google-cloud-access_approval-v1 0.5.0 → 0.7.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +10 -5
- data/lib/google/cloud/access_approval/v1/access_approval/client.rb +194 -0
- data/lib/google/cloud/access_approval/v1/version.rb +1 -1
- data/lib/google/cloud/access_approval/v1.rb +2 -0
- data/lib/google/cloud/accessapproval/v1/accessapproval_pb.rb +31 -1
- data/lib/google/cloud/accessapproval/v1/accessapproval_services_pb.rb +12 -0
- data/proto_docs/google/cloud/accessapproval/v1/accessapproval.rb +99 -5
- data/proto_docs/google/protobuf/empty.rb +0 -2
- metadata +12 -12
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2c98c5f42f5e02714a19fb3867b21e0b2978a1ac81ba8d1f65967bbb7d8cdf52
|
4
|
+
data.tar.gz: 1c474c7dcff8e026b9823ab3eb2a66195ab419f77e8b084c1bd4f8c3be7b07f4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5ce07823dd31fcfec545863c19792ba4eb43c164461f7005484ad059ad2bd86e956becf2c04e1e0b823ed544ecd1d66bac6f38c642fb84fc4467c63c3e19e406
|
7
|
+
data.tar.gz: c837440514fea5998f35ae4238ac34916592878a0d1e8532a352b1a4e245c886742943ab8f10043994465ae44981972f8a39c1afa12f296bdb7c22adc51b2d82
|
data/README.md
CHANGED
@@ -69,16 +69,21 @@ module GRPC
|
|
69
69
|
end
|
70
70
|
```
|
71
71
|
|
72
|
+
|
73
|
+
## Google Cloud Samples
|
74
|
+
|
75
|
+
To browse ready to use code samples check [Google Cloud Samples](https://cloud.google.com/docs/samples).
|
76
|
+
|
72
77
|
## Supported Ruby Versions
|
73
78
|
|
74
|
-
This library is supported on Ruby 2.
|
79
|
+
This library is supported on Ruby 2.6+.
|
75
80
|
|
76
81
|
Google provides official support for Ruby versions that are actively supported
|
77
82
|
by Ruby Core—that is, Ruby versions that are either in normal maintenance or
|
78
|
-
in security maintenance, and not end of life.
|
79
|
-
|
80
|
-
|
81
|
-
|
83
|
+
in security maintenance, and not end of life. Older versions of Ruby _may_
|
84
|
+
still work, but are unsupported and not recommended. See
|
85
|
+
https://www.ruby-lang.org/en/downloads/branches/ for details about the Ruby
|
86
|
+
support schedule.
|
82
87
|
|
83
88
|
## Which client should I use?
|
84
89
|
|
@@ -110,6 +110,8 @@ module Google
|
|
110
110
|
|
111
111
|
default_config.rpcs.dismiss_approval_request.timeout = 600.0
|
112
112
|
|
113
|
+
default_config.rpcs.invalidate_approval_request.timeout = 600.0
|
114
|
+
|
113
115
|
default_config.rpcs.get_access_approval_settings.timeout = 600.0
|
114
116
|
default_config.rpcs.get_access_approval_settings.retry_policy = {
|
115
117
|
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14]
|
@@ -582,6 +584,98 @@ module Google
|
|
582
584
|
raise ::Google::Cloud::Error.from_error(e)
