google-apis-assuredworkloads_v1 0.26.0 → 0.27.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/lib/google/apis/assuredworkloads_v1/classes.rb +225 -726
- data/lib/google/apis/assuredworkloads_v1/gem_version.rb +3 -3
- data/lib/google/apis/assuredworkloads_v1/representations.rb +71 -297
- data/lib/google/apis/assuredworkloads_v1/service.rb +120 -0
- metadata +5 -5
@@ -22,92 +22,23 @@ module Google
|
|
22
22
|
module Apis
|
23
23
|
module AssuredworkloadsV1
|
24
24
|
|
25
|
-
#
|
26
|
-
class
|
25
|
+
# Request for acknowledging the violation Next Id: 4
|
26
|
+
class GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequest
|
27
27
|
include Google::Apis::Core::Hashable
|
28
28
|
|
29
|
-
#
|
30
|
-
#
|
31
|
-
# Corresponds to the JSON property `
|
32
|
-
# @return [String]
|
33
|
-
attr_accessor :compliance_regime
|
34
|
-
|
35
|
-
# Optional. Time when the operation was created.
|
36
|
-
# Corresponds to the JSON property `createTime`
|
37
|
-
# @return [String]
|
38
|
-
attr_accessor :create_time
|
39
|
-
|
40
|
-
# Optional. The display name of the workload.
|
41
|
-
# Corresponds to the JSON property `displayName`
|
42
|
-
# @return [String]
|
43
|
-
attr_accessor :display_name
|
44
|
-
|
45
|
-
# Optional. The parent of the workload.
|
46
|
-
# Corresponds to the JSON property `parent`
|
29
|
+
# Required. Business justification explaining the need for violation
|
30
|
+
# acknowledgement
|
31
|
+
# Corresponds to the JSON property `comment`
|
47
32
|
# @return [String]
|
48
|
-
attr_accessor :
|
49
|
-
|
50
|
-
def initialize(**args)
|
51
|
-
update!(**args)
|
52
|
-
end
|
53
|
-
|
54
|
-
# Update properties of this object
|
55
|
-
def update!(**args)
|
56
|
-
@compliance_regime = args[:compliance_regime] if args.key?(:compliance_regime)
|
57
|
-
@create_time = args[:create_time] if args.key?(:create_time)
|
58
|
-
@display_name = args[:display_name] if args.key?(:display_name)
|
59
|
-
@parent = args[:parent] if args.key?(:parent)
|
60
|
-
end
|
61
|
-
end
|
62
|
-
|
63
|
-
# Response of ListWorkloads endpoint.
|
64
|
-
class GoogleCloudAssuredworkloadsV1ListWorkloadsResponse
|
65
|
-
include Google::Apis::Core::Hashable
|
66
|
-
|
67
|
-
# The next page token. Return empty if reached the last page.
|
68
|
-
# Corresponds to the JSON property `nextPageToken`
|
69
|
-
# @return [String]
|
70
|
-
attr_accessor :next_page_token
|
71
|
-
|
72
|
-
# List of Workloads under a given parent.
|
73
|
-
# Corresponds to the JSON property `workloads`
|
74
|
-
# @return [Array<Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1Workload>]
|
75
|
-
attr_accessor :workloads
|
76
|
-
|
77
|
-
def initialize(**args)
|
78
|
-
update!(**args)
|
79
|
-
end
|
80
|
-
|
81
|
-
# Update properties of this object
|
82
|
-
def update!(**args)
|
83
|
-
@next_page_token = args[:next_page_token] if args.key?(:next_page_token)
|
84
|
-
@workloads = args[:workloads] if args.key?(:workloads)
|
85
|
-
end
|
86
|
-
end
|
87
|
-
|
88
|
-
# Request for restricting list of available resources in Workload environment.
|
89
|
-
class GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesRequest
|
90
|
-
include Google::Apis::Core::Hashable
|
33
|
+
attr_accessor :comment
|
91
34
|
|
92
|
-
#
|
93
|
-
#
|
94
|
-
#
|
35
|
+
# Optional. Name of the OrgPolicy which was modified with non-compliant change
|
36
|
+
# and resulted in this violation. Format: projects/`project_number`/policies/`
|
37
|
+
# constraint_name` folders/`folder_id`/policies/`constraint_name` organizations/`
|
38
|
+
# organization_id`/policies/`constraint_name`
|
39
|
+
# Corresponds to the JSON property `nonCompliantOrgPolicy`
|
95
40
|
# @return [String]
|
96
|
-
attr_accessor :
|
97
|
-
|
98
|
-
def initialize(**args)
|
99
|
-
update!(**args)
|
100
|
-
end
|
101
|
-
|
102
|
-
# Update properties of this object
|
103
|
-
def update!(**args)
|
104
|
-
@restriction_type = args[:restriction_type] if args.key?(:restriction_type)
|
105
|
-
end
|
106
|
-
end
|
107
|
-
|
108
|
-
# Response for restricting the list of allowed resources.
|
109
|
-
class GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesResponse
|
110
|
-
include Google::Apis::Core::Hashable
|
41
|
+
attr_accessor :non_compliant_org_policy
|
111
42
|
|
112
43
|
def initialize(**args)
|
113
44
|
update!(**args)
|
@@ -115,250 +46,26 @@ module Google
|
|
115
46
|
|
116
47
|
# Update properties of this object
|
117
48
|
def update!(**args)
|
49
|
+
@comment = args[:comment] if args.key?(:comment)
|
50
|
+
@non_compliant_org_policy = args[:non_compliant_org_policy] if args.key?(:non_compliant_org_policy)
