google-cloud-org_policy-v2 0.7.0 → 0.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +72 -101
- data/lib/google/cloud/org_policy/v2/org_policy/client.rb +605 -49
- data/lib/google/cloud/org_policy/v2/org_policy/paths.rb +17 -0
- data/lib/google/cloud/org_policy/v2/org_policy/rest/client.rb +572 -48
- data/lib/google/cloud/org_policy/v2/org_policy/rest/service_stub.rb +311 -2
- data/lib/google/cloud/org_policy/v2/org_policy/rest.rb +13 -13
- data/lib/google/cloud/org_policy/v2/org_policy.rb +13 -13
- data/lib/google/cloud/org_policy/v2/version.rb +1 -1
- data/lib/google/cloud/orgpolicy/v2/constraint_pb.rb +5 -1
- data/lib/google/cloud/orgpolicy/v2/orgpolicy_pb.rb +7 -1
- data/lib/google/cloud/orgpolicy/v2/orgpolicy_services_pb.rb +55 -27
- data/proto_docs/google/api/client.rb +14 -0
- data/proto_docs/google/cloud/orgpolicy/v2/constraint.rb +110 -18
- data/proto_docs/google/cloud/orgpolicy/v2/orgpolicy.rb +156 -52
- metadata +5 -5
@@ -21,6 +21,7 @@ module Google
|
|
21
21
|
module Api
|
22
22
|
# Required information for every language.
|
23
23
|
# @!attribute [rw] reference_docs_uri
|
24
|
+
# @deprecated This field is deprecated and may be removed in the next major version update.
|
24
25
|
# @return [::String]
|
25
26
|
# Link to automatically generated reference documentation. Example:
|
26
27
|
# https://cloud.google.com/nodejs/docs/reference/asset/latest
|
@@ -304,6 +305,19 @@ module Google
|
|
304
305
|
# seconds: 360 # 6 minutes
|
305
306
|
# total_poll_timeout:
|
306
307
|
# seconds: 54000 # 90 minutes
|
308
|
+
# @!attribute [rw] auto_populated_fields
|
309
|
+
# @return [::Array<::String>]
|
310
|
+
# List of top-level fields of the request message, that should be
|
311
|
+
# automatically populated by the client libraries based on their
|
312
|
+
# (google.api.field_info).format. Currently supported format: UUID4.
|
313
|
+
#
|
314
|
+
# Example of a YAML configuration:
|
315
|
+
#
|
316
|
+
# publishing:
|
317
|
+
# method_settings:
|
318
|
+
# - selector: google.example.v1.ExampleService.CreateExample
|
319
|
+
# auto_populated_fields:
|
320
|
+
# - request_id
|
307
321
|
class MethodSettings
|
308
322
|
include ::Google::Protobuf::MessageExts
|
309
323
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -21,24 +21,25 @@ module Google
