google-cloud-assured_workloads-v1 0.1.1 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.yardopts +1 -1
- data/AUTHENTICATION.md +7 -25
- data/README.md +11 -6
- data/lib/google/cloud/assured_workloads/v1/assured_workloads_service/client.rb +5 -4
- data/lib/google/cloud/assured_workloads/v1/assured_workloads_service/operations.rb +3 -0
- data/lib/google/cloud/assured_workloads/v1/version.rb +1 -1
- data/lib/google/cloud/assured_workloads/v1.rb +2 -0
- data/lib/google/cloud/assuredworkloads/v1/assuredworkloads_pb.rb +31 -1
- data/proto_docs/google/api/resource.rb +10 -71
- data/proto_docs/google/cloud/assuredworkloads/v1/assuredworkloads.rb +92 -19
- data/proto_docs/google/protobuf/any.rb +3 -3
- metadata +12 -12
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6d11723ad6736cc5604664185abbdd38ec30d78074463fbcd53a26da48ef9e62
|
4
|
+
data.tar.gz: c25b06fced4040dfd664d413c6558cb05e0a766560422f8ba61842cd24b9fbda
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b9cc8e0f2a7344625ad4608fc46bce4d9d3eee8b8d559b658d9b81b6236c3c759a51454421e809b008cd9fef60241588e834ab7dc6e967f046c933c16cc73b79
|
7
|
+
data.tar.gz: 41d850e8e5521f5bba3a5498ee7e83fa748ea94f8bc1dbab07c0813c6e408edec0195fcaa1ec72a9e062445431877d3cd716898b7b3932c3e2de169543af5b71
|
data/.yardopts
CHANGED
data/AUTHENTICATION.md
CHANGED
@@ -120,15 +120,6 @@ To configure your system for this, simply:
|
|
120
120
|
**NOTE:** This is _not_ recommended for running in production. The Cloud SDK
|
121
121
|
*should* only be used during development.
|
122
122
|
|
123
|
-
[gce-how-to]: https://cloud.google.com/compute/docs/authentication#using
|
124
|
-
[dev-console]: https://console.cloud.google.com/project
|
125
|
-
|
126
|
-
[enable-apis]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/enable-apis.png
|
127
|
-
|
128
|
-
[create-new-service-account]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/create-new-service-account.png
|
129
|
-
[create-new-service-account-existing-keys]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/create-new-service-account-existing-keys.png
|
130
|
-
[reuse-service-account]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/reuse-service-account.png
|
131
|
-
|
132
123
|
## Creating a Service Account
|
133
124
|
|
134
125
|
Google Cloud requires **Service Account Credentials** to
|
@@ -139,31 +130,22 @@ If you are not running this client within
|
|
139
130
|
[Google Cloud Platform environments](#google-cloud-platform-environments), you
|
140
131
|
need a Google Developers service account.
|
141
132
|
|
142
|
-
1. Visit the [Google
|
133
|
+
1. Visit the [Google Cloud Console](https://console.cloud.google.com/project).
|
143
134
|
2. Create a new project or click on an existing project.
|
144
|
-
3. Activate the
|
135
|
+
3. Activate the menu in the upper left and select **APIs & Services**. From
|
145
136
|
here, you will enable the APIs that your application requires.
|
146
137
|
|
147
|
-
![Enable the APIs that your application requires][enable-apis]
|
148
|
-
|
149
138
|
*Note: You may need to enable billing in order to use these services.*
|
150
139
|
|
151
140
|
4. Select **Credentials** from the side navigation.
|
152
141
|
|
153
|
-
|
154
|
-
|
155
|
-
![Create a new service account][create-new-service-account]
|
156
|
-
|
157
|
-
![Create a new service account With Existing Keys][create-new-service-account-existing-keys]
|
158
|
-
|
159
|
-
Find the "Add credentials" drop down and select "Service account" to be
|
160
|
-
guided through downloading a new JSON key file.
|
142
|
+
Find the "Create credentials" drop down near the top of the page, and select
|
143
|
+
"Service account" to be guided through downloading a new JSON key file.
|
161
144
|
|
162
145
|
If you want to re-use an existing service account, you can easily generate a
|
163
|
-
new key file. Just select the account you wish to re-use,
|
164
|
-
|
165
|
-
|
166
|
-
![Re-use an existing service account][reuse-service-account]
|
146
|
+
new key file. Just select the account you wish to re-use, click the pencil
|
147
|
+
tool on the right side to edit the service account, select the **Keys** tab,
|
148
|
+
and then select **Add Key**.
|
167
149
|
|
168
150
|
The key file you download will be used by this library to authenticate API
|
169
151
|
requests and should be stored in a secure location.
