google-cloud-asset-v1beta1 0.1.1 → 0.2.1

data/proto_docs/google/iam/v1/policy.rb

@@ -24,43 +24,82 @@ module Google
       # specify access control policies for Cloud Platform resources.
       #
       #
-      # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
-      # `members` to a `role`, where the members can be user accounts, Google groups,
-      # Google domains, and service accounts. A `role` is a named list of permissions
-      # defined by IAM.
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+      # `members` to a single `role`. Members can be user accounts, service accounts,
+      # Google groups, and domains (such as G Suite). A `role` is a named list of
+      # permissions (defined by IAM or configured by users). A `binding` can
+      # optionally specify a `condition`, which is a logic expression that further
+      # constrains the role binding based on attributes about the request and/or
+      # target resource.
       #
-      # **Example**
+      # **JSON Example**
       #
       #     {
       #       "bindings": [
       #         {
-      #           "role": "roles/owner",
+      #           "role": "roles/resourcemanager.organizationAdmin",
       #           "members": [
       #             "user:mike@example.com",
       #             "group:admins@example.com",
       #             "domain:google.com",
-      #             "serviceAccount:my-other-app@appspot.gserviceaccount.com",
+      #             "serviceAccount:my-project-id@appspot.gserviceaccount.com"
       #           ]
       #         },
       #         {
-      #           "role": "roles/viewer",
-      #           "members": ["user:sean@example.com"]
+      #           "role": "roles/resourcemanager.organizationViewer",
+      #           "members": ["user:eve@example.com"],
+      #           "condition": {
+      #             "title": "expirable access",
+      #             "description": "Does not grant access after Sep 2020",
+      #             "expression": "request.time <
+      #             timestamp('2020-10-01T00:00:00.000Z')",
+      #           }
       #         }
       #       ]
       #     }
       #
+      # **YAML Example**
+      #
+      #     bindings:
+      #     - members:
+      #       - user:mike@example.com
+      #       - group:admins@example.com
+      #       - domain:google.com
+      #       - serviceAccount:my-project-id@appspot.gserviceaccount.com
+      #       role: roles/resourcemanager.organizationAdmin
+      #     - members:
+      #       - user:eve@example.com
+      #       role: roles/resourcemanager.organizationViewer
+      #       condition:
+      #         title: expirable access
+      #         description: Does not grant access after Sep 2020
+      #         expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
+      #
       # For a description of IAM and its features, see the
-      # [IAM developer's guide](https://cloud.google.com/iam).
+      # [IAM developer's guide](https://cloud.google.com/iam/docs).
       # @!attribute [rw] version
-      #   @return [Integer]
-      #     Version of the `Policy`. The default version is 0.
+      #   @return [::Integer]
+      #     Specifies the format of the policy.
+      #
+      #     Valid values are 0, 1, and 3. Requests specifying an invalid value will be
+      #     rejected.
+      #
+      #     Operations affecting conditional bindings must specify version 3. This can
+      #     be either setting a conditional policy, modifying a conditional binding,
+      #     or removing a binding (conditional or unconditional) from the stored
+      #     conditional policy.
+      #     Operations on non-conditional policies may specify any valid value or
+      #     leave the field unset.
+      #
+      #     If no etag is provided in the call to `setIamPolicy`, version compliance
+      #     checks against the stored policy is skipped.
       # @!attribute [rw] bindings
-      #   @return [Array<Google::Iam::V1::Binding>]
-      #     Associates a list of `members` to a `role`.
-      #     Multiple `bindings` must not be specified for the same `role`.
+      #   @return [::Array<::Google::Iam::V1::Binding>]
+      #     Associates a list of `members` to a `role`. Optionally may specify a
+      #     `condition` that determines when binding is in effect.
       #     `bindings` with no members will result in an error.
       # @!attribute [rw] etag
-      #   @return [String]
+      #   @return [::String]
       #     `etag` is used for optimistic concurrency control as a way to help
       #     prevent simultaneous updates of a policy from overwriting each other.
       #     It is strongly suggested that systems make use of the `etag` in the
@@ -70,20 +109,21 @@ module Google
       #     ensure that their change will be applied to the same version of the policy.
       #
       #     If no `etag` is provided in the call to `setIamPolicy`, then the existing
-      #     policy is overwritten blindly.
+      #     policy is overwritten. Due to blind-set semantics of an etag-less policy,
+      #     'setIamPolicy' will not fail even if the incoming policy version does not
+      #     meet the requirements for modifying the stored policy.
       class Policy
-        include Google::Protobuf::MessageExts
-        extend Google::Protobuf::MessageExts::ClassMethods
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
       end
 
