google-cloud-security_center-v2 0.a → 0.2.0

data/proto_docs/google/cloud/securitycenter/v2/simulation.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Attack path simulation
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Full resource name of the Simulation:
+        #     organizations/123/simulations/456
+        # @!attribute [r] create_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. Time simulation was created
+        # @!attribute [rw] resource_value_configs_metadata
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::ResourceValueConfigMetadata>]
+        #     Resource value configurations' metadata used in this simulation. Maximum of
+        #     100.
+        class Simulation
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/source.rb

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Security Command Center finding source. A finding source
+        # is an entity or a mechanism that can produce a finding. A source is like a
+        # container of findings that come from the same scanner, logger, monitor, and
+        # other tools.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     The relative resource name of this source. See:
+        #     https://cloud.google.com/apis/design/resource_names#relative_resource_name
+        #     Example:
+        #     "organizations/\\{organization_id}/sources/\\{source_id}"
+        # @!attribute [rw] display_name
+        #   @return [::String]
+        #     The source's display name.
+        #     A source's display name must be unique amongst its siblings, for example,
+        #     two sources with the same parent can't share the same display name.
+        #     The display name must have a length between 1 and 64 characters
+        #     (inclusive).
+        # @!attribute [rw] description
+        #   @return [::String]
+        #     The description of the source (max of 1024 characters).
+        #     Example:
+        #     "Web Security Scanner is a web security scanner for common
+        #     vulnerabilities in App Engine applications. It can automatically
+        #     scan and detect four common vulnerabilities, including cross-site-scripting
+        #     (XSS), Flash injection, mixed content (HTTP in HTTPS), and
+        #     outdated or insecure libraries."
+        # @!attribute [rw] canonical_name
+        #   @return [::String]
+        #     The canonical name of the finding source. It's either
+        #     "organizations/\\{organization_id}/sources/\\{source_id}",
+        #     "folders/\\{folder_id}/sources/\\{source_id}", or
+        #     "projects/\\{project_number}/sources/\\{source_id}",
+        #     depending on the closest CRM ancestor of the resource associated with the
+        #     finding.
+        class Source
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/toxic_combination.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Contains details about a group of security issues that, when the issues
+        # occur together, represent a greater risk than when the issues occur
+        # independently. A group of such issues is referred to as a toxic
+        # combination.
+        # @!attribute [rw] attack_exposure_score
+        #   @return [::Float]
+        #     The
+        #     [Attack exposure
+        #     score](https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_exposure_scores)
+        #     of this toxic combination. The score is a measure of how much this toxic
+        #     combination exposes one or more high-value resources to potential attack.
+        # @!attribute [rw] related_findings
+        #   @return [::Array<::String>]
+        #     List of resource names of findings associated with this toxic combination.
+        #     For example, `organizations/123/sources/456/findings/789`.
+        class ToxicCombination
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/valued_resource.rb

@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # A resource that is determined to have value to a user's system
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Valued resource name, for example,
+        #      e.g.:
+        #      `organizations/123/simulations/456/valuedResources/789`
+        # @!attribute [rw] resource
+        #   @return [::String]
+        #     The
+        #     [full resource
+        #     name](https://cloud.google.com/apis/design/resource_names#full_resource_name)
+        #     of the valued resource.
+        # @!attribute [rw] resource_type
+        #   @return [::String]
+        #     The [resource
+        #     type](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
+        #     of the valued resource.
+        # @!attribute [rw] display_name
+        #   @return [::String]
+        #     Human-readable name of the valued resource.
+        # @!attribute [rw] resource_value
+        #   @return [::Google::Cloud::SecurityCenter::V2::ValuedResource::ResourceValue]
+        #     How valuable this resource is.
+        # @!attribute [rw] exposed_score
+        #   @return [::Float]
+        #     Exposed score for this valued resource. A value of 0 means no exposure was
+        #     detected exposure.
+        # @!attribute [rw] resource_value_configs_used
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::ResourceValueConfigMetadata>]
+        #     List of resource value configurations' metadata used to determine the value
+        #     of this resource. Maximum of 100.
+        class ValuedResource
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # How valuable the resource is.
+          module ResourceValue
+            # The resource value isn't specified.
+            RESOURCE_VALUE_UNSPECIFIED = 0
+
+            # This is a low-value resource.
+            RESOURCE_VALUE_LOW = 1
+
+            # This is a medium-value resource.
+            RESOURCE_VALUE_MEDIUM = 2
+
+            # This is a high-value resource.
+            RESOURCE_VALUE_HIGH = 3
+          end
+        end
+
+        # Metadata about a ResourceValueConfig. For example, id and name.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Resource value config name
+        class ResourceValueConfigMetadata
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/vulnerability.rb

@@ -0,0 +1,333 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
+        # @!attribute [rw] cve
+        #   @return [::Google::Cloud::SecurityCenter::V2::Cve]
+        #     CVE stands for Common Vulnerabilities and Exposures
+        #     (https://cve.mitre.org/about/)
+        # @!attribute [rw] offending_package
+        #   @return [::Google::Cloud::SecurityCenter::V2::Package]
+        #     The offending package is relevant to the finding.
+        # @!attribute [rw] fixed_package
+        #   @return [::Google::Cloud::SecurityCenter::V2::Package]
+        #     The fixed package is relevant to the finding.
+        # @!attribute [rw] security_bulletin
+        #   @return [::Google::Cloud::SecurityCenter::V2::SecurityBulletin]
+        #     The security bulletin is relevant to this finding.
+        class Vulnerability
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # CVE stands for Common Vulnerabilities and Exposures.
+        # Information from the [CVE
+        # record](https://www.cve.org/ResourcesSupport/Glossary) that describes this
+        # vulnerability.
+        # @!attribute [rw] id
+        #   @return [::String]
+        #     The unique identifier for the vulnerability. e.g. CVE-2021-34527
+        # @!attribute [rw] references
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Reference>]
+        #     Additional information about the CVE.
+        #     e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527
+        # @!attribute [rw] cvssv3
+        #   @return [::Google::Cloud::SecurityCenter::V2::Cvssv3]
+        #     Describe Common Vulnerability Scoring System specified at
+        #     https://www.first.org/cvss/v3.1/specification-document
+        # @!attribute [rw] upstream_fix_available
+        #   @return [::Boolean]
+        #     Whether upstream fix is available for the CVE.
+        # @!attribute [rw] impact
+        #   @return [::Google::Cloud::SecurityCenter::V2::Cve::RiskRating]
+        #     The potential impact of the vulnerability if it was to be exploited.
+        # @!attribute [rw] exploitation_activity
+        #   @return [::Google::Cloud::SecurityCenter::V2::Cve::ExploitationActivity]
+        #     The exploitation activity of the vulnerability in the wild.
+        # @!attribute [rw] observed_in_the_wild
+        #   @return [::Boolean]
+        #     Whether or not the vulnerability has been observed in the wild.
+        # @!attribute [rw] zero_day
+        #   @return [::Boolean]
+        #     Whether or not the vulnerability was zero day when the finding was
+        #     published.
+        class Cve
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # The possible values of impact of the vulnerability if it was to be
+          # exploited.
+          module RiskRating
+            # Invalid or empty value.
+            RISK_RATING_UNSPECIFIED = 0
+
+            # Exploitation would have little to no security impact.
+            LOW = 1
+
+            # Exploitation would enable attackers to perform activities, or could allow
+            # attackers to have a direct impact, but would require additional steps.
+            MEDIUM = 2
+
+            # Exploitation would enable attackers to have a notable direct impact
+            # without needing to overcome any major mitigating factors.
+            HIGH = 3
+
+            # Exploitation would fundamentally undermine the security of affected
+            # systems, enable actors to perform significant attacks with minimal
+            # effort, with little to no mitigating factors to overcome.
+            CRITICAL = 4
+          end
+
+          # The possible values of exploitation activity of the vulnerability in the
+          # wild.
+          module ExploitationActivity
+            # Invalid or empty value.
+            EXPLOITATION_ACTIVITY_UNSPECIFIED = 0
+
+            # Exploitation has been reported or confirmed to widely occur.
+            WIDE = 1
+
+            # Limited reported or confirmed exploitation activities.
+            CONFIRMED = 2
+
+            # Exploit is publicly available.
+            AVAILABLE = 3
+
+            # No known exploitation activity, but has a high potential for
+            # exploitation.
+            ANTICIPATED = 4
+
+            # No known exploitation activity.
+            NO_KNOWN = 5
+          end
+        end
+
+        # Additional Links
+        # @!attribute [rw] source
+        #   @return [::String]
+        #     Source of the reference e.g. NVD
+        # @!attribute [rw] uri
+        #   @return [::String]
+        #     Uri for the mentioned source e.g.
+        #     https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527.
+        class Reference
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Common Vulnerability Scoring System version 3.
+        # @!attribute [rw] base_score
+        #   @return [::Float]
+        #     The base score is a function of the base metric scores.
+        # @!attribute [rw] attack_vector
+        #   @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::AttackVector]
+        #     Base Metrics
+        #     Represents the intrinsic characteristics of a vulnerability that are
+        #     constant over time and across user environments.
+        #     This metric reflects the context by which vulnerability exploitation is
+        #     possible.
+        # @!attribute [rw] attack_complexity
+        #   @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::AttackComplexity]
+        #     This metric describes the conditions beyond the attacker's control that
+        #     must exist in order to exploit the vulnerability.
+        # @!attribute [rw] privileges_required
+        #   @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::PrivilegesRequired]
+        #     This metric describes the level of privileges an attacker must possess
+        #     before successfully exploiting the vulnerability.
+        # @!attribute [rw] user_interaction
+        #   @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::UserInteraction]
+        #     This metric captures the requirement for a human user, other than the
+        #     attacker, to participate in the successful compromise of the vulnerable
+        #     component.
+        # @!attribute [rw] scope
+        #   @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::Scope]
+        #     The Scope metric captures whether a vulnerability in one vulnerable
+        #     component impacts resources in components beyond its security scope.
+        # @!attribute [rw] confidentiality_impact
+        #   @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::Impact]
+        #     This metric measures the impact to the confidentiality of the information
+        #     resources managed by a software component due to a successfully exploited
+        #     vulnerability.
+        # @!attribute [rw] integrity_impact
+        #   @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::Impact]
+        #     This metric measures the impact to integrity of a successfully exploited
+        #     vulnerability.
+        # @!attribute [rw] availability_impact
+        #   @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::Impact]
+        #     This metric measures the impact to the availability of the impacted
+        #     component resulting from a successfully exploited vulnerability.
+        class Cvssv3
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # This metric reflects the context by which vulnerability exploitation is
+          # possible.
+          module AttackVector
+            # Invalid value.
+            ATTACK_VECTOR_UNSPECIFIED = 0
+
+            # The vulnerable component is bound to the network stack and the set of
+            # possible attackers extends beyond the other options listed below, up to
+            # and including the entire Internet.
+            ATTACK_VECTOR_NETWORK = 1
+
+            # The vulnerable component is bound to the network stack, but the attack is
+            # limited at the protocol level to a logically adjacent topology.
+            ATTACK_VECTOR_ADJACENT = 2
+
+            # The vulnerable component is not bound to the network stack and the
+            # attacker's path is via read/write/execute capabilities.
+            ATTACK_VECTOR_LOCAL = 3
+
+            # The attack requires the attacker to physically touch or manipulate the
+            # vulnerable component.
+            ATTACK_VECTOR_PHYSICAL = 4
+          end
+
+          # This metric describes the conditions beyond the attacker's control that
+          # must exist in order to exploit the vulnerability.
+          module AttackComplexity
+            # Invalid value.
+            ATTACK_COMPLEXITY_UNSPECIFIED = 0
+
+            # Specialized access conditions or extenuating circumstances do not exist.
+            # An attacker can expect repeatable success when attacking the vulnerable
+            # component.
+            ATTACK_COMPLEXITY_LOW = 1
+
+            # A successful attack depends on conditions beyond the attacker's control.
+            # That is, a successful attack cannot be accomplished at will, but requires
+            # the attacker to invest in some measurable amount of effort in preparation
+            # or execution against the vulnerable component before a successful attack
+            # can be expected.
+            ATTACK_COMPLEXITY_HIGH = 2
+          end
+
+          # This metric describes the level of privileges an attacker must possess
+          # before successfully exploiting the vulnerability.
+          module PrivilegesRequired
+            # Invalid value.
+            PRIVILEGES_REQUIRED_UNSPECIFIED = 0
+
+            # The attacker is unauthorized prior to attack, and therefore does not
+            # require any access to settings or files of the vulnerable system to
+            # carry out an attack.
+            PRIVILEGES_REQUIRED_NONE = 1
+
+            # The attacker requires privileges that provide basic user capabilities
+            # that could normally affect only settings and files owned by a user.
+            # Alternatively, an attacker with Low privileges has the ability to access
+            # only non-sensitive resources.
+            PRIVILEGES_REQUIRED_LOW = 2
+
+            # The attacker requires privileges that provide significant (e.g.,
+            # administrative) control over the vulnerable component allowing access to
+            # component-wide settings and files.
+            PRIVILEGES_REQUIRED_HIGH = 3
+          end
+
+          # This metric captures the requirement for a human user, other than the
+          # attacker, to participate in the successful compromise of the vulnerable
+          # component.
+          module UserInteraction
+            # Invalid value.
+            USER_INTERACTION_UNSPECIFIED = 0
+
+            # The vulnerable system can be exploited without interaction from any user.
+            USER_INTERACTION_NONE = 1
+
+            # Successful exploitation of this vulnerability requires a user to take
+            # some action before the vulnerability can be exploited.
+            USER_INTERACTION_REQUIRED = 2
+          end
+
+          # The Scope metric captures whether a vulnerability in one vulnerable
+          # component impacts resources in components beyond its security scope.
+          module Scope
+            # Invalid value.
+            SCOPE_UNSPECIFIED = 0
+
+            # An exploited vulnerability can only affect resources managed by the same
+            # security authority.
+            SCOPE_UNCHANGED = 1
+
+            # An exploited vulnerability can affect resources beyond the security scope
+            # managed by the security authority of the vulnerable component.
+            SCOPE_CHANGED = 2
+          end
+
+          # The Impact metrics capture the effects of a successfully exploited
+          # vulnerability on the component that suffers the worst outcome that is most
+          # directly and predictably associated with the attack.
+          module Impact
+            # Invalid value.
+            IMPACT_UNSPECIFIED = 0
+
+            # High impact.
+            IMPACT_HIGH = 1
+
+            # Low impact.
+            IMPACT_LOW = 2
+
+            # No impact.
+            IMPACT_NONE = 3
+          end
+        end
+
+        # Package is a generic definition of a package.
+        # @!attribute [rw] package_name
+        #   @return [::String]
+        #     The name of the package where the vulnerability was detected.
+        # @!attribute [rw] cpe_uri
+        #   @return [::String]
+        #     The CPE URI where the vulnerability was detected.
+        # @!attribute [rw] package_type
+        #   @return [::String]
+        #     Type of package, for example, os, maven, or go.
+        # @!attribute [rw] package_version
+        #   @return [::String]
+        #     The version of the package.
+        class Package
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # SecurityBulletin are notifications of vulnerabilities of Google products.
+        # @!attribute [rw] bulletin_id
+        #   @return [::String]
+        #     ID of the bulletin corresponding to the vulnerability.
+        # @!attribute [rw] submission_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Submission time of this Security Bulletin.
+        # @!attribute [rw] suggested_upgrade_version
+        #   @return [::String]
+        #     This represents a version that the cluster receiving this notification
+        #     should be upgraded to, based on its current version. For example, 1.15.0
+        class SecurityBulletin
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/iam/v1/iam_policy.rb

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Iam
+    module V1
+      # Request message for `SetIamPolicy` method.
+      # @!attribute [rw] resource
+      #   @return [::String]
+      #     REQUIRED: The resource for which the policy is being specified.
+      #     See the operation documentation for the appropriate value for this field.
+      # @!attribute [rw] policy
+      #   @return [::Google::Iam::V1::Policy]
+      #     REQUIRED: The complete policy to be applied to the `resource`. The size of
+      #     the policy is limited to a few 10s of KB. An empty policy is a
+      #     valid policy but certain Cloud Platform services (such as Projects)
+      #     might reject them.
+      # @!attribute [rw] update_mask
+      #   @return [::Google::Protobuf::FieldMask]
+      #     OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
+      #     the fields in the mask will be modified. If no mask is provided, the
+      #     following default mask is used:
+      #
+      #     `paths: "bindings, etag"`
+      class SetIamPolicyRequest
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Request message for `GetIamPolicy` method.
+      # @!attribute [rw] resource
+      #   @return [::String]
+      #     REQUIRED: The resource for which the policy is being requested.
+      #     See the operation documentation for the appropriate value for this field.
+      # @!attribute [rw] options
+      #   @return [::Google::Iam::V1::GetPolicyOptions]
+      #     OPTIONAL: A `GetPolicyOptions` object for specifying options to
+      #     `GetIamPolicy`.
+      class GetIamPolicyRequest
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Request message for `TestIamPermissions` method.
+      # @!attribute [rw] resource
+      #   @return [::String]
+      #     REQUIRED: The resource for which the policy detail is being requested.
+      #     See the operation documentation for the appropriate value for this field.
+      # @!attribute [rw] permissions
+      #   @return [::Array<::String>]
+      #     The set of permissions to check for the `resource`. Permissions with
+      #     wildcards (such as '*' or 'storage.*') are not allowed. For more
+      #     information see
+      #     [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
+      class TestIamPermissionsRequest
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Response message for `TestIamPermissions` method.
+      # @!attribute [rw] permissions
+      #   @return [::Array<::String>]
+      #     A subset of `TestPermissionsRequest.permissions` that the caller is
+      #     allowed.
+      class TestIamPermissionsResponse
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+    end
+  end
+end