google-cloud-asset-v1 0.2.2 → 0.4.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +6 -6
- data/README.md +1 -1
- data/lib/google/cloud/asset/v1.rb +1 -1
- data/lib/google/cloud/asset/v1/asset_service.rb +1 -1
- data/lib/google/cloud/asset/v1/asset_service/client.rb +449 -170
- data/lib/google/cloud/asset/v1/asset_service/credentials.rb +1 -1
- data/lib/google/cloud/asset/v1/asset_service/operations.rb +108 -102
- data/lib/google/cloud/asset/v1/asset_service/paths.rb +5 -5
- data/lib/google/cloud/asset/v1/asset_service_pb.rb +26 -0
- data/lib/google/cloud/asset/v1/asset_service_services_pb.rb +13 -2
- data/lib/google/cloud/asset/v1/assets_pb.rb +29 -1
- data/lib/google/cloud/asset/v1/version.rb +1 -1
- data/proto_docs/google/api/resource.rb +12 -12
- data/proto_docs/google/cloud/asset/v1/asset_service.rb +235 -74
- data/proto_docs/google/cloud/asset/v1/assets.rb +225 -36
- data/proto_docs/google/cloud/orgpolicy/v1/orgpolicy.rb +21 -21
- data/proto_docs/google/iam/v1/policy.rb +26 -26
- data/proto_docs/google/identity/accesscontextmanager/v1/access_level.rb +37 -37
