Identity and Access Management (IAM) API (iam:v1)

2023-02-11

17 new methods

Additions

    Methods
  • iam.locations.workforcePools.undelete

      Path: v1/{+name}:undelete

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Parameters:

        name

          Required: Yes

          Type: string

          Description: Required. The name of the pool to undelete. Format: `locations/{location}/workforcePools/{workforce_pool_id}`

          Pattern: ^locations/[^/]+/workforcePools/[^/]+$

          Location: path

      Parameter Order: name

      HTTP Method: POST

      Description: Undeletes a WorkforcePool, as long as it was deleted fewer than 30 days ago.

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}:undelete

  • iam.locations.workforcePools.getIamPolicy

      HTTP Method: POST

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}:getIamPolicy

      Description: Gets IAM policies on a WorkforcePool.

      Parameters:

        resource

          Required: Yes

          Pattern: ^locations/[^/]+/workforcePools/[^/]+$

          Location: path

          Type: string

          Description: REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.

      Path: v1/{+resource}:getIamPolicy

      Parameter Order: resource

  • iam.locations.workforcePools.get

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Description: Gets an individual WorkforcePool.

      HTTP Method: GET

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}

      Path: v1/{+name}

      Parameter Order: name

      Parameters:

        name

          Pattern: ^locations/[^/]+/workforcePools/[^/]+$

          Description: Required. The name of the pool to retrieve. Format: `locations/{location}/workforcePools/{workforce_pool_id}`

          Required: Yes

          Location: path

          Type: string

  • iam.locations.workforcePools.testIamPermissions

      HTTP Method: POST

      Path: v1/{+resource}:testIamPermissions

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}:testIamPermissions

      Parameters:

        resource

          Required: Yes

          Description: REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.

          Type: string

          Location: path

          Pattern: ^locations/[^/]+/workforcePools/[^/]+$

      Description: Returns the caller's permissions on the WorkforcePool. If the pool does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error.

      Parameter Order: resource

  • iam.locations.workforcePools.setIamPolicy

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Parameters:

        resource

          Required: Yes

          Location: path

          Description: REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.

          Type: string

          Pattern: ^locations/[^/]+/workforcePools/[^/]+$

      Description: Sets IAM policies on a WorkforcePool.

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}:setIamPolicy

      Parameter Order: resource

      HTTP Method: POST

      Path: v1/{+resource}:setIamPolicy

  • iam.locations.workforcePools.delete

      HTTP Method: DELETE

      Path: v1/{+name}

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Description: Deletes a WorkforcePool. You cannot use a deleted WorkforcePool to exchange external credentials for Google Cloud credentials. However, deletion does not revoke credentials that have already been issued. Credentials issued for a deleted pool do not grant access to resources. If the pool is undeleted, and the credentials are not expired, they grant access again. You can undelete a pool for 30 days. After 30 days, deletion is permanent. You cannot update deleted pools. However, you can view and list them.

      Parameters:

        name

          Location: path

          Required: Yes

          Type: string

          Description: Required. The name of the pool to delete. Format: `locations/{location}/workforcePools/{workforce_pool_id}`

          Pattern: ^locations/[^/]+/workforcePools/[^/]+$

      Parameter Order: name

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}

  • iam.locations.workforcePools.list

      Parameters:

        showDeleted

          Description: Whether to return soft-deleted pools.

          Type: boolean

          Location: query

        pageSize

          Type: integer

          Format: int32

          Location: query

          Description: The maximum number of pools to return. If unspecified, at most 50 pools will be returned. The maximum value is 1000; values above 1000 are truncated to 1000.

        location

          Type: string

          Location: path

          Pattern: ^locations/[^/]+$

          Description: The location of the pool. Format: `locations/{location}`.

          Required: Yes

        pageToken

          Type: string

          Description: A page token, received from a previous `ListWorkforcePools` call. Provide this to retrieve the subsequent page.

          Location: query

        parent

          Type: string

          Description: Required. The parent resource to list pools for. Format: `organizations/{org-id}`.

