google-cloud-access_approval-v1 0.4.5 → 0.7.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7a962123aff5296be4f054c61335936ff0e8b7b0929c57ba5a50d0657785aa5a
4
- data.tar.gz: 0b7b45a09fbd4f06d6554344ecf1641344ca686a06d2ef84f62ba7626133a9a9
3
+ metadata.gz: cce608cd453aa28b100036a521f197c64ac02e934b5b6062753a64b3f847b3a5
4
+ data.tar.gz: e2a99f06c9adfc9a18592fe27af7e7bf806bd554caf8b053ce86a0817a2d16dc
5
5
  SHA512:
6
- metadata.gz: 863a751bf59753032fa4dceedaa38611bed925ea4f51b84b4fff7b097564b05b5c23e3602a9d9c908d0f5274e8a699314a1aa4afdd8931ccd403642ccc5eda66
7
- data.tar.gz: 91869d676c37297e41f5660fcae15c494a03a3dd66d430c628822531287b565e43a4dc25be13902e1e08672cab892886cb6cfd5826dd64ba57afbdc73c6b9021
6
+ metadata.gz: 30bb0f0408d08921526272cadd4cbe56970a96afbcb219a8afce06423bf081e0c9be24a07f1e9702b7ba8c13b8d0fc3906abd127df67b89493fda9e5ce2f5b9b
7
+ data.tar.gz: b477acdbf6932f9148f06f4275ae865ab331a8ce447825361fa7d89aa710b092f7c718b15361e1543531fdcffc2b99f529266d419bbe880f9cdbb09fdbbb31b0
data/README.md CHANGED
@@ -37,7 +37,7 @@ request = ::Google::Cloud::AccessApproval::V1::ListApprovalRequestsMessage.new #
37
37
  response = client.list_approval_requests request
38
38
  ```
39
39
 
40
- View the [Client Library Documentation](https://googleapis.dev/ruby/google-cloud-access_approval-v1/latest)
40
+ View the [Client Library Documentation](https://cloud.google.com/ruby/docs/reference/google-cloud-access_approval-v1/latest)
41
41
  for class and method documentation.
42
42
 
43
43
  See also the [Product Documentation](https://cloud.google.com/access-approval/)
@@ -69,16 +69,21 @@ module GRPC
69
69
  end
70
70
  ```
71
71
 
72
+
73
+ ## Google Cloud Samples
74
+
75
+ To browse ready to use code samples check [Google Cloud Samples](https://cloud.google.com/docs/samples).
76
+
72
77
  ## Supported Ruby Versions
73
78
 
74
- This library is supported on Ruby 2.5+.
79
+ This library is supported on Ruby 2.6+.
75
80
 
76
81
  Google provides official support for Ruby versions that are actively supported
77
82
  by Ruby Core—that is, Ruby versions that are either in normal maintenance or
78
- in security maintenance, and not end of life. Currently, this means Ruby 2.5
79
- and later. Older versions of Ruby _may_ still work, but are unsupported and not
80
- recommended. See https://www.ruby-lang.org/en/downloads/branches/ for details
81
- about the Ruby support schedule.
83
+ in security maintenance, and not end of life. Older versions of Ruby _may_
84
+ still work, but are unsupported and not recommended. See
85
+ https://www.ruby-lang.org/en/downloads/branches/ for details about the Ruby
86
+ support schedule.
82
87
 
83
88
  ## Which client should I use?
84
89
 
@@ -32,17 +32,17 @@ module Google
32
32
  #
33
33
  # - The API has a collection of
34
34
  # {::Google::Cloud::AccessApproval::V1::ApprovalRequest ApprovalRequest}
35
- # resources, named `approvalRequests/{approval_request_id}`
35
+ # resources, named `approvalRequests/{approval_request}`
36
36
  # - The API has top-level settings per Project/Folder/Organization, named
37
37
  # `accessApprovalSettings`
38
38
  #
39
39
  # The service also periodically emails a list of recipients, defined at the
40
40
  # Project/Folder/Organization level in the accessApprovalSettings, when there
41
41
  # is a pending ApprovalRequest for them to act on. The ApprovalRequests can
42
- # also optionally be published to a Cloud Pub/Sub topic owned by the customer
43
- # (for Beta, the Pub/Sub setup is managed manually).
42
+ # also optionally be published to a Pub/Sub topic owned by the customer
43
+ # (contact support if you would like to enable Pub/Sub notifications).
44
44
  #
45
- # ApprovalRequests can be approved or dismissed. Google personel can only
45
+ # ApprovalRequests can be approved or dismissed. Google personnel can only
46
46
  # access the indicated resource or resources if the request is approved
47
47
  # (subject to some exclusions:
48
48
  # https://cloud.google.com/access-approval/docs/overview#exclusions).
@@ -62,6 +62,8 @@ module Google
62
62
  # If a request is not approved or dismissed, we call it pending.
63
63
  #
64
64
  class Client
65
+ include Paths
66
+
65
67
  # @private
66
68
  attr_reader :access_approval_stub
67
69
 
@@ -108,6 +110,8 @@ module Google
108
110
 
109
111
  default_config.rpcs.dismiss_approval_request.timeout = 600.0
110
112
 
113
+ default_config.rpcs.invalidate_approval_request.timeout = 600.0
114
+
111
115
  default_config.rpcs.get_access_approval_settings.timeout = 600.0
112
116
  default_config.rpcs.get_access_approval_settings.retry_policy = {
113
117
  initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14]
@@ -218,17 +222,21 @@ module Google
218
222
  # the default parameter values, pass an empty Hash as a request object (see above).
219
223
  #
220
224
  # @param parent [::String]
221
- # The parent resource. This may be "projects/\\{project_id}",
222
- # "folders/\\{folder_id}", or "organizations/\\{organization_id}".
225
+ # The parent resource. This may be "projects/\\{project}",
226
+ # "folders/\\{folder}", or "organizations/\\{organization}".
223
227
  # @param filter [::String]
224
228
  # A filter on the type of approval requests to retrieve. Must be one of the
225
229
  # following values:
226
230
  #
227
- # - [not set]: Requests that are pending or have active approvals.
228
- # - ALL: All requests.
229
- # - PENDING: Only pending requests.
230
- # - ACTIVE: Only active (i.e. currently approved) requests.
231
- # - DISMISSED: Only dismissed (including expired) requests.
231
+ # * [not set]: Requests that are pending or have active approvals.
232
+ # * ALL: All requests.
233
+ # * PENDING: Only pending requests.
234
+ # * ACTIVE: Only active (i.e. currently approved) requests.
235
+ # * DISMISSED: Only requests that have been dismissed, or requests that
236
+ # are not approved and past expiration.
237
+ # * EXPIRED: Only requests that have been approved, and the approval has
238
+ # expired.
239
+ # * HISTORY: Active, dismissed and expired requests.
232
240
  # @param page_size [::Integer]
233
241
  # Requested page size.
234
242
  # @param page_token [::String]
@@ -324,7 +332,9 @@ module Google
324
332
  # the default parameter values, pass an empty Hash as a request object (see above).
325
333
  #
326
334
  # @param name [::String]
327
- # Name of the approval request to retrieve.
335
+ # The name of the approval request to retrieve.
336
+ # Format:
337
+ # "\\{projects|folders|organizations}/\\{id}/approvalRequests/\\{approval_request}"
328
338
  #
329
339
  # @yield [response, operation] Access the result along with the RPC operation
330
340
  # @yieldparam response [::Google::Cloud::AccessApproval::V1::ApprovalRequest]
@@ -574,6 +584,98 @@ module Google
574
584
  raise ::Google::Cloud::Error.from_error(e)
575
585
  end
576
586
 
