diff --git a/google/example/endpointsapis/BUILD.bazel b/google/example/endpointsapis/BUILD.bazel new file mode 100644 index 00000000..a87c57fe --- /dev/null +++ b/google/example/endpointsapis/BUILD.bazel @@ -0,0 +1 @@ +exports_files(glob(["*.yaml"])) diff --git a/google/example/endpointsapis/endpointsapis.yaml b/google/example/endpointsapis/endpointsapis.yaml new file mode 100644 index 00000000..9f7665f3 --- /dev/null +++ b/google/example/endpointsapis/endpointsapis.yaml @@ -0,0 +1,88 @@ +type: google.api.Service +config_version: 3 +name: endpointsapis.appspot.com +title: Endpoints APIs +producer_project_id: endpointsapis + +apis: +- name: google.example.endpointsapis.v1.Workspaces + +control: + environment: servicecontrol.googleapis.com + +resources: +- type: endpointsapis.appspot.com/Workspace + plural: workspaces + singular: workspace + name_descriptor: + - pattern: projects/{project}/locations/{location}/workspaces/{workspace} + parent_type: cloudresourcemanager.googleapis.com/Project + parent_name_extractor: projects/{project} + +iam: + launch_stage: ALPHA + resources: + - type: endpointsapis.appspot.com/Workspace + internal: + # This is the internal resource 'type' in the IAM service file in the format of + # "_", and the 'PolicyName.type' must use this value when + # making CheckPolicy calls. + name_for_resource: endpointsapis_workspaces + permissions: + - name: endpointsapis.appspot.com/workspaces.get + display_name: Get workspaces + type: DATA_READ + scope: USER_SCOPE + - name: endpointsapis.appspot.com/workspaces.list + display_name: List all workspaces under a project + type: DATA_READ + scope: USER_SCOPE + parent_only: true + - name: endpointsapis.appspot.com/workspaces.create + display_name: Create new workspaces + type: DATA_WRITE + scope: ADMIN_SCOPE + parent_only: true + - name: endpointsapis.appspot.com/workspaces.update + display_name: Update existing workspaces + type: DATA_WRITE + scope: ADMIN_SCOPE + - name: endpointsapis.appspot.com/workspaces.delete + display_name: Delete workspaces + type: DATA_WRITE + scope: ADMIN_SCOPE + roles: + # Viewer role: only includes get/list permissions + - name: endpointsapis.appspot.com/viewer + display_name: Workspace Viewer + description: This role can list and view all workspaces. + permissions: + # These are recommended for all roles that could be granted to a user at or above the + # project level + - cloudresourcemanager.googleapis.com/projects.get + - cloudresourcemanager.googleapis.com/projects.list + # Additional permissions for read access + - endpointsapis.appspot.com/workspaces.get + - endpointsapis.appspot.com/workspaces.list + + # Editor role: Includes all permission from viewer role, and workspaces edit permissions + - name: endpointsapis.appspot.com/editor + display_name: Workspace Editor + description: This role can list, view, and update all workspaces. + permissions: + # These are recommended for all roles that could be granted to a user at or above the + # project level + - cloudresourcemanager.googleapis.com/projects.get + - cloudresourcemanager.googleapis.com/projects.list + # Viewer permissions + additional edit permissions + - endpointsapis.appspot.com/workspaces.get + - endpointsapis.appspot.com/workspaces.list + - endpointsapis.appspot.com/workspaces.create + - endpointsapis.appspot.com/workspaces.update + - endpointsapis.appspot.com/workspaces.delete + + # This setting means the service will use Service Control API v2 for admission control. + reader: group:servicecontrol + + # This setting is **unused** for services using Service Control API v2 for admission control. + environment: PROD diff --git a/google/example/endpointsapis/goapp/app.yaml b/google/example/endpointsapis/goapp/app.yaml new file mode 100644 index 00000000..471bba25 --- /dev/null +++ b/google/example/endpointsapis/goapp/app.yaml @@ -0,0 +1 @@ +runtime: go113 diff --git a/google/example/endpointsapis/prod.yaml b/google/example/endpointsapis/prod.yaml new file mode 100644 index 00000000..c4ad3476 --- /dev/null +++ b/google/example/endpointsapis/prod.yaml @@ -0,0 +1,2 @@ +type: google.api.Service +config_version: 3 diff --git a/google/example/endpointsapis/staging.yaml b/google/example/endpointsapis/staging.yaml new file mode 100644 index 00000000..c4ad3476 --- /dev/null +++ b/google/example/endpointsapis/staging.yaml @@ -0,0 +1,2 @@ +type: google.api.Service +config_version: 3 diff --git a/google/example/endpointsapis/v1/workspace.proto b/google/example/endpointsapis/v1/workspace.proto new file mode 100644 index 00000000..b508e048 --- /dev/null +++ b/google/example/endpointsapis/v1/workspace.proto @@ -0,0 +1,119 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.example.endpointsapis.v1; + +import "google/api/annotations.proto"; +import "google/protobuf/empty.proto"; + +option java_multiple_files = true; +option java_package = "com.google.example.endpointsapis.v1"; +option java_outer_classname = "WorkspaceProto"; + +// Manages workspaces. +service Workspaces { + // List workspaces. + rpc ListWorkspaces(ListWorkspacesRequest) returns (ListWorkspacesResponse) { + option (google.api.http) = { + get: "/v1/{parent=projects/*/locations/*}/workspaces" + }; + } + + // Get information about a Workspace. + rpc GetWorkspace(GetWorkspaceRequest) returns (Workspace) { + option (google.api.http) = { + get: "/v1/{name=projects/*/locations/*/workspaces/*}" + }; + } + + // Create a Workspace. + rpc CreateWorkspace(CreateWorkspaceRequest) returns (Workspace) { + option (google.api.http) = { + post: "/v1/{parent=projects/*/locations/*}/workspaces" + body: "workspace" + }; + } + + // Updates a Workspace. + rpc UpdateWorkspace(UpdateWorkspaceRequest) returns (Workspace) { + option (google.api.http) = { + patch: "/v1/{name=projects/*/locations/*/Workspaces/*}" + body: "workspace" + }; + } + + // Deletes a Workspace. + rpc DeleteWorkspace(DeleteWorkspaceRequest) returns (google.protobuf.Empty) { + option (google.api.http) = { + delete: "/v1/{name=projects/*/locations/*/workspaces/*}" + }; + } +} + +// Presents a workspace +message Workspace { + // The Workspace name in the format of "projects/*/locations/*/workspaces/*". + string name = 1; +} + +// Request message for listing Workspaces. +message ListWorkspacesRequest { + // The parent used for listing. It should have the format of + // `projects/{number}/locations/{location}`. + string parent = 1; + // The page size for list pagination. + int32 page_size = 2; + // The page token for list pagination. + string page_token = 3; +} + +// A list of workspaces. +message ListWorkspacesResponse { + // The list of workspaces. + repeated Workspace items = 1; + // The next page token for list pagination. + string next_page_token = 2; +} + +// Request message for retrieving a Workspace. +message GetWorkspaceRequest { + // The name of the Workspace to retrieve. + string name = 1; +} + +// Request message for creating a Workspace. +message CreateWorkspaceRequest { + // The namespace in which the Workspace should be created. + string parent = 1; + + // The Workspace instance to create. + Workspace workspace = 2; +} + +// Request message for replacing a Workspace. +message UpdateWorkspaceRequest { + // The name of the Workspace being replaced. + string name = 1; + + // The Workspace object being replaced. + Workspace workspace = 2; +} + +// Request message for deleting a Workspace. +message DeleteWorkspaceRequest { + // The name of the Workspace to delete. + string name = 1; +}