Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	WorkloadIdentityPool_State_name = map[int32]string{
		0: "STATE_UNSPECIFIED",
		1: "ACTIVE",
		2: "DELETED",
	}
	WorkloadIdentityPool_State_value = map[string]int32{
		"STATE_UNSPECIFIED": 0,
		"ACTIVE":            1,
		"DELETED":           2,
	}
)

Enum value maps for WorkloadIdentityPool_State.

View Source
var (
	WorkloadIdentityPoolProvider_State_name = map[int32]string{
		0: "STATE_UNSPECIFIED",
		1: "ACTIVE",
		2: "DELETED",
	}
	WorkloadIdentityPoolProvider_State_value = map[string]int32{
		"STATE_UNSPECIFIED": 0,
		"ACTIVE":            1,
		"DELETED":           2,
	}
)

Enum value maps for WorkloadIdentityPoolProvider_State.

View Source
var File_google_iam_v1beta_workload_identity_pool_proto protoreflect.FileDescriptor

Functions

func RegisterWorkloadIdentityPoolsServer

func RegisterWorkloadIdentityPoolsServer(s *grpc.Server, srv WorkloadIdentityPoolsServer)

Types

type CreateWorkloadIdentityPoolProviderRequest

type CreateWorkloadIdentityPoolProviderRequest struct {

	// Required. The pool to create this provider in.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. The provider to create.
	WorkloadIdentityPoolProvider *WorkloadIdentityPoolProvider `` /* 149-byte string literal not displayed */
	// Required. The ID for the provider, which becomes the
	// final component of the resource name. This value must be 4-32 characters,
	// and may contain the characters [a-z0-9-]. The prefix `gcp-` is
	// reserved for use by Google, and may not be specified.
	WorkloadIdentityPoolProviderId string `` /* 157-byte string literal not displayed */
	// contains filtered or unexported fields
}

Request message for CreateWorkloadIdentityPoolProvider.

func (*CreateWorkloadIdentityPoolProviderRequest) Descriptor

func (*CreateWorkloadIdentityPoolProviderRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateWorkloadIdentityPoolProviderRequest.ProtoReflect.Descriptor instead.

func (*CreateWorkloadIdentityPoolProviderRequest) GetParent

func (*CreateWorkloadIdentityPoolProviderRequest) GetWorkloadIdentityPoolProvider

func (x *CreateWorkloadIdentityPoolProviderRequest) GetWorkloadIdentityPoolProvider() *WorkloadIdentityPoolProvider

func (*CreateWorkloadIdentityPoolProviderRequest) GetWorkloadIdentityPoolProviderId

func (x *CreateWorkloadIdentityPoolProviderRequest) GetWorkloadIdentityPoolProviderId() string

func (*CreateWorkloadIdentityPoolProviderRequest) ProtoMessage

func (*CreateWorkloadIdentityPoolProviderRequest) ProtoReflect

func (*CreateWorkloadIdentityPoolProviderRequest) Reset

func (*CreateWorkloadIdentityPoolProviderRequest) String

type CreateWorkloadIdentityPoolRequest

type CreateWorkloadIdentityPoolRequest struct {

	// Required. The parent resource to create the pool in. The only supported
	// location is `global`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. The pool to create.
	WorkloadIdentityPool *WorkloadIdentityPool `protobuf:"bytes,2,opt,name=workload_identity_pool,json=workloadIdentityPool,proto3" json:"workload_identity_pool,omitempty"`
	// Required. The ID to use for the pool, which becomes the
	// final component of the resource name. This value should be 4-32 characters,
	// and may contain the characters [a-z0-9-]. The prefix `gcp-` is
	// reserved for use by Google, and may not be specified.
	WorkloadIdentityPoolId string `` /* 131-byte string literal not displayed */
	// contains filtered or unexported fields
}

Request message for CreateWorkloadIdentityPool.

func (*CreateWorkloadIdentityPoolRequest) Descriptor

func (*CreateWorkloadIdentityPoolRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateWorkloadIdentityPoolRequest.ProtoReflect.Descriptor instead.

func (*CreateWorkloadIdentityPoolRequest) GetParent

func (*CreateWorkloadIdentityPoolRequest) GetWorkloadIdentityPool

func (x *CreateWorkloadIdentityPoolRequest) GetWorkloadIdentityPool() *WorkloadIdentityPool

func (*CreateWorkloadIdentityPoolRequest) GetWorkloadIdentityPoolId

func (x *CreateWorkloadIdentityPoolRequest) GetWorkloadIdentityPoolId() string

func (*CreateWorkloadIdentityPoolRequest) ProtoMessage

func (*CreateWorkloadIdentityPoolRequest) ProtoMessage()

func (*CreateWorkloadIdentityPoolRequest) ProtoReflect

func (*CreateWorkloadIdentityPoolRequest) Reset

func (*CreateWorkloadIdentityPoolRequest) String

type DeleteWorkloadIdentityPoolProviderRequest

type DeleteWorkloadIdentityPoolProviderRequest struct {

	// Required. The name of the provider to delete.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for DeleteWorkloadIdentityPoolProvider.

func (*DeleteWorkloadIdentityPoolProviderRequest) Descriptor

func (*DeleteWorkloadIdentityPoolProviderRequest) Descriptor() ([]byte, []int)

Deprecated: Use DeleteWorkloadIdentityPoolProviderRequest.ProtoReflect.Descriptor instead.

func (*DeleteWorkloadIdentityPoolProviderRequest) GetName

func (*DeleteWorkloadIdentityPoolProviderRequest) ProtoMessage

func (*DeleteWorkloadIdentityPoolProviderRequest) ProtoReflect

func (*DeleteWorkloadIdentityPoolProviderRequest) Reset

func (*DeleteWorkloadIdentityPoolProviderRequest) String

type DeleteWorkloadIdentityPoolRequest

type DeleteWorkloadIdentityPoolRequest struct {

	// Required. The name of the pool to delete.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for DeleteWorkloadIdentityPool.

