Contains all the Google Cloud C++ Library APIs.
Classes
AsyncOperation
Represents a pending asynchronous operation.
AsyncStreamingReadWriteRpc<Request, Response>
A streaming read-write RPC.
BackgroundThreads
A object representing the background threads available to a Client.
CompletionQueue
Call the functor associated with asynchronous operations when they complete.
ConnectionOptions<ConnectionTraits>
The configuration parameters for client connections.
Credentials
An opaque representation of the authentication configuration.
ErrorInfo
Describes the cause of the error with structured details.
future<T>
Implement ISO/IEC TS 19571:2016 future<T>
.
future< void >
Specialize ISO/IEC TS 19571:2016 future for void.
GenericPollingPolicy<Retry, Backoff>
Construct a polling policy from existing Retry and Backoff policies.
KmsKeyName
This class identifies a Google Cloud KMS Key.
Location
A representation of a Cloud Location.
LogBackend
The logging backend interface.
Logger<bool>
Define the class to capture a log message.
Logger< false >
Define the logger for a disabled log level.
LogSink
A sink to receive log records.
Options
A class that holds option structs indexed by their type.
PollingPolicy
Control the Cloud C++ client library behavior with respect to polling on long running operations.
Project
This class identifies a Cloud Project.
promise<T>
Implement ISO/IEC TS 19571:2016 promise<T>
.
promise< void >
Specialize ISO/IEC TS 19571:2016 promise for void.
ProxyConfig
The configuration for a HTTP Proxy.
RetryPolicy
Define the interface for retry policies.
RuntimeStatusError
A runtime error that wraps a google::cloud::Status
.
Status
Represents success or an error with info about the error.
StatusOr<T>
Holds a value or a Status
indicating why there is no value.
StreamRange<T>
A StreamRange
<T>
is a range of StatusOr
<T>
where the end-of-stream is indicated by a non-OK Status
.
TracingOptions
The configuration parameters for RPC/protobuf tracing.
Structs
AccessToken
Represents an access token with a known expiration time.
AccessTokenLifetimeOption
Configure the access token lifetime.
AsyncTimerResult
The result of an async timer operation.
AuthorityOption
Configure the "authority" attribute.
CARootsFilePathOption
Configures a custom CA (Certificates Authority) certificates file.
DelegatesOption
Configure the delegates for MakeImpersonateServiceAccountCredentials()
EnableServerRetriesOption
Let the server make retry decisions, when applicable.
EndpointOption
Change the endpoint.
ExperimentalTag
An argument type to indicate experimental functions.
GrpcBackgroundThreadPoolSizeOption
The size of the background thread pool.
GrpcBackgroundThreadsFactoryOption
Changes the BackgroundThreadsFactory
.
GrpcChannelArgumentsNativeOption
The native grpc::ChannelArguments
object.
GrpcChannelArgumentsOption
A string-string map of arguments for grpc::ChannelArguments::SetString
.
GrpcCompletionQueueOption
The CompletionQueue
to use for background gRPC work.
GrpcCompressionAlgorithmOption
The gRPC compression algorithm used by clients/operations configured with this object.
GrpcCredentialOption
The gRPC credentials used by clients configured with this object.
GrpcNumChannelsOption
The number of transport channels to create.
GrpcTracingOptionsOption
The TracingOptions
to use when printing grpc protocol buffer messages.
LogRecord
Represents a single log message.
NullStream
Implements operator<< for all types, without any effect.
OpenTelemetryTracingOption
Enables tracing with OpenTelemetry
ProxyOption
Configure the HTTP Proxy.
QuotaUserOption
Configure the QuotaUser system parameter.
RestTracingOptionsOption
The TracingOptions
to use when printing REST transport http messages.
RpcMetadata
RPC request metadata.
ScopesOption
Configure the scopes for MakeImpersonateServiceAccountCredentials()
ServerTimeoutOption
Timeout for the server to finish processing the request.
TracingComponentsOption
Return whether tracing is enabled for the given component
.
UnifiedCredentialsOption
A wrapper to store credentials into an options.
UserAgentProductsOption
User-agent products to include with each request.
UserIpOption
Configure the UserIp query parameter.
UserProjectOption
Specifies a project for quota and billing purposes.
Enums
Idempotency
Whether a request is idempotent.
Severity
Define the severity levels for Google Cloud Platform C++ Libraries logging.
StatusCode
Well-known status codes with grpc::StatusCode
-compatible values.
Functions
MakeInsecureCredentials(Options)
Create insecure (aka anonymous, aka unauthenticated) credentials.
These credentials are mostly intended for testing. Integration tests running against an emulator do not need to authenticate. In fact, it may be impossible to connect to an emulator using SSL/TLS because the emulators typically run without secure communication.
