google-apis-iam_v1 0.47.0 → 0.49.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d7bb0023edc2d5574b4a4ebf1f21cb2683a513d86c431c5280c401d1790c10b6
-  data.tar.gz: ce2ecdc1111a0ff1c165db5c502c4d0bd06da0fb6424a61670e7e3615c0c2784
+  metadata.gz: 0cd5e621e083dc212348540b04481cfcd228000340ece55a9d6cbda833fde40a
+  data.tar.gz: 280fd54ed76ab00873456fb14036f64124a8240baab6256c62947a843954eb4b
 SHA512:
-  metadata.gz: 310270adb4fb12b07738de6e1f938ae37c2dda036a53c17545b6eb71ae4d8232fed618b5b7379524613d3b0179ee83d305e7cd4d04262e0ea6cb72b06ea6c448
-  data.tar.gz: 34ebd8e9ed7c910bd377278e3f846cba6155bb35ad8f04d90deae83662dda24247de80b75d08d0cbc88e3018b41f7bd8c42c2afa1ac1c9bd2f06ecf21c5bb89f
+  metadata.gz: 573823a293360b2ab7de5b923889fe46cd8a086a416beb2a1a0cadf240d1426557cde7b43afb8dff2fc23def76f653728745067baf66d16e8550bf99bf7bc311
+  data.tar.gz: 057c49a4bad2c1414fcd848d5ce982c54011fce87e51569078e751d13e973cb1d3024fbd7136344646e24a5514e638616395717eb4f8edc1eb3ea623cdfdcbb8

data/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Release history for google-apis-iam_v1
 
+### v0.49.0 (2023-09-24)
+
+* Regenerated from discovery document revision 20230914
+
+### v0.48.0 (2023-08-13)
+
+* Regenerated from discovery document revision 20230803
+
 ### v0.47.0 (2023-07-23)
 
 * Regenerated from discovery document revision 20230713

data/lib/google/apis/iam_v1/classes.rb

@@ -581,6 +581,17 @@ module Google
         # @return [String]
         attr_accessor :issuer_uri
       
+        # OIDC JWKs in JSON String format. For details on the definition of a JWK, see
+        # https://tools.ietf.org/html/rfc7517. If not set, the `jwks_uri` from the
+        # discovery document(fetched from the .well-known path of the `issuer_uri`) will
+        # be used. Currently, RSA and EC asymmetric keys are supported. The JWK must use
+        # following format and include only the following fields: ` "keys": [ ` "kty": "
+        # RSA/EC", "alg": "", "use": "sig", "kid": "", "n": "", "e": "", "x": "", "y": ""
+        # , "crv": "" ` ] `
+        # Corresponds to the JSON property `jwksJson`
+        # @return [String]
+        attr_accessor :jwks_json
+      
         # Configuration for web single sign-on for the OIDC provider.
         # Corresponds to the JSON property `webSsoConfig`
         # @return [Google::Apis::IamV1::GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig]
@@ -595,6 +606,7 @@ module Google
           @client_id = args[:client_id] if args.key?(:client_id)
           @client_secret = args[:client_secret] if args.key?(:client_secret)
           @issuer_uri = args[:issuer_uri] if args.key?(:issuer_uri)
+          @jwks_json = args[:jwks_json] if args.key?(:jwks_json)
           @web_sso_config = args[:web_sso_config] if args.key?(:web_sso_config)
         end
       end
@@ -693,7 +705,7 @@ module Google
         # document should satisfy the following constraints: 1) Must contain an Identity
         # Provider Entity ID. 2) Must contain at least one non-expired signing key
         # certificate. 3) For each signing key: a) Valid from should be no more than 7
-        # days from now. b) Valid to should be no more than 14 years in the future. 4)
+        # days from now. b) Valid to should be no more than 15 years in the future. 4)
         # Up to 3 IdP signing keys are allowed in the metadata xml. When updating the
         # provider's metadata xml, at least one non-expired signing key must overlap
         # with the existing metadata. This requirement is skipped if there are no non-
@@ -1188,13 +1200,13 @@ module Google
         # @return [String]
         attr_accessor :name
       
