google-cloud-kms-inventory-v1 0.9.1 → 0.11.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 12675fe03b03c0f628e404ff6ce806227911f996abd151bded28812146190198
-  data.tar.gz: 4cd971eb5c52316ad9a72bd422a347ab37f94922063ed6b4d2ac0513eeb69f3c
+  metadata.gz: b3f10ea25f955a7c4e8414d450b1a39ae3dc31b473f8d095bfcd172d6e41ef7b
+  data.tar.gz: 90a8bd25953d2087eed377709984588660245f779a28d2ae981bd6fe61499202
 SHA512:
-  metadata.gz: e4316138d107352631df40254d268e3d0b73546784cb6833220e3eba7327445d9193ff67e3dab95e4612e9428a32900d4d6f8466373f29370c45412e2f9c4a35
-  data.tar.gz: 1835021ed5d1ef8cc09bb6e32565bb6ede1377248e093d22e5d20f34764ae49ef8695e46498014dcd7701b2e03729cc4461d03e64b72a5962008de5b75935269
+  metadata.gz: 33b9ad81032b914926aca977a46bfef9257f56fb0b660c5709bca42b3da6f33975db78ecd9a27a87eb870357b285e14df24ca245b75ace5c642cfc46c4386da1
+  data.tar.gz: 29b618bbfae239f1e4caceb9691c2cd3a90b847e66d0a26c8c5ba1abf54a2e0e1b4d6bc034ed40bd7b8361cbe9bd380555642725716b355b522cbac9eab02689

data/lib/google/cloud/kms/inventory/v1/key_dashboard_service/client.rb

@@ -31,6 +31,9 @@ module Google
             # Provides a cross-region view of all Cloud KMS keys in a given Cloud project.
             #
             class Client
+              # @private
+              API_VERSION = ""
+
               # @private
               DEFAULT_ENDPOINT_TEMPLATE = "kmsinventory.$UNIVERSE_DOMAIN$"
 
@@ -232,10 +235,11 @@ module Google
                 # Customize the options with defaults
                 metadata = @config.rpcs.list_crypto_keys.metadata.to_h
 
-                # Set x-goog-api-client and x-goog-user-project headers
+                # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
                 metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
                   lib_name: @config.lib_name, lib_version: @config.lib_version,
                   gapic_version: ::Google::Cloud::Kms::Inventory::V1::VERSION
+                metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
                 metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
                 header_params = {}

data/lib/google/cloud/kms/inventory/v1/key_dashboard_service/rest/client.rb

@@ -33,6 +33,9 @@ module Google
               # Provides a cross-region view of all Cloud KMS keys in a given Cloud project.
               #
               class Client
+                # @private
+                API_VERSION = ""
+
                 # @private
                 DEFAULT_ENDPOINT_TEMPLATE = "kmsinventory.$UNIVERSE_DOMAIN$"
 
@@ -224,12 +227,13 @@ module Google
                   # Customize the options with defaults
                   call_metadata = @config.rpcs.list_crypto_keys.metadata.to_h
 
-                  # Set x-goog-api-client and x-goog-user-project headers
+                  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
                   call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
                     lib_name: @config.lib_name, lib_version: @config.lib_version,
                     gapic_version: ::Google::Cloud::Kms::Inventory::V1::VERSION,
                     transports_version_send: [:rest]
 
+                  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
                   call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
                   options.apply_defaults timeout:      @config.rpcs.list_crypto_keys.timeout,

data/lib/google/cloud/kms/inventory/v1/key_tracking_service/client.rb

@@ -32,6 +32,9 @@ module Google
             # given Cloud KMS key via CMEK.
             #
             class Client
+              # @private
+              API_VERSION = ""
+
               # @private
               DEFAULT_ENDPOINT_TEMPLATE = "kmsinventory.$UNIVERSE_DOMAIN$"
 
@@ -226,10 +229,11 @@ module Google
                 # Customize the options with defaults
                 metadata = @config.rpcs.get_protected_resources_summary.metadata.to_h
 
