google-cloud-policy_troubleshooter-v1 0.3.1 → 0.3.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.yardopts +1 -1
- data/AUTHENTICATION.md +15 -33
- data/README.md +1 -1
- data/lib/google/cloud/policy_troubleshooter/v1/iam_checker/client.rb +49 -42
- data/lib/google/cloud/policy_troubleshooter/v1/version.rb +1 -1
- data/lib/google/cloud/policytroubleshooter/v1/checker_pb.rb +2 -2
- data/lib/google/cloud/policytroubleshooter/v1/explanations_pb.rb +2 -2
- data/proto_docs/google/api/field_behavior.rb +7 -1
- data/proto_docs/google/api/resource.rb +10 -71
- data/proto_docs/google/type/expr.rb +35 -12
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 182c5243e6e0b1fd1e2ebcdaf023e30f27f58798cc864ec7d3711a5eab01c52e
|
|
4
|
+
data.tar.gz: c37c044bc73ef011fc95b38c55cd28416930a75733ec41c42dff1822f192466a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f4f71387b5fd587ef55be3538f28ae71431256e5a75d63414328bd5c7e70b0dc5f0197aac4cb000e2d8e9f7280260b9c5d5353008b0ce57f7db2c04b24b68cec
|
|
7
|
+
data.tar.gz: 94086ff1c5583bf3b774907cfc78f314888328d4e64683f8a02d6f8fe6d856a4db08263108586f8d66c431b098af1e4fbace7d6ce05957984b5818ce3e7fbbb6
|
data/.yardopts
CHANGED
data/AUTHENTICATION.md
CHANGED
|
@@ -66,11 +66,11 @@ The environment variables that google-cloud-policy_troubleshooter-v1
|
|
|
66
66
|
checks for credentials are configured on the service Credentials class (such as
|
|
67
67
|
{::Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Credentials}):
|
|
68
68
|
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
69
|
+
* `POLICY_TROUBLESHOOTER_CREDENTIALS` - Path to JSON file, or JSON contents
|
|
70
|
+
* `POLICY_TROUBLESHOOTER_KEYFILE` - Path to JSON file, or JSON contents
|
|
71
|
+
* `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
|
|
72
|
+
* `GOOGLE_CLOUD_KEYFILE` - Path to JSON file, or JSON contents
|
|
73
|
+
* `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
|
|
74
74
|
|
|
75
75
|
```ruby
|
|
76
76
|
require "google/cloud/policy_troubleshooter/v1"
|
|
@@ -82,8 +82,8 @@ client = ::Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Client.new
|
|
|
82
82
|
|
|
83
83
|
### Configuration
|
|
84
84
|
|
|
85
|
-
The **Credentials JSON** can be configured instead of
|
|
86
|
-
environment
|
|
85
|
+
The path to the **Credentials JSON** file can be configured instead of storing
|
|
86
|
+
it in an environment variable. Either on an individual client initialization:
|
|
87
87
|
|
|
88
88
|
```ruby
|
|
89
89
|
require "google/cloud/policy_troubleshooter/v1"
|
|
@@ -93,7 +93,7 @@ client = ::Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Client.new do |c
|
|
|
93
93
|
end
|
|
94
94
|
```
|
|
95
95
|
|
|
96
|
-
Or
|
|
96
|
+
Or globally for all clients:
|
|
97
97
|
|
|
98
98
|
```ruby
|
|
99
99
|
require "google/cloud/policy_troubleshooter/v1"
|
|
@@ -120,15 +120,6 @@ To configure your system for this, simply:
|
|
|
120
120
|
**NOTE:** This is _not_ recommended for running in production. The Cloud SDK
|
|
121
121
|
*should* only be used during development.
