google-api-client 0.32.0 → 0.32.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +34 -0
- data/generated/google/apis/appengine_v1.rb +1 -1
- data/generated/google/apis/appengine_v1/service.rb +6 -1
- data/generated/google/apis/appengine_v1beta.rb +1 -1
- data/generated/google/apis/appengine_v1beta/service.rb +6 -1
- data/generated/google/apis/binaryauthorization_v1.rb +1 -1
- data/generated/google/apis/binaryauthorization_v1/classes.rb +2 -2
- data/generated/google/apis/binaryauthorization_v1beta1.rb +1 -1
- data/generated/google/apis/binaryauthorization_v1beta1/classes.rb +2 -2
- data/generated/google/apis/clouderrorreporting_v1beta1.rb +1 -1
- data/generated/google/apis/clouderrorreporting_v1beta1/classes.rb +2 -2
- data/generated/google/apis/clouderrorreporting_v1beta1/service.rb +21 -21
- data/generated/google/apis/cloudfunctions_v1.rb +1 -1
- data/generated/google/apis/cloudfunctions_v1/classes.rb +62 -29
- data/generated/google/apis/cloudresourcemanager_v1.rb +1 -1
- data/generated/google/apis/cloudresourcemanager_v1/classes.rb +63 -30
- data/generated/google/apis/cloudresourcemanager_v1beta1.rb +1 -1
- data/generated/google/apis/cloudresourcemanager_v1beta1/classes.rb +62 -29
- data/generated/google/apis/cloudresourcemanager_v2.rb +1 -1
- data/generated/google/apis/cloudresourcemanager_v2/classes.rb +62 -29
- data/generated/google/apis/cloudresourcemanager_v2beta1.rb +1 -1
- data/generated/google/apis/cloudresourcemanager_v2beta1/classes.rb +62 -29
- data/generated/google/apis/cloudtasks_v2.rb +1 -1
- data/generated/google/apis/cloudtasks_v2/classes.rb +62 -29
- data/generated/google/apis/cloudtasks_v2beta2.rb +1 -1
- data/generated/google/apis/cloudtasks_v2beta2/classes.rb +62 -29
- data/generated/google/apis/dlp_v2.rb +1 -1
- data/generated/google/apis/dlp_v2/classes.rb +0 -28
- data/generated/google/apis/dlp_v2/representations.rb +0 -14
- data/generated/google/apis/dlp_v2/service.rb +11 -5
- data/generated/google/apis/dns_v1.rb +1 -1
- data/generated/google/apis/dns_v1/classes.rb +8 -0
- data/generated/google/apis/dns_v1/representations.rb +1 -0
- data/generated/google/apis/dns_v2beta1.rb +1 -1
- data/generated/google/apis/dns_v2beta1/classes.rb +8 -0
- data/generated/google/apis/dns_v2beta1/representations.rb +1 -0
- data/generated/google/apis/drive_v2.rb +1 -1
