google-cloud-bigtable 2.1.0 → 2.2.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a096cf8d1c1d26e38753da0ac165bdec3491bd821ce49da374b35362d5dc32a2
4
- data.tar.gz: b7c9b2b6832514c1861f8cd9c6af2e73b1c4c7c2fa1ce3354ff7dd125c769dea
3
+ metadata.gz: 864b31028834907aa872f0f5aec7a31a682e419c286744c1cc3243072597e739
4
+ data.tar.gz: 543de2a38416692f95400157b4ca67520b5a6765bed60dd1237b3be405a10d2e
5
5
  SHA512:
6
- metadata.gz: b40689f9ab7ef728fa6e156e2cd3c2aa8dbaa0e23adb957501ec2b016fc1dff0235485c2c95f2a9d2398bee9a070455fc36f55f2fcdd5cc4ebabb971c3155e66
7
- data.tar.gz: 33383bc875ced164d0f32e230653c03b2786ffaa00f024145bfb3ee1e067412e60eedb28814a2571d904e1c3706bea34c3cbc9129b7063c7259050ccd38eb2bb
6
+ metadata.gz: a62102b9792b017c396477aa79435a29b1c495e2234c8a34c6040c74883c9aaa7f07cf9e945606a139e7f8d032f57663da235a8a6f3e8922eeaad72f5a582b46
7
+ data.tar.gz: 5d474fd9b72cb0d2474be964d1c0af670266f577af221d6ae76256c34f935ec239040b824e2eadd7e391ad09fde511406f210f0e007796cea69e163d244827f9
@@ -1,5 +1,14 @@
1
1
  # Release History
2
2
 
3
+ ### 2.2.0 / 2020-11-11
4
+
5
+ #### Features
6
+
7
+ * Add Backup-level IAM Policy support
8
+ * Add Backup#policy
9
+ * Add Backup#update_policy
10
+ * Add Backup#test_iam_permissions
11
+
3
12
  ### 2.1.0 / 2020-09-17
4
13
 
5
14
  #### Features
@@ -18,6 +18,7 @@
18
18
  require "google/cloud/bigtable/backup/job"
19
19
  require "google/cloud/bigtable/backup/list"
20
20
  require "google/cloud/bigtable/convert"
21
+ require "google/cloud/bigtable/policy"
21
22
  require "google/cloud/bigtable/table/restore_job"
22
23
 
23
24
 
@@ -206,6 +207,126 @@ module Google
206
207
  state == :READY
207
208
  end
208
209
 
210
+ ##
211
+ # Gets the [Cloud IAM](https://cloud.google.com/iam/) access control
212
+ # policy for the backup.
213
+ #
214
+ # @see https://cloud.google.com/bigtable/docs/access-control
215
+ #
216
+ # @yield [policy] A block for updating the policy. The latest policy
217
+ # will be read from the Bigtable service and passed to the block. After
218
+ # the block completes, the modified policy will be written to the
219
+ # service.
220
+ # @yieldparam [Policy] policy the current Cloud IAM Policy for this
221
+ # backup.
222
+ #
223
+ # @return [Policy] The current Cloud IAM Policy for the backup.
224
+ #
225
+ # @example
226
+ # require "google/cloud/bigtable"
227
+ #
228
+ # bigtable = Google::Cloud::Bigtable.new
229
+ # instance = bigtable.instance("my-instance")
230
+ # cluster = instance.cluster("my-cluster")
231
+ #
232
+ # backup = cluster.backup("my-backup")
233
+ #
234
+ # policy = backup.policy
235
+ #
236
+ # @example Update the policy by passing a block.
237
+ # require "google/cloud/bigtable"
238
+ #
239
+ # bigtable = Google::Cloud::Bigtable.new
240
+ # instance = bigtable.instance("my-instance")
241
+ # cluster = instance.cluster("my-cluster")
242
+ #
243
+ # backup = cluster.backup("my-backup")
244
+ #
245
+ # backup.policy do |p|
246
+ # p.add("roles/owner", "user:owner@example.com")
247
+ # end # 2 API calls
248
+ #
249
+ def policy
250
+ ensure_service!
251
+ grpc = service.get_backup_policy instance_id, cluster_id, backup_id
252
+ policy = Policy.from_grpc grpc
253
+ return policy unless block_given?
254
+ yield policy
255
+ update_policy policy
256
+ end
257
+
258
+ ##
259
+ # Updates the [Cloud IAM](https://cloud.google.com/iam/) access control
260
+ # policy for the backup. The policy should be read from {#policy}.
261
+ # See {Google::Cloud::Bigtable::Policy} for an explanation of the policy
262
+ # `etag` property and how to modify policies.
263
+ #
264
+ # You can also update the policy by passing a block to {#policy}, which
265
+ # will call this method internally after the block completes.
266
+ #
267
+ # @param new_policy [Policy] a new or modified Cloud IAM Policy for this
268
+ # backup
269
+ #
270
+ # @return [Policy] The policy returned by the API update operation.
271
+ #
272
+ # @example
273
+ # require "google/cloud/bigtable"
274
+ #
275
+ # bigtable = Google::Cloud::Bigtable.new
276
+ # instance = bigtable.instance("my-instance")
277
+ # cluster = instance.cluster("my-cluster")
278
+ #
279
+ # backup = cluster.backup("my-backup")
280
+ #
281
+ # policy = backup.policy
282
+ # policy.add("roles/owner", "user:owner@example.com")
283
+ # updated_policy = backup.update_policy(policy)
284
+ #
285
+ # puts updated_policy.roles
286
+ #
287
+ def update_policy new_policy
288
+ ensure_service!
289
+ grpc = service.set_backup_policy instance_id, cluster_id, backup_id, new_policy.to_grpc
290
+ Policy.from_grpc grpc
291
+ end
292
+ alias policy= update_policy
293
+
294
+ ##
295
+ # Tests the specified permissions against the [Cloud
296
+ # IAM](https://cloud.google.com/iam/) access control policy.
297
+ #
298
+ # @see https://cloud.google.com/iam/docs/managing-policies Managing Policies
299
+ # @see https://cloud.google.com/bigtable/docs/access-control Access Control
300
+ #
301
+ # @param permissions [String, Array<String>] permissions The set of permissions to
302
+ # check access for. Permissions with wildcards (such as `*` or `bigtable.*`) are
303
+ # not allowed.
304
+ # See [Access Control](https://cloud.google.com/bigtable/docs/access-control).
305
+ #
306
+ # @return [Array<String>] The permissions that are configured for the policy.
307
+ #
308
+ # @example
309
+ # require "google/cloud/bigtable"
310
+ #
311
+ # bigtable = Google::Cloud::Bigtable.new
312
+ # instance = bigtable.instance("my-instance")
313
+ # cluster = instance.cluster("my-cluster")
314
+ #
315
+ # backup = cluster.backup("my-backup")
316
+ #
317
+ # permissions = backup.test_iam_permissions(
318
+ # "bigtable.backups.delete",
319
+ # "bigtable.backups.get"
320
+ # )
321
+ # permissions.include? "bigtable.backups.delete" #=> false
322
+ # permissions.include? "bigtable.backups.get" #=> true
323
+ #
324
+ def test_iam_permissions *permissions
325
+ ensure_service!
326
+ grpc = service.test_backup_permissions instance_id, cluster_id, backup_id, permissions.flatten
327
+ grpc.permissions.to_a
328
+ end
329
+
209
330
  ##
210
331
  # Creates a new table by restoring from a completed backup.
211
332
  #
@@ -515,6 +515,47 @@ module Google
515
515
  ignore_warnings: ignore_warnings
516
516
  end
517
517
 
