The google-iam1 library allows access to all features of the Google Iam service.

This documentation was generated from Iam crate version 6.0.0+20240621, where 20240621 is the exact revision of the iam:v1 schema built by the mako code generator v6.0.0.

Everything else about the Iam v1 API can be found at the official documentation site.

Features

Handle the following Resources with ease from the central hub ...

• iam policies
• lint policy and query auditable services
• locations
• workforce pools create, workforce pools delete, workforce pools get, workforce pools get iam policy, workforce pools list, workforce pools operations get, workforce pools patch, workforce pools providers create, workforce pools providers delete, workforce pools providers get, workforce pools providers keys create, workforce pools providers keys delete, workforce pools providers keys get, workforce pools providers keys list, workforce pools providers keys operations get, workforce pools providers keys undelete, workforce pools providers list, workforce pools providers operations get, workforce pools providers patch, workforce pools providers undelete, workforce pools set iam policy, workforce pools subjects delete, workforce pools subjects operations get, workforce pools subjects undelete, workforce pools test iam permissions and workforce pools undelete
• organizations
• roles create, roles delete, roles get, roles list, roles patch and roles undelete
• permissions
• query testable permissions
• projects
• locations oauth clients create, locations oauth clients credentials create, locations oauth clients credentials delete, locations oauth clients credentials get, locations oauth clients credentials list, locations oauth clients credentials patch, locations oauth clients delete, locations oauth clients get, locations oauth clients list, locations oauth clients patch, locations oauth clients undelete, locations workload identity pools create, locations workload identity pools delete, locations workload identity pools get, locations workload identity pools list, locations workload identity pools namespaces managed identities operations get, locations workload identity pools namespaces managed identities workload sources operations get, locations workload identity pools namespaces operations get, locations workload identity pools operations get, locations workload identity pools patch, locations workload identity pools providers create, locations workload identity pools providers delete, locations workload identity pools providers get, locations workload identity pools providers keys create, locations workload identity pools providers keys delete, locations workload identity pools providers keys get, locations workload identity pools providers keys list, locations workload identity pools providers keys operations get, locations workload identity pools providers keys undelete, locations workload identity pools providers list, locations workload identity pools providers operations get, locations workload identity pools providers patch, locations workload identity pools providers undelete, locations workload identity pools undelete, roles create, roles delete, roles get, roles list, roles patch, roles undelete, service accounts create, service accounts delete, service accounts disable, service accounts enable, service accounts get, service accounts get iam policy, service accounts keys create, service accounts keys delete, service accounts keys disable, service accounts keys enable, service accounts keys get, service accounts keys list, service accounts keys patch, service accounts keys upload, service accounts list, service accounts patch, service accounts set iam policy, service accounts sign blob, service accounts sign jwt, service accounts test iam permissions, service accounts undelete and service accounts update
• roles
• get, list and query grantable roles

Structure of this Library

The API is structured into the following primary items:

• Hub
  • a central object to maintain state and allow accessing all Activities
  • creates Method Builders which in turn allow access to individual Call Builders
• Resources
  • primary types that you can apply Activities to
  • a collection of properties and Parts
  • Parts
    • a collection of properties
    • never directly used in Activities
• Activities
  • operations to apply to Resources

All structures are marked with applicable traits to further categorize them and ease browsing.

Generally speaking, you can invoke Activities like this:

let r = hub.resource().activity(...).doit().await

Or specifically ...

let r = hub.locations().workforce_pools_operations_get(...).doit().await
let r = hub.locations().workforce_pools_providers_keys_operations_get(...).doit().await
let r = hub.locations().workforce_pools_providers_keys_create(...).doit().await
let r = hub.locations().workforce_pools_providers_keys_delete(...).doit().await
let r = hub.locations().workforce_pools_providers_keys_undelete(...).doit().await
let r = hub.locations().workforce_pools_providers_operations_get(...).doit().await
let r = hub.locations().workforce_pools_providers_create(...).doit().await
let r = hub.locations().workforce_pools_providers_delete(...).doit().await
let r = hub.locations().workforce_pools_providers_patch(...).doit().await
let r = hub.locations().workforce_pools_providers_undelete(...).doit().await
let r = hub.locations().workforce_pools_subjects_operations_get(...).doit().await
let r = hub.locations().workforce_pools_subjects_delete(...).doit().await
let r = hub.locations().workforce_pools_subjects_undelete(...).doit().await
let r = hub.locations().workforce_pools_create(...).doit().await
let r = hub.locations().workforce_pools_delete(...).doit().await
let r = hub.locations().workforce_pools_patch(...).doit().await
let r = hub.locations().workforce_pools_undelete(...).doit().await
let r = hub.projects().locations_workload_identity_pools_namespaces_managed_identities_operations_get(...).doit().await
let r = hub.projects().locations_workload_identity_pools_namespaces_managed_identities_workload_sources_operations_get(...).doit().await
let r = hub.projects().locations_workload_identity_pools_namespaces_operations_get(...).doit().await
let r = hub.projects().locations_workload_identity_pools_operations_get(...).doit().await
let r = hub.projects().locations_workload_identity_pools_providers_keys_operations_get(...).doit().await
let r = hub.projects().locations_workload_identity_pools_providers_keys_create(...).doit().await
let r = hub.projects().locations_workload_identity_pools_providers_keys_delete(...).doit().await
let r = hub.projects().locations_workload_identity_pools_providers_keys_undelete(...).doit().await
let r = hub.projects().locations_workload_identity_pools_providers_operations_get(...).doit().await
let r = hub.projects().locations_workload_identity_pools_providers_create(...).doit().await
let r = hub.projects().locations_workload_identity_pools_providers_delete(...).doit().await
let r = hub.projects().locations_workload_identity_pools_providers_patch(...).doit().await
let r = hub.projects().locations_workload_identity_pools_providers_undelete(...).doit().await
let r = hub.projects().locations_workload_identity_pools_create(...).doit().await
let r = hub.projects().locations_workload_identity_pools_delete(...).doit().await
let r = hub.projects().locations_workload_identity_pools_patch(...).doit().await
let r = hub.projects().locations_workload_identity_pools_undelete(...).doit().await

