google-cloud-policy_troubleshooter-v1 0.7.0 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 66fb71509d300496ed1b2c218f0d540ce4461a7ac5e1b9fa297766065a2a36be
-  data.tar.gz: 9396a1a2531c9eadaf08dc4315de023eaba45dbd680a480854be611fa9bc9142
+  metadata.gz: e80b24a51d384d13eb523b3c72dfe9b920466a22510168f73ec89a255749165f
+  data.tar.gz: 53ed05cb14f2555aabae83802c28425b241b8891f92737bb8d45e33a1fd33bcd
 SHA512:
-  metadata.gz: eb09b4a84a4e7fab59d898d45e41d46cdb2ea0847492a5e792a22001555227baddd25161d50af4eb073c6aafc67e2ee859b96abfafb049402863fa7170ddfee5
-  data.tar.gz: 29e95a09e769e9befea80b92d7c156fa6cfabc3734cdface37ace59e8672497588c51086b6a4af44d4de868339610ca57cd7010d4b21c49865c4520bc69393fe
+  metadata.gz: 899395860354d9458ff8ebdf0bc2dbae100e31d06662efd84a382ff2ef502fc577224fc1144814199f6a4c29be77f97f4b0e7f59bbe6bd169217bd93645a2280
+  data.tar.gz: c714f62e8228e23c0392a83f55e076639e8abbf0f8fcb48020ba49824674163411fe5f84af95b625024f1bdf7e7b554a4176332973cb6f07ac4a334288a70a0d

data/lib/google/cloud/policy_troubleshooter/v1/iam_checker/client.rb

@@ -130,7 +130,7 @@ module Google
               credentials = @config.credentials
               # Use self-signed JWT if the endpoint is unchanged from default,
               # but only if the default endpoint does not have a region prefix.
-              enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
+              enable_self_signed_jwt = @config.endpoint == Configuration::DEFAULT_ENDPOINT &&
                                        !@config.endpoint.split(".").first.include?("-")
               credentials ||= Credentials.default scope: @config.scope,
                                                   enable_self_signed_jwt: enable_self_signed_jwt
@@ -152,8 +152,9 @@ module Google
             # Service calls
 
             ##
-            # Checks whether a member has a specific permission for a specific resource,
-            # and explains why the member does or does not have that permission.
+            # Checks whether a principal has a specific permission for a specific
+            # resource, and explains why the principal does or does not have that
+            # permission.
             #
             # @overload troubleshoot_iam_policy(request, options = nil)
             #   Pass arguments to `troubleshoot_iam_policy` via a request object, either of type
@@ -171,8 +172,8 @@ module Google
             #   the default parameter values, pass an empty Hash as a request object (see above).
             #
             #   @param access_tuple [::Google::Cloud::PolicyTroubleshooter::V1::AccessTuple, ::Hash]
-            #     The information to use for checking whether a member has a permission for a
-            #     resource.
+            #     The information to use for checking whether a principal has a permission
+            #     for a resource.
             #
             # @yield [response, operation] Access the result along with the RPC operation
             # @yieldparam response [::Google::Cloud::PolicyTroubleshooter::V1::TroubleshootIamPolicyResponse]
@@ -312,7 +313,9 @@ module Google
             class Configuration
               extend ::Gapic::Config
 
-              config_attr :endpoint,      "policytroubleshooter.googleapis.com", ::String
+              DEFAULT_ENDPOINT = "policytroubleshooter.googleapis.com"
+
+              config_attr :endpoint,      DEFAULT_ENDPOINT, ::String
               config_attr :credentials,   nil do |value|
                 allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
                 allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC

data/lib/google/cloud/policy_troubleshooter/v1/iam_checker/rest/client.rb

@@ -126,7 +126,7 @@ module Google
                 credentials = @config.credentials
                 # Use self-signed JWT if the endpoint is unchanged from default,
                 # but only if the default endpoint does not have a region prefix.
-                enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
+                enable_self_signed_jwt = @config.endpoint == Configuration::DEFAULT_ENDPOINT &&
                                          !@config.endpoint.split(".").first.include?("-")
                 credentials ||= Credentials.default scope: @config.scope,
                                                     enable_self_signed_jwt: enable_self_signed_jwt
@@ -143,8 +143,9 @@ module Google
               # Service calls
 
