google-cloud-iap-v1 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,336 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2021 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Cloud
22
+ module Iap
23
+ module V1
24
+ # The request sent to GetIapSettings.
25
+ # @!attribute [rw] name
26
+ # @return [::String]
27
+ # Required. The resource name for which to retrieve the settings.
28
+ # Authorization: Requires the `getSettings` permission for the associated
29
+ # resource.
30
+ class GetIapSettingsRequest
31
+ include ::Google::Protobuf::MessageExts
32
+ extend ::Google::Protobuf::MessageExts::ClassMethods
33
+ end
34
+
35
+ # The request sent to UpdateIapSettings.
36
+ # @!attribute [rw] iap_settings
37
+ # @return [::Google::Cloud::Iap::V1::IapSettings]
38
+ # Required. The new values for the IAP settings to be updated.
39
+ # Authorization: Requires the `updateSettings` permission for the associated
40
+ # resource.
41
+ # @!attribute [rw] update_mask
42
+ # @return [::Google::Protobuf::FieldMask]
43
+ # The field mask specifying which IAP settings should be updated.
44
+ # If omitted, the all of the settings are updated. See
45
+ # https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
46
+ class UpdateIapSettingsRequest
47
+ include ::Google::Protobuf::MessageExts
48
+ extend ::Google::Protobuf::MessageExts::ClassMethods
49
+ end
50
+
51
+ # The IAP configurable settings.
52
+ # @!attribute [rw] name
53
+ # @return [::String]
54
+ # Required. The resource name of the IAP protected resource.
55
+ # @!attribute [rw] access_settings
56
+ # @return [::Google::Cloud::Iap::V1::AccessSettings]
57
+ # Top level wrapper for all access related setting in IAP
58
+ # @!attribute [rw] application_settings
59
+ # @return [::Google::Cloud::Iap::V1::ApplicationSettings]
60
+ # Top level wrapper for all application related settings in IAP
61
+ class IapSettings
62
+ include ::Google::Protobuf::MessageExts
63
+ extend ::Google::Protobuf::MessageExts::ClassMethods
64
+ end
65
+
66
+ # Access related settings for IAP protected apps.
67
+ # @!attribute [rw] gcip_settings
68
+ # @return [::Google::Cloud::Iap::V1::GcipSettings]
69
+ # GCIP claims and endpoint configurations for 3p identity providers.
70
+ # @!attribute [rw] cors_settings
71
+ # @return [::Google::Cloud::Iap::V1::CorsSettings]
72
+ # Configuration to allow cross-origin requests via IAP.
73
+ # @!attribute [rw] oauth_settings
74
+ # @return [::Google::Cloud::Iap::V1::OAuthSettings]
75
+ # Settings to configure IAP's OAuth behavior.
76
+ class AccessSettings
77
+ include ::Google::Protobuf::MessageExts
78
+ extend ::Google::Protobuf::MessageExts::ClassMethods
79
+ end
80
+
81
+ # Allows customers to configure tenant_id for GCIP instance per-app.
82
+ # @!attribute [rw] tenant_ids
83
+ # @return [::Array<::String>]
84
+ # GCIP tenant ids that are linked to the IAP resource.
85
+ # tenant_ids could be a string beginning with a number character to indicate
86
+ # authenticating with GCIP tenant flow, or in the format of _<ProjectNumber>
87
+ # to indicate authenticating with GCIP agent flow.
88
+ # If agent flow is used, tenant_ids should only contain one single element,
89
+ # while for tenant flow, tenant_ids can contain multiple elements.
90
+ # @!attribute [rw] login_page_uri
91
+ # @return [::Google::Protobuf::StringValue]
92
+ # Login page URI associated with the GCIP tenants.
93
+ # Typically, all resources within the same project share the same login page,
94
+ # though it could be overridden at the sub resource level.
95
+ class GcipSettings
96
+ include ::Google::Protobuf::MessageExts
97
+ extend ::Google::Protobuf::MessageExts::ClassMethods
98
+ end
99
+
100
+ # Allows customers to configure HTTP request paths that'll allow HTTP OPTIONS
101
+ # call to bypass authentication and authorization.
102
+ # @!attribute [rw] allow_http_options
103
+ # @return [::Google::Protobuf::BoolValue]
104
+ # Configuration to allow HTTP OPTIONS calls to skip authorization. If
105
+ # undefined, IAP will not apply any special logic to OPTIONS requests.
106
+ class CorsSettings
107
+ include ::Google::Protobuf::MessageExts
108
+ extend ::Google::Protobuf::MessageExts::ClassMethods
109
+ end
110
+
111
+ # Configuration for OAuth login&consent flow behavior as well as for OAuth
112
+ # Credentials.