|
118
51
|
end
|
119
52
|
end
|
120
53
|
|
121
|
-
#
|
122
|
-
class
|
54
|
+
# Response for violation acknowledgement
|
55
|
+
class GoogleCloudAssuredworkloadsV1AcknowledgeViolationResponse
|
123
56
|
include Google::Apis::Core::Hashable
|
124
57
|
|
125
|
-
# Optional. The billing account used for the resources which are direct children
|
126
|
-
# of workload. This billing account is initially associated with the resources
|
127
|
-
# created as part of Workload creation. After the initial creation of these
|
128
|
-
# resources, the customer can change the assigned billing account. The resource
|
129
|
-
# name has the form `billingAccounts/`billing_account_id``. For example, `
|
130
|
-
# billingAccounts/012345-567890-ABCDEF`.
|
131
|
-
# Corresponds to the JSON property `billingAccount`
|
132
|
-
# @return [String]
|
133
|
-
attr_accessor :billing_account
|
134
|
-
|
135
|
-
# Required. Immutable. Compliance Regime associated with this workload.
|
136
|
-
# Corresponds to the JSON property `complianceRegime`
|
137
|
-
# @return [String]
|
138
|
-
attr_accessor :compliance_regime
|
139
|
-
|
140
|
-
# Output only. Urls for services which are compliant for this Assured Workload,
|
141
|
-
# but which are currently disallowed by the ResourceUsageRestriction org policy.
|
142
|
-
# Invoke RestrictAllowedResources endpoint to allow your project developers to
|
143
|
-
# use these services in their environment."
|
144
|
-
# Corresponds to the JSON property `compliantButDisallowedServices`
|
145
|
-
# @return [Array<String>]
|
146
|
-
attr_accessor :compliant_but_disallowed_services
|
147
|
-
|
148
|
-
# Output only. Immutable. The Workload creation timestamp.
|
149
|
-
# Corresponds to the JSON property `createTime`
|
150
|
-
# @return [String]
|
151
|
-
attr_accessor :create_time
|
152
|
-
|
153
|
-
# Required. The user-assigned display name of the Workload. When present it must
|
154
|
-
# be between 4 to 30 characters. Allowed characters are: lowercase and uppercase
|
155
|
-
# letters, numbers, hyphen, and spaces. Example: My Workload
|
156
|
-
# Corresponds to the JSON property `displayName`
|
157
|
-
# @return [String]
|
158
|
-
attr_accessor :display_name
|
159
|
-
|
160
|
-
# Optional. Indicates the sovereignty status of the given workload. Currently
|
161
|
-
# meant to be used by Europe/Canada customers.
|
162
|
-
# Corresponds to the JSON property `enableSovereignControls`
|
163
|
-
# @return [Boolean]
|
164
|
-
attr_accessor :enable_sovereign_controls
|
165
|
-
alias_method :enable_sovereign_controls?, :enable_sovereign_controls
|
166
|
-
|
167
|
-
# Optional. ETag of the workload, it is calculated on the basis of the Workload
|
168
|
-
# contents. It will be used in Update & Delete operations.
|
169
|
-
# Corresponds to the JSON property `etag`
|
170
|
-
# @return [String]
|
171
|
-
attr_accessor :etag
|
172
|
-
|
173
|
-
# Output only. Represents the KAJ enrollment state of the given workload.
|
174
|
-
# Corresponds to the JSON property `kajEnrollmentState`
|
175
|
-
# @return [String]
|
176
|
-
attr_accessor :kaj_enrollment_state
|
177
|
-
|
178
|
-
# Settings specific to the Key Management Service.
|
179
|
-
# Corresponds to the JSON property `kmsSettings`
|
180
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1WorkloadKmsSettings]
|
181
|
-
attr_accessor :kms_settings
|
182
|
-
|
183
|
-
# Optional. Labels applied to the workload.
|
184
|
-
# Corresponds to the JSON property `labels`
|
185
|
-
# @return [Hash<String,String>]
|
186
|
-
attr_accessor :labels
|
187
|
-
|
188
|
-
# Optional. The resource name of the workload. Format: organizations/`
|
189
|
-
# organization`/locations/`location`/workloads/`workload` Read-only.
|
190
|
-
# Corresponds to the JSON property `name`
|
191
|
-
# @return [String]
|
192
|
-
attr_accessor :name
|
193
|
-
|
194
|
-
# Input only. The parent resource for the resources managed by this Assured
|
195
|
-
# Workload. May be either empty or a folder resource which is a child of the
|
196
|
-
# Workload parent. If not specified all resources are created under the parent
|
197
|
-
# organization. Format: folders/`folder_id`
|
198
|
-
# Corresponds to the JSON property `provisionedResourcesParent`
|
199
|
-
# @return [String]
|
200
|
-
attr_accessor :provisioned_resources_parent
|
201
|
-
|
202
|
-
# Input only. Resource properties that are used to customize workload resources.
|
203
|
-
# These properties (such as custom project id) will be used to create workload
|
204
|
-
# resources if possible. This field is optional.
|
205
|
-
# Corresponds to the JSON property `resourceSettings`
|
206
|
-
# @return [Array<Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1WorkloadResourceSettings>]
|
207
|
-
attr_accessor :resource_settings
|
208
|
-
|
209
|
-
# Output only. The resources associated with this workload. These resources will
|
210
|
-
# be created when creating the workload. If any of the projects already exist,
|
211
|
-
# the workload creation will fail. Always read only.
|
212
|
-
# Corresponds to the JSON property `resources`
|
213
|
-
# @return [Array<Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1WorkloadResourceInfo>]
|
214
|
-
attr_accessor :resources
|
215
|
-
|
216
|
-
# Signed Access Approvals (SAA) enrollment response.
|
217
|
-
# Corresponds to the JSON property `saaEnrollmentResponse`
|
218
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse]
|
219
|
-
attr_accessor :saa_enrollment_response
|
220
|
-
|
221
58
|
def initialize(**args)
|
222
59
|
update!(**args)
|
223
60
|
end
|
224
61
|
|
225
62
|
# Update properties of this object
|
226
63
|
def update!(**args)
|
227
|
-
@billing_account = args[:billing_account] if args.key?(:billing_account)
|
228
|
-
@compliance_regime = args[:compliance_regime] if args.key?(:compliance_regime)
|
229
|
-
@compliant_but_disallowed_services = args[:compliant_but_disallowed_services] if args.key?(:compliant_but_disallowed_services)
|
230
|
-
@create_time = args[:create_time] if args.key?(:create_time)
|
231
|
-
@display_name = args[:display_name] if args.key?(:display_name)
|
232
|
-
@enable_sovereign_controls = args[:enable_sovereign_controls] if args.key?(:enable_sovereign_controls)
|
233
|
-
@etag = args[:etag] if args.key?(:etag)
|
234
|
-
@kaj_enrollment_state = args[:kaj_enrollment_state] if args.key?(:kaj_enrollment_state)
|
235
|
-
@kms_settings = args[:kms_settings] if args.key?(:kms_settings)
|
236
|
-
@labels = args[:labels] if args.key?(:labels)
|
237
|
-
@name = args[:name] if args.key?(:name)
|
238
|
-
@provisioned_resources_parent = args[:provisioned_resources_parent] if args.key?(:provisioned_resources_parent)
|
239
|
-
@resource_settings = args[:resource_settings] if args.key?(:resource_settings)
|
240
|
-
@resources = args[:resources] if args.key?(:resources)
|
241
|
-
@saa_enrollment_response = args[:saa_enrollment_response] if args.key?(:saa_enrollment_response)
|
242
|
-
end
|
243
|
-
end
|
244
|
-
|
245
|
-
# Settings specific to the Key Management Service.
|
246
|
-
class GoogleCloudAssuredworkloadsV1WorkloadKmsSettings
|
247
|
-
include Google::Apis::Core::Hashable
|
248
|
-
|
249
|
-
# Required. Input only. Immutable. The time at which the Key Management Service
|
250
|
-
# will automatically create a new version of the crypto key and mark it as the
|
251
|
-
# primary.
|
252
|
-
# Corresponds to the JSON property `nextRotationTime`
|
253
|
-
# @return [String]
|
254
|
-
attr_accessor :next_rotation_time
|
255
|
-
|
256
|
-
# Required. Input only. Immutable. [next_rotation_time] will be advanced by this
|
257
|
-
# period when the Key Management Service automatically rotates a key. Must be at
|
258
|
-
# least 24 hours and at most 876,000 hours.
|
259
|
-
# Corresponds to the JSON property `rotationPeriod`
|
260
|
-
# @return [String]
|
261
|
-
attr_accessor :rotation_period
|
262
|
-
|
263
|
-
def initialize(**args)
|
264
|
-
update!(**args)
|
265
|
-
end
|
266
|
-
|
267
|
-
# Update properties of this object
|
268
|
-
def update!(**args)
|
269
|
-
@next_rotation_time = args[:next_rotation_time] if args.key?(:next_rotation_time)
|
270
|
-
@rotation_period = args[:rotation_period] if args.key?(:rotation_period)
|
271
|
-
end
|
272
|
-
end
|
273
|
-
|
274
|
-
# Represent the resources that are children of this Workload.
|
275
|
-
class GoogleCloudAssuredworkloadsV1WorkloadResourceInfo
|
276
|
-
include Google::Apis::Core::Hashable
|
277
|
-
|
278
|
-
# Resource identifier. For a project this represents project_number.
|
279
|
-
# Corresponds to the JSON property `resourceId`
|
280
|
-
# @return [Fixnum]
|
281
|
-
attr_accessor :resource_id
|
282
|
-
|
283
|
-
# Indicates the type of resource.
|
284
|
-
# Corresponds to the JSON property `resourceType`
|
285
|
-
# @return [String]
|
286
|
-
attr_accessor :resource_type
|
287
|
-
|
288
|
-
def initialize(**args)
|
289
|
-
update!(**args)
|
290
|
-
end
|
291
|
-
|
292
|
-
# Update properties of this object
|
293
|
-
def update!(**args)
|
294
|
-
@resource_id = args[:resource_id] if args.key?(:resource_id)
|
295
|
-
@resource_type = args[:resource_type] if args.key?(:resource_type)
