google-cloud-iap-v1 0.1.0

data/proto_docs/google/iam/v1/policy.rb

@@ -0,0 +1,248 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Iam
+    module V1
+      # Defines an Identity and Access Management (IAM) policy. It is used to
+      # specify access control policies for Cloud Platform resources.
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+      # `members` to a single `role`. Members can be user accounts, service accounts,
+      # Google groups, and domains (such as G Suite). A `role` is a named list of
+      # permissions (defined by IAM or configured by users). A `binding` can
+      # optionally specify a `condition`, which is a logic expression that further
+      # constrains the role binding based on attributes about the request and/or
+      # target resource.
+      #
+      # **JSON Example**
+      #
+      #     {
+      #       "bindings": [
+      #         {
+      #           "role": "roles/resourcemanager.organizationAdmin",
+      #           "members": [
+      #             "user:mike@example.com",
+      #             "group:admins@example.com",
+      #             "domain:google.com",
+      #             "serviceAccount:my-project-id@appspot.gserviceaccount.com"
+      #           ]
+      #         },
+      #         {
+      #           "role": "roles/resourcemanager.organizationViewer",
+      #           "members": ["user:eve@example.com"],
+      #           "condition": {
+      #             "title": "expirable access",
+      #             "description": "Does not grant access after Sep 2020",
+      #             "expression": "request.time <
+      #             timestamp('2020-10-01T00:00:00.000Z')",
+      #           }
+      #         }
+      #       ]
+      #     }
+      #
+      # **YAML Example**
+      #
+      #     bindings:
+      #     - members:
+      #       - user:mike@example.com
+      #       - group:admins@example.com
+      #       - domain:google.com
+      #       - serviceAccount:my-project-id@appspot.gserviceaccount.com
+      #       role: roles/resourcemanager.organizationAdmin
+      #     - members:
+      #       - user:eve@example.com
+      #       role: roles/resourcemanager.organizationViewer
+      #       condition:
+      #         title: expirable access
+      #         description: Does not grant access after Sep 2020
+      #         expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
+      #
+      # For a description of IAM and its features, see the
+      # [IAM developer's guide](https://cloud.google.com/iam/docs).
+      # @!attribute [rw] version
+      #   @return [::Integer]
+      #     Specifies the format of the policy.
+      #
+      #     Valid values are 0, 1, and 3. Requests specifying an invalid value will be
+      #     rejected.
+      #
+      #     Operations affecting conditional bindings must specify version 3. This can
+      #     be either setting a conditional policy, modifying a conditional binding,
+      #     or removing a binding (conditional or unconditional) from the stored
+      #     conditional policy.
+      #     Operations on non-conditional policies may specify any valid value or
+      #     leave the field unset.
+      #
+      #     If no etag is provided in the call to `setIamPolicy`, version compliance
+      #     checks against the stored policy is skipped.
+      # @!attribute [rw] bindings
+      #   @return [::Array<::Google::Iam::V1::Binding>]
+      #     Associates a list of `members` to a `role`. Optionally may specify a
+      #     `condition` that determines when binding is in effect.
+      #     `bindings` with no members will result in an error.
+      # @!attribute [rw] etag
+      #   @return [::String]
+      #     `etag` is used for optimistic concurrency control as a way to help
+      #     prevent simultaneous updates of a policy from overwriting each other.
+      #     It is strongly suggested that systems make use of the `etag` in the
+      #     read-modify-write cycle to perform policy updates in order to avoid race
+      #     conditions: An `etag` is returned in the response to `getIamPolicy`, and
+      #     systems are expected to put that etag in the request to `setIamPolicy` to
+      #     ensure that their change will be applied to the same version of the policy.
+      #
+      #     If no `etag` is provided in the call to `setIamPolicy`, then the existing
+      #     policy is overwritten. Due to blind-set semantics of an etag-less policy,
+      #     'setIamPolicy' will not fail even if the incoming policy version does not
+      #     meet the requirements for modifying the stored policy.
+      class Policy
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Associates `members` with a `role`.
+      # @!attribute [rw] role
+      #   @return [::String]
+      #     Role that is assigned to `members`.
+      #     For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      # @!attribute [rw] members
+      #   @return [::Array<::String>]
+      #     Specifies the identities requesting access for a Cloud Platform resource.
+      #     `members` can have the following values:
+      #
+      #     * `allUsers`: A special identifier that represents anyone who is
+      #        on the internet; with or without a Google account.
+      #
+      #     * `allAuthenticatedUsers`: A special identifier that represents anyone
+      #        who is authenticated with a Google account or a service account.
+      #
+      #     * `user:{emailid}`: An email address that represents a specific Google
+      #        account. For example, `alice@example.com` .
+      #
+      #
+      #     * `serviceAccount:{emailid}`: An email address that represents a service
+      #        account. For example, `my-other-app@appspot.gserviceaccount.com`.
+      #
+      #     * `group:{emailid}`: An email address that represents a Google group.