|
|
21
21
|
module Cloud
|
22
22
|
module OrgPolicy
|
23
23
|
module V2
|
24
|
-
# A
|
25
|
-
# example, you could enforce a constraint that controls which
|
26
|
-
# can be activated across an organization, or whether a Compute Engine
|
27
|
-
# can have serial port connections established.
|
28
|
-
# by the organization
|
29
|
-
# organization by setting a
|
24
|
+
# A constraint describes a way to restrict resource's configuration. For
|
25
|
+
# example, you could enforce a constraint that controls which Google Cloud
|
26
|
+
# services can be activated across an organization, or whether a Compute Engine
|
27
|
+
# instance can have serial port connections established. Constraints can be
|
28
|
+
# configured by the organization policy administrator to fit the needs of the
|
29
|
+
# organization by setting a policy that includes constraints at different
|
30
30
|
# locations in the organization's resource hierarchy. Policies are inherited
|
31
31
|
# down the resource hierarchy from higher levels, but can also be overridden.
|
32
32
|
# For details about the inheritance rules please read about
|
33
33
|
# [`policies`][google.cloud.OrgPolicy.v2.Policy].
|
34
34
|
#
|
35
|
-
#
|
35
|
+
# Constraints have a default behavior determined by the `constraint_default`
|
36
36
|
# field, which is the enforcement behavior that is used in the absence of a
|
37
|
-
#
|
37
|
+
# policy being defined or inherited for the resource in question.
|
38
38
|
# @!attribute [rw] name
|
39
39
|
# @return [::String]
|
40
|
-
# Immutable. The resource name of the
|
40
|
+
# Immutable. The resource name of the constraint. Must be in one of
|
41
41
|
# the following forms:
|
42
|
+
#
|
42
43
|
# * `projects/{project_number}/constraints/{constraint_name}`
|
43
44
|
# * `folders/{folder_id}/constraints/{constraint_name}`
|
44
45
|
# * `organizations/{organization_id}/constraints/{constraint_name}`
|
@@ -51,25 +52,28 @@ module Google
|
|
51
52
|
# Mutable.
|
52
53
|
# @!attribute [rw] description
|
53
54
|
# @return [::String]
|
54
|
-
# Detailed description of what this
|
55
|
+
# Detailed description of what this constraint controls as well as how and
|
55
56
|
# where it is enforced.
|
56
57
|
#
|
57
58
|
# Mutable.
|
58
59
|
# @!attribute [rw] constraint_default
|
59
60
|
# @return [::Google::Cloud::OrgPolicy::V2::Constraint::ConstraintDefault]
|
60
|
-
# The evaluation behavior of this constraint in the absence of
|
61
|
+
# The evaluation behavior of this constraint in the absence of a policy.
|
61
62
|
# @!attribute [rw] list_constraint
|
62
63
|
# @return [::Google::Cloud::OrgPolicy::V2::Constraint::ListConstraint]
|
63
64
|
# Defines this constraint as being a ListConstraint.
|
64
65
|
# @!attribute [rw] boolean_constraint
|
65
66
|
# @return [::Google::Cloud::OrgPolicy::V2::Constraint::BooleanConstraint]
|
66
67
|
# Defines this constraint as being a BooleanConstraint.
|
68
|
+
# @!attribute [rw] supports_dry_run
|
69
|
+
# @return [::Boolean]
|
70
|
+
# Shows if dry run is supported for this constraint or not.
|
67
71
|
class Constraint
|
68
72
|
include ::Google::Protobuf::MessageExts
|
69
73
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
70
74
|
|
71
|
-
# A
|
72
|
-
# configured by an Organization
|
75
|
+
# A constraint that allows or disallows a list of string values, which are
|
76
|
+
# configured by an Organization Policy administrator with a policy.
|
73
77
|
# @!attribute [rw] supports_in
|
74
78
|
# @return [::Boolean]
|
75
79
|
# Indicates whether values grouped into categories can be used in
|
@@ -77,7 +81,7 @@ module Google
|
|
77
81
|
# `"in:Python"` would match any value in the 'Python' group.
|
78
82
|
# @!attribute [rw] supports_under
|
79
83
|
# @return [::Boolean]
|
80
|
-
# Indicates whether subtrees of
|
84
|
+
# Indicates whether subtrees of the Resource Manager resource hierarchy
|