113
+ # @!attribute [rw] login_hint
114
+ # @return [::Google::Protobuf::StringValue]
115
+ # Domain hint to send as hd=? parameter in OAuth request flow. Enables
116
+ # redirect to primary IDP by skipping Google's login screen.
117
+ # https://developers.google.com/identity/protocols/OpenIDConnect#hd-param
118
+ # Note: IAP does not verify that the id token's hd claim matches this value
119
+ # since access behavior is managed by IAM policies.
120
+ class OAuthSettings
121
+ include ::Google::Protobuf::MessageExts
122
+ extend ::Google::Protobuf::MessageExts::ClassMethods
123
+ end
124
+
125
+ # Wrapper over application specific settings for IAP.
126
+ # @!attribute [rw] csm_settings
127
+ # @return [::Google::Cloud::Iap::V1::CsmSettings]
128
+ # Settings to configure IAP's behavior for a CSM mesh.
129
+ # @!attribute [rw] access_denied_page_settings
130
+ # @return [::Google::Cloud::Iap::V1::AccessDeniedPageSettings]
131
+ # Customization for Access Denied page.
132
+ # @!attribute [rw] cookie_domain
133
+ # @return [::Google::Protobuf::StringValue]
134
+ # The Domain value to set for cookies generated by IAP. This value is not
135
+ # validated by the API, but will be ignored at runtime if invalid.
136
+ class ApplicationSettings
137
+ include ::Google::Protobuf::MessageExts
138
+ extend ::Google::Protobuf::MessageExts::ClassMethods
139
+ end
140
+
141
+ # Configuration for RCTokens generated for CSM workloads protected by IAP.
142
+ # RCTokens are IAP generated JWTs that can be verified at the application. The
143
+ # RCToken is primarily used for ISTIO deployments, and can be scoped to a
144
+ # single mesh by configuring the audience field accordingly
145
+ # @!attribute [rw] rctoken_aud
146
+ # @return [::Google::Protobuf::StringValue]
147
+ # Audience claim set in the generated RCToken. This value is not validated by
148
+ # IAP.
149
+ class CsmSettings
150
+ include ::Google::Protobuf::MessageExts
151
+ extend ::Google::Protobuf::MessageExts::ClassMethods
152
+ end
153
+
154
+ # Custom content configuration for access denied page.
155
+ # IAP allows customers to define a custom URI to use as the error page when
156
+ # access is denied to users. If IAP prevents access to this page, the default
157
+ # IAP error page will be displayed instead.
158
+ # @!attribute [rw] access_denied_page_uri
159
+ # @return [::Google::Protobuf::StringValue]
160
+ # The URI to be redirected to when access is denied.
161
+ # @!attribute [rw] generate_troubleshooting_uri
162
+ # @return [::Google::Protobuf::BoolValue]
163
+ # Whether to generate a troubleshooting URL on access denied events to this
164
+ # application.
165
+ class AccessDeniedPageSettings
166
+ include ::Google::Protobuf::MessageExts
167
+ extend ::Google::Protobuf::MessageExts::ClassMethods
168
+ end
169
+
170
+ # The request sent to ListBrands.
171
+ # @!attribute [rw] parent
172
+ # @return [::String]
173
+ # Required. GCP Project number/id.
174
+ # In the following format: projects/\\{project_number/id}.
175
+ class ListBrandsRequest
176
+ include ::Google::Protobuf::MessageExts
177
+ extend ::Google::Protobuf::MessageExts::ClassMethods
178
+ end
179
+
180
+ # Response message for ListBrands.
181
+ # @!attribute [rw] brands
182
+ # @return [::Array<::Google::Cloud::Iap::V1::Brand>]
183
+ # Brands existing in the project.
184
+ class ListBrandsResponse
185
+ include ::Google::Protobuf::MessageExts
186
+ extend ::Google::Protobuf::MessageExts::ClassMethods
187
+ end
188
+
189
+ # The request sent to CreateBrand.
190
+ # @!attribute [rw] parent
191
+ # @return [::String]
192
+ # Required. GCP Project number/id under which the brand is to be created.
193
+ # In the following format: projects/\\{project_number/id}.
194
+ # @!attribute [rw] brand
195
+ # @return [::Google::Cloud::Iap::V1::Brand]
196
+ # Required. The brand to be created.
197
+ class CreateBrandRequest
198
+ include ::Google::Protobuf::MessageExts
199
+ extend ::Google::Protobuf::MessageExts::ClassMethods
200
+ end
201
+
202
+ # The request sent to GetBrand.
203
+ # @!attribute [rw] name
204
+ # @return [::String]
205
+ # Required. Name of the brand to be fetched.
206
+ # In the following format: projects/\\{project_number/id}/brands/\\{brand}.
207
+ class GetBrandRequest
208
+ include ::Google::Protobuf::MessageExts
209
+ extend ::Google::Protobuf::MessageExts::ClassMethods
210
+ end
211
+
212
+ # The request sent to ListIdentityAwareProxyClients.