-        # The normal response of the operation in case of success. If the original
-        # method returns no data on success, such as `Delete`, the response is `google.
-        # protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`,
-        # the response should be the resource. For other methods, the response should
-        # have the type `XxxResponse`, where `Xxx` is the original method name. For
-        # example, if the original method name is `TakeSnapshot()`, the inferred
-        # response type is `TakeSnapshotResponse`.
+        # The normal, successful response of the operation. If the original method
+        # returns no data on success, such as `Delete`, the response is `google.protobuf.
+        # Empty`. If the original method is standard `Get`/`Create`/`Update`, the
+        # response should be the resource. For other methods, the response should have
+        # the type `XxxResponse`, where `Xxx` is the original method name. For example,
+        # if the original method name is `TakeSnapshot()`, the inferred response type is
+        # `TakeSnapshotResponse`.
         # Corresponds to the JSON property `response`
         # @return [Hash<String,Object>]
         attr_accessor :response
@@ -1213,6 +1225,65 @@ module Google
         end
       end
       
+      # Represents the metadata of the long-running operation.
+      class OperationMetadata
+        include Google::Apis::Core::Hashable
+      
+        # Output only. API version used to start the operation.
+        # Corresponds to the JSON property `apiVersion`
+        # @return [String]
+        attr_accessor :api_version
+      
+        # Output only. Identifies whether the user has requested cancellation of the
+        # operation. Operations that have been cancelled successfully have Operation.
+        # error value with a google.rpc.Status.code of 1, corresponding to `Code.
+        # CANCELLED`.
+        # Corresponds to the JSON property `cancelRequested`
+        # @return [Boolean]
+        attr_accessor :cancel_requested
+        alias_method :cancel_requested?, :cancel_requested
+      
+        # Output only. The time the operation was created.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Output only. The time the operation finished running.
+        # Corresponds to the JSON property `endTime`
+        # @return [String]
+        attr_accessor :end_time
+      
+        # Output only. Human-readable status of the operation, if any.
+        # Corresponds to the JSON property `statusDetail`
+        # @return [String]
+        attr_accessor :status_detail
+      
+        # Output only. Server-defined resource path for the target of the operation.
+        # Corresponds to the JSON property `target`
+        # @return [String]
+        attr_accessor :target
+      
+        # Output only. Name of the verb executed by the operation.
+        # Corresponds to the JSON property `verb`
+        # @return [String]
+        attr_accessor :verb
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @api_version = args[:api_version] if args.key?(:api_version)
+          @cancel_requested = args[:cancel_requested] if args.key?(:cancel_requested)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @end_time = args[:end_time] if args.key?(:end_time)
+          @status_detail = args[:status_detail] if args.key?(:status_detail)
+          @target = args[:target] if args.key?(:target)
+          @verb = args[:verb] if args.key?(:verb)
+        end
+      end
+      
       # The service account patch request. You can patch only the `display_name` and `
       # description` fields. You must use the `update_mask` field to specify which of
       # these fields you want to patch. Only the fields specified in the request are
@@ -1350,22 +1421,22 @@ module Google
       # evaluates to `true`. A condition can add constraints based on attributes of
       # the request, the resource, or both. To learn which resources support
       # conditions in their IAM policies, see the [IAM documentation](https://cloud.
-      # google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
+      # google.com/iam/help/conditions/resource-policies). **JSON example:** ``` ` "
       # bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
       # "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
       # serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
       # roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
       # ], "condition": ` "title": "expirable access", "description": "Does not grant
       # access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
-      # 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
-      # bindings: - members: - user:mike@example.com - group:admins@example.com -
-      # domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
-      # role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
-      # com role: roles/resourcemanager.organizationViewer condition: title: expirable
-      # access description: Does not grant access after Sep 2020 expression: request.
-      # time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
-      # a description of IAM and its features, see the [IAM documentation](https://
-      # cloud.google.com/iam/docs/).
+      # 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` ``` **YAML
+      # example:** ``` bindings: - members: - user:mike@example.com - group:admins@
+      # example.com - domain:google.com - serviceAccount:my-project-id@appspot.
+      # gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: -
+      # user:eve@example.com role: roles/resourcemanager.organizationViewer condition:
+      # title: expirable access description: Does not grant access after Sep 2020
+      # expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag:
+      # BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the
+      # [IAM documentation](https://cloud.google.com/iam/docs/).
       class Policy
         include Google::Apis::Core::Hashable
       
