google-cloud-iap-v1 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,51 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2021 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+ require "googleauth"
20
+
21
+ module Google
22
+ module Cloud
23
+ module Iap
24
+ module V1
25
+ module IdentityAwareProxyOAuthService
26
+ # Credentials for the IdentityAwareProxyOAuthService API.
27
+ class Credentials < ::Google::Auth::Credentials
28
+ self.scope = [
29
+ "https://www.googleapis.com/auth/cloud-platform"
30
+ ]
31
+ self.env_vars = [
32
+ "IAP_CREDENTIALS",
33
+ "IAP_KEYFILE",
34
+ "GOOGLE_CLOUD_CREDENTIALS",
35
+ "GOOGLE_CLOUD_KEYFILE",
36
+ "GCLOUD_KEYFILE",
37
+ "IAP_CREDENTIALS_JSON",
38
+ "IAP_KEYFILE_JSON",
39
+ "GOOGLE_CLOUD_CREDENTIALS_JSON",
40
+ "GOOGLE_CLOUD_KEYFILE_JSON",
41
+ "GCLOUD_KEYFILE_JSON"
42
+ ]
43
+ self.paths = [
44
+ "~/.config/google_cloud/application_default_credentials.json"
45
+ ]
46
+ end
47
+ end
48
+ end
49
+ end
50
+ end
51
+ end
@@ -0,0 +1,133 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # source: google/cloud/iap/v1/service.proto
3
+
4
+ require 'google/protobuf'
5
+
6
+ require 'google/api/annotations_pb'
7
+ require 'google/api/field_behavior_pb'
8
+ require 'google/iam/v1/iam_policy_pb'
9
+ require 'google/iam/v1/policy_pb'
10
+ require 'google/protobuf/empty_pb'
11
+ require 'google/protobuf/field_mask_pb'
12
+ require 'google/protobuf/wrappers_pb'
13
+ require 'google/api/client_pb'
14
+ Google::Protobuf::DescriptorPool.generated_pool.build do
15
+ add_file("google/cloud/iap/v1/service.proto", :syntax => :proto3) do
16
+ add_message "google.cloud.iap.v1.GetIapSettingsRequest" do
17
+ optional :name, :string, 1
18
+ end
19
+ add_message "google.cloud.iap.v1.UpdateIapSettingsRequest" do
20
+ optional :iap_settings, :message, 1, "google.cloud.iap.v1.IapSettings"
21
+ optional :update_mask, :message, 2, "google.protobuf.FieldMask"
22
+ end
23
+ add_message "google.cloud.iap.v1.IapSettings" do
24
+ optional :name, :string, 1
25
+ optional :access_settings, :message, 5, "google.cloud.iap.v1.AccessSettings"
26
+ optional :application_settings, :message, 6, "google.cloud.iap.v1.ApplicationSettings"
27
+ end
28
+ add_message "google.cloud.iap.v1.AccessSettings" do
29
+ optional :gcip_settings, :message, 1, "google.cloud.iap.v1.GcipSettings"
30
+ optional :cors_settings, :message, 2, "google.cloud.iap.v1.CorsSettings"
31
+ optional :oauth_settings, :message, 3, "google.cloud.iap.v1.OAuthSettings"
32
+ end
33
+ add_message "google.cloud.iap.v1.GcipSettings" do
34
+ repeated :tenant_ids, :string, 1
35
+ optional :login_page_uri, :message, 2, "google.protobuf.StringValue"
36
+ end
37
+ add_message "google.cloud.iap.v1.CorsSettings" do
38
+ optional :allow_http_options, :message, 1, "google.protobuf.BoolValue"
39
+ end
40
+ add_message "google.cloud.iap.v1.OAuthSettings" do
41
+ optional :login_hint, :message, 2, "google.protobuf.StringValue"
42
+ end
43
+ add_message "google.cloud.iap.v1.ApplicationSettings" do
44
+ optional :csm_settings, :message, 1, "google.cloud.iap.v1.CsmSettings"
45
+ optional :access_denied_page_settings, :message, 2, "google.cloud.iap.v1.AccessDeniedPageSettings"
46
+ optional :cookie_domain, :message, 3, "google.protobuf.StringValue"
47
+ end
48
+ add_message "google.cloud.iap.v1.CsmSettings" do
49
+ optional :rctoken_aud, :message, 1, "google.protobuf.StringValue"
50
+ end
51
+ add_message "google.cloud.iap.v1.AccessDeniedPageSettings" do
52
+ optional :access_denied_page_uri, :message, 1, "google.protobuf.StringValue"
53
+ optional :generate_troubleshooting_uri, :message, 2, "google.protobuf.BoolValue"
54
+ end
55
+ add_message "google.cloud.iap.v1.ListBrandsRequest" do
56
+ optional :parent, :string, 1
57
+ end
58
+ add_message "google.cloud.iap.v1.ListBrandsResponse" do
59
+ repeated :brands, :message, 1, "google.cloud.iap.v1.Brand"
60
+ end
61
+ add_message "google.cloud.iap.v1.CreateBrandRequest" do
62
+ optional :parent, :string, 1
63
+ optional :brand, :message, 2, "google.cloud.iap.v1.Brand"
64
+ end
65
+ add_message "google.cloud.iap.v1.GetBrandRequest" do
66
+ optional :name, :string, 1
67
+ end
68
+ add_message "google.cloud.iap.v1.ListIdentityAwareProxyClientsRequest" do
69
+ optional :parent, :string, 1