- data/generated/google/apis/drive_v2/classes.rb +2 -0
- data/generated/google/apis/drive_v3.rb +1 -1
- data/generated/google/apis/drive_v3/service.rb +9 -3
- data/generated/google/apis/logging_v2.rb +1 -1
- data/generated/google/apis/logging_v2/classes.rb +11 -3
- data/generated/google/apis/logging_v2/representations.rb +1 -0
- data/generated/google/apis/monitoring_v3.rb +1 -1
- data/generated/google/apis/monitoring_v3/classes.rb +6 -4
- data/generated/google/apis/pubsub_v1.rb +1 -1
- data/generated/google/apis/pubsub_v1/classes.rb +62 -29
- data/generated/google/apis/pubsub_v1beta2.rb +1 -1
- data/generated/google/apis/pubsub_v1beta2/classes.rb +62 -29
- data/generated/google/apis/run_v1.rb +1 -1
- data/generated/google/apis/run_v1/classes.rb +7 -5
- data/generated/google/apis/run_v1alpha1.rb +1 -1
- data/generated/google/apis/run_v1alpha1/classes.rb +6 -6
- data/generated/google/apis/run_v1beta1.rb +1 -4
- data/generated/google/apis/run_v1beta1/classes.rb +32 -70
- data/generated/google/apis/run_v1beta1/representations.rb +0 -29
- data/generated/google/apis/run_v1beta1/service.rb +62 -0
- data/generated/google/apis/runtimeconfig_v1beta1.rb +1 -1
- data/generated/google/apis/runtimeconfig_v1beta1/service.rb +1 -0
- data/generated/google/apis/servicebroker_v1.rb +1 -1
- data/generated/google/apis/servicebroker_v1/service.rb +1 -0
- data/generated/google/apis/servicebroker_v1alpha1.rb +1 -1
- data/generated/google/apis/servicebroker_v1alpha1/service.rb +1 -0
- data/generated/google/apis/servicebroker_v1beta1.rb +1 -1
- data/generated/google/apis/servicebroker_v1beta1/service.rb +1 -0
- data/generated/google/apis/servicecontrol_v1.rb +1 -1
- data/generated/google/apis/servicecontrol_v1/classes.rb +5 -4
- data/generated/google/apis/servicemanagement_v1.rb +1 -1
- data/generated/google/apis/servicemanagement_v1/classes.rb +13 -4
- data/generated/google/apis/servicemanagement_v1/representations.rb +1 -0
- data/generated/google/apis/vault_v1.rb +1 -1
- data/generated/google/apis/vault_v1/service.rb +33 -0
- data/lib/google/apis/version.rb +1 -1
- metadata +2 -2
@@ -26,7 +26,7 @@ module Google
|
|
26
26
|
# @see https://cloud.google.com/resource-manager
|
27
27
|
module CloudresourcemanagerV2beta1
|
28
28
|
VERSION = 'V2beta1'
|
29
|
-
REVISION = '
|
29
|
+
REVISION = '20190927'
