google-cloud-kms-inventory-v1 0.10.0 → 0.11.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0efeb50138dd50d5317c31ae48144e32df32ad2d2b7021f90c3605be1dd33e9e
4
- data.tar.gz: ce5cbf8a11958b55e59ed3059859242650e56011b880643e9db80fbfca75f0c5
3
+ metadata.gz: b3f10ea25f955a7c4e8414d450b1a39ae3dc31b473f8d095bfcd172d6e41ef7b
4
+ data.tar.gz: 90a8bd25953d2087eed377709984588660245f779a28d2ae981bd6fe61499202
5
5
  SHA512:
6
- metadata.gz: 48bcca9288df0e488247f1b4ec1e32f0b93adf6047a0bb0f820a35443fc10b847ded950908d84a41284d1dc7d41eb5f860948d3fc431715aaab402790213913e
7
- data.tar.gz: 2781247baff2b2bd8f15854447ef1ddedba200804f6d04f4d56af80c991dd68a2bb1c991118237f2936bbb63947365bbb785376fe5c4dabde87e68a6f28e7be1
6
+ metadata.gz: 33b9ad81032b914926aca977a46bfef9257f56fb0b660c5709bca42b3da6f33975db78ecd9a27a87eb870357b285e14df24ca245b75ace5c642cfc46c4386da1
7
+ data.tar.gz: 29b618bbfae239f1e4caceb9691c2cd3a90b847e66d0a26c8c5ba1abf54a2e0e1b4d6bc034ed40bd7b8361cbe9bd380555642725716b355b522cbac9eab02689
@@ -22,7 +22,7 @@ module Google
22
22
  module Kms
23
23
  module Inventory
24
24
  module V1
25
- VERSION = "0.10.0"
25
+ VERSION = "0.11.0"
26
26
  end
27
27
  end
28
28
  end
@@ -137,6 +137,16 @@ module Google
137
137
  # resource name in the format `projects/*/locations/*/ekmConnections/*`.
138
138
  # Note, this list is non-exhaustive and may apply to additional
139
139
  # {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevels} in the future.
140
+ # @!attribute [rw] key_access_justifications_policy
141
+ # @return [::Google::Cloud::Kms::V1::KeyAccessJustificationsPolicy]
142
+ # Optional. The policy used for Key Access Justifications Policy Enforcement.
143
+ # If this field is present and this key is enrolled in Key Access
144
+ # Justifications Policy Enforcement, the policy will be evaluated in encrypt,
145
+ # decrypt, and sign operations, and the operation will fail if rejected by
146
+ # the policy. The policy is defined by specifying zero or more allowed
147
+ # justification codes.
148
+ # https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes
149
+ # By default, this field is absent, and all justification codes are allowed.
140
150
  class CryptoKey
141
151
  include ::Google::Protobuf::MessageExts
142
152
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -876,6 +886,23 @@ module Google
876
886
  extend ::Google::Protobuf::MessageExts::ClassMethods
877
887
  end
878
888
 
889
+ # A
890
+ # {::Google::Cloud::Kms::V1::KeyAccessJustificationsPolicy KeyAccessJustificationsPolicy}
891
+ # specifies zero or more allowed
892
+ # {::Google::Cloud::Kms::V1::AccessReason AccessReason} values for encrypt, decrypt,
893
+ # and sign operations on a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
894
+ # @!attribute [rw] allowed_access_reasons
895
+ # @return [::Array<::Google::Cloud::Kms::V1::AccessReason>]
896
+ # The list of allowed reasons for access to a
897
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}. Zero allowed access reasons
898
+ # means all encrypt, decrypt, and sign operations for the
899
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} associated with this policy will
900
+ # fail.
901
+ class KeyAccessJustificationsPolicy
902
+ include ::Google::Protobuf::MessageExts
903
+ extend ::Google::Protobuf::MessageExts::ClassMethods
904
+ end
905
+
879
906
  # {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} specifies how
880
907
  # cryptographic operations are performed. For more information, see [Protection
881
908
  # levels] (https://cloud.google.com/kms/docs/algorithms#protection_levels).
@@ -895,6 +922,73 @@ module Google
895
922
  # Crypto operations are performed in an EKM-over-VPC backend.
896
923
  EXTERNAL_VPC = 4
897
924
  end
925
+
926
+ # Describes the reason for a data access. Please refer to
927
+ # https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes
928
+ # for the detailed semantic meaning of justification reason codes.
929
+ module AccessReason
930
+ # Unspecified access reason.
931
+ REASON_UNSPECIFIED = 0
932
+
933
+ # Customer-initiated support.
934
+ CUSTOMER_INITIATED_SUPPORT = 1
935
+
936
+ # Google-initiated access for system management and troubleshooting.
937
+ GOOGLE_INITIATED_SERVICE = 2
938
+
939
+ # Google-initiated access in response to a legal request or legal process.
940
+ THIRD_PARTY_DATA_REQUEST = 3
941
+
942
+ # Google-initiated access for security, fraud, abuse, or compliance purposes.
943
+ GOOGLE_INITIATED_REVIEW = 4
944
+
945
+ # Customer uses their account to perform any access to their own data which
946
+ # their IAM policy authorizes.
947
+ CUSTOMER_INITIATED_ACCESS = 5
948
+
949
+ # Google systems access customer data to help optimize the structure of the
950
+ # data or quality for future uses by the customer.
951
+ GOOGLE_INITIATED_SYSTEM_OPERATION = 6
952
+
953
+ # No reason is expected for this key request.
954
+ REASON_NOT_EXPECTED = 7
955
+
956
+ # Customer uses their account to perform any access to their own data which
957
+ # their IAM policy authorizes, and one of the following is true:
958
+ #
959
+ # * A Google administrator has reset the root-access account associated with
960
+ # the user's organization within the past 7 days.
961
+ # * A Google-initiated emergency access operation has interacted with a
962
+ # resource in the same project or folder as the currently accessed resource
963
+ # within the past 7 days.
964
+ MODIFIED_CUSTOMER_INITIATED_ACCESS = 8
965
+
966
+ # Google systems access customer data to help optimize the structure of the
967
+ # data or quality for future uses by the customer, and one of the following
968
+ # is true:
969
+ #
970
+ # * A Google administrator has reset the root-access account associated with
971
+ # the user's organization within the past 7 days.
972
+ # * A Google-initiated emergency access operation has interacted with a
973
+ # resource in the same project or folder as the currently accessed resource
974
+ # within the past 7 days.
975
+ MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION = 9
976
+
977
+ # Google-initiated access to maintain system reliability.
978
+ GOOGLE_RESPONSE_TO_PRODUCTION_ALERT = 10
979
+
980
+ # One of the following operations is being executed while simultaneously
981
+ # encountering an internal technical issue which prevented a more precise
982
+ # justification code from being generated:
983
+ #
984
+ # * Your account has been used to perform any access to your own data which
985
+ # your IAM policy authorizes.
986
+ # * An automated Google system operates on encrypted customer data which your
987
+ # IAM policy authorizes.
988
+ # * Customer-initiated Google support access.
989
+ # * Google-initiated support access to protect system reliability.
990
+ CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING = 11
991
+ end
898
992
  end
899
993
  end
900
994
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-cloud-kms-inventory-v1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.10.0
4
+ version: 0.11.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-05-15 00:00:00.000000000 Z
11
+ date: 2024-06-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gapic-common