|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318 |
- {
- "auth": {
- "oauth2": {
- "scopes": {
- "https://www.googleapis.com/auth/cloud-platform": {
- "description": "View and manage your data across Google Cloud Platform services"
- }
- }
- }
- },
- "basePath": "",
- "baseUrl": "https://iap.googleapis.com/",
- "batchPath": "batch",
- "canonicalName": "Cloud IAP",
- "description": "Controls access to cloud applications running on Google Cloud Platform.",
- "discoveryVersion": "v1",
- "documentationLink": "https://cloud.google.com/iap",
- "fullyEncodeReservedExpansion": true,
- "icons": {
- "x16": "http://www.google.com/images/icons/product/search-16.gif",
- "x32": "http://www.google.com/images/icons/product/search-32.gif"
- },
- "id": "iap:v1",
- "kind": "discovery#restDescription",
- "name": "iap",
- "ownerDomain": "google.com",
- "ownerName": "Google",
- "parameters": {
- "$.xgafv": {
- "description": "V1 error format.",
- "enum": [
- "1",
- "2"
- ],
- "enumDescriptions": [
- "v1 error format",
- "v2 error format"
- ],
- "location": "query",
- "type": "string"
- },
- "access_token": {
- "description": "OAuth access token.",
- "location": "query",
- "type": "string"
- },
- "alt": {
- "default": "json",
- "description": "Data format for response.",
- "enum": [
- "json",
- "media",
- "proto"
- ],
- "enumDescriptions": [
- "Responses with Content-Type of application/json",
- "Media download with context-dependent Content-Type",
- "Responses with Content-Type of application/x-protobuf"
- ],
- "location": "query",
- "type": "string"
- },
- "callback": {
- "description": "JSONP",
- "location": "query",
- "type": "string"
- },
- "fields": {
- "description": "Selector specifying which fields to include in a partial response.",
- "location": "query",
- "type": "string"
- },
- "key": {
- "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
- "location": "query",
- "type": "string"
- },
- "oauth_token": {
- "description": "OAuth 2.0 token for the current user.",
- "location": "query",
- "type": "string"
- },
- "prettyPrint": {
- "default": "true",
- "description": "Returns response with indentations and line breaks.",
- "location": "query",
- "type": "boolean"
- },
- "quotaUser": {
- "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.",
- "location": "query",
- "type": "string"
- },
- "uploadType": {
- "description": "Legacy upload protocol for media (e.g. \"media\", \"multipart\").",
- "location": "query",
- "type": "string"
- },
- "upload_protocol": {
- "description": "Upload protocol for media (e.g. \"raw\", \"multipart\").",
- "location": "query",
- "type": "string"
- }
- },
- "protocol": "rest",
- "resources": {
- "v1": {
- "methods": {
- "getIamPolicy": {
- "description": "Gets the access control policy for an Identity-Aware Proxy protected\nresource.\nMore information about managing access via IAP can be found at:\nhttps://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api",
- "flatPath": "v1/{v1Id}:getIamPolicy",
- "httpMethod": "POST",
- "id": "iap.getIamPolicy",
- "parameterOrder": [
- "resource"
- ],
- "parameters": {
- "resource": {
- "description": "REQUIRED: The resource for which the policy is being requested.\nSee the operation documentation for the appropriate value for this field.",
- "location": "path",
- "pattern": "^.+$",
- "required": true,
- "type": "string"
- }
- },
- "path": "v1/{+resource}:getIamPolicy",
- "request": {
- "$ref": "GetIamPolicyRequest"
- },
- "response": {
- "$ref": "Policy"
- },
- "scopes": [
- "https://www.googleapis.com/auth/cloud-platform"
- ]
- },
- "setIamPolicy": {
- "description": "Sets the access control policy for an Identity-Aware Proxy protected\nresource. Replaces any existing policy.\nMore information about managing access via IAP can be found at:\nhttps://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api",
- "flatPath": "v1/{v1Id}:setIamPolicy",
- "httpMethod": "POST",
- "id": "iap.setIamPolicy",
- "parameterOrder": [
- "resource"
