google-cloud-assured_workloads-v1beta1 0.8.1 → 0.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1e0a780eeabce7bf7b855b58fe63620614d2e3ee9b574a99e86d67dda315b48a
-  data.tar.gz: 3b761ae99c0777b309153122e844814ad64816e61f7903f1d8a0ba052474b6bf
+  metadata.gz: 5b4db4bac7eca108bedc87f89ea7af55287894ad86791aea37705a0f26212f10
+  data.tar.gz: b18e8abfebe2ed59ba49e4b938af839f5e52cc2bbb762b0d511c32a6a01a298d
 SHA512:
-  metadata.gz: 3e63d558c2cc7c51f1d20be20296930e92bbe9a6d5bb5cd4615ef1ea3161eb30b711f69a4fa40e5aa0e649d1aa72e96b9003bed0b5bf1d02ad0cbf24ea527d9f
-  data.tar.gz: 2e7df0739af6f15a1417f8f69145c2e131a4e4f3e93822dd37445e794de58b8d648959ed986f01c3454f67e3f2db5e2c4fc43ef888edfe2495ed8baf0eca1eb8
+  metadata.gz: c2e337ba2c062dd1d7dc3aeb3a55ad16250c5d5f0f8dbc487d7cf86da02a2e7e50b6f39ea2e8388e825bfe191c0d5c5b1b4810ff2375531a53100d9362750cb0
+  data.tar.gz: 3dee983a8bce0bd141abd0c7a2bb39800fe377d9e9bbdd399c180562302c684385d3020e94470a55518b10edb6cb84c51caa3bc0e64042cb51d0a7b97246d02d

data/lib/google/cloud/assured_workloads/v1beta1/assured_workloads_service/client.rb

@@ -199,8 +199,8 @@ module Google
             #   @param workload [::Google::Cloud::AssuredWorkloads::V1beta1::Workload, ::Hash]
             #     Required. Assured Workload to create
             #   @param external_id [::String]
-            #     Optional. A identifier associated with the workload and underlying projects which
-            #     allows for the break down of billing costs for a workload. The value
+            #     Optional. A identifier associated with the workload and underlying projects
+            #     which allows for the break down of billing costs for a workload. The value
             #     provided for the identifier will add a label to the workload and contained
             #     projects with the identifier as the value.
             #
@@ -480,8 +480,8 @@ module Google
             #   the default parameter values, pass an empty Hash as a request object (see above).
             #
             #   @param name [::String]
-            #     Required. The resource name of the Workload to fetch. This is the workloads's
-            #     relative path in the API, formatted as
+            #     Required. The resource name of the Workload to fetch. This is the
+            #     workloads's relative path in the API, formatted as
             #     "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
             #     For example,
             #     "organizations/123/locations/us-east1/workloads/assured-workload-1".

data/lib/google/cloud/assured_workloads/v1beta1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module AssuredWorkloads
       module V1beta1
-        VERSION = "0.8.1"
+        VERSION = "0.9.0"
       end
     end
   end

data/lib/google/cloud/assuredworkloads/v1beta1/assuredworkloads_v1beta1_pb.rb

@@ -52,6 +52,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :provisioned_resources_parent, :string, 13
       optional :kms_settings, :message, 14, "google.cloud.assuredworkloads.v1beta1.Workload.KMSSettings"
       repeated :resource_settings, :message, 15, "google.cloud.assuredworkloads.v1beta1.Workload.ResourceSettings"
+      optional :kaj_enrollment_state, :enum, 17, "google.cloud.assuredworkloads.v1beta1.Workload.KajEnrollmentState"
+      optional :enable_sovereign_controls, :bool, 18
+      optional :saa_enrollment_response, :message, 20, "google.cloud.assuredworkloads.v1beta1.Workload.SaaEnrollmentResponse"
       oneof :compliance_regime_settings do
         optional :il4_settings, :message, 7, "google.cloud.assuredworkloads.v1beta1.Workload.IL4Settings"
         optional :cjis_settings, :message, 8, "google.cloud.assuredworkloads.v1beta1.Workload.CJISSettings"
@@ -91,6 +94,22 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :resource_type, :enum, 2, "google.cloud.assuredworkloads.v1beta1.Workload.ResourceInfo.ResourceType"
       optional :display_name, :string, 3
     end
+    add_message "google.cloud.assuredworkloads.v1beta1.Workload.SaaEnrollmentResponse" do
+      proto3_optional :setup_status, :enum, 1, "google.cloud.assuredworkloads.v1beta1.Workload.SaaEnrollmentResponse.SetupState"
+      repeated :setup_errors, :enum, 2, "google.cloud.assuredworkloads.v1beta1.Workload.SaaEnrollmentResponse.SetupError"
+    end
+    add_enum "google.cloud.assuredworkloads.v1beta1.Workload.SaaEnrollmentResponse.SetupState" do
+      value :SETUP_STATE_UNSPECIFIED, 0
+      value :STATUS_PENDING, 1
+      value :STATUS_COMPLETE, 2
+    end
+    add_enum "google.cloud.assuredworkloads.v1beta1.Workload.SaaEnrollmentResponse.SetupError" do
+      value :SETUP_ERROR_UNSPECIFIED, 0
+      value :ERROR_INVALID_BASE_SETUP, 1
+      value :ERROR_MISSING_EXTERNAL_SIGNING_KEY, 2
+      value :ERROR_NOT_ALL_SERVICES_ENROLLED, 3
+      value :ERROR_SETUP_CHECK_FAILED, 4
+    end
     add_enum "google.cloud.assuredworkloads.v1beta1.Workload.ComplianceRegime" do
       value :COMPLIANCE_REGIME_UNSPECIFIED, 0
       value :IL4, 1
@@ -103,6 +122,11 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       value :EU_REGIONS_AND_SUPPORT, 8
       value :CA_REGIONS_AND_SUPPORT, 9
     end
+    add_enum "google.cloud.assuredworkloads.v1beta1.Workload.KajEnrollmentState" do
+      value :KAJ_ENROLLMENT_STATE_UNSPECIFIED, 0
+      value :KAJ_ENROLLMENT_STATE_PENDING, 1
+      value :KAJ_ENROLLMENT_STATE_COMPLETE, 2
+    end
     add_message "google.cloud.assuredworkloads.v1beta1.CreateWorkloadOperationMetadata" do
       optional :create_time, :message, 1, "google.protobuf.Timestamp"
       optional :display_name, :string, 2
@@ -132,7 +156,11 @@ module Google
         Workload::FedrampHighSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.Workload.FedrampHighSettings").msgclass
         Workload::FedrampModerateSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.Workload.FedrampModerateSettings").msgclass
         Workload::ResourceSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.Workload.ResourceSettings").msgclass
+        Workload::SaaEnrollmentResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.Workload.SaaEnrollmentResponse").msgclass
+        Workload::SaaEnrollmentResponse::SetupState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.Workload.SaaEnrollmentResponse.SetupState").enummodule
+        Workload::SaaEnrollmentResponse::SetupError = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.Workload.SaaEnrollmentResponse.SetupError").enummodule
         Workload::ComplianceRegime = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.Workload.ComplianceRegime").enummodule
+        Workload::KajEnrollmentState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.Workload.KajEnrollmentState").enummodule
         CreateWorkloadOperationMetadata = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.CreateWorkloadOperationMetadata").msgclass
       end
     end