|
583
585
|
end
|
584
586
|
|
587
|
+
##
|
588
|
+
# Invalidates an existing ApprovalRequest. Returns the updated
|
589
|
+
# ApprovalRequest.
|
590
|
+
#
|
591
|
+
# NOTE: This does not deny access to the resource if another request has been
|
592
|
+
# made and approved. It only invalidates a single approval.
|
593
|
+
#
|
594
|
+
# Returns FAILED_PRECONDITION if the request exists but is not in an approved
|
595
|
+
# state.
|
596
|
+
#
|
597
|
+
# @overload invalidate_approval_request(request, options = nil)
|
598
|
+
# Pass arguments to `invalidate_approval_request` via a request object, either of type
|
599
|
+
# {::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage} or an equivalent Hash.
|
600
|
+
#
|
601
|
+
# @param request [::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage, ::Hash]
|
602
|
+
# A request object representing the call parameters. Required. To specify no
|
603
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
604
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
605
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
606
|
+
#
|
607
|
+
# @overload invalidate_approval_request(name: nil)
|
608
|
+
# Pass arguments to `invalidate_approval_request` via keyword arguments. Note that at
|
609
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
610
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
611
|
+
#
|
612
|
+
# @param name [::String]
|
613
|
+
# Name of the ApprovalRequest to invalidate.
|
614
|
+
#
|
615
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
616
|
+
# @yieldparam response [::Google::Cloud::AccessApproval::V1::ApprovalRequest]
|
617
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
618
|
+
#
|
619
|
+
# @return [::Google::Cloud::AccessApproval::V1::ApprovalRequest]
|
620
|
+
#
|
621
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
622
|
+
#
|
623
|
+
# @example Basic example
|
624
|
+
# require "google/cloud/access_approval/v1"
|
625
|
+
#
|
626
|
+
# # Create a client object. The client can be reused for multiple calls.
|
627
|
+
# client = Google::Cloud::AccessApproval::V1::AccessApproval::Client.new
|
628
|
+
#
|
629
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
630
|
+
# request = Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage.new
|
631
|
+
#
|
632
|
+
# # Call the invalidate_approval_request method.
|
633
|
+
# result = client.invalidate_approval_request request
|
634
|
+
#
|
635
|
+
# # The returned object is of type Google::Cloud::AccessApproval::V1::ApprovalRequest.
|
636
|
+
# p result
|
637
|
+
#
|
638
|
+
def invalidate_approval_request request, options = nil
|
639
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
640
|
+
|
641
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage
|
642
|
+
|
643
|
+
# Converts hash and nil to an options object
|
644
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
645
|
+
|
646
|
+
# Customize the options with defaults
|
647
|
+
metadata = @config.rpcs.invalidate_approval_request.metadata.to_h
|
648
|
+
|
649
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
650
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
651
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
652
|
+
gapic_version: ::Google::Cloud::AccessApproval::V1::VERSION
|
653
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
654
|
+
|
655
|
+
header_params = {}
|
656
|
+
if request.name
|
657
|
+
header_params["name"] = request.name
|
658
|
+
end
|
659
|
+
|
660
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
661
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
662
|
+
|
663
|
+
options.apply_defaults timeout: @config.rpcs.invalidate_approval_request.timeout,
|
664
|
+
metadata: metadata,
|
665
|
+
retry_policy: @config.rpcs.invalidate_approval_request.retry_policy
|
666
|
+
|
667
|
+
options.apply_defaults timeout: @config.timeout,
|
668
|
+
metadata: @config.metadata,
|
669
|
+
retry_policy: @config.retry_policy
|
670
|
+
|
671
|
+
@access_approval_stub.call_rpc :invalidate_approval_request, request, options: options do |response, operation|
|
672
|
+
yield response, operation if block_given?
|
673
|
+
return response
|
674
|
+
end
|
675
|
+
rescue ::GRPC::BadStatus => e
|
676
|
+
raise ::Google::Cloud::Error.from_error(e)
|
677
|
+
end
|
678
|
+
|
585
679
|
##
|
586
680
|
# Gets the settings associated with a project, folder, or organization.
|
587
681
|
#
|
@@ -855,6 +949,92 @@ module Google
|
|
855
949
|
raise ::Google::Cloud::Error.from_error(e)
