google-apis-cloudasset_v1 0.58.0 → 0.59.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1fdefe7e18c6654d569638cae54a34ec8d4c5105b3ffd0b4512ea9826c08c053
4
- data.tar.gz: 260e95c05fc33702058600c9f58dd81e873e33f797b5e565042d7e3cb13edc5e
3
+ metadata.gz: 3547a26a28726490468cccddb7219aba4c5ee869f3efc08f93ea2d1573cbca83
4
+ data.tar.gz: 2d5bf2060ab06f0b7f8f3a2a740310b5b3193cc3428a78eaf14f577606e90caf
5
5
  SHA512:
6
- metadata.gz: dfff1bb558cbdaad1b60bbdc5c3c35b6266a71a759442bf05a429f4f565bab3845663ccd7bc82a2386e21966e83db2f57de94d6694bd42ef55726b1496503208
7
- data.tar.gz: ed7ef1f085dfd1d559cce257e3e9702901e1d1dc92f33f3af8b23a486aaa35d00bc25ef87a5caf75ba9b927c042846275c749356271b08e54c091267649ab20a
6
+ metadata.gz: '097bec98de51b52a3151299b858a794657ee40e70b1957cc5f42aab42a4a1a2633f9c5c2c7ff9089a19aee457731634425e211c0fd791f90248cc8d706d327bc'
7
+ data.tar.gz: 983468c68c93cae531d6db2c617846e08843fdcde49d31d175534ddad1cceb4e91cdbaee7c2f90fff69e00232a39de64a80708a3b4011cba36aa37beb120247b
data/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
1
  # Release history for google-apis-cloudasset_v1
2
2
 
3
+ ### v0.59.0 (2023-06-18)
4
+
5
+ * Regenerated from discovery document revision 20230609
6
+
3
7
  ### v0.58.0 (2023-05-21)
4
8
 
5
9
  * Regenerated from discovery document revision 20230513
@@ -928,32 +928,6 @@ module Google
928
928
  end
929
929
  end
930
930
 
931
- # A denied access contains details about an access tuple that is blocked by IAM
932
- # deny policies.
933
- class DeniedAccess
934
- include Google::Apis::Core::Hashable
935
-
936
- # An access tuple contains a tuple of a resource, an identity and an access.
937
- # Corresponds to the JSON property `deniedAccessTuple`
938
- # @return [Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessAccessTuple]
939
- attr_accessor :denied_access_tuple
940
-
941
- # The details about how denied_access_tuple is denied.
942
- # Corresponds to the JSON property `denyDetails`
943
- # @return [Array<Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessDenyDetail>]
944
- attr_accessor :deny_details
945
-
946
- def initialize(**args)
947
- update!(**args)
948
- end
949
-
950
- # Update properties of this object
951
- def update!(**args)
952
- @denied_access_tuple = args[:denied_access_tuple] if args.key?(:denied_access_tuple)
953
- @deny_details = args[:deny_details] if args.key?(:deny_details)
954
- end
955
- end
956
-
957
931
  # The effective IAM policies on one resource.
958
932
  class EffectiveIamPolicy
959
933
  include Google::Apis::Core::Hashable
@@ -1750,160 +1724,6 @@ module Google
1750
1724
  end
1751
1725
  end
1752
1726
 