|
296
|
-
end
|
297
|
-
end
|
298
|
-
|
299
|
-
# Represent the custom settings for the resources to be created.
|
300
|
-
class GoogleCloudAssuredworkloadsV1WorkloadResourceSettings
|
301
|
-
include Google::Apis::Core::Hashable
|
302
|
-
|
303
|
-
# User-assigned resource display name. If not empty it will be used to create a
|
304
|
-
# resource with the specified name.
|
305
|
-
# Corresponds to the JSON property `displayName`
|
306
|
-
# @return [String]
|
307
|
-
attr_accessor :display_name
|
308
|
-
|
309
|
-
# Resource identifier. For a project this represents project_id. If the project
|
310
|
-
# is already taken, the workload creation will fail. For KeyRing, this
|
311
|
-
# represents the keyring_id. For a folder, don't set this value as folder_id is
|
312
|
-
# assigned by Google.
|
313
|
-
# Corresponds to the JSON property `resourceId`
|
314
|
-
# @return [String]
|
315
|
-
attr_accessor :resource_id
|
316
|
-
|
317
|
-
# Indicates the type of resource. This field should be specified to correspond
|
318
|
-
# the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT)
|
319
|
-
# Corresponds to the JSON property `resourceType`
|
320
|
-
# @return [String]
|
321
|
-
attr_accessor :resource_type
|
322
|
-
|
323
|
-
def initialize(**args)
|
324
|
-
update!(**args)
|
325
|
-
end
|
326
|
-
|
327
|
-
# Update properties of this object
|
328
|
-
def update!(**args)
|
329
|
-
@display_name = args[:display_name] if args.key?(:display_name)
|
330
|
-
@resource_id = args[:resource_id] if args.key?(:resource_id)
|
331
|
-
@resource_type = args[:resource_type] if args.key?(:resource_type)
|
332
|
-
end
|
333
|
-
end
|
334
|
-
|
335
|
-
# Signed Access Approvals (SAA) enrollment response.
|
336
|
-
class GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse
|
337
|
-
include Google::Apis::Core::Hashable
|
338
|
-
|
339
|
-
# Indicates SAA enrollment setup error if any.
|
340
|
-
# Corresponds to the JSON property `setupErrors`
|
341
|
-
# @return [Array<String>]
|
342
|
-
attr_accessor :setup_errors
|
343
|
-
|
344
|
-
# Indicates SAA enrollment status of a given workload.
|
345
|
-
# Corresponds to the JSON property `setupStatus`
|
346
|
-
# @return [String]
|
347
|
-
attr_accessor :setup_status
|
348
|
-
|
349
|
-
def initialize(**args)
|
350
|
-
update!(**args)
|
351
|
-
end
|
352
|
-
|
353
|
-
# Update properties of this object
|
354
|
-
def update!(**args)
|
355
|
-
@setup_errors = args[:setup_errors] if args.key?(:setup_errors)
|
356
|
-
@setup_status = args[:setup_status] if args.key?(:setup_status)
|
357
64
|
end
|
358
65
|
end
|
359
66
|
|
360
67
|
# Operation metadata to give request details of CreateWorkload.
|
361
|
-
class
|
68
|
+
class GoogleCloudAssuredworkloadsV1CreateWorkloadOperationMetadata
|
362
69
|
include Google::Apis::Core::Hashable
|
363
70
|
|
364
71
|
# Optional. Compliance controls that should be applied to the resources managed
|
@@ -382,12 +89,6 @@ module Google
|
|
382
89
|
# @return [String]
|
383
90
|
attr_accessor :parent
|
384
91
|
|
385
|
-
# Optional. Resource properties in the input that are used for creating/
|
386
|
-
# customizing workload resources.
|
387
|
-
# Corresponds to the JSON property `resourceSettings`
|
388
|
-
# @return [Array<Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1beta1WorkloadResourceSettings>]
|
389
|
-
attr_accessor :resource_settings
|
390
|
-
|
391
92
|
def initialize(**args)
|
392
93
|
update!(**args)
|
393
94
|
end
|
@@ -396,168 +97,24 @@ module Google
|
|
396
97
|
def update!(**args)
|
397
98
|
@compliance_regime = args[:compliance_regime] if args.key?(:compliance_regime)
|
398
99
|
@create_time = args[:create_time] if args.key?(:create_time)
|
399
|
-
@display_name = args[:display_name] if args.key?(:display_name)
|
400
|
-
@parent = args[:parent] if args.key?(:parent)
|
401
|
-
@resource_settings = args[:resource_settings] if args.key?(:resource_settings)
|
402
|
-
end
|
403
|
-
end
|
404
|
-
|
405
|
-
# An Workload object for managing highly regulated workloads of cloud customers.
|
406
|
-
class GoogleCloudAssuredworkloadsV1beta1Workload
|
407
|
-
include Google::Apis::Core::Hashable
|
408
|
-
|
409
|
-
# Optional. The billing account used for the resources which are direct children
|
410
|
-
# of workload. This billing account is initially associated with the resources
|
411
|
-
# created as part of Workload creation. After the initial creation of these
|
412
|
-
# resources, the customer can change the assigned billing account. The resource
|
413
|
-
# name has the form `billingAccounts/`billing_account_id``. For example, `
|
414
|
-
# billingAccounts/012345-567890-ABCDEF`.
|
415
|
-
# Corresponds to the JSON property `billingAccount`
|
416
|
-
# @return [String]
|
417
|
-
attr_accessor :billing_account
|
418
|
-
|
419
|
-
# Settings specific to resources needed for CJIS.
|
420
|
-
# Corresponds to the JSON property `cjisSettings`
|
421
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1beta1WorkloadCjisSettings]
|
422
|
-
attr_accessor :cjis_settings
|
423
|
-
|
424
|
-
# Required. Immutable. Compliance Regime associated with this workload.
|
425
|
-
# Corresponds to the JSON property `complianceRegime`
|
426
|
-
# @return [String]
|
427
|
-
attr_accessor :compliance_regime
|
428
|
-
|
429
|
-
# Output only. Urls for services which are compliant for this Assured Workload,
|
430
|
-
# but which are currently disallowed by the ResourceUsageRestriction org policy.
|
431
|
-
# Invoke RestrictAllowedResources endpoint to allow your project developers to
|
432
|
-
# use these services in their environment."
|
433
|
-
# Corresponds to the JSON property `compliantButDisallowedServices`
|
434
|
-
# @return [Array<String>]
|
435
|
-
attr_accessor :compliant_but_disallowed_services
|
436
|
-
|
437
|
-
# Output only. Immutable. The Workload creation timestamp.
|
438
|
-
# Corresponds to the JSON property `createTime`
|
439
|
-
# @return [String]
|
440
|
-
attr_accessor :create_time
|
441
|
-
|
442
|
-
# Required. The user-assigned display name of the Workload. When present it must
|
443
|
-
# be between 4 to 30 characters. Allowed characters are: lowercase and uppercase
|
444
|
-
# letters, numbers, hyphen, and spaces. Example: My Workload
|
445
|
-
# Corresponds to the JSON property `displayName`
|
446
|
-
# @return [String]
|
447
|
-
attr_accessor :display_name
|
448
|
-
|
449
|
-
# Optional. Indicates the sovereignty status of the given workload. Currently
|
450
|
-
# meant to be used by Europe/Canada customers.
|
451
|
-
# Corresponds to the JSON property `enableSovereignControls`
|
452
|
-
# @return [Boolean]
|
453
|
-
attr_accessor :enable_sovereign_controls
|
454
|
-
alias_method :enable_sovereign_controls?, :enable_sovereign_controls
|
455
|
-
|
456
|
-
# Optional. ETag of the workload, it is calculated on the basis of the Workload
|
457
|
-
# contents. It will be used in Update & Delete operations.
|
458
|
-
# Corresponds to the JSON property `etag`
|
459
|
-
# @return [String]
|
460
|
-
attr_accessor :etag
|
461
|
-
|
462
|
-
# Settings specific to resources needed for FedRAMP High.
|
463
|
-
# Corresponds to the JSON property `fedrampHighSettings`
|
464
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1beta1WorkloadFedrampHighSettings]
