RubyGems - google-cloud-kms-inventory-v1 - Versions diffs - 0.10.0 → 0.11.0 - Mend

google-cloud-kms-inventory-v1 0.10.0 → 0.11.0

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/google/cloud/kms/inventory/v1/version.rb +1 -1
data/proto_docs/google/cloud/kms/v1/resources.rb +94 -0
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0efeb50138dd50d5317c31ae48144e32df32ad2d2b7021f90c3605be1dd33e9e
-  data.tar.gz: ce5cbf8a11958b55e59ed3059859242650e56011b880643e9db80fbfca75f0c5
+  metadata.gz: b3f10ea25f955a7c4e8414d450b1a39ae3dc31b473f8d095bfcd172d6e41ef7b
+  data.tar.gz: 90a8bd25953d2087eed377709984588660245f779a28d2ae981bd6fe61499202
 SHA512:
-  metadata.gz: 48bcca9288df0e488247f1b4ec1e32f0b93adf6047a0bb0f820a35443fc10b847ded950908d84a41284d1dc7d41eb5f860948d3fc431715aaab402790213913e
-  data.tar.gz: 2781247baff2b2bd8f15854447ef1ddedba200804f6d04f4d56af80c991dd68a2bb1c991118237f2936bbb63947365bbb785376fe5c4dabde87e68a6f28e7be1
+  metadata.gz: 33b9ad81032b914926aca977a46bfef9257f56fb0b660c5709bca42b3da6f33975db78ecd9a27a87eb870357b285e14df24ca245b75ace5c642cfc46c4386da1
+  data.tar.gz: 29b618bbfae239f1e4caceb9691c2cd3a90b847e66d0a26c8c5ba1abf54a2e0e1b4d6bc034ed40bd7b8361cbe9bd380555642725716b355b522cbac9eab02689

data/lib/google/cloud/kms/inventory/v1/version.rb CHANGED Viewed

@@ -22,7 +22,7 @@ module Google
     module Kms
       module Inventory
         module V1
-          VERSION = "0.10.0"
+          VERSION = "0.11.0"
         end
       end
     end

data/proto_docs/google/cloud/kms/v1/resources.rb CHANGED Viewed

@@ -137,6 +137,16 @@ module Google
         #     resource name in the format `projects/*/locations/*/ekmConnections/*`.
         #     Note, this list is non-exhaustive and may apply to additional
         #     {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevels} in the future.
+        # @!attribute [rw] key_access_justifications_policy
+        #   @return [::Google::Cloud::Kms::V1::KeyAccessJustificationsPolicy]
+        #     Optional. The policy used for Key Access Justifications Policy Enforcement.
+        #     If this field is present and this key is enrolled in Key Access
+        #     Justifications Policy Enforcement, the policy will be evaluated in encrypt,
+        #     decrypt, and sign operations, and the operation will fail if rejected by
+        #     the policy. The policy is defined by specifying zero or more allowed
+        #     justification codes.
+        #     https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes
+        #     By default, this field is absent, and all justification codes are allowed.
         class CryptoKey
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -876,6 +886,23 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
+        # A
+        # {::Google::Cloud::Kms::V1::KeyAccessJustificationsPolicy KeyAccessJustificationsPolicy}
+        # specifies zero or more allowed
+        # {::Google::Cloud::Kms::V1::AccessReason AccessReason} values for encrypt, decrypt,
+        # and sign operations on a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
+        # @!attribute [rw] allowed_access_reasons
+        #   @return [::Array<::Google::Cloud::Kms::V1::AccessReason>]
+        #     The list of allowed reasons for access to a
+        #     {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}. Zero allowed access reasons
+        #     means all encrypt, decrypt, and sign operations for the
+        #     {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} associated with this policy will
+        #     fail.
+        class KeyAccessJustificationsPolicy
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
         # {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} specifies how
         # cryptographic operations are performed. For more information, see [Protection
         # levels] (https://cloud.google.com/kms/docs/algorithms#protection_levels).
@@ -895,6 +922,73 @@ module Google
           # Crypto operations are performed in an EKM-over-VPC backend.
           EXTERNAL_VPC = 4
         end
+        # Describes the reason for a data access. Please refer to
+        # https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes
+        # for the detailed semantic meaning of justification reason codes.
+        module AccessReason
+          # Unspecified access reason.
+          REASON_UNSPECIFIED = 0
+          # Customer-initiated support.
+          CUSTOMER_INITIATED_SUPPORT = 1
+          # Google-initiated access for system management and troubleshooting.
+          GOOGLE_INITIATED_SERVICE = 2
+          # Google-initiated access in response to a legal request or legal process.
+          THIRD_PARTY_DATA_REQUEST = 3
+          # Google-initiated access for security, fraud, abuse, or compliance purposes.
+          GOOGLE_INITIATED_REVIEW = 4
+          # Customer uses their account to perform any access to their own data which
+          # their IAM policy authorizes.
+          CUSTOMER_INITIATED_ACCESS = 5
+          # Google systems access customer data to help optimize the structure of the
+          # data or quality for future uses by the customer.
+          GOOGLE_INITIATED_SYSTEM_OPERATION = 6
+          # No reason is expected for this key request.
+          REASON_NOT_EXPECTED = 7
+          # Customer uses their account to perform any access to their own data which
+          # their IAM policy authorizes, and one of the following is true:
+          #
+          # * A Google administrator has reset the root-access account associated with
+          #   the user's organization within the past 7 days.
+          # * A Google-initiated emergency access operation has interacted with a
+          #   resource in the same project or folder as the currently accessed resource
+          #   within the past 7 days.
+          MODIFIED_CUSTOMER_INITIATED_ACCESS = 8
+          # Google systems access customer data to help optimize the structure of the
+          # data or quality for future uses by the customer, and one of the following
+          # is true:
+          #
+          # * A Google administrator has reset the root-access account associated with
+          #   the user's organization within the past 7 days.
+          # * A Google-initiated emergency access operation has interacted with a
+          #   resource in the same project or folder as the currently accessed resource
+          #   within the past 7 days.
+          MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION = 9
+          # Google-initiated access to maintain system reliability.
+          GOOGLE_RESPONSE_TO_PRODUCTION_ALERT = 10
+          # One of the following operations is being executed while simultaneously
+          # encountering an internal technical issue which prevented a more precise
+          # justification code from being generated:
+          #
+          # * Your account has been used to perform any access to your own data which
+          #   your IAM policy authorizes.
+          # * An automated Google system operates on encrypted customer data which your
+          #   IAM policy authorizes.
+          # * Customer-initiated Google support access.
+          # * Google-initiated support access to protect system reliability.
+          CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING = 11
+        end
       end
     end
   end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-kms-inventory-v1
 version: !ruby/object:Gem::Version
-  version: 0.10.0
+  version: 0.11.0
 platform: ruby
 authors:
 - Google LLC
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-05-15 00:00:00.000000000 Z
+date: 2024-06-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common