          Location: query

      Path: v1/{+location}/workforcePools

      Scopes: https://www.googleapis.com/auth/cloud-platform

      HTTP Method: GET

      Flat Path: v1/locations/{locationsId}/workforcePools

      Description: Lists all non-deleted WorkforcePools under the specified parent. If `show_deleted` is set to `true`, then deleted pools are also listed.

      Parameter Order: location

  • iam.locations.workforcePools.patch

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Path: v1/{+name}

      Parameter Order: name

      Parameters:

        name

          Required: Yes

          Description: Output only. The resource name of the pool. Format: `locations/{location}/workforcePools/{workforce_pool_id}`

          Type: string

          Location: path

          Pattern: ^locations/[^/]+/workforcePools/[^/]+$

        updateMask

          Description: Required. The list of fields to update.

          Type: string

          Format: google-fieldmask

          Location: query

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}

      HTTP Method: PATCH

      Description: Updates an existing WorkforcePool.

  • iam.locations.workforcePools.create

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Flat Path: v1/locations/{locationsId}/workforcePools

      Path: v1/{+location}/workforcePools

      Parameters:

        location

          Required: Yes

          Pattern: ^locations/[^/]+$

          Location: path

          Type: string

          Description: The location of the pool to create. Format: `locations/{location}`.

        workforcePoolId

          Description: The ID to use for the pool, which becomes the final component of the resource name. The IDs must be a globally unique string of 6 to 63 lowercase letters, digits, or hyphens. It must start with a letter, and cannot have a trailing hyphen. The prefix `gcp-` is reserved for use by Google, and may not be specified.

          Type: string

          Location: query

      Description: Creates a new WorkforcePool. You cannot reuse the name of a deleted pool until 30 days after deletion.

      Parameter Order: location

      HTTP Method: POST

  • iam.locations.workforcePools.providers.undelete

      Parameters:

        name

          Description: Required. The name of the provider to undelete. Format: `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provider_id}`

          Required: Yes

          Pattern: ^locations/[^/]+/workforcePools/[^/]+/providers/[^/]+$

          Type: string

          Location: path

      HTTP Method: POST

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/providers/{providersId}:undelete

      Path: v1/{+name}:undelete

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Parameter Order: name

      Description: Undeletes a WorkforcePoolProvider, as long as it was deleted fewer than 30 days ago.

  • iam.locations.workforcePools.providers.get

      Parameters:

        name

          Pattern: ^locations/[^/]+/workforcePools/[^/]+/providers/[^/]+$

          Location: path

          Required: Yes

          Type: string

          Description: Required. The name of the provider to retrieve. Format: `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provider_id}`

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/providers/{providersId}

      Parameter Order: name

      Path: v1/{+name}

      Description: Gets an individual WorkforcePoolProvider.

      HTTP Method: GET

  • iam.locations.workforcePools.providers.patch

      Parameters:

        name

          Required: Yes

          Type: string

          Location: path

          Pattern: ^locations/[^/]+/workforcePools/[^/]+/providers/[^/]+$

          Description: Output only. The resource name of the provider. Format: `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provider_id}`

        updateMask

          Location: query

          Description: Required. The list of fields to update.

          Type: string

          Format: google-fieldmask

      Path: v1/{+name}

      HTTP Method: PATCH

      Parameter Order: name

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/providers/{providersId}

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Description: Updates an existing WorkforcePoolProvider.

  • iam.locations.workforcePools.providers.list

      Path: v1/{+parent}/providers

      Scopes: https://www.googleapis.com/auth/cloud-platform

      HTTP Method: GET

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/providers

      Parameter Order: parent

      Parameters:

        pageToken

          Location: query

          Description: A page token, received from a previous `ListWorkforcePoolProviders` call. Provide this to retrieve the subsequent page.

          Type: string

        pageSize

          Format: int32

          Type: integer

          Location: query

          Description: The maximum number of providers to return. If unspecified, at most 50 providers are returned. The maximum value is 100; values above 100 are truncated to 100.

        showDeleted

          Location: query

          Type: boolean

          Description: Whether to return soft-deleted providers.

        parent

          Type: string

          Pattern: ^locations/[^/]+/workforcePools/[^/]+$

          Description: Required. The pool to list providers for. Format: `locations/{location}/workforcePools/{workforce_pool_id}`

          Location: path

          Required: Yes

      Description: Lists all non-deleted WorkforcePoolProviders in a WorkforcePool. If `show_deleted` is set to `true`, then deleted providers are also listed.