func (*DeleteWorkloadIdentityPoolRequest) Descriptor

func (*DeleteWorkloadIdentityPoolRequest) Descriptor() ([]byte, []int)

Deprecated: Use DeleteWorkloadIdentityPoolRequest.ProtoReflect.Descriptor instead.

func (*DeleteWorkloadIdentityPoolRequest) GetName

func (*DeleteWorkloadIdentityPoolRequest) ProtoMessage

func (*DeleteWorkloadIdentityPoolRequest) ProtoMessage()

func (*DeleteWorkloadIdentityPoolRequest) ProtoReflect

func (*DeleteWorkloadIdentityPoolRequest) Reset

func (*DeleteWorkloadIdentityPoolRequest) String

type GetWorkloadIdentityPoolProviderRequest

type GetWorkloadIdentityPoolProviderRequest struct {

	// Required. The name of the provider to retrieve.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for GetWorkloadIdentityPoolProvider.

func (*GetWorkloadIdentityPoolProviderRequest) Descriptor

func (*GetWorkloadIdentityPoolProviderRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetWorkloadIdentityPoolProviderRequest.ProtoReflect.Descriptor instead.

func (*GetWorkloadIdentityPoolProviderRequest) GetName

func (*GetWorkloadIdentityPoolProviderRequest) ProtoMessage

func (*GetWorkloadIdentityPoolProviderRequest) ProtoReflect

func (*GetWorkloadIdentityPoolProviderRequest) Reset

func (*GetWorkloadIdentityPoolProviderRequest) String

type GetWorkloadIdentityPoolRequest

type GetWorkloadIdentityPoolRequest struct {

	// Required. The name of the pool to retrieve.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for GetWorkloadIdentityPool.

func (*GetWorkloadIdentityPoolRequest) Descriptor

func (*GetWorkloadIdentityPoolRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetWorkloadIdentityPoolRequest.ProtoReflect.Descriptor instead.

func (*GetWorkloadIdentityPoolRequest) GetName

func (*GetWorkloadIdentityPoolRequest) ProtoMessage

func (*GetWorkloadIdentityPoolRequest) ProtoMessage()

func (*GetWorkloadIdentityPoolRequest) ProtoReflect

func (*GetWorkloadIdentityPoolRequest) Reset

func (x *GetWorkloadIdentityPoolRequest) Reset()

func (*GetWorkloadIdentityPoolRequest) String

type ListWorkloadIdentityPoolProvidersRequest

type ListWorkloadIdentityPoolProvidersRequest struct {

	// Required. The pool to list providers for.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// The maximum number of providers to return.
	// If unspecified, at most 50 providers are returned.
	// The maximum value is 100; values above 100 are truncated to 100.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// A page token, received from a previous
	// `ListWorkloadIdentityPoolProviders` call. Provide this to retrieve the
	// subsequent page.
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// Whether to return soft-deleted providers.
	ShowDeleted bool `protobuf:"varint,4,opt,name=show_deleted,json=showDeleted,proto3" json:"show_deleted,omitempty"`
	// contains filtered or unexported fields
}

Request message for ListWorkloadIdentityPoolProviders.

func (*ListWorkloadIdentityPoolProvidersRequest) Descriptor

func (*ListWorkloadIdentityPoolProvidersRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListWorkloadIdentityPoolProvidersRequest.ProtoReflect.Descriptor instead.

func (*ListWorkloadIdentityPoolProvidersRequest) GetPageSize

func (*ListWorkloadIdentityPoolProvidersRequest) GetPageToken

func (*ListWorkloadIdentityPoolProvidersRequest) GetParent

func (*ListWorkloadIdentityPoolProvidersRequest) GetShowDeleted

func (x *ListWorkloadIdentityPoolProvidersRequest) GetShowDeleted() bool

func (*ListWorkloadIdentityPoolProvidersRequest) ProtoMessage

func (*ListWorkloadIdentityPoolProvidersRequest) ProtoReflect

func (*ListWorkloadIdentityPoolProvidersRequest) Reset

func (*ListWorkloadIdentityPoolProvidersRequest) String

type ListWorkloadIdentityPoolProvidersResponse

type ListWorkloadIdentityPoolProvidersResponse struct {

	// A list of providers.
	WorkloadIdentityPoolProviders []*WorkloadIdentityPoolProvider `` /* 152-byte string literal not displayed */
	// A token, which can be sent as `page_token` to retrieve the next page.
	// If this field is omitted, there are no subsequent pages.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

Response message for ListWorkloadIdentityPoolProviders.

func (*ListWorkloadIdentityPoolProvidersResponse) Descriptor

func (*ListWorkloadIdentityPoolProvidersResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListWorkloadIdentityPoolProvidersResponse.ProtoReflect.Descriptor instead.

func (*ListWorkloadIdentityPoolProvidersResponse) GetNextPageToken

func (x *ListWorkloadIdentityPoolProvidersResponse) GetNextPageToken() string

func (*ListWorkloadIdentityPoolProvidersResponse) GetWorkloadIdentityPoolProviders

func (x *ListWorkloadIdentityPoolProvidersResponse) GetWorkloadIdentityPoolProviders() []*WorkloadIdentityPoolProvider

func (*ListWorkloadIdentityPoolProvidersResponse) ProtoMessage

func (*ListWorkloadIdentityPoolProvidersResponse) ProtoReflect

func (*ListWorkloadIdentityPoolProvidersResponse) Reset

func (*ListWorkloadIdentityPoolProvidersResponse) String

type ListWorkloadIdentityPoolsRequest

type ListWorkloadIdentityPoolsRequest struct {

	// Required. The parent resource to list pools for.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// The maximum number of pools to return.
	// If unspecified, at most 50 pools are returned.
	// The maximum value is 1000; values above are 1000 truncated to 1000.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// A page token, received from a previous `ListWorkloadIdentityPools`
	// call. Provide this to retrieve the subsequent page.
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// Whether to return soft-deleted pools.
	ShowDeleted bool `protobuf:"varint,4,opt,name=show_deleted,json=showDeleted,proto3" json:"show_deleted,omitempty"`
	// contains filtered or unexported fields
}

