google-cloud-kms-inventory-v1 0.10.0 → 0.11.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b3f10ea25f955a7c4e8414d450b1a39ae3dc31b473f8d095bfcd172d6e41ef7b
|
4
|
+
data.tar.gz: 90a8bd25953d2087eed377709984588660245f779a28d2ae981bd6fe61499202
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 33b9ad81032b914926aca977a46bfef9257f56fb0b660c5709bca42b3da6f33975db78ecd9a27a87eb870357b285e14df24ca245b75ace5c642cfc46c4386da1
|
7
|
+
data.tar.gz: 29b618bbfae239f1e4caceb9691c2cd3a90b847e66d0a26c8c5ba1abf54a2e0e1b4d6bc034ed40bd7b8361cbe9bd380555642725716b355b522cbac9eab02689
|
@@ -137,6 +137,16 @@ module Google
|
|
137
137
|
# resource name in the format `projects/*/locations/*/ekmConnections/*`.
|
138
138
|
# Note, this list is non-exhaustive and may apply to additional
|
139
139
|
# {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevels} in the future.
|
140
|
+
# @!attribute [rw] key_access_justifications_policy
|
141
|
+
# @return [::Google::Cloud::Kms::V1::KeyAccessJustificationsPolicy]
|
142
|
+
# Optional. The policy used for Key Access Justifications Policy Enforcement.
|
143
|
+
# If this field is present and this key is enrolled in Key Access
|
144
|
+
# Justifications Policy Enforcement, the policy will be evaluated in encrypt,
|
145
|
+
# decrypt, and sign operations, and the operation will fail if rejected by
|
146
|
+
# the policy. The policy is defined by specifying zero or more allowed
|
147
|
+
# justification codes.
|
148
|
+
# https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes
|
149
|
+
# By default, this field is absent, and all justification codes are allowed.
|
140
150
|
class CryptoKey
|
141
151
|
include ::Google::Protobuf::MessageExts
|
142
152
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -876,6 +886,23 @@ module Google
|
|
876
886
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
877
887
|
end
|
878
888
|
|
889
|
+
# A
|
890
|
+
# {::Google::Cloud::Kms::V1::KeyAccessJustificationsPolicy KeyAccessJustificationsPolicy}
|
891
|
+
# specifies zero or more allowed
|
892
|
+
# {::Google::Cloud::Kms::V1::AccessReason AccessReason} values for encrypt, decrypt,
|
893
|
+
# and sign operations on a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
894
|
+
# @!attribute [rw] allowed_access_reasons
|
895
|
+
# @return [::Array<::Google::Cloud::Kms::V1::AccessReason>]
|
896
|
+
# The list of allowed reasons for access to a
|
897
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}. Zero allowed access reasons
|
898
|
+
# means all encrypt, decrypt, and sign operations for the
|
899
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} associated with this policy will
|
900
|
+
# fail.
|
901
|
+
class KeyAccessJustificationsPolicy
|
902
|
+
include ::Google::Protobuf::MessageExts
|
903
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
904
|
+
end
|
905
|
+
|
879
906
|
# {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} specifies how
|
880
907
|
# cryptographic operations are performed. For more information, see [Protection
|
881
908
|
# levels] (https://cloud.google.com/kms/docs/algorithms#protection_levels).
|
@@ -895,6 +922,73 @@ module Google
|
|
895
922
|
# Crypto operations are performed in an EKM-over-VPC backend.
|
896
923
|
EXTERNAL_VPC = 4
|
897
924
|
end
|
925
|
+
|
926
|
+
# Describes the reason for a data access. Please refer to
|
927
|
+
# https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes
|
928
|
+
# for the detailed semantic meaning of justification reason codes.
|
929
|
+
module AccessReason
|
930
|
+
# Unspecified access reason.
|
931
|
+
REASON_UNSPECIFIED = 0
|
932
|
+
|
933
|
+
# Customer-initiated support.
|
934
|
+
CUSTOMER_INITIATED_SUPPORT = 1
|
935
|
+
|
936
|
+
# Google-initiated access for system management and troubleshooting.
|
937
|
+
GOOGLE_INITIATED_SERVICE = 2
|
938
|
+
|
939
|
+
# Google-initiated access in response to a legal request or legal process.
|
940
|
+
THIRD_PARTY_DATA_REQUEST = 3
|
941
|
+
|
942
|
+
# Google-initiated access for security, fraud, abuse, or compliance purposes.
|
943
|
+
GOOGLE_INITIATED_REVIEW = 4
|
944
|
+
|
945
|
+
# Customer uses their account to perform any access to their own data which
|
946
|
+
# their IAM policy authorizes.
|
947
|
+
CUSTOMER_INITIATED_ACCESS = 5
|
948
|
+
|
949
|
+
# Google systems access customer data to help optimize the structure of the
|
950
|
+
# data or quality for future uses by the customer.
|
951
|
+
GOOGLE_INITIATED_SYSTEM_OPERATION = 6
|
952
|
+
|
953
|
+
# No reason is expected for this key request.
|
954
|
+
REASON_NOT_EXPECTED = 7
|
955
|
+
|
956
|
+
# Customer uses their account to perform any access to their own data which
|
957
|
+
# their IAM policy authorizes, and one of the following is true:
|
958
|
+
#
|
959
|
+
# * A Google administrator has reset the root-access account associated with
|
960
|
+
# the user's organization within the past 7 days.
|
961
|
+
# * A Google-initiated emergency access operation has interacted with a
|
962
|
+
# resource in the same project or folder as the currently accessed resource
|
963
|
+
# within the past 7 days.
|
964
|
+
MODIFIED_CUSTOMER_INITIATED_ACCESS = 8
|
965
|
+
|
966
|
+
# Google systems access customer data to help optimize the structure of the
|
967
|
+
# data or quality for future uses by the customer, and one of the following
|
968
|
+
# is true:
|
969
|
+
#
|
970
|
+
# * A Google administrator has reset the root-access account associated with
|
971
|
+
# the user's organization within the past 7 days.
|
972
|
+
# * A Google-initiated emergency access operation has interacted with a
|
973
|
+
# resource in the same project or folder as the currently accessed resource
|
974
|
+
# within the past 7 days.
|
975
|
+
MODIFIED_GOOGLE_INITIATED_SYSTEM_OPERATION = 9
|
976
|
+
|
977
|
+
# Google-initiated access to maintain system reliability.
|
978
|
+
GOOGLE_RESPONSE_TO_PRODUCTION_ALERT = 10
|
979
|
+
|
980
|
+
# One of the following operations is being executed while simultaneously
|
981
|
+
# encountering an internal technical issue which prevented a more precise
|
982
|
+
# justification code from being generated:
|
983
|
+
#
|
984
|
+
# * Your account has been used to perform any access to your own data which
|
985
|
+
# your IAM policy authorizes.
|
986
|
+
# * An automated Google system operates on encrypted customer data which your
|
987
|
+
# IAM policy authorizes.
|
988
|
+
# * Customer-initiated Google support access.
|
989
|
+
# * Google-initiated support access to protect system reliability.
|
990
|
+
CUSTOMER_AUTHORIZED_WORKFLOW_SERVICING = 11
|
991
|
+
end
|
898
992
|
end
|
899
993
|
end
|
900
994
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-kms-inventory-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.11.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-06-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|