1753
- # An IAM role or permission under analysis.
1754
- class GoogleCloudAssetV1DeniedAccessAccess
1755
- include Google::Apis::Core::Hashable
1756
-
1757
- # The IAM permission in [v1 format](https://cloud.google.com/iam/docs/
1758
- # permissions-reference)
1759
- # Corresponds to the JSON property `permission`
1760
- # @return [String]
1761
- attr_accessor :permission
1762
-
1763
- # The IAM role.
1764
- # Corresponds to the JSON property `role`
1765
- # @return [String]
1766
- attr_accessor :role
1767
-
1768
- def initialize(**args)
1769
- update!(**args)
1770
- end
1771
-
1772
- # Update properties of this object
1773
- def update!(**args)
1774
- @permission = args[:permission] if args.key?(:permission)
1775
- @role = args[:role] if args.key?(:role)
1776
- end
1777
- end
1778
-
1779
- # An access tuple contains a tuple of a resource, an identity and an access.
1780
- class GoogleCloudAssetV1DeniedAccessAccessTuple
1781
- include Google::Apis::Core::Hashable
1782
-
1783
- # An IAM role or permission under analysis.
1784
- # Corresponds to the JSON property `access`
1785
- # @return [Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessAccess]
1786
- attr_accessor :access
1787
-
1788
- # An identity under analysis.
1789
- # Corresponds to the JSON property `identity`
1790
- # @return [Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessIdentity]
1791
- attr_accessor :identity
1792
-
1793
- # A Google Cloud resource under analysis.
1794
- # Corresponds to the JSON property `resource`
1795
- # @return [Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessResource]
1796
- attr_accessor :resource
1797
-
1798
- def initialize(**args)
1799
- update!(**args)
1800
- end
1801
-
1802
- # Update properties of this object
1803
- def update!(**args)
1804
- @access = args[:access] if args.key?(:access)
1805
- @identity = args[:identity] if args.key?(:identity)
1806
- @resource = args[:resource] if args.key?(:resource)
1807
- end
1808
- end
1809
-
1810
- # A deny detail that explains which IAM deny rule denies the denied_access_tuple.
1811
- class GoogleCloudAssetV1DeniedAccessDenyDetail
1812
- include Google::Apis::Core::Hashable
1813
-
1814
- # The denied accesses. If this deny_rule fully denies the denied_access_tuple,
1815
- # this field will be same as AccessTuple.access. Otherwise, this field can
1816
- # contain AccessTuple.access and its descendant accesses, such as a subset of
1817
- # IAM permissions contained in an IAM role.
1818
- # Corresponds to the JSON property `accesses`
1819
- # @return [Array<Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessAccess>]
1820
- attr_accessor :accesses
1821
-
1822
- # A deny rule in an IAM deny policy.
1823
- # Corresponds to the JSON property `denyRule`
1824
- # @return [Google::Apis::CloudassetV1::GoogleIamV2DenyRule]
1825
- attr_accessor :deny_rule
1826
-
1827
- # Whether the deny_rule fully denies all access granted by the
1828
- # denied_access_tuple. `True` means the deny rule fully blocks the access tuple.
1829
- # `False` means the deny rule partially blocks the access tuple."
1830
- # Corresponds to the JSON property `fullyDenied`
1831
- # @return [Boolean]
1832
- attr_accessor :fully_denied
1833
- alias_method :fully_denied?, :fully_denied
1834
-
1835
- # If this deny_rule fully denies the denied_access_tuple, this field will be
1836
- # same as AccessTuple.identity. Otherwise, this field can contain AccessTuple.
1837
- # identity and its descendant identities, such as a subset of users in a group.
1838
- # Corresponds to the JSON property `identities`
1839
- # @return [Array<Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessIdentity>]
1840
- attr_accessor :identities
1841
-
1842
- # The resources that the identities are denied access to. If this deny_rule
1843
- # fully denies the denied_access_tuple, this field will be same as AccessTuple.
1844
- # resource. Otherwise, this field can contain AccessTuple.resource and its
1845
- # descendant resources.
1846
- # Corresponds to the JSON property `resources`
1847
- # @return [Array<Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessResource>]
1848
- attr_accessor :resources
1849
-
1850
- def initialize(**args)
1851
- update!(**args)
1852
- end
1853
-
1854
- # Update properties of this object
1855
- def update!(**args)
1856
- @accesses = args[:accesses] if args.key?(:accesses)
1857
- @deny_rule = args[:deny_rule] if args.key?(:deny_rule)
1858
- @fully_denied = args[:fully_denied] if args.key?(:fully_denied)
1859
- @identities = args[:identities] if args.key?(:identities)
1860
- @resources = args[:resources] if args.key?(:resources)
1861
- end
1862
- end
1863
-
1864
- # An identity under analysis.
1865
- class GoogleCloudAssetV1DeniedAccessIdentity
1866
- include Google::Apis::Core::Hashable
1867
-
1868
- # The identity of members, formatted as appear in an [IAM policy binding](https:/
1869
- # /cloud.google.com/iam/reference/rest/v1/Binding). For example, they might be
1870
- # formatted like the following: - user:foo@google.com - group:group1@google.com -
1871
- # serviceAccount:s1@prj1.iam.gserviceaccount.com - projectOwner:some_project_id
1872
- # - domain:google.com - allUsers
1873
- # Corresponds to the JSON property `name`
1874
- # @return [String]
1875
- attr_accessor :name
1876
-
1877
- def initialize(**args)
1878
- update!(**args)
1879
- end
1880
-
1881
- # Update properties of this object
1882
- def update!(**args)
1883
- @name = args[:name] if args.key?(:name)
1884
- end
1885
- end
1886
-
1887
- # A Google Cloud resource under analysis.
1888
- class GoogleCloudAssetV1DeniedAccessResource
1889
- include Google::Apis::Core::Hashable
1890
-
1891
- # The [full resource name](https://cloud.google.com/asset-inventory/docs/
1892
- # resource-name-format)
1893
- # Corresponds to the JSON property `fullResourceName`
1894
- # @return [String]
1895
- attr_accessor :full_resource_name
1896
-
1897
- def initialize(**args)
1898
- update!(**args)
1899
- end
1900
-
1901
- # Update properties of this object
1902
- def update!(**args)
1903
- @full_resource_name = args[:full_resource_name] if args.key?(:full_resource_name)
1904
- end
1905
- end
1906
-
1907
1727
  # A directional edge.
1908
1728
  class GoogleCloudAssetV1Edge
1909
1729
  include Google::Apis::Core::Hashable
@@ -2161,7 +1981,10 @@ module Google
2161
1981
  end
2162
1982
  end
2163
1983
 
