google-cloud-access_approval-v1 0.5.0 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 37f4b44fbdd48df2ba584f2d5c20c954fa9ac6099885cb43e93bec9492472032
4
- data.tar.gz: e29907811985a29327b0ea4e6ec591cf142d15dc98dd53d26dec29b9e119ba24
3
+ metadata.gz: 39ee179d20badb6b1447d9218c5be243db4f3087881a20a0c8952c765519960f
4
+ data.tar.gz: bd3435892e9afe88ba7cfde44b8625d5c19cc754c46c9c7919636f762c284b68
5
5
  SHA512:
6
- metadata.gz: c22da0fa4848ae4f8316ec62545e351719d6ddcf0897b4263fcb9c872c969ae60bf60d3e9ddbb66dc43fcbefeec5463741682ce8809acb2503502fd92010dc8f
7
- data.tar.gz: 561c6ea7129538c61b6794f645d2e7bcc7f05697612d0955c8b5d2fde91d78e38c07569abc71db3549fe94c5ae84e237e39d5530dba1fd1310962cd26f2d6ea0
6
+ metadata.gz: 6acdc47e360b57314cd84832368471f415c7f5b40888313a96bd048d4a5efcecd2c735df5e0f2a72de53580b3d95d86bb0c9d0d459d0672fea71c666002a1fe0
7
+ data.tar.gz: 5b8900a860c9ddd2d06ac39c66b93e1e71eb40ed57e07c55229cec7b26bdc499d6424fed71ec332ab159282573de49531fb7364c194ea61128db644c5e45c83e
data/README.md CHANGED
@@ -69,6 +69,11 @@ module GRPC
69
69
  end
70
70
  ```
71
71
 
72
+
73
+ ## Google Cloud Samples
74
+
75
+ To browse ready to use code samples check [Google Cloud Samples](https://cloud.google.com/docs/samples).
76
+
72
77
  ## Supported Ruby Versions
73
78
 
74
79
  This library is supported on Ruby 2.5+.
@@ -110,6 +110,8 @@ module Google
110
110
 
111
111
  default_config.rpcs.dismiss_approval_request.timeout = 600.0
112
112
 
113
+ default_config.rpcs.invalidate_approval_request.timeout = 600.0
114
+
113
115
  default_config.rpcs.get_access_approval_settings.timeout = 600.0
114
116
  default_config.rpcs.get_access_approval_settings.retry_policy = {
115
117
  initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14]
@@ -582,6 +584,98 @@ module Google
582
584
  raise ::Google::Cloud::Error.from_error(e)
583
585
  end
584
586
 
587
+ ##
588
+ # Invalidates an existing ApprovalRequest. Returns the updated
589
+ # ApprovalRequest.
590
+ #
591
+ # NOTE: This does not deny access to the resource if another request has been
592
+ # made and approved. It only invalidates a single approval.
593
+ #
594
+ # Returns FAILED_PRECONDITION if the request exists but is not in an approved
595
+ # state.
596
+ #
597
+ # @overload invalidate_approval_request(request, options = nil)
598
+ # Pass arguments to `invalidate_approval_request` via a request object, either of type
599
+ # {::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage} or an equivalent Hash.
600
+ #
601
+ # @param request [::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage, ::Hash]
602
+ # A request object representing the call parameters. Required. To specify no
603
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
604
+ # @param options [::Gapic::CallOptions, ::Hash]
605
+ # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
606
+ #
607
+ # @overload invalidate_approval_request(name: nil)
608
+ # Pass arguments to `invalidate_approval_request` via keyword arguments. Note that at
609
+ # least one keyword argument is required. To specify no parameters, or to keep all
610
+ # the default parameter values, pass an empty Hash as a request object (see above).
611
+ #
612
+ # @param name [::String]
613
+ # Name of the ApprovalRequest to invalidate.
614
+ #
615
+ # @yield [response, operation] Access the result along with the RPC operation
616
+ # @yieldparam response [::Google::Cloud::AccessApproval::V1::ApprovalRequest]
617
+ # @yieldparam operation [::GRPC::ActiveCall::Operation]
618
+ #
619
+ # @return [::Google::Cloud::AccessApproval::V1::ApprovalRequest]
620
+ #
621
+ # @raise [::Google::Cloud::Error] if the RPC is aborted.
