google-apis-cloudasset_v1p1beta1 0.31.0 → 0.33.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7132264aa7d7875f8edfb0d564c7488f9c06c250c52f9aa8bd75fe5e4a23bdd9
-  data.tar.gz: e1d9c743d67c8fea29499ad8e95219d10ed2e29a80aa8f57a11afb852d48dade
+  metadata.gz: 5d28b92bb530afbaf79348daef1f5c588ee7399807b572a37af5d896c517ceed
+  data.tar.gz: 4c55608b30980e9cc33755b3700462a064a2feb8eb9b5c72c9ff0367a382eda4
 SHA512:
-  metadata.gz: de0b32175f1b38a1b88b9386d7ee01b9bc33fe342668a1e34a72706479bcb68dfe58315d36da41833adf1b82b3437ec5ba952006ebff468deb828fe1e651a732
-  data.tar.gz: 43f4c4c474094967d1443b77c26f418d425c30f62fb6e3b7443a6c5bfdde488363cd5f08121a7dc40c0a0d9f38f1ee64c91877b40d99b5a5af03deb953378aa8
+  metadata.gz: adb606e0c3a2c6570588ec64dc304696456faa962027629e4c631aed48d016d14af2076bfefd14a3d496f85c402b2407ebd43a6c1e26c4b9925896c6766f3cb6
+  data.tar.gz: c7adc7c6560c3b10ae3671a84329de2c44fc946fc9e743f572286a6d53d08f208f5f699b0fc958dd2ed6373e04e51cc8b7265f692b53feecbba8eae5c2ae8ee9

data/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Release history for google-apis-cloudasset_v1p1beta1
 
+### v0.33.0 (2023-12-24)
+
+* Regenerated from discovery document revision 20231214
+
+### v0.32.0 (2023-09-17)
+
+* Regenerated from discovery document revision 20230908
+
 ### v0.31.0 (2023-09-10)
 
 * Regenerated from discovery document revision 20230902

data/lib/google/apis/cloudasset_v1p1beta1/classes.rb

@@ -165,21 +165,43 @@ module Google
         # project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:`emailid``: An
         # email address that represents a Google group. For example, `admins@example.com`
         # . * `domain:`domain``: The G Suite domain (primary) that represents all the
-        # users of that domain. For example, `google.com` or `example.com`. * `deleted:
-        # user:`emailid`?uid=`uniqueid``: An email address (plus unique identifier)
-        # representing a user that has been recently deleted. For example, `alice@
-        # example.com?uid=123456789012345678901`. If the user is recovered, this value
-        # reverts to `user:`emailid`` and the recovered user retains the role in the
-        # binding. * `deleted:serviceAccount:`emailid`?uid=`uniqueid``: An email address
-        # (plus unique identifier) representing a service account that has been recently
-        # deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=
+        # users of that domain. For example, `google.com` or `example.com`. * `principal:
+        # //iam.googleapis.com/locations/global/workforcePools/`pool_id`/subject/`
+        # subject_attribute_value``: A single identity in a workforce identity pool. * `
+        # principalSet://iam.googleapis.com/locations/global/workforcePools/`pool_id`/
+        # group/`group_id``: All workforce identities in a group. * `principalSet://iam.
+        # googleapis.com/locations/global/workforcePools/`pool_id`/attribute.`
+        # attribute_name`/`attribute_value``: All workforce identities with a specific
+        # attribute value. * `principalSet://iam.googleapis.com/locations/global/
+        # workforcePools/`pool_id`/*`: All identities in a workforce identity pool. * `
+        # principal://iam.googleapis.com/projects/`project_number`/locations/global/
+        # workloadIdentityPools/`pool_id`/subject/`subject_attribute_value``: A single
+        # identity in a workload identity pool. * `principalSet://iam.googleapis.com/
+        # projects/`project_number`/locations/global/workloadIdentityPools/`pool_id`/
+        # group/`group_id``: A workload identity pool group. * `principalSet://iam.
+        # googleapis.com/projects/`project_number`/locations/global/
+        # workloadIdentityPools/`pool_id`/attribute.`attribute_name`/`attribute_value``:
+        # All identities in a workload identity pool with a certain attribute. * `
+        # principalSet://iam.googleapis.com/projects/`project_number`/locations/global/
+        # workloadIdentityPools/`pool_id`/*`: All identities in a workload identity pool.
+        # * `deleted:user:`emailid`?uid=`uniqueid``: An email address (plus unique
+        # identifier) representing a user that has been recently deleted. For example, `
+        # alice@example.com?uid=123456789012345678901`. If the user is recovered, this
+        # value reverts to `user:`emailid`` and the recovered user retains the role in
+        # the binding. * `deleted:serviceAccount:`emailid`?uid=`uniqueid``: An email
+        # address (plus unique identifier) representing a service account that has been
+        # recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=
         # 123456789012345678901`. If the service account is undeleted, this value
         # reverts to `serviceAccount:`emailid`` and the undeleted service account
         # retains the role in the binding. * `deleted:group:`emailid`?uid=`uniqueid``:
         # An email address (plus unique identifier) representing a Google group that has
         # been recently deleted. For example, `admins@example.com?uid=
         # 123456789012345678901`. If the group is recovered, this value reverts to `
-        # group:`emailid`` and the recovered group retains the role in the binding.
+        # group:`emailid`` and the recovered group retains the role in the binding. * `
+        # deleted:principal://iam.googleapis.com/locations/global/workforcePools/`
+        # pool_id`/subject/`subject_attribute_value``: Deleted single identity in a
+        # workforce identity pool. For example, `deleted:principal://iam.googleapis.com/
+        # locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`.
         # Corresponds to the JSON property `members`
         # @return [Array<String>]
         attr_accessor :members
@@ -1108,6 +1130,12 @@ module Google
         # @return [Array<String>]
         attr_accessor :required_access_levels
       
+        # The request must originate from one of the provided VPC networks in Google
+        # Cloud. Cannot specify this field together with `ip_subnetworks`.
+        # Corresponds to the JSON property `vpcNetworkSources`
+        # @return [Array<Google::Apis::CloudassetV1p1beta1::GoogleIdentityAccesscontextmanagerV1VpcNetworkSource>]
+        attr_accessor :vpc_network_sources
+      
         def initialize(**args)
            update!(**args)
         end
@@ -1120,6 +1148,7 @@ module Google
           @negate = args[:negate] if args.key?(:negate)
           @regions = args[:regions] if args.key?(:regions)
           @required_access_levels = args[:required_access_levels] if args.key?(:required_access_levels)
+          @vpc_network_sources = args[:vpc_network_sources] if args.key?(:vpc_network_sources)
         end
       end
       
@@ -1240,6 +1269,19 @@ module Google
         # @return [String]
         attr_accessor :identity_type
       
+        # Whether to enforce traffic restrictions based on `sources` field. If the `
+        # sources` fields is non-empty, then this field must be set to `
+        # SOURCE_RESTRICTION_ENABLED`.
+        # Corresponds to the JSON property `sourceRestriction`
+        # @return [String]
+        attr_accessor :source_restriction
+      
+        # Sources that this EgressPolicy authorizes access from. If this field is not
+        # empty, then `source_restriction` must be set to `SOURCE_RESTRICTION_ENABLED`.
+        # Corresponds to the JSON property `sources`
+        # @return [Array<Google::Apis::CloudassetV1p1beta1::GoogleIdentityAccesscontextmanagerV1EgressSource>]
+        attr_accessor :sources
+      
         def initialize(**args)
            update!(**args)
         end
@@ -1248,6 +1290,8 @@ module Google
         def update!(**args)
           @identities = args[:identities] if args.key?(:identities)
           @identity_type = args[:identity_type] if args.key?(:identity_type)
+          @source_restriction = args[:source_restriction] if args.key?(:source_restriction)
+          @sources = args[:sources] if args.key?(:sources)
         end
       end
       
@@ -1297,6 +1341,33 @@ module Google
         end
       end
       
+      # The source that EgressPolicy authorizes access from inside the
+      # ServicePerimeter to somewhere outside the ServicePerimeter boundaries.
+      class GoogleIdentityAccesscontextmanagerV1EgressSource
+        include Google::Apis::Core::Hashable
+      
+        # An AccessLevel resource name that allows protected resources inside the
+        # ServicePerimeters to access outside the ServicePerimeter boundaries.
+        # AccessLevels listed must be in the same policy as this ServicePerimeter.
+        # Referencing a nonexistent AccessLevel will cause an error. If an AccessLevel
+        # name is not specified, only resources within the perimeter can be accessed
+        # through Google Cloud calls with request origins within the perimeter. Example:
+        # `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified
+        # for `access_level`, then all EgressSources will be allowed.
+        # Corresponds to the JSON property `accessLevel`
+        # @return [String]
+        attr_accessor :access_level
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @access_level = args[:access_level] if args.key?(:access_level)
+        end
+      end
+      
       # Defines the conditions under which an EgressPolicy matches a request.
       # Conditions are based on information about the ApiOperation intended to be
       # performed on the `resources` specified. Note that if the destination of the
@@ -1735,6 +1806,59 @@ module Google
         end
       end
       
+      # The originating network source in Google Cloud.
+      class GoogleIdentityAccesscontextmanagerV1VpcNetworkSource
+        include Google::Apis::Core::Hashable
+      
+        # Sub-segment ranges inside of a VPC Network.
+        # Corresponds to the JSON property `vpcSubnetwork`
+        # @return [Google::Apis::CloudassetV1p1beta1::GoogleIdentityAccesscontextmanagerV1VpcSubNetwork]
+        attr_accessor :vpc_subnetwork
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @vpc_subnetwork = args[:vpc_subnetwork] if args.key?(:vpc_subnetwork)
+        end
+      end
+      
+      # Sub-segment ranges inside of a VPC Network.
+      class GoogleIdentityAccesscontextmanagerV1VpcSubNetwork
+        include Google::Apis::Core::Hashable
+      
+        # Required. Network name. If the network is not part of the organization, the `
+        # compute.network.get` permission must be granted to the caller. Format: `//
+        # compute.googleapis.com/projects/`PROJECT_ID`/global/networks/`NETWORK_NAME``
+        # Example: `//compute.googleapis.com/projects/my-project/global/networks/network-
+        # 1`
+        # Corresponds to the JSON property `network`
+        # @return [String]
+        attr_accessor :network
+      
+        # CIDR block IP subnetwork specification. The IP address must be an IPv4 address
+        # and can be a public or private IP address. Note that for a CIDR IP address
+        # block, the specified IP address portion must be properly truncated (i.e. all
+        # the host bits must be zero) or the input is considered malformed. For example,
+        # "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. If empty, all IP
+        # addresses are allowed.
+        # Corresponds to the JSON property `vpcIpSubnetworks`
+        # @return [Array<String>]
+        attr_accessor :vpc_ip_subnetworks
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @network = args[:network] if args.key?(:network)
+          @vpc_ip_subnetworks = args[:vpc_ip_subnetworks] if args.key?(:vpc_ip_subnetworks)
+        end
+      end
+      
       # The result for an IAM policy search.
       class IamPolicySearchResult
         include Google::Apis::Core::Hashable

data/lib/google/apis/cloudasset_v1p1beta1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module CloudassetV1p1beta1
       # Version of the google-apis-cloudasset_v1p1beta1 gem
-      GEM_VERSION = "0.31.0"
+      GEM_VERSION = "0.33.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.12.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20230902"
+      REVISION = "20231214"
     end
   end
 end

data/lib/google/apis/cloudasset_v1p1beta1/representations.rb

@@ -172,6 +172,12 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class GoogleIdentityAccesscontextmanagerV1EgressSource
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class GoogleIdentityAccesscontextmanagerV1EgressTo
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -232,6 +238,18 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class GoogleIdentityAccesscontextmanagerV1VpcNetworkSource
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class GoogleIdentityAccesscontextmanagerV1VpcSubNetwork
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class IamPolicySearchResult
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -484,6 +502,8 @@ module Google
           property :negate, as: 'negate'
           collection :regions, as: 'regions'
           collection :required_access_levels, as: 'requiredAccessLevels'
+          collection :vpc_network_sources, as: 'vpcNetworkSources', class: Google::Apis::CloudassetV1p1beta1::GoogleIdentityAccesscontextmanagerV1VpcNetworkSource, decorator: Google::Apis::CloudassetV1p1beta1::GoogleIdentityAccesscontextmanagerV1VpcNetworkSource::Representation
+      
         end
       end
       
@@ -513,6 +533,9 @@ module Google
         class Representation < Google::Apis::Core::JsonRepresentation
           collection :identities, as: 'identities'
           property :identity_type, as: 'identityType'
+          property :source_restriction, as: 'sourceRestriction'
+          collection :sources, as: 'sources', class: Google::Apis::CloudassetV1p1beta1::GoogleIdentityAccesscontextmanagerV1EgressSource, decorator: Google::Apis::CloudassetV1p1beta1::GoogleIdentityAccesscontextmanagerV1EgressSource::Representation
+      
         end
       end
       
@@ -526,6 +549,13 @@ module Google
         end
       end
       
+      class GoogleIdentityAccesscontextmanagerV1EgressSource
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :access_level, as: 'accessLevel'
+        end
+      end
+      
       class GoogleIdentityAccesscontextmanagerV1EgressTo
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -628,6 +658,22 @@ module Google
         end
       end
       
+      class GoogleIdentityAccesscontextmanagerV1VpcNetworkSource
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :vpc_subnetwork, as: 'vpcSubnetwork', class: Google::Apis::CloudassetV1p1beta1::GoogleIdentityAccesscontextmanagerV1VpcSubNetwork, decorator: Google::Apis::CloudassetV1p1beta1::GoogleIdentityAccesscontextmanagerV1VpcSubNetwork::Representation
+      
+        end
+      end
+      
+      class GoogleIdentityAccesscontextmanagerV1VpcSubNetwork
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :network, as: 'network'
+          collection :vpc_ip_subnetworks, as: 'vpcIpSubnetworks'
+        end
+      end
+      
       class IamPolicySearchResult
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-cloudasset_v1p1beta1
 version: !ruby/object:Gem::Version
-  version: 0.31.0
+  version: 0.33.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-09-10 00:00:00.000000000 Z
+date: 2023-12-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
@@ -58,7 +58,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudasset_v1p1beta1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-cloudasset_v1p1beta1/v0.31.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-cloudasset_v1p1beta1/v0.33.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudasset_v1p1beta1
 post_install_message: 
 rdoc_options: []