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ request = ::Google::Cloud::AssuredWorkloads::V1::CreateWorkloadRequest.new # (re
|
|
37
37
|
response = client.create_workload request
|
38
38
|
```
|
39
39
|
|
40
|
-
View the [Client Library Documentation](https://
|
40
|
+
View the [Client Library Documentation](https://cloud.google.com/ruby/docs/reference/google-cloud-assured_workloads-v1/latest)
|
41
41
|
for class and method documentation.
|
42
42
|
|
43
43
|
See also the [Product Documentation](https://cloud.google.com/assured-workloads/)
|
@@ -69,16 +69,21 @@ module GRPC
|
|
69
69
|
end
|
70
70
|
```
|
71
71
|
|
72
|
+
|
73
|
+
## Google Cloud Samples
|
74
|
+
|
75
|
+
To browse ready to use code samples check [Google Cloud Samples](https://cloud.google.com/docs/samples).
|
76
|
+
|
72
77
|
## Supported Ruby Versions
|
73
78
|
|
74
|
-
This library is supported on Ruby 2.
|
79
|
+
This library is supported on Ruby 2.6+.
|
75
80
|
|
76
81
|
Google provides official support for Ruby versions that are actively supported
|
77
82
|
by Ruby Core—that is, Ruby versions that are either in normal maintenance or
|
78
|
-
in security maintenance, and not end of life.
|
79
|
-
|
80
|
-
|
81
|
-
|
83
|
+
in security maintenance, and not end of life. Older versions of Ruby _may_
|
84
|
+
still work, but are unsupported and not recommended. See
|
85
|
+
https://www.ruby-lang.org/en/downloads/branches/ for details about the Ruby
|
86
|
+
support schedule.