|
30
30
|
|
31
31
|
# View and manage your data across Google Cloud Platform services
|
32
32
|
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
|
@@ -505,25 +505,34 @@ module Google
|
|
505
505
|
|
506
506
|
# Defines an Identity and Access Management (IAM) policy. It is used to
|
507
507
|
# specify access control policies for Cloud Platform resources.
|
508
|
-
# A `Policy`
|
509
|
-
# `members` to a `role
|
510
|
-
# Google
|
511
|
-
# defined by IAM.
|
508
|
+
# A `Policy` is a collection of `bindings`. A `binding` binds one or more
|
509
|
+
# `members` to a single `role`. Members can be user accounts, service accounts,
|
510
|
+
# Google groups, and domains (such as G Suite). A `role` is a named list of
|
511
|
+
# permissions (defined by IAM or configured by users). A `binding` can
|
512
|
+
# optionally specify a `condition`, which is a logic expression that further
|
513
|
+
# constrains the role binding based on attributes about the request and/or
|
514
|
+
# target resource.
|
512
515
|
# **JSON Example**
|
513
516
|
# `
|
514
517
|
# "bindings": [
|
515
518
|
# `
|
516
|
-
# "role": "roles/
|
519
|
+
# "role": "roles/resourcemanager.organizationAdmin",
|
517
520
|
# "members": [
|
518
521
|
# "user:mike@example.com",
|
519
522
|
# "group:admins@example.com",
|
520
523
|
# "domain:google.com",
|
521
|
-
# "serviceAccount:my-
|
524
|
+
# "serviceAccount:my-project-id@appspot.gserviceaccount.com"
|
522
525
|
# ]
|
523
526
|
# `,
|
524
527
|
# `
|
525
|
-
# "role": "roles/
|
526
|
-
# "members": ["user:
|
528
|
+
# "role": "roles/resourcemanager.organizationViewer",
|
529
|
+
# "members": ["user:eve@example.com"],
|
530
|
+
# "condition": `
|
531
|
+
# "title": "expirable access",
|
532
|
+
# "description": "Does not grant access after Sep 2020",
|
533
|
+
# "expression": "request.time <
|
534
|
+
# timestamp('2020-10-01T00:00:00.000Z')",
|
535
|
+
# `
|
527
536
|
# `
|
528
537
|
# ]
|
529
538
|
# `
|
@@ -533,11 +542,15 @@ module Google
|
|
533
542
|
# - user:mike@example.com
|
534
543
|
# - group:admins@example.com
|
535
544
|
# - domain:google.com
|
536
|
-
# - serviceAccount:my-
|
537
|
-
# role: roles/
|
545
|
+
# - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
546
|
+
# role: roles/resourcemanager.organizationAdmin
|
538
547
|
# - members:
|
539
|
-
# - user:
|
540
|
-
# role: roles/
|
548
|
+
# - user:eve@example.com
|
549
|
+
# role: roles/resourcemanager.organizationViewer
|
550
|
+
# condition:
|
551
|
+
# title: expirable access
|
552
|
+
# description: Does not grant access after Sep 2020
|
553
|
+
# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
|
541
554
|
# For a description of IAM and its features, see the
|
542
555
|
# [IAM developer's guide](https://cloud.google.com/iam/docs).
|
543
556
|
class Policy
|
@@ -548,7 +561,8 @@ module Google
|
|
548
561
|
# @return [Array<Google::Apis::CloudresourcemanagerV2beta1::AuditConfig>]
|
549
562
|
attr_accessor :audit_configs
|
550
563
|
|
551
|
-
# Associates a list of `members` to a `role`.
|
564
|
+
# Associates a list of `members` to a `role`. Optionally may specify a
|
565
|
+
# `condition` that determines when binding is in effect.
|
552
566
|
# `bindings` with no members will result in an error.
|
553
567
|
# Corresponds to the JSON property `bindings`
|
554
568
|
# @return [Array<Google::Apis::CloudresourcemanagerV2beta1::Binding>]
|
@@ -562,7 +576,9 @@ module Google
|
|
562
576
|
# systems are expected to put that etag in the request to `setIamPolicy` to
|
563
577
|
# ensure that their change will be applied to the same version of the policy.
|
564
578
|
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
|
565
|
-
# policy is overwritten.
|
579
|
+
# policy is overwritten. Due to blind-set semantics of an etag-less policy,
|
580
|
+
# 'setIamPolicy' will not fail even if either of incoming or stored policy
|
581
|
+