               ##
-              # Checks whether a member has a specific permission for a specific resource,
-              # and explains why the member does or does not have that permission.
+              # Checks whether a principal has a specific permission for a specific
+              # resource, and explains why the principal does or does not have that
+              # permission.
               #
               # @overload troubleshoot_iam_policy(request, options = nil)
               #   Pass arguments to `troubleshoot_iam_policy` via a request object, either of type
@@ -162,8 +163,8 @@ module Google
               #   the default parameter values, pass an empty Hash as a request object (see above).
               #
               #   @param access_tuple [::Google::Cloud::PolicyTroubleshooter::V1::AccessTuple, ::Hash]
-              #     The information to use for checking whether a member has a permission for a
-              #     resource.
+              #     The information to use for checking whether a principal has a permission
+              #     for a resource.
               # @yield [result, operation] Access the result along with the TransportOperation object
               # @yieldparam result [::Google::Cloud::PolicyTroubleshooter::V1::TroubleshootIamPolicyResponse]
               # @yieldparam operation [::Gapic::Rest::TransportOperation]
@@ -279,7 +280,9 @@ module Google
               class Configuration
                 extend ::Gapic::Config
 
-                config_attr :endpoint,      "policytroubleshooter.googleapis.com", ::String
+                DEFAULT_ENDPOINT = "policytroubleshooter.googleapis.com"
+
+                config_attr :endpoint,      DEFAULT_ENDPOINT, ::String
                 config_attr :credentials,   nil do |value|
                   allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
                   allowed.any? { |klass| klass === value }

data/lib/google/cloud/policy_troubleshooter/v1/iam_checker/rest/service_stub.rb

@@ -59,7 +59,7 @@ module Google
 
                 verb, uri, query_string_params, body = ServiceStub.transcode_troubleshoot_iam_policy_request request_pb
                 query_string_params = if query_string_params.any?
-                                        query_string_params.to_h { |p| p.split("=", 2) }
+                                        query_string_params.to_h { |p| p.split "=", 2 }
                                       else
                                         {}
                                       end

data/lib/google/cloud/policy_troubleshooter/v1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module PolicyTroubleshooter
       module V1
-        VERSION = "0.7.0"
+        VERSION = "0.8.0"
       end
     end
   end

data/lib/google/cloud/policytroubleshooter/v1/checker_pb.rb

@@ -7,9 +7,10 @@ require 'google/protobuf'
 require 'google/cloud/policytroubleshooter/v1/explanations_pb'
 require 'google/api/annotations_pb'
 require 'google/api/client_pb'
+require 'google/rpc/status_pb'
 
 
-descriptor_data = "\n2google/cloud/policytroubleshooter/v1/checker.proto\x12$google.cloud.policytroubleshooter.v1\x1a\x37google/cloud/policytroubleshooter/v1/explanations.proto\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\"g\n\x1cTroubleshootIamPolicyRequest\x12G\n\x0c\x61\x63\x63\x65ss_tuple\x18\x01 \x01(\x0b\x32\x31.google.cloud.policytroubleshooter.v1.AccessTuple\"\xb5\x01\n\x1dTroubleshootIamPolicyResponse\x12\x41\n\x06\x61\x63\x63\x65ss\x18\x01 \x01(\x0e\x32\x31.google.cloud.policytroubleshooter.v1.AccessState\x12Q\n\x12\x65xplained_policies\x18\x02 \x03(\x0b\x32\x35.google.cloud.policytroubleshooter.v1.ExplainedPolicy2\xa9\x02\n\nIamChecker\x12\xc1\x01\n\x15TroubleshootIamPolicy\x12\x42.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest\x1a\x43.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse\"\x1f\x82\xd3\xe4\x93\x02\x19\"\x14/v1/iam:troubleshoot:\x01*\x1aW\xca\x41#policytroubleshooter.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\x96\x02\n(com.google.cloud.policytroubleshooter.v1B\x0fIAMCheckerProtoP\x01Z\\cloud.google.com/go/policytroubleshooter/apiv1/policytroubleshooterpb;policytroubleshooterpb\xf8\x01\x01\xaa\x02$Google.Cloud.PolicyTroubleshooter.V1\xca\x02$Google\\Cloud\\PolicyTroubleshooter\\V1\xea\x02\'Google::Cloud::PolicyTroubleshooter::V1P\x00\x62\x06proto3"
+descriptor_data = "\n2google/cloud/policytroubleshooter/v1/checker.proto\x12$google.cloud.policytroubleshooter.v1\x1a\x37google/cloud/policytroubleshooter/v1/explanations.proto\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x17google/rpc/status.proto\"g\n\x1cTroubleshootIamPolicyRequest\x12G\n\x0c\x61\x63\x63\x65ss_tuple\x18\x01 \x01(\x0b\x32\x31.google.cloud.policytroubleshooter.v1.AccessTuple\"\xd9\x01\n\x1dTroubleshootIamPolicyResponse\x12\x41\n\x06\x61\x63\x63\x65ss\x18\x01 \x01(\x0e\x32\x31.google.cloud.policytroubleshooter.v1.AccessState\x12Q\n\x12\x65xplained_policies\x18\x02 \x03(\x0b\x32\x35.google.cloud.policytroubleshooter.v1.ExplainedPolicy\x12\"\n\x06\x65rrors\x18\x03 \x03(\x0b\x32\x12.google.rpc.Status2\xa9\x02\n\nIamChecker\x12\xc1\x01\n\x15TroubleshootIamPolicy\x12\x42.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest\x1a\x43.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse\"\x1f\x82\xd3\xe4\x93\x02\x19\"\x14/v1/iam:troubleshoot:\x01*\x1aW\xca\x41#policytroubleshooter.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\x96\x02\n(com.google.cloud.policytroubleshooter.v1B\x0fIAMCheckerProtoP\x01Z\\cloud.google.com/go/policytroubleshooter/apiv1/policytroubleshooterpb;policytroubleshooterpb\xf8\x01\x01\xaa\x02$Google.Cloud.PolicyTroubleshooter.V1\xca\x02$Google\\Cloud\\PolicyTroubleshooter\\V1\xea\x02\'Google::Cloud::PolicyTroubleshooter::V1P\x00\x62\x06proto3"
 