2164
- # Represents a rule defined in an organization policy
1984
+ # This rule message is a customized version of the one defined in the
1985
+ # Organization Policy system. In addition to the fields defined in the original
1986
+ # organization policy, it contains additional field(s) under specific
1987
+ # circumstances to support analysis results.
2165
1988
  class GoogleCloudAssetV1Rule
2166
1989
  include Google::Apis::Core::Hashable
2167
1990
 
@@ -2848,101 +2671,6 @@ module Google
2848
2671
  end
2849
2672
  end
2850
2673
 
2851
- # A deny rule in an IAM deny policy.
2852
- class GoogleIamV2DenyRule
2853
- include Google::Apis::Core::Hashable
2854
-
2855
- # Represents a textual expression in the Common Expression Language (CEL) syntax.
2856
- # CEL is a C-like expression language. The syntax and semantics of CEL are
2857
- # documented at https://github.com/google/cel-spec. Example (Comparison): title:
2858
- # "Summary size limit" description: "Determines if a summary is less than 100
2859
- # chars" expression: "document.summary.size() < 100" Example (Equality): title: "
2860
- # Requestor is owner" description: "Determines if requestor is the document
2861
- # owner" expression: "document.owner == request.auth.claims.email" Example (
2862
- # Logic): title: "Public documents" description: "Determine whether the document
2863
- # should be publicly visible" expression: "document.type != 'private' &&
2864
- # document.type != 'internal'" Example (Data Manipulation): title: "Notification
2865
- # string" description: "Create a notification string with a timestamp."
2866
- # expression: "'New message received at ' + string(document.create_time)" The
2867
- # exact variables and functions that may be referenced within an expression are
2868
- # determined by the service that evaluates it. See the service documentation for
2869
- # additional information.
2870
- # Corresponds to the JSON property `denialCondition`
2871
- # @return [Google::Apis::CloudassetV1::Expr]
2872
- attr_accessor :denial_condition
2873
-
2874
- # The permissions that are explicitly denied by this rule. Each permission uses
2875
- # the format ``service_fqdn`/`resource`.`verb``, where ``service_fqdn`` is the
2876
- # fully qualified domain name for the service. For example, `iam.googleapis.com/
2877
- # roles.list`.
2878
- # Corresponds to the JSON property `deniedPermissions`
2879
- # @return [Array<String>]
2880
- attr_accessor :denied_permissions
2881
-
2882
- # The identities that are prevented from using one or more permissions on Google
2883
- # Cloud resources. This field can contain the following values: * `principalSet:/
2884
- # /goog/public:all`: A special identifier that represents any principal that is
2885
- # on the internet, even if they do not have a Google Account or are not logged
2886
- # in. * `principal://goog/subject/`email_id``: A specific Google Account.
2887
- # Includes Gmail, Cloud Identity, and Google Workspace user accounts. For
2888
- # example, `principal://goog/subject/alice@example.com`. * `deleted:principal://
2889
- # goog/subject/`email_id`?uid=`uid``: A specific Google Account that was deleted
2890
- # recently. For example, `deleted:principal://goog/subject/alice@example.com?uid=
2891
- # 1234567890`. If the Google Account is recovered, this identifier reverts to
2892
- # the standard identifier for a Google Account. * `principalSet://goog/group/`
2893
- # group_id``: A Google group. For example, `principalSet://goog/group/admins@
2894
- # example.com`. * `deleted:principalSet://goog/group/`group_id`?uid=`uid``: A
2895
- # Google group that was deleted recently. For example, `deleted:principalSet://
2896
- # goog/group/admins@example.com?uid=1234567890`. If the Google group is restored,
2897
- # this identifier reverts to the standard identifier for a Google group. * `
2898
- # principal://iam.googleapis.com/projects/-/serviceAccounts/`service_account_id``
2899
- # : A Google Cloud service account. For example, `principal://iam.googleapis.com/
2900
- # projects/-/serviceAccounts/my-service-account@iam.gserviceaccount.com`. * `
2901
- # deleted:principal://iam.googleapis.com/projects/-/serviceAccounts/`
2902
- # service_account_id`?uid=`uid``: A Google Cloud service account that was
2903
- # deleted recently. For example, `deleted:principal://iam.googleapis.com/
2904
- # projects/-/serviceAccounts/my-service-account@iam.gserviceaccount.com?uid=
2905
- # 1234567890`. If the service account is undeleted, this identifier reverts to
2906
- # the standard identifier for a service account. * `principalSet://goog/
2907
- # cloudIdentityCustomerId/`customer_id``: All of the principals associated with
2908
- # the specified Google Workspace or Cloud Identity customer ID. For example, `
2909
- # principalSet://goog/cloudIdentityCustomerId/C01Abc35`.
2910
- # Corresponds to the JSON property `deniedPrincipals`
2911
- # @return [Array<String>]
2912
- attr_accessor :denied_principals
2913
-
2914
- # Specifies the permissions that this rule excludes from the set of denied
2915
- # permissions given by `denied_permissions`. If a permission appears in `
2916
- # denied_permissions` _and_ in `exception_permissions` then it will _not_ be
2917
- # denied. The excluded permissions can be specified using the same syntax as `
2918
- # denied_permissions`.
2919
- # Corresponds to the JSON property `exceptionPermissions`
2920
- # @return [Array<String>]
2921
- attr_accessor :exception_permissions
2922
-
2923
- # The identities that are excluded from the deny rule, even if they are listed
2924
- # in the `denied_principals`. For example, you could add a Google group to the `
2925
- # denied_principals`, then exclude specific users who belong to that group. This
2926
- # field can contain the same values as the `denied_principals` field, excluding `
2927
- # principalSet://goog/public:all`, which represents all users on the internet.
2928
- # Corresponds to the JSON property `exceptionPrincipals`
2929
- # @return [Array<String>]
2930
- attr_accessor :exception_principals
2931
-
2932
- def initialize(**args)
2933
- update!(**args)
2934
- end
2935
-
2936
- # Update properties of this object
2937
- def update!(**args)
2938
- @denial_condition = args[:denial_condition] if args.key?(:denial_condition)
2939
- @denied_permissions = args[:denied_permissions] if args.key?(:denied_permissions)
2940
- @denied_principals = args[:denied_principals] if args.key?(:denied_principals)
2941
- @exception_permissions = args[:exception_permissions] if args.key?(:exception_permissions)
2942
- @exception_principals = args[:exception_principals] if args.key?(:exception_principals)
2943
- end
2944
- end
2945
-
2946
2674
  # An `AccessLevel` is a label that can be applied to requests to Google Cloud
2947
2675
  # services, along with a list of requirements necessary for the label to be
2948
2676
  # applied.
@@ -3816,14 +3544,6 @@ module Google
3816
3544
  # @return [Array<Google::Apis::CloudassetV1::IamPolicyAnalysisResult>]
3817
3545
  attr_accessor :analysis_results
3818
3546
 