Request message for ListWorkloadIdentityPools.

func (*ListWorkloadIdentityPoolsRequest) Descriptor

func (*ListWorkloadIdentityPoolsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListWorkloadIdentityPoolsRequest.ProtoReflect.Descriptor instead.

func (*ListWorkloadIdentityPoolsRequest) GetPageSize

func (x *ListWorkloadIdentityPoolsRequest) GetPageSize() int32

func (*ListWorkloadIdentityPoolsRequest) GetPageToken

func (x *ListWorkloadIdentityPoolsRequest) GetPageToken() string

func (*ListWorkloadIdentityPoolsRequest) GetParent

func (*ListWorkloadIdentityPoolsRequest) GetShowDeleted

func (x *ListWorkloadIdentityPoolsRequest) GetShowDeleted() bool

func (*ListWorkloadIdentityPoolsRequest) ProtoMessage

func (*ListWorkloadIdentityPoolsRequest) ProtoMessage()

func (*ListWorkloadIdentityPoolsRequest) ProtoReflect

func (*ListWorkloadIdentityPoolsRequest) Reset

func (*ListWorkloadIdentityPoolsRequest) String

type ListWorkloadIdentityPoolsResponse

type ListWorkloadIdentityPoolsResponse struct {

	// A list of pools.
	WorkloadIdentityPools []*WorkloadIdentityPool `` /* 126-byte string literal not displayed */
	// A token, which can be sent as `page_token` to retrieve the next page.
	// If this field is omitted, there are no subsequent pages.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// contains filtered or unexported fields
}

Response message for ListWorkloadIdentityPools.

func (*ListWorkloadIdentityPoolsResponse) Descriptor

func (*ListWorkloadIdentityPoolsResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListWorkloadIdentityPoolsResponse.ProtoReflect.Descriptor instead.

func (*ListWorkloadIdentityPoolsResponse) GetNextPageToken

func (x *ListWorkloadIdentityPoolsResponse) GetNextPageToken() string

func (*ListWorkloadIdentityPoolsResponse) GetWorkloadIdentityPools

func (x *ListWorkloadIdentityPoolsResponse) GetWorkloadIdentityPools() []*WorkloadIdentityPool

func (*ListWorkloadIdentityPoolsResponse) ProtoMessage

func (*ListWorkloadIdentityPoolsResponse) ProtoMessage()

func (*ListWorkloadIdentityPoolsResponse) ProtoReflect

func (*ListWorkloadIdentityPoolsResponse) Reset

func (*ListWorkloadIdentityPoolsResponse) String

type UndeleteWorkloadIdentityPoolProviderRequest

type UndeleteWorkloadIdentityPoolProviderRequest struct {

	// Required. The name of the provider to undelete.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for UndeleteWorkloadIdentityPoolProvider.

func (*UndeleteWorkloadIdentityPoolProviderRequest) Descriptor

Deprecated: Use UndeleteWorkloadIdentityPoolProviderRequest.ProtoReflect.Descriptor instead.

func (*UndeleteWorkloadIdentityPoolProviderRequest) GetName

func (*UndeleteWorkloadIdentityPoolProviderRequest) ProtoMessage

func (*UndeleteWorkloadIdentityPoolProviderRequest) ProtoReflect

func (*UndeleteWorkloadIdentityPoolProviderRequest) Reset

func (*UndeleteWorkloadIdentityPoolProviderRequest) String

type UndeleteWorkloadIdentityPoolRequest

type UndeleteWorkloadIdentityPoolRequest struct {

	// Required. The name of the pool to undelete.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

Request message for UndeleteWorkloadIdentityPool.

func (*UndeleteWorkloadIdentityPoolRequest) Descriptor

func (*UndeleteWorkloadIdentityPoolRequest) Descriptor() ([]byte, []int)

Deprecated: Use UndeleteWorkloadIdentityPoolRequest.ProtoReflect.Descriptor instead.

func (*UndeleteWorkloadIdentityPoolRequest) GetName

func (*UndeleteWorkloadIdentityPoolRequest) ProtoMessage

func (*UndeleteWorkloadIdentityPoolRequest) ProtoMessage()

func (*UndeleteWorkloadIdentityPoolRequest) ProtoReflect

func (*UndeleteWorkloadIdentityPoolRequest) Reset

func (*UndeleteWorkloadIdentityPoolRequest) String

type UnimplementedWorkloadIdentityPoolsServer

type UnimplementedWorkloadIdentityPoolsServer struct {
}

UnimplementedWorkloadIdentityPoolsServer can be embedded to have forward compatible implementations.

func (*UnimplementedWorkloadIdentityPoolsServer) CreateWorkloadIdentityPool

func (*UnimplementedWorkloadIdentityPoolsServer) CreateWorkloadIdentityPoolProvider

func (*UnimplementedWorkloadIdentityPoolsServer) DeleteWorkloadIdentityPool

func (*UnimplementedWorkloadIdentityPoolsServer) DeleteWorkloadIdentityPoolProvider

func (*UnimplementedWorkloadIdentityPoolsServer) GetWorkloadIdentityPool

func (*UnimplementedWorkloadIdentityPoolsServer) UndeleteWorkloadIdentityPool

func (*UnimplementedWorkloadIdentityPoolsServer) UndeleteWorkloadIdentityPoolProvider

func (*UnimplementedWorkloadIdentityPoolsServer) UpdateWorkloadIdentityPool

func (*UnimplementedWorkloadIdentityPoolsServer) UpdateWorkloadIdentityPoolProvider

type UpdateWorkloadIdentityPoolProviderRequest

type UpdateWorkloadIdentityPoolProviderRequest struct {

	// Required. The provider to update.
	WorkloadIdentityPoolProvider *WorkloadIdentityPoolProvider `` /* 149-byte string literal not displayed */
	// Required. The list of fields to update.
	UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
	// contains filtered or unexported fields
}

