# Policies

## CreateRunnerPolicy

`runners.policies.create(PolicyCreateParams**kwargs)  -> PolicyCreateResponse`

**post** `/gitpod.v1.RunnerService/CreateRunnerPolicy`

Creates a new policy for a runner.

Use this method to:

- Set up access controls
- Define group permissions
- Configure role-based access

### Examples

- Create admin policy:

  Grants admin access to a group.

  ```yaml
  runnerId: "d2c94c27-3b76-4a42-b88c-95a85e392c68"
  groupId: "f53d2330-3795-4c5d-a1f3-453121af9c60"
  role: RUNNER_ROLE_ADMIN
  ```

### Parameters

- `group_id: Optional[str]`

  group_id specifies the group_id identifier

- `role: Optional[RunnerRole]`

  - `"RUNNER_ROLE_UNSPECIFIED"`

  - `"RUNNER_ROLE_ADMIN"`

  - `"RUNNER_ROLE_USER"`

- `runner_id: Optional[str]`

  runner_id specifies the project identifier

### Returns

- `class PolicyCreateResponse: …`

  - `policy: RunnerPolicy`

    - `group_id: Optional[str]`

    - `role: Optional[RunnerRole]`

      role is the role assigned to the group

      - `"RUNNER_ROLE_UNSPECIFIED"`

      - `"RUNNER_ROLE_ADMIN"`

      - `"RUNNER_ROLE_USER"`

### Example

```python
import os
from gitpod import Gitpod

client = Gitpod(
    bearer_token=os.environ.get("GITPOD_API_KEY"),  # This is the default and can be omitted
)
policy = client.runners.policies.create(
    group_id="f53d2330-3795-4c5d-a1f3-453121af9c60",
    role="RUNNER_ROLE_ADMIN",
    runner_id="d2c94c27-3b76-4a42-b88c-95a85e392c68",
)
print(policy.policy)
```

#### Response

```json
{
  "policy": {
    "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
    "role": "RUNNER_ROLE_UNSPECIFIED"
  }
}
```

## DeleteRunnerPolicy

`runners.policies.delete(PolicyDeleteParams**kwargs)  -> object`

**post** `/gitpod.v1.RunnerService/DeleteRunnerPolicy`

Deletes a runner policy.

Use this method to:

- Remove access controls
- Revoke permissions
- Clean up policies

### Examples

- Delete policy:

  Removes a group's access policy.

  ```yaml
  runnerId: "d2c94c27-3b76-4a42-b88c-95a85e392c68"
  groupId: "f53d2330-3795-4c5d-a1f3-453121af9c60"
  ```

### Parameters

- `group_id: Optional[str]`

  group_id specifies the group_id identifier

- `runner_id: Optional[str]`

  runner_id specifies the project identifier

### Returns

- `object`

### Example

```python
import os
from gitpod import Gitpod

client = Gitpod(
    bearer_token=os.environ.get("GITPOD_API_KEY"),  # This is the default and can be omitted
)
policy = client.runners.policies.delete(
    group_id="f53d2330-3795-4c5d-a1f3-453121af9c60",
    runner_id="d2c94c27-3b76-4a42-b88c-95a85e392c68",
)
print(policy)
```

#### Response

```json
{}
```

## ListRunnerPolicies

`runners.policies.list(PolicyListParams**kwargs)  -> SyncPoliciesPage[RunnerPolicy]`

**post** `/gitpod.v1.RunnerService/ListRunnerPolicies`

Lists policies for a runner.

Use this method to:

- View access controls
- Check policy configurations
- Audit permissions

### Examples

- List policies:

  Shows all policies for a runner.

  ```yaml
  runnerId: "d2c94c27-3b76-4a42-b88c-95a85e392c68"
  pagination:
    pageSize: 20
  ```

### Parameters

- `token: Optional[str]`

- `page_size: Optional[int]`

- `pagination: Optional[Pagination]`

  pagination contains the pagination options for listing project policies

  - `token: Optional[str]`

    Token for the next set of results that was returned as next_token of a
    PaginationResponse

  - `page_size: Optional[int]`

    Page size is the maximum number of results to retrieve per page.
    Defaults to 25. Maximum 100.

- `runner_id: Optional[str]`

  runner_id specifies the project identifier

### Returns

- `class RunnerPolicy: …`

  - `group_id: Optional[str]`

  - `role: Optional[RunnerRole]`

    role is the role assigned to the group

    - `"RUNNER_ROLE_UNSPECIFIED"`

    - `"RUNNER_ROLE_ADMIN"`

    - `"RUNNER_ROLE_USER"`

### Example

```python
import os
from gitpod import Gitpod

client = Gitpod(
    bearer_token=os.environ.get("GITPOD_API_KEY"),  # This is the default and can be omitted
)
page = client.runners.policies.list(
    pagination={
        "page_size": 20
    },
    runner_id="d2c94c27-3b76-4a42-b88c-95a85e392c68",
)
page = page.policies[0]
print(page.group_id)
```

#### Response

```json
{
  "pagination": {
    "nextToken": "nextToken"
  },
  "policies": [
    {
      "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
      "role": "RUNNER_ROLE_UNSPECIFIED"
    }
  ]
}
```

## UpdateRunnerPolicy

`runners.policies.update(PolicyUpdateParams**kwargs)  -> PolicyUpdateResponse`

**post** `/gitpod.v1.RunnerService/UpdateRunnerPolicy`

Updates an existing runner policy.

Use this method to:

- Modify access levels
- Change group roles
- Update permissions

### Examples

- Update policy role:

  Changes a group's access level.

  ```yaml
  runnerId: "d2c94c27-3b76-4a42-b88c-95a85e392c68"
  groupId: "f53d2330-3795-4c5d-a1f3-453121af9c60"
  role: RUNNER_ROLE_USER
  ```

### Parameters

- `group_id: Optional[str]`

  group_id specifies the group_id identifier

- `role: Optional[RunnerRole]`

  - `"RUNNER_ROLE_UNSPECIFIED"`

  - `"RUNNER_ROLE_ADMIN"`

  - `"RUNNER_ROLE_USER"`

- `runner_id: Optional[str]`

  runner_id specifies the project identifier

### Returns

- `class PolicyUpdateResponse: …`

  - `policy: RunnerPolicy`

    - `group_id: Optional[str]`

    - `role: Optional[RunnerRole]`

      role is the role assigned to the group

      - `"RUNNER_ROLE_UNSPECIFIED"`

      - `"RUNNER_ROLE_ADMIN"`

      - `"RUNNER_ROLE_USER"`

### Example

```python
import os
from gitpod import Gitpod

client = Gitpod(
    bearer_token=os.environ.get("GITPOD_API_KEY"),  # This is the default and can be omitted
)
policy = client.runners.policies.update(
    group_id="f53d2330-3795-4c5d-a1f3-453121af9c60",
    role="RUNNER_ROLE_USER",
    runner_id="d2c94c27-3b76-4a42-b88c-95a85e392c68",
)
print(policy.policy)
```

#### Response

```json
{
  "policy": {
    "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
    "role": "RUNNER_ROLE_UNSPECIFIED"
  }
}
```

## Domain Types

### Runner Policy

- `class RunnerPolicy: …`

  - `group_id: Optional[str]`

  - `role: Optional[RunnerRole]`

    role is the role assigned to the group

    - `"RUNNER_ROLE_UNSPECIFIED"`

    - `"RUNNER_ROLE_ADMIN"`

    - `"RUNNER_ROLE_USER"`

### Runner Role

- `Literal["RUNNER_ROLE_UNSPECIFIED", "RUNNER_ROLE_ADMIN", "RUNNER_ROLE_USER"]`

  - `"RUNNER_ROLE_UNSPECIFIED"`

  - `"RUNNER_ROLE_ADMIN"`

  - `"RUNNER_ROLE_USER"`

### Policy Create Response

- `class PolicyCreateResponse: …`

  - `policy: RunnerPolicy`

    - `group_id: Optional[str]`

    - `role: Optional[RunnerRole]`

      role is the role assigned to the group

      - `"RUNNER_ROLE_UNSPECIFIED"`

      - `"RUNNER_ROLE_ADMIN"`

      - `"RUNNER_ROLE_USER"`

### Policy Update Response

- `class PolicyUpdateResponse: …`

  - `policy: RunnerPolicy`

    - `group_id: Optional[str]`

    - `role: Optional[RunnerRole]`

      role is the role assigned to the group

      - `"RUNNER_ROLE_UNSPECIFIED"`

      - `"RUNNER_ROLE_ADMIN"`

      - `"RUNNER_ROLE_USER"`