 pool = Google::Protobuf::DescriptorPool.generated_pool
 
@@ -25,6 +26,7 @@ rescue TypeError => e
   warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
   imports = [
     ["google.cloud.policytroubleshooter.v1.AccessTuple", "google/cloud/policytroubleshooter/v1/explanations.proto"],
+    ["google.rpc.Status", "google/rpc/status.proto"],
   ]
   imports.each do |type_name, expected_filename|
     import_file = pool.lookup(type_name).file_descriptor

data/lib/google/cloud/policytroubleshooter/v1/checker_services_pb.rb

@@ -1,7 +1,7 @@
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
 # Source: google/cloud/policytroubleshooter/v1/checker.proto for package 'Google.Cloud.PolicyTroubleshooter.V1'
 # Original file comments:
-# Copyright 2019 Google LLC.
+# Copyright 2023 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -15,7 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-#
 
 require 'grpc'
 require 'google/cloud/policytroubleshooter/v1/checker_pb'
@@ -36,8 +35,9 @@ module Google
             self.unmarshal_class_method = :decode
             self.service_name = 'google.cloud.policytroubleshooter.v1.IamChecker'
 
-            # Checks whether a member has a specific permission for a specific resource,
-            # and explains why the member does or does not have that permission.
+            # Checks whether a principal has a specific permission for a specific
+            # resource, and explains why the principal does or does not have that
+            # permission.
             rpc :TroubleshootIamPolicy, ::Google::Cloud::PolicyTroubleshooter::V1::TroubleshootIamPolicyRequest, ::Google::Cloud::PolicyTroubleshooter::V1::TroubleshootIamPolicyResponse
           end
 