Request message for UpdateWorkloadIdentityPoolProvider.

func (*UpdateWorkloadIdentityPoolProviderRequest) Descriptor

func (*UpdateWorkloadIdentityPoolProviderRequest) Descriptor() ([]byte, []int)

Deprecated: Use UpdateWorkloadIdentityPoolProviderRequest.ProtoReflect.Descriptor instead.

func (*UpdateWorkloadIdentityPoolProviderRequest) GetUpdateMask

func (*UpdateWorkloadIdentityPoolProviderRequest) GetWorkloadIdentityPoolProvider

func (x *UpdateWorkloadIdentityPoolProviderRequest) GetWorkloadIdentityPoolProvider() *WorkloadIdentityPoolProvider

func (*UpdateWorkloadIdentityPoolProviderRequest) ProtoMessage

func (*UpdateWorkloadIdentityPoolProviderRequest) ProtoReflect

func (*UpdateWorkloadIdentityPoolProviderRequest) Reset

func (*UpdateWorkloadIdentityPoolProviderRequest) String

type UpdateWorkloadIdentityPoolRequest

type UpdateWorkloadIdentityPoolRequest struct {

	// Required. The pool to update. The `name` field is used to identify the pool.
	WorkloadIdentityPool *WorkloadIdentityPool `protobuf:"bytes,1,opt,name=workload_identity_pool,json=workloadIdentityPool,proto3" json:"workload_identity_pool,omitempty"`
	// Required. The list of fields update.
	UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
	// contains filtered or unexported fields
}

Request message for UpdateWorkloadIdentityPool.

func (*UpdateWorkloadIdentityPoolRequest) Descriptor

func (*UpdateWorkloadIdentityPoolRequest) Descriptor() ([]byte, []int)

Deprecated: Use UpdateWorkloadIdentityPoolRequest.ProtoReflect.Descriptor instead.

func (*UpdateWorkloadIdentityPoolRequest) GetUpdateMask

func (*UpdateWorkloadIdentityPoolRequest) GetWorkloadIdentityPool

func (x *UpdateWorkloadIdentityPoolRequest) GetWorkloadIdentityPool() *WorkloadIdentityPool

func (*UpdateWorkloadIdentityPoolRequest) ProtoMessage

func (*UpdateWorkloadIdentityPoolRequest) ProtoMessage()

func (*UpdateWorkloadIdentityPoolRequest) ProtoReflect

func (*UpdateWorkloadIdentityPoolRequest) Reset

func (*UpdateWorkloadIdentityPoolRequest) String

type WorkloadIdentityPool

type WorkloadIdentityPool struct {

	// Output only. The resource name of the pool.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// A display name for the pool. Cannot exceed 32 characters.
	DisplayName string `protobuf:"bytes,2,opt,name=display_name,json=displayName,proto3" json:"display_name,omitempty"`
	// A description of the pool. Cannot exceed 256 characters.
	Description string `protobuf:"bytes,3,opt,name=description,proto3" json:"description,omitempty"`
	// Output only. The state of the pool.
	State WorkloadIdentityPool_State `protobuf:"varint,4,opt,name=state,proto3,enum=google.iam.v1beta.WorkloadIdentityPool_State" json:"state,omitempty"`
	// Whether the pool is disabled. You cannot use a disabled pool to exchange
	// tokens, or use existing tokens to access resources. If
	// the pool is re-enabled, existing tokens grant access again.
	Disabled bool `protobuf:"varint,5,opt,name=disabled,proto3" json:"disabled,omitempty"`
	// contains filtered or unexported fields
}

Represents a collection of external workload identities. You can define IAM policies to grant these identities access to Google Cloud resources.

func (*WorkloadIdentityPool) Descriptor

func (*WorkloadIdentityPool) Descriptor() ([]byte, []int)

Deprecated: Use WorkloadIdentityPool.ProtoReflect.Descriptor instead.

func (*WorkloadIdentityPool) GetDescription

func (x *WorkloadIdentityPool) GetDescription() string

func (*WorkloadIdentityPool) GetDisabled

func (x *WorkloadIdentityPool) GetDisabled() bool

func (*WorkloadIdentityPool) GetDisplayName

func (x *WorkloadIdentityPool) GetDisplayName() string

func (*WorkloadIdentityPool) GetName

func (x *WorkloadIdentityPool) GetName() string

func (*WorkloadIdentityPool) GetState

func (*WorkloadIdentityPool) ProtoMessage

func (*WorkloadIdentityPool) ProtoMessage()

func (*WorkloadIdentityPool) ProtoReflect

func (x *WorkloadIdentityPool) ProtoReflect() protoreflect.Message

func (*WorkloadIdentityPool) Reset

func (x *WorkloadIdentityPool) Reset()

func (*WorkloadIdentityPool) String

func (x *WorkloadIdentityPool) String() string

type WorkloadIdentityPoolOperationMetadata

type WorkloadIdentityPoolOperationMetadata struct {
	// contains filtered or unexported fields
}

Metadata for long-running WorkloadIdentityPool operations.

func (*WorkloadIdentityPoolOperationMetadata) Descriptor

func (*WorkloadIdentityPoolOperationMetadata) Descriptor() ([]byte, []int)

Deprecated: Use WorkloadIdentityPoolOperationMetadata.ProtoReflect.Descriptor instead.

func (*WorkloadIdentityPoolOperationMetadata) ProtoMessage

func (*WorkloadIdentityPoolOperationMetadata) ProtoMessage()

func (*WorkloadIdentityPoolOperationMetadata) ProtoReflect

func (*WorkloadIdentityPoolOperationMetadata) Reset

func (*WorkloadIdentityPoolOperationMetadata) String

type WorkloadIdentityPoolProvider

type WorkloadIdentityPoolProvider struct {

	// Output only. The resource name of the provider.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// A display name for the provider. Cannot exceed 32 characters.
	DisplayName string `protobuf:"bytes,2,opt,name=display_name,json=displayName,proto3" json:"display_name,omitempty"`
	// A description for the provider. Cannot exceed 256 characters.
	Description string `protobuf:"bytes,3,opt,name=description,proto3" json:"description,omitempty"`
	// Output only. The state of the provider.
	State WorkloadIdentityPoolProvider_State `protobuf:"varint,4,opt,name=state,proto3,enum=google.iam.v1beta.WorkloadIdentityPoolProvider_State" json:"state,omitempty"`
	// Whether the provider is disabled. You cannot use a disabled provider to
	// exchange tokens. However, existing tokens still grant access.
	Disabled bool `protobuf:"varint,5,opt,name=disabled,proto3" json:"disabled,omitempty"`
	// Maps attributes from authentication credentials issued by an external
	// identity provider to Google Cloud attributes, such as `subject` and
	// `segment`.
	//
	// Each key must be a string specifying the Google Cloud IAM attribute to
	// map to.
	//
	// The following keys are supported:
	//
	// * `google.subject`: The principal IAM is authenticating. You can reference
	//                     this value in IAM bindings. This is also the
	//                     subject that appears in Cloud Logging logs.
	//                     Cannot exceed 127 characters.
	//
	// * `google.groups`: Groups the external identity belongs to. You can grant
	//                    groups access to resources using an IAM `principalSet`
	//                    binding; access applies to all members of the group.
	//
	// You can also provide custom attributes by specifying
	// `attribute.{custom_attribute}`, where `{custom_attribute}` is the name of
	// the custom attribute to be mapped. You can define a maximum of 50 custom
	// attributes. The maximum length of a mapped attribute key is
	// 100 characters, and the key may only contain the characters [a-z0-9_].
	//
	// You can reference these attributes in IAM policies to define fine-grained
	// access for a workload to Google Cloud resources. For example:
	//
	// * `google.subject`:
	// `principal://iam.googleapis.com/projects/{project}/locations/{location}/workloadIdentityPools/{pool}/subject/{value}`
	//
	// * `google.groups`:
	// `principalSet://iam.googleapis.com/projects/{project}/locations/{location}/workloadIdentityPools/{pool}/group/{value}`
	//
	// * `attribute.{custom_attribute}`:
	// `principalSet://iam.googleapis.com/projects/{project}/locations/{location}/workloadIdentityPools/{pool}/attribute.{custom_attribute}/{value}`
	//
	// Each value must be a [Common Expression Language]
	// (https://opensource.google/projects/cel) function that maps an
	// identity provider credential to the normalized attribute specified by the
	// corresponding map key.
	//
	// You can use the `assertion` keyword in the expression to access a JSON
	// representation of the authentication credential issued by the provider.
	//
	// The maximum length of an attribute mapping expression is 2048 characters.
	// When evaluated, the total size of all mapped attributes must not exceed
	// 8KB.
	//
	// For AWS providers, the following rules apply:
	//
	// - If no attribute mapping is defined, the following default mapping
	//   applies:
	//
	//   ```
	//   {
	//     "google.subject":"assertion.arn",
	//     "attribute.aws_role":
	//         "assertion.arn.contains('assumed-role')"
	//         " ? assertion.arn.extract('{account_arn}assumed-role/')"
	//         "   + 'assumed-role/'"
	//         "   + assertion.arn.extract('assumed-role/{role_name}/')"
	//         " : assertion.arn",
	//   }
	//   ```
	//
	// - If any custom attribute mappings are defined, they must include a mapping
	//   to the `google.subject` attribute.
	//
	//
	// For OIDC providers, the following rules apply:
	//
	// - Custom attribute mappings must be defined, and must include a mapping to
	//   the `google.subject` attribute. For example, the following maps the
	//   `sub` claim of the incoming credential to the `subject` attribute on
	//   a Google token.
	//
	//   ```
	//   {"google.subject": "assertion.sub"}
	//   ```
	AttributeMapping map[string]string `` /* 197-byte string literal not displayed */
	// [A Common Expression Language](https://opensource.google/projects/cel)
	// expression, in plain text, to restrict what otherwise valid authentication
	// credentials issued by the provider should not be accepted.
	//
	// The expression must output a boolean representing whether to allow the
	// federation.
	//
	// The following keywords may be referenced in the expressions:
	//
	// * `assertion`: JSON representing the authentication credential issued by
	//                the provider.
	// * `google`: The Google attributes mapped from the assertion in the
	//             `attribute_mappings`.
	// * `attribute`: The custom attributes mapped from the assertion in the
	//                `attribute_mappings`.
	//
	// The maximum length of the attribute condition expression is 4096
	// characters. If unspecified, all valid authentication credential are
	// accepted.
	//
	// The following example shows how to only allow credentials with a mapped
	// `google.groups` value of `admins`:
	//
	// ```
	// "'admins' in google.groups"
	// ```
	AttributeCondition string `protobuf:"bytes,7,opt,name=attribute_condition,json=attributeCondition,proto3" json:"attribute_condition,omitempty"`
	// Identity provider configuration types.
	//
	// Types that are assignable to ProviderConfig:
	//	*WorkloadIdentityPoolProvider_Aws_
	//	*WorkloadIdentityPoolProvider_Oidc_
	ProviderConfig isWorkloadIdentityPoolProvider_ProviderConfig `protobuf_oneof:"provider_config"`
	// contains filtered or unexported fields
}

A configuration for an external identity provider.

func (*WorkloadIdentityPoolProvider) Descriptor

func (*WorkloadIdentityPoolProvider) Descriptor() ([]byte, []int)

Deprecated: Use WorkloadIdentityPoolProvider.ProtoReflect.Descriptor instead.

func (*WorkloadIdentityPoolProvider) GetAttributeCondition

func (x *WorkloadIdentityPoolProvider) GetAttributeCondition() string

func (*WorkloadIdentityPoolProvider) GetAttributeMapping

func (x *WorkloadIdentityPoolProvider) GetAttributeMapping() map[string]string

func (*WorkloadIdentityPoolProvider) GetAws

func (*WorkloadIdentityPoolProvider) GetDescription

func (x *WorkloadIdentityPoolProvider) GetDescription() string

func (*WorkloadIdentityPoolProvider) GetDisabled

func (x *WorkloadIdentityPoolProvider) GetDisabled() bool

func (*WorkloadIdentityPoolProvider) GetDisplayName

func (x *WorkloadIdentityPoolProvider) GetDisplayName() string

func (*WorkloadIdentityPoolProvider) GetName

func (x *WorkloadIdentityPoolProvider) GetName() string

func (*WorkloadIdentityPoolProvider) GetOidc

func (*WorkloadIdentityPoolProvider) GetProviderConfig

func (m *WorkloadIdentityPoolProvider) GetProviderConfig() isWorkloadIdentityPoolProvider_ProviderConfig

func (*WorkloadIdentityPoolProvider) GetState

func (*WorkloadIdentityPoolProvider) ProtoMessage

func (*WorkloadIdentityPoolProvider) ProtoMessage()

func (*WorkloadIdentityPoolProvider) ProtoReflect

func (*WorkloadIdentityPoolProvider) Reset

func (x *WorkloadIdentityPoolProvider) Reset()

func (*WorkloadIdentityPoolProvider) String

type WorkloadIdentityPoolProviderOperationMetadata

type WorkloadIdentityPoolProviderOperationMetadata struct {
	// contains filtered or unexported fields
}

Metadata for long-running WorkloadIdentityPoolProvider operations.

func (*WorkloadIdentityPoolProviderOperationMetadata) Descriptor

Deprecated: Use WorkloadIdentityPoolProviderOperationMetadata.ProtoReflect.Descriptor instead.

func (*WorkloadIdentityPoolProviderOperationMetadata) ProtoMessage

func (*WorkloadIdentityPoolProviderOperationMetadata) ProtoReflect

func (*WorkloadIdentityPoolProviderOperationMetadata) Reset

func (*WorkloadIdentityPoolProviderOperationMetadata) String

type WorkloadIdentityPoolProvider_Aws

type WorkloadIdentityPoolProvider_Aws struct {

	// Required. The AWS account ID.
	AccountId string `protobuf:"bytes,1,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"`
	// contains filtered or unexported fields
}

Represents an Amazon Web Services identity provider.

func (*WorkloadIdentityPoolProvider_Aws) Descriptor

func (*WorkloadIdentityPoolProvider_Aws) Descriptor() ([]byte, []int)

Deprecated: Use WorkloadIdentityPoolProvider_Aws.ProtoReflect.Descriptor instead.

func (*WorkloadIdentityPoolProvider_Aws) GetAccountId

func (x *WorkloadIdentityPoolProvider_Aws) GetAccountId() string

func (*WorkloadIdentityPoolProvider_Aws) ProtoMessage

func (*WorkloadIdentityPoolProvider_Aws) ProtoMessage()

func (*WorkloadIdentityPoolProvider_Aws) ProtoReflect

func (*WorkloadIdentityPoolProvider_Aws) Reset

func (*WorkloadIdentityPoolProvider_Aws) String

type WorkloadIdentityPoolProvider_Aws_

type WorkloadIdentityPoolProvider_Aws_ struct {
	// An Amazon Web Services identity provider.
	Aws *WorkloadIdentityPoolProvider_Aws `protobuf:"bytes,8,opt,name=aws,proto3,oneof"`
}

type WorkloadIdentityPoolProvider_Oidc

type WorkloadIdentityPoolProvider_Oidc struct {

	// Required. The OIDC issuer URL.
	IssuerUri string `protobuf:"bytes,1,opt,name=issuer_uri,json=issuerUri,proto3" json:"issuer_uri,omitempty"`
	// Acceptable values for the `aud` field (audience) in the OIDC token. Token
	// exchange requests are rejected if the token audience does not match one
	// of the configured values. Each audience may be at most 256 characters. A
	// maximum of 10 audiences may be configured.
	//
	// If this list is empty, the OIDC token audience must be equal to
	// the full canonical resource name of the WorkloadIdentityPoolProvider,
	// with or without the HTTPS prefix. For example:
	//
	// ```
	// //iam.googleapis.com/projects/<project-number>/locations/<location>/workloadIdentityPools/<pool-id>/providers/<provider-id>
	// https://iam.googleapis.com/projects/<project-number>/locations/<location>/workloadIdentityPools/<pool-id>/providers/<provider-id>
	// ```
	AllowedAudiences []string `protobuf:"bytes,2,rep,name=allowed_audiences,json=allowedAudiences,proto3" json:"allowed_audiences,omitempty"`
	// contains filtered or unexported fields
}

Represents an OpenId Connect 1.0 identity provider.

func (*WorkloadIdentityPoolProvider_Oidc) Descriptor

func (*WorkloadIdentityPoolProvider_Oidc) Descriptor() ([]byte, []int)

Deprecated: Use WorkloadIdentityPoolProvider_Oidc.ProtoReflect.Descriptor instead.

func (*WorkloadIdentityPoolProvider_Oidc) GetAllowedAudiences

func (x *WorkloadIdentityPoolProvider_Oidc) GetAllowedAudiences() []string

func (*WorkloadIdentityPoolProvider_Oidc) GetIssuerUri

func (x *WorkloadIdentityPoolProvider_Oidc) GetIssuerUri() string

func (*WorkloadIdentityPoolProvider_Oidc) ProtoMessage

func (*WorkloadIdentityPoolProvider_Oidc) ProtoMessage()

func (*WorkloadIdentityPoolProvider_Oidc) ProtoReflect

func (*WorkloadIdentityPoolProvider_Oidc) Reset

func (*WorkloadIdentityPoolProvider_Oidc) String

type WorkloadIdentityPoolProvider_Oidc_

type WorkloadIdentityPoolProvider_Oidc_ struct {
	// An OpenId Connect 1.0 identity provider.
	Oidc *WorkloadIdentityPoolProvider_Oidc `protobuf:"bytes,9,opt,name=oidc,proto3,oneof"`
}

type WorkloadIdentityPoolProvider_State

type WorkloadIdentityPoolProvider_State int32

The current state of the provider.

