google-cloud-access_approval-v1 0.5.0 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +5 -0
- data/lib/google/cloud/access_approval/v1/access_approval/client.rb +194 -0
- data/lib/google/cloud/access_approval/v1/version.rb +1 -1
- data/lib/google/cloud/access_approval/v1.rb +2 -0
- data/lib/google/cloud/accessapproval/v1/accessapproval_pb.rb +31 -1
- data/lib/google/cloud/accessapproval/v1/accessapproval_services_pb.rb +12 -0
- data/proto_docs/google/cloud/accessapproval/v1/accessapproval.rb +95 -5
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 39ee179d20badb6b1447d9218c5be243db4f3087881a20a0c8952c765519960f
|
4
|
+
data.tar.gz: bd3435892e9afe88ba7cfde44b8625d5c19cc754c46c9c7919636f762c284b68
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6acdc47e360b57314cd84832368471f415c7f5b40888313a96bd048d4a5efcecd2c735df5e0f2a72de53580b3d95d86bb0c9d0d459d0672fea71c666002a1fe0
|
7
|
+
data.tar.gz: 5b8900a860c9ddd2d06ac39c66b93e1e71eb40ed57e07c55229cec7b26bdc499d6424fed71ec332ab159282573de49531fb7364c194ea61128db644c5e45c83e
|
data/README.md
CHANGED
@@ -110,6 +110,8 @@ module Google
|
|
110
110
|
|
111
111
|
default_config.rpcs.dismiss_approval_request.timeout = 600.0
|
112
112
|
|
113
|
+
default_config.rpcs.invalidate_approval_request.timeout = 600.0
|
114
|
+
|
113
115
|
default_config.rpcs.get_access_approval_settings.timeout = 600.0
|
114
116
|
default_config.rpcs.get_access_approval_settings.retry_policy = {
|
115
117
|
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14]
|
@@ -582,6 +584,98 @@ module Google
|
|
582
584
|
raise ::Google::Cloud::Error.from_error(e)