@@ -1700,7 +1771,7 @@ module Google
         # The metadata xml document should satisfy the following constraints: 1) Must
         # contain an Identity Provider Entity ID. 2) Must contain at least one non-
         # expired signing key certificate. 3) For each signing key: a) Valid from should
-        # be no more than 7 days from now. b) Valid to should be no more than 14 years
+        # be no more than 7 days from now. b) Valid to should be no more than 15 years
         # in the future. 4) Upto 3 IdP signing keys are allowed in the metadata xml.
         # When updating the provider's metadata xml, at lease one non-expired signing
         # key must overlap with the existing metadata. This requirement is skipped if
@@ -1924,22 +1995,22 @@ module Google
         # evaluates to `true`. A condition can add constraints based on attributes of
         # the request, the resource, or both. To learn which resources support
         # conditions in their IAM policies, see the [IAM documentation](https://cloud.
-        # google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
+        # google.com/iam/help/conditions/resource-policies). **JSON example:** ``` ` "
         # bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
         # "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
         # serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
         # roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
         # ], "condition": ` "title": "expirable access", "description": "Does not grant
         # access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
-        # 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
-        # bindings: - members: - user:mike@example.com - group:admins@example.com -
-        # domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
-        # role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
-        # com role: roles/resourcemanager.organizationViewer condition: title: expirable
-        # access description: Does not grant access after Sep 2020 expression: request.
-        # time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
-        # a description of IAM and its features, see the [IAM documentation](https://
-        # cloud.google.com/iam/docs/).
+        # 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` ``` **YAML
+        # example:** ``` bindings: - members: - user:mike@example.com - group:admins@
+        # example.com - domain:google.com - serviceAccount:my-project-id@appspot.
+        # gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: -
+        # user:eve@example.com role: roles/resourcemanager.organizationViewer condition:
+        # title: expirable access description: Does not grant access after Sep 2020
+        # expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag:
+        # BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the
+        # [IAM documentation](https://cloud.google.com/iam/docs/).
         # Corresponds to the JSON property `policy`
         # @return [Google::Apis::IamV1::Policy]
         attr_accessor :policy
@@ -2564,8 +2635,8 @@ module Google
         end
       end
       
-      # Represents a collection of external workload identities. You can define IAM
-      # policies to grant these identities access to Google Cloud resources.
+      # Represents a collection of workload identities. You can define IAM policies to
+      # grant these identities access to Google Cloud resources.
       class WorkloadIdentityPool
         include Google::Apis::Core::Hashable
       
@@ -2651,10 +2722,10 @@ module Google
         # @return [String]
         attr_accessor :attribute_condition
       