# does not meet the version requirements.
|
566
582
|
# Corresponds to the JSON property `etag`
|
567
583
|
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
568
584
|
# @return [String]
|
@@ -571,9 +587,13 @@ module Google
|
|
571
587
|
# Specifies the format of the policy.
|
572
588
|
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
573
589
|
# rejected.
|
574
|
-
#
|
575
|
-
#
|
576
|
-
#
|
590
|
+
# Operations affecting conditional bindings must specify version 3. This can
|
591
|
+
# be either setting a conditional policy, modifying a conditional binding,
|
592
|
+
# or removing a conditional binding from the stored conditional policy.
|
593
|
+
# Operations on non-conditional policies may specify any valid value or
|
594
|
+
# leave the field unset.
|
595
|
+
# If no etag is provided in the call to `setIamPolicy`, any version
|
596
|
+
# compliance checks on the incoming and/or stored policy is skipped.
|
577
597
|
# Corresponds to the JSON property `version`
|
578
598
|
# @return [Fixnum]
|
579
599
|
attr_accessor :version
|
@@ -714,25 +734,34 @@ module Google
|
|
714
734
|
|
715
735
|
# Defines an Identity and Access Management (IAM) policy. It is used to
|
716
736
|
# specify access control policies for Cloud Platform resources.
|
717
|
-
# A `Policy`
|
718
|
-
# `members` to a `role
|
719
|
-
# Google
|
720
|
-
# defined by IAM.
|
737
|
+
# A `Policy` is a collection of `bindings`. A `binding` binds one or more
|
738
|
+
# `members` to a single `role`. Members can be user accounts, service accounts,
|
739
|
+
# Google groups, and domains (such as G Suite). A `role` is a named list of
|
740
|
+
# permissions (defined by IAM or configured by users). A `binding` can
|
741
|
+
# optionally specify a `condition`, which is a logic expression that further
|
742
|
+
# constrains the role binding based on attributes about the request and/or
|
743
|
+
# target resource.
|
721
744
|
# **JSON Example**
|
722
745
|
# `
|
723
746
|
# "bindings": [
|
724
747
|
# `
|
725
|
-
# "role": "roles/
|
748
|
+
# "role": "roles/resourcemanager.organizationAdmin",
|
726
749
|
# "members": [
|
727
750
|
# "user:mike@example.com",
|
728
751
|
# "group:admins@example.com",
|
729
752
|
# "domain:google.com",
|
730
|
-
# "serviceAccount:my-
|
753
|
+
# "serviceAccount:my-project-id@appspot.gserviceaccount.com"
|
731
754
|
# ]
|
732
755
|
# `,
|
733
756
|
# `
|
734
|
-
# "role": "roles/
|
735
|
-
# "members": ["user:
|
757
|
+
# "role": "roles/resourcemanager.organizationViewer",
|
758
|
+
# "members": ["user:eve@example.com"],
|
759
|
+
# "condition": `
|
760
|
+
# "title": "expirable access",
|
761
|
+
# "description": "Does not grant access after Sep 2020",
|
762
|
+
# "expression": "request.time <
|
763
|
+
# timestamp('2020-10-01T00:00:00.000Z')",
|
764
|
+
# `
|
736
765
|
# `
|
737
766
|
# ]
|
738
767
|
# `
|
@@ -742,11 +771,15 @@ module Google
|
|
742
771
|
# - user:mike@example.com
|
743
772
|
# - group:admins@example.com
|
744
773
|
# - domain:google.com
|
745
|
-
# - serviceAccount:my-
|
746
|
-
# role: roles/
|
774
|
+
# - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
775
|
+
# role: roles/resourcemanager.organizationAdmin
|
747
776
|
# - members:
|
748
|
-
# - user:
|
749
|
-
# role: roles/
|
777
|
+
# - user:eve@example.com
|
778
|
+
# role: roles/resourcemanager.organizationViewer
|
779
|
+
# condition:
|
780
|
+
# title: expirable access
|
781
|
+
# description: Does not grant access after Sep 2020
|
782
|
+
# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
|
750
783
|
# For a description of IAM and its features, see the
|
751
784
|
# [IAM developer's guide](https://cloud.google.com/iam/docs).
|
752
785
|
# Corresponds to the JSON property `policy`
|
@@ -25,7 +25,7 @@ module Google
|
|
25
25
|
# @see https://cloud.google.com/tasks/
|
26
26
|
module CloudtasksV2
|
27
27
|
VERSION = 'V2'
|
28
|
-
REVISION = '
|
28
|
+
REVISION = '20190927'