|
82
87
|
|
83
88
|
## Which client should I use?
|
84
89
|
|
@@ -137,6 +137,7 @@ module Google
|
|
137
137
|
|
138
138
|
@operations_client = Operations.new do |config|
|
139
139
|
config.credentials = credentials
|
140
|
+
config.quota_project = @quota_project_id
|
140
141
|
config.endpoint = @config.endpoint
|
141
142
|
end
|
142
143
|
|
@@ -182,8 +183,8 @@ module Google
|
|
182
183
|
# @param workload [::Google::Cloud::AssuredWorkloads::V1::Workload, ::Hash]
|
183
184
|
# Required. Assured Workload to create
|
184
185
|
# @param external_id [::String]
|
185
|
-
# Optional. A identifier associated with the workload and underlying projects
|
186
|
-
# allows for the break down of billing costs for a workload. The value
|
186
|
+
# Optional. A identifier associated with the workload and underlying projects
|
187
|
+
# which allows for the break down of billing costs for a workload. The value
|
187
188
|
# provided for the identifier will add a label to the workload and contained
|
188
189
|
# projects with the identifier as the value.
|
189
190
|
#
|
@@ -463,8 +464,8 @@ module Google
|
|
463
464
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
464
465
|
#
|
465
466
|
# @param name [::String]
|
466
|
-
# Required. The resource name of the Workload to fetch. This is the
|
467
|
-
# relative path in the API, formatted as
|
467
|
+
# Required. The resource name of the Workload to fetch. This is the
|
468
|
+
# workloads's relative path in the API, formatted as
|
468
469
|
# "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
|
469
470
|
# For example,
|
470
471
|
# "organizations/123/locations/us-east1/workloads/assured-workload-1".
|
@@ -25,6 +25,8 @@ module Google
|
|
25
25
|
##
|
26
26
|
# To load this package, including all its services, and instantiate a client:
|
27
27
|
#
|
28
|
+
# @example
|
29
|
+
#
|
28
30
|
# require "google/cloud/assured_workloads/v1"
|
29
31
|
# client = ::Google::Cloud::AssuredWorkloads::V1::AssuredWorkloadsService::Client.new
|
30
32
|
#
|
@@ -1,6 +1,8 @@
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
2
|
# source: google/cloud/assuredworkloads/v1/assuredworkloads.proto
|
3
3
|
|
4
|
+
require 'google/protobuf'
|
5
|
+
|
4
6
|
require 'google/api/annotations_pb'
|
5
7
|
require 'google/api/client_pb'
|
6
8
|
require 'google/api/field_behavior_pb'
|
@@ -10,7 +12,6 @@ require 'google/protobuf/duration_pb'
|
|
10
12
|
require 'google/protobuf/empty_pb'
|
11
13
|
require 'google/protobuf/field_mask_pb'
|
12
14
|
require 'google/protobuf/timestamp_pb'
|
13
|
-
require 'google/protobuf'
|
14
15
|
|
15
16
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
16
17
|
add_file("google/cloud/assuredworkloads/v1/assuredworkloads.proto", :syntax => :proto3) do
|
@@ -52,6 +53,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
52
53
|
optional :provisioned_resources_parent, :string, 13
|
53
54
|
optional :kms_settings, :message, 14, "google.cloud.assuredworkloads.v1.Workload.KMSSettings"
|
54
55
|
repeated :resource_settings, :message, 15, "google.cloud.assuredworkloads.v1.Workload.ResourceSettings"
|
56
|
+
optional :kaj_enrollment_state, :enum, 17, "google.cloud.assuredworkloads.v1.Workload.KajEnrollmentState"
|
57
|
+
optional :enable_sovereign_controls, :bool, 18
|
58
|
+
optional :saa_enrollment_response, :message, 20, "google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse"
|
55
59
|
end
|
56
60
|
add_message "google.cloud.assuredworkloads.v1.Workload.ResourceInfo" do
|
57
61
|
optional :resource_id, :int64, 1
|
@@ -72,6 +76,22 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
72
76
|
optional :resource_type, :enum, 2, "google.cloud.assuredworkloads.v1.Workload.ResourceInfo.ResourceType"
|
73
77
|
optional :display_name, :string, 3
|
74
78
|
end
|
79
|
+
add_message "google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse" do
|
80
|
+
proto3_optional :setup_status, :enum, 1, "google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse.SetupState"
|
81
|
+
repeated :setup_errors, :enum, 2, "google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse.SetupError"
|
82
|
+
end
|
83
|
+
add_enum "google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse.SetupState" do
|
84
|
+
value :SETUP_STATE_UNSPECIFIED, 0
|
85
|
+
value :STATUS_PENDING, 1
|
86
|
+
value :STATUS_COMPLETE, 2
|
87
|
+
end
|
88
|
+
add_enum "google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse.SetupError" do
|
89
|
+
value :SETUP_ERROR_UNSPECIFIED, 0
|
90
|
+
value :ERROR_INVALID_BASE_SETUP, 1
|
91
|
+
value :ERROR_MISSING_EXTERNAL_SIGNING_KEY, 2
|
92
|
+
value :ERROR_NOT_ALL_SERVICES_ENROLLED, 3
|
93
|
+
value :ERROR_SETUP_CHECK_FAILED, 4
|
94
|
+
end
|
75
95
|
add_enum "google.cloud.assuredworkloads.v1.Workload.ComplianceRegime" do
|
76
96
|
value :COMPLIANCE_REGIME_UNSPECIFIED, 0
|
77
97
|
value :IL4, 1
|
@@ -83,6 +103,12 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
83
103
|
value :HITRUST, 7
|
84
104
|
value :EU_REGIONS_AND_SUPPORT, 8
|
85
105
|
value :CA_REGIONS_AND_SUPPORT, 9
|
106
|
+
value :ITAR, 10
|
107
|
+
end
|
108
|
+
add_enum "google.cloud.assuredworkloads.v1.Workload.KajEnrollmentState" do
|
109
|
+
value :KAJ_ENROLLMENT_STATE_UNSPECIFIED, 0
|
110
|
+
value :KAJ_ENROLLMENT_STATE_PENDING, 1
|
111
|
+
value :KAJ_ENROLLMENT_STATE_COMPLETE, 2
|
86
112
|
end
|
87
113
|
add_message "google.cloud.assuredworkloads.v1.CreateWorkloadOperationMetadata" do
|
88
114
|
optional :create_time, :message, 1, "google.protobuf.Timestamp"
|
@@ -108,7 +134,11 @@ module Google
|
|
108
134
|
Workload::ResourceInfo::ResourceType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.ResourceInfo.ResourceType").enummodule
|
109
135
|
Workload::KMSSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.KMSSettings").msgclass
|
110
136
|
Workload::ResourceSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.ResourceSettings").msgclass
|
137
|
+
Workload::SaaEnrollmentResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse").msgclass
|
138
|
+
Workload::SaaEnrollmentResponse::SetupState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse.SetupState").enummodule
|
139
|
+
Workload::SaaEnrollmentResponse::SetupError = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.SaaEnrollmentResponse.SetupError").enummodule
|
111
140
|
Workload::ComplianceRegime = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.ComplianceRegime").enummodule
|
141
|
+
Workload::KajEnrollmentState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.Workload.KajEnrollmentState").enummodule
|
112
142
|
CreateWorkloadOperationMetadata = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1.CreateWorkloadOperationMetadata").msgclass
|
113
143
|
end
|
114
144
|
end
|
@@ -33,11 +33,7 @@ module Google
|
|
33
33
|
# // For Kubernetes resources, the format is {api group}/{kind}.
|
34
34
|
# option (google.api.resource) = {
|
35
35
|
# type: "pubsub.googleapis.com/Topic"
|
36
|
-
#
|
37
|
-
# pattern: "projects/{project}/topics/{topic}"
|
38
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
39
|
-
# parent_name_extractor: "projects/{project}"
|
40
|
-
# }
|
36
|
+
# pattern: "projects/{project}/topics/{topic}"
|
41
37
|
# };
|
42
38
|
# }
|
43
39
|
#
|
@@ -45,10 +41,7 @@ module Google
|
|
45
41
|
#
|
46
42
|
# resources:
|
47
43
|
# - type: "pubsub.googleapis.com/Topic"
|
48
|
-
#
|
49
|
-
# - pattern: "projects/{project}/topics/{topic}"
|
50
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
51
|
-
# parent_name_extractor: "projects/{project}"
|
44
|
+
# pattern: "projects/{project}/topics/{topic}"
|
52
45
|
#
|
53
46
|
# Sometimes, resources have multiple patterns, typically because they can
|
54
47
|
# live under multiple parents.
|
@@ -58,26 +51,10 @@ module Google
|
|
58
51
|
# message LogEntry {
|
59
52
|
# option (google.api.resource) = {
|
60
53
|
# type: "logging.googleapis.com/LogEntry"
|
61
|
-
#
|
62
|
-
#
|
63
|
-
#
|
64
|
-
#
|
65
|
-
# }
|
66
|
-
# name_descriptor: {
|
67
|
-
# pattern: "folders/{folder}/logs/{log}"
|
68
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
69
|
-
# parent_name_extractor: "folders/{folder}"
|
70
|
-
# }
|
71
|
-
# name_descriptor: {
|
72
|
-
# pattern: "organizations/{organization}/logs/{log}"
|
73
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Organization"
|
74
|
-
# parent_name_extractor: "organizations/{organization}"
|
75
|
-
# }
|
76
|
-
# name_descriptor: {
|
77
|
-
# pattern: "billingAccounts/{billing_account}/logs/{log}"
|
78
|
-
# parent_type: "billing.googleapis.com/BillingAccount"
|
79
|
-
# parent_name_extractor: "billingAccounts/{billing_account}"
|
80
|
-
# }
|
54
|
+
# pattern: "projects/{project}/logs/{log}"
|
55
|
+
# pattern: "folders/{folder}/logs/{log}"
|
56
|
+
# pattern: "organizations/{organization}/logs/{log}"
|
57
|
+
# pattern: "billingAccounts/{billing_account}/logs/{log}"
|
81
58
|
# };
|
82
59
|
# }
|
83
60
|
#
|
@@ -85,48 +62,10 @@ module Google
|
|
85
62
|
#
|
86
63
|
# resources:
|
87
64
|
# - type: 'logging.googleapis.com/LogEntry'
|
88
|
-
#
|
89
|
-
#
|
90
|
-
#
|
91
|
-
#
|
92
|
-
# - pattern: "folders/{folder}/logs/{log}"
|
93
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
94
|
-
# parent_name_extractor: "folders/{folder}"
|
95
|
-
# - pattern: "organizations/{organization}/logs/{log}"
|
96
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Organization"
