google-cloud-assured_workloads-v1beta1 0.10.0 → 0.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/google/cloud/assured_workloads/v1beta1/assured_workloads_service/client.rb +317 -23
- data/lib/google/cloud/assured_workloads/v1beta1/version.rb +1 -1
- data/lib/google/cloud/assuredworkloads/v1beta1/assuredworkloads_pb.rb +40 -4
- data/lib/google/cloud/assuredworkloads/v1beta1/assuredworkloads_service_pb.rb +24 -0
- data/lib/google/cloud/assuredworkloads/v1beta1/{assuredworkloads_services_pb.rb → assuredworkloads_service_services_pb.rb} +23 -3
- data/proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb +150 -39
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f479122bff9a64722a6a5f757e0cc4068534e9302a40b4d16397d19a5fffbb89
|
|
4
|
+
data.tar.gz: aea0101fb0ef24be06df4ebf439a87c19898fe77483c43498677a570deff46a2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 682c3223f92d0eb6b8c278fde284328e66ca2719e32c07808d02b0d743f9db91363bf9c58f80dd2b53aed0194b8e2825e229a1b1362359565764752409cf2bf4
|
|
7
|
+
data.tar.gz: 137603dbf018c4dd70a067d9a820956f1044a43815f9e4825703c903e08dc57baa5f67ece3e8fc869c3dd5772c5e1767ac18b3ed06f0f516d627104a2007cca3
|
|
@@ -17,7 +17,7 @@
|
|
|
17
17
|
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
|
18
18
|
|
|
19
19
|
require "google/cloud/errors"
|
|
20
|
-
require "google/cloud/assuredworkloads/v1beta1/
|
|
20
|
+
require "google/cloud/assuredworkloads/v1beta1/assuredworkloads_service_pb"
|
|
21
21
|
|
|
22
22
|
module Google
|
|
23
23
|
module Cloud
|
|
@@ -78,6 +78,11 @@ module Google
|
|
|
78
78
|
initial_delay: 0.2, max_delay: 30.0, multiplier: 1.3, retry_codes: [14]
|
|
79
79
|
}
|
|
80
80
|
|
|
81
|
+
default_config.rpcs.analyze_workload_move.timeout = 60.0
|
|
82
|
+
default_config.rpcs.analyze_workload_move.retry_policy = {
|
|
83
|
+
initial_delay: 0.2, max_delay: 30.0, multiplier: 1.3, retry_codes: [14]
|
|
84
|
+
}
|
|
85
|
+
|
|
81
86
|
default_config.rpcs.list_workloads.timeout = 60.0
|
|
82
87
|
default_config.rpcs.list_workloads.retry_policy = {
|
|
83
88
|
initial_delay: 0.2, max_delay: 30.0, multiplier: 1.3, retry_codes: [14]
|
|
@@ -130,7 +135,7 @@ module Google
|
|
|
130
135
|
# the gRPC module only when it's required.
|
|
131
136
|
# See https://github.com/googleapis/toolkit/issues/446
|
|
132
137
|
require "gapic/grpc"
|
|
133
|
-
require "google/cloud/assuredworkloads/v1beta1/
|
|
138
|
+
require "google/cloud/assuredworkloads/v1beta1/assuredworkloads_service_services_pb"
|
|
134
139
|
|
|
135
140
|
# Create the configuration object
|
|
136
141
|
@config = Configuration.new Client.configure
|
|
@@ -200,8 +205,8 @@ module Google
|
|
|
200
205
|
# @param workload [::Google::Cloud::AssuredWorkloads::V1beta1::Workload, ::Hash]
|
|
201
206
|
# Required. Assured Workload to create
|
|
202
207
|
# @param external_id [::String]
|
|
203
|
-
# Optional. A identifier associated with the workload and underlying projects
|
|
204
|
-
#
|
|
208
|
+
# Optional. A identifier associated with the workload and underlying projects which
|
|
209
|
+
# allows for the break down of billing costs for a workload. The value
|
|
205
210
|
# provided for the identifier will add a label to the workload and contained
|
|
206
211
|
# projects with the identifier as the value.
|
|
207
212
|
#
|
|
@@ -300,7 +305,7 @@ module Google
|
|
|
300
305
|
#
|
|
301
306
|
# @param workload [::Google::Cloud::AssuredWorkloads::V1beta1::Workload, ::Hash]
|
|
302
307
|
# Required. The workload to update.
|
|
303
|
-
# The workload
|
|
308
|
+
# The workload's `name` field is used to identify the workload to be updated.
|
|
304
309
|
# Format:
|
|
305
310
|
# organizations/\\{org_id}/locations/\\{location_id}/workloads/\\{workload_id}
|
|
306
311
|
# @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
|
|
@@ -370,10 +375,197 @@ module Google
|
|
|
370
375
|
raise ::Google::Cloud::Error.from_error(e)
