google-cloud-security-private_ca-v1 0.1.0

data/lib/google/cloud/security/privateca/v1/service_pb.rb

@@ -0,0 +1,254 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: google/cloud/security/privateca/v1/service.proto
+
+require 'google/protobuf'
+
+require 'google/api/annotations_pb'
+require 'google/api/client_pb'
+require 'google/api/field_behavior_pb'
+require 'google/api/resource_pb'
+require 'google/cloud/security/privateca/v1/resources_pb'
+require 'google/longrunning/operations_pb'
+require 'google/protobuf/duration_pb'
+require 'google/protobuf/field_mask_pb'
+require 'google/protobuf/timestamp_pb'
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("google/cloud/security/privateca/v1/service.proto", :syntax => :proto3) do
+    add_message "google.cloud.security.privateca.v1.CreateCertificateRequest" do
+      optional :parent, :string, 1
+      optional :certificate_id, :string, 2
+      optional :certificate, :message, 3, "google.cloud.security.privateca.v1.Certificate"
+      optional :request_id, :string, 4
+      optional :validate_only, :bool, 5
+      optional :issuing_certificate_authority_id, :string, 6
+    end
+    add_message "google.cloud.security.privateca.v1.GetCertificateRequest" do
+      optional :name, :string, 1
+    end
+    add_message "google.cloud.security.privateca.v1.ListCertificatesRequest" do
+      optional :parent, :string, 1
+      optional :page_size, :int32, 2
+      optional :page_token, :string, 3
+      optional :filter, :string, 4
+      optional :order_by, :string, 5
+    end
+    add_message "google.cloud.security.privateca.v1.ListCertificatesResponse" do
+      repeated :certificates, :message, 1, "google.cloud.security.privateca.v1.Certificate"
+      optional :next_page_token, :string, 2
+      repeated :unreachable, :string, 3
+    end
+    add_message "google.cloud.security.privateca.v1.RevokeCertificateRequest" do
+      optional :name, :string, 1
+      optional :reason, :enum, 2, "google.cloud.security.privateca.v1.RevocationReason"
+      optional :request_id, :string, 3
+    end
+    add_message "google.cloud.security.privateca.v1.UpdateCertificateRequest" do
+      optional :certificate, :message, 1, "google.cloud.security.privateca.v1.Certificate"
+      optional :update_mask, :message, 2, "google.protobuf.FieldMask"
+      optional :request_id, :string, 3
+    end
+    add_message "google.cloud.security.privateca.v1.ActivateCertificateAuthorityRequest" do
+      optional :name, :string, 1
+      optional :pem_ca_certificate, :string, 2
+      optional :subordinate_config, :message, 3, "google.cloud.security.privateca.v1.SubordinateConfig"
+      optional :request_id, :string, 4
+    end
+    add_message "google.cloud.security.privateca.v1.CreateCertificateAuthorityRequest" do
+      optional :parent, :string, 1
+      optional :certificate_authority_id, :string, 2
+      optional :certificate_authority, :message, 3, "google.cloud.security.privateca.v1.CertificateAuthority"
+      optional :request_id, :string, 4
+    end
+    add_message "google.cloud.security.privateca.v1.DisableCertificateAuthorityRequest" do
+      optional :name, :string, 1
+      optional :request_id, :string, 2
+    end
+    add_message "google.cloud.security.privateca.v1.EnableCertificateAuthorityRequest" do
+      optional :name, :string, 1
+      optional :request_id, :string, 2
+    end
+    add_message "google.cloud.security.privateca.v1.FetchCertificateAuthorityCsrRequest" do
+      optional :name, :string, 1
+    end
+    add_message "google.cloud.security.privateca.v1.FetchCertificateAuthorityCsrResponse" do
+      optional :pem_csr, :string, 1
+    end
+    add_message "google.cloud.security.privateca.v1.GetCertificateAuthorityRequest" do
+      optional :name, :string, 1
+    end
+    add_message "google.cloud.security.privateca.v1.ListCertificateAuthoritiesRequest" do
+      optional :parent, :string, 1
+      optional :page_size, :int32, 2
+      optional :page_token, :string, 3
+      optional :filter, :string, 4
+      optional :order_by, :string, 5
+    end
+    add_message "google.cloud.security.privateca.v1.ListCertificateAuthoritiesResponse" do
+      repeated :certificate_authorities, :message, 1, "google.cloud.security.privateca.v1.CertificateAuthority"
+      optional :next_page_token, :string, 2
+      repeated :unreachable, :string, 3
+    end
+    add_message "google.cloud.security.privateca.v1.UndeleteCertificateAuthorityRequest" do
+      optional :name, :string, 1
+      optional :request_id, :string, 2
+    end
+    add_message "google.cloud.security.privateca.v1.DeleteCertificateAuthorityRequest" do