- data/proto_docs/google/identity/accesscontextmanager/v1/access_policy.rb +8 -8
- data/proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb +21 -21
- data/proto_docs/google/longrunning/operations.rb +30 -30
- data/proto_docs/google/protobuf/any.rb +4 -4
- data/proto_docs/google/protobuf/empty.rb +2 -2
- data/proto_docs/google/protobuf/field_mask.rb +3 -3
- data/proto_docs/google/protobuf/struct.rb +18 -18
- data/proto_docs/google/protobuf/timestamp.rb +4 -4
- data/proto_docs/google/rpc/status.rb +6 -6
- data/proto_docs/google/type/expr.rb +6 -6
- metadata +32 -5
- data/lib/google/cloud/common_resources_pb.rb +0 -15
@@ -24,30 +24,30 @@ module Google
|
|
24
24
|
# An asset in Google Cloud and its temporal metadata, including the time window
|
25
25
|
# when it was observed and its status during that window.
|
26
26
|
# @!attribute [rw] window
|
27
|
-
# @return [Google::Cloud::Asset::V1::TimeWindow]
|
27
|
+
# @return [::Google::Cloud::Asset::V1::TimeWindow]
|
28
28
|
# The time window when the asset data and state was observed.
|
29
29
|
# @!attribute [rw] deleted
|
30
|
-
# @return [Boolean]
|
30
|
+
# @return [::Boolean]
|
31
31
|
# Whether the asset has been deleted or not.
|
32
32
|
# @!attribute [rw] asset
|
33
|
-
# @return [Google::Cloud::Asset::V1::Asset]
|
33
|
+
# @return [::Google::Cloud::Asset::V1::Asset]
|
34
34
|
# An asset in Google Cloud.
|
35
35
|
class TemporalAsset
|
36
|
-
include Google::Protobuf::MessageExts
|
37
|
-
extend Google::Protobuf::MessageExts::ClassMethods
|
36
|
+
include ::Google::Protobuf::MessageExts
|
37
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
38
38
|
end
|
39
39
|
|
40
|
-
# A time window specified by its
|
40
|
+
# A time window specified by its `start_time` and `end_time`.
|
41
41
|
# @!attribute [rw] start_time
|
42
|
-
# @return [Google::Protobuf::Timestamp]
|
42
|
+
# @return [::Google::Protobuf::Timestamp]
|
43
43
|
# Start time of the time window (exclusive).
|
44
44
|
# @!attribute [rw] end_time
|
45
|
-
# @return [Google::Protobuf::Timestamp]
|
45
|
+
# @return [::Google::Protobuf::Timestamp]
|
46
46
|
# End time of the time window (inclusive). If not specified, the current
|
47
47
|
# timestamp is used instead.
|
48
48
|
class TimeWindow
|
49
|
-
include Google::Protobuf::MessageExts
|
50
|
-
extend Google::Protobuf::MessageExts::ClassMethods
|
49
|
+
include ::Google::Protobuf::MessageExts
|
50
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
51
51
|
end
|
52
52
|
|
53
53
|
# An asset in Google Cloud. An asset can be any resource in the Google Cloud
|
@@ -56,25 +56,25 @@ module Google
|
|
56
56
|
# a resource outside the Google Cloud resource hierarchy (such as Google
|
57
57
|
# Kubernetes Engine clusters and objects), or a Cloud IAM policy.
|
58
58
|
# @!attribute [rw] name
|
59
|
-
# @return [String]
|
59
|
+
# @return [::String]
|
60
60
|
# The full name of the asset. For example:
|
61
|
-
#
|
61
|
+
# `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`
|
62
62
|
#
|
63
63
|
# See [Resource
|
64
64
|
# names](https://cloud.google.com/apis/design/resource_names#full_resource_name)
|
65
65
|
# for more information.
|
66
66
|
# @!attribute [rw] asset_type
|
67
|
-
# @return [String]
|
68
|
-
# The type of the asset. For example:
|
67
|
+
# @return [::String]
|
68
|
+
# The type of the asset. For example: `compute.googleapis.com/Disk`
|
69
69
|
#
|
70
70
|
# See [Supported asset
|
71
71
|
# types](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
|
72
72
|
# for more information.
|
73
73
|
# @!attribute [rw] resource
|
74
|
-
# @return [Google::Cloud::Asset::V1::Resource]
|
74
|
+
# @return [::Google::Cloud::Asset::V1::Resource]
|
75
75
|
# A representation of the resource.
|
76
76
|
# @!attribute [rw] iam_policy
|
77
|
-
# @return [Google::Iam::V1::Policy]
|
77
|
+
# @return [::Google::Iam::V1::Policy]
|
78
78
|
# A representation of the Cloud IAM policy set on a Google Cloud resource.
|
79
79
|
# There can be a maximum of one Cloud IAM policy set on any given resource.
|
80
80
|
# In addition, Cloud IAM policies inherit their granted access scope from any
|
