google-apis-cloudasset_v1 0.62.0 → 0.64.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e035c81e3258e51a5a1ba2e87c562a3d540b10bf80508f57d24f3b48b729eb54
-  data.tar.gz: e552e512b420cd381be4a36072de4fa75a1d900324d4d79f04741d9ab5788ef0
+  metadata.gz: 383761e6d51de1f3784b4f44e82b89e517e93db9145d9f2faa0af3ceaf2f97fe
+  data.tar.gz: 54024f464e6ce6e51b6e7e829f91aea0c75581458b7d071cd81c8845a8fa5126
 SHA512:
-  metadata.gz: 7fc141d149bedb530102eee38ea44ba82c92d5f11cab30ff1cc3f23bd081fbe807f5784bbed070f27626685d5317b111d653c1871a77ff70ffb11ee179d0bf42
-  data.tar.gz: 7ce98f77aa1aaf113e03e40fb7f94c5b43499be69134133577ae267a53d356cf7f9a7db29ddc0af9baffe27e2a59febe91827183af261fc93b609749aa07225b
+  metadata.gz: 2345a838d99b0a32f6773191bd9dda45d7649188bf06aa2d4e837156d84453f7c6b7d10a4df55e0d9d6e89d40309966699bb472ecd9f3f4abfd20d19a3295d9b
+  data.tar.gz: 78a490543d93b7df228aca1ca3ac70c906f849f9a6051f30fe99a5801f7ff381fe094121d4bb2a51469b66fe9c7a071c3636fb3ae2c646a98f8fa189f17871c9

data/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Release history for google-apis-cloudasset_v1
 
+### v0.64.0 (2023-09-17)
+
+* Regenerated from discovery document revision 20230908
+
+### v0.63.0 (2023-09-10)
+
+* Regenerated from discovery document revision 20230902
+
 ### v0.62.0 (2023-08-13)
 
 * Regenerated from discovery document revision 20230805

data/lib/google/apis/cloudasset_v1/classes.rb

@@ -2749,17 +2749,16 @@ module Google
         # @return [String]
         attr_accessor :parent
       
-        # The scopes of a policy define which resources an ACM policy can restrict, and
-        # where ACM resources can be referenced. For example, a policy with scopes=["
-        # folders/123"] has the following behavior: - vpcsc perimeters can only restrict
-        # projects within folders/123 - access levels can only be referenced by
-        # resources within folders/123. If empty, there are no limitations on which
-        # resources can be restricted by an ACM policy, and there are no limitations on
-        # where ACM resources can be referenced. Only one policy can include a given
-        # scope (attempting to create a second policy which includes "folders/123" will
-        # result in an error). Currently, scopes cannot be modified after a policy is
-        # created. Currently, policies can only have a single scope. Format: list of `
-        # folders/`folder_number`` or `projects/`project_number``
+        # The scopes of the AccessPolicy. Scopes define which resources a policy can
+        # restrict and where its resources can be referenced. For example, policy A with
+        # `scopes=["folders/123"]` has the following behavior: - ServicePerimeter can
+        # only restrict projects within `folders/123`. - ServicePerimeter within policy
+        # A can only reference access levels defined within policy A. - Only one policy
+        # can include a given scope; thus, attempting to create a second policy which
+        # includes `folders/123` will result in an error. If no scopes are provided,
+        # then any resource within the organization can be restricted. Scopes cannot be
+        # modified after a policy is created. Policies can only have a single scope.
+        # Format: list of `folders/`folder_number`` or `projects/`project_number``
         # Corresponds to the JSON property `scopes`
         # @return [Array<String>]
         attr_accessor :scopes
@@ -2902,6 +2901,12 @@ module Google
         # @return [Array<String>]
         attr_accessor :required_access_levels
       
+        # The request must originate from one of the provided VPC networks in Google
+        # Cloud. Cannot specify this field together with `ip_subnetworks`.
+        # Corresponds to the JSON property `vpcNetworkSources`
+        # @return [Array<Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1VpcNetworkSource>]
+        attr_accessor :vpc_network_sources
+      
         def initialize(**args)
            update!(**args)
         end
@@ -2914,6 +2919,7 @@ module Google
           @negate = args[:negate] if args.key?(:negate)
           @regions = args[:regions] if args.key?(:regions)
           @required_access_levels = args[:required_access_levels] if args.key?(:required_access_levels)
+          @vpc_network_sources = args[:vpc_network_sources] if args.key?(:vpc_network_sources)
         end
       end
       
@@ -3034,6 +3040,19 @@ module Google
         # @return [String]
         attr_accessor :identity_type
       
+        # Whether to enforce traffic restrictions based on `sources` field. If the `
+        # sources` fields is non-empty, then this field must be set to `
+        # SOURCE_RESTRICTION_ENABLED`.
+        # Corresponds to the JSON property `sourceRestriction`
+        # @return [String]
+        attr_accessor :source_restriction
+      
+        # Sources that this EgressPolicy authorizes access from. If this field is not
+        # empty, then `source_restriction` must be set to `SOURCE_RESTRICTION_ENABLED`.
+        # Corresponds to the JSON property `sources`
+        # @return [Array<Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1EgressSource>]
+        attr_accessor :sources
+      
         def initialize(**args)
            update!(**args)
         end
@@ -3042,6 +3061,8 @@ module Google
         def update!(**args)
           @identities = args[:identities] if args.key?(:identities)
           @identity_type = args[:identity_type] if args.key?(:identity_type)
+          @source_restriction = args[:source_restriction] if args.key?(:source_restriction)
+          @sources = args[:sources] if args.key?(:sources)
         end
       end
       
@@ -3091,6 +3112,33 @@ module Google
         end
       end
       
+      # The source that EgressPolicy authorizes access from inside the
+      # ServicePerimeter to somewhere outside the ServicePerimeter boundaries.
+      class GoogleIdentityAccesscontextmanagerV1EgressSource
+        include Google::Apis::Core::Hashable
+      
+        # An AccessLevel resource name that allows protected resources inside the
+        # ServicePerimeters to access outside the ServicePerimeter boundaries.
+        # AccessLevels listed must be in the same policy as this ServicePerimeter.
+        # Referencing a nonexistent AccessLevel will cause an error. If an AccessLevel
+        # name is not specified, only resources within the perimeter can be accessed
+        # through Google Cloud calls with request origins within the perimeter. Example:
+        # `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified
+        # for `access_level`, then all EgressSources will be allowed.
+        # Corresponds to the JSON property `accessLevel`
+        # @return [String]
+        attr_accessor :access_level
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @access_level = args[:access_level] if args.key?(:access_level)
+        end
+      end
+      
       # Defines the conditions under which an EgressPolicy matches a request.
       # Conditions are based on information about the ApiOperation intended to be
       # performed on the `resources` specified. Note that if the destination of the
@@ -3529,6 +3577,59 @@ module Google
         end
       end
       
+      # The originating network source in Google Cloud.
+      class GoogleIdentityAccesscontextmanagerV1VpcNetworkSource
+        include Google::Apis::Core::Hashable
+      
+        # Sub-segment ranges inside of a VPC Network.
+        # Corresponds to the JSON property `vpcSubnetwork`
+        # @return [Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1VpcSubNetwork]
+        attr_accessor :vpc_subnetwork
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @vpc_subnetwork = args[:vpc_subnetwork] if args.key?(:vpc_subnetwork)
+        end
+      end
+      
+      # Sub-segment ranges inside of a VPC Network.
+      class GoogleIdentityAccesscontextmanagerV1VpcSubNetwork
+        include Google::Apis::Core::Hashable
+      
+        # Required. Network name. If the network is not part of the organization, the `
+        # compute.network.get` permission must be granted to the caller. Format: `//
+        # compute.googleapis.com/projects/`PROJECT_ID`/global/networks/`NETWORK_NAME``
+        # Example: `//compute.googleapis.com/projects/my-project/global/networks/network-
+        # 1`
+        # Corresponds to the JSON property `network`
+        # @return [String]
+        attr_accessor :network
+      
+        # CIDR block IP subnetwork specification. The IP address must be an IPv4 address
+        # and can be a public or private IP address. Note that for a CIDR IP address
+        # block, the specified IP address portion must be properly truncated (i.e. all
+        # the host bits must be zero) or the input is considered malformed. For example,
+        # "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. If empty, all IP
+        # addresses are allowed.
+        # Corresponds to the JSON property `vpcIpSubnetworks`
+        # @return [Array<String>]
+        attr_accessor :vpc_ip_subnetworks
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @network = args[:network] if args.key?(:network)
+          @vpc_ip_subnetworks = args[:vpc_ip_subnetworks] if args.key?(:vpc_ip_subnetworks)
+        end
+      end
+      
       # An analysis message to group the query and results.
       class IamPolicyAnalysis
         include Google::Apis::Core::Hashable
@@ -5238,6 +5339,18 @@ module Google
         # @return [Hash<String,Google::Apis::CloudassetV1::RelatedResources>]
         attr_accessor :relationships
       