+      optional :name, :string, 1
+      optional :request_id, :string, 2
+      optional :ignore_active_certificates, :bool, 4
+    end
+    add_message "google.cloud.security.privateca.v1.UpdateCertificateAuthorityRequest" do
+      optional :certificate_authority, :message, 1, "google.cloud.security.privateca.v1.CertificateAuthority"
+      optional :update_mask, :message, 2, "google.protobuf.FieldMask"
+      optional :request_id, :string, 3
+    end
+    add_message "google.cloud.security.privateca.v1.CreateCaPoolRequest" do
+      optional :parent, :string, 1
+      optional :ca_pool_id, :string, 2
+      optional :ca_pool, :message, 3, "google.cloud.security.privateca.v1.CaPool"
+      optional :request_id, :string, 4
+    end
+    add_message "google.cloud.security.privateca.v1.UpdateCaPoolRequest" do
+      optional :ca_pool, :message, 1, "google.cloud.security.privateca.v1.CaPool"
+      optional :update_mask, :message, 2, "google.protobuf.FieldMask"
+      optional :request_id, :string, 3
+    end
+    add_message "google.cloud.security.privateca.v1.DeleteCaPoolRequest" do
+      optional :name, :string, 1
+      optional :request_id, :string, 2
+    end
+    add_message "google.cloud.security.privateca.v1.FetchCaCertsRequest" do
+      optional :ca_pool, :string, 1
+      optional :request_id, :string, 2
+    end
+    add_message "google.cloud.security.privateca.v1.FetchCaCertsResponse" do
+      repeated :ca_certs, :message, 1, "google.cloud.security.privateca.v1.FetchCaCertsResponse.CertChain"
+    end
+    add_message "google.cloud.security.privateca.v1.FetchCaCertsResponse.CertChain" do
+      repeated :certificates, :string, 1
+    end
+    add_message "google.cloud.security.privateca.v1.GetCaPoolRequest" do
+      optional :name, :string, 1
+    end
+    add_message "google.cloud.security.privateca.v1.ListCaPoolsRequest" do
+      optional :parent, :string, 1
+      optional :page_size, :int32, 2
+      optional :page_token, :string, 3
+      optional :filter, :string, 4
+      optional :order_by, :string, 5
+    end
+    add_message "google.cloud.security.privateca.v1.ListCaPoolsResponse" do
+      repeated :ca_pools, :message, 1, "google.cloud.security.privateca.v1.CaPool"
+      optional :next_page_token, :string, 2
+      repeated :unreachable, :string, 3
+    end
+    add_message "google.cloud.security.privateca.v1.GetCertificateRevocationListRequest" do
+      optional :name, :string, 1
+    end
+    add_message "google.cloud.security.privateca.v1.ListCertificateRevocationListsRequest" do
+      optional :parent, :string, 1
+      optional :page_size, :int32, 2
+      optional :page_token, :string, 3
+      optional :filter, :string, 4
+      optional :order_by, :string, 5
+    end
+    add_message "google.cloud.security.privateca.v1.ListCertificateRevocationListsResponse" do
+      repeated :certificate_revocation_lists, :message, 1, "google.cloud.security.privateca.v1.CertificateRevocationList"
+      optional :next_page_token, :string, 2
+      repeated :unreachable, :string, 3
+    end
+    add_message "google.cloud.security.privateca.v1.UpdateCertificateRevocationListRequest" do
+      optional :certificate_revocation_list, :message, 1, "google.cloud.security.privateca.v1.CertificateRevocationList"
+      optional :update_mask, :message, 2, "google.protobuf.FieldMask"
+      optional :request_id, :string, 3
+    end
+    add_message "google.cloud.security.privateca.v1.CreateCertificateTemplateRequest" do
+      optional :parent, :string, 1
+      optional :certificate_template_id, :string, 2
+      optional :certificate_template, :message, 3, "google.cloud.security.privateca.v1.CertificateTemplate"
+      optional :request_id, :string, 4
+    end
+    add_message "google.cloud.security.privateca.v1.DeleteCertificateTemplateRequest" do
+      optional :name, :string, 1
+      optional :request_id, :string, 2
+    end
+    add_message "google.cloud.security.privateca.v1.GetCertificateTemplateRequest" do
+      optional :name, :string, 1
+    end
+    add_message "google.cloud.security.privateca.v1.ListCertificateTemplatesRequest" do
+      optional :parent, :string, 1
+      optional :page_size, :int32, 2
+      optional :page_token, :string, 3
+      optional :filter, :string, 4
+      optional :order_by, :string, 5
+    end
+    add_message "google.cloud.security.privateca.v1.ListCertificateTemplatesResponse" do
+      repeated :certificate_templates, :message, 1, "google.cloud.security.privateca.v1.CertificateTemplate"
+      optional :next_page_token, :string, 2
+      repeated :unreachable, :string, 3
+    end
+    add_message "google.cloud.security.privateca.v1.UpdateCertificateTemplateRequest" do
+      optional :certificate_template, :message, 1, "google.cloud.security.privateca.v1.CertificateTemplate"
+      optional :update_mask, :message, 2, "google.protobuf.FieldMask"
+      optional :request_id, :string, 3
+    end
+    add_message "google.cloud.security.privateca.v1.OperationMetadata" do
+      optional :create_time, :message, 1, "google.protobuf.Timestamp"
+      optional :end_time, :message, 2, "google.protobuf.Timestamp"
+      optional :target, :string, 3
+      optional :verb, :string, 4
+      optional :status_message, :string, 5
+      optional :requested_cancellation, :bool, 6
+      optional :api_version, :string, 7
+    end
+  end
+end
+
+module Google
+  module Cloud
+    module Security
+      module PrivateCA
+        module V1
+          CreateCertificateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.CreateCertificateRequest").msgclass
+          GetCertificateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.GetCertificateRequest").msgclass
+          ListCertificatesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.ListCertificatesRequest").msgclass
+          ListCertificatesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.ListCertificatesResponse").msgclass
+          RevokeCertificateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.RevokeCertificateRequest").msgclass
+          UpdateCertificateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.UpdateCertificateRequest").msgclass
+          ActivateCertificateAuthorityRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.ActivateCertificateAuthorityRequest").msgclass
+          CreateCertificateAuthorityRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.CreateCertificateAuthorityRequest").msgclass
+          DisableCertificateAuthorityRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.DisableCertificateAuthorityRequest").msgclass
+          EnableCertificateAuthorityRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.EnableCertificateAuthorityRequest").msgclass
+          FetchCertificateAuthorityCsrRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.FetchCertificateAuthorityCsrRequest").msgclass
+          FetchCertificateAuthorityCsrResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.FetchCertificateAuthorityCsrResponse").msgclass
+          GetCertificateAuthorityRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.GetCertificateAuthorityRequest").msgclass
+          ListCertificateAuthoritiesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.ListCertificateAuthoritiesRequest").msgclass
+          ListCertificateAuthoritiesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.ListCertificateAuthoritiesResponse").msgclass
+          UndeleteCertificateAuthorityRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.UndeleteCertificateAuthorityRequest").msgclass
+          DeleteCertificateAuthorityRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.DeleteCertificateAuthorityRequest").msgclass
+          UpdateCertificateAuthorityRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.UpdateCertificateAuthorityRequest").msgclass
+          CreateCaPoolRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.CreateCaPoolRequest").msgclass
+          UpdateCaPoolRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.UpdateCaPoolRequest").msgclass
+          DeleteCaPoolRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.DeleteCaPoolRequest").msgclass
+          FetchCaCertsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.FetchCaCertsRequest").msgclass
+          FetchCaCertsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.FetchCaCertsResponse").msgclass
+          FetchCaCertsResponse::CertChain = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.FetchCaCertsResponse.CertChain").msgclass
+          GetCaPoolRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.GetCaPoolRequest").msgclass
+          ListCaPoolsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.ListCaPoolsRequest").msgclass
+          ListCaPoolsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.ListCaPoolsResponse").msgclass
+          GetCertificateRevocationListRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.GetCertificateRevocationListRequest").msgclass
+          ListCertificateRevocationListsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.ListCertificateRevocationListsRequest").msgclass
+          ListCertificateRevocationListsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.ListCertificateRevocationListsResponse").msgclass
+          UpdateCertificateRevocationListRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.UpdateCertificateRevocationListRequest").msgclass
+          CreateCertificateTemplateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.CreateCertificateTemplateRequest").msgclass
+          DeleteCertificateTemplateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.DeleteCertificateTemplateRequest").msgclass
+          GetCertificateTemplateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.GetCertificateTemplateRequest").msgclass
+          ListCertificateTemplatesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.ListCertificateTemplatesRequest").msgclass
+          ListCertificateTemplatesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.ListCertificateTemplatesResponse").msgclass
+          UpdateCertificateTemplateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.UpdateCertificateTemplateRequest").msgclass
+          OperationMetadata = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.security.privateca.v1.OperationMetadata").msgclass
+        end
+      end
+    end
+  end
+end

data/lib/google/cloud/security/privateca/v1/service_services_pb.rb

@@ -0,0 +1,119 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# Source: google/cloud/security/privateca/v1/service.proto for package 'Google.Cloud.Security.PrivateCA.V1'
+# Original file comments:
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'grpc'
+require 'google/cloud/security/privateca/v1/service_pb'
+
+module Google
+  module Cloud
+    module Security
+      module PrivateCA
+        module V1
+          module CertificateAuthorityService
+            # [Certificate Authority Service][google.cloud.security.privateca.v1.CertificateAuthorityService] manages private
+            # certificate authorities and issued certificates.
+            class Service
+
+              include GRPC::GenericService
+
+              self.marshal_class_method = :encode
+              self.unmarshal_class_method = :decode
+              self.service_name = 'google.cloud.security.privateca.v1.CertificateAuthorityService'
+
+              # Create a new [Certificate][google.cloud.security.privateca.v1.Certificate] in a given Project, Location from a particular
+              # [CaPool][google.cloud.security.privateca.v1.CaPool].
+              rpc :CreateCertificate, ::Google::Cloud::Security::PrivateCA::V1::CreateCertificateRequest, ::Google::Cloud::Security::PrivateCA::V1::Certificate
+              # Returns a [Certificate][google.cloud.security.privateca.v1.Certificate].
+              rpc :GetCertificate, ::Google::Cloud::Security::PrivateCA::V1::GetCertificateRequest, ::Google::Cloud::Security::PrivateCA::V1::Certificate
+              # Lists [Certificates][google.cloud.security.privateca.v1.Certificate].
+              rpc :ListCertificates, ::Google::Cloud::Security::PrivateCA::V1::ListCertificatesRequest, ::Google::Cloud::Security::PrivateCA::V1::ListCertificatesResponse
+              # Revoke a [Certificate][google.cloud.security.privateca.v1.Certificate].
+              rpc :RevokeCertificate, ::Google::Cloud::Security::PrivateCA::V1::RevokeCertificateRequest, ::Google::Cloud::Security::PrivateCA::V1::Certificate
+              # Update a [Certificate][google.cloud.security.privateca.v1.Certificate]. Currently, the only field you can update is the
+              # [labels][google.cloud.security.privateca.v1.Certificate.labels] field.
+              rpc :UpdateCertificate, ::Google::Cloud::Security::PrivateCA::V1::UpdateCertificateRequest, ::Google::Cloud::Security::PrivateCA::V1::Certificate
+              # Activate a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] that is in state
+              # [AWAITING_USER_ACTIVATION][google.cloud.security.privateca.v1.CertificateAuthority.State.AWAITING_USER_ACTIVATION]
+              # and is of type [SUBORDINATE][google.cloud.security.privateca.v1.CertificateAuthority.Type.SUBORDINATE]. After
+              # the parent Certificate Authority signs a certificate signing request from
+              # [FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr], this method can complete the activation
+              # process.
+              rpc :ActivateCertificateAuthority, ::Google::Cloud::Security::PrivateCA::V1::ActivateCertificateAuthorityRequest, ::Google::Longrunning::Operation
+              # Create a new [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in a given Project and Location.
+              rpc :CreateCertificateAuthority, ::Google::Cloud::Security::PrivateCA::V1::CreateCertificateAuthorityRequest, ::Google::Longrunning::Operation
+              # Disable a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
+              rpc :DisableCertificateAuthority, ::Google::Cloud::Security::PrivateCA::V1::DisableCertificateAuthorityRequest, ::Google::Longrunning::Operation
+              # Enable a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
+              rpc :EnableCertificateAuthority, ::Google::Cloud::Security::PrivateCA::V1::EnableCertificateAuthorityRequest, ::Google::Longrunning::Operation
+              # Fetch a certificate signing request (CSR) from a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
+              # that is in state
+              # [AWAITING_USER_ACTIVATION][google.cloud.security.privateca.v1.CertificateAuthority.State.AWAITING_USER_ACTIVATION]
+              # and is of type [SUBORDINATE][google.cloud.security.privateca.v1.CertificateAuthority.Type.SUBORDINATE]. The
+              # CSR must then be signed by the desired parent Certificate Authority, which
+              # could be another [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] resource, or could be an on-prem
+              # certificate authority. See also [ActivateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.ActivateCertificateAuthority].
+              rpc :FetchCertificateAuthorityCsr, ::Google::Cloud::Security::PrivateCA::V1::FetchCertificateAuthorityCsrRequest, ::Google::Cloud::Security::PrivateCA::V1::FetchCertificateAuthorityCsrResponse
+              # Returns a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
+              rpc :GetCertificateAuthority, ::Google::Cloud::Security::PrivateCA::V1::GetCertificateAuthorityRequest, ::Google::Cloud::Security::PrivateCA::V1::CertificateAuthority
+              # Lists [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority].
+              rpc :ListCertificateAuthorities, ::Google::Cloud::Security::PrivateCA::V1::ListCertificateAuthoritiesRequest, ::Google::Cloud::Security::PrivateCA::V1::ListCertificateAuthoritiesResponse
+              # Undelete a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] that has been deleted.
+              rpc :UndeleteCertificateAuthority, ::Google::Cloud::Security::PrivateCA::V1::UndeleteCertificateAuthorityRequest, ::Google::Longrunning::Operation
+              # Delete a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
+              rpc :DeleteCertificateAuthority, ::Google::Cloud::Security::PrivateCA::V1::DeleteCertificateAuthorityRequest, ::Google::Longrunning::Operation
+              # Update a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
+              rpc :UpdateCertificateAuthority, ::Google::Cloud::Security::PrivateCA::V1::UpdateCertificateAuthorityRequest, ::Google::Longrunning::Operation
+              # Create a [CaPool][google.cloud.security.privateca.v1.CaPool].
+              rpc :CreateCaPool, ::Google::Cloud::Security::PrivateCA::V1::CreateCaPoolRequest, ::Google::Longrunning::Operation
+              # Update a [CaPool][google.cloud.security.privateca.v1.CaPool].
+              rpc :UpdateCaPool, ::Google::Cloud::Security::PrivateCA::V1::UpdateCaPoolRequest, ::Google::Longrunning::Operation
+              # Returns a [CaPool][google.cloud.security.privateca.v1.CaPool].
+              rpc :GetCaPool, ::Google::Cloud::Security::PrivateCA::V1::GetCaPoolRequest, ::Google::Cloud::Security::PrivateCA::V1::CaPool
+              # Lists [CaPools][google.cloud.security.privateca.v1.CaPool].
+              rpc :ListCaPools, ::Google::Cloud::Security::PrivateCA::V1::ListCaPoolsRequest, ::Google::Cloud::Security::PrivateCA::V1::ListCaPoolsResponse
+              # Delete a [CaPool][google.cloud.security.privateca.v1.CaPool].
+              rpc :DeleteCaPool, ::Google::Cloud::Security::PrivateCA::V1::DeleteCaPoolRequest, ::Google::Longrunning::Operation
+              # FetchCaCerts returns the current trust anchor for the [CaPool][google.cloud.security.privateca.v1.CaPool]. This will
+              # include CA certificate chains for all ACTIVE [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
+              # resources in the [CaPool][google.cloud.security.privateca.v1.CaPool].
+              rpc :FetchCaCerts, ::Google::Cloud::Security::PrivateCA::V1::FetchCaCertsRequest, ::Google::Cloud::Security::PrivateCA::V1::FetchCaCertsResponse
+              # Returns a [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
+              rpc :GetCertificateRevocationList, ::Google::Cloud::Security::PrivateCA::V1::GetCertificateRevocationListRequest, ::Google::Cloud::Security::PrivateCA::V1::CertificateRevocationList
+              # Lists [CertificateRevocationLists][google.cloud.security.privateca.v1.CertificateRevocationList].
+              rpc :ListCertificateRevocationLists, ::Google::Cloud::Security::PrivateCA::V1::ListCertificateRevocationListsRequest, ::Google::Cloud::Security::PrivateCA::V1::ListCertificateRevocationListsResponse
+              # Update a [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList].
+              rpc :UpdateCertificateRevocationList, ::Google::Cloud::Security::PrivateCA::V1::UpdateCertificateRevocationListRequest, ::Google::Longrunning::Operation
+              # Create a new [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] in a given Project and Location.
+              rpc :CreateCertificateTemplate, ::Google::Cloud::Security::PrivateCA::V1::CreateCertificateTemplateRequest, ::Google::Longrunning::Operation
+              # DeleteCertificateTemplate deletes a [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
+              rpc :DeleteCertificateTemplate, ::Google::Cloud::Security::PrivateCA::V1::DeleteCertificateTemplateRequest, ::Google::Longrunning::Operation
+              # Returns a [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
+              rpc :GetCertificateTemplate, ::Google::Cloud::Security::PrivateCA::V1::GetCertificateTemplateRequest, ::Google::Cloud::Security::PrivateCA::V1::CertificateTemplate
+              # Lists [CertificateTemplates][google.cloud.security.privateca.v1.CertificateTemplate].
+              rpc :ListCertificateTemplates, ::Google::Cloud::Security::PrivateCA::V1::ListCertificateTemplatesRequest, ::Google::Cloud::Security::PrivateCA::V1::ListCertificateTemplatesResponse
+              # Update a [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate].
+              rpc :UpdateCertificateTemplate, ::Google::Cloud::Security::PrivateCA::V1::UpdateCertificateTemplateRequest, ::Google::Longrunning::Operation
+            end
+
+            Stub = Service.rpc_stub_class
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/README.md

@@ -0,0 +1,4 @@
+# Ceritificate Authority Service V1 Protocol Buffer Documentation
+
+These files are for the YARD documentation of the generated protobuf files.
+They are not intended to be required or loaded at runtime.

data/proto_docs/google/api/field_behavior.rb

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Api
+    # An indicator of the behavior of a given field (for example, that a field
+    # is required in requests, or given as output but ignored as input).
+    # This **does not** change the behavior in protocol buffers itself; it only
+    # denotes the behavior and may affect how API tooling handles the field.
+    #
+    # Note: This enum **may** receive new values in the future.
+    module FieldBehavior
+      # Conventional default for enums. Do not use this.
+      FIELD_BEHAVIOR_UNSPECIFIED = 0
+
+      # Specifically denotes a field as optional.
+      # While all fields in protocol buffers are optional, this may be specified
+      # for emphasis if appropriate.
+      OPTIONAL = 1
+
+      # Denotes a field as required.
+      # This indicates that the field **must** be provided as part of the request,
+      # and failure to do so will cause an error (usually `INVALID_ARGUMENT`).
+      REQUIRED = 2
+
+      # Denotes a field as output only.
+      # This indicates that the field is provided in responses, but including the
+      # field in a request does nothing (the server *must* ignore it and
+      # *must not* throw an error as a result of the field's presence).
+      OUTPUT_ONLY = 3
+
+      # Denotes a field as input only.
+      # This indicates that the field is provided in requests, and the
+      # corresponding field is not included in output.
+      INPUT_ONLY = 4
+
+      # Denotes a field as immutable.
+      # This indicates that the field may be set once in a request to create a
+      # resource, but may not be changed thereafter.
+      IMMUTABLE = 5
+
+      # Denotes that a (repeated) field is an unordered list.
+      # This indicates that the service may provide the elements of the list
+      # in any arbitrary  order, rather than the order the user originally
+      # provided. Additionally, the list's order may or may not be stable.
+      UNORDERED_LIST = 6
+    end
+  end
+end

data/proto_docs/google/api/resource.rb

@@ -0,0 +1,283 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Api
+    # A simple descriptor of a resource type.
+    #
+    # ResourceDescriptor annotates a resource message (either by means of a
+    # protobuf annotation or use in the service config), and associates the
+    # resource's schema, the resource type, and the pattern of the resource name.
+    #
+    # Example:
+    #
+    #     message Topic {
+    #       // Indicates this message defines a resource schema.
+    #       // Declares the resource type in the format of {service}/{kind}.
+    #       // For Kubernetes resources, the format is {api group}/{kind}.
+    #       option (google.api.resource) = {
+    #         type: "pubsub.googleapis.com/Topic"
+    #         name_descriptor: {
+    #           pattern: "projects/{project}/topics/{topic}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #           parent_name_extractor: "projects/{project}"
+    #         }
+    #       };
+    #     }
+    #
+    # The ResourceDescriptor Yaml config will look like:
+    #
+    #     resources:
+    #     - type: "pubsub.googleapis.com/Topic"
+    #       name_descriptor:
+    #         - pattern: "projects/{project}/topics/{topic}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #           parent_name_extractor: "projects/{project}"
+    #
+    # Sometimes, resources have multiple patterns, typically because they can
+    # live under multiple parents.
+    #
+    # Example:
+    #
+    #     message LogEntry {
+    #       option (google.api.resource) = {
+    #         type: "logging.googleapis.com/LogEntry"
+    #         name_descriptor: {
+    #           pattern: "projects/{project}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #           parent_name_extractor: "projects/{project}"
+    #         }
+    #         name_descriptor: {
+    #           pattern: "folders/{folder}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
+    #           parent_name_extractor: "folders/{folder}"
+    #         }
+    #         name_descriptor: {
+    #           pattern: "organizations/{organization}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Organization"
+    #           parent_name_extractor: "organizations/{organization}"
+    #         }
+    #         name_descriptor: {
+    #           pattern: "billingAccounts/{billing_account}/logs/{log}"
+    #           parent_type: "billing.googleapis.com/BillingAccount"
+    #           parent_name_extractor: "billingAccounts/{billing_account}"
+    #         }
+    #       };
+    #     }
+    #
+    # The ResourceDescriptor Yaml config will look like:
+    #
+    #     resources:
+    #     - type: 'logging.googleapis.com/LogEntry'
+    #       name_descriptor:
+    #         - pattern: "projects/{project}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #           parent_name_extractor: "projects/{project}"
+    #         - pattern: "folders/{folder}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
+    #           parent_name_extractor: "folders/{folder}"
+    #         - pattern: "organizations/{organization}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Organization"
+    #           parent_name_extractor: "organizations/{organization}"
+    #         - pattern: "billingAccounts/{billing_account}/logs/{log}"
+    #           parent_type: "billing.googleapis.com/BillingAccount"
+    #           parent_name_extractor: "billingAccounts/{billing_account}"
+    #
+    # For flexible resources, the resource name doesn't contain parent names, but
+    # the resource itself has parents for policy evaluation.
+    #
+    # Example:
+    #
+    #     message Shelf {
+    #       option (google.api.resource) = {
+    #         type: "library.googleapis.com/Shelf"
+    #         name_descriptor: {
+    #           pattern: "shelves/{shelf}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #         }
+    #         name_descriptor: {
+    #           pattern: "shelves/{shelf}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
+    #         }
+    #       };
+    #     }
+    #
+    # The ResourceDescriptor Yaml config will look like:
+    #
+    #     resources:
+    #     - type: 'library.googleapis.com/Shelf'
+    #       name_descriptor:
+    #         - pattern: "shelves/{shelf}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #         - pattern: "shelves/{shelf}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
+    # @!attribute [rw] type
+    #   @return [::String]
+    #     The resource type. It must be in the format of
+    #     \\{service_name}/\\{resource_type_kind}. The `resource_type_kind` must be
+    #     singular and must not include version numbers.
+    #
+    #     Example: `storage.googleapis.com/Bucket`
+    #
+    #     The value of the resource_type_kind must follow the regular expression
+    #     /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and
+    #     should use PascalCase (UpperCamelCase). The maximum number of
+    #     characters allowed for the `resource_type_kind` is 100.
+    # @!attribute [rw] pattern
+    #   @return [::Array<::String>]
+    #     Optional. The relative resource name pattern associated with this resource
+    #     type. The DNS prefix of the full resource name shouldn't be specified here.
+    #
+    #     The path pattern must follow the syntax, which aligns with HTTP binding
+    #     syntax:
+    #
+    #         Template = Segment { "/" Segment } ;
+    #         Segment = LITERAL | Variable ;
+    #         Variable = "{" LITERAL "}" ;
+    #
+    #     Examples:
+    #
+    #         - "projects/\\{project}/topics/\\{topic}"
+    #         - "projects/\\{project}/knowledgeBases/\\{knowledge_base}"
+    #
+    #     The components in braces correspond to the IDs for each resource in the
+    #     hierarchy. It is expected that, if multiple patterns are provided,
+    #     the same component name (e.g. "project") refers to IDs of the same
+    #     type of resource.
+    # @!attribute [rw] name_field
+    #   @return [::String]
+    #     Optional. The field on the resource that designates the resource name
+    #     field. If omitted, this is assumed to be "name".
+    # @!attribute [rw] history
+    #   @return [::Google::Api::ResourceDescriptor::History]
+    #     Optional. The historical or future-looking state of the resource pattern.
+    #
+    #     Example:
+    #
+    #         // The InspectTemplate message originally only supported resource
+    #         // names with organization, and project was added later.
+    #         message InspectTemplate {
+    #           option (google.api.resource) = {
+    #             type: "dlp.googleapis.com/InspectTemplate"
+    #             pattern:
+    #             "organizations/{organization}/inspectTemplates/{inspect_template}"
+    #             pattern: "projects/{project}/inspectTemplates/{inspect_template}"
+    #             history: ORIGINALLY_SINGLE_PATTERN
+    #           };
+    #         }
+    # @!attribute [rw] plural
+    #   @return [::String]
+    #     The plural name used in the resource name and permission names, such as
+    #     'projects' for the resource name of 'projects/\\{project}' and the permission
+    #     name of 'cloudresourcemanager.googleapis.com/projects.get'. It is the same
+    #     concept of the `plural` field in k8s CRD spec
+    #     https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
+    #
+    #     Note: The plural form is required even for singleton resources. See
+    #     https://aip.dev/156
+    # @!attribute [rw] singular
+    #   @return [::String]
+    #     The same concept of the `singular` field in k8s CRD spec
+    #     https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
+    #     Such as "project" for the `resourcemanager.googleapis.com/Project` type.
+    # @!attribute [rw] style
+    #   @return [::Array<::Google::Api::ResourceDescriptor::Style>]
+    #     Style flag(s) for this resource.
+    #     These indicate that a resource is expected to conform to a given
+    #     style. See the specific style flags for additional information.
+    class ResourceDescriptor
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # A description of the historical or future-looking state of the
+      # resource pattern.
+      module History
+        # The "unset" value.
+        HISTORY_UNSPECIFIED = 0
+
+        # The resource originally had one pattern and launched as such, and
+        # additional patterns were added later.
+        ORIGINALLY_SINGLE_PATTERN = 1
+
+        # The resource has one pattern, but the API owner expects to add more
+        # later. (This is the inverse of ORIGINALLY_SINGLE_PATTERN, and prevents
+        # that from being necessary once there are multiple patterns.)
+        FUTURE_MULTI_PATTERN = 2
+      end
+
+      # A flag representing a specific style that a resource claims to conform to.
+      module Style
+        # The unspecified value. Do not use.
+        STYLE_UNSPECIFIED = 0
+
+        # This resource is intended to be "declarative-friendly".
+        #
+        # Declarative-friendly resources must be more strictly consistent, and
+        # setting this to true communicates to tools that this resource should
+        # adhere to declarative-friendly expectations.
+        #
+        # Note: This is used by the API linter (linter.aip.dev) to enable
+        # additional checks.
+        DECLARATIVE_FRIENDLY = 1
+      end
+    end
+
+    # Defines a proto annotation that describes a string field that refers to
+    # an API resource.
+    # @!attribute [rw] type
+    #   @return [::String]
+    #     The resource type that the annotated field references.
+    #
+    #     Example:
+    #
+    #         message Subscription {
+    #           string topic = 2 [(google.api.resource_reference) = {
+    #             type: "pubsub.googleapis.com/Topic"
+    #           }];
+    #         }
+    #
+    #     Occasionally, a field may reference an arbitrary resource. In this case,
+    #     APIs use the special value * in their resource reference.
+    #
+    #     Example:
+    #
+    #         message GetIamPolicyRequest {
+    #           string resource = 2 [(google.api.resource_reference) = {
+    #             type: "*"
+    #           }];
+    #         }
+    # @!attribute [rw] child_type
+    #   @return [::String]
+    #     The resource type of a child collection that the annotated field
+    #     references. This is useful for annotating the `parent` field that
+    #     doesn't have a fixed resource type.
+    #
+    #     Example:
+    #
+    #         message ListLogEntriesRequest {
+    #           string parent = 1 [(google.api.resource_reference) = {
+    #             child_type: "logging.googleapis.com/LogEntry"
+    #           };
+    #         }
+    class ResourceReference
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end