google-cloud-security_center-v1p1beta1 0.12.0 → 0.13.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 86db7fc959e9992ff6475d26ee9a956f0ec341d3d3accd724cc7f8a35988cabf
4
- data.tar.gz: 5304790f8097518ac07ad2a8b3d4f71198bd0b25e9759e05d81a5ca4eca86599
3
+ metadata.gz: 12ff7bab444b8d8f8e044e7ebfeec0ad6ee0dc7699efa84b3a14e0b2c866c151
4
+ data.tar.gz: 3edaff0df0891d645fbe8a3b17002f3a275df064fed5ef5cd840364e25a5206e
5
5
  SHA512:
6
- metadata.gz: b540c8a2eee883922021dd48b036c2745c98f66444bc7bafeed530d20eb42854faa2c29a0df14cb443ab0d0ec86b191ce89928de2bccb02e2c68f34e50d2f342
7
- data.tar.gz: a163757e0ca173a8b8789cb51f392efe261ac50fe7ea9c06e4bdc77fe480e1016db36b741a10067fd09f603c9679d03f32d825c0ab40af90144f5f55128b8818
6
+ metadata.gz: 568ba025f8f3acfc2490c5577e7d8d8cd508916a04df56b675f065eceed763ebb3de08d4ee781e3236e2dc1cc0f664faeb750a411d43bb51469d8aed06c3979a
7
+ data.tar.gz: 8cfa2ffcbb5b9f9f5e5ddbbb80af200d36653aaba95ea785eaaaecfa9ff608a08872a188978f4aeafdb7b6db6c7c1546ea182f71b4e78db9baccc659809b8d39
data/AUTHENTICATION.md CHANGED
@@ -1,151 +1,122 @@
1
1
  # Authentication
2
2
 
3
- In general, the google-cloud-security_center-v1p1beta1 library uses
4
- [Service Account](https://cloud.google.com/iam/docs/creating-managing-service-accounts)
5
- credentials to connect to Google Cloud services. When running within
6
- [Google Cloud Platform environments](#google-cloud-platform-environments) the
7
- credentials will be discovered automatically. When running on other
8
- environments, the Service Account credentials can be specified by providing the
9
- path to the
10
- [JSON keyfile](https://cloud.google.com/iam/docs/managing-service-account-keys)
11
- for the account (or the JSON itself) in
12
- [environment variables](#environment-variables). Additionally, Cloud SDK
13
- credentials can also be discovered automatically, but this is only recommended
14
- during development.
3
+ The recommended way to authenticate to the google-cloud-security_center-v1p1beta1 library is to use
4
+ [Application Default Credentials (ADC)](https://cloud.google.com/docs/authentication/application-default-credentials).
5
+ To review all of your authentication options, see [Credentials lookup](#credential-lookup).
15
6
 
16
7
  ## Quickstart
17
8
 
18
- 1. [Create a service account and credentials](#creating-a-service-account).
19
- 2. Set the [environment variable](#environment-variables).
9
+ The following example shows how to set up authentication for a local development
10
+ environment with your user credentials.
20
11
 
21
- ```sh
22
- export SECURITY_CENTER_CREDENTIALS=path/to/keyfile.json
23
- ```
24
-
25
- 3. Initialize the client.
12
+ **NOTE:** This method is _not_ recommended for running in production. User credentials
13
+ should be used only during development.
26
14
 
27
- ```ruby
28
- require "google/cloud/security_center/v1p1beta1"
15
+ 1. [Download and install the Google Cloud CLI](https://cloud.google.com/sdk).
16
+ 2. Set up a local ADC file with your user credentials:
29
17
 
30
- client = ::Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Client.new
18
+ ```sh
19
+ gcloud auth application-default login
31
20
  ```
32
21
 
33
- ## Credential Lookup
34
-
35
- The google-cloud-security_center-v1p1beta1 library aims to make authentication
36
- as simple as possible, and provides several mechanisms to configure your system
37
- without requiring **Service Account Credentials** directly in code.