|
|
371
376
|
end
|
|
372
377
|
|
|
378
|
+
##
|
|
379
|
+
# Restrict the list of services allowed in the Workload environment.
|
|
380
|
+
# The current list of allowed services can be found at
|
|
381
|
+
# https://cloud.google.com/assured-workloads/docs/supported-products
|
|
382
|
+
# In addition to assuredworkloads.workload.update permission, the user should
|
|
383
|
+
# also have orgpolicy.policy.set permission on the folder resource
|
|
384
|
+
# to use this functionality.
|
|
385
|
+
#
|
|
386
|
+
# @overload restrict_allowed_services(request, options = nil)
|
|
387
|
+
# Pass arguments to `restrict_allowed_services` via a request object, either of type
|
|
388
|
+
# {::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedServicesRequest} or an equivalent Hash.
|
|
389
|
+
#
|
|
390
|
+
# @param request [::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedServicesRequest, ::Hash]
|
|
391
|
+
# A request object representing the call parameters. Required. To specify no
|
|
392
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
393
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
394
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
|
395
|
+
#
|
|
396
|
+
# @overload restrict_allowed_services(name: nil, restriction_type: nil)
|
|
397
|
+
# Pass arguments to `restrict_allowed_services` via keyword arguments. Note that at
|
|
398
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
399
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
400
|
+
#
|
|
401
|
+
# @param name [::String]
|
|
402
|
+
# Required. The resource name of the Workload. This is the workloads's
|
|
403
|
+
# relative path in the API, formatted as
|
|
404
|
+
# "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
|
|
405
|
+
# For example,
|
|
406
|
+
# "organizations/123/locations/us-east1/workloads/assured-workload-1".
|
|
407
|
+
# @param restriction_type [::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedServicesRequest::RestrictionType]
|
|
408
|
+
# Required. The type of restriction for using gcp services in the Workload environment.
|
|
409
|
+
#
|
|
410
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
|
411
|
+
# @yieldparam response [::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedServicesResponse]
|
|
412
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
|
413
|
+
#
|
|
414
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedServicesResponse]
|
|
415
|
+
#
|
|
416
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
|
417
|
+
#
|
|
418
|
+
# @example Basic example
|
|
419
|
+
# require "google/cloud/assured_workloads/v1beta1"
|
|
420
|
+
#
|
|
421
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
422
|
+
# client = Google::Cloud::AssuredWorkloads::V1beta1::AssuredWorkloadsService::Client.new
|
|
423
|
+
#
|
|
424
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
425
|
+
# request = Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedServicesRequest.new
|
|
426
|
+
#
|
|
427
|
+
# # Call the restrict_allowed_services method.
|
|
428
|
+
# result = client.restrict_allowed_services request
|
|
429
|
+
#
|
|
430
|
+
# # The returned object is of type Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedServicesResponse.
|
|
431
|
+
# p result
|
|
432
|
+
#
|
|
433
|
+
def restrict_allowed_services request, options = nil
|
|
434
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
435
|
+
|
|
436
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedServicesRequest
|
|
437
|
+
|
|
438
|
+
# Converts hash and nil to an options object
|
|
439
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
440
|
+
|
|
441
|
+
# Customize the options with defaults
|
|
442
|
+
metadata = @config.rpcs.restrict_allowed_services.metadata.to_h
|
|
443
|
+
|
|
444
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
|
445
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
446
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
447
|
+
gapic_version: ::Google::Cloud::AssuredWorkloads::V1beta1::VERSION
|
|
448
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
449
|
+
|
|
450
|
+
options.apply_defaults timeout: @config.rpcs.restrict_allowed_services.timeout,
|
|
451
|
+
metadata: metadata,
|
|
452
|
+
retry_policy: @config.rpcs.restrict_allowed_services.retry_policy
|
|
453
|
+
|
|
454
|
+
options.apply_defaults timeout: @config.timeout,
|
|
455
|
+
metadata: @config.metadata,
|
|
456
|
+
retry_policy: @config.retry_policy
|
|
457
|
+
|
|
458
|
+
@assured_workloads_service_stub.call_rpc :restrict_allowed_services, request, options: options do |response, operation|
|
|
459
|
+
yield response, operation if block_given?
|
|
460
|
+
return response
|
|
461
|
+
end
|
|
462
|
+
rescue ::GRPC::BadStatus => e
|
|
463
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
464
|
+
end
|
|
465
|
+
|
|
466
|
+
##
|
|
467
|
+
# Restrict the list of resources allowed in the Workload environment.
|
|
468
|
+
# The current list of allowed products can be found at
|
|
469
|
+
# https://cloud.google.com/assured-workloads/docs/supported-products
|
|
470
|
+
# In addition to assuredworkloads.workload.update permission, the user should
|
|
471
|
+
# also have orgpolicy.policy.set permission on the folder resource
|
|
472
|
+
# to use this functionality.
|
|
473
|
+
#
|
|
474
|
+
# @overload restrict_allowed_resources(request, options = nil)
|
|
475
|
+
# Pass arguments to `restrict_allowed_resources` via a request object, either of type
|
|
476
|
+
# {::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedResourcesRequest} or an equivalent Hash.
|
|
477
|
+
#
|
|
478
|
+
# @param request [::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedResourcesRequest, ::Hash]
|
|
479
|
+
# A request object representing the call parameters. Required. To specify no
|
|
480
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
481
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
482
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
|
483
|
+
#
|
|
484
|
+
# @overload restrict_allowed_resources(name: nil, restriction_type: nil)
|
|
485
|
+
# Pass arguments to `restrict_allowed_resources` via keyword arguments. Note that at
|
|
486
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
487
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
488
|
+
#
|
|
489
|
+
# @param name [::String]
|
|
490
|
+
# Required. The resource name of the Workload. This is the workloads's
|
|
491
|
+
# relative path in the API, formatted as
|
|
492
|
+
# "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
|
|
493
|
+
# For example,
|
|
494
|
+
# "organizations/123/locations/us-east1/workloads/assured-workload-1".
|
|
495
|
+
# @param restriction_type [::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedResourcesRequest::RestrictionType]
|
|
496
|
+
# Required. The type of restriction for using gcp products in the Workload environment.
|
|
497
|
+
#
|
|
498
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
|
499
|
+
# @yieldparam response [::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedResourcesResponse]
|
|
500
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
|
501
|
+
#
|
|
502
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedResourcesResponse]
|
|
503
|
+
#
|
|
504
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
|
505
|
+
#
|
|
506
|
+
# @example Basic example
|
|
507
|
+
# require "google/cloud/assured_workloads/v1beta1"
|
|
508
|
+
#
|
|
509
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
510
|
+
# client = Google::Cloud::AssuredWorkloads::V1beta1::AssuredWorkloadsService::Client.new
|
|
511
|
+
#
|
|
512
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
513
|
+
# request = Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedResourcesRequest.new
|
|
514
|
+
#
|
|
515
|
+
# # Call the restrict_allowed_resources method.
|
|
516
|
+
# result = client.restrict_allowed_resources request
|
|
517
|
+
#
|
|
518
|
+
# # The returned object is of type Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedResourcesResponse.
|
|
519
|
+
# p result
|
|
520
|
+
#
|
|
521
|
+
def restrict_allowed_resources request, options = nil
|
|
522
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
523
|
+
|
|
524
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedResourcesRequest
|
|
525
|
+
|
|
526
|
+
# Converts hash and nil to an options object
|
|
527
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
528
|
+
|
|
529
|
+
# Customize the options with defaults
|
|
530
|
+
metadata = @config.rpcs.restrict_allowed_resources.metadata.to_h
|
|
531
|
+
|
|
532
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
|
533
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
534
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
535
|
+
gapic_version: ::Google::Cloud::AssuredWorkloads::V1beta1::VERSION
|
|
536
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
537
|
+
|
|
538
|
+
header_params = {}
|
|
539
|
+
if request.name
|
|
540
|
+
header_params["name"] = request.name
|
|
541
|
+
end
|
|
542
|
+
|
|
543
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
|
544
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
|
545
|
+
|
|
546
|
+
options.apply_defaults timeout: @config.rpcs.restrict_allowed_resources.timeout,
|
|
547
|
+
metadata: metadata,
|
|
548
|
+
retry_policy: @config.rpcs.restrict_allowed_resources.retry_policy
|
|
549
|
+
|
|
550
|
+
options.apply_defaults timeout: @config.timeout,
|
|
551
|
+
metadata: @config.metadata,
|
|
552
|
+
retry_policy: @config.retry_policy
|
|
553
|
+
|
|
554
|
+
@assured_workloads_service_stub.call_rpc :restrict_allowed_resources, request, options: options do |response, operation|
|
|
555
|
+
yield response, operation if block_given?
