Class ContainerAnalysisClient (2.50.0)

GitHub Repository Product Reference

Service Description: Retrieves analysis results of Cloud components such as Docker container images. The Container Analysis API is an implementation of the Grafeas API.

Analysis results are stored as a series of occurrences. An Occurrence contains information about a specific analysis instance on a resource. An occurrence refers to a Note. A note contains details describing the analysis and is generally stored in a separate project, called a Provider. Multiple occurrences can refer to the same note.

For example, an SSL vulnerability could affect multiple images. In this case, there would be one note for the vulnerability and an occurrence for each image with the vulnerability referring to that note.

This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
ResourceNameresource=
newResourceName(){
{@literal@}Override
publicMap<String,String>getFieldValuesMap(){
Map<String,String>fieldValuesMap=newHashMap<>();
fieldValuesMap.put("resource","projects/project-8432/notes/note-8432");
returnfieldValuesMap;
}
{@literal@}Override
publicStringgetFieldValue(StringfieldName){
returngetFieldValuesMap().get(fieldName);
}
{@literal@}Override
publicStringtoString(){
return"projects/project-8432/notes/note-8432";
}
};
Policypolicy=Policy.newBuilder().build();
Policyresponse=containerAnalysisClient.setIamPolicy(resource,policy);
}

Note: close() needs to be called on the ContainerAnalysisClient object to clean up resources such as threads. In the example above, try-with-resources is used, which automatically calls close().

Methods
Method Description Method Variants

SetIamPolicy

Sets the access control policy on the specified note or occurrence. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Request object method variants only take one parameter, a request object, which must be constructed before the call.

  • setIamPolicy(SetIamPolicyRequest request)

"Flattened" method variants have converted the fields of the request object into function parameters to enable multiple ways to call the same method.

  • setIamPolicy(ResourceName resource, Policy policy)

  • setIamPolicy(String resource, Policy policy)

Callable method variants take no parameters and return an immutable API callable object, which can be used to initiate calls to the service.

  • setIamPolicyCallable()

GetIamPolicy

Gets the access control policy for a note or an occurrence resource. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Request object method variants only take one parameter, a request object, which must be constructed before the call.

  • getIamPolicy(GetIamPolicyRequest request)

"Flattened" method variants have converted the fields of the request object into function parameters to enable multiple ways to call the same method.

  • getIamPolicy(ResourceName resource)

  • getIamPolicy(String resource)

Callable method variants take no parameters and return an immutable API callable object, which can be used to initiate calls to the service.

  • getIamPolicyCallable()

TestIamPermissions

Returns the permissions that a caller has on the specified note or occurrence. Requires list permission on the project (for example, containeranalysis.notes.list).

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Request object method variants only take one parameter, a request object, which must be constructed before the call.

  • testIamPermissions(TestIamPermissionsRequest request)

"Flattened" method variants have converted the fields of the request object into function parameters to enable multiple ways to call the same method.

  • testIamPermissions(ResourceName resource, List<String> permissions)

  • testIamPermissions(String resource, List<String> permissions)

Callable method variants take no parameters and return an immutable API callable object, which can be used to initiate calls to the service.

  • testIamPermissionsCallable()

GetVulnerabilityOccurrencesSummary

Gets a summary of the number and severity of occurrences.

Request object method variants only take one parameter, a request object, which must be constructed before the call.

  • getVulnerabilityOccurrencesSummary(GetVulnerabilityOccurrencesSummaryRequest request)

"Flattened" method variants have converted the fields of the request object into function parameters to enable multiple ways to call the same method.

  • getVulnerabilityOccurrencesSummary(ProjectName parent, String filter)

  • getVulnerabilityOccurrencesSummary(String parent, String filter)

Callable method variants take no parameters and return an immutable API callable object, which can be used to initiate calls to the service.

  • getVulnerabilityOccurrencesSummaryCallable()

See the individual methods for example code.

Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parse method to extract the individual identifiers contained within names that are returned.

