[BindServiceMethod(typeof(AccessContextManager), "BindService")]
public abstract class AccessContextManager.AccessContextManagerBase
Reference documentation and code samples for the Identity Access Context Manager v1 API class AccessContextManager.AccessContextManagerBase.
Base class for server-side implementations of AccessContextManager
Namespace
Google.Identity.AccessContextManager.V1Assembly
Google.Identity.AccessContextManager.V1.dll
Methods
CommitServicePerimeters(CommitServicePerimetersRequest, ServerCallContext)
public virtual Task<Operation> CommitServicePerimeters(CommitServicePerimetersRequest request, ServerCallContext context)
Commits the dry-run specification for all the [service perimeters]
[google.identity.accesscontextmanager.v1.ServicePerimeter] in an
[access policy][google.identity.accesscontextmanager.v1.AccessPolicy].
A commit operation on a service perimeter involves copying its spec
field
to the status
field of the service perimeter. Only [service perimeters]
[google.identity.accesscontextmanager.v1.ServicePerimeter] with
use_explicit_dry_run_spec
field set to true are affected by a commit
operation. The long-running operation from this RPC has a successful
status after the dry-run specifications for all the [service perimeters]
[google.identity.accesscontextmanager.v1.ServicePerimeter] have been
committed. If a commit fails, it causes the long-running operation to
return an error response and the entire commit operation is cancelled.
When successful, the Operation.response field contains
CommitServicePerimetersResponse. The dry_run
and the spec
fields are
cleared after a successful commit operation.
Parameters | |
---|---|
Name | Description |
request |
CommitServicePerimetersRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |
CreateAccessLevel(CreateAccessLevelRequest, ServerCallContext)
public virtual Task<Operation> CreateAccessLevel(CreateAccessLevelRequest request, ServerCallContext context)
Creates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagates to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.
Parameters | |
---|---|
Name | Description |
request |
CreateAccessLevelRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |
CreateAccessPolicy(AccessPolicy, ServerCallContext)
public virtual Task<Operation> CreateAccessPolicy(AccessPolicy request, ServerCallContext context)
Creates an access policy. This method fails if the organization already has
an access policy. The long-running operation has a successful status
after the access policy propagates to long-lasting storage.
Syntactic and basic semantic errors are returned in metadata
as a
BadRequest proto.
Parameters | |
---|---|
Name | Description |
request |
AccessPolicy The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |
CreateGcpUserAccessBinding(CreateGcpUserAccessBindingRequest, ServerCallContext)
public virtual Task<Operation> CreateGcpUserAccessBinding(CreateGcpUserAccessBindingRequest request, ServerCallContext context)
Creates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. If the client specifies a [name] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.name], the server ignores it. Fails if a resource already exists with the same [group_key] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.group_key]. Completion of this long-running operation does not necessarily signify that the new binding is deployed onto all affected users, which may take more time.
Parameters | |
---|---|
Name | Description |
request |
CreateGcpUserAccessBindingRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |
CreateServicePerimeter(CreateServicePerimeterRequest, ServerCallContext)
public virtual Task<Operation> CreateServicePerimeter(CreateServicePerimeterRequest request, ServerCallContext context)
Creates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.
Parameters | |
---|---|
Name | Description |
request |
CreateServicePerimeterRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |
DeleteAccessLevel(DeleteAccessLevelRequest, ServerCallContext)
public virtual Task<Operation> DeleteAccessLevel(DeleteAccessLevelRequest request, ServerCallContext context)
Deletes an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name. The long-running operation from this RPC has a successful status after the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] has been removed from long-lasting storage.
Parameters | |
---|---|
Name | Description |
request |
DeleteAccessLevelRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |
DeleteAccessPolicy(DeleteAccessPolicyRequest, ServerCallContext)
public virtual Task<Operation> DeleteAccessPolicy(DeleteAccessPolicyRequest request, ServerCallContext context)
Deletes an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the resource name. The long-running operation has a successful status after the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is removed from long-lasting storage.
Parameters | |
---|---|
Name | Description |
request |
DeleteAccessPolicyRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |
DeleteGcpUserAccessBinding(DeleteGcpUserAccessBindingRequest, ServerCallContext)
public virtual Task<Operation> DeleteGcpUserAccessBinding(DeleteGcpUserAccessBindingRequest request, ServerCallContext context)
Deletes a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the binding deletion is deployed onto all affected users, which may take more time.