The resource() and activity(...) calls create builders. The second one dealing with Activities supports various methods to configure the impending operation (not shown here). It is made such that all required arguments have to be specified right away (i.e. (...)), whereas all optional ones can be build up as desired. The doit() method performs the actual communication with the server and returns the respective result.

Usage

Setting up your Project

To use this library, you would put the following lines into your Cargo.toml file:

[dependencies]
google-iam1 = "*"
serde = "1"
serde_json = "1"

A complete example

extern crate hyper;
extern crate hyper_rustls;
extern crate google_iam1 as iam1;
use iam1::api::WorkforcePoolProviderKey;
use iam1::{Result, Error};
use iam1::{Iam, FieldMask, hyper_rustls, hyper_util, yup_oauth2};

// Get an ApplicationSecret instance by some means. It contains the `client_id` and
// `client_secret`, among other things.
let secret: yup_oauth2::ApplicationSecret = Default::default();
// Instantiate the authenticator. It will choose a suitable authentication flow for you,
// unless you replace  `None` with the desired Flow.
// Provide your own `AuthenticatorDelegate` to adjust the way it operates and get feedback about
// what's going on. You probably want to bring in your own `TokenStorage` to persist tokens and
// retrieve them from storage.
let auth = yup_oauth2::InstalledFlowAuthenticator::builder(
    secret,
    yup_oauth2::InstalledFlowReturnMethod::HTTPRedirect,
).build().await.unwrap();

let client = hyper_util::client::legacy::Client::builder(
    hyper_util::rt::TokioExecutor::new()
)
.build(
    hyper_rustls::HttpsConnectorBuilder::new()
        .with_native_roots()
        .unwrap()
        .https_or_http()
        .enable_http1()
        .build()
);
let mut hub = Iam::new(client, auth);
// As the method needs a request, you would usually fill it with the desired information
// into the respective structure. Some of the parts shown here might not be applicable !
// Values shown here are possibly random and not representative !
let mut req = WorkforcePoolProviderKey::default();

// You can configure optional parameters by calling the respective setters at will, and
// execute the final call using `doit()`.
// Values shown here are possibly random and not representative !
let result = hub.locations().workforce_pools_providers_keys_create(req, "parent")
             .workforce_pool_provider_key_id("magna")
             .doit().await;

match result {
    Err(e) => match e {
        // The Error enum provides details about what exactly happened.
        // You can also just use its `Debug`, `Display` or `Error` traits
         Error::HttpError(_)
        |Error::Io(_)
        |Error::MissingAPIKey
        |Error::MissingToken(_)
        |Error::Cancelled
        |Error::UploadSizeLimitExceeded(_, _)
        |Error::Failure(_)
        |Error::BadRequest(_)
        |Error::FieldClash(_)
        |Error::JsonDecodeError(_, _) => println!("{}", e),
    },
    Ok(res) => println!("Success: {:?}", res),
}

Handling Errors

All errors produced by the system are provided either as Result enumeration as return value of the doit() methods, or handed as possibly intermediate results to either the Hub Delegate, or the Authenticator Delegate.

When delegates handle errors or intermediate values, they may have a chance to instruct the system to retry. This makes the system potentially resilient to all kinds of errors.

Uploads and Downloads

If a method supports downloads, the response body, which is part of the Result, should be read by you to obtain the media. If such a method also supports a Response Result, it will return that by default. You can see it as meta-data for the actual media. To trigger a media download, you will have to set up the builder by making this call: .param("alt", "media").

Methods supporting uploads can do so using up to 2 different protocols: simple and resumable. The distinctiveness of each is represented by customized doit(...) methods, which are then named upload(...) and upload_resumable(...) respectively.

Customization and Callbacks

You may alter the way an doit() method is called by providing a delegate to the Method Builder before making the final doit() call. Respective methods will be called to provide progress information, as well as determine whether the system should retry on failure.

The delegate trait is default-implemented, allowing you to customize it with minimal effort.

Optional Parts in Server-Requests

All structures provided by this library are made to be encodable and decodable via json. Optionals are used to indicate that partial requests are responses are valid. Most optionals are are considered Parts which are identifiable by name, which will be sent to the server to indicate either the set parts of the request or the desired parts in the response.

Builder Arguments

Using method builders, you are able to prepare an action call by repeatedly calling it's methods. These will always take a single argument, for which the following statements are true.

• PODs are handed by copy
• strings are passed as &str
• request values are moved

Arguments will always be copied or cloned into the builder, to make them independent of their original life times.

Cargo Features

• utoipa - Add support for utoipa and derive utoipa::ToSchema on all the types. You'll have to import and register the required types in #[openapi(schemas(...))], otherwise the generated openapi spec would be invalid.

License

The iam1 library was generated by Sebastian Thiel, and is placed under the MIT license. You can read the full text at the repository's license file.