github.com/cloudwan/edgelq-sdk@v1.15.4/iam/proto/v1/role_binding_service.proto (about) 1 syntax = "proto3"; 2 3 package ntt.iam.v1; 4 5 import "edgelq-sdk/iam/proto/v1/role_binding.proto"; 6 import "edgelq-sdk/iam/proto/v1/role_binding_change.proto"; 7 import "edgelq-sdk/iam/proto/v1/role_binding_custom.proto"; 8 import "google/api/annotations.proto"; 9 import "google/api/client.proto"; 10 import "google/protobuf/empty.proto"; 11 import "google/protobuf/field_mask.proto"; 12 import "google/protobuf/timestamp.proto"; 13 import "goten-sdk/types/view.proto"; 14 import "goten-sdk/types/watch_type.proto"; 15 16 option go_package = "github.com/cloudwan/edgelq-sdk/iam/client/v1/role_binding;role_binding_client"; 17 option java_multiple_files = false; 18 option java_outer_classname = "RoleBindingServiceProto"; 19 option java_package = "com.ntt.iam.pb.v1"; 20 21 // A request message of the GetRoleBinding method. 22 message GetRoleBindingRequest { 23 // Name of ntt.iam.v1.RoleBinding 24 string name = 1; 25 26 // A list of extra fields to be obtained for each response item on top of 27 // fields defined by request field view 28 google.protobuf.FieldMask field_mask = 3; 29 30 // View defines list of standard response fields present in response items. 31 // Additional fields can be amended by request field field_mask 32 goten.types.View view = 4; 33 } 34 35 // A request message of the BatchGetRoleBindings method. 36 message BatchGetRoleBindingsRequest { 37 // Names of RoleBindings 38 repeated string names = 2; 39 40 // A list of extra fields to be obtained for each response item on top of 41 // fields defined by request field view 42 google.protobuf.FieldMask field_mask = 3; 43 44 // View defines list of standard response fields present in response items. 45 // Additional fields can be amended by request field field_mask 46 goten.types.View view = 4; 47 48 reserved 1; 49 } 50 51 // A response message of the BatchGetRoleBindings method. 52 message BatchGetRoleBindingsResponse { 53 // found RoleBindings 54 repeated RoleBinding role_bindings = 1; 55 56 // list of not found RoleBindings 57 repeated string missing = 2; 58 } 59 60 // A request message of the ListRoleBindings method. 61 message ListRoleBindingsRequest { 62 // Parent name of ntt.iam.v1.RoleBinding 63 string parent = 1; 64 65 // Requested page size. Server may return fewer RoleBindings than requested. 66 // If unspecified, server will pick an appropriate default. 67 int32 page_size = 2; 68 69 // A token identifying a page of results the server should return. 70 // Typically, this is the value of 71 // ListRoleBindingsResponse.next_page_token. 72 string page_token = 3; 73 74 // Order By - 75 // https://cloud.google.com/apis/design/design_patterns#list_pagination list 76 // of field path with order directive, either 'asc' or 'desc'. If direction is 77 // not provided, 'asc' is assumed. e.g. "state.nested_field asc, 78 // state.something.else desc, theme" 79 string order_by = 4; 80 81 // Filter - filter results by field criteria. Simplified SQL-like syntax with 82 // following operators: 83 // <=, >=, =, !=, <, >, LIKE, CONTAINS (aliases CONTAIN, HAS, HAVE), IN, IS 84 // [NOT] NULL | NaN . Combine conditions with OR | AND example: 'meta.labels 85 // CONTAINS "severity:important" OR (state.last_error_time > 86 // "2018-11-15T10:00:00Z" AND state.status = "ERROR")' 87 string filter = 5; 88 89 // A list of extra fields to be obtained for each response item on top of 90 // fields defined by request field view 91 google.protobuf.FieldMask field_mask = 6; 92 93 // View defines list of standard response fields present in response items. 94 // Additional fields can be amended by request field field_mask 95 goten.types.View view = 7; 96 97 // Indicates if list response should contain total count and offset (fields 98 // current_offset and total_results_count). 99 bool include_paging_info = 8; 100 } 101 102 // A response message of the ListRoleBindings method. 103 message ListRoleBindingsResponse { 104 // The list of RoleBindings 105 repeated RoleBinding role_bindings = 1; 106 107 // A token to retrieve previous page of results. 108 // 109 // Pass this value in the ListRoleBindingsRequest.page_token. 110 string prev_page_token = 3; 111 112 // A token to retrieve next page of results. 113 // 114 // Pass this value in the ListRoleBindingsRequest.page_token. 115 string next_page_token = 4; 116 117 // Current offset from the first page or 0 if no page tokens were given, 118 // paging info was not requested or there was an error while trying to get 119 // it). Page index can be computed from offset and limit provided in a 120 // request. 121 int32 current_offset = 5; 122 123 // Number of total RoleBindings across all pages or 0, if there are no items, 124 // paging info was not requested or there was an error while trying to get it. 125 int32 total_results_count = 6; 126 } 127 128 // A request message of the WatchRoleBinding method. 129 message WatchRoleBindingRequest { 130 // Name of ntt.iam.v1.RoleBinding 131 string name = 1; 132 133 // A list of extra fields to be obtained for each response item on top of 134 // fields defined by request field view 135 google.protobuf.FieldMask field_mask = 2; 136 137 // View defines list of standard response fields present in response items. 138 // Additional fields can be amended by request field field_mask 139 goten.types.View view = 4; 140 } 141 142 // A response message of the WatchRoleBinding method. 143 message WatchRoleBindingResponse { RoleBindingChange change = 1; } 144 145 // A request message of the WatchRoleBindings method. 146 message WatchRoleBindingsRequest { 147 // Type of a watch. Identifies how server stream data to a client, which 148 // fields in a request are allowed and which fields in response are relevant. 149 goten.types.WatchType type = 9; 150 151 // Parent name of ntt.iam.v1.RoleBinding 152 string parent = 1; 153 154 // Requested page size. Server may return fewer RoleBindings than requested. 155 // If unspecified, server will pick an appropriate default. 156 // Can be populated only for stateful watch type. 157 int32 page_size = 2; 158 159 // A token identifying a page of results the server should return. 160 // Can be populated only for stateful watch type. 161 string page_token = 3; 162 163 // Order By - 164 // https://cloud.google.com/apis/design/design_patterns#list_pagination Can be 165 // populated only for stateful watch type. 166 string order_by = 4; 167 168 // A token identifying watch resume point from previous session. 169 // Can be populated only for stateless watch type. 170 string resume_token = 10; 171 172 // Point in the time from which we want to start getting updates. This field 173 // can be populated only for stateless watch type and if resume token is not 174 // known yet. If specified, initial snapshot will NOT be provided. It is 175 // assumed client can obtain it using separate means. Watch responses will 176 // contain resume tokens which should be used to resume broken connection. 177 google.protobuf.Timestamp starting_time = 12; 178 179 // Filter - filter results by field criteria. Simplified SQL-like syntax with 180 // following operators: 181 // <=, >=, =, !=, <, >, LIKE, CONTAINS (aliases CONTAIN, HAS, HAVE), IN, IS 182 // [NOT] NULL | NaN . Combine conditions with OR | AND example: 'meta.labels 183 // CONTAINS "severity:important" OR (state.last_error_time > 184 // "2018-11-15T10:00:00Z" AND state.status = "ERROR")' 185 string filter = 5; 186 187 // A list of extra fields to be obtained for each response item on top of 188 // fields defined by request field view Changes to RoleBinding that don't 189 // affect any of masked fields won't be sent back. 190 google.protobuf.FieldMask field_mask = 6; 191 192 // View defines list of standard response fields present in response items. 