+      #        For example, `admins@example.com`.
+      #
+      #
+      #     * `domain:{domain}`: The G Suite domain (primary) that represents all the
+      #        users of that domain. For example, `google.com` or `example.com`.
+      # @!attribute [rw] condition
+      #   @return [::Google::Type::Expr]
+      #     The condition that is associated with this binding.
+      #     NOTE: An unsatisfied condition will not allow user access via current
+      #     binding. Different bindings, including their conditions, are examined
+      #     independently.
+      class Binding
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # The difference delta between two policies.
+      # @!attribute [rw] binding_deltas
+      #   @return [::Array<::Google::Iam::V1::BindingDelta>]
+      #     The delta for Bindings between two policies.
+      # @!attribute [rw] audit_config_deltas
+      #   @return [::Array<::Google::Iam::V1::AuditConfigDelta>]
+      #     The delta for AuditConfigs between two policies.
+      class PolicyDelta
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # One delta entry for Binding. Each individual change (only one member in each
+      # entry) to a binding will be a separate entry.
+      # @!attribute [rw] action
+      #   @return [::Google::Iam::V1::BindingDelta::Action]
+      #     The action that was performed on a Binding.
+      #     Required
+      # @!attribute [rw] role
+      #   @return [::String]
+      #     Role that is assigned to `members`.
+      #     For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      #     Required
+      # @!attribute [rw] member
+      #   @return [::String]
+      #     A single identity requesting access for a Cloud Platform resource.
+      #     Follows the same format of Binding.members.
+      #     Required
+      # @!attribute [rw] condition
+      #   @return [::Google::Type::Expr]
+      #     The condition that is associated with this binding.
+      class BindingDelta
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+
+        # The type of action performed on a Binding in a policy.
+        module Action
+          # Unspecified.
+          ACTION_UNSPECIFIED = 0
+
+          # Addition of a Binding.
+          ADD = 1
+
+          # Removal of a Binding.
+          REMOVE = 2
+        end
+      end
+
+      # One delta entry for AuditConfig. Each individual change (only one
+      # exempted_member in each entry) to a AuditConfig will be a separate entry.
+      # @!attribute [rw] action
+      #   @return [::Google::Iam::V1::AuditConfigDelta::Action]
+      #     The action that was performed on an audit configuration in a policy.
+      #     Required
+      # @!attribute [rw] service
+      #   @return [::String]
+      #     Specifies a service that was configured for Cloud Audit Logging.
+      #     For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
+      #     `allServices` is a special value that covers all services.
+      #     Required
+      # @!attribute [rw] exempted_member
+      #   @return [::String]
+      #     A single identity that is exempted from "data access" audit
+      #     logging for the `service` specified above.
+      #     Follows the same format of Binding.members.
+      # @!attribute [rw] log_type
+      #   @return [::String]
+      #     Specifies the log_type that was be enabled. ADMIN_ACTIVITY is always
+      #     enabled, and cannot be configured.
+      #     Required
+      class AuditConfigDelta
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+
+        # The type of action performed on an audit configuration in a policy.
+        module Action
+          # Unspecified.
+          ACTION_UNSPECIFIED = 0
+
+          # Addition of an audit configuration.
+          ADD = 1
+
+          # Removal of an audit configuration.
+          REMOVE = 2
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/protobuf/empty.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Protobuf
+    # A generic empty message that you can re-use to avoid defining duplicated
+    # empty messages in your APIs. A typical example is to use it as the request
+    # or the response type of an API method. For instance:
+    #
+    #     service Foo {
+    #       rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
+    #     }
+    #
+    # The JSON representation for `Empty` is empty JSON object `{}`.
+    class Empty
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/google/protobuf/field_mask.rb

@@ -0,0 +1,229 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Protobuf
+    # `FieldMask` represents a set of symbolic field paths, for example:
+    #
+    #     paths: "f.a"
+    #     paths: "f.b.d"
+    #
+    # Here `f` represents a field in some root message, `a` and `b`
+    # fields in the message found in `f`, and `d` a field found in the
+    # message in `f.b`.
+    #
+    # Field masks are used to specify a subset of fields that should be
+    # returned by a get operation or modified by an update operation.
+    # Field masks also have a custom JSON encoding (see below).
+    #
+    # # Field Masks in Projections
+    #
+    # When used in the context of a projection, a response message or
+    # sub-message is filtered by the API to only contain those fields as
+    # specified in the mask. For example, if the mask in the previous
+    # example is applied to a response message as follows:
+    #
+    #     f {
+    #       a : 22
+    #       b {
+    #         d : 1
+    #         x : 2
+    #       }
+    #       y : 13
+    #     }
+    #     z: 8
+    #
+    # The result will not contain specific values for fields x,y and z
+    # (their value will be set to the default, and omitted in proto text
+    # output):
+    #
+    #
+    #     f {
+    #       a : 22
+    #       b {
+    #         d : 1
+    #       }
+    #     }
+    #
+    # A repeated field is not allowed except at the last position of a
+    # paths string.
+    #
+    # If a FieldMask object is not present in a get operation, the
+    # operation applies to all fields (as if a FieldMask of all fields
+    # had been specified).
+    #
+    # Note that a field mask does not necessarily apply to the
+    # top-level response message. In case of a REST get operation, the
+    # field mask applies directly to the response, but in case of a REST
+    # list operation, the mask instead applies to each individual message
+    # in the returned resource list. In case of a REST custom method,
+    # other definitions may be used. Where the mask applies will be
+    # clearly documented together with its declaration in the API.  In
+    # any case, the effect on the returned resource/resources is required
+    # behavior for APIs.
+    #
+    # # Field Masks in Update Operations
+    #
+    # A field mask in update operations specifies which fields of the
+    # targeted resource are going to be updated. The API is required
+    # to only change the values of the fields as specified in the mask
+    # and leave the others untouched. If a resource is passed in to
+    # describe the updated values, the API ignores the values of all
+    # fields not covered by the mask.
+    #
+    # If a repeated field is specified for an update operation, new values will
+    # be appended to the existing repeated field in the target resource. Note that
+    # a repeated field is only allowed in the last position of a `paths` string.
+    #
+    # If a sub-message is specified in the last position of the field mask for an
+    # update operation, then new value will be merged into the existing sub-message
+    # in the target resource.
+    #
+    # For example, given the target message:
+    #
+    #     f {
+    #       b {
+    #         d: 1
+    #         x: 2
+    #       }
+    #       c: [1]
+    #     }
+    #
+    # And an update message:
+    #
+    #     f {
+    #       b {
+    #         d: 10
+    #       }
+    #       c: [2]
+    #     }
+    #
+    # then if the field mask is:
+    #
+    #  paths: ["f.b", "f.c"]
+    #
+    # then the result will be:
+    #
+    #     f {
+    #       b {
+    #         d: 10
+    #         x: 2
+    #       }
+    #       c: [1, 2]
+    #     }
+    #
+    # An implementation may provide options to override this default behavior for
+    # repeated and message fields.
+    #
+    # In order to reset a field's value to the default, the field must
+    # be in the mask and set to the default value in the provided resource.
+    # Hence, in order to reset all fields of a resource, provide a default
+    # instance of the resource and set all fields in the mask, or do
+    # not provide a mask as described below.
+    #
+    # If a field mask is not present on update, the operation applies to
+    # all fields (as if a field mask of all fields has been specified).
+    # Note that in the presence of schema evolution, this may mean that
+    # fields the client does not know and has therefore not filled into
+    # the request will be reset to their default. If this is unwanted
+    # behavior, a specific service may require a client to always specify
+    # a field mask, producing an error if not.
+    #
+    # As with get operations, the location of the resource which
+    # describes the updated values in the request message depends on the
+    # operation kind. In any case, the effect of the field mask is
+    # required to be honored by the API.
+    #
+    # ## Considerations for HTTP REST
+    #
+    # The HTTP kind of an update operation which uses a field mask must
+    # be set to PATCH instead of PUT in order to satisfy HTTP semantics
+    # (PUT must only be used for full updates).
+    #
+    # # JSON Encoding of Field Masks
+    #
+    # In JSON, a field mask is encoded as a single string where paths are
+    # separated by a comma. Fields name in each path are converted
+    # to/from lower-camel naming conventions.
+    #
+    # As an example, consider the following message declarations:
+    #
+    #     message Profile {
+    #       User user = 1;
+    #       Photo photo = 2;
+    #     }
+    #     message User {
+    #       string display_name = 1;
+    #       string address = 2;
+    #     }
+    #
+    # In proto a field mask for `Profile` may look as such:
+    #
+    #     mask {
+    #       paths: "user.display_name"
+    #       paths: "photo"
+    #     }
+    #
+    # In JSON, the same mask is represented as below:
+    #
+    #     {
+    #       mask: "user.displayName,photo"
+    #     }
+    #
+    # # Field Masks and Oneof Fields
+    #
+    # Field masks treat fields in oneofs just as regular fields. Consider the
+    # following message:
+    #
+    #     message SampleMessage {
+    #       oneof test_oneof {
+    #         string name = 4;
+    #         SubMessage sub_message = 9;
+    #       }
+    #     }
+    #
+    # The field mask can be:
+    #
+    #     mask {
+    #       paths: "name"
+    #     }
+    #
+    # Or:
+    #
+    #     mask {
+    #       paths: "sub_message"
+    #     }
+    #
+    # Note that oneof type names ("test_oneof" in this case) cannot be used in
+    # paths.
+    #
+    # ## Field Mask Verification
+    #
+    # The implementation of any API method which has a FieldMask type field in the
+    # request should verify the included field paths, and return an
+    # `INVALID_ARGUMENT` error if any path is unmappable.
+    # @!attribute [rw] paths
+    #   @return [::Array<::String>]
+    #     The set of field mask paths.
+    class FieldMask
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end