Class IdentityAwareProxyAdminServiceAsyncClient (1.15.0)

IdentityAwareProxyAdminServiceAsyncClient(*, credentials: typing.Optional[google.auth.credentials.Credentials] = None, transport: typing.Optional[typing.Union[str, google.cloud.iap_v1.services.identity_aware_proxy_admin_service.transports.base.IdentityAwareProxyAdminServiceTransport, typing.Callable[[...], google.cloud.iap_v1.services.identity_aware_proxy_admin_service.transports.base.IdentityAwareProxyAdminServiceTransport]]] = 'grpc_asyncio', client_options: typing.Optional[google.api_core.client_options.ClientOptions] = None, client_info: google.api_core.gapic_v1.client_info.ClientInfo = <google.api_core.gapic_v1.client_info.ClientInfo object>)

APIs for Identity-Aware Proxy Admin configurations.

Properties

api_endpoint

Return the API endpoint used by the client instance.

Returns
Type Description
str The API endpoint used by the client instance.

transport

Returns the transport used by the client instance.

Returns
Type Description
IdentityAwareProxyAdminServiceTransport The transport used by the client instance.

universe_domain

Return the universe domain used by the client instance.

Returns
Type Description
str The universe domain used by the client instance.

Methods

IdentityAwareProxyAdminServiceAsyncClient

IdentityAwareProxyAdminServiceAsyncClient(*, credentials: typing.Optional[google.auth.credentials.Credentials] = None, transport: typing.Optional[typing.Union[str, google.cloud.iap_v1.services.identity_aware_proxy_admin_service.transports.base.IdentityAwareProxyAdminServiceTransport, typing.Callable[[...], google.cloud.iap_v1.services.identity_aware_proxy_admin_service.transports.base.IdentityAwareProxyAdminServiceTransport]]] = 'grpc_asyncio', client_options: typing.Optional[google.api_core.client_options.ClientOptions] = None, client_info: google.api_core.gapic_v1.client_info.ClientInfo = <google.api_core.gapic_v1.client_info.ClientInfo object>)

Instantiates the identity aware proxy admin service async client.

Parameters
Name Description
credentials Optional[google.auth.credentials.Credentials]

The authorization credentials to attach to requests. These credentials identify the application to the service; if none are specified, the client will attempt to ascertain the credentials from the environment.

transport Optional[Union[str,IdentityAwareProxyAdminServiceTransport,Callable[..., IdentityAwareProxyAdminServiceTransport]]]

The transport to use, or a Callable that constructs and returns a new transport to use. If a Callable is given, it will be called with the same set of initialization arguments as used in the IdentityAwareProxyAdminServiceTransport constructor. If set to None, a transport is chosen automatically.

client_options Optional[Union[google.api_core.client_options.ClientOptions, dict]]

Custom options for the client. 1. The api_endpoint property can be used to override the default endpoint provided by the client when transport is not explicitly provided. Only if this property is not set and transport was not explicitly provided, the endpoint is determined by the GOOGLE_API_USE_MTLS_ENDPOINT environment variable, which have one of the following values: "always" (always use the default mTLS endpoint), "never" (always use the default regular endpoint) and "auto" (auto-switch to the default mTLS endpoint if client certificate is present; this is the default value). 2. If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is "true", then the client_cert_source property can be used to provide a client certificate for mTLS transport. If not provided, the default SSL client certificate will be used if present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not set, no client certificate will be used. 3. The universe_domain property can be used to override the default "googleapis.com" universe. Note that api_endpoint property still takes precedence; and universe_domain is currently not supported for mTLS.

client_info google.api_core.gapic_v1.client_info.ClientInfo

The client info used to send a user-agent string along with API requests. If None, then default info will be used. Generally, you only need to set this if you're developing your own client library.