Parameters | |
---|---|
Name | Description |
request |
DeleteGcpUserAccessBindingRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |
DeleteServicePerimeter(DeleteServicePerimeterRequest, ServerCallContext)
public virtual Task<Operation> DeleteServicePerimeter(DeleteServicePerimeterRequest request, ServerCallContext context)
Deletes a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] is removed from long-lasting storage.
Parameters | |
---|---|
Name | Description |
request |
DeleteServicePerimeterRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |
GetAccessLevel(GetAccessLevelRequest, ServerCallContext)
public virtual Task<AccessLevel> GetAccessLevel(GetAccessLevelRequest request, ServerCallContext context)
Gets an [access level] [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource name.
Parameters | |
---|---|
Name | Description |
request |
GetAccessLevelRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskAccessLevel |
The response to send back to the client (wrapped by a task). |
GetAccessPolicy(GetAccessPolicyRequest, ServerCallContext)
public virtual Task<AccessPolicy> GetAccessPolicy(GetAccessPolicyRequest request, ServerCallContext context)
Returns an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] based on the name.
Parameters | |
---|---|
Name | Description |
request |
GetAccessPolicyRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskAccessPolicy |
The response to send back to the client (wrapped by a task). |
GetGcpUserAccessBinding(GetGcpUserAccessBindingRequest, ServerCallContext)
public virtual Task<GcpUserAccessBinding> GetGcpUserAccessBinding(GetGcpUserAccessBindingRequest request, ServerCallContext context)
Gets the [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] with the given name.
Parameters | |
---|---|
Name | Description |
request |
GetGcpUserAccessBindingRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskGcpUserAccessBinding |
The response to send back to the client (wrapped by a task). |
GetIamPolicy(GetIamPolicyRequest, ServerCallContext)
public virtual Task<Policy> GetIamPolicy(GetIamPolicyRequest request, ServerCallContext context)
Gets the IAM policy for the specified Access Context Manager [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].
Parameters | |
---|---|
Name | Description |
request |
GetIamPolicyRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskPolicy |
The response to send back to the client (wrapped by a task). |
GetServicePerimeter(GetServicePerimeterRequest, ServerCallContext)
public virtual Task<ServicePerimeter> GetServicePerimeter(GetServicePerimeterRequest request, ServerCallContext context)
Gets a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the resource name.
Parameters | |
---|---|
Name | Description |
request |
GetServicePerimeterRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskServicePerimeter |
The response to send back to the client (wrapped by a task). |
ListAccessLevels(ListAccessLevelsRequest, ServerCallContext)
public virtual Task<ListAccessLevelsResponse> ListAccessLevels(ListAccessLevelsRequest request, ServerCallContext context)
Lists all [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] for an access policy.
Parameters | |
---|---|
Name | Description |
request |
ListAccessLevelsRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskListAccessLevelsResponse |
The response to send back to the client (wrapped by a task). |
ListAccessPolicies(ListAccessPoliciesRequest, ServerCallContext)
public virtual Task<ListAccessPoliciesResponse> ListAccessPolicies(ListAccessPoliciesRequest request, ServerCallContext context)
Lists all [access policies] [google.identity.accesscontextmanager.v1.AccessPolicy] in an organization.
Parameters | |
---|---|
Name | Description |
request |
ListAccessPoliciesRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskListAccessPoliciesResponse |
The response to send back to the client (wrapped by a task). |
ListGcpUserAccessBindings(ListGcpUserAccessBindingsRequest, ServerCallContext)
public virtual Task<ListGcpUserAccessBindingsResponse> ListGcpUserAccessBindings(ListGcpUserAccessBindingsRequest request, ServerCallContext context)
Lists all [GcpUserAccessBindings] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] for a Google Cloud organization.
Parameters | |
---|---|
Name | Description |
request |
ListGcpUserAccessBindingsRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskListGcpUserAccessBindingsResponse |
The response to send back to the client (wrapped by a task). |
ListServicePerimeters(ListServicePerimetersRequest, ServerCallContext)
public virtual Task<ListServicePerimetersResponse> ListServicePerimeters(ListServicePerimetersRequest request, ServerCallContext context)
Lists all [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] for an access policy.
Parameters | |
---|---|
Name | Description |
request |
ListServicePerimetersRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskListServicePerimetersResponse |
The response to send back to the client (wrapped by a task). |
ReplaceAccessLevels(ReplaceAccessLevelsRequest, ServerCallContext)
public virtual Task<Operation> ReplaceAccessLevels(ReplaceAccessLevelsRequest request, ServerCallContext context)
Replaces all existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. If the replacement contains errors, an error response is returned for the first error encountered. Upon error, the replacement is cancelled, and existing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] are not affected. The Operation.response field contains ReplaceAccessLevelsResponse. Removing [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contained in existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] result in an error.
Parameters | |
---|---|
Name | Description |
request |
ReplaceAccessLevelsRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |
ReplaceServicePerimeters(ReplaceServicePerimetersRequest, ServerCallContext)
public virtual Task<Operation> ReplaceServicePerimeters(ReplaceServicePerimetersRequest request, ServerCallContext context)
Replace all existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] provided. This is done atomically. The long-running operation from this RPC has a successful status after all replacements propagate to long-lasting storage. Replacements containing errors result in an error response for the first error encountered. Upon an error, replacement are cancelled and existing [service perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter] are not affected. The Operation.response field contains ReplaceServicePerimetersResponse.
Parameters | |
---|---|
Name | Description |
request |
ReplaceServicePerimetersRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |
SetIamPolicy(SetIamPolicyRequest, ServerCallContext)
public virtual Task<Policy> SetIamPolicy(SetIamPolicyRequest request, ServerCallContext context)
Sets the IAM policy for the specified Access Context Manager [access policy][google.identity.accesscontextmanager.v1.AccessPolicy]. This method replaces the existing IAM policy on the access policy. The IAM policy controls the set of users who can perform specific operations on the Access Context Manager [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].
Parameters | |
---|---|
Name | Description |
request |
SetIamPolicyRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskPolicy |
The response to send back to the client (wrapped by a task). |
TestIamPermissions(TestIamPermissionsRequest, ServerCallContext)
public virtual Task<TestIamPermissionsResponse> TestIamPermissions(TestIamPermissionsRequest request, ServerCallContext context)
Returns the IAM permissions that the caller has on the specified Access Context Manager resource. The resource can be an [AccessPolicy][google.identity.accesscontextmanager.v1.AccessPolicy], [AccessLevel][google.identity.accesscontextmanager.v1.AccessLevel], or [ServicePerimeter][google.identity.accesscontextmanager.v1.ServicePerimeter ]. This method does not support other resources.
Parameters | |
---|---|
Name | Description |
request |
TestIamPermissionsRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskTestIamPermissionsResponse |
The response to send back to the client (wrapped by a task). |
UpdateAccessLevel(UpdateAccessLevelRequest, ServerCallContext)
public virtual Task<Operation> UpdateAccessLevel(UpdateAccessLevelRequest request, ServerCallContext context)
Updates an [access level] [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running operation from this RPC has a successful status after the changes to the [access level] [google.identity.accesscontextmanager.v1.AccessLevel] propagate to long-lasting storage. If [access levels] [google.identity.accesscontextmanager.v1.AccessLevel] contain errors, an error response is returned for the first error encountered.
Parameters | |
---|---|
Name | Description |
request |
UpdateAccessLevelRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |
UpdateAccessPolicy(UpdateAccessPolicyRequest, ServerCallContext)
public virtual Task<Operation> UpdateAccessPolicy(UpdateAccessPolicyRequest request, ServerCallContext context)
Updates an [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy]. The long-running operation from this RPC has a successful status after the changes to the [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] propagate to long-lasting storage.
Parameters | |
---|---|
Name | Description |
request |
UpdateAccessPolicyRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |
UpdateGcpUserAccessBinding(UpdateGcpUserAccessBindingRequest, ServerCallContext)
public virtual Task<Operation> UpdateGcpUserAccessBinding(UpdateGcpUserAccessBindingRequest request, ServerCallContext context)
Updates a [GcpUserAccessBinding] [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. Completion of this long-running operation does not necessarily signify that the changed binding is deployed onto all affected users, which may take more time.
Parameters | |
---|---|
Name | Description |
request |
UpdateGcpUserAccessBindingRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |
UpdateServicePerimeter(UpdateServicePerimeterRequest, ServerCallContext)
public virtual Task<Operation> UpdateServicePerimeter(UpdateServicePerimeterRequest request, ServerCallContext context)
Updates a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter]. The long-running operation from this RPC has a successful status after the [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] propagates to long-lasting storage. If a [service perimeter] [google.identity.accesscontextmanager.v1.ServicePerimeter] contains errors, an error response is returned for the first error encountered.
Parameters | |
---|---|
Name | Description |
request |
UpdateServicePerimeterRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation |
The response to send back to the client (wrapped by a task). |