38
-
39
- **Credentials** are discovered in the following order:
40
-
41
- 1. Specify credentials in method arguments
42
- 2. Specify credentials in configuration
43
- 3. Discover credentials path in environment variables
44
- 4. Discover credentials JSON in environment variables
45
- 5. Discover credentials file in the Cloud SDK's path
46
- 6. Discover GCP credentials
47
-
48
- ### Google Cloud Platform environments
22
+ 3. Write code as if already authenticated.
49
23
 
50
- When running on Google Cloud Platform (GCP), including Google Compute Engine
51
- (GCE), Google Kubernetes Engine (GKE), Google App Engine (GAE), Google Cloud
52
- Functions (GCF) and Cloud Run, **Credentials** are discovered automatically.
53
- Code should be written as if already authenticated.
24
+ For more information about setting up authentication for a local development environment, see
25
+ [Set up Application Default Credentials](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-dev).
54
26
 
55
- ### Environment Variables
27
+ ## Credential Lookup
56
28
 
57
- The **Credentials JSON** can be placed in environment variables instead of
58
- declaring them directly in code. Each service has its own environment variable,
59
- allowing for different service accounts to be used for different services. (See
60
- the READMEs for the individual service gems for details.) The path to the
61
- **Credentials JSON** file can be stored in the environment variable, or the
62
- **Credentials JSON** itself can be stored for environments such as Docker
63
- containers where writing files is difficult or not encouraged.
29
+ The google-cloud-security_center-v1p1beta1 library provides several mechanisms to configure your system.
30
+ Generally, using Application Default Credentials to facilitate automatic
31
+ credentials discovery is the easist method. But if you need to explicitly specify
32
+ credentials, there are several methods available to you.
64
33
 
65
- The environment variables that google-cloud-security_center-v1p1beta1
66
- checks for credentials are configured on the service Credentials class (such as
67
- {::Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Credentials}):
34
+ Credentials are accepted in the following ways, in the following order or precedence:
68
35
 
69
- * `SECURITY_CENTER_CREDENTIALS` - Path to JSON file, or JSON contents
70
- * `SECURITY_CENTER_KEYFILE` - Path to JSON file, or JSON contents
71
- * `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
72
- * `GOOGLE_CLOUD_KEYFILE` - Path to JSON file, or JSON contents
73
- * `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
36
+ 1. Credentials specified in method arguments
37
+ 2. Credentials specified in configuration
38
+ 3. Credentials pointed to or included in environment variables
39
+ 4. Credentials found in local ADC file
40
+ 5. Credentials returned by the metadata server for the attached service account (GCP)
74
41
 
75
- ```ruby
76
- require "google/cloud/security_center/v1p1beta1"
77
-
78
- ENV["SECURITY_CENTER_CREDENTIALS"] = "path/to/keyfile.json"
42
+ ### Configuration
79
43
 
80
- client = ::Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Client.new
81
- ```
44
+ You can configure a path to a JSON credentials file, either for an individual client object or
45
+ globally, for all client objects. The JSON file can contain credentials created for
46
+ [workload identity federation](https://cloud.google.com/iam/docs/workload-identity-federation),
47
+ [workforce identity federation](https://cloud.google.com/iam/docs/workforce-identity-federation), or a
48
+ [service account key](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-key).
82
49
 
83
- ### Configuration
50
+ Note: Service account keys are a security risk if not managed correctly. You should
51
+ [choose a more secure alternative to service account keys](https://cloud.google.com/docs/authentication#auth-decision-tree)
52
+ whenever possible.
84
53
 
85
- The path to the **Credentials JSON** file can be configured instead of storing
86
- it in an environment variable. Either on an individual client initialization:
54
+ To configure a credentials file for an individual client initialization:
87
55
 
88
56
  ```ruby
89
57
  require "google/cloud/security_center/v1p1beta1"
90
58
 
91
59
  client = ::Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Client.new do |config|
92
- config.credentials = "path/to/keyfile.json"
60
+ config.credentials = "path/to/credentialfile.json"
93
61
  end
94
62
  ```
95
63
 
96
- Or globally for all clients:
64
+ To configure a credentials file globally for all clients:
97
65
 
98
66
  ```ruby
99
67
  require "google/cloud/security_center/v1p1beta1"
100
68
 
101
69
  ::Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Client.configure do |config|
102
- config.credentials = "path/to/keyfile.json"
70
+ config.credentials = "path/to/credentialfile.json"
103
71
  end
104
72
 
105
73
  client = ::Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Client.new
106
74
  ```
107
75
 
108
- ### Cloud SDK
76
+ ### Environment Variables
109
77
 
110
- This option allows for an easy way to authenticate during development. If
111
- credentials are not provided in code or in environment variables, then Cloud SDK
112
- credentials are discovered.