193 // Additional fields can be amended by request field field_mask Changes to 194 // RoleBinding that don't affect any of masked fields won't be sent back. 195 goten.types.View view = 8; 196 197 // Maximum amount of changes in each response message. Query result response 198 // is divided on the server side into chunks with size of a specified amount 199 // to limit memory footprint of each message. Responses will hold information 200 // whether more elements will continue for the actual change. If unspecified, 201 // server will pick an appropriate default. 202 int32 max_chunk_size = 11; 203 } 204 205 // A response message of the WatchRoleBindings method. 206 message WatchRoleBindingsResponse { 207 // Changes of RoleBindings 208 repeated RoleBindingChange role_binding_changes = 2; 209 210 // If request specified max_chunk_size (or this limit was enforced if 211 // stateless watch has been chosen), then responses with "full changeset" will 212 // be divided into chunks. Client should keep receiving messages and, once 213 // is_current has value true, combine this recent message with all previous 214 // ones where is_current is false. If this is the first is_current in a whole 215 // watch stream, then it means that client should have, at this moment, 216 // contain snapshot of the current situation (or more accurately, snapshot of 217 // situation at the moment of request). All RoleBindings will be of type 218 // Added/Current (depending on watch_type specified in the request). Further 219 // responses will be incremental - however messages may still be chunked and 220 // is_current logic still applies. is_current is always true for stateful 221 // watch if max_chunk_size was left to 0. 222 bool is_current = 4; 223 224 // When present, PageTokens used for page navigation should be updated. 225 // Present only if is_current is true (last chunk). 226 PageTokenChange page_token_change = 3; 227 228 // Token that can be used if current connection drops and client needs to 229 // reconnect. Populated only for stateless watch type. Present only if 230 // is_current is true (last chunk). 231 string resume_token = 5; 232 233 // Server may occasionally send information how many resources should client 234 // have in its state so far (response message without any changes, but with 235 // snapshot_size field specified). If client has different value than the one 236 // sent by the server, then it should be treated by a client as an error and 237 // should reconnect. If value is smaller then 0, then client should ignore 238 // this field as unpopulated. This field should be checked only for stateless 239 // watch. In stateful those kind of errors are handled by the server side. 240 // Will be never sent together with is_current, is_soft_reset and 241 // is_hard_reset flags. 242 int64 snapshot_size = 6; 243 244 // In case of internal issue server may send response message with this flag. 245 // It indicates that client should drop all changes from recent responses 246 // where is_current is false only! If last message had is_current set to true, 247 // client should do nothing and process normally. Resume token received before 248 // is still valid. This field should be checked only for stateless watch. In 249 // stateful those kind of errors are handled by the server side. Will never be 250 // sent along with is_current, is_hard_reset or snapshot_size. 251 bool is_soft_reset = 7; 252 253 // In case of internal issue server may send response message with this flag. 254 // After receiving, client should clear whole state (drop all changes received 255 // so far) as server will send new snapshot (RoleBindings will contains 256 // changes of type Current only). Any resume tokens should be discarded as 257 // well. This field should be checked only for stateless watch. In stateful 258 // those kind of errors are handled by the server side. Will never be sent 259 // along with is_current, is_soft_reset or snapshot_size. 260 bool is_hard_reset = 8; 261 262 message PageTokenChange { 263 // New token to retrieve previous page of results. 