@@ -85,19 +85,19 @@ module Google
|
|
85
85
|
# [this topic](https://cloud.google.com/iam/docs/policies#inheritance) for
|
86
86
|
# more information.
|
87
87
|
# @!attribute [rw] org_policy
|
88
|
-
# @return [Array
|
88
|
+
# @return [::Array<::Google::Cloud::OrgPolicy::V1::Policy>]
|
89
89
|
# A representation of an [organization
|
90
90
|
# policy](https://cloud.google.com/resource-manager/docs/organization-policy/overview#organization_policy).
|
91
91
|
# There can be more than one organization policy with different constraints
|
92
92
|
# set on a given resource.
|
93
93
|
# @!attribute [rw] access_policy
|
94
|
-
# @return [Google::Identity::AccessContextManager::V1::AccessPolicy]
|
94
|
+
# @return [::Google::Identity::AccessContextManager::V1::AccessPolicy]
|
95
95
|
# @!attribute [rw] access_level
|
96
|
-
# @return [Google::Identity::AccessContextManager::V1::AccessLevel]
|
96
|
+
# @return [::Google::Identity::AccessContextManager::V1::AccessLevel]
|
97
97
|
# @!attribute [rw] service_perimeter
|
98
|
-
# @return [Google::Identity::AccessContextManager::V1::ServicePerimeter]
|
98
|
+
# @return [::Google::Identity::AccessContextManager::V1::ServicePerimeter]
|
99
99
|
# @!attribute [rw] ancestors
|
100
|
-
# @return [Array
|
100
|
+
# @return [::Array<::String>]
|
101
101
|
# The ancestry path of an asset in Google Cloud [resource
|
102
102
|
# hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy),
|
103
103
|
# represented as a list of relative resource names. An ancestry path starts
|
@@ -107,38 +107,38 @@ module Google
|
|
107
107
|
#
|
108
108
|
# For example: `["projects/123456789", "folders/5432", "organizations/1234"]`
|
109
109
|
class Asset
|
110
|
-
include Google::Protobuf::MessageExts
|
111
|
-
extend Google::Protobuf::MessageExts::ClassMethods
|
110
|
+
include ::Google::Protobuf::MessageExts
|
111
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
112
112
|
end
|
113
113
|
|
114
114
|
# A representation of a Google Cloud resource.
|
115
115
|
# @!attribute [rw] version
|
116
|
-
# @return [String]
|
117
|
-
# The API version. For example:
|
116
|
+
# @return [::String]
|
117
|
+
# The API version. For example: `v1`
|
118
118
|
# @!attribute [rw] discovery_document_uri
|
119
|
-
# @return [String]
|
119
|
+
# @return [::String]
|
120
120
|
# The URL of the discovery document containing the resource's JSON schema.
|
121
121
|
# For example:
|
122
|
-
#
|
122
|
+
# `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest`
|
123
123
|
#
|
124
124
|
# This value is unspecified for resources that do not have an API based on a
|
125
125
|
# discovery document, such as Cloud Bigtable.
|
126
126
|
# @!attribute [rw] discovery_name
|
127
|
-
# @return [String]
|
127
|
+
# @return [::String]
|
128
128
|
# The JSON schema name listed in the discovery document. For example:
|
129
|
-
#
|
129
|
+
# `Project`
|
130
130
|
#
|
131
131
|
# This value is unspecified for resources that do not have an API based on a
|
132
132
|
# discovery document, such as Cloud Bigtable.
|
133
133
|
# @!attribute [rw] resource_url
|
134
|
-
# @return [String]
|
134
|
+
# @return [::String]
|
135
135
|
# The REST URL for accessing the resource. An HTTP `GET` request using this
|
136
136
|
# URL returns the resource itself. For example:
|
137
|
-
#
|
137
|
+
# `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123`
|
138
138
|
#
|
139
139
|
# This value is unspecified for resources without a REST API.
|
140
140
|
# @!attribute [rw] parent
|
141
|
-
# @return [String]
|
141
|
+
# @return [::String]
|
142
142
|
# The full name of the immediate parent of this resource. See
|
143
143
|
# [Resource
|
144
144
|
# Names](https://cloud.google.com/apis/design/resource_names#full_resource_name)
|
@@ -148,16 +148,205 @@ module Google
|
|
148
148
|
# [Cloud IAM policy
|
149
149
|
# hierarchy](https://cloud.google.com/iam/docs/overview#policy_hierarchy).
|
150
150
|
# For example:
|
151
|
-
#
|
151
|
+
# `//cloudresourcemanager.googleapis.com/projects/my_project_123`
|
152
152
|
#
|
153
153
|
# For third-party assets, this field may be set differently.
|
154
154
|
# @!attribute [rw] data
|
