google-cloud-org_policy-v2 0.1.0

data/lib/google/cloud/org_policy/v2/org_policy/credentials.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+require "googleauth"
+
+module Google
+  module Cloud
+    module OrgPolicy
+      module V2
+        module OrgPolicy
+          # Credentials for the OrgPolicy API.
+          class Credentials < ::Google::Auth::Credentials
+            self.scope = [
+              "https://www.googleapis.com/auth/cloud-platform"
+            ]
+            self.env_vars = [
+              "ORG_POLICY_CREDENTIALS",
+              "ORG_POLICY_KEYFILE",
+              "GOOGLE_CLOUD_CREDENTIALS",
+              "GOOGLE_CLOUD_KEYFILE",
+              "GCLOUD_KEYFILE",
+              "ORG_POLICY_CREDENTIALS_JSON",
+              "ORG_POLICY_KEYFILE_JSON",
+              "GOOGLE_CLOUD_CREDENTIALS_JSON",
+              "GOOGLE_CLOUD_KEYFILE_JSON",
+              "GCLOUD_KEYFILE_JSON"
+            ]
+            self.paths = [
+              "~/.config/google_cloud/application_default_credentials.json"
+            ]
+          end
+        end
+      end
+    end
+  end
+end

data/lib/google/cloud/org_policy/v2/org_policy/paths.rb

@@ -0,0 +1,127 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module OrgPolicy
+      module V2
+        module OrgPolicy
+          # Path helper methods for the OrgPolicy API.
+          module Paths
+            ##
+            # Create a fully-qualified Folder resource string.
+            #
+            # The resource will be in the following format:
+            #
+            # `folders/{folder}`
+            #
+            # @param folder [String]
+            #
+            # @return [::String]
+            def folder_path folder:
+              "folders/#{folder}"
+            end
+
+            ##
+            # Create a fully-qualified Organization resource string.
+            #
+            # The resource will be in the following format:
+            #
+            # `organizations/{organization}`
+            #
+            # @param organization [String]
+            #
+            # @return [::String]
+            def organization_path organization:
+              "organizations/#{organization}"
+            end
+
+            ##
+            # Create a fully-qualified Policy resource string.
+            #
+            # @overload policy_path(project:, policy:)
+            #   The resource will be in the following format:
+            #
+            #   `projects/{project}/policies/{policy}`
+            #
+            #   @param project [String]
+            #   @param policy [String]
+            #
+            # @overload policy_path(folder:, policy:)
+            #   The resource will be in the following format:
+            #
+            #   `folders/{folder}/policies/{policy}`
+            #
+            #   @param folder [String]
+            #   @param policy [String]
+            #
+            # @overload policy_path(organization:, policy:)
+            #   The resource will be in the following format:
+            #
+            #   `organizations/{organization}/policies/{policy}`
+            #
+            #   @param organization [String]
+            #   @param policy [String]
+            #
+            # @return [::String]
+            def policy_path **args
+              resources = {
+                "policy:project"      => (proc do |project:, policy:|
+                  raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
+
+                  "projects/#{project}/policies/#{policy}"
+                end),
+                "folder:policy"       => (proc do |folder:, policy:|
+                  raise ::ArgumentError, "folder cannot contain /" if folder.to_s.include? "/"
+
+                  "folders/#{folder}/policies/#{policy}"
+                end),
+                "organization:policy" => (proc do |organization:, policy:|
+                  raise ::ArgumentError, "organization cannot contain /" if organization.to_s.include? "/"
+
+                  "organizations/#{organization}/policies/#{policy}"
+                end)
+              }
+
+              resource = resources[args.keys.sort.join(":")]
+              raise ::ArgumentError, "no resource found for values #{args.keys}" if resource.nil?
+              resource.call(**args)
+            end
+
+            ##
+            # Create a fully-qualified Project resource string.
+            #
+            # The resource will be in the following format:
+            #
+            # `projects/{project}`
+            #
+            # @param project [String]
+            #
+            # @return [::String]
+            def project_path project:
+              "projects/#{project}"
+            end
+
+            extend self
+          end
+        end
+      end
+    end
+  end
+end

data/lib/google/cloud/org_policy/v2/version.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module OrgPolicy
+      module V2
+        VERSION = "0.1.0"
+      end
+    end
+  end
+end

data/lib/google/cloud/orgpolicy/v2/constraint_pb.rb

@@ -0,0 +1,45 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: google/cloud/orgpolicy/v2/constraint.proto
+
+require 'google/protobuf'
+
+require 'google/api/field_behavior_pb'
+require 'google/api/resource_pb'
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("google/cloud/orgpolicy/v2/constraint.proto", :syntax => :proto3) do
+    add_message "google.cloud.orgpolicy.v2.Constraint" do
+      optional :name, :string, 1
+      optional :display_name, :string, 2
+      optional :description, :string, 3
+      optional :constraint_default, :enum, 4, "google.cloud.orgpolicy.v2.Constraint.ConstraintDefault"
+      oneof :constraint_type do
+        optional :list_constraint, :message, 5, "google.cloud.orgpolicy.v2.Constraint.ListConstraint"
+        optional :boolean_constraint, :message, 6, "google.cloud.orgpolicy.v2.Constraint.BooleanConstraint"
+      end
+    end
+    add_message "google.cloud.orgpolicy.v2.Constraint.ListConstraint" do
+      optional :supports_in, :bool, 1
+      optional :supports_under, :bool, 2
+    end
+    add_message "google.cloud.orgpolicy.v2.Constraint.BooleanConstraint" do
+    end
+    add_enum "google.cloud.orgpolicy.v2.Constraint.ConstraintDefault" do
+      value :CONSTRAINT_DEFAULT_UNSPECIFIED, 0
+      value :ALLOW, 1
+      value :DENY, 2
+    end
+  end
+end
+
+module Google
+  module Cloud
+    module OrgPolicy
+      module V2
+        Constraint = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.Constraint").msgclass
+        Constraint::ListConstraint = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.Constraint.ListConstraint").msgclass
+        Constraint::BooleanConstraint = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.Constraint.BooleanConstraint").msgclass
+        Constraint::ConstraintDefault = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.Constraint.ConstraintDefault").enummodule
+      end
+    end
+  end
+end

