google-apis-iam_v1 0.11.0 → 0.15.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a4a44108b49d060d8ba6905edd9734809b08af145aae3ee8801593d12d01d991
-  data.tar.gz: d3f4fd94474577f10d3c9cbaccaaac4e3921f764965d3fba27fe86668a914e72
+  metadata.gz: 45ac832a3802a2142757f9e33fedd6ab8dc03a4cc25a063c4f23e16e342983b2
+  data.tar.gz: d2597d22a06b42b653940bf8e3a69475d4ea8e8c08caad395ec31c528e37ca19
 SHA512:
-  metadata.gz: a980d848f0b9dbe26ff75c0aaef22346a7883d3d652cdd355d363500a2efed1af32e223c6f85c80fb1807670fc59ff720fe1a16bd0b696d4f2b6e62f0c3016a9
-  data.tar.gz: d60d1f3a98b88055cd32b4d0dd56feb94cea84ff0e67b79a1d2b862fd19e9280059f563d3e506f48e5b5157b68ea51f6a262b93cde2d792fd041ef3256c6c7a2
+  metadata.gz: 9f56adc48e446c680d611eb2739abb9089e0e889f56cf65a1db8f20dfda5f1ac46933c93c1959f9ffe8e0eb5963b292269dcf0202ae535fad9d901149314f9f5
+  data.tar.gz: d80378706a3a4a26185006002b1ede76b6fe9385645ba02e793bb7936ba6d0f38ee3d29db52f003c454d92e74955d1362b5308d33be216b0749d54c69345db77

data/CHANGELOG.md

@@ -1,5 +1,22 @@
 # Release history for google-apis-iam_v1
 
+### v0.15.0 (2021-10-21)
+
+* Regenerated from discovery document revision 20211013
+* Unspecified changes
+
+### v0.14.0 (2021-09-24)
+
+* Regenerated from discovery document revision 20210918
+
+### v0.13.0 (2021-09-16)
+
+* Regenerated from discovery document revision 20210909
+
+### v0.12.0 (2021-09-01)
+
+* Regenerated from discovery document revision 20210825
+
 ### v0.11.0 (2021-08-20)
 
 * Regenerated from discovery document revision 20210812

data/OVERVIEW.md

@@ -60,8 +60,8 @@ See the class reference docs for information on the methods you can call from a
 
 More detailed descriptions of the Google simple REST clients are available in two documents.
 
- *  The [Usage Guide](https://github.com/googleapis/google-api-ruby-client/blob/master/docs/usage-guide.md) discusses how to make API calls, how to use the provided data structures, and how to work the various features of the client library, including media upload and download, error handling, retries, pagination, and logging.
- *  The [Auth Guide](https://github.com/googleapis/google-api-ruby-client/blob/master/docs/auth-guide.md) discusses authentication in the client libraries, including API keys, OAuth 2.0, service accounts, and environment variables.
+ *  The [Usage Guide](https://github.com/googleapis/google-api-ruby-client/blob/main/docs/usage-guide.md) discusses how to make API calls, how to use the provided data structures, and how to work the various features of the client library, including media upload and download, error handling, retries, pagination, and logging.
+ *  The [Auth Guide](https://github.com/googleapis/google-api-ruby-client/blob/main/docs/auth-guide.md) discusses authentication in the client libraries, including API keys, OAuth 2.0, service accounts, and environment variables.
 
 (Note: the above documents are written for the simple REST clients in general, and their examples may not reflect the Iam service in particular.)
 

data/lib/google/apis/iam_v1/classes.rb

@@ -174,7 +174,7 @@ module Google
         end
       end
       
-      # Associates `members` with a `role`.
+      # Associates `members`, or principals, with a `role`.
       class Binding
         include Google::Apis::Core::Hashable
       
@@ -197,7 +197,7 @@ module Google
         # @return [Google::Apis::IamV1::Expr]
         attr_accessor :condition
       
-        # Specifies the identities requesting access for a Cloud Platform resource. `
+        # Specifies the principals requesting access for a Cloud Platform resource. `
         # members` can have the following values: * `allUsers`: A special identifier
         # that represents anyone who is on the internet; with or without a Google
         # account. * `allAuthenticatedUsers`: A special identifier that represents
@@ -227,8 +227,8 @@ module Google
         # @return [Array<String>]
         attr_accessor :members
       