|
|
556
|
+
return response
|
|
557
|
+
end
|
|
558
|
+
rescue ::GRPC::BadStatus => e
|
|
559
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
560
|
+
end
|
|
561
|
+
|
|
373
562
|
##
|
|
374
563
|
# Deletes the workload. Make sure that workload's direct children are already
|
|
375
564
|
# in a deleted state, otherwise the request will fail with a
|
|
376
565
|
# FAILED_PRECONDITION error.
|
|
566
|
+
# In addition to assuredworkloads.workload.delete permission, the user should
|
|
567
|
+
# also have orgpolicy.policy.set permission on the deleted folder to remove
|
|
568
|
+
# Assured Workloads OrgPolicies.
|
|
377
569
|
#
|
|
378
570
|
# @overload delete_workload(request, options = nil)
|
|
379
571
|
# Pass arguments to `delete_workload` via a request object, either of type
|
|
@@ -481,8 +673,8 @@ module Google
|
|
|
481
673
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
482
674
|
#
|
|
483
675
|
# @param name [::String]
|
|
484
|
-
# Required. The resource name of the Workload to fetch. This is the
|
|
485
|
-
#
|
|
676
|
+
# Required. The resource name of the Workload to fetch. This is the workloads's
|
|
677
|
+
# relative path in the API, formatted as
|
|
486
678
|
# "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
|
|
487
679
|
# For example,
|
|
488
680
|
# "organizations/123/locations/us-east1/workloads/assured-workload-1".
|
|
@@ -527,14 +719,6 @@ module Google
|
|
|
527
719
|
gapic_version: ::Google::Cloud::AssuredWorkloads::V1beta1::VERSION
|
|
528
720
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
529
721
|
|
|
530
|
-
header_params = {}
|
|
531
|
-
if request.name
|
|
532
|
-
header_params["name"] = request.name
|
|
533
|
-
end
|
|
534
|
-
|
|
535
|
-
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
|
536
|
-
metadata[:"x-goog-request-params"] ||= request_params_header
|
|
537
|
-
|
|
538
722
|
options.apply_defaults timeout: @config.rpcs.get_workload.timeout,
|
|
539
723
|
metadata: metadata,
|
|
540
724
|
retry_policy: @config.rpcs.get_workload.retry_policy
|
|
@@ -551,6 +735,103 @@ module Google
|
|
|
551
735
|
raise ::Google::Cloud::Error.from_error(e)
|
|
552
736
|
end
|
|
553
737
|
|
|
738
|
+
##
|
|
739
|
+
# Analyze if the source Assured Workloads can be moved to the target Assured
|
|
740
|
+
# Workload
|
|
741
|
+
#
|
|
742
|
+
# @overload analyze_workload_move(request, options = nil)
|
|
743
|
+
# Pass arguments to `analyze_workload_move` via a request object, either of type
|
|
744
|
+
# {::Google::Cloud::AssuredWorkloads::V1beta1::AnalyzeWorkloadMoveRequest} or an equivalent Hash.
|
|
745
|
+
#
|
|
746
|
+
# @param request [::Google::Cloud::AssuredWorkloads::V1beta1::AnalyzeWorkloadMoveRequest, ::Hash]
|
|
747
|
+
# A request object representing the call parameters. Required. To specify no
|
|
748
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
749
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
750
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
|
751
|
+
#
|
|
752
|
+
# @overload analyze_workload_move(source: nil, project: nil, target: nil)
|
|
753
|
+
# Pass arguments to `analyze_workload_move` via keyword arguments. Note that at
|
|
754
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
755
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
756
|
+
#
|
|
757
|
+
# @param source [::String]
|
|
758
|
+
# The Source is project based Workload to be moved. This is the workloads's
|
|
759
|
+
# relative path in the API, formatted as
|
|
760
|
+
# "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
|
|
761
|
+
# For example,
|
|
762
|
+
# "organizations/123/locations/us-east1/workloads/assured-workload-1".
|
|
763
|
+
# @param project [::String]
|
|
764
|
+
# The Source is a project based to be moved.
|
|
765
|
+
# This is the project's relative path in the API, formatted as
|
|
766
|
+
# "cloudresourcemanager.googleapis.com/projects/\\{project_number}"
|
|
767
|
+
# "projects/\\{project_number}"
|
|
768
|
+
# "cloudresourcemanager.googleapis.com/projects/\\{project_id}"
|
|
769
|
+
# "projects/\\{project_id}"
|
|
770
|
+
# For example,
|
|
771
|
+
# "organizations/123/locations/us-east1/workloads/assured-workload-1".
|
|
772
|
+
# @param target [::String]
|
|
773
|
+
# Required. The resource name of the Workload to fetch. This is the workloads's
|
|
774
|
+
# relative path in the API, formatted as
|
|
775
|
+
# "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
|
|
776
|
+
# For example,
|
|
777
|
+
# "organizations/123/locations/us-east1/workloads/assured-workload-2".
|
|
778
|
+
#
|
|
779
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
|
780
|
+
# @yieldparam response [::Google::Cloud::AssuredWorkloads::V1beta1::AnalyzeWorkloadMoveResponse]
|
|
781
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
|
782
|
+
#
|
|
783
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::AnalyzeWorkloadMoveResponse]
|
|
784
|
+
#
|
|
785
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
|
786
|
+
#
|
|
787
|
+
# @example Basic example
|
|
788
|
+
# require "google/cloud/assured_workloads/v1beta1"
|
|
789
|
+
#
|
|
790
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
791
|
+
# client = Google::Cloud::AssuredWorkloads::V1beta1::AssuredWorkloadsService::Client.new
|
|
792
|
+
#
|
|
793
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
794
|
+
# request = Google::Cloud::AssuredWorkloads::V1beta1::AnalyzeWorkloadMoveRequest.new
|
|
795
|
+
#
|
|
796
|
+
# # Call the analyze_workload_move method.
|
|
797
|
+
# result = client.analyze_workload_move request
|
|
798
|
+
#
|
|
799
|
+
# # The returned object is of type Google::Cloud::AssuredWorkloads::V1beta1::AnalyzeWorkloadMoveResponse.
|
|
800
|
+
# p result
|
|
801
|
+
#
|
|
802
|
+
def analyze_workload_move request, options = nil
|
|
803
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
804
|
+
|
|
805
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::AssuredWorkloads::V1beta1::AnalyzeWorkloadMoveRequest
|
|
806
|
+
|
|
807
|
+
# Converts hash and nil to an options object
|
|
808
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
809
|
+
|
|
810
|
+
# Customize the options with defaults
|
|
811
|
+
metadata = @config.rpcs.analyze_workload_move.metadata.to_h
|
|
812
|
+
|
|
813
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
|
814
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
815
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
816
|
+
gapic_version: ::Google::Cloud::AssuredWorkloads::V1beta1::VERSION
|
|
817
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
818
|
+
|
|
819
|
+
options.apply_defaults timeout: @config.rpcs.analyze_workload_move.timeout,
|
|
820
|
+
metadata: metadata,
|
|
821
|
+
retry_policy: @config.rpcs.analyze_workload_move.retry_policy
|
|
822
|
+
|
|
823
|
+
options.apply_defaults timeout: @config.timeout,
|
|
824
|
+
metadata: @config.metadata,
|
|
825
|
+
retry_policy: @config.retry_policy
|
|
826
|
+
|
|
827
|
+
@assured_workloads_service_stub.call_rpc :analyze_workload_move, request, options: options do |response, operation|
|
|
828
|
+
yield response, operation if block_given?
|
|
829
|
+
return response
|
|
830
|
+
end
|
|
831
|
+
rescue ::GRPC::BadStatus => e
|
|
832
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
833
|
+
end
|
|
834
|
+
|
|
554
835
|
##
|
|
555
836
|
# Lists Assured Workloads under a CRM Node.
|
|
556
837
|
#
|
|
@@ -628,14 +909,6 @@ module Google
|
|
|
628
909
|
gapic_version: ::Google::Cloud::AssuredWorkloads::V1beta1::VERSION
|
|
629
910
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
630
911
|
|
|
631
|
-
header_params = {}
|
|
632
|
-
if request.parent
|
|
633
|
-
header_params["parent"] = request.parent
|
|
634
|
-
end
|
|
635
|
-
|
|
636
|
-
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
|
637
|
-
metadata[:"x-goog-request-params"] ||= request_params_header
|
|
638
|
-
|
|
639
912
|
options.apply_defaults timeout: @config.rpcs.list_workloads.timeout,
|
|
640
913
|
metadata: metadata,
|
|
641
914
|
retry_policy: @config.rpcs.list_workloads.retry_policy
|
|
@@ -799,6 +1072,16 @@ module Google
|
|
|
799
1072
|
#
|
|
800
1073
|
attr_reader :update_workload
|
|
801
1074
|
##
|
|
1075
|
+
# RPC-specific configuration for `restrict_allowed_services`
|
|
1076
|
+
# @return [::Gapic::Config::Method]
|
|
1077
|
+
#
|
|
1078
|
+
attr_reader :restrict_allowed_services
|
|
1079
|
+
##
|
|
1080
|
+
# RPC-specific configuration for `restrict_allowed_resources`
|
|
1081
|
+
# @return [::Gapic::Config::Method]
|
|
1082
|
+
#
|
|
1083
|
+
attr_reader :restrict_allowed_resources
|
|
1084
|
+
##
|
|
802
1085
|
# RPC-specific configuration for `delete_workload`
|
|
803
1086
|
# @return [::Gapic::Config::Method]
|
|
804
1087
|
#
|
|
@@ -809,6 +1092,11 @@ module Google
|
|
|
809
1092
|
#
|
|
810
1093
|
attr_reader :get_workload
|
|
811
1094
|
##
|
|
1095
|
+
# RPC-specific configuration for `analyze_workload_move`
|
|
1096
|
+
# @return [::Gapic::Config::Method]
|
|
1097
|
+
#
|
|
1098
|
+
attr_reader :analyze_workload_move
|
|
1099
|
+
##
|
|
812
1100
|
# RPC-specific configuration for `list_workloads`
|
|
813
1101
|
# @return [::Gapic::Config::Method]
|
|
814
1102
|
#
|
|
@@ -820,10 +1108,16 @@ module Google
|
|
|
820
1108
|
@create_workload = ::Gapic::Config::Method.new create_workload_config
|
|
821
1109
|
update_workload_config = parent_rpcs.update_workload if parent_rpcs.respond_to? :update_workload
|
|
822
1110
|
@update_workload = ::Gapic::Config::Method.new update_workload_config
|
|
1111
|
+
restrict_allowed_services_config = parent_rpcs.restrict_allowed_services if parent_rpcs.respond_to? :restrict_allowed_services
|
|
1112
|
+
@restrict_allowed_services = ::Gapic::Config::Method.new restrict_allowed_services_config
|
|
1113
|
+
restrict_allowed_resources_config = parent_rpcs.restrict_allowed_resources if parent_rpcs.respond_to? :restrict_allowed_resources
|
|
1114
|
+
@restrict_allowed_resources = ::Gapic::Config::Method.new restrict_allowed_resources_config
|
|
823
1115
|
delete_workload_config = parent_rpcs.delete_workload if parent_rpcs.respond_to? :delete_workload
|
|
824
1116
|
@delete_workload = ::Gapic::Config::Method.new delete_workload_config
|
|
825
1117
|
get_workload_config = parent_rpcs.get_workload if parent_rpcs.respond_to? :get_workload
|
|
826
1118
|
@get_workload = ::Gapic::Config::Method.new get_workload_config
|
|
1119
|
+
analyze_workload_move_config = parent_rpcs.analyze_workload_move if parent_rpcs.respond_to? :analyze_workload_move
|
|
1120
|
+
@analyze_workload_move = ::Gapic::Config::Method.new analyze_workload_move_config
|
|
827
1121
|
list_workloads_config = parent_rpcs.list_workloads if parent_rpcs.respond_to? :list_workloads
|
|
828
1122
|
@list_workloads = ::Gapic::Config::Method.new list_workloads_config
|
|
829
1123
|
|
|
@@ -3,13 +3,9 @@
|
|
|
3
3
|
|
|
4
4
|
require 'google/protobuf'
|
|
5
5
|
|
|
6
|
-
require 'google/api/annotations_pb'
|
|
7
|
-
require 'google/api/client_pb'
|
|
8
6
|
require 'google/api/field_behavior_pb'
|
|
9
7
|
require 'google/api/resource_pb'
|
|
10
|
-
require 'google/longrunning/operations_pb'
|
|
11
8
|
require 'google/protobuf/duration_pb'
|
|
12
|
-
require 'google/protobuf/empty_pb'
|
|
13
9
|
require 'google/protobuf/field_mask_pb'
|
|
14
10
|
require 'google/protobuf/timestamp_pb'
|
|
15
11
|
|
|
@@ -24,6 +20,28 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
|
24
20
|
optional :workload, :message, 1, "google.cloud.assuredworkloads.v1beta1.Workload"
|
|
25
21
|
optional :update_mask, :message, 2, "google.protobuf.FieldMask"
|
|
26
22
|
end
|
|
23
|
+
add_message "google.cloud.assuredworkloads.v1beta1.RestrictAllowedServicesRequest" do
|
|
24
|
+
optional :name, :string, 1
|
|
25
|
+
optional :restriction_type, :enum, 2, "google.cloud.assuredworkloads.v1beta1.RestrictAllowedServicesRequest.RestrictionType"
|
|
26
|
+
end
|
|
27
|
+
add_enum "google.cloud.assuredworkloads.v1beta1.RestrictAllowedServicesRequest.RestrictionType" do
|
|
28
|
+
value :RESTRICTION_TYPE_UNSPECIFIED, 0
|
|
29
|
+
value :ALLOW_ALL_GCP_SERVICES, 1
|
|
30
|
+
value :ALLOW_COMPLIANT_SERVICES, 2
|
|
31
|
+
end
|
|
32
|
+
add_message "google.cloud.assuredworkloads.v1beta1.RestrictAllowedServicesResponse" do
|
|
33
|
+
end
|
|
34
|
+
add_message "google.cloud.assuredworkloads.v1beta1.RestrictAllowedResourcesRequest" do
|
|
35
|
+
optional :name, :string, 1
|
|
36
|
+
optional :restriction_type, :enum, 2, "google.cloud.assuredworkloads.v1beta1.RestrictAllowedResourcesRequest.RestrictionType"
|
|
37
|
+
end
|
|
38
|
+
add_enum "google.cloud.assuredworkloads.v1beta1.RestrictAllowedResourcesRequest.RestrictionType" do
|
|
39
|
+
value :RESTRICTION_TYPE_UNSPECIFIED, 0
|
|
40
|
+
value :ALLOW_ALL_GCP_RESOURCES, 1
|
|
41
|
+
value :ALLOW_COMPLIANT_RESOURCES, 2
|
|
42
|
+
end
|
|
43
|
+
add_message "google.cloud.assuredworkloads.v1beta1.RestrictAllowedResourcesResponse" do
|
|
44
|
+
end
|
|
27
45
|
add_message "google.cloud.assuredworkloads.v1beta1.DeleteWorkloadRequest" do
|
|
28
46
|
optional :name, :string, 1
|
|
29
47
|
optional :etag, :string, 2
|
|
@@ -31,6 +49,16 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
|
31
49
|
add_message "google.cloud.assuredworkloads.v1beta1.GetWorkloadRequest" do
|
|
32
50
|
optional :name, :string, 1
|
|
33
51
|
end
|
|
52
|
+
add_message "google.cloud.assuredworkloads.v1beta1.AnalyzeWorkloadMoveRequest" do
|
|
53
|
+
optional :target, :string, 2
|
|
54
|
+
oneof :projectOrWorkloadResource do
|
|
55
|
+
optional :source, :string, 1
|
|
56
|
+
optional :project, :string, 3
|
|
57
|
+
end
|
|
58
|
+
end
|
|
59
|
+
add_message "google.cloud.assuredworkloads.v1beta1.AnalyzeWorkloadMoveResponse" do
|
|
60
|
+
repeated :blockers, :string, 1
|
|
61
|
+
end
|
|
34
62
|
add_message "google.cloud.assuredworkloads.v1beta1.ListWorkloadsRequest" do
|
|
35
63
|
optional :parent, :string, 1
|
|
36
64
|
optional :page_size, :int32, 2
|
|
@@ -145,8 +173,16 @@ module Google
|
|
|
145
173
|
module V1beta1
|
|
146
174
|
CreateWorkloadRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.CreateWorkloadRequest").msgclass
|
|
147
175
|
UpdateWorkloadRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.UpdateWorkloadRequest").msgclass
|
|
176
|
+
RestrictAllowedServicesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.RestrictAllowedServicesRequest").msgclass
|
|
177
|
+
RestrictAllowedServicesRequest::RestrictionType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.RestrictAllowedServicesRequest.RestrictionType").enummodule
|
|
178
|
+
RestrictAllowedServicesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.RestrictAllowedServicesResponse").msgclass
|
|
179
|
+
RestrictAllowedResourcesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.RestrictAllowedResourcesRequest").msgclass
|
|
180
|
+
RestrictAllowedResourcesRequest::RestrictionType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.RestrictAllowedResourcesRequest.RestrictionType").enummodule
|
|
181
|
+
RestrictAllowedResourcesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.RestrictAllowedResourcesResponse").msgclass
|
|
148
182
|
DeleteWorkloadRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.DeleteWorkloadRequest").msgclass
|
|
149
183
|
GetWorkloadRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.GetWorkloadRequest").msgclass
|
|
184
|
+
AnalyzeWorkloadMoveRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.AnalyzeWorkloadMoveRequest").msgclass
|
|
185
|
+
AnalyzeWorkloadMoveResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.AnalyzeWorkloadMoveResponse").msgclass
|
|
150
186
|
ListWorkloadsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.ListWorkloadsRequest").msgclass
|
|
151
187
|
ListWorkloadsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.ListWorkloadsResponse").msgclass
|
|
152
188
|
Workload = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.assuredworkloads.v1beta1.Workload").msgclass
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
|
+
# source: google/cloud/assuredworkloads/v1beta1/assuredworkloads_service.proto
|
|
3
|
+
|
|
4
|
+
require 'google/protobuf'
|
|
5
|
+
|
|
6
|
+
require 'google/api/annotations_pb'
|
|
7
|
+
require 'google/api/client_pb'
|
|
8
|
+
require 'google/cloud/assuredworkloads/v1beta1/assuredworkloads_pb'
|
|
9
|
+
require 'google/longrunning/operations_pb'
|
|
10
|
+
require 'google/protobuf/empty_pb'
|
|
11
|
+
|
|
12
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
13
|
+
add_file("google/cloud/assuredworkloads/v1beta1/assuredworkloads_service.proto", :syntax => :proto3) do
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
module Google
|
|
18
|
+
module Cloud
|
|
19
|
+
module AssuredWorkloads
|
|
20
|
+
module V1beta1
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
|
-
# Source: google/cloud/assuredworkloads/v1beta1/
|
|
2
|
+
# Source: google/cloud/assuredworkloads/v1beta1/assuredworkloads_service.proto for package 'Google.Cloud.AssuredWorkloads.V1beta1'
|
|
3
3
|
# Original file comments:
|
|
4
|
-
# Copyright
|
|
4
|
+
# Copyright 2022 Google LLC
|
|
5
5
|
#
|
|
6
6
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
7
7
|
# you may not use this file except in compliance with the License.
|
|
@@ -17,7 +17,7 @@
|
|
|
17
17
|
#
|
|
18
18
|
|
|
19
19
|
require 'grpc'
|
|
20
|
-
require 'google/cloud/assuredworkloads/v1beta1/
|
|
20
|
+
require 'google/cloud/assuredworkloads/v1beta1/assuredworkloads_service_pb'
|
|
21
21
|
|
|
22
22
|
module Google
|
|
23
23
|
module Cloud
|
|
@@ -40,12 +40,32 @@ module Google
|
|
|
40
40
|
# For force updates don't set etag field in the Workload.
|
|
41
41
|
# Only one update operation per workload can be in progress.
|
|
42
42
|
rpc :UpdateWorkload, ::Google::Cloud::AssuredWorkloads::V1beta1::UpdateWorkloadRequest, ::Google::Cloud::AssuredWorkloads::V1beta1::Workload
|
|
43
|
+
# Restrict the list of services allowed in the Workload environment.
|
|
44
|
+
# The current list of allowed services can be found at
|
|
45
|
+
# https://cloud.google.com/assured-workloads/docs/supported-products
|
|
46
|
+
# In addition to assuredworkloads.workload.update permission, the user should
|
|
47
|
+
# also have orgpolicy.policy.set permission on the folder resource
|
|
48
|
+
# to use this functionality.
|
|
49
|
+
rpc :RestrictAllowedServices, ::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedServicesRequest, ::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedServicesResponse
|
|
50
|
+
# Restrict the list of resources allowed in the Workload environment.
|
|
51
|
+
# The current list of allowed products can be found at
|
|
52
|
+
# https://cloud.google.com/assured-workloads/docs/supported-products
|
|
53
|
+
# In addition to assuredworkloads.workload.update permission, the user should
|
|
54
|
+
# also have orgpolicy.policy.set permission on the folder resource
|
|
55
|
+
# to use this functionality.
|
|
56
|
+
rpc :RestrictAllowedResources, ::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedResourcesRequest, ::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedResourcesResponse
|
|
43
57
|
# Deletes the workload. Make sure that workload's direct children are already
|
|
44
58
|
# in a deleted state, otherwise the request will fail with a
|
|
45
59
|
# FAILED_PRECONDITION error.
|
|
60
|
+
# In addition to assuredworkloads.workload.delete permission, the user should
|
|
61
|
+
# also have orgpolicy.policy.set permission on the deleted folder to remove
|
|
62
|
+
# Assured Workloads OrgPolicies.
|
|
46
63
|
rpc :DeleteWorkload, ::Google::Cloud::AssuredWorkloads::V1beta1::DeleteWorkloadRequest, ::Google::Protobuf::Empty
|
|
47
64
|
# Gets Assured Workload associated with a CRM Node
|
|
48
65
|
rpc :GetWorkload, ::Google::Cloud::AssuredWorkloads::V1beta1::GetWorkloadRequest, ::Google::Cloud::AssuredWorkloads::V1beta1::Workload
|
|
66
|
+
# Analyze if the source Assured Workloads can be moved to the target Assured
|
|
67
|
+
# Workload
|
|
68
|
+
rpc :AnalyzeWorkloadMove, ::Google::Cloud::AssuredWorkloads::V1beta1::AnalyzeWorkloadMoveRequest, ::Google::Cloud::AssuredWorkloads::V1beta1::AnalyzeWorkloadMoveResponse
|
|
49
69
|
# Lists Assured Workloads under a CRM Node.
|
|
50
70
|
rpc :ListWorkloads, ::Google::Cloud::AssuredWorkloads::V1beta1::ListWorkloadsRequest, ::Google::Cloud::AssuredWorkloads::V1beta1::ListWorkloadsResponse
|
|
51
71
|
end
|
|
@@ -31,8 +31,8 @@ module Google
|
|
|
31
31
|
# Required. Assured Workload to create
|
|
32
32
|
# @!attribute [rw] external_id
|
|
33
33
|
# @return [::String]
|
|
34
|
-
# Optional. A identifier associated with the workload and underlying projects
|
|
35
|
-
#
|
|
34
|
+
# Optional. A identifier associated with the workload and underlying projects which
|
|
35
|
+
# allows for the break down of billing costs for a workload. The value
|
|
36
36
|
# provided for the identifier will add a label to the workload and contained
|
|
37
37
|
# projects with the identifier as the value.
|
|
38
38
|
class CreateWorkloadRequest
|
|
@@ -44,7 +44,7 @@ module Google
|
|
|
44
44
|
# @!attribute [rw] workload
|
|
45
45
|
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload]
|
|
46
46
|
# Required. The workload to update.
|
|
47
|
-
# The workload
|
|
47
|
+
# The workload's `name` field is used to identify the workload to be updated.
|
|
48
48
|
# Format:
|
|
49
49
|
# organizations/\\{org_id}/locations/\\{location_id}/workloads/\\{workload_id}
|
|
50
50
|
# @!attribute [rw] update_mask
|
|
@@ -55,6 +55,81 @@ module Google
|
|
|
55
55
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
56
56
|
end
|
|
57
57
|
|
|
58
|
+
# Request for restricting list of available services in Workload environment.
|
|
59
|
+
# @!attribute [rw] name
|
|
60
|
+
# @return [::String]
|
|
61
|
+
# Required. The resource name of the Workload. This is the workloads's
|
|
62
|
+
# relative path in the API, formatted as
|
|
63
|
+
# "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
|
|
64
|
+
# For example,
|
|
65
|
+
# "organizations/123/locations/us-east1/workloads/assured-workload-1".
|
|
66
|
+
# @!attribute [rw] restriction_type
|
|
67
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedServicesRequest::RestrictionType]
|
|
68
|
+
# Required. The type of restriction for using gcp services in the Workload environment.
|
|
69
|
+
class RestrictAllowedServicesRequest
|
|
70
|
+
include ::Google::Protobuf::MessageExts
|
|
71
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
72
|
+
|
|
73
|
+
# The type of restriction.
|
|
74
|
+
module RestrictionType
|
|
75
|
+
# Unknown restriction type.
|
|
76
|
+
RESTRICTION_TYPE_UNSPECIFIED = 0
|
|
77
|
+
|
|
78
|
+
# Allow the use all services. This effectively remove all restrictions
|
|
79
|
+
# placed on the Folder.
|
|
80
|
+
ALLOW_ALL_GCP_SERVICES = 1
|
|
81
|
+
|
|
82
|
+
# Based on Workload's compliance regime, allowed list changes.
|
|
83
|
+
# See - https://cloud.google.com/assured-workloads/docs/supported-products
|
|
84
|
+
# for the list of allowed services.
|
|
85
|
+
ALLOW_COMPLIANT_SERVICES = 2
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
# Response for restricting the list of allowed services.
|
|
90
|
+
class RestrictAllowedServicesResponse
|
|
91
|
+
include ::Google::Protobuf::MessageExts
|
|
92
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
# Request for restricting list of available resources in Workload environment.
|
|
96
|
+
# @!attribute [rw] name
|
|
97
|
+
# @return [::String]
|
|
98
|
+
# Required. The resource name of the Workload. This is the workloads's
|
|
99
|
+
# relative path in the API, formatted as
|
|
100
|
+
# "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
|
|
101
|
+
# For example,
|
|
102
|
+
# "organizations/123/locations/us-east1/workloads/assured-workload-1".
|
|
103
|
+
# @!attribute [rw] restriction_type
|
|
104
|
+
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::RestrictAllowedResourcesRequest::RestrictionType]
|
|
105
|
+
# Required. The type of restriction for using gcp products in the Workload environment.
|
|
106
|
+
class RestrictAllowedResourcesRequest
|
|
107
|
+
include ::Google::Protobuf::MessageExts
|
|
108
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
109
|
+
|
|
110
|
+
# The type of restriction.
|
|
111
|
+
module RestrictionType
|
|
112
|
+
# Unknown restriction type.
|
|
113
|
+
RESTRICTION_TYPE_UNSPECIFIED = 0
|
|
114
|
+
|
|
115
|
+
# Allow the use all of all gcp products, irrespective of the compliance
|
|
116
|
+
# posture. This effectively removes gcp.restrictServiceUsage OrgPolicy
|
|
117
|
+
# on the AssuredWorkloads Folder.
|
|
118
|
+
ALLOW_ALL_GCP_RESOURCES = 1
|
|
119
|
+
|
|
120
|
+
# Based on Workload's compliance regime, allowed list changes.
|
|
121
|
+
# See - https://cloud.google.com/assured-workloads/docs/supported-products
|
|
122
|
+
# for the list of supported resources.
|
|
123
|
+
ALLOW_COMPLIANT_RESOURCES = 2
|
|
124
|
+
end
|
|
125
|
+
end
|
|
126
|
+
|
|
127
|
+
# Response for restricting the list of allowed resources.
|
|
128
|
+
class RestrictAllowedResourcesResponse
|
|
129
|
+
include ::Google::Protobuf::MessageExts
|
|
130
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
131
|
+
end
|
|
132
|
+
|
|
58
133
|
# Request for deleting a Workload.
|
|
59
134
|
# @!attribute [rw] name
|
|
60
135
|
# @return [::String]
|
|
@@ -73,8 +148,8 @@ module Google
|
|
|
73
148
|
# Request for fetching a workload.
|
|
74
149
|
# @!attribute [rw] name
|
|
75
150
|
# @return [::String]
|
|
76
|
-
# Required. The resource name of the Workload to fetch. This is the
|
|
77
|
-
#
|
|
151
|
+
# Required. The resource name of the Workload to fetch. This is the workloads's
|
|
152
|
+
# relative path in the API, formatted as
|
|
78
153
|
# "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
|
|
79
154
|
# For example,
|
|
80
155
|
# "organizations/123/locations/us-east1/workloads/assured-workload-1".
|
|
@@ -83,6 +158,47 @@ module Google
|
|
|
83
158
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
84
159
|
end
|
|
85
160
|
|
|
161
|
+
# Request to check if source workload can be moved to target workload.
|
|
162
|
+
# @!attribute [rw] source
|
|
163
|
+
# @return [::String]
|
|
164
|
+
# The Source is project based Workload to be moved. This is the workloads's
|
|
165
|
+
# relative path in the API, formatted as
|
|
166
|
+
# "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
|
|
167
|
+
# For example,
|
|
168
|
+
# "organizations/123/locations/us-east1/workloads/assured-workload-1".
|
|
169
|
+
# @!attribute [rw] project
|
|
170
|
+
# @return [::String]
|
|
171
|
+
# The Source is a project based to be moved.
|
|
172
|
+
# This is the project's relative path in the API, formatted as
|
|
173
|
+
# "cloudresourcemanager.googleapis.com/projects/\\{project_number}"
|
|
174
|
+
# "projects/\\{project_number}"
|
|
175
|
+
# "cloudresourcemanager.googleapis.com/projects/\\{project_id}"
|
|
176
|
+
# "projects/\\{project_id}"
|
|
177
|
+
# For example,
|
|
178
|
+
# "organizations/123/locations/us-east1/workloads/assured-workload-1".
|
|
179
|
+
# @!attribute [rw] target
|
|
180
|
+
# @return [::String]
|
|
181
|
+
# Required. The resource name of the Workload to fetch. This is the workloads's
|
|
182
|
+
# relative path in the API, formatted as
|
|
183
|
+
# "organizations/\\{organization_id}/locations/\\{location_id}/workloads/\\{workload_id}".
|
|
184
|
+
# For example,
|
|
185
|
+
# "organizations/123/locations/us-east1/workloads/assured-workload-2".
|
|
186
|
+
class AnalyzeWorkloadMoveRequest
|
|
187
|
+
include ::Google::Protobuf::MessageExts
|
|
188
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
189
|
+
end
|
|
190
|
+
|
|
191
|
+
# Response with the analysis if the source workload can be moved to the target
|
|
192
|
+
# workload
|
|
193
|
+
# @!attribute [rw] blockers
|
|
194
|
+
# @return [::Array<::String>]
|
|
195
|
+
# List of blockers that prevent moving the source workload to the target
|
|
196
|
+
# workload
|
|
197
|
+
class AnalyzeWorkloadMoveResponse
|
|
198
|
+
include ::Google::Protobuf::MessageExts
|
|
199
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
200
|
+
end
|
|
201
|
+
|
|
86
202
|
# Request for fetching workloads in an organization.
|
|
87
203
|
# @!attribute [rw] parent
|
|
88
204
|
# @return [::String]
|
|
@@ -158,20 +274,16 @@ module Google
|
|
|
158
274
|
# `billingAccounts/012345-567890-ABCDEF`.
|
|
159
275
|
# @!attribute [rw] il4_settings
|
|
160
276
|
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::IL4Settings]
|
|
161
|
-
#
|
|
162
|
-
# for IL4.
|
|
277
|
+
# Input only. Immutable. Settings specific to resources needed for IL4.
|
|
163
278
|
# @!attribute [rw] cjis_settings
|
|
164
279
|
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::CJISSettings]
|
|
165
|
-
#
|
|
166
|
-
# for CJIS.
|
|
280
|
+
# Input only. Immutable. Settings specific to resources needed for CJIS.
|
|
167
281
|
# @!attribute [rw] fedramp_high_settings
|
|
168
282
|
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampHighSettings]
|
|
169
|
-
#
|
|
170
|
-
# for FedRAMP High.
|
|
283
|
+
# Input only. Immutable. Settings specific to resources needed for FedRAMP High.
|
|
171
284
|
# @!attribute [rw] fedramp_moderate_settings
|
|
172
285
|
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampModerateSettings]