3819
- # A list of DeniedAccess, which contains all access tuples in the
3820
- # analysis_results that are denied by IAM deny policies. If no access tuples are
3821
- # denied, the list is empty. This is only populated when IamPolicyAnalysisQuery.
3822
- # Options.include_deny_policy_analysis is true.
3823
- # Corresponds to the JSON property `deniedAccesses`
3824
- # @return [Array<Google::Apis::CloudassetV1::DeniedAccess>]
3825
- attr_accessor :denied_accesses
3826
-
3827
3547
  # Represents whether all entries in the analysis_results have been fully
3828
3548
  # explored to answer the query.
3829
3549
  # Corresponds to the JSON property `fullyExplored`
@@ -3844,7 +3564,6 @@ module Google
3844
3564
  def update!(**args)
3845
3565
  @analysis_query = args[:analysis_query] if args.key?(:analysis_query)
3846
3566
  @analysis_results = args[:analysis_results] if args.key?(:analysis_results)
3847
- @denied_accesses = args[:denied_accesses] if args.key?(:denied_accesses)
3848
3567
  @fully_explored = args[:fully_explored] if args.key?(:fully_explored)
3849
3568
  @non_critical_errors = args[:non_critical_errors] if args.key?(:non_critical_errors)
3850
3569
  end
@@ -4538,13 +4257,6 @@ module Google
4538
4257
  attr_accessor :expand_roles
4539
4258
  alias_method :expand_roles?, :expand_roles
4540
4259
 
4541
- # Optional. If true, the response includes deny policy analysis results, and you
4542
- # can see which access tuples are denied. Default is false.
4543
- # Corresponds to the JSON property `includeDenyPolicyAnalysis`
4544
- # @return [Boolean]
4545
- attr_accessor :include_deny_policy_analysis
4546
- alias_method :include_deny_policy_analysis?, :include_deny_policy_analysis
4547
-
4548
4260
  # Optional. If true, the result will output the relevant membership
4549
4261
  # relationships between groups and other groups, and between groups and
4550
4262
  # principals. Default is false.
@@ -4570,7 +4282,6 @@ module Google
4570
4282
  @expand_groups = args[:expand_groups] if args.key?(:expand_groups)
4571
4283
  @expand_resources = args[:expand_resources] if args.key?(:expand_resources)
4572
4284
  @expand_roles = args[:expand_roles] if args.key?(:expand_roles)
4573
- @include_deny_policy_analysis = args[:include_deny_policy_analysis] if args.key?(:include_deny_policy_analysis)
4574
4285
  @output_group_edges = args[:output_group_edges] if args.key?(:output_group_edges)
4575
4286
  @output_resource_edges = args[:output_resource_edges] if args.key?(:output_resource_edges)
4576
4287
  end
@@ -16,13 +16,13 @@ module Google
16
16
  module Apis
17
17
  module CloudassetV1
18
18
  # Version of the google-apis-cloudasset_v1 gem
19
- GEM_VERSION = "0.58.0"
19
+ GEM_VERSION = "0.59.0"
20
20
 
21
21
  # Version of the code generator used to generate this client
22
22
  GENERATOR_VERSION = "0.12.0"
23
23
 
24
24
  # Revision of the discovery document this client was generated from
25
- REVISION = "20230513"
25
+ REVISION = "20230609"
26
26
  end
27
27
  end
28
28
  end
@@ -160,12 +160,6 @@ module Google
160
160
  include Google::Apis::Core::JsonObjectSupport
161
161
  end
162
162
 
163
- class DeniedAccess
164
- class Representation < Google::Apis::Core::JsonRepresentation; end
165
-
166
- include Google::Apis::Core::JsonObjectSupport
167
- end
168
-
169
163
  class EffectiveIamPolicy
170
164
  class Representation < Google::Apis::Core::JsonRepresentation; end
171
165
 
@@ -268,36 +262,6 @@ module Google
268
262
  include Google::Apis::Core::JsonObjectSupport
269
263
  end
270
264
 
271
- class GoogleCloudAssetV1DeniedAccessAccess
272
- class Representation < Google::Apis::Core::JsonRepresentation; end
273
-
274
- include Google::Apis::Core::JsonObjectSupport
275
- end
276
-
277
- class GoogleCloudAssetV1DeniedAccessAccessTuple
278
- class Representation < Google::Apis::Core::JsonRepresentation; end
279
-
280
- include Google::Apis::Core::JsonObjectSupport
281
- end
282
-
283
- class GoogleCloudAssetV1DeniedAccessDenyDetail
284
- class Representation < Google::Apis::Core::JsonRepresentation; end
285
-
286
- include Google::Apis::Core::JsonObjectSupport
287
- end
288
-
289
- class GoogleCloudAssetV1DeniedAccessIdentity
290
- class Representation < Google::Apis::Core::JsonRepresentation; end
291
-
292
- include Google::Apis::Core::JsonObjectSupport
293
- end
294
-
295
- class GoogleCloudAssetV1DeniedAccessResource
296
- class Representation < Google::Apis::Core::JsonRepresentation; end
297
-
298
- include Google::Apis::Core::JsonObjectSupport
299
- end
300
-
301
265
  class GoogleCloudAssetV1Edge
302
266
  class Representation < Google::Apis::Core::JsonRepresentation; end
303
267
 
