google-apis-iam_v1 0.48.0 → 0.50.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 80680c6014090f33e526f2150a119f6a81bb848d56334778f7d265cd3401a05b
-  data.tar.gz: 3543caf14ecb6bcce85cdf565a1d731bc00e42cd84b9d29245809535cfba09c2
+  metadata.gz: 29fd4d76fd1a49edf7fb094299d604a2d49182dd0c129753bbe14cd48f278716
+  data.tar.gz: a86ef64379fa26c52b2576517cd11643ea9024ec45a9a901ddcf6074b78f0d02
 SHA512:
-  metadata.gz: d9e80b4d5108f2ea9db7719d98ce03c09882f24287139652ae156c58ab2068676f77ff15113b479ef34094ca7806501ef363532094cb6c4e58328fb07e992e87
-  data.tar.gz: 92791710bf581edae9eee972ad4b55cc31ea5d6d67ae4ab8a1d192a27cb92b4a277289f0df9280553b071f4edbfd0d4d33f42f93bdaca401993a8d888dfe6e73
+  metadata.gz: be9461b6b4f105b12d45c9ff0c33bd3bcab80e0ee0b3aef910cc9274d89923e02485e7b3c5d8e23f868c4550beb5af1ed472208c8dbfe8936e13750371120e9b
+  data.tar.gz: 478457a6de643c887df475038b43c21e6665f4586256dbd7470367c7729b7955dadb2fe9af5bad2f9aa89bcfbbef627805e1ba1b80f24927dc68e4f73eceafed

data/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Release history for google-apis-iam_v1
 
+### v0.50.0 (2023-11-05)
+
+* Regenerated from discovery document revision 20231026
+
+### v0.49.0 (2023-09-24)
+
+* Regenerated from discovery document revision 20230914
+
 ### v0.48.0 (2023-08-13)
 
 * Regenerated from discovery document revision 20230803

data/lib/google/apis/iam_v1/classes.rb

@@ -22,6 +22,35 @@ module Google
   module Apis
     module IamV1
       
+      # Access related restrictions on the workforce pool.
+      class AccessRestrictions
+        include Google::Apis::Core::Hashable
+      
+        # Optional. Immutable. Services allowed for web sign-in with the workforce pool.
+        # If not set by default there are no restrictions.
+        # Corresponds to the JSON property `allowedServices`
+        # @return [Array<Google::Apis::IamV1::ServiceConfig>]
+        attr_accessor :allowed_services
+      
+        # Optional. Disable programmatic sign-in by disabling token issue via the
+        # Security Token API endpoint. See [Security Token Service API] (https://cloud.
+        # google.com/iam/docs/reference/sts/rest).
+        # Corresponds to the JSON property `disableProgrammaticSignin`
+        # @return [Boolean]
+        attr_accessor :disable_programmatic_signin
+        alias_method :disable_programmatic_signin?, :disable_programmatic_signin
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @allowed_services = args[:allowed_services] if args.key?(:allowed_services)
+          @disable_programmatic_signin = args[:disable_programmatic_signin] if args.key?(:disable_programmatic_signin)
+        end
+      end
+      
       # Audit log information specific to Cloud IAM admin APIs. This message is
       # serialized as an `Any` type in the `ServiceData` message of an `AuditLog`
       # message.
@@ -581,6 +610,17 @@ module Google
         # @return [String]
         attr_accessor :issuer_uri
       
