google-apis-networksecurity_v1 0.52.0 → 0.53.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a1f72f041a684140c183ff3c0268e39de83a158189d454669d24b90b095e15fb
-  data.tar.gz: 61124e5bd34b85722b4e807b58551d3f210a1f70af723489530a22c5a7630601
+  metadata.gz: 41b3aafd36566e93ad2d3afed5a42f40de334b3acc52ae9be5b6644ef1046e59
+  data.tar.gz: 299f9f6f22c9ceb7d65ef8fc659535c0b71ededc6182365ca0adb62dd52f68a9
 SHA512:
-  metadata.gz: e9d7b73f023d628e860ac9245bedb94845e0fef2365b3630a0ce8d596a99baf096dbc954eb1cc7467be152b011f0dfa28fa71660b8bdd042b3143a5d83b2ec15
-  data.tar.gz: d7c8b8e6aa835ae435eac1b668aaffceb30dab72a2a9530c2a57ab3f7929725aea688c134cec18fc758d5a710a05faf95395e7e405e26bd651564cbcd586dae4
+  metadata.gz: 5366905bf64d59263356f939c5dae9e6d41e64ed3f4793f959e9513feb0a3fb17b1eff8167a8cc3bdc65142978495cbb854447a8d7d0f241d51d462694980a39
+  data.tar.gz: f01558c828f2a4282e6ed45f053bccc7cb3ecf2273ec3e7cb098c251a9cd92c69431095b0fd75fc6542aef77c902a3f760ed15ef2b6c7d8537012daf849a5896

data/CHANGELOG.md

@@ -1,5 +1,9 @@
 # Release history for google-apis-networksecurity_v1
 
+### v0.53.0 (2026-05-24)
+
+* Regenerated from discovery document revision 20260518
+
 ### v0.52.0 (2026-05-03)
 
 * Regenerated from discovery document revision 20260426

data/lib/google/apis/networksecurity_v1/classes.rb

@@ -278,6 +278,15 @@ module Google
         # @return [String]
         attr_accessor :name
       
+        # Optional. A list of authorization network rules to match against the incoming
+        # request. A policy match occurs when at least one network rule matches the
+        # request. At least one network rule is required for Allow or Deny Action if no
+        # HTTP rules are provided. Network rules are mutually exclusive with HTTP rules.
+        # Limited to 5 rules.
+        # Corresponds to the JSON property `networkRules`
+        # @return [Array<Google::Apis::NetworksecurityV1::AuthzPolicyAuthzRule>]
+        attr_accessor :network_rules
+      
         # Optional. Immutable. Defines the type of authorization being performed. If not
         # specified, `REQUEST_AUTHZ` is applied. This field cannot be changed once
         # AuthzPolicy is created.
@@ -308,6 +317,7 @@ module Google
           @http_rules = args[:http_rules] if args.key?(:http_rules)
           @labels = args[:labels] if args.key?(:labels)
           @name = args[:name] if args.key?(:name)
+          @network_rules = args[:network_rules] if args.key?(:network_rules)
           @policy_profile = args[:policy_profile] if args.key?(:policy_profile)
           @target = args[:target] if args.key?(:target)
           @update_time = args[:update_time] if args.key?(:update_time)
@@ -674,6 +684,15 @@ module Google
         # @return [Array<Google::Apis::NetworksecurityV1::AuthzPolicyAuthzRuleStringMatch>]
         attr_accessor :paths
       
+        # Optional. A list of SNIs to match against. The match can be one of exact,
+        # prefix, suffix, or contains (substring match). If there is no SNI (i.e.
+        # plaintext HTTP traffic), the request will be denied. Matches are always case
+        # sensitive unless the ignoreCase is set. Limited to 10 SNIs per Authorization
+        # Policy.
+        # Corresponds to the JSON property `snis`
+        # @return [Array<Google::Apis::NetworksecurityV1::AuthzPolicyAuthzRuleStringMatch>]
+        attr_accessor :snis
+      
         def initialize(**args)
            update!(**args)
         end
@@ -685,6 +704,7 @@ module Google
           @mcp = args[:mcp] if args.key?(:mcp)
           @methods_prop = args[:methods_prop] if args.key?(:methods_prop)
           @paths = args[:paths] if args.key?(:paths)
+          @snis = args[:snis] if args.key?(:snis)
         end
       end
       