70
+ optional :page_size, :int32, 2
71
+ optional :page_token, :string, 3
72
+ end
73
+ add_message "google.cloud.iap.v1.ListIdentityAwareProxyClientsResponse" do
74
+ repeated :identity_aware_proxy_clients, :message, 1, "google.cloud.iap.v1.IdentityAwareProxyClient"
75
+ optional :next_page_token, :string, 2
76
+ end
77
+ add_message "google.cloud.iap.v1.CreateIdentityAwareProxyClientRequest" do
78
+ optional :parent, :string, 1
79
+ optional :identity_aware_proxy_client, :message, 2, "google.cloud.iap.v1.IdentityAwareProxyClient"
80
+ end
81
+ add_message "google.cloud.iap.v1.GetIdentityAwareProxyClientRequest" do
82
+ optional :name, :string, 1
83
+ end
84
+ add_message "google.cloud.iap.v1.ResetIdentityAwareProxyClientSecretRequest" do
85
+ optional :name, :string, 1
86
+ end
87
+ add_message "google.cloud.iap.v1.DeleteIdentityAwareProxyClientRequest" do
88
+ optional :name, :string, 1
89
+ end
90
+ add_message "google.cloud.iap.v1.Brand" do
91
+ optional :name, :string, 1
92
+ optional :support_email, :string, 2
93
+ optional :application_title, :string, 3
94
+ optional :org_internal_only, :bool, 4
95
+ end
96
+ add_message "google.cloud.iap.v1.IdentityAwareProxyClient" do
97
+ optional :name, :string, 1
98
+ optional :secret, :string, 2
99
+ optional :display_name, :string, 3
100
+ end
101
+ end
102
+ end
103
+
104
+ module Google
105
+ module Cloud
106
+ module Iap
107
+ module V1
108
+ GetIapSettingsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.GetIapSettingsRequest").msgclass
109
+ UpdateIapSettingsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.UpdateIapSettingsRequest").msgclass
110
+ IapSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.IapSettings").msgclass
111
+ AccessSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.AccessSettings").msgclass
112
+ GcipSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.GcipSettings").msgclass
113
+ CorsSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.CorsSettings").msgclass
114
+ OAuthSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.OAuthSettings").msgclass
115
+ ApplicationSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.ApplicationSettings").msgclass
116
+ CsmSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.CsmSettings").msgclass
117
+ AccessDeniedPageSettings = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.AccessDeniedPageSettings").msgclass
118
+ ListBrandsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.ListBrandsRequest").msgclass
119
+ ListBrandsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.ListBrandsResponse").msgclass
120
+ CreateBrandRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.CreateBrandRequest").msgclass
121
+ GetBrandRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.GetBrandRequest").msgclass
122
+ ListIdentityAwareProxyClientsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.ListIdentityAwareProxyClientsRequest").msgclass
123
+ ListIdentityAwareProxyClientsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.ListIdentityAwareProxyClientsResponse").msgclass
124
+ CreateIdentityAwareProxyClientRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.CreateIdentityAwareProxyClientRequest").msgclass
125
+ GetIdentityAwareProxyClientRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.GetIdentityAwareProxyClientRequest").msgclass
126
+ ResetIdentityAwareProxyClientSecretRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.ResetIdentityAwareProxyClientSecretRequest").msgclass
127
+ DeleteIdentityAwareProxyClientRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.DeleteIdentityAwareProxyClientRequest").msgclass
128
+ Brand = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.Brand").msgclass
129
+ IdentityAwareProxyClient = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.iap.v1.IdentityAwareProxyClient").msgclass
130
+ end
131
+ end
132
+ end
133
+ end
@@ -0,0 +1,107 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # Source: google/cloud/iap/v1/service.proto for package 'Google.Cloud.Iap.V1'
3
+ # Original file comments:
4
+ # Copyright 2021 Google LLC
5
+ #
6
+ # Licensed under the Apache License, Version 2.0 (the "License");
7
+ # you may not use this file except in compliance with the License.
