google-cloud-kms 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,62 @@
1
+ # Copyright 2018 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+ module Google
16
+ module Iam
17
+ module V1
18
+ # Request message for +SetIamPolicy+ method.
19
+ # @!attribute [rw] resource
20
+ # @return [String]
21
+ # REQUIRED: The resource for which the policy is being specified.
22
+ # +resource+ is usually specified as a path. For example, a Project
23
+ # resource is specified as +projects/{project}+.
24
+ # @!attribute [rw] policy
25
+ # @return [Google::Iam::V1::Policy]
26
+ # REQUIRED: The complete policy to be applied to the +resource+. The size of
27
+ # the policy is limited to a few 10s of KB. An empty policy is a
28
+ # valid policy but certain Cloud Platform services (such as Projects)
29
+ # might reject them.
30
+ class SetIamPolicyRequest; end
31
+
32
+ # Request message for +GetIamPolicy+ method.
33
+ # @!attribute [rw] resource
34
+ # @return [String]
35
+ # REQUIRED: The resource for which the policy is being requested.
36
+ # +resource+ is usually specified as a path. For example, a Project
37
+ # resource is specified as +projects/{project}+.
38
+ class GetIamPolicyRequest; end
39
+
40
+ # Request message for +TestIamPermissions+ method.
41
+ # @!attribute [rw] resource
42
+ # @return [String]
43
+ # REQUIRED: The resource for which the policy detail is being requested.
44
+ # +resource+ is usually specified as a path. For example, a Project
45
+ # resource is specified as +projects/{project}+.
46
+ # @!attribute [rw] permissions
47
+ # @return [Array<String>]
48
+ # The set of permissions to check for the +resource+. Permissions with
49
+ # wildcards (such as '*' or 'storage.*') are not allowed. For more
50
+ # information see
51
+ # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
52
+ class TestIamPermissionsRequest; end
53
+
54
+ # Response message for +TestIamPermissions+ method.
55
+ # @!attribute [rw] permissions
56
+ # @return [Array<String>]
57
+ # A subset of +TestPermissionsRequest.permissions+ that the caller is
58
+ # allowed.
59
+ class TestIamPermissionsResponse; end
60
+ end
61
+ end
62
+ end
@@ -0,0 +1,127 @@
1
+ # Copyright 2018 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+ module Google
16
+ module Iam
17
+ module V1
18
+ # Defines an Identity and Access Management (IAM) policy. It is used to
19
+ # specify access control policies for Cloud Platform resources.
20
+ #
21
+ #
22
+ # A +Policy+ consists of a list of +bindings+. A +Binding+ binds a list of
23
+ # +members+ to a +role+, where the members can be user accounts, Google groups,
24
+ # Google domains, and service accounts. A +role+ is a named list of permissions
25
+ # defined by IAM.
26
+ #
27
+ # **Example**
28
+ #
29
+ # {
30
+ # "bindings": [
31
+ # {
32
+ # "role": "roles/owner",
33
+ # "members": [
34
+ # "user:mike@example.com",
35
+ # "group:admins@example.com",
36
+ # "domain:google.com",
37
+ # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
38
+ # ]
39
+ # },
40
+ # {
41
+ # "role": "roles/viewer",
42
+ # "members": ["user:sean@example.com"]
43
+ # }
44
+ # ]
45
+ # }
46
+ #
47
+ # For a description of IAM and its features, see the
48
+ # [IAM developer's guide](https://cloud.google.com/iam).
49
+ # @!attribute [rw] version
50
+ # @return [Integer]
51
+ # Version of the +Policy+. The default version is 0.
52
+ # @!attribute [rw] bindings
53
+ # @return [Array<Google::Iam::V1::Binding>]
54
+ # Associates a list of +members+ to a +role+.
55
+ # Multiple +bindings+ must not be specified for the same +role+.
56
+ # +bindings+ with no members will result in an error.
57
+ # @!attribute [rw] etag
58
+ # @return [String]
59
+ # +etag+ is used for optimistic concurrency control as a way to help
60
+ # prevent simultaneous updates of a policy from overwriting each other.
61
+ # It is strongly suggested that systems make use of the +etag+ in the
62
+ # read-modify-write cycle to perform policy updates in order to avoid race
63
+ # conditions: An +etag+ is returned in the response to +getIamPolicy+, and
64
+ # systems are expected to put that etag in the request to +setIamPolicy+ to
65
+ # ensure that their change will be applied to the same version of the policy.