78
+ You can also use an environment variable to provide a JSON credentials file.
79
+ The environment variable can contain a path to the credentials file or, for
80
+ environments such as Docker containers where writing files is not encouraged,
81
+ you can include the credentials file itself.
113
82
 
114
- To configure your system for this, simply:
83
+ The JSON file can contain credentials created for
84
+ [workload identity federation](https://cloud.google.com/iam/docs/workload-identity-federation),
85
+ [workforce identity federation](https://cloud.google.com/iam/docs/workforce-identity-federation), or a
86
+ [service account key](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-key).
115
87
 
116
- 1. [Download and install the Cloud SDK](https://cloud.google.com/sdk)
117
- 2. Authenticate using OAuth 2.0 `$ gcloud auth application-default login`
118
- 3. Write code as if already authenticated.
88
+ Note: Service account keys are a security risk if not managed correctly. You should
89
+ [choose a more secure alternative to service account keys](https://cloud.google.com/docs/authentication#auth-decision-tree)
90
+ whenever possible.
91
+
92
+ The environment variables that google-cloud-security_center-v1p1beta1
93
+ checks for credentials are:
119
94
 
120
- **NOTE:** This is _not_ recommended for running in production. The Cloud SDK
121
- *should* only be used during development.
95
+ * `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
96
+ * `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
122
97
 
123
- ## Creating a Service Account
98
+ ```ruby
99
+ require "google/cloud/security_center/v1p1beta1"
124
100
 
125
- Google Cloud requires **Service Account Credentials** to
126
- connect to the APIs. You will use the **JSON key file** to
127
- connect to most services with google-cloud-security_center-v1p1beta1.
101
+ ENV["GOOGLE_APPLICATION_CREDENTIALS"] = "path/to/credentialfile.json"
128
102
 
129
- If you are not running this client within
130
- [Google Cloud Platform environments](#google-cloud-platform-environments), you
131
- need a Google Developers service account.
103
+ client = ::Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Client.new
104
+ ```
132
105
 
133
- 1. Visit the [Google Cloud Console](https://console.cloud.google.com/project).
134
- 2. Create a new project or click on an existing project.
135
- 3. Activate the menu in the upper left and select **APIs & Services**. From
136
- here, you will enable the APIs that your application requires.
106
+ ### Local ADC file
137
107
 
138
- *Note: You may need to enable billing in order to use these services.*
108
+ You can set up a local ADC file with your user credentials for authentication during
109
+ development. If credentials are not provided in code or in environment variables,
110
+ then the local ADC credentials are discovered.
139
111
 
140
- 4. Select **Credentials** from the side navigation.
112
+ Follow the steps in [Quickstart](#quickstart) to set up a local ADC file.
141
113
 
142
- Find the "Create credentials" drop down near the top of the page, and select
143
- "Service account" to be guided through downloading a new JSON key file.
114
+ ### Google Cloud Platform environments
144
115
 
145
- If you want to re-use an existing service account, you can easily generate a
146
- new key file. Just select the account you wish to re-use, click the pencil
147
- tool on the right side to edit the service account, select the **Keys** tab,
148
- and then select **Add Key**.
116
+ When running on Google Cloud Platform (GCP), including Google Compute Engine
117
+ (GCE), Google Kubernetes Engine (GKE), Google App Engine (GAE), Google Cloud
118
+ Functions (GCF) and Cloud Run, credentials are retrieved from the attached
119
+ service account automatically. Code should be written as if already authenticated.
149
120
 
150
- The key file you download will be used by this library to authenticate API
151
- requests and should be stored in a secure location.