81
85
|
# can be used in `Policy.allowed_values` and `Policy.denied_values`. For
|
82
86
|
# example, `"under:folders/123"` would match any resource under the
|
83
87
|
# 'folders/123' folder.
|
@@ -86,9 +90,9 @@ module Google
|
|
86
90
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
87
91
|
end
|
88
92
|
|
89
|
-
# A
|
93
|
+
# A constraint that is either enforced or not.
|
90
94
|
#
|
91
|
-
# For example a constraint `constraints/compute.disableSerialPortAccess`.
|
95
|
+
# For example, a constraint `constraints/compute.disableSerialPortAccess`.
|
92
96
|
# If it is enforced on a VM instance, serial port connections will not be
|
93
97
|
# opened to that instance.
|
94
98
|
class BooleanConstraint
|
@@ -96,8 +100,8 @@ module Google
|
|
96
100
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
97
101
|
end
|
98
102
|
|
99
|
-
# Specifies the default behavior in the absence of any
|
100
|
-
#
|
103
|
+
# Specifies the default behavior in the absence of any policy for the
|
104
|
+
# constraint. This must not be `CONSTRAINT_DEFAULT_UNSPECIFIED`.
|
101
105
|
#
|
102
106
|
# Immutable after creation.
|
103
107
|
module ConstraintDefault
|
@@ -114,6 +118,94 @@ module Google
|
|
114
118
|
DENY = 2
|
115
119
|
end
|
116
120
|
end
|
121
|
+
|
122
|
+
# A custom constraint defined by customers which can *only* be applied to the
|
123
|
+
# given resource types and organization.
|
124
|
+
#
|
125
|
+
# By creating a custom constraint, customers can apply policies of this
|
126
|
+
# custom constraint. *Creating a custom constraint itself does NOT apply any
|
127
|
+
# policy enforcement*.
|
128
|
+
# @!attribute [rw] name
|
129
|
+
# @return [::String]
|
130
|
+
# Immutable. Name of the constraint. This is unique within the organization.
|
131
|
+
# Format of the name should be
|
132
|
+
#
|
133
|
+
# * `organizations/{organization_id}/customConstraints/{custom_constraint_id}`
|
134
|
+
#
|
135
|
+
# Example: `organizations/123/customConstraints/custom.createOnlyE2TypeVms`
|
136
|
+
#
|
137
|
+
# The max length is 70 characters and the minimum length is 1. Note that the
|
138
|
+
# prefix `organizations/{organization_id}/customConstraints/` is not counted.
|
139
|
+
# @!attribute [rw] resource_types
|
140
|
+
# @return [::Array<::String>]
|
141
|
+
# Immutable. The resource instance type on which this policy applies. Format
|
142
|
+
# will be of the form : `<canonical service name>/<type>` Example:
|
143
|
+
#
|
144
|
+
# * `compute.googleapis.com/Instance`.
|
145
|
+
# @!attribute [rw] method_types
|
146
|
+
# @return [::Array<::Google::Cloud::OrgPolicy::V2::CustomConstraint::MethodType>]
|
147
|
+
# All the operations being applied for this constraint.
|
148
|
+
# @!attribute [rw] condition
|
149
|
+
# @return [::String]
|
150
|
+
# Org policy condition/expression. For example:
|
151
|
+
# `resource.instanceName.matches("[production|test]_.*_(\d)+")` or,
|
152
|
+
# `resource.management.auto_upgrade == true`
|
153
|
+
#
|
154
|
+
# The max length of the condition is 1000 characters.
|
155
|
+
# @!attribute [rw] action_type
|
156
|
+
# @return [::Google::Cloud::OrgPolicy::V2::CustomConstraint::ActionType]
|
157
|
+
# Allow or deny type.
|
158
|
+
# @!attribute [rw] display_name
|
159
|
+
# @return [::String]
|
160
|
+
# One line display name for the UI.
|
161
|
+
# The max length of the display_name is 200 characters.
|
162
|
+
# @!attribute [rw] description
|
163
|
+
# @return [::String]
|
164
|
+
# Detailed information about this custom policy constraint.
|
165
|
+
# The max length of the description is 2000 characters.
|
166
|
+
# @!attribute [r] update_time
|
167
|
+
# @return [::Google::Protobuf::Timestamp]
|
168
|
+
# Output only. The last time this custom constraint was updated. This
|
169
|
+
# represents the last time that the `CreateCustomConstraint` or
|
170
|
+
