google-cloud-secret_manager-v1beta1 0.8.3 → 0.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 83b05eba8c2d655afe44472ddf44e3ea9fffca5b6865e2faf96fed47ca393b61
-  data.tar.gz: 73df41c92d9a05672e24a355abd058fcdde110892e8488cb51a630f4cb452384
+  metadata.gz: 994c085c12bd30d21396b2157a063aea8983a84efc9d1b9ea35bad84db03970d
+  data.tar.gz: 19d456378197d5e5b60a4d6ab45702dd58426577be86e985f5c20926b8ada4b4
 SHA512:
-  metadata.gz: 62baaf204c712f0a249fa24f041c64dc21aa10add8dedca9fa4d1ad95a8b01fbd9834ac00a138697c84310946899f85aa10190230836ef59f697e41ec8d1f83c
-  data.tar.gz: 305b41311fa228d555529e3714ad1a2c6cb59bd98693c5e9180396223a91f0d2e74068d0b35aadae6a3aa4b417212f9becad8d5cb0eb70373a2f288ab2ce57ab
+  metadata.gz: 0b22e33909e47ac5c6cccc3a92a0b21779c583f4dd3bc17154dc74c127921fc458213f5ee0b3120a65ecc949a7845c8730c6481052c105ab61f0484204a12e72
+  data.tar.gz: 4f0606acb7c1e128d54c3d50eaa8e780d9f81805e1aedee3a445bfb30e2ae1f957c7bee119801799854ef8f7d7e87ad7f8b18c151e424de2ecc3c8822e2fb800

data/.yardopts

@@ -1,5 +1,5 @@
 --no-private
---title=Secret Manager V1beta1 API
+--title="Secret Manager V1beta1 API"
 --exclude _pb\.rb$
 --markup markdown
 --markup-provider redcarpet

data/AUTHENTICATION.md

@@ -120,15 +120,6 @@ To configure your system for this, simply:
 **NOTE:** This is _not_ recommended for running in production. The Cloud SDK
 *should* only be used during development.
 
-[gce-how-to]: https://cloud.google.com/compute/docs/authentication#using
-[dev-console]: https://console.cloud.google.com/project
-
-[enable-apis]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/enable-apis.png
-
-[create-new-service-account]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/create-new-service-account.png
-[create-new-service-account-existing-keys]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/create-new-service-account-existing-keys.png
-[reuse-service-account]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/reuse-service-account.png
-
 ## Creating a Service Account
 
 Google Cloud requires **Service Account Credentials** to
@@ -139,31 +130,22 @@ If you are not running this client within
 [Google Cloud Platform environments](#google-cloud-platform-environments), you
 need a Google Developers service account.
 
-1. Visit the [Google Developers Console][dev-console].
+1. Visit the [Google Cloud Console](https://console.cloud.google.com/project).
 2. Create a new project or click on an existing project.
-3. Activate the slide-out navigation tray and select **API Manager**. From
+3. Activate the menu in the upper left and select **APIs & Services**. From
    here, you will enable the APIs that your application requires.
 
-   ![Enable the APIs that your application requires][enable-apis]
-
    *Note: You may need to enable billing in order to use these services.*
 
 4. Select **Credentials** from the side navigation.
 
-   You should see a screen like one of the following.
-
-   ![Create a new service account][create-new-service-account]
-
-   ![Create a new service account With Existing Keys][create-new-service-account-existing-keys]
-
-   Find the "Add credentials" drop down and select "Service account" to be
-   guided through downloading a new JSON key file.
+   Find the "Create credentials" drop down near the top of the page, and select
+   "Service account" to be guided through downloading a new JSON key file.
 
    If you want to re-use an existing service account, you can easily generate a
-   new key file. Just select the account you wish to re-use, and click "Generate
-   new JSON key":
-
-   ![Re-use an existing service account][reuse-service-account]
+   new key file. Just select the account you wish to re-use, click the pencil
+   tool on the right side to edit the service account, select the **Keys** tab,
+   and then select **Add Key**.
 
    The key file you download will be used by this library to authenticate API
    requests and should be stored in a secure location.

data/README.md

@@ -37,7 +37,7 @@ request = ::Google::Cloud::SecretManager::V1beta1::ListSecretsRequest.new # (req
 response = client.list_secrets request
 ```
 
-View the [Client Library Documentation](https://googleapis.dev/ruby/google-cloud-secret_manager-v1beta1/latest)
+View the [Client Library Documentation](https://cloud.google.com/ruby/docs/reference/google-cloud-secret_manager-v1beta1/latest)
 for class and method documentation.
 
 See also the [Product Documentation](https://cloud.google.com/secret-manager)

data/lib/google/cloud/secret_manager/v1beta1/secret_manager_service/client.rb

@@ -220,6 +220,27 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::SecretManager::V1beta1::ListSecretsRequest.new
+            #
+            #   # Call the list_secrets method.
+            #   result = client.list_secrets request
+            #
+            #   # The returned object is of type Gapic::PagedEnumerable. You can
+            #   # iterate over all elements by calling #each, and the enumerable
+            #   # will lazily make API calls to fetch subsequent pages. Other
+            #   # methods are also available for managing paging directly.
+            #   result.each do |response|
+            #     # Each element is of type ::Google::Cloud::SecretManager::V1beta1::Secret.
+            #     p response
+            #   end
+            #
             def list_secrets request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -237,9 +258,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "parent" => request.parent
-              }
+              header_params = {}
+              if request.parent
+                header_params["parent"] = request.parent
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 
@@ -298,6 +321,21 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::SecretManager::V1beta1::CreateSecretRequest.new
+            #
+            #   # Call the create_secret method.
+            #   result = client.create_secret request
+            #
+            #   # The returned object is of type Google::Cloud::SecretManager::V1beta1::Secret.
+            #   p result
+            #
             def create_secret request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -315,9 +353,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "parent" => request.parent
-              }
+              header_params = {}
+              if request.parent
+                header_params["parent"] = request.parent
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 
@@ -370,6 +410,21 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::SecretManager::V1beta1::AddSecretVersionRequest.new
+            #
+            #   # Call the add_secret_version method.
+            #   result = client.add_secret_version request
+            #
+            #   # The returned object is of type Google::Cloud::SecretManager::V1beta1::SecretVersion.
+            #   p result
+            #
             def add_secret_version request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -387,9 +442,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "parent" => request.parent
-              }
+              header_params = {}
+              if request.parent
+                header_params["parent"] = request.parent
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 
@@ -438,6 +495,21 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::SecretManager::V1beta1::GetSecretRequest.new
+            #
+            #   # Call the get_secret method.
+            #   result = client.get_secret request
+            #
+            #   # The returned object is of type Google::Cloud::SecretManager::V1beta1::Secret.
+            #   p result
+            #
             def get_secret request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -455,9 +527,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "name" => request.name
-              }
+              header_params = {}
+              if request.name
+                header_params["name"] = request.name
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 
@@ -508,6 +582,21 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::SecretManager::V1beta1::UpdateSecretRequest.new
+            #
+            #   # Call the update_secret method.
+            #   result = client.update_secret request
+            #
+            #   # The returned object is of type Google::Cloud::SecretManager::V1beta1::Secret.
+            #   p result
+            #
             def update_secret request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -525,9 +614,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "secret.name" => request.secret.name
-              }
+              header_params = {}
+              if request.secret&.name
+                header_params["secret.name"] = request.secret.name
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 
@@ -577,6 +668,21 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::SecretManager::V1beta1::DeleteSecretRequest.new
+            #
+            #   # Call the delete_secret method.
+            #   result = client.delete_secret request
+            #
+            #   # The returned object is of type Google::Protobuf::Empty.
+            #   p result
+            #
             def delete_secret request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -594,9 +700,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "name" => request.name
-              }
+              header_params = {}
+              if request.name
+                header_params["name"] = request.name
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 
@@ -655,6 +763,27 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::SecretManager::V1beta1::ListSecretVersionsRequest.new
+            #
+            #   # Call the list_secret_versions method.
+            #   result = client.list_secret_versions request
+            #
+            #   # The returned object is of type Gapic::PagedEnumerable. You can
+            #   # iterate over all elements by calling #each, and the enumerable
+            #   # will lazily make API calls to fetch subsequent pages. Other
+            #   # methods are also available for managing paging directly.
+            #   result.each do |response|
+            #     # Each element is of type ::Google::Cloud::SecretManager::V1beta1::SecretVersion.
+            #     p response
+            #   end
+            #
             def list_secret_versions request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -672,9 +801,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "parent" => request.parent
-              }
+              header_params = {}
+              if request.parent
+                header_params["parent"] = request.parent
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 
@@ -730,6 +861,21 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::SecretManager::V1beta1::GetSecretVersionRequest.new
+            #
+            #   # Call the get_secret_version method.
+            #   result = client.get_secret_version request
+            #
+            #   # The returned object is of type Google::Cloud::SecretManager::V1beta1::SecretVersion.
+            #   p result
+            #
             def get_secret_version request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -747,9 +893,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "name" => request.name
-              }
+              header_params = {}
+              if request.name
+                header_params["name"] = request.name
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 
@@ -802,6 +950,21 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::SecretManager::V1beta1::AccessSecretVersionRequest.new
+            #
+            #   # Call the access_secret_version method.
+            #   result = client.access_secret_version request
+            #
+            #   # The returned object is of type Google::Cloud::SecretManager::V1beta1::AccessSecretVersionResponse.
+            #   p result
+            #
             def access_secret_version request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -819,9 +982,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "name" => request.name
-              }
+              header_params = {}
+              if request.name
+                header_params["name"] = request.name
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 
@@ -874,6 +1039,21 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::SecretManager::V1beta1::DisableSecretVersionRequest.new
+            #
+            #   # Call the disable_secret_version method.
+            #   result = client.disable_secret_version request
+            #
+            #   # The returned object is of type Google::Cloud::SecretManager::V1beta1::SecretVersion.
+            #   p result
+            #
             def disable_secret_version request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -891,9 +1071,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "name" => request.name
-              }
+              header_params = {}
+              if request.name
+                header_params["name"] = request.name
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 
@@ -946,6 +1128,21 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::SecretManager::V1beta1::EnableSecretVersionRequest.new
+            #
+            #   # Call the enable_secret_version method.
+            #   result = client.enable_secret_version request
+            #
+            #   # The returned object is of type Google::Cloud::SecretManager::V1beta1::SecretVersion.
+            #   p result
+            #
             def enable_secret_version request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -963,9 +1160,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "name" => request.name
-              }
+              header_params = {}
+              if request.name
+                header_params["name"] = request.name
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 
@@ -1019,6 +1218,21 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::SecretManager::V1beta1::DestroySecretVersionRequest.new
+            #
+            #   # Call the destroy_secret_version method.
+            #   result = client.destroy_secret_version request
+            #
+            #   # The returned object is of type Google::Cloud::SecretManager::V1beta1::SecretVersion.
+            #   p result
+            #
             def destroy_secret_version request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -1036,9 +1250,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "name" => request.name
-              }
+              header_params = {}
+              if request.name
+                header_params["name"] = request.name
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 
@@ -1075,7 +1291,7 @@ module Google
             #   @param options [::Gapic::CallOptions, ::Hash]
             #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
             #
-            # @overload set_iam_policy(resource: nil, policy: nil)
+            # @overload set_iam_policy(resource: nil, policy: nil, update_mask: nil)
             #   Pass arguments to `set_iam_policy` via keyword arguments. Note that at
             #   least one keyword argument is required. To specify no parameters, or to keep all
             #   the default parameter values, pass an empty Hash as a request object (see above).
@@ -1088,6 +1304,12 @@ module Google
             #     the policy is limited to a few 10s of KB. An empty policy is a
             #     valid policy but certain Cloud Platform services (such as Projects)
             #     might reject them.
+            #   @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
+            #     OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
+            #     the fields in the mask will be modified. If no mask is provided, the
+            #     following default mask is used:
+            #
+            #     `paths: "bindings, etag"`
             #
             # @yield [response, operation] Access the result along with the RPC operation
             # @yieldparam response [::Google::Iam::V1::Policy]
@@ -1097,6 +1319,21 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Iam::V1::SetIamPolicyRequest.new
+            #
+            #   # Call the set_iam_policy method.
+            #   result = client.set_iam_policy request
+            #
+            #   # The returned object is of type Google::Iam::V1::Policy.
+            #   p result
+            #
             def set_iam_policy request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -1114,9 +1351,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "resource" => request.resource
-              }
+              header_params = {}
+              if request.resource
+                header_params["resource"] = request.resource
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 
@@ -1160,7 +1399,7 @@ module Google
             #     See the operation documentation for the appropriate value for this field.
             #   @param options [::Google::Iam::V1::GetPolicyOptions, ::Hash]
             #     OPTIONAL: A `GetPolicyOptions` object for specifying options to
-            #     `GetIamPolicy`. This field is only used by Cloud IAM.
+            #     `GetIamPolicy`.
             #
             # @yield [response, operation] Access the result along with the RPC operation
             # @yieldparam response [::Google::Iam::V1::Policy]
@@ -1170,6 +1409,21 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Iam::V1::GetIamPolicyRequest.new
+            #
+            #   # Call the get_iam_policy method.
+            #   result = client.get_iam_policy request
+            #
+            #   # The returned object is of type Google::Iam::V1::Policy.
+            #   p result
+            #
             def get_iam_policy request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -1187,9 +1441,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "resource" => request.resource
-              }
+              header_params = {}
+              if request.resource
+                header_params["resource"] = request.resource
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 
@@ -1250,6 +1506,21 @@ module Google
             #
             # @raise [::Google::Cloud::Error] if the RPC is aborted.
             #
+            # @example Basic example
+            #   require "google/cloud/secret_manager/v1beta1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Iam::V1::TestIamPermissionsRequest.new
+            #
+            #   # Call the test_iam_permissions method.
+            #   result = client.test_iam_permissions request
+            #
+            #   # The returned object is of type Google::Iam::V1::TestIamPermissionsResponse.
+            #   p result
+            #
             def test_iam_permissions request, options = nil
               raise ::ArgumentError, "request must be provided" if request.nil?
 
@@ -1267,9 +1538,11 @@ module Google
                 gapic_version: ::Google::Cloud::SecretManager::V1beta1::VERSION
               metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
 
-              header_params = {
-                "resource" => request.resource
-              }
+              header_params = {}
+              if request.resource
+                header_params["resource"] = request.resource
+              end
+
               request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
               metadata[:"x-goog-request-params"] ||= request_params_header
 

data/lib/google/cloud/secret_manager/v1beta1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module SecretManager
       module V1beta1
-        VERSION = "0.8.3"
+        VERSION = "0.9.0"
       end
     end
   end

data/lib/google/cloud/secret_manager/v1beta1.rb

@@ -25,6 +25,8 @@ module Google
       ##
       # To load this package, including all its services, and instantiate a client:
       #
+      # @example
+      #
       #     require "google/cloud/secret_manager/v1beta1"
       #     client = ::Google::Cloud::SecretManager::V1beta1::SecretManagerService::Client.new
       #

data/lib/google/cloud/secrets/v1beta1/resources_pb.rb

@@ -1,12 +1,12 @@
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
 # source: google/cloud/secrets/v1beta1/resources.proto
 
-require 'google/protobuf'
-
 require 'google/api/field_behavior_pb'
 require 'google/api/resource_pb'
 require 'google/protobuf/timestamp_pb'
 require 'google/api/annotations_pb'
+require 'google/protobuf'
+
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("google/cloud/secrets/v1beta1/resources.proto", :syntax => :proto3) do
     add_message "google.cloud.secrets.v1beta1.Secret" do

data/lib/google/cloud/secrets/v1beta1/service_pb.rb

@@ -1,8 +1,6 @@
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
 # source: google/cloud/secrets/v1beta1/service.proto
 
-require 'google/protobuf'
-
 require 'google/api/annotations_pb'
 require 'google/api/client_pb'
 require 'google/api/field_behavior_pb'
@@ -12,6 +10,8 @@ require 'google/iam/v1/iam_policy_pb'
 require 'google/iam/v1/policy_pb'
 require 'google/protobuf/empty_pb'
 require 'google/protobuf/field_mask_pb'
+require 'google/protobuf'
+
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("google/cloud/secrets/v1beta1/service.proto", :syntax => :proto3) do
     add_message "google.cloud.secrets.v1beta1.ListSecretsRequest" do

data/lib/google/cloud/secrets/v1beta1/service_services_pb.rb

@@ -33,7 +33,7 @@ module Google
           # * [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
           class Service
 
-            include GRPC::GenericService
+            include ::GRPC::GenericService
 
             self.marshal_class_method = :encode
             self.unmarshal_class_method = :decode

data/proto_docs/google/api/resource.rb

@@ -33,11 +33,7 @@ module Google
     #       // For Kubernetes resources, the format is {api group}/{kind}.
     #       option (google.api.resource) = {
     #         type: "pubsub.googleapis.com/Topic"
-    #         name_descriptor: {
-    #           pattern: "projects/{project}/topics/{topic}"
-    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
-    #           parent_name_extractor: "projects/{project}"
-    #         }
+    #         pattern: "projects/{project}/topics/{topic}"
     #       };
     #     }
     #
@@ -45,10 +41,7 @@ module Google
     #
     #     resources:
     #     - type: "pubsub.googleapis.com/Topic"
-    #       name_descriptor:
-    #         - pattern: "projects/{project}/topics/{topic}"
-    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
-    #           parent_name_extractor: "projects/{project}"
+    #       pattern: "projects/{project}/topics/{topic}"
     #
     # Sometimes, resources have multiple patterns, typically because they can
     # live under multiple parents.
@@ -58,26 +51,10 @@ module Google
     #     message LogEntry {
     #       option (google.api.resource) = {
     #         type: "logging.googleapis.com/LogEntry"
-    #         name_descriptor: {
-    #           pattern: "projects/{project}/logs/{log}"
-    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
-    #           parent_name_extractor: "projects/{project}"
-    #         }
-    #         name_descriptor: {
-    #           pattern: "folders/{folder}/logs/{log}"
-    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
-    #           parent_name_extractor: "folders/{folder}"
-    #         }
-    #         name_descriptor: {
-    #           pattern: "organizations/{organization}/logs/{log}"
-    #           parent_type: "cloudresourcemanager.googleapis.com/Organization"
-    #           parent_name_extractor: "organizations/{organization}"
-    #         }
-    #         name_descriptor: {
-    #           pattern: "billingAccounts/{billing_account}/logs/{log}"
-    #           parent_type: "billing.googleapis.com/BillingAccount"
-    #           parent_name_extractor: "billingAccounts/{billing_account}"
-    #         }
+    #         pattern: "projects/{project}/logs/{log}"
+    #         pattern: "folders/{folder}/logs/{log}"
+    #         pattern: "organizations/{organization}/logs/{log}"
+    #         pattern: "billingAccounts/{billing_account}/logs/{log}"
     #       };
     #     }
     #
@@ -85,48 +62,10 @@ module Google
     #
     #     resources:
     #     - type: 'logging.googleapis.com/LogEntry'
-    #       name_descriptor:
-    #         - pattern: "projects/{project}/logs/{log}"
-    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
-    #           parent_name_extractor: "projects/{project}"
-    #         - pattern: "folders/{folder}/logs/{log}"
-    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
-    #           parent_name_extractor: "folders/{folder}"
-    #         - pattern: "organizations/{organization}/logs/{log}"
-    #           parent_type: "cloudresourcemanager.googleapis.com/Organization"
-    #           parent_name_extractor: "organizations/{organization}"
-    #         - pattern: "billingAccounts/{billing_account}/logs/{log}"
-    #           parent_type: "billing.googleapis.com/BillingAccount"
-    #           parent_name_extractor: "billingAccounts/{billing_account}"
-    #
-    # For flexible resources, the resource name doesn't contain parent names, but
-    # the resource itself has parents for policy evaluation.
-    #
-    # Example:
-    #
-    #     message Shelf {
-    #       option (google.api.resource) = {
-    #         type: "library.googleapis.com/Shelf"
-    #         name_descriptor: {
-    #           pattern: "shelves/{shelf}"
-    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
-    #         }
-    #         name_descriptor: {
-    #           pattern: "shelves/{shelf}"
-    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
-    #         }
-    #       };
-    #     }
-    #
-    # The ResourceDescriptor Yaml config will look like:
-    #
-    #     resources:
-    #     - type: 'library.googleapis.com/Shelf'
-    #       name_descriptor:
-    #         - pattern: "shelves/{shelf}"
-    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
-    #         - pattern: "shelves/{shelf}"
-    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
+    #       pattern: "projects/{project}/logs/{log}"
+    #       pattern: "folders/{folder}/logs/{log}"
+    #       pattern: "organizations/{organization}/logs/{log}"
+    #       pattern: "billingAccounts/{billing_account}/logs/{log}"
     # @!attribute [rw] type
     #   @return [::String]
     #     The resource type. It must be in the format of

data/proto_docs/google/iam/v1/iam_policy.rb

@@ -31,6 +31,13 @@ module Google
       #     the policy is limited to a few 10s of KB. An empty policy is a
       #     valid policy but certain Cloud Platform services (such as Projects)
       #     might reject them.
+      # @!attribute [rw] update_mask
+      #   @return [::Google::Protobuf::FieldMask]
+      #     OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
+      #     the fields in the mask will be modified. If no mask is provided, the
+      #     following default mask is used:
+      #
+      #     `paths: "bindings, etag"`
       class SetIamPolicyRequest
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -44,7 +51,7 @@ module Google
       # @!attribute [rw] options
       #   @return [::Google::Iam::V1::GetPolicyOptions]
       #     OPTIONAL: A `GetPolicyOptions` object for specifying options to
-      #     `GetIamPolicy`. This field is only used by Cloud IAM.
+      #     `GetIamPolicy`.
       class GetIamPolicyRequest
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/iam/v1/options.rb

@@ -23,14 +23,24 @@ module Google
       # Encapsulates settings provided to GetIamPolicy.
       # @!attribute [rw] requested_policy_version
       #   @return [::Integer]
-      #     Optional. The policy format version to be returned.
+      #     Optional. The maximum policy version that will be used to format the
+      #     policy.
       #
       #     Valid values are 0, 1, and 3. Requests specifying an invalid value will be
       #     rejected.
       #
-      #     Requests for policies with any conditional bindings must specify version 3.
-      #     Policies without any conditional bindings may specify any valid value or
-      #     leave the field unset.
+      #     Requests for policies with any conditional role bindings must specify
+      #     version 3. Policies with no conditional role bindings may specify any valid
+      #     value or leave the field unset.
+      #
+      #     The policy in the response might use the policy version that you specified,
+      #     or it might use a lower policy version. For example, if you specify version
+      #     3, but the policy has no conditional role bindings, the response uses
+      #     version 1.
+      #
+      #     To learn which resources support conditions in their IAM policies, see the
+      #     [IAM
+      #     documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
       class GetPolicyOptions
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/iam/v1/policy.rb

@@ -20,19 +20,24 @@
 module Google
   module Iam
     module V1
-      # Defines an Identity and Access Management (IAM) policy. It is used to
-      # specify access control policies for Cloud Platform resources.
+      # An Identity and Access Management (IAM) policy, which specifies access
+      # controls for Google Cloud resources.
       #
       #
       # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-      # `members` to a single `role`. Members can be user accounts, service accounts,
-      # Google groups, and domains (such as G Suite). A `role` is a named list of
-      # permissions (defined by IAM or configured by users). A `binding` can
-      # optionally specify a `condition`, which is a logic expression that further
-      # constrains the role binding based on attributes about the request and/or
-      # target resource.
+      # `members`, or principals, to a single `role`. Principals can be user
+      # accounts, service accounts, Google groups, and domains (such as G Suite). A
+      # `role` is a named list of permissions; each `role` can be an IAM predefined
+      # role or a user-created custom role.
       #
-      # **JSON Example**
+      # For some types of Google Cloud resources, a `binding` can also specify a
+      # `condition`, which is a logical expression that allows access to a resource
+      # only if the expression evaluates to `true`. A condition can add constraints
+      # based on attributes of the request, the resource, or both. To learn which
+      # resources support conditions in their IAM policies, see the
+      # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
       #
       #     {
       #       "bindings": [
@@ -47,18 +52,21 @@ module Google
       #         },
       #         {
       #           "role": "roles/resourcemanager.organizationViewer",
-      #           "members": ["user:eve@example.com"],
+      #           "members": [
+      #             "user:eve@example.com"
+      #           ],
       #           "condition": {
       #             "title": "expirable access",
       #             "description": "Does not grant access after Sep 2020",
-      #             "expression": "request.time <
-      #             timestamp('2020-10-01T00:00:00.000Z')",
+      #             "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')",
       #           }
       #         }
-      #       ]
+      #       ],
+      #       "etag": "BwWWja0YfJA=",
+      #       "version": 3
       #     }
       #
-      # **YAML Example**
+      # **YAML example:**
       #
       #     bindings:
       #     - members:
@@ -74,30 +82,52 @@ module Google
       #         title: expirable access
       #         description: Does not grant access after Sep 2020
       #         expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
+      #     etag: BwWWja0YfJA=
+      #     version: 3
       #
       # For a description of IAM and its features, see the
-      # [IAM developer's guide](https://cloud.google.com/iam/docs).
+      # [IAM documentation](https://cloud.google.com/iam/docs/).
       # @!attribute [rw] version
       #   @return [::Integer]
       #     Specifies the format of the policy.
       #
-      #     Valid values are 0, 1, and 3. Requests specifying an invalid value will be
-      #     rejected.
+      #     Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
+      #     are rejected.
+      #
+      #     Any operation that affects conditional role bindings must specify version
+      #     `3`. This requirement applies to the following operations:
       #
-      #     Operations affecting conditional bindings must specify version 3. This can
-      #     be either setting a conditional policy, modifying a conditional binding,
-      #     or removing a binding (conditional or unconditional) from the stored
-      #     conditional policy.
-      #     Operations on non-conditional policies may specify any valid value or
-      #     leave the field unset.
+      #     * Getting a policy that includes a conditional role binding
+      #     * Adding a conditional role binding to a policy
+      #     * Changing a conditional role binding in a policy
+      #     * Removing any role binding, with or without a condition, from a policy
+      #       that includes conditions
       #
-      #     If no etag is provided in the call to `setIamPolicy`, version compliance
-      #     checks against the stored policy is skipped.
+      #     **Important:** If you use IAM Conditions, you must include the `etag` field
+      #     whenever you call `setIamPolicy`. If you omit this field, then IAM allows
+      #     you to overwrite a version `3` policy with a version `1` policy, and all of
+      #     the conditions in the version `3` policy are lost.
+      #
+      #     If a policy does not include any conditions, operations on that policy may
+      #     specify any valid version or leave the field unset.
+      #
+      #     To learn which resources support conditions in their IAM policies, see the
+      #     [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
       # @!attribute [rw] bindings
       #   @return [::Array<::Google::Iam::V1::Binding>]
-      #     Associates a list of `members` to a `role`. Optionally may specify a
-      #     `condition` that determines when binding is in effect.
-      #     `bindings` with no members will result in an error.
+      #     Associates a list of `members`, or principals, with a `role`. Optionally,
+      #     may specify a `condition` that determines how and when the `bindings` are
+      #     applied. Each of the `bindings` must contain at least one principal.
+      #
+      #     The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250
+      #     of these principals can be Google groups. Each occurrence of a principal
+      #     counts towards these limits. For example, if the `bindings` grant 50
+      #     different roles to `user:alice@example.com`, and not to any other
+      #     principal, then you can add another 1,450 principals to the `bindings` in
+      #     the `Policy`.
+      # @!attribute [rw] audit_configs
+      #   @return [::Array<::Google::Iam::V1::AuditConfig>]
+      #     Specifies cloud audit logging configuration for this policy.
       # @!attribute [rw] etag
       #   @return [::String]
       #     `etag` is used for optimistic concurrency control as a way to help
@@ -108,23 +138,23 @@ module Google
       #     systems are expected to put that etag in the request to `setIamPolicy` to
       #     ensure that their change will be applied to the same version of the policy.
       #
-      #     If no `etag` is provided in the call to `setIamPolicy`, then the existing
-      #     policy is overwritten. Due to blind-set semantics of an etag-less policy,
-      #     'setIamPolicy' will not fail even if the incoming policy version does not
-      #     meet the requirements for modifying the stored policy.
+      #     **Important:** If you use IAM Conditions, you must include the `etag` field
+      #     whenever you call `setIamPolicy`. If you omit this field, then IAM allows
+      #     you to overwrite a version `3` policy with a version `1` policy, and all of
+      #     the conditions in the version `3` policy are lost.
       class Policy
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods
       end
 
-      # Associates `members` with a `role`.
+      # Associates `members`, or principals, with a `role`.
       # @!attribute [rw] role
       #   @return [::String]
-      #     Role that is assigned to `members`.
+      #     Role that is assigned to the list of `members`, or principals.
       #     For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       # @!attribute [rw] members
       #   @return [::Array<::String>]
-      #     Specifies the identities requesting access for a Cloud Platform resource.
+      #     Specifies the principals requesting access for a Cloud Platform resource.
       #     `members` can have the following values:
       #
       #     * `allUsers`: A special identifier that represents anyone who is
@@ -143,20 +173,160 @@ module Google
       #     * `group:{emailid}`: An email address that represents a Google group.
       #        For example, `admins@example.com`.
       #
+      #     * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique
+      #        identifier) representing a user that has been recently deleted. For
+      #        example, `alice@example.com?uid=123456789012345678901`. If the user is
+      #        recovered, this value reverts to `user:{emailid}` and the recovered user
+      #        retains the role in the binding.
+      #
+      #     * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus
+      #        unique identifier) representing a service account that has been recently
+      #        deleted. For example,
+      #        `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
+      #        If the service account is undeleted, this value reverts to
+      #        `serviceAccount:{emailid}` and the undeleted service account retains the
+      #        role in the binding.
+      #
+      #     * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique
+      #        identifier) representing a Google group that has been recently
+      #        deleted. For example, `admins@example.com?uid=123456789012345678901`. If
+      #        the group is recovered, this value reverts to `group:{emailid}` and the
+      #        recovered group retains the role in the binding.
+      #
       #
       #     * `domain:{domain}`: The G Suite domain (primary) that represents all the
       #        users of that domain. For example, `google.com` or `example.com`.
       # @!attribute [rw] condition
       #   @return [::Google::Type::Expr]
       #     The condition that is associated with this binding.
-      #     NOTE: An unsatisfied condition will not allow user access via current
-      #     binding. Different bindings, including their conditions, are examined
-      #     independently.
+      #
+      #     If the condition evaluates to `true`, then this binding applies to the
+      #     current request.
+      #
+      #     If the condition evaluates to `false`, then this binding does not apply to
+      #     the current request. However, a different role binding might grant the same
+      #     role to one or more of the principals in this binding.
+      #
+      #     To learn which resources support conditions in their IAM policies, see the
+      #     [IAM
+      #     documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
       class Binding
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods
       end
 
+      # Specifies the audit configuration for a service.
+      # The configuration determines which permission types are logged, and what
+      # identities, if any, are exempted from logging.
+      # An AuditConfig must have one or more AuditLogConfigs.
+      #
+      # If there are AuditConfigs for both `allServices` and a specific service,
+      # the union of the two AuditConfigs is used for that service: the log_types
+      # specified in each AuditConfig are enabled, and the exempted_members in each
+      # AuditLogConfig are exempted.
+      #
+      # Example Policy with multiple AuditConfigs:
+      #
+      #     {
+      #       "audit_configs": [
+      #         {
+      #           "service": "allServices",
+      #           "audit_log_configs": [
+      #             {
+      #               "log_type": "DATA_READ",
+      #               "exempted_members": [
+      #                 "user:jose@example.com"
+      #               ]
+      #             },
+      #             {
+      #               "log_type": "DATA_WRITE"
+      #             },
+      #             {
+      #               "log_type": "ADMIN_READ"
+      #             }
+      #           ]
+      #         },
+      #         {
+      #           "service": "sampleservice.googleapis.com",
+      #           "audit_log_configs": [
+      #             {
+      #               "log_type": "DATA_READ"
+      #             },
+      #             {
+      #               "log_type": "DATA_WRITE",
+      #               "exempted_members": [
+      #                 "user:aliya@example.com"
+      #               ]
+      #             }
+      #           ]
+      #         }
+      #       ]
+      #     }
+      #
+      # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
+      # logging. It also exempts jose@example.com from DATA_READ logging, and
+      # aliya@example.com from DATA_WRITE logging.
+      # @!attribute [rw] service
+      #   @return [::String]
+      #     Specifies a service that will be enabled for audit logging.
+      #     For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
+      #     `allServices` is a special value that covers all services.
+      # @!attribute [rw] audit_log_configs
+      #   @return [::Array<::Google::Iam::V1::AuditLogConfig>]
+      #     The configuration for logging of each type of permission.
+      class AuditConfig
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Provides the configuration for logging a type of permissions.
+      # Example:
+      #
+      #     {
+      #       "audit_log_configs": [
+      #         {
+      #           "log_type": "DATA_READ",
+      #           "exempted_members": [
+      #             "user:jose@example.com"
+      #           ]
+      #         },
+      #         {
+      #           "log_type": "DATA_WRITE"
+      #         }
+      #       ]
+      #     }
+      #
+      # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
+      # jose@example.com from DATA_READ logging.
+      # @!attribute [rw] log_type
+      #   @return [::Google::Iam::V1::AuditLogConfig::LogType]
+      #     The log type that this config enables.
+      # @!attribute [rw] exempted_members
+      #   @return [::Array<::String>]
+      #     Specifies the identities that do not cause logging for this type of
+      #     permission.
+      #     Follows the same format of {::Google::Iam::V1::Binding#members Binding.members}.
+      class AuditLogConfig
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+
+        # The list of valid permission types for which logging can be configured.
+        # Admin writes are always logged, and are not configurable.
+        module LogType
+          # Default case. Should never be this.
+          LOG_TYPE_UNSPECIFIED = 0
+
+          # Admin reads. Example: CloudIAM getIamPolicy
+          ADMIN_READ = 1
+
+          # Data writes. Example: CloudSQL Users create
+          DATA_WRITE = 2
+
+          # Data reads. Example: CloudSQL Users list
+          DATA_READ = 3
+        end
+      end
+
       # The difference delta between two policies.
       # @!attribute [rw] binding_deltas
       #   @return [::Array<::Google::Iam::V1::BindingDelta>]

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-secret_manager-v1beta1
 version: !ruby/object:Gem::Version
-  version: 0.8.3
+  version: 0.9.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-08-11 00:00:00.000000000 Z
+date: 2022-04-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -48,22 +48,16 @@ dependencies:
   name: grpc-google-iam-v1
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.6.10
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.a
+        version: '1.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.6.10
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.a
+        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: google-style
   requirement: !ruby/object:Gem::Requirement
@@ -232,7 +226,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.17
+rubygems_version: 3.3.5
 signing_key: 
 specification_version: 4
 summary: API Client library for the Secret Manager V1beta1 API