-
Notifications
You must be signed in to change notification settings - Fork 610
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
f59a578
commit ccc331d
Showing
20 changed files
with
1,273 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,125 @@ | ||
| syntax = "proto3"; | ||
|
|
||
| package yandex.cloud.access; | ||
|
|
||
| import "ydb/public/api/client/yc_public/common/validation.proto"; | ||
|
|
||
| option go_package = "github.com/ydb-platform/ydb/ydb/public/api/client/yc_public/access;access"; | ||
| option java_package = "yandex.cloud.api.access"; | ||
|
|
||
| message Subject { | ||
| // ID of the subject. | ||
| // | ||
| // It can contain one of the following values: | ||
| // * `allAuthenticatedUsers`: A special system identifier that represents anyone | ||
| // who is authenticated. It can be used only if the [type] is `system`. | ||
| // * `allUsers`: A special system identifier that represents anyone. No authentication is required. | ||
| // For example, you don't need to specify the IAM token in an API query. | ||
| // * `<cloud generated id>`: An identifier that represents a user account. | ||
| // It can be used only if the [type] is `userAccount`, `federatedUser` or `serviceAccount`. | ||
| string id = 1 [(required) = true, (length) = "<=50"]; | ||
|
|
||
| // Type of the subject. | ||
| // | ||
| // It can contain one of the following values: | ||
| // * `userAccount`: An account on Yandex or Yandex Connect, added to Yandex Cloud. | ||
| // * `serviceAccount`: A service account. This type represents the [yandex.cloud.iam.v1.ServiceAccount] resource. | ||
| // * `federatedUser`: A federated account. This type represents a user from an identity federation, like Active Directory. | ||
| // * `system`: System group. This type represents several accounts with a common system identifier. | ||
| // | ||
| // For more information, see [Subject to which the role is assigned](/docs/iam/concepts/access-control/#subject). | ||
| string type = 2 [(required) = true, (length) = "<=100"]; | ||
| } | ||
|
|
||
| message AccessBinding { | ||
| // ID of the [yandex.cloud.iam.v1.Role] that is assigned to the [subject]. | ||
| string role_id = 1 [(required) = true, (length) = "<=50"]; | ||
|
|
||
| // Identity for which access binding is being created. | ||
| // It can represent an account with a unique ID or several accounts with a system identifier. | ||
| Subject subject = 2 [(required) = true]; | ||
| } | ||
|
|
||
| message ListAccessBindingsRequest { | ||
| // ID of the resource to list access bindings for. | ||
| // | ||
| // To get the resource ID, use a corresponding List request. | ||
| // For example, use the [yandex.cloud.resourcemanager.v1.CloudService.List] request to get the Cloud resource ID. | ||
| string resource_id = 1 [(required) = true, (length) = "<=50"]; | ||
|
|
||
| // The maximum number of results per page that should be returned. If the number of available | ||
| // results is larger than [page_size], | ||
| // the service returns a [ListAccessBindingsResponse.next_page_token] | ||
| // that can be used to get the next page of results in subsequent list requests. | ||
| // Default value: 100. | ||
| int64 page_size = 2 [(value) = "<=1000"]; | ||
|
|
||
| // Page token. Set [page_token] | ||
| // to the [ListAccessBindingsResponse.next_page_token] | ||
| // returned by a previous list request to get the next page of results. | ||
| string page_token = 3 [(length) = "<=100"]; | ||
| } | ||
|
|
||
| message ListAccessBindingsResponse { | ||
| // List of access bindings for the specified resource. | ||
| repeated AccessBinding access_bindings = 1; | ||
|
|
||
| // This token allows you to get the next page of results for list requests. If the number of results | ||
| // is larger than [ListAccessBindingsRequest.page_size], use | ||