|
|
122
122
|
|
|
123
|
-
[gce-how-to]: https://cloud.google.com/compute/docs/authentication#using
|
|
124
|
-
[dev-console]: https://console.cloud.google.com/project
|
|
125
|
-
|
|
126
|
-
[enable-apis]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/enable-apis.png
|
|
127
|
-
|
|
128
|
-
[create-new-service-account]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/create-new-service-account.png
|
|
129
|
-
[create-new-service-account-existing-keys]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/create-new-service-account-existing-keys.png
|
|
130
|
-
[reuse-service-account]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/reuse-service-account.png
|
|
131
|
-
|
|
132
123
|
## Creating a Service Account
|
|
133
124
|
|
|
134
125
|
Google Cloud requires **Service Account Credentials** to
|
|
@@ -139,31 +130,22 @@ If you are not running this client within
|
|
|
139
130
|
[Google Cloud Platform environments](#google-cloud-platform-environments), you
|
|
140
131
|
need a Google Developers service account.
|
|
141
132
|
|
|
142
|
-
1. Visit the [Google
|
|
133
|
+
1. Visit the [Google Cloud Console](https://console.cloud.google.com/project).
|
|
143
134
|
2. Create a new project or click on an existing project.
|
|
144
|
-
3. Activate the
|
|
135
|
+
3. Activate the menu in the upper left and select **APIs & Services**. From
|
|
145
136
|
here, you will enable the APIs that your application requires.
|
|
146
137
|
|
|
147
|
-
![Enable the APIs that your application requires][enable-apis]
|
|
148
|
-
|
|
149
138
|
*Note: You may need to enable billing in order to use these services.*
|
|
150
139
|
|
|
151
140
|
4. Select **Credentials** from the side navigation.
|
|
152
141
|
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
![Create a new service account][create-new-service-account]
|
|
156
|
-
|
|
157
|
-
![Create a new service account With Existing Keys][create-new-service-account-existing-keys]
|
|
158
|
-
|
|
159
|
-
Find the "Add credentials" drop down and select "Service account" to be
|
|
160
|
-
guided through downloading a new JSON key file.
|
|
142
|
+
Find the "Create credentials" drop down near the top of the page, and select
|
|
143
|
+
"Service account" to be guided through downloading a new JSON key file.
|
|
161
144
|
|
|
162
145
|
If you want to re-use an existing service account, you can easily generate a
|
|
163
|
-
new key file. Just select the account you wish to re-use,
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
![Re-use an existing service account][reuse-service-account]
|
|
146
|
+
new key file. Just select the account you wish to re-use, click the pencil
|
|
147
|
+
tool on the right side to edit the service account, select the **Keys** tab,
|
|
148
|
+
and then select **Add Key**.
|
|
167
149
|
|
|
168
150
|
The key file you download will be used by this library to authenticate API
|
|
169
151
|
requests and should be stored in a secure location.
|
data/README.md
CHANGED
|
@@ -33,7 +33,7 @@ In order to use this library, you first need to go through the following steps:
|
|
|
33
33
|
require "google/cloud/policy_troubleshooter/v1"
|
|
34
34
|
|
|
35
35
|
client = ::Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Client.new
|
|
36
|
-
request =
|
|
36
|
+
request = ::Google::Cloud::PolicyTroubleshooter::V1::TroubleshootIamPolicyRequest.new # (request fields as keyword arguments...)
