google-cloud-privileged_access_manager-v1 0.1.2 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +31 -21
- data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager/client.rb +50 -22
- data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager/operations.rb +19 -15
- data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager/rest/client.rb +48 -22
- data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager/rest/operations.rb +50 -38
- data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager/rest/service_stub.rb +126 -86
- data/lib/google/cloud/privileged_access_manager/v1/version.rb +1 -1
- data/lib/google/cloud/privilegedaccessmanager/v1/privilegedaccessmanager_services_pb.rb +4 -3
- data/proto_docs/google/api/client.rb +39 -0
- data/proto_docs/google/cloud/privilegedaccessmanager/v1/privilegedaccessmanager.rb +31 -10
- data/proto_docs/google/longrunning/operations.rb +23 -14
- metadata +6 -9
data/lib/google/cloud/privileged_access_manager/v1/privileged_access_manager/rest/service_stub.rb
CHANGED
|
@@ -30,7 +30,8 @@ module Google
|
|
|
30
30
|
# including transcoding, making the REST call, and deserialing the response.
|
|
31
31
|
#
|
|
32
32
|
class ServiceStub
|
|
33
|
-
|
|
33
|
+
# @private
|
|
34
|
+
def initialize endpoint:, endpoint_template:, universe_domain:, credentials:, logger:
|
|
34
35
|
# These require statements are intentionally placed here to initialize
|
|
35
36
|
# the REST modules only when it's required.
|
|
36
37
|
require "gapic/rest"
|
|
@@ -40,7 +41,9 @@ module Google
|
|
|
40
41
|
universe_domain: universe_domain,
|
|
41
42
|
credentials: credentials,
|
|
42
43
|
numeric_enums: true,
|
|
43
|
-
|
|
44
|
+
service_name: self.class,
|
|
45
|
+
raise_faraday_errors: false,
|
|
46
|
+
logger: logger
|
|
44
47
|
end
|
|
45
48
|
|
|
46
49
|
##
|
|
@@ -61,6 +64,15 @@ module Google
|
|
|
61
64
|
@client_stub.endpoint
|
|
62
65
|
end
|
|
63
66
|
|
|
67
|
+
##
|
|
68
|
+
# The logger used for request/response debug logging.
|
|
69
|
+
#
|
|
70
|
+
# @return [Logger]
|
|
71
|
+
#
|
|
72
|
+
def logger stub: false
|
|
73
|
+
stub ? @client_stub.stub_logger : @client_stub.logger
|
|
74
|
+
end
|
|
75
|
+
|
|
64
76
|
##
|
|
65
77
|
# Baseline implementation for the check_onboarding_status REST call
|
|
66
78
|
#
|
|
@@ -87,16 +99,18 @@ module Google
|
|
|
87
99
|
|
|
88
100
|
response = @client_stub.make_http_request(
|
|
89
101
|
verb,
|
|
90
|
-
uri:
|
|
91
|
-
body:
|
|
92
|
-
params:
|
|
102
|
+
uri: uri,
|
|
103
|
+
body: body || "",
|
|
104
|
+
params: query_string_params,
|
|
105
|
+
method_name: "check_onboarding_status",
|
|
93
106
|
options: options
|
|
94
107
|
)
|
|
95
108
|
operation = ::Gapic::Rest::TransportOperation.new response
|
|
96
109
|
result = ::Google::Cloud::PrivilegedAccessManager::V1::CheckOnboardingStatusResponse.decode_json response.body, ignore_unknown_fields: true
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
110
|
+
catch :response do
|
|
111
|
+
yield result, operation if block_given?
|
|
112
|
+
result
|
|
113
|
+
end
|
|
100
114
|
end
|
|
101
115
|
|
|
102
116
|
##
|
|
@@ -125,16 +139,18 @@ module Google
|
|
|
125
139
|
|
|
126
140
|
response = @client_stub.make_http_request(
|
|
127
141
|
verb,
|
|
128
|
-
uri:
|
|
129
|
-
body:
|
|
130
|
-
params:
|
|
142
|
+
uri: uri,
|
|
143
|
+
body: body || "",
|
|
144
|
+
params: query_string_params,
|
|
145
|
+
method_name: "list_entitlements",
|
|
131
146
|
options: options
|
|
132
147
|
)
|
|
133
148
|
operation = ::Gapic::Rest::TransportOperation.new response
|
|
134
149
|
result = ::Google::Cloud::PrivilegedAccessManager::V1::ListEntitlementsResponse.decode_json response.body, ignore_unknown_fields: true
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
150
|
+
catch :response do
|
|
151
|
+
yield result, operation if block_given?