155
|
-
# @return [Google::Protobuf::Struct]
|
155
|
+
# @return [::Google::Protobuf::Struct]
|
156
156
|
# The content of the resource, in which some sensitive fields are removed
|
157
157
|
# and may not be present.
|
158
|
+
# @!attribute [rw] location
|
159
|
+
# @return [::String]
|
160
|
+
# The location of the resource in Google Cloud, such as its zone and region.
|
161
|
+
# For more information, see https://cloud.google.com/about/locations/.
|
158
162
|
class Resource
|
159
|
-
include Google::Protobuf::MessageExts
|
160
|
-
extend Google::Protobuf::MessageExts::ClassMethods
|
163
|
+
include ::Google::Protobuf::MessageExts
|
164
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
165
|
+
end
|
166
|
+
|
167
|
+
# A result of Resource Search, containing information of a cloud resoure.
|
168
|
+
# @!attribute [rw] name
|
169
|
+
# @return [::String]
|
170
|
+
# The full resource name of this resource. Example:
|
171
|
+
# `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`.
|
172
|
+
# See [Cloud Asset Inventory Resource Name
|
173
|
+
# Format](https://cloud.google.com/asset-inventory/docs/resource-name-format)
|
174
|
+
# for more information.
|
175
|
+
#
|
176
|
+
# To search against the `name`:
|
177
|
+
#
|
178
|
+
# * use a field query. Example: `name : "instance1"`
|
179
|
+
# * use a free text query. Example: `"instance1"`
|
180
|
+
# @!attribute [rw] asset_type
|
181
|
+
# @return [::String]
|
182
|
+
# The type of this resource. Example: `compute.googleapis.com/Disk`.
|
183
|
+
#
|
184
|
+
# To search against the `asset_type`:
|
185
|
+
#
|
186
|
+
# * specify the `asset_type` field in your search request.
|
187
|
+
# @!attribute [rw] project
|
188
|
+
# @return [::String]
|
189
|
+
# The project that this resource belongs to, in the form of
|
190
|
+
# projects/\\{PROJECT_NUMBER}.
|
191
|
+
#
|
192
|
+
# To search against the `project`:
|
193
|
+
#
|
194
|
+
# * specify the `scope` field as this project in your search request.
|
195
|
+
# @!attribute [rw] display_name
|
196
|
+
# @return [::String]
|
197
|
+
# The display name of this resource.
|
198
|
+
#
|
199
|
+
# To search against the `display_name`:
|
200
|
+
#
|
201
|
+
# * use a field query. Example: `displayName : "My Instance"`
|
202
|
+
# * use a free text query. Example: `"My Instance"`
|
203
|
+
# @!attribute [rw] description
|
204
|
+
# @return [::String]
|
205
|
+
# One or more paragraphs of text description of this resource. Maximum length
|
206
|
+
# could be up to 1M bytes.
|
207
|
+
#
|
208
|
+
# To search against the `description`:
|
209
|
+
#
|
210
|
+
# * use a field query. Example: `description : "*important instance*"`
|
211
|
+
# * use a free text query. Example: `"*important instance*"`
|
212
|
+
# @!attribute [rw] location
|
213
|
+
# @return [::String]
|
214
|
+
# Location can be `global`, regional like `us-east1`, or zonal like
|
215
|
+
# `us-west1-b`.
|
216
|
+
#
|
217
|
+
# To search against the `location`:
|
218
|
+
#
|
219
|
+
# * use a field query. Example: `location : "us-west*"`
|
220
|
+
# * use a free text query. Example: `"us-west*"`
|
221
|
+
# @!attribute [rw] labels
|
222
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
223
|
+
# Labels associated with this resource. See [Labelling and grouping GCP
|
224
|
+
# resources](https://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources)
|
225
|
+
# for more information.
|
226
|
+
#
|
227
|
+
# To search against the `labels`:
|
228
|
+
#
|
229
|
+
# * use a field query, as following:
|
230
|
+
# - query on any label's key or value. Example: `labels : "prod"`
|
231
|
+
# - query by a given label. Example: `labels.env : "prod"`
|
232
|
+
# - query by a given label'sexistence. Example: `labels.env : *`
|
233
|
+
# * use a free text query. Example: `"prod"`
|
234
|
+
# @!attribute [rw] network_tags
|
235
|
+
# @return [::Array<::String>]
|
236
|
+
# Network tags associated with this resource. Like labels, network tags are a
|
237
|
+
# type of annotations used to group GCP resources. See [Labelling GCP
|
238
|
+
# resources](https://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources)
|