data/proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads_v1beta1.rb

@@ -31,8 +31,8 @@ module Google
         #     Required. Assured Workload to create
         # @!attribute [rw] external_id
         #   @return [::String]
-        #     Optional. A identifier associated with the workload and underlying projects which
-        #     allows for the break down of billing costs for a workload. The value
+        #     Optional. A identifier associated with the workload and underlying projects
+        #     which allows for the break down of billing costs for a workload. The value
         #     provided for the identifier will add a label to the workload and contained
         #     projects with the identifier as the value.
         class CreateWorkloadRequest
@@ -73,8 +73,8 @@ module Google
         # Request for fetching a workload.
         # @!attribute [rw] name
         #   @return [::String]
-        #     Required. The resource name of the Workload to fetch. This is the workloads's
-        #     relative path in the API, formatted as
+        #     Required. The resource name of the Workload to fetch. This is the
+        #     workloads's relative path in the API, formatted as
         #     "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
         #     For example,
         #     "organizations/123/locations/us-east1/workloads/assured-workload-1".
@@ -158,16 +158,20 @@ module Google
         #     `billingAccounts/012345-567890-ABCDEF`.
         # @!attribute [rw] il4_settings
         #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::IL4Settings]
-        #     Required. Input only. Immutable. Settings specific to resources needed for IL4.
+        #     Required. Input only. Immutable. Settings specific to resources needed
+        #     for IL4.
         # @!attribute [rw] cjis_settings
         #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::CJISSettings]
-        #     Required. Input only. Immutable. Settings specific to resources needed for CJIS.
+        #     Required. Input only. Immutable. Settings specific to resources needed
+        #     for CJIS.
         # @!attribute [rw] fedramp_high_settings
         #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampHighSettings]
-        #     Required. Input only. Immutable. Settings specific to resources needed for FedRAMP High.
+        #     Required. Input only. Immutable. Settings specific to resources needed
+        #     for FedRAMP High.
         # @!attribute [rw] fedramp_moderate_settings
         #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampModerateSettings]
-        #     Required. Input only. Immutable. Settings specific to resources needed for FedRAMP Moderate.
+        #     Required. Input only. Immutable. Settings specific to resources needed
+        #     for FedRAMP Moderate.
         # @!attribute [rw] etag
         #   @return [::String]
         #     Optional. ETag of the workload, it is calculated on the basis
@@ -177,22 +181,34 @@ module Google
         #     Optional. Labels applied to the workload.
         # @!attribute [rw] provisioned_resources_parent
         #   @return [::String]
-        #     Input only. The parent resource for the resources managed by this Assured Workload. May
-        #     be either empty or a folder resource which is a child of the
+        #     Input only. The parent resource for the resources managed by this Assured
+        #     Workload. May be either empty or a folder resource which is a child of the
         #     Workload parent. If not specified all resources are created under the
         #     parent organization.
         #     Format:
         #     folders/\\{folder_id}
         # @!attribute [rw] kms_settings
         #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
-        #     Input only. Settings used to create a CMEK crypto key. When set a project with a KMS
-        #     CMEK key is provisioned. This field is mandatory for a subset of Compliance
-        #     Regimes.
+        #     Input only. Settings used to create a CMEK crypto key. When set a project
+        #     with a KMS CMEK key is provisioned. This field is mandatory for a subset of
+        #     Compliance Regimes.
         # @!attribute [rw] resource_settings
         #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceSettings>]
-        #     Input only. Resource properties that are used to customize workload resources.
-        #     These properties (such as custom project id) will be used to create
-        #     workload resources if possible. This field is optional.
+        #     Input only. Resource properties that are used to customize workload
+        #     resources. These properties (such as custom project id) will be used to
+        #     create workload resources if possible. This field is optional.
+        # @!attribute [r] kaj_enrollment_state
+        #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KajEnrollmentState]
+        #     Output only. Represents the KAJ enrollment state of the given workload.
+        # @!attribute [rw] enable_sovereign_controls
+        #   @return [::Boolean]
+        #     Optional. Indicates the sovereignty status of the given workload.
+        #     Currently meant to be used by Europe/Canada customers.
+        # @!attribute [r] saa_enrollment_response
+        #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse]
+        #     Output only. Represents the SAA enrollment response of the given workload.
+        #     SAA enrollment response is queried during GetWorkload call.
+        #     In failure cases, user friendly error message is shown in SAA details page.
         class Workload
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -232,13 +248,14 @@ module Google
           # Settings specific to the Key Management Service.
           # @!attribute [rw] next_rotation_time
           #   @return [::Google::Protobuf::Timestamp]
-          #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
-          #     new version of the crypto key and mark it as the primary.
+          #     Required. Input only. Immutable. The time at which the Key Management
+          #     Service will automatically create a new version of the crypto key and
+          #     mark it as the primary.
           # @!attribute [rw] rotation_period
           #   @return [::Google::Protobuf::Duration]
-          #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
-          #     Management Service automatically rotates a key. Must be at least 24 hours
-          #     and at most 876,000 hours.
+          #     Required. Input only. Immutable. [next_rotation_time] will be advanced by
+          #     this period when the Key Management Service automatically rotates a key.
+          #     Must be at least 24 hours and at most 876,000 hours.
           class KMSSettings
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -247,7 +264,8 @@ module Google
           # Settings specific to resources needed for IL4.
           # @!attribute [rw] kms_settings
           #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
-          #     Required. Input only. Immutable. Settings used to create a CMEK crypto key.
+          #     Required. Input only. Immutable. Settings used to create a CMEK crypto
+          #     key.
           class IL4Settings
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -256,7 +274,8 @@ module Google
           # Settings specific to resources needed for CJIS.
           # @!attribute [rw] kms_settings
           #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
-          #     Required. Input only. Immutable. Settings used to create a CMEK crypto key.
+          #     Required. Input only. Immutable. Settings used to create a CMEK crypto
+          #     key.
           class CJISSettings
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -265,7 +284,8 @@ module Google
           # Settings specific to resources needed for FedRAMP High.
           # @!attribute [rw] kms_settings
           #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
-          #     Required. Input only. Immutable. Settings used to create a CMEK crypto key.
+          #     Required. Input only. Immutable. Settings used to create a CMEK crypto
+          #     key.
           class FedrampHighSettings
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -274,7 +294,8 @@ module Google
           # Settings specific to resources needed for FedRAMP Moderate.
           # @!attribute [rw] kms_settings
           #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
-          #     Required. Input only. Immutable. Settings used to create a CMEK crypto key.
+          #     Required. Input only. Immutable. Settings used to create a CMEK crypto
+          #     key.
           class FedrampModerateSettings
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -301,6 +322,51 @@ module Google
             extend ::Google::Protobuf::MessageExts::ClassMethods
           end
 
+          # Signed Access Approvals (SAA) enrollment response.
+          # @!attribute [rw] setup_status
+          #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
+          #     Indicates SAA enrollment status of a given workload.
+          # @!attribute [rw] setup_errors
+          #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
+          #     Indicates SAA enrollment setup error if any.
+          class SaaEnrollmentResponse
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+
+            # Setup state of SAA enrollment.
+            module SetupState
+              # Unspecified.
+              SETUP_STATE_UNSPECIFIED = 0
+
+              # SAA enrollment pending.
+              STATUS_PENDING = 1
+
+              # SAA enrollment comopleted.
+              STATUS_COMPLETE = 2
+            end
+
+            # Setup error of SAA enrollment.
+            module SetupError
+              # Unspecified.
+              SETUP_ERROR_UNSPECIFIED = 0
+
+              # Invalid states for all customers, to be redirected to AA UI for
+              # additional details.
+              ERROR_INVALID_BASE_SETUP = 1
+
+              # Returned when there is not an EKM key configured.
+              ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2
+
+              # Returned when there are no enrolled services or the customer is
+              # enrolled in CAA only for a subset of services.
+              ERROR_NOT_ALL_SERVICES_ENROLLED = 3
+
+              # Returned when exception was encountered during evaluation of other
+              # criteria.
+              ERROR_SETUP_CHECK_FAILED = 4
+            end
+          end
+
           # @!attribute [rw] key
           #   @return [::String]
           # @!attribute [rw] value
@@ -342,6 +408,18 @@ module Google
             # Assured Workloads For Canada Regions and Support controls
             CA_REGIONS_AND_SUPPORT = 9
           end
+
+          # Key Access Justifications(KAJ) Enrollment State.
+          module KajEnrollmentState
+            # Default State for KAJ Enrollment.
+            KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0
+
+            # Pending State for KAJ Enrollment.
+            KAJ_ENROLLMENT_STATE_PENDING = 1
+
+            # Complete State for KAJ Enrollment.
+            KAJ_ENROLLMENT_STATE_COMPLETE = 2
+          end
         end
 
         # Operation metadata to give request details of CreateWorkload.
@@ -356,12 +434,12 @@ module Google
         #     Optional. The parent of the workload.
         # @!attribute [rw] compliance_regime
         #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ComplianceRegime]
-        #     Optional. Compliance controls that should be applied to the resources managed by
-        #     the workload.
+        #     Optional. Compliance controls that should be applied to the resources
+        #     managed by the workload.
         # @!attribute [rw] resource_settings
         #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceSettings>]
-        #     Optional. Resource properties in the input that are used for creating/customizing
-        #     workload resources.
+        #     Optional. Resource properties in the input that are used for
+        #     creating/customizing workload resources.
         class CreateWorkloadOperationMetadata
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-assured_workloads-v1beta1
 version: !ruby/object:Gem::Version
-  version: 0.8.1
+  version: 0.9.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-11-08 00:00:00.000000000 Z
+date: 2021-12-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common