# `UpdateCustomConstraint` RPC was called
|
171
|
+
class CustomConstraint
|
172
|
+
include ::Google::Protobuf::MessageExts
|
173
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
174
|
+
|
175
|
+
# The operation for which this constraint will be applied. To apply this
|
176
|
+
# constraint only when creating new VMs, the `method_types` should be
|
177
|
+
# `CREATE` only. To apply this constraint when creating or deleting
|
178
|
+
# VMs, the `method_types` should be `CREATE` and `DELETE`.
|
179
|
+
#
|
180
|
+
# `UPDATE` only custom constraints are not supported. Use `CREATE` or
|
181
|
+
# `CREATE, UPDATE`.
|
182
|
+
module MethodType
|
183
|
+
# Unspecified. Results in an error.
|
184
|
+
METHOD_TYPE_UNSPECIFIED = 0
|
185
|
+
|
186
|
+
# Constraint applied when creating the resource.
|
187
|
+
CREATE = 1
|
188
|
+
|
189
|
+
# Constraint applied when updating the resource.
|
190
|
+
UPDATE = 2
|
191
|
+
|
192
|
+
# Constraint applied when deleting the resource.
|
193
|
+
# Not supported yet.
|
194
|
+
DELETE = 3
|
195
|
+
end
|
196
|
+
|
197
|
+
# Allow or deny type.
|
198
|
+
module ActionType
|
199
|
+
# Unspecified. Results in an error.
|
200
|
+
ACTION_TYPE_UNSPECIFIED = 0
|
201
|
+
|
202
|
+
# Allowed action type.
|
203
|
+
ALLOW = 1
|
204
|
+
|
205
|
+
# Deny action type.
|
206
|
+
DENY = 2
|
207
|
+
end
|
208
|
+
end
|
117
209
|
end
|
118
210
|
end
|
119
211
|
end
|
@@ -21,18 +21,19 @@ module Google
|
|
21
21
|
module Cloud
|
22
22
|
module OrgPolicy
|
23
23
|
module V2
|
24
|
-
# Defines
|
25
|
-
# for configurations of Cloud
|
24
|
+
# Defines an organization policy which is used to specify constraints
|
25
|
+
# for configurations of Google Cloud resources.
|
26
26
|
# @!attribute [rw] name
|
27
27
|
# @return [::String]
|
28
|
-
# Immutable. The resource name of the
|
29
|
-
# forms, where constraint_name is the name of the constraint which this
|
30
|
-
#
|
28
|
+
# Immutable. The resource name of the policy. Must be one of the following
|
29
|
+
# forms, where `constraint_name` is the name of the constraint which this
|
30
|
+
# policy configures:
|
31
|
+
#
|
31
32
|
# * `projects/{project_number}/policies/{constraint_name}`
|
32
33
|
# * `folders/{folder_id}/policies/{constraint_name}`
|
33
34
|
# * `organizations/{organization_id}/policies/{constraint_name}`
|
34
35
|
#
|
35
|
-
# For example,
|
36
|
+
# For example, `projects/123/policies/compute.disableSerialPortAccess`.
|
36
37
|
#
|
37
38
|
# Note: `projects/{project_id}/policies/{constraint_name}` is also an
|
38
39
|
# acceptable name for API requests, but responses will return the name using
|
@@ -41,13 +42,20 @@ module Google
|
|
41
42
|
# @return [::Google::Cloud::OrgPolicy::V2::PolicySpec]
|
42
43
|
# Basic information about the Organization Policy.
|
43
44
|
# @!attribute [rw] alternate
|
45
|
+
# @deprecated This field is deprecated and may be removed in the next major version update.
|
44
46
|
# @return [::Google::Cloud::OrgPolicy::V2::AlternatePolicySpec]
|
45
47
|
# Deprecated.
|
46
48
|
# @!attribute [rw] dry_run_spec
|
47
49
|
# @return [::Google::Cloud::OrgPolicy::V2::PolicySpec]
|
48
|
-
#
|
50
|
+
# Dry-run policy.
|
49
51
|
# Audit-only policy, can be used to monitor how the policy would have
|
50
52
|
# impacted the existing and future resources if it's enforced.
|
53
|
+
# @!attribute [rw] etag
|
54
|
+
# @return [::String]
|
55
|
+
# Optional. An opaque tag indicating the current state of the policy, used
|
56
|
+
# for concurrency control. This 'etag' is computed by the server based on the
|
57
|
+
# value of other fields, and may be sent on update and delete requests to
|
58
|
+
# ensure the client has an up-to-date value before proceeding.
|
51
59
|
class Policy
|
52
60
|
include ::Google::Protobuf::MessageExts
|
53
61
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -62,55 +70,54 @@ module Google
|
|
62
70
|
# Should be set only in the alternate policy.
|
63
71
|
# @!attribute [rw] spec
|
64
72
|
# @return [::Google::Cloud::OrgPolicy::V2::PolicySpec]
|
65
|
-
# Specify
|
73
|
+
# Specify constraint for configurations of Google Cloud resources.
|
66
74
|
class AlternatePolicySpec
|
67
75
|
include ::Google::Protobuf::MessageExts
|
68
76
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
69
77
|
end
|
70
78
|
|
71
|
-
# Defines a Cloud
|
72
|
-
#
|
79
|
+
# Defines a Google Cloud policy specification which is used to specify
|
80
|
+
# constraints for configurations of Google Cloud resources.
|
73
81
|
# @!attribute [rw] etag
|
74
82
|
# @return [::String]
|
75
|
-
# An opaque tag indicating the current version of the
|
83
|
+
# An opaque tag indicating the current version of the policySpec, used for
|
76
84
|
# concurrency control.
|
77
85
|
#
|
78
86
|
# This field is ignored if used in a `CreatePolicy` request.
|
79
87
|
#
|
80
|
-
# When the
|
88
|
+
# When the policy is returned from either a `GetPolicy` or a
|
81
89
|
# `ListPolicies` request, this `etag` indicates the version of the
|
82
|
-
# current
|
90
|
+
# current policySpec to use when executing a read-modify-write loop.
|
83
91
|
#
|
84
|
-
# When the
|
92
|
+
# When the policy is returned from a `GetEffectivePolicy` request, the
|
85
93
|
# `etag` will be unset.
|
86
94
|
# @!attribute [r] update_time
|
87
95
|
# @return [::Google::Protobuf::Timestamp]
|
88
96
|
# Output only. The time stamp this was previously updated. This
|
89
97
|
# represents the last time a call to `CreatePolicy` or `UpdatePolicy` was
|
90
|
-
# made for that
|
98
|
+
# made for that policy.
|
91
99
|
# @!attribute [rw] rules
|
92
100
|
# @return [::Array<::Google::Cloud::OrgPolicy::V2::PolicySpec::PolicyRule>]
|
93
|
-
#
|
101
|
+
# In policies for boolean constraints, the following requirements apply:
|
94
102
|
#
|
95
|
-
#
|
96
|
-
# -
|
97
|
-
#
|
98
|
-
#
|
99
|
-
# - During policy evaluation, PolicyRules with conditions that are
|
103
|
+
# - There must be one and only one policy rule where condition is unset.
|
104
|
+
# - Boolean policy rules with conditions must set `enforced` to the
|
105
|
+
# opposite of the policy rule without a condition.
|
106
|
+
# - During policy evaluation, policy rules with conditions that are
|
100
107
|
# true for a target resource take precedence.
|
101
108
|
# @!attribute [rw] inherit_from_parent
|
102
109
|
# @return [::Boolean]
|
103
|
-
# Determines the inheritance behavior for this
|
110
|
+
# Determines the inheritance behavior for this policy.
|
104
111
|
#
|
105
|
-
# If `inherit_from_parent` is true,
|
112
|
+
# If `inherit_from_parent` is true, policy rules set higher up in the
|
106
113
|
# hierarchy (up to the closest root) are inherited and present in the
|
107
114
|
# effective policy. If it is false, then no rules are inherited, and this
|
108
|
-
#
|
109
|
-
# This field can be set only for
|
115
|
+
# policy becomes the new root for evaluation.
|
116
|
+
# This field can be set only for policies which configure list constraints.
|
110
117
|
# @!attribute [rw] reset
|
111
118
|
# @return [::Boolean]
|
112
119
|
# Ignores policies set above this resource and restores the
|
113
|
-
# `constraint_default` enforcement behavior of the specific
|
120
|
+
# `constraint_default` enforcement behavior of the specific constraint at
|
114
121
|
# this resource.
|
115
122
|
# This field can be set in policies for either list or boolean
|
116
123
|
# constraints. If set, `rules` must be empty and `inherit_from_parent`
|
@@ -122,21 +129,21 @@ module Google
|
|
122
129
|
# A rule used to express this policy.
|
123
130
|
# @!attribute [rw] values
|
124
131
|
# @return [::Google::Cloud::OrgPolicy::V2::PolicySpec::PolicyRule::StringValues]
|
125
|
-
# List of values to be used for this
|
126
|
-
# only in
|
132
|
+
# List of values to be used for this policy rule. This field can be set
|
133
|
+
# only in policies for list constraints.
|
127
134
|
# @!attribute [rw] allow_all
|
128
135
|
# @return [::Boolean]
|
129
136
|
# Setting this to true means that all values are allowed. This field can
|
130
|
-
# be set only in
|
137
|
+
# be set only in policies for list constraints.
|
131
138
|
# @!attribute [rw] deny_all
|
132
139
|
# @return [::Boolean]
|
133
140
|
# Setting this to true means that all values are denied. This field can
|
134
|
-
# be set only in
|
141
|
+
# be set only in policies for list constraints.
|
135
142
|
# @!attribute [rw] enforce
|
136
143
|
# @return [::Boolean]
|
137
|
-
# If `true`, then the
|
144
|
+
# If `true`, then the policy is enforced. If `false`, then any
|
138
145
|
# configuration is acceptable.
|
139
|
-
# This field can be set only in
|
146
|
+
# This field can be set only in policies for boolean constraints.
|
140
147
|
# @!attribute [rw] condition
|
141
148
|
# @return [::Google::Type::Expr]
|
142
149
|
# A condition which determines whether this rule is used
|
@@ -156,7 +163,7 @@ module Google
|
|
156
163
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
157
164
|
|
158
165
|
# A message that holds specific allowed and denied values.
|
159
|
-
# This message can define specific values and subtrees of
|
166
|
+
# This message can define specific values and subtrees of the Resource
|
160
167
|
# Manager resource hierarchy (`Organizations`, `Folders`, `Projects`) that
|
161
168
|
# are allowed or denied. This is achieved by using the `under:` and
|
162
169
|
# optional `is:` prefixes.
|
@@ -165,9 +172,11 @@ module Google
|
|
165
172
|
# if the value contains a ":". Values prefixed with "is:" are treated the
|
166
173
|
# same as values with no prefix.
|
167
174
|
# Ancestry subtrees must be in one of the following formats:
|
168
|
-
#
|
169
|
-
#
|
170
|
-
#
|
175
|
+
#
|
176
|
+
# - `projects/<project-id>` (for example, `projects/tokyo-rain-123`)
|
177
|
+
# - `folders/<folder-id>` (for example, `folders/1234`)
|
178
|
+
# - `organizations/<organization-id>` (for example, `organizations/1234`)
|
179
|
+
#
|
171
180
|
# The `supports_under` field of the associated `Constraint` defines
|
172
181
|
# whether ancestry prefixes can be used.
|
173
182
|
# @!attribute [rw] allowed_values
|
@@ -187,8 +196,9 @@ module Google
|
|
187
196
|
# [google.cloud.orgpolicy.v2.OrgPolicy.ListConstraints] method.
|
188
197
|
# @!attribute [rw] parent
|
189
198
|
# @return [::String]
|
190
|
-
# Required. The Cloud resource that parents the constraint. Must be in
|
191
|
-
# the following forms:
|
199
|
+
# Required. The Google Cloud resource that parents the constraint. Must be in
|
200
|
+
# one of the following forms:
|
201
|
+
#
|
192
202
|
# * `projects/{project_number}`
|
193
203
|
# * `projects/{project_id}`
|
194
204
|
# * `folders/{folder_id}`
|
@@ -224,9 +234,10 @@ module Google
|
|
224
234
|
# [google.cloud.orgpolicy.v2.OrgPolicy.ListPolicies] method.
|
225
235
|
# @!attribute [rw] parent
|
226
236
|
# @return [::String]
|
227
|
-
# Required. The target Cloud resource that parents the set of
|
228
|
-
# policies that will be returned from this call. Must be in
|
229
|
-
# following forms:
|
237
|
+
# Required. The target Google Cloud resource that parents the set of
|
238
|
+
# constraints and policies that will be returned from this call. Must be in
|
239
|
+
# one of the following forms:
|
240
|
+
#
|
230
241
|
# * `projects/{project_number}`
|
231
242
|
# * `projects/{project_id}`
|
232
243
|
# * `folders/{folder_id}`
|
@@ -247,11 +258,11 @@ module Google
|
|
247
258
|
|
248
259
|
# The response returned from the [ListPolicies]
|
249
260
|
# [google.cloud.orgpolicy.v2.OrgPolicy.ListPolicies] method. It will be empty
|
250
|
-
# if no
|
261
|
+
# if no policies are set on the resource.
|
251
262
|
# @!attribute [rw] policies
|
252
263
|
# @return [::Array<::Google::Cloud::OrgPolicy::V2::Policy>]
|
253
|
-
# All
|
254
|
-
#
|
264
|
+
# All policies that exist on the resource. It will be empty if no
|
265
|
+
# policies are set.
|
255
266
|
# @!attribute [rw] next_page_token
|
256
267
|
# @return [::String]
|
257
268
|
# Page token used to retrieve the next page. This is currently not used, but
|
@@ -265,8 +276,8 @@ module Google
|
|
265
276
|
# [google.cloud.orgpolicy.v2.OrgPolicy.GetPolicy] method.
|
266
277
|
# @!attribute [rw] name
|
267
278
|
# @return [::String]
|
268
|
-
# Required. Resource name of the policy. See
|
269
|
-
# requirements.
|
279
|
+
# Required. Resource name of the policy. See
|
280
|
+
# {::Google::Cloud::OrgPolicy::V2::Policy Policy} for naming requirements.
|
270
281
|
class GetPolicyRequest
|
271
282
|
include ::Google::Protobuf::MessageExts
|
272
283
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -276,7 +287,8 @@ module Google
|
|
276
287
|
# [google.cloud.orgpolicy.v2.OrgPolicy.GetEffectivePolicy] method.
|
277
288
|
# @!attribute [rw] name
|
278
289
|
# @return [::String]
|
279
|
-
# Required. The effective policy to compute. See
|
290
|
+
# Required. The effective policy to compute. See
|
291
|
+
# {::Google::Cloud::OrgPolicy::V2::Policy Policy} for naming requirements.
|
280
292
|
class GetEffectivePolicyRequest
|
281
293
|
include ::Google::Protobuf::MessageExts
|
282
294
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -286,15 +298,16 @@ module Google
|
|
286
298
|
# [google.cloud.orgpolicy.v2.OrgPolicy.CreatePolicy] method.
|
287
299
|
# @!attribute [rw] parent
|
288
300
|
# @return [::String]
|
289
|
-
# Required. The Cloud resource that will parent the new
|
290
|
-
# one of the following forms:
|
301
|
+
# Required. The Google Cloud resource that will parent the new policy. Must
|
302
|
+
# be in one of the following forms:
|
303
|
+
#
|
291
304
|
# * `projects/{project_number}`
|
292
305
|
# * `projects/{project_id}`
|
293
306
|
# * `folders/{folder_id}`
|
294
307
|
# * `organizations/{organization_id}`
|
295
308
|
# @!attribute [rw] policy
|
296
309
|
# @return [::Google::Cloud::OrgPolicy::V2::Policy]
|
297
|
-
# Required.
|
310
|
+
# Required. Policy to create.
|
298
311
|
class CreatePolicyRequest
|
299
312
|
include ::Google::Protobuf::MessageExts
|
300
313
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -304,7 +317,7 @@ module Google