|
97
|
-
# parent_name_extractor: "organizations/{organization}"
|
98
|
-
# - pattern: "billingAccounts/{billing_account}/logs/{log}"
|
99
|
-
# parent_type: "billing.googleapis.com/BillingAccount"
|
100
|
-
# parent_name_extractor: "billingAccounts/{billing_account}"
|
101
|
-
#
|
102
|
-
# For flexible resources, the resource name doesn't contain parent names, but
|
103
|
-
# the resource itself has parents for policy evaluation.
|
104
|
-
#
|
105
|
-
# Example:
|
106
|
-
#
|
107
|
-
# message Shelf {
|
108
|
-
# option (google.api.resource) = {
|
109
|
-
# type: "library.googleapis.com/Shelf"
|
110
|
-
# name_descriptor: {
|
111
|
-
# pattern: "shelves/{shelf}"
|
112
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
113
|
-
# }
|
114
|
-
# name_descriptor: {
|
115
|
-
# pattern: "shelves/{shelf}"
|
116
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
117
|
-
# }
|
118
|
-
# };
|
119
|
-
# }
|
120
|
-
#
|
121
|
-
# The ResourceDescriptor Yaml config will look like:
|
122
|
-
#
|
123
|
-
# resources:
|
124
|
-
# - type: 'library.googleapis.com/Shelf'
|
125
|
-
# name_descriptor:
|
126
|
-
# - pattern: "shelves/{shelf}"
|
127
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
128
|
-
# - pattern: "shelves/{shelf}"
|
129
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
65
|
+
# pattern: "projects/{project}/logs/{log}"
|
66
|
+
# pattern: "folders/{folder}/logs/{log}"
|
67
|
+
# pattern: "organizations/{organization}/logs/{log}"
|
68
|
+
# pattern: "billingAccounts/{billing_account}/logs/{log}"
|
130
69
|
# @!attribute [rw] type
|
131
70
|
# @return [::String]
|
132
71
|
# The resource type. It must be in the format of
|
@@ -31,8 +31,8 @@ module Google
|
|
31
31
|
# Required. Assured Workload to create
|
32
32
|
# @!attribute [rw] external_id
|
33
33
|
# @return [::String]
|
34
|
-
# Optional. A identifier associated with the workload and underlying projects
|
35
|
-
# allows for the break down of billing costs for a workload. The value
|
34
|
+
# Optional. A identifier associated with the workload and underlying projects
|
35
|
+
# which allows for the break down of billing costs for a workload. The value
|
36
36
|
# provided for the identifier will add a label to the workload and contained
|
37
37
|
# projects with the identifier as the value.
|
38
38
|
class CreateWorkloadRequest
|
@@ -73,8 +73,8 @@ module Google
|
|
73
73
|
# Request for fetching a workload.
|
74
74
|
# @!attribute [rw] name
|
75
75
|
# @return [::String]
|
76
|
-
# Required. The resource name of the Workload to fetch. This is the
|
77
|
-
# relative path in the API, formatted as
|
76
|
+
# Required. The resource name of the Workload to fetch. This is the
|
77
|
+
# workloads's relative path in the API, formatted as
|
78
78
|
# "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
|
79
79
|
# For example,
|
80
80
|
# "organizations/123/locations/us-east1/workloads/assured-workload-1".
|
@@ -165,22 +165,34 @@ module Google
|
|
165
165
|
# Optional. Labels applied to the workload.
|
166
166
|
# @!attribute [rw] provisioned_resources_parent
|
167
167
|
# @return [::String]
|
168
|
-
# Input only. The parent resource for the resources managed by this Assured
|
169
|
-
# be either empty or a folder resource which is a child of the
|
168
|
+
# Input only. The parent resource for the resources managed by this Assured
|
169
|
+
# Workload. May be either empty or a folder resource which is a child of the
|
170
170
|
# Workload parent. If not specified all resources are created under the
|
171
171
|
# parent organization.
|
172
172
|
# Format:
|
173
173
|
# folders/\\{folder_id}
|
174
174
|