  • iam.locations.workforcePools.providers.create

      Scopes: https://www.googleapis.com/auth/cloud-platform

      HTTP Method: POST

      Path: v1/{+parent}/providers

      Description: Creates a new WorkforcePoolProvider in a WorkforcePool. You cannot reuse the name of a deleted provider until 30 days after deletion.

      Parameter Order: parent

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/providers

      Parameters:

        parent

          Type: string

          Required: Yes

          Description: Required. The pool to create this provider in. Format: `locations/{location}/workforcePools/{workforce_pool_id}`

          Location: path

          Pattern: ^locations/[^/]+/workforcePools/[^/]+$

        workforcePoolProviderId

          Type: string

          Location: query

          Description: Required. The ID for the provider, which becomes the final component of the resource name. This value must be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix `gcp-` is reserved for use by Google, and may not be specified.

  • iam.locations.workforcePools.providers.delete

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/providers/{providersId}

      HTTP Method: DELETE

      Parameter Order: name

      Path: v1/{+name}

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Parameters:

        name

          Location: path

          Type: string

          Required: Yes

          Pattern: ^locations/[^/]+/workforcePools/[^/]+/providers/[^/]+$

          Description: Required. The name of the provider to delete. Format: `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provider_id}`

      Description: Deletes a WorkforcePoolProvider. Deleting a provider does not revoke credentials that have already been\ issued; they continue to grant access. You can undelete a provider for 30 days. After 30 days, deletion is permanent. You cannot update deleted providers. However, you can view and list them.

  • iam.locations.workforcePools.subjects.delete

      HTTP Method: DELETE

      Parameters:

        name

          Pattern: ^locations/[^/]+/workforcePools/[^/]+/subjects/[^/]+$

          Location: path

          Description: Required. The resource name of the WorkforcePoolSubject. Special characters, like '/' and ':', must be escaped, because all URLs need to conform to the "When to Escape and Unescape" section of [RFC3986](https://www.ietf.org/rfc/rfc2396.txt). Format: `locations/{location}/workforcePools/{workforce_pool_id}/subjects/{subject_id}`

          Type: string

          Required: Yes

      Path: v1/{+name}

      Parameter Order: name

      Description: Deletes a WorkforcePoolSubject. Subject must not already be in a deleted state. A WorkforcePoolSubject is automatically created the first time an external credential is exchanged for a Google Cloud credential with a mapped `google.subject` attribute. There is no path to manually create WorkforcePoolSubjects. Once deleted, the WorkforcePoolSubject may not be used for 30 days. After 30 days, the WorkforcePoolSubject will be deleted forever and can be reused in token exchanges with Google Cloud STS. This will automatically create a new WorkforcePoolSubject that is independent of the previously deleted WorkforcePoolSubject with the same google.subject value.

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/subjects/{subjectsId}

      Scopes: https://www.googleapis.com/auth/cloud-platform

  • iam.locations.workforcePools.subjects.undelete

      Parameter Order: name

      Description: Undeletes a WorkforcePoolSubject, as long as it was deleted fewer than 30 days ago.

      Scopes: https://www.googleapis.com/auth/cloud-platform

      Path: v1/{+name}:undelete

      HTTP Method: POST

      Flat Path: v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/subjects/{subjectsId}:undelete

      Parameters:

        name

          Type: string

          Pattern: ^locations/[^/]+/workforcePools/[^/]+/subjects/[^/]+$

          Location: path

          Description: Required. The resource name of the WorkforcePoolSubject. Special characters, like '/' and ':', must be escaped, because all URLs need to conform to the "When to Escape and Unescape" section of [RFC3986](https://www.ietf.org/rfc/rfc2396.txt). Format: `locations/{location}/workforcePools/{workforce_pool_id}/subjects/{subject_id}`

          Required: Yes