|
583
585
|
end
|
584
586
|
|
587
|
+
##
|
588
|
+
# Invalidates an existing ApprovalRequest. Returns the updated
|
589
|
+
# ApprovalRequest.
|
590
|
+
#
|
591
|
+
# NOTE: This does not deny access to the resource if another request has been
|
592
|
+
# made and approved. It only invalidates a single approval.
|
593
|
+
#
|
594
|
+
# Returns FAILED_PRECONDITION if the request exists but is not in an approved
|
595
|
+
# state.
|
596
|
+
#
|
597
|
+
# @overload invalidate_approval_request(request, options = nil)
|
598
|
+
# Pass arguments to `invalidate_approval_request` via a request object, either of type
|
599
|
+
# {::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage} or an equivalent Hash.
|
600
|
+
#
|
601
|
+
# @param request [::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage, ::Hash]
|
602
|
+
# A request object representing the call parameters. Required. To specify no
|
603
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
604
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
605
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
606
|
+
#
|
607
|
+
# @overload invalidate_approval_request(name: nil)
|
608
|
+
# Pass arguments to `invalidate_approval_request` via keyword arguments. Note that at
|
609
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
610
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
611
|
+
#
|
612
|
+
# @param name [::String]
|
613
|
+
# Name of the ApprovalRequest to invalidate.
|
614
|
+
#
|
615
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
616
|
+
# @yieldparam response [::Google::Cloud::AccessApproval::V1::ApprovalRequest]
|
617
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
618
|
+
#
|
619
|
+
# @return [::Google::Cloud::AccessApproval::V1::ApprovalRequest]
|
620
|
+
#
|
621
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
622
|
+
#
|
623
|
+
# @example Basic example
|
624
|
+
# require "google/cloud/access_approval/v1"
|
625
|
+
#
|
626
|
+
# # Create a client object. The client can be reused for multiple calls.
|
627
|
+
# client = Google::Cloud::AccessApproval::V1::AccessApproval::Client.new
|
628
|
+
#
|
629
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
630
|
+
# request = Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage.new
|
631
|
+
#
|
632
|
+
# # Call the invalidate_approval_request method.
|
633
|
+
# result = client.invalidate_approval_request request
|
634
|
+
#
|
635
|
+
# # The returned object is of type Google::Cloud::AccessApproval::V1::ApprovalRequest.
|
636
|
+
# p result
|
637
|
+
#
|
638
|
+
def invalidate_approval_request request, options = nil
|
639
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
640
|
+
|
641
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage
|
642
|
+
|
643
|
+
# Converts hash and nil to an options object
|
644
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
645
|
+
|
646
|
+
# Customize the options with defaults
|
647
|
+
metadata = @config.rpcs.invalidate_approval_request.metadata.to_h
|
648
|
+
|
649
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
650
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
651
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
652
|
+
gapic_version: ::Google::Cloud::AccessApproval::V1::VERSION
|
653
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
654
|
+
|
655
|
+
header_params = {}
|
656
|
+
if request.name
|
657
|
+
header_params["name"] = request.name
|
658
|
+
end
|
659
|
+
|
660
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
661
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
662
|
+
|
663
|
+
options.apply_defaults timeout: @config.rpcs.invalidate_approval_request.timeout,
|
664
|
+
metadata: metadata,
|
665
|
+
retry_policy: @config.rpcs.invalidate_approval_request.retry_policy
|
666
|
+
|
667
|
+
options.apply_defaults timeout: @config.timeout,
|
668
|
+
metadata: @config.metadata,
|
669
|
+
retry_policy: @config.retry_policy
|
670
|
+
|
671
|
+
@access_approval_stub.call_rpc :invalidate_approval_request, request, options: options do |response, operation|
|
672
|
+
yield response, operation if block_given?
|
673
|
+
return response
|
674
|
+
end
|
675
|
+
rescue ::GRPC::BadStatus => e
|
676
|
+
raise ::Google::Cloud::Error.from_error(e)
|
677
|
+
end
|
678
|
+
|
585
679
|
##
|
586
680
|
# Gets the settings associated with a project, folder, or organization.
|
587
681
|
#
|
@@ -855,6 +949,92 @@ module Google
|
|
855
949
|
raise ::Google::Cloud::Error.from_error(e)
