RubyGems - google-cloud-access_approval-v1 - Versions diffs - 0.5.0 → 0.6.0 - Mend

google-cloud-access_approval-v1 0.5.0 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/README.md +5 -0
data/lib/google/cloud/access_approval/v1/access_approval/client.rb +194 -0
data/lib/google/cloud/access_approval/v1/version.rb +1 -1
data/lib/google/cloud/access_approval/v1.rb +2 -0
data/lib/google/cloud/accessapproval/v1/accessapproval_pb.rb +31 -1
data/lib/google/cloud/accessapproval/v1/accessapproval_services_pb.rb +12 -0
data/proto_docs/google/cloud/accessapproval/v1/accessapproval.rb +95 -5
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 37f4b44fbdd48df2ba584f2d5c20c954fa9ac6099885cb43e93bec9492472032
-  data.tar.gz: e29907811985a29327b0ea4e6ec591cf142d15dc98dd53d26dec29b9e119ba24
+  metadata.gz: 39ee179d20badb6b1447d9218c5be243db4f3087881a20a0c8952c765519960f
+  data.tar.gz: bd3435892e9afe88ba7cfde44b8625d5c19cc754c46c9c7919636f762c284b68
 SHA512:
-  metadata.gz: c22da0fa4848ae4f8316ec62545e351719d6ddcf0897b4263fcb9c872c969ae60bf60d3e9ddbb66dc43fcbefeec5463741682ce8809acb2503502fd92010dc8f
-  data.tar.gz: 561c6ea7129538c61b6794f645d2e7bcc7f05697612d0955c8b5d2fde91d78e38c07569abc71db3549fe94c5ae84e237e39d5530dba1fd1310962cd26f2d6ea0
+  metadata.gz: 6acdc47e360b57314cd84832368471f415c7f5b40888313a96bd048d4a5efcecd2c735df5e0f2a72de53580b3d95d86bb0c9d0d459d0672fea71c666002a1fe0
+  data.tar.gz: 5b8900a860c9ddd2d06ac39c66b93e1e71eb40ed57e07c55229cec7b26bdc499d6424fed71ec332ab159282573de49531fb7364c194ea61128db644c5e45c83e

data/README.md CHANGED Viewed

@@ -69,6 +69,11 @@ module GRPC
 end
 ```
+## Google Cloud Samples
+To browse ready to use code samples check [Google Cloud Samples](https://cloud.google.com/docs/samples).
 ## Supported Ruby Versions
 This library is supported on Ruby 2.5+.

data/lib/google/cloud/access_approval/v1/access_approval/client.rb CHANGED Viewed

@@ -110,6 +110,8 @@ module Google
                 default_config.rpcs.dismiss_approval_request.timeout = 600.0
+                default_config.rpcs.invalidate_approval_request.timeout = 600.0
                 default_config.rpcs.get_access_approval_settings.timeout = 600.0
                 default_config.rpcs.get_access_approval_settings.retry_policy = {
                   initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14]
@@ -582,6 +584,98 @@ module Google
               raise ::Google::Cloud::Error.from_error(e)
             end
+            ##
+            # Invalidates an existing ApprovalRequest. Returns the updated
+            # ApprovalRequest.
+            #
+            # NOTE: This does not deny access to the resource if another request has been
+            # made and approved. It only invalidates a single approval.
+            #
+            # Returns FAILED_PRECONDITION if the request exists but is not in an approved
+            # state.
+            #
+            # @overload invalidate_approval_request(request, options = nil)
+            #   Pass arguments to `invalidate_approval_request` via a request object, either of type
+            #   {::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage} or an equivalent Hash.
+            #
+            #   @param request [::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage, ::Hash]
+            #     A request object representing the call parameters. Required. To specify no
+            #     parameters, or to keep all the default parameter values, pass an empty Hash.
+            #   @param options [::Gapic::CallOptions, ::Hash]
+            #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
+            #
+            # @overload invalidate_approval_request(name: nil)
+            #   Pass arguments to `invalidate_approval_request` via keyword arguments. Note that at
+            #   least one keyword argument is required. To specify no parameters, or to keep all
+            #   the default parameter values, pass an empty Hash as a request object (see above).
+            #
+            #   @param name [::String]
+            #     Name of the ApprovalRequest to invalidate.
