google-cloud-org_policy-v2 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,320 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2021 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Cloud
22
+ module OrgPolicy
23
+ module V2
24
+ # Defines a Cloud Organization `Policy` which is used to specify `Constraints`
25
+ # for configurations of Cloud Platform resources.
26
+ # @!attribute [rw] name
27
+ # @return [::String]
28
+ # Immutable. The resource name of the Policy. Must be one of the following
29
+ # forms, where constraint_name is the name of the constraint which this
30
+ # Policy configures:
31
+ # * `projects/{project_number}/policies/{constraint_name}`
32
+ # * `folders/{folder_id}/policies/{constraint_name}`
33
+ # * `organizations/{organization_id}/policies/{constraint_name}`
34
+ #
35
+ # For example, "projects/123/policies/compute.disableSerialPortAccess".
36
+ #
37
+ # Note: `projects/{project_id}/policies/{constraint_name}` is also an
38
+ # acceptable name for API requests, but responses will return the name using
39
+ # the equivalent project number.
40
+ # @!attribute [rw] spec
41
+ # @return [::Google::Cloud::OrgPolicy::V2::PolicySpec]
42
+ # Basic information about the Organization Policy.
43
+ # @!attribute [rw] alternate
44
+ # @return [::Google::Cloud::OrgPolicy::V2::AlternatePolicySpec]
45
+ # An alternate policy configuration that will be used instead of the baseline
46
+ # policy configurations as determined by the launch.
47
+ # Currently the only way the launch can trigger the alternate configuration
48
+ # is via dry-run/darklaunch.
49
+ class Policy
50
+ include ::Google::Protobuf::MessageExts
51
+ extend ::Google::Protobuf::MessageExts::ClassMethods
52
+ end
53
+
54
+ # Similar to PolicySpec but with an extra 'launch' field for launch reference.
55
+ # The PolicySpec here is specific for dry-run/darklaunch.
56
+ # @!attribute [rw] launch
57
+ # @return [::String]
58
+ # Reference to the launch that will be used while audit logging and to
59
+ # control the launch.
60
+ # Should be set only in the alternate policy.
61
+ # @!attribute [rw] spec
62
+ # @return [::Google::Cloud::OrgPolicy::V2::PolicySpec]
63
+ # Specify `Constraint` for configurations of Cloud Platform resources.
64
+ class AlternatePolicySpec
65
+ include ::Google::Protobuf::MessageExts
66
+ extend ::Google::Protobuf::MessageExts::ClassMethods
67
+ end
68
+
69
+ # Defines a Cloud Organization `PolicySpec` which is used to specify
70
+ # `Constraints` for configurations of Cloud Platform resources.
71
+ # @!attribute [rw] etag
72
+ # @return [::String]
73
+ # An opaque tag indicating the current version of the `Policy`, used for
74
+ # concurrency control.
75
+ #
76
+ # This field is ignored if used in a `CreatePolicy` request.
77
+ #
78
+ # When the `Policy` is returned from either a `GetPolicy` or a
79
+ # `ListPolicies` request, this `etag` indicates the version of the
80
+ # current `Policy` to use when executing a read-modify-write loop.
81
+ #
82
+ # When the `Policy` is returned from a `GetEffectivePolicy` request, the
83
+ # `etag` will be unset.
84
+ # @!attribute [r] update_time
85
+ # @return [::Google::Protobuf::Timestamp]
86
+ # Output only. The time stamp this was previously updated. This
87
+ # represents the last time a call to `CreatePolicy` or `UpdatePolicy` was
88
+ # made for that `Policy`.
89
+ # @!attribute [rw] rules
90
+ # @return [::Array<::Google::Cloud::OrgPolicy::V2::PolicySpec::PolicyRule>]
91
+ # Up to 10 PolicyRules are allowed.
92
+ #
93
+ # In Policies for boolean constraints, the following requirements apply:
94
+ # - There must be one and only one PolicyRule where condition is unset.
95
+ # - BooleanPolicyRules with conditions must set `enforced` to the opposite
96
+ # of the PolicyRule without a condition.
97
+ # - During policy evaluation, PolicyRules with conditions that are
98
+ # true for a target resource take precedence.
99
+ # @!attribute [rw] inherit_from_parent
100
+ # @return [::Boolean]
101
+ # Determines the inheritance behavior for this `Policy`.
102
+ #
103
+ # If `inherit_from_parent` is true, PolicyRules set higher up in the
104
+ # hierarchy (up to the closest root) are inherited and present in the
105
+ # effective policy. If it is false, then no rules are inherited, and this
106
+ # Policy becomes the new root for evaluation.
107
+ # This field can be set only for Policies which configure list constraints.
108
+ # @!attribute [rw] reset
109
+ # @return [::Boolean]
110
+ # Ignores policies set above this resource and restores the
111
+ # `constraint_default` enforcement behavior of the specific `Constraint` at
112
+ # this resource.
113
+ # This field can be set in policies for either list or boolean
114
+ # constraints. If set, `rules` must be empty and `inherit_from_parent`
115
+ # must be set to false.
116
+ class PolicySpec
117
+ include ::Google::Protobuf::MessageExts
118
+ extend ::Google::Protobuf::MessageExts::ClassMethods
119
+
120
+ # A rule used to express this policy.
121
+ # @!attribute [rw] values
122
+ # @return [::Google::Cloud::OrgPolicy::V2::PolicySpec::PolicyRule::StringValues]
123
+ # List of values to be used for this PolicyRule. This field can be set
124
+ # only in Policies for list constraints.
125
+ # @!attribute [rw] allow_all
126
+ # @return [::Boolean]
127
+ # Setting this to true means that all values are allowed. This field can
128
+ # be set only in Policies for list constraints.
129
+ # @!attribute [rw] deny_all
130
+ # @return [::Boolean]
131
+ # Setting this to true means that all values are denied. This field can
132
+ # be set only in Policies for list constraints.
133
+ # @!attribute [rw] enforce
134
+ # @return [::Boolean]
135
+ # If `true`, then the `Policy` is enforced. If `false`, then any
136
+ # configuration is acceptable.
137
+ # This field can be set only in Policies for boolean constraints.
138
+ # @!attribute [rw] condition
139
+ # @return [::Google::Type::Expr]
140
+ # A condition which determines whether this rule is used
141
+ # in the evaluation of the policy. When set, the `expression` field in
142
+ # the `Expr' must include from 1 to 10 subexpressions, joined by the "||"
143
+ # or "&&" operators. Each subexpression must be of the form
144
+ # "resource.matchLabels(key_name, value_name)",
145
+ # where key_name and value_name are the resource names for Label Keys
146
+ # and Values. These names are available from the Label Manager Service. An
147
+ # example expression is:
148
+ # "resource.matchLabels('labelKeys/123, 'labelValues/456')".
149
+ class PolicyRule
150
+ include ::Google::Protobuf::MessageExts
151
+ extend ::Google::Protobuf::MessageExts::ClassMethods
152
+
153
+ # A message that holds specific allowed and denied values.
154
+ # This message can define specific values and subtrees of Cloud Resource
155
+ # Manager resource hierarchy (`Organizations`, `Folders`, `Projects`) that
156
+ # are allowed or denied. This is achieved by using the `under:` and
157
+ # optional `is:` prefixes.
158
+ # The `under:` prefix is used to denote resource subtree values.
159
+ # The `is:` prefix is used to denote specific values, and is required only
160
+ # if the value contains a ":". Values prefixed with "is:" are treated the
161
+ # same as values with no prefix.
162
+ # Ancestry subtrees must be in one of the following formats:
163
+ # - "projects/<project-id>", e.g. "projects/tokyo-rain-123"
164
+ # - "folders/<folder-id>", e.g. "folders/1234"
165
+ # - "organizations/<organization-id>", e.g. "organizations/1234"
166
+ # The `supports_under` field of the associated `Constraint` defines
167
+ # whether ancestry prefixes can be used.
168
+ # @!attribute [rw] allowed_values
169
+ # @return [::Array<::String>]
170
+ # List of values allowed at this resource.
171
+ # @!attribute [rw] denied_values
172
+ # @return [::Array<::String>]
173
+ # List of values denied at this resource.
174
+ class StringValues
175
+ include ::Google::Protobuf::MessageExts
176
+ extend ::Google::Protobuf::MessageExts::ClassMethods
177
+ end
178
+ end
179
+ end
180
+
181
+ # The request sent to the [ListConstraints]
182
+ # [google.cloud.orgpolicy.v2.OrgPolicy.ListConstraints] method.
183
+ # @!attribute [rw] parent
184
+ # @return [::String]
185
+ # Required. The Cloud resource that parents the constraint. Must be in one of the
186
+ # following forms:
187
+ # * `projects/{project_number}`
188
+ # * `projects/{project_id}`
189
+ # * `folders/{folder_id}`
190
+ # * `organizations/{organization_id}`
191
+ # @!attribute [rw] page_size
192
+ # @return [::Integer]
193
+ # Size of the pages to be returned. This is currently unsupported and will
194
+ # be ignored. The server may at any point start using this field to limit
195
+ # page size.
196
+ # @!attribute [rw] page_token
197
+ # @return [::String]
198
+ # Page token used to retrieve the next page. This is currently unsupported
199
+ # and will be ignored. The server may at any point start using this field.
200
+ class ListConstraintsRequest
201
+ include ::Google::Protobuf::MessageExts
202
+ extend ::Google::Protobuf::MessageExts::ClassMethods
203
+ end
204
+
205
+ # The response returned from the [ListConstraints]
206
+ # [google.cloud.orgpolicy.v2.OrgPolicy.ListConstraints] method.
207
+ # @!attribute [rw] constraints
208
+ # @return [::Array<::Google::Cloud::OrgPolicy::V2::Constraint>]
209
+ # The collection of constraints that are available on the targeted resource.
210
+ # @!attribute [rw] next_page_token
211
+ # @return [::String]
212
+ # Page token used to retrieve the next page. This is currently not used.
213
+ class ListConstraintsResponse
214
+ include ::Google::Protobuf::MessageExts
215
+ extend ::Google::Protobuf::MessageExts::ClassMethods
216
+ end
217
+
218
+ # The request sent to the [ListPolicies]
219
+ # [google.cloud.orgpolicy.v2.OrgPolicy.ListPolicies] method.
220
+ # @!attribute [rw] parent
221
+ # @return [::String]
222
+ # Required. The target Cloud resource that parents the set of constraints and policies
223
+ # that will be returned from this call. Must be in one of the following
224
+ # forms:
225
+ # * `projects/{project_number}`
226
+ # * `projects/{project_id}`
227
+ # * `folders/{folder_id}`
228
+ # * `organizations/{organization_id}`
229
+ # @!attribute [rw] page_size
230
+ # @return [::Integer]
231
+ # Size of the pages to be returned. This is currently unsupported and will
232
+ # be ignored. The server may at any point start using this field to limit
233
+ # page size.
234
+ # @!attribute [rw] page_token
235
+ # @return [::String]
236
+ # Page token used to retrieve the next page. This is currently unsupported
237
+ # and will be ignored. The server may at any point start using this field.
238
+ class ListPoliciesRequest
239
+ include ::Google::Protobuf::MessageExts
240
+ extend ::Google::Protobuf::MessageExts::ClassMethods
241
+ end
242
+
243
+ # The response returned from the [ListPolicies]
244
+ # [google.cloud.orgpolicy.v2.OrgPolicy.ListPolicies] method. It will be empty
245
+ # if no `Policies` are set on the resource.
246
+ # @!attribute [rw] policies
247
+ # @return [::Array<::Google::Cloud::OrgPolicy::V2::Policy>]
248
+ # All `Policies` that exist on the resource. It will be empty if no
249
+ # `Policies` are set.
250
+ # @!attribute [rw] next_page_token
251
+ # @return [::String]
252
+ # Page token used to retrieve the next page. This is currently not used, but
253
+ # the server may at any point start supplying a valid token.
254
+ class ListPoliciesResponse
255
+ include ::Google::Protobuf::MessageExts
256
+ extend ::Google::Protobuf::MessageExts::ClassMethods
257
+ end
258
+
259
+ # The request sent to the [GetPolicy]
260
+ # [google.cloud.orgpolicy.v2.OrgPolicy.GetPolicy] method.
261
+ # @!attribute [rw] name
262
+ # @return [::String]
263
+ # Required. Resource name of the policy. See `Policy` for naming requirements.
264
+ class GetPolicyRequest
265
+ include ::Google::Protobuf::MessageExts
266
+ extend ::Google::Protobuf::MessageExts::ClassMethods
267
+ end
268
+
269
+ # The request sent to the [GetEffectivePolicy]
270
+ # [google.cloud.orgpolicy.v2.OrgPolicy.GetEffectivePolicy] method.