|
29
29
|
|
30
30
|
# View and manage your data across Google Cloud Platform services
|
31
31
|
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
|
@@ -676,25 +676,34 @@ module Google
|
|
676
676
|
|
677
677
|
# Defines an Identity and Access Management (IAM) policy. It is used to
|
678
678
|
# specify access control policies for Cloud Platform resources.
|
679
|
-
# A `Policy`
|
680
|
-
# `members` to a `role
|
681
|
-
# Google
|
682
|
-
# defined by IAM.
|
679
|
+
# A `Policy` is a collection of `bindings`. A `binding` binds one or more
|
680
|
+
# `members` to a single `role`. Members can be user accounts, service accounts,
|
681
|
+
# Google groups, and domains (such as G Suite). A `role` is a named list of
|
682
|
+
# permissions (defined by IAM or configured by users). A `binding` can
|
683
|
+
# optionally specify a `condition`, which is a logic expression that further
|
684
|
+
# constrains the role binding based on attributes about the request and/or
|
685
|
+
# target resource.
|
683
686
|
# **JSON Example**
|
684
687
|
# `
|
685
688
|
# "bindings": [
|
686
689
|
# `
|
687
|
-
# "role": "roles/
|
690
|
+
# "role": "roles/resourcemanager.organizationAdmin",
|
688
691
|
# "members": [
|
689
692
|
# "user:mike@example.com",
|
690
693
|
# "group:admins@example.com",
|
691
694
|
# "domain:google.com",
|
692
|
-
# "serviceAccount:my-
|
695
|
+
# "serviceAccount:my-project-id@appspot.gserviceaccount.com"
|
693
696
|
# ]
|
694
697
|
# `,
|
695
698
|
# `
|
696
|
-
# "role": "roles/
|
697
|
-
# "members": ["user:
|
699
|
+
# "role": "roles/resourcemanager.organizationViewer",
|
700
|
+
# "members": ["user:eve@example.com"],
|
701
|
+
# "condition": `
|
702
|
+
# "title": "expirable access",
|
703
|
+
# "description": "Does not grant access after Sep 2020",
|
704
|
+
# "expression": "request.time <
|
705
|
+
# timestamp('2020-10-01T00:00:00.000Z')",
|
706
|
+
# `
|
698
707
|
# `
|
699
708
|
# ]
|
700
709
|
# `
|
@@ -704,17 +713,22 @@ module Google
|
|
704
713
|
# - user:mike@example.com
|
705
714
|
# - group:admins@example.com
|
706
715
|
# - domain:google.com
|
707
|
-
# - serviceAccount:my-
|
708
|
-
# role: roles/
|
716
|
+
# - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
717
|
+
# role: roles/resourcemanager.organizationAdmin
|
709
718
|
# - members:
|
710
|
-
# - user:
|
711
|
-
# role: roles/
|
719
|
+
# - user:eve@example.com
|
720
|
+
# role: roles/resourcemanager.organizationViewer
|
721
|
+
# condition:
|
722
|
+
# title: expirable access
|
723
|
+
# description: Does not grant access after Sep 2020
|
724
|
+
# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
|
712
725
|
# For a description of IAM and its features, see the
|
713
726
|
# [IAM developer's guide](https://cloud.google.com/iam/docs).
|
714
727
|
class Policy
|
715
728
|
include Google::Apis::Core::Hashable
|
716
729
|
|
717
|
-
# Associates a list of `members` to a `role`.
|
730
|
+
# Associates a list of `members` to a `role`. Optionally may specify a
|
731
|
+
# `condition` that determines when binding is in effect.
|
718
732
|
# `bindings` with no members will result in an error.
|
719
733
|
# Corresponds to the JSON property `bindings`
|
720
734
|
# @return [Array<Google::Apis::CloudtasksV2::Binding>]
|
@@ -728,7 +742,9 @@ module Google
|
|
728
742
|
# systems are expected to put that etag in the request to `setIamPolicy` to
|
729
743
|
# ensure that their change will be applied to the same version of the policy.
|
730
744
|
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
|
731
|
-
# policy is overwritten.
|
745
|
+
# policy is overwritten. Due to blind-set semantics of an etag-less policy,
|
746
|
+
# 'setIamPolicy' will not fail even if either of incoming or stored policy
|
747
|
+
# does not meet the version requirements.
|
732
748
|
# Corresponds to the JSON property `etag`
|
733
749
|
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