622
+ #
623
+ # @example Basic example
624
+ # require "google/cloud/access_approval/v1"
625
+ #
626
+ # # Create a client object. The client can be reused for multiple calls.
627
+ # client = Google::Cloud::AccessApproval::V1::AccessApproval::Client.new
628
+ #
629
+ # # Create a request. To set request fields, pass in keyword arguments.
630
+ # request = Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage.new
631
+ #
632
+ # # Call the invalidate_approval_request method.
633
+ # result = client.invalidate_approval_request request
634
+ #
635
+ # # The returned object is of type Google::Cloud::AccessApproval::V1::ApprovalRequest.
636
+ # p result
637
+ #
638
+ def invalidate_approval_request request, options = nil
639
+ raise ::ArgumentError, "request must be provided" if request.nil?
640
+
641
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage
642
+
643
+ # Converts hash and nil to an options object
644
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
645
+
646
+ # Customize the options with defaults
647
+ metadata = @config.rpcs.invalidate_approval_request.metadata.to_h
648
+
649
+ # Set x-goog-api-client and x-goog-user-project headers
650
+ metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
651
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
652
+ gapic_version: ::Google::Cloud::AccessApproval::V1::VERSION
653
+ metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
654
+
655
+ header_params = {}
656
+ if request.name
657
+ header_params["name"] = request.name
658
+ end
659
+
660
+ request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
661
+ metadata[:"x-goog-request-params"] ||= request_params_header
662
+
663
+ options.apply_defaults timeout: @config.rpcs.invalidate_approval_request.timeout,
664
+ metadata: metadata,
665
+ retry_policy: @config.rpcs.invalidate_approval_request.retry_policy
666
+
667
+ options.apply_defaults timeout: @config.timeout,
668
+ metadata: @config.metadata,
669
+ retry_policy: @config.retry_policy
670
+
671
+ @access_approval_stub.call_rpc :invalidate_approval_request, request, options: options do |response, operation|
672
+ yield response, operation if block_given?
673
+ return response
674
+ end
675
+ rescue ::GRPC::BadStatus => e
676
+ raise ::Google::Cloud::Error.from_error(e)
677
+ end
678
+
585
679
  ##
586
680
  # Gets the settings associated with a project, folder, or organization.
587
681
  #
@@ -855,6 +949,92 @@ module Google
855
949
  raise ::Google::Cloud::Error.from_error(e)
856
950
  end
857
951
 
952
+ ##
953
+ # Retrieves the service account that is used by Access Approval to access KMS
954
+ # keys for signing approved approval requests.
955
+ #
956
+ # @overload get_access_approval_service_account(request, options = nil)
957
+ # Pass arguments to `get_access_approval_service_account` via a request object, either of type
958
+ # {::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage} or an equivalent Hash.
959
+ #
960
+ # @param request [::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage, ::Hash]
961
+ # A request object representing the call parameters. Required. To specify no
962
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
963
+ # @param options [::Gapic::CallOptions, ::Hash]
964
+ # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
965
+ #
966
+ # @overload get_access_approval_service_account(name: nil)
967
+ # Pass arguments to `get_access_approval_service_account` via keyword arguments. Note that at
968
+ # least one keyword argument is required. To specify no parameters, or to keep all
969
+ # the default parameter values, pass an empty Hash as a request object (see above).
970
+ #
971
+ # @param name [::String]
972
+ # Name of the AccessApprovalServiceAccount to retrieve.
973
+ #
974
+ # @yield [response, operation] Access the result along with the RPC operation
975
+ # @yieldparam response [::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount]
976
+ # @yieldparam operation [::GRPC::ActiveCall::Operation]
977
+ #
978
+ # @return [::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount]
979
+ #
980
+ # @raise [::Google::Cloud::Error] if the RPC is aborted.
981
+ #
982
+ # @example Basic example
983
+ # require "google/cloud/access_approval/v1"
984
+ #
985
+ # # Create a client object. The client can be reused for multiple calls.
986
+ # client = Google::Cloud::AccessApproval::V1::AccessApproval::Client.new
987
+ #
988
+ # # Create a request. To set request fields, pass in keyword arguments.