239
|
+
# for more information.
|
240
|
+
#
|
241
|
+
# To search against the `network_tags`:
|
242
|
+
#
|
243
|
+
# * use a field query. Example: `networkTags : "internal"`
|
244
|
+
# * use a free text query. Example: `"internal"`
|
245
|
+
# @!attribute [rw] additional_attributes
|
246
|
+
# @return [::Google::Protobuf::Struct]
|
247
|
+
# The additional attributes of this resource. The attributes may vary from
|
248
|
+
# one resource type to another. Examples: `projectId` for Project,
|
249
|
+
# `dnsName` for DNS ManagedZone.
|
250
|
+
#
|
251
|
+
# To search against the `additional_attributes`:
|
252
|
+
#
|
253
|
+
# * use a free text query to match the attributes values. Example: to search
|
254
|
+
# `additional_attributes = { dnsName: "foobar" }`, you can issue a query
|
255
|
+
# `"foobar"`.
|
256
|
+
class ResourceSearchResult
|
257
|
+
include ::Google::Protobuf::MessageExts
|
258
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
259
|
+
|
260
|
+
# @!attribute [rw] key
|
261
|
+
# @return [::String]
|
262
|
+
# @!attribute [rw] value
|
263
|
+
# @return [::String]
|
264
|
+
class LabelsEntry
|
265
|
+
include ::Google::Protobuf::MessageExts
|
266
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
267
|
+
end
|
268
|
+
end
|
269
|
+
|
270
|
+
# A result of IAM Policy search, containing information of an IAM policy.
|
271
|
+
# @!attribute [rw] resource
|
272
|
+
# @return [::String]
|
273
|
+
# The full resource name of the resource associated with this IAM policy.
|
274
|
+
# Example:
|
275
|
+
# `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`.
|
276
|
+
# See [Cloud Asset Inventory Resource Name
|
277
|
+
# Format](https://cloud.google.com/asset-inventory/docs/resource-name-format)
|
278
|
+
# for more information.
|
279
|
+
#
|
280
|
+
# To search against the `resource`:
|
281
|
+
#
|
282
|
+
# * use a field query. Example: `resource : "organizations/123"`
|
283
|
+
# @!attribute [rw] project
|
284
|
+
# @return [::String]
|
285
|
+
# The project that the associated GCP resource belongs to, in the form of
|
286
|
+
# projects/\\{PROJECT_NUMBER}. If an IAM policy is set on a resource (like VM
|
287
|
+
# instance, Cloud Storage bucket), the project field will indicate the
|
288
|
+
# project that contains the resource. If an IAM policy is set on a folder or
|
289
|
+
# orgnization, the project field will be empty.
|
290
|
+
#
|
291
|
+
# To search against the `project`:
|
292
|
+
#
|
293
|
+
# * specify the `scope` field as this project in your search request.
|
294
|
+
# @!attribute [rw] policy
|
295
|
+
# @return [::Google::Iam::V1::Policy]
|
296
|
+
# The IAM policy directly set on the given resource. Note that the original
|
297
|
+
# IAM policy can contain multiple bindings. This only contains the bindings
|
298
|
+
# that match the given query. For queries that don't contain a constrain on
|
299
|
+
# policies (e.g., an empty query), this contains all the bindings.
|
300
|
+
#
|
301
|
+
# To search against the `policy` bindings:
|
302
|
+
#
|
303
|
+
# * use a field query, as following:
|
304
|
+
# - query by the policy contained members. Example:
|
305
|
+
# `policy : "amy@gmail.com"`
|
306
|
+
# - query by the policy contained roles. Example:
|
307
|
+
# `policy : "roles/compute.admin"`
|
308
|
+
# - query by the policy contained roles' implied permissions. Example:
|
309
|
+
# `policy.role.permissions : "compute.instances.create"`
|
310
|
+
# @!attribute [rw] explanation
|
311
|
+
# @return [::Google::Cloud::Asset::V1::IamPolicySearchResult::Explanation]
|
312
|
+
# Explanation about the IAM policy search result. It contains additional
|
313
|
+
# information to explain why the search result matches the query.
|
314
|
+
class IamPolicySearchResult
|
315
|
+
include ::Google::Protobuf::MessageExts
|
316
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
317
|
+
|
318
|
+
# Explanation about the IAM policy search result.
|
319
|
+
# @!attribute [rw] matched_permissions
|
320
|
+
# @return [::Google::Protobuf::Map{::String => ::Google::Cloud::Asset::V1::IamPolicySearchResult::Explanation::Permissions}]
|
321
|
+
# The map from roles to their included permissions that match the
|
322
|
+
# permission query (i.e., a query containing `policy.role.permissions:`).
|
323
|
+
# Example: if query `policy.role.permissions : "compute.disk.get"`
|
324
|
+
# matches a policy binding that contains owner role, the
|
325
|
+
# matched_permissions will be `{"roles/owner": ["compute.disk.get"]}`. The
|
326
|
+
# roles can also be found in the returned `policy` bindings. Note that the
|
327
|
+
# map is populated only for requests with permission queries.
|
328
|
+
class Explanation
|
329
|
+
include ::Google::Protobuf::MessageExts
|
330
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
331
|
+
|
332
|
+
# IAM permissions
|
333
|
+
# @!attribute [rw] permissions
|
334
|
+
# @return [::Array<::String>]
|
335
|
+
# A list of permissions. A sample permission string: `compute.disk.get`.
|
336
|
+
class Permissions
|
337
|
+
include ::Google::Protobuf::MessageExts
|
338
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
339
|
+
end
|
340
|
+
|
341
|
+
# @!attribute [rw] key
|
342
|
+
# @return [::String]
|
343
|
+
# @!attribute [rw] value
|
344
|
+
# @return [::Google::Cloud::Asset::V1::IamPolicySearchResult::Explanation::Permissions]
|
345
|
+
class MatchedPermissionsEntry
|
346
|
+
include ::Google::Protobuf::MessageExts
|
347
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
348
|
+
end
|
349
|
+
end
|
161
350
|
end
|
162
351
|
end
|
163
352
|
end
|
@@ -24,16 +24,16 @@ module Google
|
|
24
24
|
# Defines a Cloud Organization `Policy` which is used to specify `Constraints`
|
25
25
|
# for configurations of Cloud Platform resources.
|
26
26
|
# @!attribute [rw] version
|
27
|
-
# @return [Integer]
|
27
|
+
# @return [::Integer]
|
28
28
|
# Version of the `Policy`. Default version is 0;
|
29
29
|
# @!attribute [rw] constraint
|
30
|
-
# @return [String]
|
30
|
+
# @return [::String]
|
31
31
|
# The name of the `Constraint` the `Policy` is configuring, for example,
|
32
32
|
# `constraints/serviceuser.services`.
|
33
33
|
#
|
34
34
|
# Immutable after creation.
|
35
35
|
# @!attribute [rw] etag
|
36
|
-
# @return [String]
|
36
|
+
# @return [::String]
|
37
37
|
# An opaque tag indicating the current version of the `Policy`, used for
|
38
38
|
# concurrency control.
|
39
39
|
#
|
@@ -50,24 +50,24 @@ module Google
|
|
50
50
|
# `SetOrgPolicy` request will result in an unconditional write of the
|
51
51
|
# `Policy`.
|
52
52
|
# @!attribute [rw] update_time
|
53
|
-
# @return [Google::Protobuf::Timestamp]
|
53
|
+
# @return [::Google::Protobuf::Timestamp]
|
54
54
|
# The time stamp the `Policy` was previously updated. This is set by the
|
55
55
|
# server, not specified by the caller, and represents the last time a call to
|
56
56
|
# `SetOrgPolicy` was made for that `Policy`. Any value set by the client will
|
57
57
|
# be ignored.
|
58
58
|
# @!attribute [rw] list_policy
|
59
|
-
# @return [Google::Cloud::OrgPolicy::V1::Policy::ListPolicy]
|
59
|
+
# @return [::Google::Cloud::OrgPolicy::V1::Policy::ListPolicy]
|
60
60
|
# List of values either allowed or disallowed.
|
61
61
|
# @!attribute [rw] boolean_policy
|
62
|
-
# @return [Google::Cloud::OrgPolicy::V1::Policy::BooleanPolicy]
|
62
|
+
# @return [::Google::Cloud::OrgPolicy::V1::Policy::BooleanPolicy]
|
63
63
|
# For boolean `Constraints`, whether to enforce the `Constraint` or not.
|
64
64
|
# @!attribute [rw] restore_default
|
65
|
-
# @return [Google::Cloud::OrgPolicy::V1::Policy::RestoreDefault]
|
65
|
+
# @return [::Google::Cloud::OrgPolicy::V1::Policy::RestoreDefault]
|
66
66
|
# Restores the default behavior of the constraint; independent of
|
67
67
|
# `Constraint` type.
|
68
68
|
class Policy
|
69
|
-
include Google::Protobuf::MessageExts
|
70
|
-
extend Google::Protobuf::MessageExts::ClassMethods