|
465
|
-
attr_accessor :fedramp_high_settings
|
466
|
-
|
467
|
-
# Settings specific to resources needed for FedRAMP Moderate.
|
468
|
-
# Corresponds to the JSON property `fedrampModerateSettings`
|
469
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1beta1WorkloadFedrampModerateSettings]
|
470
|
-
attr_accessor :fedramp_moderate_settings
|
471
|
-
|
472
|
-
# Settings specific to resources needed for IL4.
|
473
|
-
# Corresponds to the JSON property `il4Settings`
|
474
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1beta1WorkloadIl4Settings]
|
475
|
-
attr_accessor :il4_settings
|
476
|
-
|
477
|
-
# Output only. Represents the KAJ enrollment state of the given workload.
|
478
|
-
# Corresponds to the JSON property `kajEnrollmentState`
|
479
|
-
# @return [String]
|
480
|
-
attr_accessor :kaj_enrollment_state
|
481
|
-
|
482
|
-
# Settings specific to the Key Management Service.
|
483
|
-
# Corresponds to the JSON property `kmsSettings`
|
484
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1beta1WorkloadKmsSettings]
|
485
|
-
attr_accessor :kms_settings
|
486
|
-
|
487
|
-
# Optional. Labels applied to the workload.
|
488
|
-
# Corresponds to the JSON property `labels`
|
489
|
-
# @return [Hash<String,String>]
|
490
|
-
attr_accessor :labels
|
491
|
-
|
492
|
-
# Optional. The resource name of the workload. Format: organizations/`
|
493
|
-
# organization`/locations/`location`/workloads/`workload` Read-only.
|
494
|
-
# Corresponds to the JSON property `name`
|
495
|
-
# @return [String]
|
496
|
-
attr_accessor :name
|
497
|
-
|
498
|
-
# Input only. The parent resource for the resources managed by this Assured
|
499
|
-
# Workload. May be either empty or a folder resource which is a child of the
|
500
|
-
# Workload parent. If not specified all resources are created under the parent
|
501
|
-
# organization. Format: folders/`folder_id`
|
502
|
-
# Corresponds to the JSON property `provisionedResourcesParent`
|
503
|
-
# @return [String]
|
504
|
-
attr_accessor :provisioned_resources_parent
|
505
|
-
|
506
|
-
# Input only. Resource properties that are used to customize workload resources.
|
507
|
-
# These properties (such as custom project id) will be used to create workload
|
508
|
-
# resources if possible. This field is optional.
|
509
|
-
# Corresponds to the JSON property `resourceSettings`
|
510
|
-
# @return [Array<Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1beta1WorkloadResourceSettings>]
|
511
|
-
attr_accessor :resource_settings
|
512
|
-
|
513
|
-
# Output only. The resources associated with this workload. These resources will
|
514
|
-
# be created when creating the workload. If any of the projects already exist,
|
515
|
-
# the workload creation will fail. Always read only.
|
516
|
-
# Corresponds to the JSON property `resources`
|
517
|
-
# @return [Array<Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1beta1WorkloadResourceInfo>]
|
518
|
-
attr_accessor :resources
|
519
|
-
|
520
|
-
# Signed Access Approvals (SAA) enrollment response.
|
521
|
-
# Corresponds to the JSON property `saaEnrollmentResponse`
|
522
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1beta1WorkloadSaaEnrollmentResponse]
|
523
|
-
attr_accessor :saa_enrollment_response
|
524
|
-
|
525
|
-
def initialize(**args)
|
526
|
-
update!(**args)
|
527
|
-
end
|
528
|
-
|
529
|
-
# Update properties of this object
|
530
|
-
def update!(**args)
|
531
|
-
@billing_account = args[:billing_account] if args.key?(:billing_account)
|
532
|
-
@cjis_settings = args[:cjis_settings] if args.key?(:cjis_settings)
|
533
|
-
@compliance_regime = args[:compliance_regime] if args.key?(:compliance_regime)
|
534
|
-
@compliant_but_disallowed_services = args[:compliant_but_disallowed_services] if args.key?(:compliant_but_disallowed_services)
|
535
|
-
@create_time = args[:create_time] if args.key?(:create_time)
|
536
|
-
@display_name = args[:display_name] if args.key?(:display_name)
|
537
|
-
@enable_sovereign_controls = args[:enable_sovereign_controls] if args.key?(:enable_sovereign_controls)
|
538
|
-
@etag = args[:etag] if args.key?(:etag)
|
539
|
-
@fedramp_high_settings = args[:fedramp_high_settings] if args.key?(:fedramp_high_settings)
|
540
|
-
@fedramp_moderate_settings = args[:fedramp_moderate_settings] if args.key?(:fedramp_moderate_settings)
|
541
|
-
@il4_settings = args[:il4_settings] if args.key?(:il4_settings)
|
542
|
-
@kaj_enrollment_state = args[:kaj_enrollment_state] if args.key?(:kaj_enrollment_state)
|
543
|
-
@kms_settings = args[:kms_settings] if args.key?(:kms_settings)
|
544
|
-
@labels = args[:labels] if args.key?(:labels)
|
545
|
-
@name = args[:name] if args.key?(:name)
|
546
|
-
@provisioned_resources_parent = args[:provisioned_resources_parent] if args.key?(:provisioned_resources_parent)
|
547
|
-
@resource_settings = args[:resource_settings] if args.key?(:resource_settings)
|
548
|
-
@resources = args[:resources] if args.key?(:resources)
|
549
|
-
@saa_enrollment_response = args[:saa_enrollment_response] if args.key?(:saa_enrollment_response)
|
100
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
101
|
+
@parent = args[:parent] if args.key?(:parent)
|
550
102
|
end
|
551
103
|
end
|
552
104
|
|
553
|
-
#
|
554
|
-
class
|
105
|
+
# Response of ListViolations endpoint.
|
106
|
+
class GoogleCloudAssuredworkloadsV1ListViolationsResponse
|
555
107
|
include Google::Apis::Core::Hashable
|
556
108
|
|
557
|
-
#
|
558
|
-
# Corresponds to the JSON property `
|
559
|
-
# @return [
|
560
|
-
attr_accessor :
|
109
|
+
# The next page token. Returns empty if reached the last page.
|
110
|
+
# Corresponds to the JSON property `nextPageToken`
|
111
|
+
# @return [String]
|
112
|
+
attr_accessor :next_page_token
|
113
|
+
|
114
|
+
# List of Violations under a Workload.
|
115
|
+
# Corresponds to the JSON property `violations`
|
116
|
+
# @return [Array<Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1Violation>]
|
117
|
+
attr_accessor :violations
|
561
118
|
|
562
119
|
def initialize(**args)
|
563
120
|
update!(**args)
|
@@ -565,18 +122,24 @@ module Google
|
|
565
122
|
|
566
123
|
# Update properties of this object
|
567
124
|
def update!(**args)
|
568
|
-
@
|
125
|
+
@next_page_token = args[:next_page_token] if args.key?(:next_page_token)
|
126
|
+
@violations = args[:violations] if args.key?(:violations)
|
569
127
|
end
|
570
128
|
end
|
571
129
|
|
572
|
-
#
|
573
|
-
class
|
130
|
+
# Response of ListWorkloads endpoint.
|
131
|
+
class GoogleCloudAssuredworkloadsV1ListWorkloadsResponse
|
574
132
|
include Google::Apis::Core::Hashable
|
575
133
|
|
576
|
-
#
|
577
|
-
# Corresponds to the JSON property `
|
578
|
-
# @return [
|
579
|
-
attr_accessor :