@@ -1316,10 +1336,11 @@ module Google
       class FirewallEndpoint
         include Google::Apis::Core::Hashable
       
-        # Output only. List of networks that are associated with this endpoint in the
-        # local zone. This is a projection of the FirewallEndpointAssociations pointing
-        # at this endpoint. A network will only appear in this list after traffic
-        # routing is fully configured. Format: projects/`project`/global/networks/`name`.
+        # Output only. Deprecated: List of networks that are associated with this
+        # endpoint in the local zone. This is a projection of the
+        # FirewallEndpointAssociations pointing at this endpoint. A network will only
+        # appear in this list after traffic routing is fully configured. Format:
+        # projects/`project`/global/networks/`name`.
         # Corresponds to the JSON property `associatedNetworks`
         # @return [Array<String>]
         attr_accessor :associated_networks
@@ -3294,6 +3315,68 @@ module Google
         end
       end
       
+      # Response for `ListSACAttachments` method.
+      class ListSacAttachmentsResponse
+        include Google::Apis::Core::Hashable
+      
+        # A token identifying a page of results the server should return.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # The list of SACAttachments.
+        # Corresponds to the JSON property `sacAttachments`
+        # @return [Array<Google::Apis::NetworksecurityV1::SacAttachment>]
+        attr_accessor :sac_attachments
+      
+        # Locations that could not be reached.
+        # Corresponds to the JSON property `unreachable`
+        # @return [Array<String>]
+        attr_accessor :unreachable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @sac_attachments = args[:sac_attachments] if args.key?(:sac_attachments)
+          @unreachable = args[:unreachable] if args.key?(:unreachable)
+        end
+      end
+      
+      # Response for `ListSACRealms` method.
+      class ListSacRealmsResponse
+        include Google::Apis::Core::Hashable
+      
+        # A token identifying a page of results the server should return.
+        # Corresponds to the JSON property `nextPageToken`
+        # @return [String]
+        attr_accessor :next_page_token
+      
+        # The list of SACRealms.
+        # Corresponds to the JSON property `sacRealms`
+        # @return [Array<Google::Apis::NetworksecurityV1::SacRealm>]
+        attr_accessor :sac_realms
+      
+        # Locations that could not be reached.
+        # Corresponds to the JSON property `unreachable`
+        # @return [Array<String>]
+        attr_accessor :unreachable
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
+          @sac_realms = args[:sac_realms] if args.key?(:sac_realms)
+          @unreachable = args[:unreachable] if args.key?(:unreachable)
+        end
+      end
+      
       # Response returned by the ListSecurityProfileGroups method.
       class ListSecurityProfileGroupsResponse
         include Google::Apis::Core::Hashable
@@ -4252,6 +4335,151 @@ module Google
         end
       end
       