- ],
- "parameters": {
- "resource": {
- "description": "REQUIRED: The resource for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.",
- "location": "path",
- "pattern": "^.+$",
- "required": true,
- "type": "string"
- }
- },
- "path": "v1/{+resource}:setIamPolicy",
- "request": {
- "$ref": "SetIamPolicyRequest"
- },
- "response": {
- "$ref": "Policy"
- },
- "scopes": [
- "https://www.googleapis.com/auth/cloud-platform"
- ]
- },
- "testIamPermissions": {
- "description": "Returns permissions that a caller has on the Identity-Aware Proxy protected\nresource.\nMore information about managing access via IAP can be found at:\nhttps://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api",
- "flatPath": "v1/{v1Id}:testIamPermissions",
- "httpMethod": "POST",
- "id": "iap.testIamPermissions",
- "parameterOrder": [
- "resource"
- ],
- "parameters": {
- "resource": {
- "description": "REQUIRED: The resource for which the policy detail is being requested.\nSee the operation documentation for the appropriate value for this field.",
- "location": "path",
- "pattern": "^.+$",
- "required": true,
- "type": "string"
- }
- },
- "path": "v1/{+resource}:testIamPermissions",
- "request": {
- "$ref": "TestIamPermissionsRequest"
- },
- "response": {
- "$ref": "TestIamPermissionsResponse"
- },
- "scopes": [
- "https://www.googleapis.com/auth/cloud-platform"
- ]
- }
- }
- }
- },
- "revision": "20190306",
- "rootUrl": "https://iap.googleapis.com/",
- "schemas": {
- "Binding": {
- "description": "Associates `members` with a `role`.",
- "id": "Binding",
- "properties": {
- "condition": {
- "$ref": "Expr",
- "description": "Unimplemented. The condition that is associated with this binding.\nNOTE: an unsatisfied condition will not allow user access via current\nbinding. Different bindings, including their conditions, are examined\nindependently."
- },
- "members": {
- "description": "Specifies the identities requesting access for a Cloud Platform resource.\n`members` can have the following values:\n\n* `allUsers`: A special identifier that represents anyone who is\n on the internet; with or without a Google account.\n\n* `allAuthenticatedUsers`: A special identifier that represents anyone\n who is authenticated with a Google account or a service account.\n\n* `user:{emailid}`: An email address that represents a specific Google\n account. For example, `alice@gmail.com` .\n\n\n* `serviceAccount:{emailid}`: An email address that represents a service\n account. For example, `my-other-app@appspot.gserviceaccount.com`.\n\n* `group:{emailid}`: An email address that represents a Google group.\n For example, `admins@example.com`.\n\n\n* `domain:{domain}`: The G Suite domain (primary) that represents all the\n users of that domain. For example, `google.com` or `example.com`.\n\n",
- "items": {
- "type": "string"
- },
- "type": "array"
- },
- "role": {
- "description": "Role that is assigned to `members`.\nFor example, `roles/viewer`, `roles/editor`, or `roles/owner`.",
- "type": "string"
- }
- },
- "type": "object"
- },
- "Expr": {
- "description": "Represents an expression text. Example:\n\n title: \"User account presence\"\n description: \"Determines whether the request has a user account\"\n expression: \"size(request.user) \u003e 0\"",
- "id": "Expr",
- "properties": {
- "description": {
- "description": "An optional description of the expression. This is a longer text which\ndescribes the expression, e.g. when hovered over it in a UI.",
- "type": "string"
- },
- "expression": {
- "description": "Textual representation of an expression in\nCommon Expression Language syntax.\n\nThe application context of the containing message determines which\nwell-known feature set of CEL is supported.",
- "type": "string"
- },
- "location": {
- "description": "An optional string indicating the location of the expression for error\nreporting, e.g. a file name and a position in the file.",
- "type": "string"
- },
- "title": {