734
750
|
# @return [String]
|
@@ -737,9 +753,13 @@ module Google
|
|
737
753
|
# Specifies the format of the policy.
|
738
754
|
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
739
755
|
# rejected.
|
740
|
-
#
|
741
|
-
#
|
742
|
-
#
|
756
|
+
# Operations affecting conditional bindings must specify version 3. This can
|
757
|
+
# be either setting a conditional policy, modifying a conditional binding,
|
758
|
+
# or removing a conditional binding from the stored conditional policy.
|
759
|
+
# Operations on non-conditional policies may specify any valid value or
|
760
|
+
# leave the field unset.
|
761
|
+
# If no etag is provided in the call to `setIamPolicy`, any version
|
762
|
+
# compliance checks on the incoming and/or stored policy is skipped.
|
743
763
|
# Corresponds to the JSON property `version`
|
744
764
|
# @return [Fixnum]
|
745
765
|
attr_accessor :version
|
@@ -1114,25 +1134,34 @@ module Google
|
|
1114
1134
|
|
1115
1135
|
# Defines an Identity and Access Management (IAM) policy. It is used to
|
1116
1136
|
# specify access control policies for Cloud Platform resources.
|
1117
|
-
# A `Policy`
|
1118
|
-
# `members` to a `role
|
1119
|
-
# Google
|
1120
|
-
# defined by IAM.
|
1137
|
+
# A `Policy` is a collection of `bindings`. A `binding` binds one or more
|
1138
|
+
# `members` to a single `role`. Members can be user accounts, service accounts,
|
1139
|
+
# Google groups, and domains (such as G Suite). A `role` is a named list of
|
1140
|
+
# permissions (defined by IAM or configured by users). A `binding` can
|
1141
|
+
# optionally specify a `condition`, which is a logic expression that further
|
1142
|
+
# constrains the role binding based on attributes about the request and/or
|
1143
|
+
# target resource.
|
1121
1144
|
# **JSON Example**
|
1122
1145
|
# `
|
1123
1146
|
# "bindings": [
|
1124
1147
|
# `
|
1125
|
-
# "role": "roles/
|
1148
|
+
# "role": "roles/resourcemanager.organizationAdmin",
|
1126
1149
|
# "members": [
|
1127
1150
|
# "user:mike@example.com",
|
1128
1151
|
# "group:admins@example.com",
|
1129
1152
|
# "domain:google.com",
|
1130
|
-
# "serviceAccount:my-
|
1153
|
+
# "serviceAccount:my-project-id@appspot.gserviceaccount.com"
|
1131
1154
|
# ]
|
1132
1155
|
# `,
|
1133
1156
|
# `
|
1134
|
-
# "role": "roles/
|
1135
|
-
# "members": ["user:
|
1157
|
+
# "role": "roles/resourcemanager.organizationViewer",
|
1158
|
+
# "members": ["user:eve@example.com"],
|
1159
|
+
# "condition": `
|
1160
|
+
# "title": "expirable access",
|
1161
|
+
# "description": "Does not grant access after Sep 2020",
|
1162
|
+
# "expression": "request.time <
|
1163
|
+
# timestamp('2020-10-01T00:00:00.000Z')",
|
1164
|
+
# `
|
1136
1165
|
# `
|
1137
1166
|
# ]
|
1138
1167
|
# `
|
@@ -1142,11 +1171,15 @@ module Google
|
|
1142
1171
|
# - user:mike@example.com
|
1143
1172
|
# - group:admins@example.com
|
1144
1173
|
# - domain:google.com
|
1145
|
-
# - serviceAccount:my-
|
1146
|
-
# role: roles/
|
1174
|
+
# - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
1175
|
+
# role: roles/resourcemanager.organizationAdmin
|
1147
1176
|
# - members:
|
1148
|
-
# - user:
|
1149
|
-
# role: roles/
|
1177
|
+
# - user:eve@example.com
|
1178
|
+
# role: roles/resourcemanager.organizationViewer
|
1179
|
+
# condition:
|
1180
|
+
# title: expirable access
|
1181
|
+
# description: Does not grant access after Sep 2020
|
1182
|
+
# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
|
1150
1183
|
# For a description of IAM and its features, see the
|
1151
1184
|
# [IAM developer's guide](https://cloud.google.com/iam/docs).
|
1152
1185
|
# Corresponds to the JSON property `policy`
|
@@ -25,7 +25,7 @@ module Google
|
|
25
25
|
# @see https://cloud.google.com/tasks/
|
26
26
|
module CloudtasksV2beta2
|
27
27
|
VERSION = 'V2beta2'
|
28
|
-
REVISION = '
|
28
|
+
REVISION = '20190927'
