# Policies ## CreateProjectPolicy `client.Projects.Policies.New(ctx, body) (*ProjectPolicyNewResponse, error)` **post** `/gitpod.v1.ProjectService/CreateProjectPolicy` Creates a new policy for a project. Use this method to: - Set up access controls - Define group permissions - Configure role-based access ### Examples - Create admin policy: Grants admin access to a group. ```yaml projectId: "b0e12f6c-4c67-429d-a4a6-d9838b5da047" groupId: "f53d2330-3795-4c5d-a1f3-453121af9c60" role: PROJECT_ROLE_ADMIN ``` ### Parameters - `body ProjectPolicyNewParams` - `GroupID param.Field[string]` group_id specifies the group_id identifier - `ProjectID param.Field[string]` project_id specifies the project identifier - `Role param.Field[ProjectRole]` ### Returns - `type ProjectPolicyNewResponse struct{…}` - `Policy ProjectPolicy` - `GroupID string` - `Role ProjectRole` role is the role assigned to the group - `const ProjectRoleUnspecified ProjectRole = "PROJECT_ROLE_UNSPECIFIED"` - `const ProjectRoleAdmin ProjectRole = "PROJECT_ROLE_ADMIN"` - `const ProjectRoleUser ProjectRole = "PROJECT_ROLE_USER"` - `const ProjectRoleEditor ProjectRole = "PROJECT_ROLE_EDITOR"` ### Example ```go package main import ( "context" "fmt" "github.com/gitpod-io/gitpod-sdk-go" "github.com/gitpod-io/gitpod-sdk-go/option" ) func main() { client := gitpod.NewClient( option.WithBearerToken("My Bearer Token"), ) policy, err := client.Projects.Policies.New(context.TODO(), gitpod.ProjectPolicyNewParams{ GroupID: gitpod.F("f53d2330-3795-4c5d-a1f3-453121af9c60"), ProjectID: gitpod.F("b0e12f6c-4c67-429d-a4a6-d9838b5da047"), Role: gitpod.F(gitpod.ProjectRoleAdmin), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", policy.Policy) } ``` #### Response ```json { "policy": { "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "role": "PROJECT_ROLE_UNSPECIFIED" } } ``` ## DeleteProjectPolicy `client.Projects.Policies.Delete(ctx, body) (*ProjectPolicyDeleteResponse, error)` **post** `/gitpod.v1.ProjectService/DeleteProjectPolicy` Deletes a project policy. Use this method to: - Remove access controls - Revoke permissions - Clean up policies ### Examples - Delete policy: Removes a group's access policy. ```yaml projectId: "b0e12f6c-4c67-429d-a4a6-d9838b5da047" groupId: "f53d2330-3795-4c5d-a1f3-453121af9c60" ``` ### Parameters - `body ProjectPolicyDeleteParams` - `GroupID param.Field[string]` group_id specifies the group_id identifier - `ProjectID param.Field[string]` project_id specifies the project identifier ### Returns - `type ProjectPolicyDeleteResponse interface{…}` ### Example ```go package main import ( "context" "fmt" "github.com/gitpod-io/gitpod-sdk-go" "github.com/gitpod-io/gitpod-sdk-go/option" ) func main() { client := gitpod.NewClient( option.WithBearerToken("My Bearer Token"), ) policy, err := client.Projects.Policies.Delete(context.TODO(), gitpod.ProjectPolicyDeleteParams{ GroupID: gitpod.F("f53d2330-3795-4c5d-a1f3-453121af9c60"), ProjectID: gitpod.F("b0e12f6c-4c67-429d-a4a6-d9838b5da047"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", policy) } ``` #### Response ```json {} ``` ## ListProjectPolicies `client.Projects.Policies.List(ctx, params) (*PoliciesPage[ProjectPolicy], error)` **post** `/gitpod.v1.ProjectService/ListProjectPolicies` Lists policies for a project. Use this method to: - View access controls - Check policy configurations - Audit permissions ### Examples - List policies: Shows all policies for a project. ```yaml projectId: "b0e12f6c-4c67-429d-a4a6-d9838b5da047" pagination: pageSize: 20 ``` ### Parameters - `params ProjectPolicyListParams` - `Token param.Field[string]` Query param - `PageSize param.Field[int64]` Query param - `Pagination param.Field[ProjectPolicyListParamsPagination]` Body param: pagination contains the pagination options for listing project policies - `Token string` Token for the next set of results that