8
+ # You may obtain a copy of the License at
9
+ #
10
+ # http://www.apache.org/licenses/LICENSE-2.0
11
+ #
12
+ # Unless required by applicable law or agreed to in writing, software
13
+ # distributed under the License is distributed on an "AS IS" BASIS,
14
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ # See the License for the specific language governing permissions and
16
+ # limitations under the License.
17
+ #
18
+
19
+ require 'grpc'
20
+ require 'google/cloud/iap/v1/service_pb'
21
+
22
+ module Google
23
+ module Cloud
24
+ module Iap
25
+ module V1
26
+ module IdentityAwareProxyAdminService
27
+ # APIs for Identity-Aware Proxy Admin configurations.
28
+ class Service
29
+
30
+ include GRPC::GenericService
31
+
32
+ self.marshal_class_method = :encode
33
+ self.unmarshal_class_method = :decode
34
+ self.service_name = 'google.cloud.iap.v1.IdentityAwareProxyAdminService'
35
+
36
+ # Sets the access control policy for an Identity-Aware Proxy protected
37
+ # resource. Replaces any existing policy.
38
+ # More information about managing access via IAP can be found at:
39
+ # https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api
40
+ rpc :SetIamPolicy, ::Google::Iam::V1::SetIamPolicyRequest, ::Google::Iam::V1::Policy
41
+ # Gets the access control policy for an Identity-Aware Proxy protected
42
+ # resource.
43
+ # More information about managing access via IAP can be found at:
44
+ # https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api
45
+ rpc :GetIamPolicy, ::Google::Iam::V1::GetIamPolicyRequest, ::Google::Iam::V1::Policy
46
+ # Returns permissions that a caller has on the Identity-Aware Proxy protected
47
+ # resource.
48
+ # More information about managing access via IAP can be found at:
49
+ # https://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api
50
+ rpc :TestIamPermissions, ::Google::Iam::V1::TestIamPermissionsRequest, ::Google::Iam::V1::TestIamPermissionsResponse
51
+ # Gets the IAP settings on a particular IAP protected resource.
52
+ rpc :GetIapSettings, ::Google::Cloud::Iap::V1::GetIapSettingsRequest, ::Google::Cloud::Iap::V1::IapSettings
53
+ # Updates the IAP settings on a particular IAP protected resource. It
54
+ # replaces all fields unless the `update_mask` is set.
55
+ rpc :UpdateIapSettings, ::Google::Cloud::Iap::V1::UpdateIapSettingsRequest, ::Google::Cloud::Iap::V1::IapSettings
56
+ end
57
+
58
+ Stub = Service.rpc_stub_class
59
+ end
60
+ module IdentityAwareProxyOAuthService
61
+ # API to programmatically create, list and retrieve Identity Aware Proxy (IAP)
62
+ # OAuth brands; and create, retrieve, delete and reset-secret of IAP OAuth
63
+ # clients.
64
+ class Service
65
+
66
+ include GRPC::GenericService
67
+
68
+ self.marshal_class_method = :encode
69
+ self.unmarshal_class_method = :decode
70
+ self.service_name = 'google.cloud.iap.v1.IdentityAwareProxyOAuthService'
71
+
72
+ # Lists the existing brands for the project.
73
+ rpc :ListBrands, ::Google::Cloud::Iap::V1::ListBrandsRequest, ::Google::Cloud::Iap::V1::ListBrandsResponse
74
+ # Constructs a new OAuth brand for the project if one does not exist.