In addition, unit tests may benefit from using these credentials: loading the default credentials unnecessarily slows down the unit tests, and in some CI environments the credentials may fail to load, creating confusing warnings and sometimes even errors.
Parameter | |
---|---|
Name | Description |
opts |
optional configuration values. Note that the effect of these parameters depends on the underlying transport. For example, |
Returns | |
---|---|
Type | Description |
std::shared_ptr< Credentials > |
MakeGoogleDefaultCredentials(Options)
Creates the default credentials.
These are the most commonly used credentials, and are expected to meet the needs of most applications. The Google Default Credentials conform to aip/4110. Consider using these credentials when:
- Your application is deployed to a GCP environment such as GCE, GKE, or Cloud Run. Each of these deployment environments provides a default service account to the application, and offers mechanisms to change the default credentials without any code changes to your application.
- You are testing or developing the application on a workstation (physical or virtual). These credentials will use your preferences as set with gcloud auth application-default. These preferences can be your own GCP user credentials, or some service account.
- Regardless of where your application is running, you can use the
GOOGLE_APPLICATION_CREDENTIALS
environment variable to override the defaults. This environment variable should point to a file containing a service account key file, or a JSON object describing your user credentials.
See Also
https://cloud.google.com/docs/authentication for more information on authentication in GCP.
Parameter | |
---|---|
Name | Description |
opts |
optional configuration values. Note that the effect of these parameters depends on the underlying transport. For example, |
Returns | |
---|---|
Type | Description |
std::shared_ptr< Credentials > |
MakeAccessTokenCredentials(std::string const &, std::chrono::system_clock::time_point, Options)
Creates credentials with a fixed access token.
These credentials are useful when using an out-of-band mechanism to fetch access tokens. Note that access tokens are time limited. You will need to manually refresh the tokens, and pass the new Credentials
to a new client.
See Also
https://cloud.google.com/docs/authentication for more information on authentication in GCP.
Parameters | |
---|---|
Name | Description |
access_token |
the access token to be used by the client library. |
expiration |
the expiration time for the token. |
opts |
optional configuration values. Note that the effect of these parameters depends on the underlying transport. For example, |
Returns | |
---|---|
Type | Description |
std::shared_ptr< Credentials > |
MakeImpersonateServiceAccountCredentials(std::shared_ptr< Credentials >, std::string, Options)
Creates credentials for service account impersonation.
Service account impersonation allows one account (user or service account) to act as a second account. This can be useful in multi-tenant services, where the service may perform some actions with an specific account associated with a tenant. The tenant can grant or restrict permissions to this tenant account.
When using service account impersonation is important to distinguish between the credentials used to obtain the target account credentials (the base_credentials
) parameter, and the credentials representing the target_service_account
.
Use AccessTokenLifetimeOption
to configure the maximum lifetime of the obtained credentials. The default is 1h (3600s), see IAM quotas for the limits set by the platform and how to override them.
Use DelegatesOption
to configure a sequence of intermediate service account, each of which has permissions to impersonate the next and the last one has permissions to impersonate target_service_account
.
Use ScopesOption
to restrict the authentication scope for the obtained credentials. See below for possible values.
See Also
https://cloud.google.com/docs/authentication for more information on authentication in GCP.
See Also
https://cloud.google.com/iam/docs/impersonating-service-accounts for information on managing service account impersonation.
See Also
https://developers.google.com/identity/protocols/oauth2/scopes for authentication scopes in Google Cloud Platform.
Parameters | |
---|---|
Name | Description |
base_credentials |
the credentials used to contact the IAM Credentials services. |
target_service_account |
the email address of the service account to impersonate. |
opts |
optional configuration values. Note that the effect of these parameters depends on the underlying transport. For example, |
Returns | |
---|---|
Type | Description |
std::shared_ptr< Credentials > |
MakeServiceAccountCredentials(std::string, Options)
Creates service account credentials from a service account key.
A service account is an account for an application or compute workload instead of an individual end user. The recommended practice is to use Google Default Credentials, which relies on the configuration of the Google Cloud system hosting your application (GCE, GKE, Cloud Run) to authenticate your workload or application. But sometimes you may need to create and download a service account key, for example, to use a service account when running your application on a system that is not part of Google Cloud.
Service account credentials are used in this latter case.
You can create multiple service account keys for a single service account. When you create a service account key, the key is returned as string, in the format described by aip/4112. This string contains an id for the service account, as well as the cryptographical materials (a RSA private key) required to authenticate the caller.
Therefore, services account keys should be treated as any other secret with security implications. Think of them as unencrypted passwords. Do not store them where unauthorized persons or programs may read them.
As stated above, most applications should probably use default credentials, maybe pointing them to a file with these contents. Using this function may be useful when the service account key is obtained from Cloud Secret Manager or a similar service.