data/lib/google/cloud/orgpolicy/v2/orgpolicy_pb.rb

@@ -0,0 +1,103 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: google/cloud/orgpolicy/v2/orgpolicy.proto
+
+require 'google/protobuf'
+
+require 'google/api/annotations_pb'
+require 'google/api/client_pb'
+require 'google/api/field_behavior_pb'
+require 'google/api/resource_pb'
+require 'google/cloud/orgpolicy/v2/constraint_pb'
+require 'google/protobuf/empty_pb'
+require 'google/protobuf/timestamp_pb'
+require 'google/type/expr_pb'
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("google/cloud/orgpolicy/v2/orgpolicy.proto", :syntax => :proto3) do
+    add_message "google.cloud.orgpolicy.v2.Policy" do
+      optional :name, :string, 1
+      optional :spec, :message, 2, "google.cloud.orgpolicy.v2.PolicySpec"
+      optional :alternate, :message, 3, "google.cloud.orgpolicy.v2.AlternatePolicySpec"
+    end
+    add_message "google.cloud.orgpolicy.v2.AlternatePolicySpec" do
+      optional :launch, :string, 1
+      optional :spec, :message, 2, "google.cloud.orgpolicy.v2.PolicySpec"
+    end
+    add_message "google.cloud.orgpolicy.v2.PolicySpec" do
+      optional :etag, :string, 1
+      optional :update_time, :message, 2, "google.protobuf.Timestamp"
+      repeated :rules, :message, 3, "google.cloud.orgpolicy.v2.PolicySpec.PolicyRule"
+      optional :inherit_from_parent, :bool, 4
+      optional :reset, :bool, 5
+    end
+    add_message "google.cloud.orgpolicy.v2.PolicySpec.PolicyRule" do
+      optional :condition, :message, 5, "google.type.Expr"
+      oneof :kind do
+        optional :values, :message, 1, "google.cloud.orgpolicy.v2.PolicySpec.PolicyRule.StringValues"
+        optional :allow_all, :bool, 2
+        optional :deny_all, :bool, 3
+        optional :enforce, :bool, 4
+      end
+    end
+    add_message "google.cloud.orgpolicy.v2.PolicySpec.PolicyRule.StringValues" do
+      repeated :allowed_values, :string, 1
+      repeated :denied_values, :string, 2
+    end
+    add_message "google.cloud.orgpolicy.v2.ListConstraintsRequest" do
+      optional :parent, :string, 1
+      optional :page_size, :int32, 2
+      optional :page_token, :string, 3
+    end
+    add_message "google.cloud.orgpolicy.v2.ListConstraintsResponse" do
+      repeated :constraints, :message, 1, "google.cloud.orgpolicy.v2.Constraint"
+      optional :next_page_token, :string, 2
+    end
+    add_message "google.cloud.orgpolicy.v2.ListPoliciesRequest" do
+      optional :parent, :string, 1
+      optional :page_size, :int32, 2
+      optional :page_token, :string, 3
+    end
+    add_message "google.cloud.orgpolicy.v2.ListPoliciesResponse" do
+      repeated :policies, :message, 1, "google.cloud.orgpolicy.v2.Policy"
+      optional :next_page_token, :string, 2
+    end
+    add_message "google.cloud.orgpolicy.v2.GetPolicyRequest" do
+      optional :name, :string, 1
+    end
+    add_message "google.cloud.orgpolicy.v2.GetEffectivePolicyRequest" do
+      optional :name, :string, 1
+    end
+    add_message "google.cloud.orgpolicy.v2.CreatePolicyRequest" do
+      optional :parent, :string, 1
+      optional :policy, :message, 3, "google.cloud.orgpolicy.v2.Policy"
+    end
+    add_message "google.cloud.orgpolicy.v2.UpdatePolicyRequest" do
+      optional :policy, :message, 1, "google.cloud.orgpolicy.v2.Policy"
+    end
+    add_message "google.cloud.orgpolicy.v2.DeletePolicyRequest" do
+      optional :name, :string, 1
+    end
+  end
+end
+
+module Google
+  module Cloud
+    module OrgPolicy
+      module V2
+        Policy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.Policy").msgclass
+        AlternatePolicySpec = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.AlternatePolicySpec").msgclass
+        PolicySpec = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.PolicySpec").msgclass
+        PolicySpec::PolicyRule = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.PolicySpec.PolicyRule").msgclass
+        PolicySpec::PolicyRule::StringValues = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.PolicySpec.PolicyRule.StringValues").msgclass
+        ListConstraintsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.ListConstraintsRequest").msgclass
+        ListConstraintsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.ListConstraintsResponse").msgclass
+        ListPoliciesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.ListPoliciesRequest").msgclass
+        ListPoliciesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.ListPoliciesResponse").msgclass
+        GetPolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.GetPolicyRequest").msgclass
+        GetEffectivePolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.GetEffectivePolicyRequest").msgclass
+        CreatePolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.CreatePolicyRequest").msgclass
+        UpdatePolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.UpdatePolicyRequest").msgclass
+        DeletePolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.orgpolicy.v2.DeletePolicyRequest").msgclass
+      end
+    end
+  end
+end

data/lib/google/cloud/orgpolicy/v2/orgpolicy_services_pb.rb

@@ -0,0 +1,101 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# Source: google/cloud/orgpolicy/v2/orgpolicy.proto for package 'Google.Cloud.OrgPolicy.V2'
+# Original file comments:
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'grpc'
+require 'google/cloud/orgpolicy/v2/orgpolicy_pb'
+
+module Google
+  module Cloud
+    module OrgPolicy
+      module V2
+        module OrgPolicy
+          # An interface for managing organization policies.
+          #
+          # The Cloud Org Policy service provides a simple mechanism for organizations to
+          # restrict the allowed configurations across their entire Cloud Resource
+          # hierarchy.
+          #
+          # You can use a `policy` to configure restrictions in Cloud resources. For
+          # example, you can enforce a `policy` that restricts which Google
+          # Cloud Platform APIs can be activated in a certain part of your resource
+          # hierarchy, or prevents serial port access to VM instances in a particular
+          # folder.
+          #
+          # `Policies` are inherited down through the resource hierarchy. A `policy`
+          # applied to a parent resource automatically applies to all its child resources
+          # unless overridden with a `policy` lower in the hierarchy.
+          #
+          # A `constraint` defines an aspect of a resource's configuration that can be
+          # controlled by an organization's policy administrator. `Policies` are a
+          # collection of `constraints` that defines their allowable configuration on a
+          # particular resource and its child resources.
+          class Service
+
+            include GRPC::GenericService
+
+            self.marshal_class_method = :encode
+            self.unmarshal_class_method = :decode
+            self.service_name = 'google.cloud.orgpolicy.v2.OrgPolicy'
+
+            # Lists `Constraints` that could be applied on the specified resource.
+            rpc :ListConstraints, ::Google::Cloud::OrgPolicy::V2::ListConstraintsRequest, ::Google::Cloud::OrgPolicy::V2::ListConstraintsResponse
+            # Retrieves all of the `Policies` that exist on a particular resource.
+            rpc :ListPolicies, ::Google::Cloud::OrgPolicy::V2::ListPoliciesRequest, ::Google::Cloud::OrgPolicy::V2::ListPoliciesResponse
+            # Gets a `Policy` on a resource.
+            #
+            # If no `Policy` is set on the resource, NOT_FOUND is returned. The
+            # `etag` value can be used with `UpdatePolicy()` to update a
+            # `Policy` during read-modify-write.
+            rpc :GetPolicy, ::Google::Cloud::OrgPolicy::V2::GetPolicyRequest, ::Google::Cloud::OrgPolicy::V2::Policy
+            # Gets the effective `Policy` on a resource. This is the result of merging
+            # `Policies` in the resource hierarchy and evaluating conditions. The
+            # returned `Policy` will not have an `etag` or `condition` set because it is
+            # a computed `Policy` across multiple resources.
+            # Subtrees of Resource Manager resource hierarchy with 'under:' prefix will
+            # not be expanded.
+            rpc :GetEffectivePolicy, ::Google::Cloud::OrgPolicy::V2::GetEffectivePolicyRequest, ::Google::Cloud::OrgPolicy::V2::Policy
+            # Creates a Policy.
+            #
+            # Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the
+            # constraint does not exist.
+            # Returns a `google.rpc.Status` with `google.rpc.Code.ALREADY_EXISTS` if the
+            # policy already exists on the given Cloud resource.
+            rpc :CreatePolicy, ::Google::Cloud::OrgPolicy::V2::CreatePolicyRequest, ::Google::Cloud::OrgPolicy::V2::Policy
+            # Updates a Policy.
+            #
+            # Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the
+            # constraint or the policy do not exist.
+            # Returns a `google.rpc.Status` with `google.rpc.Code.ABORTED` if the etag
+            # supplied in the request does not match the persisted etag of the policy
+            #
+            # Note: the supplied policy will perform a full overwrite of all
+            # fields.
+            rpc :UpdatePolicy, ::Google::Cloud::OrgPolicy::V2::UpdatePolicyRequest, ::Google::Cloud::OrgPolicy::V2::Policy
+            # Deletes a Policy.
+            #
+            # Returns a `google.rpc.Status` with `google.rpc.Code.NOT_FOUND` if the
+            # constraint or Org Policy does not exist.
+            rpc :DeletePolicy, ::Google::Cloud::OrgPolicy::V2::DeletePolicyRequest, ::Google::Protobuf::Empty
+          end
+
+          Stub = Service.rpc_stub_class
+        end
+      end
+    end
+  end
+end