+        # OIDC JWKs in JSON String format. For details on the definition of a JWK, see
+        # https://tools.ietf.org/html/rfc7517. If not set, the `jwks_uri` from the
+        # discovery document(fetched from the .well-known path of the `issuer_uri`) will
+        # be used. Currently, RSA and EC asymmetric keys are supported. The JWK must use
+        # following format and include only the following fields: ` "keys": [ ` "kty": "
+        # RSA/EC", "alg": "", "use": "sig", "kid": "", "n": "", "e": "", "x": "", "y": ""
+        # , "crv": "" ` ] `
+        # Corresponds to the JSON property `jwksJson`
+        # @return [String]
+        attr_accessor :jwks_json
+      
         # Configuration for web single sign-on for the OIDC provider.
         # Corresponds to the JSON property `webSsoConfig`
         # @return [Google::Apis::IamV1::GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig]
@@ -595,6 +635,7 @@ module Google
           @client_id = args[:client_id] if args.key?(:client_id)
           @client_secret = args[:client_secret] if args.key?(:client_secret)
           @issuer_uri = args[:issuer_uri] if args.key?(:issuer_uri)
+          @jwks_json = args[:jwks_json] if args.key?(:jwks_json)
           @web_sso_config = args[:web_sso_config] if args.key?(:web_sso_config)
         end
       end
@@ -693,7 +734,7 @@ module Google
         # document should satisfy the following constraints: 1) Must contain an Identity
         # Provider Entity ID. 2) Must contain at least one non-expired signing key
         # certificate. 3) For each signing key: a) Valid from should be no more than 7
-        # days from now. b) Valid to should be no more than 14 years in the future. 4)
+        # days from now. b) Valid to should be no more than 15 years in the future. 4)
         # Up to 3 IdP signing keys are allowed in the metadata xml. When updating the
         # provider's metadata xml, at least one non-expired signing key must overlap
         # with the existing metadata. This requirement is skipped if there are no non-
@@ -1213,6 +1254,65 @@ module Google
         end
       end
       
+      # Represents the metadata of the long-running operation.
+      class OperationMetadata
+        include Google::Apis::Core::Hashable
+      
+        # Output only. API version used to start the operation.
+        # Corresponds to the JSON property `apiVersion`
+        # @return [String]
+        attr_accessor :api_version
+      
+        # Output only. Identifies whether the user has requested cancellation of the
+        # operation. Operations that have been cancelled successfully have Operation.
+        # error value with a google.rpc.Status.code of 1, corresponding to `Code.
+        # CANCELLED`.
+        # Corresponds to the JSON property `cancelRequested`
+        # @return [Boolean]
+        attr_accessor :cancel_requested
+        alias_method :cancel_requested?, :cancel_requested
+      
+        # Output only. The time the operation was created.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Output only. The time the operation finished running.
+        # Corresponds to the JSON property `endTime`
+        # @return [String]
+        attr_accessor :end_time
+      
+        # Output only. Human-readable status of the operation, if any.
+        # Corresponds to the JSON property `statusDetail`
+        # @return [String]
+        attr_accessor :status_detail
+      
+        # Output only. Server-defined resource path for the target of the operation.
+        # Corresponds to the JSON property `target`
+        # @return [String]
+        attr_accessor :target
+      
+        # Output only. Name of the verb executed by the operation.
+        # Corresponds to the JSON property `verb`
+        # @return [String]
+        attr_accessor :verb
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @api_version = args[:api_version] if args.key?(:api_version)
+          @cancel_requested = args[:cancel_requested] if args.key?(:cancel_requested)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @end_time = args[:end_time] if args.key?(:end_time)
+          @status_detail = args[:status_detail] if args.key?(:status_detail)
+          @target = args[:target] if args.key?(:target)
+          @verb = args[:verb] if args.key?(:verb)
+        end
+      end
+      
       # The service account patch request. You can patch only the `display_name` and `
       # description` fields. You must use the `update_mask` field to specify which of
       # these fields you want to patch. Only the fields specified in the request are
@@ -1700,7 +1800,7 @@ module Google
         # The metadata xml document should satisfy the following constraints: 1) Must
         # contain an Identity Provider Entity ID. 2) Must contain at least one non-
         # expired signing key certificate. 3) For each signing key: a) Valid from should
-        # be no more than 7 days from now. b) Valid to should be no more than 14 years
+        # be no more than 7 days from now. b) Valid to should be no more than 15 years
         # in the future. 4) Upto 3 IdP signing keys are allowed in the metadata xml.
         # When updating the provider's metadata xml, at lease one non-expired signing
         # key must overlap with the existing metadata. This requirement is skipped if
@@ -1909,6 +2009,25 @@ module Google
         end
       end
       