+            #
+            # @yield [response, operation] Access the result along with the RPC operation
+            # @yieldparam response [::Google::Cloud::AccessApproval::V1::ApprovalRequest]
+            # @yieldparam operation [::GRPC::ActiveCall::Operation]
+            #
+            # @return [::Google::Cloud::AccessApproval::V1::ApprovalRequest]
+            #
+            # @raise [::Google::Cloud::Error] if the RPC is aborted.
+            #
+            # @example Basic example
+            #   require "google/cloud/access_approval/v1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::AccessApproval::V1::AccessApproval::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage.new
+            #
+            #   # Call the invalidate_approval_request method.
+            #   result = client.invalidate_approval_request request
+            #
+            #   # The returned object is of type Google::Cloud::AccessApproval::V1::ApprovalRequest.
+            #   p result
+            #
+            def invalidate_approval_request request, options = nil
+              raise ::ArgumentError, "request must be provided" if request.nil?
+              request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage
+              # Converts hash and nil to an options object
+              options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
+              # Customize the options with defaults
+              metadata = @config.rpcs.invalidate_approval_request.metadata.to_h
+              # Set x-goog-api-client and x-goog-user-project headers
+              metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
+                lib_name: @config.lib_name, lib_version: @config.lib_version,
+                gapic_version: ::Google::Cloud::AccessApproval::V1::VERSION
+              metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
+              header_params = {}
+              if request.name
+                header_params["name"] = request.name
+              end
+              request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
+              metadata[:"x-goog-request-params"] ||= request_params_header
+              options.apply_defaults timeout:      @config.rpcs.invalidate_approval_request.timeout,
+                                     metadata:     metadata,
+                                     retry_policy: @config.rpcs.invalidate_approval_request.retry_policy
+              options.apply_defaults timeout:      @config.timeout,
+                                     metadata:     @config.metadata,
+                                     retry_policy: @config.retry_policy
+              @access_approval_stub.call_rpc :invalidate_approval_request, request, options: options do |response, operation|
+                yield response, operation if block_given?
+                return response
+              end
+            rescue ::GRPC::BadStatus => e
+              raise ::Google::Cloud::Error.from_error(e)
+            end
             ##
             # Gets the settings associated with a project, folder, or organization.
             #
@@ -855,6 +949,92 @@ module Google
               raise ::Google::Cloud::Error.from_error(e)
             end
+            ##
+            # Retrieves the service account that is used by Access Approval to access KMS
+            # keys for signing approved approval requests.
+            #
+            # @overload get_access_approval_service_account(request, options = nil)
+            #   Pass arguments to `get_access_approval_service_account` via a request object, either of type
+            #   {::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage} or an equivalent Hash.
+            #
+            #   @param request [::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage, ::Hash]
+            #     A request object representing the call parameters. Required. To specify no
+            #     parameters, or to keep all the default parameter values, pass an empty Hash.
+            #   @param options [::Gapic::CallOptions, ::Hash]
+            #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
+            #
+            # @overload get_access_approval_service_account(name: nil)
+            #   Pass arguments to `get_access_approval_service_account` via keyword arguments. Note that at
+            #   least one keyword argument is required. To specify no parameters, or to keep all
+            #   the default parameter values, pass an empty Hash as a request object (see above).
+            #
+            #   @param name [::String]
+            #     Name of the AccessApprovalServiceAccount to retrieve.
+            #
+            # @yield [response, operation] Access the result along with the RPC operation
+            # @yieldparam response [::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount]
+            # @yieldparam operation [::GRPC::ActiveCall::Operation]
+            #
+            # @return [::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount]
+            #
+            # @raise [::Google::Cloud::Error] if the RPC is aborted.
+            #
+            # @example Basic example
+            #   require "google/cloud/access_approval/v1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::AccessApproval::V1::AccessApproval::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage.new
+            #
+            #   # Call the get_access_approval_service_account method.
+            #   result = client.get_access_approval_service_account request
+            #
+            #   # The returned object is of type Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount.
+            #   p result
+            #
+            def get_access_approval_service_account request, options = nil
+              raise ::ArgumentError, "request must be provided" if request.nil?