       # Associates `members` with a `role`.
       # @!attribute [rw] role
-      #   @return [String]
+      #   @return [::String]
       #     Role that is assigned to `members`.
       #     For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
-      #     Required
       # @!attribute [rw] members
-      #   @return [Array<String>]
+      #   @return [::Array<::String>]
       #     Specifies the identities requesting access for a Cloud Platform resource.
       #     `members` can have the following values:
       #
@@ -94,7 +134,7 @@ module Google
       #        who is authenticated with a Google account or a service account.
       #
       #     * `user:{emailid}`: An email address that represents a specific Google
-      #        account. For example, `alice@gmail.com` or `joe@example.com`.
+      #        account. For example, `alice@example.com` .
       #
       #
       #     * `serviceAccount:{emailid}`: An email address that represents a service
@@ -103,41 +143,54 @@ module Google
       #     * `group:{emailid}`: An email address that represents a Google group.
       #        For example, `admins@example.com`.
       #
-      #     * `domain:{domain}`: A Google Apps domain name that represents all the
+      #
+      #     * `domain:{domain}`: The G Suite domain (primary) that represents all the
       #        users of that domain. For example, `google.com` or `example.com`.
+      # @!attribute [rw] condition
+      #   @return [::Google::Type::Expr]
+      #     The condition that is associated with this binding.
+      #     NOTE: An unsatisfied condition will not allow user access via current
+      #     binding. Different bindings, including their conditions, are examined
+      #     independently.
       class Binding
-        include Google::Protobuf::MessageExts
-        extend Google::Protobuf::MessageExts::ClassMethods
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
       end
 
       # The difference delta between two policies.
       # @!attribute [rw] binding_deltas
-      #   @return [Array<Google::Iam::V1::BindingDelta>]
+      #   @return [::Array<::Google::Iam::V1::BindingDelta>]
       #     The delta for Bindings between two policies.
+      # @!attribute [rw] audit_config_deltas
+      #   @return [::Array<::Google::Iam::V1::AuditConfigDelta>]
+      #     The delta for AuditConfigs between two policies.
       class PolicyDelta
-        include Google::Protobuf::MessageExts
-        extend Google::Protobuf::MessageExts::ClassMethods
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
       end
 
       # One delta entry for Binding. Each individual change (only one member in each
       # entry) to a binding will be a separate entry.
       # @!attribute [rw] action
-      #   @return [Google::Iam::V1::BindingDelta::Action]
+      #   @return [::Google::Iam::V1::BindingDelta::Action]
       #     The action that was performed on a Binding.
       #     Required
       # @!attribute [rw] role
-      #   @return [String]
+      #   @return [::String]
       #     Role that is assigned to `members`.
       #     For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       #     Required
       # @!attribute [rw] member
-      #   @return [String]
+      #   @return [::String]
       #     A single identity requesting access for a Cloud Platform resource.
       #     Follows the same format of Binding.members.
       #     Required
+      # @!attribute [rw] condition
+      #   @return [::Google::Type::Expr]
+      #     The condition that is associated with this binding.
       class BindingDelta
-        include Google::Protobuf::MessageExts
-        extend Google::Protobuf::MessageExts::ClassMethods
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
 