121
+ For more information, see
122
+ [Set up ADC for Google Cloud services](https://cloud.google.com/docs/authentication/provide-credentials-adc#attached-sa).
@@ -30,6 +30,9 @@ module Google
30
30
  # V1p1Beta1 APIs for Security Center service.
31
31
  #
32
32
  class Client
33
+ # @private
34
+ DEFAULT_ENDPOINT_TEMPLATE = "securitycenter.$UNIVERSE_DOMAIN$"
35
+
33
36
  include Paths
34
37
 
35
38
  # @private
@@ -169,6 +172,15 @@ module Google
169
172
  @config
170
173
  end
171
174
 
175
+ ##
176
+ # The effective universe domain
177
+ #
178
+ # @return [String]
179
+ #
180
+ def universe_domain
181
+ @security_center_stub.universe_domain
182
+ end
183
+
172
184
  ##
173
185
  # Create a new SecurityCenter client object.
174
186
  #
@@ -202,8 +214,9 @@ module Google
202
214
  credentials = @config.credentials
203
215
  # Use self-signed JWT if the endpoint is unchanged from default,
204
216
  # but only if the default endpoint does not have a region prefix.
205
- enable_self_signed_jwt = @config.endpoint == Configuration::DEFAULT_ENDPOINT &&
206
- !@config.endpoint.split(".").first.include?("-")
217
+ enable_self_signed_jwt = @config.endpoint.nil? ||
218
+ (@config.endpoint == Configuration::DEFAULT_ENDPOINT &&
219
+ !@config.endpoint.split(".").first.include?("-"))
207
220
  credentials ||= Credentials.default scope: @config.scope,
208
221
  enable_self_signed_jwt: enable_self_signed_jwt
209
222
  if credentials.is_a?(::String) || credentials.is_a?(::Hash)
@@ -216,12 +229,15 @@ module Google
216
229
  config.credentials = credentials
217
230
  config.quota_project = @quota_project_id
218
231
  config.endpoint = @config.endpoint
232
+ config.universe_domain = @config.universe_domain
219
233
  end
220
234
 
221
235
  @security_center_stub = ::Gapic::ServiceStub.new(
222
236
  ::Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Stub,
223
- credentials: credentials,
224
- endpoint: @config.endpoint,
237
+ credentials: credentials,
238
+ endpoint: @config.endpoint,
239
+ endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
240
+ universe_domain: @config.universe_domain,
225
241
  channel_args: @config.channel_args,
226
242
  interceptors: @config.interceptors,
227
243
  channel_pool_config: @config.channel_pool
@@ -2874,9 +2890,9 @@ module Google
2874
2890
  # end
2875
2891
  #
2876
2892
  # @!attribute [rw] endpoint
2877
- # The hostname or hostname:port of the service endpoint.
2878
- # Defaults to `"securitycenter.googleapis.com"`.
2879
- # @return [::String]
2893
+ # A custom service endpoint, as a hostname or hostname:port. The default is
2894
+ # nil, indicating to use the default endpoint in the current universe domain.
2895
+ # @return [::String,nil]
2880
2896
  # @!attribute [rw] credentials
2881
2897
  # Credentials to send with calls. You may provide any of the following types:
2882
2898
  # * (`String`) The path to a service account key file in JSON format
@@ -2922,13 +2938,20 @@ module Google
2922
2938
  # @!attribute [rw] quota_project
2923
2939
  # A separate project against which to charge quota.
2924
2940
  # @return [::String]
2941
+ # @!attribute [rw] universe_domain
2942
+ # The universe domain within which to make requests. This determines the
2943
+ # default endpoint URL. The default value of nil uses the environment
2944
+ # universe (usually the default "googleapis.com" universe).
2945
+ # @return [::String,nil]
2925
2946
  #
2926
2947
  class Configuration
2927
2948
  extend ::Gapic::Config
2928
2949
 
2950
+ # @private
2951
+ # The endpoint specific to the default "googleapis.com" universe. Deprecated.