|
29
29
|
|
30
30
|
# View and manage your data across Google Cloud Platform services
|
31
31
|
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
|
@@ -918,25 +918,34 @@ module Google
|
|
918
918
|
|
919
919
|
# Defines an Identity and Access Management (IAM) policy. It is used to
|
920
920
|
# specify access control policies for Cloud Platform resources.
|
921
|
-
# A `Policy`
|
922
|
-
# `members` to a `role
|
923
|
-
# Google
|
924
|
-
# defined by IAM.
|
921
|
+
# A `Policy` is a collection of `bindings`. A `binding` binds one or more
|
922
|
+
# `members` to a single `role`. Members can be user accounts, service accounts,
|
923
|
+
# Google groups, and domains (such as G Suite). A `role` is a named list of
|
924
|
+
# permissions (defined by IAM or configured by users). A `binding` can
|
925
|
+
# optionally specify a `condition`, which is a logic expression that further
|
926
|
+
# constrains the role binding based on attributes about the request and/or
|
927
|
+
# target resource.
|
925
928
|
# **JSON Example**
|
926
929
|
# `
|
927
930
|
# "bindings": [
|
928
931
|
# `
|
929
|
-
# "role": "roles/
|
932
|
+
# "role": "roles/resourcemanager.organizationAdmin",
|
930
933
|
# "members": [
|
931
934
|
# "user:mike@example.com",
|
932
935
|
# "group:admins@example.com",
|
933
936
|
# "domain:google.com",
|
934
|
-
# "serviceAccount:my-
|
937
|
+
# "serviceAccount:my-project-id@appspot.gserviceaccount.com"
|
935
938
|
# ]
|
936
939
|
# `,
|
937
940
|
# `
|
938
|
-
# "role": "roles/
|
939
|
-
# "members": ["user:
|
941
|
+
# "role": "roles/resourcemanager.organizationViewer",
|
942
|
+
# "members": ["user:eve@example.com"],
|
943
|
+
# "condition": `
|
944
|
+
# "title": "expirable access",
|
945
|
+
# "description": "Does not grant access after Sep 2020",
|
946
|
+
# "expression": "request.time <
|
947
|
+
# timestamp('2020-10-01T00:00:00.000Z')",
|
948
|
+
# `
|
940
949
|
# `
|
941
950
|
# ]
|
942
951
|
# `
|
@@ -946,17 +955,22 @@ module Google
|
|
946
955
|
# - user:mike@example.com
|
947
956
|
# - group:admins@example.com
|
948
957
|
# - domain:google.com
|
949
|
-
# - serviceAccount:my-
|
950
|
-
# role: roles/
|
958
|
+
# - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
959
|
+
# role: roles/resourcemanager.organizationAdmin
|
951
960
|
# - members:
|
952
|
-
# - user:
|
953
|
-
# role: roles/
|
961
|
+
# - user:eve@example.com
|
962
|
+
# role: roles/resourcemanager.organizationViewer
|
963
|
+
# condition:
|
964
|
+
# title: expirable access
|
965
|
+
# description: Does not grant access after Sep 2020
|
966
|
+
# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
|
954
967
|
# For a description of IAM and its features, see the
|
955
968
|
# [IAM developer's guide](https://cloud.google.com/iam/docs).
|
956
969
|
class Policy
|
957
970
|
include Google::Apis::Core::Hashable
|
958
971
|
|
959
|
-
# Associates a list of `members` to a `role`.
|
972
|
+
# Associates a list of `members` to a `role`. Optionally may specify a
|
973
|
+
# `condition` that determines when binding is in effect.
|
960
974
|
# `bindings` with no members will result in an error.
|
961
975
|
# Corresponds to the JSON property `bindings`
|
962
976
|
# @return [Array<Google::Apis::CloudtasksV2beta2::Binding>]
|
@@ -970,7 +984,9 @@ module Google
|
|
970
984
|
# systems are expected to put that etag in the request to `setIamPolicy` to
|
971
985
|
# ensure that their change will be applied to the same version of the policy.
|
972
986
|
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
|
973
|
-
# policy is overwritten.
|
987
|
+
# policy is overwritten. Due to blind-set semantics of an etag-less policy,
|
988
|
+
# 'setIamPolicy' will not fail even if either of incoming or stored policy
|
989
|
+
# does not meet the version requirements.
|
