google-apis-iam_v1 0.49.0 → 0.51.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0cd5e621e083dc212348540b04481cfcd228000340ece55a9d6cbda833fde40a
-  data.tar.gz: 280fd54ed76ab00873456fb14036f64124a8240baab6256c62947a843954eb4b
+  metadata.gz: 23aa52e3052103be92a0e9cbd333aacdc63b18cfa7a450d6805a13887a7fc18c
+  data.tar.gz: 2a99e49e4cd51413b5d0d8c105eea044205c8973bfc2636e1c236cabdfaf016e
 SHA512:
-  metadata.gz: 573823a293360b2ab7de5b923889fe46cd8a086a416beb2a1a0cadf240d1426557cde7b43afb8dff2fc23def76f653728745067baf66d16e8550bf99bf7bc311
-  data.tar.gz: 057c49a4bad2c1414fcd848d5ce982c54011fce87e51569078e751d13e973cb1d3024fbd7136344646e24a5514e638616395717eb4f8edc1eb3ea623cdfdcbb8
+  metadata.gz: 3f4906f88431e61d5b2b36b048073c190c0dc4527fcdda7f26fd47b095823797d683570aabcb112af3d3a67e24fae651fbe9cb46c85f23662386e1423731b3bc
+  data.tar.gz: 8cad11bbef857ae02797d670ff4770531181fd4fc5b628989e6d5d09288b43591d1c33f537a1c96670af1fb633990169ea17e48bed288594ba27f47291e80500

data/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Release history for google-apis-iam_v1
 
+### v0.51.0 (2023-12-10)
+
+* Regenerated from discovery document revision 20231130
+
+### v0.50.0 (2023-11-05)
+
+* Regenerated from discovery document revision 20231026
+
 ### v0.49.0 (2023-09-24)
 
 * Regenerated from discovery document revision 20230914

data/lib/google/apis/iam_v1/classes.rb

@@ -22,6 +22,35 @@ module Google
   module Apis
     module IamV1
       
+      # Access related restrictions on the workforce pool.
+      class AccessRestrictions
+        include Google::Apis::Core::Hashable
+      
+        # Optional. Immutable. Services allowed for web sign-in with the workforce pool.
+        # If not set by default there are no restrictions.
+        # Corresponds to the JSON property `allowedServices`
+        # @return [Array<Google::Apis::IamV1::ServiceConfig>]
+        attr_accessor :allowed_services
+      
+        # Optional. Disable programmatic sign-in by disabling token issue via the
+        # Security Token API endpoint. See [Security Token Service API] (https://cloud.
+        # google.com/iam/docs/reference/sts/rest).
+        # Corresponds to the JSON property `disableProgrammaticSignin`
+        # @return [Boolean]
+        attr_accessor :disable_programmatic_signin
+        alias_method :disable_programmatic_signin?, :disable_programmatic_signin
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @allowed_services = args[:allowed_services] if args.key?(:allowed_services)
+          @disable_programmatic_signin = args[:disable_programmatic_signin] if args.key?(:disable_programmatic_signin)
+        end
+      end
+      
       # Audit log information specific to Cloud IAM admin APIs. This message is
       # serialized as an `Any` type in the `ServiceData` message of an `AuditLog`
       # message.
@@ -1980,6 +2009,25 @@ module Google
         end
       end
       
+      # Configuration for a service.
+      class ServiceConfig
+        include Google::Apis::Core::Hashable
+      
+        # Optional. Domain name of the service. Example: console.cloud.google
+        # Corresponds to the JSON property `domain`
+        # @return [String]
+        attr_accessor :domain
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @domain = args[:domain] if args.key?(:domain)
+        end
+      end
+      
       # Request message for `SetIamPolicy` method.
       class SetIamPolicyRequest
         include Google::Apis::Core::Hashable
@@ -2394,6 +2442,11 @@ module Google
       class WorkforcePool
         include Google::Apis::Core::Hashable
       
+        # Access related restrictions on the workforce pool.
+        # Corresponds to the JSON property `accessRestrictions`
+        # @return [Google::Apis::IamV1::AccessRestrictions]
+        attr_accessor :access_restrictions
+      
         # A user-specified description of the pool. Cannot exceed 256 characters.
         # Corresponds to the JSON property `description`
         # @return [String]
@@ -2451,6 +2504,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @access_restrictions = args[:access_restrictions] if args.key?(:access_restrictions)
           @description = args[:description] if args.key?(:description)
           @disabled = args[:disabled] if args.key?(:disabled)
           @display_name = args[:display_name] if args.key?(:display_name)
@@ -2473,12 +2527,13 @@ module Google
         # keywords may be referenced in the expressions: * `assertion`: JSON
         # representing the authentication credential issued by the provider. * `google`:
         # The Google attributes mapped from the assertion in the `attribute_mappings`. `
-        # google.profile_photo` and `google.display_name` are not supported. * `
-        # attribute`: The custom attributes mapped from the assertion in the `
-        # attribute_mappings`. The maximum length of the attribute condition expression
-        # is 4096 characters. If unspecified, all valid authentication credentials will
-        # be accepted. The following example shows how to only allow credentials with a
-        # mapped `google.groups` value of `admins`: ``` "'admins' in google.groups" ```
+        # google.profile_photo`, `google.display_name` and `google.posix_username` are
+        # not supported. * `attribute`: The custom attributes mapped from the assertion
+        # in the `attribute_mappings`. The maximum length of the attribute condition
+        # expression is 4096 characters. If unspecified, all valid authentication
+        # credentials will be accepted. The following example shows how to only allow
+        # credentials with a mapped `google.groups` value of `admins`: ``` "'admins' in
+        # google.groups" ```
         # Corresponds to the JSON property `attributeCondition`
         # @return [String]
         attr_accessor :attribute_condition
@@ -2498,29 +2553,32 @@ module Google
         # bindings. * `google.profile_photo`: The URL that specifies the authenticated
         # user's thumbnail photo. This is an optional field. When set, the image will be
         # visible as the user's profile picture. If not set, a generic user icon will be
-        # displayed instead. This attribute cannot be referenced in IAM bindings. You
-        # can also provide custom attributes by specifying `attribute.`custom_attribute``
-        # , where `custom_attribute` is the name of the custom attribute to be mapped.
-        # You can define a maximum of 50 custom attributes. The maximum length of a
-        # mapped attribute key is 100 characters, and the key may only contain the
-        # characters [a-z0-9_]. You can reference these attributes in IAM policies to
-        # define fine-grained access for a workforce pool to Google Cloud resources. For
-        # example: * `google.subject`: `principal://iam.googleapis.com/locations/global/
-        # workforcePools/`pool`/subject/`value`` * `google.groups`: `principalSet://iam.
-        # googleapis.com/locations/global/workforcePools/`pool`/group/`value`` * `
-        # attribute.`custom_attribute``: `principalSet://iam.googleapis.com/locations/
-        # global/workforcePools/`pool`/attribute.`custom_attribute`/`value`` Each value
-        # must be a [Common Expression Language] (https://opensource.google/projects/cel)
-        # function that maps an identity provider credential to the normalized
-        # attribute specified by the corresponding map key. You can use the `assertion`
-        # keyword in the expression to access a JSON representation of the
-        # authentication credential issued by the provider. The maximum length of an
-        # attribute mapping expression is 2048 characters. When evaluated, the total
-        # size of all mapped attributes must not exceed 4KB. For OIDC providers, you
-        # must supply a custom mapping that includes the `google.subject` attribute. For
-        # example, the following maps the `sub` claim of the incoming credential to the `
-        # subject` attribute on a Google token: ``` `"google.subject": "assertion.sub"` `
-        # ``
+        # displayed instead. This attribute cannot be referenced in IAM bindings. * `
+        # google.posix_username`: The linux username used by OS login. This is an
+        # optional field and the mapped posix username cannot exceed 32 characters, The
+        # key must match the regex "^a-zA-Z0-9._`0,31`$". This attribute cannot be
+        # referenced in IAM bindings. You can also provide custom attributes by
+        # specifying `attribute.`custom_attribute``, where `custom_attribute` is the
+        # name of the custom attribute to be mapped. You can define a maximum of 50
+        # custom attributes. The maximum length of a mapped attribute key is 100
+        # characters, and the key may only contain the characters [a-z0-9_]. You can
+        # reference these attributes in IAM policies to define fine-grained access for a
+        # workforce pool to Google Cloud resources. For example: * `google.subject`: `
+        # principal://iam.googleapis.com/locations/global/workforcePools/`pool`/subject/`
+        # value`` * `google.groups`: `principalSet://iam.googleapis.com/locations/global/
+        # workforcePools/`pool`/group/`value`` * `attribute.`custom_attribute``: `
+        # principalSet://iam.googleapis.com/locations/global/workforcePools/`pool`/
+        # attribute.`custom_attribute`/`value`` Each value must be a [Common Expression
+        # Language] (https://opensource.google/projects/cel) function that maps an
+        # identity provider credential to the normalized attribute specified by the
+        # corresponding map key. You can use the `assertion` keyword in the expression
+        # to access a JSON representation of the authentication credential issued by the
+        # provider. The maximum length of an attribute mapping expression is 2048
+        # characters. When evaluated, the total size of all mapped attributes must not
+        # exceed 4KB. For OIDC providers, you must supply a custom mapping that includes
+        # the `google.subject` attribute. For example, the following maps the `sub`
+        # claim of the incoming credential to the `subject` attribute on a Google token:
+        # ``` `"google.subject": "assertion.sub"` ```
         # Corresponds to the JSON property `attributeMapping`
         # @return [Hash<String,String>]
         attr_accessor :attribute_mapping

data/lib/google/apis/iam_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module IamV1
       # Version of the google-apis-iam_v1 gem
-      GEM_VERSION = "0.49.0"
+      GEM_VERSION = "0.51.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.12.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20230914"
+      REVISION = "20231130"
     end
   end
 end

data/lib/google/apis/iam_v1/representations.rb

@@ -22,6 +22,12 @@ module Google
   module Apis
     module IamV1
       
+      class AccessRestrictions
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class AdminAuditData
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -352,6 +358,12 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class ServiceConfig
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class SetIamPolicyRequest
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -508,6 +520,15 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class AccessRestrictions
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          collection :allowed_services, as: 'allowedServices', class: Google::Apis::IamV1::ServiceConfig, decorator: Google::Apis::IamV1::ServiceConfig::Representation
+      
+          property :disable_programmatic_signin, as: 'disableProgrammaticSignin'
+        end
+      end
+      
       class AdminAuditData
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -1010,6 +1031,13 @@ module Google
         end
       end
       
+      class ServiceConfig
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :domain, as: 'domain'
+        end
+      end
+      
       class SetIamPolicyRequest
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -1145,6 +1173,8 @@ module Google
       class WorkforcePool
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
+          property :access_restrictions, as: 'accessRestrictions', class: Google::Apis::IamV1::AccessRestrictions, decorator: Google::Apis::IamV1::AccessRestrictions::Representation
+      
           property :description, as: 'description'
           property :disabled, as: 'disabled'
           property :display_name, as: 'displayName'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-iam_v1
 version: !ruby/object:Gem::Version
-  version: 0.49.0
+  version: 0.51.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-09-24 00:00:00.000000000 Z
+date: 2023-12-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
@@ -59,7 +59,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-iam_v1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-iam_v1/v0.49.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-iam_v1/v0.51.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-iam_v1
 post_install_message: 
 rdoc_options: []