xref: /aosp_15_r20/external/googleapis/google/cloud/iap/v1beta1/service.proto (revision d5c09012810ac0c9f33fe448fb6da8260d444cc9) 
1// Copyright 2021 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//     http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15syntax = "proto3";
16
17package google.cloud.iap.v1beta1;
18
19import "google/api/annotations.proto";
20import "google/api/client.proto";
21import "google/iam/v1/iam_policy.proto";
22import "google/iam/v1/policy.proto";
23
24option go_package = "cloud.google.com/go/iap/apiv1beta1/iappb;iappb";
25option java_multiple_files = true;
26option java_package = "com.google.cloud.iap.v1beta1";
27
28// APIs for Identity-Aware Proxy Admin configurations.
29service IdentityAwareProxyAdminV1Beta1 {
30  option (google.api.default_host) = "iap.googleapis.com";
31  option (google.api.oauth_scopes) =
32      "https://www.googleapis.com/auth/cloud-platform";
33
34  // Sets the access control policy for an Identity-Aware Proxy protected
35  // resource. Replaces any existing policy.
36  // More information about managing access via IAP can be found at:
37  // https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api
38  rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest)
39      returns (google.iam.v1.Policy) {
40    option (google.api.http) = {
41      post: "/v1beta1/{resource=**}:setIamPolicy"
42      body: "*"
43    };
44  }
45
46  // Gets the access control policy for an Identity-Aware Proxy protected
47  // resource.
48  // More information about managing access via IAP can be found at:
49  // https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api
50  rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest)
51      returns (google.iam.v1.Policy) {
52    option (google.api.http) = {
53      post: "/v1beta1/{resource=**}:getIamPolicy"
54      body: "*"
55    };
56  }
57
58  // Returns permissions that a caller has on the Identity-Aware Proxy protected
59  // resource. If the resource does not exist or the caller does not have
60  // Identity-Aware Proxy permissions a [google.rpc.Code.PERMISSION_DENIED]
61  // will be returned.
62  // More information about managing access via IAP can be found at:
63  // https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api
64  rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest)
65      returns (google.iam.v1.TestIamPermissionsResponse) {
66    option (google.api.http) = {
67      post: "/v1beta1/{resource=**}:testIamPermissions"
68      body: "*"
69    };
70  }
71}
72