Identity Access Context Manager v1 API - Class AccessContextManager.AccessContextManagerBase (2.4.0)

[BindServiceMethod(typeof(AccessContextManager), "BindService")]
public abstract class AccessContextManager.AccessContextManagerBase

Reference documentation and code samples for the Identity Access Context Manager v1 API class AccessContextManager.AccessContextManagerBase.

Base class for server-side implementations of AccessContextManager

Inheritance

object > AccessContextManager.AccessContextManagerBase

Namespace

Google.Identity.AccessContextManager.V1

Assembly

Google.Identity.AccessContextManager.V1.dll

Methods

CommitServicePerimeters(CommitServicePerimetersRequest, ServerCallContext)

public virtual Task<Operation> CommitServicePerimeters(CommitServicePerimetersRequest request, ServerCallContext context)

Commits the dry-run specification for all the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access policy][google.identity.accesscontextmanager.v1.AccessPolicy]. A commit operation on a service perimeter involves copying its spec field to the status field of the service perimeter. Only [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] with use_explicit_dry_run_spec field set to true are affected by a commit operation. The long-running operation from this RPC has a successful status after the dry-run specifications for all the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] have been committed. If a commit fails, it causes the long-running operation to return an error response and the entire commit operation is cancelled. When successful, the Operation.response field contains CommitServicePerimetersResponse. The dry_run and the spec fields are cleared after a successful commit operation.

Parameters
Name Description
request CommitServicePerimetersRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).

CreateAccessLevel(CreateAccessLevelRequest, ServerCallContext)

public virtual Task<Operation> CreateAccessLevel(CreateAccessLevelRequest request, ServerCallContext context)

Creates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagates to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.

Parameters
Name Description
request CreateAccessLevelRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).

CreateAccessPolicy(AccessPolicy, ServerCallContext)

public virtual Task<Operation> CreateAccessPolicy(AccessPolicy request, ServerCallContext context)

Creates an access policy. This method fails if the organization already has an access policy. The long-running operation has a successful status after the access policy propagates to long-lasting storage. Syntactic and basic semantic errors are returned in metadata as a BadRequest proto.

Parameters
Name Description
request AccessPolicy

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).

CreateGcpUserAccessBinding(CreateGcpUserAccessBindingRequest, ServerCallContext)

public virtual Task<Operation> CreateGcpUserAccessBinding(CreateGcpUserAccessBindingRequest request, ServerCallContext context)

Creates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. If the client specifies a [name] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.name], the server ignores it. Fails if a resource already exists with the same [group_key] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.group_key]. Completion of this long-running operation does not necessarily signify that the new binding is deployed onto all affected users, which may take more time.

Parameters
Name Description
request CreateGcpUserAccessBindingRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).

CreateServicePerimeter(CreateServicePerimeterRequest, ServerCallContext)

public virtual Task<Operation> CreateServicePerimeter(CreateServicePerimeterRequest request, ServerCallContext context)

Creates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.

Parameters
Name Description
request CreateServicePerimeterRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).

DeleteAccessLevel(DeleteAccessLevelRequest, ServerCallContext)

public virtual Task<Operation> DeleteAccessLevel(DeleteAccessLevelRequest request, ServerCallContext context)

Deletes an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] has been removed from long-lasting storage.

Parameters
Name Description
request DeleteAccessLevelRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).

DeleteAccessPolicy(DeleteAccessPolicyRequest, ServerCallContext)

public virtual Task<Operation> DeleteAccessPolicy(DeleteAccessPolicyRequest request, ServerCallContext context)

Deletes an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the resource name. The long-running operation has a successful status after the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is removed from long-lasting storage.

Parameters
Name Description
request DeleteAccessPolicyRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).

DeleteGcpUserAccessBinding(DeleteGcpUserAccessBindingRequest, ServerCallContext)

public virtual Task<Operation> DeleteGcpUserAccessBinding(DeleteGcpUserAccessBindingRequest request, ServerCallContext context)

Deletes a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the binding deletion is deployed onto all affected users, which may take more time.