|
|
152
|
+
result
|
|
153
|
+
end
|
|
138
154
|
end
|
|
139
155
|
|
|
140
156
|
##
|
|
@@ -163,16 +179,18 @@ module Google
|
|
|
163
179
|
|
|
164
180
|
response = @client_stub.make_http_request(
|
|
165
181
|
verb,
|
|
166
|
-
uri:
|
|
167
|
-
body:
|
|
168
|
-
params:
|
|
182
|
+
uri: uri,
|
|
183
|
+
body: body || "",
|
|
184
|
+
params: query_string_params,
|
|
185
|
+
method_name: "search_entitlements",
|
|
169
186
|
options: options
|
|
170
187
|
)
|
|
171
188
|
operation = ::Gapic::Rest::TransportOperation.new response
|
|
172
189
|
result = ::Google::Cloud::PrivilegedAccessManager::V1::SearchEntitlementsResponse.decode_json response.body, ignore_unknown_fields: true
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
190
|
+
catch :response do
|
|
191
|
+
yield result, operation if block_given?
|
|
192
|
+
result
|
|
193
|
+
end
|
|
176
194
|
end
|
|
177
195
|
|
|
178
196
|
##
|
|
@@ -201,16 +219,18 @@ module Google
|
|
|
201
219
|
|
|
202
220
|
response = @client_stub.make_http_request(
|
|
203
221
|
verb,
|
|
204
|
-
uri:
|
|
205
|
-
body:
|
|
206
|
-
params:
|
|
222
|
+
uri: uri,
|
|
223
|
+
body: body || "",
|
|
224
|
+
params: query_string_params,
|
|
225
|
+
method_name: "get_entitlement",
|
|
207
226
|
options: options
|
|
208
227
|
)
|
|
209
228
|
operation = ::Gapic::Rest::TransportOperation.new response
|
|
210
229
|
result = ::Google::Cloud::PrivilegedAccessManager::V1::Entitlement.decode_json response.body, ignore_unknown_fields: true
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
230
|
+
catch :response do
|
|
231
|
+
yield result, operation if block_given?
|
|
232
|
+
result
|
|
233
|
+
end
|
|
214
234
|
end
|
|
215
235
|
|
|
216
236
|
##
|
|
@@ -239,16 +259,18 @@ module Google
|
|
|
239
259
|
|
|
240
260
|
response = @client_stub.make_http_request(
|
|
241
261
|
verb,
|
|
242
|
-
uri:
|
|
243
|
-
body:
|
|
244
|
-
params:
|
|
262
|
+
uri: uri,
|
|
263
|
+
body: body || "",
|
|
264
|
+
params: query_string_params,
|
|
265
|
+
method_name: "create_entitlement",
|
|
245
266
|
options: options
|
|
246
267
|
)
|
|
247
268
|
operation = ::Gapic::Rest::TransportOperation.new response
|
|
248
269
|
result = ::Google::Longrunning::Operation.decode_json response.body, ignore_unknown_fields: true
|
|
249
|
-
|
|
250
|
-
|
|
251
|
-
|
|
270
|
+
catch :response do
|
|
271
|
+
yield result, operation if block_given?
|
|
272
|
+
result
|
|
273
|
+
end
|
|
252
274
|
end
|
|
253
275
|
|
|
254
276
|
##
|
|
@@ -277,16 +299,18 @@ module Google
|
|
|
277
299
|
|
|
278
300
|
response = @client_stub.make_http_request(
|
|
279
301
|
verb,
|
|
280
|
-
uri:
|
|
281
|
-
body:
|
|
282
|
-
params:
|
|
302
|
+
uri: uri,
|
|
303
|
+
body: body || "",
|
|
304
|
+
params: query_string_params,
|
|
305
|
+
method_name: "delete_entitlement",
|
|
283
306
|
options: options
|
|
284
307
|
)
|
|
285
308
|
operation = ::Gapic::Rest::TransportOperation.new response
|
|
286
309
|
result = ::Google::Longrunning::Operation.decode_json response.body, ignore_unknown_fields: true
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
310
|
+
catch :response do
|
|
311
|
+
yield result, operation if block_given?