|
|
37
37
|
response = client.troubleshoot_iam_policy request
|
|
38
38
|
```
|
|
39
39
|
|
|
@@ -41,13 +41,12 @@ module Google
|
|
|
41
41
|
# See {::Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Client::Configuration}
|
|
42
42
|
# for a description of the configuration fields.
|
|
43
43
|
#
|
|
44
|
-
#
|
|
44
|
+
# @example
|
|
45
45
|
#
|
|
46
|
-
#
|
|
47
|
-
#
|
|
48
|
-
#
|
|
49
|
-
#
|
|
50
|
-
# end
|
|
46
|
+
# # Modify the configuration for all IamChecker clients
|
|
47
|
+
# ::Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Client.configure do |config|
|
|
48
|
+
# config.timeout = 10.0
|
|
49
|
+
# end
|
|
51
50
|
#
|
|
52
51
|
# @yield [config] Configure the Client client.
|
|
53
52
|
# @yieldparam config [Client::Configuration]
|
|
@@ -67,10 +66,7 @@ module Google
|
|
|
67
66
|
|
|
68
67
|
default_config.timeout = 60.0
|
|
69
68
|
default_config.retry_policy = {
|
|
70
|
-
initial_delay: 1.0,
|
|
71
|
-
max_delay: 60.0,
|
|
72
|
-
multiplier: 1.3,
|
|
73
|
-
retry_codes: [14, 2]
|
|
69
|
+
initial_delay: 1.0, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 2]
|
|
74
70
|
}
|
|
75
71
|
|
|
76
72
|
default_config.rpcs.troubleshoot_iam_policy.timeout = 60.0
|
|
@@ -104,19 +100,15 @@ module Google
|
|
|
104
100
|
##
|
|
105
101
|
# Create a new IamChecker client object.
|
|
106
102
|
#
|
|
107
|
-
#
|
|
108
|
-
#
|
|
109
|
-
# To create a new IamChecker client with the default
|
|
110
|
-
# configuration:
|
|
103
|
+
# @example
|
|
111
104
|
#
|
|
112
|
-
#
|
|
105
|
+
# # Create a client using the default configuration
|
|
106
|
+
# client = ::Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Client.new
|
|
113
107
|
#
|
|
114
|
-
#
|
|
115
|
-
#
|
|
116
|
-
#
|
|
117
|
-
#
|
|
118
|
-
# config.timeout = 10.0
|
|
119
|
-
# end
|
|
108
|
+
# # Create a client using a custom configuration
|
|
109
|
+
# client = ::Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Client.new do |config|
|
|
110
|
+
# config.timeout = 10.0
|
|
111
|
+
# end
|
|
120
112
|
#
|
|
121
113
|
# @yield [config] Configure the IamChecker client.
|
|
122
114
|
# @yieldparam config [Client::Configuration]
|
|
@@ -136,14 +128,13 @@ module Google
|
|
|
136
128
|
|
|
137
129
|
# Create credentials
|
|
138
130
|
credentials = @config.credentials
|
|
139
|
-
# Use self-signed JWT if the
|
|
131
|
+
# Use self-signed JWT if the endpoint is unchanged from default,
|
|
140
132
|
# but only if the default endpoint does not have a region prefix.
|
|
141
|
-
enable_self_signed_jwt = @config.
|
|
142
|
-
@config.endpoint == Client.configure.endpoint &&
|
|
133
|
+
enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
|
|
143
134
|
!@config.endpoint.split(".").first.include?("-")
|
|
144
135
|
credentials ||= Credentials.default scope: @config.scope,
|
|
145
136
|
enable_self_signed_jwt: enable_self_signed_jwt
|
|
146
|
-
if credentials.is_a?(String) || credentials.is_a?(Hash)
|
|
137
|
+
if credentials.is_a?(::String) || credentials.is_a?(::Hash)
