Identity Access Context Manager v1 API - Class AccessContextManager.AccessContextManagerBase (2.3.0)

[BindServiceMethod(typeof(AccessContextManager), "BindService")]
public abstract class AccessContextManager.AccessContextManagerBase

Reference documentation and code samples for the Identity Access Context Manager v1 API class AccessContextManager.AccessContextManagerBase.

Base class for server-side implementations of AccessContextManager

Inheritance

object > AccessContextManager.AccessContextManagerBase

Namespace

Google.Identity.AccessContextManager.V1

Assembly

Google.Identity.AccessContextManager.V1.dll

Methods

CommitServicePerimeters(CommitServicePerimetersRequest, ServerCallContext)

public virtual Task<Operation> CommitServicePerimeters(CommitServicePerimetersRequest request, ServerCallContext context)

Commits the dry-run specification for all the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access policy][google.identity.accesscontextmanager.v1.AccessPolicy]. A commit operation on a service perimeter involves copying its spec field to the status field of the service perimeter. Only [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] with use_explicit_dry_run_spec field set to true are affected by a commit operation. The long-running operation from this RPC has a successful status after the dry-run specifications for all the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] have been committed. If a commit fails, it causes the long-running operation to return an error response and the entire commit operation is cancelled. When successful, the Operation.response field contains CommitServicePerimetersResponse. The dry_run and the spec fields are cleared after a successful commit operation.

Parameters
NameDescription
requestCommitServicePerimetersRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).

CreateAccessLevel(CreateAccessLevelRequest, ServerCallContext)

public virtual Task<Operation> CreateAccessLevel(CreateAccessLevelRequest request, ServerCallContext context)

Creates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagates to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.

Parameters
NameDescription
requestCreateAccessLevelRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).

CreateAccessPolicy(AccessPolicy, ServerCallContext)

public virtual Task<Operation> CreateAccessPolicy(AccessPolicy request, ServerCallContext context)

Creates an access policy. This method fails if the organization already has an access policy. The long-running operation has a successful status after the access policy propagates to long-lasting storage. Syntactic and basic semantic errors are returned in metadata as a BadRequest proto.

Parameters
NameDescription
requestAccessPolicy

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).

CreateGcpUserAccessBinding(CreateGcpUserAccessBindingRequest, ServerCallContext)

public virtual Task<Operation> CreateGcpUserAccessBinding(CreateGcpUserAccessBindingRequest request, ServerCallContext context)

Creates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. If the client specifies a [name] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.name], the server ignores it. Fails if a resource already exists with the same [group_key] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.group_key]. Completion of this long-running operation does not necessarily signify that the new binding is deployed onto all affected users, which may take more time.

Parameters
NameDescription
requestCreateGcpUserAccessBindingRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).

CreateServicePerimeter(CreateServicePerimeterRequest, ServerCallContext)

public virtual Task<Operation> CreateServicePerimeter(CreateServicePerimeterRequest request, ServerCallContext context)

Creates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.

Parameters
NameDescription
requestCreateServicePerimeterRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).

DeleteAccessLevel(DeleteAccessLevelRequest, ServerCallContext)

public virtual Task<Operation> DeleteAccessLevel(DeleteAccessLevelRequest request, ServerCallContext context)

Deletes an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] has been removed from long-lasting storage.

Parameters
NameDescription
requestDeleteAccessLevelRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).

DeleteAccessPolicy(DeleteAccessPolicyRequest, ServerCallContext)

public virtual Task<Operation> DeleteAccessPolicy(DeleteAccessPolicyRequest request, ServerCallContext context)

Deletes an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the resource name. The long-running operation has a successful status after the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is removed from long-lasting storage.

Parameters
NameDescription
requestDeleteAccessPolicyRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).

DeleteGcpUserAccessBinding(DeleteGcpUserAccessBindingRequest, ServerCallContext)

public virtual Task<Operation> DeleteGcpUserAccessBinding(DeleteGcpUserAccessBindingRequest request, ServerCallContext context)

Deletes a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the binding deletion is deployed onto all affected users, which may take more time.