264 string prev_page_token = 1; 265 266 // New token to retrieve next page of results. 267 string next_page_token = 2; 268 } 269 } 270 271 // A request message of the CreateRoleBinding method. 272 message CreateRoleBindingRequest { 273 // Parent name of ntt.iam.v1.RoleBinding 274 string parent = 1; 275 276 // RoleBinding resource body 277 RoleBinding role_binding = 2; 278 279 // Optional masking applied to response object to reduce message response 280 // size. 281 ResponseMask response_mask = 3; 282 283 // ResponseMask allows client to reduce response message size. 284 message ResponseMask { 285 oneof masking { 286 // If this flag has value true, then response will contain just empty 287 // resource without any fields populated. 288 bool skip_entire_response_body = 1; 289 290 // If this field is populated, then resource in response will contain only 291 // specific fields. 292 google.protobuf.FieldMask body_mask = 2; 293 } 294 } 295 } 296 297 // A request message of the UpdateRoleBinding method. 298 message UpdateRoleBindingRequest { 299 // RoleBinding resource body 300 RoleBinding role_binding = 2; 301 302 // FieldMask applied to request - change will be applied only for fields in 303 // the mask 304 google.protobuf.FieldMask update_mask = 3; 305 306 // Conditional update applied to request if update should be executed only for 307 // specific resource state. If this field is populated, then server will fetch 308 // existing resource, compare with the one stored in the cas field (after 309 // applying field mask) and proceed with update only and only if they match. 310 // Otherwise RPC error Aborted will be returned. 311 CAS cas = 4; 312 313 // If set to true, and the resource is not found, 314 // a new resource will be created. In this situation, 315 // 'field_mask' is ignored. 316 // 317 // https://google.aip.dev/134#create-or-update 318 bool allow_missing = 5; // Optional masking applied to response object to 319 320 // reduce message response size. 321 ResponseMask response_mask = 6; 322 323 // CAS - Compare and Swap. This object is used if user wants to make update 324 // conditional based upon previous resource version. 325 message CAS { 326 // Conditional desired state of a resource before update. 327 RoleBinding conditional_state = 1; 328 329 // Field paths from conditional state of resource server should check and 330 // compare. 331 google.protobuf.FieldMask field_mask = 2; 332 } 333 334 // ResponseMask allows client to reduce response message size. 335 message ResponseMask { 336 oneof masking { 337 // If this flag has value true, then response will contain just empty 338 // resource without any fields populated. Field body_mask is ignored if 339 // set. 340 bool skip_entire_response_body = 1; 341 342 // Include all fields that were actually updated during processing. Note 343 // this may be larger than update mask if some fields were computed 344 // additionally. Name is added as well. 345 bool updated_fields_only = 2; 346 347 // If this field is populated, then resource in response will contain only 348 // specific fields. If skip_entire_response_body is true, this field is 349 // ignored. 350 google.protobuf.FieldMask body_mask = 3; 351 } 352 } 353 } 354 355 // A request message of the DeleteRoleBinding method. 356 message DeleteRoleBindingRequest { 357 // Name of ntt.iam.v1.RoleBinding 358 string name = 1; 359 360 // If set to true, and the resource is not found, method will be successful 361 // and will not return NotFound error. 