|
|
147
138
|
credentials = Credentials.new credentials, scope: @config.scope
|
|
148
139
|
end
|
|
149
140
|
@quota_project_id = @config.quota_project
|
|
@@ -191,6 +182,21 @@ module Google
|
|
|
191
182
|
#
|
|
192
183
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
|
193
184
|
#
|
|
185
|
+
# @example Basic example
|
|
186
|
+
# require "google/cloud/policy_troubleshooter/v1"
|
|
187
|
+
#
|
|
188
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
189
|
+
# client = Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Client.new
|
|
190
|
+
#
|
|
191
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
192
|
+
# request = Google::Cloud::PolicyTroubleshooter::V1::TroubleshootIamPolicyRequest.new
|
|
193
|
+
#
|
|
194
|
+
# # Call the troubleshoot_iam_policy method.
|
|
195
|
+
# result = client.troubleshoot_iam_policy request
|
|
196
|
+
#
|
|
197
|
+
# # The returned object is of type Google::Cloud::PolicyTroubleshooter::V1::TroubleshootIamPolicyResponse.
|
|
198
|
+
# p result
|
|
199
|
+
#
|
|
194
200
|
def troubleshoot_iam_policy request, options = nil
|
|
195
201
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
196
202
|
|
|
@@ -211,7 +217,9 @@ module Google
|
|
|
211
217
|
options.apply_defaults timeout: @config.rpcs.troubleshoot_iam_policy.timeout,
|
|
212
218
|
metadata: metadata,
|
|
213
219
|
retry_policy: @config.rpcs.troubleshoot_iam_policy.retry_policy
|
|
214
|
-
|
|
220
|
+
|
|
221
|
+
options.apply_defaults timeout: @config.timeout,
|
|
222
|
+
metadata: @config.metadata,
|
|
215
223
|
retry_policy: @config.retry_policy
|
|
216
224
|
|
|
217
225
|
@iam_checker_stub.call_rpc :troubleshoot_iam_policy, request, options: options do |response, operation|
|
|
@@ -235,22 +243,21 @@ module Google
|
|
|
235
243
|
# Configuration can be applied globally to all clients, or to a single client
|
|
236
244
|
# on construction.
|
|
237
245
|
#
|
|
238
|
-
#
|
|
239
|
-
#
|
|
240
|
-
#
|
|
241
|
-
# to 20 seconds,
|
|
242
|
-
#
|
|
243
|
-
#
|
|
244
|
-
#
|
|
245
|
-
#
|
|
246
|
-
#
|
|
247
|
-
#
|
|
248
|
-
#
|
|
249
|
-
#
|
|
250
|
-
#
|
|
251
|
-
#
|
|
252
|
-
#
|
|
253
|
-
# end
|
|
246
|
+
# @example
|
|
247
|
+
#
|
|
248
|
+
# # Modify the global config, setting the timeout for
|
|
249
|
+
# # troubleshoot_iam_policy to 20 seconds,
|
|
250
|
+
# # and all remaining timeouts to 10 seconds.
|
|
251
|
+
# ::Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Client.configure do |config|
|
|
252
|
+
# config.timeout = 10.0
|
|
253
|
+
# config.rpcs.troubleshoot_iam_policy.timeout = 20.0
|
|
254
|
+
# end
|
|
255
|
+
#
|
|
256
|
+
# # Apply the above configuration only to a new client.
|
|
257
|
+
# client = ::Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Client.new do |config|
|
|
258
|
+
# config.timeout = 10.0
|
|
259
|
+
# config.rpcs.troubleshoot_iam_policy.timeout = 20.0
|
|
260
|
+
# end
|
|
254
261
|
#
|
|
255
262
|
# @!attribute [rw] endpoint
|
|
256
263
|
# The hostname or hostname:port of the service endpoint.
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
2
|
# source: google/cloud/policytroubleshooter/v1/checker.proto
|
|
3
3
|
|
|
4
|
-
require 'google/protobuf'
|
|
5
|
-
|
|
6
4
|
require 'google/cloud/policytroubleshooter/v1/explanations_pb'
|
|
7
5
|
require 'google/api/annotations_pb'
|
|
8
6
|
require 'google/api/client_pb'
|
|
7
|
+
require 'google/protobuf'
|
|
8
|
+
|
|
9
9
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
10
10
|
add_file("google/cloud/policytroubleshooter/v1/checker.proto", :syntax => :proto3) do
|
|
11
11
|
add_message "google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest" do
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
2
|
# source: google/cloud/policytroubleshooter/v1/explanations.proto
|
|
3
3
|
|
|
4
|
-
require 'google/protobuf'
|
|
5
|
-
|
|
6
4
|
require 'google/api/field_behavior_pb'
|
|
7
5
|
require 'google/iam/v1/policy_pb'
|
|
8
6
|
require 'google/type/expr_pb'
|
|
7
|
+
require 'google/protobuf'
|
|
8
|
+
|
|
9
9
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
10
10
|
add_file("google/cloud/policytroubleshooter/v1/explanations.proto", :syntax => :proto3) do