Parameters
Name Description
request DeleteGcpUserAccessBindingRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).

DeleteServicePerimeter(DeleteServicePerimeterRequest, ServerCallContext)

public virtual Task<Operation> DeleteServicePerimeter(DeleteServicePerimeterRequest request, ServerCallContext context)

Deletes a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] is removed from long-lasting storage.

Parameters
Name Description
request DeleteServicePerimeterRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).

GetAccessLevel(GetAccessLevelRequest, ServerCallContext)

public virtual Task<AccessLevel> GetAccessLevel(GetAccessLevelRequest request, ServerCallContext context)

Gets an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name.

Parameters
Name Description
request GetAccessLevelRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskAccessLevel

The response to send back to the client (wrapped by a task).

GetAccessPolicy(GetAccessPolicyRequest, ServerCallContext)

public virtual Task<AccessPolicy> GetAccessPolicy(GetAccessPolicyRequest request, ServerCallContext context)

Returns an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the name.

Parameters
Name Description
request GetAccessPolicyRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskAccessPolicy

The response to send back to the client (wrapped by a task).

GetGcpUserAccessBinding(GetGcpUserAccessBindingRequest, ServerCallContext)

public virtual Task<GcpUserAccessBinding> GetGcpUserAccessBinding(GetGcpUserAccessBindingRequest request, ServerCallContext context)

Gets the [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] with the given name.

Parameters
Name Description
request GetGcpUserAccessBindingRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskGcpUserAccessBinding

The response to send back to the client (wrapped by a task).

GetIamPolicy(GetIamPolicyRequest, ServerCallContext)

public virtual Task<Policy> GetIamPolicy(GetIamPolicyRequest request, ServerCallContext context)

Gets the IAM policy for the specified Access Context Manager [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].

Parameters
Name Description
request GetIamPolicyRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskPolicy

The response to send back to the client (wrapped by a task).

GetServicePerimeter(GetServicePerimeterRequest, ServerCallContext)

public virtual Task<ServicePerimeter> GetServicePerimeter(GetServicePerimeterRequest request, ServerCallContext context)

Gets a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name.

Parameters
Name Description
request GetServicePerimeterRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskServicePerimeter

The response to send back to the client (wrapped by a task).

ListAccessLevels(ListAccessLevelsRequest, ServerCallContext)

public virtual Task<ListAccessLevelsResponse> ListAccessLevels(ListAccessLevelsRequest request, ServerCallContext context)

Lists all [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] for an access policy.

Parameters
Name Description
request ListAccessLevelsRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskListAccessLevelsResponse

The response to send back to the client (wrapped by a task).

ListAccessPolicies(ListAccessPoliciesRequest, ServerCallContext)

public virtual Task<ListAccessPoliciesResponse> ListAccessPolicies(ListAccessPoliciesRequest request, ServerCallContext context)

Lists all [access policies] [google.identity.accesscontextmanager.v1.AccessPolicy] in an organization.

Parameters
Name Description
request ListAccessPoliciesRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskListAccessPoliciesResponse

The response to send back to the client (wrapped by a task).

ListGcpUserAccessBindings(ListGcpUserAccessBindingsRequest, ServerCallContext)

public virtual Task<ListGcpUserAccessBindingsResponse> ListGcpUserAccessBindings(ListGcpUserAccessBindingsRequest request, ServerCallContext context)

Lists all [GcpUserAccessBindings] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] for a Google Cloud organization.

Parameters
Name Description
request ListGcpUserAccessBindingsRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskListGcpUserAccessBindingsResponse

The response to send back to the client (wrapped by a task).

ListServicePerimeters(ListServicePerimetersRequest, ServerCallContext)

public virtual Task<ListServicePerimetersResponse> ListServicePerimeters(ListServicePerimetersRequest request, ServerCallContext context)

Lists all [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] for an access policy.

