google-cloud-secret_manager-v1 0.2.1 → 0.4.2

data/proto_docs/google/iam/v1/iam_policy.rb

@@ -22,57 +22,58 @@ module Google
     module V1
       # Request message for `SetIamPolicy` method.
       # @!attribute [rw] resource
-      #   @return [String]
+      #   @return [::String]
       #     REQUIRED: The resource for which the policy is being specified.
-      #     `resource` is usually specified as a path. For example, a Project
-      #     resource is specified as `projects/{project}`.
+      #     See the operation documentation for the appropriate value for this field.
       # @!attribute [rw] policy
-      #   @return [Google::Iam::V1::Policy]
+      #   @return [::Google::Iam::V1::Policy]
       #     REQUIRED: The complete policy to be applied to the `resource`. The size of
       #     the policy is limited to a few 10s of KB. An empty policy is a
       #     valid policy but certain Cloud Platform services (such as Projects)
       #     might reject them.
       class SetIamPolicyRequest
-        include Google::Protobuf::MessageExts
-        extend Google::Protobuf::MessageExts::ClassMethods
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
       end
 
       # Request message for `GetIamPolicy` method.
       # @!attribute [rw] resource
-      #   @return [String]
+      #   @return [::String]
       #     REQUIRED: The resource for which the policy is being requested.
-      #     `resource` is usually specified as a path. For example, a Project
-      #     resource is specified as `projects/{project}`.
+      #     See the operation documentation for the appropriate value for this field.
+      # @!attribute [rw] options
+      #   @return [::Google::Iam::V1::GetPolicyOptions]
+      #     OPTIONAL: A `GetPolicyOptions` object for specifying options to
+      #     `GetIamPolicy`. This field is only used by Cloud IAM.
       class GetIamPolicyRequest
-        include Google::Protobuf::MessageExts
-        extend Google::Protobuf::MessageExts::ClassMethods
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
       end
 
       # Request message for `TestIamPermissions` method.
       # @!attribute [rw] resource
-      #   @return [String]
+      #   @return [::String]
       #     REQUIRED: The resource for which the policy detail is being requested.
-      #     `resource` is usually specified as a path. For example, a Project
-      #     resource is specified as `projects/{project}`.
+      #     See the operation documentation for the appropriate value for this field.
       # @!attribute [rw] permissions
-      #   @return [Array<String>]
+      #   @return [::Array<::String>]
       #     The set of permissions to check for the `resource`. Permissions with
       #     wildcards (such as '*' or 'storage.*') are not allowed. For more
       #     information see
       #     [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
       class TestIamPermissionsRequest
-        include Google::Protobuf::MessageExts
-        extend Google::Protobuf::MessageExts::ClassMethods
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
       end
 
       # Response message for `TestIamPermissions` method.
       # @!attribute [rw] permissions
-      #   @return [Array<String>]
+      #   @return [::Array<::String>]
       #     A subset of `TestPermissionsRequest.permissions` that the caller is
       #     allowed.
       class TestIamPermissionsResponse
-        include Google::Protobuf::MessageExts
-        extend Google::Protobuf::MessageExts::ClassMethods
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
       end
     end
   end

data/proto_docs/google/iam/v1/options.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Iam
+    module V1
+      # Encapsulates settings provided to GetIamPolicy.
+      # @!attribute [rw] requested_policy_version
+      #   @return [::Integer]
+      #     Optional. The policy format version to be returned.
+      #
+      #     Valid values are 0, 1, and 3. Requests specifying an invalid value will be
+      #     rejected.
+      #
+      #     Requests for policies with any conditional bindings must specify version 3.
+      #     Policies without any conditional bindings may specify any valid value or
+      #     leave the field unset.
+      class GetPolicyOptions
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+    end
+  end
+end