|
|
11
11
|
add_message "google.cloud.policytroubleshooter.v1.AccessTuple" do
|
|
@@ -57,9 +57,15 @@ module Google
|
|
|
57
57
|
|
|
58
58
|
# Denotes that a (repeated) field is an unordered list.
|
|
59
59
|
# This indicates that the service may provide the elements of the list
|
|
60
|
-
# in any arbitrary
|
|
60
|
+
# in any arbitrary order, rather than the order the user originally
|
|
61
61
|
# provided. Additionally, the list's order may or may not be stable.
|
|
62
62
|
UNORDERED_LIST = 6
|
|
63
|
+
|
|
64
|
+
# Denotes that this field returns a non-empty default value if not set.
|
|
65
|
+
# This indicates that if the user provides the empty value in a request,
|
|
66
|
+
# a non-empty value will be returned. The user will not be aware of what
|
|
67
|
+
# non-empty value to expect.
|
|
68
|
+
NON_EMPTY_DEFAULT = 7
|
|
63
69
|
end
|
|
64
70
|
end
|
|
65
71
|
end
|
|
@@ -33,11 +33,7 @@ module Google
|
|
|
33
33
|
# // For Kubernetes resources, the format is {api group}/{kind}.
|
|
34
34
|
# option (google.api.resource) = {
|
|
35
35
|
# type: "pubsub.googleapis.com/Topic"
|
|
36
|
-
#
|
|
37
|
-
# pattern: "projects/{project}/topics/{topic}"
|
|
38
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
|
39
|
-
# parent_name_extractor: "projects/{project}"
|
|
40
|
-
# }
|
|
36
|
+
# pattern: "projects/{project}/topics/{topic}"
|
|
41
37
|
# };
|
|
42
38
|
# }
|
|
43
39
|
#
|
|
@@ -45,10 +41,7 @@ module Google
|
|
|
45
41
|
#
|
|
46
42
|
# resources:
|
|
47
43
|
# - type: "pubsub.googleapis.com/Topic"
|
|
48
|
-
#
|
|
49
|
-
# - pattern: "projects/{project}/topics/{topic}"
|
|
50
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
|
51
|
-
# parent_name_extractor: "projects/{project}"
|
|
44
|
+
# pattern: "projects/{project}/topics/{topic}"
|
|
52
45
|
#
|
|
53
46
|
# Sometimes, resources have multiple patterns, typically because they can
|
|
54
47
|
# live under multiple parents.
|
|
@@ -58,26 +51,10 @@ module Google
|
|
|
58
51
|
# message LogEntry {
|
|
59
52
|
# option (google.api.resource) = {
|
|
60
53
|
# type: "logging.googleapis.com/LogEntry"
|
|
61
|
-
#
|
|
62
|
-
#
|
|
63
|
-
#
|
|
64
|
-
#
|
|
65
|
-
# }
|
|
66
|
-
# name_descriptor: {
|
|
67
|
-
# pattern: "folders/{folder}/logs/{log}"
|
|
68
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
|
69
|
-
# parent_name_extractor: "folders/{folder}"
|
|
70
|
-
# }
|
|
71
|
-
# name_descriptor: {
|
|
72
|
-
# pattern: "organizations/{organization}/logs/{log}"
|
|
73
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Organization"
|
|
74
|
-
# parent_name_extractor: "organizations/{organization}"
|
|
75
|
-
# }
|
|
76
|
-
# name_descriptor: {
|
|
77
|
-
# pattern: "billingAccounts/{billing_account}/logs/{log}"
|
|
78
|
-
# parent_type: "billing.googleapis.com/BillingAccount"
|
|
79
|
-
# parent_name_extractor: "billingAccounts/{billing_account}"
|
|
80
|
-
# }
|
|
54
|
+
# pattern: "projects/{project}/logs/{log}"
|
|
55
|
+
# pattern: "folders/{folder}/logs/{log}"
|
|
56
|
+
# pattern: "organizations/{organization}/logs/{log}"
|
|
57
|
+
# pattern: "billingAccounts/{billing_account}/logs/{log}"
|
|
81
58
|
# };
|
|
82
59
|
# }
|
|
83
60
|
#
|
|
@@ -85,48 +62,10 @@ module Google
|
|
|
85
62
|
#
|
|
86
63
|
# resources:
|
|
87
64
|
# - type: 'logging.googleapis.com/LogEntry'
|
|
88
|
-
#
|
|
89
|
-
#
|
|
90
|
-
#
|
|
91
|
-
#
|
|
92
|
-
# - pattern: "folders/{folder}/logs/{log}"
|
|
93
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
|
94
|
-
# parent_name_extractor: "folders/{folder}"
|
|
95
|
-
# - pattern: "organizations/{organization}/logs/{log}"
|
|
96
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Organization"