271
+ # @!attribute [rw] name
272
+ # @return [::String]
273
+ # Required. The effective policy to compute. See `Policy` for naming rules.
274
+ class GetEffectivePolicyRequest
275
+ include ::Google::Protobuf::MessageExts
276
+ extend ::Google::Protobuf::MessageExts::ClassMethods
277
+ end
278
+
279
+ # The request sent to the [CreatePolicyRequest]
280
+ # [google.cloud.orgpolicy.v2.OrgPolicy.CreatePolicy] method.
281
+ # @!attribute [rw] parent
282
+ # @return [::String]
283
+ # Required. The Cloud resource that will parent the new Policy. Must be in one of the
284
+ # following forms:
285
+ # * `projects/{project_number}`
286
+ # * `projects/{project_id}`
287
+ # * `folders/{folder_id}`
288
+ # * `organizations/{organization_id}`
289
+ # @!attribute [rw] policy
290
+ # @return [::Google::Cloud::OrgPolicy::V2::Policy]
291
+ # Required. `Policy` to create.
292
+ class CreatePolicyRequest
293
+ include ::Google::Protobuf::MessageExts
294
+ extend ::Google::Protobuf::MessageExts::ClassMethods
295
+ end
296
+
297
+ # The request sent to the [UpdatePolicyRequest]
298
+ # [google.cloud.orgpolicy.v2.OrgPolicy.UpdatePolicy] method.
299
+ # @!attribute [rw] policy
300
+ # @return [::Google::Cloud::OrgPolicy::V2::Policy]
301
+ # Required. `Policy` to update.
302
+ class UpdatePolicyRequest
303
+ include ::Google::Protobuf::MessageExts
304
+ extend ::Google::Protobuf::MessageExts::ClassMethods
305
+ end
306
+
307
+ # The request sent to the [DeletePolicy]
308
+ # [google.cloud.orgpolicy.v2.OrgPolicy.DeletePolicy] method.
309
+ # @!attribute [rw] name
310
+ # @return [::String]
311
+ # Required. Name of the policy to delete.
312
+ # See `Policy` for naming rules.
313
+ class DeletePolicyRequest
314
+ include ::Google::Protobuf::MessageExts
315
+ extend ::Google::Protobuf::MessageExts::ClassMethods
316
+ end
317
+ end
318
+ end
319
+ end
320
+ end
@@ -0,0 +1,36 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2021 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Protobuf
22
+ # A generic empty message that you can re-use to avoid defining duplicated
23
+ # empty messages in your APIs. A typical example is to use it as the request
24
+ # or the response type of an API method. For instance:
25
+ #
26
+ # service Foo {
27
+ # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
28
+ # }
29
+ #
30
+ # The JSON representation for `Empty` is empty JSON object `{}`.
31
+ class Empty
32
+ include ::Google::Protobuf::MessageExts
33
+ extend ::Google::Protobuf::MessageExts::ClassMethods
34
+ end
35
+ end
36
+ end
@@ -0,0 +1,129 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2021 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Protobuf
22
+ # A Timestamp represents a point in time independent of any time zone or local
23
+ # calendar, encoded as a count of seconds and fractions of seconds at
24
+ # nanosecond resolution. The count is relative to an epoch at UTC midnight on
25
+ # January 1, 1970, in the proleptic Gregorian calendar which extends the
26
+ # Gregorian calendar backwards to year one.
27
+ #
28
+ # All minutes are 60 seconds long. Leap seconds are "smeared" so that no leap
29
+ # second table is needed for interpretation, using a [24-hour linear
30
+ # smear](https://developers.google.com/time/smear).
31
+ #
32
+ # The range is from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z. By
33
+ # restricting to that range, we ensure that we can convert to and from [RFC
34
+ # 3339](https://www.ietf.org/rfc/rfc3339.txt) date strings.
35
+ #
36
+ # # Examples
37
+ #
38
+ # Example 1: Compute Timestamp from POSIX `time()`.
39
+ #
40
+ # Timestamp timestamp;
41
+ # timestamp.set_seconds(time(NULL));
42
+ # timestamp.set_nanos(0);
43
+ #
44
+ # Example 2: Compute Timestamp from POSIX `gettimeofday()`.
45
+ #
46
+ # struct timeval tv;
47
+ # gettimeofday(&tv, NULL);
48
+ #
49
+ # Timestamp timestamp;
50
+ # timestamp.set_seconds(tv.tv_sec);
51
+ # timestamp.set_nanos(tv.tv_usec * 1000);
52
+ #
53
+ # Example 3: Compute Timestamp from Win32 `GetSystemTimeAsFileTime()`.
54
+ #
55
+ # FILETIME ft;
56
+ # GetSystemTimeAsFileTime(&ft);
57
+ # UINT64 ticks = (((UINT64)ft.dwHighDateTime) << 32) | ft.dwLowDateTime;
58
+ #
59
+ # // A Windows tick is 100 nanoseconds. Windows epoch 1601-01-01T00:00:00Z
60
+ # // is 11644473600 seconds before Unix epoch 1970-01-01T00:00:00Z.
61
+ # Timestamp timestamp;
62
+ # timestamp.set_seconds((INT64) ((ticks / 10000000) - 11644473600LL));
63
+ # timestamp.set_nanos((INT32) ((ticks % 10000000) * 100));
64
+ #
65
+ # Example 4: Compute Timestamp from Java `System.currentTimeMillis()`.
66
+ #
67
+ # long millis = System.currentTimeMillis();
68
+ #
69
+ # Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000)
70
+ # .setNanos((int) ((millis % 1000) * 1000000)).build();
71
+ #
72
+ #
73
+ # Example 5: Compute Timestamp from Java `Instant.now()`.
74
+ #
75
+ # Instant now = Instant.now();
76
+ #
77
+ # Timestamp timestamp =
78
+ # Timestamp.newBuilder().setSeconds(now.getEpochSecond())
79
+ # .setNanos(now.getNano()).build();
80
+ #
81
+ #
82
+ # Example 6: Compute Timestamp from current time in Python.
83
+ #
84
+ # timestamp = Timestamp()
85
+ # timestamp.GetCurrentTime()
86
+ #
87
+ # # JSON Mapping
88
+ #
89
+ # In JSON format, the Timestamp type is encoded as a string in the
90
+ # [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format. That is, the
91
+ # format is "\\{year}-\\{month}-\\{day}T\\{hour}:\\{min}:\\{sec}[.\\{frac_sec}]Z"
92
+ # where \\{year} is always expressed using four digits while \\{month}, \\{day},
93
+ # \\{hour}, \\{min}, and \\{sec} are zero-padded to two digits each. The fractional
94
+ # seconds, which can go up to 9 digits (i.e. up to 1 nanosecond resolution),
95
+ # are optional. The "Z" suffix indicates the timezone ("UTC"); the timezone
96
+ # is required. A proto3 JSON serializer should always use UTC (as indicated by
97
+ # "Z") when printing the Timestamp type and a proto3 JSON parser should be
98
+ # able to accept both UTC and other timezones (as indicated by an offset).
99
+ #
100
+ # For example, "2017-01-15T01:30:15.01Z" encodes 15.01 seconds past
101
+ # 01:30 UTC on January 15, 2017.
102
+ #
103
+ # In JavaScript, one can convert a Date object to this format using the
104
+ # standard
105
+ # [toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString)
106
+ # method. In Python, a standard `datetime.datetime` object can be converted
107
+ # to this format using
108
+ # [`strftime`](https://docs.python.org/2/library/time.html#time.strftime) with
109
+ # the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one can use
110
+ # the Joda Time's [`ISODateTimeFormat.dateTime()`](
111
+ # http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime%2D%2D
112
+ # ) to obtain a formatter capable of generating timestamps in this format.
113
+ # @!attribute [rw] seconds
114
+ # @return [::Integer]
115
+ # Represents seconds of UTC time since Unix epoch
116
+ # 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
117
+ # 9999-12-31T23:59:59Z inclusive.
118
+ # @!attribute [rw] nanos
119
+ # @return [::Integer]
120
+ # Non-negative fractions of a second at nanosecond resolution. Negative
121
+ # second values with fractions must still have non-negative nanos values
122
+ # that count forward in time. Must be from 0 to 999,999,999
123
+ # inclusive.
124
+ class Timestamp
125
+ include ::Google::Protobuf::MessageExts
126
+ extend ::Google::Protobuf::MessageExts::ClassMethods
127
+ end
128
+ end
129
+ end