+        # The actual content of Security Command Center security marks associated with
+        # the asset. Note that both staging & prod SecurityMarks are attached on prod
+        # resources. In CAS preprod/prod, both staging & prod SecurityMarks are ingested
+        # and returned in the following `security_marks` map. In that case, the prefix "
+        # staging." will be added to the keys of all the staging marks. To search
+        # against SCC SecurityMarks field: * Use a field query: - query by a given key
+        # value pair. Example: `sccSecurityMarks.foo=bar` - query by a given key's
+        # existence. Example: `sccSecurityMarks.foo:*`
+        # Corresponds to the JSON property `sccSecurityMarks`
+        # @return [Hash<String,String>]
+        attr_accessor :scc_security_marks
+      
         # The state of this resource. Different resources types have different state
         # definitions that are mapped from various fields of different resource types.
         # This field is available only when the resource's Protobuf contains it. Example:
@@ -5322,6 +5435,7 @@ module Google
           @parent_full_resource_name = args[:parent_full_resource_name] if args.key?(:parent_full_resource_name)
           @project = args[:project] if args.key?(:project)
           @relationships = args[:relationships] if args.key?(:relationships)
+          @scc_security_marks = args[:scc_security_marks] if args.key?(:scc_security_marks)
           @state = args[:state] if args.key?(:state)
           @tag_keys = args[:tag_keys] if args.key?(:tag_keys)
           @tag_value_ids = args[:tag_value_ids] if args.key?(:tag_value_ids)

data/lib/google/apis/cloudasset_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module CloudassetV1
       # Version of the google-apis-cloudasset_v1 gem
-      GEM_VERSION = "0.62.0"
+      GEM_VERSION = "0.64.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.12.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20230805"
+      REVISION = "20230908"
     end
   end
 end

data/lib/google/apis/cloudasset_v1/representations.rb

@@ -430,6 +430,12 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class GoogleIdentityAccesscontextmanagerV1EgressSource
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class GoogleIdentityAccesscontextmanagerV1EgressTo
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -490,6 +496,18 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class GoogleIdentityAccesscontextmanagerV1VpcNetworkSource
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class GoogleIdentityAccesscontextmanagerV1VpcSubNetwork
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class IamPolicyAnalysis
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -1481,6 +1499,8 @@ module Google
           property :negate, as: 'negate'
           collection :regions, as: 'regions'
           collection :required_access_levels, as: 'requiredAccessLevels'
+          collection :vpc_network_sources, as: 'vpcNetworkSources', class: Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1VpcNetworkSource, decorator: Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1VpcNetworkSource::Representation
+      
         end
       end
       
@@ -1510,6 +1530,9 @@ module Google
         class Representation < Google::Apis::Core::JsonRepresentation
           collection :identities, as: 'identities'
           property :identity_type, as: 'identityType'
+          property :source_restriction, as: 'sourceRestriction'
+          collection :sources, as: 'sources', class: Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1EgressSource, decorator: Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1EgressSource::Representation
+      
         end
       end
       
@@ -1523,6 +1546,13 @@ module Google
         end
       end
       
+      class GoogleIdentityAccesscontextmanagerV1EgressSource
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :access_level, as: 'accessLevel'
+        end
+      end
+      
       class GoogleIdentityAccesscontextmanagerV1EgressTo
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -1625,6 +1655,22 @@ module Google
         end
       end
       
+      class GoogleIdentityAccesscontextmanagerV1VpcNetworkSource
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :vpc_subnetwork, as: 'vpcSubnetwork', class: Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1VpcSubNetwork, decorator: Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1VpcSubNetwork::Representation
+      
+        end
+      end
+      
+      class GoogleIdentityAccesscontextmanagerV1VpcSubNetwork
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :network, as: 'network'
+          collection :vpc_ip_subnetworks, as: 'vpcIpSubnetworks'
+        end
+      end
+      
       class IamPolicyAnalysis
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -2030,6 +2076,7 @@ module Google
           property :project, as: 'project'
           hash :relationships, as: 'relationships', class: Google::Apis::CloudassetV1::RelatedResources, decorator: Google::Apis::CloudassetV1::RelatedResources::Representation
       
+          hash :scc_security_marks, as: 'sccSecurityMarks'
           property :state, as: 'state'
           collection :tag_keys, as: 'tagKeys'
           collection :tag_value_ids, as: 'tagValueIds'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-cloudasset_v1
 version: !ruby/object:Gem::Version
-  version: 0.62.0
+  version: 0.64.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-08-13 00:00:00.000000000 Z
+date: 2023-09-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
@@ -58,7 +58,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudasset_v1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-cloudasset_v1/v0.62.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-cloudasset_v1/v0.64.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudasset_v1
 post_install_message: 
 rdoc_options: []
@@ -75,7 +75,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.2
+rubygems_version: 3.4.19
 signing_key: 
 specification_version: 4
 summary: Simple REST client for Cloud Asset API V1