213
+ # @!attribute [rw] parent
214
+ # @return [::String]
215
+ # Required. Full brand path.
216
+ # In the following format: projects/\\{project_number/id}/brands/\\{brand}.
217
+ # @!attribute [rw] page_size
218
+ # @return [::Integer]
219
+ # The maximum number of clients to return. The service may return fewer than
220
+ # this value.
221
+ # If unspecified, at most 100 clients will be returned.
222
+ # The maximum value is 1000; values above 1000 will be coerced to 1000.
223
+ # @!attribute [rw] page_token
224
+ # @return [::String]
225
+ # A page token, received from a previous `ListIdentityAwareProxyClients`
226
+ # call. Provide this to retrieve the subsequent page.
227
+ #
228
+ # When paginating, all other parameters provided to
229
+ # `ListIdentityAwareProxyClients` must match the call that provided the page
230
+ # token.
231
+ class ListIdentityAwareProxyClientsRequest
232
+ include ::Google::Protobuf::MessageExts
233
+ extend ::Google::Protobuf::MessageExts::ClassMethods
234
+ end
235
+
236
+ # Response message for ListIdentityAwareProxyClients.
237
+ # @!attribute [rw] identity_aware_proxy_clients
238
+ # @return [::Array<::Google::Cloud::Iap::V1::IdentityAwareProxyClient>]
239
+ # Clients existing in the brand.
240
+ # @!attribute [rw] next_page_token
241
+ # @return [::String]
242
+ # A token, which can be send as `page_token` to retrieve the next page.
243
+ # If this field is omitted, there are no subsequent pages.
244
+ class ListIdentityAwareProxyClientsResponse
245
+ include ::Google::Protobuf::MessageExts
246
+ extend ::Google::Protobuf::MessageExts::ClassMethods
247
+ end
248
+
249
+ # The request sent to CreateIdentityAwareProxyClient.
250
+ # @!attribute [rw] parent
251
+ # @return [::String]
252
+ # Required. Path to create the client in.
253
+ # In the following format:
254
+ # projects/\\{project_number/id}/brands/\\{brand}.
255
+ # The project must belong to a G Suite account.
256
+ # @!attribute [rw] identity_aware_proxy_client
257
+ # @return [::Google::Cloud::Iap::V1::IdentityAwareProxyClient]
258
+ # Required. Identity Aware Proxy Client to be created.
259
+ class CreateIdentityAwareProxyClientRequest
260
+ include ::Google::Protobuf::MessageExts
261
+ extend ::Google::Protobuf::MessageExts::ClassMethods
262
+ end
263
+
264
+ # The request sent to GetIdentityAwareProxyClient.
265
+ # @!attribute [rw] name
266
+ # @return [::String]
267
+ # Required. Name of the Identity Aware Proxy client to be fetched.
268
+ # In the following format:
269
+ # projects/\\{project_number/id}/brands/\\{brand}/identityAwareProxyClients/\\{client_id}.
270
+ class GetIdentityAwareProxyClientRequest
271
+ include ::Google::Protobuf::MessageExts
272
+ extend ::Google::Protobuf::MessageExts::ClassMethods
273
+ end
274
+
275
+ # The request sent to ResetIdentityAwareProxyClientSecret.
276
+ # @!attribute [rw] name
277
+ # @return [::String]
278
+ # Required. Name of the Identity Aware Proxy client to that will have its
279
+ # secret reset. In the following format:
280
+ # projects/\\{project_number/id}/brands/\\{brand}/identityAwareProxyClients/\\{client_id}.
281
+ class ResetIdentityAwareProxyClientSecretRequest
282
+ include ::Google::Protobuf::MessageExts
283
+ extend ::Google::Protobuf::MessageExts::ClassMethods
284
+ end
285
+
286
+ # The request sent to DeleteIdentityAwareProxyClient.
287
+ # @!attribute [rw] name
288
+ # @return [::String]
289
+ # Required. Name of the Identity Aware Proxy client to be deleted.
290
+ # In the following format:
291
+ # projects/\\{project_number/id}/brands/\\{brand}/identityAwareProxyClients/\\{client_id}.
292
+ class DeleteIdentityAwareProxyClientRequest
293
+ include ::Google::Protobuf::MessageExts
294
+ extend ::Google::Protobuf::MessageExts::ClassMethods
295
+ end
296
+
297
+ # OAuth brand data.
298
+ # NOTE: Only contains a portion of the data that describes a brand.
299
+ # @!attribute [r] name
300
+ # @return [::String]
301
+ # Output only. Identifier of the brand.
302
+ # NOTE: GCP project number achieves the same brand identification purpose as
303
+ # only one brand per project can be created.
304
+ # @!attribute [rw] support_email
305
+ # @return [::String]
306
+ # Support email displayed on the OAuth consent screen.