|
856
950
|
end
|
857
951
|
|
952
|
+
##
|
953
|
+
# Retrieves the service account that is used by Access Approval to access KMS
|
954
|
+
# keys for signing approved approval requests.
|
955
|
+
#
|
956
|
+
# @overload get_access_approval_service_account(request, options = nil)
|
957
|
+
# Pass arguments to `get_access_approval_service_account` via a request object, either of type
|
958
|
+
# {::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage} or an equivalent Hash.
|
959
|
+
#
|
960
|
+
# @param request [::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage, ::Hash]
|
961
|
+
# A request object representing the call parameters. Required. To specify no
|
962
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
963
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
964
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
965
|
+
#
|
966
|
+
# @overload get_access_approval_service_account(name: nil)
|
967
|
+
# Pass arguments to `get_access_approval_service_account` via keyword arguments. Note that at
|
968
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
969
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
970
|
+
#
|
971
|
+
# @param name [::String]
|
972
|
+
# Name of the AccessApprovalServiceAccount to retrieve.
|
973
|
+
#
|
974
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
975
|
+
# @yieldparam response [::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount]
|
976
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
977
|
+
#
|
978
|
+
# @return [::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount]
|
979
|
+
#
|
980
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
981
|
+
#
|
982
|
+
# @example Basic example
|
983
|
+
# require "google/cloud/access_approval/v1"
|
984
|
+
#
|
985
|
+
# # Create a client object. The client can be reused for multiple calls.
|
986
|
+
# client = Google::Cloud::AccessApproval::V1::AccessApproval::Client.new
|
987
|
+
#
|
988
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
989
|
+
# request = Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage.new
|
990
|
+
#
|
991
|
+
# # Call the get_access_approval_service_account method.
|
992
|
+
# result = client.get_access_approval_service_account request
|
993
|
+
#
|
994
|
+
# # The returned object is of type Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount.
|
995
|
+
# p result
|
996
|
+
#
|
997
|
+
def get_access_approval_service_account request, options = nil
|
998
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
999
|
+
|
1000
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage
|
1001
|
+
|
1002
|
+
# Converts hash and nil to an options object
|
1003
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
1004
|
+
|
1005
|
+
# Customize the options with defaults
|
1006
|
+
metadata = @config.rpcs.get_access_approval_service_account.metadata.to_h
|
1007
|
+
|
1008
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
1009
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
1010
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
1011
|
+
gapic_version: ::Google::Cloud::AccessApproval::V1::VERSION
|
1012
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
1013
|
+
|
1014
|
+
header_params = {}
|
1015
|
+
if request.name
|
1016
|
+
header_params["name"] = request.name
|
1017
|
+
end
|
1018
|
+
|
1019
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
1020
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
1021
|
+
|
1022
|
+
options.apply_defaults timeout: @config.rpcs.get_access_approval_service_account.timeout,
|
1023
|
+
metadata: metadata,
|
1024
|
+
retry_policy: @config.rpcs.get_access_approval_service_account.retry_policy
|
1025
|
+
|
1026
|
+
options.apply_defaults timeout: @config.timeout,
|
1027
|
+
metadata: @config.metadata,
|
1028
|
+
retry_policy: @config.retry_policy
|
1029
|
+
|
1030
|
+
@access_approval_stub.call_rpc :get_access_approval_service_account, request, options: options do |response, operation|
|
1031
|
+
yield response, operation if block_given?
|
1032
|
+
return response
|
1033
|
+
end
|
1034
|
+
rescue ::GRPC::BadStatus => e
|
1035
|
+
raise ::Google::Cloud::Error.from_error(e)
|
1036
|
+
end
|
1037
|
+
|
858
1038
|
##
|
859
1039
|
# Configuration class for the AccessApproval API.
|
860
1040
|
#
|
@@ -1011,6 +1191,11 @@ module Google
|
|
1011
1191
|
#
|
1012
1192
|
attr_reader :dismiss_approval_request
|
1013
1193
|
##
|
1194
|
+
# RPC-specific configuration for `invalidate_approval_request`
|
1195
|
+
# @return [::Gapic::Config::Method]
|
1196
|
+
#
|
1197
|
+
attr_reader :invalidate_approval_request
|
1198
|
+
##
|
1014
1199
|
# RPC-specific configuration for `get_access_approval_settings`
|
1015
1200
|
# @return [::Gapic::Config::Method]
|
1016
1201
|
#
|
@@ -1025,6 +1210,11 @@ module Google
|
|
1025
1210
|
# @return [::Gapic::Config::Method]
|
1026
1211
|
#
|
1027
1212
|
attr_reader :delete_access_approval_settings
|
1213
|
+
##
|
1214
|
+
# RPC-specific configuration for `get_access_approval_service_account`
|
1215
|
+
# @return [::Gapic::Config::Method]
|
1216
|
+
#
|
1217
|
+
attr_reader :get_access_approval_service_account
|
1028
1218
|
|
1029
1219
|
# @private
|
1030
1220
|
def initialize parent_rpcs = nil
|
@@ -1036,12 +1226,16 @@ module Google
|
|
1036
1226
|
@approve_approval_request = ::Gapic::Config::Method.new approve_approval_request_config
|
1037
1227
|
dismiss_approval_request_config = parent_rpcs.dismiss_approval_request if parent_rpcs.respond_to? :dismiss_approval_request
|
1038
1228
|
@dismiss_approval_request = ::Gapic::Config::Method.new dismiss_approval_request_config
|
1229
|
+
invalidate_approval_request_config = parent_rpcs.invalidate_approval_request if parent_rpcs.respond_to? :invalidate_approval_request
|
1230
|
+
@invalidate_approval_request = ::Gapic::Config::Method.new invalidate_approval_request_config
|
1039
1231
|
get_access_approval_settings_config = parent_rpcs.get_access_approval_settings if parent_rpcs.respond_to? :get_access_approval_settings
|
1040
1232
|
@get_access_approval_settings = ::Gapic::Config::Method.new get_access_approval_settings_config
|
1041
1233
|
update_access_approval_settings_config = parent_rpcs.update_access_approval_settings if parent_rpcs.respond_to? :update_access_approval_settings
|
1042
1234
|
@update_access_approval_settings = ::Gapic::Config::Method.new update_access_approval_settings_config
|
1043
1235
|
delete_access_approval_settings_config = parent_rpcs.delete_access_approval_settings if parent_rpcs.respond_to? :delete_access_approval_settings
|
1044
1236
|
@delete_access_approval_settings = ::Gapic::Config::Method.new delete_access_approval_settings_config
|
1237
|
+
get_access_approval_service_account_config = parent_rpcs.get_access_approval_service_account if parent_rpcs.respond_to? :get_access_approval_service_account
|
1238
|
+
@get_access_approval_service_account = ::Gapic::Config::Method.new get_access_approval_service_account_config
|
1045
1239
|
|
1046
1240
|
yield self if block_given?
