google-apis-gkehub_v1beta 0.70.0 → 0.72.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1954c5609b57b8279fbfc066a1f8ad478b520c9be4d9acc1635f47b57d159c92
-  data.tar.gz: 795fabe69a3e800428f052495cce4777ed60ab47f8c243c9d41113585e6ad60a
+  metadata.gz: b78e2c620602bf42ceabc6d8f4f11a67b60744c3916f6dc05201ab4bc8e9fc81
+  data.tar.gz: 12a5ca0656502884de62ebe5cf6a13b3ae5e2690c789e77fbee572e554890c0c
 SHA512:
-  metadata.gz: a280062447700f754268f2e50489eb5ea10737486213468284de26072e2fda808978aa641cd254416915eb233aab855639039c35952d34cb1ba3946ddbf2b93c
-  data.tar.gz: 48823eed052960d86fac73f7e67532fde620738fc5125155ddf7aaa93b9b19701a3bf3f7f53c58fc0e28c97c6be1832868ddba91713116690e68915df28d6a52
+  metadata.gz: '0842e6bd14c7d60c2fbc7f8878eed803c8953836f36c4edd95b05b901c5c5311680574280dc6a7c00847410665cc7395eed92b1f2d8c0495de0fc82fb9721a3a'
+  data.tar.gz: 125f704bc885b3be8e979e784903d8ab9b3c2dd1bd9205d10fdf467e2424d8fbc4f3b2d5795b24b708d2c3b5d919ae867929395e2b3fe1043113e01f02064226

data/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Release history for google-apis-gkehub_v1beta
 
+### v0.72.0 (2024-03-24)
+
+* Regenerated from discovery document revision 20240318
+
+### v0.71.0 (2024-03-10)
+
+* Regenerated from discovery document revision 20240229
+
 ### v0.70.0 (2024-02-24)
 
 * Regenerated using generator version 0.14.0

data/lib/google/apis/gkehub_v1beta/classes.rb

@@ -2717,6 +2717,11 @@ module Google
         # @return [Google::Apis::GkehubV1beta::IdentityServiceGoogleConfig]
         attr_accessor :google_config
       
+        # Configuration for the LDAP Auth flow.
+        # Corresponds to the JSON property `ldapConfig`
+        # @return [Google::Apis::GkehubV1beta::IdentityServiceLdapConfig]
+        attr_accessor :ldap_config
+      
         # Identifier for auth config.
         # Corresponds to the JSON property `name`
         # @return [String]
@@ -2732,6 +2737,11 @@ module Google
         # @return [String]
         attr_accessor :proxy
       
+        # Configuration for the SAML Auth flow.
+        # Corresponds to the JSON property `samlConfig`
+        # @return [Google::Apis::GkehubV1beta::IdentityServiceSamlConfig]
+        attr_accessor :saml_config
+      
         def initialize(**args)
            update!(**args)
         end
@@ -2740,9 +2750,11 @@ module Google
         def update!(**args)
           @azuread_config = args[:azuread_config] if args.key?(:azuread_config)
           @google_config = args[:google_config] if args.key?(:google_config)
+          @ldap_config = args[:ldap_config] if args.key?(:ldap_config)
           @name = args[:name] if args.key?(:name)
           @oidc_config = args[:oidc_config] if args.key?(:oidc_config)
           @proxy = args[:proxy] if args.key?(:proxy)
+          @saml_config = args[:saml_config] if args.key?(:saml_config)
         end
       end
       
@@ -2768,6 +2780,11 @@ module Google
         # @return [String]
         attr_accessor :encrypted_client_secret
       
+        # Optional. Format of the AzureAD groups that the client wants for auth.
+        # Corresponds to the JSON property `groupFormat`
+        # @return [String]
+        attr_accessor :group_format
+      
         # The redirect URL that kubectl uses for authorization.
         # Corresponds to the JSON property `kubectlRedirectUri`
         # @return [String]
@@ -2779,6 +2796,11 @@ module Google
         # @return [String]
         attr_accessor :tenant
       