587
+ ##
588
+ # Invalidates an existing ApprovalRequest. Returns the updated
589
+ # ApprovalRequest.
590
+ #
591
+ # NOTE: This does not deny access to the resource if another request has been
592
+ # made and approved. It only invalidates a single approval.
593
+ #
594
+ # Returns FAILED_PRECONDITION if the request exists but is not in an approved
595
+ # state.
596
+ #
597
+ # @overload invalidate_approval_request(request, options = nil)
598
+ # Pass arguments to `invalidate_approval_request` via a request object, either of type
599
+ # {::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage} or an equivalent Hash.
600
+ #
601
+ # @param request [::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage, ::Hash]
602
+ # A request object representing the call parameters. Required. To specify no
603
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
604
+ # @param options [::Gapic::CallOptions, ::Hash]
605
+ # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
606
+ #
607
+ # @overload invalidate_approval_request(name: nil)
608
+ # Pass arguments to `invalidate_approval_request` via keyword arguments. Note that at
609
+ # least one keyword argument is required. To specify no parameters, or to keep all
610
+ # the default parameter values, pass an empty Hash as a request object (see above).
611
+ #
612
+ # @param name [::String]
613
+ # Name of the ApprovalRequest to invalidate.
614
+ #
615
+ # @yield [response, operation] Access the result along with the RPC operation
616
+ # @yieldparam response [::Google::Cloud::AccessApproval::V1::ApprovalRequest]
617
+ # @yieldparam operation [::GRPC::ActiveCall::Operation]
618
+ #
619
+ # @return [::Google::Cloud::AccessApproval::V1::ApprovalRequest]
620
+ #
621
+ # @raise [::Google::Cloud::Error] if the RPC is aborted.
622
+ #
623
+ # @example Basic example
624
+ # require "google/cloud/access_approval/v1"
625
+ #
626
+ # # Create a client object. The client can be reused for multiple calls.
627
+ # client = Google::Cloud::AccessApproval::V1::AccessApproval::Client.new
628
+ #
629
+ # # Create a request. To set request fields, pass in keyword arguments.
630
+ # request = Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage.new
631
+ #
632
+ # # Call the invalidate_approval_request method.
633
+ # result = client.invalidate_approval_request request
634
+ #
635
+ # # The returned object is of type Google::Cloud::AccessApproval::V1::ApprovalRequest.
636
+ # p result
637
+ #
638
+ def invalidate_approval_request request, options = nil
639
+ raise ::ArgumentError, "request must be provided" if request.nil?
640
+
641
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage
642
+
643
+ # Converts hash and nil to an options object
644
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
645
+
646
+ # Customize the options with defaults
647
+ metadata = @config.rpcs.invalidate_approval_request.metadata.to_h
648
+
649
+ # Set x-goog-api-client and x-goog-user-project headers
650
+ metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
651
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
652
+ gapic_version: ::Google::Cloud::AccessApproval::V1::VERSION
653
+ metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
654
+
655
+ header_params = {}
656
+ if request.name
657
+ header_params["name"] = request.name
658
+ end
659
+
660
+ request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
661
+ metadata[:"x-goog-request-params"] ||= request_params_header
662
+
663
+ options.apply_defaults timeout: @config.rpcs.invalidate_approval_request.timeout,
664
+ metadata: metadata,
665
+ retry_policy: @config.rpcs.invalidate_approval_request.retry_policy
666
+
667
+ options.apply_defaults timeout: @config.timeout,
668
+ metadata: @config.metadata,
669
+ retry_policy: @config.retry_policy
670
+
671
+ @access_approval_stub.call_rpc :invalidate_approval_request, request, options: options do |response, operation|
672
+ yield response, operation if block_given?
673
+ return response
674
+ end
675
+ rescue ::GRPC::BadStatus => e
676
+ raise ::Google::Cloud::Error.from_error(e)
677
+ end
678
+
577
679
  ##
578
680
  # Gets the settings associated with a project, folder, or organization.
579
681
  #
@@ -593,7 +695,8 @@ module Google
593
695
  # the default parameter values, pass an empty Hash as a request object (see above).
594
696
  #
595
697
  # @param name [::String]
596
- # Name of the AccessApprovalSettings to retrieve.
698
+ # The name of the AccessApprovalSettings to retrieve.
699
+ # Format: "\\{projects|folders|organizations}/\\{id}/accessApprovalSettings"
597
700
  #
598
701
  # @yield [response, operation] Access the result along with the RPC operation
599
702
  # @yieldparam response [::Google::Cloud::AccessApproval::V1::AccessApprovalSettings]
@@ -846,6 +949,92 @@ module Google
846
949
  raise ::Google::Cloud::Error.from_error(e)
847
950
  end
848
951
 
952
+ ##
953
+ # Retrieves the service account that is used by Access Approval to access KMS
954
+ # keys for signing approved approval requests.
955
+ #
956
+ # @overload get_access_approval_service_account(request, options = nil)
957
+ # Pass arguments to `get_access_approval_service_account` via a request object, either of type
958
+ # {::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage} or an equivalent Hash.
959
+ #
960
+ # @param request [::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage, ::Hash]
961
+ # A request object representing the call parameters. Required. To specify no
962
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
963
+ # @param options [::Gapic::CallOptions, ::Hash]
964
+ # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
965
+ #
966
+ # @overload get_access_approval_service_account(name: nil)
967
+ # Pass arguments to `get_access_approval_service_account` via keyword arguments. Note that at
968
+ # least one keyword argument is required. To specify no parameters, or to keep all
969
+ # the default parameter values, pass an empty Hash as a request object (see above).
970
+ #
971
+ # @param name [::String]
972
+ # Name of the AccessApprovalServiceAccount to retrieve.
973
+ #
974
+ # @yield [response, operation] Access the result along with the RPC operation
975
+ # @yieldparam response [::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount]
976
+ # @yieldparam operation [::GRPC::ActiveCall::Operation]
977
+ #
978
+ # @return [::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount]
979
+ #
980
+ # @raise [::Google::Cloud::Error] if the RPC is aborted.
981
+ #
982
+ # @example Basic example
983
+ # require "google/cloud/access_approval/v1"
984
+ #
985
+ # # Create a client object. The client can be reused for multiple calls.
986
+ # client = Google::Cloud::AccessApproval::V1::AccessApproval::Client.new
987
+ #
988
+ # # Create a request. To set request fields, pass in keyword arguments.
989
+ # request = Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage.new
990
+ #
991
+ # # Call the get_access_approval_service_account method.
992
+ # result = client.get_access_approval_service_account request
993
+ #
994
+ # # The returned object is of type Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount.
995
+ # p result
996
+ #
997
+ def get_access_approval_service_account request, options = nil
998
+ raise ::ArgumentError, "request must be provided" if request.nil?
999
+
1000
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage
1001
+
1002
+ # Converts hash and nil to an options object
1003
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1004
+
1005
+ # Customize the options with defaults
1006
+ metadata = @config.rpcs.get_access_approval_service_account.metadata.to_h
1007
+
1008
+ # Set x-goog-api-client and x-goog-user-project headers
1009
+ metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1010
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1011
+ gapic_version: ::Google::Cloud::AccessApproval::V1::VERSION
1012
+ metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1013
+
1014
+ header_params = {}
1015
+ if request.name
1016
+ header_params["name"] = request.name
1017
+ end
1018
+
1019
+ request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
1020
+ metadata[:"x-goog-request-params"] ||= request_params_header
1021
+
1022
+ options.apply_defaults timeout: @config.rpcs.get_access_approval_service_account.timeout,
1023
+ metadata: metadata,
1024
+ retry_policy: @config.rpcs.get_access_approval_service_account.retry_policy
1025
+
1026
+ options.apply_defaults timeout: @config.timeout,
1027
+ metadata: @config.metadata,
1028
+ retry_policy: @config.retry_policy
1029
+
1030
+ @access_approval_stub.call_rpc :get_access_approval_service_account, request, options: options do |response, operation|
1031
+ yield response, operation if block_given?
1032
+ return response
1033
+ end
1034
+ rescue ::GRPC::BadStatus => e
1035
+ raise ::Google::Cloud::Error.from_error(e)
1036
+ end
1037
+
849
1038
  ##
850
1039
  # Configuration class for the AccessApproval API.
851
1040
  #
@@ -1002,6 +1191,11 @@ module Google
1002
1191
  #
1003
1192
  attr_reader :dismiss_approval_request
1004
1193
  ##
1194
+ # RPC-specific configuration for `invalidate_approval_request`
1195
+ # @return [::Gapic::Config::Method]
1196
+ #
1197
+ attr_reader :invalidate_approval_request
1198
+ ##
1005
1199
  # RPC-specific configuration for `get_access_approval_settings`
1006
1200
  # @return [::Gapic::Config::Method]
1007
1201
  #
@@ -1016,6 +1210,11 @@ module Google
1016
1210
  # @return [::Gapic::Config::Method]
1017
1211
  #
1018
1212
  attr_reader :delete_access_approval_settings
1213
+ ##
1214
+ # RPC-specific configuration for `get_access_approval_service_account`
1215
+ # @return [::Gapic::Config::Method]
1216
+ #
1217
+ attr_reader :get_access_approval_service_account
1019
1218
 
1020
1219
  # @private
1021
1220
  def initialize parent_rpcs = nil
@@ -1027,12 +1226,16 @@ module Google
1027
1226
  @approve_approval_request = ::Gapic::Config::Method.new approve_approval_request_config
1028
1227
  dismiss_approval_request_config = parent_rpcs.dismiss_approval_request if parent_rpcs.respond_to? :dismiss_approval_request
1029
1228
  @dismiss_approval_request = ::Gapic::Config::Method.new dismiss_approval_request_config
1229
+ invalidate_approval_request_config = parent_rpcs.invalidate_approval_request if parent_rpcs.respond_to? :invalidate_approval_request
1230
+ @invalidate_approval_request = ::Gapic::Config::Method.new invalidate_approval_request_config
1030
1231
  get_access_approval_settings_config = parent_rpcs.get_access_approval_settings if parent_rpcs.respond_to? :get_access_approval_settings
1031
1232
  @get_access_approval_settings = ::Gapic::Config::Method.new get_access_approval_settings_config
1032
1233
  update_access_approval_settings_config = parent_rpcs.update_access_approval_settings if parent_rpcs.respond_to? :update_access_approval_settings
1033
1234
  @update_access_approval_settings = ::Gapic::Config::Method.new update_access_approval_settings_config
1034
1235
  delete_access_approval_settings_config = parent_rpcs.delete_access_approval_settings if parent_rpcs.respond_to? :delete_access_approval_settings
1035
1236
  @delete_access_approval_settings = ::Gapic::Config::Method.new delete_access_approval_settings_config
1237
+ get_access_approval_service_account_config = parent_rpcs.get_access_approval_service_account if parent_rpcs.respond_to? :get_access_approval_service_account
1238
+ @get_access_approval_service_account = ::Gapic::Config::Method.new get_access_approval_service_account_config
1036
1239
 
1037
1240
  yield self if block_given?
1038
1241
  end
@@ -0,0 +1,170 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Cloud
22
+ module AccessApproval
23
+ module V1
24
+ module AccessApproval
25
+ # Path helper methods for the AccessApproval API.
26
+ module Paths
27
+ ##
28
+ # Create a fully-qualified AccessApprovalSettings resource string.
29
+ #
30
+ # @overload access_approval_settings_path(project:)
31
+ # The resource will be in the following format:
32
+ #
33
+ # `projects/{project}/accessApprovalSettings`
34
+ #
35
+ # @param project [String]
36
+ #
37
+ # @overload access_approval_settings_path(folder:)
38
+ # The resource will be in the following format:
39
+ #
40
+ # `folders/{folder}/accessApprovalSettings`
41
+ #
42
+ # @param folder [String]
43
+ #
44
+ # @overload access_approval_settings_path(organization:)
45
+ # The resource will be in the following format:
46
+ #
47
+ # `organizations/{organization}/accessApprovalSettings`
48
+ #
49
+ # @param organization [String]
50
+ #
51
+ # @return [::String]
52
+ def access_approval_settings_path **args
53
+ resources = {
54
+ "project" => (proc do |project:|
55
+ "projects/#{project}/accessApprovalSettings"
56
+ end),
57
+ "folder" => (proc do |folder:|
58
+ "folders/#{folder}/accessApprovalSettings"
59
+ end),
60
+ "organization" => (proc do |organization:|
61
+ "organizations/#{organization}/accessApprovalSettings"
62
+ end)
63
+ }
64
+
65
+ resource = resources[args.keys.sort.join(":")]
66
+ raise ::ArgumentError, "no resource found for values #{args.keys}" if resource.nil?
67
+ resource.call(**args)
68
+ end
69
+
70
+ ##
71
+ # Create a fully-qualified ApprovalRequest resource string.
72
+ #
73
+ # @overload approval_request_path(project:, approval_request:)
74
+ # The resource will be in the following format:
75
+ #
76
+ # `projects/{project}/approvalRequests/{approval_request}`
77
+ #
78
+ # @param project [String]
79
+ # @param approval_request [String]
80
+ #
81
+ # @overload approval_request_path(folder:, approval_request:)
82
+ # The resource will be in the following format:
83
+ #
84
+ # `folders/{folder}/approvalRequests/{approval_request}`
85
+ #
86
+ # @param folder [String]
87
+ # @param approval_request [String]
88
+ #
89
+ # @overload approval_request_path(organization:, approval_request:)
90
+ # The resource will be in the following format:
91
+ #
92
+ # `organizations/{organization}/approvalRequests/{approval_request}`
93
+ #
94
+ # @param organization [String]
95
+ # @param approval_request [String]
96
+ #
97
+ # @return [::String]
98
+ def approval_request_path **args
99
+ resources = {
100
+ "approval_request:project" => (proc do |project:, approval_request:|
101
+ raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
102
+
103
+ "projects/#{project}/approvalRequests/#{approval_request}"
104
+ end),
105
+ "approval_request:folder" => (proc do |folder:, approval_request:|
106
+ raise ::ArgumentError, "folder cannot contain /" if folder.to_s.include? "/"
107
+
108
+ "folders/#{folder}/approvalRequests/#{approval_request}"
109
+ end),
110
+ "approval_request:organization" => (proc do |organization:, approval_request:|
111
+ raise ::ArgumentError, "organization cannot contain /" if organization.to_s.include? "/"
112
+
113
+ "organizations/#{organization}/approvalRequests/#{approval_request}"
114
+ end)
115
+ }
116
+
117
+ resource = resources[args.keys.sort.join(":")]
118
+ raise ::ArgumentError, "no resource found for values #{args.keys}" if resource.nil?
119
+ resource.call(**args)
120
+ end
121
+
122
+ ##
123
+ # Create a fully-qualified Folder resource string.
124
+ #
125
+ # The resource will be in the following format:
126
+ #
127
+ # `folders/{folder}`
128
+ #
129
+ # @param folder [String]
130
+ #
131
+ # @return [::String]
132
+ def folder_path folder:
133
+ "folders/#{folder}"
134
+ end
135
+
136
+ ##
137
+ # Create a fully-qualified Organization resource string.
138
+ #
139
+ # The resource will be in the following format:
140
+ #
141
+ # `organizations/{organization}`
142
+ #
143
+ # @param organization [String]
144
+ #
145
+ # @return [::String]
146
+ def organization_path organization:
147
+ "organizations/#{organization}"
148
+ end
149
+
150
+ ##
151
+ # Create a fully-qualified Project resource string.
152
+ #
153
+ # The resource will be in the following format:
154
+ #
155
+ # `projects/{project}`
156
+ #
157
+ # @param project [String]
158
+ #
159
+ # @return [::String]
160
+ def project_path project:
161
+ "projects/#{project}"
162
+ end
163
+
164
+ extend self
165
+ end
166
+ end
167
+ end
168
+ end
169
+ end
170
+ end
@@ -23,6 +23,7 @@ require "gapic/config/method"
23
23
  require "google/cloud/access_approval/v1/version"
24
24
 
25
25
  require "google/cloud/access_approval/v1/access_approval/credentials"
26
+ require "google/cloud/access_approval/v1/access_approval/paths"
26
27
  require "google/cloud/access_approval/v1/access_approval/client"
27
28
 
28
29
  module Google
@@ -35,17 +36,17 @@ module Google
35
36
  #
36
37
  # - The API has a collection of
37
38
  # {::Google::Cloud::AccessApproval::V1::ApprovalRequest ApprovalRequest}
38
- # resources, named `approvalRequests/{approval_request_id}`
39
+ # resources, named `approvalRequests/{approval_request}`
39
40
  # - The API has top-level settings per Project/Folder/Organization, named
40
41
  # `accessApprovalSettings`
41
42
  #
42
43
  # The service also periodically emails a list of recipients, defined at the
43
44
  # Project/Folder/Organization level in the accessApprovalSettings, when there
44
45
  # is a pending ApprovalRequest for them to act on. The ApprovalRequests can
45
- # also optionally be published to a Cloud Pub/Sub topic owned by the customer
46
- # (for Beta, the Pub/Sub setup is managed manually).
46
+ # also optionally be published to a Pub/Sub topic owned by the customer
47
+ # (contact support if you would like to enable Pub/Sub notifications).
47
48
  #
48
- # ApprovalRequests can be approved or dismissed. Google personel can only
49
+ # ApprovalRequests can be approved or dismissed. Google personnel can only
49
50
  # access the indicated resource or resources if the request is approved
50
51
  # (subject to some exclusions:
51
52
  # https://cloud.google.com/access-approval/docs/overview#exclusions).
@@ -21,7 +21,7 @@ module Google
21
21
  module Cloud
22
22
  module AccessApproval
23
23
  module V1
24
- VERSION = "0.4.5"
24
+ VERSION = "0.7.0"
25
25
  end
26
26
  end
27
27
  end
@@ -25,6 +25,8 @@ module Google
25
25
  ##
26
26
  # To load this package, including all its services, and instantiate a client:
27
27
  #
28
+ # @example
29
+ #
28
30
  # require "google/cloud/access_approval/v1"
29
31
  # client = ::Google::Cloud::AccessApproval::V1::AccessApproval::Client.new
30
32
  #
@@ -1,13 +1,15 @@
1
1
  # Generated by the protocol buffer compiler. DO NOT EDIT!
2
2
  # source: google/cloud/accessapproval/v1/accessapproval.proto
3
3
 
4
+ require 'google/protobuf'
5
+
4
6
  require 'google/api/annotations_pb'
5
7
  require 'google/api/client_pb'
6
8
  require 'google/api/field_behavior_pb'
9
+ require 'google/api/resource_pb'
7
10
  require 'google/protobuf/empty_pb'
8
11
  require 'google/protobuf/field_mask_pb'
9
12
  require 'google/protobuf/timestamp_pb'
10
- require 'google/protobuf'
11
13
 
12
14
  Google::Protobuf::DescriptorPool.generated_pool.build do
13
15
  add_file("google/cloud/accessapproval/v1/accessapproval.proto", :syntax => :proto3) do
@@ -24,13 +26,26 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
24
26
  value :CUSTOMER_INITIATED_SUPPORT, 1
25
27
  value :GOOGLE_INITIATED_SERVICE, 2
26
28
  value :GOOGLE_INITIATED_REVIEW, 3
29
+ value :THIRD_PARTY_DATA_REQUEST, 4
30
+ value :GOOGLE_RESPONSE_TO_PRODUCTION_ALERT, 5
31
+ end
32
+ add_message "google.cloud.accessapproval.v1.SignatureInfo" do
33
+ optional :signature, :bytes, 1
34
+ oneof :verification_info do
35
+ optional :google_public_key_pem, :string, 2
36
+ optional :customer_kms_key_version, :string, 3
37
+ end
27
38
  end
28
39
  add_message "google.cloud.accessapproval.v1.ApproveDecision" do
29
40
  optional :approve_time, :message, 1, "google.protobuf.Timestamp"
30
41
  optional :expire_time, :message, 2, "google.protobuf.Timestamp"
42
+ optional :invalidate_time, :message, 3, "google.protobuf.Timestamp"
43
+ optional :signature_info, :message, 4, "google.cloud.accessapproval.v1.SignatureInfo"
44
+ optional :auto_approved, :bool, 5
31
45
  end
32
46
  add_message "google.cloud.accessapproval.v1.DismissDecision" do
33
47
  optional :dismiss_time, :message, 1, "google.protobuf.Timestamp"
48
+ optional :implicit, :bool, 2
34
49
  end
35
50
  add_message "google.cloud.accessapproval.v1.ResourceProperties" do
36
51
  optional :excludes_descendants, :bool, 1
@@ -57,6 +72,13 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
57
72
  repeated :notification_emails, :string, 2
58
73
  repeated :enrolled_services, :message, 3, "google.cloud.accessapproval.v1.EnrolledService"
59
74
  optional :enrolled_ancestor, :bool, 4
75
+ optional :active_key_version, :string, 6
76
+ optional :ancestor_has_active_key_version, :bool, 7
77
+ optional :invalid_key_version, :bool, 8
78
+ end
79
+ add_message "google.cloud.accessapproval.v1.AccessApprovalServiceAccount" do
80
+ optional :name, :string, 1
81
+ optional :account_email, :string, 2
60
82
  end
61
83
  add_message "google.cloud.accessapproval.v1.ListApprovalRequestsMessage" do
62
84
  optional :parent, :string, 1
@@ -78,6 +100,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
78
100
  add_message "google.cloud.accessapproval.v1.DismissApprovalRequestMessage" do
79
101
  optional :name, :string, 1
80
102
  end
103
+ add_message "google.cloud.accessapproval.v1.InvalidateApprovalRequestMessage" do
104
+ optional :name, :string, 1
105
+ end
81
106
  add_message "google.cloud.accessapproval.v1.GetAccessApprovalSettingsMessage" do
82
107
  optional :name, :string, 1
83
108
  end
@@ -88,6 +113,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
88
113
  add_message "google.cloud.accessapproval.v1.DeleteAccessApprovalSettingsMessage" do
89
114
  optional :name, :string, 1
90
115
  end
116
+ add_message "google.cloud.accessapproval.v1.GetAccessApprovalServiceAccountMessage" do
117
+ optional :name, :string, 1
118
+ end
91
119
  add_enum "google.cloud.accessapproval.v1.EnrollmentLevel" do
92
120
  value :ENROLLMENT_LEVEL_UNSPECIFIED, 0
93
121
  value :BLOCK_ALL, 1
@@ -102,20 +130,24 @@ module Google
102
130
  AccessLocations = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessLocations").msgclass
103
131
  AccessReason = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessReason").msgclass
104
132
  AccessReason::Type = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessReason.Type").enummodule
133
+ SignatureInfo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.SignatureInfo").msgclass
105
134
  ApproveDecision = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApproveDecision").msgclass
106
135
  DismissDecision = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DismissDecision").msgclass
107
136
  ResourceProperties = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ResourceProperties").msgclass
108
137
  ApprovalRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApprovalRequest").msgclass
109
138
  EnrolledService = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.EnrolledService").msgclass
110
139
  AccessApprovalSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessApprovalSettings").msgclass
140
+ AccessApprovalServiceAccount = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessApprovalServiceAccount").msgclass
111
141
  ListApprovalRequestsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ListApprovalRequestsMessage").msgclass
112
142
  ListApprovalRequestsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ListApprovalRequestsResponse").msgclass
113
143
  GetApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetApprovalRequestMessage").msgclass
114
144
  ApproveApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApproveApprovalRequestMessage").msgclass
115
145
  DismissApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DismissApprovalRequestMessage").msgclass
146
+ InvalidateApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.InvalidateApprovalRequestMessage").msgclass
116
147
  GetAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetAccessApprovalSettingsMessage").msgclass
117
148
  UpdateAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.UpdateAccessApprovalSettingsMessage").msgclass
118
149
  DeleteAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DeleteAccessApprovalSettingsMessage").msgclass
150
+ GetAccessApprovalServiceAccountMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetAccessApprovalServiceAccountMessage").msgclass
119
151
  EnrollmentLevel = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.EnrollmentLevel").enummodule
120
152
  end
121
153
  end
@@ -29,17 +29,17 @@ module Google
29
29
  #
30
30
  # - The API has a collection of
31
31
  # [ApprovalRequest][google.cloud.accessapproval.v1.ApprovalRequest]
32
- # resources, named `approvalRequests/{approval_request_id}`
32
+ # resources, named `approvalRequests/{approval_request}`
33
33
  # - The API has top-level settings per Project/Folder/Organization, named
34
34
  # `accessApprovalSettings`
35
35
  #
36
36
  # The service also periodically emails a list of recipients, defined at the
37
37
  # Project/Folder/Organization level in the accessApprovalSettings, when there
38
38
  # is a pending ApprovalRequest for them to act on. The ApprovalRequests can
39
- # also optionally be published to a Cloud Pub/Sub topic owned by the customer
40
- # (for Beta, the Pub/Sub setup is managed manually).
39
+ # also optionally be published to a Pub/Sub topic owned by the customer
40
+ # (contact support if you would like to enable Pub/Sub notifications).
41
41
  #
42
- # ApprovalRequests can be approved or dismissed. Google personel can only
42
+ # ApprovalRequests can be approved or dismissed. Google personnel can only
43
43
  # access the indicated resource or resources if the request is approved
44
44
  # (subject to some exclusions:
45
45
  # https://cloud.google.com/access-approval/docs/overview#exclusions).
@@ -87,6 +87,15 @@ module Google
87
87
  # Returns FAILED_PRECONDITION if the request exists but is not in a pending
88
88
  # state.
89
89
  rpc :DismissApprovalRequest, ::Google::Cloud::AccessApproval::V1::DismissApprovalRequestMessage, ::Google::Cloud::AccessApproval::V1::ApprovalRequest
90
+ # Invalidates an existing ApprovalRequest. Returns the updated
91
+ # ApprovalRequest.
92
+ #
93
+ # NOTE: This does not deny access to the resource if another request has been
94
+ # made and approved. It only invalidates a single approval.
95
+ #
96
+ # Returns FAILED_PRECONDITION if the request exists but is not in an approved
97
+ # state.
98
+ rpc :InvalidateApprovalRequest, ::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage, ::Google::Cloud::AccessApproval::V1::ApprovalRequest
90
99
  # Gets the settings associated with a project, folder, or organization.
91
100
  rpc :GetAccessApprovalSettings, ::Google::Cloud::AccessApproval::V1::GetAccessApprovalSettingsMessage, ::Google::Cloud::AccessApproval::V1::AccessApprovalSettings
92
101
  # Updates the settings associated with a project, folder, or organization.
@@ -99,6 +108,9 @@ module Google
99
108
  # hierarchy, then Access Approval will still be enabled at this level as
100
109
  # the settings are inherited.
101
110
  rpc :DeleteAccessApprovalSettings, ::Google::Cloud::AccessApproval::V1::DeleteAccessApprovalSettingsMessage, ::Google::Protobuf::Empty
111
+ # Retrieves the service account that is used by Access Approval to access KMS
112
+ # keys for signing approved approval requests.
113
+ rpc :GetAccessApprovalServiceAccount, ::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage, ::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount
102
114
  end
103
115
 
104
116
  Stub = Service.rpc_stub_class
@@ -30,14 +30,14 @@ module Google
30
30
  # of a country code.
31
31
  # Possible Region Codes:
32
32
  #
33
- # - ASI: Asia
34
- # - EUR: Europe
35
- # - OCE: Oceania
36
- # - AFR: Africa
37
- # - NAM: North America
38
- # - SAM: South America
39
- # - ANT: Antarctica
40
- # - ANY: Any location
33
+ # * ASI: Asia
34
+ # * EUR: Europe
35
+ # * OCE: Oceania
36
+ # * AFR: Africa
37
+ # * NAM: North America
38
+ # * SAM: South America
39
+ # * ANT: Antarctica
40
+ # * ANY: Any location
41
41
  # @!attribute [rw] principal_physical_location_country
42
42
  # @return [::String]
43
43
  # Physical location of the principal at the time of the access. A
@@ -46,14 +46,14 @@ module Google
46
46
  # a region code instead of a country code.
47
47
  # Possible Region Codes:
48
48
  #
49
- # - ASI: Asia
50
- # - EUR: Europe
51
- # - OCE: Oceania
52
- # - AFR: Africa
53
- # - NAM: North America
54
- # - SAM: South America
55
- # - ANT: Antarctica
56
- # - ANY: Any location
49
+ # * ASI: Asia
50
+ # * EUR: Europe
51
+ # * OCE: Oceania
52
+ # * AFR: Africa
53
+ # * NAM: North America
54
+ # * SAM: South America
55
+ # * ANT: Antarctica
56
+ # * ANY: Any location
57
57
  class AccessLocations
58
58
  include ::Google::Protobuf::MessageExts
59
59
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -77,26 +77,52 @@ module Google
77
77
  # Customer made a request or raised an issue that required the principal to
78
78
  # access customer data. `detail` is of the form ("#####" is the issue ID):
79
79
  #
80
- # - "Feedback Report: #####"
81
- # - "Case Number: #####"
82
- # - "Case ID: #####"
83
- # - "E-PIN Reference: #####"
84
- # - "Google-#####"
85
- # - "T-#####"
80
+ # * "Feedback Report: #####"
81
+ # * "Case Number: #####"
82
+ # * "Case ID: #####"
83
+ # * "E-PIN Reference: #####"
84
+ # * "Google-#####"
85
+ # * "T-#####"
86
86
  CUSTOMER_INITIATED_SUPPORT = 1
87
87
 
88
88
  # The principal accessed customer data in order to diagnose or resolve a
89
- # suspected issue in services or a known outage. Often this access is used
90
- # to confirm that customers are not affected by a suspected service issue
91
- # or to remediate a reversible system issue.
89
+ # suspected issue in services. Often this access is used to confirm that
90
+ # customers are not affected by a suspected service issue or to remediate a
91
+ # reversible system issue.
92
92
  GOOGLE_INITIATED_SERVICE = 2
93
93
 
94
94
  # Google initiated service for security, fraud, abuse, or compliance
95
95
  # purposes.
96
96
  GOOGLE_INITIATED_REVIEW = 3
97
+
98
+ # The principal was compelled to access customer data in order to respond
99
+ # to a legal third party data request or process, including legal processes
100
+ # from customers themselves.
101
+ THIRD_PARTY_DATA_REQUEST = 4
102
+
103
+ # The principal accessed customer data in order to diagnose or resolve a
104
+ # suspected issue in services or a known outage.
105
+ GOOGLE_RESPONSE_TO_PRODUCTION_ALERT = 5
97
106
  end
98
107
  end
99
108
 
109
+ # Information about the digital signature of the resource.
110
+ # @!attribute [rw] signature
111
+ # @return [::String]
112
+ # The digital signature.
113
+ # @!attribute [rw] google_public_key_pem
114
+ # @return [::String]
115
+ # The public key for the Google default signing, encoded in PEM format. The
116
+ # signature was created using a private key which may be verified using
117
+ # this public key.
118
+ # @!attribute [rw] customer_kms_key_version
119
+ # @return [::String]
120
+ # The resource name of the customer CryptoKeyVersion used for signing.
121
+ class SignatureInfo
122
+ include ::Google::Protobuf::MessageExts
123
+ extend ::Google::Protobuf::MessageExts::ClassMethods
124
+ end
125
+
100
126
  # A decision that has been made to approve access to a resource.
101
127
  # @!attribute [rw] approve_time
102
128
  # @return [::Google::Protobuf::Timestamp]
@@ -104,6 +130,15 @@ module Google
104
130
  # @!attribute [rw] expire_time
105
131
  # @return [::Google::Protobuf::Timestamp]
106
132
  # The time at which the approval expires.
133
+ # @!attribute [rw] invalidate_time
134
+ # @return [::Google::Protobuf::Timestamp]
135
+ # If set, denotes the timestamp at which the approval is invalidated.
136
+ # @!attribute [rw] signature_info
137
+ # @return [::Google::Cloud::AccessApproval::V1::SignatureInfo]
138
+ # The signature for the ApprovalRequest and details on how it was signed.
139
+ # @!attribute [rw] auto_approved
140
+ # @return [::Boolean]
141
+ # True when the request has been auto-approved.
107
142
  class ApproveDecision
108
143
  include ::Google::Protobuf::MessageExts
109
144
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -113,6 +148,11 @@ module Google
113
148
  # @!attribute [rw] dismiss_time
114
149
  # @return [::Google::Protobuf::Timestamp]
115
150
  # The time at which the approval request was dismissed.
151
+ # @!attribute [rw] implicit
152
+ # @return [::Boolean]
153
+ # This field will be true if the ApprovalRequest was implicitly dismissed due
154
+ # to inaction by the access approval approvers (the request is not acted
155
+ # on by the approvers before the exiration time).
116
156
  class DismissDecision
117
157
  include ::Google::Protobuf::MessageExts
118
158
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -132,7 +172,7 @@ module Google
132
172
  # @!attribute [rw] name
133
173
  # @return [::String]
134
174
  # The resource name of the request. Format is
135
- # "\\{projects|folders|organizations}/\\{id}/approvalRequests/\\{approval_request_id}".
175
+ # "\\{projects|folders|organizations}/\\{id}/approvalRequests/\\{approval_request}".
136
176
  # @!attribute [rw] requested_resource_name
137
177
  # @return [::String]
138
178
  # The resource for which approval is being requested. The format of the
@@ -175,16 +215,61 @@ module Google
175
215
  # The product for which Access Approval will be enrolled. Allowed values are
176
216
  # listed below (case-sensitive):
177
217
  #
178
- # - all
179
- # - appengine.googleapis.com
180
- # - bigquery.googleapis.com
181
- # - bigtable.googleapis.com
182
- # - cloudkms.googleapis.com
183
- # - compute.googleapis.com
184
- # - dataflow.googleapis.com
185
- # - iam.googleapis.com
186
- # - pubsub.googleapis.com
187
- # - storage.googleapis.com
218
+ # * all
219
+ # * GA
220
+ # * App Engine
221
+ # * BigQuery
222
+ # * Cloud Bigtable
223
+ # * Cloud Key Management Service
224
+ # * Compute Engine
225
+ # * Cloud Dataflow
226
+ # * Cloud DLP
227
+ # * Cloud EKM
228
+ # * Cloud HSM
229
+ # * Cloud Identity and Access Management
230
+ # * Cloud Logging
231
+ # * Cloud Pub/Sub
232
+ # * Cloud Spanner
233
+ # * Cloud SQL
234
+ # * Cloud Storage
235
+ # * Google Kubernetes Engine
236
+ # * Organization Policy Serivice
237
+ # * Persistent Disk
238
+ # * Resource Manager
239
+ # * Speaker ID
240
+ #
241
+ # Note: These values are supported as input for legacy purposes, but will not
242
+ # be returned from the API.
243
+ #
244
+ # * all
245
+ # * ga-only
246
+ # * appengine.googleapis.com
247
+ # * bigquery.googleapis.com
248
+ # * bigtable.googleapis.com
249
+ # * container.googleapis.com
250
+ # * cloudkms.googleapis.com
251
+ # * cloudresourcemanager.googleapis.com
252
+ # * cloudsql.googleapis.com
253
+ # * compute.googleapis.com
254
+ # * dataflow.googleapis.com
255
+ # * dlp.googleapis.com
256
+ # * iam.googleapis.com
257
+ # * logging.googleapis.com
258
+ # * orgpolicy.googleapis.com
259
+ # * pubsub.googleapis.com
260
+ # * spanner.googleapis.com
261
+ # * speakerid.googleapis.com
262
+ # * storage.googleapis.com
263
+ #
264
+ # Calls to UpdateAccessApprovalSettings using 'all' or any of the
265
+ # XXX.googleapis.com will be translated to the associated product name
266
+ # ('all', 'App Engine', etc.).
267
+ #
268
+ # Note: 'all' will enroll the resource in all products supported at both 'GA'
269
+ # and 'Preview' levels.
270
+ #
271
+ # More information about levels of support is available at
272
+ # https://cloud.google.com/access-approval/docs/supported-services
188
273
  # @!attribute [rw] enrollment_level
189
274
  # @return [::Google::Cloud::AccessApproval::V1::EnrollmentLevel]
190
275
  # The enrollment level of the service.
@@ -198,9 +283,9 @@ module Google
198
283
  # @return [::String]
199
284
  # The resource name of the settings. Format is one of:
200
285
  #
201
- # - "projects/\\{project_id}/accessApprovalSettings"
202
- # - "folders/\\{folder_id}/accessApprovalSettings"
203
- # - "organizations/\\{organization_id}/accessApprovalSettings"
286
+ # * "projects/\\{project}/accessApprovalSettings"
287
+ # * "folders/\\{folder}/accessApprovalSettings"
288
+ # * "organizations/\\{organization}/accessApprovalSettings"
204
289
  # @!attribute [rw] notification_emails
205
290
  # @return [::Array<::String>]
206
291
  # A list of email addresses to which notifications relating to approval
@@ -223,30 +308,71 @@ module Google
223
308
  # @!attribute [r] enrolled_ancestor
224
309
  # @return [::Boolean]
225
310
  # Output only. This field is read only (not settable via
226
- # UpdateAccessAccessApprovalSettings method). If the field is true, that
311
+ # UpdateAccessApprovalSettings method). If the field is true, that
227
312
  # indicates that at least one service is enrolled for Access Approval in one
228
313
  # or more ancestors of the Project or Folder (this field will always be
229
314
  # unset for the organization since organizations do not have ancestors).
315
+ # @!attribute [rw] active_key_version
316
+ # @return [::String]
317
+ # The asymmetric crypto key version to use for signing approval requests.
318
+ # Empty active_key_version indicates that a Google-managed key should be used
319
+ # for signing. This property will be ignored if set by an ancestor of this
320
+ # resource, and new non-empty values may not be set.
321
+ # @!attribute [r] ancestor_has_active_key_version
322
+ # @return [::Boolean]
323
+ # Output only. This field is read only (not settable via UpdateAccessApprovalSettings
324
+ # method). If the field is true, that indicates that an ancestor of this
325
+ # Project or Folder has set active_key_version (this field will always be
326
+ # unset for the organization since organizations do not have ancestors).
327
+ # @!attribute [r] invalid_key_version
328
+ # @return [::Boolean]
329
+ # Output only. This field is read only (not settable via UpdateAccessApprovalSettings
330
+ # method). If the field is true, that indicates that there is some
331
+ # configuration issue with the active_key_version configured at this level in
332
+ # the resource hierarchy (e.g. it doesn't exist or the Access Approval
333
+ # service account doesn't have the correct permissions on it, etc.) This key
334
+ # version is not necessarily the effective key version at this level, as key
335
+ # versions are inherited top-down.
230
336
  class AccessApprovalSettings
231
337
  include ::Google::Protobuf::MessageExts
232
338
  extend ::Google::Protobuf::MessageExts::ClassMethods
233
339
  end
234
340
 
341
+ # Access Approval service account related to a project/folder/organization.
342
+ # @!attribute [rw] name
343
+ # @return [::String]
344
+ # The resource name of the Access Approval service account. Format is one of:
345
+ #
346
+ # * "projects/\\{project}/serviceAccount"
347
+ # * "folders/\\{folder}/serviceAccount"
348
+ # * "organizations/\\{organization}/serviceAccount"
349
+ # @!attribute [rw] account_email
350
+ # @return [::String]
351
+ # Email address of the service account.
352
+ class AccessApprovalServiceAccount
353
+ include ::Google::Protobuf::MessageExts
354
+ extend ::Google::Protobuf::MessageExts::ClassMethods
355
+ end
356
+
235
357
  # Request to list approval requests.
236
358
  # @!attribute [rw] parent
237
359
  # @return [::String]
238
- # The parent resource. This may be "projects/\\{project_id}",
239
- # "folders/\\{folder_id}", or "organizations/\\{organization_id}".
360
+ # The parent resource. This may be "projects/\\{project}",
361
+ # "folders/\\{folder}", or "organizations/\\{organization}".
240
362
  # @!attribute [rw] filter
241
363
  # @return [::String]
242
364
  # A filter on the type of approval requests to retrieve. Must be one of the
243
365
  # following values:
244
366
  #
245
- # - [not set]: Requests that are pending or have active approvals.
246
- # - ALL: All requests.
247
- # - PENDING: Only pending requests.
248
- # - ACTIVE: Only active (i.e. currently approved) requests.
249
- # - DISMISSED: Only dismissed (including expired) requests.
367
+ # * [not set]: Requests that are pending or have active approvals.
368
+ # * ALL: All requests.
369
+ # * PENDING: Only pending requests.
370
+ # * ACTIVE: Only active (i.e. currently approved) requests.
371
+ # * DISMISSED: Only requests that have been dismissed, or requests that
372
+ # are not approved and past expiration.
373
+ # * EXPIRED: Only requests that have been approved, and the approval has
374
+ # expired.
375
+ # * HISTORY: Active, dismissed and expired requests.
250
376
  # @!attribute [rw] page_size
251
377
  # @return [::Integer]
252
378
  # Requested page size.
@@ -273,7 +399,9 @@ module Google
273
399
  # Request to get an approval request.
274
400
  # @!attribute [rw] name
275
401
  # @return [::String]
276
- # Name of the approval request to retrieve.
402
+ # The name of the approval request to retrieve.
403
+ # Format:
404
+ # "\\{projects|folders|organizations}/\\{id}/approvalRequests/\\{approval_request}"
277
405
  class GetApprovalRequestMessage
278
406
  include ::Google::Protobuf::MessageExts
279
407
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -300,10 +428,20 @@ module Google
300
428
  extend ::Google::Protobuf::MessageExts::ClassMethods
301
429
  end
302
430
 
431
+ # Request to invalidate an existing approval.
432
+ # @!attribute [rw] name
433
+ # @return [::String]
434
+ # Name of the ApprovalRequest to invalidate.
435
+ class InvalidateApprovalRequestMessage
436
+ include ::Google::Protobuf::MessageExts
437
+ extend ::Google::Protobuf::MessageExts::ClassMethods
438
+ end
439
+
303
440
  # Request to get access approval settings.
304
441
  # @!attribute [rw] name
305
442
  # @return [::String]
306
- # Name of the AccessApprovalSettings to retrieve.
443
+ # The name of the AccessApprovalSettings to retrieve.
444
+ # Format: "\\{projects|folders|organizations}/\\{id}/accessApprovalSettings"
307
445
  class GetAccessApprovalSettingsMessage
308
446
  include ::Google::Protobuf::MessageExts
309
447
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -339,6 +477,15 @@ module Google
339
477
  extend ::Google::Protobuf::MessageExts::ClassMethods
340
478
  end
341
479
 
480
+ # Request to get an Access Approval service account.
481
+ # @!attribute [rw] name
482
+ # @return [::String]
483
+ # Name of the AccessApprovalServiceAccount to retrieve.
484
+ class GetAccessApprovalServiceAccountMessage
485
+ include ::Google::Protobuf::MessageExts
486
+ extend ::Google::Protobuf::MessageExts::ClassMethods
487
+ end
488
+
342
489
  # Represents the type of enrollment for a given service to Access Approval.
343
490
  module EnrollmentLevel
344
491
  # Default value for proto, shouldn't be used.
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-cloud-access_approval-v1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.5
4
+ version: 0.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-01-11 00:00:00.000000000 Z
11
+ date: 2022-07-01 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gapic-common
@@ -16,7 +16,7 @@ dependencies:
16
16
  requirements:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: '0.7'
19
+ version: '0.10'
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
22
  version: 2.a
@@ -26,7 +26,7 @@ dependencies:
26
26
  requirements:
27
27
  - - ">="
28
28
  - !ruby/object:Gem::Version
29
- version: '0.7'
29
+ version: '0.10'
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
32
  version: 2.a
@@ -50,28 +50,28 @@ dependencies:
50
50
  requirements:
51
51
  - - "~>"
52
52
  - !ruby/object:Gem::Version
53
- version: 1.25.1
53
+ version: 1.26.1
54
54
  type: :development
55
55
  prerelease: false
56
56
  version_requirements: !ruby/object:Gem::Requirement
57
57
  requirements:
58
58
  - - "~>"
59
59
  - !ruby/object:Gem::Version
60
- version: 1.25.1
60
+ version: 1.26.1
61
61
  - !ruby/object:Gem::Dependency
62
62
  name: minitest
63
63
  requirement: !ruby/object:Gem::Requirement
64
64
  requirements:
65
65
  - - "~>"
66
66
  - !ruby/object:Gem::Version
67
- version: '5.14'
67
+ version: '5.16'
68
68
  type: :development
69
69
  prerelease: false
70
70
  version_requirements: !ruby/object:Gem::Requirement
71
71
  requirements:
72
72
  - - "~>"
73
73
  - !ruby/object:Gem::Version
74
- version: '5.14'
74
+ version: '5.16'
75
75
  - !ruby/object:Gem::Dependency
76
76
  name: minitest-focus
77
77
  requirement: !ruby/object:Gem::Requirement
@@ -106,14 +106,14 @@ dependencies:
106
106
  requirements:
107
107
  - - ">="
108
108
  - !ruby/object:Gem::Version
109
- version: '12.0'
109
+ version: '13.0'
110
110
  type: :development
111
111
  prerelease: false
112
112
  version_requirements: !ruby/object:Gem::Requirement
113
113
  requirements:
114
114
  - - ">="
115
115
  - !ruby/object:Gem::Version
116
- version: '12.0'
116
+ version: '13.0'
117
117
  - !ruby/object:Gem::Dependency
118
118
  name: redcarpet
119
119
  requirement: !ruby/object:Gem::Requirement
@@ -174,6 +174,7 @@ files:
174
174
  - lib/google/cloud/access_approval/v1/access_approval.rb
175
175
  - lib/google/cloud/access_approval/v1/access_approval/client.rb
176
176
  - lib/google/cloud/access_approval/v1/access_approval/credentials.rb
177
+ - lib/google/cloud/access_approval/v1/access_approval/paths.rb
177
178
  - lib/google/cloud/access_approval/v1/version.rb
178
179
  - lib/google/cloud/accessapproval/v1/accessapproval_pb.rb
179
180
  - lib/google/cloud/accessapproval/v1/accessapproval_services_pb.rb
@@ -196,14 +197,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
196
197
  requirements:
197
198
  - - ">="
198
199
  - !ruby/object:Gem::Version
199
- version: '2.5'
200
+ version: '2.6'
200
201
  required_rubygems_version: !ruby/object:Gem::Requirement
201
202
  requirements:
202
203
  - - ">="
203
204
  - !ruby/object:Gem::Version
204
205
  version: '0'
205
206
  requirements: []
206
- rubygems_version: 3.3.4
207
+ rubygems_version: 3.3.14
207
208
  signing_key:
208
209
  specification_version: 4
209
210
  summary: API Client library for the Access Approval V1 API