         # The type of action performed on a Binding in a policy.
         module Action
@@ -151,6 +204,45 @@ module Google
           REMOVE = 2
         end
       end
+
+      # One delta entry for AuditConfig. Each individual change (only one
+      # exempted_member in each entry) to a AuditConfig will be a separate entry.
+      # @!attribute [rw] action
+      #   @return [::Google::Iam::V1::AuditConfigDelta::Action]
+      #     The action that was performed on an audit configuration in a policy.
+      #     Required
+      # @!attribute [rw] service
+      #   @return [::String]
+      #     Specifies a service that was configured for Cloud Audit Logging.
+      #     For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
+      #     `allServices` is a special value that covers all services.
+      #     Required
+      # @!attribute [rw] exempted_member
+      #   @return [::String]
+      #     A single identity that is exempted from "data access" audit
+      #     logging for the `service` specified above.
+      #     Follows the same format of Binding.members.
+      # @!attribute [rw] log_type
+      #   @return [::String]
+      #     Specifies the log_type that was be enabled. ADMIN_ACTIVITY is always
+      #     enabled, and cannot be configured.
+      #     Required
+      class AuditConfigDelta
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+
+        # The type of action performed on an audit configuration in a policy.
+        module Action
+          # Unspecified.
+          ACTION_UNSPECIFIED = 0
+
+          # Addition of an audit configuration.
+          ADD = 1
+
+          # Removal of an audit configuration.
+          REMOVE = 2
+        end
+      end
     end
   end
 end

data/proto_docs/google/longrunning/operations.rb

@@ -22,26 +22,26 @@ module Google
     # This resource represents a long-running operation that is the result of a
     # network API call.
     # @!attribute [rw] name
-    #   @return [String]
+    #   @return [::String]
     #     The server-assigned name, which is only unique within the same service that
     #     originally returns it. If you use the default HTTP mapping, the
     #     `name` should have the format of `operations/some/unique/name`.
     # @!attribute [rw] metadata
-    #   @return [Google::Protobuf::Any]
+    #   @return [::Google::Protobuf::Any]
     #     Service-specific metadata associated with the operation.  It typically
     #     contains progress information and common metadata such as create time.
     #     Some services might not provide such metadata.  Any method that returns a
     #     long-running operation should document the metadata type, if any.
     # @!attribute [rw] done
-    #   @return [Boolean]
+    #   @return [::Boolean]
     #     If the value is `false`, it means the operation is still in progress.
     #     If true, the operation is completed, and either `error` or `response` is
     #     available.
     # @!attribute [rw] error
-    #   @return [Google::Rpc::Status]
+    #   @return [::Google::Rpc::Status]
     #     The error result of the operation in case of failure or cancellation.
     # @!attribute [rw] response
-    #   @return [Google::Protobuf::Any]
+    #   @return [::Google::Protobuf::Any]
     #     The normal response of the operation in case of success.  If the original
     #     method returns no data on success, such as `Delete`, the response is
     #     `google.protobuf.Empty`.  If the original method is standard
@@ -51,65 +51,65 @@ module Google
     #     is `TakeSnapshot()`, the inferred response type is
     #     `TakeSnapshotResponse`.
     class Operation
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
     end
 
     # The request message for Operations.GetOperation.
     # @!attribute [rw] name
-    #   @return [String]
+    #   @return [::String]
     #     The name of the operation resource.
     class GetOperationRequest
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
     end
 
     # The request message for Operations.ListOperations.
     # @!attribute [rw] name
-    #   @return [String]
+    #   @return [::String]
     #     The name of the operation collection.
     # @!attribute [rw] filter
-    #   @return [String]
+    #   @return [::String]
     #     The standard list filter.
     # @!attribute [rw] page_size
-    #   @return [Integer]
+    #   @return [::Integer]
     #     The standard list page size.
     # @!attribute [rw] page_token
-    #   @return [String]
+    #   @return [::String]
     #     The standard list page token.
     class ListOperationsRequest
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
     end
 
     # The response message for Operations.ListOperations.
     # @!attribute [rw] operations
-    #   @return [Array<Google::Longrunning::Operation>]
+    #   @return [::Array<::Google::Longrunning::Operation>]
     #     A list of operations that matches the specified filter in the request.
     # @!attribute [rw] next_page_token
-    #   @return [String]
+    #   @return [::String]
     #     The standard List next-page token.
     class ListOperationsResponse
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
     end
 
     # The request message for Operations.CancelOperation.
     # @!attribute [rw] name
-    #   @return [String]
+    #   @return [::String]
     #     The name of the operation resource to be cancelled.
     class CancelOperationRequest
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
     end
 
     # The request message for Operations.DeleteOperation.
     # @!attribute [rw] name
-    #   @return [String]
+    #   @return [::String]
     #     The name of the operation resource to be deleted.
     class DeleteOperationRequest
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
     end
 
     # A message representing the message types used by a long-running operation.
@@ -124,7 +124,7 @@ module Google
     #     };
     #   }
     # @!attribute [rw] response_type
-    #   @return [String]
+    #   @return [::String]
     #     Required. The message name of the primary return type for this
     #     long-running operation.
     #     This type will be used to deserialize the LRO's response.
@@ -134,7 +134,7 @@ module Google
     #
     #     Note: Altering this value constitutes a breaking change.
     # @!attribute [rw] metadata_type
-    #   @return [String]
+    #   @return [::String]
     #     Required. The message name of the metadata type for this long-running
     #     operation.
     #
@@ -143,8 +143,8 @@ module Google
     #
     #     Note: Altering this value constitutes a breaking change.
     class OperationInfo
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
     end
   end
 end

data/proto_docs/google/protobuf/any.rb

@@ -99,7 +99,7 @@ module Google
     #       "value": "1.212s"
     #     }
     # @!attribute [rw] type_url
-    #   @return [String]
+    #   @return [::String]
     #     A URL/resource name that uniquely identifies the type of the serialized
     #     protocol buffer message. This string must contain at least
     #     one "/" character. The last segment of the URL's path must represent
@@ -128,11 +128,11 @@ module Google
     #     Schemes other than `http`, `https` (or the empty scheme) might be
     #     used with implementation specific semantics.
     # @!attribute [rw] value
-    #   @return [String]
+    #   @return [::String]
     #     Must be a valid serialized protocol buffer of the above specified type.
     class Any
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
     end
   end
 end

data/proto_docs/google/protobuf/empty.rb

@@ -29,8 +29,8 @@ module Google
     #
     # The JSON representation for `Empty` is empty JSON object `{}`.
     class Empty
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
     end
   end
 end

data/proto_docs/google/protobuf/struct.rb

@@ -28,19 +28,19 @@ module Google
     #
     # The JSON representation for `Struct` is JSON object.
     # @!attribute [rw] fields
-    #   @return [Google::Protobuf::Map{String => Google::Protobuf::Value}]
+    #   @return [::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}]
     #     Unordered map of dynamically typed values.
     class Struct
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
 
       # @!attribute [rw] key
-      #   @return [String]
+      #   @return [::String]
       # @!attribute [rw] value
-      #   @return [Google::Protobuf::Value]
+      #   @return [::Google::Protobuf::Value]
       class FieldsEntry
-        include Google::Protobuf::MessageExts
-        extend Google::Protobuf::MessageExts::ClassMethods
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
       end
     end
 
@@ -51,37 +51,37 @@ module Google
     #
     # The JSON representation for `Value` is JSON value.
     # @!attribute [rw] null_value
-    #   @return [Google::Protobuf::NullValue]
+    #   @return [::Google::Protobuf::NullValue]
     #     Represents a null value.
     # @!attribute [rw] number_value
-    #   @return [Float]
+    #   @return [::Float]
     #     Represents a double value.
     # @!attribute [rw] string_value
-    #   @return [String]
+    #   @return [::String]
     #     Represents a string value.
     # @!attribute [rw] bool_value
-    #   @return [Boolean]
+    #   @return [::Boolean]
     #     Represents a boolean value.
     # @!attribute [rw] struct_value
-    #   @return [Google::Protobuf::Struct]
+    #   @return [::Google::Protobuf::Struct]
     #     Represents a structured value.
     # @!attribute [rw] list_value
-    #   @return [Google::Protobuf::ListValue]
+    #   @return [::Google::Protobuf::ListValue]
     #     Represents a repeated `Value`.
     class Value
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
     end
 
     # `ListValue` is a wrapper around a repeated field of values.
     #
     # The JSON representation for `ListValue` is JSON array.
     # @!attribute [rw] values
-    #   @return [Array<Google::Protobuf::Value>]
+    #   @return [::Array<::Google::Protobuf::Value>]
     #     Repeated field of dynamically typed values.
     class ListValue
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
     end
 
     # `NullValue` is a singleton enumeration to represent the null value for the