google-apis-policysimulator_v1 0.5.0 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/lib/google/apis/policysimulator_v1/classes.rb +49 -43
- data/lib/google/apis/policysimulator_v1/gem_version.rb +2 -2
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e0286afd18f202aee5046f798b550d9d1cbce47536269400edea0ee9ac5960bb
|
4
|
+
data.tar.gz: db89c8f5cf0439fe884d99b956c2328d220b7dfd0332f4d4230bf705ef9a6441
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 41859fac92f82b2164b922ab3118cbc90b0ef53822fa84c044eb053cc328452eabbe4eb992a67bcf38c04ffd5fc6dd1a4f7daf36be54b26f9b4a00d268a4280a
|
7
|
+
data.tar.gz: aafb8eca9ed5fb964d589147b00c41165d53ab7c5d2612e0bf7c5c1d2ac5443148a173108509982d81ae90c7f12f83a2e2025d91b27a9cf9de8d38b4718314e7
|
data/CHANGELOG.md
CHANGED
@@ -22,13 +22,13 @@ module Google
|
|
22
22
|
module Apis
|
23
23
|
module PolicysimulatorV1
|
24
24
|
|
25
|
-
# A summary and comparison of the
|
25
|
+
# A summary and comparison of the principal's access under the current (baseline)
|
26
26
|
# policies and the proposed (simulated) policies for a single access tuple.
|
27
27
|
class GoogleCloudPolicysimulatorV1AccessStateDiff
|
28
28
|
include Google::Apis::Core::Hashable
|
29
29
|
|
30
|
-
# How the
|
31
|
-
# the current (baseline) policies and proposed (simulated) policies.
|
30
|
+
# How the principal's access, specified in the AccessState field, changed
|
31
|
+
# between the current (baseline) policies and proposed (simulated) policies.
|
32
32
|
# Corresponds to the JSON property `accessChange`
|
33
33
|
# @return [String]
|
34
34
|
attr_accessor :access_change
|
@@ -57,7 +57,7 @@ module Google
|
|
57
57
|
end
|
58
58
|
end
|
59
59
|
|
60
|
-
# Information about the
|
60
|
+
# Information about the principal, resource, and permission to check.
|
61
61
|
class GoogleCloudPolicysimulatorV1AccessTuple
|
62
62
|
include Google::Apis::Core::Hashable
|
63
63
|
|
@@ -69,7 +69,7 @@ module Google
|
|
69
69
|
# @return [String]
|
70
70
|
attr_accessor :full_resource_name
|
71
71
|
|
72
|
-
# Required. The IAM permission to check for the specified
|
72
|
+
# Required. The IAM permission to check for the specified principal and resource.
|
73
73
|
# For a complete list of IAM permissions, see https://cloud.google.com/iam/help/
|
74
74
|
# permissions/reference. For a complete list of predefined IAM roles and the
|
75
75
|
# permissions in each role, see https://cloud.google.com/iam/help/roles/
|
@@ -78,11 +78,11 @@ module Google
|
|
78
78
|
# @return [String]
|
79
79
|
attr_accessor :permission
|
80
80
|
|
81
|
-
# Required. The
|
82
|
-
#
|
83
|
-
#
|
84
|
-
#
|
85
|
-
#
|
81
|
+
# Required. The principal whose access you want to check, in the form of the
|
82
|
+
# email address that represents that principal. For example, `alice@example.com`
|
83
|
+
# or `my-service-account@my-project.iam.gserviceaccount.com`. The principal must
|
84
|
+
# be a Google Account or a service account. Other types of principals are not
|
85
|
+
# supported.
|
86
86
|
# Corresponds to the JSON property `principal`
|
87
87
|
# @return [String]
|
88
88
|
attr_accessor :principal
|
@@ -99,17 +99,17 @@ module Google
|
|
99
99
|
end
|
100
100
|
end
|
101
101
|
|
102
|
-
# Details about how a binding in a policy affects a
|
102
|
+
# Details about how a binding in a policy affects a principal's ability to use a
|
103
103
|
# permission.
|
104
104
|
class GoogleCloudPolicysimulatorV1BindingExplanation
|
105
105
|
include Google::Apis::Core::Hashable
|
106
106
|
|
107
107
|
# Required. Indicates whether _this binding_ provides the specified permission
|
108
|
-
# to the specified
|
109
|
-
# indicate whether the
|
108
|
+
# to the specified principal for the specified resource. This field does _not_
|
109
|
+
# indicate whether the principal actually has the permission for the resource.
|
110
110
|
# There might be another binding that overrides this binding. To determine
|
111
|
-
# whether the
|
112
|
-
# TroubleshootIamPolicyResponse.
|
111
|
+
# whether the principal actually has the permission, use the `access` field in
|
112
|
+
# the TroubleshootIamPolicyResponse.
|
113
113
|
# Corresponds to the JSON property `access`
|
114
114
|
# @return [String]
|
115
115
|
attr_accessor :access
|
@@ -133,17 +133,18 @@ module Google
|
|
133
133
|
# @return [Google::Apis::PolicysimulatorV1::GoogleTypeExpr]
|
134
134
|
attr_accessor :condition
|
135
135
|
|
136
|
-
# Indicates whether each
|
137
|
-
# the request, either directly or indirectly. Each key identifies a
|
138
|
-
# the binding, and each value indicates whether the
|
139
|
-
# includes the
|
140
|
-
# includes the following
|
141
|
-
# eng@example.com` The
|
142
|
-
# com`. This user is a
|
143
|
-
# the first
|
144
|
-
# membership` field in the value is set to `
|
145
|
-
# second
|
146
|
-
# the `membership` field in the value is set
|
136
|
+
# Indicates whether each principal in the binding includes the principal
|
137
|
+
# specified in the request, either directly or indirectly. Each key identifies a
|
138
|
+
# principal in the binding, and each value indicates whether the principal in
|
139
|
+
# the binding includes the principal in the request. For example, suppose that a
|
140
|
+
# binding includes the following principals: * `user:alice@example.com` * `group:
|
141
|
+
# product-eng@example.com` The principal in the replayed access tuple is `user:
|
142
|
+
# bob@example.com`. This user is a principal of the group `group:product-eng@
|
143
|
+
# example.com`. For the first principal in the binding, the key is `user:alice@
|
144
|
+
# example.com`, and the `membership` field in the value is set to `
|
145
|
+
# MEMBERSHIP_NOT_INCLUDED`. For the second principal in the binding, the key is `
|
146
|
+
# group:product-eng@example.com`, and the `membership` field in the value is set
|
147
|
+
# to `MEMBERSHIP_INCLUDED`.
|
147
148
|
# Corresponds to the JSON property `memberships`
|
148
149
|
# @return [Hash<String,Google::Apis::PolicysimulatorV1::GoogleCloudPolicysimulatorV1BindingExplanationAnnotatedMembership>]
|
149
150
|
attr_accessor :memberships
|
@@ -189,16 +190,16 @@ module Google
|
|
189
190
|
end
|
190
191
|
end
|
191
192
|
|
192
|
-
# Details about whether the binding includes the
|
193
|
+
# Details about whether the binding includes the principal.
|
193
194
|
class GoogleCloudPolicysimulatorV1BindingExplanationAnnotatedMembership
|
194
195
|
include Google::Apis::Core::Hashable
|
195
196
|
|
196
|
-
# Indicates whether the binding includes the
|
197
|
+
# Indicates whether the binding includes the principal.
|
197
198
|
# Corresponds to the JSON property `membership`
|
198
199
|
# @return [String]
|
199
200
|
attr_accessor :membership
|
200
201
|
|
201
|
-
# The relevance of the
|
202
|
+
# The relevance of the principal's status to the overall determination for the
|
202
203
|
# binding.
|
203
204
|
# Corresponds to the JSON property `relevance`
|
204
205
|
# @return [String]
|
@@ -220,8 +221,8 @@ module Google
|
|
220
221
|
class GoogleCloudPolicysimulatorV1ExplainedAccess
|
221
222
|
include Google::Apis::Core::Hashable
|
222
223
|
|
223
|
-
# Whether the
|
224
|
-
# in the access tuple under the given policies.
|
224
|
+
# Whether the principal in the access tuple has permission to access the
|
225
|
+
# resource in the access tuple under the given policies.
|
225
226
|
# Corresponds to the JSON property `accessState`
|
226
227
|
# @return [String]
|
227
228
|
attr_accessor :access_state
|
@@ -257,18 +258,18 @@ module Google
|
|
257
258
|
include Google::Apis::Core::Hashable
|
258
259
|
|
259
260
|
# Indicates whether _this policy_ provides the specified permission to the
|
260
|
-
# specified
|
261
|
-
# whether the
|
262
|
-
# be another policy that overrides this policy. To determine whether the
|
263
|
-
# actually has the permission, use the `access` field in the
|
261
|
+
# specified principal for the specified resource. This field does _not_ indicate
|
262
|
+
# whether the principal actually has the permission for the resource. There
|
263
|
+
# might be another policy that overrides this policy. To determine whether the
|
264
|
+
# principal actually has the permission, use the `access` field in the
|
264
265
|
# TroubleshootIamPolicyResponse.
|
265
266
|
# Corresponds to the JSON property `access`
|
266
267
|
# @return [String]
|
267
268
|
attr_accessor :access
|
268
269
|
|
269
|
-
# Details about how each binding in the policy affects the
|
270
|
-
# inability, to use the permission for the resource. If the user who created
|
271
|
-
# Replay does not have access to the policy, this field is omitted.
|
270
|
+
# Details about how each binding in the policy affects the principal's ability,
|
271
|
+
# or inability, to use the permission for the resource. If the user who created
|
272
|
+
# the Replay does not have access to the policy, this field is omitted.
|
272
273
|
# Corresponds to the JSON property `bindingExplanations`
|
273
274
|
# @return [Array<Google::Apis::PolicysimulatorV1::GoogleCloudPolicysimulatorV1BindingExplanation>]
|
274
275
|
attr_accessor :binding_explanations
|
@@ -437,12 +438,12 @@ module Google
|
|
437
438
|
|
438
439
|
# The difference between the results of evaluating an access tuple under the
|
439
440
|
# current (baseline) policies and under the proposed (simulated) policies. This
|
440
|
-
# difference explains how a
|
441
|
+
# difference explains how a principal's access could change if the proposed
|
441
442
|
# policies were applied.
|
442
443
|
class GoogleCloudPolicysimulatorV1ReplayDiff
|
443
444
|
include Google::Apis::Core::Hashable
|
444
445
|
|
445
|
-
# A summary and comparison of the
|
446
|
+
# A summary and comparison of the principal's access under the current (baseline)
|
446
447
|
# policies and the proposed (simulated) policies for a single access tuple.
|
447
448
|
# Corresponds to the JSON property `accessDiff`
|
448
449
|
# @return [Google::Apis::PolicysimulatorV1::GoogleCloudPolicysimulatorV1AccessStateDiff]
|
@@ -481,14 +482,14 @@ module Google
|
|
481
482
|
class GoogleCloudPolicysimulatorV1ReplayResult
|
482
483
|
include Google::Apis::Core::Hashable
|
483
484
|
|
484
|
-
# Information about the
|
485
|
+
# Information about the principal, resource, and permission to check.
|
485
486
|
# Corresponds to the JSON property `accessTuple`
|
486
487
|
# @return [Google::Apis::PolicysimulatorV1::GoogleCloudPolicysimulatorV1AccessTuple]
|
487
488
|
attr_accessor :access_tuple
|
488
489
|
|
489
490
|
# The difference between the results of evaluating an access tuple under the
|
490
491
|
# current (baseline) policies and under the proposed (simulated) policies. This
|
491
|
-
# difference explains how a
|
492
|
+
# difference explains how a principal's access could change if the proposed
|
492
493
|
# policies were applied.
|
493
494
|
# Corresponds to the JSON property `diff`
|
494
495
|
# @return [Google::Apis::PolicysimulatorV1::GoogleCloudPolicysimulatorV1ReplayDiff]
|
@@ -948,7 +949,12 @@ module Google
|
|
948
949
|
|
949
950
|
# Associates a list of `members` to a `role`. Optionally, may specify a `
|
950
951
|
# condition` that determines how and when the `bindings` are applied. Each of
|
951
|
-
# the `bindings` must contain at least one member.
|
952
|
+
# the `bindings` must contain at least one member. The `bindings` in a `Policy`
|
953
|
+
# can refer to up to 1,500 members; up to 250 of these members can be Google
|
954
|
+
# groups. Each occurrence of a member counts towards these limits. For example,
|
955
|
+
# if the `bindings` grant 50 different roles to `user:alice@example.com`, and
|
956
|
+
# not to any other member, then you can add another 1,450 members to the `
|
957
|
+
# bindings` in the `Policy`.
|
952
958
|
# Corresponds to the JSON property `bindings`
|
953
959
|
# @return [Array<Google::Apis::PolicysimulatorV1::GoogleIamV1Binding>]
|
954
960
|
attr_accessor :bindings
|
@@ -16,13 +16,13 @@ module Google
|
|
16
16
|
module Apis
|
17
17
|
module PolicysimulatorV1
|
18
18
|
# Version of the google-apis-policysimulator_v1 gem
|
19
|
-
GEM_VERSION = "0.
|
19
|
+
GEM_VERSION = "0.6.0"
|
20
20
|
|
21
21
|
# Version of the code generator used to generate this client
|
22
22
|
GENERATOR_VERSION = "0.4.0"
|
23
23
|
|
24
24
|
# Revision of the discovery document this client was generated from
|
25
|
-
REVISION = "
|
25
|
+
REVISION = "20211002"
|
26
26
|
end
|
27
27
|
end
|
28
28
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-apis-policysimulator_v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.6.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-10-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: google-apis-core
|
@@ -58,7 +58,7 @@ licenses:
|
|
58
58
|
metadata:
|
59
59
|
bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
|
60
60
|
changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-policysimulator_v1/CHANGELOG.md
|
61
|
-
documentation_uri: https://googleapis.dev/ruby/google-apis-policysimulator_v1/v0.
|
61
|
+
documentation_uri: https://googleapis.dev/ruby/google-apis-policysimulator_v1/v0.6.0
|
62
62
|
source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-policysimulator_v1
|
63
63
|
post_install_message:
|
64
64
|
rdoc_options: []
|