|
134
|
+
# The next page token. Return empty if reached the last page.
|
135
|
+
# Corresponds to the JSON property `nextPageToken`
|
136
|
+
# @return [String]
|
137
|
+
attr_accessor :next_page_token
|
138
|
+
|
139
|
+
# List of Workloads under a given parent.
|
140
|
+
# Corresponds to the JSON property `workloads`
|
141
|
+
# @return [Array<Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1Workload>]
|
142
|
+
attr_accessor :workloads
|
580
143
|
|
581
144
|
def initialize(**args)
|
582
145
|
update!(**args)
|
@@ -584,18 +147,20 @@ module Google
|
|
584
147
|
|
585
148
|
# Update properties of this object
|
586
149
|
def update!(**args)
|
587
|
-
@
|
150
|
+
@next_page_token = args[:next_page_token] if args.key?(:next_page_token)
|
151
|
+
@workloads = args[:workloads] if args.key?(:workloads)
|
588
152
|
end
|
589
153
|
end
|
590
154
|
|
591
|
-
#
|
592
|
-
class
|
155
|
+
# Request for restricting list of available resources in Workload environment.
|
156
|
+
class GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesRequest
|
593
157
|
include Google::Apis::Core::Hashable
|
594
158
|
|
595
|
-
#
|
596
|
-
#
|
597
|
-
#
|
598
|
-
|
159
|
+
# Required. The type of restriction for using gcp products in the Workload
|
160
|
+
# environment.
|
161
|
+
# Corresponds to the JSON property `restrictionType`
|
162
|
+
# @return [String]
|
163
|
+
attr_accessor :restriction_type
|
599
164
|
|
600
165
|
def initialize(**args)
|
601
166
|
update!(**args)
|
@@ -603,46 +168,105 @@ module Google
|
|
603
168
|
|
604
169
|
# Update properties of this object
|
605
170
|
def update!(**args)
|
606
|
-
@
|
171
|
+
@restriction_type = args[:restriction_type] if args.key?(:restriction_type)
|
607
172
|
end
|
608
173
|
end
|
609
174
|
|
610
|
-
#
|
611
|
-
class
|
175
|
+
# Response for restricting the list of allowed resources.
|
176
|
+
class GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesResponse
|
612
177
|
include Google::Apis::Core::Hashable
|
613
178
|
|
614
|
-
# Settings specific to the Key Management Service.
|
615
|
-
# Corresponds to the JSON property `kmsSettings`
|
616
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1beta1WorkloadKmsSettings]
|
617
|
-
attr_accessor :kms_settings
|
618
|
-
|
619
179
|
def initialize(**args)
|
620
180
|
update!(**args)
|
621
181
|
end
|
622
182
|
|
623
183
|
# Update properties of this object
|
624
184
|
def update!(**args)
|
625
|
-
@kms_settings = args[:kms_settings] if args.key?(:kms_settings)
|
626
185
|
end
|
627
186
|
end
|
628
187
|
|
629
|
-
#
|
630
|
-
class
|
188
|
+
# Workload monitoring Violation.
|
189
|
+
class GoogleCloudAssuredworkloadsV1Violation
|
631
190
|
include Google::Apis::Core::Hashable
|
632
191
|
|
633
|
-
#
|
634
|
-
#
|
635
|
-
#
|
636
|
-
|
192
|
+
# A boolean that indicates if the violation is acknowledged
|
193
|
+
# Corresponds to the JSON property `acknowledged`
|
194
|
+
# @return [Boolean]
|
195
|
+
attr_accessor :acknowledged
|
196
|
+
alias_method :acknowledged?, :acknowledged
|
197
|
+
|
198
|
+
# Optional. Timestamp when this violation was acknowledged last. This will be
|
199
|
+
# absent when acknowledged field is marked as false.
|
200
|
+
# Corresponds to the JSON property `acknowledgementTime`
|
637
201
|
# @return [String]
|
638
|
-
attr_accessor :
|
202
|
+
attr_accessor :acknowledgement_time
|
639
203
|
|
640
|
-
#
|
641
|
-
#
|
642
|
-
#
|
643
|
-
# Corresponds to the JSON property `
|
204
|
+
# Output only. Immutable. Audit Log Link for violated resource Format: https://
|
205
|
+
# console.cloud.google.com/logs/query;query=`logName``protoPayload.resourceName``
|
206
|
+
# timeRange``folder`
|
207
|
+
# Corresponds to the JSON property `auditLogLink`
|
644
208
|
# @return [String]
|
645
|
-
attr_accessor :
|
209
|
+
attr_accessor :audit_log_link
|
210
|
+
|
211
|
+
# Output only. Time of the event which triggered the Violation.
|
212
|
+
# Corresponds to the JSON property `beginTime`
|
213
|
+
# @return [String]
|
214
|
+
attr_accessor :begin_time
|
215
|
+
|
216
|
+
# Output only. Category under which this violation is mapped. e.g. Location,
|
217
|
+
# Service Usage, Access, Encryption, etc.
|
218
|
+
# Corresponds to the JSON property `category`
|
219
|
+
# @return [String]
|
220
|
+
attr_accessor :category
|
221
|
+
|
222
|
+
# Output only. Description for the Violation. e.g. OrgPolicy gcp.
|
223
|
+
# resourceLocations has non compliant value.
|
224
|
+
# Corresponds to the JSON property `description`
|
225
|
+
# @return [String]
|
226
|
+
attr_accessor :description
|
227
|
+
|
228
|
+
# Output only. Immutable. Name of the Violation. Format: organizations/`
|
229
|
+
# organization`/locations/`location`/workloads/`workload_id`/violations/`
|
230
|
+
# violations_id`
|
231
|
+
# Corresponds to the JSON property `name`
|
232
|
+
# @return [String]
|
233
|
+
attr_accessor :name
|
234
|
+
|
235
|
+
# Output only. Immutable. Name of the OrgPolicy which was modified with non-
|
236
|
+
# compliant change and resulted this violation. Format: projects/`project_number`
|
237
|
+
# /policies/`constraint_name` folders/`folder_id`/policies/`constraint_name`
|
238
|
+
# organizations/`organization_id`/policies/`constraint_name`
|
239
|
+
# Corresponds to the JSON property `nonCompliantOrgPolicy`
|
240
|
+
# @return [String]
|
241
|
+
attr_accessor :non_compliant_org_policy
|
242
|
+
|
243
|
+
# Output only. Immutable. The org-policy-constraint that was incorrectly changed,
|
244
|
+
# which resulted in this violation.
|
245
|
+
# Corresponds to the JSON property `orgPolicyConstraint`
|
246
|
+
# @return [String]
|
247
|
+
attr_accessor :org_policy_constraint
|
248
|
+
|
249
|
+
# Represents remediation guidance to resolve compliance violation for
|
250
|
+
# AssuredWorkload
|
251
|
+
# Corresponds to the JSON property `remediation`
|
252
|
+
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1ViolationRemediation]
|
253
|
+
attr_accessor :remediation
|
254
|
+
|
255
|
+
# Output only. Time of the event which fixed the Violation. If the violation is
|
256
|
+
# ACTIVE this will be empty.
|
257
|
+
# Corresponds to the JSON property `resolveTime`
|
258
|
+
# @return [String]
|
259
|
+
attr_accessor :resolve_time
|
260
|
+
|
261
|
+
# Output only. State of the violation
|
262
|
+
# Corresponds to the JSON property `state`
|
263
|
+
# @return [String]
|
264
|
+
attr_accessor :state
|
265
|
+
|
266
|
+
# Output only. The last time when the Violation record was updated.
|
267
|
+
# Corresponds to the JSON property `updateTime`
|
268
|
+
# @return [String]
|
269
|
+
attr_accessor :update_time
|
646
270
|
|
647
271
|
def initialize(**args)
|
648
272
|
update!(**args)
|
@@ -650,24 +274,42 @@ module Google
|
|
650
274
|
|
651
275
|
# Update properties of this object
|
652
276
|
def update!(**args)
|
653
|
-
@
|
654
|
-
@
|
277
|
+
@acknowledged = args[:acknowledged] if args.key?(:acknowledged)
|
278
|
+
@acknowledgement_time = args[:acknowledgement_time] if args.key?(:acknowledgement_time)
|
279
|
+
@audit_log_link = args[:audit_log_link] if args.key?(:audit_log_link)
|
280
|
+
@begin_time = args[:begin_time] if args.key?(:begin_time)
|
281
|
+
@category = args[:category] if args.key?(:category)
|
282
|
+
@description = args[:description] if args.key?(:description)
|
283
|
+
@name = args[:name] if args.key?(:name)
|
284
|
+
@non_compliant_org_policy = args[:non_compliant_org_policy] if args.key?(:non_compliant_org_policy)
|
285
|
+
@org_policy_constraint = args[:org_policy_constraint] if args.key?(:org_policy_constraint)
|
286
|
+
@remediation = args[:remediation] if args.key?(:remediation)
|
287
|
+
@resolve_time = args[:resolve_time] if args.key?(:resolve_time)
|
288
|
+
@state = args[:state] if args.key?(:state)
|
289
|
+
@update_time = args[:update_time] if args.key?(:update_time)
|
655
290
|
end
|
656
291
|
end
|
657
292
|
|
658
|
-
#
|
659
|
-
|
293
|
+
# Represents remediation guidance to resolve compliance violation for
|
294
|
+
# AssuredWorkload
|
295
|
+
class GoogleCloudAssuredworkloadsV1ViolationRemediation
|
660
296
|
include Google::Apis::Core::Hashable
|
661
297
|
|
662
|
-
#
|
663
|
-
#
|
664
|
-
#
|
665
|
-
|
298
|
+
# Values that can resolve the violation For example: for list org policy
|
299
|
+
# violations, this will either be the list of allowed or denied values
|
300
|
+
# Corresponds to the JSON property `compliantValues`
|
301
|
+
# @return [Array<String>]
|
302
|
+
attr_accessor :compliant_values
|
666
303
|
|
667
|
-
#
|
668
|
-
# Corresponds to the JSON property `
|
304
|
+
# Instructions to remediate violation
|
305
|
+
# Corresponds to the JSON property `instructions`
|
306
|
+
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1ViolationRemediationInstructions]
|
307
|
+
attr_accessor :instructions
|
308
|
+
|
309
|
+
# Output only. Reemediation type based on the type of org policy values violated
|
310
|
+
# Corresponds to the JSON property `remediationType`
|
669
311
|
# @return [String]
|
670
|
-
attr_accessor :
|
312
|
+
attr_accessor :remediation_type
|
671
313
|
|
672
314
|
def initialize(**args)
|
673
315
|
update!(**args)
|
@@ -675,34 +317,25 @@ module Google
|
|
675
317
|
|
676
318
|
# Update properties of this object
|
677
319
|
def update!(**args)
|
678
|
-
@
|
679
|
-
@
|
320
|
+
@compliant_values = args[:compliant_values] if args.key?(:compliant_values)
|
321
|
+
@instructions = args[:instructions] if args.key?(:instructions)
|
322
|
+
@remediation_type = args[:remediation_type] if args.key?(:remediation_type)
|
680
323
|
end
|
681
324
|
end
|
682
325
|
|
683
|
-
#
|
684
|
-
class
|
326
|
+
# Instructions to remediate violation
|
327
|
+
class GoogleCloudAssuredworkloadsV1ViolationRemediationInstructions
|
685
328
|
include Google::Apis::Core::Hashable
|
686
329
|
|
687
|
-
#
|
688
|
-
#
|
689
|
-
#
|
690
|
-
|
691
|
-
attr_accessor :display_name
|
692
|
-
|
693
|
-
# Resource identifier. For a project this represents project_id. If the project
|
694
|
-
# is already taken, the workload creation will fail. For KeyRing, this
|
695
|
-
# represents the keyring_id. For a folder, don't set this value as folder_id is
|
696
|
-
# assigned by Google.
|
697
|
-
# Corresponds to the JSON property `resourceId`
|
698
|
-
# @return [String]
|
699
|
-
attr_accessor :resource_id
|
330
|
+
# Remediation instructions to resolve violation via cloud console
|
331
|
+
# Corresponds to the JSON property `consoleInstructions`
|
332
|
+
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsConsole]
|
333
|
+
attr_accessor :console_instructions
|
700
334
|
|
701
|
-
#
|
702
|
-
#
|
703
|
-
#
|
704
|
-
|
705
|
-
attr_accessor :resource_type
|
335
|
+
# Remediation instructions to resolve violation via gcloud cli
|
336
|
+
# Corresponds to the JSON property `gcloudInstructions`
|
337
|
+
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsGcloud]
|
338
|
+
attr_accessor :gcloud_instructions
|
706
339
|
|
707
340
|
def initialize(**args)
|
708
341
|
update!(**args)
|
@@ -710,25 +343,29 @@ module Google
|
|
710
343
|
|
711
344
|
# Update properties of this object
|
712
345
|
def update!(**args)
|
713
|
-
@
|
714
|
-
@
|
715
|
-
@resource_type = args[:resource_type] if args.key?(:resource_type)
|
346
|
+
@console_instructions = args[:console_instructions] if args.key?(:console_instructions)
|
347
|
+
@gcloud_instructions = args[:gcloud_instructions] if args.key?(:gcloud_instructions)
|
716
348
|
end
|
717
349
|
end
|
718
350
|
|
719
|
-
#
|
720
|
-
class
|
351
|
+
# Remediation instructions to resolve violation via cloud console
|
352
|
+
class GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsConsole
|
721
353
|
include Google::Apis::Core::Hashable
|
722
354
|
|
723
|
-
#
|
724
|
-
# Corresponds to the JSON property `
|
355
|
+
# Additional urls for more information about steps
|
356
|
+
# Corresponds to the JSON property `additionalLinks`
|
725
357
|
# @return [Array<String>]
|
726
|
-
attr_accessor :
|
358
|
+
attr_accessor :additional_links
|
727
359
|
|
728
|
-
#
|
729
|
-
# Corresponds to the JSON property `
|
730
|
-
# @return [String]
|
731
|
-
attr_accessor :
|
360
|
+
# Link to console page where violations can be resolved
|
361
|
+
# Corresponds to the JSON property `consoleUris`
|
362
|
+
# @return [Array<String>]
|
363
|
+
attr_accessor :console_uris
|
364
|
+
|
365
|
+
# Steps to resolve violation via cloud console
|
366
|
+
# Corresponds to the JSON property `steps`
|
367
|
+
# @return [Array<String>]
|
368
|
+
attr_accessor :steps
|
732
369
|
|
733
370
|
def initialize(**args)
|
734
371
|
update!(**args)
|
@@ -736,41 +373,30 @@ module Google
|
|
736
373
|
|
737
374
|
# Update properties of this object
|
738
375
|
def update!(**args)
|
739
|
-
@
|
740
|
-
@
|
376
|
+
@additional_links = args[:additional_links] if args.key?(:additional_links)
|
377
|
+
@console_uris = args[:console_uris] if args.key?(:console_uris)
|
378
|
+
@steps = args[:steps] if args.key?(:steps)