Parameters
NameDescription
requestDeleteGcpUserAccessBindingRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).

DeleteServicePerimeter(DeleteServicePerimeterRequest, ServerCallContext)

public virtual Task<Operation> DeleteServicePerimeter(DeleteServicePerimeterRequest request, ServerCallContext context)

Deletes a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] is removed from long-lasting storage.

Parameters
NameDescription
requestDeleteServicePerimeterRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).

GetAccessLevel(GetAccessLevelRequest, ServerCallContext)

public virtual Task<AccessLevel> GetAccessLevel(GetAccessLevelRequest request, ServerCallContext context)

Gets an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name.

Parameters
NameDescription
requestGetAccessLevelRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskAccessLevel

The response to send back to the client (wrapped by a task).

GetAccessPolicy(GetAccessPolicyRequest, ServerCallContext)

public virtual Task<AccessPolicy> GetAccessPolicy(GetAccessPolicyRequest request, ServerCallContext context)

Returns an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the name.

Parameters
NameDescription
requestGetAccessPolicyRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskAccessPolicy

The response to send back to the client (wrapped by a task).

GetGcpUserAccessBinding(GetGcpUserAccessBindingRequest, ServerCallContext)

public virtual Task<GcpUserAccessBinding> GetGcpUserAccessBinding(GetGcpUserAccessBindingRequest request, ServerCallContext context)

Gets the [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] with the given name.

Parameters
NameDescription
requestGetGcpUserAccessBindingRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskGcpUserAccessBinding

The response to send back to the client (wrapped by a task).

GetIamPolicy(GetIamPolicyRequest, ServerCallContext)

public virtual Task<Policy> GetIamPolicy(GetIamPolicyRequest request, ServerCallContext context)

Gets the IAM policy for the specified Access Context Manager [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].

Parameters
NameDescription
requestGetIamPolicyRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskPolicy

The response to send back to the client (wrapped by a task).

GetServicePerimeter(GetServicePerimeterRequest, ServerCallContext)

public virtual Task<ServicePerimeter> GetServicePerimeter(GetServicePerimeterRequest request, ServerCallContext context)

Gets a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name.

Parameters
NameDescription
requestGetServicePerimeterRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskServicePerimeter

The response to send back to the client (wrapped by a task).

ListAccessLevels(ListAccessLevelsRequest, ServerCallContext)

public virtual Task<ListAccessLevelsResponse> ListAccessLevels(ListAccessLevelsRequest request, ServerCallContext context)

Lists all [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] for an access policy.

Parameters
NameDescription
requestListAccessLevelsRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskListAccessLevelsResponse

The response to send back to the client (wrapped by a task).

ListAccessPolicies(ListAccessPoliciesRequest, ServerCallContext)

public virtual Task<ListAccessPoliciesResponse> ListAccessPolicies(ListAccessPoliciesRequest request, ServerCallContext context)

Lists all [access policies] [google.identity.accesscontextmanager.v1.AccessPolicy] in an organization.

Parameters
NameDescription
requestListAccessPoliciesRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskListAccessPoliciesResponse

The response to send back to the client (wrapped by a task).

ListGcpUserAccessBindings(ListGcpUserAccessBindingsRequest, ServerCallContext)

public virtual Task<ListGcpUserAccessBindingsResponse> ListGcpUserAccessBindings(ListGcpUserAccessBindingsRequest request, ServerCallContext context)

Lists all [GcpUserAccessBindings] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] for a Google Cloud organization.

Parameters
NameDescription
requestListGcpUserAccessBindingsRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskListGcpUserAccessBindingsResponse

The response to send back to the client (wrapped by a task).

ListServicePerimeters(ListServicePerimetersRequest, ServerCallContext)

public virtual Task<ListServicePerimetersResponse> ListServicePerimeters(ListServicePerimetersRequest request, ServerCallContext context)

Lists all [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] for an access policy.