Parameters | |
---|---|
Name | Description |
json_object |
the service account configuration as a JSON string. Typically applications read this from a file, or download the contents from something like Google's secret manager service. |
opts |
optional configuration values. Note that the effect of these parameters depends on the underlying transport. For example, |
Returns | |
---|---|
Type | Description |
std::shared_ptr< Credentials > |
MakeExternalAccountCredentials(std::string, Options)
Creates credentials based on external accounts.
Workload Identity Federation can grant on-premises or multi-cloud workloads access to Google Cloud resources, without using a service account key. You can use identity federation with Amazon Web Services (AWS), or with any identity provider that supports OpenID Connect (OIDC), such as Microsoft Azure, or SAML 2.0.
See Also
https://cloud.google.com/docs/authentication for more information on authentication in GCP.
Parameters | |
---|---|
Name | Description |
json_object |
the external account configuration as a JSON string. Typically applications read this from a file, or download the contents from something like Google's secret manager service. The configuration file can be created using the create-cred-config |
opts |
optional configuration values. Note that the effect of these parameters depends on the underlying transport. For example, |
Returns | |
---|---|
Type | Description |
std::shared_ptr< Credentials > |
make_ready_future(T &&)
Create a future that is immediately ready.
Parameters | |
---|---|
Name | Description |
t |
|
typename T |
|
Returns | |
---|---|
Type | Description |
auto |
make_ready_future()
Create a future that is immediately ready.
Returns | |
---|---|
Type | Description |
future< void > |
MakeStatusFromRpcError(grpc::Status const &)
Creates a google::cloud::Status
from a grpc::Status.
Parameter | |
---|---|
Name | Description |
status |
|
Returns | |
---|---|
Type | Description |
google::cloud::Status |
MakeStatusFromRpcError(grpc::StatusCode, std::string)
Creates a google::cloud::Status
from a grpc::StatusCode and description.
Parameters | |
---|---|
Name | Description |
code |
|
what |
|
Returns | |
---|---|
Type | Description |
google::cloud::Status |
MakeStatusFromRpcError(google::rpc::Status const &)
Creates a google::cloud::Status
from a google:rpc::
Status
proto.
Some gRPC services return the google::rpc::Status
proto for errors. The libraries in google-cloud-cpp
represent these errors using a google::cloud::Status
.
Parameter | |
---|---|
Name | Description |
proto |
|
Returns | |
---|---|
Type | Description |
google::cloud::Status |
MakeKmsKeyName(std::string const &)
Constructs a KmsKeyName
from the given full_name
.
Returns a non-OK Status if full_name
is improperly formed.
Parameter | |
---|---|
Name | Description |
full_name |
|
Returns | |
---|---|
Type | Description |
StatusOr< KmsKeyName > |
MakeLocation(std::string const &)
Constructs a Location
from the given full_name
.
Returns a non-OK Status if full_name
is improperly formed.
Parameter | |
---|---|
Name | Description |
full_name |
|
Returns | |
---|---|
Type | Description |
StatusOr< Location > |
ParseSeverity(std::string const &)
Convert a human-readable representation to a Severity.
Parameter | |
---|---|
Name | Description |
name |
|
Returns | |
---|---|
Type | Description |
absl::optional< Severity > |
MakeProject(std::string const &)
Constructs a Project
from the given full_name
.
Returns a non-OK Status if full_name
is improperly formed.
Parameter | |
---|---|
Name | Description |
full_name |
|
Returns | |
---|---|
Type | Description |
StatusOr< Project > |
StatusCodeToString(StatusCode)
Convert code
to a human readable string.
Parameter | |
---|---|
Name | Description |
code |
|
Returns | |
---|---|
Type | Description |
std::string |
make_status_or(T)
Parameters | |
---|---|
Name | Description |
rhs |
|
typename T |
|
Returns | |
---|---|
Type | Description |
StatusOr< T > |
SetTerminateHandler(TerminateHandler)
Install terminate handler and get the old one atomically.
Parameter | |
---|---|
Name | Description |
f |
the handler. It should never return, behaviour is undefined otherwise. |
Returns | |
---|---|
Type | Description |
TerminateHandler | Previously set handler. |
GetTerminateHandler()
Get the currently installed handler.
Returns | |
---|---|
Type | Description |
TerminateHandler | The currently installed handler. |
Terminate(char const *)
Invoke the currently installed handler.
This function should never return.
Parameter | |
---|---|
Name | Description |
msg |
Details about the error. |
Returns | |
---|---|
Type | Description |
void |
AddUniverseDomainOption(ExperimentalTag, Options)
Creates an Options
containing the UnifiedCredentialsOption
and its corresponding UniverseDomainOption
.
Uses the UnifiedCredentialsOption
in options
or ApplicationDefaultCredentials if UnifiedCredentialsOption
is not found, and retrieves the universe_domain from those Credentials
and sets the UniverseDomainOption
to the result.