|
|
173
|
-
#
|
|
174
|
-
# for FedRAMP Moderate.
|
|
286
|
+
# Input only. Immutable. Settings specific to resources needed for FedRAMP Moderate.
|
|
175
287
|
# @!attribute [rw] etag
|
|
176
288
|
# @return [::String]
|
|
177
289
|
# Optional. ETag of the workload, it is calculated on the basis
|
|
@@ -181,22 +293,24 @@ module Google
|
|
|
181
293
|
# Optional. Labels applied to the workload.
|
|
182
294
|
# @!attribute [rw] provisioned_resources_parent
|
|
183
295
|
# @return [::String]
|
|
184
|
-
# Input only. The parent resource for the resources managed by this Assured
|
|
185
|
-
#
|
|
296
|
+
# Input only. The parent resource for the resources managed by this Assured Workload. May
|
|
297
|
+
# be either empty or a folder resource which is a child of the
|
|
186
298
|
# Workload parent. If not specified all resources are created under the
|
|
187
299
|
# parent organization.
|
|
188
300
|
# Format:
|
|
189
301
|
# folders/\\{folder_id}
|
|
190
302
|
# @!attribute [rw] kms_settings
|
|
191
303
|
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
|
|
192
|
-
# Input only. Settings used to create a CMEK crypto key. When set a project
|
|
193
|
-
#
|
|
194
|
-
#
|
|
304
|
+
# Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS
|
|
305
|
+
# CMEK key is provisioned.
|
|
306
|
+
# This field is deprecated as of Feb 28, 2022.
|
|
307
|
+
# In order to create a Keyring, callers should specify,
|
|
308
|
+
# ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.
|
|
195
309
|
# @!attribute [rw] resource_settings
|
|
196
310
|
# @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceSettings>]
|
|
197
|
-
# Input only. Resource properties that are used to customize workload
|
|
198
|
-
#
|
|
199
|
-
#
|
|
311
|
+
# Input only. Resource properties that are used to customize workload resources.
|
|
312
|
+
# These properties (such as custom project id) will be used to create
|
|
313
|
+
# workload resources if possible. This field is optional.
|
|
200
314
|
# @!attribute [r] kaj_enrollment_state
|
|
201
315
|
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KajEnrollmentState]
|
|
202
316
|
# Output only. Represents the KAJ enrollment state of the given workload.
|
|
@@ -248,14 +362,13 @@ module Google
|
|
|
248
362
|
# Settings specific to the Key Management Service.
|
|
249
363
|
# @!attribute [rw] next_rotation_time
|
|
250
364
|
# @return [::Google::Protobuf::Timestamp]
|
|
251
|
-
# Required. Input only. Immutable. The time at which the Key Management
|
|
252
|
-
#
|
|
253
|
-
# mark it as the primary.
|
|
365
|
+
# Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
|
|
366
|
+
# new version of the crypto key and mark it as the primary.
|
|
254
367
|
# @!attribute [rw] rotation_period
|
|
255
368
|
# @return [::Google::Protobuf::Duration]
|
|
256
|
-
# Required. Input only. Immutable. [next_rotation_time] will be advanced by
|
|
257
|
-
#
|
|
258
|
-
#
|
|
369
|
+
# Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
|
|
370
|
+
# Management Service automatically rotates a key. Must be at least 24 hours
|
|
371
|
+
# and at most 876,000 hours.
|
|
259
372
|
class KMSSettings
|
|
260
373
|
include ::Google::Protobuf::MessageExts
|
|
261
374
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -264,8 +377,7 @@ module Google
|
|
|
264
377
|
# Settings specific to resources needed for IL4.
|
|
265
378
|
# @!attribute [rw] kms_settings
|
|
266
379
|
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
|
|
267
|
-
#
|
|
268
|
-
# key.
|
|
380
|
+
# Input only. Immutable. Settings used to create a CMEK crypto key.
|
|
269
381
|
class IL4Settings
|
|
270
382
|
include ::Google::Protobuf::MessageExts
|
|
271
383
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -274,8 +386,7 @@ module Google
|
|
|
274
386
|
# Settings specific to resources needed for CJIS.
|
|
275
387
|
# @!attribute [rw] kms_settings
|
|
276
388
|
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
|
|
277
|
-
#
|
|
278
|
-
# key.
|
|
389
|
+
# Input only. Immutable. Settings used to create a CMEK crypto key.
|
|
279
390
|
class CJISSettings
|
|
280
391
|
include ::Google::Protobuf::MessageExts
|
|
281
392
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -284,8 +395,7 @@ module Google
|
|
|
284
395
|
# Settings specific to resources needed for FedRAMP High.
|
|
285
396
|
# @!attribute [rw] kms_settings
|
|
286
397
|
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
|
|
287
|
-
#
|
|
288
|
-
# key.
|
|
398
|
+
# Input only. Immutable. Settings used to create a CMEK crypto key.
|
|
289
399
|
class FedrampHighSettings
|
|
290
400
|
include ::Google::Protobuf::MessageExts
|
|
291
401
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -294,8 +404,7 @@ module Google
|
|
|
294
404
|
# Settings specific to resources needed for FedRAMP Moderate.
|
|
295
405
|
# @!attribute [rw] kms_settings
|
|
296
406
|
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
|
|
297
|
-
#
|
|
298
|
-
# key.
|
|
407
|
+
# Input only. Immutable. Settings used to create a CMEK crypto key.
|
|
299
408
|
class FedrampModerateSettings
|
|
300
409
|
include ::Google::Protobuf::MessageExts
|
|
301
410
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -307,6 +416,8 @@ module Google
|
|
|
307
416
|
# Resource identifier.
|
|
308
417
|
# For a project this represents project_id. If the project is already
|
|
309
418
|
# taken, the workload creation will fail.
|
|
419
|
+
# For KeyRing, this represents the keyring_id.
|
|
420
|
+
# For a folder, don't set this value as folder_id is assigned by Google.
|
|
310
421
|
# @!attribute [rw] resource_type
|
|
311
422
|
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
|
|
312
423
|
# Indicates the type of resource. This field should be specified to
|
|
@@ -437,12 +548,12 @@ module Google
|
|
|
437
548
|
# Optional. The parent of the workload.
|
|
438
549
|
# @!attribute [rw] compliance_regime
|
|
439
550
|
# @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ComplianceRegime]
|
|
440
|
-
# Optional. Compliance controls that should be applied to the resources
|
|
441
|
-
#
|
|
551
|
+
# Optional. Compliance controls that should be applied to the resources managed by
|
|
552
|
+
# the workload.
|
|
442
553
|
# @!attribute [rw] resource_settings
|
|
443
554
|
# @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceSettings>]
|
|
444
|
-
# Optional. Resource properties in the input that are used for
|
|
445
|
-
#
|
|
555
|
+
# Optional. Resource properties in the input that are used for creating/customizing
|
|
556
|
+
# workload resources.
|
|
446
557
|
class CreateWorkloadOperationMetadata
|
|
447
558
|
include ::Google::Protobuf::MessageExts
|
|
448
559
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: google-cloud-assured_workloads-v1beta1
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.11.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Google LLC
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-07-
|
|
11
|
+
date: 2022-07-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: gapic-common
|
|
@@ -179,7 +179,8 @@ files:
|
|
|
179
179
|
- lib/google/cloud/assured_workloads/v1beta1/assured_workloads_service/paths.rb
|
|
180
180
|
- lib/google/cloud/assured_workloads/v1beta1/version.rb
|
|
181
181
|
- lib/google/cloud/assuredworkloads/v1beta1/assuredworkloads_pb.rb
|
|
182
|
-
- lib/google/cloud/assuredworkloads/v1beta1/
|
|
182
|
+
- lib/google/cloud/assuredworkloads/v1beta1/assuredworkloads_service_pb.rb
|
|
183
|
+
- lib/google/cloud/assuredworkloads/v1beta1/assuredworkloads_service_services_pb.rb
|
|
183
184
|
- proto_docs/README.md
|
|
184
185
|
- proto_docs/google/api/field_behavior.rb
|
|
185
186
|
- proto_docs/google/api/resource.rb
|