75
+ # The created brand is "internal only", meaning that OAuth clients created
76
+ # under it only accept requests from users who belong to the same G Suite
77
+ # organization as the project. The brand is created in an un-reviewed status.
78
+ # NOTE: The "internal only" status can be manually changed in the Google
79
+ # Cloud console. Requires that a brand does not already exist for the
80
+ # project, and that the specified support email is owned by the caller.
81
+ rpc :CreateBrand, ::Google::Cloud::Iap::V1::CreateBrandRequest, ::Google::Cloud::Iap::V1::Brand
82
+ # Retrieves the OAuth brand of the project.
83
+ rpc :GetBrand, ::Google::Cloud::Iap::V1::GetBrandRequest, ::Google::Cloud::Iap::V1::Brand
84
+ # Creates an Identity Aware Proxy (IAP) OAuth client. The client is owned
85
+ # by IAP. Requires that the brand for the project exists and that it is
86
+ # set for internal-only use.
87
+ rpc :CreateIdentityAwareProxyClient, ::Google::Cloud::Iap::V1::CreateIdentityAwareProxyClientRequest, ::Google::Cloud::Iap::V1::IdentityAwareProxyClient
88
+ # Lists the existing clients for the brand.
89
+ rpc :ListIdentityAwareProxyClients, ::Google::Cloud::Iap::V1::ListIdentityAwareProxyClientsRequest, ::Google::Cloud::Iap::V1::ListIdentityAwareProxyClientsResponse
90
+ # Retrieves an Identity Aware Proxy (IAP) OAuth client.
91
+ # Requires that the client is owned by IAP.
92
+ rpc :GetIdentityAwareProxyClient, ::Google::Cloud::Iap::V1::GetIdentityAwareProxyClientRequest, ::Google::Cloud::Iap::V1::IdentityAwareProxyClient
93
+ # Resets an Identity Aware Proxy (IAP) OAuth client secret. Useful if the
94
+ # secret was compromised. Requires that the client is owned by IAP.
95
+ rpc :ResetIdentityAwareProxyClientSecret, ::Google::Cloud::Iap::V1::ResetIdentityAwareProxyClientSecretRequest, ::Google::Cloud::Iap::V1::IdentityAwareProxyClient
96
+ # Deletes an Identity Aware Proxy (IAP) OAuth client. Useful for removing
97
+ # obsolete clients, managing the number of clients in a given project, and
98
+ # cleaning up after tests. Requires that the client is owned by IAP.
99
+ rpc :DeleteIdentityAwareProxyClient, ::Google::Cloud::Iap::V1::DeleteIdentityAwareProxyClientRequest, ::Google::Protobuf::Empty
100
+ end
101
+
102
+ Stub = Service.rpc_stub_class
103
+ end
104
+ end
105
+ end
106
+ end
107
+ end
@@ -0,0 +1,28 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2021 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Cloud
22
+ module Iap
23
+ module V1
24
+ VERSION = "0.1.0"
25
+ end
26
+ end
27
+ end
28
+ end
@@ -0,0 +1,4 @@
1
+ # Identity-Aware Proxy V1 Protocol Buffer Documentation
2
+
3
+ These files are for the YARD documentation of the generated protobuf files.
4
+ They are not intended to be required or loaded at runtime.
@@ -0,0 +1,71 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2021 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Api
22
+ # An indicator of the behavior of a given field (for example, that a field
23
+ # is required in requests, or given as output but ignored as input).
24
+ # This **does not** change the behavior in protocol buffers itself; it only
25
+ # denotes the behavior and may affect how API tooling handles the field.
26
+ #
27
+ # Note: This enum **may** receive new values in the future.
28
+ module FieldBehavior
29
+ # Conventional default for enums. Do not use this.
30
+ FIELD_BEHAVIOR_UNSPECIFIED = 0
31
+
32
+ # Specifically denotes a field as optional.
33
+ # While all fields in protocol buffers are optional, this may be specified
34
+ # for emphasis if appropriate.
35
+ OPTIONAL = 1
36
+
37
+ # Denotes a field as required.
38
+ # This indicates that the field **must** be provided as part of the request,
39
+ # and failure to do so will cause an error (usually `INVALID_ARGUMENT`).
40
+ REQUIRED = 2
41
+
42
+ # Denotes a field as output only.
