google-cloud-secret_manager-v1 0.2.1 → 0.4.2

Sign up to get free protection for your applications and to get access to all the features.
@@ -22,57 +22,58 @@ module Google
22
22
  module V1
23
23
  # Request message for `SetIamPolicy` method.
24
24
  # @!attribute [rw] resource
25
- # @return [String]
25
+ # @return [::String]
26
26
  # REQUIRED: The resource for which the policy is being specified.
27
- # `resource` is usually specified as a path. For example, a Project
28
- # resource is specified as `projects/{project}`.
27
+ # See the operation documentation for the appropriate value for this field.
29
28
  # @!attribute [rw] policy
30
- # @return [Google::Iam::V1::Policy]
29
+ # @return [::Google::Iam::V1::Policy]
31
30
  # REQUIRED: The complete policy to be applied to the `resource`. The size of
32
31
  # the policy is limited to a few 10s of KB. An empty policy is a
33
32
  # valid policy but certain Cloud Platform services (such as Projects)
34
33
  # might reject them.
35
34
  class SetIamPolicyRequest
36
- include Google::Protobuf::MessageExts
37
- extend Google::Protobuf::MessageExts::ClassMethods
35
+ include ::Google::Protobuf::MessageExts
36
+ extend ::Google::Protobuf::MessageExts::ClassMethods
38
37
  end
39
38
 
40
39
  # Request message for `GetIamPolicy` method.
41
40
  # @!attribute [rw] resource
42
- # @return [String]
41
+ # @return [::String]
43
42
  # REQUIRED: The resource for which the policy is being requested.
44
- # `resource` is usually specified as a path. For example, a Project
45
- # resource is specified as `projects/{project}`.
43
+ # See the operation documentation for the appropriate value for this field.
44
+ # @!attribute [rw] options
45
+ # @return [::Google::Iam::V1::GetPolicyOptions]
46
+ # OPTIONAL: A `GetPolicyOptions` object for specifying options to
47
+ # `GetIamPolicy`. This field is only used by Cloud IAM.
46
48
  class GetIamPolicyRequest
47
- include Google::Protobuf::MessageExts
48
- extend Google::Protobuf::MessageExts::ClassMethods
49
+ include ::Google::Protobuf::MessageExts
50
+ extend ::Google::Protobuf::MessageExts::ClassMethods
49
51
  end
50
52
 
51
53
  # Request message for `TestIamPermissions` method.
52
54
  # @!attribute [rw] resource
53
- # @return [String]
55
+ # @return [::String]
54
56
  # REQUIRED: The resource for which the policy detail is being requested.
55
- # `resource` is usually specified as a path. For example, a Project
56
- # resource is specified as `projects/{project}`.
57
+ # See the operation documentation for the appropriate value for this field.
57
58
  # @!attribute [rw] permissions
58
- # @return [Array<String>]
59
+ # @return [::Array<::String>]
59
60
  # The set of permissions to check for the `resource`. Permissions with
60
61
  # wildcards (such as '*' or 'storage.*') are not allowed. For more
61
62
  # information see
62
63
  # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
63
64
  class TestIamPermissionsRequest
64
- include Google::Protobuf::MessageExts
65
- extend Google::Protobuf::MessageExts::ClassMethods
65
+ include ::Google::Protobuf::MessageExts
66
+ extend ::Google::Protobuf::MessageExts::ClassMethods
66
67
  end
67
68
 
68
69
  # Response message for `TestIamPermissions` method.
69
70
  # @!attribute [rw] permissions
70
- # @return [Array<String>]
71
+ # @return [::Array<::String>]
71
72
  # A subset of `TestPermissionsRequest.permissions` that the caller is
72
73
  # allowed.
73
74
  class TestIamPermissionsResponse
74
- include Google::Protobuf::MessageExts
75
- extend Google::Protobuf::MessageExts::ClassMethods
75
+ include ::Google::Protobuf::MessageExts
76
+ extend ::Google::Protobuf::MessageExts::ClassMethods
76
77
  end
77
78
  end
78
79
  end
@@ -0,0 +1,40 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2020 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Iam
22
+ module V1
23
+ # Encapsulates settings provided to GetIamPolicy.
24
+ # @!attribute [rw] requested_policy_version
25
+ # @return [::Integer]
26
+ # Optional. The policy format version to be returned.
27
+ #
28
+ # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
29
+ # rejected.
30
+ #
31
+ # Requests for policies with any conditional bindings must specify version 3.
32
+ # Policies without any conditional bindings may specify any valid value or
33
+ # leave the field unset.
34
+ class GetPolicyOptions
35
+ include ::Google::Protobuf::MessageExts
36
+ extend ::Google::Protobuf::MessageExts::ClassMethods
37
+ end
38
+ end
39
+ end
40
+ end
@@ -24,43 +24,82 @@ module Google
24
24
  # specify access control policies for Cloud Platform resources.
25
25
  #
26
26
  #
27
- # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
28
- # `members` to a `role`, where the members can be user accounts, Google groups,
29
- # Google domains, and service accounts. A `role` is a named list of permissions
30
- # defined by IAM.
27
+ # A `Policy` is a collection of `bindings`. A `binding` binds one or more
28
+ # `members` to a single `role`. Members can be user accounts, service accounts,
29
+ # Google groups, and domains (such as G Suite). A `role` is a named list of
30
+ # permissions (defined by IAM or configured by users). A `binding` can
31
+ # optionally specify a `condition`, which is a logic expression that further
32
+ # constrains the role binding based on attributes about the request and/or
33
+ # target resource.
31
34
  #
32
- # **Example**
35
+ # **JSON Example**
33
36
  #
34
37
  # {
35
38
  # "bindings": [
36
39
  # {
37
- # "role": "roles/owner",
40
+ # "role": "roles/resourcemanager.organizationAdmin",
38
41
  # "members": [
39
42
  # "user:mike@example.com",
40
43
  # "group:admins@example.com",
41
44
  # "domain:google.com",
42
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
45
+ # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
43
46
  # ]
44
47
  # },
45
48
  # {
46
- # "role": "roles/viewer",
47
- # "members": ["user:sean@example.com"]
49
+ # "role": "roles/resourcemanager.organizationViewer",
50
+ # "members": ["user:eve@example.com"],
51
+ # "condition": {
52
+ # "title": "expirable access",
53
+ # "description": "Does not grant access after Sep 2020",
54
+ # "expression": "request.time <
55
+ # timestamp('2020-10-01T00:00:00.000Z')",
56
+ # }
48
57
  # }
49
58
  # ]
50
59
  # }
51
60
  #
61
+ # **YAML Example**
62
+ #
63
+ # bindings:
64
+ # - members:
65
+ # - user:mike@example.com
66
+ # - group:admins@example.com
67
+ # - domain:google.com
68
+ # - serviceAccount:my-project-id@appspot.gserviceaccount.com
69
+ # role: roles/resourcemanager.organizationAdmin
70
+ # - members:
71
+ # - user:eve@example.com
72
+ # role: roles/resourcemanager.organizationViewer
73
+ # condition:
74
+ # title: expirable access
75
+ # description: Does not grant access after Sep 2020
76
+ # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
77
+ #
52
78
  # For a description of IAM and its features, see the
53
- # [IAM developer's guide](https://cloud.google.com/iam).
79
+ # [IAM developer's guide](https://cloud.google.com/iam/docs).
54
80
  # @!attribute [rw] version
55
- # @return [Integer]
56
- # Version of the `Policy`. The default version is 0.
81
+ # @return [::Integer]
82
+ # Specifies the format of the policy.
83
+ #
84
+ # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
85
+ # rejected.
86
+ #
87
+ # Operations affecting conditional bindings must specify version 3. This can
88
+ # be either setting a conditional policy, modifying a conditional binding,
89
+ # or removing a binding (conditional or unconditional) from the stored
90
+ # conditional policy.
91
+ # Operations on non-conditional policies may specify any valid value or
92
+ # leave the field unset.
93
+ #
94
+ # If no etag is provided in the call to `setIamPolicy`, version compliance
95
+ # checks against the stored policy is skipped.
57
96
  # @!attribute [rw] bindings
58
- # @return [Array<Google::Iam::V1::Binding>]
59
- # Associates a list of `members` to a `role`.
60
- # Multiple `bindings` must not be specified for the same `role`.
97
+ # @return [::Array<::Google::Iam::V1::Binding>]
98
+ # Associates a list of `members` to a `role`. Optionally may specify a
99
+ # `condition` that determines when binding is in effect.
61
100
  # `bindings` with no members will result in an error.
62
101
  # @!attribute [rw] etag
63
- # @return [String]
102
+ # @return [::String]
64
103
  # `etag` is used for optimistic concurrency control as a way to help
65
104
  # prevent simultaneous updates of a policy from overwriting each other.
66
105
  # It is strongly suggested that systems make use of the `etag` in the
@@ -70,20 +109,21 @@ module Google
70
109
  # ensure that their change will be applied to the same version of the policy.
71
110
  #
72
111
  # If no `etag` is provided in the call to `setIamPolicy`, then the existing
73
- # policy is overwritten blindly.
112
+ # policy is overwritten. Due to blind-set semantics of an etag-less policy,
113
+ # 'setIamPolicy' will not fail even if the incoming policy version does not
114
+ # meet the requirements for modifying the stored policy.
74
115
  class Policy
75
- include Google::Protobuf::MessageExts
76
- extend Google::Protobuf::MessageExts::ClassMethods
116
+ include ::Google::Protobuf::MessageExts
117
+ extend ::Google::Protobuf::MessageExts::ClassMethods
77
118
  end
78
119
 
79
120
  # Associates `members` with a `role`.
80
121
  # @!attribute [rw] role
81
- # @return [String]
122
+ # @return [::String]
82
123
  # Role that is assigned to `members`.
83
124
  # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
84
- # Required
85
125
  # @!attribute [rw] members
86
- # @return [Array<String>]
126
+ # @return [::Array<::String>]
87
127
  # Specifies the identities requesting access for a Cloud Platform resource.
88
128
  # `members` can have the following values:
89
129
  #
@@ -94,7 +134,7 @@ module Google
94
134
  # who is authenticated with a Google account or a service account.
95
135
  #
96
136
  # * `user:{emailid}`: An email address that represents a specific Google
97
- # account. For example, `alice@gmail.com` or `joe@example.com`.
137
+ # account. For example, `alice@example.com` .
98
138
  #
99
139
  #
100
140
  # * `serviceAccount:{emailid}`: An email address that represents a service
@@ -103,41 +143,54 @@ module Google
103
143
  # * `group:{emailid}`: An email address that represents a Google group.
104
144
  # For example, `admins@example.com`.
105
145
  #
106
- # * `domain:{domain}`: A Google Apps domain name that represents all the
146
+ #
147
+ # * `domain:{domain}`: The G Suite domain (primary) that represents all the
107
148
  # users of that domain. For example, `google.com` or `example.com`.
149
+ # @!attribute [rw] condition
150
+ # @return [::Google::Type::Expr]
151
+ # The condition that is associated with this binding.
152
+ # NOTE: An unsatisfied condition will not allow user access via current
153
+ # binding. Different bindings, including their conditions, are examined
154
+ # independently.
108
155
  class Binding
109
- include Google::Protobuf::MessageExts
110
- extend Google::Protobuf::MessageExts::ClassMethods
156
+ include ::Google::Protobuf::MessageExts
157
+ extend ::Google::Protobuf::MessageExts::ClassMethods
111
158
  end
112
159
 
113
160
  # The difference delta between two policies.
114
161
  # @!attribute [rw] binding_deltas
115
- # @return [Array<Google::Iam::V1::BindingDelta>]
162
+ # @return [::Array<::Google::Iam::V1::BindingDelta>]
116
163
  # The delta for Bindings between two policies.
164
+ # @!attribute [rw] audit_config_deltas
165
+ # @return [::Array<::Google::Iam::V1::AuditConfigDelta>]
166
+ # The delta for AuditConfigs between two policies.
117
167
  class PolicyDelta
118
- include Google::Protobuf::MessageExts
119
- extend Google::Protobuf::MessageExts::ClassMethods
168
+ include ::Google::Protobuf::MessageExts
169
+ extend ::Google::Protobuf::MessageExts::ClassMethods
120
170
  end
121
171
 
122
172
  # One delta entry for Binding. Each individual change (only one member in each
123
173
  # entry) to a binding will be a separate entry.
124
174
  # @!attribute [rw] action
125
- # @return [Google::Iam::V1::BindingDelta::Action]
175
+ # @return [::Google::Iam::V1::BindingDelta::Action]
126
176
  # The action that was performed on a Binding.
127
177
  # Required
128
178
  # @!attribute [rw] role
129
- # @return [String]
179
+ # @return [::String]
130
180
  # Role that is assigned to `members`.
131
181
  # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
132
182
  # Required
133
183
  # @!attribute [rw] member
134
- # @return [String]
184
+ # @return [::String]
135
185
  # A single identity requesting access for a Cloud Platform resource.
136
186
  # Follows the same format of Binding.members.
137
187
  # Required
188
+ # @!attribute [rw] condition
189
+ # @return [::Google::Type::Expr]
190
+ # The condition that is associated with this binding.
138
191
  class BindingDelta
139
- include Google::Protobuf::MessageExts
140
- extend Google::Protobuf::MessageExts::ClassMethods
192
+ include ::Google::Protobuf::MessageExts
193
+ extend ::Google::Protobuf::MessageExts::ClassMethods
141
194
 
142
195
  # The type of action performed on a Binding in a policy.
143
196
  module Action
@@ -151,6 +204,45 @@ module Google
151
204
  REMOVE = 2
152
205
  end
153
206
  end
207
+
208
+ # One delta entry for AuditConfig. Each individual change (only one
209
+ # exempted_member in each entry) to a AuditConfig will be a separate entry.
210
+ # @!attribute [rw] action
211
+ # @return [::Google::Iam::V1::AuditConfigDelta::Action]
212
+ # The action that was performed on an audit configuration in a policy.
213
+ # Required
214
+ # @!attribute [rw] service
215
+ # @return [::String]
216
+ # Specifies a service that was configured for Cloud Audit Logging.
217
+ # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
218
+ # `allServices` is a special value that covers all services.
219
+ # Required
220
+ # @!attribute [rw] exempted_member
221
+ # @return [::String]
222
+ # A single identity that is exempted from "data access" audit
223
+ # logging for the `service` specified above.
224
+ # Follows the same format of Binding.members.
225
+ # @!attribute [rw] log_type
226
+ # @return [::String]
227
+ # Specifies the log_type that was be enabled. ADMIN_ACTIVITY is always
228
+ # enabled, and cannot be configured.
229
+ # Required
230
+ class AuditConfigDelta
231
+ include ::Google::Protobuf::MessageExts
232
+ extend ::Google::Protobuf::MessageExts::ClassMethods
233
+
234
+ # The type of action performed on an audit configuration in a policy.
235
+ module Action
236
+ # Unspecified.
237
+ ACTION_UNSPECIFIED = 0
238
+
239
+ # Addition of an audit configuration.
240
+ ADD = 1
241
+
242
+ # Removal of an audit configuration.
243
+ REMOVE = 2
244
+ end
245
+ end
154
246
  end
155
247
  end
156
248
  end
@@ -29,8 +29,8 @@ module Google
29
29
  #
30
30
  # The JSON representation for `Empty` is empty JSON object `{}`.
31
31
  class Empty
32
- include Google::Protobuf::MessageExts
33
- extend Google::Protobuf::MessageExts::ClassMethods
32
+ include ::Google::Protobuf::MessageExts
33
+ extend ::Google::Protobuf::MessageExts::ClassMethods
34
34
  end
35
35
  end
36
36
  end
@@ -219,11 +219,11 @@ module Google
219
219
  # request should verify the included field paths, and return an
220
220
  # `INVALID_ARGUMENT` error if any path is unmappable.
221
221
  # @!attribute [rw] paths
222
- # @return [Array<String>]
222
+ # @return [::Array<::String>]
223
223
  # The set of field mask paths.
224
224
  class FieldMask
225
- include Google::Protobuf::MessageExts
226
- extend Google::Protobuf::MessageExts::ClassMethods
225
+ include ::Google::Protobuf::MessageExts
226
+ extend ::Google::Protobuf::MessageExts::ClassMethods
227
227
  end
228
228
  end
229
229
  end
@@ -102,19 +102,19 @@ module Google
102
102
  # http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime%2D%2D
103
103
  # ) to obtain a formatter capable of generating timestamps in this format.
104
104
  # @!attribute [rw] seconds
105
- # @return [Integer]
105
+ # @return [::Integer]
106
106
  # Represents seconds of UTC time since Unix epoch
107
107
  # 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
108
108
  # 9999-12-31T23:59:59Z inclusive.
109
109
  # @!attribute [rw] nanos
110
- # @return [Integer]
110
+ # @return [::Integer]
111
111
  # Non-negative fractions of a second at nanosecond resolution. Negative
112
112
  # second values with fractions must still have non-negative nanos values
113
113
  # that count forward in time. Must be from 0 to 999,999,999
114
114
  # inclusive.
115
115
  class Timestamp
116
- include Google::Protobuf::MessageExts
117
- extend Google::Protobuf::MessageExts::ClassMethods
116
+ include ::Google::Protobuf::MessageExts
117
+ extend ::Google::Protobuf::MessageExts::ClassMethods
118
118
  end
119
119
  end
120
120
  end
@@ -0,0 +1,52 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2020 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Type
22
+ # Represents an expression text. Example:
23
+ #
24
+ # title: "User account presence"
25
+ # description: "Determines whether the request has a user account"
26
+ # expression: "size(request.user) > 0"
27
+ # @!attribute [rw] expression
28
+ # @return [::String]
29
+ # Textual representation of an expression in
30
+ # Common Expression Language syntax.
31
+ #
32
+ # The application context of the containing message determines which
33
+ # well-known feature set of CEL is supported.
34
+ # @!attribute [rw] title
35
+ # @return [::String]
36
+ # An optional title for the expression, i.e. a short string describing
37
+ # its purpose. This can be used e.g. in UIs which allow to enter the
38
+ # expression.
39
+ # @!attribute [rw] description
40
+ # @return [::String]
41
+ # An optional description of the expression. This is a longer text which
42
+ # describes the expression, e.g. when hovered over it in a UI.
43
+ # @!attribute [rw] location
44
+ # @return [::String]
45
+ # An optional string indicating the location of the expression for error
46
+ # reporting, e.g. a file name and a position in the file.
47
+ class Expr
48
+ include ::Google::Protobuf::MessageExts
49
+ extend ::Google::Protobuf::MessageExts::ClassMethods
50
+ end
51
+ end
52
+ end