+      # Represents a Secure Access Connect (SAC) attachment resource. A Secure Access
+      # Connect attachment enables NCC Gateway to process traffic with an SSE product.
+      class SacAttachment
+        include Google::Apis::Core::Hashable
+      
+        # Output only. Timestamp when the attachment was created.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Optional. Optional list of labels applied to the resource.
+        # Corresponds to the JSON property `labels`
+        # @return [Hash<String,String>]
+        attr_accessor :labels
+      
+        # Identifier. Resource name, in the form `projects/`project`/locations/`location`
+        # /sacAttachments/`sac_attachment``.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Required. NCC Gateway associated with the attachment. This can be input as an
+        # ID or a full resource name. The output always has the form `projects/`
+        # project_number`/locations/`location`/spokes/`ncc_gateway``.
+        # Corresponds to the JSON property `nccGateway`
+        # @return [String]
+        attr_accessor :ncc_gateway
+      
+        # Required. SAC Realm which owns the attachment. This can be input as an ID or a
+        # full resource name. The output always has the form `projects/`project_number`/
+        # locations/`location`/sacRealms/`sac_realm``.
+        # Corresponds to the JSON property `sacRealm`
+        # @return [String]
+        attr_accessor :sac_realm
+      
+        # Output only. State of the attachment.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        # Output only. Timestamp when the attachment was last updated.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @labels = args[:labels] if args.key?(:labels)
+          @name = args[:name] if args.key?(:name)
+          @ncc_gateway = args[:ncc_gateway] if args.key?(:ncc_gateway)
+          @sac_realm = args[:sac_realm] if args.key?(:sac_realm)
+          @state = args[:state] if args.key?(:state)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      
+      # Represents a Secure Access Connect (SAC) realm resource. A Secure Access
+      # Connect realm establishes a connection between your Google Cloud project and
+      # an SSE service.
+      class SacRealm
+        include Google::Apis::Core::Hashable
+      
+        # Output only. Timestamp when the realm was created.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # Optional. Optional list of labels applied to the resource.
+        # Corresponds to the JSON property `labels`
+        # @return [Hash<String,String>]
+        attr_accessor :labels
+      
+        # Identifier. Resource name, in the form `projects/`project`/locations/global/
+        # sacRealms/`sacRealm``.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Key to be shared with SSE service provider to establish global handshake.
+        # Corresponds to the JSON property `pairingKey`
+        # @return [Google::Apis::NetworksecurityV1::SacRealmPairingKey]
+        attr_accessor :pairing_key
+      
+        # Immutable. SSE service provider associated with the realm.
+        # Corresponds to the JSON property `securityService`
+        # @return [String]
+        attr_accessor :security_service
+      
+        # Output only. State of the realm.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        # Output only. Timestamp when the realm was last updated.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @labels = args[:labels] if args.key?(:labels)
+          @name = args[:name] if args.key?(:name)
+          @pairing_key = args[:pairing_key] if args.key?(:pairing_key)
+          @security_service = args[:security_service] if args.key?(:security_service)
+          @state = args[:state] if args.key?(:state)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      
+      # Key to be shared with SSE service provider to establish global handshake.
+      class SacRealmPairingKey
+        include Google::Apis::Core::Hashable
+      
+        # Output only. Timestamp in UTC of when this resource is considered expired. It
+        # expires 7 days after creation.
+        # Corresponds to the JSON property `expireTime`
+        # @return [String]
+        attr_accessor :expire_time
+      
+        # Output only. Key value.
+        # Corresponds to the JSON property `key`
+        # @return [String]
+        attr_accessor :key
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @expire_time = args[:expire_time] if args.key?(:expire_time)
+          @key = args[:key] if args.key?(:key)
+        end
+      end
+      
       # SecurityProfile is a resource that defines the behavior for one of many
       # ProfileTypes.
       class SecurityProfile

data/lib/google/apis/networksecurity_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module NetworksecurityV1
       # Version of the google-apis-networksecurity_v1 gem
-      GEM_VERSION = "0.52.0"
+      GEM_VERSION = "0.53.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.18.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20260426"
+      REVISION = "20260518"
     end
   end
 end

data/lib/google/apis/networksecurity_v1/representations.rb

@@ -514,6 +514,18 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class ListSacAttachmentsResponse
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class ListSacRealmsResponse
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class ListSecurityProfileGroupsResponse
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -640,6 +652,24 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class SacAttachment
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class SacRealm
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class SacRealmPairingKey
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class SecurityProfile
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -776,6 +806,8 @@ module Google
       
           hash :labels, as: 'labels'
           property :name, as: 'name'
+          collection :network_rules, as: 'networkRules', class: Google::Apis::NetworksecurityV1::AuthzPolicyAuthzRule, decorator: Google::Apis::NetworksecurityV1::AuthzPolicyAuthzRule::Representation
+      
           property :policy_profile, as: 'policyProfile'
           property :target, as: 'target', class: Google::Apis::NetworksecurityV1::AuthzPolicyTarget, decorator: Google::Apis::NetworksecurityV1::AuthzPolicyTarget::Representation
       
@@ -892,6 +924,8 @@ module Google
           collection :methods_prop, as: 'methods'
           collection :paths, as: 'paths', class: Google::Apis::NetworksecurityV1::AuthzPolicyAuthzRuleStringMatch, decorator: Google::Apis::NetworksecurityV1::AuthzPolicyAuthzRuleStringMatch::Representation
       
+          collection :snis, as: 'snis', class: Google::Apis::NetworksecurityV1::AuthzPolicyAuthzRuleStringMatch, decorator: Google::Apis::NetworksecurityV1::AuthzPolicyAuthzRuleStringMatch::Representation
+      
         end
       end
       