43
+ # This indicates that the field is provided in responses, but including the
44
+ # field in a request does nothing (the server *must* ignore it and
45
+ # *must not* throw an error as a result of the field's presence).
46
+ OUTPUT_ONLY = 3
47
+
48
+ # Denotes a field as input only.
49
+ # This indicates that the field is provided in requests, and the
50
+ # corresponding field is not included in output.
51
+ INPUT_ONLY = 4
52
+
53
+ # Denotes a field as immutable.
54
+ # This indicates that the field may be set once in a request to create a
55
+ # resource, but may not be changed thereafter.
56
+ IMMUTABLE = 5
57
+
58
+ # Denotes that a (repeated) field is an unordered list.
59
+ # This indicates that the service may provide the elements of the list
60
+ # in any arbitrary order, rather than the order the user originally
61
+ # provided. Additionally, the list's order may or may not be stable.
62
+ UNORDERED_LIST = 6
63
+
64
+ # Denotes that this field returns a non-empty default value if not set.
65
+ # This indicates that if the user provides the empty value in a request,
66
+ # a non-empty value will be returned. The user will not be aware of what
67
+ # non-empty value to expect.
68
+ NON_EMPTY_DEFAULT = 7
69
+ end
70
+ end
71
+ end
@@ -0,0 +1,283 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2021 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Api
22
+ # A simple descriptor of a resource type.
23
+ #
24
+ # ResourceDescriptor annotates a resource message (either by means of a
25
+ # protobuf annotation or use in the service config), and associates the
26
+ # resource's schema, the resource type, and the pattern of the resource name.
27
+ #
28
+ # Example:
29
+ #
30
+ # message Topic {
31
+ # // Indicates this message defines a resource schema.
32
+ # // Declares the resource type in the format of {service}/{kind}.
33
+ # // For Kubernetes resources, the format is {api group}/{kind}.
34
+ # option (google.api.resource) = {
35
+ # type: "pubsub.googleapis.com/Topic"
36
+ # name_descriptor: {
37
+ # pattern: "projects/{project}/topics/{topic}"
38
+ # parent_type: "cloudresourcemanager.googleapis.com/Project"
39
+ # parent_name_extractor: "projects/{project}"
40
+ # }
41
+ # };
42
+ # }
43
+ #
44
+ # The ResourceDescriptor Yaml config will look like:
45
+ #
46
+ # resources:
47
+ # - type: "pubsub.googleapis.com/Topic"
48
+ # name_descriptor:
49
+ # - pattern: "projects/{project}/topics/{topic}"
50
+ # parent_type: "cloudresourcemanager.googleapis.com/Project"
51
+ # parent_name_extractor: "projects/{project}"
52
+ #
53
+ # Sometimes, resources have multiple patterns, typically because they can
54
+ # live under multiple parents.
55
+ #
56
+ # Example:
57
+ #
58
+ # message LogEntry {
59
+ # option (google.api.resource) = {
60
+ # type: "logging.googleapis.com/LogEntry"
61
+ # name_descriptor: {
62
+ # pattern: "projects/{project}/logs/{log}"
63
+ # parent_type: "cloudresourcemanager.googleapis.com/Project"
64
+ # parent_name_extractor: "projects/{project}"
65
+ # }
66
+ # name_descriptor: {
67
+ # pattern: "folders/{folder}/logs/{log}"
68
+ # parent_type: "cloudresourcemanager.googleapis.com/Folder"
69
+ # parent_name_extractor: "folders/{folder}"
70
+ # }
71
+ # name_descriptor: {
72
+ # pattern: "organizations/{organization}/logs/{log}"
73
+ # parent_type: "cloudresourcemanager.googleapis.com/Organization"
74
+ # parent_name_extractor: "organizations/{organization}"
75
+ # }
76
+ # name_descriptor: {
77
+ # pattern: "billingAccounts/{billing_account}/logs/{log}"
78
+ # parent_type: "billing.googleapis.com/BillingAccount"
79
+ # parent_name_extractor: "billingAccounts/{billing_account}"
80
+ # }
81
+ # };
82
+ # }
83
+ #
84
+ # The ResourceDescriptor Yaml config will look like:
85
+ #
86
+ # resources:
87
+ # - type: 'logging.googleapis.com/LogEntry'
88
+ # name_descriptor:
89
+ # - pattern: "projects/{project}/logs/{log}"
90
+ # parent_type: "cloudresourcemanager.googleapis.com/Project"
91
+ # parent_name_extractor: "projects/{project}"
92
+ # - pattern: "folders/{folder}/logs/{log}"
93
+ # parent_type: "cloudresourcemanager.googleapis.com/Folder"
94
+ # parent_name_extractor: "folders/{folder}"
95
+ # - pattern: "organizations/{organization}/logs/{log}"
96
+ # parent_type: "cloudresourcemanager.googleapis.com/Organization"
97
+ # parent_name_extractor: "organizations/{organization}"
98
+ # - pattern: "billingAccounts/{billing_account}/logs/{log}"
99
+ # parent_type: "billing.googleapis.com/BillingAccount"
100
+ # parent_name_extractor: "billingAccounts/{billing_account}"
101
+ #
102
+ # For flexible resources, the resource name doesn't contain parent names, but
103
+ # the resource itself has parents for policy evaluation.
104
+ #
105
+ # Example:
106
+ #
107
+ # message Shelf {
108
+ # option (google.api.resource) = {
109
+ # type: "library.googleapis.com/Shelf"
110
+ # name_descriptor: {
111
+ # pattern: "shelves/{shelf}"
112
+ # parent_type: "cloudresourcemanager.googleapis.com/Project"
113
+ # }
114
+ # name_descriptor: {
115
+ # pattern: "shelves/{shelf}"
116
+ # parent_type: "cloudresourcemanager.googleapis.com/Folder"
117
+ # }
118
+ # };
119
+ # }
120
+ #
121
+ # The ResourceDescriptor Yaml config will look like:
122
+ #
123
+ # resources:
124
+ # - type: 'library.googleapis.com/Shelf'
125
+ # name_descriptor:
126
+ # - pattern: "shelves/{shelf}"
127
+ # parent_type: "cloudresourcemanager.googleapis.com/Project"
128
+ # - pattern: "shelves/{shelf}"
129
+ # parent_type: "cloudresourcemanager.googleapis.com/Folder"
130
+ # @!attribute [rw] type
131
+ # @return [::String]
132
+ # The resource type. It must be in the format of
133
+ # \\{service_name}/\\{resource_type_kind}. The `resource_type_kind` must be
134
+ # singular and must not include version numbers.
135
+ #
136
+ # Example: `storage.googleapis.com/Bucket`
137
+ #
138
+ # The value of the resource_type_kind must follow the regular expression
139
+ # /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and
140
+ # should use PascalCase (UpperCamelCase). The maximum number of
141
+ # characters allowed for the `resource_type_kind` is 100.
142
+ # @!attribute [rw] pattern
143
+ # @return [::Array<::String>]
144
+ # Optional. The relative resource name pattern associated with this resource
145
+ # type. The DNS prefix of the full resource name shouldn't be specified here.
146
+ #
147
+ # The path pattern must follow the syntax, which aligns with HTTP binding
148
+ # syntax:
149
+ #
150
+ # Template = Segment { "/" Segment } ;
151
+ # Segment = LITERAL | Variable ;
152
+ # Variable = "{" LITERAL "}" ;
153
+ #
154
+ # Examples:
155
+ #
156
+ # - "projects/\\{project}/topics/\\{topic}"
157
+ # - "projects/\\{project}/knowledgeBases/\\{knowledge_base}"
158
+ #
159
+ # The components in braces correspond to the IDs for each resource in the
160
+ # hierarchy. It is expected that, if multiple patterns are provided,
161
+ # the same component name (e.g. "project") refers to IDs of the same
162
+ # type of resource.
163
+ # @!attribute [rw] name_field
164
+ # @return [::String]
165
+ # Optional. The field on the resource that designates the resource name
166
+ # field. If omitted, this is assumed to be "name".
167
+ # @!attribute [rw] history
168
+ # @return [::Google::Api::ResourceDescriptor::History]
169
+ # Optional. The historical or future-looking state of the resource pattern.
170
+ #
171
+ # Example:
172
+ #
173
+ # // The InspectTemplate message originally only supported resource
174
+ # // names with organization, and project was added later.
175
+ # message InspectTemplate {
176
+ # option (google.api.resource) = {
177
+ # type: "dlp.googleapis.com/InspectTemplate"
178
+ # pattern:
179
+ # "organizations/{organization}/inspectTemplates/{inspect_template}"
180
+ # pattern: "projects/{project}/inspectTemplates/{inspect_template}"
181
+ # history: ORIGINALLY_SINGLE_PATTERN
182
+ # };
183
+ # }
184
+ # @!attribute [rw] plural
185
+ # @return [::String]
186
+ # The plural name used in the resource name and permission names, such as
187
+ # 'projects' for the resource name of 'projects/\\{project}' and the permission
188
+ # name of 'cloudresourcemanager.googleapis.com/projects.get'. It is the same
189
+ # concept of the `plural` field in k8s CRD spec
190
+ # https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
191
+ #
192
+ # Note: The plural form is required even for singleton resources. See
193
+ # https://aip.dev/156
194
+ # @!attribute [rw] singular
195
+ # @return [::String]
196
+ # The same concept of the `singular` field in k8s CRD spec
197
+ # https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
198
+ # Such as "project" for the `resourcemanager.googleapis.com/Project` type.
199
+ # @!attribute [rw] style
200
+ # @return [::Array<::Google::Api::ResourceDescriptor::Style>]
201
+ # Style flag(s) for this resource.
202
+ # These indicate that a resource is expected to conform to a given
203
+ # style. See the specific style flags for additional information.
204
+ class ResourceDescriptor
205
+ include ::Google::Protobuf::MessageExts
206
+ extend ::Google::Protobuf::MessageExts::ClassMethods
207
+
208
+ # A description of the historical or future-looking state of the
209
+ # resource pattern.
210
+ module History
211
+ # The "unset" value.
212
+ HISTORY_UNSPECIFIED = 0
213
+
214
+ # The resource originally had one pattern and launched as such, and
215
+ # additional patterns were added later.
216
+ ORIGINALLY_SINGLE_PATTERN = 1
217
+
218
+ # The resource has one pattern, but the API owner expects to add more
219
+ # later. (This is the inverse of ORIGINALLY_SINGLE_PATTERN, and prevents
220
+ # that from being necessary once there are multiple patterns.)
221
+ FUTURE_MULTI_PATTERN = 2
222
+ end
223
+
224
+ # A flag representing a specific style that a resource claims to conform to.
225
+ module Style
226
+ # The unspecified value. Do not use.
227
+ STYLE_UNSPECIFIED = 0
228
+
229
+ # This resource is intended to be "declarative-friendly".
230
+ #
231
+ # Declarative-friendly resources must be more strictly consistent, and
232
+ # setting this to true communicates to tools that this resource should
233
+ # adhere to declarative-friendly expectations.
234
+ #
235
+ # Note: This is used by the API linter (linter.aip.dev) to enable
236
+ # additional checks.
237
+ DECLARATIVE_FRIENDLY = 1
238
+ end
239
+ end
240
+
241
+ # Defines a proto annotation that describes a string field that refers to
242
+ # an API resource.
243
+ # @!attribute [rw] type
244
+ # @return [::String]
245
+ # The resource type that the annotated field references.
246
+ #
247
+ # Example:
248
+ #
249
+ # message Subscription {
250
+ # string topic = 2 [(google.api.resource_reference) = {
251
+ # type: "pubsub.googleapis.com/Topic"
252
+ # }];
253
+ # }
254
+ #
255
+ # Occasionally, a field may reference an arbitrary resource. In this case,
256
+ # APIs use the special value * in their resource reference.
257
+ #
258
+ # Example:
259
+ #
260
+ # message GetIamPolicyRequest {
261
+ # string resource = 2 [(google.api.resource_reference) = {
262
+ # type: "*"
263
+ # }];
264
+ # }
265
+ # @!attribute [rw] child_type
266
+ # @return [::String]
267
+ # The resource type of a child collection that the annotated field
268
+ # references. This is useful for annotating the `parent` field that
269
+ # doesn't have a fixed resource type.
270
+ #
271
+ # Example:
272
+ #
273
+ # message ListLogEntriesRequest {
274
+ # string parent = 1 [(google.api.resource_reference) = {
275
+ # child_type: "logging.googleapis.com/LogEntry"
276
+ # };
277
+ # }
278
+ class ResourceReference
279
+ include ::Google::Protobuf::MessageExts
280
+ extend ::Google::Protobuf::MessageExts::ClassMethods
281
+ end
282
+ end
283
+ end