-        # Maps attributes from authentication credentials issued by an external identity
-        # provider to Google Cloud attributes, such as `subject` and `segment`. Each key
-        # must be a string specifying the Google Cloud IAM attribute to map to. The
-        # following keys are supported: * `google.subject`: The principal IAM is
+        # Maps attributes from authentication credentials issued by an external
+        # identity provider to Google Cloud attributes, such as `subject` and `segment`.
+        # Each key must be a string specifying the Google Cloud IAM attribute to map to.
+        # The following keys are supported: * `google.subject`: The principal IAM is
         # authenticating. You can reference this value in IAM bindings. This is also the
         # subject that appears in Cloud Logging logs. Cannot exceed 127 bytes. * `google.
         # groups`: Groups the external identity belongs to. You can grant groups access

data/lib/google/apis/iam_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module IamV1
       # Version of the google-apis-iam_v1 gem
-      GEM_VERSION = "0.47.0"
+      GEM_VERSION = "0.49.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.12.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20230713"
+      REVISION = "20230914"
     end
   end
 end

data/lib/google/apis/iam_v1/representations.rb

@@ -256,6 +256,12 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class OperationMetadata
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class PatchServiceAccountRequest
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -658,6 +664,7 @@ module Google
           property :client_secret, as: 'clientSecret', class: Google::Apis::IamV1::GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret, decorator: Google::Apis::IamV1::GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret::Representation
       
           property :issuer_uri, as: 'issuerUri'
+          property :jwks_json, as: 'jwksJson'
           property :web_sso_config, as: 'webSsoConfig', class: Google::Apis::IamV1::GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig, decorator: Google::Apis::IamV1::GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig::Representation
       
         end
@@ -836,6 +843,19 @@ module Google
         end
       end
       
+      class OperationMetadata
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :api_version, as: 'apiVersion'
+          property :cancel_requested, as: 'cancelRequested'
+          property :create_time, as: 'createTime'
+          property :end_time, as: 'endTime'
+          property :status_detail, as: 'statusDetail'
+          property :target, as: 'target'
+          property :verb, as: 'verb'
+        end
+      end
+      
       class PatchServiceAccountRequest
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation

data/lib/google/apis/iam_v1/service.rb

@@ -1716,37 +1716,6 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
-        # Gets the latest state of a long-running operation. Clients can use this method
-        # to poll the operation result at intervals as recommended by the API service.
-        # @param [String] name
-        #   The name of the operation resource.
-        # @param [String] fields
-        #   Selector specifying which fields to include in a partial response.
-        # @param [String] quota_user
-        #   Available to use for quota purposes for server-side applications. Can be any
-        #   arbitrary string assigned to a user, but should not exceed 40 characters.
-        # @param [Google::Apis::RequestOptions] options
-        #   Request-specific options
-        #
-        # @yield [result, err] Result & error if block supplied
-        # @yieldparam result [Google::Apis::IamV1::Operation] parsed result object
-        # @yieldparam err [StandardError] error object if request failed
-        #
-        # @return [Google::Apis::IamV1::Operation]
-        #
-        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
-        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
-        # @raise [Google::Apis::AuthorizationError] Authorization is required
-        def get_project_location_workload_identity_pool_namespace_workload_source_operation(name, fields: nil, quota_user: nil, options: nil, &block)
-          command = make_simple_command(:get, 'v1/{+name}', options)
-          command.response_representation = Google::Apis::IamV1::Operation::Representation
-          command.response_class = Google::Apis::IamV1::Operation
-          command.params['name'] = name unless name.nil?
-          command.query['fields'] = fields unless fields.nil?
-          command.query['quotaUser'] = quota_user unless quota_user.nil?
-          execute_or_queue_command(command, &block)
-        end
-        
         # Gets the latest state of a long-running operation. Clients can use this method
         # to poll the operation result at intervals as recommended by the API service.
         # @param [String] name

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-iam_v1
 version: !ruby/object:Gem::Version
-  version: 0.47.0
+  version: 0.49.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-07-23 00:00:00.000000000 Z
+date: 2023-09-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
@@ -59,7 +59,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-iam_v1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-iam_v1/v0.47.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-iam_v1/v0.49.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-iam_v1
 post_install_message: 
 rdoc_options: []
@@ -76,7 +76,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.2
+rubygems_version: 3.4.19
 signing_key: 
 specification_version: 4
 summary: Simple REST client for Identity and Access Management (IAM) API V1