data/proto_docs/google/iam/v1/policy.rb

@@ -24,43 +24,82 @@ module Google
       # specify access control policies for Cloud Platform resources.
       #
       #
-      # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
-      # `members` to a `role`, where the members can be user accounts, Google groups,
-      # Google domains, and service accounts. A `role` is a named list of permissions
-      # defined by IAM.
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+      # `members` to a single `role`. Members can be user accounts, service accounts,
+      # Google groups, and domains (such as G Suite). A `role` is a named list of
+      # permissions (defined by IAM or configured by users). A `binding` can
+      # optionally specify a `condition`, which is a logic expression that further
+      # constrains the role binding based on attributes about the request and/or
+      # target resource.
       #
-      # **Example**
+      # **JSON Example**
       #
       #     {
       #       "bindings": [
       #         {
-      #           "role": "roles/owner",
+      #           "role": "roles/resourcemanager.organizationAdmin",
       #           "members": [
       #             "user:mike@example.com",
       #             "group:admins@example.com",
       #             "domain:google.com",
-      #             "serviceAccount:my-other-app@appspot.gserviceaccount.com",
+      #             "serviceAccount:my-project-id@appspot.gserviceaccount.com"
       #           ]
       #         },
       #         {
-      #           "role": "roles/viewer",
-      #           "members": ["user:sean@example.com"]
+      #           "role": "roles/resourcemanager.organizationViewer",
+      #           "members": ["user:eve@example.com"],
+      #           "condition": {
+      #             "title": "expirable access",
+      #             "description": "Does not grant access after Sep 2020",
+      #             "expression": "request.time <
+      #             timestamp('2020-10-01T00:00:00.000Z')",
+      #           }
       #         }
       #       ]
       #     }
       #
+      # **YAML Example**
+      #
+      #     bindings:
+      #     - members:
+      #       - user:mike@example.com
+      #       - group:admins@example.com
+      #       - domain:google.com
+      #       - serviceAccount:my-project-id@appspot.gserviceaccount.com
+      #       role: roles/resourcemanager.organizationAdmin
+      #     - members:
+      #       - user:eve@example.com
+      #       role: roles/resourcemanager.organizationViewer
+      #       condition:
+      #         title: expirable access
+      #         description: Does not grant access after Sep 2020
+      #         expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
+      #
       # For a description of IAM and its features, see the
-      # [IAM developer's guide](https://cloud.google.com/iam).
+      # [IAM developer's guide](https://cloud.google.com/iam/docs).
       # @!attribute [rw] version
-      #   @return [Integer]
-      #     Version of the `Policy`. The default version is 0.
+      #   @return [::Integer]
+      #     Specifies the format of the policy.
+      #
+      #     Valid values are 0, 1, and 3. Requests specifying an invalid value will be
+      #     rejected.
+      #
+      #     Operations affecting conditional bindings must specify version 3. This can
+      #     be either setting a conditional policy, modifying a conditional binding,
+      #     or removing a binding (conditional or unconditional) from the stored
+      #     conditional policy.
+      #     Operations on non-conditional policies may specify any valid value or
+      #     leave the field unset.
+      #
+      #     If no etag is provided in the call to `setIamPolicy`, version compliance
+      #     checks against the stored policy is skipped.
       # @!attribute [rw] bindings
-      #   @return [Array<Google::Iam::V1::Binding>]
-      #     Associates a list of `members` to a `role`.
-      #     Multiple `bindings` must not be specified for the same `role`.
+      #   @return [::Array<::Google::Iam::V1::Binding>]
+      #     Associates a list of `members` to a `role`. Optionally may specify a
+      #     `condition` that determines when binding is in effect.
       #     `bindings` with no members will result in an error.
       # @!attribute [rw] etag
-      #   @return [String]
+      #   @return [::String]
       #     `etag` is used for optimistic concurrency control as a way to help
       #     prevent simultaneous updates of a policy from overwriting each other.
       #     It is strongly suggested that systems make use of the `etag` in the
@@ -70,20 +109,21 @@ module Google
       #     ensure that their change will be applied to the same version of the policy.
       #
       #     If no `etag` is provided in the call to `setIamPolicy`, then the existing
-      #     policy is overwritten blindly.
+      #     policy is overwritten. Due to blind-set semantics of an etag-less policy,
+      #     'setIamPolicy' will not fail even if the incoming policy version does not
+      #     meet the requirements for modifying the stored policy.
       class Policy
-        include Google::Protobuf::MessageExts
-        extend Google::Protobuf::MessageExts::ClassMethods
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
       end
 
       # Associates `members` with a `role`.
       # @!attribute [rw] role
-      #   @return [String]
+      #   @return [::String]
       #     Role that is assigned to `members`.
       #     For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
-      #     Required
       # @!attribute [rw] members
-      #   @return [Array<String>]
+      #   @return [::Array<::String>]
       #     Specifies the identities requesting access for a Cloud Platform resource.
       #     `members` can have the following values:
       #
@@ -94,7 +134,7 @@ module Google
       #        who is authenticated with a Google account or a service account.
       #
       #     * `user:{emailid}`: An email address that represents a specific Google
-      #        account. For example, `alice@gmail.com` or `joe@example.com`.
+      #        account. For example, `alice@example.com` .
       #
       #
       #     * `serviceAccount:{emailid}`: An email address that represents a service
@@ -103,41 +143,54 @@ module Google
       #     * `group:{emailid}`: An email address that represents a Google group.
       #        For example, `admins@example.com`.
       #
-      #     * `domain:{domain}`: A Google Apps domain name that represents all the
+      #
+      #     * `domain:{domain}`: The G Suite domain (primary) that represents all the
       #        users of that domain. For example, `google.com` or `example.com`.
+      # @!attribute [rw] condition
+      #   @return [::Google::Type::Expr]
+      #     The condition that is associated with this binding.
+      #     NOTE: An unsatisfied condition will not allow user access via current
+      #     binding. Different bindings, including their conditions, are examined
+      #     independently.
       class Binding
-        include Google::Protobuf::MessageExts
-        extend Google::Protobuf::MessageExts::ClassMethods
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
       end
 
       # The difference delta between two policies.
       # @!attribute [rw] binding_deltas
-      #   @return [Array<Google::Iam::V1::BindingDelta>]
+      #   @return [::Array<::Google::Iam::V1::BindingDelta>]
       #     The delta for Bindings between two policies.
+      # @!attribute [rw] audit_config_deltas
+      #   @return [::Array<::Google::Iam::V1::AuditConfigDelta>]
+      #     The delta for AuditConfigs between two policies.
       class PolicyDelta
-        include Google::Protobuf::MessageExts
-        extend Google::Protobuf::MessageExts::ClassMethods
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
       end
 
       # One delta entry for Binding. Each individual change (only one member in each
       # entry) to a binding will be a separate entry.
       # @!attribute [rw] action
-      #   @return [Google::Iam::V1::BindingDelta::Action]
+      #   @return [::Google::Iam::V1::BindingDelta::Action]
       #     The action that was performed on a Binding.
       #     Required
       # @!attribute [rw] role
-      #   @return [String]
+      #   @return [::String]
       #     Role that is assigned to `members`.
       #     For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       #     Required
       # @!attribute [rw] member
-      #   @return [String]
+      #   @return [::String]
       #     A single identity requesting access for a Cloud Platform resource.
       #     Follows the same format of Binding.members.
       #     Required
+      # @!attribute [rw] condition
+      #   @return [::Google::Type::Expr]
+      #     The condition that is associated with this binding.
       class BindingDelta
-        include Google::Protobuf::MessageExts
-        extend Google::Protobuf::MessageExts::ClassMethods
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
 
         # The type of action performed on a Binding in a policy.
         module Action
@@ -151,6 +204,45 @@ module Google
           REMOVE = 2
         end
       end
+
+      # One delta entry for AuditConfig. Each individual change (only one
+      # exempted_member in each entry) to a AuditConfig will be a separate entry.
+      # @!attribute [rw] action
+      #   @return [::Google::Iam::V1::AuditConfigDelta::Action]
+      #     The action that was performed on an audit configuration in a policy.
+      #     Required
+      # @!attribute [rw] service
+      #   @return [::String]
+      #     Specifies a service that was configured for Cloud Audit Logging.
+      #     For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
+      #     `allServices` is a special value that covers all services.
+      #     Required
+      # @!attribute [rw] exempted_member
+      #   @return [::String]
+      #     A single identity that is exempted from "data access" audit
+      #     logging for the `service` specified above.
+      #     Follows the same format of Binding.members.
+      # @!attribute [rw] log_type
+      #   @return [::String]
+      #     Specifies the log_type that was be enabled. ADMIN_ACTIVITY is always
+      #     enabled, and cannot be configured.
+      #     Required
+      class AuditConfigDelta
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+
+        # The type of action performed on an audit configuration in a policy.
+        module Action
+          # Unspecified.
+          ACTION_UNSPECIFIED = 0
+
+          # Addition of an audit configuration.
+          ADD = 1
+
+          # Removal of an audit configuration.
+          REMOVE = 2
+        end
+      end
     end
   end
 end

data/proto_docs/google/protobuf/empty.rb

@@ -29,8 +29,8 @@ module Google
     #
     # The JSON representation for `Empty` is empty JSON object `{}`.
     class Empty
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
     end
   end
 end

data/proto_docs/google/protobuf/field_mask.rb

@@ -219,11 +219,11 @@ module Google
     # request should verify the included field paths, and return an
     # `INVALID_ARGUMENT` error if any path is unmappable.
     # @!attribute [rw] paths
-    #   @return [Array<String>]
+    #   @return [::Array<::String>]
     #     The set of field mask paths.
     class FieldMask
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
     end
   end
 end

data/proto_docs/google/protobuf/timestamp.rb

@@ -102,19 +102,19 @@ module Google
     # http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime%2D%2D
     # ) to obtain a formatter capable of generating timestamps in this format.
     # @!attribute [rw] seconds
-    #   @return [Integer]
+    #   @return [::Integer]
     #     Represents seconds of UTC time since Unix epoch
     #     1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
     #     9999-12-31T23:59:59Z inclusive.
     # @!attribute [rw] nanos
-    #   @return [Integer]
+    #   @return [::Integer]
     #     Non-negative fractions of a second at nanosecond resolution. Negative
     #     second values with fractions must still have non-negative nanos values
     #     that count forward in time. Must be from 0 to 999,999,999
     #     inclusive.
     class Timestamp
-      include Google::Protobuf::MessageExts
-      extend Google::Protobuf::MessageExts::ClassMethods
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
     end
   end
 end

data/proto_docs/google/type/expr.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Type
+    # Represents an expression text. Example:
+    #
+    #     title: "User account presence"
+    #     description: "Determines whether the request has a user account"
+    #     expression: "size(request.user) > 0"
+    # @!attribute [rw] expression
+    #   @return [::String]
+    #     Textual representation of an expression in
+    #     Common Expression Language syntax.
+    #
+    #     The application context of the containing message determines which
+    #     well-known feature set of CEL is supported.
+    # @!attribute [rw] title
+    #   @return [::String]
+    #     An optional title for the expression, i.e. a short string describing
+    #     its purpose. This can be used e.g. in UIs which allow to enter the
+    #     expression.
+    # @!attribute [rw] description
+    #   @return [::String]
+    #     An optional description of the expression. This is a longer text which
+    #     describes the expression, e.g. when hovered over it in a UI.
+    # @!attribute [rw] location
+    #   @return [::String]
+    #     An optional string indicating the location of the expression for error
+    #     reporting, e.g. a file name and a position in the file.
+    class Expr
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end