@@ -412,12 +376,6 @@ module Google
412
376
  include Google::Apis::Core::JsonObjectSupport
413
377
  end
414
378
 
415
- class GoogleIamV2DenyRule
416
- class Representation < Google::Apis::Core::JsonRepresentation; end
417
-
418
- include Google::Apis::Core::JsonObjectSupport
419
- end
420
-
421
379
  class GoogleIdentityAccesscontextmanagerV1AccessLevel
422
380
  class Representation < Google::Apis::Core::JsonRepresentation; end
423
381
 
@@ -1092,16 +1050,6 @@ module Google
1092
1050
  end
1093
1051
  end
1094
1052
 
1095
- class DeniedAccess
1096
- # @private
1097
- class Representation < Google::Apis::Core::JsonRepresentation
1098
- property :denied_access_tuple, as: 'deniedAccessTuple', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessAccessTuple, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessAccessTuple::Representation
1099
-
1100
- collection :deny_details, as: 'denyDetails', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessDenyDetail, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessDenyDetail::Representation
1101
-
1102
- end
1103
- end
1104
-
1105
1053
  class EffectiveIamPolicy
1106
1054
  # @private
1107
1055
  class Representation < Google::Apis::Core::JsonRepresentation
@@ -1282,55 +1230,6 @@ module Google
1282
1230
  end
1283
1231
  end
1284
1232
 
1285
- class GoogleCloudAssetV1DeniedAccessAccess
1286
- # @private
1287
- class Representation < Google::Apis::Core::JsonRepresentation
1288
- property :permission, as: 'permission'
1289
- property :role, as: 'role'
1290
- end
1291
- end
1292
-
1293
- class GoogleCloudAssetV1DeniedAccessAccessTuple
1294
- # @private
1295
- class Representation < Google::Apis::Core::JsonRepresentation
1296
- property :access, as: 'access', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessAccess, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessAccess::Representation
1297
-
1298
- property :identity, as: 'identity', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessIdentity, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessIdentity::Representation
1299
-
1300
- property :resource, as: 'resource', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessResource, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessResource::Representation
1301
-
1302
- end
1303
- end
1304
-
1305
- class GoogleCloudAssetV1DeniedAccessDenyDetail
1306
- # @private
1307
- class Representation < Google::Apis::Core::JsonRepresentation
1308
- collection :accesses, as: 'accesses', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessAccess, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessAccess::Representation
1309
-
1310
- property :deny_rule, as: 'denyRule', class: Google::Apis::CloudassetV1::GoogleIamV2DenyRule, decorator: Google::Apis::CloudassetV1::GoogleIamV2DenyRule::Representation
1311
-
1312
- property :fully_denied, as: 'fullyDenied'
1313
- collection :identities, as: 'identities', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessIdentity, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessIdentity::Representation
1314
-
1315
- collection :resources, as: 'resources', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessResource, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1DeniedAccessResource::Representation
1316
-
1317
- end
1318
- end
1319
-
1320
- class GoogleCloudAssetV1DeniedAccessIdentity
1321
- # @private
1322
- class Representation < Google::Apis::Core::JsonRepresentation
1323
- property :name, as: 'name'
1324
- end
1325
- end
1326
-
1327
- class GoogleCloudAssetV1DeniedAccessResource
1328
- # @private
1329
- class Representation < Google::Apis::Core::JsonRepresentation
1330
- property :full_resource_name, as: 'fullResourceName'
1331
- end
1332
- end
1333
-
1334
1233
  class GoogleCloudAssetV1Edge
1335
1234
  # @private
1336
1235
  class Representation < Google::Apis::Core::JsonRepresentation
@@ -1530,18 +1429,6 @@ module Google
1530
1429
  end
1531
1430
  end
1532
1431
 