+              request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage
+              # Converts hash and nil to an options object
+              options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
+              # Customize the options with defaults
+              metadata = @config.rpcs.get_access_approval_service_account.metadata.to_h
+              # Set x-goog-api-client and x-goog-user-project headers
+              metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
+                lib_name: @config.lib_name, lib_version: @config.lib_version,
+                gapic_version: ::Google::Cloud::AccessApproval::V1::VERSION
+              metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
+              header_params = {}
+              if request.name
+                header_params["name"] = request.name
+              end
+              request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
+              metadata[:"x-goog-request-params"] ||= request_params_header
+              options.apply_defaults timeout:      @config.rpcs.get_access_approval_service_account.timeout,
+                                     metadata:     metadata,
+                                     retry_policy: @config.rpcs.get_access_approval_service_account.retry_policy
+              options.apply_defaults timeout:      @config.timeout,
+                                     metadata:     @config.metadata,
+                                     retry_policy: @config.retry_policy
+              @access_approval_stub.call_rpc :get_access_approval_service_account, request, options: options do |response, operation|
+                yield response, operation if block_given?
+                return response
+              end
+            rescue ::GRPC::BadStatus => e
+              raise ::Google::Cloud::Error.from_error(e)
+            end
             ##
             # Configuration class for the AccessApproval API.
             #
@@ -1011,6 +1191,11 @@ module Google
                 #
                 attr_reader :dismiss_approval_request
                 ##
+                # RPC-specific configuration for `invalidate_approval_request`
+                # @return [::Gapic::Config::Method]
+                #
+                attr_reader :invalidate_approval_request
+                ##
                 # RPC-specific configuration for `get_access_approval_settings`
                 # @return [::Gapic::Config::Method]
                 #
@@ -1025,6 +1210,11 @@ module Google
                 # @return [::Gapic::Config::Method]
                 #
                 attr_reader :delete_access_approval_settings
+                ##
+                # RPC-specific configuration for `get_access_approval_service_account`
+                # @return [::Gapic::Config::Method]
+                #
+                attr_reader :get_access_approval_service_account
                 # @private
                 def initialize parent_rpcs = nil
@@ -1036,12 +1226,16 @@ module Google
                   @approve_approval_request = ::Gapic::Config::Method.new approve_approval_request_config
                   dismiss_approval_request_config = parent_rpcs.dismiss_approval_request if parent_rpcs.respond_to? :dismiss_approval_request
                   @dismiss_approval_request = ::Gapic::Config::Method.new dismiss_approval_request_config
+                  invalidate_approval_request_config = parent_rpcs.invalidate_approval_request if parent_rpcs.respond_to? :invalidate_approval_request
+                  @invalidate_approval_request = ::Gapic::Config::Method.new invalidate_approval_request_config
                   get_access_approval_settings_config = parent_rpcs.get_access_approval_settings if parent_rpcs.respond_to? :get_access_approval_settings
                   @get_access_approval_settings = ::Gapic::Config::Method.new get_access_approval_settings_config
                   update_access_approval_settings_config = parent_rpcs.update_access_approval_settings if parent_rpcs.respond_to? :update_access_approval_settings
                   @update_access_approval_settings = ::Gapic::Config::Method.new update_access_approval_settings_config
                   delete_access_approval_settings_config = parent_rpcs.delete_access_approval_settings if parent_rpcs.respond_to? :delete_access_approval_settings
                   @delete_access_approval_settings = ::Gapic::Config::Method.new delete_access_approval_settings_config
+                  get_access_approval_service_account_config = parent_rpcs.get_access_approval_service_account if parent_rpcs.respond_to? :get_access_approval_service_account
+                  @get_access_approval_service_account = ::Gapic::Config::Method.new get_access_approval_service_account_config
                   yield self if block_given?
