google-cloud-kms 0.1.0

data/lib/google/cloud/kms/v1/doc/google/iam/v1/iam_policy.rb

@@ -0,0 +1,62 @@
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module Google
+  module Iam
+    module V1
+      # Request message for +SetIamPolicy+ method.
+      # @!attribute [rw] resource
+      #   @return [String]
+      #     REQUIRED: The resource for which the policy is being specified.
+      #     +resource+ is usually specified as a path. For example, a Project
+      #     resource is specified as +projects/{project}+.
+      # @!attribute [rw] policy
+      #   @return [Google::Iam::V1::Policy]
+      #     REQUIRED: The complete policy to be applied to the +resource+. The size of
+      #     the policy is limited to a few 10s of KB. An empty policy is a
+      #     valid policy but certain Cloud Platform services (such as Projects)
+      #     might reject them.
+      class SetIamPolicyRequest; end
+
+      # Request message for +GetIamPolicy+ method.
+      # @!attribute [rw] resource
+      #   @return [String]
+      #     REQUIRED: The resource for which the policy is being requested.
+      #     +resource+ is usually specified as a path. For example, a Project
+      #     resource is specified as +projects/{project}+.
+      class GetIamPolicyRequest; end
+
+      # Request message for +TestIamPermissions+ method.
+      # @!attribute [rw] resource
+      #   @return [String]
+      #     REQUIRED: The resource for which the policy detail is being requested.
+      #     +resource+ is usually specified as a path. For example, a Project
+      #     resource is specified as +projects/{project}+.
+      # @!attribute [rw] permissions
+      #   @return [Array<String>]
+      #     The set of permissions to check for the +resource+. Permissions with
+      #     wildcards (such as '*' or 'storage.*') are not allowed. For more
+      #     information see
+      #     [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
+      class TestIamPermissionsRequest; end
+
+      # Response message for +TestIamPermissions+ method.
+      # @!attribute [rw] permissions
+      #   @return [Array<String>]
+      #     A subset of +TestPermissionsRequest.permissions+ that the caller is
+      #     allowed.
+      class TestIamPermissionsResponse; end
+    end
+  end
+end