|
69
|
+
include ::Google::Protobuf::MessageExts
|
70
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
71
71
|
|
72
72
|
# Used in `policy_type` to specify how `list_policy` behaves at this
|
73
73
|
# resource.
|
@@ -91,24 +91,24 @@ module Google
|
|
91
91
|
# values. If `all_values` is set to either `ALLOW` or `DENY`,
|
92
92
|
# `allowed_values` and `denied_values` must be unset.
|
93
93
|
# @!attribute [rw] allowed_values
|
94
|
-
# @return [Array
|
94
|
+
# @return [::Array<::String>]
|
95
95
|
# List of values allowed at this resource. Can only be set if `all_values`
|
96
96
|
# is set to `ALL_VALUES_UNSPECIFIED`.
|
97
97
|
# @!attribute [rw] denied_values
|
98
|
-
# @return [Array
|
98
|
+
# @return [::Array<::String>]
|
99
99
|
# List of values denied at this resource. Can only be set if `all_values`
|
100
100
|
# is set to `ALL_VALUES_UNSPECIFIED`.
|
101
101
|
# @!attribute [rw] all_values
|
102
|
-
# @return [Google::Cloud::OrgPolicy::V1::Policy::ListPolicy::AllValues]
|
102
|
+
# @return [::Google::Cloud::OrgPolicy::V1::Policy::ListPolicy::AllValues]
|
103
103
|
# The policy all_values state.
|
104
104
|
# @!attribute [rw] suggested_value
|
105
|
-
# @return [String]
|
105
|
+
# @return [::String]
|
106
106
|
# Optional. The Google Cloud Console will try to default to a configuration
|
107
107
|
# that matches the value specified in this `Policy`. If `suggested_value`
|
108
108
|
# is not set, it will inherit the value specified higher in the hierarchy,
|
109
109
|
# unless `inherit_from_parent` is `false`.
|
110
110
|
# @!attribute [rw] inherit_from_parent
|
111
|
-
# @return [Boolean]
|
111
|
+
# @return [::Boolean]
|
112
112
|
# Determines the inheritance behavior for this `Policy`.
|
113
113
|
#
|
114
114
|
# By default, a `ListPolicy` set at a resource supercedes any `Policy` set
|
@@ -207,8 +207,8 @@ module Google
|
|
207
207
|
# The accepted values at `projects/bar` are `organizations/O1`,
|
208
208
|
# `folders/F1`, `projects/P1`.
|
209
209
|
class ListPolicy
|
210
|
-
include Google::Protobuf::MessageExts
|
211
|
-
extend Google::Protobuf::MessageExts::ClassMethods
|
210
|
+
include ::Google::Protobuf::MessageExts
|
211
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
212
212
|
|
213
213
|
# This enum can be used to set `Policies` that apply to all possible
|
214
214
|
# configuration values rather than specific values in `allowed_values` or
|
@@ -234,7 +234,7 @@ module Google
|
|
234
234
|
# Used in `policy_type` to specify how `boolean_policy` will behave at this
|
235
235
|
# resource.
|
236
236
|
# @!attribute [rw] enforced
|
237
|
-
# @return [Boolean]
|
237
|
+
# @return [::Boolean]
|
238
238
|
# If `true`, then the `Policy` is enforced. If `false`, then any
|
239
239
|
# configuration is acceptable.
|
240
240
|
#
|
@@ -280,8 +280,8 @@ module Google
|
|
280
280
|
# The constraint at `projects/bar` is not enforced, because
|
281
281
|
# `constraint_default` for the `Constraint` is `ALLOW`.
|
282
282
|
class BooleanPolicy
|
283
|
-
include Google::Protobuf::MessageExts
|
284
|
-
extend Google::Protobuf::MessageExts::ClassMethods
|
283
|
+
include ::Google::Protobuf::MessageExts
|
284
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
285
285
|
end
|
286
286
|
|
287
287
|
# Ignores policies set above this resource and restores the
|
@@ -297,8 +297,8 @@ module Google
|
|
297
297
|
# enforcement of the `Constraint` for only those projects, allowing those
|
298
298
|
# projects to have all services activated.
|
299
299
|
class RestoreDefault
|
300
|
-
include Google::Protobuf::MessageExts
|
301
|
-
extend Google::Protobuf::MessageExts::ClassMethods
|
300
|
+
include ::Google::Protobuf::MessageExts
|
301
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
302
302
|
end
|
303
303
|
end
|
304
304
|
end
|