989
+ # request = Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage.new
990
+ #
991
+ # # Call the get_access_approval_service_account method.
992
+ # result = client.get_access_approval_service_account request
993
+ #
994
+ # # The returned object is of type Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount.
995
+ # p result
996
+ #
997
+ def get_access_approval_service_account request, options = nil
998
+ raise ::ArgumentError, "request must be provided" if request.nil?
999
+
1000
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage
1001
+
1002
+ # Converts hash and nil to an options object
1003
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1004
+
1005
+ # Customize the options with defaults
1006
+ metadata = @config.rpcs.get_access_approval_service_account.metadata.to_h
1007
+
1008
+ # Set x-goog-api-client and x-goog-user-project headers
1009
+ metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1010
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1011
+ gapic_version: ::Google::Cloud::AccessApproval::V1::VERSION
1012
+ metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1013
+
1014
+ header_params = {}
1015
+ if request.name
1016
+ header_params["name"] = request.name
1017
+ end
1018
+
1019
+ request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
1020
+ metadata[:"x-goog-request-params"] ||= request_params_header
1021
+
1022
+ options.apply_defaults timeout: @config.rpcs.get_access_approval_service_account.timeout,
1023
+ metadata: metadata,
1024
+ retry_policy: @config.rpcs.get_access_approval_service_account.retry_policy
1025
+
1026
+ options.apply_defaults timeout: @config.timeout,
1027
+ metadata: @config.metadata,
1028
+ retry_policy: @config.retry_policy
1029
+
1030
+ @access_approval_stub.call_rpc :get_access_approval_service_account, request, options: options do |response, operation|
1031
+ yield response, operation if block_given?
1032
+ return response
1033
+ end
1034
+ rescue ::GRPC::BadStatus => e
1035
+ raise ::Google::Cloud::Error.from_error(e)
1036
+ end
1037
+
858
1038
  ##
859
1039
  # Configuration class for the AccessApproval API.
860
1040
  #
@@ -1011,6 +1191,11 @@ module Google
1011
1191
  #
1012
1192
  attr_reader :dismiss_approval_request
1013
1193
  ##
1194
+ # RPC-specific configuration for `invalidate_approval_request`
1195
+ # @return [::Gapic::Config::Method]
1196
+ #
1197
+ attr_reader :invalidate_approval_request
1198
+ ##
1014
1199
  # RPC-specific configuration for `get_access_approval_settings`
1015
1200
  # @return [::Gapic::Config::Method]
1016
1201
  #
@@ -1025,6 +1210,11 @@ module Google
1025
1210
  # @return [::Gapic::Config::Method]
1026
1211
  #
1027
1212
  attr_reader :delete_access_approval_settings
1213
+ ##
1214
+ # RPC-specific configuration for `get_access_approval_service_account`
1215
+ # @return [::Gapic::Config::Method]
1216
+ #
1217
+ attr_reader :get_access_approval_service_account
1028
1218
 
1029
1219
  # @private
1030
1220
  def initialize parent_rpcs = nil
@@ -1036,12 +1226,16 @@ module Google
1036
1226
  @approve_approval_request = ::Gapic::Config::Method.new approve_approval_request_config
1037
1227
  dismiss_approval_request_config = parent_rpcs.dismiss_approval_request if parent_rpcs.respond_to? :dismiss_approval_request
1038
1228
  @dismiss_approval_request = ::Gapic::Config::Method.new dismiss_approval_request_config
1229
+ invalidate_approval_request_config = parent_rpcs.invalidate_approval_request if parent_rpcs.respond_to? :invalidate_approval_request
1230
+ @invalidate_approval_request = ::Gapic::Config::Method.new invalidate_approval_request_config
1039
1231
  get_access_approval_settings_config = parent_rpcs.get_access_approval_settings if parent_rpcs.respond_to? :get_access_approval_settings
1040
1232
  @get_access_approval_settings = ::Gapic::Config::Method.new get_access_approval_settings_config
1041
1233
  update_access_approval_settings_config = parent_rpcs.update_access_approval_settings if parent_rpcs.respond_to? :update_access_approval_settings
1042
1234
  @update_access_approval_settings = ::Gapic::Config::Method.new update_access_approval_settings_config
1043
1235
  delete_access_approval_settings_config = parent_rpcs.delete_access_approval_settings if parent_rpcs.respond_to? :delete_access_approval_settings
1044
1236
  @delete_access_approval_settings = ::Gapic::Config::Method.new delete_access_approval_settings_config
1237
+ get_access_approval_service_account_config = parent_rpcs.get_access_approval_service_account if parent_rpcs.respond_to? :get_access_approval_service_account
1238
+ @get_access_approval_service_account = ::Gapic::Config::Method.new get_access_approval_service_account_config
1045
1239
 
1046
1240
  yield self if block_given?