Parameters
NameDescription
requestListServicePerimetersRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskListServicePerimetersResponse

The response to send back to the client (wrapped by a task).

ReplaceAccessLevels(ReplaceAccessLevelsRequest, ServerCallContext)

public virtual Task<Operation> ReplaceAccessLevels(ReplaceAccessLevelsRequest request, ServerCallContext context)

Replaces all existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. If the replacement contains errors, an error response is returned for the first error encountered. Upon error, the replacement is cancelled, and existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] are not affected. The Operation.response field contains ReplaceAccessLevelsResponse. Removing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contained in existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] result in an error.

Parameters
NameDescription
requestReplaceAccessLevelsRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).

ReplaceServicePerimeters(ReplaceServicePerimetersRequest, ServerCallContext)

public virtual Task<Operation> ReplaceServicePerimeters(ReplaceServicePerimetersRequest request, ServerCallContext context)

Replace all existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. Replacements containing errors result in an error response for the first error encountered. Upon an error, replacement are cancelled and existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] are not affected. The Operation.response field contains ReplaceServicePerimetersResponse.

Parameters
NameDescription
requestReplaceServicePerimetersRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).

SetIamPolicy(SetIamPolicyRequest, ServerCallContext)

public virtual Task<Policy> SetIamPolicy(SetIamPolicyRequest request, ServerCallContext context)

Sets the IAM policy for the specified Access Context Manager [access policy][google.identity.accesscontextmanager.v1.AccessPolicy]. This method replaces the existing IAM policy on the access policy. The IAM policy controls the set of users who can perform specific operations on the Access Context Manager [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].

Parameters
NameDescription
requestSetIamPolicyRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskPolicy

The response to send back to the client (wrapped by a task).

TestIamPermissions(TestIamPermissionsRequest, ServerCallContext)

public virtual Task<TestIamPermissionsResponse> TestIamPermissions(TestIamPermissionsRequest request, ServerCallContext context)

Returns the IAM permissions that the caller has on the specified Access Context Manager resource. The resource can be an [AccessPolicy][google.identity.accesscontextmanager.v1.AccessPolicy], [AccessLevel][google.identity.accesscontextmanager.v1.AccessLevel], or [ServicePerimeter][google.identity.accesscontextmanager.v1.ServicePerimeter ]. This method does not support other resources.

Parameters
NameDescription
requestTestIamPermissionsRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskTestIamPermissionsResponse

The response to send back to the client (wrapped by a task).

UpdateAccessLevel(UpdateAccessLevelRequest, ServerCallContext)

public virtual Task<Operation> UpdateAccessLevel(UpdateAccessLevelRequest request, ServerCallContext context)

Updates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the changes to the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagate to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.

Parameters
NameDescription
requestUpdateAccessLevelRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).

UpdateAccessPolicy(UpdateAccessPolicyRequest, ServerCallContext)

public virtual Task<Operation> UpdateAccessPolicy(UpdateAccessPolicyRequest request, ServerCallContext context)

Updates an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy]. The long-running operation from this RPC has a successful status after the changes to the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] propagate to long-lasting storage.

Parameters
NameDescription
requestUpdateAccessPolicyRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).

UpdateGcpUserAccessBinding(UpdateGcpUserAccessBindingRequest, ServerCallContext)

public virtual Task<Operation> UpdateGcpUserAccessBinding(UpdateGcpUserAccessBindingRequest request, ServerCallContext context)

Updates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the changed binding is deployed onto all affected users, which may take more time.

Parameters
NameDescription
requestUpdateGcpUserAccessBindingRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).

UpdateServicePerimeter(UpdateServicePerimeterRequest, ServerCallContext)

public virtual Task<Operation> UpdateServicePerimeter(UpdateServicePerimeterRequest request, ServerCallContext context)

Updates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.

Parameters
NameDescription
requestUpdateServicePerimeterRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskOperation

The response to send back to the client (wrapped by a task).