|
1047
1241
|
end
|
@@ -1,6 +1,8 @@
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
2
|
# source: google/cloud/accessapproval/v1/accessapproval.proto
|
3
3
|
|
4
|
+
require 'google/protobuf'
|
5
|
+
|
4
6
|
require 'google/api/annotations_pb'
|
5
7
|
require 'google/api/client_pb'
|
6
8
|
require 'google/api/field_behavior_pb'
|
@@ -8,7 +10,6 @@ require 'google/api/resource_pb'
|
|
8
10
|
require 'google/protobuf/empty_pb'
|
9
11
|
require 'google/protobuf/field_mask_pb'
|
10
12
|
require 'google/protobuf/timestamp_pb'
|
11
|
-
require 'google/protobuf'
|
12
13
|
|
13
14
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
14
15
|
add_file("google/cloud/accessapproval/v1/accessapproval.proto", :syntax => :proto3) do
|
@@ -25,10 +26,22 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
25
26
|
value :CUSTOMER_INITIATED_SUPPORT, 1
|
26
27
|
value :GOOGLE_INITIATED_SERVICE, 2
|
27
28
|
value :GOOGLE_INITIATED_REVIEW, 3
|
29
|
+
value :THIRD_PARTY_DATA_REQUEST, 4
|
30
|
+
value :GOOGLE_RESPONSE_TO_PRODUCTION_ALERT, 5
|
31
|
+
end
|
32
|
+
add_message "google.cloud.accessapproval.v1.SignatureInfo" do
|
33
|
+
optional :signature, :bytes, 1
|
34
|
+
oneof :verification_info do
|
35
|
+
optional :google_public_key_pem, :string, 2
|
36
|
+
optional :customer_kms_key_version, :string, 3
|
37
|
+
end
|
28
38
|
end
|
29
39
|
add_message "google.cloud.accessapproval.v1.ApproveDecision" do
|
30
40
|
optional :approve_time, :message, 1, "google.protobuf.Timestamp"
|
31
41
|
optional :expire_time, :message, 2, "google.protobuf.Timestamp"
|
42
|
+
optional :invalidate_time, :message, 3, "google.protobuf.Timestamp"
|
43
|
+
optional :signature_info, :message, 4, "google.cloud.accessapproval.v1.SignatureInfo"
|
44
|
+
optional :auto_approved, :bool, 5
|
32
45
|
end
|
33
46
|
add_message "google.cloud.accessapproval.v1.DismissDecision" do
|
34
47
|
optional :dismiss_time, :message, 1, "google.protobuf.Timestamp"
|
@@ -59,6 +72,13 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
59
72
|
repeated :notification_emails, :string, 2
|
60
73
|
repeated :enrolled_services, :message, 3, "google.cloud.accessapproval.v1.EnrolledService"
|
61
74
|
optional :enrolled_ancestor, :bool, 4
|
75
|
+
optional :active_key_version, :string, 6
|
76
|
+
optional :ancestor_has_active_key_version, :bool, 7
|
77
|
+
optional :invalid_key_version, :bool, 8
|
78
|
+
end
|
79
|
+
add_message "google.cloud.accessapproval.v1.AccessApprovalServiceAccount" do
|
80
|
+
optional :name, :string, 1
|
81
|
+
optional :account_email, :string, 2
|
62
82
|
end
|
63
83
|
add_message "google.cloud.accessapproval.v1.ListApprovalRequestsMessage" do
|
64
84
|
optional :parent, :string, 1
|
@@ -80,6 +100,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
80
100
|
add_message "google.cloud.accessapproval.v1.DismissApprovalRequestMessage" do
|
81
101
|
optional :name, :string, 1
|
82
102
|
end
|
103
|
+
add_message "google.cloud.accessapproval.v1.InvalidateApprovalRequestMessage" do
|
104
|
+
optional :name, :string, 1
|
105
|
+
end
|
83
106
|
add_message "google.cloud.accessapproval.v1.GetAccessApprovalSettingsMessage" do
|
84
107
|
optional :name, :string, 1
|
85
108
|
end
|
@@ -90,6 +113,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
90
113
|
add_message "google.cloud.accessapproval.v1.DeleteAccessApprovalSettingsMessage" do
|
91
114
|
optional :name, :string, 1
|
92
115
|
end
|
116
|
+
add_message "google.cloud.accessapproval.v1.GetAccessApprovalServiceAccountMessage" do
|
117
|
+
optional :name, :string, 1
|
118
|
+
end
|
93
119
|
add_enum "google.cloud.accessapproval.v1.EnrollmentLevel" do
|
94
120
|
value :ENROLLMENT_LEVEL_UNSPECIFIED, 0
|
95
121
|
value :BLOCK_ALL, 1
|
@@ -104,20 +130,24 @@ module Google
|
|
104
130
|
AccessLocations = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessLocations").msgclass
|
105
131
|
AccessReason = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessReason").msgclass
|
106
132
|
AccessReason::Type = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessReason.Type").enummodule
|
133
|
+
SignatureInfo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.SignatureInfo").msgclass
|
107
134
|
ApproveDecision = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApproveDecision").msgclass
|
108
135
|
DismissDecision = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DismissDecision").msgclass
|
109
136
|
ResourceProperties = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ResourceProperties").msgclass
|
110
137
|
ApprovalRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApprovalRequest").msgclass
|
111
138
|
EnrolledService = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.EnrolledService").msgclass
|
112
139
|
AccessApprovalSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessApprovalSettings").msgclass
|
140
|
+
AccessApprovalServiceAccount = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.AccessApprovalServiceAccount").msgclass
|
113
141
|
ListApprovalRequestsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ListApprovalRequestsMessage").msgclass
|
114
142
|
ListApprovalRequestsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ListApprovalRequestsResponse").msgclass
|
115
143
|
GetApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetApprovalRequestMessage").msgclass
|
116
144
|
ApproveApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.ApproveApprovalRequestMessage").msgclass
|
117
145
|
DismissApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DismissApprovalRequestMessage").msgclass
|
146
|
+
InvalidateApprovalRequestMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.InvalidateApprovalRequestMessage").msgclass
|
118
147
|
GetAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetAccessApprovalSettingsMessage").msgclass
|
119
148
|
UpdateAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.UpdateAccessApprovalSettingsMessage").msgclass
|
120
149
|
DeleteAccessApprovalSettingsMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.DeleteAccessApprovalSettingsMessage").msgclass
|
150
|
+
GetAccessApprovalServiceAccountMessage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.GetAccessApprovalServiceAccountMessage").msgclass
|
121
151
|
EnrollmentLevel = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.accessapproval.v1.EnrollmentLevel").enummodule
|
122
152
|
end
|
123
153
|
end
|
@@ -87,6 +87,15 @@ module Google
|
|
87
87
|
# Returns FAILED_PRECONDITION if the request exists but is not in a pending
|
88
88
|
# state.
|
89
89
|
rpc :DismissApprovalRequest, ::Google::Cloud::AccessApproval::V1::DismissApprovalRequestMessage, ::Google::Cloud::AccessApproval::V1::ApprovalRequest
|
90
|
+
# Invalidates an existing ApprovalRequest. Returns the updated
|
91
|
+
# ApprovalRequest.
|
92
|
+
#
|
93
|
+
# NOTE: This does not deny access to the resource if another request has been
|
94
|
+
# made and approved. It only invalidates a single approval.
|
95
|
+
#
|
96
|
+
# Returns FAILED_PRECONDITION if the request exists but is not in an approved
|
97
|
+
# state.
|
98
|
+
rpc :InvalidateApprovalRequest, ::Google::Cloud::AccessApproval::V1::InvalidateApprovalRequestMessage, ::Google::Cloud::AccessApproval::V1::ApprovalRequest
|
90
99
|
# Gets the settings associated with a project, folder, or organization.
|
91
100
|
rpc :GetAccessApprovalSettings, ::Google::Cloud::AccessApproval::V1::GetAccessApprovalSettingsMessage, ::Google::Cloud::AccessApproval::V1::AccessApprovalSettings
|
92
101
|
# Updates the settings associated with a project, folder, or organization.
|
@@ -99,6 +108,9 @@ module Google
|
|
99
108
|
# hierarchy, then Access Approval will still be enabled at this level as
|
100
109
|
# the settings are inherited.
|
101
110
|
rpc :DeleteAccessApprovalSettings, ::Google::Cloud::AccessApproval::V1::DeleteAccessApprovalSettingsMessage, ::Google::Protobuf::Empty
|
111
|
+
# Retrieves the service account that is used by Access Approval to access KMS
|
112
|
+
# keys for signing approved approval requests.
|
113
|
+
rpc :GetAccessApprovalServiceAccount, ::Google::Cloud::AccessApproval::V1::GetAccessApprovalServiceAccountMessage, ::Google::Cloud::AccessApproval::V1::AccessApprovalServiceAccount
|
102
114
|
end
|
103
115
|
|
104
116
|
Stub = Service.rpc_stub_class
|
@@ -86,17 +86,43 @@ module Google
|
|
86
86
|
CUSTOMER_INITIATED_SUPPORT = 1
|
87
87
|
|
88
88
|
# The principal accessed customer data in order to diagnose or resolve a
|
89
|
-
# suspected issue in services
|
90
|
-
#
|
91
|
-
#
|
89
|
+
# suspected issue in services. Often this access is used to confirm that
|
90
|
+
# customers are not affected by a suspected service issue or to remediate a
|
91
|
+
# reversible system issue.
|
92
92
|
GOOGLE_INITIATED_SERVICE = 2
|
93
93
|
|
94
94
|
# Google initiated service for security, fraud, abuse, or compliance
|
95
95
|
# purposes.
|
96
96
|
GOOGLE_INITIATED_REVIEW = 3
|
97
|
+
|
98
|
+
# The principal was compelled to access customer data in order to respond
|
99
|
+
# to a legal third party data request or process, including legal processes
|
100
|
+
# from customers themselves.
|
101
|
+
THIRD_PARTY_DATA_REQUEST = 4
|
102
|
+
|
103
|
+
# The principal accessed customer data in order to diagnose or resolve a
|
104
|
+
# suspected issue in services or a known outage.
|
105
|
+
GOOGLE_RESPONSE_TO_PRODUCTION_ALERT = 5
|
97
106
|
end
|
98
107
|
end
|
99
108
|
|
109
|
+
# Information about the digital signature of the resource.
|
110
|
+
# @!attribute [rw] signature
|
111
|
+
# @return [::String]
|
112
|
+
# The digital signature.
|
113
|
+
# @!attribute [rw] google_public_key_pem
|
114
|
+
# @return [::String]
|
115
|
+
# The public key for the Google default signing, encoded in PEM format. The
|
116
|
+
# signature was created using a private key which may be verified using
|
117
|
+
# this public key.
|
118
|
+
# @!attribute [rw] customer_kms_key_version
|
119
|
+
# @return [::String]
|
120
|
+
# The resource name of the customer CryptoKeyVersion used for signing.
|
121
|
+
class SignatureInfo
|
122
|
+
include ::Google::Protobuf::MessageExts
|
123
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
124
|
+
end
|
125
|
+
|
100
126
|
# A decision that has been made to approve access to a resource.
|
101
127
|
# @!attribute [rw] approve_time
|
102
128
|
# @return [::Google::Protobuf::Timestamp]
|
@@ -104,6 +130,15 @@ module Google
|
|
104
130
|
# @!attribute [rw] expire_time
|
105
131
|
# @return [::Google::Protobuf::Timestamp]
|
106
132
|
# The time at which the approval expires.
|
133
|
+
# @!attribute [rw] invalidate_time
|
134
|
+
# @return [::Google::Protobuf::Timestamp]
|
135
|
+
# If set, denotes the timestamp at which the approval is invalidated.
|
136
|
+
# @!attribute [rw] signature_info
|
137
|
+
# @return [::Google::Cloud::AccessApproval::V1::SignatureInfo]
|
138
|
+
# The signature for the ApprovalRequest and details on how it was signed.
|
139
|
+
# @!attribute [rw] auto_approved
|
140
|
+
# @return [::Boolean]
|
141
|
+
# True when the request has been auto-approved.
|
107
142
|
class ApproveDecision
|
108
143
|
include ::Google::Protobuf::MessageExts
|
109
144
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -115,8 +150,8 @@ module Google