2929
2952
  DEFAULT_ENDPOINT = "securitycenter.googleapis.com"
2930
2953
 
2931
- config_attr :endpoint, DEFAULT_ENDPOINT, ::String
2954
+ config_attr :endpoint, nil, ::String, nil
2932
2955
  config_attr :credentials, nil do |value|
2933
2956
  allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
2934
2957
  allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC
@@ -2943,6 +2966,7 @@ module Google
2943
2966
  config_attr :metadata, nil, ::Hash, nil
2944
2967
  config_attr :retry_policy, nil, ::Hash, ::Proc, nil
2945
2968
  config_attr :quota_project, nil, ::String, nil
2969
+ config_attr :universe_domain, nil, ::String, nil
2946
2970
 
2947
2971
  # @private
2948
2972
  def initialize parent_config = nil
@@ -26,6 +26,9 @@ module Google
26
26
  module SecurityCenter
27
27
  # Service that implements Longrunning Operations API.
28
28
  class Operations
29
+ # @private
30
+ DEFAULT_ENDPOINT_TEMPLATE = "securitycenter.$UNIVERSE_DOMAIN$"
31
+
29
32
  # @private
30
33
  attr_reader :operations_stub
31
34
 
@@ -60,6 +63,15 @@ module Google
60
63
  @config
61
64
  end
62
65
 
66
+ ##
67
+ # The effective universe domain
68
+ #
69
+ # @return [String]
70
+ #
71
+ def universe_domain
72
+ @operations_stub.universe_domain
73
+ end
74
+
63
75
  ##
64
76
  # Create a new Operations client object.
65
77
  #
@@ -90,8 +102,10 @@ module Google
90
102
 
91
103
  @operations_stub = ::Gapic::ServiceStub.new(
92
104
  ::Google::Longrunning::Operations::Stub,
93
- credentials: credentials,
94
- endpoint: @config.endpoint,
105
+ credentials: credentials,
106
+ endpoint: @config.endpoint,
107
+ endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
108
+ universe_domain: @config.universe_domain,
95
109
  channel_args: @config.channel_args,
96
110
  interceptors: @config.interceptors,
97
111
  channel_pool_config: @config.channel_pool
@@ -613,9 +627,9 @@ module Google
613
627
  # end
614
628
  #
615
629
  # @!attribute [rw] endpoint
616
- # The hostname or hostname:port of the service endpoint.
617
- # Defaults to `"securitycenter.googleapis.com"`.
618
- # @return [::String]
630
+ # A custom service endpoint, as a hostname or hostname:port. The default is
631
+ # nil, indicating to use the default endpoint in the current universe domain.
632
+ # @return [::String,nil]
619
633
  # @!attribute [rw] credentials
620
634
  # Credentials to send with calls. You may provide any of the following types:
621
635
  # * (`String`) The path to a service account key file in JSON format
@@ -661,13 +675,20 @@ module Google
661
675
  # @!attribute [rw] quota_project
662
676
  # A separate project against which to charge quota.
663
677
  # @return [::String]
678
+ # @!attribute [rw] universe_domain
679
+ # The universe domain within which to make requests. This determines the
680
+ # default endpoint URL. The default value of nil uses the environment
681
+ # universe (usually the default "googleapis.com" universe).
682
+ # @return [::String,nil]
664
683
  #
665
684
  class Configuration
666
685
  extend ::Gapic::Config
667
686
 
687
+ # @private
688
+ # The endpoint specific to the default "googleapis.com" universe. Deprecated.
668
689
  DEFAULT_ENDPOINT = "securitycenter.googleapis.com"
669
690
 
670
- config_attr :endpoint, DEFAULT_ENDPOINT, ::String
691
+ config_attr :endpoint, nil, ::String, nil
671
692
  config_attr :credentials, nil do |value|
672
693
  allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
673
694
  allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC
@@ -682,6 +703,7 @@ module Google
682
703
  config_attr :metadata, nil, ::Hash, nil
683
704
  config_attr :retry_policy, nil, ::Hash, ::Proc, nil
684
705
  config_attr :quota_project, nil, ::String, nil
706
+ config_attr :universe_domain, nil, ::String, nil
685
707
 