1533
- class GoogleIamV2DenyRule
1534
- # @private
1535
- class Representation < Google::Apis::Core::JsonRepresentation
1536
- property :denial_condition, as: 'denialCondition', class: Google::Apis::CloudassetV1::Expr, decorator: Google::Apis::CloudassetV1::Expr::Representation
1537
-
1538
- collection :denied_permissions, as: 'deniedPermissions'
1539
- collection :denied_principals, as: 'deniedPrincipals'
1540
- collection :exception_permissions, as: 'exceptionPermissions'
1541
- collection :exception_principals, as: 'exceptionPrincipals'
1542
- end
1543
- end
1544
-
1545
1432
  class GoogleIdentityAccesscontextmanagerV1AccessLevel
1546
1433
  # @private
1547
1434
  class Representation < Google::Apis::Core::JsonRepresentation
@@ -1745,8 +1632,6 @@ module Google
1745
1632
 
1746
1633
  collection :analysis_results, as: 'analysisResults', class: Google::Apis::CloudassetV1::IamPolicyAnalysisResult, decorator: Google::Apis::CloudassetV1::IamPolicyAnalysisResult::Representation
1747
1634
 
1748
- collection :denied_accesses, as: 'deniedAccesses', class: Google::Apis::CloudassetV1::DeniedAccess, decorator: Google::Apis::CloudassetV1::DeniedAccess::Representation
1749
-
1750
1635
  property :fully_explored, as: 'fullyExplored'
1751
1636
  collection :non_critical_errors, as: 'nonCriticalErrors', class: Google::Apis::CloudassetV1::IamPolicyAnalysisState, decorator: Google::Apis::CloudassetV1::IamPolicyAnalysisState::Representation
1752
1637
 
@@ -1925,7 +1810,6 @@ module Google
1925
1810
  property :expand_groups, as: 'expandGroups'
1926
1811
  property :expand_resources, as: 'expandResources'
1927
1812
  property :expand_roles, as: 'expandRoles'
1928
- property :include_deny_policy_analysis, as: 'includeDenyPolicyAnalysis'
1929
1813
  property :output_group_edges, as: 'outputGroupEdges'
1930
1814
  property :output_resource_edges, as: 'outputResourceEdges'
1931
1815
  end
@@ -656,9 +656,6 @@ module Google
656
656
  # IamPolicyAnalysisQuery.access_selector is specified, the access section of the
657
657
  # result will be determined by the selector, and this flag is not allowed to set.
658
658
  # Default is false.
659
- # @param [Boolean] analysis_query_options_include_deny_policy_analysis
660
- # Optional. If true, the response includes deny policy analysis results, and you
661
- # can see which access tuples are denied. Default is false.
662
659
  # @param [Boolean] analysis_query_options_output_group_edges
663
660
  # Optional. If true, the result will output the relevant membership
664
661
  # relationships between groups and other groups, and between groups and
@@ -708,7 +705,7 @@ module Google
708
705
  # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
709
706
  # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
710
707
  # @raise [Google::Apis::AuthorizationError] Authorization is required
711
- def analyze_iam_policy(scope, analysis_query_access_selector_permissions: nil, analysis_query_access_selector_roles: nil, analysis_query_condition_context_access_time: nil, analysis_query_identity_selector_identity: nil, analysis_query_options_analyze_service_account_impersonation: nil, analysis_query_options_expand_groups: nil, analysis_query_options_expand_resources: nil, analysis_query_options_expand_roles: nil, analysis_query_options_include_deny_policy_analysis: nil, analysis_query_options_output_group_edges: nil, analysis_query_options_output_resource_edges: nil, analysis_query_resource_selector_full_resource_name: nil, execution_timeout: nil, saved_analysis_query: nil, fields: nil, quota_user: nil, options: nil, &block)
708
+ def analyze_iam_policy(scope, analysis_query_access_selector_permissions: nil, analysis_query_access_selector_roles: nil, analysis_query_condition_context_access_time: nil, analysis_query_identity_selector_identity: nil, analysis_query_options_analyze_service_account_impersonation: nil, analysis_query_options_expand_groups: nil, analysis_query_options_expand_resources: nil, analysis_query_options_expand_roles: nil, analysis_query_options_output_group_edges: nil, analysis_query_options_output_resource_edges: nil, analysis_query_resource_selector_full_resource_name: nil, execution_timeout: nil, saved_analysis_query: nil, fields: nil, quota_user: nil, options: nil, &block)
712
709
  command = make_simple_command(:get, 'v1/{+scope}:analyzeIamPolicy', options)
713
710
  command.response_representation = Google::Apis::CloudassetV1::AnalyzeIamPolicyResponse::Representation
714
711
  command.response_class = Google::Apis::CloudassetV1::AnalyzeIamPolicyResponse
@@ -721,7 +718,6 @@ module Google
721
718
  command.query['analysisQuery.options.expandGroups'] = analysis_query_options_expand_groups unless analysis_query_options_expand_groups.nil?
722
719
  command.query['analysisQuery.options.expandResources'] = analysis_query_options_expand_resources unless analysis_query_options_expand_resources.nil?
723
720
  command.query['analysisQuery.options.expandRoles'] = analysis_query_options_expand_roles unless analysis_query_options_expand_roles.nil?
724
- command.query['analysisQuery.options.includeDenyPolicyAnalysis'] = analysis_query_options_include_deny_policy_analysis unless analysis_query_options_include_deny_policy_analysis.nil?
725
721
  command.query['analysisQuery.options.outputGroupEdges'] = analysis_query_options_output_group_edges unless analysis_query_options_output_group_edges.nil?
726
722
  command.query['analysisQuery.options.outputResourceEdges'] = analysis_query_options_output_resource_edges unless analysis_query_options_output_resource_edges.nil?
727
723
  command.query['analysisQuery.resourceSelector.fullResourceName'] = analysis_query_resource_selector_full_resource_name unless analysis_query_resource_selector_full_resource_name.nil?
@@ -1346,19 +1342,19 @@ module Google
1346
1342
  # Important" as a word in any of the searchable fields and are also located in
1347
1343
  # the "us-west1" region or the "global" location.
1348
1344
  # @param [String] read_mask
1349
- # Optional. A comma-separated list of fields specifying which fields to be
1350
- # returned in ResourceSearchResult. Only '*' or combination of top level fields
1351
- # can be specified. Field names of both snake_case and camelCase are supported.
1352
- # Examples: `"*"`, `"name,location"`, `"name,versionedResources"`. The read_mask
1353
- # paths must be valid field paths listed but not limited to (both snake_case and
1354
- # camelCase are supported): * name * assetType * project * displayName *
1355
- # description * location * tagKeys * tagValues * tagValueIds * labels *
1356
- # networkTags * kmsKey (This field is deprecated. Please use the `kmsKeys` field
1357
- # to retrieve Cloud KMS key information.) * kmsKeys * createTime * updateTime *
1358
- # state * additionalAttributes * versionedResources If read_mask is not
1359
- # specified, all fields except versionedResources will be returned. If only '*'
1360
- # is specified, all fields including versionedResources will be returned. Any
1361
- # invalid field path will trigger INVALID_ARGUMENT error.
1345
+ # Optional. A comma-separated list of fields that you want returned in the
1346
+ # results. The following fields are returned by default if not specified: * `
1347
+ # name` * `assetType` * `project` * `folders` * `organization` * `displayName` *
1348
+ # `description` * `location` * `labels` * `networkTags` * `kmsKeys` * `
1349
+ # createTime` * `updateTime` * `state` * `additionalAttributes` * `
1350
+ # parentFullResourceName` * `parentAssetType` Some fields of large size, such as
1351
+ # `versionedResources` and `attachedResources`, are not returned by default, but
1352
+ # you can specify them in the `read_mask` parameter if you want to include them.
1353
+ # If `"*"` is specified, all [available fields](https://cloud.google.com/asset-
1354
+ # inventory/docs/reference/rest/v1/TopLevel/searchAllResources#
1355
+ # resourcesearchresult) are returned. Examples: `"name,location"`, `"name,
1356
+ # versionedResources"`, `"*"`. Any invalid field path will trigger
1357
+ # INVALID_ARGUMENT error.
1362
1358
  # @param [String] fields
1363
1359
  # Selector specifying which fields to include in a partial response.
1364
1360
  # @param [String] quota_user
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-apis-cloudasset_v1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.58.0
4
+ version: 0.59.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-05-21 00:00:00.000000000 Z
11
+ date: 2023-06-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: google-apis-core
@@ -58,7 +58,7 @@ licenses:
58
58
  metadata:
59
59
  bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
60
60
  changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudasset_v1/CHANGELOG.md
61
- documentation_uri: https://googleapis.dev/ruby/google-apis-cloudasset_v1/v0.58.0
61
+ documentation_uri: https://googleapis.dev/ruby/google-apis-cloudasset_v1/v0.59.0
62
62
  source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudasset_v1
63
63
  post_install_message:
64
64
  rdoc_options: []