# @!attribute [rw] kms_settings
|
175
175
|
# @return [::Google::Cloud::AssuredWorkloads::V1::Workload::KMSSettings]
|
176
|
-
# Input only. Settings used to create a CMEK crypto key. When set a project
|
177
|
-
# CMEK key is provisioned. This field is mandatory for a subset of
|
178
|
-
# Regimes.
|
176
|
+
# Input only. Settings used to create a CMEK crypto key. When set a project
|
177
|
+
# with a KMS CMEK key is provisioned. This field is mandatory for a subset of
|
178
|
+
# Compliance Regimes.
|
179
179
|
# @!attribute [rw] resource_settings
|
180
180
|
# @return [::Array<::Google::Cloud::AssuredWorkloads::V1::Workload::ResourceSettings>]
|
181
|
-
# Input only. Resource properties that are used to customize workload
|
182
|
-
# These properties (such as custom project id) will be used to
|
183
|
-
# workload resources if possible. This field is optional.
|
181
|
+
# Input only. Resource properties that are used to customize workload
|
182
|
+
# resources. These properties (such as custom project id) will be used to
|
183
|
+
# create workload resources if possible. This field is optional.
|
184
|
+
# @!attribute [r] kaj_enrollment_state
|
185
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1::Workload::KajEnrollmentState]
|
186
|
+
# Output only. Represents the KAJ enrollment state of the given workload.
|
187
|
+
# @!attribute [rw] enable_sovereign_controls
|
188
|
+
# @return [::Boolean]
|
189
|
+
# Optional. Indicates the sovereignty status of the given workload.
|
190
|
+
# Currently meant to be used by Europe/Canada customers.
|
191
|
+
# @!attribute [r] saa_enrollment_response
|
192
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1::Workload::SaaEnrollmentResponse]
|
193
|
+
# Output only. Represents the SAA enrollment response of the given workload.
|
194
|
+
# SAA enrollment response is queried during GetWorkload call.
|
195
|
+
# In failure cases, user friendly error message is shown in SAA details page.
|
184
196
|
class Workload
|
185
197
|
include ::Google::Protobuf::MessageExts
|
186
198
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -216,13 +228,14 @@ module Google
|
|
216
228
|
# Settings specific to the Key Management Service.
|
217
229
|
# @!attribute [rw] next_rotation_time
|
218
230
|
# @return [::Google::Protobuf::Timestamp]
|
219
|
-
# Required. Input only. Immutable. The time at which the Key Management
|
220
|
-
# new version of the crypto key and
|
231
|
+
# Required. Input only. Immutable. The time at which the Key Management
|
232
|
+
# Service will automatically create a new version of the crypto key and
|
233
|
+
# mark it as the primary.
|
221
234
|
# @!attribute [rw] rotation_period
|
222
235
|
# @return [::Google::Protobuf::Duration]
|
223
|
-
# Required. Input only. Immutable. [next_rotation_time] will be advanced by
|
224
|
-
# Management Service automatically rotates a key.
|
225
|
-
# and at most 876,000 hours.
|
236
|
+
# Required. Input only. Immutable. [next_rotation_time] will be advanced by
|
237
|
+
# this period when the Key Management Service automatically rotates a key.
|
238
|
+
# Must be at least 24 hours and at most 876,000 hours.
|
226
239
|
class KMSSettings
|
227
240
|
include ::Google::Protobuf::MessageExts
|
228
241
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -249,6 +262,51 @@ module Google
|
|
249
262
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
250
263
|
end
|
251
264
|
|
265
|
+
# Signed Access Approvals (SAA) enrollment response.
|
266
|
+
# @!attribute [rw] setup_status
|
267
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1::Workload::SaaEnrollmentResponse::SetupState]