|
856
950
|
end
|
857
951
|
|
952
|
+
##
|
953
|
+
# Retrieves the service account that is used by Access Approval to access KMS
|
954
|
+
# keys for signing approved approval requests.
|
955
|
+
#
|
956
|
+
# @overload get_access_approval_service_account(request, options = nil)
|
957
|
+
# Pass arguments to `get_access_approval_service_account` via a request object, either of type
|
958
|
+
# {::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage} or an equivalent Hash.
|
959
|
+
#
|
960
|
+
# @param request [::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage, ::Hash]
|
961
|
+
# A request object representing the call parameters. Required. To specify no
|
962
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
963
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
964
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
965
|
+
#
|
966
|
+
# @overload get_access_approval_service_account(name: nil)
|
967
|
+
# Pass arguments to `get_access_approval_service_account` via keyword arguments. Note that at
|
968
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
969
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
970
|
+
#
|
971
|
+
# @param name [::String]
|
972
|
+
# Name of the AccessApprovalServiceAccount to retrieve.
|
973
|
+
#
|
974
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
975
|
+
# @yieldparam response [::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount]
|
976
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
977
|
+
#
|
978
|
+
# @return [::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount]
|
979
|
+
#
|
980
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
981
|
+
#
|
982
|
+
# @example Basic example
|
983
|
+
# require "google/cloud/access_approval/v1"
|
984
|
+
#
|
985
|
+
# # Create a client object. The client can be reused for multiple calls.
|
986
|
+
# client = Google::Cloud::AccessApproval::V1::AccessApproval::Client.new
|
987
|
+
#
|
988
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
989
|
+
# request = Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage.new
|
990
|
+
#
|
991
|
+
# # Call the get_access_approval_service_account method.
|
992
|
+
# result = client.get_access_approval_service_account request
|
993
|
+
#
|
994
|
+
# # The returned object is of type Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount.
|
995
|
+
# p result
|
996
|
+
#
|
997
|
+
def get_access_approval_service_account request, options = nil
|
998
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
999
|
+
|
1000
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage
|
1001
|
+
|
1002
|
+
# Converts hash and nil to an options object
|
1003
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
1004
|
+
|
1005
|
+
# Customize the options with defaults
|
1006
|
+
metadata = @config.rpcs.get_access_approval_service_account.metadata.to_h
|
1007
|
+
|
1008
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
1009
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
1010
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
1011
|
+
gapic_version: ::Google::Cloud::AccessApproval::V1::VERSION
|
1012
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
1013
|
+
|
1014
|
+
header_params = {}
|
1015
|
+
if request.name
|
1016
|
+
header_params["name"] = request.name
|
1017
|
+
end
|
1018
|
+
|
1019
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
1020
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
1021
|
+
|
1022
|
+
options.apply_defaults timeout: @config.rpcs.get_access_approval_service_account.timeout,
|
1023
|
+
metadata: metadata,
|
1024
|
+
retry_policy: @config.rpcs.get_access_approval_service_account.retry_policy
|
1025
|
+
|
1026
|
+
options.apply_defaults timeout: @config.timeout,
|
1027
|
+
metadata: @config.metadata,
|
1028
|
+
retry_policy: @config.retry_policy
|
1029
|
+
|
1030
|
+
@access_approval_stub.call_rpc :get_access_approval_service_account, request, options: options do |response, operation|
|
1031
|
+
yield response, operation if block_given?
|
1032
|
+
return response
|
1033
|
+
end
|
1034
|
+
rescue ::GRPC::BadStatus => e
|
1035
|
+
raise ::Google::Cloud::Error.from_error(e)
|
1036
|
+
end
|
1037
|
+
|
858
1038
|
##
|
859
1039
|
# Configuration class for the AccessApproval API.
|
860
1040
|
#
|
@@ -1011,6 +1191,11 @@ module Google
|
|
1011
1191
|
#
|
1012
1192
|
attr_reader :dismiss_approval_request
|
1013
1193
|
##
|
1194
|
+
# RPC-specific configuration for `invalidate_approval_request`
|
1195
|
+
# @return [::Gapic::Config::Method]
|
1196
|
+
#
|
1197
|
+
attr_reader :invalidate_approval_request
|
1198
|
+
##
|
1014
1199
|
# RPC-specific configuration for `get_access_approval_settings`
|
1015
1200
|
# @return [::Gapic::Config::Method]
|
1016
1201
|
#
|
@@ -1025,6 +1210,11 @@ module Google
|
|
1025
1210
|
# @return [::Gapic::Config::Method]
|
1026
1211
|
#
|
1027
1212
|
attr_reader :delete_access_approval_settings
|
1213
|
+
##
|
1214
|
+
# RPC-specific configuration for `get_access_approval_service_account`
|
1215
|
+
# @return [::Gapic::Config::Method]
|
1216
|
+
#
|
1217
|
+
attr_reader :get_access_approval_service_account
|
1028
1218
|
|
1029
1219
|
# @private
|
1030
1220
|
def initialize parent_rpcs = nil
|
@@ -1036,12 +1226,16 @@ module Google
|
|
1036
1226
|
@approve_approval_request = ::Gapic::Config::Method.new approve_approval_request_config
|
1037
1227
|
dismiss_approval_request_config = parent_rpcs.dismiss_approval_request if parent_rpcs.respond_to? :dismiss_approval_request
|
1038
1228
|
@dismiss_approval_request = ::Gapic::Config::Method.new dismiss_approval_request_config
|
1229
|
+
invalidate_approval_request_config = parent_rpcs.invalidate_approval_request if parent_rpcs.respond_to? :invalidate_approval_request
|
1230
|
+
@invalidate_approval_request = ::Gapic::Config::Method.new invalidate_approval_request_config
|
1039
1231
|
get_access_approval_settings_config = parent_rpcs.get_access_approval_settings if parent_rpcs.respond_to? :get_access_approval_settings
|
1040
1232
|
@get_access_approval_settings = ::Gapic::Config::Method.new get_access_approval_settings_config
|
1041
1233
|
update_access_approval_settings_config = parent_rpcs.update_access_approval_settings if parent_rpcs.respond_to? :update_access_approval_settings
|
1042
1234
|
@update_access_approval_settings = ::Gapic::Config::Method.new update_access_approval_settings_config
|
1043
1235
|
delete_access_approval_settings_config = parent_rpcs.delete_access_approval_settings if parent_rpcs.respond_to? :delete_access_approval_settings
|
1044
1236
|
@delete_access_approval_settings = ::Gapic::Config::Method.new delete_access_approval_settings_config
|
1237
|
+
get_access_approval_service_account_config = parent_rpcs.get_access_approval_service_account if parent_rpcs.respond_to? :get_access_approval_service_account
|
1238
|
+
@get_access_approval_service_account = ::Gapic::Config::Method.new get_access_approval_service_account_config
|
1045
1239
|
|
1046
1240
|
yield self if block_given?
|
1047
1241
|
end
|
@@ -1,6 +1,8 @@
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
2
|
# source: google/cloud/accessapproval/v1/accessapproval.proto
|
3
3
|
|
4
|
+
require 'google/protobuf'
|
5
|
+
|
4
6
|
require 'google/api/annotations_pb'
|
5
7
|
require 'google/api/client_pb'
|
6
8
|
require 'google/api/field_behavior_pb'
|
@@ -8,7 +10,6 @@ require 'google/api/resource_pb'
|
|
8
10
|
require 'google/protobuf/empty_pb'
|
9
11
|
require 'google/protobuf/field_mask_pb'
|
10
12
|
require 'google/protobuf/timestamp_pb'
|
11
|
-
require 'google/protobuf'
|
12
13
|
|
13
14
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
14
15
|
add_file("google/cloud/accessapproval/v1/accessapproval.proto", :syntax => :proto3) do
|
@@ -25,10 +26,22 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
25
26
|
value :CUSTOMER_INITIATED_SUPPORT, 1
|
26
27
|
value :GOOGLE_INITIATED_SERVICE, 2
|
27
28
|
value :GOOGLE_INITIATED_REVIEW, 3
|
29
|
+
value :THIRD_PARTY_DATA_REQUEST, 4
|
30
|
+
value :GOOGLE_RESPONSE_TO_PRODUCTION_ALERT, 5
|
31
|
+
end
|
32
|
+
add_message "google.cloud.accessapproval.v1.SignatureInfo" do
|
33
|
+
optional :signature, :bytes, 1
|
34
|
+
oneof :verification_info do
|
35
|
+
optional :google_public_key_pem, :string, 2
|
36
|
+
optional :customer_kms_key_version, :string, 3
|
37
|
+
end
|
28
38
|
end
|
29
39
|
add_message "google.cloud.accessapproval.v1.ApproveDecision" do
|
30
40
|
optional :approve_time, :message, 1, "google.protobuf.Timestamp"
|
31
41
|
optional :expire_time, :message, 2, "google.protobuf.Timestamp"
|
42
|
+
optional :invalidate_time, :message, 3, "google.protobuf.Timestamp"
|
43
|
+
optional :signature_info, :message, 4, "google.cloud.accessapproval.v1.SignatureInfo"
|
44
|
+
optional :auto_approved, :bool, 5
|
32
45
|
end
|
33
46
|
add_message "google.cloud.accessapproval.v1.DismissDecision" do
|
34
47
|
optional :dismiss_time, :message, 1, "google.protobuf.Timestamp"
|
@@ -59,6 +72,13 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
59
72
|
repeated :notification_emails, :string, 2
|
60
73
|
repeated :enrolled_services, :message, 3, "google.cloud.accessapproval.v1.EnrolledService"
|
61
74
|
optional :enrolled_ancestor, :bool, 4
|
75
|
+
optional :active_key_version, :string, 6
|
76
|
+
optional :ancestor_has_active_key_version, :bool, 7
|
77
|
+
optional :invalid_key_version, :bool, 8
|
78
|
+
end
|
79
|
+
add_message "google.cloud.accessapproval.v1.AccessApprovalServiceAccount" do
|
80
|
+
optional :name, :string, 1
|
81
|
+
optional :account_email, :string, 2
|
62
82
|
end
|
63
83
|
add_message "google.cloud.accessapproval.v1.ListApprovalRequestsMessage" do
|
64
84
|
optional :parent, :string, 1
|
@@ -80,6 +100,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
80
100
|
add_message "google.cloud.accessapproval.v1.DismissApprovalRequestMessage" do
|
81
101
|
optional :name, :string, 1
|
82
102
|
end
|
103
|
+
add_message "google.cloud.accessapproval.v1.InvalidateApprovalRequestMessage" do
|
104
|
+
optional :name, :string, 1
|
105
|
+
end
|
83
106
|
add_message "google.cloud.accessapproval.v1.GetAccessApprovalSettingsMessage" do
|
84
107
|
optional :name, :string, 1
|
85
108
|
end
|
@@ -90,6 +113,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
90
113
|
add_message "google.cloud.accessapproval.v1.DeleteAccessApprovalSettingsMessage" do
|
91
114
|
optional :name, :string, 1
|
92
115
|
end
|
116
|
+
add_message "google.cloud.accessapproval.v1.GetAccessApprovalServiceAccountMessage" do
|
117
|
+
optional :name, :string, 1
|
118
|
+
end
|
93
119
|
add_enum "google.cloud.accessapproval.v1.EnrollmentLevel" do
|
94
120
|
value :ENROLLMENT_LEVEL_UNSPECIFIED, 0
|
95
121
|
value :BLOCK_ALL, 1
|
@@ -104,20 +130,24 @@ module Google
|
|
104
130
|
AccessLocations = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessLocations").msgclass
|
105
131
|
