Struct google_api_proto::google::cloud::asset::v1::SearchAllIamPoliciesRequest
source · pub struct SearchAllIamPoliciesRequest {
pub scope: String,
pub query: String,
pub page_size: i32,
pub page_token: String,
pub asset_types: Vec<String>,
pub order_by: String,
}
Expand description
Search all IAM policies request.
Fields§
§scope: String
Required. A scope can be a project, a folder, or an organization. The
search is limited to the IAM policies within the scope
. The caller must
be granted the
cloudasset.assets.searchAllIamPolicies
permission on the desired scope.
The allowed values are:
- projects/{PROJECT_ID} (e.g., “projects/foo-bar”)
- projects/{PROJECT_NUMBER} (e.g., “projects/12345678”)
- folders/{FOLDER_NUMBER} (e.g., “folders/1234567”)
- organizations/{ORGANIZATION_NUMBER} (e.g., “organizations/123456”)
query: String
Optional. The query statement. See how to construct a
query
for more information. If not specified or empty, it will search all the
IAM policies within the specified scope
. Note that the query string is
compared against each IAM policy binding, including its principals,
roles, and IAM conditions. The returned IAM policies will only
contain the bindings that match your query. To learn more about the IAM
policy structure, see the IAM policy
documentation.
Examples:
policy:amy@gmail.com
to find IAM policy bindings that specify user “amy@gmail.com”.policy:roles/compute.admin
to find IAM policy bindings that specify the Compute Admin role.policy:comp*
to find IAM policy bindings that contain “comp” as a prefix of any word in the binding.policy.role.permissions:storage.buckets.update
to find IAM policy bindings that specify a role containing “storage.buckets.update” permission. Note that if callers don’t haveiam.roles.get
access to a role’s included permissions, policy bindings that specify this role will be dropped from the search results.policy.role.permissions:upd*
to find IAM policy bindings that specify a role containing “upd” as a prefix of any word in the role permission. Note that if callers don’t haveiam.roles.get
access to a role’s included permissions, policy bindings that specify this role will be dropped from the search results.resource:organizations/123456
to find IAM policy bindings that are set on “organizations/123456”.resource=//cloudresourcemanager.googleapis.com/projects/myproject
to find IAM policy bindings that are set on the project named “myproject”.Important
to find IAM policy bindings that contain “Important” as a word in any of the searchable fields (except for the included permissions).resource:(instance1 OR instance2) policy:amy
to find IAM policy bindings that are set on resources “instance1” or “instance2” and also specify user “amy”.roles:roles/compute.admin
to find IAM policy bindings that specify the Compute Admin role.memberTypes:user
to find IAM policy bindings that contain the principal type “user”.
page_size: i32
Optional. The page size for search result pagination. Page size is capped
at 500 even if a larger value is given. If set to zero or a negative value,
server will pick an appropriate default. Returned results may be fewer than
requested. When this happens, there could be more results as long as
next_page_token
is returned.
page_token: String
Optional. If present, retrieve the next batch of results from the preceding
call to this method. page_token
must be the value of next_page_token
from the previous response. The values of all other method parameters must
be identical to those in the previous call.
asset_types: Vec<String>
Optional. A list of asset types that the IAM policies are attached to. If empty, it will search the IAM policies that are attached to all the asset types supported by search APIs
Regular expressions are also supported. For example:
- “compute.googleapis.com.*” snapshots IAM policies attached to asset type starts with “compute.googleapis.com”.
- “.*Instance” snapshots IAM policies attached to asset type ends with “Instance”.
- “.Instance.” snapshots IAM policies attached to asset type contains “Instance”.
See RE2 for all supported regular expression syntax. If the regular expression does not match any supported asset type, an INVALID_ARGUMENT error will be returned.
order_by: String
Optional. A comma-separated list of fields specifying the sorting order of the results. The default order is ascending. Add “ DESC“ after the field name to indicate descending order. Redundant space characters are ignored. Example: “assetType DESC, resource”. Only singular primitive fields in the response are sortable:
- resource
- assetType
- project
All the other fields such as repeated fields (e.g.,
folders
) and non-primitive fields (e.g.,policy
) are not supported.
Trait Implementations§
source§impl Clone for SearchAllIamPoliciesRequest
impl Clone for SearchAllIamPoliciesRequest
source§fn clone(&self) -> SearchAllIamPoliciesRequest
fn clone(&self) -> SearchAllIamPoliciesRequest
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moresource§impl Debug for SearchAllIamPoliciesRequest
impl Debug for SearchAllIamPoliciesRequest
source§impl Message for SearchAllIamPoliciesRequest
impl Message for SearchAllIamPoliciesRequest
source§fn encoded_len(&self) -> usize
fn encoded_len(&self) -> usize
source§fn encode(&self, buf: &mut impl BufMut) -> Result<(), EncodeError>where
Self: Sized,
fn encode(&self, buf: &mut impl BufMut) -> Result<(), EncodeError>where
Self: Sized,
source§fn encode_to_vec(&self) -> Vec<u8>where
Self: Sized,
fn encode_to_vec(&self) -> Vec<u8>where
Self: Sized,
source§fn encode_length_delimited(
&self,
buf: &mut impl BufMut,
) -> Result<(), EncodeError>where
Self: Sized,
fn encode_length_delimited(
&self,
buf: &mut impl BufMut,
) -> Result<(), EncodeError>where
Self: Sized,
source§fn encode_length_delimited_to_vec(&self) -> Vec<u8>where
Self: Sized,
fn encode_length_delimited_to_vec(&self) -> Vec<u8>where
Self: Sized,
source§fn decode(buf: impl Buf) -> Result<Self, DecodeError>where
Self: Default,
fn decode(buf: impl Buf) -> Result<Self, DecodeError>where
Self: Default,
source§fn decode_length_delimited(buf: impl Buf) -> Result<Self, DecodeError>where
Self: Default,
fn decode_length_delimited(buf: impl Buf) -> Result<Self, DecodeError>where
Self: Default,
source§fn merge(&mut self, buf: impl Buf) -> Result<(), DecodeError>where
Self: Sized,
fn merge(&mut self, buf: impl Buf) -> Result<(), DecodeError>where
Self: Sized,
self
. Read moresource§fn merge_length_delimited(&mut self, buf: impl Buf) -> Result<(), DecodeError>where
Self: Sized,
fn merge_length_delimited(&mut self, buf: impl Buf) -> Result<(), DecodeError>where
Self: Sized,
self
.source§impl PartialEq for SearchAllIamPoliciesRequest
impl PartialEq for SearchAllIamPoliciesRequest
source§fn eq(&self, other: &SearchAllIamPoliciesRequest) -> bool
fn eq(&self, other: &SearchAllIamPoliciesRequest) -> bool
self
and other
values to be equal, and is used
by ==
.impl StructuralPartialEq for SearchAllIamPoliciesRequest
Auto Trait Implementations§
impl Freeze for SearchAllIamPoliciesRequest
impl RefUnwindSafe for SearchAllIamPoliciesRequest
impl Send for SearchAllIamPoliciesRequest
impl Sync for SearchAllIamPoliciesRequest
impl Unpin for SearchAllIamPoliciesRequest
impl UnwindSafe for SearchAllIamPoliciesRequest
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
§impl<T> Instrument for T
impl<T> Instrument for T
§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
source§impl<T> IntoRequest<T> for T
impl<T> IntoRequest<T> for T
source§fn into_request(self) -> Request<T>
fn into_request(self) -> Request<T>
T
in a tonic::Request