|
741
379
|
end
|
742
380
|
end
|
743
381
|
|
744
|
-
#
|
745
|
-
class
|
382
|
+
# Remediation instructions to resolve violation via gcloud cli
|
383
|
+
class GoogleCloudAssuredworkloadsV1ViolationRemediationInstructionsGcloud
|
746
384
|
include Google::Apis::Core::Hashable
|
747
385
|
|
748
|
-
#
|
749
|
-
#
|
750
|
-
#
|
751
|
-
|
752
|
-
attr_accessor :compliance_regime
|
753
|
-
|
754
|
-
# Optional. Time when the operation was created.
|
755
|
-
# Corresponds to the JSON property `createTime`
|
756
|
-
# @return [String]
|
757
|
-
attr_accessor :create_time
|
758
|
-
|
759
|
-
# Optional. The display name of the workload.
|
760
|
-
# Corresponds to the JSON property `displayName`
|
761
|
-
# @return [String]
|
762
|
-
attr_accessor :display_name
|
386
|
+
# Additional urls for more information about steps
|
387
|
+
# Corresponds to the JSON property `additionalLinks`
|
388
|
+
# @return [Array<String>]
|
389
|
+
attr_accessor :additional_links
|
763
390
|
|
764
|
-
#
|
765
|
-
# Corresponds to the JSON property `
|
766
|
-
# @return [String]
|
767
|
-
attr_accessor :
|
391
|
+
# Gcloud command to resolve violation
|
392
|
+
# Corresponds to the JSON property `gcloudCommands`
|
393
|
+
# @return [Array<String>]
|
394
|
+
attr_accessor :gcloud_commands
|
768
395
|
|
769
|
-
#
|
770
|
-
#
|
771
|
-
#
|
772
|
-
|
773
|
-
attr_accessor :resource_settings
|
396
|
+
# Steps to resolve violation via gcloud cli
|
397
|
+
# Corresponds to the JSON property `steps`
|
398
|
+
# @return [Array<String>]
|
399
|
+
attr_accessor :steps
|
774
400
|
|
775
401
|
def initialize(**args)
|
776
402
|
update!(**args)
|
@@ -778,16 +404,14 @@ module Google
|
|
778
404
|
|
779
405
|
# Update properties of this object
|
780
406
|
def update!(**args)
|
781
|
-
@
|
782
|
-
@
|
783
|
-
@
|
784
|
-
@parent = args[:parent] if args.key?(:parent)
|
785
|
-
@resource_settings = args[:resource_settings] if args.key?(:resource_settings)
|
407
|
+
@additional_links = args[:additional_links] if args.key?(:additional_links)
|
408
|
+
@gcloud_commands = args[:gcloud_commands] if args.key?(:gcloud_commands)
|
409
|
+
@steps = args[:steps] if args.key?(:steps)
|
786
410
|
end
|
787
411
|
end
|
788
412
|
|
789
413
|
# An Workload object for managing highly regulated workloads of cloud customers.
|
790
|
-
class
|
414
|
+
class GoogleCloudAssuredworkloadsV1Workload
|
791
415
|
include Google::Apis::Core::Hashable
|
792
416
|
|
793
417
|
# Optional. The billing account used for the resources which are direct children
|
@@ -800,21 +424,11 @@ module Google
|
|
800
424
|
# @return [String]
|
801
425
|
attr_accessor :billing_account
|
802
426
|
|
803
|
-
# Settings specific to resources needed for CJIS.
|
804
|
-
# Corresponds to the JSON property `cjisSettings`
|
805
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsVersioningV1mainWorkloadCjisSettings]
|
806
|
-
attr_accessor :cjis_settings
|
807
|
-
|
808
427
|
# Required. Immutable. Compliance Regime associated with this workload.
|
809
428
|
# Corresponds to the JSON property `complianceRegime`
|
810
429
|
# @return [String]
|
811
430
|
attr_accessor :compliance_regime
|
812
431
|
|
813
|
-
# Represents the Compliance Status of this workload
|
814
|
-
# Corresponds to the JSON property `complianceStatus`
|
815
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsVersioningV1mainWorkloadComplianceStatus]
|
816
|
-
attr_accessor :compliance_status
|
817
|
-
|
818
432
|
# Output only. Urls for services which are compliant for this Assured Workload,
|
819
433
|
# but which are currently disallowed by the ResourceUsageRestriction org policy.
|
820
434
|
# Invoke RestrictAllowedResources endpoint to allow your project developers to
|
@@ -848,21 +462,6 @@ module Google
|
|
848
462
|
# @return [String]
|
849
463
|
attr_accessor :etag
|
850
464
|
|
851
|
-
# Settings specific to resources needed for FedRAMP High.
|
852
|
-
# Corresponds to the JSON property `fedrampHighSettings`
|
853
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsVersioningV1mainWorkloadFedrampHighSettings]
|
854
|
-
attr_accessor :fedramp_high_settings
|
855
|
-
|
856
|
-
# Settings specific to resources needed for FedRAMP Moderate.
|
857
|
-
# Corresponds to the JSON property `fedrampModerateSettings`
|
858
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsVersioningV1mainWorkloadFedrampModerateSettings]
|
859
|
-
attr_accessor :fedramp_moderate_settings
|
860
|
-
|
861
|
-
# Settings specific to resources needed for IL4.
|
862
|
-
# Corresponds to the JSON property `il4Settings`
|
863
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsVersioningV1mainWorkloadIl4Settings]
|
864
|
-
attr_accessor :il4_settings
|
865
|
-
|
866
465
|
# Output only. Represents the KAJ enrollment state of the given workload.
|
867
466
|
# Corresponds to the JSON property `kajEnrollmentState`
|
868
467
|
# @return [String]
|
@@ -870,7 +469,7 @@ module Google
|
|
870
469
|
|
871
470
|
# Settings specific to the Key Management Service.
|
872
471
|
# Corresponds to the JSON property `kmsSettings`
|
873
|
-
# @return [Google::Apis::AssuredworkloadsV1::
|
472
|
+
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1WorkloadKmsSettings]
|
874
473
|
attr_accessor :kms_settings
|
875
474
|
|
876
475
|
# Optional. Labels applied to the workload.
|
@@ -884,6 +483,11 @@ module Google
|
|
884
483
|
# @return [String]
|
885
484
|
attr_accessor :name
|
886
485
|
|
486
|
+
# Optional. Compliance Regime associated with this workload.
|
487
|
+
# Corresponds to the JSON property `partner`
|
488
|
+
# @return [String]
|
489
|
+
attr_accessor :partner
|
490
|
+
|
887
491
|
# Input only. The parent resource for the resources managed by this Assured
|
888
492
|
# Workload. May be either empty or a folder resource which is a child of the
|
889
493
|
# Workload parent. If not specified all resources are created under the parent
|
@@ -896,19 +500,19 @@ module Google
|
|
896
500
|
# These properties (such as custom project id) will be used to create workload
|
897
501
|
# resources if possible. This field is optional.
|
898
502
|
# Corresponds to the JSON property `resourceSettings`
|
899
|
-
# @return [Array<Google::Apis::AssuredworkloadsV1::
|
503
|
+
# @return [Array<Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1WorkloadResourceSettings>]
|
900
504
|
attr_accessor :resource_settings
|
901
505
|
|
902
506
|
# Output only. The resources associated with this workload. These resources will
|
903
507
|
# be created when creating the workload. If any of the projects already exist,
|
904
508
|
# the workload creation will fail. Always read only.
|
905
509
|
# Corresponds to the JSON property `resources`
|
906
|
-
# @return [Array<Google::Apis::AssuredworkloadsV1::
|
510
|
+
# @return [Array<Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1WorkloadResourceInfo>]
|
907
511
|
attr_accessor :resources
|
908
512
|
|
909
513
|
# Signed Access Approvals (SAA) enrollment response.
|
910
514
|
# Corresponds to the JSON property `saaEnrollmentResponse`
|
911
|
-
# @return [Google::Apis::AssuredworkloadsV1::
|
515
|
+
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse]
|
912
516
|
attr_accessor :saa_enrollment_response
|
913
517
|
|
914
518
|
def initialize(**args)
|
@@ -918,21 +522,17 @@ module Google
|
|
918
522
|
# Update properties of this object
|
919
523
|
def update!(**args)
|
920
524
|
@billing_account = args[:billing_account] if args.key?(:billing_account)
|
921
|
-
@cjis_settings = args[:cjis_settings] if args.key?(:cjis_settings)
|
922
525
|
@compliance_regime = args[:compliance_regime] if args.key?(:compliance_regime)
|
923
|
-
@compliance_status = args[:compliance_status] if args.key?(:compliance_status)
|
924
526
|
@compliant_but_disallowed_services = args[:compliant_but_disallowed_services] if args.key?(:compliant_but_disallowed_services)
|
925
527
|
@create_time = args[:create_time] if args.key?(:create_time)
|
926
528
|
@display_name = args[:display_name] if args.key?(:display_name)
|
927
529
|
@enable_sovereign_controls = args[:enable_sovereign_controls] if args.key?(:enable_sovereign_controls)
|
928
530
|
@etag = args[:etag] if args.key?(:etag)
|
929
|
-
@fedramp_high_settings = args[:fedramp_high_settings] if args.key?(:fedramp_high_settings)
|
930
|
-
@fedramp_moderate_settings = args[:fedramp_moderate_settings] if args.key?(:fedramp_moderate_settings)
|
931
|
-
@il4_settings = args[:il4_settings] if args.key?(:il4_settings)
|
932
531
|
@kaj_enrollment_state = args[:kaj_enrollment_state] if args.key?(:kaj_enrollment_state)
|
933
532
|
@kms_settings = args[:kms_settings] if args.key?(:kms_settings)
|
934
533
|
@labels = args[:labels] if args.key?(:labels)
|
935
534
|
@name = args[:name] if args.key?(:name)
|
535
|
+
@partner = args[:partner] if args.key?(:partner)
|
936
536
|
@provisioned_resources_parent = args[:provisioned_resources_parent] if args.key?(:provisioned_resources_parent)
|
937
537
|
@resource_settings = args[:resource_settings] if args.key?(:resource_settings)
|
938
538
|
@resources = args[:resources] if args.key?(:resources)