307
+ # @!attribute [rw] application_title
308
+ # @return [::String]
309
+ # Application name displayed on OAuth consent screen.
310
+ # @!attribute [r] org_internal_only
311
+ # @return [::Boolean]
312
+ # Output only. Whether the brand is only intended for usage inside the
313
+ # G Suite organization only.
314
+ class Brand
315
+ include ::Google::Protobuf::MessageExts
316
+ extend ::Google::Protobuf::MessageExts::ClassMethods
317
+ end
318
+
319
+ # Contains the data that describes an Identity Aware Proxy owned client.
320
+ # @!attribute [r] name
321
+ # @return [::String]
322
+ # Output only. Unique identifier of the OAuth client.
323
+ # @!attribute [r] secret
324
+ # @return [::String]
325
+ # Output only. Client secret of the OAuth client.
326
+ # @!attribute [rw] display_name
327
+ # @return [::String]
328
+ # Human-friendly name given to the OAuth client.
329
+ class IdentityAwareProxyClient
330
+ include ::Google::Protobuf::MessageExts
331
+ extend ::Google::Protobuf::MessageExts::ClassMethods
332
+ end
333
+ end
334
+ end
335
+ end
336
+ end
@@ -0,0 +1,80 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2021 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Iam
22
+ module V1
23
+ # Request message for `SetIamPolicy` method.
24
+ # @!attribute [rw] resource
25
+ # @return [::String]
26
+ # REQUIRED: The resource for which the policy is being specified.
27
+ # See the operation documentation for the appropriate value for this field.
28
+ # @!attribute [rw] policy
29
+ # @return [::Google::Iam::V1::Policy]
30
+ # REQUIRED: The complete policy to be applied to the `resource`. The size of
31
+ # the policy is limited to a few 10s of KB. An empty policy is a
32
+ # valid policy but certain Cloud Platform services (such as Projects)
33
+ # might reject them.
34
+ class SetIamPolicyRequest
35
+ include ::Google::Protobuf::MessageExts
36
+ extend ::Google::Protobuf::MessageExts::ClassMethods
37
+ end
38
+
39
+ # Request message for `GetIamPolicy` method.
40
+ # @!attribute [rw] resource
41
+ # @return [::String]
42
+ # REQUIRED: The resource for which the policy is being requested.
43
+ # See the operation documentation for the appropriate value for this field.
44
+ # @!attribute [rw] options
45
+ # @return [::Google::Iam::V1::GetPolicyOptions]
46
+ # OPTIONAL: A `GetPolicyOptions` object for specifying options to
47
+ # `GetIamPolicy`. This field is only used by Cloud IAM.
48
+ class GetIamPolicyRequest
49
+ include ::Google::Protobuf::MessageExts
50
+ extend ::Google::Protobuf::MessageExts::ClassMethods
51
+ end
52
+
53
+ # Request message for `TestIamPermissions` method.
54
+ # @!attribute [rw] resource
55
+ # @return [::String]
56
+ # REQUIRED: The resource for which the policy detail is being requested.
57
+ # See the operation documentation for the appropriate value for this field.
58
+ # @!attribute [rw] permissions
59
+ # @return [::Array<::String>]
60
+ # The set of permissions to check for the `resource`. Permissions with
61
+ # wildcards (such as '*' or 'storage.*') are not allowed. For more
62
+ # information see
63
+ # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
64
+ class TestIamPermissionsRequest
65
+ include ::Google::Protobuf::MessageExts
66
+ extend ::Google::Protobuf::MessageExts::ClassMethods
67
+ end
68
+
69
+ # Response message for `TestIamPermissions` method.
70
+ # @!attribute [rw] permissions
71
+ # @return [::Array<::String>]
72
+ # A subset of `TestPermissionsRequest.permissions` that the caller is
73
+ # allowed.
74
+ class TestIamPermissionsResponse
75
+ include ::Google::Protobuf::MessageExts
76
+ extend ::Google::Protobuf::MessageExts::ClassMethods
77
+ end
78
+ end
79
+ end
80
+ end
@@ -0,0 +1,40 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2021 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Iam
22
+ module V1
23
+ # Encapsulates settings provided to GetIamPolicy.
24
+ # @!attribute [rw] requested_policy_version
25
+ # @return [::Integer]
26
+ # Optional. The policy format version to be returned.
27
+ #
28
+ # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
29
+ # rejected.
30
+ #
31
+ # Requests for policies with any conditional bindings must specify version 3.
32
+ # Policies without any conditional bindings may specify any valid value or
33
+ # leave the field unset.
34
+ class GetPolicyOptions
35
+ include ::Google::Protobuf::MessageExts
36
+ extend ::Google::Protobuf::MessageExts::ClassMethods
37
+ end
38
+ end
39
+ end
40
+ end