+      # Configuration for a service.
+      class ServiceConfig
+        include Google::Apis::Core::Hashable
+      
+        # Optional. Domain name of the service. Example: console.cloud.google
+        # Corresponds to the JSON property `domain`
+        # @return [String]
+        attr_accessor :domain
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @domain = args[:domain] if args.key?(:domain)
+        end
+      end
+      
       # Request message for `SetIamPolicy` method.
       class SetIamPolicyRequest
         include Google::Apis::Core::Hashable
@@ -2323,6 +2442,11 @@ module Google
       class WorkforcePool
         include Google::Apis::Core::Hashable
       
+        # Access related restrictions on the workforce pool.
+        # Corresponds to the JSON property `accessRestrictions`
+        # @return [Google::Apis::IamV1::AccessRestrictions]
+        attr_accessor :access_restrictions
+      
         # A user-specified description of the pool. Cannot exceed 256 characters.
         # Corresponds to the JSON property `description`
         # @return [String]
@@ -2380,6 +2504,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @access_restrictions = args[:access_restrictions] if args.key?(:access_restrictions)
           @description = args[:description] if args.key?(:description)
           @disabled = args[:disabled] if args.key?(:disabled)
           @display_name = args[:display_name] if args.key?(:display_name)
@@ -2564,8 +2689,8 @@ module Google
         end
       end
       
-      # Represents a collection of external workload identities. You can define IAM
-      # policies to grant these identities access to Google Cloud resources.
+      # Represents a collection of workload identities. You can define IAM policies to
+      # grant these identities access to Google Cloud resources.
       class WorkloadIdentityPool
         include Google::Apis::Core::Hashable
       
@@ -2651,10 +2776,10 @@ module Google
         # @return [String]
         attr_accessor :attribute_condition
       
-        # Maps attributes from authentication credentials issued by an external identity
-        # provider to Google Cloud attributes, such as `subject` and `segment`. Each key
-        # must be a string specifying the Google Cloud IAM attribute to map to. The
-        # following keys are supported: * `google.subject`: The principal IAM is
+        # Maps attributes from authentication credentials issued by an external
+        # identity provider to Google Cloud attributes, such as `subject` and `segment`.
+        # Each key must be a string specifying the Google Cloud IAM attribute to map to.
+        # The following keys are supported: * `google.subject`: The principal IAM is
         # authenticating. You can reference this value in IAM bindings. This is also the
         # subject that appears in Cloud Logging logs. Cannot exceed 127 bytes. * `google.
         # groups`: Groups the external identity belongs to. You can grant groups access

data/lib/google/apis/iam_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module IamV1
       # Version of the google-apis-iam_v1 gem
-      GEM_VERSION = "0.48.0"
+      GEM_VERSION = "0.50.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.12.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20230803"
+      REVISION = "20231026"
     end
   end
 end

data/lib/google/apis/iam_v1/representations.rb

@@ -22,6 +22,12 @@ module Google
   module Apis
     module IamV1
       
+      class AccessRestrictions
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class AdminAuditData
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -256,6 +262,12 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class OperationMetadata
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class PatchServiceAccountRequest
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -346,6 +358,12 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class ServiceConfig
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class SetIamPolicyRequest
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -502,6 +520,15 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class AccessRestrictions
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          collection :allowed_services, as: 'allowedServices', class: Google::Apis::IamV1::ServiceConfig, decorator: Google::Apis::IamV1::ServiceConfig::Representation
+      
+          property :disable_programmatic_signin, as: 'disableProgrammaticSignin'
+        end
+      end
+      
       class AdminAuditData
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -658,6 +685,7 @@ module Google
           property :client_secret, as: 'clientSecret', class: Google::Apis::IamV1::GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret, decorator: Google::Apis::IamV1::GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret::Representation
       
           property :issuer_uri, as: 'issuerUri'
+          property :jwks_json, as: 'jwksJson'
           property :web_sso_config, as: 'webSsoConfig', class: Google::Apis::IamV1::GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig, decorator: Google::Apis::IamV1::GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig::Representation
       
         end
@@ -836,6 +864,19 @@ module Google
         end
       end
       
+      class OperationMetadata
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :api_version, as: 'apiVersion'
+          property :cancel_requested, as: 'cancelRequested'
+          property :create_time, as: 'createTime'
+          property :end_time, as: 'endTime'
+          property :status_detail, as: 'statusDetail'
+          property :target, as: 'target'
+          property :verb, as: 'verb'
+        end
+      end
+      
       class PatchServiceAccountRequest
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -990,6 +1031,13 @@ module Google
         end
       end
       
+      class ServiceConfig
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :domain, as: 'domain'
+        end
+      end
+      
       class SetIamPolicyRequest
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -1125,6 +1173,8 @@ module Google
       class WorkforcePool
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
+          property :access_restrictions, as: 'accessRestrictions', class: Google::Apis::IamV1::AccessRestrictions, decorator: Google::Apis::IamV1::AccessRestrictions::Representation
+      
           property :description, as: 'description'
           property :disabled, as: 'disabled'
           property :display_name, as: 'displayName'

data/lib/google/apis/iam_v1/service.rb

@@ -1716,37 +1716,6 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
-        # Gets the latest state of a long-running operation. Clients can use this method
-        # to poll the operation result at intervals as recommended by the API service.
-        # @param [String] name
-        #   The name of the operation resource.
-        # @param [String] fields
-        #   Selector specifying which fields to include in a partial response.
-        # @param [String] quota_user
-        #   Available to use for quota purposes for server-side applications. Can be any
-        #   arbitrary string assigned to a user, but should not exceed 40 characters.
-        # @param [Google::Apis::RequestOptions] options
-        #   Request-specific options
-        #
-        # @yield [result, err] Result & error if block supplied
-        # @yieldparam result [Google::Apis::IamV1::Operation] parsed result object
-        # @yieldparam err [StandardError] error object if request failed
-        #
-        # @return [Google::Apis::IamV1::Operation]
-        #
-        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
-        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
-        # @raise [Google::Apis::AuthorizationError] Authorization is required
-        def get_project_location_workload_identity_pool_namespace_workload_source_operation(name, fields: nil, quota_user: nil, options: nil, &block)
-          command = make_simple_command(:get, 'v1/{+name}', options)
-          command.response_representation = Google::Apis::IamV1::Operation::Representation
-          command.response_class = Google::Apis::IamV1::Operation
-          command.params['name'] = name unless name.nil?
-          command.query['fields'] = fields unless fields.nil?
-          command.query['quotaUser'] = quota_user unless quota_user.nil?
-          execute_or_queue_command(command, &block)
-        end
-        
         # Gets the latest state of a long-running operation. Clients can use this method
         # to poll the operation result at intervals as recommended by the API service.
         # @param [String] name

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-iam_v1
 version: !ruby/object:Gem::Version
-  version: 0.48.0
+  version: 0.50.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-08-20 00:00:00.000000000 Z
+date: 2023-11-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
@@ -59,7 +59,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-iam_v1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-iam_v1/v0.48.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-iam_v1/v0.50.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-iam_v1
 post_install_message: 
 rdoc_options: []
@@ -76,7 +76,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.2
+rubygems_version: 3.4.19
 signing_key: 
 specification_version: 4
 summary: Simple REST client for Identity and Access Management (IAM) API V1