686
708
  # @private
687
709
  def initialize parent_config = nil
@@ -32,6 +32,9 @@ module Google
32
32
  # V1p1Beta1 APIs for Security Center service.
33
33
  #
34
34
  class Client
35
+ # @private
36
+ DEFAULT_ENDPOINT_TEMPLATE = "securitycenter.$UNIVERSE_DOMAIN$"
37
+
35
38
  include Paths
36
39
 
37
40
  # @private
@@ -171,6 +174,15 @@ module Google
171
174
  @config
172
175
  end
173
176
 
177
+ ##
178
+ # The effective universe domain
179
+ #
180
+ # @return [String]
181
+ #
182
+ def universe_domain
183
+ @security_center_stub.universe_domain
184
+ end
185
+
174
186
  ##
175
187
  # Create a new SecurityCenter REST client object.
176
188
  #
@@ -198,8 +210,9 @@ module Google
198
210
  credentials = @config.credentials
199
211
  # Use self-signed JWT if the endpoint is unchanged from default,
200
212
  # but only if the default endpoint does not have a region prefix.
201
- enable_self_signed_jwt = @config.endpoint == Configuration::DEFAULT_ENDPOINT &&
202
- !@config.endpoint.split(".").first.include?("-")
213
+ enable_self_signed_jwt = @config.endpoint.nil? ||
214
+ (@config.endpoint == Configuration::DEFAULT_ENDPOINT &&
215
+ !@config.endpoint.split(".").first.include?("-"))
203
216
  credentials ||= Credentials.default scope: @config.scope,
204
217
  enable_self_signed_jwt: enable_self_signed_jwt
205
218
  if credentials.is_a?(::String) || credentials.is_a?(::Hash)
@@ -213,9 +226,15 @@ module Google
213
226
  config.credentials = credentials
214
227
  config.quota_project = @quota_project_id
215
228
  config.endpoint = @config.endpoint
229
+ config.universe_domain = @config.universe_domain
216
230
  end
217
231
 
218
- @security_center_stub = ::Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Rest::ServiceStub.new endpoint: @config.endpoint, credentials: credentials
232
+ @security_center_stub = ::Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Rest::ServiceStub.new(
233
+ endpoint: @config.endpoint,
234
+ endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
235
+ universe_domain: @config.universe_domain,
236
+ credentials: credentials
237
+ )
219
238
  end
220
239
 
221
240
  ##
@@ -2703,9 +2722,9 @@ module Google
2703
2722
  # end
2704
2723
  #
2705
2724
  # @!attribute [rw] endpoint
2706
- # The hostname or hostname:port of the service endpoint.
2707
- # Defaults to `"securitycenter.googleapis.com"`.
2708
- # @return [::String]
2725
+ # A custom service endpoint, as a hostname or hostname:port. The default is
2726
+ # nil, indicating to use the default endpoint in the current universe domain.
2727
+ # @return [::String,nil]
2709
2728
  # @!attribute [rw] credentials
2710
2729
  # Credentials to send with calls. You may provide any of the following types:
2711
2730
  # * (`String`) The path to a service account key file in JSON format
@@ -2742,13 +2761,20 @@ module Google
2742
2761
  # @!attribute [rw] quota_project
2743
2762
  # A separate project against which to charge quota.
2744
2763
  # @return [::String]
2764
+ # @!attribute [rw] universe_domain
2765
+ # The universe domain within which to make requests. This determines the
2766
+ # default endpoint URL. The default value of nil uses the environment
2767
+ # universe (usually the default "googleapis.com" universe).
2768
+ # @return [::String,nil]
2745
2769
  #
2746
2770
  class Configuration
2747
2771
  extend ::Gapic::Config
2748
2772
 
2773
+ # @private
2774
+ # The endpoint specific to the default "googleapis.com" universe. Deprecated.