1047
1241
  end
@@ -21,7 +21,7 @@ module Google
21
21
  module Cloud
22
22
  module AccessApproval
23
23
  module V1
24
- VERSION = "0.5.0"
24
+ VERSION = "0.6.0"
25
25
  end
26
26
  end
27
27
  end
@@ -25,6 +25,8 @@ module Google
25
25
  ##
26
26
  # To load this package, including all its services, and instantiate a client:
27
27
  #
28
+ # @example
29
+ #
28
30
  # require "google/cloud/access_approval/v1"
29
31
  # client = ::Google::Cloud::AccessApproval::V1::AccessApproval::Client.new
30
32
  #
@@ -1,6 +1,8 @@
1
1
  # Generated by the protocol buffer compiler. DO NOT EDIT!
2
2
  # source: google/cloud/accessapproval/v1/accessapproval.proto
3
3
 
4
+ require 'google/protobuf'
5
+
4
6
  require 'google/api/annotations_pb'
5
7
  require 'google/api/client_pb'
6
8
  require 'google/api/field_behavior_pb'
@@ -8,7 +10,6 @@ require 'google/api/resource_pb'
8
10
  require 'google/protobuf/empty_pb'
9
11
  require 'google/protobuf/field_mask_pb'
10
12
  require 'google/protobuf/timestamp_pb'
11
- require 'google/protobuf'
12
13
 
13
14
  Google::Protobuf::DescriptorPool.generated_pool.build do
14
15
  add_file("google/cloud/accessapproval/v1/accessapproval.proto", :syntax => :proto3) do
@@ -25,10 +26,22 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
25
26
  value :CUSTOMER_INITIATED_SUPPORT, 1
26
27
  value :GOOGLE_INITIATED_SERVICE, 2
27
28
  value :GOOGLE_INITIATED_REVIEW, 3
29
+ value :THIRD_PARTY_DATA_REQUEST, 4
30
+ value :GOOGLE_RESPONSE_TO_PRODUCTION_ALERT, 5
31
+ end
32
+ add_message "google.cloud.accessapproval.v1.SignatureInfo" do
33
+ optional :signature, :bytes, 1
34
+ oneof :verification_info do
35
+ optional :google_public_key_pem, :string, 2
36
+ optional :customer_kms_key_version, :string, 3
37
+ end
28
38
  end
29
39
  add_message "google.cloud.accessapproval.v1.ApproveDecision" do
30
40
  optional :approve_time, :message, 1, "google.protobuf.Timestamp"
31
41
  optional :expire_time, :message, 2, "google.protobuf.Timestamp"
42
+ optional :invalidate_time, :message, 3, "google.protobuf.Timestamp"
43
+ optional :signature_info, :message, 4, "google.cloud.accessapproval.v1.SignatureInfo"
44
+ optional :auto_approved, :bool, 5
32
45
  end
33
46
  add_message "google.cloud.accessapproval.v1.DismissDecision" do
34
47
  optional :dismiss_time, :message, 1, "google.protobuf.Timestamp"
@@ -59,6 +72,13 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
59
72
  repeated :notification_emails, :string, 2
60
73
  repeated :enrolled_services, :message, 3, "google.cloud.accessapproval.v1.EnrolledService"
61
74
  optional :enrolled_ancestor, :bool, 4
75
+ optional :active_key_version, :string, 6
76
+ optional :ancestor_has_active_key_version, :bool, 7
77
+ optional :invalid_key_version, :bool, 8
78
+ end
79
+ add_message "google.cloud.accessapproval.v1.AccessApprovalServiceAccount" do
80
+ optional :name, :string, 1
81
+ optional :account_email, :string, 2
62
82
  end
63
83
  add_message "google.cloud.accessapproval.v1.ListApprovalRequestsMessage" do
64
84
  optional :parent, :string, 1
@@ -80,6 +100,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
80
100
  add_message "google.cloud.accessapproval.v1.DismissApprovalRequestMessage" do
81
101
  optional :name, :string, 1
82
102
  end
103
+ add_message "google.cloud.accessapproval.v1.InvalidateApprovalRequestMessage" do
104
+ optional :name, :string, 1
105
+ end
83
106
  add_message "google.cloud.accessapproval.v1.GetAccessApprovalSettingsMessage" do
84
107
  optional :name, :string, 1
85
108
  end
@@ -90,6 +113,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
90