Exceptions
Type Description
google.auth.exceptions.MutualTlsChannelError If mutual TLS transport creation failed for any reason.

common_billing_account_path

common_billing_account_path(billing_account: str) -> str

Returns a fully-qualified billing_account string.

common_folder_path

common_folder_path(folder: str) -> str

Returns a fully-qualified folder string.

common_location_path

common_location_path(project: str, location: str) -> str

Returns a fully-qualified location string.

common_organization_path

common_organization_path(organization: str) -> str

Returns a fully-qualified organization string.

common_project_path

common_project_path(project: str) -> str

Returns a fully-qualified project string.

create_tunnel_dest_group

create_tunnel_dest_group(
    request: typing.Optional[
        typing.Union[
            google.cloud.iap_v1.types.service.CreateTunnelDestGroupRequest, dict
        ]
    ] = None,
    *,
    parent: typing.Optional[str] = None,
    tunnel_dest_group: typing.Optional[
        google.cloud.iap_v1.types.service.TunnelDestGroup
    ] = None,
    tunnel_dest_group_id: typing.Optional[str] = None,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.cloud.iap_v1.types.service.TunnelDestGroup

Creates a new TunnelDestGroup.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import iap_v1

async def sample_create_tunnel_dest_group():
    # Create a client
    client = iap_v1.IdentityAwareProxyAdminServiceAsyncClient()

    # Initialize request argument(s)
    tunnel_dest_group = iap_v1.TunnelDestGroup()
    tunnel_dest_group.name = "name_value"

    request = iap_v1.CreateTunnelDestGroupRequest(
        parent="parent_value",
        tunnel_dest_group=tunnel_dest_group,
        tunnel_dest_group_id="tunnel_dest_group_id_value",
    )

    # Make the request
    response = await client.create_tunnel_dest_group(request=request)

    # Handle the response
    print(response)
Parameters
Name Description
request Optional[Union[google.cloud.iap_v1.types.CreateTunnelDestGroupRequest, dict]]

The request object. The request to CreateTunnelDestGroup.

parent str

Required. Google Cloud Project ID and location. In the following format: projects/{project_number/id}/iap_tunnel/locations/{location}. This corresponds to the parent field on the request instance; if request is provided, this should not be set.

tunnel_dest_group TunnelDestGroup

Required. The TunnelDestGroup to create. This corresponds to the tunnel_dest_group field on the request instance; if request is provided, this should not be set.

tunnel_dest_group_id str

Required. The ID to use for the TunnelDestGroup, which becomes the final component of the resource name. This value must be 4-63 characters, and valid characters are [a-z]-. This corresponds to the tunnel_dest_group_id field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.

Returns
Type Description
google.cloud.iap_v1.types.TunnelDestGroup A TunnelDestGroup.

delete_tunnel_dest_group

delete_tunnel_dest_group(
    request: typing.Optional[
        typing.Union[
            google.cloud.iap_v1.types.service.DeleteTunnelDestGroupRequest, dict
        ]
    ] = None,
    *,
    name: typing.Optional[str] = None,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> None

Deletes a TunnelDestGroup.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import iap_v1

async def sample_delete_tunnel_dest_group():
    # Create a client
    client = iap_v1.IdentityAwareProxyAdminServiceAsyncClient()

    # Initialize request argument(s)
    request = iap_v1.DeleteTunnelDestGroupRequest(
        name="name_value",
    )

    # Make the request
    await client.delete_tunnel_dest_group(request=request)
Parameters
Name Description
request Optional[Union[google.cloud.iap_v1.types.DeleteTunnelDestGroupRequest, dict]]

The request object. The request to DeleteTunnelDestGroup.

name str

Required. Name of the TunnelDestGroup to delete. In the following format: projects/{project_number/id}/iap_tunnel/locations/{location}/destGroups/{dest_group}. This corresponds to the name field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.

from_service_account_file

from_service_account_file(filename: str, *args, **kwargs)

Creates an instance of this client using the provided credentials file.

Parameter
Name Description
filename str

The path to the service account private key json file.

Returns
Type Description
IdentityAwareProxyAdminServiceAsyncClient The constructed client.

from_service_account_info

from_service_account_info(info: dict, *args, **kwargs)

Creates an instance of this client using the provided credentials info.

Parameter
Name Description
info dict

The service account private key info.

Returns
Type Description
IdentityAwareProxyAdminServiceAsyncClient The constructed client.

from_service_account_json

from_service_account_json(filename: str, *args, **kwargs)

Creates an instance of this client using the provided credentials file.

Parameter
Name Description
filename str

The path to the service account private key json file.

Returns
Type Description
IdentityAwareProxyAdminServiceAsyncClient The constructed client.

get_iam_policy

get_iam_policy(
    request: typing.Optional[
        typing.Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]
    ] = None,
    *,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.iam.v1.policy_pb2.Policy

Gets the access control policy for an Identity-Aware Proxy protected resource. More information about managing access via IAP can be found at: https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import iap_v1
from google.iam.v1 import iam_policy_pb2  # type: ignore

async def sample_get_iam_policy():
    # Create a client
    client = iap_v1.IdentityAwareProxyAdminServiceAsyncClient()

    # Initialize request argument(s)
    request = iam_policy_pb2.GetIamPolicyRequest(
        resource="resource_value",
    )

    # Make the request
    response = await client.get_iam_policy(request=request)

    # Handle the response
    print(response)
Parameters
Name Description
request Optional[Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]]

The request object. Request message for GetIamPolicy method.

retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.

Returns
Type Description
google.iam.v1.policy_pb2.Policy An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members, or principals, to a single role. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a binding can also specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** :literal:\ { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01t00:00:00.000z')",="" }="" }="" ],="" "etag":="" "bwwwja0yfja=", " version":="" 3="">\ \ **YAML example:** :literal:\ bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01t00:00:00.000z')="" etag:="" bwwwja0yfja="version:">\ \ For a description of IAM and its features, see the [IAM documentation](\ https://cloud.google.com/iam/docs/).

get_iap_settings

get_iap_settings(
    request: typing.Optional[
        typing.Union[google.cloud.iap_v1.types.service.GetIapSettingsRequest, dict]
    ] = None,
    *,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.cloud.iap_v1.types.service.IapSettings

Gets the IAP settings on a particular IAP protected resource.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import iap_v1

async def sample_get_iap_settings():
    # Create a client
    client = iap_v1.IdentityAwareProxyAdminServiceAsyncClient()

    # Initialize request argument(s)
    request = iap_v1.GetIapSettingsRequest(
        name="name_value",
    )

    # Make the request
    response = await client.get_iap_settings(request=request)

    # Handle the response
    print(response)
Parameters
Name Description
request Optional[Union[google.cloud.iap_v1.types.GetIapSettingsRequest, dict]]

The request object. The request sent to GetIapSettings.

retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.

Returns
Type Description
google.cloud.iap_v1.types.IapSettings The IAP configurable settings.

get_mtls_endpoint_and_cert_source

get_mtls_endpoint_and_cert_source(
    client_options: typing.Optional[
        google.api_core.client_options.ClientOptions
    ] = None,
)

Return the API endpoint and client cert source for mutual TLS.

The client cert source is determined in the following order: (1) if GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is not "true", the client cert source is None. (2) if client_options.client_cert_source is provided, use the provided one; if the default client cert source exists, use the default one; otherwise the client cert source is None.

The API endpoint is determined in the following order: (1) if client_options.api_endpoint if provided, use the provided one. (2) if GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is "always", use the default mTLS endpoint; if the environment variable is "never", use the default API endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise use the default API endpoint.

More details can be found at https://google.aip.dev/auth/4114.

Parameter
Name Description
client_options google.api_core.client_options.ClientOptions

Custom options for the client. Only the api_endpoint and client_cert_source properties may be used in this method.

Exceptions
Type Description
google.auth.exceptions.MutualTLSChannelError If any errors happen.
Returns
Type Description
Tuple[str, Callable[[], Tuple[bytes, bytes]]] returns the API endpoint and the client cert source to use.

get_transport_class

get_transport_class(
    label: typing.Optional[str] = None,
) -> typing.Type[
    google.cloud.iap_v1.services.identity_aware_proxy_admin_service.transports.base.IdentityAwareProxyAdminServiceTransport
]

Returns an appropriate transport class.

Parameter
Name Description
label typing.Optional[str]

The name of the desired transport. If none is provided, then the first transport in the registry is used.

get_tunnel_dest_group

get_tunnel_dest_group(
    request: typing.Optional[
        typing.Union[google.cloud.iap_v1.types.service.GetTunnelDestGroupRequest, dict]
    ] = None,
    *,
    name: typing.Optional[str] = None,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.cloud.iap_v1.types.service.TunnelDestGroup

Retrieves an existing TunnelDestGroup.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import iap_v1

async def sample_get_tunnel_dest_group():
    # Create a client
    client = iap_v1.IdentityAwareProxyAdminServiceAsyncClient()

    # Initialize request argument(s)
    request = iap_v1.GetTunnelDestGroupRequest(
        name="name_value",
    )

    # Make the request
    response = await client.get_tunnel_dest_group(request=request)

    # Handle the response
    print(response)
Parameters
Name Description
request Optional[Union[google.cloud.iap_v1.types.GetTunnelDestGroupRequest, dict]]

The request object. The request to GetTunnelDestGroup.

name str

Required. Name of the TunnelDestGroup to be fetched. In the following format: projects/{project_number/id}/iap_tunnel/locations/{location}/destGroups/{dest_group}. This corresponds to the name field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.

Returns
Type Description
google.cloud.iap_v1.types.TunnelDestGroup A TunnelDestGroup.

list_tunnel_dest_groups

list_tunnel_dest_groups(
    request: typing.Optional[
        typing.Union[
            google.cloud.iap_v1.types.service.ListTunnelDestGroupsRequest, dict
        ]
    ] = None,
    *,
    parent: typing.Optional[str] = None,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> (
    google.cloud.iap_v1.services.identity_aware_proxy_admin_service.pagers.ListTunnelDestGroupsAsyncPager
)

Lists the existing TunnelDestGroups. To group across all locations, use a - as the location ID. For example: /v1/projects/123/iap_tunnel/locations/-/destGroups

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import iap_v1

async def sample_list_tunnel_dest_groups():
    # Create a client
    client = iap_v1.IdentityAwareProxyAdminServiceAsyncClient()

    # Initialize request argument(s)
    request = iap_v1.ListTunnelDestGroupsRequest(
        parent="parent_value",
    )

    # Make the request
    page_result = client.list_tunnel_dest_groups(request=request)

    # Handle the response
    async for response in page_result:
        print(response)
Parameters
Name Description
request Optional[Union[google.cloud.iap_v1.types.ListTunnelDestGroupsRequest, dict]]

The request object. The request to ListTunnelDestGroups.

parent str

Required. Google Cloud Project ID and location. In the following format: projects/{project_number/id}/iap_tunnel/locations/{location}. A - can be used for the location to group across all locations. This corresponds to the parent field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.

Returns
Type Description
google.cloud.iap_v1.services.identity_aware_proxy_admin_service.pagers.ListTunnelDestGroupsAsyncPager The response from ListTunnelDestGroups. Iterating over this object will yield results and resolve additional pages automatically.

parse_common_billing_account_path

parse_common_billing_account_path(path: str) -> typing.Dict[str, str]

Parse a billing_account path into its component segments.

parse_common_folder_path

parse_common_folder_path(path: str) -> typing.Dict[str, str]

Parse a folder path into its component segments.

parse_common_location_path

parse_common_location_path(path: str) -> typing.Dict[str, str]

Parse a location path into its component segments.

parse_common_organization_path

parse_common_organization_path(path: str) -> typing.Dict[str, str]

Parse a organization path into its component segments.

parse_common_project_path

parse_common_project_path(path: str) -> typing.Dict[str, str]

Parse a project path into its component segments.

parse_tunnel_dest_group_path

parse_tunnel_dest_group_path(path: str) -> typing.Dict[str, str]

Parses a tunnel_dest_group path into its component segments.

parse_tunnel_location_path

parse_tunnel_location_path(path: str) -> typing.Dict[str, str]

Parses a tunnel_location path into its component segments.

set_iam_policy

set_iam_policy(
    request: typing.Optional[
        typing.Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]
    ] = None,
    *,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.iam.v1.policy_pb2.Policy

Sets the access control policy for an Identity-Aware Proxy protected resource. Replaces any existing policy. More information about managing access via IAP can be found at: https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import iap_v1
from google.iam.v1 import iam_policy_pb2  # type: ignore

async def sample_set_iam_policy():
    # Create a client
    client = iap_v1.IdentityAwareProxyAdminServiceAsyncClient()

    # Initialize request argument(s)
    request = iam_policy_pb2.SetIamPolicyRequest(
        resource="resource_value",
    )

    # Make the request
    response = await client.set_iam_policy(request=request)

    # Handle the response
    print(response)
Parameters
Name Description
request Optional[Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]]

The request object. Request message for SetIamPolicy method.

retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.