2749
2775
  DEFAULT_ENDPOINT = "securitycenter.googleapis.com"
2750
2776
 
2751
- config_attr :endpoint, DEFAULT_ENDPOINT, ::String
2777
+ config_attr :endpoint, nil, ::String, nil
2752
2778
  config_attr :credentials, nil do |value|
2753
2779
  allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
2754
2780
  allowed.any? { |klass| klass === value }
@@ -2760,6 +2786,7 @@ module Google
2760
2786
  config_attr :metadata, nil, ::Hash, nil
2761
2787
  config_attr :retry_policy, nil, ::Hash, ::Proc, nil
2762
2788
  config_attr :quota_project, nil, ::String, nil
2789
+ config_attr :universe_domain, nil, ::String, nil
2763
2790
 
2764
2791
  # @private
2765
2792
  def initialize parent_config = nil
@@ -26,6 +26,9 @@ module Google
26
26
  module Rest
27
27
  # Service that implements Longrunning Operations API.
28
28
  class Operations
29
+ # @private
30
+ DEFAULT_ENDPOINT_TEMPLATE = "securitycenter.$UNIVERSE_DOMAIN$"
31
+
29
32
  # @private
30
33
  attr_reader :operations_stub
31
34
 
@@ -60,6 +63,15 @@ module Google
60
63
  @config
61
64
  end
62
65
 
66
+ ##
67
+ # The effective universe domain
68
+ #
69
+ # @return [String]
70
+ #
71
+ def universe_domain
72
+ @operations_stub.universe_domain
73
+ end
74
+
63
75
  ##
64
76
  # Create a new Operations client object.
65
77
  #
@@ -84,8 +96,10 @@ module Google
84
96
  @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id
85
97
 
86
98
  @operations_stub = OperationsServiceStub.new(
87
- endpoint: @config.endpoint,
88
- credentials: credentials
99
+ endpoint: @config.endpoint,
100
+ endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
101
+ universe_domain: @config.universe_domain,
102
+ credentials: credentials
89
103
  )
90
104
 
91
105
  # Used by an LRO wrapper for some methods of this service
@@ -478,9 +492,9 @@ module Google
478
492
  # end
479
493
  #
480
494
  # @!attribute [rw] endpoint
481
- # The hostname or hostname:port of the service endpoint.
482
- # Defaults to `"securitycenter.googleapis.com"`.
483
- # @return [::String]
495
+ # A custom service endpoint, as a hostname or hostname:port. The default is
496
+ # nil, indicating to use the default endpoint in the current universe domain.
497
+ # @return [::String,nil]
484
498
  # @!attribute [rw] credentials
485
499
  # Credentials to send with calls. You may provide any of the following types:
486
500
  # * (`String`) The path to a service account key file in JSON format
@@ -517,13 +531,20 @@ module Google
517
531
  # @!attribute [rw] quota_project
518
532
  # A separate project against which to charge quota.
519
533
  # @return [::String]
534
+ # @!attribute [rw] universe_domain
535
+ # The universe domain within which to make requests. This determines the
536
+ # default endpoint URL. The default value of nil uses the environment
537
+ # universe (usually the default "googleapis.com" universe).
538
+ # @return [::String,nil]
520
539
  #
521
540
  class Configuration
522
541
  extend ::Gapic::Config
523
542
 
543
+ # @private
544
+ # The endpoint specific to the default "googleapis.com" universe. Deprecated.
524
545
  DEFAULT_ENDPOINT = "securitycenter.googleapis.com"
525
546
 
526
- config_attr :endpoint, DEFAULT_ENDPOINT, ::String
547
+ config_attr :endpoint, nil, ::String, nil
527
548
  config_attr :credentials, nil do |value|
528
549
  allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
529
550
  allowed.any? { |klass| klass === value }
@@ -535,6 +556,7 @@ module Google
535
556
  config_attr :metadata, nil, ::Hash, nil
536
557
  config_attr :retry_policy, nil, ::Hash, ::Proc, nil
537
558
  config_attr :quota_project, nil, ::String, nil
559
+ config_attr :universe_domain, nil, ::String, nil
538
560
 
539
561
  # @private
540
562
  def initialize parent_config = nil
@@ -617,12 +639,15 @@ module Google
617
639
  # Service stub contains baseline method implementations
618
640
  # including transcoding, making the REST call, and deserialing the response.
619
641
  class OperationsServiceStub
620
- def initialize endpoint:, credentials:
642
+ def initialize endpoint:, endpoint_template:, universe_domain:, credentials:
621
643
  # These require statements are intentionally placed here to initialize
622
644
  # the REST modules only when it's required.
623
645
  require "gapic/rest"
624
646
 
625
- @client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint, credentials: credentials
647
+ @client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint,
648
+ endpoint_template: endpoint_template,
649
+ universe_domain: universe_domain,
650
+ credentials: credentials
626
651
  end
627
652
 
628
653
  ##
@@ -30,16 +30,28 @@ module Google
30
30
  # including transcoding, making the REST call, and deserialing the response.
31
31
  #
32
32
  class ServiceStub
33
- def initialize endpoint:, credentials:
33
+ def initialize endpoint:, endpoint_template:, universe_domain:, credentials:
34
34
  # These require statements are intentionally placed here to initialize
35
35
  # the REST modules only when it's required.
36
36
  require "gapic/rest"
37
37
 
38
- @client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint, credentials: credentials,
38
+ @client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint,
39
+ endpoint_template: endpoint_template,
40
+ universe_domain: universe_domain,
41
+ credentials: credentials,
39
42
  numeric_enums: true,
40
43
  raise_faraday_errors: false
41
44
  end
42
45
 
46
+ ##
47
+ # The effective universe domain
48
+ #
49
+ # @return [String]
50
+ #
51
+ def universe_domain
52
+ @client_stub.universe_domain
53
+ end
54
+
43
55
  ##
44
56
  # Baseline implementation for the create_source REST call
45
57
  #
@@ -21,7 +21,7 @@ module Google
21
21
  module Cloud
22
22
  module SecurityCenter
23
23
  module V1p1beta1
24
- VERSION = "0.12.0"
24
+ VERSION = "0.13.0"
25
25
  end
26
26
  end
27
27
  end
@@ -21,6 +21,7 @@ module Google
21
21
  module Api
22
22
  # Required information for every language.
23
23
  # @!attribute [rw] reference_docs_uri
24
+ # @deprecated This field is deprecated and may be removed in the next major version update.
24
25
  # @return [::String]
25
26
  # Link to automatically generated reference documentation. Example:
26
27
  # https://cloud.google.com/nodejs/docs/reference/asset/latest
@@ -304,6 +305,19 @@ module Google
304
305
  # seconds: 360 # 6 minutes
305
306
  # total_poll_timeout:
306
307
  # seconds: 54000 # 90 minutes
308
+ # @!attribute [rw] auto_populated_fields
309
+ # @return [::Array<::String>]
310
+ # List of top-level fields of the request message, that should be
311
+ # automatically populated by the client libraries based on their
312
+ # (google.api.field_info).format. Currently supported format: UUID4.
313
+ #
314
+ # Example of a YAML configuration:
315
+ #
316
+ # publishing:
317
+ # method_settings:
318
+ # - selector: google.example.v1.ExampleService.CreateExample
319
+ # auto_populated_fields:
320
+ # - request_id
307
321
  class MethodSettings
308
322
  include ::Google::Protobuf::MessageExts
309
323
  extend ::Google::Protobuf::MessageExts::ClassMethods
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-cloud-security_center-v1p1beta1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.12.0
4
+ version: 0.13.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-09-12 00:00:00.000000000 Z
11
+ date: 2024-01-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gapic-common
@@ -16,7 +16,7 @@ dependencies:
16
16
  requirements:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: 0.20.0
19
+ version: 0.21.1
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
22
  version: 2.a
@@ -26,7 +26,7 @@ dependencies:
26
26
  requirements:
27
27
  - - ">="
28
28
  - !ruby/object:Gem::Version
29
- version: 0.20.0
29
+ version: 0.21.1
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
32
  version: 2.a
@@ -256,7 +256,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
256
256
  - !ruby/object:Gem::Version
257
257
  version: '0'
258
258
  requirements: []
259
- rubygems_version: 3.4.19
259
+ rubygems_version: 3.5.3
260
260
  signing_key:
261
261
  specification_version: 4
262
262
  summary: Security Command Center API provides access to temporal views of assets and