+        # Optional. Claim in the AzureAD ID Token that holds the user details.
+        # Corresponds to the JSON property `userClaim`
+        # @return [String]
+        attr_accessor :user_claim
+      
         def initialize(**args)
            update!(**args)
         end
@@ -2788,8 +2810,10 @@ module Google
           @client_id = args[:client_id] if args.key?(:client_id)
           @client_secret = args[:client_secret] if args.key?(:client_secret)
           @encrypted_client_secret = args[:encrypted_client_secret] if args.key?(:encrypted_client_secret)
+          @group_format = args[:group_format] if args.key?(:group_format)
           @kubectl_redirect_uri = args[:kubectl_redirect_uri] if args.key?(:kubectl_redirect_uri)
           @tenant = args[:tenant] if args.key?(:tenant)
+          @user_claim = args[:user_claim] if args.key?(:user_claim)
         end
       end
       
@@ -2813,6 +2837,84 @@ module Google
         end
       end
       
+      # Contains the properties for locating and authenticating groups in the
+      # directory.
+      class IdentityServiceGroupConfig
+        include Google::Apis::Core::Hashable
+      
+        # Required. The location of the subtree in the LDAP directory to search for
+        # group entries.
+        # Corresponds to the JSON property `baseDn`
+        # @return [String]
+        attr_accessor :base_dn
+      
+        # Optional. Optional filter to be used when searching for groups a user belongs
+        # to. This can be used to explicitly match only certain groups in order to
+        # reduce the amount of groups returned for each user. This defaults to "(
+        # objectClass=Group)".
+        # Corresponds to the JSON property `filter`
+        # @return [String]
+        attr_accessor :filter
+      
+        # Optional. The identifying name of each group a user belongs to. For example,
+        # if this is set to "distinguishedName" then RBACs and other group expectations
+        # should be written as full DNs. This defaults to "distinguishedName".
+        # Corresponds to the JSON property `idAttribute`
+        # @return [String]
+        attr_accessor :id_attribute
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @base_dn = args[:base_dn] if args.key?(:base_dn)
+          @filter = args[:filter] if args.key?(:filter)
+          @id_attribute = args[:id_attribute] if args.key?(:id_attribute)
+        end
+      end
+      
+      # Configuration for the LDAP Auth flow.
+      class IdentityServiceLdapConfig
+        include Google::Apis::Core::Hashable
+      
+        # Contains the properties for locating and authenticating groups in the
+        # directory.
+        # Corresponds to the JSON property `group`
+        # @return [Google::Apis::GkehubV1beta::IdentityServiceGroupConfig]
+        attr_accessor :group
+      
+        # Server settings for the external LDAP server.
+        # Corresponds to the JSON property `server`
+        # @return [Google::Apis::GkehubV1beta::IdentityServiceServerConfig]
+        attr_accessor :server
+      
+        # Contains the credentials of the service account which is authorized to perform
+        # the LDAP search in the directory. The credentials can be supplied by the
+        # combination of the DN and password or the client certificate.
+        # Corresponds to the JSON property `serviceAccount`
+        # @return [Google::Apis::GkehubV1beta::IdentityServiceServiceAccountConfig]
+        attr_accessor :service_account
+      
+        # Defines where users exist in the LDAP directory.
+        # Corresponds to the JSON property `user`
+        # @return [Google::Apis::GkehubV1beta::IdentityServiceUserConfig]
+        attr_accessor :user
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @group = args[:group] if args.key?(:group)
+          @server = args[:server] if args.key?(:server)
+          @service_account = args[:service_account] if args.key?(:service_account)
+          @user = args[:user] if args.key?(:user)
+        end
+      end
+      
       # **Anthos Identity Service**: Configuration for a single Membership.
       class IdentityServiceMembershipSpec
         include Google::Apis::Core::Hashable
@@ -2973,6 +3075,217 @@ module Google
         end
       end
       