Parameters
Name Description
request ListServicePerimetersRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskListServicePerimetersResponse

The response to send back to the client (wrapped by a task).

ReplaceAccessLevels(ReplaceAccessLevelsRequest, ServerCallContext)

public virtual Task<Operation> ReplaceAccessLevels(ReplaceAccessLevelsRequest request, ServerCallContext context)

Replaces all existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. If the replacement contains errors, an error response is returned for the first error encountered. Upon error, the replacement is cancelled, and existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] are not affected. The Operation.response field contains ReplaceAccessLevelsResponse. Removing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contained in existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] result in an error.

Parameters
Name Description
request ReplaceAccessLevelsRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).

ReplaceServicePerimeters(ReplaceServicePerimetersRequest, ServerCallContext)

public virtual Task<Operation> ReplaceServicePerimeters(ReplaceServicePerimetersRequest request, ServerCallContext context)

Replace all existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. Replacements containing errors result in an error response for the first error encountered. Upon an error, replacement are cancelled and existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] are not affected. The Operation.response field contains ReplaceServicePerimetersResponse.

Parameters
Name Description
request ReplaceServicePerimetersRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).

SetIamPolicy(SetIamPolicyRequest, ServerCallContext)

public virtual Task<Policy> SetIamPolicy(SetIamPolicyRequest request, ServerCallContext context)

Sets the IAM policy for the specified Access Context Manager [access policy][google.identity.accesscontextmanager.v1.AccessPolicy]. This method replaces the existing IAM policy on the access policy. The IAM policy controls the set of users who can perform specific operations on the Access Context Manager [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].

Parameters
Name Description
request SetIamPolicyRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskPolicy

The response to send back to the client (wrapped by a task).

TestIamPermissions(TestIamPermissionsRequest, ServerCallContext)

public virtual Task<TestIamPermissionsResponse> TestIamPermissions(TestIamPermissionsRequest request, ServerCallContext context)

Returns the IAM permissions that the caller has on the specified Access Context Manager resource. The resource can be an [AccessPolicy][google.identity.accesscontextmanager.v1.AccessPolicy], [AccessLevel][google.identity.accesscontextmanager.v1.AccessLevel], or [ServicePerimeter][google.identity.accesscontextmanager.v1.ServicePerimeter ]. This method does not support other resources.

Parameters
Name Description
request TestIamPermissionsRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskTestIamPermissionsResponse

The response to send back to the client (wrapped by a task).

UpdateAccessLevel(UpdateAccessLevelRequest, ServerCallContext)

public virtual Task<Operation> UpdateAccessLevel(UpdateAccessLevelRequest request, ServerCallContext context)

Updates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the changes to the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagate to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.

Parameters
Name Description
request UpdateAccessLevelRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).

UpdateAccessPolicy(UpdateAccessPolicyRequest, ServerCallContext)

public virtual Task<Operation> UpdateAccessPolicy(UpdateAccessPolicyRequest request, ServerCallContext context)

Updates an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy]. The long-running operation from this RPC has a successful status after the changes to the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] propagate to long-lasting storage.

Parameters
Name Description
request UpdateAccessPolicyRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).

UpdateGcpUserAccessBinding(UpdateGcpUserAccessBindingRequest, ServerCallContext)

public virtual Task<Operation> UpdateGcpUserAccessBinding(UpdateGcpUserAccessBindingRequest request, ServerCallContext context)

Updates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the changed binding is deployed onto all affected users, which may take more time.

Parameters
Name Description
request UpdateGcpUserAccessBindingRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).

UpdateServicePerimeter(UpdateServicePerimeterRequest, ServerCallContext)

public virtual Task<Operation> UpdateServicePerimeter(UpdateServicePerimeterRequest request, ServerCallContext context)

Updates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.

Parameters
Name Description
request UpdateServicePerimeterRequest

The request received from the client.

context ServerCallContext

The context of the server-side call handler being invoked.

Returns
Type Description
TaskOperation

The response to send back to the client (wrapped by a task).