113
  add_message "google.cloud.accessapproval.v1.DeleteAccessApprovalSettingsMessage" do
91
114
  optional :name, :string, 1
92
115
  end
116
+ add_message "google.cloud.accessapproval.v1.GetAccessApprovalServiceAccountMessage" do
117
+ optional :name, :string, 1
118
+ end
93
119
  add_enum "google.cloud.accessapproval.v1.EnrollmentLevel" do
94
120
  value :ENROLLMENT_LEVEL_UNSPECIFIED, 0
95
121
  value :BLOCK_ALL, 1
@@ -104,20 +130,24 @@ module Google
104
130
  AccessLocations = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessLocations").msgclass
105
131
  AccessReason = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessReason").msgclass
106
132
  AccessReason::Type = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessReason.Type").enummodule
133
+ SignatureInfo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.SignatureInfo").msgclass
107
134
  ApproveDecision = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApproveDecision").msgclass
108
135
  DismissDecision = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DismissDecision").msgclass
109
136
  ResourceProperties = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ResourceProperties").msgclass
110
137
  ApprovalRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApprovalRequest").msgclass
111
138
  EnrolledService = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.EnrolledService").msgclass
112
139
  AccessApprovalSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessApprovalSettings").msgclass
140
+ AccessApprovalServiceAccount = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessApprovalServiceAccount").msgclass
113
141
  ListApprovalRequestsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ListApprovalRequestsMessage").msgclass
114
142
  ListApprovalRequestsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ListApprovalRequestsResponse").msgclass
115
143
  GetApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetApprovalRequestMessage").msgclass
116
144
  ApproveApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApproveApprovalRequestMessage").msgclass
117
145
  DismissApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DismissApprovalRequestMessage").msgclass
146
+ InvalidateApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.InvalidateApprovalRequestMessage").msgclass
118
147
  GetAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetAccessApprovalSettingsMessage").msgclass
119
148
  UpdateAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.UpdateAccessApprovalSettingsMessage").msgclass
120
149
  DeleteAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DeleteAccessApprovalSettingsMessage").msgclass
150
+ GetAccessApprovalServiceAccountMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetAccessApprovalServiceAccountMessage").msgclass
121
151
  EnrollmentLevel = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.EnrollmentLevel").enummodule
122
152
  end
123
153
  end
@@ -87,6 +87,15 @@ module Google
87
87
  # Returns FAILED_PRECONDITION if the request exists but is not in a pending
88
88
  # state.
89
89
  rpc :DismissApprovalRequest, ::Google::Cloud::AccessApproval::V1::DismissApprovalRequestMessage, ::Google::Cloud::AccessApproval::V1::ApprovalRequest
90
+ # Invalidates an existing ApprovalRequest. Returns the updated
91
+ # ApprovalRequest.
92
+ #
93
+ # NOTE: This does not deny access to the resource if another request has been
94
+ # made and approved. It only invalidates a single approval.
95
+ #
96
+ # Returns FAILED_PRECONDITION if the request exists but is not in an approved
97
+ # state.