| // the [next_page_token] as the value | ||
| // for the [ListAccessBindingsRequest.page_token] query parameter | ||
| // in the next list request. Each subsequent list request will have its own | ||
| // [next_page_token] to continue paging through the results. | ||
| string next_page_token = 2; | ||
| } | ||
|
|
||
| message SetAccessBindingsRequest { | ||
| // ID of the resource for which access bindings are being set. | ||
| // | ||
| // To get the resource ID, use a corresponding List request. | ||
| string resource_id = 1 [(required) = true, (length) = "<=50"]; | ||
|
|
||
| // Access bindings to be set. For more information, see [Access Bindings](/docs/iam/concepts/access-control/#access-bindings). | ||
| repeated AccessBinding access_bindings = 2 [(size) = "<=1000"]; | ||
| } | ||
|
|
||
| message SetAccessBindingsMetadata { | ||
| // ID of the resource for which access bindings are being set. | ||
| string resource_id = 1; | ||
| } | ||
|
|
||
| message UpdateAccessBindingsRequest { | ||
| // ID of the resource for which access bindings are being updated. | ||
| string resource_id = 1 [(required) = true, (length) = "<=50"]; | ||
|
|
||
| // Updates to access bindings. | ||
| repeated AccessBindingDelta access_binding_deltas = 2 [(size) = "1-1000"]; | ||
| } | ||
|
|
||
| message UpdateAccessBindingsMetadata { | ||
| // ID of the resource for which access bindings are being updated. | ||
| string resource_id = 1; | ||
| } | ||
|
|
||
| enum AccessBindingAction { | ||
| ACCESS_BINDING_ACTION_UNSPECIFIED = 0; | ||
|
|
||
| // Addition of an access binding. | ||
| ADD = 1; | ||
|
|
||
| // Removal of an access binding. | ||
| REMOVE = 2; | ||
| } | ||
|
|
||
| message AccessBindingDelta { | ||
| // The action that is being performed on an access binding. | ||
| AccessBindingAction action = 1 [(required) = true]; | ||
|
|
||
| // Access binding. For more information, see [Access Bindings](/docs/iam/concepts/access-control/#access-bindings). | ||
| AccessBinding access_binding = 2 [(required) = true]; | ||
| } | ||
|
|
||
| message AccessBindingsOperationResult { | ||
| // Result access binding deltas. | ||
| repeated AccessBindingDelta effective_deltas = 1; | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| PROTO_LIBRARY() | ||
|
|
||
| EXCLUDE_TAGS(GO_PROTO) | ||
|
|
||
| GRPC() | ||
| SRCS( | ||
| access.proto | ||
| ) | ||
|
|
||
| USE_COMMON_GOOGLE_APIS( | ||
| api/annotations | ||
| rpc/code | ||
| rpc/errdetails | ||
| rpc/status | ||
| type/timeofday | ||
| type/dayofweek | ||
| ) | ||
|
|
||
| PEERDIR( | ||
| ydb/public/api/client/yc_public/common | ||
| ) | ||
| END() | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| syntax = "proto3"; | ||
|
|
||
| package yandex.cloud.operation; | ||
|
|
||
| import "google/protobuf/any.proto"; | ||
| import "google/rpc/status.proto"; | ||
| import "google/protobuf/timestamp.proto"; | ||
|
|
||
|
|
||
| option go_package = "github.com/ydb-platform/ydb/ydb/public/api/client/yc_public/operation;operation"; | ||
| option java_package = "yandex.cloud.api.operation"; | ||
|
|
||
| // An Operation resource. For more information, see [Operation](/docs/api-design-guide/concepts/operation). | ||
| message Operation { | ||
| // ID of the operation. | ||
| string id = 1; | ||
|
|
||
| // Description of the operation. 0-256 characters long. | ||
| string description = 2; // ex: Create VM, Stop VM, Delete Disk, Snapshot Disk, etc | ||
|
|
||
| // Creation timestamp. | ||
| google.protobuf.Timestamp created_at = 3; | ||
|
|
||
| // ID of the user or service account who initiated the operation. | ||
| string created_by = 4; | ||
|
|
||
| // The time when the Operation resource was last modified. | ||
| google.protobuf.Timestamp modified_at = 5; | ||
|
|
||
| // If the value is `false`, it means the operation is still in progress. | ||