|
|
115
150
|
# The time at which the approval request was dismissed.
|
116
151
|
# @!attribute [rw] implicit
|
117
152
|
# @return [::Boolean]
|
118
|
-
# This field will be true if the ApprovalRequest was
|
119
|
-
#
|
153
|
+
# This field will be true if the ApprovalRequest was implicitly dismissed due
|
154
|
+
# to inaction by the access approval approvers (the request is not acted
|
120
155
|
# on by the approvers before the exiration time).
|
121
156
|
class DismissDecision
|
122
157
|
include ::Google::Protobuf::MessageExts
|
@@ -188,6 +223,7 @@ module Google
|
|
188
223
|
# * Cloud Key Management Service
|
189
224
|
# * Compute Engine
|
190
225
|
# * Cloud Dataflow
|
226
|
+
# * Cloud Dataproc
|
191
227
|
# * Cloud DLP
|
192
228
|
# * Cloud EKM
|
193
229
|
# * Cloud HSM
|
@@ -201,6 +237,7 @@ module Google
|
|
201
237
|
# * Organization Policy Serivice
|
202
238
|
# * Persistent Disk
|
203
239
|
# * Resource Manager
|
240
|
+
# * Secret Manager
|
204
241
|
# * Speaker ID
|
205
242
|
#
|
206
243
|
# Note: These values are supported as input for legacy purposes, but will not
|
@@ -217,12 +254,14 @@ module Google
|
|
217
254
|
# * cloudsql.googleapis.com
|
218
255
|
# * compute.googleapis.com
|
219
256
|
# * dataflow.googleapis.com
|
257
|
+
# * dataproc.googleapis.com
|
220
258
|
# * dlp.googleapis.com
|
221
259
|
# * iam.googleapis.com
|
222
260
|
# * logging.googleapis.com
|
223
261
|
# * orgpolicy.googleapis.com
|
224
262
|
# * pubsub.googleapis.com
|
225
263
|
# * spanner.googleapis.com
|
264
|
+
# * secretmanager.googleapis.com
|
226
265
|
# * speakerid.googleapis.com
|
227
266
|
# * storage.googleapis.com
|
228
267
|
#
|
@@ -277,11 +316,48 @@ module Google
|
|
277
316
|
# indicates that at least one service is enrolled for Access Approval in one
|
278
317
|
# or more ancestors of the Project or Folder (this field will always be
|
279
318
|
# unset for the organization since organizations do not have ancestors).
|
319
|
+
# @!attribute [rw] active_key_version
|
320
|
+
# @return [::String]
|
321
|
+
# The asymmetric crypto key version to use for signing approval requests.
|
322
|
+
# Empty active_key_version indicates that a Google-managed key should be used
|
323
|
+
# for signing. This property will be ignored if set by an ancestor of this
|
324
|
+
# resource, and new non-empty values may not be set.
|
325
|
+
# @!attribute [r] ancestor_has_active_key_version
|
326
|
+
# @return [::Boolean]
|
327
|
+
# Output only. This field is read only (not settable via UpdateAccessApprovalSettings
|
328
|
+
# method). If the field is true, that indicates that an ancestor of this
|
329
|
+
# Project or Folder has set active_key_version (this field will always be
|
330
|
+
# unset for the organization since organizations do not have ancestors).
|
331
|
+
# @!attribute [r] invalid_key_version
|
332
|
+
# @return [::Boolean]
|
333
|
+
# Output only. This field is read only (not settable via UpdateAccessApprovalSettings
|
334
|
+
# method). If the field is true, that indicates that there is some
|
335
|
+
# configuration issue with the active_key_version configured at this level in
|
336
|
+
# the resource hierarchy (e.g. it doesn't exist or the Access Approval
|
337
|
+
# service account doesn't have the correct permissions on it, etc.) This key
|
338
|
+
# version is not necessarily the effective key version at this level, as key
|
339
|
+
# versions are inherited top-down.
|
280
340
|
class AccessApprovalSettings
|
281
341
|
include ::Google::Protobuf::MessageExts
|
282
342
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
283
343
|
end
|
284
344
|
|
345
|
+
# Access Approval service account related to a project/folder/organization.
|
346
|
+
# @!attribute [rw] name
|
347
|
+
# @return [::String]
|
348
|
+
# The resource name of the Access Approval service account. Format is one of:
|
349
|
+
#
|
350
|
+
# * "projects/\\{project}/serviceAccount"
|
351
|
+
# * "folders/\\{folder}/serviceAccount"
|
352
|
+
# * "organizations/\\{organization}/serviceAccount"
|
353
|
+
# @!attribute [rw] account_email
|
354
|
+
# @return [::String]
|
355
|
+
# Email address of the service account.
|
356
|
+
class AccessApprovalServiceAccount
|
357
|
+
include ::Google::Protobuf::MessageExts
|
358
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
359
|
+
end
|
360
|
+
|
285
361
|
# Request to list approval requests.
|
286
362
|
# @!attribute [rw] parent
|
287
363
|
# @return [::String]
|
@@ -356,6 +432,15 @@ module Google
|
|
356
432
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
357
433
|
end
|
358
434
|
|
435
|
+
# Request to invalidate an existing approval.
|
436
|
+
# @!attribute [rw] name
|
437
|
+
# @return [::String]
|
438
|
+
# Name of the ApprovalRequest to invalidate.
|
439
|
+
class InvalidateApprovalRequestMessage
|
440
|
+
include ::Google::Protobuf::MessageExts
|
441
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
442
|
+
end
|
443
|
+
|
359
444
|
# Request to get access approval settings.
|
360
445
|
# @!attribute [rw] name
|
361
446
|
# @return [::String]
|
@@ -396,6 +481,15 @@ module Google
|
|
396
481
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
397
482
|
end
|
398
483
|
|
484
|
+
# Request to get an Access Approval service account.
|
485
|
+
# @!attribute [rw] name
|
486
|
+
# @return [::String]
|
487
|
+
# Name of the AccessApprovalServiceAccount to retrieve.
|
488
|
+
class GetAccessApprovalServiceAccountMessage
|
489
|
+
include ::Google::Protobuf::MessageExts
|
490
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
491
|
+
end
|
492
|
+
|
399
493
|
# Represents the type of enrollment for a given service to Access Approval.
|
400
494
|
module EnrollmentLevel
|
401
495
|
# Default value for proto, shouldn't be used.
|
@@ -26,8 +26,6 @@ module Google
|
|
26
26
|
# service Foo {
|
27
27
|
# rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
|
28
28
|
# }
|
29
|
-
#
|
30
|
-
# The JSON representation for `Empty` is empty JSON object `{}`.
|
31
29
|
class Empty
|
32
30
|
include ::Google::Protobuf::MessageExts
|
33
31
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-access_approval-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.7.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-08-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -16,7 +16,7 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '0.
|
19
|
+
version: '0.10'
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
22
|
version: 2.a
|
@@ -26,7 +26,7 @@ dependencies:
|
|
26
26
|
requirements:
|
27
27
|
- - ">="
|
28
28
|
- !ruby/object:Gem::Version
|
29
|
-
version: '0.
|
29
|
+
version: '0.10'
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: 2.a
|
@@ -50,28 +50,28 @@ dependencies:
|
|
50
50
|
requirements:
|
51
51
|
- - "~>"
|
52
52
|
- !ruby/object:Gem::Version
|
53
|
-
version: 1.
|
53
|
+
version: 1.26.1
|
54
54
|
type: :development
|
55
55
|
prerelease: false
|
56
56
|
version_requirements: !ruby/object:Gem::Requirement
|
57
57
|
requirements:
|
58
58
|
- - "~>"
|
59
59
|
- !ruby/object:Gem::Version
|
60
|
-
version: 1.
|
60
|
+
version: 1.26.1
|
61
61
|
- !ruby/object:Gem::Dependency
|
62
62
|
name: minitest
|
63
63
|
requirement: !ruby/object:Gem::Requirement
|
64
64
|
requirements:
|
65
65
|
- - "~>"
|
66
66
|
- !ruby/object:Gem::Version
|
67
|
-
version: '5.
|
67
|
+
version: '5.16'
|
68
68
|
type: :development
|
69
69
|
prerelease: false
|
70
70
|
version_requirements: !ruby/object:Gem::Requirement
|
71
71
|
requirements:
|
72
72
|
- - "~>"
|
73
73
|
- !ruby/object:Gem::Version
|
74
|
-
version: '5.
|
74
|
+
version: '5.16'
|
75
75
|
- !ruby/object:Gem::Dependency
|
76
76
|
name: minitest-focus
|
77
77
|
requirement: !ruby/object:Gem::Requirement
|
@@ -106,14 +106,14 @@ dependencies:
|
|
106
106
|
requirements:
|
107
107
|
- - ">="
|
108
108
|
- !ruby/object:Gem::Version
|
109
|
-
version: '
|
109
|
+
version: '13.0'
|
110
110
|
type: :development
|
111
111
|
prerelease: false
|
112
112
|
version_requirements: !ruby/object:Gem::Requirement
|
113
113
|
requirements:
|
114
114
|
- - ">="
|
115
115
|
- !ruby/object:Gem::Version
|
116
|
-
version: '
|
116
|
+
version: '13.0'
|
117
117
|
- !ruby/object:Gem::Dependency
|
118
118
|
name: redcarpet
|
119
119
|
requirement: !ruby/object:Gem::Requirement
|
@@ -197,14 +197,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
197
197
|
requirements:
|
198
198
|
- - ">="
|
199
199
|
- !ruby/object:Gem::Version
|
200
|
-
version: '2.
|
200
|
+
version: '2.6'
|
201
201
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
202
202
|
requirements:
|
203
203
|
- - ">="
|
204
204
|
- !ruby/object:Gem::Version
|
205
205
|
version: '0'
|
206
206
|
requirements: []
|
207
|
-
rubygems_version: 3.3.
|
207
|
+
rubygems_version: 3.3.14
|
208
208
|
signing_key:
|
209
209
|
specification_version: 4
|
210
210
|
summary: API Client library for the Access Approval V1 API
|