google-cloud-assured_workloads-v1 0.1.0

data/proto_docs/google/api/resource.rb

@@ -0,0 +1,283 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Api
+    # A simple descriptor of a resource type.
+    #
+    # ResourceDescriptor annotates a resource message (either by means of a
+    # protobuf annotation or use in the service config), and associates the
+    # resource's schema, the resource type, and the pattern of the resource name.
+    #
+    # Example:
+    #
+    #     message Topic {
+    #       // Indicates this message defines a resource schema.
+    #       // Declares the resource type in the format of {service}/{kind}.
+    #       // For Kubernetes resources, the format is {api group}/{kind}.
+    #       option (google.api.resource) = {
+    #         type: "pubsub.googleapis.com/Topic"
+    #         name_descriptor: {
+    #           pattern: "projects/{project}/topics/{topic}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #           parent_name_extractor: "projects/{project}"
+    #         }
+    #       };
+    #     }
+    #
+    # The ResourceDescriptor Yaml config will look like:
+    #
+    #     resources:
+    #     - type: "pubsub.googleapis.com/Topic"
+    #       name_descriptor:
+    #         - pattern: "projects/{project}/topics/{topic}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #           parent_name_extractor: "projects/{project}"
+    #
+    # Sometimes, resources have multiple patterns, typically because they can
+    # live under multiple parents.
+    #
+    # Example:
+    #
+    #     message LogEntry {
+    #       option (google.api.resource) = {
+    #         type: "logging.googleapis.com/LogEntry"
+    #         name_descriptor: {
+    #           pattern: "projects/{project}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #           parent_name_extractor: "projects/{project}"
+    #         }
+    #         name_descriptor: {
+    #           pattern: "folders/{folder}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
+    #           parent_name_extractor: "folders/{folder}"
+    #         }
+    #         name_descriptor: {
+    #           pattern: "organizations/{organization}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Organization"
+    #           parent_name_extractor: "organizations/{organization}"
+    #         }
+    #         name_descriptor: {
+    #           pattern: "billingAccounts/{billing_account}/logs/{log}"
+    #           parent_type: "billing.googleapis.com/BillingAccount"
+    #           parent_name_extractor: "billingAccounts/{billing_account}"
+    #         }
+    #       };
+    #     }
+    #
+    # The ResourceDescriptor Yaml config will look like:
+    #
+    #     resources:
+    #     - type: 'logging.googleapis.com/LogEntry'
+    #       name_descriptor:
+    #         - pattern: "projects/{project}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #           parent_name_extractor: "projects/{project}"
+    #         - pattern: "folders/{folder}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
+    #           parent_name_extractor: "folders/{folder}"
+    #         - pattern: "organizations/{organization}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Organization"
+    #           parent_name_extractor: "organizations/{organization}"
+    #         - pattern: "billingAccounts/{billing_account}/logs/{log}"
+    #           parent_type: "billing.googleapis.com/BillingAccount"
+    #           parent_name_extractor: "billingAccounts/{billing_account}"
+    #
+    # For flexible resources, the resource name doesn't contain parent names, but
+    # the resource itself has parents for policy evaluation.
+    #
+    # Example:
+    #
+    #     message Shelf {
+    #       option (google.api.resource) = {
+    #         type: "library.googleapis.com/Shelf"
+    #         name_descriptor: {
+    #           pattern: "shelves/{shelf}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #         }
+    #         name_descriptor: {
+    #           pattern: "shelves/{shelf}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
+    #         }
+    #       };
+    #     }
+    #
+    # The ResourceDescriptor Yaml config will look like:
+    #
+    #     resources:
+    #     - type: 'library.googleapis.com/Shelf'
+    #       name_descriptor:
+    #         - pattern: "shelves/{shelf}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #         - pattern: "shelves/{shelf}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
+    # @!attribute [rw] type
+    #   @return [::String]
+    #     The resource type. It must be in the format of
+    #     \\{service_name}/\\{resource_type_kind}. The `resource_type_kind` must be
+    #     singular and must not include version numbers.
+    #
+    #     Example: `storage.googleapis.com/Bucket`
+    #
+    #     The value of the resource_type_kind must follow the regular expression
+    #     /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and
+    #     should use PascalCase (UpperCamelCase). The maximum number of
+    #     characters allowed for the `resource_type_kind` is 100.
+    # @!attribute [rw] pattern
+    #   @return [::Array<::String>]
+    #     Optional. The relative resource name pattern associated with this resource
+    #     type. The DNS prefix of the full resource name shouldn't be specified here.