data/proto_docs/google/cloud/policytroubleshooter/v1/checker.rb

@@ -21,26 +21,28 @@ module Google
   module Cloud
     module PolicyTroubleshooter
       module V1
-        # Request for {::Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Client#troubleshoot_iam_policy TroubleshootIamPolicy}.
+        # Request for
+        # {::Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Client#troubleshoot_iam_policy TroubleshootIamPolicy}.
         # @!attribute [rw] access_tuple
         #   @return [::Google::Cloud::PolicyTroubleshooter::V1::AccessTuple]
-        #     The information to use for checking whether a member has a permission for a
-        #     resource.
+        #     The information to use for checking whether a principal has a permission
+        #     for a resource.
         class TroubleshootIamPolicyRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
-        # Response for {::Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Client#troubleshoot_iam_policy TroubleshootIamPolicy}.
+        # Response for
+        # {::Google::Cloud::PolicyTroubleshooter::V1::IamChecker::Client#troubleshoot_iam_policy TroubleshootIamPolicy}.
         # @!attribute [rw] access
         #   @return [::Google::Cloud::PolicyTroubleshooter::V1::AccessState]
-        #     Indicates whether the member has the specified permission for the specified
-        #     resource, based on evaluating all of the applicable IAM policies.
+        #     Indicates whether the principal has the specified permission for the
+        #     specified resource, based on evaluating all of the applicable IAM policies.
         # @!attribute [rw] explained_policies
         #   @return [::Array<::Google::Cloud::PolicyTroubleshooter::V1::ExplainedPolicy>]
-        #     List of IAM policies that were evaluated to check the member's permissions,
-        #     with annotations to indicate how each policy contributed to the final
-        #     result.
+        #     List of IAM policies that were evaluated to check the principal's
+        #     permissions, with annotations to indicate how each policy contributed to
+        #     the final result.
         #
         #     The list of policies can include the policy for the resource itself. It can
         #     also include policies that are inherited from higher levels of the resource
@@ -48,6 +50,9 @@ module Google
         #
         #     To learn more about the resource hierarchy, see
         #     https://cloud.google.com/iam/help/resource-hierarchy.
+        # @!attribute [rw] errors
+        #   @return [::Array<::Google::Rpc::Status>]
+        #     The general errors contained in the troubleshooting response.
         class TroubleshootIamPolicyResponse
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/policytroubleshooter/v1/explanations.rb