|
@@ -940,109 +540,8 @@ module Google
|
|
940
540
|
end
|
941
541
|
end
|
942
542
|
|
943
|
-
# Settings specific to resources needed for CJIS.
|
944
|
-
class GoogleCloudAssuredworkloadsVersioningV1mainWorkloadCjisSettings
|
945
|
-
include Google::Apis::Core::Hashable
|
946
|
-
|
947
|
-
# Settings specific to the Key Management Service.
|
948
|
-
# Corresponds to the JSON property `kmsSettings`
|
949
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsVersioningV1mainWorkloadKmsSettings]
|
950
|
-
attr_accessor :kms_settings
|
951
|
-
|
952
|
-
def initialize(**args)
|
953
|
-
update!(**args)
|
954
|
-
end
|
955
|
-
|
956
|
-
# Update properties of this object
|
957
|
-
def update!(**args)
|
958
|
-
@kms_settings = args[:kms_settings] if args.key?(:kms_settings)
|
959
|
-
end
|
960
|
-
end
|
961
|
-
|
962
|
-
# Represents the Compliance Status of this workload
|
963
|
-
class GoogleCloudAssuredworkloadsVersioningV1mainWorkloadComplianceStatus
|
964
|
-
include Google::Apis::Core::Hashable
|
965
|
-
|
966
|
-
# Count of active Violations which are acknowledged in the Workload.
|
967
|
-
# Corresponds to the JSON property `acknowledgedViolationCount`
|
968
|
-
# @return [Fixnum]
|
969
|
-
attr_accessor :acknowledged_violation_count
|
970
|
-
|
971
|
-
# Count of active Violations which haven't been acknowledged.
|
972
|
-
# Corresponds to the JSON property `activeViolationCount`
|
973
|
-
# @return [Fixnum]
|
974
|
-
attr_accessor :active_violation_count
|
975
|
-
|
976
|
-
def initialize(**args)
|
977
|
-
update!(**args)
|
978
|
-
end
|
979
|
-
|
980
|
-
# Update properties of this object
|
981
|
-
def update!(**args)
|
982
|
-
@acknowledged_violation_count = args[:acknowledged_violation_count] if args.key?(:acknowledged_violation_count)
|
983
|
-
@active_violation_count = args[:active_violation_count] if args.key?(:active_violation_count)
|
984
|
-
end
|
985
|
-
end
|
986
|
-
|
987
|
-
# Settings specific to resources needed for FedRAMP High.
|
988
|
-
class GoogleCloudAssuredworkloadsVersioningV1mainWorkloadFedrampHighSettings
|
989
|
-
include Google::Apis::Core::Hashable
|
990
|
-
|
991
|
-
# Settings specific to the Key Management Service.
|
992
|
-
# Corresponds to the JSON property `kmsSettings`
|
993
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsVersioningV1mainWorkloadKmsSettings]
|
994
|
-
attr_accessor :kms_settings
|
995
|
-
|
996
|
-
def initialize(**args)
|
997
|
-
update!(**args)
|
998
|
-
end
|
999
|
-
|
1000
|
-
# Update properties of this object
|
1001
|
-
def update!(**args)
|
1002
|
-
@kms_settings = args[:kms_settings] if args.key?(:kms_settings)
|
1003
|
-
end
|
1004
|
-
end
|
1005
|
-
|
1006
|
-
# Settings specific to resources needed for FedRAMP Moderate.
|
1007
|
-
class GoogleCloudAssuredworkloadsVersioningV1mainWorkloadFedrampModerateSettings
|
1008
|
-
include Google::Apis::Core::Hashable
|
1009
|
-
|
1010
|
-
# Settings specific to the Key Management Service.
|
1011
|
-
# Corresponds to the JSON property `kmsSettings`
|
1012
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsVersioningV1mainWorkloadKmsSettings]
|
1013
|
-
attr_accessor :kms_settings
|
1014
|
-
|
1015
|
-
def initialize(**args)
|
1016
|
-
update!(**args)
|
1017
|
-
end
|
1018
|
-
|
1019
|
-
# Update properties of this object
|
1020
|
-
def update!(**args)
|
1021
|
-
@kms_settings = args[:kms_settings] if args.key?(:kms_settings)
|
1022
|
-
end
|
1023
|
-
end
|
1024
|
-
|
1025
|
-
# Settings specific to resources needed for IL4.
|
1026
|
-
class GoogleCloudAssuredworkloadsVersioningV1mainWorkloadIl4Settings
|
1027
|
-
include Google::Apis::Core::Hashable
|
1028
|
-
|
1029
|
-
# Settings specific to the Key Management Service.
|
1030
|
-
# Corresponds to the JSON property `kmsSettings`
|
1031
|
-
# @return [Google::Apis::AssuredworkloadsV1::GoogleCloudAssuredworkloadsVersioningV1mainWorkloadKmsSettings]
|
1032
|
-
attr_accessor :kms_settings
|
1033
|
-
|
1034
|
-
def initialize(**args)
|
1035
|
-
update!(**args)
|
1036
|
-
end
|
1037
|
-
|
1038
|
-
# Update properties of this object
|
1039
|
-
def update!(**args)
|
1040
|
-
@kms_settings = args[:kms_settings] if args.key?(:kms_settings)
|
1041
|
-
end
|
1042
|
-
end
|
1043
|
-
|
1044
543
|
# Settings specific to the Key Management Service.
|
1045
|
-
class
|
544
|
+
class GoogleCloudAssuredworkloadsV1WorkloadKmsSettings
|
1046
545
|
include Google::Apis::Core::Hashable
|
1047
546
|
|
1048
547
|
# Required. Input only. Immutable. The time at which the Key Management Service
|
@@ -1071,7 +570,7 @@ module Google
|
|
1071
570
|
end
|
1072
571
|
|
1073
572
|
# Represent the resources that are children of this Workload.
|
1074
|
-
class
|
573
|
+
class GoogleCloudAssuredworkloadsV1WorkloadResourceInfo
|
1075
574
|
include Google::Apis::Core::Hashable
|
1076
575
|
|
1077
576
|
# Resource identifier. For a project this represents project_number.
|
@@ -1096,7 +595,7 @@ module Google
|
|
1096
595
|
end
|
1097
596
|
|
1098
597
|
# Represent the custom settings for the resources to be created.
|
1099
|
-
class
|
598
|
+
class GoogleCloudAssuredworkloadsV1WorkloadResourceSettings
|
1100
599
|
include Google::Apis::Core::Hashable
|
1101
600
|
|
1102
601
|
# User-assigned resource display name. If not empty it will be used to create a
|
@@ -1132,7 +631,7 @@ module Google
|
|
1132
631
|
end
|
1133
632
|
|
1134
633
|
# Signed Access Approvals (SAA) enrollment response.
|
1135
|
-
class
|
634
|
+
class GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponse
|
1136
635
|
include Google::Apis::Core::Hashable
|
1137
636
|
|
1138
637
|
# Indicates SAA enrollment setup error if any.
|