-        # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`
-        # , or `roles/owner`.
+        # Role that is assigned to the list of `members`, or principals. For example, `
+        # roles/viewer`, `roles/editor`, or `roles/owner`.
         # Corresponds to the JSON property `role`
         # @return [String]
         attr_accessor :role
@@ -387,6 +387,19 @@ module Google
         end
       end
       
+      # The service account key disable request.
+      class DisableServiceAccountKeyRequest
+        include Google::Apis::Core::Hashable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+        end
+      end
+      
       # The service account disable request.
       class DisableServiceAccountRequest
         include Google::Apis::Core::Hashable
@@ -417,6 +430,19 @@ module Google
         end
       end
       
+      # The service account key enable request.
+      class EnableServiceAccountKeyRequest
+        include Google::Apis::Core::Hashable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+        end
+      end
+      
       # The service account enable request.
       class EnableServiceAccountRequest
         include Google::Apis::Core::Hashable
@@ -950,31 +976,31 @@ module Google
       
       # An Identity and Access Management (IAM) policy, which specifies access
       # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
-      # A `binding` binds one or more `members` to a single `role`. Members can be
-      # user accounts, service accounts, Google groups, and domains (such as G Suite).
-      # A `role` is a named list of permissions; each `role` can be an IAM predefined
-      # role or a user-created custom role. For some types of Google Cloud resources,
-      # a `binding` can also specify a `condition`, which is a logical expression that
-      # allows access to a resource only if the expression evaluates to `true`. A
-      # condition can add constraints based on attributes of the request, the resource,
-      # or both. To learn which resources support conditions in their IAM policies,
-      # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
-      # resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
-      # resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
-      # group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
-      # appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
-      # organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
-      # title": "expirable access", "description": "Does not grant access after Sep
-      # 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
-      # ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
-      # members: - user:mike@example.com - group:admins@example.com - domain:google.
-      # com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
-      # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
-      # roles/resourcemanager.organizationViewer condition: title: expirable access
-      # description: Does not grant access after Sep 2020 expression: request.time <
-      # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
-      # description of IAM and its features, see the [IAM documentation](https://cloud.
-      # google.com/iam/docs/).
+      # A `binding` binds one or more `members`, or principals, to a single `role`.
+      # Principals can be user accounts, service accounts, Google groups, and domains (
+      # such as G Suite). A `role` is a named list of permissions; each `role` can be
+      # an IAM predefined role or a user-created custom role. For some types of Google
+      # Cloud resources, a `binding` can also specify a `condition`, which is a
+      # logical expression that allows access to a resource only if the expression
+      # evaluates to `true`. A condition can add constraints based on attributes of
+      # the request, the resource, or both. To learn which resources support
+      # conditions in their IAM policies, see the [IAM documentation](https://cloud.
+      # google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
+      # bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
+      # "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
+      # serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
+      # roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
+      # ], "condition": ` "title": "expirable access", "description": "Does not grant
+      # access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
+      # 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
+      # bindings: - members: - user:mike@example.com - group:admins@example.com -
+      # domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
+      # role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
+      # com role: roles/resourcemanager.organizationViewer condition: title: expirable
+      # access description: Does not grant access after Sep 2020 expression: request.
+      # time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
+      # a description of IAM and its features, see the [IAM documentation](https://
+      # cloud.google.com/iam/docs/).
       class Policy
         include Google::Apis::Core::Hashable
       
@@ -983,9 +1009,14 @@ module Google
         # @return [Array<Google::Apis::IamV1::AuditConfig>]
         attr_accessor :audit_configs
       
-        # Associates a list of `members` to a `role`. Optionally, may specify a `
-        # condition` that determines how and when the `bindings` are applied. Each of
-        # the `bindings` must contain at least one member.
+        # Associates a list of `members`, or principals, with a `role`. Optionally, may
+        # specify a `condition` that determines how and when the `bindings` are applied.
+        # Each of the `bindings` must contain at least one principal. The `bindings` in
+        # a `Policy` can refer to up to 1,500 principals; up to 250 of these principals
+        # can be Google groups. Each occurrence of a principal counts towards these
+        # limits. For example, if the `bindings` grant 50 different roles to `user:alice@
+        # example.com`, and not to any other principal, then you can add another 1,450
+        # principals to the `bindings` in the `Policy`.
         # Corresponds to the JSON property `bindings`
         # @return [Array<Google::Apis::IamV1::Binding>]
         attr_accessor :bindings
@@ -1400,6 +1431,12 @@ module Google
       class ServiceAccountKey
         include Google::Apis::Core::Hashable
       