@@ -1553,6 +1587,26 @@ module Google
         end
       end
       
+      class ListSacAttachmentsResponse
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :next_page_token, as: 'nextPageToken'
+          collection :sac_attachments, as: 'sacAttachments', class: Google::Apis::NetworksecurityV1::SacAttachment, decorator: Google::Apis::NetworksecurityV1::SacAttachment::Representation
+      
+          collection :unreachable, as: 'unreachable'
+        end
+      end
+      
+      class ListSacRealmsResponse
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :next_page_token, as: 'nextPageToken'
+          collection :sac_realms, as: 'sacRealms', class: Google::Apis::NetworksecurityV1::SacRealm, decorator: Google::Apis::NetworksecurityV1::SacRealm::Representation
+      
+          collection :unreachable, as: 'unreachable'
+        end
+      end
+      
       class ListSecurityProfileGroupsResponse
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -1786,6 +1840,41 @@ module Google
         end
       end
       
+      class SacAttachment
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :create_time, as: 'createTime'
+          hash :labels, as: 'labels'
+          property :name, as: 'name'
+          property :ncc_gateway, as: 'nccGateway'
+          property :sac_realm, as: 'sacRealm'
+          property :state, as: 'state'
+          property :update_time, as: 'updateTime'
+        end
+      end
+      
+      class SacRealm
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :create_time, as: 'createTime'
+          hash :labels, as: 'labels'
+          property :name, as: 'name'
+          property :pairing_key, as: 'pairingKey', class: Google::Apis::NetworksecurityV1::SacRealmPairingKey, decorator: Google::Apis::NetworksecurityV1::SacRealmPairingKey::Representation
+      
+          property :security_service, as: 'securityService'
+          property :state, as: 'state'
+          property :update_time, as: 'updateTime'
+        end
+      end
+      
+      class SacRealmPairingKey
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :expire_time, as: 'expireTime'
+          property :key, as: 'key'
+        end
+      end
+      
       class SecurityProfile
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation

data/lib/google/apis/networksecurity_v1/service.rb

@@ -51,6 +51,92 @@ module Google
           @batch_path = 'batch'
         end
         
+        # Gets information about a location.
+        # @param [String] name
+        #   Resource name for the location.
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::NetworksecurityV1::Location] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::NetworksecurityV1::Location]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def get_organization_location(name, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:get, 'v1/{+name}', options)
+          command.response_representation = Google::Apis::NetworksecurityV1::Location::Representation
+          command.response_class = Google::Apis::NetworksecurityV1::Location
+          command.params['name'] = name unless name.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
+        # Lists information about the supported locations for this service. This method
+        # lists locations based on the resource scope provided in the
+        # ListLocationsRequest.name field: * **Global locations**: If `name` is empty,
+        # the method lists the public locations available to all projects. * **Project-
+        # specific locations**: If `name` follows the format `projects/`project``, the
+        # method lists locations visible to that specific project. This includes public,
+        # private, or other project-specific locations enabled for the project. For gRPC
+        # and client library implementations, the resource name is passed as the `name`
+        # field. For direct service calls, the resource name is incorporated into the
+        # request path based on the specific service implementation and version.
+        # @param [String] name
+        #   The resource that owns the locations collection, if applicable.
+        # @param [Array<String>, String] extra_location_types
+        #   Optional. Do not use this field unless explicitly documented otherwise. This
+        #   is primarily for internal usage.
+        # @param [String] filter
+        #   A filter to narrow down results to a preferred subset. The filtering language
+        #   accepts strings like `"displayName=tokyo"`, and is documented in more detail
+        #   in [AIP-160](https://google.aip.dev/160).
+        # @param [Fixnum] page_size
+        #   The maximum number of results to return. If not set, the service selects a
+        #   default.
+        # @param [String] page_token
+        #   A page token received from the `next_page_token` field in the response. Send
+        #   that page token to receive the subsequent page.
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::NetworksecurityV1::ListLocationsResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::NetworksecurityV1::ListLocationsResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def list_organization_locations(name, extra_location_types: nil, filter: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:get, 'v1/{+name}/locations', options)
+          command.response_representation = Google::Apis::NetworksecurityV1::ListLocationsResponse::Representation
+          command.response_class = Google::Apis::NetworksecurityV1::ListLocationsResponse
+          command.params['name'] = name unless name.nil?
+          command.query['extraLocationTypes'] = extra_location_types unless extra_location_types.nil?
+          command.query['filter'] = filter unless filter.nil?
+          command.query['pageSize'] = page_size unless page_size.nil?
+          command.query['pageToken'] = page_token unless page_token.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
         # Adds items to an address group.
         # @param [String] address_group
         #   Required. A name of the AddressGroup to add items to. Must be in the format `
@@ -414,6 +500,45 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
+        # Returns permissions that a caller has on the specified resource. If the
+        # resource does not exist, this will return an empty set of permissions, not a `
+        # NOT_FOUND` error. Note: This operation is designed to be used for building
+        # permission-aware UIs and command-line tools, not for authorization checking.
+        # This operation may "fail open" without warning.
+        # @param [String] resource
+        #   REQUIRED: The resource for which the policy detail is being requested. See [
+        #   Resource names](https://cloud.google.com/apis/design/resource_names) for the
+        #   appropriate value for this field.
+        # @param [Google::Apis::NetworksecurityV1::GoogleIamV1TestIamPermissionsRequest] google_iam_v1_test_iam_permissions_request_object
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::NetworksecurityV1::GoogleIamV1TestIamPermissionsResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::NetworksecurityV1::GoogleIamV1TestIamPermissionsResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def test_organization_location_address_group_iam_permissions(resource, google_iam_v1_test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options)
+          command.request_representation = Google::Apis::NetworksecurityV1::GoogleIamV1TestIamPermissionsRequest::Representation
+          command.request_object = google_iam_v1_test_iam_permissions_request_object
+          command.response_representation = Google::Apis::NetworksecurityV1::GoogleIamV1TestIamPermissionsResponse::Representation
+          command.response_class = Google::Apis::NetworksecurityV1::GoogleIamV1TestIamPermissionsResponse
+          command.params['resource'] = resource unless resource.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
         # Creates a new FirewallEndpoint in a given organization and location.
         # @param [String] parent
         #   Required. Value for parent.
@@ -5669,6 +5794,346 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
+        # Creates a new SACAttachment in a given project and location.
+        # @param [String] parent
+        #   Required. The parent, in the form `projects/`project`/locations/`location``.
+        # @param [Google::Apis::NetworksecurityV1::SacAttachment] sac_attachment_object
+        # @param [String] request_id
+        #   Optional. An optional request ID to identify requests. Specify a unique
+        #   request ID so that if you must retry your request, the server will know to
+        #   ignore the request if it has already been completed. The server will guarantee
+        #   that for at least 60 minutes since the first request. For example, consider a
+        #   situation where you make an initial request and the request times out. If you
+        #   make the request again with the same request ID, the server can check if
+        #   original operation with the same request ID was received, and if so, will