974
990
|
# Corresponds to the JSON property `etag`
|
975
991
|
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
976
992
|
# @return [String]
|
@@ -979,9 +995,13 @@ module Google
|
|
979
995
|
# Specifies the format of the policy.
|
980
996
|
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
981
997
|
# rejected.
|
982
|
-
#
|
983
|
-
#
|
984
|
-
#
|
998
|
+
# Operations affecting conditional bindings must specify version 3. This can
|
999
|
+
# be either setting a conditional policy, modifying a conditional binding,
|
1000
|
+
# or removing a conditional binding from the stored conditional policy.
|
1001
|
+
# Operations on non-conditional policies may specify any valid value or
|
1002
|
+
# leave the field unset.
|
1003
|
+
# If no etag is provided in the call to `setIamPolicy`, any version
|
1004
|
+
# compliance checks on the incoming and/or stored policy is skipped.
|
985
1005
|
# Corresponds to the JSON property `version`
|
986
1006
|
# @return [Fixnum]
|
987
1007
|
attr_accessor :version
|
@@ -1466,25 +1486,34 @@ module Google
|
|
1466
1486
|
|
1467
1487
|
# Defines an Identity and Access Management (IAM) policy. It is used to
|
1468
1488
|
# specify access control policies for Cloud Platform resources.
|
1469
|
-
# A `Policy`
|
1470
|
-
# `members` to a `role
|
1471
|
-
# Google
|
1472
|
-
# defined by IAM.
|
1489
|
+
# A `Policy` is a collection of `bindings`. A `binding` binds one or more
|
1490
|
+
# `members` to a single `role`. Members can be user accounts, service accounts,
|
1491
|
+
# Google groups, and domains (such as G Suite). A `role` is a named list of
|
1492
|
+
# permissions (defined by IAM or configured by users). A `binding` can
|
1493
|
+
# optionally specify a `condition`, which is a logic expression that further
|
1494
|
+
# constrains the role binding based on attributes about the request and/or
|
1495
|
+
# target resource.
|
1473
1496
|
# **JSON Example**
|
1474
1497
|
# `
|
1475
1498
|
# "bindings": [
|
1476
1499
|
# `
|
1477
|
-
# "role": "roles/
|
1500
|
+
# "role": "roles/resourcemanager.organizationAdmin",
|
1478
1501
|
# "members": [
|
1479
1502
|
# "user:mike@example.com",
|
1480
1503
|
# "group:admins@example.com",
|
1481
1504
|
# "domain:google.com",
|
1482
|
-
# "serviceAccount:my-
|
1505
|
+
# "serviceAccount:my-project-id@appspot.gserviceaccount.com"
|
1483
1506
|
# ]
|
1484
1507
|
# `,
|
1485
1508
|
# `
|
1486
|
-
# "role": "roles/
|
1487
|
-
# "members": ["user:
|
1509
|
+
# "role": "roles/resourcemanager.organizationViewer",
|
1510
|
+
# "members": ["user:eve@example.com"],
|
1511
|
+
# "condition": `
|
1512
|
+
# "title": "expirable access",
|
1513
|
+
# "description": "Does not grant access after Sep 2020",
|
1514
|
+
# "expression": "request.time <
|
1515
|
+
# timestamp('2020-10-01T00:00:00.000Z')",
|
1516
|
+
# `
|
1488
1517
|
# `
|
1489
1518
|
# ]
|
1490
1519
|
# `
|
@@ -1494,11 +1523,15 @@ module Google
|
|
1494
1523
|
# - user:mike@example.com
|
1495
1524
|
# - group:admins@example.com
|
1496
1525
|
# - domain:google.com
|
1497
|
-
# - serviceAccount:my-
|
1498
|
-
# role: roles/
|
1526
|
+
# - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
1527
|
+
# role: roles/resourcemanager.organizationAdmin
|
1499
1528
|
# - members:
|
1500
|
-
# - user:
|
1501
|
-
# role: roles/
|
1529
|
+
# - user:eve@example.com
|
1530
|
+
# role: roles/resourcemanager.organizationViewer
|
1531
|
+
# condition:
|
1532
|
+
# title: expirable access
|
1533
|
+
# description: Does not grant access after Sep 2020
|
1534
|
+
# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
|
1502
1535
|
# For a description of IAM and its features, see the
|
1503
1536
|
# [IAM developer's guide](https://cloud.google.com/iam/docs).
|
1504
1537
|
# Corresponds to the JSON property `policy`
|