+      # Configuration for the SAML Auth flow.
+      class IdentityServiceSamlConfig
+        include Google::Apis::Core::Hashable
+      
+        # Optional. The mapping of additional user attributes like nickname, birthday
+        # and address etc.. `key` is the name of this additional attribute. `value` is a
+        # string presenting as CEL(common expression language, go/cel) used for getting
+        # the value from the resources. Take nickname as an example, in this case, `key`
+        # is "attribute.nickname" and `value` is "assertion.nickname".
+        # Corresponds to the JSON property `attributeMapping`
+        # @return [Hash<String,String>]
+        attr_accessor :attribute_mapping
+      
+        # Optional. Prefix to prepend to group name.
+        # Corresponds to the JSON property `groupPrefix`
+        # @return [String]
+        attr_accessor :group_prefix
+      
+        # Optional. The SAML attribute to read groups from. This value is expected to be
+        # a string and will be passed along as-is (with the option of being prefixed by
+        # the `group_prefix`).
+        # Corresponds to the JSON property `groupsAttribute`
+        # @return [String]
+        attr_accessor :groups_attribute
+      
+        # Required. The list of IdP certificates to validate the SAML response against.
+        # Corresponds to the JSON property `identityProviderCertificates`
+        # @return [Array<String>]
+        attr_accessor :identity_provider_certificates
+      
+        # Required. The entity ID of the SAML IdP.
+        # Corresponds to the JSON property `identityProviderId`
+        # @return [String]
+        attr_accessor :identity_provider_id
+      
+        # Required. The URI where the SAML IdP exposes the SSO service.
+        # Corresponds to the JSON property `identityProviderSsoUri`
+        # @return [String]
+        attr_accessor :identity_provider_sso_uri
+      
+        # Optional. The SAML attribute to read username from. If unspecified, the
+        # username will be read from the NameID element of the assertion in SAML
+        # response. This value is expected to be a string and will be passed along as-is
+        # (with the option of being prefixed by the `user_prefix`).
+        # Corresponds to the JSON property `userAttribute`
+        # @return [String]
+        attr_accessor :user_attribute
+      
+        # Optional. Prefix to prepend to user name.
+        # Corresponds to the JSON property `userPrefix`
+        # @return [String]
+        attr_accessor :user_prefix
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @attribute_mapping = args[:attribute_mapping] if args.key?(:attribute_mapping)
+          @group_prefix = args[:group_prefix] if args.key?(:group_prefix)
+          @groups_attribute = args[:groups_attribute] if args.key?(:groups_attribute)
+          @identity_provider_certificates = args[:identity_provider_certificates] if args.key?(:identity_provider_certificates)
+          @identity_provider_id = args[:identity_provider_id] if args.key?(:identity_provider_id)
+          @identity_provider_sso_uri = args[:identity_provider_sso_uri] if args.key?(:identity_provider_sso_uri)
+          @user_attribute = args[:user_attribute] if args.key?(:user_attribute)
+          @user_prefix = args[:user_prefix] if args.key?(:user_prefix)
+        end
+      end
+      
+      # Server settings for the external LDAP server.
+      class IdentityServiceServerConfig
+        include Google::Apis::Core::Hashable
+      
+        # Optional. Contains a Base64 encoded, PEM formatted certificate authority
+        # certificate for the LDAP server. This must be provided for the "ldaps" and "
+        # startTLS" connections.
+        # Corresponds to the JSON property `certificateAuthorityData`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :certificate_authority_data
+      
+        # Optional. Defines the connection type to communicate with the LDAP server. If `
+        # starttls` or `ldaps` is specified, the certificate_authority_data should not
+        # be empty.
+        # Corresponds to the JSON property `connectionType`
+        # @return [String]
+        attr_accessor :connection_type
+      
+        # Required. Defines the hostname or IP of the LDAP server. Port is optional and
+        # will default to 389, if unspecified. For example, "ldap.server.example" or "10.
+        # 10.10.10:389".
+        # Corresponds to the JSON property `host`
+        # @return [String]
+        attr_accessor :host