@@ -21,16 +21,16 @@ module Google
   module Cloud
     module PolicyTroubleshooter
       module V1
-        # Information about the member, resource, and permission to check.
+        # Information about the principal, resource, and permission to check.
         # @!attribute [rw] principal
         #   @return [::String]
-        #     Required. The member, or principal, whose access you want to check, in the form of
-        #     the email address that represents that member. For example,
+        #     Required. The principal whose access you want to check, in the form of
+        #     the email address that represents that principal. For example,
         #     `alice@example.com` or
         #     `my-service-account@my-project.iam.gserviceaccount.com`.
         #
-        #     The member must be a Google Account or a service account. Other types of
-        #     members are not supported.
+        #     The principal must be a Google Account or a service account. Other types of
+        #     principals are not supported.
         # @!attribute [rw] full_resource_name
         #   @return [::String]
         #     Required. The full resource name that identifies the resource. For example,
@@ -40,7 +40,8 @@ module Google
         #     https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
         # @!attribute [rw] permission
         #   @return [::String]
-        #     Required. The IAM permission to check for the specified member and resource.
+        #     Required. The IAM permission to check for the specified principal and
+        #     resource.
         #
         #     For a complete list of IAM permissions, see
         #     https://cloud.google.com/iam/help/permissions/reference.
@@ -57,12 +58,12 @@ module Google
         # @!attribute [rw] access
         #   @return [::Google::Cloud::PolicyTroubleshooter::V1::AccessState]
         #     Indicates whether _this policy_ provides the specified permission to the
-        #     specified member for the specified resource.
+        #     specified principal for the specified resource.
         #
-        #     This field does _not_ indicate whether the member actually has the
+        #     This field does _not_ indicate whether the principal actually has the
         #     permission for the resource. There might be another policy that overrides
-        #     this policy. To determine whether the member actually has the permission,
-        #     use the `access` field in the
+        #     this policy. To determine whether the principal actually has the
+        #     permission, use the `access` field in the
         #     [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
         # @!attribute [rw] full_resource_name
         #   @return [::String]
@@ -82,8 +83,8 @@ module Google
         #     is empty.
         # @!attribute [rw] binding_explanations
         #   @return [::Array<::Google::Cloud::PolicyTroubleshooter::V1::BindingExplanation>]
-        #     Details about how each binding in the policy affects the member's ability,
-        #     or inability, to use the permission for the resource.
+        #     Details about how each binding in the policy affects the principal's
+        #     ability, or inability, to use the permission for the resource.
         #
         #     If the sender of the request does not have access to the policy, this field
         #     is omitted.
@@ -99,17 +100,17 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
-        # Details about how a binding in a policy affects a member's ability to use a
-        # permission.
+        # Details about how a binding in a policy affects a principal's ability to use
+        # a permission.
         # @!attribute [rw] access
         #   @return [::Google::Cloud::PolicyTroubleshooter::V1::AccessState]
-        #     Required. Indicates whether _this binding_ provides the specified permission to the
-        #     specified member for the specified resource.
+        #     Required. Indicates whether _this binding_ provides the specified
+        #     permission to the specified principal for the specified resource.
         #
-        #     This field does _not_ indicate whether the member actually has the
+        #     This field does _not_ indicate whether the principal actually has the
         #     permission for the resource. There might be another binding that overrides
-        #     this binding. To determine whether the member actually has the permission,
-        #     use the `access` field in the
+        #     this binding. To determine whether the principal actually has the
+        #     permission, use the `access` field in the
         #     [TroubleshootIamPolicyResponse][IamChecker.TroubleshootIamPolicyResponse].
         # @!attribute [rw] role
         #   @return [::String]
@@ -128,24 +129,24 @@ module Google
         #     to the overall determination for the entire policy.
         # @!attribute [rw] memberships
         #   @return [::Google::Protobuf::Map{::String => ::Google::Cloud::PolicyTroubleshooter::V1::BindingExplanation::AnnotatedMembership}]
-        #     Indicates whether each member in the binding includes the member specified
-        #     in the request, either directly or indirectly. Each key identifies a member
-        #     in the binding, and each value indicates whether the member in the binding
-        #     includes the member in the request.
+        #     Indicates whether each principal in the binding includes the principal
+        #     specified in the request, either directly or indirectly. Each key
+        #     identifies a principal in the binding, and each value indicates whether the
+        #     principal in the binding includes the principal in the request.
         #
-        #     For example, suppose that a binding includes the following members:
+        #     For example, suppose that a binding includes the following principals:
         #
         #     * `user:alice@example.com`
         #     * `group:product-eng@example.com`
         #
         #     You want to troubleshoot access for `user:bob@example.com`. This user is a
-        #     member of the group `group:product-eng@example.com`.
+        #     principal of the group `group:product-eng@example.com`.
         #
-        #     For the first member in the binding, the key is `user:alice@example.com`,
-        #     and the `membership` field in the value is set to
+        #     For the first principal in the binding, the key is
+        #     `user:alice@example.com`, and the `membership` field in the value is set to
         #     `MEMBERSHIP_NOT_INCLUDED`.
         #
-        #     For the second member in the binding, the key is
+        #     For the second principal in the binding, the key is
         #     `group:product-eng@example.com`, and the `membership` field in the value is
         #     set to `MEMBERSHIP_INCLUDED`.
         # @!attribute [rw] relevance
@@ -154,23 +155,23 @@ module Google
         #     policy.
         # @!attribute [rw] condition
         #   @return [::Google::Type::Expr]
-        #     A condition expression that prevents access unless the expression evaluates
-        #     to `true`.
+        #     A condition expression that prevents this binding from granting access
+        #     unless the expression evaluates to `true`.
         #
         #     To learn about IAM Conditions, see
-        #     http://cloud.google.com/iam/help/conditions/overview.
+        #     https://cloud.google.com/iam/help/conditions/overview.
         class BindingExplanation
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
 
-          # Details about whether the binding includes the member.
+          # Details about whether the binding includes the principal.
           # @!attribute [rw] membership
           #   @return [::Google::Cloud::PolicyTroubleshooter::V1::BindingExplanation::Membership]
-          #     Indicates whether the binding includes the member.
+          #     Indicates whether the binding includes the principal.
           # @!attribute [rw] relevance
           #   @return [::Google::Cloud::PolicyTroubleshooter::V1::HeuristicRelevance]
-          #     The relevance of the member's status to the overall determination for the
-          #     binding.
+          #     The relevance of the principal's status to the overall determination for
+          #     the binding.
           class AnnotatedMembership
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -187,7 +188,7 @@ module Google
 
           # Whether a role includes a specific permission.
           module RolePermission
-            # Reserved for future use.
+            # Default value. This value is unused.
             ROLE_PERMISSION_UNSPECIFIED = 0
 
             # The permission is included in the role.
@@ -200,44 +201,45 @@ module Google
             ROLE_PERMISSION_UNKNOWN_INFO_DENIED = 3
           end
 
-          # Whether the binding includes the member.
+          # Whether the binding includes the principal.
           module Membership
-            # Reserved for future use.
+            # Default value. This value is unused.
             MEMBERSHIP_UNSPECIFIED = 0
 
-            # The binding includes the member. The member can be included directly
-            # or indirectly. For example:
+            # The binding includes the principal. The principal can be included
+            # directly or indirectly. For example:
             #
-            # * A member is included directly if that member is listed in the binding.
-            # * A member is included indirectly if that member is in a Google group or
-            #   G Suite domain that is listed in the binding.
+            # * A principal is included directly if that principal is listed in the
+            #   binding.
+            # * A principal is included indirectly if that principal is in a Google
+            #   group or Google Workspace domain that is listed in the binding.
             MEMBERSHIP_INCLUDED = 1
 
-            # The binding does not include the member.
+            # The binding does not include the principal.
             MEMBERSHIP_NOT_INCLUDED = 2
 
             # The sender of the request is not allowed to access the binding.
             MEMBERSHIP_UNKNOWN_INFO_DENIED = 3
 
-            # The member is an unsupported type. Only Google Accounts and service
+            # The principal is an unsupported type. Only Google Accounts and service
             # accounts are supported.
             MEMBERSHIP_UNKNOWN_UNSUPPORTED = 4
           end
         end
 
-        # Whether a member has a permission for a resource.
+        # Whether a principal has a permission for a resource.
         module AccessState
-          # Reserved for future use.
+          # Default value. This value is unused.
           ACCESS_STATE_UNSPECIFIED = 0
 
-          # The member has the permission.
+          # The principal has the permission.
           GRANTED = 1
 
-          # The member does not have the permission.
+          # The principal does not have the permission.
           NOT_GRANTED = 2
 
-          # The member has the permission only if a condition expression evaluates to
-          # `true`.
+          # The principal has the permission only if a condition expression evaluates
+          # to `true`.
           UNKNOWN_CONDITIONAL = 3
 
           # The sender of the request does not have access to all of the policies that
@@ -245,10 +247,11 @@ module Google
           UNKNOWN_INFO_DENIED = 4
         end
 
-        # The extent to which a single data point contributes to an overall
+        # The extent to which a single data point, such as the existence of a binding
+        # or whether a binding includes a specific principal, contributes to an overall
         # determination.
         module HeuristicRelevance
-          # Reserved for future use.
+          # Default value. This value is unused.
           HEURISTIC_RELEVANCE_UNSPECIFIED = 0
 
