accesscontextmanager/v1 library

Access Context Manager API - v1

An API for setting attribute based access control to requests to Google Cloud services. Warning: Do not mix v1alpha and v1 API usage in the same access policy. The v1alpha API supports new Access Context Manager features, which may have different attributes or behaviors that are not supported by v1. The practice of mixed API usage within a policy may result in the inability to update that policy, including any access levels or service perimeters belonging to it. It is not recommended to use both v1 and v1alpha for modifying policies with critical service perimeters. Modifications using v1alpha should be limited to policies with non-production/non-critical service perimeters.

For more information, see cloud.google.com/access-context-manager/docs/reference/rest/

Create an instance of AccessContextManagerApi to access these resources:

Classes

AccessContextManagerApi
An API for setting attribute based access control to requests to Google Cloud services.
AccessLevel
An AccessLevel is a label that can be applied to requests to Google Cloud services, along with a list of requirements necessary for the label to be applied.
AccessPoliciesAccessLevelsResource
AccessPoliciesAuthorizedOrgsDescsResource
AccessPoliciesResource
AccessPoliciesServicePerimetersResource
AccessPolicy
AccessPolicy is a container for AccessLevels (which define the necessary attributes to use Google Cloud services) and ServicePerimeters (which define regions of services able to freely pass data within a perimeter).
ApiOperation
Identification for an API Operation.
Application
An application that accesses Google Cloud APIs.
AuditConfig
Specifies the audit configuration for a service.
AuthorizedOrgsDesc
AuthorizedOrgsDesc contains data for an organization's authorization policy.
BasicLevel
BasicLevel is an AccessLevel using a set of recommended features.
Binding
Associates members, or principals, with a role.
CommitServicePerimetersRequest
A request to commit dry-run specs in all Service Perimeters belonging to an Access Policy.
Condition
A condition necessary for an AccessLevel to be granted.
CustomLevel
CustomLevel is an AccessLevel using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request.
DevicePolicy
DevicePolicy specifies device specific restrictions necessary to acquire a given access level.
EgressFrom
Defines the conditions under which an EgressPolicy matches a request.
EgressPolicy
Policy for egress from perimeter.
EgressTo
Defines the conditions under which an EgressPolicy matches a request.
GcpUserAccessBinding
Restricts access to Cloud Console and Google Cloud APIs for a set of users using Context-Aware Access.
GetIamPolicyRequest
Request message for GetIamPolicy method.
IngressFrom
Defines the conditions under which an IngressPolicy matches a request.
IngressPolicy
Policy for ingress into ServicePerimeter.
IngressTo
Defines the conditions under which an IngressPolicy matches a request.
ListAccessLevelsResponse
A response to ListAccessLevelsRequest.
ListAccessPoliciesResponse
A response to ListAccessPoliciesRequest.
ListAuthorizedOrgsDescsResponse
A response to ListAuthorizedOrgsDescsRequest.
ListGcpUserAccessBindingsResponse
Response of ListGcpUserAccessBindings.
ListOperationsResponse
The response message for Operations.ListOperations.
ListServicePerimetersResponse
A response to ListServicePerimetersRequest.
ListSupportedServicesResponse
A response to ListSupportedServicesRequest.
Operation
This resource represents a long-running operation that is the result of a network API call.
OperationsResource
OrganizationsGcpUserAccessBindingsResource
OrganizationsResource
Policy
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
ReplaceAccessLevelsRequest
A request to replace all existing Access Levels in an Access Policy with the Access Levels provided.
ReplaceServicePerimetersRequest
A request to replace all existing Service Perimeters in an Access Policy with the Service Perimeters provided.
ServicePerimeter
ServicePerimeter describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the ServicePerimeter.
ServicePerimeterConfig
ServicePerimeterConfig specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.
ServicesResource
SetIamPolicyRequest
Request message for SetIamPolicy method.
SupportedService
SupportedService specifies the VPC Service Controls and its properties.
VpcNetworkSource
The originating network source in Google Cloud.

Typedefs

AuditLogConfig = $AuditLogConfig
Provides the configuration for logging a type of permissions.
CancelOperationRequest = $Empty
The request message for Operations.CancelOperation.
EgressSource = $EgressSource
The source that EgressPolicy authorizes access from inside the ServicePerimeter to somewhere outside the ServicePerimeter boundaries.
Empty = $Empty
A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs.
Expr = $Expr
Represents a textual expression in the Common Expression Language (CEL) syntax.
GetPolicyOptions = $GetPolicyOptions00
Encapsulates settings provided to GetIamPolicy.
IngressSource = $IngressSource
The source that IngressPolicy authorizes access from.
MethodSelector = $MethodSelector
An allowed method or permission of a service specified in ApiOperation.
OsConstraint = $OsConstraint
A restriction on the OS type and version of devices making requests.
Status = $Status
The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs.
TestIamPermissionsRequest = $TestIamPermissionsRequest00
Request message for TestIamPermissions method.
TestIamPermissionsResponse = $PermissionsResponse
Response message for TestIamPermissions method.
VpcAccessibleServices = $VpcAccessibleServices
Specifies how APIs are allowed to communicate within the Service Perimeter.
VpcSubNetwork = $VpcSubNetwork
Sub-segment ranges inside of a VPC Network.

Exceptions / Errors

ApiRequestError
Represents a general error reported by the API endpoint.
DetailedApiRequestError
Represents a specific error reported by the API endpoint.