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @certificate_authority_data = args[:certificate_authority_data] if args.key?(:certificate_authority_data)
+          @connection_type = args[:connection_type] if args.key?(:connection_type)
+          @host = args[:host] if args.key?(:host)
+        end
+      end
+      
+      # Contains the credentials of the service account which is authorized to perform
+      # the LDAP search in the directory. The credentials can be supplied by the
+      # combination of the DN and password or the client certificate.
+      class IdentityServiceServiceAccountConfig
+        include Google::Apis::Core::Hashable
+      
+        # The structure holds the LDAP simple binding credential.
+        # Corresponds to the JSON property `simpleBindCredentials`
+        # @return [Google::Apis::GkehubV1beta::IdentityServiceSimpleBindCredentials]
+        attr_accessor :simple_bind_credentials
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @simple_bind_credentials = args[:simple_bind_credentials] if args.key?(:simple_bind_credentials)
+        end
+      end
+      
+      # The structure holds the LDAP simple binding credential.
+      class IdentityServiceSimpleBindCredentials
+        include Google::Apis::Core::Hashable
+      
+        # Required. The distinguished name(DN) of the service account object/user.
+        # Corresponds to the JSON property `dn`
+        # @return [String]
+        attr_accessor :dn
+      
+        # Output only. The encrypted password of the service account object/user.
+        # Corresponds to the JSON property `encryptedPassword`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :encrypted_password
+      
+        # Required. Input only. The password of the service account object/user.
+        # Corresponds to the JSON property `password`
+        # @return [String]
+        attr_accessor :password
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @dn = args[:dn] if args.key?(:dn)
+          @encrypted_password = args[:encrypted_password] if args.key?(:encrypted_password)
+          @password = args[:password] if args.key?(:password)
+        end
+      end
+      
+      # Defines where users exist in the LDAP directory.
+      class IdentityServiceUserConfig
+        include Google::Apis::Core::Hashable
+      
+        # Required. The location of the subtree in the LDAP directory to search for user
+        # entries.
+        # Corresponds to the JSON property `baseDn`
+        # @return [String]
+        attr_accessor :base_dn
+      
+        # Optional. Filter to apply when searching for the user. This can be used to
+        # further restrict the user accounts which are allowed to login. This defaults
+        # to "(objectClass=User)".
+        # Corresponds to the JSON property `filter`
+        # @return [String]
+        attr_accessor :filter
+      
+        # Optional. Determines which attribute to use as the user's identity after they
+        # are authenticated. This is distinct from the loginAttribute field to allow
+        # users to login with a username, but then have their actual identifier be an
+        # email address or full Distinguished Name (DN). For example, setting
+        # loginAttribute to "sAMAccountName" and identifierAttribute to "
+        # userPrincipalName" would allow a user to login as "bsmith", but actual RBAC
+        # policies for the user would be written as "bsmith@example.com". Using "
+        # userPrincipalName" is recommended since this will be unique for each user.
+        # This defaults to "userPrincipalName".
+        # Corresponds to the JSON property `idAttribute`
+        # @return [String]
+        attr_accessor :id_attribute
+      
+        # Optional. The name of the attribute which matches against the input username.
+        # This is used to find the user in the LDAP database e.g. "(=)" and is combined
+        # with the optional filter field. This defaults to "userPrincipalName".
+        # Corresponds to the JSON property `loginAttribute`
+        # @return [String]
+        attr_accessor :login_attribute
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @base_dn = args[:base_dn] if args.key?(:base_dn)
+          @filter = args[:filter] if args.key?(:filter)
+          @id_attribute = args[:id_attribute] if args.key?(:id_attribute)
+          @login_attribute = args[:login_attribute] if args.key?(:login_attribute)
+        end
+      end
+      
       # KubernetesMetadata provides informational metadata for Memberships
       # representing Kubernetes clusters.
       class KubernetesMetadata
@@ -3084,6 +3397,39 @@ module Google
         end
       end
       
+      # List of Memberships bound to a Scope.
+      class ListBoundMembershipsResponse
+        include Google::Apis::Core::Hashable
+      
+        # The list of Memberships bound to the given Scope.
+        # Corresponds to the JSON property `memberships`
+        # @return [Array<Google::Apis::GkehubV1beta::Membership>]
+        attr_accessor :memberships
+      
+        # A token to request the next page of resources from the `ListBoundMemberships`
+        # method. The value of an empty string means that there are no more resources to
+        # return.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # List of locations that could not be reached while fetching this list.
+        # Corresponds to the JSON property `unreachable`
+        # @return [Array<String>]
+        attr_accessor :unreachable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @memberships = args[:memberships] if args.key?(:memberships)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @unreachable = args[:unreachable] if args.key?(:unreachable)
+        end
+      end
+      
       # Response message for the `GkeHub.ListFeatures` method.
       class ListFeaturesResponse
         include Google::Apis::Core::Hashable
@@ -3274,6 +3620,33 @@ module Google
         end
       end
       
+      # List of permitted Scopes.
+      class ListPermittedScopesResponse
+        include Google::Apis::Core::Hashable
+      
+        # A token to request the next page of resources from the `ListPermittedScopes`
+        # method. The value of an empty string means that there are no more resources to
+        # return.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # The list of permitted Scopes
+        # Corresponds to the JSON property `scopes`
+        # @return [Array<Google::Apis::GkehubV1beta::Scope>]
+        attr_accessor :scopes
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @scopes = args[:scopes] if args.key?(:scopes)
+        end
+      end
+      
       # List of fleet namespaces.
       class ListScopeNamespacesResponse
         include Google::Apis::Core::Hashable

data/lib/google/apis/gkehub_v1beta/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module GkehubV1beta
       # Version of the google-apis-gkehub_v1beta gem
-      GEM_VERSION = "0.70.0"
+      GEM_VERSION = "0.72.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.14.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20240209"
+      REVISION = "20240318"
     end
   end
 end

data/lib/google/apis/gkehub_v1beta/representations.rb

@@ -514,6 +514,18 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class IdentityServiceGroupConfig
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class IdentityServiceLdapConfig
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class IdentityServiceMembershipSpec
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -532,6 +544,36 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class IdentityServiceSamlConfig
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class IdentityServiceServerConfig
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class IdentityServiceServiceAccountConfig
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class IdentityServiceSimpleBindCredentials
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class IdentityServiceUserConfig
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class KubernetesMetadata
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -544,6 +586,12 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class ListBoundMembershipsResponse
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class ListFeaturesResponse
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -586,6 +634,12 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class ListPermittedScopesResponse
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class ListScopeNamespacesResponse
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -1720,10 +1774,14 @@ module Google
       
           property :google_config, as: 'googleConfig', class: Google::Apis::GkehubV1beta::IdentityServiceGoogleConfig, decorator: Google::Apis::GkehubV1beta::IdentityServiceGoogleConfig::Representation
       
+          property :ldap_config, as: 'ldapConfig', class: Google::Apis::GkehubV1beta::IdentityServiceLdapConfig, decorator: Google::Apis::GkehubV1beta::IdentityServiceLdapConfig::Representation
+      
           property :name, as: 'name'
           property :oidc_config, as: 'oidcConfig', class: Google::Apis::GkehubV1beta::IdentityServiceOidcConfig, decorator: Google::Apis::GkehubV1beta::IdentityServiceOidcConfig::Representation
       
           property :proxy, as: 'proxy'
+          property :saml_config, as: 'samlConfig', class: Google::Apis::GkehubV1beta::IdentityServiceSamlConfig, decorator: Google::Apis::GkehubV1beta::IdentityServiceSamlConfig::Representation
+      
         end
       end
       