const (
	// State unspecified.
	WorkloadIdentityPoolProvider_STATE_UNSPECIFIED WorkloadIdentityPoolProvider_State = 0
	// The provider is active, and may be used to validate authentication
	// credentials.
	WorkloadIdentityPoolProvider_ACTIVE WorkloadIdentityPoolProvider_State = 1
	// The provider is soft-deleted. Soft-deleted providers are permanently
	// deleted after approximately 30 days. You can restore a soft-deleted
	// provider using
	// [UndeleteWorkloadIdentityPoolProvider][google.iam.v1beta.WorkloadIdentityPools.UndeleteWorkloadIdentityPoolProvider].
	//
	// You cannot reuse the ID of a soft-deleted provider until it is
	// permanently deleted.
	WorkloadIdentityPoolProvider_DELETED WorkloadIdentityPoolProvider_State = 2
)

func (WorkloadIdentityPoolProvider_State) Descriptor

func (WorkloadIdentityPoolProvider_State) Enum

func (WorkloadIdentityPoolProvider_State) EnumDescriptor

func (WorkloadIdentityPoolProvider_State) EnumDescriptor() ([]byte, []int)

Deprecated: Use WorkloadIdentityPoolProvider_State.Descriptor instead.

func (WorkloadIdentityPoolProvider_State) Number

func (WorkloadIdentityPoolProvider_State) String

func (WorkloadIdentityPoolProvider_State) Type

type WorkloadIdentityPool_State

type WorkloadIdentityPool_State int32

The current state of the pool.

const (
	// State unspecified.
	WorkloadIdentityPool_STATE_UNSPECIFIED WorkloadIdentityPool_State = 0
	// The pool is active, and may be used in Google Cloud policies.
	WorkloadIdentityPool_ACTIVE WorkloadIdentityPool_State = 1
	// The pool is soft-deleted. Soft-deleted pools are permanently deleted
	// after approximately 30 days. You can restore a soft-deleted pool using
	// [UndeleteWorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPools.UndeleteWorkloadIdentityPool].
	//
	// You cannot reuse the ID of a soft-deleted pool until it is permanently
	// deleted.
	//
	// While a pool is deleted, you cannot use it to exchange tokens, or use
	// existing tokens to access resources. If the pool is undeleted, existing
	// tokens grant access again.
	WorkloadIdentityPool_DELETED WorkloadIdentityPool_State = 2
)

func (WorkloadIdentityPool_State) Descriptor

func (WorkloadIdentityPool_State) Enum

func (WorkloadIdentityPool_State) EnumDescriptor

func (WorkloadIdentityPool_State) EnumDescriptor() ([]byte, []int)

Deprecated: Use WorkloadIdentityPool_State.Descriptor instead.

func (WorkloadIdentityPool_State) Number

func (WorkloadIdentityPool_State) String

func (WorkloadIdentityPool_State) Type

type WorkloadIdentityPoolsClient

type WorkloadIdentityPoolsClient interface {
	// Lists all non-deleted
	// [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool]s in a
	// project. If `show_deleted` is set to `true`, then deleted pools are also
	// listed.
	ListWorkloadIdentityPools(ctx context.Context, in *ListWorkloadIdentityPoolsRequest, opts ...grpc.CallOption) (*ListWorkloadIdentityPoolsResponse, error)
	// Gets an individual
	// [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool].
	GetWorkloadIdentityPool(ctx context.Context, in *GetWorkloadIdentityPoolRequest, opts ...grpc.CallOption) (*WorkloadIdentityPool, error)
	// Creates a new
	// [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool].
	//
	// You cannot reuse the name of a deleted pool until 30 days after deletion.
	CreateWorkloadIdentityPool(ctx context.Context, in *CreateWorkloadIdentityPoolRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Updates an existing
	// [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool].
	UpdateWorkloadIdentityPool(ctx context.Context, in *UpdateWorkloadIdentityPoolRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Deletes a
	// [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool].
	//
	// You cannot use a deleted pool to exchange external
	// credentials for Google Cloud credentials. However, deletion does
	// not revoke credentials that have already been issued.
	// Credentials issued for a deleted pool do not grant access to resources.
	// If the pool is undeleted, and the credentials are not expired, they
	// grant access again.
	// You can undelete a pool for 30 days. After 30 days, deletion is
	// permanent.
	// You cannot update deleted pools. However, you can view and list them.
	DeleteWorkloadIdentityPool(ctx context.Context, in *DeleteWorkloadIdentityPoolRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Undeletes a [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool],
	// as long as it was deleted fewer than 30 days ago.
	UndeleteWorkloadIdentityPool(ctx context.Context, in *UndeleteWorkloadIdentityPoolRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Lists all non-deleted
	// [WorkloadIdentityPoolProvider][google.iam.v1beta.WorkloadIdentityPoolProvider]s
	// in a [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool].
	// If `show_deleted` is set to `true`, then deleted providers are also listed.
	ListWorkloadIdentityPoolProviders(ctx context.Context, in *ListWorkloadIdentityPoolProvidersRequest, opts ...grpc.CallOption) (*ListWorkloadIdentityPoolProvidersResponse, error)
	// Gets an individual
	// [WorkloadIdentityPoolProvider][google.iam.v1beta.WorkloadIdentityPoolProvider].
	GetWorkloadIdentityPoolProvider(ctx context.Context, in *GetWorkloadIdentityPoolProviderRequest, opts ...grpc.CallOption) (*WorkloadIdentityPoolProvider, error)
	// Creates a new
	// [WorkloadIdentityPoolProvider][google.iam.v1beta.WorkloadIdentityProvider]
	// in a [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool].
	//
	// You cannot reuse the name of a deleted provider until 30 days after
	// deletion.
	CreateWorkloadIdentityPoolProvider(ctx context.Context, in *CreateWorkloadIdentityPoolProviderRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Updates an existing
	// [WorkloadIdentityPoolProvider][google.iam.v1beta.WorkloadIdentityProvider].
	UpdateWorkloadIdentityPoolProvider(ctx context.Context, in *UpdateWorkloadIdentityPoolProviderRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Deletes a
	// [WorkloadIdentityPoolProvider][google.iam.v1beta.WorkloadIdentityProvider].
	// Deleting a provider does not revoke credentials that have already been
	// issued; they continue to grant access.
	// You can undelete a provider for 30 days. After 30 days, deletion is
	// permanent.
	// You cannot update deleted providers. However, you can view and list them.
	DeleteWorkloadIdentityPoolProvider(ctx context.Context, in *DeleteWorkloadIdentityPoolProviderRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Undeletes a
	// [WorkloadIdentityPoolProvider][google.iam.v1beta.WorkloadIdentityProvider],
	// as long as it was deleted fewer than 30 days ago.
	UndeleteWorkloadIdentityPoolProvider(ctx context.Context, in *UndeleteWorkloadIdentityPoolProviderRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
}

WorkloadIdentityPoolsClient is the client API for WorkloadIdentityPools service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

type WorkloadIdentityPoolsServer

type WorkloadIdentityPoolsServer interface {
	// Lists all non-deleted
	// [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool]s in a
	// project. If `show_deleted` is set to `true`, then deleted pools are also
	// listed.
	ListWorkloadIdentityPools(context.Context, *ListWorkloadIdentityPoolsRequest) (*ListWorkloadIdentityPoolsResponse, error)
	// Gets an individual
	// [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool].
	GetWorkloadIdentityPool(context.Context, *GetWorkloadIdentityPoolRequest) (*WorkloadIdentityPool, error)
	// Creates a new
	// [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool].
	//
	// You cannot reuse the name of a deleted pool until 30 days after deletion.
	CreateWorkloadIdentityPool(context.Context, *CreateWorkloadIdentityPoolRequest) (*longrunning.Operation, error)
	// Updates an existing
	// [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool].
	UpdateWorkloadIdentityPool(context.Context, *UpdateWorkloadIdentityPoolRequest) (*longrunning.Operation, error)
	// Deletes a
	// [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool].
	//
	// You cannot use a deleted pool to exchange external
	// credentials for Google Cloud credentials. However, deletion does
	// not revoke credentials that have already been issued.
	// Credentials issued for a deleted pool do not grant access to resources.
	// If the pool is undeleted, and the credentials are not expired, they
	// grant access again.
	// You can undelete a pool for 30 days. After 30 days, deletion is
	// permanent.
	// You cannot update deleted pools. However, you can view and list them.
	DeleteWorkloadIdentityPool(context.Context, *DeleteWorkloadIdentityPoolRequest) (*longrunning.Operation, error)
	// Undeletes a [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool],
	// as long as it was deleted fewer than 30 days ago.
	UndeleteWorkloadIdentityPool(context.Context, *UndeleteWorkloadIdentityPoolRequest) (*longrunning.Operation, error)
	// Lists all non-deleted
	// [WorkloadIdentityPoolProvider][google.iam.v1beta.WorkloadIdentityPoolProvider]s
	// in a [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool].
	// If `show_deleted` is set to `true`, then deleted providers are also listed.
	ListWorkloadIdentityPoolProviders(context.Context, *ListWorkloadIdentityPoolProvidersRequest) (*ListWorkloadIdentityPoolProvidersResponse, error)
	// Gets an individual
	// [WorkloadIdentityPoolProvider][google.iam.v1beta.WorkloadIdentityPoolProvider].
	GetWorkloadIdentityPoolProvider(context.Context, *GetWorkloadIdentityPoolProviderRequest) (*WorkloadIdentityPoolProvider, error)
	// Creates a new
	// [WorkloadIdentityPoolProvider][google.iam.v1beta.WorkloadIdentityProvider]
	// in a [WorkloadIdentityPool][google.iam.v1beta.WorkloadIdentityPool].
	//
	// You cannot reuse the name of a deleted provider until 30 days after
	// deletion.
	CreateWorkloadIdentityPoolProvider(context.Context, *CreateWorkloadIdentityPoolProviderRequest) (*longrunning.Operation, error)
	// Updates an existing
	// [WorkloadIdentityPoolProvider][google.iam.v1beta.WorkloadIdentityProvider].
	UpdateWorkloadIdentityPoolProvider(context.Context, *UpdateWorkloadIdentityPoolProviderRequest) (*longrunning.Operation, error)
	// Deletes a
	// [WorkloadIdentityPoolProvider][google.iam.v1beta.WorkloadIdentityProvider].
	// Deleting a provider does not revoke credentials that have already been
	// issued; they continue to grant access.
	// You can undelete a provider for 30 days. After 30 days, deletion is
	// permanent.
	// You cannot update deleted providers. However, you can view and list them.
	DeleteWorkloadIdentityPoolProvider(context.Context, *DeleteWorkloadIdentityPoolProviderRequest) (*longrunning.Operation, error)
	// Undeletes a
	// [WorkloadIdentityPoolProvider][google.iam.v1beta.WorkloadIdentityProvider],
	// as long as it was deleted fewer than 30 days ago.
	UndeleteWorkloadIdentityPoolProvider(context.Context, *UndeleteWorkloadIdentityPoolProviderRequest) (*longrunning.Operation, error)
}

WorkloadIdentityPoolsServer is the server API for WorkloadIdentityPools service.