|
|
304
317
|
# [google.cloud.orgpolicy.v2.OrgPolicy.UpdatePolicy] method.
|
305
318
|
# @!attribute [rw] policy
|
306
319
|
# @return [::Google::Cloud::OrgPolicy::V2::Policy]
|
307
|
-
# Required.
|
320
|
+
# Required. Policy to update.
|
308
321
|
# @!attribute [rw] update_mask
|
309
322
|
# @return [::Google::Protobuf::FieldMask]
|
310
323
|
# Field mask used to specify the fields to be overwritten in the policy
|
@@ -320,11 +333,102 @@ module Google
|
|
320
333
|
# @!attribute [rw] name
|
321
334
|
# @return [::String]
|
322
335
|
# Required. Name of the policy to delete.
|
323
|
-
# See
|
336
|
+
# See the policy entry for naming rules.
|
337
|
+
# @!attribute [rw] etag
|
338
|
+
# @return [::String]
|
339
|
+
# Optional. The current etag of policy. If an etag is provided and does not
|
340
|
+
# match the current etag of the policy, deletion will be blocked and an
|
341
|
+
# ABORTED error will be returned.
|
324
342
|
class DeletePolicyRequest
|
325
343
|
include ::Google::Protobuf::MessageExts
|
326
344
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
327
345
|
end
|
346
|
+
|
347
|
+
# The request sent to the [CreateCustomConstraintRequest]
|
348
|
+
# [google.cloud.orgpolicy.v2.OrgPolicy.CreateCustomConstraint] method.
|
349
|
+
# @!attribute [rw] parent
|
350
|
+
# @return [::String]
|
351
|
+
# Required. Must be in the following form:
|
352
|
+
#
|
353
|
+
# * `organizations/{organization_id}`
|
354
|
+
# @!attribute [rw] custom_constraint
|
355
|
+
# @return [::Google::Cloud::OrgPolicy::V2::CustomConstraint]
|
356
|
+
# Required. Custom constraint to create.
|
357
|
+
class CreateCustomConstraintRequest
|
358
|
+
include ::Google::Protobuf::MessageExts
|
359
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
360
|
+
end
|
361
|
+
|
362
|
+
# The request sent to the [GetCustomConstraint]
|
363
|
+
# [google.cloud.orgpolicy.v2.OrgPolicy.GetCustomConstraint] method.
|
364
|
+
# @!attribute [rw] name
|
365
|
+
# @return [::String]
|
366
|
+
# Required. Resource name of the custom constraint. See the custom constraint
|
367
|
+
# entry for naming requirements.
|
368
|
+
class GetCustomConstraintRequest
|
369
|
+
include ::Google::Protobuf::MessageExts
|
370
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
371
|
+
end
|
372
|
+
|
373
|
+
# The request sent to the [ListCustomConstraints]
|
374
|
+
# [google.cloud.orgpolicy.v2.OrgPolicy.ListCustomConstraints] method.
|
375
|
+
# @!attribute [rw] parent
|
376
|
+
# @return [::String]
|
377
|
+
# Required. The target Google Cloud resource that parents the set of custom
|
378
|
+
# constraints that will be returned from this call. Must be in one of the
|
379
|
+
# following forms:
|
380
|
+
#
|
381
|
+
# * `organizations/{organization_id}`
|
382
|
+
# @!attribute [rw] page_size
|
383
|
+
# @return [::Integer]
|
384
|
+
# Size of the pages to be returned. This is currently unsupported and will
|
385
|
+
# be ignored. The server may at any point start using this field to limit
|
386
|
+
# page size.
|
387
|
+
# @!attribute [rw] page_token
|
388
|
+
# @return [::String]
|
389
|
+
# Page token used to retrieve the next page. This is currently unsupported
|
390
|
+
# and will be ignored. The server may at any point start using this field.
|
391
|
+
class ListCustomConstraintsRequest
|
392
|
+
include ::Google::Protobuf::MessageExts
|
393
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
394
|
+
end
|
395
|
+
|
396
|
+
# The response returned from the [ListCustomConstraints]
|
397
|
+
# [google.cloud.orgpolicy.v2.OrgPolicy.ListCustomConstraints] method. It will
|
398
|
+
# be empty if no custom constraints are set on the organization resource.
|
399
|
+
# @!attribute [rw] custom_constraints
|
400
|
+
# @return [::Array<::Google::Cloud::OrgPolicy::V2::CustomConstraint>]
|
401
|
+
# All custom constraints that exist on the organization resource. It will be
|
402
|
+
# empty if no custom constraints are set.
|
403
|
+
# @!attribute [rw] next_page_token
|
404
|
+
# @return [::String]
|
405
|
+
# Page token used to retrieve the next page. This is currently not used, but
|
406
|
+
# the server may at any point start supplying a valid token.
|
407
|
+
class ListCustomConstraintsResponse
|
408
|
+
include ::Google::Protobuf::MessageExts
|
409
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
410
|
+
end
|
411
|
+
|
412
|
+
# The request sent to the [UpdateCustomConstraintRequest]
|
413
|
+
# [google.cloud.orgpolicy.v2.OrgPolicy.UpdateCustomConstraint] method.
|
414
|
+
# @!attribute [rw] custom_constraint
|
415
|
+
# @return [::Google::Cloud::OrgPolicy::V2::CustomConstraint]
|
416
|
+
# Required. `CustomConstraint` to update.
|
417
|
+
class UpdateCustomConstraintRequest
|
418
|
+
include ::Google::Protobuf::MessageExts
|
419
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
420
|
+
end
|
421
|
+
|
422
|
+
# The request sent to the [DeleteCustomConstraint]
|
423
|
+
# [google.cloud.orgpolicy.v2.OrgPolicy.DeleteCustomConstraint] method.
|
424
|
+
# @!attribute [rw] name
|
425
|
+
# @return [::String]
|
426
|
+
# Required. Name of the custom constraint to delete.
|
427
|
+
# See the custom constraint entry for naming rules.
|
428
|
+
class DeleteCustomConstraintRequest
|
429
|
+
include ::Google::Protobuf::MessageExts
|
430
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
431
|
+
end
|
328
432
|
end
|
329
433
|
end
|
330
434
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-org_policy-v2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.9.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2024-01-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -16,7 +16,7 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.21.1
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
22
|
version: 2.a
|
@@ -26,7 +26,7 @@ dependencies:
|
|
26
26
|
requirements:
|
27
27
|
- - ">="
|
28
28
|
- !ruby/object:Gem::Version
|
29
|
-
version: 0.
|
29
|
+
version: 0.21.1
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: 2.a
|
@@ -215,7 +215,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
215
215
|
- !ruby/object:Gem::Version
|
216
216
|
version: '0'
|
217
217
|
requirements: []
|
218
|
-
rubygems_version: 3.
|
218
|
+
rubygems_version: 3.5.3
|
219
219
|
signing_key:
|
220
220
|
specification_version: 4
|
221
221
|
summary: The Organization Policy API allows users to configure governance rules on
|