@@ -1733,8 +1791,10 @@ module Google
           property :client_id, as: 'clientId'
           property :client_secret, as: 'clientSecret'
           property :encrypted_client_secret, :base64 => true, as: 'encryptedClientSecret'
+          property :group_format, as: 'groupFormat'
           property :kubectl_redirect_uri, as: 'kubectlRedirectUri'
           property :tenant, as: 'tenant'
+          property :user_claim, as: 'userClaim'
         end
       end
       
@@ -1745,6 +1805,29 @@ module Google
         end
       end
       
+      class IdentityServiceGroupConfig
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :base_dn, as: 'baseDn'
+          property :filter, as: 'filter'
+          property :id_attribute, as: 'idAttribute'
+        end
+      end
+      
+      class IdentityServiceLdapConfig
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :group, as: 'group', class: Google::Apis::GkehubV1beta::IdentityServiceGroupConfig, decorator: Google::Apis::GkehubV1beta::IdentityServiceGroupConfig::Representation
+      
+          property :server, as: 'server', class: Google::Apis::GkehubV1beta::IdentityServiceServerConfig, decorator: Google::Apis::GkehubV1beta::IdentityServiceServerConfig::Representation
+      
+          property :service_account, as: 'serviceAccount', class: Google::Apis::GkehubV1beta::IdentityServiceServiceAccountConfig, decorator: Google::Apis::GkehubV1beta::IdentityServiceServiceAccountConfig::Representation
+      
+          property :user, as: 'user', class: Google::Apis::GkehubV1beta::IdentityServiceUserConfig, decorator: Google::Apis::GkehubV1beta::IdentityServiceUserConfig::Representation
+      
+        end
+      end
+      
       class IdentityServiceMembershipSpec
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -1784,6 +1867,56 @@ module Google
         end
       end
       
+      class IdentityServiceSamlConfig
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          hash :attribute_mapping, as: 'attributeMapping'
+          property :group_prefix, as: 'groupPrefix'
+          property :groups_attribute, as: 'groupsAttribute'
+          collection :identity_provider_certificates, as: 'identityProviderCertificates'
+          property :identity_provider_id, as: 'identityProviderId'
+          property :identity_provider_sso_uri, as: 'identityProviderSsoUri'
+          property :user_attribute, as: 'userAttribute'
+          property :user_prefix, as: 'userPrefix'
+        end
+      end
+      
+      class IdentityServiceServerConfig
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :certificate_authority_data, :base64 => true, as: 'certificateAuthorityData'
+          property :connection_type, as: 'connectionType'
+          property :host, as: 'host'
+        end
+      end
+      
+      class IdentityServiceServiceAccountConfig
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :simple_bind_credentials, as: 'simpleBindCredentials', class: Google::Apis::GkehubV1beta::IdentityServiceSimpleBindCredentials, decorator: Google::Apis::GkehubV1beta::IdentityServiceSimpleBindCredentials::Representation
+      
+        end
+      end
+      
+      class IdentityServiceSimpleBindCredentials
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :dn, as: 'dn'
+          property :encrypted_password, :base64 => true, as: 'encryptedPassword'
+          property :password, as: 'password'
+        end
+      end
+      
+      class IdentityServiceUserConfig
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :base_dn, as: 'baseDn'
+          property :filter, as: 'filter'
+          property :id_attribute, as: 'idAttribute'
+          property :login_attribute, as: 'loginAttribute'
+        end
+      end
+      
       class KubernetesMetadata
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -1809,6 +1942,16 @@ module Google
         end
       end
       
+      class ListBoundMembershipsResponse
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          collection :memberships, as: 'memberships', class: Google::Apis::GkehubV1beta::Membership, decorator: Google::Apis::GkehubV1beta::Membership::Representation
+      
+          property :next_page_token, as: 'nextPageToken'
+          collection :unreachable, as: 'unreachable'
+        end
+      end
+      
       class ListFeaturesResponse
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -1873,6 +2016,15 @@ module Google
         end
       end
       