|
268
|
+
# Indicates SAA enrollment status of a given workload.
|
269
|
+
# @!attribute [rw] setup_errors
|
270
|
+
# @return [::Array<::Google::Cloud::AssuredWorkloads::V1::Workload::SaaEnrollmentResponse::SetupError>]
|
271
|
+
# Indicates SAA enrollment setup error if any.
|
272
|
+
class SaaEnrollmentResponse
|
273
|
+
include ::Google::Protobuf::MessageExts
|
274
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
275
|
+
|
276
|
+
# Setup state of SAA enrollment.
|
277
|
+
module SetupState
|
278
|
+
# Unspecified.
|
279
|
+
SETUP_STATE_UNSPECIFIED = 0
|
280
|
+
|
281
|
+
# SAA enrollment pending.
|
282
|
+
STATUS_PENDING = 1
|
283
|
+
|
284
|
+
# SAA enrollment comopleted.
|
285
|
+
STATUS_COMPLETE = 2
|
286
|
+
end
|
287
|
+
|
288
|
+
# Setup error of SAA enrollment.
|
289
|
+
module SetupError
|
290
|
+
# Unspecified.
|
291
|
+
SETUP_ERROR_UNSPECIFIED = 0
|
292
|
+
|
293
|
+
# Invalid states for all customers, to be redirected to AA UI for
|
294
|
+
# additional details.
|
295
|
+
ERROR_INVALID_BASE_SETUP = 1
|
296
|
+
|
297
|
+
# Returned when there is not an EKM key configured.
|
298
|
+
ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2
|
299
|
+
|
300
|
+
# Returned when there are no enrolled services or the customer is
|
301
|
+
# enrolled in CAA only for a subset of services.
|
302
|
+
ERROR_NOT_ALL_SERVICES_ENROLLED = 3
|
303
|
+
|
304
|
+
# Returned when exception was encountered during evaluation of other
|
305
|
+
# criteria.
|
306
|
+
ERROR_SETUP_CHECK_FAILED = 4
|
307
|
+
end
|
308
|
+
end
|
309
|
+
|
252
310
|
# @!attribute [rw] key
|
253
311
|
# @return [::String]
|
254
312
|
# @!attribute [rw] value
|
@@ -289,6 +347,21 @@ module Google
|
|
289
347
|
|
290
348
|
# Assured Workloads For Canada Regions and Support controls
|
291
349
|
CA_REGIONS_AND_SUPPORT = 9
|
350
|
+
|
351
|
+
# International Traffic in Arms Regulations
|
352
|
+
ITAR = 10
|
353
|
+
end
|
354
|
+
|
355
|
+
# Key Access Justifications(KAJ) Enrollment State.
|
356
|
+
module KajEnrollmentState
|
357
|
+
# Default State for KAJ Enrollment.
|
358
|
+
KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0
|
359
|
+
|
360
|
+
# Pending State for KAJ Enrollment.
|
361
|
+
KAJ_ENROLLMENT_STATE_PENDING = 1
|
362
|
+
|
363
|
+
# Complete State for KAJ Enrollment.
|
364
|
+
KAJ_ENROLLMENT_STATE_COMPLETE = 2
|
292
365
|
end
|
293
366
|
end
|
294
367
|
|
@@ -304,8 +377,8 @@ module Google
|
|
304
377
|
# Optional. The parent of the workload.
|
305
378
|
# @!attribute [rw] compliance_regime
|
306
379
|
# @return [::Google::Cloud::AssuredWorkloads::V1::Workload::ComplianceRegime]
|
307
|
-
# Optional. Compliance controls that should be applied to the resources
|
308
|
-
# the workload.
|
380
|
+
# Optional. Compliance controls that should be applied to the resources
|
381
|
+
# managed by the workload.
|
309
382
|
class CreateWorkloadOperationMetadata
|
310
383
|
include ::Google::Protobuf::MessageExts
|
311
384
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -44,7 +44,7 @@ module Google
|
|
44
44
|
# foo = any.unpack(Foo.class);
|
45
45
|
# }
|
46
46
|
#
|
47
|
-
#
|
47
|
+
# Example 3: Pack and unpack a message in Python.
|
48
48
|
#
|
49
49
|
# foo = Foo(...)
|
50
50
|
# any = Any()
|
@@ -54,7 +54,7 @@ module Google
|
|
54
54
|
# any.Unpack(foo)
|
55
55
|
# ...
|
56
56
|
#
|
57
|
-
#
|
57
|
+
# Example 4: Pack and unpack a message in Go
|
58
58
|
#
|
59
59
|
# foo := &pb.Foo{...}
|
60
60
|
# any, err := anypb.New(foo)
|
@@ -75,7 +75,7 @@ module Google
|
|
75
75
|
#
|
76
76
|
#
|
77
77
|
# JSON
|
78
|
-
#
|
78
|
+
#
|
79
79
|
# The JSON representation of an `Any` value uses the regular
|
80
80
|
# representation of the deserialized, embedded message, with an
|
81
81
|
# additional field `@type` which contains the type URL. Example:
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-assured_workloads-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-07-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -16,7 +16,7 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '0.
|
19
|
+
version: '0.10'
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
22
|
version: 2.a
|
@@ -26,7 +26,7 @@ dependencies:
|
|
26
26
|
requirements:
|
27
27
|
- - ">="
|
28
28
|
- !ruby/object:Gem::Version
|
29
|
-
version: '0.
|
29
|
+
version: '0.10'
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: 2.a
|
@@ -50,28 +50,28 @@ dependencies:
|
|
50
50
|
requirements:
|
51
51
|
- - "~>"
|
52
52
|
- !ruby/object:Gem::Version
|
53
|
-
version: 1.
|
53
|
+
version: 1.26.1
|
54
54
|
type: :development
|
55
55
|
prerelease: false
|
56
56
|
version_requirements: !ruby/object:Gem::Requirement
|
57
57
|
requirements:
|
58
58
|
- - "~>"
|
59
59
|
- !ruby/object:Gem::Version
|
60
|
-
version: 1.
|
60
|
+
version: 1.26.1
|
61
61
|
- !ruby/object:Gem::Dependency
|
62
62
|
name: minitest
|
63
63
|
requirement: !ruby/object:Gem::Requirement
|
64
64
|
requirements:
|
65
65
|
- - "~>"
|
66
66
|
- !ruby/object:Gem::Version
|
67
|
-
version: '5.
|
67
|
+
version: '5.16'
|
68
68
|
type: :development
|
69
69
|
prerelease: false
|
70
70
|
version_requirements: !ruby/object:Gem::Requirement
|
71
71
|
requirements:
|
72
72
|
- - "~>"
|
73
73
|
- !ruby/object:Gem::Version
|
74
|
-
version: '5.
|
74
|
+
version: '5.16'
|
75
75
|
- !ruby/object:Gem::Dependency
|
76
76
|
name: minitest-focus
|
77
77
|
requirement: !ruby/object:Gem::Requirement
|
@@ -106,14 +106,14 @@ dependencies:
|
|
106
106
|
requirements:
|
107
107
|
- - ">="
|
108
108
|
- !ruby/object:Gem::Version
|
109
|
-
version: '
|
109
|
+
version: '13.0'
|
110
110
|
type: :development
|
111
111
|
prerelease: false
|
112
112
|
version_requirements: !ruby/object:Gem::Requirement
|
113
113
|
requirements:
|
114
114
|
- - ">="
|
115
115
|
- !ruby/object:Gem::Version
|
116
|
-
version: '
|
116
|
+
version: '13.0'
|
117
117
|
- !ruby/object:Gem::Dependency
|
118
118
|
name: redcarpet
|
119
119
|
requirement: !ruby/object:Gem::Requirement
|
@@ -203,14 +203,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
203
203
|
requirements:
|
204
204
|
- - ">="
|
205
205
|
- !ruby/object:Gem::Version
|
206
|
-
version: '2.
|
206
|
+
version: '2.6'
|
207
207
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
208
208
|
requirements:
|
209
209
|
- - ">="
|
210
210
|
- !ruby/object:Gem::Version
|
211
211
|
version: '0'
|
212
212
|
requirements: []
|
213
|
-
rubygems_version: 3.
|
213
|
+
rubygems_version: 3.3.14
|
214
214
|
signing_key:
|
215
215
|
specification_version: 4
|
216
216
|
summary: API Client library for the Assured Workloads for Government V1 API
|