| // If `true`, the operation is completed, and either `error` or `response` is available. | ||
| bool done = 6; | ||
|
|
||
| // Service-specific metadata associated with the operation. | ||
| // It typically contains the ID of the target resource that the operation is performed on. | ||
| // Any method that returns a long-running operation should document the metadata type, if any. | ||
| google.protobuf.Any metadata = 7; | ||
|
|
||
| // The operation result. | ||
| // If `done == false` and there was no failure detected, neither `error` nor `response` is set. | ||
| // If `done == false` and there was a failure detected, `error` is set. | ||
| // If `done == true`, exactly one of `error` or `response` is set. | ||
| oneof result { | ||
| // The error result of the operation in case of failure or cancellation. | ||
| google.rpc.Status error = 8; | ||
|
|
||
| // The normal response of the operation in case of success. | ||
| // If the original method returns no data on success, such as Delete, | ||
| // the response is [google.protobuf.Empty]. | ||
| // If the original method is the standard Create/Update, | ||
| // the response should be the target resource of the operation. | ||
| // Any method that returns a long-running operation should document the response type, if any. | ||
| google.protobuf.Any response = 9; | ||
| } | ||
| } |
37 changes: 37 additions & 0 deletions
37
ydb/public/api/client/yc_public/operation/operation_service.proto
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| syntax = "proto3"; | ||
|
|
||
| package yandex.cloud.operation; | ||
|
|
||
| import "google/api/annotations.proto"; | ||
| import "ydb/public/api/client/yc_public/api/tools/options.proto"; | ||
| import "ydb/public/api/client/yc_public/operation/operation.proto"; | ||
| import "ydb/public/api/client/yc_public/common/validation.proto"; | ||
|
|
||
| option go_package = "github.com/ydb-platform/ydb/ydb/public/api/client/yc_public/operation;operation"; | ||
| option java_package = "yandex.cloud.api.operation"; | ||
|
|
||
| // A set of methods for managing operations for asynchronous API requests. | ||
| service OperationService { | ||
| // Returns the specified Operation resource. | ||
| rpc Get (GetOperationRequest) returns (Operation) { | ||
| option (google.api.http) = { get: "/operations/{operation_id}" }; | ||
| } | ||
|
|
||
| // Cancels the specified operation. | ||
| // | ||
| // Note that currently Object Storage API does not support cancelling operations. | ||
| rpc Cancel (CancelOperationRequest) returns (Operation) { | ||
| option (google.api.http) = { get: "/operations/{operation_id}:cancel" }; | ||
| option (yandex.cloud.api.tools.method).lint_skip.http_verb = true; | ||
| } | ||
| } | ||
|
|
||
| message GetOperationRequest { | ||
| // ID of the Operation resource to return. | ||
| string operation_id = 1 [(required) = true]; | ||
| } | ||
|
|
||
| message CancelOperationRequest { | ||
| // ID of the operation to cancel. | ||
| string operation_id = 1 [(required) = true]; | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| PROTO_LIBRARY() | ||
|
|
||
| EXCLUDE_TAGS(GO_PROTO) | ||
|
|
||
| GRPC() | ||
| SRCS( | ||
| operation.proto | ||
| operation_service.proto | ||
| ) | ||
|
|
||
| USE_COMMON_GOOGLE_APIS( | ||
| api/annotations | ||
| rpc/code | ||
| rpc/errdetails | ||
| rpc/status | ||
| type/timeofday | ||
| type/dayofweek | ||
| ) | ||
|
|
||
| PEERDIR( | ||
| ydb/public/api/client/yc_common/api/tools | ||
| ydb/public/api/client/yc_public/common | ||
| ) | ||
| END() | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,7 +1,10 @@ | ||
| RECURSE( | ||
| access | ||
| common | ||
| iam | ||
| events | ||
| logging | ||
| common | ||
| operation | ||
| ydb | ||
| ) | ||
|
|
Oops, something went wrong.