google-cloud-access_approval-v1 0.1.0

data/proto_docs/google/cloud/accessapproval/v1/accessapproval.rb

@@ -0,0 +1,359 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module AccessApproval
+      module V1
+        # Home office and physical location of the principal.
+        # @!attribute [rw] principal_office_country
+        #   @return [String]
+        #     The "home office" location of the principal. A two-letter country code
+        #     (ISO 3166-1 alpha-2), such as "US", "DE" or "GB" or a region code. In some
+        #     limited situations Google systems may refer refer to a region code instead
+        #     of a country code.
+        #     Possible Region Codes:
+        #     <ol>
+        #       <li>ASI: Asia</li>
+        #       <li>EUR: Europe</li>
+        #       <li>OCE: Oceania</li>
+        #       <li>AFR: Africa</li>
+        #       <li>NAM: North America</li>
+        #       <li>SAM: South America</li>
+        #       <li>ANT: Antarctica</li>
+        #       <li>ANY: Any location</li>
+        #     </ol>
+        # @!attribute [rw] principal_physical_location_country
+        #   @return [String]
+        #     Physical location of the principal at the time of the access. A
+        #     two-letter country code (ISO 3166-1 alpha-2), such as "US", "DE" or "GB" or
+        #     a region code. In some limited situations Google systems may refer refer to
+        #     a region code instead of a country code.
+        #     Possible Region Codes:
+        #     <ol>
+        #       <li>ASI: Asia</li>
+        #       <li>EUR: Europe</li>
+        #       <li>OCE: Oceania</li>
+        #       <li>AFR: Africa</li>
+        #       <li>NAM: North America</li>
+        #       <li>SAM: South America</li>
+        #       <li>ANT: Antarctica</li>
+        #       <li>ANY: Any location</li>
+        #     </ol>
+        class AccessLocations
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # @!attribute [rw] type
+        #   @return [Google::Cloud::AccessApproval::V1::AccessReason::Type]
+        #     Type of access justification.
+        # @!attribute [rw] detail
+        #   @return [String]
+        #     More detail about certain reason types. See comments for each type above.
+        class AccessReason
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+
+          # Type of access justification.
+          module Type
+            # Default value for proto, shouldn't be used.
+            TYPE_UNSPECIFIED = 0
+
+            # Customer made a request or raised an issue that required the principal to
+            # access customer data. `detail` is of the form ("#####" is the issue ID):
+            # <ol>
+            #   <li>"Feedback Report: #####"</li>
+            #   <li>"Case Number: #####"</li>
+            #   <li>"Case ID: #####"</li>
+            #   <li>"E-PIN Reference: #####"</li>
+            #   <li>"Google-#####"</li>
+            #   <li>"T-#####"</li>
+            # </ol>
+            CUSTOMER_INITIATED_SUPPORT = 1
+
+            # The principal accessed customer data in order to diagnose or resolve a
+            # suspected issue in services or a known outage. Often this access is used
+            # to confirm that customers are not affected by a suspected service issue
+            # or to remediate a reversible system issue.
+            GOOGLE_INITIATED_SERVICE = 2
+
+            # Google initiated service for security, fraud, abuse, or compliance
+            # purposes.
+            GOOGLE_INITIATED_REVIEW = 3
+          end
+        end
+
+        # A decision that has been made to approve access to a resource.
+        # @!attribute [rw] approve_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     The time at which approval was granted.
+        # @!attribute [rw] expire_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     The time at which the approval expires.
+        class ApproveDecision
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # A decision that has been made to dismiss an approval request.
+        # @!attribute [rw] dismiss_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     The time at which the approval request was dismissed.
+        class DismissDecision
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # The properties associated with the resource of the request.
+        # @!attribute [rw] excludes_descendants
+        #   @return [Boolean]
+        #     Whether an approval will exclude the descendants of the resource being
+        #     requested.
+        class ResourceProperties
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # A request for the customer to approve access to a resource.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The resource name of the request. Format is
+        #     "\\{projects|folders|organizations}/\\{id}/approvalRequests/\\{approval_request_id}".
+        # @!attribute [rw] requested_resource_name
+        #   @return [String]
+        #     The resource for which approval is being requested. The format of the
+        #     resource name is defined at
+        #     https://cloud.google.com/apis/design/resource_names. The resource name here
+        #     may either be a "full" resource name (e.g.
+        #     "//library.googleapis.com/shelves/shelf1/books/book2") or a "relative"
+        #     resource name (e.g. "shelves/shelf1/books/book2") as described in the
+        #     resource name specification.
+        # @!attribute [rw] requested_resource_properties
+        #   @return [Google::Cloud::AccessApproval::V1::ResourceProperties]
+        #     Properties related to the resource represented by requested_resource_name.