AccessReason = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessReason").msgclass
|
106
132
|
AccessReason::Type = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessReason.Type").enummodule
|
133
|
+
SignatureInfo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.SignatureInfo").msgclass
|
107
134
|
ApproveDecision = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApproveDecision").msgclass
|
108
135
|
DismissDecision = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DismissDecision").msgclass
|
109
136
|
ResourceProperties = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ResourceProperties").msgclass
|
110
137
|
ApprovalRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApprovalRequest").msgclass
|
111
138
|
EnrolledService = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.EnrolledService").msgclass
|
112
139
|
AccessApprovalSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessApprovalSettings").msgclass
|
140
|
+
AccessApprovalServiceAccount = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessApprovalServiceAccount").msgclass
|
113
141
|
ListApprovalRequestsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ListApprovalRequestsMessage").msgclass
|
114
142
|
ListApprovalRequestsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ListApprovalRequestsResponse").msgclass
|
115
143
|
GetApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetApprovalRequestMessage").msgclass
|
116
144
|
ApproveApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApproveApprovalRequestMessage").msgclass
|
117
145
|
DismissApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DismissApprovalRequestMessage").msgclass
|
146
|
+
InvalidateApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.InvalidateApprovalRequestMessage").msgclass
|
118
147
|
GetAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetAccessApprovalSettingsMessage").msgclass
|
119
148
|
UpdateAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.UpdateAccessApprovalSettingsMessage").msgclass
|
120
149
|
DeleteAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DeleteAccessApprovalSettingsMessage").msgclass
|
150
|
+
GetAccessApprovalServiceAccountMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetAccessApprovalServiceAccountMessage").msgclass
|
121
151
|
EnrollmentLevel = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.EnrollmentLevel").enummodule
|
122
152
|
end
|
123
153
|
end
|
@@ -87,6 +87,15 @@ module Google
|
|
87
87
|
# Returns FAILED_PRECONDITION if the request exists but is not in a pending
|
88
88
|
# state.
|
89
89
|
rpc :DismissApprovalRequest, ::Google::Cloud::AccessApproval::V1::DismissApprovalRequestMessage, ::Google::Cloud::AccessApproval::V1::ApprovalRequest
|
90
|
+
# Invalidates an existing ApprovalRequest. Returns the updated
|
91
|
+
# ApprovalRequest.
|
92
|
+
#
|
93
|
+
# NOTE: This does not deny access to the resource if another request has been
|
94
|
+
# made and approved. It only invalidates a single approval.
|
95
|
+
#
|
96
|
+
# Returns FAILED_PRECONDITION if the request exists but is not in an approved
|
97
|
+
# state.
|
98
|
+
rpc :InvalidateApprovalRequest, ::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage, ::Google::Cloud::AccessApproval::V1::ApprovalRequest
|
90
99
|
# Gets the settings associated with a project, folder, or organization.
|
91
100
|
rpc :GetAccessApprovalSettings, ::Google::Cloud::AccessApproval::V1::GetAccessApprovalSettingsMessage, ::Google::Cloud::AccessApproval::V1::AccessApprovalSettings
|
92
101
|
# Updates the settings associated with a project, folder, or organization.
|
@@ -99,6 +108,9 @@ module Google
|
|
99
108
|
# hierarchy, then Access Approval will still be enabled at this level as
|
100
109
|
# the settings are inherited.
|
101
110
|
rpc :DeleteAccessApprovalSettings, ::Google::Cloud::AccessApproval::V1::DeleteAccessApprovalSettingsMessage, ::Google::Protobuf::Empty
|
111
|
+
# Retrieves the service account that is used by Access Approval to access KMS
|
112
|
+
# keys for signing approved approval requests.
|
113
|
+
rpc :GetAccessApprovalServiceAccount, ::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage, ::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount
|
102
114
|
end
|
103
115
|
|
104
116
|
Stub = Service.rpc_stub_class
|
@@ -86,17 +86,43 @@ module Google
|
|
86
86
|
CUSTOMER_INITIATED_SUPPORT = 1
|
87
87
|
|
88
88
|
# The principal accessed customer data in order to diagnose or resolve a
|
89
|
-
# suspected issue in services
|
90
|
-
#
|
91
|
-
#
|
89
|
+
# suspected issue in services. Often this access is used to confirm that
|
90
|
+
# customers are not affected by a suspected service issue or to remediate a
|
91
|
+
# reversible system issue.
|
92
92
|
GOOGLE_INITIATED_SERVICE = 2
|
93
93
|
|
94
94
|
# Google initiated service for security, fraud, abuse, or compliance
|
95
95
|
# purposes.
|
96
96
|
GOOGLE_INITIATED_REVIEW = 3
|
97
|
+
|
98
|
+
# The principal was compelled to access customer data in order to respond
|
99
|
+
# to a legal third party data request or process, including legal processes
|
100
|
+
# from customers themselves.
|
101
|
+
THIRD_PARTY_DATA_REQUEST = 4
|
102
|
+
|
103
|
+
# The principal accessed customer data in order to diagnose or resolve a
|
104
|
+
# suspected issue in services or a known outage.
|
105
|
+
GOOGLE_RESPONSE_TO_PRODUCTION_ALERT = 5
|
97
106
|
end
|
98
107
|
end
|
99
108
|
|
109
|
+
# Information about the digital signature of the resource.
|
110
|
+
# @!attribute [rw] signature
|
111
|
+
# @return [::String]
|
112
|
+
# The digital signature.
|
113
|
+
# @!attribute [rw] google_public_key_pem
|
114
|
+
# @return [::String]
|
115
|
+
# The public key for the Google default signing, encoded in PEM format. The
|
116
|
+
# signature was created using a private key which may be verified using
|
117
|
+
# this public key.
|
118
|
+
# @!attribute [rw] customer_kms_key_version
|
119
|
+
# @return [::String]
|
120
|
+
# The resource name of the customer CryptoKeyVersion used for signing.
|
121
|
+
class SignatureInfo
|
122
|
+
include ::Google::Protobuf::MessageExts
|
123
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
124
|
+
end
|
125
|
+
|
100
126
|
# A decision that has been made to approve access to a resource.
|
101
127
|
# @!attribute [rw] approve_time
|
102
128
|
# @return [::Google::Protobuf::Timestamp]
|
@@ -104,6 +130,15 @@ module Google
|
|
104
130
|
# @!attribute [rw] expire_time
|
105
131
|
# @return [::Google::Protobuf::Timestamp]
|
106
132
|
# The time at which the approval expires.
|
133
|
+
# @!attribute [rw] invalidate_time
|
134
|
+
# @return [::Google::Protobuf::Timestamp]
|
135
|
+
# If set, denotes the timestamp at which the approval is invalidated.
|
136
|
+
# @!attribute [rw] signature_info
|
137
|
+
# @return [::Google::Cloud::AccessApproval::V1::SignatureInfo]
|
138
|
+
# The signature for the ApprovalRequest and details on how it was signed.
|
139
|
+
# @!attribute [rw] auto_approved
|
140
|
+
# @return [::Boolean]
|
141
|
+
# True when the request has been auto-approved.
|
107
142
|
class ApproveDecision
|
108
143
|
include ::Google::Protobuf::MessageExts
|
109
144
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -115,8 +150,8 @@ module Google