+    #
+    #     The path pattern must follow the syntax, which aligns with HTTP binding
+    #     syntax:
+    #
+    #         Template = Segment { "/" Segment } ;
+    #         Segment = LITERAL | Variable ;
+    #         Variable = "{" LITERAL "}" ;
+    #
+    #     Examples:
+    #
+    #         - "projects/\\{project}/topics/\\{topic}"
+    #         - "projects/\\{project}/knowledgeBases/\\{knowledge_base}"
+    #
+    #     The components in braces correspond to the IDs for each resource in the
+    #     hierarchy. It is expected that, if multiple patterns are provided,
+    #     the same component name (e.g. "project") refers to IDs of the same
+    #     type of resource.
+    # @!attribute [rw] name_field
+    #   @return [::String]
+    #     Optional. The field on the resource that designates the resource name
+    #     field. If omitted, this is assumed to be "name".
+    # @!attribute [rw] history
+    #   @return [::Google::Api::ResourceDescriptor::History]
+    #     Optional. The historical or future-looking state of the resource pattern.
+    #
+    #     Example:
+    #
+    #         // The InspectTemplate message originally only supported resource
+    #         // names with organization, and project was added later.
+    #         message InspectTemplate {
+    #           option (google.api.resource) = {
+    #             type: "dlp.googleapis.com/InspectTemplate"
+    #             pattern:
+    #             "organizations/{organization}/inspectTemplates/{inspect_template}"
+    #             pattern: "projects/{project}/inspectTemplates/{inspect_template}"
+    #             history: ORIGINALLY_SINGLE_PATTERN
+    #           };
+    #         }
+    # @!attribute [rw] plural
+    #   @return [::String]
+    #     The plural name used in the resource name and permission names, such as
+    #     'projects' for the resource name of 'projects/\\{project}' and the permission
+    #     name of 'cloudresourcemanager.googleapis.com/projects.get'. It is the same
+    #     concept of the `plural` field in k8s CRD spec
+    #     https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
+    #
+    #     Note: The plural form is required even for singleton resources. See
+    #     https://aip.dev/156
+    # @!attribute [rw] singular
+    #   @return [::String]
+    #     The same concept of the `singular` field in k8s CRD spec
+    #     https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
+    #     Such as "project" for the `resourcemanager.googleapis.com/Project` type.
+    # @!attribute [rw] style
+    #   @return [::Array<::Google::Api::ResourceDescriptor::Style>]
+    #     Style flag(s) for this resource.
+    #     These indicate that a resource is expected to conform to a given
+    #     style. See the specific style flags for additional information.
+    class ResourceDescriptor
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # A description of the historical or future-looking state of the
+      # resource pattern.
+      module History
+        # The "unset" value.
+        HISTORY_UNSPECIFIED = 0
+
+        # The resource originally had one pattern and launched as such, and
+        # additional patterns were added later.
+        ORIGINALLY_SINGLE_PATTERN = 1
+
+        # The resource has one pattern, but the API owner expects to add more
+        # later. (This is the inverse of ORIGINALLY_SINGLE_PATTERN, and prevents
+        # that from being necessary once there are multiple patterns.)
+        FUTURE_MULTI_PATTERN = 2
+      end
+
+      # A flag representing a specific style that a resource claims to conform to.
+      module Style
+        # The unspecified value. Do not use.
+        STYLE_UNSPECIFIED = 0
+
+        # This resource is intended to be "declarative-friendly".
+        #
+        # Declarative-friendly resources must be more strictly consistent, and
+        # setting this to true communicates to tools that this resource should
+        # adhere to declarative-friendly expectations.
+        #
+        # Note: This is used by the API linter (linter.aip.dev) to enable
+        # additional checks.
+        DECLARATIVE_FRIENDLY = 1
+      end
+    end
+
+    # Defines a proto annotation that describes a string field that refers to
+    # an API resource.
+    # @!attribute [rw] type
+    #   @return [::String]
+    #     The resource type that the annotated field references.
+    #
+    #     Example:
+    #
+    #         message Subscription {
+    #           string topic = 2 [(google.api.resource_reference) = {
+    #             type: "pubsub.googleapis.com/Topic"
+    #           }];
+    #         }
+    #
+    #     Occasionally, a field may reference an arbitrary resource. In this case,
+    #     APIs use the special value * in their resource reference.
+    #
+    #     Example:
+    #
+    #         message GetIamPolicyRequest {
+    #           string resource = 2 [(google.api.resource_reference) = {
+    #             type: "*"
+    #           }];
+    #         }
+    # @!attribute [rw] child_type
+    #   @return [::String]
+    #     The resource type of a child collection that the annotated field
+    #     references. This is useful for annotating the `parent` field that
+    #     doesn't have a fixed resource type.
+    #
+    #     Example:
+    #
+    #         message ListLogEntriesRequest {
+    #           string parent = 1 [(google.api.resource_reference) = {
+    #             child_type: "logging.googleapis.com/LogEntry"
+    #           };
+    #         }
+    class ResourceReference
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/google/cloud/assuredworkloads/v1/assuredworkloads.rb

@@ -0,0 +1,316 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module AssuredWorkloads
+      module V1
+        # Request for creating a workload.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. The resource name of the new Workload's parent.
+        #     Must be of the form `organizations/{org_id}/locations/{location_id}`.
+        # @!attribute [rw] workload
+        #   @return [::Google::Cloud::AssuredWorkloads::V1::Workload]
+        #     Required. Assured Workload to create
+        # @!attribute [rw] external_id
+        #   @return [::String]
+        #     Optional. A identifier associated with the workload and underlying projects which
+        #     allows for the break down of billing costs for a workload. The value
+        #     provided for the identifier will add a label to the workload and contained
+        #     projects with the identifier as the value.
+        class CreateWorkloadRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request for Updating a workload.
+        # @!attribute [rw] workload
+        #   @return [::Google::Cloud::AssuredWorkloads::V1::Workload]
+        #     Required. The workload to update.
+        #     The workload’s `name` field is used to identify the workload to be updated.
+        #     Format:
+        #     organizations/\\{org_id}/locations/\\{location_id}/workloads/\\{workload_id}
+        # @!attribute [rw] update_mask
+        #   @return [::Google::Protobuf::FieldMask]
+        #     Required. The list of fields to be updated.
+        class UpdateWorkloadRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request for deleting a Workload.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The `name` field is used to identify the workload.
+        #     Format:
+        #     organizations/\\{org_id}/locations/\\{location_id}/workloads/\\{workload_id}
+        # @!attribute [rw] etag
+        #   @return [::String]
+        #     Optional. The etag of the workload.
+        #     If this is provided, it must match the server's etag.
+        class DeleteWorkloadRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request for fetching a workload.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The resource name of the Workload to fetch. This is the workloads's
+        #     relative path in the API, formatted as
+        #     "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
+        #     For example,
+        #     "organizations/123/locations/us-east1/workloads/assured-workload-1".
+        class GetWorkloadRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request for fetching workloads in an organization.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Parent Resource to list workloads from.
+        #     Must be of the form `organizations/{org_id}/locations/{location}`.
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     Page size.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     Page token returned from previous request. Page token contains context from
+        #     previous request. Page token needs to be passed in the second and following
+        #     requests.
+        # @!attribute [rw] filter
+        #   @return [::String]
+        #     A custom filter for filtering by properties of a workload. At this time,
+        #     only filtering by labels is supported.
+        class ListWorkloadsRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response of ListWorkloads endpoint.
+        # @!attribute [rw] workloads
+        #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1::Workload>]
+        #     List of Workloads under a given parent.
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     The next page token. Return empty if reached the last page.
+        class ListWorkloadsResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # An Workload object for managing highly regulated workloads of cloud
+        # customers.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Optional. The resource name of the workload.
+        #     Format:
+        #     organizations/\\{organization}/locations/\\{location}/workloads/\\{workload}
+        #
+        #     Read-only.
+        # @!attribute [rw] display_name
+        #   @return [::String]
+        #     Required. The user-assigned display name of the Workload.
+        #     When present it must be between 4 to 30 characters.
+        #     Allowed characters are: lowercase and uppercase letters, numbers,
+        #     hyphen, and spaces.
+        #
+        #     Example: My Workload
+        # @!attribute [r] resources
+        #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1::Workload::ResourceInfo>]
+        #     Output only. The resources associated with this workload.
+        #     These resources will be created when creating the workload.
+        #     If any of the projects already exist, the workload creation will fail.
+        #     Always read only.
+        # @!attribute [rw] compliance_regime
+        #   @return [::Google::Cloud::AssuredWorkloads::V1::Workload::ComplianceRegime]
+        #     Required. Immutable. Compliance Regime associated with this workload.
+        # @!attribute [r] create_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. Immutable. The Workload creation timestamp.
+        # @!attribute [rw] billing_account
+        #   @return [::String]
+        #     Required. Input only. The billing account used for the resources which are
+        #     direct children of workload. This billing account is initially associated
+        #     with the resources created as part of Workload creation.
+        #     After the initial creation of these resources, the customer can change
+        #     the assigned billing account.
+        #     The resource name has the form
+        #     `billingAccounts/{billing_account_id}`. For example,
+        #     `billingAccounts/012345-567890-ABCDEF`.
+        # @!attribute [rw] etag
+        #   @return [::String]
+        #     Optional. ETag of the workload, it is calculated on the basis
+        #     of the Workload contents. It will be used in Update & Delete operations.
+        # @!attribute [rw] labels
+        #   @return [::Google::Protobuf::Map{::String => ::String}]
+        #     Optional. Labels applied to the workload.
+        # @!attribute [rw] provisioned_resources_parent
+        #   @return [::String]
+        #     Input only. The parent resource for the resources managed by this Assured Workload. May
+        #     be either empty or a folder resource which is a child of the
+        #     Workload parent. If not specified all resources are created under the
+        #     parent organization.
+        #     Format:
+        #     folders/\\{folder_id}
+        # @!attribute [rw] kms_settings
+        #   @return [::Google::Cloud::AssuredWorkloads::V1::Workload::KMSSettings]
+        #     Input only. Settings used to create a CMEK crypto key. When set a project with a KMS
+        #     CMEK key is provisioned. This field is mandatory for a subset of Compliance
+        #     Regimes.
+        # @!attribute [rw] resource_settings
+        #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1::Workload::ResourceSettings>]
+        #     Input only. Resource properties that are used to customize workload resources.
+        #     These properties (such as custom project id) will be used to create
+        #     workload resources if possible. This field is optional.
+        class Workload
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # Represent the resources that are children of this Workload.
+          # @!attribute [rw] resource_id
+          #   @return [::Integer]
+          #     Resource identifier.
+          #     For a project this represents project_number.
+          # @!attribute [rw] resource_type
+          #   @return [::Google::Cloud::AssuredWorkloads::V1::Workload::ResourceInfo::ResourceType]
+          #     Indicates the type of resource.
+          class ResourceInfo
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+
+            # The type of resource.
+            module ResourceType
+              # Unknown resource type.
+              RESOURCE_TYPE_UNSPECIFIED = 0
+
+              # Consumer project.
+              CONSUMER_PROJECT = 1
+
+              # Consumer project containing encryption keys.
+              ENCRYPTION_KEYS_PROJECT = 2
+
+              # Keyring resource that hosts encryption keys.
+              KEYRING = 3
+            end
+          end
+
+          # Settings specific to the Key Management Service.
+          # @!attribute [rw] next_rotation_time
+          #   @return [::Google::Protobuf::Timestamp]
+          #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
+          #     new version of the crypto key and mark it as the primary.
+          # @!attribute [rw] rotation_period
+          #   @return [::Google::Protobuf::Duration]
+          #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
+          #     Management Service automatically rotates a key. Must be at least 24 hours
+          #     and at most 876,000 hours.
+          class KMSSettings
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # Represent the custom settings for the resources to be created.
+          # @!attribute [rw] resource_id
+          #   @return [::String]
+          #     Resource identifier.
+          #     For a project this represents project_id. If the project is already
+          #     taken, the workload creation will fail.
+          # @!attribute [rw] resource_type
+          #   @return [::Google::Cloud::AssuredWorkloads::V1::Workload::ResourceInfo::ResourceType]
+          #     Indicates the type of resource. This field should be specified to
+          #     correspond the id to the right project type (CONSUMER_PROJECT or
+          #     ENCRYPTION_KEYS_PROJECT)
+          # @!attribute [rw] display_name
+          #   @return [::String]
+          #     User-assigned resource display name.
+          #     If not empty it will be used to create a resource with the specified
+          #     name.
+          class ResourceSettings
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # @!attribute [rw] key
+          #   @return [::String]
+          # @!attribute [rw] value
+          #   @return [::String]
+          class LabelsEntry
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # Supported Compliance Regimes.
+          module ComplianceRegime
+            # Unknown compliance regime.
+            COMPLIANCE_REGIME_UNSPECIFIED = 0
+
+            # Information protection as per DoD IL4 requirements.
+            IL4 = 1
+
+            # Criminal Justice Information Services (CJIS) Security policies.
+            CJIS = 2
+
+            # FedRAMP High data protection controls
+            FEDRAMP_HIGH = 3
+
+            # FedRAMP Moderate data protection controls
+            FEDRAMP_MODERATE = 4
+
+            # Assured Workloads For US Regions data protection controls
+            US_REGIONAL_ACCESS = 5
+
+            # Health Insurance Portability and Accountability Act controls
+            HIPAA = 6
+
+            # Health Information Trust Alliance controls
+            HITRUST = 7
+
+            # Assured Workloads For EU Regions and Support controls
+            EU_REGIONS_AND_SUPPORT = 8
+
+            # Assured Workloads For Canada Regions and Support controls
+            CA_REGIONS_AND_SUPPORT = 9
+          end
+        end
+
+        # Operation metadata to give request details of CreateWorkload.
+        # @!attribute [rw] create_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Optional. Time when the operation was created.
+        # @!attribute [rw] display_name
+        #   @return [::String]
+        #     Optional. The display name of the workload.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Optional. The parent of the workload.
+        # @!attribute [rw] compliance_regime
+        #   @return [::Google::Cloud::AssuredWorkloads::V1::Workload::ComplianceRegime]
+        #     Optional. Compliance controls that should be applied to the resources managed by
+        #     the workload.
+        class CreateWorkloadOperationMetadata
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end