- "description": "An optional title for the expression, i.e. a short string describing\nits purpose. This can be used e.g. in UIs which allow to enter the\nexpression.",
- "type": "string"
- }
- },
- "type": "object"
- },
- "GetIamPolicyRequest": {
- "description": "Request message for `GetIamPolicy` method.",
- "id": "GetIamPolicyRequest",
- "properties": {},
- "type": "object"
- },
- "Policy": {
- "description": "Defines an Identity and Access Management (IAM) policy. It is used to\nspecify access control policies for Cloud Platform resources.\n\n\nA `Policy` consists of a list of `bindings`. A `binding` binds a list of\n`members` to a `role`, where the members can be user accounts, Google groups,\nGoogle domains, and service accounts. A `role` is a named list of permissions\ndefined by IAM.\n\n**JSON Example**\n\n {\n \"bindings\": [\n {\n \"role\": \"roles/owner\",\n \"members\": [\n \"user:mike@example.com\",\n \"group:admins@example.com\",\n \"domain:google.com\",\n \"serviceAccount:my-other-app@appspot.gserviceaccount.com\"\n ]\n },\n {\n \"role\": \"roles/viewer\",\n \"members\": [\"user:sean@example.com\"]\n }\n ]\n }\n\n**YAML Example**\n\n bindings:\n - members:\n - user:mike@example.com\n - group:admins@example.com\n - domain:google.com\n - serviceAccount:my-other-app@appspot.gserviceaccount.com\n role: roles/owner\n - members:\n - user:sean@example.com\n role: roles/viewer\n\n\nFor a description of IAM and its features, see the\n[IAM developer's guide](https://cloud.google.com/iam/docs).",
- "id": "Policy",
- "properties": {
- "bindings": {
- "description": "Associates a list of `members` to a `role`.\n`bindings` with no members will result in an error.",
- "items": {
- "$ref": "Binding"
- },
- "type": "array"
- },
- "etag": {
- "description": "`etag` is used for optimistic concurrency control as a way to help\nprevent simultaneous updates of a policy from overwriting each other.\nIt is strongly suggested that systems make use of the `etag` in the\nread-modify-write cycle to perform policy updates in order to avoid race\nconditions: An `etag` is returned in the response to `getIamPolicy`, and\nsystems are expected to put that etag in the request to `setIamPolicy` to\nensure that their change will be applied to the same version of the policy.\n\nIf no `etag` is provided in the call to `setIamPolicy`, then the existing\npolicy is overwritten blindly.",
- "format": "byte",
- "type": "string"
- },
- "version": {
- "description": "Deprecated.",
- "format": "int32",
- "type": "integer"
- }
- },
- "type": "object"
- },
- "SetIamPolicyRequest": {
- "description": "Request message for `SetIamPolicy` method.",
- "id": "SetIamPolicyRequest",
- "properties": {
- "policy": {
- "$ref": "Policy",
- "description": "REQUIRED: The complete policy to be applied to the `resource`. The size of\nthe policy is limited to a few 10s of KB. An empty policy is a\nvalid policy but certain Cloud Platform services (such as Projects)\nmight reject them."
- }
- },
- "type": "object"
- },
- "TestIamPermissionsRequest": {
- "description": "Request message for `TestIamPermissions` method.",
- "id": "TestIamPermissionsRequest",
- "properties": {
- "permissions": {
- "description": "The set of permissions to check for the `resource`. Permissions with\nwildcards (such as '*' or 'storage.*') are not allowed. For more\ninformation see\n[IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).",
- "items": {
- "type": "string"
- },
- "type": "array"
- }
- },
- "type": "object"
- },
- "TestIamPermissionsResponse": {
- "description": "Response message for `TestIamPermissions` method.",
- "id": "TestIamPermissionsResponse",
- "properties": {
- "permissions": {
- "description": "A subset of `TestPermissionsRequest.permissions` that the caller is\nallowed.",
- "items": {
- "type": "string"
- },
- "type": "array"
- }
- },
- "type": "object"
- }
- },
- "servicePath": "",
- "title": "Cloud Identity-Aware Proxy API",
- "version": "v1",
- "version_module": true
- }
|