                 end

data/lib/google/cloud/access_approval/v1/version.rb CHANGED Viewed

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module AccessApproval
       module V1
-        VERSION = "0.5.0"
+        VERSION = "0.6.0"
       end
     end
   end

data/lib/google/cloud/access_approval/v1.rb CHANGED Viewed

@@ -25,6 +25,8 @@ module Google
       ##
       # To load this package, including all its services, and instantiate a client:
       #
+      # @example
+      #
       #     require "google/cloud/access_approval/v1"
       #     client = ::Google::Cloud::AccessApproval::V1::AccessApproval::Client.new
       #

data/lib/google/cloud/accessapproval/v1/accessapproval_pb.rb CHANGED Viewed

@@ -1,6 +1,8 @@
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
 # source: google/cloud/accessapproval/v1/accessapproval.proto
+require 'google/protobuf'
 require 'google/api/annotations_pb'
 require 'google/api/client_pb'
 require 'google/api/field_behavior_pb'
@@ -8,7 +10,6 @@ require 'google/api/resource_pb'
 require 'google/protobuf/empty_pb'
 require 'google/protobuf/field_mask_pb'
 require 'google/protobuf/timestamp_pb'
-require 'google/protobuf'
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("google/cloud/accessapproval/v1/accessapproval.proto", :syntax => :proto3) do
@@ -25,10 +26,22 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       value :CUSTOMER_INITIATED_SUPPORT, 1
       value :GOOGLE_INITIATED_SERVICE, 2
       value :GOOGLE_INITIATED_REVIEW, 3
+      value :THIRD_PARTY_DATA_REQUEST, 4
+      value :GOOGLE_RESPONSE_TO_PRODUCTION_ALERT, 5
+    end
+    add_message "google.cloud.accessapproval.v1.SignatureInfo" do
+      optional :signature, :bytes, 1
+      oneof :verification_info do
+        optional :google_public_key_pem, :string, 2
+        optional :customer_kms_key_version, :string, 3
+      end
     end
     add_message "google.cloud.accessapproval.v1.ApproveDecision" do
       optional :approve_time, :message, 1, "google.protobuf.Timestamp"
       optional :expire_time, :message, 2, "google.protobuf.Timestamp"
+      optional :invalidate_time, :message, 3, "google.protobuf.Timestamp"
+      optional :signature_info, :message, 4, "google.cloud.accessapproval.v1.SignatureInfo"
+      optional :auto_approved, :bool, 5
     end
     add_message "google.cloud.accessapproval.v1.DismissDecision" do
       optional :dismiss_time, :message, 1, "google.protobuf.Timestamp"
@@ -59,6 +72,13 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       repeated :notification_emails, :string, 2
       repeated :enrolled_services, :message, 3, "google.cloud.accessapproval.v1.EnrolledService"
       optional :enrolled_ancestor, :bool, 4
+      optional :active_key_version, :string, 6
+      optional :ancestor_has_active_key_version, :bool, 7
+      optional :invalid_key_version, :bool, 8
+    end
+    add_message "google.cloud.accessapproval.v1.AccessApprovalServiceAccount" do
+      optional :name, :string, 1
+      optional :account_email, :string, 2
     end
     add_message "google.cloud.accessapproval.v1.ListApprovalRequestsMessage" do
       optional :parent, :string, 1
@@ -80,6 +100,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
     add_message "google.cloud.accessapproval.v1.DismissApprovalRequestMessage" do
       optional :name, :string, 1
     end
+    add_message "google.cloud.accessapproval.v1.InvalidateApprovalRequestMessage" do
+      optional :name, :string, 1
+    end
     add_message "google.cloud.accessapproval.v1.GetAccessApprovalSettingsMessage" do
       optional :name, :string, 1
     end
@@ -90,6 +113,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
     add_message "google.cloud.accessapproval.v1.DeleteAccessApprovalSettingsMessage" do
       optional :name, :string, 1
     end
+    add_message "google.cloud.accessapproval.v1.GetAccessApprovalServiceAccountMessage" do
+      optional :name, :string, 1
+    end
     add_enum "google.cloud.accessapproval.v1.EnrollmentLevel" do
       value :ENROLLMENT_LEVEL_UNSPECIFIED, 0
       value :BLOCK_ALL, 1
@@ -104,20 +130,24 @@ module Google
         AccessLocations = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessLocations").msgclass
         AccessReason = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessReason").msgclass
         AccessReason::Type = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessReason.Type").enummodule
+        SignatureInfo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.SignatureInfo").msgclass
         ApproveDecision = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApproveDecision").msgclass
         DismissDecision = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DismissDecision").msgclass
         ResourceProperties = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ResourceProperties").msgclass
         ApprovalRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApprovalRequest").msgclass
         EnrolledService = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.EnrolledService").msgclass
         AccessApprovalSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessApprovalSettings").msgclass
+        AccessApprovalServiceAccount = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessApprovalServiceAccount").msgclass
         ListApprovalRequestsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ListApprovalRequestsMessage").msgclass
         ListApprovalRequestsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ListApprovalRequestsResponse").msgclass
         GetApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetApprovalRequestMessage").msgclass
         ApproveApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApproveApprovalRequestMessage").msgclass
         DismissApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DismissApprovalRequestMessage").msgclass
+        InvalidateApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.InvalidateApprovalRequestMessage").msgclass
         GetAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetAccessApprovalSettingsMessage").msgclass
         UpdateAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.UpdateAccessApprovalSettingsMessage").msgclass
         DeleteAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DeleteAccessApprovalSettingsMessage").msgclass
+        GetAccessApprovalServiceAccountMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetAccessApprovalServiceAccountMessage").msgclass
         EnrollmentLevel = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.EnrollmentLevel").enummodule
       end
     end

data/lib/google/cloud/accessapproval/v1/accessapproval_services_pb.rb CHANGED Viewed

@@ -87,6 +87,15 @@ module Google
             # Returns FAILED_PRECONDITION if the request exists but is not in a pending
             # state.
             rpc :DismissApprovalRequest, ::Google::Cloud::AccessApproval::V1::DismissApprovalRequestMessage, ::Google::Cloud::AccessApproval::V1::ApprovalRequest
+            # Invalidates an existing ApprovalRequest. Returns the updated
+            # ApprovalRequest.
+            #
+            # NOTE: This does not deny access to the resource if another request has been
+            # made and approved. It only invalidates a single approval.
+            #
+            # Returns FAILED_PRECONDITION if the request exists but is not in an approved
+            # state.
+            rpc :InvalidateApprovalRequest, ::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage, ::Google::Cloud::AccessApproval::V1::ApprovalRequest
             # Gets the settings associated with a project, folder, or organization.
             rpc :GetAccessApprovalSettings, ::Google::Cloud::AccessApproval::V1::GetAccessApprovalSettingsMessage, ::Google::Cloud::AccessApproval::V1::AccessApprovalSettings
             # Updates the settings associated with a project, folder, or organization.
@@ -99,6 +108,9 @@ module Google
             # hierarchy, then Access Approval will still be enabled at this level as
             # the settings are inherited.
             rpc :DeleteAccessApprovalSettings, ::Google::Cloud::AccessApproval::V1::DeleteAccessApprovalSettingsMessage, ::Google::Protobuf::Empty
+            # Retrieves the service account that is used by Access Approval to access KMS
+            # keys for signing approved approval requests.
+            rpc :GetAccessApprovalServiceAccount, ::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage, ::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount
           end
           Stub = Service.rpc_stub_class

data/proto_docs/google/cloud/accessapproval/v1/accessapproval.rb CHANGED Viewed

@@ -86,17 +86,43 @@ module Google
             CUSTOMER_INITIATED_SUPPORT = 1
             # The principal accessed customer data in order to diagnose or resolve a
-            # suspected issue in services or a known outage. Often this access is used
-            # to confirm that customers are not affected by a suspected service issue
-            # or to remediate a reversible system issue.
+            # suspected issue in services. Often this access is used to confirm that
+            # customers are not affected by a suspected service issue or to remediate a
+            # reversible system issue.
             GOOGLE_INITIATED_SERVICE = 2
             # Google initiated service for security, fraud, abuse, or compliance
             # purposes.
             GOOGLE_INITIATED_REVIEW = 3
+            # The principal was compelled to access customer data in order to respond
+            # to a legal third party data request or process, including legal processes
+            # from customers themselves.
+            THIRD_PARTY_DATA_REQUEST = 4
+            # The principal accessed customer data in order to diagnose or resolve a
+            # suspected issue in services or a known outage.
+            GOOGLE_RESPONSE_TO_PRODUCTION_ALERT = 5
           end
         end
+        # Information about the digital signature of the resource.
+        # @!attribute [rw] signature
+        #   @return [::String]
+        #     The digital signature.
+        # @!attribute [rw] google_public_key_pem
+        #   @return [::String]
+        #     The public key for the Google default signing, encoded in PEM format. The
+        #     signature was created using a private key which may be verified using
+        #     this public key.