98
+ rpc :InvalidateApprovalRequest, ::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage, ::Google::Cloud::AccessApproval::V1::ApprovalRequest
90
99
  # Gets the settings associated with a project, folder, or organization.
91
100
  rpc :GetAccessApprovalSettings, ::Google::Cloud::AccessApproval::V1::GetAccessApprovalSettingsMessage, ::Google::Cloud::AccessApproval::V1::AccessApprovalSettings
92
101
  # Updates the settings associated with a project, folder, or organization.
@@ -99,6 +108,9 @@ module Google
99
108
  # hierarchy, then Access Approval will still be enabled at this level as
100
109
  # the settings are inherited.
101
110
  rpc :DeleteAccessApprovalSettings, ::Google::Cloud::AccessApproval::V1::DeleteAccessApprovalSettingsMessage, ::Google::Protobuf::Empty
111
+ # Retrieves the service account that is used by Access Approval to access KMS
112
+ # keys for signing approved approval requests.
113
+ rpc :GetAccessApprovalServiceAccount, ::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage, ::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount
102
114
  end
103
115
 
104
116
  Stub = Service.rpc_stub_class
@@ -86,17 +86,43 @@ module Google
86
86
  CUSTOMER_INITIATED_SUPPORT = 1
87
87
 
88
88
  # The principal accessed customer data in order to diagnose or resolve a
89
- # suspected issue in services or a known outage. Often this access is used
90
- # to confirm that customers are not affected by a suspected service issue
91
- # or to remediate a reversible system issue.
89
+ # suspected issue in services. Often this access is used to confirm that
90
+ # customers are not affected by a suspected service issue or to remediate a
91
+ # reversible system issue.
92
92
  GOOGLE_INITIATED_SERVICE = 2
93
93
 
94
94
  # Google initiated service for security, fraud, abuse, or compliance
95
95
  # purposes.
96
96
  GOOGLE_INITIATED_REVIEW = 3
97
+
98
+ # The principal was compelled to access customer data in order to respond
99
+ # to a legal third party data request or process, including legal processes
100
+ # from customers themselves.
101
+ THIRD_PARTY_DATA_REQUEST = 4
102
+
103
+ # The principal accessed customer data in order to diagnose or resolve a
104
+ # suspected issue in services or a known outage.
105
+ GOOGLE_RESPONSE_TO_PRODUCTION_ALERT = 5
97
106
  end
98
107
  end
99
108
 
109
+ # Information about the digital signature of the resource.
110
+ # @!attribute [rw] signature
111
+ # @return [::String]
112
+ # The digital signature.
113
+ # @!attribute [rw] google_public_key_pem
114
+ # @return [::String]
115
+ # The public key for the Google default signing, encoded in PEM format. The
116
+ # signature was created using a private key which may be verified using
117
+ # this public key.
118
+ # @!attribute [rw] customer_kms_key_version
119
+ # @return [::String]
120
+ # The resource name of the customer CryptoKeyVersion used for signing.
121
+ class SignatureInfo
122
+ include ::Google::Protobuf::MessageExts
123
+ extend ::Google::Protobuf::MessageExts::ClassMethods
124
+ end
125
+
100
126
  # A decision that has been made to approve access to a resource.
101
127
  # @!attribute [rw] approve_time
102
128
  # @return [::Google::Protobuf::Timestamp]
@@ -104,6 +130,15 @@ module Google
104
130
  # @!attribute [rw] expire_time
105
131
  # @return [::Google::Protobuf::Timestamp]
106
132
  # The time at which the approval expires.
133
+ # @!attribute [rw] invalidate_time
134
+ # @return [::Google::Protobuf::Timestamp]
135
+ # If set, denotes the timestamp at which the approval is invalidated.
136
+ # @!attribute [rw] signature_info
137
+ # @return [::Google::Cloud::AccessApproval::V1::SignatureInfo]
138
+ # The signature for the ApprovalRequest and details on how it was signed.
139
+ # @!attribute [rw] auto_approved
140
+ # @return [::Boolean]
141
+ # True when the request has been auto-approved.
107
142
  class ApproveDecision
108
143
  include ::Google::Protobuf::MessageExts
109
144
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -115,8 +150,8 @@ module Google
115
150
  # The time at which the approval request was dismissed.
116
151
  # @!attribute [rw] implicit
117
152
  # @return [::Boolean]
118
- # This field will be true if the ApprovalRequest was implcitly dismissed
119
- # due to inaction by the access approval approvers (the request is not acted
153
+ # This field will be true if the ApprovalRequest was implicitly dismissed due
154
+ # to inaction by the access approval approvers (the request is not acted
120
155
  # on by the approvers before the exiration time).
121
156
  class DismissDecision
122
157
  include ::Google::Protobuf::MessageExts
@@ -277,11 +312,48 @@ module Google
277
312
  # indicates that at least one service is enrolled for Access Approval in one
278
313
  # or more ancestors of the Project or Folder (this field will always be
279
314
  # unset for the organization since organizations do not have ancestors).
315
+ # @!attribute [rw] active_key_version
316
+ # @return [::String]
317
+ # The asymmetric crypto key version to use for signing approval requests.