-                # Set x-goog-api-client and x-goog-user-project headers
+                # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
                 metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
                   lib_name: @config.lib_name, lib_version: @config.lib_version,
                   gapic_version: ::Google::Cloud::Kms::Inventory::V1::VERSION
+                metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
                 metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
                 header_params = {}
@@ -348,10 +352,11 @@ module Google
                 # Customize the options with defaults
                 metadata = @config.rpcs.search_protected_resources.metadata.to_h
 
-                # Set x-goog-api-client and x-goog-user-project headers
+                # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
                 metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
                   lib_name: @config.lib_name, lib_version: @config.lib_version,
                   gapic_version: ::Google::Cloud::Kms::Inventory::V1::VERSION
+                metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
                 metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
                 header_params = {}

data/lib/google/cloud/kms/inventory/v1/key_tracking_service/rest/client.rb

@@ -34,6 +34,9 @@ module Google
               # given Cloud KMS key via CMEK.
               #
               class Client
+                # @private
+                API_VERSION = ""
+
                 # @private
                 DEFAULT_ENDPOINT_TEMPLATE = "kmsinventory.$UNIVERSE_DOMAIN$"
 
@@ -218,12 +221,13 @@ module Google
                   # Customize the options with defaults
                   call_metadata = @config.rpcs.get_protected_resources_summary.metadata.to_h
 
-                  # Set x-goog-api-client and x-goog-user-project headers
+                  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
                   call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
                     lib_name: @config.lib_name, lib_version: @config.lib_version,
                     gapic_version: ::Google::Cloud::Kms::Inventory::V1::VERSION,
                     transports_version_send: [:rest]
 
+                  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
                   call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
                   options.apply_defaults timeout:      @config.rpcs.get_protected_resources_summary.timeout,
@@ -333,12 +337,13 @@ module Google
                   # Customize the options with defaults
                   call_metadata = @config.rpcs.search_protected_resources.metadata.to_h
 
-                  # Set x-goog-api-client and x-goog-user-project headers
+                  # Set x-goog-api-client, x-goog-user-project and x-goog-api-version headers
                   call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
                     lib_name: @config.lib_name, lib_version: @config.lib_version,
                     gapic_version: ::Google::Cloud::Kms::Inventory::V1::VERSION,
                     transports_version_send: [:rest]
 
+                  call_metadata[:"x-goog-api-version"] = API_VERSION unless API_VERSION.empty?
                   call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
                   options.apply_defaults timeout:      @config.rpcs.search_protected_resources.timeout,

data/lib/google/cloud/kms/inventory/v1/version.rb

@@ -22,7 +22,7 @@ module Google
     module Kms
       module Inventory
         module V1
-          VERSION = "0.9.1"
+          VERSION = "0.11.0"
         end
       end
     end

data/proto_docs/google/cloud/kms/v1/resources.rb

@@ -137,6 +137,16 @@ module Google
         #     resource name in the format `projects/*/locations/*/ekmConnections/*`.
         #     Note, this list is non-exhaustive and may apply to additional
         #     {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevels} in the future.
+        # @!attribute [rw] key_access_justifications_policy
+        #   @return [::Google::Cloud::Kms::V1::KeyAccessJustificationsPolicy]
+        #     Optional. The policy used for Key Access Justifications Policy Enforcement.
+        #     If this field is present and this key is enrolled in Key Access
+        #     Justifications Policy Enforcement, the policy will be evaluated in encrypt,
+        #     decrypt, and sign operations, and the operation will fail if rejected by
+        #     the policy. The policy is defined by specifying zero or more allowed
+        #     justification codes.
+        #     https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes
+        #     By default, this field is absent, and all justification codes are allowed.
         class CryptoKey
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -516,6 +526,9 @@ module Google
             # https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms
             EC_SIGN_SECP256K1_SHA256 = 31
 
+            # EdDSA on the Curve25519 in pure mode (taking data as input).
+            EC_SIGN_ED25519 = 40
+
             # HMAC-SHA256 signing with a 256 bit key.
             HMAC_SHA256 = 32
 