518
+ ##
519
+ # Gets the access control policy for an backup resource. Returns an empty
520
+ # policy if an backup exists but does not have a policy set.
521
+ #
522
+ # @return [Google::Iam::V1::Policy]
523
+ #
524
+ def get_backup_policy instance_id, cluster_id, backup_id
525
+ tables.get_iam_policy resource: backup_path(instance_id, cluster_id, backup_id)
526
+ end
527
+
528
+ ##
529
+ # Sets the access control policy on an backup resource. Replaces any
530
+ # existing policy.
531
+ #
532
+ # @param policy [Google::Iam::V1::Policy | Hash]
533
+ # REQUIRED: The complete policy to be applied to the +resource+. The size of
534
+ # the policy is limited to a few 10s of KB. An empty policy is valid
535
+ # for Cloud Bigtable, but certain Cloud Platform services (such as Projects)
536
+ # might reject an empty policy.
537
+ # Alternatively, provide a hash similar to `Google::Iam::V1::Policy`.
538
+ # @return [Google::Iam::V1::Policy]
539
+ #
540
+ def set_backup_policy instance_id, cluster_id, backup_id, policy
541
+ tables.set_iam_policy resource: backup_path(instance_id, cluster_id, backup_id), policy: policy
542
+ end
543
+
544
+ ##
545
+ # Returns permissions that the caller has for the specified backup resource.
546
+ #
547
+ # @param permissions [Array<String>]
548
+ # The set of permissions to check for the +resource+. Permissions with
549
+ # wildcards (such as '*' or 'storage.*') are not allowed. For more
550
+ # information see
551
+ # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
552
+ # @return [Google::Iam::V1::TestIamPermissionsResponse]
553
+ #
554
+ def test_backup_permissions instance_id, cluster_id, backup_id, permissions
555
+ tables.test_iam_permissions resource: backup_path(instance_id, cluster_id, backup_id),
556
+ permissions: permissions
557
+ end
558
+
518
559
  ##
519
560
  # Gets the access control policy for an instance resource. Returns an empty
520
561
  # policy if an instance exists but does not have a policy set.
@@ -16,7 +16,7 @@
16
16
  module Google
17
17
  module Cloud
18
18
  module Bigtable
19
- VERSION = "2.1.0".freeze
19
+ VERSION = "2.2.0".freeze
20
20
  end
21
21
  end
22
22
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-cloud-bigtable
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.0
4
+ version: 2.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-09-17 00:00:00.000000000 Z
11
+ date: 2020-11-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: google-cloud-bigtable-admin-v2