318
+ # Empty active_key_version indicates that a Google-managed key should be used
319
+ # for signing. This property will be ignored if set by an ancestor of this
320
+ # resource, and new non-empty values may not be set.
321
+ # @!attribute [r] ancestor_has_active_key_version
322
+ # @return [::Boolean]
323
+ # Output only. This field is read only (not settable via UpdateAccessApprovalSettings
324
+ # method). If the field is true, that indicates that an ancestor of this
325
+ # Project or Folder has set active_key_version (this field will always be
326
+ # unset for the organization since organizations do not have ancestors).
327
+ # @!attribute [r] invalid_key_version
328
+ # @return [::Boolean]
329
+ # Output only. This field is read only (not settable via UpdateAccessApprovalSettings
330
+ # method). If the field is true, that indicates that there is some
331
+ # configuration issue with the active_key_version configured at this level in
332
+ # the resource hierarchy (e.g. it doesn't exist or the Access Approval
333
+ # service account doesn't have the correct permissions on it, etc.) This key
334
+ # version is not necessarily the effective key version at this level, as key
335
+ # versions are inherited top-down.
280
336
  class AccessApprovalSettings
281
337
  include ::Google::Protobuf::MessageExts
282
338
  extend ::Google::Protobuf::MessageExts::ClassMethods
283
339
  end
284
340
 
341
+ # Access Approval service account related to a project/folder/organization.
342
+ # @!attribute [rw] name
343
+ # @return [::String]
344
+ # The resource name of the Access Approval service account. Format is one of:
345
+ #
346
+ # * "projects/\\{project}/serviceAccount"
347
+ # * "folders/\\{folder}/serviceAccount"
348
+ # * "organizations/\\{organization}/serviceAccount"
349
+ # @!attribute [rw] account_email
350
+ # @return [::String]
351
+ # Email address of the service account.
352
+ class AccessApprovalServiceAccount
353
+ include ::Google::Protobuf::MessageExts
354
+ extend ::Google::Protobuf::MessageExts::ClassMethods
355
+ end
356
+
285
357
  # Request to list approval requests.
286
358
  # @!attribute [rw] parent
287
359
  # @return [::String]
@@ -356,6 +428,15 @@ module Google
356
428
  extend ::Google::Protobuf::MessageExts::ClassMethods
357
429
  end
358
430
 
431
+ # Request to invalidate an existing approval.
432
+ # @!attribute [rw] name
433
+ # @return [::String]
434
+ # Name of the ApprovalRequest to invalidate.
435
+ class InvalidateApprovalRequestMessage
436
+ include ::Google::Protobuf::MessageExts
437
+ extend ::Google::Protobuf::MessageExts::ClassMethods
438
+ end
439
+
359
440
  # Request to get access approval settings.
360
441
  # @!attribute [rw] name
361
442
  # @return [::String]
@@ -396,6 +477,15 @@ module Google
396
477
  extend ::Google::Protobuf::MessageExts::ClassMethods
397
478
  end
398
479
 
480
+ # Request to get an Access Approval service account.
481
+ # @!attribute [rw] name
482
+ # @return [::String]
483
+ # Name of the AccessApprovalServiceAccount to retrieve.
484
+ class GetAccessApprovalServiceAccountMessage
485
+ include ::Google::Protobuf::MessageExts
486
+ extend ::Google::Protobuf::MessageExts::ClassMethods
487
+ end
488
+
399
489
  # Represents the type of enrollment for a given service to Access Approval.
400
490
  module EnrollmentLevel
401
491
  # Default value for proto, shouldn't be used.
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-cloud-access_approval-v1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.0
4
+ version: 0.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-02-16 00:00:00.000000000 Z
11
+ date: 2022-05-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gapic-common