|
|
115
150
|
# The time at which the approval request was dismissed.
|
116
151
|
# @!attribute [rw] implicit
|
117
152
|
# @return [::Boolean]
|
118
|
-
# This field will be true if the ApprovalRequest was
|
119
|
-
#
|
153
|
+
# This field will be true if the ApprovalRequest was implicitly dismissed due
|
154
|
+
# to inaction by the access approval approvers (the request is not acted
|
120
155
|
# on by the approvers before the exiration time).
|
121
156
|
class DismissDecision
|
122
157
|
include ::Google::Protobuf::MessageExts
|
@@ -277,11 +312,48 @@ module Google
|
|
277
312
|
# indicates that at least one service is enrolled for Access Approval in one
|
278
313
|
# or more ancestors of the Project or Folder (this field will always be
|
279
314
|
# unset for the organization since organizations do not have ancestors).
|
315
|
+
# @!attribute [rw] active_key_version
|
316
|
+
# @return [::String]
|
317
|
+
# The asymmetric crypto key version to use for signing approval requests.
|
318
|
+
# Empty active_key_version indicates that a Google-managed key should be used
|
319
|
+
# for signing. This property will be ignored if set by an ancestor of this
|
320
|
+
# resource, and new non-empty values may not be set.
|
321
|
+
# @!attribute [r] ancestor_has_active_key_version
|
322
|
+
# @return [::Boolean]
|
323
|
+
# Output only. This field is read only (not settable via UpdateAccessApprovalSettings
|
324
|
+
# method). If the field is true, that indicates that an ancestor of this
|
325
|
+
# Project or Folder has set active_key_version (this field will always be
|
326
|
+
# unset for the organization since organizations do not have ancestors).
|
327
|
+
# @!attribute [r] invalid_key_version
|
328
|
+
# @return [::Boolean]
|
329
|
+
# Output only. This field is read only (not settable via UpdateAccessApprovalSettings
|
330
|
+
# method). If the field is true, that indicates that there is some
|
331
|
+
# configuration issue with the active_key_version configured at this level in
|
332
|
+
# the resource hierarchy (e.g. it doesn't exist or the Access Approval
|
333
|
+
# service account doesn't have the correct permissions on it, etc.) This key
|
334
|
+
# version is not necessarily the effective key version at this level, as key
|
335
|
+
# versions are inherited top-down.
|
280
336
|
class AccessApprovalSettings
|
281
337
|
include ::Google::Protobuf::MessageExts
|
282
338
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
283
339
|
end
|
284
340
|
|
341
|
+
# Access Approval service account related to a project/folder/organization.
|
342
|
+
# @!attribute [rw] name
|
343
|
+
# @return [::String]
|
344
|
+
# The resource name of the Access Approval service account. Format is one of:
|
345
|
+
#
|
346
|
+
# * "projects/\\{project}/serviceAccount"
|
347
|
+
# * "folders/\\{folder}/serviceAccount"
|
348
|
+
# * "organizations/\\{organization}/serviceAccount"
|
349
|
+
# @!attribute [rw] account_email
|
350
|
+
# @return [::String]
|
351
|
+
# Email address of the service account.
|
352
|
+
class AccessApprovalServiceAccount
|
353
|
+
include ::Google::Protobuf::MessageExts
|
354
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
355
|
+
end
|
356
|
+
|
285
357
|
# Request to list approval requests.
|
286
358
|
# @!attribute [rw] parent
|
287
359
|
# @return [::String]
|
@@ -356,6 +428,15 @@ module Google
|
|
356
428
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
357
429
|
end
|
358
430
|
|
431
|
+
# Request to invalidate an existing approval.
|
432
|
+
# @!attribute [rw] name
|
433
|
+
# @return [::String]
|
434
|
+
# Name of the ApprovalRequest to invalidate.
|
435
|
+
class InvalidateApprovalRequestMessage
|
436
|
+
include ::Google::Protobuf::MessageExts
|
437
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
438
|
+
end
|
439
|
+
|
359
440
|
# Request to get access approval settings.
|
360
441
|
# @!attribute [rw] name
|
361
442
|
# @return [::String]
|
@@ -396,6 +477,15 @@ module Google
|
|
396
477
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
397
478
|
end
|
398
479
|
|
480
|
+
# Request to get an Access Approval service account.
|
481
|
+
# @!attribute [rw] name
|
482
|
+
# @return [::String]
|
483
|
+
# Name of the AccessApprovalServiceAccount to retrieve.
|
484
|
+
class GetAccessApprovalServiceAccountMessage
|
485
|
+
include ::Google::Protobuf::MessageExts
|
486
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
487
|
+
end
|
488
|
+
|
399
489
|
# Represents the type of enrollment for a given service to Access Approval.
|
400
490
|
module EnrollmentLevel
|
401
491
|
# Default value for proto, shouldn't be used.
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-access_approval-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.6.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-05-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|