+        #   ignore the second request. This prevents clients from accidentally creating
+        #   duplicate commitments. The request ID must be a valid UUID with the exception
+        #   that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+        # @param [String] sac_attachment_id
+        #   Required. ID of the created attachment. The ID must be 1-63 characters long,
+        #   and comply with RFC1035. Specifically, it must be 1-63 characters long and
+        #   match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the
+        #   first character must be a lowercase letter, and all following characters must
+        #   be a dash, lowercase letter, or digit, except the last character, which cannot
+        #   be a dash.
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::NetworksecurityV1::Operation] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::NetworksecurityV1::Operation]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def create_project_location_sac_attachment(parent, sac_attachment_object = nil, request_id: nil, sac_attachment_id: nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/{+parent}/sacAttachments', options)
+          command.request_representation = Google::Apis::NetworksecurityV1::SacAttachment::Representation
+          command.request_object = sac_attachment_object
+          command.response_representation = Google::Apis::NetworksecurityV1::Operation::Representation
+          command.response_class = Google::Apis::NetworksecurityV1::Operation
+          command.params['parent'] = parent unless parent.nil?
+          command.query['requestId'] = request_id unless request_id.nil?
+          command.query['sacAttachmentId'] = sac_attachment_id unless sac_attachment_id.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
+        # Deletes the specified attachment.
+        # @param [String] name
+        #   Required. Name of the resource, in the form `projects/`project`/locations/`
+        #   location`/sacAttachments/`sac_attachment``.
+        # @param [String] request_id
+        #   Optional. An optional request ID to identify requests. Specify a unique
+        #   request ID so that if you must retry your request, the server will know to
+        #   ignore the request if it has already been completed. The server will guarantee
+        #   that for at least 60 minutes after the first request. For example, consider a
+        #   situation where you make an initial request and the request times out. If you
+        #   make the request again with the same request ID, the server can check if
+        #   original operation with the same request ID was received, and if so, will
+        #   ignore the second request. This prevents clients from accidentally creating
+        #   duplicate commitments. The request ID must be a valid UUID with the exception
+        #   that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::NetworksecurityV1::Operation] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::NetworksecurityV1::Operation]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def delete_project_location_sac_attachment(name, request_id: nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:delete, 'v1/{+name}', options)
+          command.response_representation = Google::Apis::NetworksecurityV1::Operation::Representation
+          command.response_class = Google::Apis::NetworksecurityV1::Operation
+          command.params['name'] = name unless name.nil?
+          command.query['requestId'] = request_id unless request_id.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
+        # Returns the specified attachment.
+        # @param [String] name
+        #   Required. Name of the resource, in the form `projects/`project`/locations/`
+        #   location`/sacAttachments/`sac_attachment``.
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::NetworksecurityV1::SacAttachment] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::NetworksecurityV1::SacAttachment]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def get_project_location_sac_attachment(name, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:get, 'v1/{+name}', options)
+          command.response_representation = Google::Apis::NetworksecurityV1::SacAttachment::Representation
+          command.response_class = Google::Apis::NetworksecurityV1::SacAttachment
+          command.params['name'] = name unless name.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
+        # Lists SACAttachments in a given project and location.
+        # @param [String] parent
+        #   Required. The parent, in the form `projects/`project`/locations/`location``.
+        # @param [String] filter
+        #   Optional. An expression that filters the list of results.
+        # @param [String] order_by
+        #   Optional. Sort the results by a certain order.
+        # @param [Fixnum] page_size
+        #   Optional. Requested page size. Server may return fewer items than requested.
+        #   If unspecified, server will pick an appropriate default.
+        # @param [String] page_token
+        #   Optional. A token identifying a page of results the server should return.
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::NetworksecurityV1::ListSacAttachmentsResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::NetworksecurityV1::ListSacAttachmentsResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def list_project_location_sac_attachments(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:get, 'v1/{+parent}/sacAttachments', options)
+          command.response_representation = Google::Apis::NetworksecurityV1::ListSacAttachmentsResponse::Representation
+          command.response_class = Google::Apis::NetworksecurityV1::ListSacAttachmentsResponse
+          command.params['parent'] = parent unless parent.nil?
+          command.query['filter'] = filter unless filter.nil?
+          command.query['orderBy'] = order_by unless order_by.nil?
+          command.query['pageSize'] = page_size unless page_size.nil?
+          command.query['pageToken'] = page_token unless page_token.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
+        # Creates a new SACRealm in a given project.
+        # @param [String] parent
+        #   Required. The parent, in the form `projects/`project`/locations/global`.
+        # @param [Google::Apis::NetworksecurityV1::SacRealm] sac_realm_object
+        # @param [String] request_id
+        #   Optional. An optional request ID to identify requests. Specify a unique
+        #   request ID so that if you must retry your request, the server will know to
+        #   ignore the request if it has already been completed. The server will guarantee
+        #   that for at least 60 minutes since the first request. For example, consider a
+        #   situation where you make an initial request and the request times out. If you
+        #   make the request again with the same request ID, the server can check if
+        #   original operation with the same request ID was received, and if so, will
+        #   ignore the second request. This prevents clients from accidentally creating
+        #   duplicate commitments. The request ID must be a valid UUID with the exception
+        #   that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+        # @param [String] sac_realm_id
+        #   Required. ID of the created realm. The ID must be 1-63 characters long, and
+        #   comply with RFC1035. Specifically, it must be 1-63 characters long and match
+        #   the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first
+        #   character must be a lowercase letter, and all following characters must be a
+        #   dash, lowercase letter, or digit, except the last character, which cannot be a
+        #   dash.
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::NetworksecurityV1::Operation] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::NetworksecurityV1::Operation]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def create_project_location_sac_realm(parent, sac_realm_object = nil, request_id: nil, sac_realm_id: nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/{+parent}/sacRealms', options)
+          command.request_representation = Google::Apis::NetworksecurityV1::SacRealm::Representation
+          command.request_object = sac_realm_object
+          command.response_representation = Google::Apis::NetworksecurityV1::Operation::Representation
+          command.response_class = Google::Apis::NetworksecurityV1::Operation
+          command.params['parent'] = parent unless parent.nil?
+          command.query['requestId'] = request_id unless request_id.nil?
+          command.query['sacRealmId'] = sac_realm_id unless sac_realm_id.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
+        # Deletes the specified realm.
+        # @param [String] name
+        #   Required. Name of the resource, in the form `projects/`project`/locations/
+        #   global/sacRealms/`sacRealm``.
+        # @param [String] request_id
+        #   Optional. An optional request ID to identify requests. Specify a unique
+        #   request ID so that if you must retry your request, the server will know to
+        #   ignore the request if it has already been completed. The server will guarantee
+        #   that for at least 60 minutes after the first request. For example, consider a
+        #   situation where you make an initial request and the request times out. If you
+        #   make the request again with the same request ID, the server can check if
+        #   original operation with the same request ID was received, and if so, will
+        #   ignore the second request. This prevents clients from accidentally creating
+        #   duplicate commitments. The request ID must be a valid UUID with the exception
+        #   that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::NetworksecurityV1::Operation] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::NetworksecurityV1::Operation]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def delete_project_location_sac_realm(name, request_id: nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:delete, 'v1/{+name}', options)
+          command.response_representation = Google::Apis::NetworksecurityV1::Operation::Representation
+          command.response_class = Google::Apis::NetworksecurityV1::Operation
+          command.params['name'] = name unless name.nil?
+          command.query['requestId'] = request_id unless request_id.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
+        # Returns the specified realm.
+        # @param [String] name
+        #   Required. Name of the resource, in the form `projects/`project`/locations/
+        #   global/sacRealms/`sacRealm``.
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::NetworksecurityV1::SacRealm] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::NetworksecurityV1::SacRealm]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def get_project_location_sac_realm(name, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:get, 'v1/{+name}', options)
+          command.response_representation = Google::Apis::NetworksecurityV1::SacRealm::Representation
+          command.response_class = Google::Apis::NetworksecurityV1::SacRealm
+          command.params['name'] = name unless name.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
+        # Lists SACRealms in a given project.
+        # @param [String] parent
+        #   Required. The parent, in the form `projects/`project`/locations/global`.
+        # @param [String] filter
+        #   Optional. An expression that filters the list of results.
+        # @param [String] order_by
+        #   Optional. Sort the results by a certain order.
+        # @param [Fixnum] page_size
+        #   Optional. Requested page size. Server may return fewer items than requested.
+        #   If unspecified, server will pick an appropriate default.
+        # @param [String] page_token
+        #   Optional. A token identifying a page of results the server should return.
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::NetworksecurityV1::ListSacRealmsResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::NetworksecurityV1::ListSacRealmsResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def list_project_location_sac_realms(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:get, 'v1/{+parent}/sacRealms', options)
+          command.response_representation = Google::Apis::NetworksecurityV1::ListSacRealmsResponse::Representation
+          command.response_class = Google::Apis::NetworksecurityV1::ListSacRealmsResponse
+          command.params['parent'] = parent unless parent.nil?
+          command.query['filter'] = filter unless filter.nil?
+          command.query['orderBy'] = order_by unless order_by.nil?
+          command.query['pageSize'] = page_size unless page_size.nil?
+          command.query['pageToken'] = page_token unless page_token.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
         # Creates a new SecurityProfileGroup in a given project and location.
         # @param [String] parent
         #   Required. The parent resource of the SecurityProfileGroup. Must be in the

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-networksecurity_v1
 version: !ruby/object:Gem::Version
-  version: 0.52.0
+  version: 0.53.0
 platform: ruby
 authors:
 - Google LLC
@@ -57,7 +57,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-networksecurity_v1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-networksecurity_v1/v0.52.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-networksecurity_v1/v0.53.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-networksecurity_v1
 rdoc_options: []
 require_paths: