89 lines
3.2 KiB
YAML
89 lines
3.2 KiB
YAML
type: google.api.Service
|
|
config_version: 3
|
|
name: endpointsapis.appspot.com
|
|
title: Endpoints APIs
|
|
producer_project_id: endpointsapis
|
|
|
|
apis:
|
|
- name: google.example.endpointsapis.v1.Workspaces
|
|
|
|
control:
|
|
environment: servicecontrol.googleapis.com
|
|
|
|
resources:
|
|
- type: endpointsapis.appspot.com/Workspace
|
|
plural: workspaces
|
|
singular: workspace
|
|
name_descriptor:
|
|
- pattern: projects/{project}/locations/{location}/workspaces/{workspace}
|
|
parent_type: cloudresourcemanager.googleapis.com/Project
|
|
parent_name_extractor: projects/{project}
|
|
|
|
iam:
|
|
launch_stage: ALPHA
|
|
resources:
|
|
- type: endpointsapis.appspot.com/Workspace
|
|
internal:
|
|
# This is the internal resource 'type' in the IAM service file in the format of
|
|
# "<servicename>_<resourceplural>", and the 'PolicyName.type' must use this value when
|
|
# making CheckPolicy calls.
|
|
name_for_resource: endpointsapis_workspaces
|
|
permissions:
|
|
- name: endpointsapis.appspot.com/workspaces.get
|
|
display_name: Get workspaces
|
|
type: DATA_READ
|
|
scope: USER_SCOPE
|
|
- name: endpointsapis.appspot.com/workspaces.list
|
|
display_name: List all workspaces under a project
|
|
type: DATA_READ
|
|
scope: USER_SCOPE
|
|
parent_only: true
|
|
- name: endpointsapis.appspot.com/workspaces.create
|
|
display_name: Create new workspaces
|
|
type: DATA_WRITE
|
|
scope: ADMIN_SCOPE
|
|
parent_only: true
|
|
- name: endpointsapis.appspot.com/workspaces.update
|
|
display_name: Update existing workspaces
|
|
type: DATA_WRITE
|
|
scope: ADMIN_SCOPE
|
|
- name: endpointsapis.appspot.com/workspaces.delete
|
|
display_name: Delete workspaces
|
|
type: DATA_WRITE
|
|
scope: ADMIN_SCOPE
|
|
roles:
|
|
# Viewer role: only includes get/list permissions
|
|
- name: endpointsapis.appspot.com/viewer
|
|
display_name: Workspace Viewer
|
|
description: This role can list and view all workspaces.
|
|
permissions:
|
|
# These are recommended for all roles that could be granted to a user at or above the
|
|
# project level
|
|
- cloudresourcemanager.googleapis.com/projects.get
|
|
- cloudresourcemanager.googleapis.com/projects.list
|
|
# Additional permissions for read access
|
|
- endpointsapis.appspot.com/workspaces.get
|
|
- endpointsapis.appspot.com/workspaces.list
|
|
|
|
# Editor role: Includes all permission from viewer role, and workspaces edit permissions
|
|
- name: endpointsapis.appspot.com/editor
|
|
display_name: Workspace Editor
|
|
description: This role can list, view, and update all workspaces.
|
|
permissions:
|
|
# These are recommended for all roles that could be granted to a user at or above the
|
|
# project level
|
|
- cloudresourcemanager.googleapis.com/projects.get
|
|
- cloudresourcemanager.googleapis.com/projects.list
|
|
# Viewer permissions + additional edit permissions
|
|
- endpointsapis.appspot.com/workspaces.get
|
|
- endpointsapis.appspot.com/workspaces.list
|
|
- endpointsapis.appspot.com/workspaces.create
|
|
- endpointsapis.appspot.com/workspaces.update
|
|
- endpointsapis.appspot.com/workspaces.delete
|
|
|
|
# This setting means the service will use Service Control API v2 for admission control.
|
|
reader: group:servicecontrol
|
|
|
|
# This setting is **unused** for services using Service Control API v2 for admission control.
|
|
environment: PROD
|