google-cloud-secret_manager-v1beta1 0.8.3 → 0.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.yardopts +1 -1
- data/AUTHENTICATION.md +7 -25
- data/README.md +1 -1
- data/lib/google/cloud/secret_manager/v1beta1/secret_manager_service/client.rb +320 -47
- data/lib/google/cloud/secret_manager/v1beta1/version.rb +1 -1
- data/lib/google/cloud/secret_manager/v1beta1.rb +2 -0
- data/lib/google/cloud/secrets/v1beta1/resources_pb.rb +2 -2
- data/lib/google/cloud/secrets/v1beta1/service_pb.rb +2 -2
- data/lib/google/cloud/secrets/v1beta1/service_services_pb.rb +1 -1
- data/proto_docs/google/api/resource.rb +10 -71
- data/proto_docs/google/iam/v1/iam_policy.rb +8 -1
- data/proto_docs/google/iam/v1/options.rb +14 -4
- data/proto_docs/google/iam/v1/policy.rb +208 -38
- metadata +7 -13
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 994c085c12bd30d21396b2157a063aea8983a84efc9d1b9ea35bad84db03970d
|
4
|
+
data.tar.gz: 19d456378197d5e5b60a4d6ab45702dd58426577be86e985f5c20926b8ada4b4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0b22e33909e47ac5c6cccc3a92a0b21779c583f4dd3bc17154dc74c127921fc458213f5ee0b3120a65ecc949a7845c8730c6481052c105ab61f0484204a12e72
|
7
|
+
data.tar.gz: 4f0606acb7c1e128d54c3d50eaa8e780d9f81805e1aedee3a445bfb30e2ae1f957c7bee119801799854ef8f7d7e87ad7f8b18c151e424de2ecc3c8822e2fb800
|
data/.yardopts
CHANGED
data/AUTHENTICATION.md
CHANGED
@@ -120,15 +120,6 @@ To configure your system for this, simply:
|
|
120
120
|
**NOTE:** This is _not_ recommended for running in production. The Cloud SDK
|
121
121
|
*should* only be used during development.
|
122
122
|
|
123
|
-
[gce-how-to]: https://cloud.google.com/compute/docs/authentication#using
|
124
|
-
[dev-console]: https://console.cloud.google.com/project
|
125
|
-
|
126
|
-
[enable-apis]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/enable-apis.png
|
127
|
-
|
128
|
-
[create-new-service-account]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/create-new-service-account.png
|
129
|
-
[create-new-service-account-existing-keys]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/create-new-service-account-existing-keys.png
|
130
|
-
[reuse-service-account]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/reuse-service-account.png
|
131
|
-
|
132
123
|
## Creating a Service Account
|
133
124
|
|
134
125
|
Google Cloud requires **Service Account Credentials** to
|
@@ -139,31 +130,22 @@ If you are not running this client within
|
|
139
130
|
[Google Cloud Platform environments](#google-cloud-platform-environments), you
|
140
131
|
need a Google Developers service account.
|
141
132
|
|
142
|
-
1. Visit the [Google
|
133
|
+
1. Visit the [Google Cloud Console](https://console.cloud.google.com/project).
|
143
134
|
2. Create a new project or click on an existing project.
|
144
|
-
3. Activate the
|
135
|
+
3. Activate the menu in the upper left and select **APIs & Services**. From
|
145
136
|
here, you will enable the APIs that your application requires.
|
146
137
|
|
147
|
-
![Enable the APIs that your application requires][enable-apis]
|
148
|
-
|
149
138
|
*Note: You may need to enable billing in order to use these services.*
|
150
139
|
|
151
140
|
4. Select **Credentials** from the side navigation.
|
152
141
|
|
153
|
-
|
154
|
-
|
155
|
-
![Create a new service account][create-new-service-account]
|
156
|
-
|
157
|
-
![Create a new service account With Existing Keys][create-new-service-account-existing-keys]
|
158
|
-
|
159
|
-
Find the "Add credentials" drop down and select "Service account" to be
|
160
|
-
guided through downloading a new JSON key file.
|
142
|
+
Find the "Create credentials" drop down near the top of the page, and select
|
143
|
+
"Service account" to be guided through downloading a new JSON key file.
|
161
144
|
|
162
145
|
If you want to re-use an existing service account, you can easily generate a
|
163
|
-
new key file. Just select the account you wish to re-use,
|
164
|
-
|
165
|
-
|
166
|
-
![Re-use an existing service account][reuse-service-account]
|
146
|
+
new key file. Just select the account you wish to re-use, click the pencil
|
147
|
+
tool on the right side to edit the service account, select the **Keys** tab,
|
148
|
+
and then select **Add Key**.
|
167
149
|
|
168
150
|
The key file you download will be used by this library to authenticate API
|
169
151
|
requests and should be stored in a secure location.
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ request = ::Google::Cloud::SecretManager::V1beta1::ListSecretsRequest.new # (req
|
|
37
37
|
response = client.list_secrets request
|
38
38
|
```
|
39
39
|
|
40
|
-
View the [Client Library Documentation](https://
|
40
|
+
View the [Client Library Documentation](https://cloud.google.com/ruby/docs/reference/google-cloud-secret_manager-v1beta1/latest)
|
41
41
|
for class and method documentation.
|
42
42
|
|
43
43
|
See also the [Product Documentation](https://cloud.google.com/secret-manager)
|
@@ -220,6 +220,27 @@ module Google
|
|
220
220
|
#
|
221
221
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
222
222
|
#
|
223
|
+
# @example Basic example
|
224
|
+
# require "google/cloud/secret_manager/v1beta1"
|
225
|
+
#
|
226
|
+
# # Create a client object. The client can be reused for multiple calls.
|
227
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
228
|
+
#
|
229
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
230
|
+
# request = Google::Cloud::SecretManager::V1beta1::ListSecretsRequest.new
|
231
|
+
#
|
232
|
+
# # Call the list_secrets method.
|
233
|
+
# result = client.list_secrets request
|
234
|
+
#
|
235
|
+
# # The returned object is of type Gapic::PagedEnumerable. You can
|
236
|
+
# # iterate over all elements by calling #each, and the enumerable
|
237
|
+
# # will lazily make API calls to fetch subsequent pages. Other
|
238
|
+
# # methods are also available for managing paging directly.
|
239
|
+
# result.each do |response|
|
240
|
+
# # Each element is of type ::Google::Cloud::SecretManager::V1beta1::Secret.
|
241
|
+
# p response
|
242
|
+
# end
|
243
|
+
#
|
223
244
|
def list_secrets request, options = nil
|
224
245
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
225
246
|
|
@@ -237,9 +258,11 @@ module Google
|
|
237
258
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
238
259
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
239
260
|
|
240
|
-
header_params = {
|
241
|
-
|
242
|
-
|
261
|
+
header_params = {}
|
262
|
+
if request.parent
|
263
|
+
header_params["parent"] = request.parent
|
264
|
+
end
|
265
|
+
|
243
266
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
244
267
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
245
268
|
|
@@ -298,6 +321,21 @@ module Google
|
|
298
321
|
#
|
299
322
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
300
323
|
#
|
324
|
+
# @example Basic example
|
325
|
+
# require "google/cloud/secret_manager/v1beta1"
|
326
|
+
#
|
327
|
+
# # Create a client object. The client can be reused for multiple calls.
|
328
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
329
|
+
#
|
330
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
331
|
+
# request = Google::Cloud::SecretManager::V1beta1::CreateSecretRequest.new
|
332
|
+
#
|
333
|
+
# # Call the create_secret method.
|
334
|
+
# result = client.create_secret request
|
335
|
+
#
|
336
|
+
# # The returned object is of type Google::Cloud::SecretManager::V1beta1::Secret.
|
337
|
+
# p result
|
338
|
+
#
|
301
339
|
def create_secret request, options = nil
|
302
340
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
303
341
|
|
@@ -315,9 +353,11 @@ module Google
|
|
315
353
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
316
354
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
317
355
|
|
318
|
-
header_params = {
|
319
|
-
|
320
|
-
|
356
|
+
header_params = {}
|
357
|
+
if request.parent
|
358
|
+
header_params["parent"] = request.parent
|
359
|
+
end
|
360
|
+
|
321
361
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
322
362
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
323
363
|
|
@@ -370,6 +410,21 @@ module Google
|
|
370
410
|
#
|
371
411
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
372
412
|
#
|
413
|
+
# @example Basic example
|
414
|
+
# require "google/cloud/secret_manager/v1beta1"
|
415
|
+
#
|
416
|
+
# # Create a client object. The client can be reused for multiple calls.
|
417
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
418
|
+
#
|
419
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
420
|
+
# request = Google::Cloud::SecretManager::V1beta1::AddSecretVersionRequest.new
|
421
|
+
#
|
422
|
+
# # Call the add_secret_version method.
|
423
|
+
# result = client.add_secret_version request
|
424
|
+
#
|
425
|
+
# # The returned object is of type Google::Cloud::SecretManager::V1beta1::SecretVersion.
|
426
|
+
# p result
|
427
|
+
#
|
373
428
|
def add_secret_version request, options = nil
|
374
429
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
375
430
|
|
@@ -387,9 +442,11 @@ module Google
|
|
387
442
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
388
443
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
389
444
|
|
390
|
-
header_params = {
|
391
|
-
|
392
|
-
|
445
|
+
header_params = {}
|
446
|
+
if request.parent
|
447
|
+
header_params["parent"] = request.parent
|
448
|
+
end
|
449
|
+
|
393
450
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
394
451
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
395
452
|
|
@@ -438,6 +495,21 @@ module Google
|
|
438
495
|
#
|
439
496
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
440
497
|
#
|
498
|
+
# @example Basic example
|
499
|
+
# require "google/cloud/secret_manager/v1beta1"
|
500
|
+
#
|
501
|
+
# # Create a client object. The client can be reused for multiple calls.
|
502
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
503
|
+
#
|
504
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
505
|
+
# request = Google::Cloud::SecretManager::V1beta1::GetSecretRequest.new
|
506
|
+
#
|
507
|
+
# # Call the get_secret method.
|
508
|
+
# result = client.get_secret request
|
509
|
+
#
|
510
|
+
# # The returned object is of type Google::Cloud::SecretManager::V1beta1::Secret.
|
511
|
+
# p result
|
512
|
+
#
|
441
513
|
def get_secret request, options = nil
|
442
514
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
443
515
|
|
@@ -455,9 +527,11 @@ module Google
|
|
455
527
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
456
528
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
457
529
|
|
458
|
-
header_params = {
|
459
|
-
|
460
|
-
|
530
|
+
header_params = {}
|
531
|
+
if request.name
|
532
|
+
header_params["name"] = request.name
|
533
|
+
end
|
534
|
+
|
461
535
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
462
536
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
463
537
|
|
@@ -508,6 +582,21 @@ module Google
|
|
508
582
|
#
|
509
583
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
510
584
|
#
|
585
|
+
# @example Basic example
|
586
|
+
# require "google/cloud/secret_manager/v1beta1"
|
587
|
+
#
|
588
|
+
# # Create a client object. The client can be reused for multiple calls.
|
589
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
590
|
+
#
|
591
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
592
|
+
# request = Google::Cloud::SecretManager::V1beta1::UpdateSecretRequest.new
|
593
|
+
#
|
594
|
+
# # Call the update_secret method.
|
595
|
+
# result = client.update_secret request
|
596
|
+
#
|
597
|
+
# # The returned object is of type Google::Cloud::SecretManager::V1beta1::Secret.
|
598
|
+
# p result
|
599
|
+
#
|
511
600
|
def update_secret request, options = nil
|
512
601
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
513
602
|
|
@@ -525,9 +614,11 @@ module Google
|
|
525
614
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
526
615
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
527
616
|
|
528
|
-
header_params = {
|
529
|
-
|
530
|
-
|
617
|
+
header_params = {}
|
618
|
+
if request.secret&.name
|
619
|
+
header_params["secret.name"] = request.secret.name
|
620
|
+
end
|
621
|
+
|
531
622
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
532
623
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
533
624
|
|
@@ -577,6 +668,21 @@ module Google
|
|
577
668
|
#
|
578
669
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
579
670
|
#
|
671
|
+
# @example Basic example
|
672
|
+
# require "google/cloud/secret_manager/v1beta1"
|
673
|
+
#
|
674
|
+
# # Create a client object. The client can be reused for multiple calls.
|
675
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
676
|
+
#
|
677
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
678
|
+
# request = Google::Cloud::SecretManager::V1beta1::DeleteSecretRequest.new
|
679
|
+
#
|
680
|
+
# # Call the delete_secret method.
|
681
|
+
# result = client.delete_secret request
|
682
|
+
#
|
683
|
+
# # The returned object is of type Google::Protobuf::Empty.
|
684
|
+
# p result
|
685
|
+
#
|
580
686
|
def delete_secret request, options = nil
|
581
687
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
582
688
|
|
@@ -594,9 +700,11 @@ module Google
|
|
594
700
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
595
701
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
596
702
|
|
597
|
-
header_params = {
|
598
|
-
|
599
|
-
|
703
|
+
header_params = {}
|
704
|
+
if request.name
|
705
|
+
header_params["name"] = request.name
|
706
|
+
end
|
707
|
+
|
600
708
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
601
709
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
602
710
|
|
@@ -655,6 +763,27 @@ module Google
|
|
655
763
|
#
|
656
764
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
657
765
|
#
|
766
|
+
# @example Basic example
|
767
|
+
# require "google/cloud/secret_manager/v1beta1"
|
768
|
+
#
|
769
|
+
# # Create a client object. The client can be reused for multiple calls.
|
770
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
771
|
+
#
|
772
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
773
|
+
# request = Google::Cloud::SecretManager::V1beta1::ListSecretVersionsRequest.new
|
774
|
+
#
|
775
|
+
# # Call the list_secret_versions method.
|
776
|
+
# result = client.list_secret_versions request
|
777
|
+
#
|
778
|
+
# # The returned object is of type Gapic::PagedEnumerable. You can
|
779
|
+
# # iterate over all elements by calling #each, and the enumerable
|
780
|
+
# # will lazily make API calls to fetch subsequent pages. Other
|
781
|
+
# # methods are also available for managing paging directly.
|
782
|
+
# result.each do |response|
|
783
|
+
# # Each element is of type ::Google::Cloud::SecretManager::V1beta1::SecretVersion.
|
784
|
+
# p response
|
785
|
+
# end
|
786
|
+
#
|
658
787
|
def list_secret_versions request, options = nil
|
659
788
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
660
789
|
|
@@ -672,9 +801,11 @@ module Google
|
|
672
801
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
673
802
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
674
803
|
|
675
|
-
header_params = {
|
676
|
-
|
677
|
-
|
804
|
+
header_params = {}
|
805
|
+
if request.parent
|
806
|
+
header_params["parent"] = request.parent
|
807
|
+
end
|
808
|
+
|
678
809
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
679
810
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
680
811
|
|
@@ -730,6 +861,21 @@ module Google
|
|
730
861
|
#
|
731
862
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
732
863
|
#
|
864
|
+
# @example Basic example
|
865
|
+
# require "google/cloud/secret_manager/v1beta1"
|
866
|
+
#
|
867
|
+
# # Create a client object. The client can be reused for multiple calls.
|
868
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
869
|
+
#
|
870
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
871
|
+
# request = Google::Cloud::SecretManager::V1beta1::GetSecretVersionRequest.new
|
872
|
+
#
|
873
|
+
# # Call the get_secret_version method.
|
874
|
+
# result = client.get_secret_version request
|
875
|
+
#
|
876
|
+
# # The returned object is of type Google::Cloud::SecretManager::V1beta1::SecretVersion.
|
877
|
+
# p result
|
878
|
+
#
|
733
879
|
def get_secret_version request, options = nil
|
734
880
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
735
881
|
|
@@ -747,9 +893,11 @@ module Google
|
|
747
893
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
748
894
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
749
895
|
|
750
|
-
header_params = {
|
751
|
-
|
752
|
-
|
896
|
+
header_params = {}
|
897
|
+
if request.name
|
898
|
+
header_params["name"] = request.name
|
899
|
+
end
|
900
|
+
|
753
901
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
754
902
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
755
903
|
|
@@ -802,6 +950,21 @@ module Google
|
|
802
950
|
#
|
803
951
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
804
952
|
#
|
953
|
+
# @example Basic example
|
954
|
+
# require "google/cloud/secret_manager/v1beta1"
|
955
|
+
#
|
956
|
+
# # Create a client object. The client can be reused for multiple calls.
|
957
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
958
|
+
#
|
959
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
960
|
+
# request = Google::Cloud::SecretManager::V1beta1::AccessSecretVersionRequest.new
|
961
|
+
#
|
962
|
+
# # Call the access_secret_version method.
|
963
|
+
# result = client.access_secret_version request
|
964
|
+
#
|
965
|
+
# # The returned object is of type Google::Cloud::SecretManager::V1beta1::AccessSecretVersionResponse.
|
966
|
+
# p result
|
967
|
+
#
|
805
968
|
def access_secret_version request, options = nil
|
806
969
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
807
970
|
|
@@ -819,9 +982,11 @@ module Google
|
|
819
982
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
820
983
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
821
984
|
|
822
|
-
header_params = {
|
823
|
-
|
824
|
-
|
985
|
+
header_params = {}
|
986
|
+
if request.name
|
987
|
+
header_params["name"] = request.name
|
988
|
+
end
|
989
|
+
|
825
990
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
826
991
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
827
992
|
|
@@ -874,6 +1039,21 @@ module Google
|
|
874
1039
|
#
|
875
1040
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
876
1041
|
#
|
1042
|
+
# @example Basic example
|
1043
|
+
# require "google/cloud/secret_manager/v1beta1"
|
1044
|
+
#
|
1045
|
+
# # Create a client object. The client can be reused for multiple calls.
|
1046
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
1047
|
+
#
|
1048
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
1049
|
+
# request = Google::Cloud::SecretManager::V1beta1::DisableSecretVersionRequest.new
|
1050
|
+
#
|
1051
|
+
# # Call the disable_secret_version method.
|
1052
|
+
# result = client.disable_secret_version request
|
1053
|
+
#
|
1054
|
+
# # The returned object is of type Google::Cloud::SecretManager::V1beta1::SecretVersion.
|
1055
|
+
# p result
|
1056
|
+
#
|
877
1057
|
def disable_secret_version request, options = nil
|
878
1058
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
879
1059
|
|
@@ -891,9 +1071,11 @@ module Google
|
|
891
1071
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
892
1072
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
893
1073
|
|
894
|
-
header_params = {
|
895
|
-
|
896
|
-
|
1074
|
+
header_params = {}
|
1075
|
+
if request.name
|
1076
|
+
header_params["name"] = request.name
|
1077
|
+
end
|
1078
|
+
|
897
1079
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
898
1080
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
899
1081
|
|
@@ -946,6 +1128,21 @@ module Google
|
|
946
1128
|
#
|
947
1129
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
948
1130
|
#
|
1131
|
+
# @example Basic example
|
1132
|
+
# require "google/cloud/secret_manager/v1beta1"
|
1133
|
+
#
|
1134
|
+
# # Create a client object. The client can be reused for multiple calls.
|
1135
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
1136
|
+
#
|
1137
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
1138
|
+
# request = Google::Cloud::SecretManager::V1beta1::EnableSecretVersionRequest.new
|
1139
|
+
#
|
1140
|
+
# # Call the enable_secret_version method.
|
1141
|
+
# result = client.enable_secret_version request
|
1142
|
+
#
|
1143
|
+
# # The returned object is of type Google::Cloud::SecretManager::V1beta1::SecretVersion.
|
1144
|
+
# p result
|
1145
|
+
#
|
949
1146
|
def enable_secret_version request, options = nil
|
950
1147
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
951
1148
|
|
@@ -963,9 +1160,11 @@ module Google
|
|
963
1160
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
964
1161
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
965
1162
|
|
966
|
-
header_params = {
|
967
|
-
|
968
|
-
|
1163
|
+
header_params = {}
|
1164
|
+
if request.name
|
1165
|
+
header_params["name"] = request.name
|
1166
|
+
end
|
1167
|
+
|
969
1168
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
970
1169
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
971
1170
|
|
@@ -1019,6 +1218,21 @@ module Google
|
|
1019
1218
|
#
|
1020
1219
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
1021
1220
|
#
|
1221
|
+
# @example Basic example
|
1222
|
+
# require "google/cloud/secret_manager/v1beta1"
|
1223
|
+
#
|
1224
|
+
# # Create a client object. The client can be reused for multiple calls.
|
1225
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
1226
|
+
#
|
1227
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
1228
|
+
# request = Google::Cloud::SecretManager::V1beta1::DestroySecretVersionRequest.new
|
1229
|
+
#
|
1230
|
+
# # Call the destroy_secret_version method.
|
1231
|
+
# result = client.destroy_secret_version request
|
1232
|
+
#
|
1233
|
+
# # The returned object is of type Google::Cloud::SecretManager::V1beta1::SecretVersion.
|
1234
|
+
# p result
|
1235
|
+
#
|
1022
1236
|
def destroy_secret_version request, options = nil
|
1023
1237
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
1024
1238
|
|
@@ -1036,9 +1250,11 @@ module Google
|
|
1036
1250
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
1037
1251
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
1038
1252
|
|
1039
|
-
header_params = {
|
1040
|
-
|
1041
|
-
|
1253
|
+
header_params = {}
|
1254
|
+
if request.name
|
1255
|
+
header_params["name"] = request.name
|
1256
|
+
end
|
1257
|
+
|
1042
1258
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
1043
1259
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
1044
1260
|
|
@@ -1075,7 +1291,7 @@ module Google
|
|
1075
1291
|
# @param options [::Gapic::CallOptions, ::Hash]
|
1076
1292
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1077
1293
|
#
|
1078
|
-
# @overload set_iam_policy(resource: nil, policy: nil)
|
1294
|
+
# @overload set_iam_policy(resource: nil, policy: nil, update_mask: nil)
|
1079
1295
|
# Pass arguments to `set_iam_policy` via keyword arguments. Note that at
|
1080
1296
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
1081
1297
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -1088,6 +1304,12 @@ module Google
|
|
1088
1304
|
# the policy is limited to a few 10s of KB. An empty policy is a
|
1089
1305
|
# valid policy but certain Cloud Platform services (such as Projects)
|
1090
1306
|
# might reject them.
|
1307
|
+
# @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
|
1308
|
+
# OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
|
1309
|
+
# the fields in the mask will be modified. If no mask is provided, the
|
1310
|
+
# following default mask is used:
|
1311
|
+
#
|
1312
|
+
# `paths: "bindings, etag"`
|
1091
1313
|
#
|
1092
1314
|
# @yield [response, operation] Access the result along with the RPC operation
|
1093
1315
|
# @yieldparam response [::Google::Iam::V1::Policy]
|
@@ -1097,6 +1319,21 @@ module Google
|
|
1097
1319
|
#
|
1098
1320
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
1099
1321
|
#
|
1322
|
+
# @example Basic example
|
1323
|
+
# require "google/cloud/secret_manager/v1beta1"
|
1324
|
+
#
|
1325
|
+
# # Create a client object. The client can be reused for multiple calls.
|
1326
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
1327
|
+
#
|
1328
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
1329
|
+
# request = Google::Iam::V1::SetIamPolicyRequest.new
|
1330
|
+
#
|
1331
|
+
# # Call the set_iam_policy method.
|
1332
|
+
# result = client.set_iam_policy request
|
1333
|
+
#
|
1334
|
+
# # The returned object is of type Google::Iam::V1::Policy.
|
1335
|
+
# p result
|
1336
|
+
#
|
1100
1337
|
def set_iam_policy request, options = nil
|
1101
1338
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
1102
1339
|
|
@@ -1114,9 +1351,11 @@ module Google
|
|
1114
1351
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
1115
1352
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
1116
1353
|
|
1117
|
-
header_params = {
|
1118
|
-
|
1119
|
-
|
1354
|
+
header_params = {}
|
1355
|
+
if request.resource
|
1356
|
+
header_params["resource"] = request.resource
|
1357
|
+
end
|
1358
|
+
|
1120
1359
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
1121
1360
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
1122
1361
|
|
@@ -1160,7 +1399,7 @@ module Google
|
|
1160
1399
|
# See the operation documentation for the appropriate value for this field.
|
1161
1400
|
# @param options [::Google::Iam::V1::GetPolicyOptions, ::Hash]
|
1162
1401
|
# OPTIONAL: A `GetPolicyOptions` object for specifying options to
|
1163
|
-
# `GetIamPolicy`.
|
1402
|
+
# `GetIamPolicy`.
|
1164
1403
|
#
|
1165
1404
|
# @yield [response, operation] Access the result along with the RPC operation
|
1166
1405
|
# @yieldparam response [::Google::Iam::V1::Policy]
|
@@ -1170,6 +1409,21 @@ module Google
|
|
1170
1409
|
#
|
1171
1410
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
1172
1411
|
#
|
1412
|
+
# @example Basic example
|
1413
|
+
# require "google/cloud/secret_manager/v1beta1"
|
1414
|
+
#
|
1415
|
+
# # Create a client object. The client can be reused for multiple calls.
|
1416
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
1417
|
+
#
|
1418
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
1419
|
+
# request = Google::Iam::V1::GetIamPolicyRequest.new
|
1420
|
+
#
|
1421
|
+
# # Call the get_iam_policy method.
|
1422
|
+
# result = client.get_iam_policy request
|
1423
|
+
#
|
1424
|
+
# # The returned object is of type Google::Iam::V1::Policy.
|
1425
|
+
# p result
|
1426
|
+
#
|
1173
1427
|
def get_iam_policy request, options = nil
|
1174
1428
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
1175
1429
|
|
@@ -1187,9 +1441,11 @@ module Google
|
|
1187
1441
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
1188
1442
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
1189
1443
|
|
1190
|
-
header_params = {
|
1191
|
-
|
1192
|
-
|
1444
|
+
header_params = {}
|
1445
|
+
if request.resource
|
1446
|
+
header_params["resource"] = request.resource
|
1447
|
+
end
|
1448
|
+
|
1193
1449
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
1194
1450
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
1195
1451
|
|
@@ -1250,6 +1506,21 @@ module Google
|
|
1250
1506
|
#
|
1251
1507
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
1252
1508
|
#
|
1509
|
+
# @example Basic example
|
1510
|
+
# require "google/cloud/secret_manager/v1beta1"
|
1511
|
+
#
|
1512
|
+
# # Create a client object. The client can be reused for multiple calls.
|
1513
|
+
# client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
1514
|
+
#
|
1515
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
1516
|
+
# request = Google::Iam::V1::TestIamPermissionsRequest.new
|
1517
|
+
#
|
1518
|
+
# # Call the test_iam_permissions method.
|
1519
|
+
# result = client.test_iam_permissions request
|
1520
|
+
#
|
1521
|
+
# # The returned object is of type Google::Iam::V1::TestIamPermissionsResponse.
|
1522
|
+
# p result
|
1523
|
+
#
|
1253
1524
|
def test_iam_permissions request, options = nil
|
1254
1525
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
1255
1526
|
|
@@ -1267,9 +1538,11 @@ module Google
|
|
1267
1538
|
gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
|
1268
1539
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
1269
1540
|
|
1270
|
-
header_params = {
|
1271
|
-
|
1272
|
-
|
1541
|
+
header_params = {}
|
1542
|
+
if request.resource
|
1543
|
+
header_params["resource"] = request.resource
|
1544
|
+
end
|
1545
|
+
|
1273
1546
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
1274
1547
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
1275
1548
|
|
@@ -25,6 +25,8 @@ module Google
|
|
25
25
|
##
|
26
26
|
# To load this package, including all its services, and instantiate a client:
|
27
27
|
#
|
28
|
+
# @example
|
29
|
+
#
|
28
30
|
# require "google/cloud/secret_manager/v1beta1"
|
29
31
|
# client = ::Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
|
30
32
|
#
|
@@ -1,12 +1,12 @@
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
2
|
# source: google/cloud/secrets/v1beta1/resources.proto
|
3
3
|
|
4
|
-
require 'google/protobuf'
|
5
|
-
|
6
4
|
require 'google/api/field_behavior_pb'
|
7
5
|
require 'google/api/resource_pb'
|
8
6
|
require 'google/protobuf/timestamp_pb'
|
9
7
|
require 'google/api/annotations_pb'
|
8
|
+
require 'google/protobuf'
|
9
|
+
|
10
10
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
11
11
|
add_file("google/cloud/secrets/v1beta1/resources.proto", :syntax => :proto3) do
|
12
12
|
add_message "google.cloud.secrets.v1beta1.Secret" do
|
@@ -1,8 +1,6 @@
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
2
|
# source: google/cloud/secrets/v1beta1/service.proto
|
3
3
|
|
4
|
-
require 'google/protobuf'
|
5
|
-
|
6
4
|
require 'google/api/annotations_pb'
|
7
5
|
require 'google/api/client_pb'
|
8
6
|
require 'google/api/field_behavior_pb'
|
@@ -12,6 +10,8 @@ require 'google/iam/v1/iam_policy_pb'
|
|
12
10
|
require 'google/iam/v1/policy_pb'
|
13
11
|
require 'google/protobuf/empty_pb'
|
14
12
|
require 'google/protobuf/field_mask_pb'
|
13
|
+
require 'google/protobuf'
|
14
|
+
|
15
15
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
16
16
|
add_file("google/cloud/secrets/v1beta1/service.proto", :syntax => :proto3) do
|
17
17
|
add_message "google.cloud.secrets.v1beta1.ListSecretsRequest" do
|
@@ -33,11 +33,7 @@ module Google
|
|
33
33
|
# // For Kubernetes resources, the format is {api group}/{kind}.
|
34
34
|
# option (google.api.resource) = {
|
35
35
|
# type: "pubsub.googleapis.com/Topic"
|
36
|
-
#
|
37
|
-
# pattern: "projects/{project}/topics/{topic}"
|
38
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
39
|
-
# parent_name_extractor: "projects/{project}"
|
40
|
-
# }
|
36
|
+
# pattern: "projects/{project}/topics/{topic}"
|
41
37
|
# };
|
42
38
|
# }
|
43
39
|
#
|
@@ -45,10 +41,7 @@ module Google
|
|
45
41
|
#
|
46
42
|
# resources:
|
47
43
|
# - type: "pubsub.googleapis.com/Topic"
|
48
|
-
#
|
49
|
-
# - pattern: "projects/{project}/topics/{topic}"
|
50
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
51
|
-
# parent_name_extractor: "projects/{project}"
|
44
|
+
# pattern: "projects/{project}/topics/{topic}"
|
52
45
|
#
|
53
46
|
# Sometimes, resources have multiple patterns, typically because they can
|
54
47
|
# live under multiple parents.
|
@@ -58,26 +51,10 @@ module Google
|
|
58
51
|
# message LogEntry {
|
59
52
|
# option (google.api.resource) = {
|
60
53
|
# type: "logging.googleapis.com/LogEntry"
|
61
|
-
#
|
62
|
-
#
|
63
|
-
#
|
64
|
-
#
|
65
|
-
# }
|
66
|
-
# name_descriptor: {
|
67
|
-
# pattern: "folders/{folder}/logs/{log}"
|
68
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
69
|
-
# parent_name_extractor: "folders/{folder}"
|
70
|
-
# }
|
71
|
-
# name_descriptor: {
|
72
|
-
# pattern: "organizations/{organization}/logs/{log}"
|
73
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Organization"
|
74
|
-
# parent_name_extractor: "organizations/{organization}"
|
75
|
-
# }
|
76
|
-
# name_descriptor: {
|
77
|
-
# pattern: "billingAccounts/{billing_account}/logs/{log}"
|
78
|
-
# parent_type: "billing.googleapis.com/BillingAccount"
|
79
|
-
# parent_name_extractor: "billingAccounts/{billing_account}"
|
80
|
-
# }
|
54
|
+
# pattern: "projects/{project}/logs/{log}"
|
55
|
+
# pattern: "folders/{folder}/logs/{log}"
|
56
|
+
# pattern: "organizations/{organization}/logs/{log}"
|
57
|
+
# pattern: "billingAccounts/{billing_account}/logs/{log}"
|
81
58
|
# };
|
82
59
|
# }
|
83
60
|
#
|
@@ -85,48 +62,10 @@ module Google
|
|
85
62
|
#
|
86
63
|
# resources:
|
87
64
|
# - type: 'logging.googleapis.com/LogEntry'
|
88
|
-
#
|
89
|
-
#
|
90
|
-
#
|
91
|
-
#
|
92
|
-
# - pattern: "folders/{folder}/logs/{log}"
|
93
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
94
|
-
# parent_name_extractor: "folders/{folder}"
|
95
|
-
# - pattern: "organizations/{organization}/logs/{log}"
|
96
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Organization"
|
97
|
-
# parent_name_extractor: "organizations/{organization}"
|
98
|
-
# - pattern: "billingAccounts/{billing_account}/logs/{log}"
|
99
|
-
# parent_type: "billing.googleapis.com/BillingAccount"
|
100
|
-
# parent_name_extractor: "billingAccounts/{billing_account}"
|
101
|
-
#
|
102
|
-
# For flexible resources, the resource name doesn't contain parent names, but
|
103
|
-
# the resource itself has parents for policy evaluation.
|
104
|
-
#
|
105
|
-
# Example:
|
106
|
-
#
|
107
|
-
# message Shelf {
|
108
|
-
# option (google.api.resource) = {
|
109
|
-
# type: "library.googleapis.com/Shelf"
|
110
|
-
# name_descriptor: {
|
111
|
-
# pattern: "shelves/{shelf}"
|
112
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
113
|
-
# }
|
114
|
-
# name_descriptor: {
|
115
|
-
# pattern: "shelves/{shelf}"
|
116
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
117
|
-
# }
|
118
|
-
# };
|
119
|
-
# }
|
120
|
-
#
|
121
|
-
# The ResourceDescriptor Yaml config will look like:
|
122
|
-
#
|
123
|
-
# resources:
|
124
|
-
# - type: 'library.googleapis.com/Shelf'
|
125
|
-
# name_descriptor:
|
126
|
-
# - pattern: "shelves/{shelf}"
|
127
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
128
|
-
# - pattern: "shelves/{shelf}"
|
129
|
-
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
65
|
+
# pattern: "projects/{project}/logs/{log}"
|
66
|
+
# pattern: "folders/{folder}/logs/{log}"
|
67
|
+
# pattern: "organizations/{organization}/logs/{log}"
|
68
|
+
# pattern: "billingAccounts/{billing_account}/logs/{log}"
|
130
69
|
# @!attribute [rw] type
|
131
70
|
# @return [::String]
|
132
71
|
# The resource type. It must be in the format of
|
@@ -31,6 +31,13 @@ module Google
|
|
31
31
|
# the policy is limited to a few 10s of KB. An empty policy is a
|
32
32
|
# valid policy but certain Cloud Platform services (such as Projects)
|
33
33
|
# might reject them.
|
34
|
+
# @!attribute [rw] update_mask
|
35
|
+
# @return [::Google::Protobuf::FieldMask]
|
36
|
+
# OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
|
37
|
+
# the fields in the mask will be modified. If no mask is provided, the
|
38
|
+
# following default mask is used:
|
39
|
+
#
|
40
|
+
# `paths: "bindings, etag"`
|
34
41
|
class SetIamPolicyRequest
|
35
42
|
include ::Google::Protobuf::MessageExts
|
36
43
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -44,7 +51,7 @@ module Google
|
|
44
51
|
# @!attribute [rw] options
|
45
52
|
# @return [::Google::Iam::V1::GetPolicyOptions]
|
46
53
|
# OPTIONAL: A `GetPolicyOptions` object for specifying options to
|
47
|
-
# `GetIamPolicy`.
|
54
|
+
# `GetIamPolicy`.
|
48
55
|
class GetIamPolicyRequest
|
49
56
|
include ::Google::Protobuf::MessageExts
|
50
57
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -23,14 +23,24 @@ module Google
|
|
23
23
|
# Encapsulates settings provided to GetIamPolicy.
|
24
24
|
# @!attribute [rw] requested_policy_version
|
25
25
|
# @return [::Integer]
|
26
|
-
# Optional. The policy
|
26
|
+
# Optional. The maximum policy version that will be used to format the
|
27
|
+
# policy.
|
27
28
|
#
|
28
29
|
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
29
30
|
# rejected.
|
30
31
|
#
|
31
|
-
# Requests for policies with any conditional bindings must specify
|
32
|
-
# Policies
|
33
|
-
# leave the field unset.
|
32
|
+
# Requests for policies with any conditional role bindings must specify
|
33
|
+
# version 3. Policies with no conditional role bindings may specify any valid
|
34
|
+
# value or leave the field unset.
|
35
|
+
#
|
36
|
+
# The policy in the response might use the policy version that you specified,
|
37
|
+
# or it might use a lower policy version. For example, if you specify version
|
38
|
+
# 3, but the policy has no conditional role bindings, the response uses
|
39
|
+
# version 1.
|
40
|
+
#
|
41
|
+
# To learn which resources support conditions in their IAM policies, see the
|
42
|
+
# [IAM
|
43
|
+
# documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
|
34
44
|
class GetPolicyOptions
|
35
45
|
include ::Google::Protobuf::MessageExts
|
36
46
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -20,19 +20,24 @@
|
|
20
20
|
module Google
|
21
21
|
module Iam
|
22
22
|
module V1
|
23
|
-
#
|
24
|
-
#
|
23
|
+
# An Identity and Access Management (IAM) policy, which specifies access
|
24
|
+
# controls for Google Cloud resources.
|
25
25
|
#
|
26
26
|
#
|
27
27
|
# A `Policy` is a collection of `bindings`. A `binding` binds one or more
|
28
|
-
# `members
|
29
|
-
# Google groups, and domains (such as G Suite). A
|
30
|
-
#
|
31
|
-
#
|
32
|
-
# constrains the role binding based on attributes about the request and/or
|
33
|
-
# target resource.
|
28
|
+
# `members`, or principals, to a single `role`. Principals can be user
|
29
|
+
# accounts, service accounts, Google groups, and domains (such as G Suite). A
|
30
|
+
# `role` is a named list of permissions; each `role` can be an IAM predefined
|
31
|
+
# role or a user-created custom role.
|
34
32
|
#
|
35
|
-
#
|
33
|
+
# For some types of Google Cloud resources, a `binding` can also specify a
|
34
|
+
# `condition`, which is a logical expression that allows access to a resource
|
35
|
+
# only if the expression evaluates to `true`. A condition can add constraints
|
36
|
+
# based on attributes of the request, the resource, or both. To learn which
|
37
|
+
# resources support conditions in their IAM policies, see the
|
38
|
+
# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
|
39
|
+
#
|
40
|
+
# **JSON example:**
|
36
41
|
#
|
37
42
|
# {
|
38
43
|
# "bindings": [
|
@@ -47,18 +52,21 @@ module Google
|
|
47
52
|
# },
|
48
53
|
# {
|
49
54
|
# "role": "roles/resourcemanager.organizationViewer",
|
50
|
-
# "members": [
|
55
|
+
# "members": [
|
56
|
+
# "user:eve@example.com"
|
57
|
+
# ],
|
51
58
|
# "condition": {
|
52
59
|
# "title": "expirable access",
|
53
60
|
# "description": "Does not grant access after Sep 2020",
|
54
|
-
# "expression": "request.time <
|
55
|
-
# timestamp('2020-10-01T00:00:00.000Z')",
|
61
|
+
# "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')",
|
56
62
|
# }
|
57
63
|
# }
|
58
|
-
# ]
|
64
|
+
# ],
|
65
|
+
# "etag": "BwWWja0YfJA=",
|
66
|
+
# "version": 3
|
59
67
|
# }
|
60
68
|
#
|
61
|
-
# **YAML
|
69
|
+
# **YAML example:**
|
62
70
|
#
|
63
71
|
# bindings:
|
64
72
|
# - members:
|
@@ -74,30 +82,52 @@ module Google
|
|
74
82
|
# title: expirable access
|
75
83
|
# description: Does not grant access after Sep 2020
|
76
84
|
# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
|
85
|
+
# etag: BwWWja0YfJA=
|
86
|
+
# version: 3
|
77
87
|
#
|
78
88
|
# For a description of IAM and its features, see the
|
79
|
-
# [IAM
|
89
|
+
# [IAM documentation](https://cloud.google.com/iam/docs/).
|
80
90
|
# @!attribute [rw] version
|
81
91
|
# @return [::Integer]
|
82
92
|
# Specifies the format of the policy.
|
83
93
|
#
|
84
|
-
# Valid values are 0
|
85
|
-
# rejected.
|
94
|
+
# Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
|
95
|
+
# are rejected.
|
96
|
+
#
|
97
|
+
# Any operation that affects conditional role bindings must specify version
|
98
|
+
# `3`. This requirement applies to the following operations:
|
86
99
|
#
|
87
|
-
#
|
88
|
-
#
|
89
|
-
#
|
90
|
-
#
|
91
|
-
#
|
92
|
-
# leave the field unset.
|
100
|
+
# * Getting a policy that includes a conditional role binding
|
101
|
+
# * Adding a conditional role binding to a policy
|
102
|
+
# * Changing a conditional role binding in a policy
|
103
|
+
# * Removing any role binding, with or without a condition, from a policy
|
104
|
+
# that includes conditions
|
93
105
|
#
|
94
|
-
# If
|
95
|
-
#
|
106
|
+
# **Important:** If you use IAM Conditions, you must include the `etag` field
|
107
|
+
# whenever you call `setIamPolicy`. If you omit this field, then IAM allows
|
108
|
+
# you to overwrite a version `3` policy with a version `1` policy, and all of
|
109
|
+
# the conditions in the version `3` policy are lost.
|
110
|
+
#
|
111
|
+
# If a policy does not include any conditions, operations on that policy may
|
112
|
+
# specify any valid version or leave the field unset.
|
113
|
+
#
|
114
|
+
# To learn which resources support conditions in their IAM policies, see the
|
115
|
+
# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
|
96
116
|
# @!attribute [rw] bindings
|
97
117
|
# @return [::Array<::Google::Iam::V1::Binding>]
|
98
|
-
# Associates a list of `members
|
99
|
-
# `condition` that determines when
|
100
|
-
# `bindings`
|
118
|
+
# Associates a list of `members`, or principals, with a `role`. Optionally,
|
119
|
+
# may specify a `condition` that determines how and when the `bindings` are
|
120
|
+
# applied. Each of the `bindings` must contain at least one principal.
|
121
|
+
#
|
122
|
+
# The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250
|
123
|
+
# of these principals can be Google groups. Each occurrence of a principal
|
124
|
+
# counts towards these limits. For example, if the `bindings` grant 50
|
125
|
+
# different roles to `user:alice@example.com`, and not to any other
|
126
|
+
# principal, then you can add another 1,450 principals to the `bindings` in
|
127
|
+
# the `Policy`.
|
128
|
+
# @!attribute [rw] audit_configs
|
129
|
+
# @return [::Array<::Google::Iam::V1::AuditConfig>]
|
130
|
+
# Specifies cloud audit logging configuration for this policy.
|
101
131
|
# @!attribute [rw] etag
|
102
132
|
# @return [::String]
|
103
133
|
# `etag` is used for optimistic concurrency control as a way to help
|
@@ -108,23 +138,23 @@ module Google
|
|
108
138
|
# systems are expected to put that etag in the request to `setIamPolicy` to
|
109
139
|
# ensure that their change will be applied to the same version of the policy.
|
110
140
|
#
|
111
|
-
# If
|
112
|
-
#
|
113
|
-
#
|
114
|
-
#
|
141
|
+
# **Important:** If you use IAM Conditions, you must include the `etag` field
|
142
|
+
# whenever you call `setIamPolicy`. If you omit this field, then IAM allows
|
143
|
+
# you to overwrite a version `3` policy with a version `1` policy, and all of
|
144
|
+
# the conditions in the version `3` policy are lost.
|
115
145
|
class Policy
|
116
146
|
include ::Google::Protobuf::MessageExts
|
117
147
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
118
148
|
end
|
119
149
|
|
120
|
-
# Associates `members
|
150
|
+
# Associates `members`, or principals, with a `role`.
|
121
151
|
# @!attribute [rw] role
|
122
152
|
# @return [::String]
|
123
|
-
# Role that is assigned to `members
|
153
|
+
# Role that is assigned to the list of `members`, or principals.
|
124
154
|
# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
|
125
155
|
# @!attribute [rw] members
|
126
156
|
# @return [::Array<::String>]
|
127
|
-
# Specifies the
|
157
|
+
# Specifies the principals requesting access for a Cloud Platform resource.
|
128
158
|
# `members` can have the following values:
|
129
159
|
#
|
130
160
|
# * `allUsers`: A special identifier that represents anyone who is
|
@@ -143,20 +173,160 @@ module Google
|
|
143
173
|
# * `group:{emailid}`: An email address that represents a Google group.
|
144
174
|
# For example, `admins@example.com`.
|
145
175
|
#
|
176
|
+
# * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique
|
177
|
+
# identifier) representing a user that has been recently deleted. For
|
178
|
+
# example, `alice@example.com?uid=123456789012345678901`. If the user is
|
179
|
+
# recovered, this value reverts to `user:{emailid}` and the recovered user
|
180
|
+
# retains the role in the binding.
|
181
|
+
#
|
182
|
+
# * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus
|
183
|
+
# unique identifier) representing a service account that has been recently
|
184
|
+
# deleted. For example,
|
185
|
+
# `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
|
186
|
+
# If the service account is undeleted, this value reverts to
|
187
|
+
# `serviceAccount:{emailid}` and the undeleted service account retains the
|
188
|
+
# role in the binding.
|
189
|
+
#
|
190
|
+
# * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique
|
191
|
+
# identifier) representing a Google group that has been recently
|
192
|
+
# deleted. For example, `admins@example.com?uid=123456789012345678901`. If
|
193
|
+
# the group is recovered, this value reverts to `group:{emailid}` and the
|
194
|
+
# recovered group retains the role in the binding.
|
195
|
+
#
|
146
196
|
#
|
147
197
|
# * `domain:{domain}`: The G Suite domain (primary) that represents all the
|
148
198
|
# users of that domain. For example, `google.com` or `example.com`.
|
149
199
|
# @!attribute [rw] condition
|
150
200
|
# @return [::Google::Type::Expr]
|
151
201
|
# The condition that is associated with this binding.
|
152
|
-
#
|
153
|
-
#
|
154
|
-
#
|
202
|
+
#
|
203
|
+
# If the condition evaluates to `true`, then this binding applies to the
|
204
|
+
# current request.
|
205
|
+
#
|
206
|
+
# If the condition evaluates to `false`, then this binding does not apply to
|
207
|
+
# the current request. However, a different role binding might grant the same
|
208
|
+
# role to one or more of the principals in this binding.
|
209
|
+
#
|
210
|
+
# To learn which resources support conditions in their IAM policies, see the
|
211
|
+
# [IAM
|
212
|
+
# documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
|
155
213
|
class Binding
|
156
214
|
include ::Google::Protobuf::MessageExts
|
157
215
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
158
216
|
end
|
159
217
|
|
218
|
+
# Specifies the audit configuration for a service.
|
219
|
+
# The configuration determines which permission types are logged, and what
|
220
|
+
# identities, if any, are exempted from logging.
|
221
|
+
# An AuditConfig must have one or more AuditLogConfigs.
|
222
|
+
#
|
223
|
+
# If there are AuditConfigs for both `allServices` and a specific service,
|
224
|
+
# the union of the two AuditConfigs is used for that service: the log_types
|
225
|
+
# specified in each AuditConfig are enabled, and the exempted_members in each
|
226
|
+
# AuditLogConfig are exempted.
|
227
|
+
#
|
228
|
+
# Example Policy with multiple AuditConfigs:
|
229
|
+
#
|
230
|
+
# {
|
231
|
+
# "audit_configs": [
|
232
|
+
# {
|
233
|
+
# "service": "allServices",
|
234
|
+
# "audit_log_configs": [
|
235
|
+
# {
|
236
|
+
# "log_type": "DATA_READ",
|
237
|
+
# "exempted_members": [
|
238
|
+
# "user:jose@example.com"
|
239
|
+
# ]
|
240
|
+
# },
|
241
|
+
# {
|
242
|
+
# "log_type": "DATA_WRITE"
|
243
|
+
# },
|
244
|
+
# {
|
245
|
+
# "log_type": "ADMIN_READ"
|
246
|
+
# }
|
247
|
+
# ]
|
248
|
+
# },
|
249
|
+
# {
|
250
|
+
# "service": "sampleservice.googleapis.com",
|
251
|
+
# "audit_log_configs": [
|
252
|
+
# {
|
253
|
+
# "log_type": "DATA_READ"
|
254
|
+
# },
|
255
|
+
# {
|
256
|
+
# "log_type": "DATA_WRITE",
|
257
|
+
# "exempted_members": [
|
258
|
+
# "user:aliya@example.com"
|
259
|
+
# ]
|
260
|
+
# }
|
261
|
+
# ]
|
262
|
+
# }
|
263
|
+
# ]
|
264
|
+
# }
|
265
|
+
#
|
266
|
+
# For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
|
267
|
+
# logging. It also exempts jose@example.com from DATA_READ logging, and
|
268
|
+
# aliya@example.com from DATA_WRITE logging.
|
269
|
+
# @!attribute [rw] service
|
270
|
+
# @return [::String]
|
271
|
+
# Specifies a service that will be enabled for audit logging.
|
272
|
+
# For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
|
273
|
+
# `allServices` is a special value that covers all services.
|
274
|
+
# @!attribute [rw] audit_log_configs
|
275
|
+
# @return [::Array<::Google::Iam::V1::AuditLogConfig>]
|
276
|
+
# The configuration for logging of each type of permission.
|
277
|
+
class AuditConfig
|
278
|
+
include ::Google::Protobuf::MessageExts
|
279
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
280
|
+
end
|
281
|
+
|
282
|
+
# Provides the configuration for logging a type of permissions.
|
283
|
+
# Example:
|
284
|
+
#
|
285
|
+
# {
|
286
|
+
# "audit_log_configs": [
|
287
|
+
# {
|
288
|
+
# "log_type": "DATA_READ",
|
289
|
+
# "exempted_members": [
|
290
|
+
# "user:jose@example.com"
|
291
|
+
# ]
|
292
|
+
# },
|
293
|
+
# {
|
294
|
+
# "log_type": "DATA_WRITE"
|
295
|
+
# }
|
296
|
+
# ]
|
297
|
+
# }
|
298
|
+
#
|
299
|
+
# This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
|
300
|
+
# jose@example.com from DATA_READ logging.
|
301
|
+
# @!attribute [rw] log_type
|
302
|
+
# @return [::Google::Iam::V1::AuditLogConfig::LogType]
|
303
|
+
# The log type that this config enables.
|
304
|
+
# @!attribute [rw] exempted_members
|
305
|
+
# @return [::Array<::String>]
|
306
|
+
# Specifies the identities that do not cause logging for this type of
|
307
|
+
# permission.
|
308
|
+
# Follows the same format of {::Google::Iam::V1::Binding#members Binding.members}.
|
309
|
+
class AuditLogConfig
|
310
|
+
include ::Google::Protobuf::MessageExts
|
311
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
312
|
+
|
313
|
+
# The list of valid permission types for which logging can be configured.
|
314
|
+
# Admin writes are always logged, and are not configurable.
|
315
|
+
module LogType
|
316
|
+
# Default case. Should never be this.
|
317
|
+
LOG_TYPE_UNSPECIFIED = 0
|
318
|
+
|
319
|
+
# Admin reads. Example: CloudIAM getIamPolicy
|
320
|
+
ADMIN_READ = 1
|
321
|
+
|
322
|
+
# Data writes. Example: CloudSQL Users create
|
323
|
+
DATA_WRITE = 2
|
324
|
+
|
325
|
+
# Data reads. Example: CloudSQL Users list
|
326
|
+
DATA_READ = 3
|
327
|
+
end
|
328
|
+
end
|
329
|
+
|
160
330
|
# The difference delta between two policies.
|
161
331
|
# @!attribute [rw] binding_deltas
|
162
332
|
# @return [::Array<::Google::Iam::V1::BindingDelta>]
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-secret_manager-v1beta1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.9.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-04-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -48,22 +48,16 @@ dependencies:
|
|
48
48
|
name: grpc-google-iam-v1
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|
50
50
|
requirements:
|
51
|
-
- - "
|
52
|
-
- !ruby/object:Gem::Version
|
53
|
-
version: 0.6.10
|
54
|
-
- - "<"
|
51
|
+
- - "~>"
|
55
52
|
- !ruby/object:Gem::Version
|
56
|
-
version:
|
53
|
+
version: '1.1'
|
57
54
|
type: :runtime
|
58
55
|
prerelease: false
|
59
56
|
version_requirements: !ruby/object:Gem::Requirement
|
60
57
|
requirements:
|
61
|
-
- - "
|
62
|
-
- !ruby/object:Gem::Version
|
63
|
-
version: 0.6.10
|
64
|
-
- - "<"
|
58
|
+
- - "~>"
|
65
59
|
- !ruby/object:Gem::Version
|
66
|
-
version:
|
60
|
+
version: '1.1'
|
67
61
|
- !ruby/object:Gem::Dependency
|
68
62
|
name: google-style
|
69
63
|
requirement: !ruby/object:Gem::Requirement
|
@@ -232,7 +226,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
232
226
|
- !ruby/object:Gem::Version
|
233
227
|
version: '0'
|
234
228
|
requirements: []
|
235
|
-
rubygems_version: 3.
|
229
|
+
rubygems_version: 3.3.5
|
236
230
|
signing_key:
|
237
231
|
specification_version: 4
|
238
232
|
summary: API Client library for the Secret Manager V1beta1 API
|