This class can be customized by passing in a custom instance of ContainerAnalysisSettings to create(). For example:

To customize credentials:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
ContainerAnalysisSettingscontainerAnalysisSettings=
ContainerAnalysisSettings.newBuilder()
.setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
.build();
ContainerAnalysisClientcontainerAnalysisClient=
ContainerAnalysisClient.create(containerAnalysisSettings);

To customize the endpoint:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
ContainerAnalysisSettingscontainerAnalysisSettings=
ContainerAnalysisSettings.newBuilder().setEndpoint(myEndpoint).build();
ContainerAnalysisClientcontainerAnalysisClient=
ContainerAnalysisClient.create(containerAnalysisSettings);

To use REST (HTTP1.1/JSON) transport (instead of gRPC) for sending and receiving requests over the wire:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
ContainerAnalysisSettingscontainerAnalysisSettings=
ContainerAnalysisSettings.newHttpJsonBuilder().build();
ContainerAnalysisClientcontainerAnalysisClient=
ContainerAnalysisClient.create(containerAnalysisSettings);

Please refer to the GitHub repository's samples for more quickstart code snippets.

Inheritance

java.lang.Object > ContainerAnalysisClient

Static Methods

create()

publicstaticfinalContainerAnalysisClientcreate()

Constructs an instance of ContainerAnalysisClient with default settings.

Returns
Type Description
ContainerAnalysisClient
Exceptions
Type Description
IOException

create(ContainerAnalysisSettings settings)

publicstaticfinalContainerAnalysisClientcreate(ContainerAnalysisSettingssettings)

Constructs an instance of ContainerAnalysisClient, using the given settings. The channels are created based on the settings passed in, or defaults for any settings that are not set.

Parameter
Name Description
settings ContainerAnalysisSettings
Returns
Type Description
ContainerAnalysisClient
Exceptions
Type Description
IOException

create(ContainerAnalysisStub stub)

publicstaticfinalContainerAnalysisClientcreate(ContainerAnalysisStubstub)

Constructs an instance of ContainerAnalysisClient, using the given stub for making calls. This is for advanced usage - prefer using create(ContainerAnalysisSettings).

Parameter
Name Description
stub ContainerAnalysisStub
Returns
Type Description
ContainerAnalysisClient

Constructors

ContainerAnalysisClient(ContainerAnalysisSettings settings)

protectedContainerAnalysisClient(ContainerAnalysisSettingssettings)

Constructs an instance of ContainerAnalysisClient, using the given settings. This is protected so that it is easy to make a subclass, but otherwise, the static factory methods should be preferred.

Parameter
Name Description
settings ContainerAnalysisSettings

ContainerAnalysisClient(ContainerAnalysisStub stub)

protectedContainerAnalysisClient(ContainerAnalysisStubstub)
Parameter
Name Description
stub ContainerAnalysisStub

Methods

awaitTermination(long duration, TimeUnit unit)

publicbooleanawaitTermination(longduration,TimeUnitunit)
Parameters
Name Description
duration long
unit TimeUnit
Returns
Type Description
boolean
Exceptions
Type Description
InterruptedException

close()

publicfinalvoidclose()

getGrafeasClient()

publicGrafeasClientgetGrafeasClient()

Returns a new GrafeasClient with the same configured settings.

Returns
Type Description
io.grafeas.v1.GrafeasClient
Exceptions
Type Description
IOException

getIamPolicy(ResourceName resource)

publicfinalPolicygetIamPolicy(ResourceNameresource)

Gets the access control policy for a note or an occurrence resource. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
ResourceNameresource=
newResourceName(){
{@literal@}Override
publicMap<String,String>getFieldValuesMap(){
Map<String,String>fieldValuesMap=newHashMap<>();
fieldValuesMap.put("resource","projects/project-8432/notes/note-8432");
returnfieldValuesMap;
}
{@literal@}Override
publicStringgetFieldValue(StringfieldName){
returngetFieldValuesMap().get(fieldName);
}
{@literal@}Override
publicStringtoString(){
return"projects/project-8432/notes/note-8432";
}
};
Policyresponse=containerAnalysisClient.getIamPolicy(resource);
}
Parameter
Name Description
resource com.google.api.resourcenames.ResourceName

REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
Returns
Type Description
com.google.iam.v1.Policy

getIamPolicy(GetIamPolicyRequest request)

publicfinalPolicygetIamPolicy(GetIamPolicyRequestrequest)

Gets the access control policy for a note or an occurrence resource. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
GetIamPolicyRequestrequest=
GetIamPolicyRequest.newBuilder()
.setResource("GetIamPolicyRequest-1527610370".toString())
.setOptions(GetPolicyOptions.newBuilder().build())
.build();
Policyresponse=containerAnalysisClient.getIamPolicy(request);
}
Parameter
Name Description
request com.google.iam.v1.GetIamPolicyRequest

The request object containing all of the parameters for the API call.
Returns
Type Description
com.google.iam.v1.Policy

getIamPolicy(String resource)

publicfinalPolicygetIamPolicy(Stringresource)

Gets the access control policy for a note or an occurrence resource. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
Stringresource=ProjectName.of("[PROJECT]").toString();
Policyresponse=containerAnalysisClient.getIamPolicy(resource);
}
Parameter
Name Description
resource String

REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
Returns
Type Description
com.google.iam.v1.Policy

getIamPolicyCallable()

publicfinalUnaryCallable<GetIamPolicyRequest,Policy>getIamPolicyCallable()

Gets the access control policy for a note or an occurrence resource. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
GetIamPolicyRequestrequest=
GetIamPolicyRequest.newBuilder()
.setResource("GetIamPolicyRequest-1527610370".toString())
.setOptions(GetPolicyOptions.newBuilder().build())
.build();
ApiFuture<Policy>future=containerAnalysisClient.getIamPolicyCallable().futureCall(request);
// Do something.
Policyresponse=future.get();
}
Returns
Type Description
UnaryCallable<com.google.iam.v1.GetIamPolicyRequest,com.google.iam.v1.Policy>

getSettings()

publicfinalContainerAnalysisSettingsgetSettings()
Returns
Type Description
ContainerAnalysisSettings

getStub()

publicContainerAnalysisStubgetStub()
Returns
Type Description
ContainerAnalysisStub

getVulnerabilityOccurrencesSummary(GetVulnerabilityOccurrencesSummaryRequest request)

publicfinalVulnerabilityOccurrencesSummarygetVulnerabilityOccurrencesSummary(GetVulnerabilityOccurrencesSummaryRequestrequest)

Gets a summary of the number and severity of occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
GetVulnerabilityOccurrencesSummaryRequestrequest=
GetVulnerabilityOccurrencesSummaryRequest.newBuilder()
.setParent(ProjectName.of("[PROJECT]").toString())
.setFilter("filter-1274492040")
.build();
VulnerabilityOccurrencesSummaryresponse=
containerAnalysisClient.getVulnerabilityOccurrencesSummary(request);
}
Parameter
Name Description
request GetVulnerabilityOccurrencesSummaryRequest

The request object containing all of the parameters for the API call.
Returns
Type Description
VulnerabilityOccurrencesSummary

getVulnerabilityOccurrencesSummary(ProjectName parent, String filter)

publicfinalVulnerabilityOccurrencesSummarygetVulnerabilityOccurrencesSummary(ProjectNameparent,Stringfilter)

Gets a summary of the number and severity of occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
ProjectNameparent=ProjectName.of("[PROJECT]");
Stringfilter="filter-1274492040";
VulnerabilityOccurrencesSummaryresponse=
containerAnalysisClient.getVulnerabilityOccurrencesSummary(parent,filter);
}
Parameters
Name Description
parent ProjectName

Required. The name of the project to get a vulnerability summary for in the form of projects/[PROJECT_ID].
filter String

The filter expression.
Returns
Type Description
VulnerabilityOccurrencesSummary

getVulnerabilityOccurrencesSummary(String parent, String filter)

publicfinalVulnerabilityOccurrencesSummarygetVulnerabilityOccurrencesSummary(Stringparent,Stringfilter)

Gets a summary of the number and severity of occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
Stringparent=ProjectName.of("[PROJECT]").toString();
Stringfilter="filter-1274492040";
VulnerabilityOccurrencesSummaryresponse=
containerAnalysisClient.getVulnerabilityOccurrencesSummary(parent,filter);
}
Parameters
Name Description
parent String

Required. The name of the project to get a vulnerability summary for in the form of projects/[PROJECT_ID].
filter String

The filter expression.
Returns
Type Description
VulnerabilityOccurrencesSummary

getVulnerabilityOccurrencesSummaryCallable()

publicfinalUnaryCallable<GetVulnerabilityOccurrencesSummaryRequest,VulnerabilityOccurrencesSummary>getVulnerabilityOccurrencesSummaryCallable()

Gets a summary of the number and severity of occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
GetVulnerabilityOccurrencesSummaryRequestrequest=
GetVulnerabilityOccurrencesSummaryRequest.newBuilder()
.setParent(ProjectName.of("[PROJECT]").toString())
.setFilter("filter-1274492040")
.build();
ApiFuture<VulnerabilityOccurrencesSummary>future=
containerAnalysisClient.getVulnerabilityOccurrencesSummaryCallable().futureCall(request);
// Do something.
VulnerabilityOccurrencesSummaryresponse=future.get();
}
Returns
Type Description
UnaryCallable<GetVulnerabilityOccurrencesSummaryRequest,VulnerabilityOccurrencesSummary>

isShutdown()

publicbooleanisShutdown()
Returns
Type Description
boolean

isTerminated()

publicbooleanisTerminated()
Returns
Type Description
boolean

setIamPolicy(ResourceName resource, Policy policy)

publicfinalPolicysetIamPolicy(ResourceNameresource,Policypolicy)

Sets the access control policy on the specified note or occurrence. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
ResourceNameresource=
newResourceName(){
{@literal@}Override
publicMap<String,String>getFieldValuesMap(){
Map<String,String>fieldValuesMap=newHashMap<>();
fieldValuesMap.put("resource","projects/project-8432/notes/note-8432");
returnfieldValuesMap;
}
{@literal@}Override
publicStringgetFieldValue(StringfieldName){
returngetFieldValuesMap().get(fieldName);
}
{@literal@}Override
publicStringtoString(){
return"projects/project-8432/notes/note-8432";
}
};
Policypolicy=Policy.newBuilder().build();
Policyresponse=containerAnalysisClient.setIamPolicy(resource,policy);
}
Parameters
Name Description
resource com.google.api.resourcenames.ResourceName

REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
policy com.google.iam.v1.Policy

REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
Returns
Type Description
com.google.iam.v1.Policy

setIamPolicy(SetIamPolicyRequest request)

publicfinalPolicysetIamPolicy(SetIamPolicyRequestrequest)

Sets the access control policy on the specified note or occurrence. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
SetIamPolicyRequestrequest=
SetIamPolicyRequest.newBuilder()
.setResource("SetIamPolicyRequest1223629066".toString())
.setPolicy(Policy.newBuilder().build())
.setUpdateMask(FieldMask.newBuilder().build())
.build();
Policyresponse=containerAnalysisClient.setIamPolicy(request);
}
Parameter
Name Description
request com.google.iam.v1.SetIamPolicyRequest

The request object containing all of the parameters for the API call.
Returns
Type Description
com.google.iam.v1.Policy

setIamPolicy(String resource, Policy policy)

publicfinalPolicysetIamPolicy(Stringresource,Policypolicy)

Sets the access control policy on the specified note or occurrence. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
Stringresource=ProjectName.of("[PROJECT]").toString();
Policypolicy=Policy.newBuilder().build();
Policyresponse=containerAnalysisClient.setIamPolicy(resource,policy);
}
Parameters
Name Description
resource String

REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
policy com.google.iam.v1.Policy

REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
Returns
Type Description
com.google.iam.v1.Policy

setIamPolicyCallable()

publicfinalUnaryCallable<SetIamPolicyRequest,Policy>setIamPolicyCallable()

Sets the access control policy on the specified note or occurrence. Requires containeranalysis.notes.setIamPolicy or containeranalysis.occurrences.setIamPolicy permission if the resource is a note or an occurrence, respectively.

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
SetIamPolicyRequestrequest=
SetIamPolicyRequest.newBuilder()
.setResource("SetIamPolicyRequest1223629066".toString())
.setPolicy(Policy.newBuilder().build())
.setUpdateMask(FieldMask.newBuilder().build())
.build();
ApiFuture<Policy>future=containerAnalysisClient.setIamPolicyCallable().futureCall(request);
// Do something.
Policyresponse=future.get();
}
Returns
Type Description
UnaryCallable<com.google.iam.v1.SetIamPolicyRequest,com.google.iam.v1.Policy>

shutdown()

publicvoidshutdown()

shutdownNow()

publicvoidshutdownNow()

testIamPermissions(ResourceName resource, List<String> permissions)

publicfinalTestIamPermissionsResponsetestIamPermissions(ResourceNameresource,List<String>permissions)

Returns the permissions that a caller has on the specified note or occurrence. Requires list permission on the project (for example, containeranalysis.notes.list).

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
ResourceNameresource=
newResourceName(){
{@literal@}Override
publicMap<String,String>getFieldValuesMap(){
Map<String,String>fieldValuesMap=newHashMap<>();
fieldValuesMap.put("resource","projects/project-8432/notes/note-8432");
returnfieldValuesMap;
}
{@literal@}Override
publicStringgetFieldValue(StringfieldName){
returngetFieldValuesMap().get(fieldName);
}
{@literal@}Override
publicStringtoString(){
return"projects/project-8432/notes/note-8432";
}
};
List<String>permissions=newArrayList<>();
TestIamPermissionsResponseresponse=
containerAnalysisClient.testIamPermissions(resource,permissions);
}
Parameters
Name Description
resource com.google.api.resourcenames.ResourceName

REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
permissions List<String>

The set of permissions to check for the resource. Permissions with wildcards (such as '*' or 'storage.*') are not allowed. For more information see IAM Overview.
Returns
Type Description
com.google.iam.v1.TestIamPermissionsResponse

testIamPermissions(TestIamPermissionsRequest request)

publicfinalTestIamPermissionsResponsetestIamPermissions(TestIamPermissionsRequestrequest)

Returns the permissions that a caller has on the specified note or occurrence. Requires list permission on the project (for example, containeranalysis.notes.list).

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
TestIamPermissionsRequestrequest=
TestIamPermissionsRequest.newBuilder()
.setResource("TestIamPermissionsRequest942398222".toString())
.addAllPermissions(newArrayList<String>())
.build();
TestIamPermissionsResponseresponse=containerAnalysisClient.testIamPermissions(request);
}
Parameter
Name Description
request com.google.iam.v1.TestIamPermissionsRequest

The request object containing all of the parameters for the API call.
Returns
Type Description
com.google.iam.v1.TestIamPermissionsResponse

testIamPermissions(String resource, List<String> permissions)

publicfinalTestIamPermissionsResponsetestIamPermissions(Stringresource,List<String>permissions)

Returns the permissions that a caller has on the specified note or occurrence. Requires list permission on the project (for example, containeranalysis.notes.list).

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
Stringresource=ProjectName.of("[PROJECT]").toString();
List<String>permissions=newArrayList<>();
TestIamPermissionsResponseresponse=
containerAnalysisClient.testIamPermissions(resource,permissions);
}
Parameters
Name Description
resource String

REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
permissions List<String>

The set of permissions to check for the resource. Permissions with wildcards (such as '*' or 'storage.*') are not allowed. For more information see IAM Overview.
Returns
Type Description
com.google.iam.v1.TestIamPermissionsResponse

testIamPermissionsCallable()

publicfinalUnaryCallable<TestIamPermissionsRequest,TestIamPermissionsResponse>testIamPermissionsCallable()

Returns the permissions that a caller has on the specified note or occurrence. Requires list permission on the project (for example, containeranalysis.notes.list).

The resource takes the format projects/[PROJECT_ID]/notes/[NOTE_ID] for notes and projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID] for occurrences.

Sample code:


// This snippet has been automatically generated and should be regarded as a code template only.
// It will require modifications to work:
// - It may require correct/in-range values for request initialization.
// - It may require specifying regional endpoints when creating the service client as shown in
// https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
try(ContainerAnalysisClientcontainerAnalysisClient=ContainerAnalysisClient.create()){
TestIamPermissionsRequestrequest=
TestIamPermissionsRequest.newBuilder()
.setResource("TestIamPermissionsRequest942398222".toString())
.addAllPermissions(newArrayList<String>())
.build();
ApiFuture<TestIamPermissionsResponse>future=
containerAnalysisClient.testIamPermissionsCallable().futureCall(request);
// Do something.
TestIamPermissionsResponseresponse=future.get();
}
Returns
Type Description
UnaryCallable<com.google.iam.v1.TestIamPermissionsRequest,com.google.iam.v1.TestIamPermissionsResponse>

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025年11月19日 UTC.