+        # The key status.
+        # Corresponds to the JSON property `disabled`
+        # @return [Boolean]
+        attr_accessor :disabled
+        alias_method :disabled?, :disabled
+      
         # Specifies the algorithm (and possibly key size) for the key.
         # Corresponds to the JSON property `keyAlgorithm`
         # @return [String]
@@ -1463,6 +1500,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @disabled = args[:disabled] if args.key?(:disabled)
           @key_algorithm = args[:key_algorithm] if args.key?(:key_algorithm)
           @key_origin = args[:key_origin] if args.key?(:key_origin)
           @key_type = args[:key_type] if args.key?(:key_type)
@@ -1481,31 +1519,31 @@ module Google
       
         # An Identity and Access Management (IAM) policy, which specifies access
         # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
-        # A `binding` binds one or more `members` to a single `role`. Members can be
-        # user accounts, service accounts, Google groups, and domains (such as G Suite).
-        # A `role` is a named list of permissions; each `role` can be an IAM predefined
-        # role or a user-created custom role. For some types of Google Cloud resources,
-        # a `binding` can also specify a `condition`, which is a logical expression that
-        # allows access to a resource only if the expression evaluates to `true`. A
-        # condition can add constraints based on attributes of the request, the resource,
-        # or both. To learn which resources support conditions in their IAM policies,
-        # see the [IAM documentation](https://cloud.google.com/iam/help/conditions/
-        # resource-policies). **JSON example:** ` "bindings": [ ` "role": "roles/
-        # resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "
-        # group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@
-        # appspot.gserviceaccount.com" ] `, ` "role": "roles/resourcemanager.
-        # organizationViewer", "members": [ "user:eve@example.com" ], "condition": ` "
-        # title": "expirable access", "description": "Does not grant access after Sep
-        # 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", `
-        # ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:** bindings: -
-        # members: - user:mike@example.com - group:admins@example.com - domain:google.
-        # com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/
-        # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
-        # roles/resourcemanager.organizationViewer condition: title: expirable access
-        # description: Does not grant access after Sep 2020 expression: request.time <
-        # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
-        # description of IAM and its features, see the [IAM documentation](https://cloud.
-        # google.com/iam/docs/).
+        # A `binding` binds one or more `members`, or principals, to a single `role`.
+        # Principals can be user accounts, service accounts, Google groups, and domains (
+        # such as G Suite). A `role` is a named list of permissions; each `role` can be
+        # an IAM predefined role or a user-created custom role. For some types of Google
+        # Cloud resources, a `binding` can also specify a `condition`, which is a
+        # logical expression that allows access to a resource only if the expression
+        # evaluates to `true`. A condition can add constraints based on attributes of
+        # the request, the resource, or both. To learn which resources support
+        # conditions in their IAM policies, see the [IAM documentation](https://cloud.
+        # google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
+        # bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
+        # "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
+        # serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
+        # roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
+        # ], "condition": ` "title": "expirable access", "description": "Does not grant
+        # access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
+        # 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
+        # bindings: - members: - user:mike@example.com - group:admins@example.com -
+        # domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
+        # role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
+        # com role: roles/resourcemanager.organizationViewer condition: title: expirable
+        # access description: Does not grant access after Sep 2020 expression: request.
+        # time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
+        # a description of IAM and its features, see the [IAM documentation](https://
+        # cloud.google.com/iam/docs/).
         # Corresponds to the JSON property `policy`
         # @return [Google::Apis::IamV1::Policy]
         attr_accessor :policy

data/lib/google/apis/iam_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module IamV1
       # Version of the google-apis-iam_v1 gem
-      GEM_VERSION = "0.11.0"
+      GEM_VERSION = "0.15.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.4.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20210812"
+      REVISION = "20211013"
     end
   end
 end

data/lib/google/apis/iam_v1/representations.rb

@@ -88,6 +88,12 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class DisableServiceAccountKeyRequest
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class DisableServiceAccountRequest
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -100,6 +106,12 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class EnableServiceAccountKeyRequest
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class EnableServiceAccountRequest
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -446,6 +458,12 @@ module Google
         end
       end
       