@@ -873,6 +886,23 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # A
+        # {::Google::Cloud::Kms::V1::KeyAccessJustificationsPolicy KeyAccessJustificationsPolicy}
+        # specifies zero or more allowed
+        # {::Google::Cloud::Kms::V1::AccessReason AccessReason} values for encrypt, decrypt,
+        # and sign operations on a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
+        # @!attribute [rw] allowed_access_reasons
+        #   @return [::Array<::Google::Cloud::Kms::V1::AccessReason>]
+        #     The list of allowed reasons for access to a
+        #     {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}. Zero allowed access reasons
+        #     means all encrypt, decrypt, and sign operations for the
+        #     {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} associated with this policy will
+        #     fail.
+        class KeyAccessJustificationsPolicy
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} specifies how
         # cryptographic operations are performed. For more information, see [Protection
         # levels] (https://cloud.google.com/kms/docs/algorithms#protection_levels).
@@ -892,6 +922,73 @@ module Google
           # Crypto operations are performed in an EKM-over-VPC backend.
           EXTERNAL_VPC = 4
         end
+
+        # Describes the reason for a data access. Please refer to
+        # https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes
+        # for the detailed semantic meaning of justification reason codes.
+        module AccessReason
+          # Unspecified access reason.
+          REASON_UNSPECIFIED = 0
+
+          # Customer-initiated support.
+          CUSTOMER_INITIATED_SUPPORT = 1
+
+          # Google-initiated access for system management and troubleshooting.
+          GOOGLE_INITIATED_SERVICE = 2
+
+          # Google-initiated access in response to a legal request or legal process.
+          THIRD_PARTY_DATA_REQUEST = 3
+
+          # Google-initiated access for security, fraud, abuse, or compliance purposes.
+          GOOGLE_INITIATED_REVIEW = 4
+
+          # Customer uses their account to perform any access to their own data which
+          # their IAM policy authorizes.
+          CUSTOMER_INITIATED_ACCESS = 5
+
+          # Google systems access customer data to help optimize the structure of the
+          # data or quality for future uses by the customer.
+          GOOGLE_INITIATED_SYSTEM_OPERATION = 6
+
+          # No reason is expected for this key request.
+          REASON_NOT_EXPECTED = 7
+
+          # Customer uses their account to perform any access to their own data which
+          # their IAM policy authorizes, and one of the following is true:
+          #
+          # * A Google administrator has reset the root-access account associated with
+          #   the user's organization within the past 7 days.
+          # * A Google-initiated emergency access operation has interacted with a
+          #   resource in the same project or folder as the currently accessed resource
+          #   within the past 7 days.
+          MODIFIED_CUSTOMER_INITIATED_ACCESS = 8
+
+          # Google systems access customer data to help optimize the structure of the
+          # data or quality for future uses by the customer, and one of the following
+          # is true:
+          #
+          # * A Google administrator has reset the root-access account associated with
+          #   the user's organization within the past 7 days.
+          # * A Google-initiated emergency access operation has interacted with a
+          #   resource in the same project or folder as the currently accessed resource
+          #   within the past 7 days.
+          MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION = 9
+
+          # Google-initiated access to maintain system reliability.
+          GOOGLE_RESPONSE_TO_PRODUCTION_ALERT = 10
+
+          # One of the following operations is being executed while simultaneously
+          # encountering an internal technical issue which prevented a more precise
+          # justification code from being generated:
+          #
+          # * Your account has been used to perform any access to your own data which
+          #   your IAM policy authorizes.
+          # * An automated Google system operates on encrypted customer data which your
+          #   IAM policy authorizes.
+          # * Customer-initiated Google support access.
+          # * Google-initiated support access to protect system reliability.
+          CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING = 11
+        end
       end
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-kms-inventory-v1
 version: !ruby/object:Gem::Version
-  version: 0.9.1
+  version: 0.11.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-04-19 00:00:00.000000000 Z
+date: 2024-06-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common