# Policies ## CreateRunnerPolicy `client.Runners.Policies.New(ctx, body) (*RunnerPolicyNewResponse, error)` **post** `/gitpod.v1.RunnerService/CreateRunnerPolicy` Creates a new policy for a runner. Use this method to: - Set up access controls - Define group permissions - Configure role-based access ### Examples - Create admin policy: Grants admin access to a group. ```yaml runnerId: "d2c94c27-3b76-4a42-b88c-95a85e392c68" groupId: "f53d2330-3795-4c5d-a1f3-453121af9c60" role: RUNNER_ROLE_ADMIN ``` ### Parameters - `body RunnerPolicyNewParams` - `GroupID param.Field[string]` group_id specifies the group_id identifier - `Role param.Field[RunnerRole]` - `RunnerID param.Field[string]` runner_id specifies the project identifier ### Returns - `type RunnerPolicyNewResponse struct{…}` - `Policy RunnerPolicy` - `GroupID string` - `Role RunnerRole` role is the role assigned to the group - `const RunnerRoleUnspecified RunnerRole = "RUNNER_ROLE_UNSPECIFIED"` - `const RunnerRoleAdmin RunnerRole = "RUNNER_ROLE_ADMIN"` - `const RunnerRoleUser RunnerRole = "RUNNER_ROLE_USER"` ### Example ```go package main import ( "context" "fmt" "github.com/gitpod-io/gitpod-sdk-go" "github.com/gitpod-io/gitpod-sdk-go/option" ) func main() { client := gitpod.NewClient( option.WithBearerToken("My Bearer Token"), ) policy, err := client.Runners.Policies.New(context.TODO(), gitpod.RunnerPolicyNewParams{ GroupID: gitpod.F("f53d2330-3795-4c5d-a1f3-453121af9c60"), Role: gitpod.F(gitpod.RunnerRoleAdmin), RunnerID: gitpod.F("d2c94c27-3b76-4a42-b88c-95a85e392c68"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", policy.Policy) } ``` #### Response ```json { "policy": { "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "role": "RUNNER_ROLE_UNSPECIFIED" } } ``` ## DeleteRunnerPolicy `client.Runners.Policies.Delete(ctx, body) (*RunnerPolicyDeleteResponse, error)` **post** `/gitpod.v1.RunnerService/DeleteRunnerPolicy` Deletes a runner policy. Use this method to: - Remove access controls - Revoke permissions - Clean up policies ### Examples - Delete policy: Removes a group's access policy. ```yaml runnerId: "d2c94c27-3b76-4a42-b88c-95a85e392c68" groupId: "f53d2330-3795-4c5d-a1f3-453121af9c60" ``` ### Parameters - `body RunnerPolicyDeleteParams` - `GroupID param.Field[string]` group_id specifies the group_id identifier - `RunnerID param.Field[string]` runner_id specifies the project identifier ### Returns - `type RunnerPolicyDeleteResponse interface{…}` ### Example ```go package main import ( "context" "fmt" "github.com/gitpod-io/gitpod-sdk-go" "github.com/gitpod-io/gitpod-sdk-go/option" ) func main() { client := gitpod.NewClient( option.WithBearerToken("My Bearer Token"), ) policy, err := client.Runners.Policies.Delete(context.TODO(), gitpod.RunnerPolicyDeleteParams{ GroupID: gitpod.F("f53d2330-3795-4c5d-a1f3-453121af9c60"), RunnerID: gitpod.F("d2c94c27-3b76-4a42-b88c-95a85e392c68"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", policy) } ``` #### Response ```json {} ``` ## ListRunnerPolicies `client.Runners.Policies.List(ctx, params) (*PoliciesPage[RunnerPolicy], error)` **post** `/gitpod.v1.RunnerService/ListRunnerPolicies` Lists policies for a runner. Use this method to: - View access controls - Check policy configurations - Audit permissions ### Examples - List policies: Shows all policies for a runner. ```yaml runnerId: "d2c94c27-3b76-4a42-b88c-95a85e392c68" pagination: pageSize: 20 ``` ### Parameters - `params RunnerPolicyListParams` - `Token param.Field[string]` Query param - `PageSize param.Field[int64]` Query param - `Pagination param.Field[RunnerPolicyListParamsPagination]` Body param: pagination contains the pagination options for listing project policies - `Token string` Token for the next set of results that was returned as next_token of a PaginationResponse - `PageSize int64` Page size is the maximum number of results to retrieve per page. Defaults to 25. Maximum 100. - `RunnerID param.Field[string]` Body param: runner_id specifies the project identifier ### Returns - `type RunnerPolicy struct{…}` - `GroupID string` - `Role RunnerRole` role is the role assigned to the group - `const RunnerRoleUnspecified RunnerRole = "RUNNER_ROLE_UNSPECIFIED"` - `const RunnerRoleAdmin RunnerRole = "RUNNER_ROLE_ADMIN"` - `const RunnerRoleUser RunnerRole = "RUNNER_ROLE_USER"` ### Example ```go package main import ( "context" "fmt" "github.com/gitpod-io/gitpod-sdk-go" "github.com/gitpod-io/gitpod-sdk-go/option" ) func main() { client := gitpod.NewClient( option.WithBearerToken("My Bearer Token"), ) page, err := client.Runners.Policies.List(context.TODO(), gitpod.RunnerPolicyListParams{ Pagination: gitpod.F(gitpod.RunnerPolicyListParamsPagination{ PageSize: gitpod.F(int64(20)), }), RunnerID: gitpod.F("d2c94c27-3b76-4a42-b88c-95a85e392c68"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", page) } ``` #### Response ```json { "pagination": { "nextToken": "nextToken" }, "policies": [ { "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "role": "RUNNER_ROLE_UNSPECIFIED" } ] } ``` ## UpdateRunnerPolicy `client.Runners.Policies.Update(ctx, body) (*RunnerPolicyUpdateResponse, error)` **post** `/gitpod.v1.RunnerService/UpdateRunnerPolicy` Updates an existing runner policy. Use this method to: - Modify access levels - Change group roles - Update permissions ### Examples - Update policy role: Changes a group's access level. ```yaml runnerId: "d2c94c27-3b76-4a42-b88c-95a85e392c68" groupId: "f53d2330-3795-4c5d-a1f3-453121af9c60" role: RUNNER_ROLE_USER ``` ### Parameters - `body RunnerPolicyUpdateParams` - `GroupID param.Field[string]` group_id specifies the group_id identifier - `Role param.Field[RunnerRole]` - `RunnerID param.Field[string]` runner_id specifies the project identifier ### Returns - `type RunnerPolicyUpdateResponse struct{…}` - `Policy RunnerPolicy` - `GroupID string` - `Role RunnerRole` role is the role assigned to the group - `const RunnerRoleUnspecified RunnerRole = "RUNNER_ROLE_UNSPECIFIED"` - `const RunnerRoleAdmin RunnerRole = "RUNNER_ROLE_ADMIN"` - `const RunnerRoleUser RunnerRole = "RUNNER_ROLE_USER"` ### Example ```go package main import ( "context" "fmt" "github.com/gitpod-io/gitpod-sdk-go" "github.com/gitpod-io/gitpod-sdk-go/option" ) func main() { client := gitpod.NewClient( option.WithBearerToken("My Bearer Token"), ) policy, err := client.Runners.Policies.Update(context.TODO(), gitpod.RunnerPolicyUpdateParams{ GroupID: gitpod.F("f53d2330-3795-4c5d-a1f3-453121af9c60"), Role: gitpod.F(gitpod.RunnerRoleUser), RunnerID: gitpod.F("d2c94c27-3b76-4a42-b88c-95a85e392c68"), }) if err != nil { panic(err.Error()) } fmt.Printf("%+v\n", policy.Policy) } ``` #### Response ```json { "policy": { "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e", "role": "RUNNER_ROLE_UNSPECIFIED" } } ``` ## Domain Types ### Runner Policy - `type RunnerPolicy struct{…}` - `GroupID string` - `Role RunnerRole` role is the role assigned to the group - `const RunnerRoleUnspecified RunnerRole = "RUNNER_ROLE_UNSPECIFIED"` - `const RunnerRoleAdmin RunnerRole = "RUNNER_ROLE_ADMIN"` - `const RunnerRoleUser RunnerRole = "RUNNER_ROLE_USER"` ### Runner Role - `type RunnerRole string` - `const RunnerRoleUnspecified RunnerRole = "RUNNER_ROLE_UNSPECIFIED"` - `const RunnerRoleAdmin RunnerRole = "RUNNER_ROLE_ADMIN"` - `const RunnerRoleUser RunnerRole = "RUNNER_ROLE_USER"`