModified { if res.Body != nil { res.Body.Close() } return nil, gensupport.WrapError(&googleapi.Error{ Code: res.StatusCode, Header: res.Header, }) } if err != nil { return nil, err } defer googleapi.CloseBody(res) if err := googleapi.CheckResponse(res); err != nil { return nil, gensupport.WrapError(err) } ret := &TestIamPermissionsResponse{ ServerResponse: googleapi.ServerResponse{ Header: res.Header, HTTPStatusCode: res.StatusCode, }, } target := &ret if err := gensupport.DecodeResponse(target, res); err != nil { return nil, err } return ret, nil }