+      class ListPermittedScopesResponse
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :next_page_token, as: 'nextPageToken'
+          collection :scopes, as: 'scopes', class: Google::Apis::GkehubV1beta::Scope, decorator: Google::Apis::GkehubV1beta::Scope::Representation
+      
+        end
+      end
+      
       class ListScopeNamespacesResponse
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation

data/lib/google/apis/gkehub_v1beta/service.rb

@@ -1847,6 +1847,96 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
+        # Lists Memberships bound to a Scope. The response includes relevant Memberships
+        # from all regions.
+        # @param [String] scope_name
+        #   Required. Name of the Scope, in the format `projects/*/locations/global/scopes/
+        #   *`, to which the Memberships are bound.
+        # @param [String] filter
+        #   Optional. Lists Memberships that match the filter expression, following the
+        #   syntax outlined in https://google.aip.dev/160. Currently, filtering can be
+        #   done only based on Memberships's `name`, `labels`, `create_time`, `update_time`
+        #   , and `unique_id`.
+        # @param [Fixnum] page_size
+        #   Optional. When requesting a 'page' of resources, `page_size` specifies number
+        #   of resources to return. If unspecified or set to 0, all resources will be
+        #   returned. Pagination is currently not supported; therefore, setting this field
+        #   does not have any impact for now.
+        # @param [String] page_token
+        #   Optional. Token returned by previous call to `ListBoundMemberships` which
+        #   specifies the position in the list from where to continue listing the
+        #   resources.
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::GkehubV1beta::ListBoundMembershipsResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::GkehubV1beta::ListBoundMembershipsResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def list_project_location_scope_memberships(scope_name, filter: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:get, 'v1beta/{+scopeName}:listMemberships', options)
+          command.response_representation = Google::Apis::GkehubV1beta::ListBoundMembershipsResponse::Representation
+          command.response_class = Google::Apis::GkehubV1beta::ListBoundMembershipsResponse
+          command.params['scopeName'] = scope_name unless scope_name.nil?
+          command.query['filter'] = filter unless filter.nil?
+          command.query['pageSize'] = page_size unless page_size.nil?
+          command.query['pageToken'] = page_token unless page_token.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
+        # Lists permitted Scopes.
+        # @param [String] parent
+        #   Required. The parent (project and location) where the Scope will be listed.
+        #   Specified in the format `projects/*/locations/*`.
+        # @param [Fixnum] page_size
+        #   Optional. When requesting a 'page' of resources, `page_size` specifies number
+        #   of resources to return. If unspecified or set to 0, all resources will be
+        #   returned.
+        # @param [String] page_token
+        #   Optional. Token returned by previous call to `ListPermittedScopes` which
+        #   specifies the position in the list from where to continue listing the
+        #   resources.
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::GkehubV1beta::ListPermittedScopesResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::GkehubV1beta::ListPermittedScopesResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def list_project_location_scope_permitted(parent, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:get, 'v1beta/{+parent}/scopes:listPermitted', options)
+          command.response_representation = Google::Apis::GkehubV1beta::ListPermittedScopesResponse::Representation
+          command.response_class = Google::Apis::GkehubV1beta::ListPermittedScopesResponse
+          command.params['parent'] = parent unless parent.nil?
+          command.query['pageSize'] = page_size unless page_size.nil?
+          command.query['pageToken'] = page_token unless page_token.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
         # Updates a scopes.
         # @param [String] name
         #   The resource name for the scope `projects/`project`/locations/`location`/

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-gkehub_v1beta
 version: !ruby/object:Gem::Version
-  version: 0.70.0
+  version: 0.72.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-02-25 00:00:00.000000000 Z
+date: 2024-03-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
@@ -58,7 +58,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-gkehub_v1beta/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-gkehub_v1beta/v0.70.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-gkehub_v1beta/v0.72.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-gkehub_v1beta
 post_install_message: 
 rdoc_options: []