362 bool allow_missing = 2; 363 } 364 365 // RoleBinding service API for IAM 366 service RoleBindingService { 367 option (google.api.default_host) = "iam.edgelq.com"; 368 option (google.api.oauth_scopes) = "https://apis.edgelq.com"; 369 370 // GetRoleBinding 371 rpc GetRoleBinding(GetRoleBindingRequest) returns (RoleBinding) { 372 option (google.api.http) = { 373 get : "/v1/{name=roleBindings/*}" 374 additional_bindings : <get : "/v1/{name=projects/*/roleBindings/*}"> 375 additional_bindings : <get : "/v1/{name=organizations/*/roleBindings/*}"> 376 additional_bindings : <get : "/v1/{name=services/*/roleBindings/*}"> 377 }; 378 } 379 380 // BatchGetRoleBindings 381 rpc BatchGetRoleBindings(BatchGetRoleBindingsRequest) 382 returns (BatchGetRoleBindingsResponse) { 383 option (google.api.http) = { 384 get : "/v1/roleBindings:batchGet" 385 }; 386 } 387 388 // ListRoleBindings 389 rpc ListRoleBindings(ListRoleBindingsRequest) 390 returns (ListRoleBindingsResponse) { 391 option (google.api.http) = { 392 get : "/v1/roleBindings" 393 additional_bindings : <get : "/v1/{parent=projects/*}/roleBindings"> 394 additional_bindings : <get : "/v1/{parent=organizations/*}/roleBindings"> 395 additional_bindings : <get : "/v1/{parent=services/*}/roleBindings"> 396 }; 397 } 398 399 // WatchRoleBinding 400 rpc WatchRoleBinding(WatchRoleBindingRequest) 401 returns (stream WatchRoleBindingResponse) { 402 option (google.api.http) = { 403 post : "/v1/{name=roleBindings/*}:watch" 404 additional_bindings : < 405 post : "/v1/{name=projects/*/roleBindings/*}:watch" 406 > 407 additional_bindings : < 408 post : "/v1/{name=organizations/*/roleBindings/*}:watch" 409 > 410 additional_bindings : < 411 post : "/v1/{name=services/*/roleBindings/*}:watch" 412 > 413 }; 414 } 415 416 // WatchRoleBindings 417 rpc WatchRoleBindings(WatchRoleBindingsRequest) 418 returns (stream WatchRoleBindingsResponse) { 419 option (google.api.http) = { 420 post : "/v1/roleBindings:watch" 421 additional_bindings : < 422 post : "/v1/{parent=projects/*}/roleBindings:watch" 423 > 424 additional_bindings : < 425 post : "/v1/{parent=organizations/*}/roleBindings:watch" 426 > 427 additional_bindings : < 428 post : "/v1/{parent=services/*}/roleBindings:watch" 429 > 430 }; 431 } 432 433 // CreateRoleBinding 434 rpc CreateRoleBinding(CreateRoleBindingRequest) returns (RoleBinding) { 435 option (google.api.http) = { 436 post : "/v1/roleBindings" 437 body : "role_binding" 438 additional_bindings : <post : "/v1/{parent=projects/*}/roleBindings"> 439 additional_bindings : <post : "/v1/{parent=organizations/*}/roleBindings"> 440 additional_bindings : <post : "/v1/{parent=services/*}/roleBindings"> 441 }; 442 } 443 444 // UpdateRoleBinding 445 rpc UpdateRoleBinding(UpdateRoleBindingRequest) returns (RoleBinding) { 446 option (google.api.http) = { 447 put : "/v1/{role_binding.name=roleBindings/*}" 448 body : "role_binding" 449 additional_bindings : < 450 put : "/v1/{role_binding.name=projects/*/roleBindings/*}" 451 > 452 additional_bindings : < 453 put : "/v1/{role_binding.name=organizations/*/roleBindings/*}" 454 > 455 additional_bindings : < 456 put : "/v1/{role_binding.name=services/*/roleBindings/*}" 457 > 458 }; 459 } 460 461 // DeleteRoleBinding 462 rpc DeleteRoleBinding(DeleteRoleBindingRequest) 463 returns (google.protobuf.Empty) { 464 option (google.api.http) = { 465 delete : "/v1/{name=roleBindings/*}" 466 additional_bindings : <delete : "/v1/{name=projects/*/roleBindings/*}"> 467 additional_bindings : < 468 delete : "/v1/{name=organizations/*/roleBindings/*}" 469 > 470 additional_bindings : <delete : "/v1/{name=services/*/roleBindings/*}"> 471 }; 472 } 473 474 // ListRoleBindingsWithMembers 475 rpc ListRoleBindingsWithMembers(ListRoleBindingsWithMembersRequest) 476 returns (ListRoleBindingsWithMembersResponse) { 477 option (google.api.http) = { 478 post : "/v1/roleBindings:listRoleBindingsWithMembers" 479 additional_bindings : < 480 post : "/v1/{parent=projects/*}/" 481 "roleBindings:listRoleBindingsWithMembers" 482 > 483 additional_bindings : < 484 post : "/v1/{parent=organizations/*}/" 485 "roleBindings:listRoleBindingsWithMembers" 486 > 487 additional_bindings : < 488 post : "/v1/{parent=services/*}/" 489 "roleBindings:listRoleBindingsWithMembers" 490 > 491 }; 492 } 493 }