|
|
97
|
-
# parent_name_extractor: "organizations/{organization}"
|
|
98
|
-
# - pattern: "billingAccounts/{billing_account}/logs/{log}"
|
|
99
|
-
# parent_type: "billing.googleapis.com/BillingAccount"
|
|
100
|
-
# parent_name_extractor: "billingAccounts/{billing_account}"
|
|
101
|
-
#
|
|
102
|
-
# For flexible resources, the resource name doesn't contain parent names, but
|
|
103
|
-
# the resource itself has parents for policy evaluation.
|
|
104
|
-
#
|
|
105
|
-
# Example:
|
|
106
|
-
#
|
|
107
|
-
# message Shelf {
|
|
108
|
-
# option (google.api.resource) = {
|
|
109
|
-
# type: "library.googleapis.com/Shelf"
|
|
110
|
-
# name_descriptor: {
|
|
111
|
-
# pattern: "shelves/{shelf}"
|
|
112
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
|
113
|
-
# }
|
|
114
|
-
# name_descriptor: {
|
|
115
|
-
# pattern: "shelves/{shelf}"
|
|
116
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
|
117
|
-
# }
|
|
118
|
-
# };
|
|
119
|
-
# }
|
|
120
|
-
#
|
|
121
|
-
# The ResourceDescriptor Yaml config will look like:
|
|
122
|
-
#
|
|
123
|
-
# resources:
|
|
124
|
-
# - type: 'library.googleapis.com/Shelf'
|
|
125
|
-
# name_descriptor:
|
|
126
|
-
# - pattern: "shelves/{shelf}"
|
|
127
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
|
128
|
-
# - pattern: "shelves/{shelf}"
|
|
129
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
|
65
|
+
# pattern: "projects/{project}/logs/{log}"
|
|
66
|
+
# pattern: "folders/{folder}/logs/{log}"
|
|
67
|
+
# pattern: "organizations/{organization}/logs/{log}"
|
|
68
|
+
# pattern: "billingAccounts/{billing_account}/logs/{log}"
|
|
130
69
|
# @!attribute [rw] type
|
|
131
70
|
# @return [::String]
|
|
132
71
|
# The resource type. It must be in the format of
|
|
@@ -19,30 +19,53 @@
|
|
|
19
19
|
|
|
20
20
|
module Google
|
|
21
21
|
module Type
|
|
22
|
-
# Represents
|
|
22
|
+
# Represents a textual expression in the Common Expression Language (CEL)
|
|
23
|
+
# syntax. CEL is a C-like expression language. The syntax and semantics of CEL
|
|
24
|
+
# are documented at https://github.com/google/cel-spec.
|
|
23
25
|
#
|
|
24
|
-
#
|
|
25
|
-
#
|
|
26
|
-
#
|
|
26
|
+
# Example (Comparison):
|
|
27
|
+
#
|
|
28
|
+
# title: "Summary size limit"
|
|
29
|
+
# description: "Determines if a summary is less than 100 chars"
|
|
30
|
+
# expression: "document.summary.size() < 100"
|
|
31
|
+
#
|
|
32
|
+
# Example (Equality):
|
|
33
|
+
#
|
|
34
|
+
# title: "Requestor is owner"
|
|
35
|
+
# description: "Determines if requestor is the document owner"
|
|
36
|
+
# expression: "document.owner == request.auth.claims.email"
|
|
37
|
+
#
|
|
38
|
+
# Example (Logic):
|
|
39
|
+
#
|
|
40
|
+
# title: "Public documents"
|
|
41
|
+
# description: "Determine whether the document should be publicly visible"
|
|
42
|
+
# expression: "document.type != 'private' && document.type != 'internal'"
|
|
43
|
+
#
|
|
44
|
+
# Example (Data Manipulation):
|
|
45
|
+
#
|
|
46
|
+
# title: "Notification string"
|
|
47
|
+
# description: "Create a notification string with a timestamp."
|
|
48
|
+
# expression: "'New message received at ' + string(document.create_time)"
|
|
49
|
+
#
|
|
50
|
+
# The exact variables and functions that may be referenced within an expression
|
|
51
|
+
# are determined by the service that evaluates it. See the service
|
|
52
|
+
# documentation for additional information.
|
|
27
53
|
# @!attribute [rw] expression
|
|
28
54
|
# @return [::String]
|
|
29
|
-
# Textual representation of an expression in
|
|
30
|
-
#
|
|
31
|
-
#
|
|
32
|
-
# The application context of the containing message determines which
|
|
33
|
-
# well-known feature set of CEL is supported.
|
|
55
|
+
# Textual representation of an expression in Common Expression Language
|
|
56
|
+
# syntax.
|
|
34
57
|
# @!attribute [rw] title
|
|
35
58
|
# @return [::String]
|
|
36
|
-
#
|
|
59
|
+
# Optional. Title for the expression, i.e. a short string describing
|
|
37
60
|
# its purpose. This can be used e.g. in UIs which allow to enter the
|
|
38
61
|
# expression.
|
|
39
62
|
# @!attribute [rw] description
|
|
40
63
|
# @return [::String]
|
|
41
|
-
#
|
|
64
|
+
# Optional. Description of the expression. This is a longer text which
|
|
42
65
|
# describes the expression, e.g. when hovered over it in a UI.
|
|
43
66
|
# @!attribute [rw] location
|
|
44
67
|
# @return [::String]
|
|
45
|
-
#
|
|
68
|
+
# Optional. String indicating the location of the expression for error
|
|
46
69
|
# reporting, e.g. a file name and a position in the file.
|
|
47
70
|
class Expr
|
|
48
71
|
include ::Google::Protobuf::MessageExts
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: google-cloud-policy_troubleshooter-v1
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Google LLC
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-01-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: gapic-common
|
|
@@ -16,7 +16,7 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '0.
|
|
19
|
+
version: '0.7'
|
|
20
20
|
- - "<"
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
22
|
version: 2.a
|
|
@@ -26,7 +26,7 @@ dependencies:
|
|
|
26
26
|
requirements:
|
|
27
27
|
- - ">="
|
|
28
28
|
- !ruby/object:Gem::Version
|
|
29
|
-
version: '0.
|
|
29
|
+
version: '0.7'
|
|
30
30
|
- - "<"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
32
|
version: 2.a
|
|
@@ -228,7 +228,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
228
228
|
- !ruby/object:Gem::Version
|
|
229
229
|
version: '0'
|
|
230
230
|
requirements: []
|
|
231
|
-
rubygems_version: 3.
|
|
231
|
+
rubygems_version: 3.3.4
|
|
232
232
|
signing_key:
|
|
233
233
|
specification_version: 4
|
|
234
234
|
summary: API Client library for the IAM Policy Troubleshooter V1 API
|