+      class DisableServiceAccountKeyRequest
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+        end
+      end
+      
       class DisableServiceAccountRequest
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -458,6 +476,12 @@ module Google
         end
       end
       
+      class EnableServiceAccountKeyRequest
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+        end
+      end
+      
       class EnableServiceAccountRequest
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -701,6 +725,7 @@ module Google
       class ServiceAccountKey
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
+          property :disabled, as: 'disabled'
           property :key_algorithm, as: 'keyAlgorithm'
           property :key_origin, as: 'keyOrigin'
           property :key_type, as: 'keyType'

data/lib/google/apis/iam_v1/service.rb

@@ -116,6 +116,68 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
+        # Gets the latest state of a long-running operation. Clients can use this method
+        # to poll the operation result at intervals as recommended by the API service.
+        # @param [String] name
+        #   The name of the operation resource.
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::IamV1::Operation] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::IamV1::Operation]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def get_location_workforce_pool_operation(name, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:get, 'v1/{+name}', options)
+          command.response_representation = Google::Apis::IamV1::Operation::Representation
+          command.response_class = Google::Apis::IamV1::Operation
+          command.params['name'] = name unless name.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
+        # Gets the latest state of a long-running operation. Clients can use this method
+        # to poll the operation result at intervals as recommended by the API service.
+        # @param [String] name
+        #   The name of the operation resource.
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::IamV1::Operation] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::IamV1::Operation]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def get_location_workforce_pool_provider_operation(name, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:get, 'v1/{+name}', options)
+          command.response_representation = Google::Apis::IamV1::Operation::Representation
+          command.response_class = Google::Apis::IamV1::Operation
+          command.params['name'] = name unless name.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
         # Creates a new custom Role.
         # @param [String] parent
         #   The `parent` parameter's value depends on the target resource for the request,
@@ -162,7 +224,7 @@ module Google
         end
         
         # Deletes a custom Role. When you delete a custom role, the following changes
-        # occur immediately: * You cannot bind a member to the custom role in an IAM
+        # occur immediately: * You cannot bind a principal to the custom role in an IAM
         # Policy. * Existing bindings to the custom role are not changed, but they have
         # no effect. * By default, the response from ListRoles does not include the
         # custom role. You have 7 days to undelete the custom role. After 7 days, the
@@ -424,7 +486,8 @@ module Google
         end
         
         # Lists every permission that you can test on a resource. A permission is
-        # testable if you can check whether a member has that permission on the resource.
+        # testable if you can check whether a principal has that permission on the
+        # resource.
         # @param [Google::Apis::IamV1::QueryTestablePermissionsRequest] query_testable_permissions_request_object
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
@@ -608,7 +671,7 @@ module Google
         #   Output only. The resource name of the pool.
         # @param [Google::Apis::IamV1::WorkloadIdentityPool] workload_identity_pool_object
         # @param [String] update_mask
-        #   Required. The list of fields update.
+        #   Required. The list of fields to update.
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
         # @param [String] quota_user
@@ -997,7 +1060,7 @@ module Google
         end
         
         # Deletes a custom Role. When you delete a custom role, the following changes
-        # occur immediately: * You cannot bind a member to the custom role in an IAM
+        # occur immediately: * You cannot bind a principal to the custom role in an IAM
         # Policy. * Existing bindings to the custom role are not changed, but they have
         # no effect. * By default, the response from ListRoles does not include the
         # custom role. You have 7 days to undelete the custom role. After 7 days, the
@@ -1454,13 +1517,13 @@ module Google
         end
         
         # Gets the IAM policy that is attached to a ServiceAccount. This IAM policy
-        # specifies which members have access to the service account. This method does
-        # not tell you whether the service account has been granted any roles on other
-        # resources. To check whether a service account has role grants on a resource,
-        # use the `getIamPolicy` method for that resource. For example, to view the role
-        # grants for a project, call the Resource Manager API's [`projects.getIamPolicy`]
-        # (https://cloud.google.com/resource-manager/reference/rest/v1/projects/
-        # getIamPolicy) method.
+        # specifies which principals have access to the service account. This method
+        # does not tell you whether the service account has been granted any roles on
+        # other resources. To check whether a service account has role grants on a
+        # resource, use the `getIamPolicy` method for that resource. For example, to
+        # view the role grants for a project, call the Resource Manager API's [`projects.
+        # getIamPolicy`](https://cloud.google.com/resource-manager/reference/rest/v1/
+        # projects/getIamPolicy) method.
         # @param [String] resource
         #   REQUIRED: The resource for which the policy is being requested. See the
         #   operation documentation for the appropriate value for this field.
@@ -1585,15 +1648,16 @@ module Google
         
         # Sets the IAM policy that is attached to a ServiceAccount. Use this method to
         # grant or revoke access to the service account. For example, you could grant a
-        # member the ability to impersonate the service account. This method does not
+        # principal the ability to impersonate the service account. This method does not
         # enable the service account to access other resources. To grant roles to a
         # service account on a resource, follow these steps: 1. Call the resource's `
         # getIamPolicy` method to get its current IAM policy. 2. Edit the policy so that
         # it binds the service account to an IAM role for the resource. 3. Call the
         # resource's `setIamPolicy` method to update its IAM policy. For detailed
-        # instructions, see [Granting roles to a service account for specific resources](
-        # https://cloud.google.com/iam/help/service-accounts/granting-access-to-service-
-        # accounts).
+        # instructions, see [Manage access to project, folders, and organizations](https:
+        # //cloud.google.com/iam/help/service-accounts/granting-access-to-service-
+        # accounts) or [Manage access to other resources](https://cloud.google.com/iam/
+        # help/access/manage-other-resources).
         # @param [String] resource
         #   REQUIRED: The resource for which the policy is being specified. See the
         #   operation documentation for the appropriate value for this field.
@@ -1901,6 +1965,81 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
+        # Disable a ServiceAccountKey. A disabled service account key can be enabled
+        # through EnableServiceAccountKey.
+        # @param [String] name
+        #   Required. The resource name of the service account key in the following format:
+        #   `projects/`PROJECT_ID`/serviceAccounts/`ACCOUNT`/keys/`key``. Using `-` as a
+        #   wildcard for the `PROJECT_ID` will infer the project from the account. The `
+        #   ACCOUNT` value can be the `email` address or the `unique_id` of the service
+        #   account.
+        # @param [Google::Apis::IamV1::DisableServiceAccountKeyRequest] disable_service_account_key_request_object
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::IamV1::Empty] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::IamV1::Empty]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def disable_service_account_key(name, disable_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/{+name}:disable', options)
+          command.request_representation = Google::Apis::IamV1::DisableServiceAccountKeyRequest::Representation
+          command.request_object = disable_service_account_key_request_object
+          command.response_representation = Google::Apis::IamV1::Empty::Representation
+          command.response_class = Google::Apis::IamV1::Empty
+          command.params['name'] = name unless name.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
+        # Enable a ServiceAccountKey.
+        # @param [String] name
+        #   Required. The resource name of the service account key in the following format:
+        #   `projects/`PROJECT_ID`/serviceAccounts/`ACCOUNT`/keys/`key``. Using `-` as a
+        #   wildcard for the `PROJECT_ID` will infer the project from the account. The `
+        #   ACCOUNT` value can be the `email` address or the `unique_id` of the service
+        #   account.
+        # @param [Google::Apis::IamV1::EnableServiceAccountKeyRequest] enable_service_account_key_request_object
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::IamV1::Empty] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::IamV1::Empty]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def enable_service_account_key(name, enable_service_account_key_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/{+name}:enable', options)
+          command.request_representation = Google::Apis::IamV1::EnableServiceAccountKeyRequest::Representation
+          command.request_object = enable_service_account_key_request_object
+          command.response_representation = Google::Apis::IamV1::Empty::Representation
+          command.response_class = Google::Apis::IamV1::Empty
+          command.params['name'] = name unless name.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
         # Gets a ServiceAccountKey.
         # @param [String] name
         #   Required. The resource name of the service account key in the following format:

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-iam_v1
 version: !ruby/object:Gem::Version
-  version: 0.11.0
+  version: 0.15.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-08-23 00:00:00.000000000 Z
+date: 2021-10-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
@@ -58,9 +58,9 @@ licenses:
 - Apache-2.0
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
-  changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-iam_v1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-iam_v1/v0.11.0
-  source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-iam_v1
+  changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-iam_v1/CHANGELOG.md
+  documentation_uri: https://googleapis.dev/ruby/google-apis-iam_v1/v0.15.0
+  source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-iam_v1
 post_install_message: 
 rdoc_options: []
 require_paths: