google-cloud-assured_workloads-v1 0.1.1 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7d4cc220f4bd00eb48376dcf1a24bd1f5e8889c172dba19a2ec92d1e038f6a0e
-  data.tar.gz: 98e9e74cbf89478fe6a9b058a718d9ca2fd60c86ff6bcb093b6790ebc328bfd5
+  metadata.gz: bce8f35ae400d1ba5b616490132bbd857080dff6f596f16ea20c028808073131
+  data.tar.gz: cd717e757b0b82b5338b01ec371aa4da8cb433e16d76949092170fd906e9717c
 SHA512:
-  metadata.gz: df45ed3ab0481c7f851a016e846b887f6826de7f406f5e9f95591a7e473f2585e0d73747993f46d21d554f8ea16c64215e019c694cfa203e552d5d345a29a0f2
-  data.tar.gz: 81698c82b96403ea7c479a98ff93b6c4a834918e1621bad6b19dda7a8329ae4e0258c65b94d3224631ab48e4c754fc1642086821d9adf4efd9caeda6190cde3c
+  metadata.gz: 1dc951508ff668d1801b90576ff4976e4f55e5dd0cf7ebdbaae42569c1ce386f4b9a9635a9a92b118aa5faf20e9b6a294bb6eaebce53f4700d1b2e9f9a800641
+  data.tar.gz: deed8e048596e687a07310155dee0f54e0071a9beb9a4857edb03a4553ff4ce7b8e1a8ae1e2d348af0738aaac8f84becdb3aa9caeb96b4c3fbcbb7447d904cb4

data/lib/google/cloud/assured_workloads/v1/assured_workloads_service/client.rb

@@ -182,8 +182,8 @@ module Google
             #   @param workload [::Google::Cloud::AssuredWorkloads::V1::Workload, ::Hash]
             #     Required. Assured Workload to create
             #   @param external_id [::String]
-            #     Optional. A identifier associated with the workload and underlying projects which
-            #     allows for the break down of billing costs for a workload. The value
+            #     Optional. A identifier associated with the workload and underlying projects
+            #     which allows for the break down of billing costs for a workload. The value
             #     provided for the identifier will add a label to the workload and contained
             #     projects with the identifier as the value.
             #
@@ -463,8 +463,8 @@ module Google
             #   the default parameter values, pass an empty Hash as a request object (see above).
             #
             #   @param name [::String]
-            #     Required. The resource name of the Workload to fetch. This is the workloads's
-            #     relative path in the API, formatted as
+            #     Required. The resource name of the Workload to fetch. This is the
+            #     workloads's relative path in the API, formatted as
             #     "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
             #     For example,
             #     "organizations/123/locations/us-east1/workloads/assured-workload-1".

data/lib/google/cloud/assured_workloads/v1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module AssuredWorkloads
       module V1
-        VERSION = "0.1.1"
+        VERSION = "0.2.0"
       end
     end
   end

data/lib/google/cloud/assuredworkloads/v1/assuredworkloads_pb.rb

@@ -52,6 +52,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :provisioned_resources_parent, :string, 13
       optional :kms_settings, :message, 14, "google.cloud.assuredworkloads.v1.Workload.KMSSettings"
       repeated :resource_settings, :message, 15, "google.cloud.assuredworkloads.v1.Workload.ResourceSettings"
+      optional :kaj_enrollment_state, :enum, 17, "google.cloud.assuredworkloads.v1.Workload.KajEnrollmentState"
+      optional :enable_sovereign_controls, :bool, 18
+      optional :saa_enrollment_response, :message, 20, "google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse"
     end
     add_message "google.cloud.assuredworkloads.v1.Workload.ResourceInfo" do
       optional :resource_id, :int64, 1
@@ -72,6 +75,22 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :resource_type, :enum, 2, "google.cloud.assuredworkloads.v1.Workload.ResourceInfo.ResourceType"
       optional :display_name, :string, 3
     end
+    add_message "google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse" do
+      proto3_optional :setup_status, :enum, 1, "google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse.SetupState"
+      repeated :setup_errors, :enum, 2, "google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse.SetupError"
+    end
+    add_enum "google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse.SetupState" do
+      value :SETUP_STATE_UNSPECIFIED, 0
+      value :STATUS_PENDING, 1
+      value :STATUS_COMPLETE, 2
+    end
+    add_enum "google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse.SetupError" do
+      value :SETUP_ERROR_UNSPECIFIED, 0
+      value :ERROR_INVALID_BASE_SETUP, 1
+      value :ERROR_MISSING_EXTERNAL_SIGNING_KEY, 2
+      value :ERROR_NOT_ALL_SERVICES_ENROLLED, 3
+      value :ERROR_SETUP_CHECK_FAILED, 4
+    end
     add_enum "google.cloud.assuredworkloads.v1.Workload.ComplianceRegime" do
       value :COMPLIANCE_REGIME_UNSPECIFIED, 0
       value :IL4, 1
@@ -84,6 +103,11 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       value :EU_REGIONS_AND_SUPPORT, 8
       value :CA_REGIONS_AND_SUPPORT, 9
     end
+    add_enum "google.cloud.assuredworkloads.v1.Workload.KajEnrollmentState" do
+      value :KAJ_ENROLLMENT_STATE_UNSPECIFIED, 0
+      value :KAJ_ENROLLMENT_STATE_PENDING, 1
+      value :KAJ_ENROLLMENT_STATE_COMPLETE, 2
+    end
     add_message "google.cloud.assuredworkloads.v1.CreateWorkloadOperationMetadata" do
       optional :create_time, :message, 1, "google.protobuf.Timestamp"
       optional :display_name, :string, 2
@@ -108,7 +132,11 @@ module Google
         Workload::ResourceInfo::ResourceType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.ResourceInfo.ResourceType").enummodule
         Workload::KMSSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.KMSSettings").msgclass
         Workload::ResourceSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.ResourceSettings").msgclass
+        Workload::SaaEnrollmentResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse").msgclass
+        Workload::SaaEnrollmentResponse::SetupState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse.SetupState").enummodule
+        Workload::SaaEnrollmentResponse::SetupError = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse.SetupError").enummodule
         Workload::ComplianceRegime = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.ComplianceRegime").enummodule
+        Workload::KajEnrollmentState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.KajEnrollmentState").enummodule
         CreateWorkloadOperationMetadata = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.CreateWorkloadOperationMetadata").msgclass
       end
     end

data/proto_docs/google/cloud/assuredworkloads/v1/assuredworkloads.rb

@@ -31,8 +31,8 @@ module Google
         #     Required. Assured Workload to create
         # @!attribute [rw] external_id
         #   @return [::String]
-        #     Optional. A identifier associated with the workload and underlying projects which
-        #     allows for the break down of billing costs for a workload. The value
+        #     Optional. A identifier associated with the workload and underlying projects
+        #     which allows for the break down of billing costs for a workload. The value
         #     provided for the identifier will add a label to the workload and contained
         #     projects with the identifier as the value.
         class CreateWorkloadRequest
@@ -73,8 +73,8 @@ module Google
         # Request for fetching a workload.
         # @!attribute [rw] name
         #   @return [::String]
-        #     Required. The resource name of the Workload to fetch. This is the workloads's
-        #     relative path in the API, formatted as
+        #     Required. The resource name of the Workload to fetch. This is the
+        #     workloads's relative path in the API, formatted as
         #     "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
         #     For example,
         #     "organizations/123/locations/us-east1/workloads/assured-workload-1".
@@ -165,22 +165,34 @@ module Google
         #     Optional. Labels applied to the workload.
         # @!attribute [rw] provisioned_resources_parent
         #   @return [::String]
-        #     Input only. The parent resource for the resources managed by this Assured Workload. May
-        #     be either empty or a folder resource which is a child of the
+        #     Input only. The parent resource for the resources managed by this Assured
+        #     Workload. May be either empty or a folder resource which is a child of the
         #     Workload parent. If not specified all resources are created under the
         #     parent organization.
         #     Format:
         #     folders/\\{folder_id}
         # @!attribute [rw] kms_settings
         #   @return [::Google::Cloud::AssuredWorkloads::V1::Workload::KMSSettings]
-        #     Input only. Settings used to create a CMEK crypto key. When set a project with a KMS
-        #     CMEK key is provisioned. This field is mandatory for a subset of Compliance
-        #     Regimes.
+        #     Input only. Settings used to create a CMEK crypto key. When set a project
+        #     with a KMS CMEK key is provisioned. This field is mandatory for a subset of
+        #     Compliance Regimes.
         # @!attribute [rw] resource_settings
         #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1::Workload::ResourceSettings>]
-        #     Input only. Resource properties that are used to customize workload resources.
-        #     These properties (such as custom project id) will be used to create
-        #     workload resources if possible. This field is optional.
+        #     Input only. Resource properties that are used to customize workload
+        #     resources. These properties (such as custom project id) will be used to
+        #     create workload resources if possible. This field is optional.
+        # @!attribute [r] kaj_enrollment_state
+        #   @return [::Google::Cloud::AssuredWorkloads::V1::Workload::KajEnrollmentState]
+        #     Output only. Represents the KAJ enrollment state of the given workload.
+        # @!attribute [rw] enable_sovereign_controls
+        #   @return [::Boolean]
+        #     Optional. Indicates the sovereignty status of the given workload.
+        #     Currently meant to be used by Europe/Canada customers.
+        # @!attribute [r] saa_enrollment_response
+        #   @return [::Google::Cloud::AssuredWorkloads::V1::Workload::SaaEnrollmentResponse]
+        #     Output only. Represents the SAA enrollment response of the given workload.
+        #     SAA enrollment response is queried during GetWorkload call.
+        #     In failure cases, user friendly error message is shown in SAA details page.
         class Workload
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -216,13 +228,14 @@ module Google
           # Settings specific to the Key Management Service.
           # @!attribute [rw] next_rotation_time
           #   @return [::Google::Protobuf::Timestamp]
-          #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
-          #     new version of the crypto key and mark it as the primary.
+          #     Required. Input only. Immutable. The time at which the Key Management
+          #     Service will automatically create a new version of the crypto key and
+          #     mark it as the primary.
           # @!attribute [rw] rotation_period
           #   @return [::Google::Protobuf::Duration]
-          #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
-          #     Management Service automatically rotates a key. Must be at least 24 hours
-          #     and at most 876,000 hours.
+          #     Required. Input only. Immutable. [next_rotation_time] will be advanced by
+          #     this period when the Key Management Service automatically rotates a key.
+          #     Must be at least 24 hours and at most 876,000 hours.
           class KMSSettings
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -249,6 +262,51 @@ module Google
             extend ::Google::Protobuf::MessageExts::ClassMethods
           end
 
+          # Signed Access Approvals (SAA) enrollment response.
+          # @!attribute [rw] setup_status
+          #   @return [::Google::Cloud::AssuredWorkloads::V1::Workload::SaaEnrollmentResponse::SetupState]
+          #     Indicates SAA enrollment status of a given workload.
+          # @!attribute [rw] setup_errors
+          #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1::Workload::SaaEnrollmentResponse::SetupError>]
+          #     Indicates SAA enrollment setup error if any.
+          class SaaEnrollmentResponse
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+
+            # Setup state of SAA enrollment.
+            module SetupState
+              # Unspecified.
+              SETUP_STATE_UNSPECIFIED = 0
+
+              # SAA enrollment pending.
+              STATUS_PENDING = 1
+
+              # SAA enrollment comopleted.
+              STATUS_COMPLETE = 2
+            end
+
+            # Setup error of SAA enrollment.
+            module SetupError
+              # Unspecified.
+              SETUP_ERROR_UNSPECIFIED = 0
+
+              # Invalid states for all customers, to be redirected to AA UI for
+              # additional details.
+              ERROR_INVALID_BASE_SETUP = 1
+
+              # Returned when there is not an EKM key configured.
+              ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2
+
+              # Returned when there are no enrolled services or the customer is
+              # enrolled in CAA only for a subset of services.
+              ERROR_NOT_ALL_SERVICES_ENROLLED = 3
+
+              # Returned when exception was encountered during evaluation of other
+              # criteria.
+              ERROR_SETUP_CHECK_FAILED = 4
+            end
+          end
+
           # @!attribute [rw] key
           #   @return [::String]
           # @!attribute [rw] value
@@ -290,6 +348,18 @@ module Google
             # Assured Workloads For Canada Regions and Support controls
             CA_REGIONS_AND_SUPPORT = 9
           end
+
+          # Key Access Justifications(KAJ) Enrollment State.
+          module KajEnrollmentState
+            # Default State for KAJ Enrollment.
+            KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0
+
+            # Pending State for KAJ Enrollment.
+            KAJ_ENROLLMENT_STATE_PENDING = 1
+
+            # Complete State for KAJ Enrollment.
+            KAJ_ENROLLMENT_STATE_COMPLETE = 2
+          end
         end
 
         # Operation metadata to give request details of CreateWorkload.
@@ -304,8 +374,8 @@ module Google
         #     Optional. The parent of the workload.
         # @!attribute [rw] compliance_regime
         #   @return [::Google::Cloud::AssuredWorkloads::V1::Workload::ComplianceRegime]
-        #     Optional. Compliance controls that should be applied to the resources managed by
-        #     the workload.
+        #     Optional. Compliance controls that should be applied to the resources
+        #     managed by the workload.
         class CreateWorkloadOperationMetadata
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-assured_workloads-v1
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.2.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-11-08 00:00:00.000000000 Z
+date: 2021-12-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common