You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
<pclass="firstline">Add an AttestationRule on a WorkloadIdentityPoolManagedIdentity. The total attestation rules after addition must not exceed 50.</p>
<pclass="firstline">Lists all non-deleted WorkloadIdentityPools in a project. If `show_deleted` is set to `true`, then deleted pools are also listed.</p>
<pre>Add an AttestationRule on a WorkloadIdentityPoolManagedIdentity. The total attestation rules after addition must not exceed 50.
144
+
145
+
Args:
146
+
resource: string, Required. The resource name of the managed identity or namespace resource to add an attestation rule to. (required)
147
+
body: object, The request body.
148
+
The object takes the form of:
149
+
150
+
{ # Request message for AddAttestationRule.
151
+
"attestationRule": { # Defines which workloads can receive an identity within a pool. When an AttestationRule is defined under a managed identity, matching workloads may receive that identity. # Required. The attestation rule to be added.
152
+
"googleCloudResource": "A String", # Optional. A single workload operating on Google Cloud. For example: `//compute.googleapis.com/projects/123/uid/zones/us-central1-a/instances/12345`.
153
+
},
154
+
}
155
+
156
+
x__xgafv: string, V1 error format.
157
+
Allowed values
158
+
1 - v1 error format
159
+
2 - v2 error format
160
+
161
+
Returns:
162
+
An object of the form:
163
+
164
+
{ # This resource represents a long-running operation that is the result of a network API call.
165
+
"done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
166
+
"error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
167
+
"code": 42, # The status code, which should be an enum value of google.rpc.Code.
168
+
"details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
169
+
{
170
+
"a_key": "", # Properties of the object. Contains field @type with type URL.
171
+
},
172
+
],
173
+
"message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
174
+
},
175
+
"metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
176
+
"a_key": "", # Properties of the object. Contains field @type with type URL.
177
+
},
178
+
"name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
179
+
"response": { # The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
180
+
"a_key": "", # Properties of the object. Contains field @type with type URL.
<pre>List all AttestationRule on a WorkloadIdentityPoolManagedIdentity.
463
+
464
+
Args:
465
+
resource: string, Required. The resource name of the managed identity or namespace resource to list attestation rules of. (required)
466
+
filter: string, Optional. A query filter. Supports the following function: * `container_ids()`: Returns only the AttestationRules under the specific container ids. The function expects a comma-delimited list with only project numbers and must use the format `projects/`. For example: `container_ids(projects/, projects/,...)`.
467
+
pageSize: integer, Optional. The maximum number of AttestationRules to return. If unspecified, at most 50 AttestationRules are returned. The maximum value is 100; values above 100 are truncated to 100.
468
+
pageToken: string, Optional. A page token, received from a previous `ListWorkloadIdentityPoolProviderKeys` call. Provide this to retrieve the subsequent page.
469
+
x__xgafv: string, V1 error format.
470
+
Allowed values
471
+
1 - v1 error format
472
+
2 - v2 error format
473
+
474
+
Returns:
475
+
An object of the form:
476
+
477
+
{ # Response message for ListAttestationRules.
478
+
"attestationRules": [ # A list of AttestationRules.
479
+
{ # Defines which workloads can receive an identity within a pool. When an AttestationRule is defined under a managed identity, matching workloads may receive that identity.
480
+
"googleCloudResource": "A String", # Optional. A single workload operating on Google Cloud. For example: `//compute.googleapis.com/projects/123/uid/zones/us-central1-a/instances/12345`.
481
+
},
482
+
],
483
+
"nextPageToken": "A String", # Optional. A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages.
<pre>Remove an AttestationRule on a WorkloadIdentityPoolManagedIdentity.
591
+
592
+
Args:
593
+
resource: string, Required. The resource name of the managed identity or namespace resource to remove an attestation rule from. (required)
594
+
body: object, The request body.
595
+
The object takes the form of:
596
+
597
+
{ # Request message for RemoveAttestationRule.
598
+
"attestationRule": { # Defines which workloads can receive an identity within a pool. When an AttestationRule is defined under a managed identity, matching workloads may receive that identity. # Required. The attestation rule to be removed.
599
+
"googleCloudResource": "A String", # Optional. A single workload operating on Google Cloud. For example: `//compute.googleapis.com/projects/123/uid/zones/us-central1-a/instances/12345`.
600
+
},
601
+
}
602
+
603
+
x__xgafv: string, V1 error format.
604
+
Allowed values
605
+
1 - v1 error format
606
+
2 - v2 error format
607
+
608
+
Returns:
609
+
An object of the form:
610
+
611
+
{ # This resource represents a long-running operation that is the result of a network API call.
612
+
"done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
613
+
"error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
614
+
"code": 42, # The status code, which should be an enum value of google.rpc.Code.
615
+
"details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
616
+
{
617
+
"a_key": "", # Properties of the object. Contains field @type with type URL.
618
+
},
619
+
],
620
+
"message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
621
+
},
622
+
"metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
623
+
"a_key": "", # Properties of the object. Contains field @type with type URL.
624
+
},
625
+
"name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
626
+
"response": { # The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
627
+
"a_key": "", # Properties of the object. Contains field @type with type URL.
<pre>Set all AttestationRule on a WorkloadIdentityPoolManagedIdentity. A maximum of 50 AttestationRules can be set.
635
+
636
+
Args:
637
+
resource: string, Required. The resource name of the managed identity or namespace resource to add an attestation rule to. (required)
638
+
body: object, The request body.
639
+
The object takes the form of:
640
+
641
+
{ # Request message for SetAttestationRules.
642
+
"attestationRules": [ # Required. The attestation rules to be set. At most 50 attestation rules can be set.
643
+
{ # Defines which workloads can receive an identity within a pool. When an AttestationRule is defined under a managed identity, matching workloads may receive that identity.
644
+
"googleCloudResource": "A String", # Optional. A single workload operating on Google Cloud. For example: `//compute.googleapis.com/projects/123/uid/zones/us-central1-a/instances/12345`.
645
+
},
646
+
],
647
+
}
648
+
649
+
x__xgafv: string, V1 error format.
650
+
Allowed values
651
+
1 - v1 error format
652
+
2 - v2 error format
653
+
654
+
Returns:
655
+
An object of the form:
656
+
657
+
{ # This resource represents a long-running operation that is the result of a network API call.
658
+
"done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
659
+
"error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
660
+
"code": 42, # The status code, which should be an enum value of google.rpc.Code.
661
+
"details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
662
+
{
663
+
"a_key": "", # Properties of the object. Contains field @type with type URL.
664
+
},
665
+
],
666
+
"message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
667
+
},
668
+
"metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
669
+
"a_key": "", # Properties of the object. Contains field @type with type URL.
670
+
},
671
+
"name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
672
+
"response": { # The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
673
+
"a_key": "", # Properties of the object. Contains field @type with type URL.
0 commit comments