google-apis-rs/google_accesscontextmanager1_beta_cli/search/search_index.json

{"config":{"indexing":"full","lang":["en"],"min_search_length":3,"prebuild_index":false,"separator":"[\\s\\-]+"},"docs":[{"location":"","text":"The accesscontextmanager1-beta command-line interface (CLI) allows to use most features of the Google Access Context Manager service from the comfort of your terminal. By default all output is printed to standard out, but flags can be set to direct it into a file independent of your shell's capabilities. Errors will be printed to standard error, and cause the program's exit code to be non-zero. If data-structures are requested, these will be returned as pretty-printed JSON, to be useful as input to other tools. Everything else about the Access Context Manager API can be found at the official documentation site . Installation and Source Code Install the command-line interface with cargo using: cargo install google-accesscontextmanager1_beta-cli Find the source code on github . Usage This documentation was generated from the Access Context Manager API at revision 20230123 . The CLI is at version 5.0.4 . accesscontextmanager1-beta [options] access-policies access-levels-create <parent> (-r <kv>)... [-p <v>]... [-o <out>] access-levels-delete <name> [-p <v>]... [-o <out>] access-levels-get <name> [-p <v>]... [-o <out>] access-levels-list <parent> [-p <v>]... [-o <out>] access-levels-patch <name> (-r <kv>)... [-p <v>]... [-o <out>] create (-r <kv>)... [-p <v>]... [-o <out>] delete <name> [-p <v>]... [-o <out>] get <name> [-p <v>]... [-o <out>] list [-p <v>]... [-o <out>] patch <name> (-r <kv>)... [-p <v>]... [-o <out>] service-perimeters-create <parent> (-r <kv>)... [-p <v>]... [-o <out>] service-perimeters-delete <name> [-p <v>]... [-o <out>] service-perimeters-get <name> [-p <v>]... [-o <out>] service-perimeters-list <parent> [-p <v>]... [-o <out>] service-perimeters-patch <name> (-r <kv>)... [-p <v>]... [-o <out>] operations get <name> [-p <v>]... [-o <out>] accesscontextmanager1-beta --help Configuration: [--scope <url>]... Specify the authentication a method should be executed in. Each scope requires the user to grant this application permission to use it. If unset, it defaults to the shortest scope url for a particular method. --config-dir <folder> A directory into which we will store our persistent data. Defaults to a user-writable directory that we will create during the first invocation. [default: ~/.google-service-cli] Configuration The program will store all persistent data in the ~/.google-service-cli directory in JSON files prefixed with accesscontextmanager1-beta- . You can change the directory used to store configuration with the --config-dir flag on a per-invocation basis. More information about the various kinds of persistent data are given in the following paragraphs. Authentication Most APIs require a user to authenticate any request. If this is the case, the scope determines the set of permissions granted. The granularity of these is usually no more than read-only or full-access . If not set, the system will automatically select the smallest feasible scope, e.g. when invoking a method that is read-only, it will ask only for a read-only scope. You may use the --scope flag to specify a scope directly. All applicable scopes are documented in the respective method's CLI documentation. The first time a scope is used, the user is asked for permission. Follow the instructions given by the CLI to grant permissions, or to decline. If a scope was authenticated by the user, the respective information will be stored as JSON in the configuration directory, e.g. ~/.google-service-cli/accesscontextmanager1-beta-token-<scope-hash>.json . No manual management of these tokens is necessary. To revoke granted authentication, please refer to the official documentation . Application Secrets In order to allow any application to use Google services, it will need to be registered using the Google Developer Console . APIs the application may use are then enabled for it one by one. Most APIs can be used for free and have a daily quota. To allow more comfortable usage of the CLI without forcing anyone to register an own application, the CLI comes with a default application secret that is configured accordingly. This also means that heavy usage all around the world may deplete the daily quota. You can workaround this limitation by putting your own secrets file at this location: ~/.google-service-cli/accesscontextmanager1-beta-secret.json , assuming that the required accesscontextmanager API was enabled for it. Such a secret file can be downloaded in the Google Developer Console at APIs & auth -> Credentials -> Download JSON and used as is. Learn more about how to setup Google projects and enable APIs using the official documentation . Debugging Even though the CLI does its best to provide usable error messages, sometimes it might be desirable to know what exactly led to a particular issue. This is done by allowing all client-server communication to be output to standard error as-is . The --debug flag will print errors using the Debug representation to standard error. You may consider redirecting standard error into a file for ease of use, e.g. accesscontextmanager1-beta --debug <resource> <method> [options] 2>debug.txt .","title":"Home"},{"location":"#installation-and-source-code","text":"Install the command-line interface with cargo using: cargo install google-accesscontextmanager1_beta-cli Find the source code on github .","title":"Installation and Source Code"},{"location":"#usage","text":"This documentation was generated from the Access Context Manager API at revision 20230123 . The CLI is at version 5.0.4 . accesscontextmanager1-beta [options] access-policies access-levels-create <parent> (-r <kv>)... [-p <v>]... [-o <out>] access-levels-delete <name> [-p <v>]... [-o <out>] access-levels-get <name> [-p <v>]... [-o <out>] access-levels-list <parent> [-p <v>]... [-o <out>] access-levels-patch <name> (-r <kv>)... [-p <v>]... [-o <out>] create (-r <kv>)... [-p <v>]... [-o <out>] delete <name> [-p <v>]... [-o <out>] get <name> [-p <v>]... [-o <out>] list [-p <v>]... [-o <out>] patch <name> (-r <kv>)... [-p <v>]... [-o <out>] service-perimeters-create <parent> (-r <kv>)... [-p <v>]... [-o <out>] service-perimeters-delete <name> [-p <v>]... [-o <out>] service-perimeters-get <name> [-p <v>]... [-o <out>] service-perimeters-list <parent> [-p <v>]... [-o <out>] service-perimeters-patch <name> (-r <kv>)... [-p <v>]... [-o <out>] operations get <name> [-p <v>]... [-o <out>] accesscontextmanager1-beta --help Configuration: [--scope <url>]... Specify the authentication a method should be executed in. Each scope requires the user to grant this application permission to use it. If unset, it defaults to the shortest scope url for a particular method. --config-dir <folder> A directory into which we will store our persistent data. Defaults to a user-writable directory that we will create during the first invocation. [default: ~/.google-service-cli]","title":"Usage"},{"location":"#configuration","text":"The program will store all persistent data in the ~/.google-service-cli directory in JSON files prefixed with accesscontextmanager1-beta- . You can change the directory used to store configuration with the --config-dir flag on a per-invocation basis. More information about the various kinds of persistent data are given in the following paragraphs.","title":"Configuration"},{"location":"#authentication","text":"Most APIs require a user to authenticate any request. If this is the case, the scope determines the set of permissions granted. The granularity of these is usually no more than read-only or full-access . If not set, the system will automatically select the smallest feasible scope, e.g. when invoking a method that is read-only, it will ask only for a read-only scope. You may use the --scope flag to specify a scope directly. All applicable scopes are documented in the respective method's CLI documentation. The first time a scope is used, the user is asked for permission. Follow the instructions given by the CLI to grant permissions, or to decline. If a scope was authenticated by the user, the respective information will be stored as JSON in the configuration directory, e.g. ~/.google-service-cli/accesscontextmanager1-beta-token-<scope-hash>.json . No manual management of these tokens is necessary. To revoke granted authentication, please refer to the official documentation .","title":"Authentication"},{"location":"#application-secrets","text":"In order to allow any application to use Google services, it will need to be registered using the Google Developer Console . APIs the application may use are then enabled for it one by one. Most APIs can be used for free and have a daily quota. To allow more comfortable usage of the CLI without forcing anyone to register an own application, the CLI comes with a default application secret that is configured accordingly. This also means that heavy usage all around the world may deplete the daily quota. You can workaround this limitation by putting your own secrets file at this location: ~/.google-service-cli/accesscontextmanager1-beta-secret.json , assuming that the required accesscontextmanager API was enabled for it. Such a secret file can be downloaded in the Google Developer Console at APIs & auth -> Credentials -> Download JSON and used as is. Learn more about how to setup Google projects and enable APIs using the official documentation .","title":"Application Secrets"},{"location":"#debugging","text":"Even though the CLI does its best to provide usable error messages, sometimes it might be desirable to know what exactly led to a particular issue. This is done by allowing all client-server communication to be output to standard error as-is . The --debug flag will print errors using the Debug representation to standard error. You may consider redirecting standard error into a file for ease of use, e.g. accesscontextmanager1-beta --debug <resource> <method> [options] 2>debug.txt .","title":"Debugging"},{"location":"access-policies_access-levels-create/","text":"Create an Access Level. The longrunning operation from this RPC will have a successful status once the Access Level has propagated to long-lasting storage. Access Levels containing errors will result in an error response for the first error encountered. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies access-levels-create ... Required Scalar Argument <parent> (string) Required. Resource name for the access policy which owns this Access Level. Format: accessPolicies/{policy_id} Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: AccessLevel: basic: combining-function: string custom: expr: description: string expression: string location: string title: string description: string name: string title: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .basic combining-function=et How the conditions list should be combined to determine if a request is granted this AccessLevel . If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND. ..custom.expr description=magna Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. expression=no Textual representation of an expression in Common Expression Language syntax. location=ipsum Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. title=voluptua. Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. ... description=at Description of the AccessLevel and its use. Does not affect behavior. name=sanctus Resource name for the AccessLevel . Format: accessPolicies/{access_policy}/accessLevels/{access_level} . The access_level component must begin with a letter, followed by alphanumeric characters or _ . Its maximum length is 50 characters. After you create an AccessLevel , you cannot change its name . title=sed Human readable title. Must be unique within the Policy. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Access Levels Create"},{"location":"access-policies_access-levels-create/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies access-levels-create ...","title":"Scopes"},{"location":"access-policies_access-levels-create/#required-scalar-argument","text":"<parent> (string) Required. Resource name for the access policy which owns this Access Level. Format: accessPolicies/{policy_id}","title":"Required Scalar Argument"},{"location":"access-policies_access-levels-create/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: AccessLevel: basic: combining-function: string custom: expr: description: string expression: string location: string title: string description: string name: string title: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .basic combining-function=et How the conditions list should be combined to determine if a request is granted this AccessLevel . If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND. ..custom.expr description=magna Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. expression=no Textual representation of an expression in Common Expression Language syntax. location=ipsum Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. title=voluptua. Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. ... description=at Description of the AccessLevel and its use. Does not affect behavior. name=sanctus Resource name for the AccessLevel . Format: accessPolicies/{access_policy}/accessLevels/{access_level} . The access_level component must begin with a letter, followed by alphanumeric characters or _ . Its maximum length is 50 characters. After you create an AccessLevel , you cannot change its name . title=sed Human readable title. Must be unique within the Policy.","title":"Required Request Value"},{"location":"access-policies_access-levels-create/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"access-policies_access-levels-create/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_access-levels-create/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"access-policies_access-levels-delete/","text":"Delete an Access Level by resource name. The longrunning operation from this RPC will have a successful status once the Access Level has been removed from long-lasting storage. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies access-levels-delete ... Required Scalar Argument <name> (string) Required. Resource name for the Access Level. Format: accessPolicies/{policy_id}/accessLevels/{access_level_id} Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Access Levels Delete"},{"location":"access-policies_access-levels-delete/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies access-levels-delete ...","title":"Scopes"},{"location":"access-policies_access-levels-delete/#required-scalar-argument","text":"<name> (string) Required. Resource name for the Access Level. Format: accessPolicies/{policy_id}/accessLevels/{access_level_id}","title":"Required Scalar Argument"},{"location":"access-policies_access-levels-delete/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_access-levels-delete/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"access-policies_access-levels-get/","text":"Get an Access Level by resource name. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies access-levels-get ... Required Scalar Argument <name> (string) Required. Resource name for the Access Level. Format: accessPolicies/{policy_id}/accessLevels/{access_level_id} Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional Method Properties You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p access-level-format=string Whether to return BasicLevels in the Cloud Common Expression Language rather than as BasicLevels . Defaults to AS_DEFINED, where Access Levels are returned as BasicLevels or CustomLevels based on how they were created. If set to CEL, all Access Levels are returned as CustomLevels . In the CEL case, BasicLevels are translated to equivalent CustomLevels . Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Access Levels Get"},{"location":"access-policies_access-levels-get/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies access-levels-get ...","title":"Scopes"},{"location":"access-policies_access-levels-get/#required-scalar-argument","text":"<name> (string) Required. Resource name for the Access Level. Format: accessPolicies/{policy_id}/accessLevels/{access_level_id}","title":"Required Scalar Argument"},{"location":"access-policies_access-levels-get/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_access-levels-get/#optional-method-properties","text":"You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p access-level-format=string Whether to return BasicLevels in the Cloud Common Expression Language rather than as BasicLevels . Defaults to AS_DEFINED, where Access Levels are returned as BasicLevels or CustomLevels based on how they were created. If set to CEL, all Access Levels are returned as CustomLevels . In the CEL case, BasicLevels are translated to equivalent CustomLevels .","title":"Optional Method Properties"},{"location":"access-policies_access-levels-get/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"access-policies_access-levels-list/","text":"List all Access Levels for an access policy. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies access-levels-list ... Required Scalar Argument <parent> (string) Required. Resource name for the access policy to list Access Levels from. Format: accessPolicies/{policy_id} Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional Method Properties You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p access-level-format=string Whether to return BasicLevels in the Cloud Common Expression language, as CustomLevels , rather than as BasicLevels . Defaults to returning AccessLevels in the format they were defined. -p page-size=integer Number of Access Levels to include in the list. Default 100. -p page-token=string Next page token for the next batch of Access Level instances. Defaults to the first page of results. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Access Levels List"},{"location":"access-policies_access-levels-list/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies access-levels-list ...","title":"Scopes"},{"location":"access-policies_access-levels-list/#required-scalar-argument","text":"<parent> (string) Required. Resource name for the access policy to list Access Levels from. Format: accessPolicies/{policy_id}","title":"Required Scalar Argument"},{"location":"access-policies_access-levels-list/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_access-levels-list/#optional-method-properties","text":"You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p access-level-format=string Whether to return BasicLevels in the Cloud Common Expression language, as CustomLevels , rather than as BasicLevels . Defaults to returning AccessLevels in the format they were defined. -p page-size=integer Number of Access Levels to include in the list. Default 100. -p page-token=string Next page token for the next batch of Access Level instances. Defaults to the first page of results.","title":"Optional Method Properties"},{"location":"access-policies_access-levels-list/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"access-policies_access-levels-patch/","text":"Update an Access Level. The longrunning operation from this RPC will have a successful status once the changes to the Access Level have propagated to long-lasting storage. Access Levels containing errors will result in an error response for the first error encountered. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies access-levels-patch ... Required Scalar Argument <name> (string) Resource name for the AccessLevel . Format: accessPolicies/{access_policy}/accessLevels/{access_level} . The access_level component must begin with a letter, followed by alphanumeric characters or _ . Its maximum length is 50 characters. After you create an AccessLevel , you cannot change its name . Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: AccessLevel: basic: combining-function: string custom: expr: description: string expression: string location: string title: string description: string name: string title: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .basic combining-function=amet. How the conditions list should be combined to determine if a request is granted this AccessLevel . If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND. ..custom.expr description=takimata Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. expression=amet. Textual representation of an expression in Common Expression Language syntax. location=duo Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. title=ipsum Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. ... description=gubergren Description of the AccessLevel and its use. Does not affect behavior. name=lorem Resource name for the AccessLevel . Format: accessPolicies/{access_policy}/accessLevels/{access_level} . The access_level component must begin with a letter, followed by alphanumeric characters or _ . Its maximum length is 50 characters. After you create an AccessLevel , you cannot change its name . title=gubergren Human readable title. Must be unique within the Policy. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional Method Properties You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p update-mask=string Required. Mask to control which fields get updated. Must be non-empty. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Access Levels Patch"},{"location":"access-policies_access-levels-patch/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies access-levels-patch ...","title":"Scopes"},{"location":"access-policies_access-levels-patch/#required-scalar-argument","text":"<name> (string) Resource name for the AccessLevel . Format: accessPolicies/{access_policy}/accessLevels/{access_level} . The access_level component must begin with a letter, followed by alphanumeric characters or _ . Its maximum length is 50 characters. After you create an AccessLevel , you cannot change its name .","title":"Required Scalar Argument"},{"location":"access-policies_access-levels-patch/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: AccessLevel: basic: combining-function: string custom: expr: description: string expression: string location: string title: string description: string name: string title: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r .basic combining-function=amet. How the conditions list should be combined to determine if a request is granted this AccessLevel . If AND is used, each Condition in conditions must be satisfied for the AccessLevel to be applied. If OR is used, at least one Condition in conditions must be satisfied for the AccessLevel to be applied. Default behavior is AND. ..custom.expr description=takimata Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. expression=amet. Textual representation of an expression in Common Expression Language syntax. location=duo Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. title=ipsum Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. ... description=gubergren Description of the AccessLevel and its use. Does not affect behavior. name=lorem Resource name for the AccessLevel . Format: accessPolicies/{access_policy}/accessLevels/{access_level} . The access_level component must begin with a letter, followed by alphanumeric characters or _ . Its maximum length is 50 characters. After you create an AccessLevel , you cannot change its name . title=gubergren Human readable title. Must be unique within the Policy.","title":"Required Request Value"},{"location":"access-policies_access-levels-patch/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"access-policies_access-levels-patch/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_access-levels-patch/#optional-method-properties","text":"You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p update-mask=string Required. Mask to control which fields get updated. Must be non-empty.","title":"Optional Method Properties"},{"location":"access-policies_access-levels-patch/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"access-policies_create/","text":"Create an AccessPolicy . Fails if this organization already has a AccessPolicy . The longrunning Operation will have a successful status once the AccessPolicy has propagated to long-lasting storage. Syntactic and basic semantic errors will be returned in metadata as a BadRequest proto. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies create ... Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: AccessPolicy: name: string parent: string title: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . name=eos Output only. Resource name of the AccessPolicy . Format: accessPolicies/{policy_id} parent=dolor Required. The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id} title=ea Required. Human readable title. Does not affect behavior. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Create"},{"location":"access-policies_create/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies create ...","title":"Scopes"},{"location":"access-policies_create/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: AccessPolicy: name: string parent: string title: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . name=eos Output only. Resource name of the AccessPolicy . Format: accessPolicies/{policy_id} parent=dolor Required. The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id} title=ea Required. Human readable title. Does not affect behavior.","title":"Required Request Value"},{"location":"access-policies_create/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"access-policies_create/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_create/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"access-policies_delete/","text":"Delete an AccessPolicy by resource name. The longrunning Operation will have a successful status once the AccessPolicy has been removed from long-lasting storage. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies delete ... Required Scalar Argument <name> (string) Required. Resource name for the access policy to delete. Format accessPolicies/{policy_id} Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Delete"},{"location":"access-policies_delete/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies delete ...","title":"Scopes"},{"location":"access-policies_delete/#required-scalar-argument","text":"<name> (string) Required. Resource name for the access policy to delete. Format accessPolicies/{policy_id}","title":"Required Scalar Argument"},{"location":"access-policies_delete/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_delete/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"access-policies_get/","text":"Get an AccessPolicy by name. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies get ... Required Scalar Argument <name> (string) Required. Resource name for the access policy to get. Format accessPolicies/{policy_id} Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get"},{"location":"access-policies_get/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies get ...","title":"Scopes"},{"location":"access-policies_get/#required-scalar-argument","text":"<name> (string) Required. Resource name for the access policy to get. Format accessPolicies/{policy_id}","title":"Required Scalar Argument"},{"location":"access-policies_get/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_get/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"access-policies_list/","text":"List all AccessPolicies under a container. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies list ... Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional Method Properties You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p page-size=integer Number of AccessPolicy instances to include in the list. Default 100. -p page-token=string Next page token for the next batch of AccessPolicy instances. Defaults to the first page of results. -p parent=string Required. Resource name for the container to list AccessPolicy instances from. Format: organizations/{org_id} Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"List"},{"location":"access-policies_list/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies list ...","title":"Scopes"},{"location":"access-policies_list/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_list/#optional-method-properties","text":"You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p page-size=integer Number of AccessPolicy instances to include in the list. Default 100. -p page-token=string Next page token for the next batch of AccessPolicy instances. Defaults to the first page of results. -p parent=string Required. Resource name for the container to list AccessPolicy instances from. Format: organizations/{org_id}","title":"Optional Method Properties"},{"location":"access-policies_list/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"access-policies_patch/","text":"Update an AccessPolicy. The longrunning Operation from this RPC will have a successful status once the changes to the AccessPolicy have propagated to long-lasting storage. Syntactic and basic semantic errors will be returned in metadata as a BadRequest proto. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies patch ... Required Scalar Argument <name> (string) Output only. Resource name of the AccessPolicy . Format: accessPolicies/{policy_id} Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: AccessPolicy: name: string parent: string title: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . name=ipsum Output only. Resource name of the AccessPolicy . Format: accessPolicies/{policy_id} parent=invidunt Required. The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id} title=amet Required. Human readable title. Does not affect behavior. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional Method Properties You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p update-mask=string Required. Mask to control which fields get updated. Must be non-empty. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Patch"},{"location":"access-policies_patch/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies patch ...","title":"Scopes"},{"location":"access-policies_patch/#required-scalar-argument","text":"<name> (string) Output only. Resource name of the AccessPolicy . Format: accessPolicies/{policy_id}","title":"Required Scalar Argument"},{"location":"access-policies_patch/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: AccessPolicy: name: string parent: string title: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . name=ipsum Output only. Resource name of the AccessPolicy . Format: accessPolicies/{policy_id} parent=invidunt Required. The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id} title=amet Required. Human readable title. Does not affect behavior.","title":"Required Request Value"},{"location":"access-policies_patch/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"access-policies_patch/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_patch/#optional-method-properties","text":"You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p update-mask=string Required. Mask to control which fields get updated. Must be non-empty.","title":"Optional Method Properties"},{"location":"access-policies_patch/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"access-policies_service-perimeters-create/","text":"Create a Service Perimeter. The longrunning operation from this RPC will have a successful status once the Service Perimeter has propagated to long-lasting storage. Service Perimeters containing errors will result in an error response for the first error encountered. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies service-perimeters-create ... Required Scalar Argument <parent> (string) Required. Resource name for the access policy which owns this Service Perimeter. Format: accessPolicies/{policy_id} Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ServicePerimeter: description: string name: string perimeter-type: string status: access-levels: [string] resources: [string] restricted-services: [string] unrestricted-services: [string] vpc-accessible-services: allowed-services: [string] enable-restriction: boolean title: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . description=duo Description of the ServicePerimeter and its use. Does not affect behavior. name=ipsum Resource name for the ServicePerimeter . Format: accessPolicies/{access_policy}/servicePerimeters/{service_perimeter} . The service_perimeter component must begin with a letter, followed by alphanumeric characters or _ . After you create a ServicePerimeter , you cannot change its name . perimeter-type=sed Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty. status access-levels=ut A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter . Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: &#34;accessPolicies/MY_POLICY/accessLevels/MY_LEVEL&#34; . For Service Perimeter Bridge, must be empty. Each invocation of this argument appends the given value to the array. resources=gubergren A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number} Each invocation of this argument appends the given value to the array. restricted-services=rebum. Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. Each invocation of this argument appends the given value to the array. unrestricted-services=est Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard \"*\". The wildcard means that unless explicitly specified by \"restricted_services\" list, any service is treated as unrestricted. Each invocation of this argument appends the given value to the array. vpc-accessible-services allowed-services=ipsum The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter. Each invocation of this argument appends the given value to the array. enable-restriction=true Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'. ... title=est Human readable title. Must be unique within the Policy. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Service Perimeters Create"},{"location":"access-policies_service-perimeters-create/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies service-perimeters-create ...","title":"Scopes"},{"location":"access-policies_service-perimeters-create/#required-scalar-argument","text":"<parent> (string) Required. Resource name for the access policy which owns this Service Perimeter. Format: accessPolicies/{policy_id}","title":"Required Scalar Argument"},{"location":"access-policies_service-perimeters-create/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ServicePerimeter: description: string name: string perimeter-type: string status: access-levels: [string] resources: [string] restricted-services: [string] unrestricted-services: [string] vpc-accessible-services: allowed-services: [string] enable-restriction: boolean title: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . description=duo Description of the ServicePerimeter and its use. Does not affect behavior. name=ipsum Resource name for the ServicePerimeter . Format: accessPolicies/{access_policy}/servicePerimeters/{service_perimeter} . The service_perimeter component must begin with a letter, followed by alphanumeric characters or _ . After you create a ServicePerimeter , you cannot change its name . perimeter-type=sed Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty. status access-levels=ut A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter . Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: &#34;accessPolicies/MY_POLICY/accessLevels/MY_LEVEL&#34; . For Service Perimeter Bridge, must be empty. Each invocation of this argument appends the given value to the array. resources=gubergren A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number} Each invocation of this argument appends the given value to the array. restricted-services=rebum. Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. Each invocation of this argument appends the given value to the array. unrestricted-services=est Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard \"*\". The wildcard means that unless explicitly specified by \"restricted_services\" list, any service is treated as unrestricted. Each invocation of this argument appends the given value to the array. vpc-accessible-services allowed-services=ipsum The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter. Each invocation of this argument appends the given value to the array. enable-restriction=true Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'. ... title=est Human readable title. Must be unique within the Policy.","title":"Required Request Value"},{"location":"access-policies_service-perimeters-create/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"access-policies_service-perimeters-create/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_service-perimeters-create/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"access-policies_service-perimeters-delete/","text":"Delete a Service Perimeter by resource name. The longrunning operation from this RPC will have a successful status once the Service Perimeter has been removed from long-lasting storage. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies service-perimeters-delete ... Required Scalar Argument <name> (string) Required. Resource name for the Service Perimeter. Format: accessPolicies/{policy_id}/servicePerimeters/{service_perimeter_id} Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Service Perimeters Delete"},{"location":"access-policies_service-perimeters-delete/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies service-perimeters-delete ...","title":"Scopes"},{"location":"access-policies_service-perimeters-delete/#required-scalar-argument","text":"<name> (string) Required. Resource name for the Service Perimeter. Format: accessPolicies/{policy_id}/servicePerimeters/{service_perimeter_id}","title":"Required Scalar Argument"},{"location":"access-policies_service-perimeters-delete/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_service-perimeters-delete/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"access-policies_service-perimeters-get/","text":"Get a Service Perimeter by resource name. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies service-perimeters-get ... Required Scalar Argument <name> (string) Required. Resource name for the Service Perimeter. Format: accessPolicies/{policy_id}/servicePerimeters/{service_perimeters_id} Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Service Perimeters Get"},{"location":"access-policies_service-perimeters-get/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies service-perimeters-get ...","title":"Scopes"},{"location":"access-policies_service-perimeters-get/#required-scalar-argument","text":"<name> (string) Required. Resource name for the Service Perimeter. Format: accessPolicies/{policy_id}/servicePerimeters/{service_perimeters_id}","title":"Required Scalar Argument"},{"location":"access-policies_service-perimeters-get/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_service-perimeters-get/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"access-policies_service-perimeters-list/","text":"List all Service Perimeters for an access policy. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies service-perimeters-list ... Required Scalar Argument <parent> (string) Required. Resource name for the access policy to list Service Perimeters from. Format: accessPolicies/{policy_id} Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional Method Properties You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p page-size=integer Number of Service Perimeters to include in the list. Default 100. -p page-token=string Next page token for the next batch of Service Perimeter instances. Defaults to the first page of results. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Service Perimeters List"},{"location":"access-policies_service-perimeters-list/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies service-perimeters-list ...","title":"Scopes"},{"location":"access-policies_service-perimeters-list/#required-scalar-argument","text":"<parent> (string) Required. Resource name for the access policy to list Service Perimeters from. Format: accessPolicies/{policy_id}","title":"Required Scalar Argument"},{"location":"access-policies_service-perimeters-list/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_service-perimeters-list/#optional-method-properties","text":"You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p page-size=integer Number of Service Perimeters to include in the list. Default 100. -p page-token=string Next page token for the next batch of Service Perimeter instances. Defaults to the first page of results.","title":"Optional Method Properties"},{"location":"access-policies_service-perimeters-list/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"access-policies_service-perimeters-patch/","text":"Update a Service Perimeter. The longrunning operation from this RPC will have a successful status once the changes to the Service Perimeter have propagated to long-lasting storage. Service Perimeter containing errors will result in an error response for the first error encountered. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies service-perimeters-patch ... Required Scalar Argument <name> (string) Resource name for the ServicePerimeter . Format: accessPolicies/{access_policy}/servicePerimeters/{service_perimeter} . The service_perimeter component must begin with a letter, followed by alphanumeric characters or _ . After you create a ServicePerimeter , you cannot change its name . Required Request Value The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ServicePerimeter: description: string name: string perimeter-type: string status: access-levels: [string] resources: [string] restricted-services: [string] unrestricted-services: [string] vpc-accessible-services: allowed-services: [string] enable-restriction: boolean title: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . description=gubergren Description of the ServicePerimeter and its use. Does not affect behavior. name=ea Resource name for the ServicePerimeter . Format: accessPolicies/{access_policy}/servicePerimeters/{service_perimeter} . The service_perimeter component must begin with a letter, followed by alphanumeric characters or _ . After you create a ServicePerimeter , you cannot change its name . perimeter-type=dolor Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty. status access-levels=lorem A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter . Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: &#34;accessPolicies/MY_POLICY/accessLevels/MY_LEVEL&#34; . For Service Perimeter Bridge, must be empty. Each invocation of this argument appends the given value to the array. resources=eos A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number} Each invocation of this argument appends the given value to the array. restricted-services=labore Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. Each invocation of this argument appends the given value to the array. unrestricted-services=sed Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard \"*\". The wildcard means that unless explicitly specified by \"restricted_services\" list, any service is treated as unrestricted. Each invocation of this argument appends the given value to the array. vpc-accessible-services allowed-services=duo The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter. Each invocation of this argument appends the given value to the array. enable-restriction=false Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'. ... title=no Human readable title. Must be unique within the Policy. About Cursors The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional Method Properties You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p update-mask=string Required. Mask to control which fields get updated. Must be non-empty. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Service Perimeters Patch"},{"location":"access-policies_service-perimeters-patch/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> access-policies service-perimeters-patch ...","title":"Scopes"},{"location":"access-policies_service-perimeters-patch/#required-scalar-argument","text":"<name> (string) Resource name for the ServicePerimeter . Format: accessPolicies/{access_policy}/servicePerimeters/{service_perimeter} . The service_perimeter component must begin with a letter, followed by alphanumeric characters or _ . After you create a ServicePerimeter , you cannot change its name .","title":"Required Scalar Argument"},{"location":"access-policies_service-perimeters-patch/#required-request-value","text":"The request value is a data-structure with various fields. Each field may be a simple scalar or another data-structure. In the latter case it is advised to set the field-cursor to the data-structure's field to specify values more concisely. For example, a structure like this: ServicePerimeter: description: string name: string perimeter-type: string status: access-levels: [string] resources: [string] restricted-services: [string] unrestricted-services: [string] vpc-accessible-services: allowed-services: [string] enable-restriction: boolean title: string can be set completely with the following arguments which are assumed to be executed in the given order. Note how the cursor position is adjusted to the respective structures, allowing simple field names to be used most of the time. -r . description=gubergren Description of the ServicePerimeter and its use. Does not affect behavior. name=ea Resource name for the ServicePerimeter . Format: accessPolicies/{access_policy}/servicePerimeters/{service_perimeter} . The service_perimeter component must begin with a letter, followed by alphanumeric characters or _ . After you create a ServicePerimeter , you cannot change its name . perimeter-type=dolor Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty. status access-levels=lorem A list of AccessLevel resource names that allow resources within the ServicePerimeter to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter . Referencing a nonexistent AccessLevel is a syntax error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: &#34;accessPolicies/MY_POLICY/accessLevels/MY_LEVEL&#34; . For Service Perimeter Bridge, must be empty. Each invocation of this argument appends the given value to the array. resources=eos A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: projects/{project_number} Each invocation of this argument appends the given value to the array. restricted-services=labore Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if storage.googleapis.com is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions. Each invocation of this argument appends the given value to the array. unrestricted-services=sed Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard \"*\". The wildcard means that unless explicitly specified by \"restricted_services\" list, any service is treated as unrestricted. Each invocation of this argument appends the given value to the array. vpc-accessible-services allowed-services=duo The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter. Each invocation of this argument appends the given value to the array. enable-restriction=false Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'. ... title=no Human readable title. Must be unique within the Policy.","title":"Required Request Value"},{"location":"access-policies_service-perimeters-patch/#about-cursors","text":"The cursor position is key to comfortably set complex nested structures. The following rules apply: The cursor position is always set relative to the current one, unless the field name starts with the . character. Fields can be nested such as in -r f.s.o . The cursor position is set relative to the top-level structure if it starts with . , e.g. -r .s.s You can also set nested fields without setting the cursor explicitly. For example, to set a value relative to the current cursor position, you would specify -r struct.sub_struct=bar . You can move the cursor one level up by using .. . Each additional . moves it up one additional level. E.g. ... would go three levels up.","title":"About Cursors"},{"location":"access-policies_service-perimeters-patch/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"access-policies_service-perimeters-patch/#optional-method-properties","text":"You may set the following properties to further configure the call. Please note that -p is followed by one or more key-value-pairs, and is called like this -p k1=v1 k2=v2 even though the listing below repeats the -p for completeness. -p update-mask=string Required. Mask to control which fields get updated. Must be non-empty.","title":"Optional Method Properties"},{"location":"access-policies_service-perimeters-patch/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"},{"location":"operations_get/","text":"Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. Scopes You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> operations get ... Required Scalar Argument <name> (string) The name of the operation resource. Optional Output Flags The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output. Optional General Properties The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Get"},{"location":"operations_get/#scopes","text":"You will need authorization for the https://www.googleapis.com/auth/cloud-platform scope to make a valid call. If unset, the scope for this method defaults to https://www.googleapis.com/auth/cloud-platform . You can set the scope for this method like this: accesscontextmanager1-beta --scope <scope> operations get ...","title":"Scopes"},{"location":"operations_get/#required-scalar-argument","text":"<name> (string) The name of the operation resource.","title":"Required Scalar Argument"},{"location":"operations_get/#optional-output-flags","text":"The method's return value a JSON encoded structure, which will be written to standard output by default. -o out out specifies the destination to which to write the server's result to. It will be a JSON-encoded structure. The destination may be - to indicate standard output, or a filepath that is to contain the received bytes. If unset, it defaults to standard output.","title":"Optional Output Flags"},{"location":"operations_get/#optional-general-properties","text":"The following properties can configure any call, and are not specific to this method. -p $-xgafv=string V1 error format. -p access-token=string OAuth access token. -p alt=string Data format for response. -p callback=string JSONP -p fields=string Selector specifying which fields to include in a partial response. -p key=string API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. -p oauth-token=string OAuth 2.0 token for the current user. -p pretty-print=boolean Returns response with indentations and line breaks. -p quota-user=string Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. -p upload-type=string Legacy upload protocol for media (e.g. \"media\", \"multipart\"). -p upload-protocol=string Upload protocol for media (e.g. \"raw\", \"multipart\").","title":"Optional General Properties"}]}