If the Metadata Server needs to be called, this function checks the options for the UniverseDomainRetryPolicyOption
and UniverseDomainBackoffPolicyOption
. If either policy option is not present a default policy is used for the corresponding policy option.
If everything succeeds, the Options
returned contain both the UnifiedCredentialsOption
and the UniverseDomainOption
. If the RetryPolicy
becomes exhausted or other errors are encountered, that Status
is returned.
Parameters | |
---|---|
Name | Description |
tag |
|
options |
|
Returns | |
---|---|
Type | Description |
StatusOr< Options > |
GetUniverseDomain(ExperimentalTag, Credentials const &, Options const &)
Interrogates the provided credentials for the universe_domain.
If the Metadata Server needs to be called, this function checks the options for the UniverseDomainRetryPolicyOption
and UniverseDomainBackoffPolicyOption
. If either policy option is not present a default policy is used for the corresponding policy option.
If successful the universe_domain value is returned, otherwise a Status
indicating the error encountered is returned.
Parameters | |
---|---|
Name | Description |
tag |
|
credentials |
|
options |
|
Returns | |
---|---|
Type | Description |
StatusOr< std::string > |
version_major()
The Google Cloud C++ Client major version.
See Also
https://semver.org/spec/v2.0.0.html for details.
Returns | |
---|---|
Type | Description |
int constexpr |
version_minor()
The Google Cloud C++ Client minor version.
See Also
https://semver.org/spec/v2.0.0.html for details.
Returns | |
---|---|
Type | Description |
int constexpr |
version_patch()
The Google Cloud C++ Client patch version.
See Also
https://semver.org/spec/v2.0.0.html for details.
Returns | |
---|---|
Type | Description |
int constexpr |
version_pre_release()
The Google Cloud C++ Client pre-release version.
See Also
https://semver.org/spec/v2.0.0.html for details.
Returns | |
---|---|
Type | Description |
constexpr char const * |
version()
A single integer representing the Major/Minor/Patch version.
Returns | |
---|---|
Type | Description |
int constexpr |
version_string()
The version as a string, in MAJOR.MINOR.PATCH[-PRE][+gitrev] format.
Returns | |
---|---|
Type | Description |
std::string |
Type Aliases
CommonOptionList
OptionList< EndpointOption, UserAgentProductsOption, TracingComponentsOption, UserProjectOption, AuthorityOption >
A list of all the common options.
BackoffPolicy
::google::cloud::internal::BackoffPolicy
The base class for backoff policies.
ExponentialBackoffPolicy
google::cloud::internal::ExponentialBackoffPolicy
A truncated exponential backoff policy with randomized periods.
UnifiedCredentialsOptionList
OptionList< AccessTokenLifetimeOption, CARootsFilePathOption, DelegatesOption, ScopesOption, TracingComponentsOption, UnifiedCredentialsOption >
A list of options related to authentication.
BackgroundThreadsFactory
std::function< std::unique_ptr< BackgroundThreads >()>
GrpcOptionList
OptionList< GrpcCredentialOption, GrpcCompressionAlgorithmOption, GrpcNumChannelsOption, GrpcChannelArgumentsOption, GrpcChannelArgumentsNativeOption, GrpcTracingOptionsOption, GrpcBackgroundThreadPoolSizeOption, GrpcCompletionQueueOption, GrpcBackgroundThreadsFactoryOption >
A list of all the gRPC options.
IamUpdater
std::function< absl::optional< google::iam::v1::Policy >(google::iam::v1::Policy)>
Used in the SetIamPolicy()
read-modify-write cycles where an etag
helps prevent simultaneous updates of a policy from overwriting each other.
The updater is called with a recently fetched policy, and should either return an empty optional if no changes are required, or return a new policy to be set. In the latter case the updater should either (1) set the etag
of the returned policy to that of the recently fetched policy (strongly suggested), or (2) not set the etag
at all.
In case (1) if the etag
does not match the existing policy (i.e., there has been an intermediate update), this update is dropped and a new cycle is initiated. In case (2) the existing policy is overwritten blindly.
optional
absl::optional< T >
Alias template for google::cloud::optional
.
OptionList
internal::TypeList< T... >
A template to hold a list of "option" types.
This can be a useful way to create meaningful lists of options. For example, there could be a list containing all the gRPC options. Or a list of all ProductX options. This gives us a way to link to lists of options with doxygen, and to do some checking about what options a function may expect.
RestOptionList
::google::cloud::OptionList< QuotaUserOption, RestTracingOptionsOption, ServerTimeoutOption, UserIpOption >
The complete list of options accepted by CurlRestClient
TerminateHandler
std::function< void(char const *msg)>
Terminate handler.
It should handle the error, whose description are given in msg and should never return.