+        # @!attribute [rw] requested_reason
+        #   @return [Google::Cloud::AccessApproval::V1::AccessReason]
+        #     The justification for which approval is being requested.
+        # @!attribute [rw] requested_locations
+        #   @return [Google::Cloud::AccessApproval::V1::AccessLocations]
+        #     The locations for which approval is being requested.
+        # @!attribute [rw] request_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     The time at which approval was requested.
+        # @!attribute [rw] requested_expiration
+        #   @return [Google::Protobuf::Timestamp]
+        #     The requested expiration for the approval. If the request is approved,
+        #     access will be granted from the time of approval until the expiration time.
+        # @!attribute [rw] approve
+        #   @return [Google::Cloud::AccessApproval::V1::ApproveDecision]
+        #     Access was approved.
+        # @!attribute [rw] dismiss
+        #   @return [Google::Cloud::AccessApproval::V1::DismissDecision]
+        #     The request was dismissed.
+        class ApprovalRequest
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Represents the enrollment of a cloud resource into a specific service.
+        # @!attribute [rw] cloud_product
+        #   @return [String]
+        #     The product for which Access Approval will be enrolled. Allowed values are
+        #     listed below (case-sensitive):
+        #     <ol>
+        #       <li>all</li>
+        #       <li>appengine.googleapis.com</li>
+        #       <li>bigquery.googleapis.com</li>
+        #       <li>bigtable.googleapis.com</li>
+        #       <li>cloudkms.googleapis.com</li>
+        #       <li>compute.googleapis.com</li>
+        #       <li>dataflow.googleapis.com</li>
+        #       <li>iam.googleapis.com</li>
+        #       <li>pubsub.googleapis.com</li>
+        #       <li>storage.googleapis.com</li>
+        #     <ol>
+        # @!attribute [rw] enrollment_level
+        #   @return [Google::Cloud::AccessApproval::V1::EnrollmentLevel]
+        #     The enrollment level of the service.
+        class EnrolledService
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Settings on a Project/Folder/Organization related to Access Approval.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The resource name of the settings. Format is one of:
+        #     <ol>
+        #       <li>"projects/\\{project_id}/accessApprovalSettings"</li>
+        #       <li>"folders/\\{folder_id}/accessApprovalSettings"</li>
+        #       <li>"organizations/\\{organization_id}/accessApprovalSettings"</li>
+        #     <ol>
+        # @!attribute [rw] notification_emails
+        #   @return [Array<String>]
+        #     A list of email addresses to which notifications relating to approval
+        #     requests should be sent. Notifications relating to a resource will be sent
+        #     to all emails in the settings of ancestor resources of that resource. A
+        #     maximum of 50 email addresses are allowed.
+        # @!attribute [rw] enrolled_services
+        #   @return [Array<Google::Cloud::AccessApproval::V1::EnrolledService>]
+        #     A list of Google Cloud Services for which the given resource has Access
+        #     Approval enrolled. Access requests for the resource given by name against
+        #     any of these services contained here will be required to have explicit
+        #     approval. If name refers to an organization, enrollment can be done for
+        #     individual services. If name refers to a folder or project, enrollment can
+        #     only be done on an all or nothing basis.
+        #
+        #     If a cloud_product is repeated in this list, the first entry will be
+        #     honored and all following entries will be discarded. A maximum of 10
+        #     enrolled services will be enforced, to be expanded as the set of supported
+        #     services is expanded.
+        # @!attribute [r] enrolled_ancestor
+        #   @return [Boolean]
+        #     Output only. This field is read only (not settable via
+        #     UpdateAccessAccessApprovalSettings method). If the field is true, that
+        #     indicates that at least one service is enrolled for Access Approval in one
+        #     or more ancestors of the Project or Folder (this field will always be
+        #     unset for the organization since organizations do not have ancestors).
+        class AccessApprovalSettings
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request to list approval requests.
+        # @!attribute [rw] parent
+        #   @return [String]
+        #     The parent resource. This may be "projects/\\{project_id}",
+        #     "folders/\\{folder_id}", or "organizations/\\{organization_id}".
+        # @!attribute [rw] filter
+        #   @return [String]
+        #     A filter on the type of approval requests to retrieve. Must be one of the
+        #     following values:
+        #     <ol>
+        #       <li>[not set]: Requests that are pending or have active approvals.</li>
+        #       <li>ALL: All requests.</li>
+        #       <li>PENDING: Only pending requests.</li>
+        #       <li>ACTIVE: Only active (i.e. currently approved) requests.</li>
+        #       <li>DISMISSED: Only dismissed (including expired) requests.</li>
+        #     </ol>
+        # @!attribute [rw] page_size
+        #   @return [Integer]
+        #     Requested page size.
+        # @!attribute [rw] page_token
+        #   @return [String]
+        #     A token identifying the page of results to return.
+        class ListApprovalRequestsMessage
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response to listing of ApprovalRequest objects.
+        # @!attribute [rw] approval_requests
+        #   @return [Array<Google::Cloud::AccessApproval::V1::ApprovalRequest>]
+        #     Approval request details.
+        # @!attribute [rw] next_page_token
+        #   @return [String]
+        #     Token to retrieve the next page of results, or empty if there are no more.
+        class ListApprovalRequestsResponse
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request to get an approval request.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     Name of the approval request to retrieve.
+        class GetApprovalRequestMessage
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request to approve an ApprovalRequest.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     Name of the approval request to approve.
+        # @!attribute [rw] expire_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     The expiration time of this approval.
+        class ApproveApprovalRequestMessage
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request to dismiss an approval request.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     Name of the ApprovalRequest to dismiss.
+        class DismissApprovalRequestMessage
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request to get access approval settings.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     Name of the AccessApprovalSettings to retrieve.
+        class GetAccessApprovalSettingsMessage
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request to update access approval settings.
+        # @!attribute [rw] settings
+        #   @return [Google::Cloud::AccessApproval::V1::AccessApprovalSettings]
+        #     The new AccessApprovalSettings.
+        # @!attribute [rw] update_mask
+        #   @return [Google::Protobuf::FieldMask]
+        #     The update mask applies to the settings. Only the top level fields of
+        #     AccessApprovalSettings (notification_emails & enrolled_services) are
+        #     supported. For each field, if it is included, the currently stored value
+        #     will be entirely overwritten with the value of the field passed in this
+        #     request.
+        #
+        #     For the `FieldMask` definition, see
+        #     https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
+        #     If this field is left unset, only the notification_emails field will be
+        #     updated.
+        class UpdateAccessApprovalSettingsMessage
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request to delete access approval settings.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     Name of the AccessApprovalSettings to delete.
+        class DeleteAccessApprovalSettingsMessage
+          include Google::Protobuf::MessageExts
+          extend Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Represents the type of enrollment for a given service to Access Approval.
+        module EnrollmentLevel
+          # Default value for proto, shouldn't be used.
+          ENROLLMENT_LEVEL_UNSPECIFIED = 0
+
+          # Service is enrolled in Access Approval for all requests
+          BLOCK_ALL = 1
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/protobuf/empty.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Protobuf
+    # A generic empty message that you can re-use to avoid defining duplicated
+    # empty messages in your APIs. A typical example is to use it as the request
+    # or the response type of an API method. For instance:
+    #
+    #     service Foo {
+    #       rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
+    #     }
+    #
+    # The JSON representation for `Empty` is empty JSON object `{}`.
+    class Empty
+      include Google::Protobuf::MessageExts
+      extend Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/google/protobuf/field_mask.rb

@@ -0,0 +1,237 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Protobuf
+    # `FieldMask` represents a set of symbolic field paths, for example:
+    #
+    #     paths: "f.a"
+    #     paths: "f.b.d"
+    #
+    # Here `f` represents a field in some root message, `a` and `b`
+    # fields in the message found in `f`, and `d` a field found in the
+    # message in `f.b`.
+    #
+    # Field masks are used to specify a subset of fields that should be
+    # returned by a get operation or modified by an update operation.
+    # Field masks also have a custom JSON encoding (see below).
+    #
+    # # Field Masks in Projections
+    #
+    # When used in the context of a projection, a response message or
+    # sub-message is filtered by the API to only contain those fields as
+    # specified in the mask. For example, if the mask in the previous
+    # example is applied to a response message as follows:
+    #
+    #     f {
+    #       a : 22
+    #       b {
+    #         d : 1
+    #         x : 2
+    #       }
+    #       y : 13
+    #     }
+    #     z: 8
+    #
+    # The result will not contain specific values for fields x,y and z
+    # (their value will be set to the default, and omitted in proto text
+    # output):
+    #
+    #
+    #     f {
+    #       a : 22
+    #       b {
+    #         d : 1
+    #       }
+    #     }
+    #
+    # A repeated field is not allowed except at the last position of a
+    # paths string.
+    #
+    # If a FieldMask object is not present in a get operation, the
+    # operation applies to all fields (as if a FieldMask of all fields
+    # had been specified).
+    #
+    # Note that a field mask does not necessarily apply to the
+    # top-level response message. In case of a REST get operation, the
+    # field mask applies directly to the response, but in case of a REST
+    # list operation, the mask instead applies to each individual message
+    # in the returned resource list. In case of a REST custom method,
+    # other definitions may be used. Where the mask applies will be
+    # clearly documented together with its declaration in the API.  In
+    # any case, the effect on the returned resource/resources is required
+    # behavior for APIs.
+    #
+    # # Field Masks in Update Operations
+    #
+    # A field mask in update operations specifies which fields of the
+    # targeted resource are going to be updated. The API is required
+    # to only change the values of the fields as specified in the mask
+    # and leave the others untouched. If a resource is passed in to
+    # describe the updated values, the API ignores the values of all
+    # fields not covered by the mask.
+    #
+    # If a repeated field is specified for an update operation, the existing
+    # repeated values in the target resource will be overwritten by the new values.
+    # Note that a repeated field is only allowed in the last position of a `paths`
+    # string.
+    #
+    # If a sub-message is specified in the last position of the field mask for an
+    # update operation, then the existing sub-message in the target resource is
+    # overwritten. Given the target message:
+    #
+    #     f {
+    #       b {
+    #         d : 1
+    #         x : 2
+    #       }
+    #       c : 1
+    #     }
+    #
+    # And an update message:
+    #
+    #     f {
+    #       b {
+    #         d : 10
+    #       }
+    #     }
+    #
+    # then if the field mask is:
+    #
+    #  paths: "f.b"
+    #
+    # then the result will be:
+    #
+    #     f {
+    #       b {
+    #         d : 10
+    #       }
+    #       c : 1
+    #     }
+    #
+    # However, if the update mask was:
+    #
+    #  paths: "f.b.d"
+    #
+    # then the result would be:
+    #
+    #     f {
+    #       b {
+    #         d : 10
+    #         x : 2
+    #       }
+    #       c : 1
+    #     }
+    #
+    # In order to reset a field's value to the default, the field must
+    # be in the mask and set to the default value in the provided resource.
+    # Hence, in order to reset all fields of a resource, provide a default
+    # instance of the resource and set all fields in the mask, or do
+    # not provide a mask as described below.
+    #
+    # If a field mask is not present on update, the operation applies to
+    # all fields (as if a field mask of all fields has been specified).
+    # Note that in the presence of schema evolution, this may mean that
+    # fields the client does not know and has therefore not filled into
+    # the request will be reset to their default. If this is unwanted
+    # behavior, a specific service may require a client to always specify
+    # a field mask, producing an error if not.
+    #
+    # As with get operations, the location of the resource which
+    # describes the updated values in the request message depends on the
+    # operation kind. In any case, the effect of the field mask is
+    # required to be honored by the API.
+    #
+    # ## Considerations for HTTP REST
+    #
+    # The HTTP kind of an update operation which uses a field mask must
+    # be set to PATCH instead of PUT in order to satisfy HTTP semantics
+    # (PUT must only be used for full updates).
+    #
+    # # JSON Encoding of Field Masks
+    #
+    # In JSON, a field mask is encoded as a single string where paths are
+    # separated by a comma. Fields name in each path are converted
+    # to/from lower-camel naming conventions.
+    #
+    # As an example, consider the following message declarations:
+    #
+    #     message Profile {
+    #       User user = 1;
+    #       Photo photo = 2;
+    #     }
+    #     message User {
+    #       string display_name = 1;
+    #       string address = 2;
+    #     }
+    #
+    # In proto a field mask for `Profile` may look as such:
+    #
+    #     mask {
+    #       paths: "user.display_name"
+    #       paths: "photo"
+    #     }
+    #
+    # In JSON, the same mask is represented as below:
+    #
+    #     {
+    #       mask: "user.displayName,photo"
+    #     }
+    #
+    # # Field Masks and Oneof Fields
+    #
+    # Field masks treat fields in oneofs just as regular fields. Consider the
+    # following message:
+    #
+    #     message SampleMessage {
+    #       oneof test_oneof {
+    #         string name = 4;
+    #         SubMessage sub_message = 9;
+    #       }
+    #     }
+    #
+    # The field mask can be:
+    #
+    #     mask {
+    #       paths: "name"
+    #     }
+    #
+    # Or:
+    #
+    #     mask {
+    #       paths: "sub_message"
+    #     }
+    #
+    # Note that oneof type names ("test_oneof" in this case) cannot be used in
+    # paths.
+    #
+    # ## Field Mask Verification
+    #
+    # The implementation of any API method which has a FieldMask type field in the
+    # request should verify the included field paths, and return an
+    # `INVALID_ARGUMENT` error if any path is duplicated or unmappable.
+    # @!attribute [rw] paths
+    #   @return [Array<String>]
+    #     The set of field mask paths.
+    class FieldMask
+      include Google::Protobuf::MessageExts
+      extend Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end