was returned as next_token of a PaginationResponse - `PageSize int64` Page size is the maximum number of results to retrieve per page. Defaults to 25. Maximum 100. - `ProjectID param.Field[string]` Body param: project_id specifies the project identifier ### Returns - `type ProjectPolicy struct{…}` - `GroupID string` - `Role ProjectRole` role is the role assigned to the group - `const ProjectRoleUnspecified ProjectRole = "PROJECT_ROLE_UNSPECIFIED"` - `const ProjectRoleAdmin ProjectRole = "PROJECT_ROLE_ADMIN"` - `const ProjectRoleUser ProjectRole = "PROJECT_ROLE_USER"` - `const ProjectRoleEditor ProjectRole = "PROJECT_ROLE_EDITOR"` ### Example ```go package main import ( "context" "fmt" "github.com/gitpod-io/gitpod-sdk-go" "github.com/gitpod-io/gitpod-sdk-go/option" ) func main() { client := gitpod.NewClient( option.WithBearerToken("My Bearer Token"), ) page, err := client.Projects.Policies.List(context.TODO(), gitpod.ProjectPolicyListParams{ Pagination: gitpod.F(gitpod.ProjectPolicyListParamsPagination{ PageSize: gitpod.F(int64(20)), }), ProjectID: gitpod.F("b0e12f6c-4c67-429d-a4a6-d9838b5da047"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "pagination": { "nextToken": "nextToken" }, "policies": [ { "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "role": "PROJECT_ROLE_UNSPECIFIED" } ] } ``` ## UpdateProjectPolicy `client.Projects.Policies.Update(ctx, body) (*ProjectPolicyUpdateResponse, error)` **post** `/gitpod.v1.ProjectService/UpdateProjectPolicy` Updates an existing project policy. Use this method to: - Modify access levels - Change group roles - Update permissions ### Examples - Update policy role: Changes a group's access level. ```yaml projectId: "b0e12f6c-4c67-429d-a4a6-d9838b5da047" groupId: "f53d2330-3795-4c5d-a1f3-453121af9c60" role: PROJECT_ROLE_EDITOR ``` ### Parameters - `body ProjectPolicyUpdateParams` - `GroupID param.Field[string]` group_id specifies the group_id identifier - `ProjectID param.Field[string]` project_id specifies the project identifier - `Role param.Field[ProjectRole]` ### Returns - `type ProjectPolicyUpdateResponse struct{…}` - `Policy ProjectPolicy` - `GroupID string` - `Role ProjectRole` role is the role assigned to the group - `const ProjectRoleUnspecified ProjectRole = "PROJECT_ROLE_UNSPECIFIED"` - `const ProjectRoleAdmin ProjectRole = "PROJECT_ROLE_ADMIN"` - `const ProjectRoleUser ProjectRole = "PROJECT_ROLE_USER"` - `const ProjectRoleEditor ProjectRole = "PROJECT_ROLE_EDITOR"` ### Example ```go package main import ( "context" "fmt" "github.com/gitpod-io/gitpod-sdk-go" "github.com/gitpod-io/gitpod-sdk-go/option" ) func main() { client := gitpod.NewClient( option.WithBearerToken("My Bearer Token"), ) policy, err := client.Projects.Policies.Update(context.TODO(), gitpod.ProjectPolicyUpdateParams{ GroupID: gitpod.F("f53d2330-3795-4c5d-a1f3-453121af9c60"), ProjectID: gitpod.F("b0e12f6c-4c67-429d-a4a6-d9838b5da047"), Role: gitpod.F(gitpod.ProjectRoleEditor), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", policy.Policy) } ``` #### Response ```json { "policy": { "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "role": "PROJECT_ROLE_UNSPECIFIED" } } ``` ## Domain Types ### Project Policy - `type ProjectPolicy struct{…}` - `GroupID string` - `Role ProjectRole` role is the role assigned to the group - `const ProjectRoleUnspecified ProjectRole = "PROJECT_ROLE_UNSPECIFIED"` - `const ProjectRoleAdmin ProjectRole = "PROJECT_ROLE_ADMIN"` - `const ProjectRoleUser ProjectRole = "PROJECT_ROLE_USER"` - `const ProjectRoleEditor ProjectRole = "PROJECT_ROLE_EDITOR"` ### Project Role - `type ProjectRole string` - `const ProjectRoleUnspecified ProjectRole = "PROJECT_ROLE_UNSPECIFIED"` - `const ProjectRoleAdmin ProjectRole = "PROJECT_ROLE_ADMIN"` - `const ProjectRoleUser ProjectRole = "PROJECT_ROLE_USER"` - `const ProjectRoleEditor ProjectRole = "PROJECT_ROLE_EDITOR"`