|
|
312
|
+
result
|
|
313
|
+
end
|
|
290
314
|
end
|
|
291
315
|
|
|
292
316
|
##
|
|
@@ -315,16 +339,18 @@ module Google
|
|
|
315
339
|
|
|
316
340
|
response = @client_stub.make_http_request(
|
|
317
341
|
verb,
|
|
318
|
-
uri:
|
|
319
|
-
body:
|
|
320
|
-
params:
|
|
342
|
+
uri: uri,
|
|
343
|
+
body: body || "",
|
|
344
|
+
params: query_string_params,
|
|
345
|
+
method_name: "update_entitlement",
|
|
321
346
|
options: options
|
|
322
347
|
)
|
|
323
348
|
operation = ::Gapic::Rest::TransportOperation.new response
|
|
324
349
|
result = ::Google::Longrunning::Operation.decode_json response.body, ignore_unknown_fields: true
|
|
325
|
-
|
|
326
|
-
|
|
327
|
-
|
|
350
|
+
catch :response do
|
|
351
|
+
yield result, operation if block_given?
|
|
352
|
+
result
|
|
353
|
+
end
|
|
328
354
|
end
|
|
329
355
|
|
|
330
356
|
##
|
|
@@ -353,16 +379,18 @@ module Google
|
|
|
353
379
|
|
|
354
380
|
response = @client_stub.make_http_request(
|
|
355
381
|
verb,
|
|
356
|
-
uri:
|
|
357
|
-
body:
|
|
358
|
-
params:
|
|
382
|
+
uri: uri,
|
|
383
|
+
body: body || "",
|
|
384
|
+
params: query_string_params,
|
|
385
|
+
method_name: "list_grants",
|
|
359
386
|
options: options
|
|
360
387
|
)
|
|
361
388
|
operation = ::Gapic::Rest::TransportOperation.new response
|
|
362
389
|
result = ::Google::Cloud::PrivilegedAccessManager::V1::ListGrantsResponse.decode_json response.body, ignore_unknown_fields: true
|
|
363
|
-
|
|
364
|
-
|
|
365
|
-
|
|
390
|
+
catch :response do
|
|
391
|
+
yield result, operation if block_given?
|
|
392
|
+
result
|
|
393
|
+
end
|
|
366
394
|
end
|
|
367
395
|
|
|
368
396
|
##
|
|
@@ -391,16 +419,18 @@ module Google
|
|
|
391
419
|
|
|
392
420
|
response = @client_stub.make_http_request(
|
|
393
421
|
verb,
|
|
394
|
-
uri:
|
|
395
|
-
body:
|
|
396
|
-
params:
|
|
422
|
+
uri: uri,
|
|
423
|
+
body: body || "",
|
|
424
|
+
params: query_string_params,
|
|
425
|
+
method_name: "search_grants",
|
|
397
426
|
options: options
|
|
398
427
|
)
|
|
399
428
|
operation = ::Gapic::Rest::TransportOperation.new response
|
|
400
429
|
result = ::Google::Cloud::PrivilegedAccessManager::V1::SearchGrantsResponse.decode_json response.body, ignore_unknown_fields: true
|
|
401
|
-
|
|
402
|
-
|
|
403
|
-
|
|
430
|
+
catch :response do
|
|
431
|
+
yield result, operation if block_given?
|
|
432
|
+
result
|
|
433
|
+
end
|
|
404
434
|
end
|
|
405
435
|
|
|
406
436
|
##
|
|
@@ -429,16 +459,18 @@ module Google
|
|
|
429
459
|
|
|
430
460
|
response = @client_stub.make_http_request(
|
|
431
461
|
verb,
|
|
432
|
-
uri:
|
|
433
|
-
body:
|
|
434
|
-
params:
|
|
462
|
+
uri: uri,
|
|
463
|
+
body: body || "",
|
|
464
|
+
params: query_string_params,
|
|
465
|
+
method_name: "get_grant",
|
|
435
466
|
options: options
|
|
436
467
|
)
|
|
437
468
|
operation = ::Gapic::Rest::TransportOperation.new response
|
|
438
469
|
result = ::Google::Cloud::PrivilegedAccessManager::V1::Grant.decode_json response.body, ignore_unknown_fields: true
|
|
439
|
-
|
|
440
|
-
|
|
441
|
-
|
|
470
|
+
catch :response do
|
|
471
|
+
yield result, operation if block_given?
|
|
472
|
+
result
|
|
473
|
+
end
|
|
442
474
|
end
|
|
443
475
|
|
|
444
476
|
##
|
|
@@ -467,16 +499,18 @@ module Google
|
|
|
467
499
|
|
|
468
500
|
response = @client_stub.make_http_request(
|
|
469
501
|
verb,
|
|
470
|
-
uri:
|
|
471
|
-
body:
|
|
472
|
-
params:
|
|
502
|
+
uri: uri,
|
|
503
|
+
body: body || "",
|
|
504
|
+
params: query_string_params,
|
|
505
|
+
method_name: "create_grant",
|
|
473
506
|
options: options
|
|
474
507
|
)
|
|
475
508
|
operation = ::Gapic::Rest::TransportOperation.new response
|
|
476
509
|
result = ::Google::Cloud::PrivilegedAccessManager::V1::Grant.decode_json response.body, ignore_unknown_fields: true
|
|
477
|
-
|
|
478
|
-
|
|
479
|
-
|
|
510
|
+
catch :response do
|
|
511
|
+
yield result, operation if block_given?
|
|
512
|
+
result
|
|
513
|
+
end
|
|
480
514
|
end
|
|
481
515
|
|
|
482
516
|
##
|
|
@@ -505,16 +539,18 @@ module Google
|
|
|
505
539
|
|
|
506
540
|
response = @client_stub.make_http_request(
|
|
507
541
|
verb,
|
|
508
|
-
uri:
|
|
509
|
-
body:
|
|
510
|
-
params:
|
|
542
|
+
uri: uri,
|
|
543
|
+
body: body || "",
|
|
544
|
+
params: query_string_params,
|
|
545
|
+
method_name: "approve_grant",
|
|
511
546
|
options: options
|
|
512
547
|
)
|
|
513
548
|
operation = ::Gapic::Rest::TransportOperation.new response
|
|
514
549
|
result = ::Google::Cloud::PrivilegedAccessManager::V1::Grant.decode_json response.body, ignore_unknown_fields: true
|
|
515
|
-
|
|
516
|
-
|
|
517
|
-
|
|
550
|
+
catch :response do
|
|
551
|
+
yield result, operation if block_given?
|
|
552
|
+
result
|
|
553
|
+
end
|
|
518
554
|
end
|
|
519
555
|
|
|
520
556
|
##
|
|
@@ -543,16 +579,18 @@ module Google
|
|
|
543
579
|
|
|
544
580
|
response = @client_stub.make_http_request(
|
|
545
581
|
verb,
|
|
546
|
-
uri:
|
|
547
|
-
body:
|
|
548
|
-
params:
|
|
582
|
+
uri: uri,
|
|
583
|
+
body: body || "",
|
|
584
|
+
params: query_string_params,
|
|
585
|
+
method_name: "deny_grant",
|
|
549
586
|
options: options
|
|
550
587
|
)
|
|
551
588
|
operation = ::Gapic::Rest::TransportOperation.new response
|
|
552
589
|
result = ::Google::Cloud::PrivilegedAccessManager::V1::Grant.decode_json response.body, ignore_unknown_fields: true
|
|
553
|
-
|
|
554
|
-
|
|
555
|
-
|
|
590
|
+
catch :response do
|
|
591
|
+
yield result, operation if block_given?
|
|
592
|
+
result
|
|
593
|
+
end
|
|
556
594
|
end
|
|
557
595
|
|
|
558
596
|
##
|
|
@@ -581,16 +619,18 @@ module Google
|
|
|
581
619
|
|
|
582
620
|
response = @client_stub.make_http_request(
|
|
583
621
|
verb,
|
|
584
|
-
uri:
|
|
585
|
-
body:
|
|
586
|
-
params:
|
|
622
|
+
uri: uri,
|
|
623
|
+
body: body || "",
|
|
624
|
+
params: query_string_params,
|
|
625
|
+
method_name: "revoke_grant",
|
|
587
626
|
options: options
|
|
588
627
|
)
|
|
589
628
|
operation = ::Gapic::Rest::TransportOperation.new response
|
|
590
629
|
result = ::Google::Longrunning::Operation.decode_json response.body, ignore_unknown_fields: true
|
|
591
|
-
|
|
592
|
-
|
|
593
|
-
|
|
630
|
+
catch :response do
|
|
631
|
+
yield result, operation if block_given?
|
|
632
|
+
result
|
|
633
|
+
end
|
|
594
634
|
end
|
|
595
635
|
|
|
596
636
|
##
|
|
@@ -52,7 +52,7 @@ module Google
|
|
|
52
52
|
self.unmarshal_class_method = :decode
|
|
53
53
|
self.service_name = 'google.cloud.privilegedaccessmanager.v1.PrivilegedAccessManager'
|
|
54
54
|
|
|
55
|
-
# CheckOnboardingStatus reports the onboarding status for a
|
|
55
|
+
# `CheckOnboardingStatus` reports the onboarding status for a
|
|
56
56
|
# project/folder/organization. Any findings reported by this API need to be
|
|
57
57
|
# fixed before PAM can be used on the resource.
|
|
58
58
|
rpc :CheckOnboardingStatus, ::Google::Cloud::PrivilegedAccessManager::V1::CheckOnboardingStatusRequest, ::Google::Cloud::PrivilegedAccessManager::V1::CheckOnboardingStatusResponse
|
|
@@ -67,7 +67,7 @@ module Google
|
|
|
67
67
|
# location.
|
|
68
68
|
rpc :CreateEntitlement, ::Google::Cloud::PrivilegedAccessManager::V1::CreateEntitlementRequest, ::Google::Longrunning::Operation
|
|
69
69
|
# Deletes a single entitlement. This method can only be called when there
|
|
70
|
-
# are no in-progress (ACTIVE
|
|
70
|
+
# are no in-progress (`ACTIVE`/`ACTIVATING`/`REVOKING`) grants under the
|
|
71
71
|
# entitlement.
|
|
72
72
|
rpc :DeleteEntitlement, ::Google::Cloud::PrivilegedAccessManager::V1::DeleteEntitlementRequest, ::Google::Longrunning::Operation
|
|
73
73
|
# Updates the entitlement specified in the request. Updated fields in the
|
|
@@ -98,7 +98,8 @@ module Google
|
|
|
98
98
|
rpc :SearchGrants, ::Google::Cloud::PrivilegedAccessManager::V1::SearchGrantsRequest, ::Google::Cloud::PrivilegedAccessManager::V1::SearchGrantsResponse
|
|
99
99
|
# Get details of a single grant.
|
|
100
100
|
rpc :GetGrant, ::Google::Cloud::PrivilegedAccessManager::V1::GetGrantRequest, ::Google::Cloud::PrivilegedAccessManager::V1::Grant
|
|
101
|
-
# Creates a new grant in a given project and
|
|
101
|
+
# Creates a new grant in a given project/folder/organization and
|
|
102
|
+
# location.
|
|
102
103
|
rpc :CreateGrant, ::Google::Cloud::PrivilegedAccessManager::V1::CreateGrantRequest, ::Google::Cloud::PrivilegedAccessManager::V1::Grant
|
|
103
104
|
# `ApproveGrant` is used to approve a grant. This method can only be called
|
|
104
105
|
# on a grant when it's in the `APPROVAL_AWAITED` state. This operation can't
|
|
@@ -28,6 +28,9 @@ module Google
|
|
|
28
28
|
# @!attribute [rw] destinations
|
|
29
29
|
# @return [::Array<::Google::Api::ClientLibraryDestination>]
|
|
30
30
|
# The destination where API teams want this client library to be published.
|
|
31
|
+
# @!attribute [rw] selective_gapic_generation
|
|
32
|
+
# @return [::Google::Api::SelectiveGapicGeneration]
|
|
33
|
+
# Configuration for which RPCs should be generated in the GAPIC client.
|
|
31
34
|
class CommonLanguageSettings
|
|
32
35
|
include ::Google::Protobuf::MessageExts
|
|
33
36
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -212,6 +215,12 @@ module Google
|
|
|
212
215
|
# enabled. By default, asynchronous REST clients will not be generated.
|
|
213
216
|
# This feature will be enabled by default 1 month after launching the
|
|
214
217
|
# feature in preview packages.
|
|
218
|
+
# @!attribute [rw] protobuf_pythonic_types_enabled
|
|
219
|
+
# @return [::Boolean]
|
|
220
|
+
# Enables generation of protobuf code using new types that are more
|
|
221
|
+
# Pythonic which are included in `protobuf>=5.29.x`. This feature will be
|
|
222
|
+
# enabled by default 1 month after launching the feature in preview
|
|
223
|
+
# packages.
|
|
215
224
|
class ExperimentalFeatures
|
|
216
225
|
include ::Google::Protobuf::MessageExts
|
|
217
226
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -297,9 +306,28 @@ module Google
|
|
|
297
306
|
# @!attribute [rw] common
|
|
298
307
|
# @return [::Google::Api::CommonLanguageSettings]
|
|
299
308
|
# Some settings.
|
|
309
|
+
# @!attribute [rw] renamed_services
|
|
310
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
|
311
|
+
# Map of service names to renamed services. Keys are the package relative
|
|
312
|
+
# service names and values are the name to be used for the service client
|
|
313
|
+
# and call options.
|
|
314
|
+
#
|
|
315
|
+
# publishing:
|
|
316
|
+
# go_settings:
|
|
317
|
+
# renamed_services:
|
|
318
|
+
# Publisher: TopicAdmin
|
|
300
319
|
class GoSettings
|
|
301
320
|
include ::Google::Protobuf::MessageExts
|
|
302
321
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
322
|
+
|
|
323
|
+
# @!attribute [rw] key
|
|
324
|
+
# @return [::String]
|
|
325
|
+
# @!attribute [rw] value
|
|
326
|
+
# @return [::String]
|
|
327
|
+
class RenamedServicesEntry
|
|
328
|
+
include ::Google::Protobuf::MessageExts
|
|
329
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
330
|
+
end
|
|
303
331
|
end
|
|
304
332
|
|
|
305
333
|
# Describes the generator configuration for a method.
|
|
@@ -375,6 +403,17 @@ module Google
|
|
|
375
403
|
end
|
|
376
404
|
end
|
|
377
405
|
|
|
406
|
+
# This message is used to configure the generation of a subset of the RPCs in
|
|
407
|
+
# a service for client libraries.
|
|
408
|
+
# @!attribute [rw] methods
|
|
409
|
+
# @return [::Array<::String>]
|
|
410
|
+
# An allowlist of the fully qualified names of RPCs that should be included
|
|
411
|
+
# on public client surfaces.
|
|
412
|
+
class SelectiveGapicGeneration
|
|
413
|
+
include ::Google::Protobuf::MessageExts
|
|
414
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
415
|
+
end
|
|
416
|
+
|
|
378
417
|
# The organization for which the client libraries are being published.
|
|
379
418
|
# Affects the url where generated docs are published, etc.
|
|
380
419
|
module ClientLibraryOrganization
|
|
@@ -131,11 +131,15 @@ module Google
|
|
|
131
131
|
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Entitlement::RequesterJustificationConfig::NotMandatory]
|
|
132
132
|
# This option means the requester isn't required to provide a
|
|
133
133
|
# justification.
|
|
134
|
+
#
|
|
135
|
+
# Note: The following fields are mutually exclusive: `not_mandatory`, `unstructured`. If a field in that set is populated, all other fields in the set will automatically be cleared.
|
|
134
136
|
# @!attribute [rw] unstructured
|
|
135
137
|
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Entitlement::RequesterJustificationConfig::Unstructured]
|
|
136
138
|
# This option means the requester must provide a string as
|
|
137
139
|
# justification. If this is selected, the server allows the requester
|
|
138
140
|
# to provide a justification but doesn't validate it.
|
|
141
|
+
#
|
|
142
|
+
# Note: The following fields are mutually exclusive: `unstructured`, `not_mandatory`. If a field in that set is populated, all other fields in the set will automatically be cleared.
|
|
139
143
|
class RequesterJustificationConfig
|
|
140
144
|
include ::Google::Protobuf::MessageExts
|
|
141
145
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -154,7 +158,7 @@ module Google
|
|
|
154
158
|
end
|
|
155
159
|
end
|
|
156
160
|
|
|
157
|
-
# AdditionalNotificationTargets includes email addresses to be notified.
|
|
161
|
+
# `AdditionalNotificationTargets` includes email addresses to be notified.
|
|
158
162
|
# @!attribute [rw] admin_email_recipients
|
|
159
163
|
# @return [::Array<::String>]
|
|
160
164
|
# Optional. Additional email addresses to be notified when a principal
|
|
@@ -190,7 +194,7 @@ module Google
|
|
|
190
194
|
end
|
|
191
195
|
end
|
|
192
196
|
|
|
193
|
-
# AccessControlEntry is used to control who can do some operation.
|
|
197
|
+
# `AccessControlEntry` is used to control who can do some operation.
|
|
194
198
|
# @!attribute [rw] principals
|
|
195
199
|
# @return [::Array<::String>]
|
|
196
200
|
# Optional. Users who are allowed for the operation. Each entry should be a
|
|
@@ -267,7 +271,7 @@ module Google
|
|
|
267
271
|
include ::Google::Protobuf::MessageExts
|
|
268
272
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
269
273
|
|
|
270
|
-
# GcpIamAccess represents IAM based access control on a Google Cloud
|
|
274
|
+
# `GcpIamAccess` represents IAM based access control on a Google Cloud
|
|
271
275
|
# resource. Refer to https://cloud.google.com/iam/docs to understand more
|
|
272
276
|
# about IAM.
|
|
273
277
|
# @!attribute [rw] resource_type
|
|
@@ -283,7 +287,7 @@ module Google
|
|
|
283
287
|
include ::Google::Protobuf::MessageExts
|
|
284
288
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
285
289
|
|
|
286
|
-
# IAM
|
|
290
|
+
# IAM role bindings that are created after a successful grant.
|
|
287
291
|
# @!attribute [rw] role
|
|
288
292
|
# @return [::String]
|
|
289
293
|
# Required. IAM role to be granted.
|
|
@@ -434,7 +438,7 @@ module Google
|
|
|
434
438
|
# ID, the server can check if original operation with the same request ID
|
|
435
439
|
# was received, and if so, ignores the second request and returns the
|
|
436
440
|
# previous operation's response. This prevents clients from accidentally
|
|
437
|
-
# creating duplicate
|
|
441
|
+
# creating duplicate entitlements.
|
|
438
442
|
#
|
|
439
443
|
# The request ID must be a valid UUID with the exception that zero UUID is
|
|
440
444
|
# not supported (00000000-0000-0000-0000-000000000000).
|
|
@@ -457,8 +461,7 @@ module Google
|
|
|
457
461
|
# For example, consider a situation where you make an initial request and the
|
|
458
462
|
# request times out. If you make the request again with the same request
|
|
459
463
|
# ID, the server can check if original operation with the same request ID
|
|
460
|
-
# was received, and if so, ignores the second request.
|
|
461
|
-
# clients from accidentally creating duplicate commitments.
|
|
464
|
+
# was received, and if so, ignores the second request.
|
|
462
465
|
#
|
|
463
466
|
# The request ID must be a valid UUID with the exception that zero UUID is
|
|
464
467
|
# not supported (00000000-0000-0000-0000-000000000000).
|
|
@@ -492,8 +495,6 @@ module Google
|
|
|
492
495
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
493
496
|
end
|
|
494
497
|
|
|
495
|
-
# This is to ensure that the `Grants` and `ProducerGrants` proto are byte
|
|
496
|
-
# compatible.
|
|
497
498
|
# A grant represents a request from a user for obtaining the access specified
|
|
498
499
|
# in an entitlement they are eligible for.
|
|
499
500
|
# @!attribute [rw] name
|
|
@@ -566,35 +567,55 @@ module Google
|
|
|
566
567
|
# @!attribute [rw] requested
|
|
567
568
|
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Grant::Timeline::Event::Requested]
|
|
568
569
|
# The grant was requested.
|
|
570
|
+
#
|
|
571
|
+
# Note: The following fields are mutually exclusive: `requested`, `approved`, `denied`, `revoked`, `scheduled`, `activated`, `activation_failed`, `expired`, `ended`, `externally_modified`. If a field in that set is populated, all other fields in the set will automatically be cleared.
|
|
569
572
|
# @!attribute [rw] approved
|
|
570
573
|
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Grant::Timeline::Event::Approved]
|
|
571
574
|
# The grant was approved.
|
|
575
|
+
#
|
|
576
|
+
# Note: The following fields are mutually exclusive: `approved`, `requested`, `denied`, `revoked`, `scheduled`, `activated`, `activation_failed`, `expired`, `ended`, `externally_modified`. If a field in that set is populated, all other fields in the set will automatically be cleared.
|
|
572
577
|
# @!attribute [rw] denied
|
|
573
578
|
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Grant::Timeline::Event::Denied]
|
|
574
579
|
# The grant was denied.
|
|
580
|
+
#
|
|
581
|
+
# Note: The following fields are mutually exclusive: `denied`, `requested`, `approved`, `revoked`, `scheduled`, `activated`, `activation_failed`, `expired`, `ended`, `externally_modified`. If a field in that set is populated, all other fields in the set will automatically be cleared.
|
|
575
582
|
# @!attribute [rw] revoked
|
|
576
583
|
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Grant::Timeline::Event::Revoked]
|
|
577
584
|
# The grant was revoked.
|
|
585
|
+
#
|
|
586
|
+
# Note: The following fields are mutually exclusive: `revoked`, `requested`, `approved`, `denied`, `scheduled`, `activated`, `activation_failed`, `expired`, `ended`, `externally_modified`. If a field in that set is populated, all other fields in the set will automatically be cleared.
|
|
578
587
|
# @!attribute [rw] scheduled
|
|
579
588
|
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Grant::Timeline::Event::Scheduled]
|
|
580
589
|
# The grant has been scheduled to give access.
|
|
590
|
+
#
|
|
591
|
+
# Note: The following fields are mutually exclusive: `scheduled`, `requested`, `approved`, `denied`, `revoked`, `activated`, `activation_failed`, `expired`, `ended`, `externally_modified`. If a field in that set is populated, all other fields in the set will automatically be cleared.
|
|
581
592
|
# @!attribute [rw] activated
|
|
582
593
|
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Grant::Timeline::Event::Activated]
|
|
583
594
|
# The grant was successfully activated to give access.
|
|
595
|
+
#
|
|
596
|
+
# Note: The following fields are mutually exclusive: `activated`, `requested`, `approved`, `denied`, `revoked`, `scheduled`, `activation_failed`, `expired`, `ended`, `externally_modified`. If a field in that set is populated, all other fields in the set will automatically be cleared.
|
|
584
597
|
# @!attribute [rw] activation_failed
|
|
585
598
|
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Grant::Timeline::Event::ActivationFailed]
|
|
586
599
|
# There was a non-retriable error while trying to give access.
|
|
600
|
+
#
|
|
601
|
+
# Note: The following fields are mutually exclusive: `activation_failed`, `requested`, `approved`, `denied`, `revoked`, `scheduled`, `activated`, `expired`, `ended`, `externally_modified`. If a field in that set is populated, all other fields in the set will automatically be cleared.
|
|
587
602
|
# @!attribute [rw] expired
|
|
588
603
|
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Grant::Timeline::Event::Expired]
|
|
589
604
|
# The approval workflow did not complete in the necessary duration,
|
|
590
605
|
# and so the grant is expired.
|
|
606
|
+
#
|
|
607
|
+
# Note: The following fields are mutually exclusive: `expired`, `requested`, `approved`, `denied`, `revoked`, `scheduled`, `activated`, `activation_failed`, `ended`, `externally_modified`. If a field in that set is populated, all other fields in the set will automatically be cleared.
|
|
591
608
|
# @!attribute [rw] ended
|
|
592
609
|
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Grant::Timeline::Event::Ended]
|
|
593
610
|
# Access given by the grant ended automatically as the approved
|
|
594
611
|
# duration was over.
|
|
612
|
+
#
|
|
613
|
+
# Note: The following fields are mutually exclusive: `ended`, `requested`, `approved`, `denied`, `revoked`, `scheduled`, `activated`, `activation_failed`, `expired`, `externally_modified`. If a field in that set is populated, all other fields in the set will automatically be cleared.
|
|
595
614
|
# @!attribute [rw] externally_modified
|
|
596
615
|
# @return [::Google::Cloud::PrivilegedAccessManager::V1::Grant::Timeline::Event::ExternallyModified]
|
|
597
616
|
# The policy bindings made by grant have been modified outside of PAM.
|
|
617
|
+
#
|
|
618
|
+
# Note: The following fields are mutually exclusive: `externally_modified`, `requested`, `approved`, `denied`, `revoked`, `scheduled`, `activated`, `activation_failed`, `expired`, `ended`. If a field in that set is populated, all other fields in the set will automatically be cleared.
|
|
598
619
|
# @!attribute [r] event_time
|
|
599
620
|
# @return [::Google::Protobuf::Timestamp]
|
|
600
621
|
# Output only. The time (as recorded at server) when this event occurred.
|
|
@@ -921,7 +942,7 @@ module Google
|
|
|
921
942
|
# request times out. If you make the request again with the same request
|
|
922
943
|
# ID, the server can check if original operation with the same request ID
|
|
923
944
|
# was received, and if so, ignores the second request. This prevents
|
|
924
|
-
# clients from accidentally creating duplicate
|
|
945
|
+
# clients from accidentally creating duplicate grants.
|
|
925
946
|
#
|
|
926
947
|
# The request ID must be a valid UUID with the exception that zero UUID is
|
|
927
948
|
# not supported (00000000-0000-0000-0000-000000000000).
|