+        # @!attribute [rw] customer_kms_key_version
+        #   @return [::String]
+        #     The resource name of the customer CryptoKeyVersion used for signing.
+        class SignatureInfo
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
         # A decision that has been made to approve access to a resource.
         # @!attribute [rw] approve_time
         #   @return [::Google::Protobuf::Timestamp]
@@ -104,6 +130,15 @@ module Google
         # @!attribute [rw] expire_time
         #   @return [::Google::Protobuf::Timestamp]
         #     The time at which the approval expires.
+        # @!attribute [rw] invalidate_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     If set, denotes the timestamp at which the approval is invalidated.
+        # @!attribute [rw] signature_info
+        #   @return [::Google::Cloud::AccessApproval::V1::SignatureInfo]
+        #     The signature for the ApprovalRequest and details on how it was signed.
+        # @!attribute [rw] auto_approved
+        #   @return [::Boolean]
+        #     True when the request has been auto-approved.
         class ApproveDecision
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -115,8 +150,8 @@ module Google
         #     The time at which the approval request was dismissed.
         # @!attribute [rw] implicit
         #   @return [::Boolean]
-        #     This field will be true if the ApprovalRequest was implcitly dismissed
-        #     due to inaction by the access approval approvers (the request is not acted
+        #     This field will be true if the ApprovalRequest was implicitly dismissed due
+        #     to inaction by the access approval approvers (the request is not acted
         #     on by the approvers before the exiration time).
         class DismissDecision
           include ::Google::Protobuf::MessageExts
@@ -277,11 +312,48 @@ module Google
         #     indicates that at least one service is enrolled for Access Approval in one
         #     or more ancestors of the Project or Folder (this field will always be
         #     unset for the organization since organizations do not have ancestors).
+        # @!attribute [rw] active_key_version
+        #   @return [::String]
+        #     The asymmetric crypto key version to use for signing approval requests.
+        #     Empty active_key_version indicates that a Google-managed key should be used
+        #     for signing. This property will be ignored if set by an ancestor of this
+        #     resource, and new non-empty values may not be set.
+        # @!attribute [r] ancestor_has_active_key_version
+        #   @return [::Boolean]
+        #     Output only. This field is read only (not settable via UpdateAccessApprovalSettings
+        #     method). If the field is true, that indicates that an ancestor of this
+        #     Project or Folder has set active_key_version (this field will always be
+        #     unset for the organization since organizations do not have ancestors).
+        # @!attribute [r] invalid_key_version
+        #   @return [::Boolean]
+        #     Output only. This field is read only (not settable via UpdateAccessApprovalSettings
+        #     method). If the field is true, that indicates that there is some
+        #     configuration issue with the active_key_version configured at this level in
+        #     the resource hierarchy (e.g. it doesn't exist or the Access Approval
+        #     service account doesn't have the correct permissions on it, etc.) This key
+        #     version is not necessarily the effective key version at this level, as key
+        #     versions are inherited top-down.
         class AccessApprovalSettings
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
+        # Access Approval service account related to a project/folder/organization.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     The resource name of the Access Approval service account. Format is one of:
+        #
+        #       * "projects/\\{project}/serviceAccount"
+        #       * "folders/\\{folder}/serviceAccount"
+        #       * "organizations/\\{organization}/serviceAccount"
+        # @!attribute [rw] account_email
+        #   @return [::String]
+        #     Email address of the service account.
+        class AccessApprovalServiceAccount
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
         # Request to list approval requests.
         # @!attribute [rw] parent
         #   @return [::String]
@@ -356,6 +428,15 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
+        # Request to invalidate an existing approval.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Name of the ApprovalRequest to invalidate.
+        class InvalidateApprovalRequestMessage
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
         # Request to get access approval settings.
         # @!attribute [rw] name
         #   @return [::String]
@@ -396,6 +477,15 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
+        # Request to get an Access Approval service account.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Name of the AccessApprovalServiceAccount to retrieve.
+        class GetAccessApprovalServiceAccountMessage
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
         # Represents the type of enrollment for a given service to Access Approval.
         module EnrollmentLevel
           # Default value for proto, shouldn't be used.

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-access_approval-v1
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.6.0
 platform: ruby
 authors:
 - Google LLC
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-02-16 00:00:00.000000000 Z
+date: 2022-05-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common