Returns
Type Description
google.iam.v1.policy_pb2.Policy An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members, or principals, to a single role. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a binding can also specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** :literal:\ { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01t00:00:00.000z')",="" }="" }="" ],="" "etag":="" "bwwwja0yfja=", " version":="" 3="">\ \ **YAML example:** :literal:\ bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01t00:00:00.000z')="" etag:="" bwwwja0yfja="version:">\ \ For a description of IAM and its features, see the [IAM documentation](\ https://cloud.google.com/iam/docs/).

test_iam_permissions

test_iam_permissions(
    request: typing.Optional[
        typing.Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]
    ] = None,
    *,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse

Returns permissions that a caller has on the Identity-Aware Proxy protected resource. More information about managing access via IAP can be found at: https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import iap_v1
from google.iam.v1 import iam_policy_pb2  # type: ignore

async def sample_test_iam_permissions():
    # Create a client
    client = iap_v1.IdentityAwareProxyAdminServiceAsyncClient()

    # Initialize request argument(s)
    request = iam_policy_pb2.TestIamPermissionsRequest(
        resource="resource_value",
        permissions=['permissions_value1', 'permissions_value2'],
    )

    # Make the request
    response = await client.test_iam_permissions(request=request)

    # Handle the response
    print(response)
Parameters
Name Description
request Optional[Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]]

The request object. Request message for TestIamPermissions method.

retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.

Returns
Type Description
google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse Response message for TestIamPermissions method.

tunnel_dest_group_path

tunnel_dest_group_path(project: str, location: str, dest_group: str) -> str

Returns a fully-qualified tunnel_dest_group string.

tunnel_location_path

tunnel_location_path(project: str, location: str) -> str

Returns a fully-qualified tunnel_location string.

update_iap_settings

update_iap_settings(
    request: typing.Optional[
        typing.Union[google.cloud.iap_v1.types.service.UpdateIapSettingsRequest, dict]
    ] = None,
    *,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.cloud.iap_v1.types.service.IapSettings

Updates the IAP settings on a particular IAP protected resource. It replaces all fields unless the update_mask is set.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import iap_v1

async def sample_update_iap_settings():
    # Create a client
    client = iap_v1.IdentityAwareProxyAdminServiceAsyncClient()

    # Initialize request argument(s)
    iap_settings = iap_v1.IapSettings()
    iap_settings.name = "name_value"

    request = iap_v1.UpdateIapSettingsRequest(
        iap_settings=iap_settings,
    )

    # Make the request
    response = await client.update_iap_settings(request=request)

    # Handle the response
    print(response)
Parameters
Name Description
request Optional[Union[google.cloud.iap_v1.types.UpdateIapSettingsRequest, dict]]

The request object. The request sent to UpdateIapSettings.

retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.

Returns
Type Description
google.cloud.iap_v1.types.IapSettings The IAP configurable settings.

update_tunnel_dest_group

update_tunnel_dest_group(
    request: typing.Optional[
        typing.Union[
            google.cloud.iap_v1.types.service.UpdateTunnelDestGroupRequest, dict
        ]
    ] = None,
    *,
    tunnel_dest_group: typing.Optional[
        google.cloud.iap_v1.types.service.TunnelDestGroup
    ] = None,
    update_mask: typing.Optional[google.protobuf.field_mask_pb2.FieldMask] = None,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.cloud.iap_v1.types.service.TunnelDestGroup

Updates a TunnelDestGroup.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import iap_v1

async def sample_update_tunnel_dest_group():
    # Create a client
    client = iap_v1.IdentityAwareProxyAdminServiceAsyncClient()

    # Initialize request argument(s)
    tunnel_dest_group = iap_v1.TunnelDestGroup()
    tunnel_dest_group.name = "name_value"

    request = iap_v1.UpdateTunnelDestGroupRequest(
        tunnel_dest_group=tunnel_dest_group,
    )

    # Make the request
    response = await client.update_tunnel_dest_group(request=request)

    # Handle the response
    print(response)
Parameters
Name Description
request Optional[Union[google.cloud.iap_v1.types.UpdateTunnelDestGroupRequest, dict]]

The request object. The request to UpdateTunnelDestGroup.

tunnel_dest_group TunnelDestGroup

Required. The new values for the TunnelDestGroup. This corresponds to the tunnel_dest_group field on the request instance; if request is provided, this should not be set.

update_mask google.protobuf.field_mask_pb2.FieldMask

A field mask that specifies which IAP settings to update. If omitted, then all of the settings are updated. See https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask This corresponds to the update_mask field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.

Returns
Type Description
google.cloud.iap_v1.types.TunnelDestGroup A TunnelDestGroup.