data/lib/google/cloud/kms/v1/doc/google/iam/v1/policy.rb

@@ -0,0 +1,127 @@
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module Google
+  module Iam
+    module V1
+      # Defines an Identity and Access Management (IAM) policy. It is used to
+      # specify access control policies for Cloud Platform resources.
+      #
+      #
+      # A +Policy+ consists of a list of +bindings+. A +Binding+ binds a list of
+      # +members+ to a +role+, where the members can be user accounts, Google groups,
+      # Google domains, and service accounts. A +role+ is a named list of permissions
+      # defined by IAM.
+      #
+      # **Example**
+      #
+      #     {
+      #       "bindings": [
+      #         {
+      #           "role": "roles/owner",
+      #           "members": [
+      #             "user:mike@example.com",
+      #             "group:admins@example.com",
+      #             "domain:google.com",
+      #             "serviceAccount:my-other-app@appspot.gserviceaccount.com",
+      #           ]
+      #         },
+      #         {
+      #           "role": "roles/viewer",
+      #           "members": ["user:sean@example.com"]
+      #         }
+      #       ]
+      #     }
+      #
+      # For a description of IAM and its features, see the
+      # [IAM developer's guide](https://cloud.google.com/iam).
+      # @!attribute [rw] version
+      #   @return [Integer]
+      #     Version of the +Policy+. The default version is 0.
+      # @!attribute [rw] bindings
+      #   @return [Array<Google::Iam::V1::Binding>]
+      #     Associates a list of +members+ to a +role+.
+      #     Multiple +bindings+ must not be specified for the same +role+.
+      #     +bindings+ with no members will result in an error.
+      # @!attribute [rw] etag
+      #   @return [String]
+      #     +etag+ is used for optimistic concurrency control as a way to help
+      #     prevent simultaneous updates of a policy from overwriting each other.
+      #     It is strongly suggested that systems make use of the +etag+ in the
+      #     read-modify-write cycle to perform policy updates in order to avoid race
+      #     conditions: An +etag+ is returned in the response to +getIamPolicy+, and
+      #     systems are expected to put that etag in the request to +setIamPolicy+ to
+      #     ensure that their change will be applied to the same version of the policy.
+      #
+      #     If no +etag+ is provided in the call to +setIamPolicy+, then the existing
+      #     policy is overwritten blindly.
+      class Policy; end
+
+      # Associates +members+ with a +role+.
+      # @!attribute [rw] role
+      #   @return [String]
+      #     Role that is assigned to +members+.
+      #     For example, +roles/viewer+, +roles/editor+, or +roles/owner+.
+      #     Required
+      # @!attribute [rw] members
+      #   @return [Array<String>]
+      #     Specifies the identities requesting access for a Cloud Platform resource.
+      #     +members+ can have the following values:
+      #
+      #     * +allUsers+: A special identifier that represents anyone who is
+      #       on the internet; with or without a Google account.
+      #
+      #     * +allAuthenticatedUsers+: A special identifier that represents anyone
+      #       who is authenticated with a Google account or a service account.
+      #
+      #     * +user:{emailid}+: An email address that represents a specific Google
+      #       account. For example, +alice@gmail.com+ or +joe@example.com+.
+      #
+      #
+      #     * +serviceAccount:{emailid}+: An email address that represents a service
+      #       account. For example, +my-other-app@appspot.gserviceaccount.com+.
+      #
+      #     * +group:{emailid}+: An email address that represents a Google group.
+      #       For example, +admins@example.com+.
+      #
+      #     * +domain:{domain}+: A Google Apps domain name that represents all the
+      #       users of that domain. For example, +google.com+ or +example.com+.
+      class Binding; end
+
+      # The difference delta between two policies.
+      # @!attribute [rw] binding_deltas
+      #   @return [Array<Google::Iam::V1::BindingDelta>]
+      #     The delta for Bindings between two policies.
+      class PolicyDelta; end
+
+      # One delta entry for Binding. Each individual change (only one member in each
+      # entry) to a binding will be a separate entry.
+      # @!attribute [rw] action
+      #   @return [Google::Iam::V1::BindingDelta::Action]
+      #     The action that was performed on a Binding.
+      #     Required
+      # @!attribute [rw] role
+      #   @return [String]
+      #     Role that is assigned to +members+.
+      #     For example, +roles/viewer+, +roles/editor+, or +roles/owner+.
+      #     Required
+      # @!attribute [rw] member
+      #   @return [String]
+      #     A single identity requesting access for a Cloud Platform resource.
+      #     Follows the same format of Binding.members.
+      #     Required
+      class BindingDelta; end
+    end
+  end
+end

data/lib/google/cloud/kms/v1/doc/google/protobuf/duration.rb

@@ -0,0 +1,90 @@
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module Google
+  module Protobuf
+    # A Duration represents a signed, fixed-length span of time represented
+    # as a count of seconds and fractions of seconds at nanosecond
+    # resolution. It is independent of any calendar and concepts like "day"
+    # or "month". It is related to Timestamp in that the difference between
+    # two Timestamp values is a Duration and it can be added or subtracted
+    # from a Timestamp. Range is approximately +-10,000 years.
+    #
+    # = Examples
+    #
+    # Example 1: Compute Duration from two Timestamps in pseudo code.
+    #
+    #     Timestamp start = ...;
+    #     Timestamp end = ...;
+    #     Duration duration = ...;
+    #
+    #     duration.seconds = end.seconds - start.seconds;
+    #     duration.nanos = end.nanos - start.nanos;
+    #
+    #     if (duration.seconds < 0 && duration.nanos > 0) {
+    #       duration.seconds += 1;
+    #       duration.nanos -= 1000000000;
+    #     } else if (durations.seconds > 0 && duration.nanos < 0) {
+    #       duration.seconds -= 1;
+    #       duration.nanos += 1000000000;
+    #     }
+    #
+    # Example 2: Compute Timestamp from Timestamp + Duration in pseudo code.
+    #
+    #     Timestamp start = ...;
+    #     Duration duration = ...;
+    #     Timestamp end = ...;
+    #
+    #     end.seconds = start.seconds + duration.seconds;
+    #     end.nanos = start.nanos + duration.nanos;
+    #
+    #     if (end.nanos < 0) {
+    #       end.seconds -= 1;
+    #       end.nanos += 1000000000;
+    #     } else if (end.nanos >= 1000000000) {
+    #       end.seconds += 1;
+    #       end.nanos -= 1000000000;
+    #     }
+    #
+    # Example 3: Compute Duration from datetime.timedelta in Python.
+    #
+    #     td = datetime.timedelta(days=3, minutes=10)
+    #     duration = Duration()
+    #     duration.FromTimedelta(td)
+    #
+    # = JSON Mapping
+    #
+    # In JSON format, the Duration type is encoded as a string rather than an
+    # object, where the string ends in the suffix "s" (indicating seconds) and
+    # is preceded by the number of seconds, with nanoseconds expressed as
+    # fractional seconds. For example, 3 seconds with 0 nanoseconds should be
+    # encoded in JSON format as "3s", while 3 seconds and 1 nanosecond should
+    # be expressed in JSON format as "3.000000001s", and 3 seconds and 1
+    # microsecond should be expressed in JSON format as "3.000001s".
+    # @!attribute [rw] seconds
+    #   @return [Integer]
+    #     Signed seconds of the span of time. Must be from -315,576,000,000
+    #     to +315,576,000,000 inclusive. Note: these bounds are computed from:
+    #     60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
+    # @!attribute [rw] nanos
+    #   @return [Integer]
+    #     Signed fractions of a second at nanosecond resolution of the span
+    #     of time. Durations less than one second are represented with a 0
+    #     +seconds+ field and a positive or negative +nanos+ field. For durations
+    #     of one second or more, a non-zero value for the +nanos+ field must be
+    #     of the same sign as the +seconds+ field. Must be from -999,999,999
+    #     to +999,999,999 inclusive.
+    class Duration; end
+  end
+end

data/lib/google/cloud/kms/v1/doc/google/protobuf/field_mask.rb

@@ -0,0 +1,223 @@
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module Google
+  module Protobuf
+    # +FieldMask+ represents a set of symbolic field paths, for example:
+    #
+    #     paths: "f.a"
+    #     paths: "f.b.d"
+    #
+    # Here +f+ represents a field in some root message, +a+ and +b+
+    # fields in the message found in +f+, and +d+ a field found in the
+    # message in +f.b+.
+    #
+    # Field masks are used to specify a subset of fields that should be
+    # returned by a get operation or modified by an update operation.
+    # Field masks also have a custom JSON encoding (see below).
+    #
+    # = Field Masks in Projections
+    #
+    # When used in the context of a projection, a response message or
+    # sub-message is filtered by the API to only contain those fields as
+    # specified in the mask. For example, if the mask in the previous
+    # example is applied to a response message as follows:
+    #
+    #     f {
+    #       a : 22
+    #       b {
+    #         d : 1
+    #         x : 2
+    #       }
+    #       y : 13
+    #     }
+    #     z: 8
+    #
+    # The result will not contain specific values for fields x,y and z
+    # (their value will be set to the default, and omitted in proto text
+    # output):
+    #
+    #
+    #     f {
+    #       a : 22
+    #       b {
+    #         d : 1
+    #       }
+    #     }
+    #
+    # A repeated field is not allowed except at the last position of a
+    # paths string.
+    #
+    # If a FieldMask object is not present in a get operation, the
+    # operation applies to all fields (as if a FieldMask of all fields
+    # had been specified).
+    #
+    # Note that a field mask does not necessarily apply to the
+    # top-level response message. In case of a REST get operation, the
+    # field mask applies directly to the response, but in case of a REST
+    # list operation, the mask instead applies to each individual message
+    # in the returned resource list. In case of a REST custom method,
+    # other definitions may be used. Where the mask applies will be
+    # clearly documented together with its declaration in the API.  In
+    # any case, the effect on the returned resource/resources is required
+    # behavior for APIs.
+    #
+    # = Field Masks in Update Operations
+    #
+    # A field mask in update operations specifies which fields of the
+    # targeted resource are going to be updated. The API is required
+    # to only change the values of the fields as specified in the mask
+    # and leave the others untouched. If a resource is passed in to
+    # describe the updated values, the API ignores the values of all
+    # fields not covered by the mask.
+    #
+    # If a repeated field is specified for an update operation, the existing
+    # repeated values in the target resource will be overwritten by the new values.
+    # Note that a repeated field is only allowed in the last position of a +paths+
+    # string.
+    #
+    # If a sub-message is specified in the last position of the field mask for an
+    # update operation, then the existing sub-message in the target resource is
+    # overwritten. Given the target message:
+    #
+    #     f {
+    #       b {
+    #         d : 1
+    #         x : 2
+    #       }
+    #       c : 1
+    #     }
+    #
+    # And an update message:
+    #
+    #     f {
+    #       b {
+    #         d : 10
+    #       }
+    #     }
+    #
+    # then if the field mask is:
+    #
+    #  paths: "f.b"
+    #
+    # then the result will be:
+    #
+    #     f {
+    #       b {
+    #         d : 10
+    #       }
+    #       c : 1
+    #     }
+    #
+    # However, if the update mask was:
+    #
+    #  paths: "f.b.d"
+    #
+    # then the result would be:
+    #
+    #     f {
+    #       b {
+    #         d : 10
+    #         x : 2
+    #       }
+    #       c : 1
+    #     }
+    #
+    # In order to reset a field's value to the default, the field must
+    # be in the mask and set to the default value in the provided resource.
+    # Hence, in order to reset all fields of a resource, provide a default
+    # instance of the resource and set all fields in the mask, or do
+    # not provide a mask as described below.
+    #
+    # If a field mask is not present on update, the operation applies to
+    # all fields (as if a field mask of all fields has been specified).
+    # Note that in the presence of schema evolution, this may mean that
+    # fields the client does not know and has therefore not filled into
+    # the request will be reset to their default. If this is unwanted
+    # behavior, a specific service may require a client to always specify
+    # a field mask, producing an error if not.
+    #
+    # As with get operations, the location of the resource which
+    # describes the updated values in the request message depends on the
+    # operation kind. In any case, the effect of the field mask is
+    # required to be honored by the API.
+    #
+    # == Considerations for HTTP REST
+    #
+    # The HTTP kind of an update operation which uses a field mask must
+    # be set to PATCH instead of PUT in order to satisfy HTTP semantics
+    # (PUT must only be used for full updates).
+    #
+    # = JSON Encoding of Field Masks
+    #
+    # In JSON, a field mask is encoded as a single string where paths are
+    # separated by a comma. Fields name in each path are converted
+    # to/from lower-camel naming conventions.
+    #
+    # As an example, consider the following message declarations:
+    #
+    #     message Profile {
+    #       User user = 1;
+    #       Photo photo = 2;
+    #     }
+    #     message User {
+    #       string display_name = 1;
+    #       string address = 2;
+    #     }
+    #
+    # In proto a field mask for +Profile+ may look as such:
+    #
+    #     mask {
+    #       paths: "user.display_name"
+    #       paths: "photo"
+    #     }
+    #
+    # In JSON, the same mask is represented as below:
+    #
+    #     {
+    #       mask: "user.displayName,photo"
+    #     }
+    #
+    # = Field Masks and Oneof Fields
+    #
+    # Field masks treat fields in oneofs just as regular fields. Consider the
+    # following message:
+    #
+    #     message SampleMessage {
+    #       oneof test_oneof {
+    #         string name = 4;
+    #         SubMessage sub_message = 9;
+    #       }
+    #     }
+    #
+    # The field mask can be:
+    #
+    #     mask {
+    #       paths: "name"
+    #     }
+    #
+    # Or:
+    #
+    #     mask {
+    #       paths: "sub_message"
+    #     }
+    #
+    # Note that oneof type names ("test_oneof" in this case) cannot be used in
+    # paths.
+    # @!attribute [rw] paths
+    #   @return [Array<String>]
+    #     The set of field mask paths.
+    class FieldMask; end
+  end
+end