66
+ #
67
+ # If no +etag+ is provided in the call to +setIamPolicy+, then the existing
68
+ # policy is overwritten blindly.
69
+ class Policy; end
70
+
71
+ # Associates +members+ with a +role+.
72
+ # @!attribute [rw] role
73
+ # @return [String]
74
+ # Role that is assigned to +members+.
75
+ # For example, +roles/viewer+, +roles/editor+, or +roles/owner+.
76
+ # Required
77
+ # @!attribute [rw] members
78
+ # @return [Array<String>]
79
+ # Specifies the identities requesting access for a Cloud Platform resource.
80
+ # +members+ can have the following values:
81
+ #
82
+ # * +allUsers+: A special identifier that represents anyone who is
83
+ # on the internet; with or without a Google account.
84
+ #
85
+ # * +allAuthenticatedUsers+: A special identifier that represents anyone
86
+ # who is authenticated with a Google account or a service account.
87
+ #
88
+ # * +user:{emailid}+: An email address that represents a specific Google
89
+ # account. For example, +alice@gmail.com+ or +joe@example.com+.
90
+ #
91
+ #
92
+ # * +serviceAccount:{emailid}+: An email address that represents a service
93
+ # account. For example, +my-other-app@appspot.gserviceaccount.com+.
94
+ #
95
+ # * +group:{emailid}+: An email address that represents a Google group.
96
+ # For example, +admins@example.com+.
97
+ #
98
+ # * +domain:{domain}+: A Google Apps domain name that represents all the
99
+ # users of that domain. For example, +google.com+ or +example.com+.
100
+ class Binding; end
101
+
102
+ # The difference delta between two policies.
103
+ # @!attribute [rw] binding_deltas
104
+ # @return [Array<Google::Iam::V1::BindingDelta>]
105
+ # The delta for Bindings between two policies.
106
+ class PolicyDelta; end
107
+
108
+ # One delta entry for Binding. Each individual change (only one member in each
109
+ # entry) to a binding will be a separate entry.
110
+ # @!attribute [rw] action
111
+ # @return [Google::Iam::V1::BindingDelta::Action]
112
+ # The action that was performed on a Binding.
113
+ # Required
114
+ # @!attribute [rw] role
115
+ # @return [String]
116
+ # Role that is assigned to +members+.
117
+ # For example, +roles/viewer+, +roles/editor+, or +roles/owner+.
118
+ # Required
119
+ # @!attribute [rw] member
120
+ # @return [String]
121
+ # A single identity requesting access for a Cloud Platform resource.
122
+ # Follows the same format of Binding.members.
123
+ # Required
124
+ class BindingDelta; end
125
+ end
126
+ end
127
+ end
@@ -0,0 +1,90 @@
1
+ # Copyright 2018 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+ module Google
16
+ module Protobuf
17
+ # A Duration represents a signed, fixed-length span of time represented
18
+ # as a count of seconds and fractions of seconds at nanosecond
19
+ # resolution. It is independent of any calendar and concepts like "day"
20
+ # or "month". It is related to Timestamp in that the difference between
21
+ # two Timestamp values is a Duration and it can be added or subtracted
22
+ # from a Timestamp. Range is approximately +-10,000 years.
23
+ #
24
+ # = Examples
25
+ #
26
+ # Example 1: Compute Duration from two Timestamps in pseudo code.
27
+ #
28
+ # Timestamp start = ...;
29
+ # Timestamp end = ...;
30
+ # Duration duration = ...;
31
+ #
32
+ # duration.seconds = end.seconds - start.seconds;
33
+ # duration.nanos = end.nanos - start.nanos;
34
+ #
35
+ # if (duration.seconds < 0 && duration.nanos > 0) {
36
+ # duration.seconds += 1;
37
+ # duration.nanos -= 1000000000;
38
+ # } else if (durations.seconds > 0 && duration.nanos < 0) {
39
+ # duration.seconds -= 1;
40
+ # duration.nanos += 1000000000;
41
+ # }
42
+ #
43
+ # Example 2: Compute Timestamp from Timestamp + Duration in pseudo code.
44
+ #
45
+ # Timestamp start = ...;
46
+ # Duration duration = ...;
47
+ # Timestamp end = ...;
48
+ #
49
+ # end.seconds = start.seconds + duration.seconds;
50
+ # end.nanos = start.nanos + duration.nanos;
51
+ #
52
+ # if (end.nanos < 0) {
53
+ # end.seconds -= 1;
54
+ # end.nanos += 1000000000;
55
+ # } else if (end.nanos >= 1000000000) {
56
+ # end.seconds += 1;
57
+ # end.nanos -= 1000000000;
58
+ # }
59
+ #
60
+ # Example 3: Compute Duration from datetime.timedelta in Python.
61
+ #
62
+ # td = datetime.timedelta(days=3, minutes=10)
63
+ # duration = Duration()
64
+ # duration.FromTimedelta(td)
65
+ #
66
+ # = JSON Mapping
67
+ #
68
+ # In JSON format, the Duration type is encoded as a string rather than an
69
+ # object, where the string ends in the suffix "s" (indicating seconds) and
70
+ # is preceded by the number of seconds, with nanoseconds expressed as
71
+ # fractional seconds. For example, 3 seconds with 0 nanoseconds should be
72
+ # encoded in JSON format as "3s", while 3 seconds and 1 nanosecond should
73
+ # be expressed in JSON format as "3.000000001s", and 3 seconds and 1
74
+ # microsecond should be expressed in JSON format as "3.000001s".
75
+ # @!attribute [rw] seconds
76
+ # @return [Integer]
77
+ # Signed seconds of the span of time. Must be from -315,576,000,000
78
+ # to +315,576,000,000 inclusive. Note: these bounds are computed from:
79
+ # 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
80
+ # @!attribute [rw] nanos
81
+ # @return [Integer]
82
+ # Signed fractions of a second at nanosecond resolution of the span
83
+ # of time. Durations less than one second are represented with a 0
84
+ # +seconds+ field and a positive or negative +nanos+ field. For durations
85
+ # of one second or more, a non-zero value for the +nanos+ field must be
86
+ # of the same sign as the +seconds+ field. Must be from -999,999,999
87
+ # to +999,999,999 inclusive.
88
+ class Duration; end
89
+ end
90
+ end
@@ -0,0 +1,223 @@
1
+ # Copyright 2018 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+ module Google
16
+ module Protobuf
17
+ # +FieldMask+ represents a set of symbolic field paths, for example:
18
+ #
19
+ # paths: "f.a"
20
+ # paths: "f.b.d"
21
+ #
22
+ # Here +f+ represents a field in some root message, +a+ and +b+
23
+ # fields in the message found in +f+, and +d+ a field found in the
24
+ # message in +f.b+.
25
+ #
26
+ # Field masks are used to specify a subset of fields that should be
27
+ # returned by a get operation or modified by an update operation.
28
+ # Field masks also have a custom JSON encoding (see below).
29
+ #
30
+ # = Field Masks in Projections
31
+ #
32
+ # When used in the context of a projection, a response message or
33
+ # sub-message is filtered by the API to only contain those fields as
34
+ # specified in the mask. For example, if the mask in the previous
35
+ # example is applied to a response message as follows:
36
+ #
37
+ # f {
38
+ # a : 22
39
+ # b {
40
+ # d : 1
41
+ # x : 2
42
+ # }
43
+ # y : 13
44
+ # }
45
+ # z: 8
46
+ #
47
+ # The result will not contain specific values for fields x,y and z
48
+ # (their value will be set to the default, and omitted in proto text
49
+ # output):
50
+ #
51
+ #
52
+ # f {
53
+ # a : 22
54
+ # b {
55
+ # d : 1
56
+ # }
57
+ # }
58
+ #
59
+ # A repeated field is not allowed except at the last position of a
60
+ # paths string.
61
+ #
62
+ # If a FieldMask object is not present in a get operation, the
63
+ # operation applies to all fields (as if a FieldMask of all fields
64
+ # had been specified).
65
+ #
66
+ # Note that a field mask does not necessarily apply to the
67
+ # top-level response message. In case of a REST get operation, the
68
+ # field mask applies directly to the response, but in case of a REST
69
+ # list operation, the mask instead applies to each individual message
70
+ # in the returned resource list. In case of a REST custom method,
71
+ # other definitions may be used. Where the mask applies will be
72
+ # clearly documented together with its declaration in the API. In
73
+ # any case, the effect on the returned resource/resources is required
74
+ # behavior for APIs.
75
+ #
76
+ # = Field Masks in Update Operations
77
+ #
78
+ # A field mask in update operations specifies which fields of the
79
+ # targeted resource are going to be updated. The API is required
80
+ # to only change the values of the fields as specified in the mask
81
+ # and leave the others untouched. If a resource is passed in to
82
+ # describe the updated values, the API ignores the values of all
83
+ # fields not covered by the mask.
84
+ #
85
+ # If a repeated field is specified for an update operation, the existing
86
+ # repeated values in the target resource will be overwritten by the new values.
87
+ # Note that a repeated field is only allowed in the last position of a +paths+
88
+ # string.
89
+ #
90
+ # If a sub-message is specified in the last position of the field mask for an
91
+ # update operation, then the existing sub-message in the target resource is
92
+ # overwritten. Given the target message:
93
+ #
94
+ # f {
95
+ # b {
96
+ # d : 1
97
+ # x : 2
98
+ # }
99
+ # c : 1
100
+ # }
101
+ #
102
+ # And an update message:
103
+ #
104
+ # f {
105
+ # b {
106
+ # d : 10
107
+ # }
108
+ # }
109
+ #
110
+ # then if the field mask is:
111
+ #
112
+ # paths: "f.b"
113
+ #
114
+ # then the result will be:
115
+ #
116
+ # f {
117
+ # b {
118
+ # d : 10
119
+ # }
120
+ # c : 1
121
+ # }
122
+ #
123
+ # However, if the update mask was:
124
+ #
125
+ # paths: "f.b.d"
126
+ #
127
+ # then the result would be:
128
+ #
129
+ # f {
130
+ # b {
131
+ # d : 10
132
+ # x : 2
133
+ # }
134
+ # c : 1
135
+ # }
136
+ #
137
+ # In order to reset a field's value to the default, the field must
138
+ # be in the mask and set to the default value in the provided resource.
139
+ # Hence, in order to reset all fields of a resource, provide a default
140
+ # instance of the resource and set all fields in the mask, or do
141
+ # not provide a mask as described below.
142
+ #
143
+ # If a field mask is not present on update, the operation applies to
144
+ # all fields (as if a field mask of all fields has been specified).
145
+ # Note that in the presence of schema evolution, this may mean that
146
+ # fields the client does not know and has therefore not filled into
147
+ # the request will be reset to their default. If this is unwanted
148
+ # behavior, a specific service may require a client to always specify
149
+ # a field mask, producing an error if not.
150
+ #
151
+ # As with get operations, the location of the resource which
152
+ # describes the updated values in the request message depends on the
153
+ # operation kind. In any case, the effect of the field mask is
154
+ # required to be honored by the API.
155
+ #
156
+ # == Considerations for HTTP REST
157
+ #
158
+ # The HTTP kind of an update operation which uses a field mask must
159
+ # be set to PATCH instead of PUT in order to satisfy HTTP semantics
160
+ # (PUT must only be used for full updates).
161
+ #
162
+ # = JSON Encoding of Field Masks
163
+ #
164
+ # In JSON, a field mask is encoded as a single string where paths are
165
+ # separated by a comma. Fields name in each path are converted
166
+ # to/from lower-camel naming conventions.
167
+ #
168
+ # As an example, consider the following message declarations:
169
+ #
170
+ # message Profile {
171
+ # User user = 1;
172
+ # Photo photo = 2;
173
+ # }
174
+ # message User {
175
+ # string display_name = 1;
176
+ # string address = 2;
177
+ # }
178
+ #
179
+ # In proto a field mask for +Profile+ may look as such:
180
+ #
181
+ # mask {
182
+ # paths: "user.display_name"
183
+ # paths: "photo"
184
+ # }
185
+ #
186
+ # In JSON, the same mask is represented as below:
187
+ #
188
+ # {
189
+ # mask: "user.displayName,photo"
190
+ # }
191
+ #
192
+ # = Field Masks and Oneof Fields
193
+ #
194
+ # Field masks treat fields in oneofs just as regular fields. Consider the
195
+ # following message:
196
+ #
197
+ # message SampleMessage {
198
+ # oneof test_oneof {
199
+ # string name = 4;
200
+ # SubMessage sub_message = 9;
201
+ # }
202
+ # }
203
+ #
204
+ # The field mask can be:
205
+ #
206
+ # mask {
207
+ # paths: "name"
208
+ # }
209
+ #
210
+ # Or:
211
+ #
212
+ # mask {
213
+ # paths: "sub_message"
214
+ # }
215
+ #
216
+ # Note that oneof type names ("test_oneof" in this case) cannot be used in
217
+ # paths.
218
+ # @!attribute [rw] paths
219
+ # @return [Array<String>]
220
+ # The set of field mask paths.
221
+ class FieldMask; end
222
+ end
223
+ end