           # The data point has a limited effect on the result. Changing the data point

data/proto_docs/google/protobuf/any.rb

@@ -0,0 +1,144 @@
+# frozen_string_literal: true
+
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Protobuf
+    # `Any` contains an arbitrary serialized protocol buffer message along with a
+    # URL that describes the type of the serialized message.
+    #
+    # Protobuf library provides support to pack/unpack Any values in the form
+    # of utility functions or additional generated methods of the Any type.
+    #
+    # Example 1: Pack and unpack a message in C++.
+    #
+    #     Foo foo = ...;
+    #     Any any;
+    #     any.PackFrom(foo);
+    #     ...
+    #     if (any.UnpackTo(&foo)) {
+    #       ...
+    #     }
+    #
+    # Example 2: Pack and unpack a message in Java.
+    #
+    #     Foo foo = ...;
+    #     Any any = Any.pack(foo);
+    #     ...
+    #     if (any.is(Foo.class)) {
+    #       foo = any.unpack(Foo.class);
+    #     }
+    #     // or ...
+    #     if (any.isSameTypeAs(Foo.getDefaultInstance())) {
+    #       foo = any.unpack(Foo.getDefaultInstance());
+    #     }
+    #
+    #  Example 3: Pack and unpack a message in Python.
+    #
+    #     foo = Foo(...)
+    #     any = Any()
+    #     any.Pack(foo)
+    #     ...
+    #     if any.Is(Foo.DESCRIPTOR):
+    #       any.Unpack(foo)
+    #       ...
+    #
+    #  Example 4: Pack and unpack a message in Go
+    #
+    #      foo := &pb.Foo{...}
+    #      any, err := anypb.New(foo)
+    #      if err != nil {
+    #        ...
+    #      }
+    #      ...
+    #      foo := &pb.Foo{}
+    #      if err := any.UnmarshalTo(foo); err != nil {
+    #        ...
+    #      }
+    #
+    # The pack methods provided by protobuf library will by default use
+    # 'type.googleapis.com/full.type.name' as the type URL and the unpack
+    # methods only use the fully qualified type name after the last '/'
+    # in the type URL, for example "foo.bar.com/x/y.z" will yield type
+    # name "y.z".
+    #
+    # JSON
+    # ====
+    # The JSON representation of an `Any` value uses the regular
+    # representation of the deserialized, embedded message, with an
+    # additional field `@type` which contains the type URL. Example:
+    #
+    #     package google.profile;
+    #     message Person {
+    #       string first_name = 1;
+    #       string last_name = 2;
+    #     }
+    #
+    #     {
+    #       "@type": "type.googleapis.com/google.profile.Person",
+    #       "firstName": <string>,
+    #       "lastName": <string>
+    #     }
+    #
+    # If the embedded message type is well-known and has a custom JSON
+    # representation, that representation will be embedded adding a field
+    # `value` which holds the custom JSON in addition to the `@type`
+    # field. Example (for message [google.protobuf.Duration][]):
+    #
+    #     {
+    #       "@type": "type.googleapis.com/google.protobuf.Duration",
+    #       "value": "1.212s"
+    #     }
+    # @!attribute [rw] type_url
+    #   @return [::String]
+    #     A URL/resource name that uniquely identifies the type of the serialized
+    #     protocol buffer message. This string must contain at least
+    #     one "/" character. The last segment of the URL's path must represent
+    #     the fully qualified name of the type (as in
+    #     `path/google.protobuf.Duration`). The name should be in a canonical form
+    #     (e.g., leading "." is not accepted).
+    #
+    #     In practice, teams usually precompile into the binary all types that they
+    #     expect it to use in the context of Any. However, for URLs which use the
+    #     scheme `http`, `https`, or no scheme, one can optionally set up a type
+    #     server that maps type URLs to message definitions as follows:
+    #
+    #     * If no scheme is provided, `https` is assumed.
+    #     * An HTTP GET on the URL must yield a [google.protobuf.Type][]
+    #       value in binary format, or produce an error.
+    #     * Applications are allowed to cache lookup results based on the
+    #       URL, or have them precompiled into a binary to avoid any
+    #       lookup. Therefore, binary compatibility needs to be preserved
+    #       on changes to types. (Use versioned type names to manage
+    #       breaking changes.)
+    #
+    #     Note: this functionality is not currently available in the official
+    #     protobuf release, and it is not used for type URLs beginning with
+    #     type.googleapis.com.
+    #
+    #     Schemes other than `http`, `https` (or the empty scheme) might be
+    #     used with implementation specific semantics.
+    # @!attribute [rw] value
+    #   @return [::String]
+    #     Must be a valid serialized protocol buffer of the above specified type.
+    class Any
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/google/rpc/status.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Rpc
+    # The `Status` type defines a logical error model that is suitable for
+    # different programming environments, including REST APIs and RPC APIs. It is
+    # used by [gRPC](https://github.com/grpc). Each `Status` message contains
+    # three pieces of data: error code, error message, and error details.
+    #
+    # You can find out more about this error model and how to work with it in the
+    # [API Design Guide](https://cloud.google.com/apis/design/errors).
+    # @!attribute [rw] code
+    #   @return [::Integer]
+    #     The status code, which should be an enum value of
+    #     [google.rpc.Code][google.rpc.Code].
+    # @!attribute [rw] message
+    #   @return [::String]
+    #     A developer-facing error message, which should be in English. Any
+    #     user-facing error message should be localized and sent in the
+    #     {::Google::Rpc::Status#details google.rpc.Status.details} field, or localized
+    #     by the client.
+    # @!attribute [rw] details
+    #   @return [::Array<::Google::Protobuf::Any>]
+    #     A list of messages that carry the error details.  There is a common set of
+    #     message types for APIs to use.
+    class Status
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-policy_troubleshooter-v1
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.8.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-06-02 00:00:00.000000000 Z
+date: 2023-07-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -16,7 +16,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.19.0
+        version: 0.19.1
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -26,7 +26,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.19.0
+        version: 0.19.1
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -208,7 +208,9 @@ files:
 - proto_docs/google/cloud/policytroubleshooter/v1/checker.rb
 - proto_docs/google/cloud/policytroubleshooter/v1/explanations.rb
 - proto_docs/google/iam/v1/policy.rb
+- proto_docs/google/protobuf/any.rb
 - proto_docs/google/protobuf/duration.rb
+- proto_docs/google/rpc/status.rb
 - proto_docs/google/type/expr.rb
 homepage: https://github.com/googleapis/google-cloud-ruby
 licenses: